657373080073797a5f74756e00080073797a5f74756e0000000600"/125, @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0], 0x89) mmap$xdp(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x0, 0x109913, r3, 0x0) ioctl$SG_IO(r3, 0x2285, &(0x7f0000000640)={0x53, 0x0, 0xc1, 0x7fff, @scatter={0x4, 0x0, &(0x7f0000000480)=[{&(0x7f00000000c0)=""/213, 0xd5}, {&(0x7f0000000340)=""/223, 0xdf}, {&(0x7f00000001c0)=""/155, 0x9b}, {&(0x7f0000000440)=""/5, 0x5}]}, &(0x7f00000004c0)="d7f6c9e5b80a60e22759733ad40f2dfb439543b0f198b5c653a17e04d49fd901c5b8debf18f95f9198d140cb422243662d6455bb3ea01f9e892e99c47bc38031ffbd9a39ef9ee48aca3efcfd3fed1a1f87169b492b8bb09ec5c40b4cbafdcf257cfffea834ee180eb5cf7055988f7026b68719def57fc10e1fa721fc58bbc6371052ce5538842d52c151c992119fa5eca7e13d038756a348700d9f6b19eb6d6eb97f4851ffdd0bb0e39b24a8c3e80cba48a966fa7740e91613f1e1d7f6ef646ee5", &(0x7f00000005c0)=""/62, 0xc54f, 0x10010, 0x0, &(0x7f0000000600)}) [ 3283.396357][ T7844] syz-executor.2 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=0, oom_score_adj=0 17:10:15 executing program 0: r0 = syz_open_dev$dri(&(0x7f0000000040)='/dev/dri/card#\x00', 0x0, 0x0) r1 = dup(r0) openat$hwrng(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/hwrng\x00', 0x1e5980, 0x0) ioctl$TIOCLINUX3(r1, 0x541c, &(0x7f0000000080)) ioctl$KDSETMODE(r1, 0x4b3a, 0x0) 17:10:16 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = socket$inet(0x10, 0x3, 0xc) sendmsg(r1, &(0x7f0000011fc8)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="24000000060107031dfffd946fa2830020200a0009000200001d85390c1baba20400ff7e28000000110affffba010000000009b356da5a80d18be34c8546c8243929db2406b20cd37ed01cc0", 0x4c}], 0x1}, 0x0) [ 3283.441937][ T7844] CPU: 1 PID: 7844 Comm: syz-executor.2 Not tainted 5.1.0-rc7+ #97 [ 3283.449878][ T7844] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3283.459965][ T7844] Call Trace: [ 3283.463278][ T7844] dump_stack+0x172/0x1f0 [ 3283.467626][ T7844] dump_header+0x10f/0xb6c [ 3283.472057][ T7844] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 3283.477875][ T7844] ? ___ratelimit+0x60/0x595 [ 3283.482509][ T7844] ? do_raw_spin_unlock+0x57/0x270 [ 3283.487640][ T7844] oom_kill_process.cold+0x10/0x15 [ 3283.492763][ T7844] out_of_memory+0x79a/0x1280 [ 3283.492783][ T7844] ? lock_downgrade+0x880/0x880 [ 3283.492798][ T7844] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3283.492815][ T7844] ? oom_killer_disable+0x280/0x280 [ 3283.492827][ T7844] ? find_held_lock+0x35/0x130 [ 3283.492852][ T7844] mem_cgroup_out_of_memory+0x1ca/0x230 [ 3283.502361][ T7844] ? memcg_event_wake+0x230/0x230 [ 3283.502386][ T7844] ? do_raw_spin_unlock+0x57/0x270 [ 3283.502403][ T7844] ? _raw_spin_unlock+0x2d/0x50 [ 3283.502422][ T7844] try_charge+0x102c/0x15c0 [ 3283.502441][ T7844] ? find_held_lock+0x35/0x130 [ 3283.522830][T20677] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.5'. [ 3283.524165][ T7844] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 3283.524181][ T7844] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 3283.524203][ T7844] ? find_held_lock+0x35/0x130 [ 3283.531897][T20677] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.5'. [ 3283.534336][ T7844] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 3283.534367][ T7844] __memcg_kmem_charge_memcg+0x7c/0x130 [ 3283.568802][ T7844] ? memcg_kmem_put_cache+0xb0/0xb0 [ 3283.568832][ T7844] ? get_mem_cgroup_from_mm+0x128/0x2b0 [ 3283.582867][ T7844] __memcg_kmem_charge+0x136/0x300 [ 3283.582890][ T7844] __alloc_pages_nodemask+0x4bf/0x8d0 [ 3283.582912][ T7844] ? __alloc_pages_slowpath+0x28b0/0x28b0 [ 3283.582947][ T7844] ? copy_page_range+0x125a/0x1f90 [ 3283.626026][ T7844] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 3283.632374][ T7844] alloc_pages_current+0x107/0x210 [ 3283.637501][ T7844] pte_alloc_one+0x1b/0x1a0 [ 3283.642015][ T7844] __pte_alloc+0x20/0x310 [ 3283.646357][ T7844] copy_page_range+0x1529/0x1f90 [ 3283.651304][ T7844] ? perf_trace_lock+0xeb/0x510 [ 3283.656169][ T7844] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3283.662444][ T7844] ? pmd_alloc+0x180/0x180 [ 3283.666875][ T7844] ? __rb_insert_augmented+0x231/0xdf0 [ 3283.672373][ T7844] ? validate_mm_rb+0xa3/0xc0 [ 3283.677064][ T7844] ? __vma_link_rb+0x279/0x370 [ 3283.681844][ T7844] copy_process.part.0+0x568b/0x7980 [ 3283.687175][ T7844] ? __cleanup_sighand+0x60/0x60 [ 3283.692140][ T7844] _do_fork+0x257/0xfd0 [ 3283.696306][ T7844] ? fork_idle+0x1d0/0x1d0 [ 3283.700748][ T7844] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3283.706305][ T7844] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3283.711776][ T7844] ? do_syscall_64+0x26/0x610 [ 3283.716464][ T7844] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3283.722542][ T7844] ? do_syscall_64+0x26/0x610 [ 3283.727237][ T7844] __x64_sys_clone+0xbf/0x150 [ 3283.731939][ T7844] do_syscall_64+0x103/0x610 [ 3283.736549][ T7844] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3283.742462][ T7844] RIP: 0033:0x45737a [ 3283.746367][ T7844] Code: f7 d8 64 89 04 25 d4 02 00 00 64 4c 8b 0c 25 10 00 00 00 31 d2 4d 8d 91 d0 02 00 00 31 f6 bf 11 00 20 01 b8 38 00 00 00 0f 05 <48> 3d 00 f0 ff ff 0f 87 f5 00 00 00 85 c0 41 89 c5 0f 85 fc 00 00 [ 3283.765986][ T7844] RSP: 002b:0000000000a4fd30 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 3283.774416][ T7844] RAX: ffffffffffffffda RBX: 0000000000a4fd30 RCX: 000000000045737a [ 3283.782487][ T7844] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011 [ 3283.790467][ T7844] RBP: 0000000000a4fd70 R08: 0000000000000001 R09: 0000000001fdd940 [ 3283.798448][ T7844] R10: 0000000001fddc10 R11: 0000000000000246 R12: 0000000000000001 [ 3283.806427][ T7844] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000a4fdc0 [ 3283.831899][ T7844] memory: usage 307200kB, limit 307200kB, failcnt 15592 [ 3283.839002][ T7844] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3283.849730][ T7844] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3283.858256][ T7844] Memory cgroup stats for /syz2: cache:220KB rss:102380KB rss_huge:0KB shmem:124KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:102444KB inactive_file:0KB active_file:0KB unevictable:0KB [ 3283.879726][ T7844] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=10131,uid=0 [ 3283.895214][ T7844] Memory cgroup out of memory: Killed process 10131 (syz-executor.2) total-vm:72712kB, anon-rss:172kB, file-rss:35800kB, shmem-rss:0kB [ 3283.913773][ T1043] oom_reaper: reaped process 10131 (syz-executor.2), now anon-rss:0kB, file-rss:34840kB, shmem-rss:0kB [ 3283.941142][T20658] syz-executor.3 invoked oom-killer: gfp_mask=0x40cc0(GFP_KERNEL|__GFP_COMP), order=0, oom_score_adj=1000 [ 3283.955992][T20658] CPU: 0 PID: 20658 Comm: syz-executor.3 Not tainted 5.1.0-rc7+ #97 [ 3283.963993][T20658] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3283.974042][T20658] Call Trace: [ 3283.977351][T20658] dump_stack+0x172/0x1f0 [ 3283.981683][T20658] dump_header+0x10f/0xb6c [ 3283.986171][T20658] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 3283.991977][T20658] ? ___ratelimit+0x60/0x595 [ 3283.996569][T20658] ? do_raw_spin_unlock+0x57/0x270 [ 3284.001679][T20658] oom_kill_process.cold+0x10/0x15 [ 3284.006778][T20658] out_of_memory+0x79a/0x1280 [ 3284.011453][T20658] ? oom_killer_disable+0x280/0x280 [ 3284.016645][T20658] ? find_held_lock+0x35/0x130 [ 3284.021416][T20658] mem_cgroup_out_of_memory+0x1ca/0x230 [ 3284.026954][T20658] ? memcg_event_wake+0x230/0x230 [ 3284.037745][T20658] ? do_raw_spin_unlock+0x57/0x270 [ 3284.042874][T20658] ? _raw_spin_unlock+0x2d/0x50 [ 3284.047715][T20658] try_charge+0x102c/0x15c0 [ 3284.052221][T20658] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 3284.058470][T20658] ? should_fail+0x1de/0x852 [ 3284.063078][T20658] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 3284.068610][T20658] ? rcu_read_lock_sched_held+0x110/0x130 [ 3284.074325][T20658] ? __alloc_pages_nodemask+0x61d/0x8d0 [ 3284.079878][T20658] __memcg_kmem_charge_memcg+0x7c/0x130 [ 3284.085408][T20658] ? memcg_kmem_put_cache+0xb0/0xb0 [ 3284.090598][T20658] cache_grow_begin+0x5c0/0x860 [ 3284.095445][T20658] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 3284.101686][T20658] ? __cpuset_node_allowed+0x136/0x540 [ 3284.107137][T20658] fallback_alloc+0x1fd/0x2d0 [ 3284.111844][T20658] ____cache_alloc_node+0x1be/0x1e0 [ 3284.117054][T20658] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 3284.123297][T20658] kmem_cache_alloc+0x1e8/0x6f0 [ 3284.128152][T20658] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 3284.134271][T20658] ? __vm_enough_memory+0x320/0x5a0 [ 3284.139489][T20658] vm_area_dup+0x21/0x170 [ 3284.143817][T20658] copy_process.part.0+0x3431/0x7980 [ 3284.149102][T20658] ? __cleanup_sighand+0x60/0x60 [ 3284.154041][T20658] ? semctl_down+0x5e0/0x9f0 [ 3284.158640][T20658] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3284.164885][T20658] _do_fork+0x257/0xfd0 [ 3284.169034][T20658] ? fork_idle+0x1d0/0x1d0 [ 3284.173448][T20658] ? __ia32_sys_mkdir+0x80/0x80 [ 3284.178308][T20658] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3284.183764][T20658] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3284.189203][T20658] ? do_syscall_64+0x26/0x610 [ 3284.193886][T20658] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3284.199957][T20658] ? do_syscall_64+0x26/0x610 [ 3284.204618][T20658] ? lockdep_hardirqs_on+0x418/0x5d0 [ 3284.209890][T20658] __ia32_sys_fork+0x1f/0x30 [ 3284.214478][T20658] do_syscall_64+0x103/0x610 [ 3284.219097][T20658] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3284.224973][T20658] RIP: 0033:0x2000000a [ 3284.229029][T20658] Code: Bad RIP value. [ 3284.233083][T20658] RSP: 002b:00007fa14f198bd8 EFLAGS: 00000202 ORIG_RAX: 0000000000000039 [ 3284.241488][T20658] RAX: ffffffffffffffda RBX: 0000000000000009 RCX: 000000002000000a [ 3284.249442][T20658] RDX: 0000000000000000 RSI: 0000000080000034 RDI: 0000000000000003 [ 3284.257405][T20658] RBP: 0000000000000080 R08: 0000000000000005 R09: 0000000000000006 [ 3284.265380][T20658] R10: 0000000000000007 R11: 0000000000000202 R12: 000000000000000b [ 3284.273351][T20658] R13: 000000000000000c R14: 000000000000000d R15: 00000000ffffffff [ 3284.283685][T20658] memory: usage 307168kB, limit 307200kB, failcnt 24916 [ 3284.291538][T20658] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3284.302646][T20689] IPVS: Scheduler module ip_vs_ú” not found [ 3284.307272][T20658] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3284.315817][T20658] Memory cgroup stats for /syz3: cache:0KB rss:88676KB rss_huge:0KB shmem:44KB mapped_file:0KB dirty:132KB writeback:132KB swap:0KB inactive_anon:0KB active_anon:88812KB inactive_file:0KB active_file:0KB unevictable:0KB [ 3284.337294][T20658] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=syz3,mems_allowed=0-1,oom_memcg=/syz3,task_memcg=/syz3,task=syz-executor.3,pid=24372,uid=0 [ 3284.352889][T20658] Memory cgroup out of memory: Killed process 24372 (syz-executor.3) total-vm:72580kB, anon-rss:172kB, file-rss:35796kB, shmem-rss:0kB [ 3284.375727][T20688] syz-executor.2 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=3, oom_score_adj=1000 [ 3284.394719][T20688] CPU: 0 PID: 20688 Comm: syz-executor.2 Not tainted 5.1.0-rc7+ #97 [ 3284.402722][T20688] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3284.412790][T20688] Call Trace: [ 3284.416097][T20688] dump_stack+0x172/0x1f0 [ 3284.420429][T20688] dump_header+0x10f/0xb6c [ 3284.424864][T20688] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 3284.430677][T20688] ? ___ratelimit+0x60/0x595 [ 3284.435271][T20688] ? do_raw_spin_unlock+0x57/0x270 [ 3284.440389][T20688] oom_kill_process.cold+0x10/0x15 [ 3284.445511][T20688] out_of_memory+0x79a/0x1280 [ 3284.450197][T20688] ? oom_killer_disable+0x280/0x280 [ 3284.455409][T20688] ? find_held_lock+0x35/0x130 [ 3284.460193][T20688] mem_cgroup_out_of_memory+0x1ca/0x230 [ 3284.465752][T20688] ? memcg_event_wake+0x230/0x230 [ 3284.470887][T20688] ? do_raw_spin_unlock+0x57/0x270 [ 3284.476031][T20688] ? _raw_spin_unlock+0x2d/0x50 [ 3284.480910][T20688] try_charge+0x102c/0x15c0 [ 3284.485443][T20688] ? find_held_lock+0x35/0x130 [ 3284.490223][T20688] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 3284.495783][T20688] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 3284.501357][T20688] ? find_held_lock+0x35/0x130 [ 3284.506134][T20688] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 3284.511707][T20688] __memcg_kmem_charge_memcg+0x7c/0x130 [ 3284.517290][T20688] ? memcg_kmem_put_cache+0xb0/0xb0 [ 3284.522515][T20688] ? get_mem_cgroup_from_mm+0x128/0x2b0 [ 3284.528084][T20688] __memcg_kmem_charge+0x136/0x300 [ 3284.533234][T20688] __alloc_pages_nodemask+0x4bf/0x8d0 [ 3284.538627][T20688] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3284.544888][T20688] ? __alloc_pages_slowpath+0x28b0/0x28b0 [ 3284.550628][T20688] ? copy_process.part.0+0x1d08/0x7980 [ 3284.556100][T20688] ? lockdep_hardirqs_on+0x418/0x5d0 [ 3284.561389][T20688] ? trace_hardirqs_on+0x67/0x230 [ 3284.566404][T20688] ? kasan_check_read+0x11/0x20 [ 3284.571270][T20688] copy_process.part.0+0x3e0/0x7980 [ 3284.576480][T20688] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3284.582732][T20688] ? debug_smp_processor_id+0x3c/0x280 [ 3284.588206][T20688] ? perf_trace_lock+0xeb/0x510 [ 3284.593165][T20688] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3284.599422][T20688] ? debug_smp_processor_id+0x3c/0x280 [ 3284.604900][T20688] ? __lockdep_free_key_range+0x120/0x120 [ 3284.610635][T20688] ? __might_fault+0x12b/0x1e0 [ 3284.615422][T20688] ? __cleanup_sighand+0x60/0x60 [ 3284.620381][T20688] ? lock_downgrade+0x880/0x880 [ 3284.625269][T20688] _do_fork+0x257/0xfd0 [ 3284.629454][T20688] ? fork_idle+0x1d0/0x1d0 [ 3284.633881][T20688] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3284.639355][T20688] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3284.644830][T20688] ? do_syscall_64+0x26/0x610 [ 3284.649516][T20688] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3284.655582][T20688] ? do_syscall_64+0x26/0x610 [ 3284.660281][T20688] __x64_sys_clone+0xbf/0x150 [ 3284.664981][T20688] do_syscall_64+0x103/0x610 [ 3284.669584][T20688] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3284.675481][T20688] RIP: 0033:0x458da9 [ 3284.679386][T20688] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 3284.699101][T20688] RSP: 002b:00007f4949ff4c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 3284.707528][T20688] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000000458da9 [ 3284.715502][T20688] RDX: 9999999999999999 RSI: 0000000000000000 RDI: 000080210a001ff1 [ 3284.723488][T20688] RBP: 000000000073bf00 R08: ffffffffffffffff R09: 0000000000000000 [ 3284.731475][T20688] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f4949ff56d4 [ 3284.739462][T20688] R13: 00000000004bf166 R14: 00000000004d01a0 R15: 00000000ffffffff [ 3284.759194][T20688] memory: usage 307156kB, limit 307200kB, failcnt 15629 [ 3284.767446][T20688] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3284.768383][T20693] IPVS: Scheduler module ip_vs_ú” not found [ 3284.775075][T20688] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3284.775084][T20688] Memory cgroup stats for /syz2: cache:220KB rss:102380KB rss_huge:0KB shmem:124KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:102432KB inactive_file:0KB active_file:0KB unevictable:0KB 17:10:17 executing program 3: openat$tun(0xffffffffffffff9c, &(0x7f0000000100)='/dev/net/tun\x00', 0x2, 0x0) clone(0x802102001ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) syz_execute_func(&(0x7f0000000000)="994a2ae92c10964c0f05bf03000000c4a37bf0c50141e2e9c422e9aabb3c0000004a0fc7a4ea70db000000000f383a9e02000002230f4e5bc4a265aa104b26660f38091e2fa2631bc421045f4607c421dd589fc4e10bf8e426f2f045f619640f0f6f43a038fd52262e2e66450f7d64c60865f2ad0383397fd3ff3a0065f20f7cd8efa1a12ad764d38f53efaf6766f2ab440fec3f67ddea660f79cec462b1f72ec3c4899294d800000000000fc4634148f70000c2a0c10b00cca27a0e0fc442cd376d000f9f3c6436b2aa66450fc4650000c4e39978c104d9a1e8719e70ddcdcda2660f38346800c4e3295d4c3dc8a3c4c1045ccc7d75c4426507af0f0000000f5fd25cf3460f2ad0f30f5ea5a9a50000ffff660f79ca553131b83a00a2f1fbfb766208cf") 17:10:17 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = socket$inet(0x10, 0x3, 0xc) sendmsg(r1, &(0x7f0000011fc8)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="24000000060107031dfffd946fa2830020200a0009000200001d853a0c1baba20400ff7e28000000110affffba010000000009b356da5a80d18be34c8546c8243929db2406b20cd37ed01cc0", 0x4c}], 0x1}, 0x0) 17:10:17 executing program 4: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB="300000001800110300000000000000000a000000fe0200000000000014000500002ec1ddb6edd8e4dcd163af3c00000000000000000000000008"], 0x1}}, 0x0) 17:10:17 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) r1 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/sys/net/ipv4/vs/expire_quiescent_template\x00', 0x2, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x1}, 0x0, 0xffffffffffffffff, r1, 0x0) bind$inet6(0xffffffffffffffff, 0x0, 0x0) clone(0x802902001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = openat$mixer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mixer\x00', 0x0, 0x0) ioctl$KVM_SET_DEVICE_ATTR(r2, 0x4018aee1, &(0x7f0000000040)={0x0, 0x6, 0x7, &(0x7f0000000000)=0xfffffffffffffffb}) setsockopt$EBT_SO_SET_COUNTERS(r0, 0x0, 0x81, &(0x7f00000050c0)={'nat\x06\x00', 0x0, 0x0, 0x0, [], 0x1, 0x0, 0x0, [{}]}, 0x88) 17:10:17 executing program 0: r0 = gettid() r1 = epoll_create1(0x0) r2 = syz_open_dev$sndpcmp(&(0x7f0000000000)='/dev/snd/pcmC#D#p\x00', 0x3, 0x80000) getsockopt$inet_sctp_SCTP_STREAM_SCHEDULER(0xffffffffffffff9c, 0x84, 0x7b, &(0x7f0000000080)={0x0, 0x5483}, &(0x7f00000000c0)=0x8) getrandom(&(0x7f0000000200)=""/136, 0x88, 0x2) getsockopt$inet_sctp6_SCTP_GET_PEER_ADDR_INFO(r2, 0x84, 0xf, &(0x7f0000000100)={r3, @in={{0x2, 0x4e23, @empty}}, 0x6ce13343, 0xb, 0x3, 0xfffffffffffffffb, 0x1}, &(0x7f00000001c0)=0x98) kcmp$KCMP_EPOLL_TFD(r0, r0, 0x7, r1, &(0x7f0000000040)={r1}) [ 3284.814665][T20688] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=10388,uid=0 [ 3284.838836][T20688] Memory cgroup out of memory: Killed process 10388 (syz-executor.2) total-vm:121872kB, anon-rss:172kB, file-rss:35796kB, shmem-rss:0kB [ 3284.860017][T20701] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.5'. 17:10:17 executing program 2: clone(0x80210a001ff1, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$IP_VS_SO_SET_ADD(r0, 0x0, 0x482, &(0x7f0000000040)={0x40011, @empty, 0x0, 0x0, '\xfa\x94\x00\x00\x00\x00\x00\x00\x00\x00?\x00'}, 0x2c) 17:10:17 executing program 0: r0 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/sync_sock_size\x00', 0x2, 0x0) ioctl$KVM_REINJECT_CONTROL(r1, 0xae71, &(0x7f0000000140)={0x800}) ioctl$SNDRV_SEQ_IOCTL_DELETE_PORT(r1, 0x40a85321, &(0x7f0000000080)={{0x7ff, 0x2}, 'port1\x00', 0xa6, 0x40000, 0x8001, 0x8, 0x2, 0x400, 0x1, 0x0, 0x6, 0xfff}) fcntl$getownex(r0, 0x10, &(0x7f00000001c0)) ioctl$EVIOCGMTSLOTS(r1, 0x8040450a, &(0x7f0000000200)=""/239) r2 = socket$netlink(0x10, 0x3, 0x82000000000000c) writev(r2, &(0x7f0000000040)=[{&(0x7f0000000180)="1f0000000102193b000007000000068100023b050900030000004000020058", 0x1f}], 0x1) 17:10:17 executing program 4: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB="300000001800110300000000000000000a000000fef000000000000014000500002ec1ddb6edd8e4dcd163af3c00000000000000000000000008"], 0x1}}, 0x0) 17:10:17 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = socket$inet(0x10, 0x3, 0xc) sendmsg(r1, &(0x7f0000011fc8)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="24000000060107031dfffd946fa2830020200a0009000200001d853b0c1baba20400ff7e28000000110affffba010000000009b356da5a80d18be34c8546c8243929db2406b20cd37ed01cc0", 0x4c}], 0x1}, 0x0) 17:10:17 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x3, &(0x7f0000000000)="dc1f123c123f319bd070") r1 = syz_open_dev$sndseq(&(0x7f00000001c0)='/dev/snd/seq\x00', 0x0, 0x101080) r2 = syz_open_dev$sndpcmp(&(0x7f0000000040)='/dev/snd/pcmC#D#p\x00', 0x0, 0x800000400002800) syz_open_dev$video(&(0x7f00000000c0)='/dev/video#\x00', 0x6c, 0x8c002) ioctl$VIDIOC_SUBDEV_ENUM_MBUS_CODE(r2, 0xc0305602, &(0x7f0000000080)={0x0, 0x3ff, 0x300d, 0x1}) ioctl$sock_inet_SIOCADDRT(r2, 0x890b, &(0x7f0000000140)={0x0, {0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x26}}, {0x2, 0x4e20, @remote}, {0x2, 0x4e21, @multicast1}, 0x10, 0x0, 0x0, 0x0, 0x6043cbf8, &(0x7f0000000100)='nr0\x00', 0x1, 0x5, 0x7}) ioctl$RTC_UIE_ON(r2, 0x7003) dup2(r1, r2) [ 3285.071418][T20722] syz-executor.3 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=0, oom_score_adj=1000 17:10:17 executing program 0: syz_emit_ethernet(0x300600, &(0x7f0000000000)={@local, @empty, [], {@ipv6={0x86dd, {0x0, 0x6, "b40900", 0x300049, 0x8921, 0x0, @ipv4={[], [], @multicast2}, @mcast2, {[], @icmpv6=@time_exceed={0xffffff88, 0x0, 0x0, 0x5, [0x9, 0x4], {0x21, 0x6, "b680fa", 0x0, 0x0, 0x0, @ipv4={[], [], @broadcast}, @ipv4={[], [], @remote={0xac, 0x14, 0xffffffffffffffff}}}}}}}}}, 0x0) r0 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000080)='/dev/autofs\x00', 0x8000, 0x0) r1 = syz_genetlink_get_family_id$tipc(&(0x7f0000000100)='TIPC\x00') setsockopt$RXRPC_UPGRADEABLE_SERVICE(r0, 0x110, 0x5, &(0x7f0000000200)=[0x4, 0x2], 0x2) sendmsg$TIPC_CMD_SET_LINK_PRI(r0, &(0x7f00000001c0)={&(0x7f00000000c0), 0xc, &(0x7f0000000180)={&(0x7f0000000140)={0x30, r1, 0x120, 0x70bd2a, 0x25dfdbfe, {{}, 0x0, 0x4108, 0x0, {0x14, 0x18, {0x9, @bearer=@udp='udp:syz2\x00'}}}, ["", ""]}, 0x30}, 0x1, 0x0, 0x0, 0x40801}, 0x4000001) [ 3285.156778][T20738] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.5'. 17:10:17 executing program 0: r0 = openat$ashmem(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ashmem\x00', 0x0, 0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000140)='net/l2cap\x00') ioctl$sock_bt_hidp_HIDPGETCONNINFO(r1, 0x800448d3, &(0x7f0000000180)={{0x6, 0x3, 0x7fffffff, 0x0, 0x2, 0x6}, 0x3, 0x3684, 0x200, 0xfff, 0xffffffffffff6f61, "86a2631e7f8c660d63910448baf7156346a32cbcccd4845bace29684908162f1326dc8052e57a56bb51a436e7bc149500a7e615045b194c28b5eee871752dfa0085ff51e9e382081f506c2d0f29c306594de8250543839ca872e47565332e62bcf4fae9134c121f9d0e65e02d36a1b4146f9733f3f730cb389509aa574509459"}) ioctl$ASHMEM_SET_SIZE(r0, 0x40087703, 0xfffffffe) clone(0x802102001ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) syz_execute_func(&(0x7f0000000000)="994a2ae92c10964c0f05bf03000000c4a37bf0c50141e2e9c422e9aabb3c0000004a0fc7a4ea70db000000000f383a9e02000000110f4e5bc4a265aa104b26660f38091e2fa2631bc421045f4607c421dd589fc4e10bf8e426f2f045f619640f0f6f43a038fd52262e2e66450f7d64c60865f2ad0383397fd3ff3a0065f20f7cd8efa1a12ad764d38f53efaf6766f2ab440fec3f67ddea660f79cec462b1f72ec3c4899294d800000000000fc4634148f70000c2a0c10b00cca27a0e0fc442cd376d000f9f3c6436b2aa66450fc4650000c4e39978c104d9a1e8719e70ddcdcda2660f38346800c4e3295d4c3dc8a3c4c1045ccc7d75c4426507af0f0000000f5fd25cf3460f2ad0f30f5ea5a9a50000ffff660f79ca553131b83a00a2f1fbfb766208cf") add_key$keyring(&(0x7f0000000240)='keyring\x00', &(0x7f0000000280)={'syz', 0x3}, 0x0, 0x0, 0xffffffffffffffff) [ 3285.246006][T20733] IPVS: Scheduler module ip_vs_ú” not found [ 3285.253516][T20722] CPU: 0 PID: 20722 Comm: syz-executor.3 Not tainted 5.1.0-rc7+ #97 [ 3285.261525][T20722] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3285.271591][T20722] Call Trace: [ 3285.274904][T20722] dump_stack+0x172/0x1f0 [ 3285.279265][T20722] dump_header+0x10f/0xb6c [ 3285.283691][T20722] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 3285.289512][T20722] ? ___ratelimit+0x60/0x595 [ 3285.294143][T20722] ? do_raw_spin_unlock+0x57/0x270 [ 3285.299376][T20722] oom_kill_process.cold+0x10/0x15 [ 3285.304508][T20722] out_of_memory+0x79a/0x1280 [ 3285.309199][T20722] ? lock_downgrade+0x880/0x880 [ 3285.314330][T20722] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3285.320584][T20722] ? oom_killer_disable+0x280/0x280 [ 3285.325781][T20722] ? find_held_lock+0x35/0x130 [ 3285.330535][T20722] mem_cgroup_out_of_memory+0x1ca/0x230 [ 3285.336063][T20722] ? memcg_event_wake+0x230/0x230 [ 3285.341077][T20722] ? do_raw_spin_unlock+0x57/0x270 [ 3285.346195][T20722] ? _raw_spin_unlock+0x2d/0x50 [ 3285.351073][T20722] try_charge+0x102c/0x15c0 [ 3285.355587][T20722] ? find_held_lock+0x35/0x130 [ 3285.360367][T20722] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 3285.365911][T20722] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 3285.371451][T20722] ? find_held_lock+0x35/0x130 [ 3285.376202][T20722] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 3285.381759][T20722] __memcg_kmem_charge_memcg+0x7c/0x130 [ 3285.387293][T20722] ? memcg_kmem_put_cache+0xb0/0xb0 [ 3285.392488][T20722] ? get_mem_cgroup_from_mm+0x128/0x2b0 [ 3285.398033][T20722] __memcg_kmem_charge+0x136/0x300 [ 3285.403131][T20722] __alloc_pages_nodemask+0x4bf/0x8d0 [ 3285.408487][T20722] ? __pud_alloc+0x1d3/0x250 [ 3285.413073][T20722] ? __alloc_pages_slowpath+0x28b0/0x28b0 [ 3285.418774][T20722] ? __pud_alloc+0x1d3/0x250 [ 3285.423368][T20722] ? lock_downgrade+0x880/0x880 [ 3285.428217][T20722] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 3285.434446][T20722] alloc_pages_current+0x107/0x210 [ 3285.439538][T20722] ? do_raw_spin_unlock+0x57/0x270 [ 3285.444635][T20722] __pmd_alloc+0x41/0x460 [ 3285.448951][T20722] ? pmd_val+0x100/0x100 [ 3285.453181][T20722] pmd_alloc+0x10c/0x180 [ 3285.457410][T20722] copy_page_range+0x62e/0x1f90 [ 3285.462246][T20722] ? perf_trace_lock+0xeb/0x510 [ 3285.467077][T20722] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3285.473300][T20722] ? debug_smp_processor_id+0x3c/0x280 [ 3285.478766][T20722] ? copy_process.part.0+0x3121/0x7980 [ 3285.484212][T20722] ? copy_process.part.0+0x3121/0x7980 [ 3285.489662][T20722] ? pmd_alloc+0x180/0x180 [ 3285.494062][T20722] ? vma_compute_subtree_gap+0x158/0x230 [ 3285.499678][T20722] ? validate_mm_rb+0xa3/0xc0 [ 3285.504355][T20722] ? __vma_link_rb+0x279/0x370 [ 3285.509118][T20722] copy_process.part.0+0x568b/0x7980 [ 3285.514848][T20722] ? __cleanup_sighand+0x60/0x60 [ 3285.519771][T20722] ? semctl_down+0x5e0/0x9f0 [ 3285.524357][T20722] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3285.530596][T20722] _do_fork+0x257/0xfd0 [ 3285.534745][T20722] ? fork_idle+0x1d0/0x1d0 [ 3285.539144][T20722] ? __ia32_sys_mkdir+0x80/0x80 [ 3285.543983][T20722] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3285.549427][T20722] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3285.554958][T20722] ? do_syscall_64+0x26/0x610 [ 3285.559617][T20722] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3285.565682][T20722] ? do_syscall_64+0x26/0x610 [ 3285.570353][T20722] ? lockdep_hardirqs_on+0x418/0x5d0 [ 3285.575635][T20722] __ia32_sys_fork+0x1f/0x30 [ 3285.580206][T20722] do_syscall_64+0x103/0x610 [ 3285.584786][T20722] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3285.591205][T20722] RIP: 0033:0x2000000a [ 3285.595702][T20722] Code: Bad RIP value. [ 3285.599748][T20722] RSP: 002b:00007fa14f198bd8 EFLAGS: 00000202 ORIG_RAX: 0000000000000039 [ 3285.608140][T20722] RAX: ffffffffffffffda RBX: 0000000000000009 RCX: 000000002000000a [ 3285.616096][T20722] RDX: 0000000000000000 RSI: 0000000080000034 RDI: 0000000000000003 [ 3285.624048][T20722] RBP: 0000000000000080 R08: 0000000000000005 R09: 0000000000000006 [ 3285.632008][T20722] R10: 0000000000000007 R11: 0000000000000202 R12: 000000000000000b [ 3285.639961][T20722] R13: 000000000000000c R14: 000000000000000d R15: 00000000ffffffff [ 3285.651626][T20722] memory: usage 307200kB, limit 307200kB, failcnt 24941 [ 3285.658722][T20722] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3285.700671][T20722] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3285.708264][T20722] Memory cgroup stats for /syz3: cache:0KB rss:88676KB rss_huge:0KB shmem:44KB mapped_file:0KB dirty:132KB writeback:132KB swap:0KB inactive_anon:0KB active_anon:88800KB inactive_file:0KB active_file:0KB unevictable:0KB [ 3285.730680][T20722] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=syz3,mems_allowed=0-1,oom_memcg=/syz3,task_memcg=/syz3,task=syz-executor.3,pid=24429,uid=0 [ 3285.747130][T20722] Memory cgroup out of memory: Killed process 24429 (syz-executor.3) total-vm:72580kB, anon-rss:172kB, file-rss:35796kB, shmem-rss:0kB [ 3285.764492][ T1043] oom_reaper: reaped process 24429 (syz-executor.3), now anon-rss:0kB, file-rss:34836kB, shmem-rss:0kB [ 3285.765480][T20747] syz-executor.0 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 3285.786485][T20747] CPU: 1 PID: 20747 Comm: syz-executor.0 Not tainted 5.1.0-rc7+ #97 [ 3285.794476][T20747] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3285.805534][T20747] Call Trace: [ 3285.808841][T20747] dump_stack+0x172/0x1f0 [ 3285.813190][T20747] dump_header+0x10f/0xb6c [ 3285.817631][T20747] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 3285.823451][T20747] ? ___ratelimit+0x60/0x595 [ 3285.828046][T20747] ? do_raw_spin_unlock+0x57/0x270 [ 3285.833148][T20747] oom_kill_process.cold+0x10/0x15 [ 3285.838344][T20747] out_of_memory+0x79a/0x1280 [ 3285.843031][T20747] ? oom_killer_disable+0x280/0x280 [ 3285.848239][T20747] ? find_held_lock+0x35/0x130 [ 3285.853010][T20747] mem_cgroup_out_of_memory+0x1ca/0x230 [ 3285.858542][T20747] ? memcg_event_wake+0x230/0x230 [ 3285.863579][T20747] ? do_raw_spin_unlock+0x57/0x270 [ 3285.868677][T20747] ? _raw_spin_unlock+0x2d/0x50 [ 3285.873527][T20747] try_charge+0x102c/0x15c0 [ 3285.878027][T20747] ? find_held_lock+0x35/0x130 [ 3285.882818][T20747] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 3285.888403][T20747] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3285.894644][T20747] ? kasan_check_read+0x11/0x20 [ 3285.899496][T20747] ? get_mem_cgroup_from_mm+0x128/0x2b0 [ 3285.905035][T20747] mem_cgroup_try_charge+0x24d/0x5e0 [ 3285.910314][T20747] mem_cgroup_try_charge_delay+0x1f/0xa0 [ 3285.915948][T20747] do_huge_pmd_wp_page+0x99d/0x3660 [ 3285.921152][T20747] ? pmd_pfn+0x1d0/0x1d0 [ 3285.925411][T20747] ? __split_huge_pmd+0x2b00/0x2b00 [ 3285.930616][T20747] ? do_wp_page+0x496/0x1500 [ 3285.935212][T20747] ? pmd_val+0x85/0x100 [ 3285.939354][T20747] ? add_mm_counter_fast.part.0+0x40/0x40 [ 3285.945076][T20747] ? perf_trace_lock+0xeb/0x510 [ 3285.949915][T20747] __handle_mm_fault+0x1651/0x3ec0 [ 3285.955027][T20747] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 3285.960708][T20747] ? find_held_lock+0x35/0x130 [ 3285.965490][T20747] ? handle_mm_fault+0x322/0xb30 [ 3285.970451][T20747] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3285.976689][T20747] ? kasan_check_read+0x11/0x20 [ 3285.981580][T20747] handle_mm_fault+0x43f/0xb30 [ 3285.986372][T20747] __do_page_fault+0x5ef/0xda0 [ 3285.991142][T20747] do_page_fault+0x71/0x581 [ 3285.995655][T20747] ? page_fault+0x8/0x30 [ 3285.999894][T20747] page_fault+0x1e/0x30 [ 3286.004061][T20747] RIP: 0033:0x4400d9 [ 3286.007964][T20747] Code: b7 0e 66 89 0f 48 83 c6 02 48 83 c7 02 0f 1f 40 00 f6 c2 04 74 0c 8b 0e 89 0f 48 83 c6 04 48 83 c7 04 f6 c2 08 74 0e 48 8b 0e <48> 89 0f 48 83 c6 08 48 83 c7 08 81 e2 f0 00 00 00 74 1f 0f 1f 40 [ 3286.027600][T20747] RSP: 002b:0000000000a4fbc8 EFLAGS: 00010202 [ 3286.035762][T20747] RAX: 0000000020000240 RBX: 0000000000740670 RCX: 00676e697279656b [ 3286.043743][T20747] RDX: 0000000000000008 RSI: 0000000000740690 RDI: 0000000020000240 [ 3286.051718][T20747] RBP: fffffffffffffffe R08: 000000007573aa14 R09: 000000007573aa18 [ 3286.059710][T20747] R10: 0000000000a4fca0 R11: 0000000000000246 R12: 0000000000740678 [ 3286.067702][T20747] R13: 00000000004beb51 R14: 0000000000000000 R15: 000000000073bfac [ 3286.079210][ C1] net_ratelimit: 14 callbacks suppressed [ 3286.079218][ C1] protocol 88fb is buggy, dev hsr_slave_0 [ 3286.091079][ C1] protocol 88fb is buggy, dev hsr_slave_1 [ 3286.097118][ C1] protocol 88fb is buggy, dev hsr_slave_0 [ 3286.103069][ C1] protocol 88fb is buggy, dev hsr_slave_1 [ 3286.109063][ C1] protocol 88fb is buggy, dev hsr_slave_0 [ 3286.115016][ C1] protocol 88fb is buggy, dev hsr_slave_1 [ 3286.123237][T20747] memory: usage 307096kB, limit 307200kB, failcnt 369 [ 3286.130164][T20747] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3286.138412][T20747] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3286.145469][T20747] Memory cgroup stats for /syz0: cache:16648KB rss:210568KB rss_huge:172032KB shmem:16544KB mapped_file:0KB dirty:0KB writeback:132KB swap:0KB inactive_anon:16484KB active_anon:210532KB inactive_file:0KB active_file:0KB unevictable:0KB [ 3286.168475][T20747] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=8555,uid=0 [ 3286.184328][T20747] Memory cgroup out of memory: Killed process 8555 (syz-executor.0) total-vm:72976kB, anon-rss:2216kB, file-rss:35824kB, shmem-rss:0kB [ 3286.220566][ T1775] binder: send failed reply for transaction 2, target dead [ 3286.220759][T20714] syz-executor.3 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=3, oom_score_adj=1000 [ 3286.228309][ T1775] binder: send failed reply for transaction 5, target dead [ 3286.248051][T20714] CPU: 0 PID: 20714 Comm: syz-executor.3 Not tainted 5.1.0-rc7+ #97 [ 3286.248240][ T1775] binder: send failed reply for transaction 8, target dead [ 3286.256050][T20714] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3286.256056][T20714] Call Trace: [ 3286.256081][T20714] dump_stack+0x172/0x1f0 [ 3286.256102][T20714] dump_header+0x10f/0xb6c [ 3286.256122][T20714] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 3286.256139][T20714] ? ___ratelimit+0x60/0x595 [ 3286.256154][T20714] ? do_raw_spin_unlock+0x57/0x270 [ 3286.256173][T20714] oom_kill_process.cold+0x10/0x15 [ 3286.256191][T20714] out_of_memory+0x79a/0x1280 [ 3286.256217][T20714] ? oom_killer_disable+0x280/0x280 [ 3286.256238][T20714] ? find_held_lock+0x35/0x130 [ 3286.256264][T20714] mem_cgroup_out_of_memory+0x1ca/0x230 [ 3286.256279][T20714] ? memcg_event_wake+0x230/0x230 [ 3286.256300][T20714] ? do_raw_spin_unlock+0x57/0x270 [ 3286.256320][T20714] ? _raw_spin_unlock+0x2d/0x50 [ 3286.264276][ T1775] binder: send failed reply for transaction 11, target dead [ 3286.273593][T20714] try_charge+0x102c/0x15c0 [ 3286.273607][T20714] ? find_held_lock+0x35/0x130 [ 3286.273632][T20714] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 3286.273647][T20714] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 3286.273663][T20714] ? find_held_lock+0x35/0x130 [ 3286.273681][T20714] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 3286.273713][T20714] __memcg_kmem_charge_memcg+0x7c/0x130 [ 3286.273729][T20714] ? memcg_kmem_put_cache+0xb0/0xb0 [ 3286.273747][T20714] ? get_mem_cgroup_from_mm+0x128/0x2b0 [ 3286.273768][T20714] __memcg_kmem_charge+0x136/0x300 [ 3286.273791][T20714] __alloc_pages_nodemask+0x4bf/0x8d0 [ 3286.273806][T20714] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3286.273827][T20714] ? __alloc_pages_slowpath+0x28b0/0x28b0 [ 3286.273845][T20714] ? copy_process.part.0+0x1d08/0x7980 [ 3286.273864][T20714] ? lockdep_hardirqs_on+0x418/0x5d0 [ 3286.277740][ T1775] binder: send failed reply for transaction 12, target dead [ 3286.281476][T20714] ? trace_hardirqs_on+0x67/0x230 [ 3286.281501][T20714] copy_process.part.0+0x3e0/0x7980 [ 3286.281520][T20714] ? __handle_mm_fault+0x21b7/0x3ec0 [ 3286.281537][T20714] ? find_held_lock+0x35/0x130 [ 3286.281554][T20714] ? __handle_mm_fault+0x21b7/0x3ec0 [ 3286.281578][T20714] ? lock_downgrade+0x880/0x880 [ 3286.281595][T20714] ? migration_entry_to_page+0x320/0x320 [ 3286.281607][T20714] ? lru_cache_add+0x21c/0x590 [ 3286.281633][T20714] ? __cleanup_sighand+0x60/0x60 [ 3286.281649][T20714] ? __handle_mm_fault+0x7cd/0x3ec0 [ 3286.281667][T20714] ? __lockdep_free_key_range+0x120/0x120 [ 3286.286654][ T1775] binder: send failed reply for transaction 15, target dead [ 3286.291880][T20714] ? __do_page_fault+0x623/0xda0 [ 3286.291897][T20714] ? find_held_lock+0x35/0x130 [ 3286.291920][T20714] _do_fork+0x257/0xfd0 [ 3286.291956][T20714] ? fork_idle+0x1d0/0x1d0 [ 3286.291983][T20714] ? kasan_check_write+0x14/0x20 [ 3286.292000][T20714] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3286.292015][T20714] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3286.292029][T20714] ? do_syscall_64+0x26/0x610 [ 3286.292044][T20714] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3286.292058][T20714] ? do_syscall_64+0x26/0x610 [ 3286.292083][T20714] __x64_sys_clone+0xbf/0x150 [ 3286.297181][ T1775] binder: send failed reply for transaction 16, target dead [ 3286.301771][T20714] do_syscall_64+0x103/0x610 [ 3286.301794][T20714] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3286.301806][T20714] RIP: 0033:0x45b779 [ 3286.301823][T20714] Code: ff 48 85 f6 0f 84 d7 8e fb ff 48 83 ee 10 48 89 4e 08 48 89 3e 48 89 d7 4c 89 c2 4d 89 c8 4c 8b 54 24 08 b8 38 00 00 00 0f 05 <48> 85 c0 0f 8c ae 8e fb ff 74 01 c3 31 ed 48 f7 c7 00 00 01 00 75 [ 3286.301832][T20714] RSP: 002b:0000000000a4fa98 EFLAGS: 00000202 ORIG_RAX: 0000000000000038 [ 3286.301848][T20714] RAX: ffffffffffffffda RBX: 00007fa14f178700 RCX: 000000000045b779 [ 3286.301857][T20714] RDX: 00007fa14f1789d0 RSI: 00007fa14f177db0 RDI: 00000000003d0f00 [ 3286.301866][T20714] RBP: 0000000000a4fcb0 R08: 00007fa14f178700 R09: 00007fa14f178700 [ 3286.301875][T20714] R10: 00007fa14f1789d0 R11: 0000000000000202 R12: 0000000000000000 [ 3286.301884][T20714] R13: 0000000000a4fb4f R14: 00007fa14f1789c0 R15: 000000000073bfac [ 3286.327720][T20714] memory: usage 307156kB, limit 307200kB, failcnt 24950 [ 3286.327733][T20714] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3286.327742][T20714] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3286.327749][T20714] Memory cgroup stats for /syz3: cache:0KB rss:88676KB rss_huge:0KB shmem:44KB mapped_file:0KB dirty:132KB writeback:132KB swap:0KB inactive_anon:0KB active_anon:88780KB inactive_file:0KB active_file:0KB unevictable:0KB [ 3286.327835][T20714] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=syz3,mems_allowed=0-1,oom_memcg=/syz3,task_memcg=/syz3,task=syz-executor.3,pid=24524,uid=0 [ 3286.338311][ T1775] binder: send failed reply for transaction 21, target dead [ 3286.355422][ T1775] binder: send failed reply for transaction 22, target dead [ 3286.365854][ T1775] binder: send failed reply for transaction 28, target dead [ 3286.421261][T20714] Memory cgroup out of memory: Killed process 24524 (syz-executor.3) total-vm:72580kB, anon-rss:172kB, file-rss:35796kB, shmem-rss:0kB [ 3286.422684][ T1775] binder: send failed reply for transaction 46 to 7121:7132 [ 3286.429975][ T1043] oom_reaper: reaped process 24524 (syz-executor.3), now anon-rss:0kB, file-rss:34836kB, shmem-rss:0kB [ 3286.472232][T20764] syz-executor.3 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=0, oom_score_adj=1000 [ 3286.778077][T20764] CPU: 0 PID: 20764 Comm: syz-executor.3 Not tainted 5.1.0-rc7+ #97 [ 3286.786071][T20764] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3286.796114][T20764] Call Trace: [ 3286.799404][T20764] dump_stack+0x172/0x1f0 [ 3286.803735][T20764] dump_header+0x10f/0xb6c [ 3286.808143][T20764] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 3286.813941][T20764] ? ___ratelimit+0x60/0x595 [ 3286.818516][T20764] ? do_raw_spin_unlock+0x57/0x270 [ 3286.823611][T20764] oom_kill_process.cold+0x10/0x15 [ 3286.828708][T20764] out_of_memory+0x79a/0x1280 [ 3286.833382][T20764] ? lock_downgrade+0x880/0x880 [ 3286.839360][T20764] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3286.845601][T20764] ? oom_killer_disable+0x280/0x280 [ 3286.850781][T20764] ? find_held_lock+0x35/0x130 [ 3286.855537][T20764] mem_cgroup_out_of_memory+0x1ca/0x230 [ 3286.861117][T20764] ? memcg_event_wake+0x230/0x230 [ 3286.866147][T20764] ? do_raw_spin_unlock+0x57/0x270 [ 3286.871247][T20764] ? _raw_spin_unlock+0x2d/0x50 [ 3286.876088][T20764] try_charge+0x102c/0x15c0 [ 3286.880660][T20764] ? find_held_lock+0x35/0x130 [ 3286.885416][T20764] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 3286.891037][T20764] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 3286.896570][T20764] ? find_held_lock+0x35/0x130 [ 3286.901319][T20764] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 3286.906872][T20764] __memcg_kmem_charge_memcg+0x7c/0x130 [ 3286.912406][T20764] ? memcg_kmem_put_cache+0xb0/0xb0 [ 3286.917595][T20764] ? get_mem_cgroup_from_mm+0x128/0x2b0 [ 3286.923128][T20764] __memcg_kmem_charge+0x136/0x300 [ 3286.928267][T20764] __alloc_pages_nodemask+0x4bf/0x8d0 [ 3286.933632][T20764] ? __alloc_pages_slowpath+0x28b0/0x28b0 [ 3286.939358][T20764] ? copy_page_range+0x125a/0x1f90 [ 3286.944475][T20764] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 3286.950717][T20764] alloc_pages_current+0x107/0x210 [ 3286.955819][T20764] pte_alloc_one+0x1b/0x1a0 [ 3286.960306][T20764] __pte_alloc+0x20/0x310 [ 3286.964626][T20764] copy_page_range+0x1529/0x1f90 [ 3286.969544][T20764] ? perf_trace_lock+0xeb/0x510 [ 3286.974381][T20764] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3286.980620][T20764] ? pmd_alloc+0x180/0x180 [ 3286.985022][T20764] ? vma_compute_subtree_gap+0x158/0x230 [ 3286.990641][T20764] ? validate_mm_rb+0xa3/0xc0 [ 3286.995306][T20764] ? __vma_link_rb+0x279/0x370 [ 3287.000067][T20764] copy_process.part.0+0x568b/0x7980 [ 3287.005385][T20764] ? __cleanup_sighand+0x60/0x60 [ 3287.010344][T20764] ? semctl_down+0x5e0/0x9f0 [ 3287.014940][T20764] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3287.021174][T20764] _do_fork+0x257/0xfd0 [ 3287.025323][T20764] ? fork_idle+0x1d0/0x1d0 [ 3287.029753][T20764] ? __ia32_sys_mkdir+0x80/0x80 [ 3287.034620][T20764] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3287.040349][T20764] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3287.045849][T20764] ? do_syscall_64+0x26/0x610 [ 3287.050509][T20764] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3287.056559][T20764] ? do_syscall_64+0x26/0x610 [ 3287.061219][T20764] ? lockdep_hardirqs_on+0x418/0x5d0 [ 3287.066516][T20764] __ia32_sys_fork+0x1f/0x30 [ 3287.071089][T20764] do_syscall_64+0x103/0x610 [ 3287.075664][T20764] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3287.081537][T20764] RIP: 0033:0x2000000a [ 3287.085599][T20764] Code: Bad RIP value. [ 3287.089645][T20764] RSP: 002b:00007fa14f177bd8 EFLAGS: 00000202 ORIG_RAX: 0000000000000039 [ 3287.098043][T20764] RAX: ffffffffffffffda RBX: 0000000000000009 RCX: 000000002000000a [ 3287.105998][T20764] RDX: 0000000000000000 RSI: 0000000080000034 RDI: 0000000000000003 [ 3287.113954][T20764] RBP: 0000000000000080 R08: 0000000000000005 R09: 0000000000000006 [ 3287.121937][T20764] R10: 0000000000000007 R11: 0000000000000202 R12: 000000000000000b [ 3287.129899][T20764] R13: 000000000000000c R14: 000000000000000d R15: 00000000ffffffff [ 3287.138209][ C0] protocol 88fb is buggy, dev hsr_slave_0 [ 3287.144051][ C0] protocol 88fb is buggy, dev hsr_slave_1 [ 3287.150749][T20764] memory: usage 307040kB, limit 307200kB, failcnt 24985 [ 3287.157885][T20764] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3287.165578][T20764] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3287.173058][T20764] Memory cgroup stats for /syz3: cache:0KB rss:88676KB rss_huge:0KB shmem:44KB mapped_file:0KB dirty:132KB writeback:132KB swap:0KB inactive_anon:0KB active_anon:88668KB inactive_file:0KB active_file:0KB unevictable:0KB [ 3287.194833][T20764] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=syz3,mems_allowed=0-1,oom_memcg=/syz3,task_memcg=/syz3,task=syz-executor.3,pid=24580,uid=0 [ 3287.210382][T20764] Memory cgroup out of memory: Killed process 24580 (syz-executor.3) total-vm:72580kB, anon-rss:172kB, file-rss:35796kB, shmem-rss:0kB 17:10:19 executing program 3: openat$tun(0xffffffffffffff9c, &(0x7f0000000100)='/dev/net/tun\x00', 0x2, 0x0) clone(0x802102001ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) syz_execute_func(&(0x7f0000000000)="994a2ae92c10964c0f05bf03000000c4a37bf0c50141e2e9c422e9aabb3c0000004a0fc7a4ea70db000000000f383a9e02000000110f4e5bc4a265aa134b26660f38091e2fa2631bc421045f4607c421dd589fc4e10bf8e426f2f045f619640f0f6f43a038fd52262e2e66450f7d64c60865f2ad0383397fd3ff3a0065f20f7cd8efa1a12ad764d38f53efaf6766f2ab440fec3f67ddea660f79cec462b1f72ec3c4899294d800000000000fc4634148f70000c2a0c10b00cca27a0e0fc442cd376d000f9f3c6436b2aa66450fc4650000c4e39978c104d9a1e8719e70ddcdcda2660f38346800c4e3295d4c3dc8a3c4c1045ccc7d75c4426507af0f0000000f5fd25cf3460f2ad0f30f5ea5a9a50000ffff660f79ca553131b83a00a2f1fbfb766208cf") 17:10:19 executing program 1: r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snapshot\x00', 0x440, 0x0) ioctl$TCGETS(r0, 0x5401, &(0x7f0000000080)) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000b40)='oom_adj\x00') r3 = syz_open_procfs(0x0, &(0x7f0000000580)='oom_score_adj\x00\x9f\xc5r\x0e8J\xdb@\xf8\xbfj1\xe8\xce\x88\x02^\xb2\xf4hTR2\xf1\x89\x1e~m\x19\xc9lG^l\x13c7\xf7$\x7f?9>b\xe8/<\xdbj>:\xd9\x10\x04r\x18\x15\xdc)\x10I<\xd0:\x0f\x18\xec\x00\xc2w\x8a0C\xf8\xa9\xeaa\x16\x8c\xe6C\xf5\xcb\xdc\x1c\xea`\x9c\xe1\x8e\xdd\x8e\xaa\x1f\xf4\xaf\xa3Z\xbf\x17M\x1a\xff\xb1\x8dP]<\x9e\xe1B[y\xe6\xae\xe9I\xdb)\x9b\xcb\xa3Wlt\xe9\xa9\xfc\xf8\xde\xf0]\n\xa5S\x16\x1dh\x88\xc5\xea\xcf\xca5\xd2.\x93\xfd\t\x90#hq\r\x9b;\x83\xdd\x0fs\x80\x12\xc6\x8e~\xd4\xef\xc7:\xee4cu\xb2\x03\xd5\xd5)\xc9\xf1/\xea\x95_\'\xfb\xb9\xa94\xca\x9e\xf3\xfb\xc9\xd6~\xd5\xb7}B\xe5.\x86\xbf\xbb#\xb9\xf7N\xb3\xfe?x\xccX^\x16bz\"\x8a\xa45\x10t\xbb\xb7\xca\xa7\xcc\xde_\xdc\xab\xf2\xb8\xc7\xb3\xd3&$\xbb4\x81\t\xbb\xe3\xbfB(ln\xbc\xe9E<6$\x8f)\xb0\x1a\xc9\xe3\x18\xa6\xd9zk\x94Z\xed\x96\xad\xe2\\\xcb,!\x13\rv)r\xf1\x00E\xcccgr\xbf\xd4uB\x9f\xa5\x8c8\xe4D\x0f\xd3Vtd\x89\xc8V\x14\x17=\xd9\xcf*\xc8\xc7\xb7\xcc\x182/Jm\x8c5\x93\x14\xfd\x02\'\xe3\xc9\x12~\xc3\x10\xb7\xc7\xae\xcfA\x823|\xfd\xba2\xbd\xc6-\xe0E_x\xc7i\x8dV\xd9\\_l\xfb\xd8xX.N\x9bd\x91\xd5\xc1\xa1\xbahL\x95wF\x13{\xfd\xc8T\x1f\xe1)h\a\xe8Wn]\xe4') sendfile(r3, r2, 0x0, 0x1) sendfile(r2, r3, &(0x7f00000001c0), 0x84) 17:10:19 executing program 2: clone(0x80210a001ff1, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$IP_VS_SO_SET_ADD(r0, 0x0, 0x482, &(0x7f0000000040)={0x40011, @empty, 0x0, 0x0, '\xfa\x94\x00\x00\x00\x00\x00\x00\x00\x00@\x00'}, 0x2c) 17:10:19 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = socket$inet(0x10, 0x3, 0xc) sendmsg(r1, &(0x7f0000011fc8)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="24000000060107031dfffd946fa2830020200a0009000200001d853c0c1baba20400ff7e28000000110affffba010000000009b356da5a80d18be34c8546c8243929db2406b20cd37ed01cc0", 0x4c}], 0x1}, 0x0) 17:10:19 executing program 4: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB="300000001800110300000000000000000a000000fe4c11000000000014000500002ec1ddb6edd8e4dcd163af3c00000000000000000000000008"], 0x1}}, 0x0) 17:10:19 executing program 0: r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f0000b6dfc8)={0x0, 0x0, &(0x7f00008feff0)={&(0x7f0000327f68)={0x2, 0x400000000000004, 0x0, 0x6, 0xe, 0x0, 0x0, 0x0, [@sadb_address={0x5, 0x6, 0x0, 0x0, 0x0, @in6}, @sadb_sa={0x2}, @sadb_address={0x5, 0x5, 0x0, 0x0, 0x0, @in6={0xa, 0x0, 0x0, @mcast2}}]}, 0x70}}, 0x0) r1 = socket$bt_bnep(0x1f, 0x3, 0x4) setsockopt$bt_BT_POWER(r1, 0x112, 0x9, &(0x7f0000000000)=0x5, 0x1) [ 3287.226770][ T1043] oom_reaper: reaped process 24580 (syz-executor.3), now anon-rss:0kB, file-rss:34836kB, shmem-rss:0kB 17:10:19 executing program 0: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) stat(&(0x7f0000000480)='./file0\x00', 0x0) r0 = openat$mixer(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/mixer\x00', 0x101040, 0x0) setsockopt$inet_sctp_SCTP_NODELAY(r0, 0x84, 0x3, &(0x7f0000000100)=0xdf, 0x4) lstat(0x0, 0x0) shmctl$IPC_SET(0x0, 0x1, 0x0) sendmsg(0xffffffffffffffff, 0x0, 0x0) r1 = request_key(&(0x7f0000000000)='keyring\x00', &(0x7f0000000040)={'syz', 0x3}, &(0x7f0000000080)='\\cgroupcgroup\x00', 0xfffffffffffffffa) request_key(&(0x7f0000000980)='keyring\x00', &(0x7f0000000b80)={'syz'}, 0x0, r1) ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, 0x0) getsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffffff, 0x29, 0x22, 0x0, 0x0) getsockname$packet(0xffffffffffffffff, 0x0, &(0x7f00000008c0)) ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f00000001c0)={'team0\x00'}) io_setup(0xa7e7, &(0x7f0000000580)) syz_genetlink_get_family_id$ipvs(0x0) [ 3287.400407][T20774] syz-executor.0 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=3, oom_score_adj=1000 [ 3287.414032][T20774] CPU: 1 PID: 20774 Comm: syz-executor.0 Not tainted 5.1.0-rc7+ #97 [ 3287.422034][T20774] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3287.432103][T20774] Call Trace: [ 3287.435422][T20774] dump_stack+0x172/0x1f0 [ 3287.439779][T20774] dump_header+0x10f/0xb6c [ 3287.444213][T20774] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 3287.450035][T20774] ? ___ratelimit+0x60/0x595 [ 3287.454720][T20774] ? do_raw_spin_unlock+0x57/0x270 [ 3287.459853][T20774] oom_kill_process.cold+0x10/0x15 [ 3287.464979][T20774] out_of_memory+0x79a/0x1280 [ 3287.469666][T20774] ? lock_downgrade+0x880/0x880 [ 3287.474522][T20774] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3287.480772][T20774] ? oom_killer_disable+0x280/0x280 [ 3287.485982][T20774] ? find_held_lock+0x35/0x130 [ 3287.490769][T20774] mem_cgroup_out_of_memory+0x1ca/0x230 [ 3287.496327][T20774] ? memcg_event_wake+0x230/0x230 [ 3287.501368][T20774] ? do_raw_spin_unlock+0x57/0x270 [ 3287.506488][T20774] ? _raw_spin_unlock+0x2d/0x50 [ 3287.511352][T20774] try_charge+0x102c/0x15c0 [ 3287.515861][T20774] ? find_held_lock+0x35/0x130 [ 3287.520645][T20774] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 3287.526198][T20774] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 3287.531758][T20774] ? find_held_lock+0x35/0x130 [ 3287.536542][T20774] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 3287.542115][T20774] __memcg_kmem_charge_memcg+0x7c/0x130 [ 3287.547674][T20774] ? memcg_kmem_put_cache+0xb0/0xb0 [ 3287.552883][T20774] ? get_mem_cgroup_from_mm+0x128/0x2b0 [ 3287.558458][T20774] __memcg_kmem_charge+0x136/0x300 [ 3287.563587][T20774] __alloc_pages_nodemask+0x4bf/0x8d0 [ 3287.568973][T20774] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3287.575228][T20774] ? __alloc_pages_slowpath+0x28b0/0x28b0 [ 3287.580968][T20774] ? copy_process.part.0+0x1d08/0x7980 [ 3287.586442][T20774] ? lockdep_hardirqs_on+0x418/0x5d0 [ 3287.591748][T20774] ? trace_hardirqs_on+0x67/0x230 [ 3287.596787][T20774] ? kasan_check_read+0x11/0x20 [ 3287.601656][T20774] copy_process.part.0+0x3e0/0x7980 [ 3287.606875][T20774] ? __lockdep_free_key_range+0x120/0x120 [ 3287.612599][T20774] ? sched_clock+0x2e/0x50 [ 3287.612615][T20774] ? psi_memstall_leave+0x12e/0x180 [ 3287.612630][T20774] ? find_held_lock+0x35/0x130 [ 3287.612644][T20774] ? psi_memstall_leave+0x12e/0x180 [ 3287.612674][T20774] ? __cleanup_sighand+0x60/0x60 [ 3287.637149][T20774] ? perf_trace_lock+0xeb/0x510 [ 3287.639933][T20786] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.5'. [ 3287.642009][T20774] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3287.642029][T20774] ? debug_smp_processor_id+0x3c/0x280 [ 3287.642046][T20774] ? __lockdep_free_key_range+0x120/0x120 [ 3287.642074][T20774] _do_fork+0x257/0xfd0 [ 3287.642096][T20774] ? fork_idle+0x1d0/0x1d0 [ 3287.677336][T20774] ? blkcg_maybe_throttle_current+0x5e2/0xfc0 [ 3287.683418][T20774] ? lock_downgrade+0x880/0x880 [ 3287.688281][T20774] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3287.694551][T20774] ? blkcg_exit_queue+0x30/0x30 [ 3287.699412][T20774] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3287.704886][T20774] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3287.710361][T20774] ? do_syscall_64+0x26/0x610 [ 3287.715049][T20774] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3287.721129][T20774] ? do_syscall_64+0x26/0x610 [ 3287.725821][T20774] __x64_sys_clone+0xbf/0x150 [ 3287.730508][T20774] do_syscall_64+0x103/0x610 [ 3287.735117][T20774] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3287.741020][T20774] RIP: 0033:0x45b779 [ 3287.744932][T20774] Code: ff 48 85 f6 0f 84 d7 8e fb ff 48 83 ee 10 48 89 4e 08 48 89 3e 48 89 d7 4c 89 c2 4d 89 c8 4c 8b 54 24 08 b8 38 00 00 00 0f 05 <48> 85 c0 0f 8c ae 8e fb ff 74 01 c3 31 ed 48 f7 c7 00 00 01 00 75 [ 3287.764550][T20774] RSP: 002b:0000000000a4fa98 EFLAGS: 00000202 ORIG_RAX: 0000000000000038 [ 3287.772978][T20774] RAX: ffffffffffffffda RBX: 00007f3680240700 RCX: 000000000045b779 [ 3287.780967][T20774] RDX: 00007f36802409d0 RSI: 00007f368023fdb0 RDI: 00000000003d0f00 [ 3287.788956][T20774] RBP: 0000000000a4fcb0 R08: 00007f3680240700 R09: 00007f3680240700 [ 3287.796947][T20774] R10: 00007f36802409d0 R11: 0000000000000202 R12: 0000000000000000 [ 3287.804936][T20774] R13: 0000000000a4fb4f R14: 00007f36802409c0 R15: 000000000073bfac [ 3287.820123][T20777] IPVS: Scheduler module ip_vs_ú” not found [ 3287.821907][ C0] protocol 88fb is buggy, dev hsr_slave_0 [ 3287.829228][T20774] memory: usage 307200kB, limit 307200kB, failcnt 410 [ 3287.831984][ C0] protocol 88fb is buggy, dev hsr_slave_1 [ 3287.844099][T20784] IPVS: Scheduler module ip_vs_ú” not found 17:10:20 executing program 2: clone(0x80210a001ff1, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$IP_VS_SO_SET_ADD(r0, 0x0, 0x482, &(0x7f0000000040)={0x40011, @empty, 0x0, 0x0, '\xfa\x94\x00\x00\x00\x00\x00\x00\x00\x00H\x00'}, 0x2c) [ 3287.853251][T20774] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3287.860889][T20774] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3287.871957][T20774] Memory cgroup stats for /syz0: cache:17572KB rss:210528KB rss_huge:169984KB shmem:16544KB mapped_file:0KB dirty:0KB writeback:132KB swap:0KB inactive_anon:16484KB active_anon:210572KB inactive_file:1096KB active_file:0KB unevictable:0KB 17:10:20 executing program 4: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB="300000001800110300000000000000000a000000fe003f000000000014000500002ec1ddb6edd8e4dcd163af3c00000000000000000000000008"], 0x1}}, 0x0) [ 3287.895814][T20774] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=4432,uid=0 [ 3287.911834][T20774] Memory cgroup out of memory: Killed process 4432 (syz-executor.0) total-vm:72844kB, anon-rss:2228kB, file-rss:35804kB, shmem-rss:0kB 17:10:20 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = socket$inet(0x10, 0x3, 0xc) sendmsg(r1, &(0x7f0000011fc8)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="24000000060107031dfffd946fa2830020200a0009000200001d853d0c1baba20400ff7e28000000110affffba010000000009b356da5a80d18be34c8546c8243929db2406b20cd37ed01cc0", 0x4c}], 0x1}, 0x0) [ 3287.967706][T20776] syz-executor.0 invoked oom-killer: gfp_mask=0x100dc2(GFP_HIGHUSER|__GFP_ZERO), order=0, oom_score_adj=1000 [ 3287.986035][T20776] CPU: 0 PID: 20776 Comm: syz-executor.0 Not tainted 5.1.0-rc7+ #97 [ 3287.994043][T20776] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3288.004105][T20776] Call Trace: [ 3288.007407][T20776] dump_stack+0x172/0x1f0 [ 3288.011760][T20776] dump_header+0x10f/0xb6c 17:10:20 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = socket$inet6_sctp(0xa, 0x5, 0x84) connect$inet6(r1, &(0x7f0000000000)={0xa, 0x0, 0x0, @loopback}, 0x1c) getsockopt$IP6T_SO_GET_REVISION_MATCH(r1, 0x29, 0x50, &(0x7f0000000040)={'TPROXY\x00'}, &(0x7f00000000c0)=0x1e) lstat(&(0x7f0000000600)='./file0\x00', &(0x7f0000000540)={0x0, 0x0, 0x0, 0x0, 0x0}) stat(&(0x7f00000001c0)='./file0\x00', &(0x7f0000000200)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) lchown(&(0x7f0000000080)='./file0\x00', r2, r3) ioctl$EVIOCGNAME(0xffffffffffffffff, 0x80404506, &(0x7f0000000280)=""/28) getsockopt$inet_sctp_SCTP_STREAM_SCHEDULER(0xffffffffffffffff, 0x84, 0x7b, &(0x7f0000000100)={0x0, 0x8001}, &(0x7f0000000140)=0x8) getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER_VALUE(r1, 0x84, 0x7c, &(0x7f0000000180)={r4, 0x6, 0x7}, &(0x7f0000000340)=0x8) r5 = syz_open_dev$swradio(&(0x7f00000002c0)='/dev/swradio#\x00', 0x0, 0x2) ioctl$SNDRV_TIMER_IOCTL_PVERSION(r5, 0x80045400, &(0x7f0000000300)) [ 3288.016193][T20776] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 3288.022018][T20776] ? ___ratelimit+0x60/0x595 [ 3288.026622][T20776] ? do_raw_spin_unlock+0x57/0x270 [ 3288.033455][T20776] oom_kill_process.cold+0x10/0x15 [ 3288.038595][T20776] out_of_memory+0x79a/0x1280 [ 3288.043291][T20776] ? oom_killer_disable+0x280/0x280 [ 3288.048497][T20776] ? find_held_lock+0x35/0x130 [ 3288.053291][T20776] mem_cgroup_out_of_memory+0x1ca/0x230 [ 3288.058855][T20776] ? memcg_event_wake+0x230/0x230 [ 3288.063902][T20776] ? do_raw_spin_unlock+0x57/0x270 [ 3288.069034][T20776] ? _raw_spin_unlock+0x2d/0x50 [ 3288.069058][T20776] try_charge+0xa87/0x15c0 [ 3288.069074][T20776] ? find_held_lock+0x35/0x130 [ 3288.069102][T20776] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 3288.069121][T20776] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3288.069144][T20776] ? kasan_check_read+0x11/0x20 [ 3288.069164][T20776] ? get_mem_cgroup_from_mm+0x128/0x2b0 [ 3288.105325][T20776] mem_cgroup_try_charge+0x24d/0x5e0 [ 3288.110632][T20776] __add_to_page_cache_locked+0x425/0xe70 [ 3288.116368][T20776] ? file_check_and_advance_wb_err+0x3a0/0x3a0 [ 3288.122528][T20776] ? __alloc_pages_nodemask+0x61d/0x8d0 [ 3288.128072][T20776] ? lock_downgrade+0x880/0x880 [ 3288.132931][T20776] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3288.139460][T20776] ? count_shadow_nodes+0x500/0x500 [ 3288.144753][T20776] ? find_get_entry+0x535/0x880 [ 3288.149610][T20776] add_to_page_cache_lru+0x1cb/0x760 [ 3288.154907][T20776] ? add_to_page_cache_locked+0x40/0x40 [ 3288.160514][T20776] ? __page_cache_alloc+0x131/0x460 [ 3288.165719][T20776] pagecache_get_page+0x35c/0x740 [ 3288.170758][T20776] ioctx_alloc+0x73f/0x1db0 [ 3288.175301][T20776] ? aio_poll_complete_work+0xfc0/0xfc0 [ 3288.180855][T20776] ? __x64_sys_io_setup+0xc2/0x410 [ 3288.186132][T20776] __x64_sys_io_setup+0xc9/0x410 [ 3288.191077][T20776] do_syscall_64+0x103/0x610 [ 3288.195677][T20776] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3288.201564][T20776] RIP: 0033:0x458da9 [ 3288.205461][T20776] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 3288.225072][T20776] RSP: 002b:00007f3680260c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000ce [ 3288.233492][T20776] RAX: ffffffffffffffda RBX: 0000000000000002 RCX: 0000000000458da9 [ 3288.241467][T20776] RDX: 0000000000000000 RSI: 0000000020000580 RDI: 000000000000a7e7 [ 3288.249439][T20776] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000 [ 3288.257419][T20776] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f36802616d4 [ 3288.265394][T20776] R13: 00000000004bffbc R14: 00000000004d2270 R15: 00000000ffffffff [ 3288.274535][T20776] memory: usage 304880kB, limit 307200kB, failcnt 410 [ 3288.281331][T20776] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3288.290385][T20776] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3288.300295][T20776] Memory cgroup stats for /syz0: cache:17572KB rss:208336KB rss_huge:167936KB shmem:16544KB mapped_file:0KB dirty:0KB writeback:132KB swap:0KB inactive_anon:16484KB active_anon:208388KB inactive_file:1096KB active_file:0KB unevictable:0KB [ 3288.334814][T20776] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=13896,uid=0 [ 3288.353802][T20776] Memory cgroup out of memory: Killed process 13896 (syz-executor.0) total-vm:72712kB, anon-rss:2232kB, file-rss:35800kB, shmem-rss:0kB [ 3288.369806][T20801] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.5'. [ 3288.397666][ T1043] oom_reaper: reaped process 13896 (syz-executor.0), now anon-rss:0kB, file-rss:34840kB, shmem-rss:0kB [ 3288.418078][ T7844] syz-executor.2 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=0, oom_score_adj=0 [ 3288.452557][ T7844] CPU: 1 PID: 7844 Comm: syz-executor.2 Not tainted 5.1.0-rc7+ #97 [ 3288.460512][ T7844] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3288.470581][ T7844] Call Trace: [ 3288.473889][ T7844] dump_stack+0x172/0x1f0 [ 3288.478237][ T7844] dump_header+0x10f/0xb6c [ 3288.482666][ T7844] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 3288.488483][ T7844] ? ___ratelimit+0x60/0x595 [ 3288.488501][ T7844] ? do_raw_spin_unlock+0x57/0x270 [ 3288.488522][ T7844] oom_kill_process.cold+0x10/0x15 [ 3288.488541][ T7844] out_of_memory+0x79a/0x1280 [ 3288.508003][ T7844] ? oom_killer_disable+0x280/0x280 [ 3288.513208][ T7844] ? find_held_lock+0x35/0x130 [ 3288.517990][ T7844] mem_cgroup_out_of_memory+0x1ca/0x230 [ 3288.523546][ T7844] ? memcg_event_wake+0x230/0x230 [ 3288.528593][ T7844] ? do_raw_spin_unlock+0x57/0x270 [ 3288.533808][ T7844] ? _raw_spin_unlock+0x2d/0x50 [ 3288.538681][ T7844] try_charge+0x102c/0x15c0 [ 3288.543197][ T7844] ? find_held_lock+0x35/0x130 [ 3288.547982][ T7844] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 3288.553535][ T7844] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 3288.559093][ T7844] ? find_held_lock+0x35/0x130 [ 3288.563893][ T7844] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 3288.569474][ T7844] __memcg_kmem_charge_memcg+0x7c/0x130 [ 3288.575038][ T7844] ? memcg_kmem_put_cache+0xb0/0xb0 [ 3288.580255][ T7844] ? get_mem_cgroup_from_mm+0x128/0x2b0 [ 3288.585827][ T7844] __memcg_kmem_charge+0x136/0x300 [ 3288.590978][ T7844] __alloc_pages_nodemask+0x4bf/0x8d0 [ 3288.596377][ T7844] ? __alloc_pages_slowpath+0x28b0/0x28b0 [ 3288.602121][ T7844] ? copy_page_range+0x125a/0x1f90 [ 3288.607248][ T7844] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 3288.613504][ T7844] alloc_pages_current+0x107/0x210 [ 3288.618632][ T7844] pte_alloc_one+0x1b/0x1a0 [ 3288.623147][ T7844] __pte_alloc+0x20/0x310 [ 3288.627508][ T7844] copy_page_range+0x1529/0x1f90 [ 3288.632473][ T7844] ? perf_trace_lock+0xeb/0x510 [ 3288.637329][ T7844] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3288.643604][ T7844] ? pmd_alloc+0x180/0x180 [ 3288.648036][ T7844] ? __rb_insert_augmented+0x231/0xdf0 [ 3288.653502][ T7844] ? validate_mm_rb+0xa3/0xc0 [ 3288.658191][ T7844] ? __vma_link_rb+0x279/0x370 [ 3288.662983][ T7844] copy_process.part.0+0x568b/0x7980 [ 3288.668312][ T7844] ? __cleanup_sighand+0x60/0x60 [ 3288.673290][ T7844] _do_fork+0x257/0xfd0 [ 3288.677471][ T7844] ? fork_idle+0x1d0/0x1d0 [ 3288.681909][ T7844] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3288.687390][ T7844] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3288.687407][ T7844] ? do_syscall_64+0x26/0x610 [ 3288.687423][ T7844] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3288.687443][ T7844] ? do_syscall_64+0x26/0x610 [ 3288.703626][ T7844] __x64_sys_clone+0xbf/0x150 [ 3288.703653][ T7844] do_syscall_64+0x103/0x610 17:10:21 executing program 1: r0 = syz_open_dev$sndtimer(&(0x7f0000000200)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_SELECT(r0, 0x40345410, &(0x7f0000000000)={{0x0, 0x3}}) ioctl$int_out(r0, 0x5460, &(0x7f0000000040)) ioctl$SNDRV_TIMER_IOCTL_STATUS(r0, 0x80605414, &(0x7f0000000100)=""/35) [ 3288.717594][ T7844] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3288.723586][ T7844] RIP: 0033:0x45737a [ 3288.727589][ T7844] Code: f7 d8 64 89 04 25 d4 02 00 00 64 4c 8b 0c 25 10 00 00 00 31 d2 4d 8d 91 d0 02 00 00 31 f6 bf 11 00 20 01 b8 38 00 00 00 0f 05 <48> 3d 00 f0 ff ff 0f 87 f5 00 00 00 85 c0 41 89 c5 0f 85 fc 00 00 [ 3288.747208][ T7844] RSP: 002b:0000000000a4fd30 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 3288.755625][ T7844] RAX: ffffffffffffffda RBX: 0000000000a4fd30 RCX: 000000000045737a [ 3288.763718][ T7844] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011 [ 3288.771711][ T7844] RBP: 0000000000a4fd70 R08: 0000000000000001 R09: 0000000001fdd940 [ 3288.779698][ T7844] R10: 0000000001fddc10 R11: 0000000000000246 R12: 0000000000000001 [ 3288.787803][ T7844] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000a4fdc0 [ 3288.799390][ T7844] memory: usage 307156kB, limit 307200kB, failcnt 15648 [ 3288.808320][ T7844] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3288.816266][ T7844] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3288.823593][ T7844] Memory cgroup stats for /syz2: cache:220KB rss:102328KB rss_huge:0KB shmem:124KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:102436KB inactive_file:0KB active_file:0KB unevictable:0KB [ 3288.847321][ T7844] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=10514,uid=0 [ 3288.863294][ T7844] Memory cgroup out of memory: Killed process 10514 (syz-executor.2) total-vm:187408kB, anon-rss:172kB, file-rss:35796kB, shmem-rss:0kB [ 3288.894828][T20787] syz-executor.3 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 3288.920170][T20787] CPU: 0 PID: 20787 Comm: syz-executor.3 Not tainted 5.1.0-rc7+ #97 [ 3288.928204][T20787] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3288.938279][T20787] Call Trace: [ 3288.941586][T20787] dump_stack+0x172/0x1f0 [ 3288.945950][T20787] dump_header+0x10f/0xb6c [ 3288.950381][T20787] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 3288.956186][T20787] ? ___ratelimit+0x60/0x595 [ 3288.960773][T20787] ? do_raw_spin_unlock+0x57/0x270 [ 3288.965871][T20787] oom_kill_process.cold+0x10/0x15 [ 3288.970971][T20787] out_of_memory+0x79a/0x1280 [ 3288.975657][T20787] ? oom_killer_disable+0x280/0x280 [ 3288.980864][T20787] ? find_held_lock+0x35/0x130 [ 3288.985635][T20787] mem_cgroup_out_of_memory+0x1ca/0x230 [ 3288.991165][T20787] ? memcg_event_wake+0x230/0x230 [ 3288.996192][T20787] ? do_raw_spin_unlock+0x57/0x270 [ 3289.001396][T20787] ? _raw_spin_unlock+0x2d/0x50 [ 3289.007014][T20787] try_charge+0x102c/0x15c0 [ 3289.011524][T20787] ? find_held_lock+0x35/0x130 [ 3289.016311][T20787] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 3289.021869][T20787] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3289.028122][T20787] ? kasan_check_read+0x11/0x20 [ 3289.032985][T20787] ? get_mem_cgroup_from_mm+0x128/0x2b0 [ 3289.038542][T20787] mem_cgroup_try_charge+0x24d/0x5e0 [ 3289.043825][T20787] mem_cgroup_try_charge_delay+0x1f/0xa0 [ 3289.049505][T20787] wp_page_copy+0x408/0x1740 [ 3289.054098][T20787] ? find_held_lock+0x35/0x130 [ 3289.058886][T20787] ? pmd_pfn+0x1d0/0x1d0 [ 3289.063147][T20787] ? lock_downgrade+0x880/0x880 [ 3289.067993][T20787] ? swp_swapcount+0x540/0x540 [ 3289.072755][T20787] ? kasan_check_read+0x11/0x20 [ 3289.077612][T20787] ? do_raw_spin_unlock+0x57/0x270 [ 3289.082722][T20787] do_wp_page+0x48e/0x1500 [ 3289.087142][T20787] ? finish_mkwrite_fault+0x4f0/0x4f0 [ 3289.092537][T20787] __handle_mm_fault+0x22e8/0x3ec0 [ 3289.097669][T20787] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 3289.103226][T20787] ? find_held_lock+0x35/0x130 [ 3289.108000][T20787] ? handle_mm_fault+0x322/0xb30 [ 3289.112957][T20787] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3289.119213][T20787] ? kasan_check_read+0x11/0x20 [ 3289.124071][T20787] handle_mm_fault+0x43f/0xb30 [ 3289.128823][T20787] __do_page_fault+0x5ef/0xda0 [ 3289.133600][T20787] do_page_fault+0x71/0x581 [ 3289.138107][T20787] ? page_fault+0x8/0x30 [ 3289.142361][T20787] page_fault+0x1e/0x30 [ 3289.146516][T20787] RIP: 0033:0x40e018 [ 3289.150569][T20787] Code: 8b 34 c6 4a 8d 04 2e 48 3d ff ff ff 7e 0f 86 77 ff ff ff bf ac e3 4b 00 31 c0 e8 03 39 ff ff 31 ff e8 4c 35 ff ff 0f 1f 40 00 <89> 3c b5 00 00 73 00 eb b6 31 ed 0f 1f 44 00 00 80 3d 4e 24 64 00 [ 3289.170163][T20787] RSP: 002b:0000000000a4fb00 EFLAGS: 00010246 [ 3289.176235][T20787] RAX: 000000009ab8021d RBX: 0000000083a84e4a RCX: 0000001b2f120000 [ 3289.184208][T20787] RDX: 0000000000000000 RSI: 000000000000021d RDI: ffffffff9ab8021c [ 3289.192203][T20787] RBP: 0000000000000004 R08: 000000009ab8021c R09: 000000009ab80220 [ 3289.200180][T20787] R10: 0000000000a4fca0 R11: 0000000000000000 R12: 000000000073bf88 [ 3289.208146][T20787] R13: 0000000080000000 R14: 00007fa15119a008 R15: 0000000000000013 [ 3289.221300][T20787] memory: usage 307168kB, limit 307200kB, failcnt 25014 [ 3289.230418][T20787] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3289.232249][T20816] IPVS: Scheduler module ip_vs_ú” not found [ 3289.238535][T20787] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3289.252162][T20787] Memory cgroup stats for /syz3: cache:0KB rss:88676KB rss_huge:0KB shmem:44KB mapped_file:0KB dirty:132KB writeback:132KB swap:0KB inactive_anon:0KB active_anon:88720KB inactive_file:0KB active_file:0KB unevictable:0KB [ 3289.273818][T20787] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=syz3,mems_allowed=0-1,oom_memcg=/syz3,task_memcg=/syz3,task=syz-executor.3,pid=24688,uid=0 [ 3289.290182][T20787] Memory cgroup out of memory: Killed process 24688 (syz-executor.3) total-vm:72580kB, anon-rss:172kB, file-rss:35796kB, shmem-rss:0kB [ 3289.307715][ T1043] oom_reaper: reaped process 24688 (syz-executor.3), now anon-rss:0kB, file-rss:34836kB, shmem-rss:0kB [ 3289.336646][T20815] syz-executor.2 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=3, oom_score_adj=1000 [ 3289.350331][T20815] CPU: 1 PID: 20815 Comm: syz-executor.2 Not tainted 5.1.0-rc7+ #97 [ 3289.358324][T20815] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3289.368365][T20815] Call Trace: [ 3289.371647][T20815] dump_stack+0x172/0x1f0 [ 3289.375966][T20815] dump_header+0x10f/0xb6c [ 3289.380369][T20815] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 3289.386163][T20815] ? ___ratelimit+0x60/0x595 [ 3289.390739][T20815] ? do_raw_spin_unlock+0x57/0x270 [ 3289.395835][T20815] oom_kill_process.cold+0x10/0x15 [ 3289.400947][T20815] out_of_memory+0x79a/0x1280 [ 3289.405614][T20815] ? oom_killer_disable+0x280/0x280 [ 3289.410793][T20815] ? find_held_lock+0x35/0x130 [ 3289.415547][T20815] mem_cgroup_out_of_memory+0x1ca/0x230 [ 3289.421074][T20815] ? memcg_event_wake+0x230/0x230 [ 3289.426086][T20815] ? do_raw_spin_unlock+0x57/0x270 [ 3289.431184][T20815] ? _raw_spin_unlock+0x2d/0x50 [ 3289.436070][T20815] try_charge+0x102c/0x15c0 [ 3289.440565][T20815] ? find_held_lock+0x35/0x130 [ 3289.445334][T20815] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 3289.450863][T20815] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 3289.456397][T20815] ? find_held_lock+0x35/0x130 [ 3289.461147][T20815] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 3289.466685][T20815] __memcg_kmem_charge_memcg+0x7c/0x130 [ 3289.472228][T20815] ? memcg_kmem_put_cache+0xb0/0xb0 [ 3289.477440][T20815] ? get_mem_cgroup_from_mm+0x128/0x2b0 [ 3289.482987][T20815] __memcg_kmem_charge+0x136/0x300 [ 3289.488087][T20815] __alloc_pages_nodemask+0x4bf/0x8d0 [ 3289.493447][T20815] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3289.499675][T20815] ? __alloc_pages_slowpath+0x28b0/0x28b0 [ 3289.505389][T20815] ? copy_process.part.0+0x1d08/0x7980 [ 3289.510846][T20815] ? lockdep_hardirqs_on+0x418/0x5d0 [ 3289.516116][T20815] ? trace_hardirqs_on+0x67/0x230 [ 3289.521151][T20815] ? kasan_check_read+0x11/0x20 [ 3289.526012][T20815] copy_process.part.0+0x3e0/0x7980 [ 3289.531196][T20815] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3289.537426][T20815] ? debug_smp_processor_id+0x3c/0x280 [ 3289.542869][T20815] ? perf_trace_lock+0xeb/0x510 [ 3289.547705][T20815] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3289.553943][T20815] ? debug_smp_processor_id+0x3c/0x280 [ 3289.559395][T20815] ? __lockdep_free_key_range+0x120/0x120 [ 3289.565117][T20815] ? __might_fault+0x12b/0x1e0 [ 3289.569882][T20815] ? __cleanup_sighand+0x60/0x60 [ 3289.574808][T20815] ? lock_downgrade+0x880/0x880 [ 3289.579652][T20815] _do_fork+0x257/0xfd0 [ 3289.583798][T20815] ? fork_idle+0x1d0/0x1d0 [ 3289.588206][T20815] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3289.593648][T20815] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3289.599088][T20815] ? do_syscall_64+0x26/0x610 [ 3289.603750][T20815] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3289.609817][T20815] ? do_syscall_64+0x26/0x610 [ 3289.614498][T20815] __x64_sys_clone+0xbf/0x150 [ 3289.619175][T20815] do_syscall_64+0x103/0x610 [ 3289.623759][T20815] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3289.629639][T20815] RIP: 0033:0x458da9 [ 3289.633540][T20815] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 3289.653157][T20815] RSP: 002b:00007f4949ff4c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 3289.661595][T20815] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000000458da9 [ 3289.669560][T20815] RDX: 9999999999999999 RSI: 0000000000000000 RDI: 000080210a001ff1 [ 3289.677516][T20815] RBP: 000000000073bf00 R08: ffffffffffffffff R09: 0000000000000000 [ 3289.685488][T20815] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f4949ff56d4 17:10:22 executing program 3: openat$tun(0xffffffffffffff9c, &(0x7f0000000100)='/dev/net/tun\x00', 0x2, 0x0) clone(0x802102001ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000140)='/dev/btrfs-control\x00', 0x40000, 0x0) pipe2(&(0x7f0000000180)={0xffffffffffffffff}, 0x4000) bpf$MAP_CREATE(0x0, &(0x7f00000001c0)={0x8, 0x7, 0x6, 0x8001, 0x10, r0, 0x10001, [], 0x0, r1, 0x800, 0x7}, 0x3c) syz_execute_func(&(0x7f0000000000)="994a2ae92c10964c0f05bf03000000c4a37bf0c50141e2e9c422e9aabb3c0000004a0fc7a4ea70db000000000f383a9e02000000110f4e5bc4a265aa104b26660f38091e2fa2631bc421045f4607c421dd589fc4e10bf8e426f2f045f619640f0f6f43a038fd52262e2e66450f7d64c60865f2ad0383397fd3ff3a0065f20f7cd8efa1a12ad764d38f53efaf6766f2ab440fec3f67ddea660f79cec462b1f72ec3c4899294d800000000000fc4634148f70000c2a0c10b00cca27a0e0fc442cd376d000f9f3c6436b2aa66450fc4650000c4e39978c104d9a1e8719e70ddcdcda2660f38346800c4e3295d4c3dc8a3c4c1045ccc7d75c4426507af0f0000000f5fd25cf3460f2ad0f30f5ea5a9a50000ffff660f79ca553131b83a00a2f1fbfb766208cf") 17:10:22 executing program 1: bpf$MAP_CREATE(0x0, &(0x7f0000733000)={0x5, 0x5, 0x0, 0x5}, 0x2c) syz_open_dev$sndseq(&(0x7f0000000040)='/dev/snd/seq\x00', 0x0, 0x0) ioctl$SNDRV_SEQ_IOCTL_QUERY_NEXT_CLIENT(0xffffffffffffffff, 0xc0bc5351, 0x0) r0 = openat$full(0xffffffffffffff9c, 0x0, 0x3ffffe, 0x0) setsockopt$RDS_GET_MR_FOR_DEST(r0, 0x114, 0x7, &(0x7f0000000680)={@pppol2tpin6={0x18, 0x1, {0x0, r0, 0x0, 0x4, 0x0, 0x4, {0xa, 0x4e24, 0x6, @initdev={0xfe, 0x88, [], 0x0, 0x0}, 0xf7d}}}, {&(0x7f0000000440)=""/192, 0xc0}, &(0x7f0000000540), 0x44}, 0xa0) ioctl$KVM_GET_CLOCK(r0, 0x8030ae7c, &(0x7f0000000080)) setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(0xffffffffffffffff, 0x84, 0x1f, 0x0, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000340)=0xa000000000000005) setsockopt$RDS_FREE_MR(0xffffffffffffffff, 0x114, 0x3, &(0x7f00000000c0)={{0x8, 0x1}, 0x1}, 0x10) r1 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$int_in(r1, 0x5452, &(0x7f0000000500)=0xfffffffffffffffa) r2 = getpgrp(0xffffffffffffffff) ioctl(0xffffffffffffffff, 0x0, 0x0) setpriority(0x0, r2, 0x10000) r3 = open(&(0x7f0000000180)='./file0\x00', 0x40, 0x1) lsetxattr$trusted_overlay_nlink(&(0x7f00000001c0)='./file0\x00', &(0x7f0000000280)='trusted.overlay.nlink\x00', 0x0, 0x0, 0x1) lgetxattr(&(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000000580)=""/67, 0x43) r4 = syz_genetlink_get_family_id$net_dm(&(0x7f0000000200)='NET_DM\x00') sendmsg$NET_DM_CMD_START(r0, &(0x7f00000003c0)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000380)={&(0x7f00000002c0)={0x14, r4, 0x410, 0x70bd2c, 0x25dfdbfd, {}, [""]}, 0x14}, 0x1, 0x0, 0x0, 0x4}, 0x8000) readahead(r3, 0x0, 0x0) lsetxattr(&(0x7f0000000040)='./file0\x00', &(0x7f0000000140)=@known='system.sockprotoname\x00', 0x0, 0x0, 0x1) setsockopt$netlink_NETLINK_CAP_ACK(0xffffffffffffffff, 0x10e, 0xa, 0x0, 0x0) write$P9_RAUTH(r0, &(0x7f0000000240)={0x14, 0x67, 0x1, {0x11, 0x2, 0x3}}, 0x14) readlink(&(0x7f0000000880)='./file0\x00', &(0x7f00000008c0)=""/16, 0x10) ioctl$sock_SIOCGPGRP(r0, 0x8904, &(0x7f0000000400)) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, &(0x7f0000000640), 0xffffffffffffffff) execve(&(0x7f0000000300)='./file0\x00', 0x0, &(0x7f0000000ac0)) 17:10:22 executing program 4: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB="300000001800110300000000000000000a000000fe114c000000000014000500002ec1ddb6edd8e4dcd163af3c00000000000000000000000008"], 0x1}}, 0x0) 17:10:22 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = socket$inet(0x10, 0x3, 0xc) sendmsg(r1, &(0x7f0000011fc8)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="24000000060107031dfffd946fa2830020200a0009000200001d853e0c1baba20400ff7e28000000110affffba010000000009b356da5a80d18be34c8546c8243929db2406b20cd37ed01cc0", 0x4c}], 0x1}, 0x0) 17:10:22 executing program 0: unshare(0x2000400) r0 = syz_open_procfs(0x0, &(0x7f0000000040)='syscall\x00') fadvise64(r0, 0x0, 0x0, 0x0) ioctl$KVM_GET_MSRS(r0, 0xc008ae88, &(0x7f0000000180)={0x2, 0x0, [{}, {}]}) getsockopt$inet_sctp_SCTP_RECONFIG_SUPPORTED(r0, 0x84, 0x75, &(0x7f0000000000)={0x0, 0x2}, &(0x7f0000000080)=0x8) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000100)={r1, 0x1c, &(0x7f00000000c0)=[@in6={0xa, 0x4e20, 0x7, @mcast2, 0x8}]}, &(0x7f0000000140)=0x10) [ 3289.693461][T20815] R13: 00000000004bf166 R14: 00000000004d01a0 R15: 00000000ffffffff [ 3289.710471][T20815] memory: usage 307140kB, limit 307200kB, failcnt 15658 [ 3289.717613][T20815] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3289.725297][T20815] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 17:10:22 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000006c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$FS_IOC_SET_ENCRYPTION_POLICY(r0, 0x800c6613, &(0x7f0000000000)={0x0, @speck128, 0x0, "4198ad8c133844af"}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snapshot\x00', 0x101000, 0x0) r4 = syz_genetlink_get_family_id$tipc2(&(0x7f00000000c0)='TIPCv2\x00') r5 = shmget$private(0x0, 0x4000, 0x8, &(0x7f0000015000/0x4000)=nil) getsockopt$inet6_mtu(r3, 0x29, 0x17, &(0x7f0000000580), &(0x7f0000000540)=0x4) shmctl$SHM_STAT(r5, 0xd, &(0x7f00000004c0)=""/33) sendmsg$TIPC_NL_SOCK_GET(r3, &(0x7f0000000480)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000440)={&(0x7f0000000700)=ANY=[@ANYBLOB="40020000", @ANYRES16=r4, @ANYBLOB="140081000000fedbdf25060000003800050008000100756470000800010075647000240002000800030001000000080004000500000008000200ff0700000800040000000000f40001000800030000040000100001007564703e73797a32000000001c000200080004000900000008000300f8ffffff08000300030000002c00020008000200a4fc0000080003000400000008ceb80f21b05e261a4811a7f31100030000020900080002007f000000080001000d0000002c0004001400010002004e240000000000000000000000001400020002004e2200000007000000000000000008000300ff03000008000300040000004400040020d7c3fdef55a2e67ef20001000a004e2400000009fe80000000000000000000000000002604000000200002000a004e23000000fffe880000000000000000000000000101b5000000100001007564703a73797a30000000002000070008000200040000000800010010eb00000c000300000400000000000050000700080002008fba00000c0003806a410000000000000800010000000000080001000001000008000200020000000c000400080000000000000008000100af0000000c000300e6f9ffffffffffff5400090008000100ff00000008000100ff0f0000080001008100000008000100aa010000080001000500000008000200030000000800020001010000080001001f000000080002008aa3000008000200010000003c00090008000100050000000800010001010000080002000200000008000200010000000800020002000000080002000010000008000200ff070000926a486ceb48d2db220ba17bb99316a3d5b8744109f18d3a9c44e01c73a231c2178b1eb99b825adb89225cb58df74d33d0fdc60032a46b603671fdee3f7fb6ecc1bfa0489a93f7a049de8ac7af93a9335890a22a0462fe311e57e8bbe0cee38f05320317efd1a5ef458fb6f544e1e42f4beb94206e3af5b2933dcf6255a69be2ddea3a9697cb980bd6018d459d9a2297115268ba8eba24445747893e9eb595fa06153d5de2419f0b3adadf9eaad2d1881f33ba92868ca348208027e9835ba56a925f127f84561807"], 0x240}, 0x1, 0x0, 0x0, 0x4000010}, 0x40080) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_NMI(0xffffffffffffffff, 0xae9a) syz_kvm_setup_cpu$x86(r3, r2, &(0x7f000000e000/0x18000)=nil, &(0x7f00000005c0)=[@text32={0x20, &(0x7f0000000500)="f0f712c4e2c0f352d5660f3837bcbc114c0000b9800000c00f3235000100000f30c4e1ed14aa00800000b9fc0200000f32b9080900000f320f07f00fb03265ae", 0x40}], 0x1, 0x47, &(0x7f0000000600), 0x0) ioctl$KVM_SET_DEBUGREGS(r2, 0x4080aea2, &(0x7f0000000100)={[], 0x0, 0x20}) ioctl$KVM_TRANSLATE(r2, 0xc018ae85, &(0x7f0000000600)={0x16000, 0xf004, 0x3, 0x0, 0x305a}) ioctl$KVM_RUN(r2, 0xae80, 0x0) setsockopt$XDP_TX_RING(r3, 0x11b, 0x3, &(0x7f0000000640)=0x100004, 0x4) [ 3289.738461][T20815] Memory cgroup stats for /syz2: cache:220KB rss:102460KB rss_huge:0KB shmem:124KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:102416KB inactive_file:0KB active_file:0KB unevictable:0KB [ 3289.773189][T20815] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=10722,uid=0 17:10:22 executing program 0: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$vhost_vsock(0xffffffffffffff9c, 0x0, 0x2, 0x0) socket$inet6(0xa, 0x1, 0x0) bind$inet6(0xffffffffffffffff, 0x0, 0x0) syz_emit_ethernet(0x74, &(0x7f0000000100)=ANY=[@ANYBLOB="aaaaaaaaaaaa0180c208000086dd60d8652b00143300fe8000000000000000000d00000000aafe8000000000000000000000fe0000aa00000000", @ANYRES32=0x41424344, @ANYRES32=0x41424344, @ANYBLOB="5000000090780000"], 0x0) syz_open_dev$media(&(0x7f0000000180)='/dev/media#\x00', 0x0, 0x0) syz_open_dev$mouse(&(0x7f0000000080)='/dev/input/mouse#\x00', 0xffffffffffffffe0, 0x400000) r0 = semget(0x2, 0x7, 0x380) semctl$SEM_INFO(r0, 0x7, 0x13, &(0x7f0000000000)=""/75) write$vhci(0xffffffffffffffff, 0x0, 0x0) ioctl$VHOST_SET_MEM_TABLE(0xffffffffffffffff, 0x4008af03, 0x0) [ 3289.836724][T20832] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.5'. [ 3289.866894][T20815] Memory cgroup out of memory: Killed process 10722 (syz-executor.2) total-vm:72712kB, anon-rss:172kB, file-rss:35800kB, shmem-rss:0kB [ 3290.049287][ T1043] oom_reaper: reaped process 10722 (syz-executor.2), now anon-rss:0kB, file-rss:34840kB, shmem-rss:0kB [ 3290.093906][T20814] syz-executor.2 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=3, oom_score_adj=1000 [ 3290.108357][T20814] CPU: 0 PID: 20814 Comm: syz-executor.2 Not tainted 5.1.0-rc7+ #97 [ 3290.116358][T20814] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3290.126508][T20814] Call Trace: [ 3290.129804][T20814] dump_stack+0x172/0x1f0 [ 3290.134509][T20814] dump_header+0x10f/0xb6c [ 3290.138935][T20814] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 3290.144747][T20814] ? ___ratelimit+0x60/0x595 [ 3290.149346][T20814] ? do_raw_spin_unlock+0x57/0x270 [ 3290.154478][T20814] oom_kill_process.cold+0x10/0x15 [ 3290.159594][T20814] out_of_memory+0x79a/0x1280 [ 3290.164284][T20814] ? oom_killer_disable+0x280/0x280 [ 3290.169489][T20814] ? find_held_lock+0x35/0x130 [ 3290.174283][T20814] mem_cgroup_out_of_memory+0x1ca/0x230 [ 3290.179835][T20814] ? memcg_event_wake+0x230/0x230 [ 3290.184872][T20814] ? do_raw_spin_unlock+0x57/0x270 [ 3290.189995][T20814] ? _raw_spin_unlock+0x2d/0x50 [ 3290.194860][T20814] try_charge+0xa87/0x15c0 [ 3290.199284][T20814] ? find_held_lock+0x35/0x130 [ 3290.204070][T20814] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 3290.209613][T20814] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 3290.215152][T20814] ? find_held_lock+0x35/0x130 [ 3290.219913][T20814] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 3290.225478][T20814] __memcg_kmem_charge_memcg+0x7c/0x130 [ 3290.231025][T20814] ? memcg_kmem_put_cache+0xb0/0xb0 [ 3290.236222][T20814] ? get_mem_cgroup_from_mm+0x128/0x2b0 [ 3290.241789][T20814] __memcg_kmem_charge+0x136/0x300 [ 3290.246899][T20814] __alloc_pages_nodemask+0x4bf/0x8d0 [ 3290.252276][T20814] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3290.258517][T20814] ? __alloc_pages_slowpath+0x28b0/0x28b0 [ 3290.264244][T20814] ? copy_process.part.0+0x1d08/0x7980 [ 3290.269705][T20814] ? lockdep_hardirqs_on+0x418/0x5d0 [ 3290.274990][T20814] ? trace_hardirqs_on+0x67/0x230 [ 3290.280025][T20814] ? kasan_check_read+0x11/0x20 [ 3290.284884][T20814] copy_process.part.0+0x3e0/0x7980 [ 3290.290090][T20814] ? __lockdep_free_key_range+0x120/0x120 [ 3290.295805][T20814] ? sched_clock+0x2e/0x50 [ 3290.300236][T20814] ? psi_memstall_leave+0x12e/0x180 [ 3290.305450][T20814] ? find_held_lock+0x35/0x130 [ 3290.310212][T20814] ? psi_memstall_leave+0x12e/0x180 [ 3290.315431][T20814] ? __cleanup_sighand+0x60/0x60 [ 3290.320377][T20814] ? perf_trace_lock+0xeb/0x510 [ 3290.325237][T20814] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3290.331484][T20814] ? debug_smp_processor_id+0x3c/0x280 [ 3290.336967][T20814] ? __lockdep_free_key_range+0x120/0x120 [ 3290.342723][T20814] _do_fork+0x257/0xfd0 [ 3290.346884][T20814] ? fork_idle+0x1d0/0x1d0 [ 3290.351302][T20814] ? blkcg_maybe_throttle_current+0x5e2/0xfc0 [ 3290.357383][T20814] ? lock_downgrade+0x880/0x880 [ 3290.362241][T20814] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3290.368496][T20814] ? blkcg_exit_queue+0x30/0x30 [ 3290.373353][T20814] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3290.378822][T20814] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3290.384290][T20814] ? do_syscall_64+0x26/0x610 [ 3290.388965][T20814] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3290.395033][T20814] ? do_syscall_64+0x26/0x610 [ 3290.399714][T20814] __x64_sys_clone+0xbf/0x150 [ 3290.404401][T20814] do_syscall_64+0x103/0x610 [ 3290.408990][T20814] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3290.414874][T20814] RIP: 0033:0x45b779 [ 3290.418763][T20814] Code: ff 48 85 f6 0f 84 d7 8e fb ff 48 83 ee 10 48 89 4e 08 48 89 3e 48 89 d7 4c 89 c2 4d 89 c8 4c 8b 54 24 08 b8 38 00 00 00 0f 05 <48> 85 c0 0f 8c ae 8e fb ff 74 01 c3 31 ed 48 f7 c7 00 00 01 00 75 [ 3290.438364][T20814] RSP: 002b:0000000000a4fa98 EFLAGS: 00000202 ORIG_RAX: 0000000000000038 [ 3290.446777][T20814] RAX: ffffffffffffffda RBX: 00007f4949f92700 RCX: 000000000045b779 [ 3290.454762][T20814] RDX: 00007f4949f929d0 RSI: 00007f4949f91db0 RDI: 00000000003d0f00 [ 3290.462751][T20814] RBP: 0000000000a4fcb0 R08: 00007f4949f92700 R09: 00007f4949f92700 [ 3290.470754][T20814] R10: 00007f4949f929d0 R11: 0000000000000202 R12: 0000000000000000 [ 3290.478734][T20814] R13: 0000000000a4fb4f R14: 00007f4949f929c0 R15: 000000000073c0ec [ 3290.487673][T20814] memory: usage 306864kB, limit 307200kB, failcnt 15672 [ 3290.496288][T20814] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3290.504066][T20814] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3290.510916][T20814] Memory cgroup stats for /syz2: cache:220KB rss:102324KB rss_huge:0KB shmem:124KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:102312KB inactive_file:0KB active_file:0KB unevictable:0KB [ 3290.532352][T20814] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=10953,uid=0 [ 3290.547890][T20814] Memory cgroup out of memory: Killed process 10953 (syz-executor.2) total-vm:72712kB, anon-rss:172kB, file-rss:35800kB, shmem-rss:0kB [ 3290.564077][ T1043] oom_reaper: reaped process 10953 (syz-executor.2), now anon-rss:0kB, file-rss:34840kB, shmem-rss:0kB [ 3290.571078][T20840] syz-executor.3 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=3, oom_score_adj=1000 [ 3290.588994][T20840] CPU: 0 PID: 20840 Comm: syz-executor.3 Not tainted 5.1.0-rc7+ #97 [ 3290.596987][T20840] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3290.607052][T20840] Call Trace: [ 3290.610355][T20840] dump_stack+0x172/0x1f0 [ 3290.614707][T20840] dump_header+0x10f/0xb6c [ 3290.619143][T20840] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 3290.624971][T20840] ? ___ratelimit+0x60/0x595 [ 3290.629579][T20840] ? do_raw_spin_unlock+0x57/0x270 [ 3290.634711][T20840] oom_kill_process.cold+0x10/0x15 [ 3290.639843][T20840] out_of_memory+0x79a/0x1280 [ 3290.644546][T20840] ? oom_killer_disable+0x280/0x280 [ 3290.648071][T20856] IPVS: Scheduler module ip_vs_ú” not found [ 3290.649748][T20840] ? find_held_lock+0x35/0x130 [ 3290.649781][T20840] mem_cgroup_out_of_memory+0x1ca/0x230 [ 3290.649797][T20840] ? memcg_event_wake+0x230/0x230 [ 3290.649822][T20840] ? do_raw_spin_unlock+0x57/0x270 [ 3290.649843][T20840] ? _raw_spin_unlock+0x2d/0x50 [ 3290.681074][T20840] try_charge+0x102c/0x15c0 [ 3290.685590][T20840] ? find_held_lock+0x35/0x130 [ 3290.690387][T20840] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 3290.695953][T20840] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 3290.701512][T20840] ? find_held_lock+0x35/0x130 [ 3290.706287][T20840] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 3290.711862][T20840] __memcg_kmem_charge_memcg+0x7c/0x130 [ 3290.717418][T20840] ? memcg_kmem_put_cache+0xb0/0xb0 [ 3290.722631][T20840] ? get_mem_cgroup_from_mm+0x128/0x2b0 [ 3290.728194][T20840] __memcg_kmem_charge+0x136/0x300 [ 3290.733325][T20840] __alloc_pages_nodemask+0x4bf/0x8d0 [ 3290.738706][T20840] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 17:10:23 executing program 2: clone(0x80210a001ff1, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$IP_VS_SO_SET_ADD(r0, 0x0, 0x482, &(0x7f0000000040)={0x40011, @empty, 0x0, 0x0, '\xfa\x94\x00\x00\x00\x00\x00\x00\x00\x00L\x00'}, 0x2c) 17:10:23 executing program 0: socket$alg(0x26, 0x5, 0x0) r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x9e69, &(0x7f0000000040)="0adc1f123c123f319bd070") syz_execute_func(&(0x7f0000000200)="c4637963e4fe91cd8040afe59f7dd025207dd025205bf91cc1c7c7e4c653fb0fc4014c5868f4a95ff9c44149f2168f673ef044101d0040f6bee00000e28020626221fc51c1ea01edc48192558dc3c366450f67067c7c730fc4417173f7f226400f0d18450f0f8d34085b2c9ee3df0804f4f30f1a1254111d54111d00") r1 = openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000000)='/dev/cachefiles\x00', 0x480080, 0x0) ioctl$KVM_GET_LAPIC(r1, 0x8400ae8e, &(0x7f0000000280)={"b493b47f33dd022531b86a92aaba2de9383f8eed53c3a9f033d1d2be47fda700c58a8a1212ed5e7b26233f78e1351adca95d1a927d165ddafe864cea6e132c30aec330471dca6eda60b20bccb6e9dea9c6bcbb751087bf08661599071f477f5a9c8f5d1a0a9b6252de25d74c6433d8e837e794816b9d4fdd920592c0e30f0411cc1656992e5a391232797d6238ca05f31ddf845ba3c71f23eac86ab0440a70430060b7df2858cd936ddf7463d5c3bc930d5423c17389de1b652d644dd236a0bbb4849a158594e711db8cb8dbc6d72a082a6a5870c81dbfee0e59bc21d495188e0942a813893ca741af72729e8514415e150e84b0fefdaa151ffbad19418bfd2fcdc3e601e76a1db6b73923615267e541056b7f753ed3259db82859b4713481dc7de173e67ef5edad533103f11630b987cfa819904516054d4ccc138408972a5fbd8d8c667d1236cb14f439e0283e7582d64aa50e31586005a6f8bde1cd432f7b44e954ccc779424ec38a594b219df7798cf9e7a5a3483a18e7d92ced8ac115198742226e600a4822ae1a24c67b769690b51537d6c117dd95b79c0cdd74b84e5c0c24bf7ac4259fe221d91e0d96c2fdbe0402e6416d5a6027d9d91f097ee1988b4c1d75d31f9aa3262c0d2075bde939953e647ab69ccdaaba7448c01a12e005a2dc9db6dc38c93021c3bfbaa2395af9cabdcc5c33bb47e0b20899617f16425f24f79d5aa14406efffb11f65d6c937bfa528c9e5633c35b42eb149ea591d35f7af85e3c954c8409aac7eb8f14d5046abade2bbb23b4cb6b4d3e65573361601a49649691bf881beb3a71fdceb41ccaa6da012ed772f820125048e3fd5a3d72ac42a168ac9d9eb347d91be118b689cfb2d67bbd3d7a88f716975209648a149c89ebc03170cf99201c3613b26520e22a59dbe77a2d5a085bee447a9fb0493d9a8a64554e65c54a12ff23d48c368c2c653621519c799d002832e05f8bae13e55161c994d611cf1ddd0ac3f4cb125833d57cacf73e09ee1716f78352cbfcd0485c1fa05ac95fea810d5dfdc34f1abf9e418d4228260f959a357ec1ae92e6fffadaa9efa2a74ac848c88db4e927dfd3643d3d56d791a5fce2b2322552d156d370d69f2742ac3df6bf723478fbb6a25b031473e221ade549271882fa8053ad9c5e369d4b5ef8bce3b78f4f7644658f4f84b585fb9a4cd1919f62cd4d2a2cdf62dcccad93a64f9ee5e999fb8dc3db2a0280bbd6cc995960008ad11d136ba17c5fc9d1ed7aa482eba569e7d1fbda723885fd102506d651da85110984e102e4fab5aa54c045a4c040953b2bb89f93be2db2cd14e2b7d8ffaf48dad0134983606a53606f5cea6fe6d93614944d2f18f510602db4c8fa9933406c03917e89418799eaf4452705112954fffecba9126505085497a1b51b01be36cbfbfee6a977840cf1fb23374e0"}) 17:10:23 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = socket$inet(0x10, 0x3, 0xc) sendmsg(r1, &(0x7f0000011fc8)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="24000000060107031dfffd946fa2830020200a0009000200001d85410c1baba20400ff7e28000000110affffba010000000009b356da5a80d18be34c8546c8243929db2406b20cd37ed01cc0", 0x4c}], 0x1}, 0x0) 17:10:23 executing program 4: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB="300000001800110300000000000000000a000000fe00f0000000000014000500002ec1ddb6edd8e4dcd163af3c00000000000000000000000008"], 0x1}}, 0x0) 17:10:23 executing program 1: r0 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x1000002, 0x11) ioctl$FS_IOC_FSGETXATTR(r0, 0xc0185500, &(0x7f0000000000)={0x123, 0x100002, 0x0, 0x0, 0x70c001}) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000100)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000080)={0xffffffffffffffff}, 0x13f}}, 0x20) prctl$PR_SET_CHILD_SUBREAPER(0x24, 0x0) write$RDMA_USER_CM_CMD_JOIN_IP_MCAST(r0, &(0x7f0000000140)={0x10, 0x30, 0xfa00, {&(0x7f0000000040), 0x0, {0xa, 0x4e24, 0x2, @loopback, 0x1ff}, r1}}, 0x38) [ 3290.745239][T20840] ? __alloc_pages_slowpath+0x28b0/0x28b0 [ 3290.750978][T20840] ? copy_process.part.0+0x1d08/0x7980 [ 3290.756451][T20840] ? lockdep_hardirqs_on+0x418/0x5d0 [ 3290.761752][T20840] ? trace_hardirqs_on+0x67/0x230 [ 3290.766790][T20840] ? kasan_check_read+0x11/0x20 [ 3290.771660][T20840] copy_process.part.0+0x3e0/0x7980 [ 3290.776873][T20840] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3290.783158][T20840] ? debug_smp_processor_id+0x3c/0x280 [ 3290.788631][T20840] ? perf_trace_lock+0xeb/0x510 [ 3290.793495][T20840] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3290.799746][T20840] ? debug_smp_processor_id+0x3c/0x280 [ 3290.805219][T20840] ? __lockdep_free_key_range+0x120/0x120 [ 3290.810975][T20840] ? __might_fault+0x12b/0x1e0 [ 3290.815764][T20840] ? __cleanup_sighand+0x60/0x60 [ 3290.820720][T20840] ? lock_downgrade+0x880/0x880 [ 3290.825601][T20840] _do_fork+0x257/0xfd0 [ 3290.829870][T20840] ? fork_idle+0x1d0/0x1d0 [ 3290.834308][T20840] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3290.839783][T20840] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3290.845264][T20840] ? do_syscall_64+0x26/0x610 [ 3290.849971][T20840] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3290.856059][T20840] ? do_syscall_64+0x26/0x610 [ 3290.860756][T20840] __x64_sys_clone+0xbf/0x150 [ 3290.865455][T20840] do_syscall_64+0x103/0x610 [ 3290.870064][T20840] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3290.875967][T20840] RIP: 0033:0x458da9 [ 3290.879872][T20840] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 3290.899490][T20840] RSP: 002b:00007fa14f198c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 3290.907921][T20840] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000000458da9 [ 3290.915935][T20840] RDX: 9999999999999999 RSI: 0000000000000000 RDI: 0000802102001ffe [ 3290.923937][T20840] RBP: 000000000073bf00 R08: ffffffffffffffff R09: 0000000000000000 [ 3290.931941][T20840] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fa14f1996d4 [ 3290.939933][T20840] R13: 00000000004bf166 R14: 00000000004d01a0 R15: 00000000ffffffff [ 3290.947111][T20869] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.5'. [ 3290.980067][T20840] memory: usage 307152kB, limit 307200kB, failcnt 25073 [ 3291.017217][T20874] IPVS: Scheduler module ip_vs_ú” not found [ 3291.045498][T20840] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3291.085819][T20840] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3291.105655][T20840] Memory cgroup stats for /syz3: cache:0KB rss:88676KB rss_huge:0KB shmem:44KB mapped_file:0KB dirty:132KB writeback:132KB swap:0KB inactive_anon:0KB active_anon:88776KB inactive_file:0KB active_file:0KB unevictable:0KB [ 3291.130552][T20840] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=syz3,mems_allowed=0-1,oom_memcg=/syz3,task_memcg=/syz3,task=syz-executor.3,pid=24754,uid=0 [ 3291.146780][T20840] Memory cgroup out of memory: Killed process 24754 (syz-executor.3) total-vm:72580kB, anon-rss:172kB, file-rss:35796kB, shmem-rss:0kB [ 3291.164248][ T1043] oom_reaper: reaped process 24754 (syz-executor.3), now anon-rss:0kB, file-rss:34836kB, shmem-rss:0kB [ 3291.176655][T20833] syz-executor.3 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=3, oom_score_adj=1000 [ 3291.189887][T20833] CPU: 0 PID: 20833 Comm: syz-executor.3 Not tainted 5.1.0-rc7+ #97 [ 3291.197887][T20833] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3291.207963][T20833] Call Trace: [ 3291.211278][T20833] dump_stack+0x172/0x1f0 [ 3291.215631][T20833] dump_header+0x10f/0xb6c [ 3291.220064][T20833] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 3291.225886][T20833] ? ___ratelimit+0x60/0x595 [ 3291.230495][T20833] ? do_raw_spin_unlock+0x57/0x270 [ 3291.235619][T20833] oom_kill_process.cold+0x10/0x15 [ 3291.240740][T20833] out_of_memory+0x79a/0x1280 [ 3291.245530][T20833] ? oom_killer_disable+0x280/0x280 [ 3291.250731][T20833] ? find_held_lock+0x35/0x130 [ 3291.255517][T20833] mem_cgroup_out_of_memory+0x1ca/0x230 [ 3291.261063][T20833] ? memcg_event_wake+0x230/0x230 [ 3291.266093][T20833] ? do_raw_spin_unlock+0x57/0x270 [ 3291.271205][T20833] ? _raw_spin_unlock+0x2d/0x50 [ 3291.276046][T20833] try_charge+0xa87/0x15c0 [ 3291.280445][T20833] ? find_held_lock+0x35/0x130 [ 3291.285214][T20833] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 3291.290775][T20833] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 3291.296323][T20833] ? find_held_lock+0x35/0x130 [ 3291.301085][T20833] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 3291.306638][T20833] __memcg_kmem_charge_memcg+0x7c/0x130 [ 3291.312192][T20833] ? memcg_kmem_put_cache+0xb0/0xb0 [ 3291.317395][T20833] ? get_mem_cgroup_from_mm+0x128/0x2b0 [ 3291.322955][T20833] __memcg_kmem_charge+0x136/0x300 [ 3291.328080][T20833] __alloc_pages_nodemask+0x4bf/0x8d0 [ 3291.333455][T20833] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3291.340313][T20833] ? __alloc_pages_slowpath+0x28b0/0x28b0 [ 3291.346046][T20833] ? copy_process.part.0+0x1d08/0x7980 [ 3291.351517][T20833] copy_process.part.0+0x3e0/0x7980 [ 3291.356702][T20833] ? __lockdep_free_key_range+0x120/0x120 [ 3291.362417][T20833] ? sched_clock+0x2e/0x50 [ 3291.366919][T20833] ? psi_memstall_leave+0x12e/0x180 [ 3291.372139][T20833] ? find_held_lock+0x35/0x130 [ 3291.376901][T20833] ? psi_memstall_leave+0x12e/0x180 [ 3291.382117][T20833] ? __cleanup_sighand+0x60/0x60 [ 3291.387062][T20833] ? perf_trace_lock+0xeb/0x510 [ 3291.391916][T20833] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3291.398174][T20833] ? debug_smp_processor_id+0x3c/0x280 [ 3291.403648][T20833] ? __lockdep_free_key_range+0x120/0x120 [ 3291.409389][T20833] _do_fork+0x257/0xfd0 [ 3291.413541][T20833] ? fork_idle+0x1d0/0x1d0 [ 3291.417962][T20833] ? blkcg_maybe_throttle_current+0x5e2/0xfc0 [ 3291.424028][T20833] ? lock_downgrade+0x880/0x880 [ 3291.428875][T20833] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3291.435106][T20833] ? blkcg_exit_queue+0x30/0x30 [ 3291.439952][T20833] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3291.445403][T20833] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3291.450854][T20833] ? do_syscall_64+0x26/0x610 [ 3291.455524][T20833] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3291.461597][T20833] ? do_syscall_64+0x26/0x610 [ 3291.466290][T20833] __x64_sys_clone+0xbf/0x150 [ 3291.470971][T20833] do_syscall_64+0x103/0x610 [ 3291.475554][T20833] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3291.481445][T20833] RIP: 0033:0x45b779 [ 3291.485330][T20833] Code: ff 48 85 f6 0f 84 d7 8e fb ff 48 83 ee 10 48 89 4e 08 48 89 3e 48 89 d7 4c 89 c2 4d 89 c8 4c 8b 54 24 08 b8 38 00 00 00 0f 05 <48> 85 c0 0f 8c ae 8e fb ff 74 01 c3 31 ed 48 f7 c7 00 00 01 00 75 [ 3291.504956][T20833] RSP: 002b:0000000000a4fa98 EFLAGS: 00000202 ORIG_RAX: 0000000000000038 [ 3291.513385][T20833] RAX: ffffffffffffffda RBX: 00007fa14f178700 RCX: 000000000045b779 [ 3291.521369][T20833] RDX: 00007fa14f1789d0 RSI: 00007fa14f177db0 RDI: 00000000003d0f00 [ 3291.529346][T20833] RBP: 0000000000a4fcb0 R08: 00007fa14f178700 R09: 00007fa14f178700 [ 3291.537317][T20833] R10: 00007fa14f1789d0 R11: 0000000000000202 R12: 0000000000000000 [ 3291.545297][T20833] R13: 0000000000a4fb4f R14: 00007fa14f1789c0 R15: 000000000073bfac [ 3291.553521][ C0] net_ratelimit: 16 callbacks suppressed [ 3291.553534][ C0] protocol 88fb is buggy, dev hsr_slave_0 [ 3291.564998][ C0] protocol 88fb is buggy, dev hsr_slave_1 [ 3291.571199][T20833] memory: usage 306880kB, limit 307200kB, failcnt 25073 [ 3291.578417][T20833] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3291.586022][T20833] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3291.593046][T20833] Memory cgroup stats for /syz3: cache:0KB rss:88676KB rss_huge:0KB shmem:44KB mapped_file:0KB dirty:132KB writeback:132KB swap:0KB inactive_anon:0KB active_anon:88664KB inactive_file:0KB active_file:0KB unevictable:0KB [ 3291.614857][T20833] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=syz3,mems_allowed=0-1,oom_memcg=/syz3,task_memcg=/syz3,task=syz-executor.3,pid=24951,uid=0 17:10:24 executing program 2: clone(0x80210a001ff1, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$IP_VS_SO_SET_ADD(r0, 0x0, 0x482, &(0x7f0000000040)={0x40011, @empty, 0x0, 0x0, '\xfa\x94\x00\x00\x00\x00\x00\x00\x00\x00`\x00'}, 0x2c) 17:10:24 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCGETS(r0, 0x5434, 0x0) ioctl$TIOCSRS485(r0, 0x542f, &(0x7f0000000140)={0x9, 0x3ff, 0x9}) r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000013c0)='/dev/hwrng\x00', 0x28000, 0x0) r2 = syz_genetlink_get_family_id$SEG6(&(0x7f0000001440)='SEG6\x00') sendmsg$SEG6_CMD_DUMPHMAC(r1, &(0x7f0000001540)={&(0x7f0000001400)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000001500)={&(0x7f0000001480)=ANY=[@ANYBLOB='d\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="01002abd7000ffdbdf210200000014470e00000000000000000000000000000000feffff3aff000500000014000100fe80000000000000000000000000000c00040001000000003000"], 0x64}, 0x1, 0x0, 0x0, 0x40800}, 0x0) ioctl$VIDIOC_SUBSCRIBE_EVENT(r1, 0x4020565a, &(0x7f0000000180)={0x3, 0x0, 0x3}) ioctl$TIOCMGET(r0, 0x5415, &(0x7f0000000040)) r3 = syz_open_dev$vcsn(&(0x7f0000000080)='/dev/vcs#\x00', 0xfffffffffffff7cb, 0x440400) ioctl$VHOST_SET_LOG_BASE(r3, 0x4008af04, &(0x7f0000000100)=&(0x7f00000000c0)) 17:10:24 executing program 3: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100)='/dev/net/tun\x00', 0x2, 0x0) fdatasync(r0) clone(0x802102001ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) syz_execute_func(&(0x7f0000000000)="994a2ae92c10964c0f05bf03000000c4a37bf0c50141e2e9c422e9aabb3c0000004a0fc7a4ea70db000000000f383a9e02000000110f4e5bc4a265aa104b26660f38091e2fa2631bc421045f4607c421dd589fc4e10bf8e426f2f045f619640f0f6f43a038fd52262e2e66450f7d64c60865f2ad0383397fd3ff3a0065f20f7cd8efa1a12ad764d38f53efaf6766f2ab440fec3f67ddea660f79cec462b1f72ec3c4899294d800000000000fc4634148f70000c2a0c10b00cca27a0e0fc442cd376d000f9f3c6436b2aa66450fc4650000c4e39978c104d9a1e8719e70ddcdcda2660f38346800c4e3295d4c3dc8a3c4c1045ccc7d75c4426507af0f0000000f5fd25cf3460f2ad0f30f5ea5a9a50000ffff660f79ca553131b83a00a2f1fbfb766208cf") 17:10:24 executing program 4: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB="300000001800110300000000000000000a000000fefffff00000000014000500002ec1ddb6edd8e4dcd163af3c00000000000000000000000008"], 0x1}}, 0x0) 17:10:24 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_open_dev$sndtimer(&(0x7f00000000c0)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_SELECT(r1, 0x40345410, &(0x7f0000000040)={{0x1}}) socket$inet_udplite(0x2, 0x2, 0x88) ioctl$SNDRV_TIMER_IOCTL_CONTINUE(r1, 0x54a2) ioctl$SNDRV_TIMER_IOCTL_STOP(r1, 0x54a1) 17:10:24 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = socket$inet(0x10, 0x3, 0xc) sendmsg(r1, &(0x7f0000011fc8)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="24000000060107031dfffd946fa2830020200a0009000200001d85420c1baba20400ff7e28000000110affffba010000000009b356da5a80d18be34c8546c8243929db2406b20cd37ed01cc0", 0x4c}], 0x1}, 0x0) [ 3291.630801][T20833] Memory cgroup out of memory: Killed process 24951 (syz-executor.3) total-vm:72580kB, anon-rss:172kB, file-rss:35796kB, shmem-rss:0kB [ 3291.647010][ T1043] oom_reaper: reaped process 24951 (syz-executor.3), now anon-rss:0kB, file-rss:34836kB, shmem-rss:0kB 17:10:24 executing program 0: r0 = socket(0x10, 0x802, 0x0) r1 = syz_genetlink_get_family_id$team(&(0x7f0000000080)='team\x00') getsockopt$inet_pktinfo(r0, 0x0, 0x8, &(0x7f00000001c0)={0x0, @loopback, @local}, &(0x7f0000000200)=0xc) recvmmsg(r0, &(0x7f0000005780)=[{{0x0, 0x0, &(0x7f00000013c0)=[{&(0x7f0000000240)=""/212, 0xd4}, {&(0x7f0000000340)=""/61, 0x3d}, {&(0x7f0000000380)=""/37, 0x25}, {&(0x7f00000003c0)=""/4096, 0x1000}], 0x4, &(0x7f0000001400)=""/120, 0x78}, 0xffff}, {{&(0x7f0000001480)=@pppol2tpin6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @remote}}}, 0x80, &(0x7f0000003500)=[{&(0x7f0000001500)=""/4096, 0x1000}, {&(0x7f0000002500)=""/4096, 0x1000}], 0x2, &(0x7f0000003540)=""/4096, 0x1000}, 0x2}, {{&(0x7f0000004540)=@can={0x1d, 0x0}, 0x80, &(0x7f0000005700)=[{&(0x7f00000045c0)=""/4096, 0x1000}, {&(0x7f00000055c0)=""/93, 0x5d}, {&(0x7f0000005640)=""/77, 0x4d}, {&(0x7f00000056c0)=""/55, 0x37}], 0x4, &(0x7f0000005740)=""/13, 0xd}, 0x1}], 0x3, 0x40000000, &(0x7f0000005840)={0x0, 0x1c9c380}) getsockopt$inet6_IPV6_IPSEC_POLICY(r0, 0x29, 0x22, &(0x7f0000005880)={{{@in6=@dev, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@multicast1}, 0x0, @in6=@mcast2}}, &(0x7f0000005980)=0xe8) getsockopt$inet_mreqn(r0, 0x0, 0x23, &(0x7f00000059c0)={@empty, @multicast1, 0x0}, &(0x7f0000005a00)=0xc) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000005a40)={'team_slave_0\x00', 0x0}) getsockopt$inet6_mreq(r0, 0x29, 0x1b, &(0x7f0000005c00)={@mcast2, 0x0}, &(0x7f0000005c40)=0x14) sendmsg$TEAM_CMD_PORT_LIST_GET(r0, &(0x7f0000006000)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000005fc0)={&(0x7f0000006040)=ANY=[@ANYBLOB="04030000", @ANYRES16=r1, @ANYBLOB="05072dbd7000fedbdf250300000008000100", @ANYRES32=r2, @ANYBLOB="fc0002003c00010024000100757365725f6c696e6b757000000000000000000000000000000000000000000008000300060000000400040008000600", @ANYRES32=r3, @ANYBLOB="40000100240001006c625f706f72745f737461747300000000000000000000000000000000000000080003000b000000080004000000010008000600", @ANYRES32=r4, @ANYBLOB="38000100240001006e6f746966795f70656572735f636f756e7400000000000000000000000000000800030003000000080004000000000044000100240001006d6f6465000000000000000000000000000000000000000000000000000000000800030005000000140004006163746976656261636b75700000000008000100", @ANYRES32=r5, @ANYBLOB="e4010200400001002400010071756575655f69640000000000000000000000000000000000000000000000000800030003000000080004000100000008000600", @ANYRES32=r6, @ANYBLOB="38000100240001006e6f746966795f70656572735f636f756e7400000000000000000000000000000800030003000000080004000300000044000100240001006d6f6465000000000000000000000000000000000000000000000000000000000800030005000000140004006163746976656261636b7570000000003c00010024000100757365725f6c696e6b75705f656e61626c65640000000000000000000000000008000300060000000400040008000600", @ANYRES32=r7, @ANYBLOB="40000110240001006d6f6465000000000000400000000000000000000000000000000000d3000000080003000500000010000400726f756e64726f62696e000038000100240001006d636173745f72656a6f696e5f696e74657276616c00000000000000000000000800030003000000080004000100000038000100240001006d636173745f72656a6f696e5f696e74657276616c00000000000000000000000800030003000000080004001491000038000100240001006e6f746966795f70656572735f636f756e7400000000000000000000000000000800034c26cfea040003000000080004000700000032a3e560353768cc919ea7278a03002887d93f3e5eeef72c96b6065a826873f0b7e5588a8e4cfdfa6b568467db9025b3a9800703beb93ba104b43e35134e507517873dd64fb9f2826a88eae0a1abe9b3df519b6d62b61cfa76d925d7979796ddb40c6dc2d2aac7afe351f96f8501552bc345a1213a3806f1f7837c71b0973beab6beeec7940202707efac004dfc940fa71"], 0x304}, 0x1, 0x0, 0x0, 0x20004040}, 0x20000050) r8 = open(&(0x7f00000000c0)='./file0\x00', 0x0, 0x40) ioctl$LOOP_CLR_FD(r8, 0x4c01) write(r0, &(0x7f0000000000)="24000000210025f0071c0165fffffc2102000016ffec000182a9000c08000a0000010000", 0x24) 17:10:24 executing program 0: ioctl$sock_SIOCBRDELBR(0xffffffffffffffff, 0x89a1, &(0x7f0000000240)='hsr0\x00') r0 = openat$proc_capi20ncci(0xffffffffffffff9c, &(0x7f0000000280)='/proc/capi/capi20ncci\x00', 0x14000, 0x0) getsockopt$sock_buf(r0, 0x1, 0x1a, &(0x7f0000000180)=""/101, &(0x7f00000000c0)=0x65) sendmsg(0xffffffffffffffff, &(0x7f00000006c0)={&(0x7f0000000100)=@in={0x2, 0x0, @local={0xac, 0x2c0}}, 0x80, &(0x7f0000000640), 0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="1800f0fe030000c1bb91ca02e94ea43551c20000000500006845d34db08cc7af06763f433a7bc4d3cdcc2c44f0984efc2dafaed7"], 0x10}, 0xfc) 17:10:24 executing program 0: r0 = syz_open_dev$video(&(0x7f0000000080)='/dev/video#\x00', 0x9, 0x0) r1 = syz_open_dev$radio(&(0x7f0000000440)='/dev/radio#\x00', 0x2, 0x2) ioctl$INOTIFY_IOC_SETNEXTWD(r1, 0x40044900, 0x0) ioctl$VIDIOC_QUERYSTD(r0, 0x8008563f, &(0x7f0000000000)) r2 = openat$dlm_control(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dlm-control\x00', 0x0, 0x0) ioctl$DRM_IOCTL_MAP_BUFS(r2, 0xc0186419, &(0x7f0000000400)={0x4, &(0x7f00000000c0)=""/115, &(0x7f0000000380)=[{0x4, 0x6, 0x13, &(0x7f0000000140)=""/6}, {0x3, 0x69, 0xa0, &(0x7f0000000180)=""/105}, {0x5, 0x84, 0x7fffffff, &(0x7f0000000200)=""/132}, {0x81, 0xa1, 0x7, &(0x7f00000002c0)=""/161}]}) syz_open_dev$video4linux(&(0x7f0000000480)='/dev/v4l-subdev#\x00', 0x3ff, 0x200) [ 3291.784684][T20893] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.5'. 17:10:24 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ubi_ctrl\x00', 0x200000, 0x0) ioctl$KVM_GET_MP_STATE(r1, 0x8004ae98, &(0x7f0000000100)) r2 = fcntl$dupfd(r0, 0x0, r0) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0adc1f123c123f319bd070") ioctl$ASHMEM_PURGE_ALL_CACHES(r2, 0x770a, 0x0) fstat(r2, &(0x7f0000000180)) r3 = syz_open_dev$vcsa(&(0x7f0000000040)='/dev/vcsa#\x00', 0x6, 0x80000) ioctl$KVM_HAS_DEVICE_ATTR(r1, 0x4018aee3, &(0x7f0000000200)={0x0, 0x9, 0x9, &(0x7f0000000000)=0x3}) pwritev(r3, &(0x7f00000000c0)=[{&(0x7f0000000180), 0x5}], 0x100000000000002f, 0x0) 17:10:24 executing program 0: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000000000003, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$VIDIOC_S_EXT_CTRLS(0xffffffffffffffff, 0xc0205648, 0x0) sendmsg$nl_xfrm(r0, &(0x7f000014f000)={0x0, 0x6000000000000000, &(0x7f00000bfff0)={&(0x7f0000006440)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x0, {{@in6=@mcast1={0xff, 0x1, [0x0, 0xfcffffff]}, @in=@multicast1, 0x0, 0x0, 0x0, 0x0, 0xa}}}, 0xb8}}, 0x0) r1 = openat$audio(0xffffffffffffff9c, &(0x7f0000000000)='/dev/audio\x00', 0x400000, 0x0) getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r1, 0x84, 0x66, &(0x7f0000000100)={0x0, 0x9}, &(0x7f0000000080)=0x1f2a6bcc7f7a0914) setsockopt$inet_sctp_SCTP_MAX_BURST(r1, 0x84, 0x14, &(0x7f00000000c0)=@assoc_value={r2, 0x2}, 0x4) getsockopt$inet_sctp6_SCTP_GET_PEER_ADDR_INFO(0xffffffffffffffff, 0x84, 0xf, 0x0, 0x0) setsockopt$l2tp_PPPOL2TP_SO_REORDERTO(0xffffffffffffffff, 0x111, 0x5, 0x6, 0x4) 17:10:24 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000040)='/dev/zero\x00', 0x100, 0x0) bind$rds(r1, &(0x7f0000000340)={0x2, 0x4e23, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10) r2 = creat(&(0x7f0000000100)='./file0\x00', 0xa1fb7e32a850b21) setsockopt$RDS_CANCEL_SENT_TO(r2, 0x114, 0x1, &(0x7f0000000140)={0x2, 0x4e20, @rand_addr=0x453e}, 0x10) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(r1, 0x84, 0x10, &(0x7f0000000380)=@sack_info={0x0, 0x7, 0x4}, &(0x7f00000003c0)=0xc) getsockopt$inet_sctp_SCTP_CONTEXT(r1, 0x84, 0x11, &(0x7f0000000400)={0x0, 0x89a}, &(0x7f0000000440)=0x8) getsockopt$inet_sctp_SCTP_STATUS(r1, 0x84, 0xe, &(0x7f0000000480)={r3, 0x7, 0x0, 0x0, 0x1f, 0x2, 0x9, 0x3, {r4, @in6={{0xa, 0x4e20, 0x7ff, @mcast2, 0x7}}, 0xffffffff, 0x10000, 0x0, 0x4, 0x80000001}}, &(0x7f0000000540)=0xb0) r5 = semget$private(0x0, 0x3, 0x101) semget(0x2, 0x0, 0x7) semctl$IPC_INFO(r5, 0x2, 0x3, &(0x7f0000000080)=""/50) ioctl(r0, 0x8, &(0x7f00000000c0)="0adc1f123c123f319bd070") syz_emit_ethernet(0x300b00, &(0x7f0000000240)=ANY=[@ANYBLOB="aaaaaaaaaaaa00000000000086dd60b40900f934000000000000000000000000ffffe0000002ff02000000000000000000000000000088b680fa0000edb218b004720d4700000000ffffffffffff00000000000000000000ff1a6672d1e4bbf21bbfede1fc3a9c3e10cfd6ba561bb6a8f4178f7efee78f0e37a1936fc7652d926949505b7075c5012bfeee9f39a205fec90165c11f142ffb268c00bf86ff27aa950f27bc88bc702f3dcff53fb760845206386e79e354707a9f887c48177fe32afadf61db408fb2f8138ec8416b3761c359761c95181517987591398400dd6f659baca3aeb8136d0f9342c5aa1414a137767438552319b0d14de07b236e6a"], 0x0) setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r2, 0x84, 0x64, &(0x7f0000000000)=[@in6={0xa, 0x4e23, 0xc2d, @initdev={0xfe, 0x88, [], 0x1, 0x0}, 0x201e39c1}], 0x1c) getsockopt$IP6T_SO_GET_INFO(r2, 0x29, 0x40, &(0x7f0000000180)={'raw\x00'}, &(0x7f0000000200)=0x283) [ 3291.931682][ C0] protocol 88fb is buggy, dev hsr_slave_0 [ 3291.937549][ C0] protocol 88fb is buggy, dev hsr_slave_1 17:10:24 executing program 2: clone(0x80210a001ff1, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$IP_VS_SO_SET_ADD(r0, 0x0, 0x482, &(0x7f0000000040)={0x40011, @empty, 0x0, 0x0, '\xfa\x94\x00\x00\x00\x00\x00\x00\x00\x00h\x00'}, 0x2c) 17:10:24 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = socket$inet(0x10, 0x3, 0xc) sendmsg(r1, &(0x7f0000011fc8)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="24000000060107031dfffd946fa2830020200a0009000200001d85430c1baba20400ff7e28000000110affffba010000000009b356da5a80d18be34c8546c8243929db2406b20cd37ed01cc0", 0x4c}], 0x1}, 0x0) [ 3292.055617][T20919] IPVS: Scheduler module ip_vs_ú” not found [ 3292.074833][T20926] IPVS: Scheduler module ip_vs_ú” not found 17:10:24 executing program 3: openat$tun(0xffffffffffffff9c, &(0x7f0000000200)='/dev/net/tun\x00', 0x4027d, 0x0) clone(0x802102001ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) syz_execute_func(&(0x7f0000000000)="994a2ae92c10964c0f05bf03000000c4a37bf0c50141e2e9c422e9aabb3c0000004a0fc7a4ea70db000000000f383a9e02000000110f4e5bc4a265aa104b26660f38091e2fa2631bc421045f4607c421dd589fc4e10bf8e426f2f045f619640f0f6f43a038fd52262e2e66450f7d64c60865f2ad0383397fd3ff3a0065f20f7cd8efa1a12ad764d38f53efaf6766f2ab440fec3f67ddea660f79cec462b1f72ec3c4899294d800000000000fc4634148f70000c2a0c10b00cca27a0e0fc442cd376d000f9f3c6436b2aa66450fc4650000c4e39978c104d9a1e8719e70ddcdcda2660f38346800c4e3295d4c3dc8a3c4c1045ccc7d75c4426507af0f0000000f5fd25cf3460f2ad0f30f5ea5a9a50000ffff660f79ca553131b83a00a2f1fbfb766208cf") 17:10:24 executing program 0: r0 = open$dir(&(0x7f0000000040)='./file0\x00', 0x82000, 0x10) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f00000037c0)={'netdevsim0\x00'}) r2 = socket$netlink(0x10, 0x3, 0x20000000000000) r3 = socket(0x1e, 0x4, 0x0) ioctl$EVIOCRMFF(0xffffffffffffffff, 0x40044581, &(0x7f0000000880)=0x7ffffffe) gettid() perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = getpgid(0x0) r5 = openat$mixer(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/mixer\x00', 0x1, 0x0) ioctl$TIOCOUTQ(r5, 0x5411, &(0x7f00000009c0)) accept4$vsock_stream(r5, &(0x7f0000000280)={0x28, 0x0, 0x0, @reserved}, 0xc, 0x0) ioctl$SNDRV_SEQ_IOCTL_GET_CLIENT_POOL(r1, 0xc058534b, &(0x7f0000000800)={0x8000, 0x1, 0x2, 0x3ff, 0x9, 0x1001}) setsockopt$packet_tx_ring(r3, 0x10f, 0x87, &(0x7f0000000080)=@req={0x3fc}, 0xf6) capset(&(0x7f0000000100)={0x19980330, r4}, &(0x7f0000000180)={0x80000001, 0x3, 0x11c, 0x4, 0x5, 0xffffffffffff6442}) setsockopt$packet_tx_ring(r3, 0x10f, 0x87, &(0x7f0000265000)=@req={0x3fc, 0x0, 0x2}, 0x8) setsockopt$sock_int(r2, 0x1, 0x8, 0x0, 0x257) ioctl$BLKIOMIN(0xffffffffffffffff, 0x1278, &(0x7f0000000200)) clone(0x20002100, 0x0, 0xfffffffffffffffe, &(0x7f0000000080), 0xffffffffffffffff) setsockopt(r5, 0x0, 0xd5, &(0x7f0000000300)="c33931f8cce695955357c91e388540861c10f746f3468b0240e586fff06d5f7354c0bdd6e214b9e551ced114bf9d81f93fa8fab11ff4128ff2dd3573bbaa8ae2d08adebbe11a06663145e70b6dd5e0ee3899e88b00dd834bdc3d5b5b5cf67fe12abd9edb71e7445d2de54b", 0x6b) msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x4) ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(0xffffffffffffffff, 0xc1105517, 0x0) r6 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000c80)='/proc/sys/net/ipv4/vs/lblc_expiration\x00d\xa3\x92\x05\xd7\x1d\xdb\xbcl\xce\xf0\xd3B\xc1O\xcd\xbf\xff\x02\xbbPt\x1a\x1e\xfe\xb2un\x80\xe3\xa7\x13z,0o\xee.Q\n\x00\x907 Z\xd8\x96\xf3{\xa3\xb6(Zc>eDxO0\n\xba\xdaO\x13\xa5uX\xa8\xfdO\xf8\x84K\xd1_\x9e[.u\xb8N\x93B~rd\v5I^\x98\x19I\f\x14\x13R\xac\xe4\xafqr/+\xe1\x8fJ9\xb5\xa7x\x92`\b\xe51\x8d\xefd\x836n\xf4|A=\xd5z\xe0\x9c\x9d\x8b 05 0a 3f 53 00 01 80 7c 24 1e 00 74 0b f6 44 24 18 01 0f 84 89 [ 3292.840563][T20965] RSP: 002b:0000000000a4fbd0 EFLAGS: 00010217 [ 3292.840575][T20965] RAX: 0000000000000000 RBX: 0000000000000064 RCX: 0000000000458da9 [ 3292.840585][T20965] RDX: 0000000000000000 RSI: 0000000000000081 RDI: 000000000073bf08 [ 3292.840595][T20965] RBP: 0000000000000695 R08: 00007fa14f199700 R09: ffffffffffffffff [ 3292.840604][T20965] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000073bf00 [ 3292.840614][T20965] R13: 0000000000000004 R14: 0000000000000000 R15: 000000000073bf0c [ 3292.845672][T20965] memory: usage 307200kB, limit 307200kB, failcnt 25108 [ 3292.926452][T20965] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3292.934127][T20965] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3292.941169][T20965] Memory cgroup stats for /syz3: cache:0KB rss:88480KB rss_huge:0KB shmem:44KB mapped_file:0KB dirty:132KB writeback:132KB swap:0KB inactive_anon:0KB active_anon:88704KB inactive_file:0KB active_file:0KB unevictable:0KB [ 3292.962757][T20965] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=syz3,mems_allowed=0-1,oom_memcg=/syz3,task_memcg=/syz3,task=syz-executor.3,pid=24990,uid=0 [ 3292.978534][T20965] Memory cgroup out of memory: Killed process 24990 (syz-executor.3) total-vm:72580kB, anon-rss:172kB, file-rss:35796kB, shmem-rss:0kB [ 3292.999478][ T1043] oom_reaper: reaped process 24990 (syz-executor.3), now anon-rss:0kB, file-rss:34836kB, shmem-rss:0kB [ 3293.100868][T20975] syz-executor.3 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=0, oom_score_adj=1000 [ 3293.113170][T20975] CPU: 0 PID: 20975 Comm: syz-executor.3 Not tainted 5.1.0-rc7+ #97 [ 3293.121168][T20975] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3293.131226][T20975] Call Trace: [ 3293.134526][T20975] dump_stack+0x172/0x1f0 [ 3293.138871][T20975] dump_header+0x10f/0xb6c [ 3293.143294][T20975] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 3293.149099][T20975] ? ___ratelimit+0x60/0x595 [ 3293.153687][T20975] ? do_raw_spin_unlock+0x57/0x270 [ 3293.158802][T20975] oom_kill_process.cold+0x10/0x15 [ 3293.163920][T20975] out_of_memory+0x79a/0x1280 [ 3293.168631][T20975] ? lock_downgrade+0x880/0x880 [ 3293.173479][T20975] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3293.179734][T20975] ? oom_killer_disable+0x280/0x280 [ 3293.184947][T20975] ? find_held_lock+0x35/0x130 [ 3293.189719][T20975] mem_cgroup_out_of_memory+0x1ca/0x230 [ 3293.195262][T20975] ? memcg_event_wake+0x230/0x230 [ 3293.200281][T20975] ? do_raw_spin_unlock+0x57/0x270 [ 3293.205395][T20975] ? _raw_spin_unlock+0x2d/0x50 [ 3293.210254][T20975] try_charge+0x102c/0x15c0 [ 3293.214760][T20975] ? find_held_lock+0x35/0x130 [ 3293.219540][T20975] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 3293.225097][T20975] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 3293.230656][T20975] ? find_held_lock+0x35/0x130 [ 3293.235439][T20975] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 3293.241006][T20975] __memcg_kmem_charge_memcg+0x7c/0x130 [ 3293.246657][T20975] ? memcg_kmem_put_cache+0xb0/0xb0 [ 3293.251869][T20975] ? get_mem_cgroup_from_mm+0x128/0x2b0 [ 3293.257414][T20975] __memcg_kmem_charge+0x136/0x300 [ 3293.262531][T20975] __alloc_pages_nodemask+0x4bf/0x8d0 [ 3293.267904][T20975] ? __alloc_pages_slowpath+0x28b0/0x28b0 [ 3293.273634][T20975] ? save_stack+0xa9/0xd0 [ 3293.277968][T20975] ? kmem_cache_alloc+0x11a/0x6f0 [ 3293.282991][T20975] ? anon_vma_fork+0x1ea/0x4a0 [ 3293.287772][T20975] ? copy_process.part.0+0x350f/0x7980 [ 3293.293251][T20975] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3293.299500][T20975] ? debug_smp_processor_id+0x3c/0x280 [ 3293.304976][T20975] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 3293.311226][T20975] alloc_pages_current+0x107/0x210 [ 3293.316347][T20975] get_zeroed_page+0x14/0x50 [ 3293.320946][T20975] __pud_alloc+0x3b/0x250 [ 3293.325282][T20975] pud_alloc+0xde/0x150 [ 3293.329437][T20975] copy_page_range+0x375/0x1f90 [ 3293.334285][T20975] ? perf_trace_lock+0xeb/0x510 [ 3293.339142][T20975] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3293.345392][T20975] ? debug_smp_processor_id+0x3c/0x280 [ 3293.350863][T20975] ? __lockdep_free_key_range+0x120/0x120 [ 3293.356586][T20975] ? copy_process.part.0+0x3121/0x7980 [ 3293.362054][T20975] ? copy_process.part.0+0x3121/0x7980 [ 3293.367539][T20975] ? pmd_alloc+0x180/0x180 [ 3293.371972][T20975] ? vma_compute_subtree_gap+0x158/0x230 [ 3293.377615][T20975] ? validate_mm_rb+0xa3/0xc0 [ 3293.382304][T20975] ? __vma_link_rb+0x279/0x370 [ 3293.387088][T20975] copy_process.part.0+0x568b/0x7980 [ 3293.392422][T20975] ? __cleanup_sighand+0x60/0x60 [ 3293.397377][T20975] ? semctl_down+0x5e0/0x9f0 [ 3293.401978][T20975] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3293.408225][T20975] _do_fork+0x257/0xfd0 [ 3293.412393][T20975] ? fork_idle+0x1d0/0x1d0 [ 3293.416819][T20975] ? __ia32_sys_mkdir+0x80/0x80 [ 3293.421688][T20975] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3293.427160][T20975] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3293.432631][T20975] ? do_syscall_64+0x26/0x610 [ 3293.437305][T20975] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3293.443375][T20975] ? do_syscall_64+0x26/0x610 [ 3293.448059][T20975] ? lockdep_hardirqs_on+0x418/0x5d0 [ 3293.453363][T20975] __ia32_sys_fork+0x1f/0x30 [ 3293.457964][T20975] do_syscall_64+0x103/0x610 [ 3293.462557][T20975] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3293.468448][T20975] RIP: 0033:0x2000000a [ 3293.472519][T20975] Code: Bad RIP value. [ 3293.476578][T20975] RSP: 002b:00007fa14f198bd8 EFLAGS: 00000202 ORIG_RAX: 0000000000000039 [ 3293.484979][T20975] RAX: ffffffffffffffda RBX: 0000000000000009 RCX: 000000002000000a [ 3293.492963][T20975] RDX: 0000000000000000 RSI: 0000000080000034 RDI: 0000000000000003 [ 3293.501030][T20975] RBP: 0000000000000080 R08: 0000000000000005 R09: 0000000000000006 [ 3293.509002][T20975] R10: 0000000000000007 R11: 0000000000000202 R12: 000000000000000b [ 3293.516957][T20975] R13: 000000000000000c R14: 000000000000000d R15: 00000000ffffffff [ 3293.525297][T20975] memory: usage 307040kB, limit 307200kB, failcnt 25209 [ 3293.532560][T20975] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3293.540021][T20975] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3293.546972][T20975] Memory cgroup stats for /syz3: cache:0KB rss:88612KB rss_huge:0KB shmem:44KB mapped_file:0KB dirty:132KB writeback:132KB swap:0KB inactive_anon:0KB active_anon:88632KB inactive_file:0KB active_file:0KB unevictable:0KB [ 3293.568484][T20975] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=syz3,mems_allowed=0-1,oom_memcg=/syz3,task_memcg=/syz3,task=syz-executor.3,pid=25072,uid=0 [ 3293.583977][T20975] Memory cgroup out of memory: Killed process 25072 (syz-executor.3) total-vm:72580kB, anon-rss:172kB, file-rss:35796kB, shmem-rss:0kB [ 3293.600188][ T1043] oom_reaper: reaped process 25072 (syz-executor.3), now anon-rss:0kB, file-rss:34836kB, shmem-rss:0kB [ 3293.641668][T21007] syz-executor.3 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=3, oom_score_adj=1000 [ 3293.653877][T21007] CPU: 0 PID: 21007 Comm: syz-executor.3 Not tainted 5.1.0-rc7+ #97 [ 3293.661876][T21007] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3293.671969][T21007] Call Trace: [ 3293.675276][T21007] dump_stack+0x172/0x1f0 [ 3293.679617][T21007] dump_header+0x10f/0xb6c [ 3293.684037][T21007] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 3293.689842][T21007] ? ___ratelimit+0x60/0x595 [ 3293.694441][T21007] ? do_raw_spin_unlock+0x57/0x270 [ 3293.699555][T21007] oom_kill_process.cold+0x10/0x15 [ 3293.704653][T21007] out_of_memory+0x79a/0x1280 [ 3293.709317][T21007] ? lock_downgrade+0x880/0x880 [ 3293.714173][T21007] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3293.720425][T21007] ? oom_killer_disable+0x280/0x280 [ 3293.725633][T21007] ? find_held_lock+0x35/0x130 [ 3293.730403][T21007] mem_cgroup_out_of_memory+0x1ca/0x230 [ 3293.735957][T21007] ? memcg_event_wake+0x230/0x230 [ 3293.740985][T21007] ? do_raw_spin_unlock+0x57/0x270 [ 3293.746086][T21007] ? _raw_spin_unlock+0x2d/0x50 [ 3293.750937][T21007] try_charge+0x102c/0x15c0 [ 3293.755440][T21007] ? find_held_lock+0x35/0x130 [ 3293.760207][T21007] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 3293.765753][T21007] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 3293.771298][T21007] ? find_held_lock+0x35/0x130 [ 3293.776066][T21007] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 3293.781641][T21007] __memcg_kmem_charge_memcg+0x7c/0x130 [ 3293.787192][T21007] ? memcg_kmem_put_cache+0xb0/0xb0 [ 3293.792394][T21007] ? get_mem_cgroup_from_mm+0x128/0x2b0 [ 3293.797967][T21007] __memcg_kmem_charge+0x136/0x300 [ 3293.803083][T21007] __alloc_pages_nodemask+0x4bf/0x8d0 [ 3293.808442][T21007] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3293.814691][T21007] ? __alloc_pages_slowpath+0x28b0/0x28b0 [ 3293.820424][T21007] ? copy_process.part.0+0x1d08/0x7980 [ 3293.825892][T21007] ? lockdep_hardirqs_on+0x418/0x5d0 [ 3293.831163][T21007] ? trace_hardirqs_on+0x67/0x230 [ 3293.836181][T21007] ? kasan_check_read+0x11/0x20 [ 3293.841036][T21007] copy_process.part.0+0x3e0/0x7980 [ 3293.846249][T21007] ? __lockdep_free_key_range+0x120/0x120 [ 3293.851974][T21007] ? semctl_down+0x5e0/0x9f0 [ 3293.856572][T21007] ? find_held_lock+0x35/0x130 [ 3293.861340][T21007] ? semctl_down+0x5e0/0x9f0 [ 3293.865948][T21007] ? __cleanup_sighand+0x60/0x60 [ 3293.871046][T21007] ? up_write+0x1c/0x150 [ 3293.875288][T21007] ? semctl_down+0x5e0/0x9f0 [ 3293.879883][T21007] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3293.886128][T21007] _do_fork+0x257/0xfd0 [ 3293.890276][T21007] ? fork_idle+0x1d0/0x1d0 [ 3293.894690][T21007] ? __ia32_sys_mkdir+0x80/0x80 [ 3293.899644][T21007] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3293.905090][T21007] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3293.910561][T21007] ? do_syscall_64+0x26/0x610 [ 3293.915243][T21007] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3293.921321][T21007] ? do_syscall_64+0x26/0x610 [ 3293.926005][T21007] ? lockdep_hardirqs_on+0x418/0x5d0 [ 3293.931285][T21007] __ia32_sys_fork+0x1f/0x30 [ 3293.936055][T21007] do_syscall_64+0x103/0x610 [ 3293.940648][T21007] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3293.946522][T21007] RIP: 0033:0x2000000a [ 3293.950582][T21007] Code: Bad RIP value. [ 3293.954641][T21007] RSP: 002b:00007fa14f177bd8 EFLAGS: 00000202 ORIG_RAX: 0000000000000039 [ 3293.963061][T21007] RAX: ffffffffffffffda RBX: 0000000000000009 RCX: 000000002000000a [ 3293.971030][T21007] RDX: 0000000000000000 RSI: 0000000080000034 RDI: 0000000000000003 [ 3293.978997][T21007] RBP: 0000000000000080 R08: 0000000000000005 R09: 0000000000000006 [ 3293.986976][T21007] R10: 0000000000000007 R11: 0000000000000202 R12: 000000000000000b [ 3293.994966][T21007] R13: 000000000000000c R14: 000000000000000d R15: 00000000ffffffff [ 3294.003377][T21007] memory: usage 306948kB, limit 307200kB, failcnt 25232 [ 3294.010329][T21007] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3294.018264][T21007] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3294.025240][T21007] Memory cgroup stats for /syz3: cache:0KB rss:88612KB rss_huge:0KB shmem:44KB mapped_file:0KB dirty:132KB writeback:132KB swap:0KB inactive_anon:0KB active_anon:88588KB inactive_file:0KB active_file:0KB unevictable:0KB 17:10:26 executing program 3: openat$tun(0xffffffffffffff9c, &(0x7f0000000100)='/dev/net/tun\x00', 0x2, 0x0) clone(0x89000000, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) syz_execute_func(&(0x7f0000000000)="994a2ae92c10964c0f05bf03000000c4a37bf0c50141e2e9c422e9aabb3c0000004a0fc7a4ea70db000000000f383a9e02000000110f4e5bc4a265aa104b26660f38091e2fa2631bc421045f4607c421dd589fc4e10bf8e426f2f045f619640f0f6f43a038fd52262e2e66450f7d64c60865f2ad0383397fd3ff3a0065f20f7cd8efa1a12ad764d38f53efaf6766f2ab440fec3f67ddea660f79cec462b1f72ec3c4899294d800000000000fc4634148f70000c2a0c10b00cca27a0e0fc442cd376d000f9f3c6436b2aa66450fc4650000c4e39978c104d9a1e8719e70ddcdcda2660f38346800c4e3295d4c3dc8a3c4c1045ccc7d75c4426507af0f0000000f5fd25cf3460f2ad0f30f5ea5a9a50000ffff660f79ca553131b83a00a2f1fbfb766208cf") 17:10:26 executing program 4: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB="300000001800110300000000000000000a000000fe00004c1100000014000500002ec1ddb6edd8e4dcd163af3c00000000000000000000000008"], 0x1}}, 0x0) 17:10:26 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = socket$inet(0x10, 0x3, 0xc) sendmsg(r1, &(0x7f0000011fc8)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="24000000060107031dfffd946fa2830020200a0009000200001d85450c1baba20400ff7e28000000110affffba010000000009b356da5a80d18be34c8546c8243929db2406b20cd37ed01cc0", 0x4c}], 0x1}, 0x0) 17:10:26 executing program 2: clone(0x80210a001ff1, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$IP_VS_SO_SET_ADD(r0, 0x0, 0x482, &(0x7f0000000040)={0x40011, @empty, 0x0, 0x0, '\xfa\x94\x00\x00\x00\x00\x00\x00\x00\x00t\x00'}, 0x2c) 17:10:26 executing program 0: r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dsp\x00', 0x100, 0x0) ioctl$KVM_INTERRUPT(r0, 0x4004ae86, &(0x7f0000000080)=0x400) r1 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$sock_SIOCETHTOOL(r1, 0x89f0, &(0x7f0000000000)={'bridge0\x00\x0f\x00\x00\x80\x00', &(0x7f0000000100)=@ethtool_cmd={0x8}}) ioctl$EXT4_IOC_PRECACHE_EXTENTS(r1, 0x6612) 17:10:26 executing program 1: r0 = dup3(0xffffffffffffffff, 0xffffffffffffff9c, 0x80000) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x1, 0x8010, r0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)='\n') dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000740)='/dev/vsock\x00', 0x0, 0x0) openat$cgroup_ro(r2, 0x0, 0x275a, 0x0) write$cgroup_int(0xffffffffffffffff, &(0x7f0000000200), 0x330) close(0xffffffffffffffff) ioctl$TIOCGSID(0xffffffffffffff9c, 0x5429, 0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0) ioctl$BLKTRACESTOP(0xffffffffffffffff, 0x1275, 0x0) getdents(0xffffffffffffffff, 0x0, 0xfffffffffffffd78) r3 = socket$inet6(0xa, 0x803, 0x3) ioctl$int_in(0xffffffffffffffff, 0x0, 0x0) r4 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r4, 0x6, 0x80000000000002, &(0x7f00000005c0)=0x78, 0x4) setsockopt$inet_tcp_TCP_MD5SIG(r4, 0x6, 0xe, &(0x7f0000000280)={@in={{0x2, 0x0, @loopback}}, 0x0, 0x2, 0x0, "a77760f5a7645bc43c241d69912dda0c63c2a66726f8cfafd6c8fe2c98de7ba44947a79015f0fe57917cb62a93987a938fdedfce7bbba4fec2d8a09c41fb233245f2604b9e07b8ab79ec15ef2818a179"}, 0xd8) bind$inet(r4, &(0x7f0000000180)={0x2, 0x4e23, @dev}, 0x10) connect$inet(r4, &(0x7f0000000040)={0x2, 0x4e23}, 0x10) setsockopt$sock_int(r4, 0x1, 0x8, &(0x7f0000000100), 0x4) dup3(r4, r3, 0x80000) setsockopt$inet6_icmp_ICMP_FILTER(0xffffffffffffffff, 0x1, 0x1, 0x0, 0x0) syz_open_dev$usb(0x0, 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(0xffffffffffffffff, 0xc0145401, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) write$UHID_INPUT2(0xffffffffffffffff, 0x0, 0x0) write$binfmt_script(0xffffffffffffffff, 0x0, 0x0) recvmsg(r3, &(0x7f0000000240)={0x0, 0xa8ff, &(0x7f0000000080)=[{&(0x7f0000003ac0)=""/4096, 0x1000}], 0x1, 0x0, 0x4f}, 0x100) write$binfmt_elf64(r4, &(0x7f0000002300)=ANY=[@ANYRES64], 0x1000001bd) [ 3294.049166][T21007] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=syz3,mems_allowed=0-1,oom_memcg=/syz3,task_memcg=/syz3,task=syz-executor.3,pid=25140,uid=0 [ 3294.064644][T21007] Memory cgroup out of memory: Killed process 25140 (syz-executor.3) total-vm:72580kB, anon-rss:172kB, file-rss:35796kB, shmem-rss:0kB [ 3294.080950][ T1043] oom_reaper: reaped process 25140 (syz-executor.3), now anon-rss:0kB, file-rss:34836kB, shmem-rss:0kB 17:10:26 executing program 0: r0 = openat$vfio(0xffffffffffffff9c, 0x0, 0x200800, 0x0) r1 = syz_open_dev$vcsn(0x0, 0x0, 0x0) r2 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r2, 0x1000008912, &(0x7f0000000080)="0adc1f123c123f319bd070") bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={0x0, r0}, 0x10) ioctl$DRM_IOCTL_AGP_ACQUIRE(r1, 0x6430) r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup.cpu\x00', 0x200002, 0x0) r4 = openat$cgroup_procs(r3, &(0x7f00000001c0)='tasks\x00', 0x2, 0x0) clock_gettime(0x0, &(0x7f0000000140)={0x0, 0x0}) select(0x40, &(0x7f0000000000)={0x3, 0x3f, 0x2, 0x3ff, 0x10001, 0x82e, 0x7fff, 0x4}, &(0x7f00000000c0)={0x8, 0x400, 0x9, 0xfffffffffffffff8, 0x7, 0x9, 0x2, 0x1}, &(0x7f0000000100)={0x5, 0x3, 0x8, 0x100000000, 0x0, 0x0, 0x7, 0x3}, &(0x7f0000000200)={r5, r6/1000+10000}) preadv(0xffffffffffffffff, &(0x7f0000000000), 0x0, 0x0) preadv(r4, &(0x7f0000000480), 0x10000000000000f3, 0xf3) r7 = socket$inet6(0xa, 0x1, 0x8010000000000084) bind$inet6(r7, &(0x7f0000ef8cfd)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) listen(r7, 0x8) r8 = socket$inet6_sctp(0xa, 0x5, 0x84) r9 = accept4(r7, 0x0, 0x0, 0x0) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX_OLD(r8, 0x84, 0x6b, &(0x7f000055bfe4)=[@in6={0xa, 0x4e23, 0x0, @loopback}], 0x1c) setsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r9, 0x84, 0x9, &(0x7f0000000280)={0x0, @in={{0x2, 0x0, @empty}}, 0x0, 0x0, 0x1000000, 0x0, 0x1000000000054}, 0x98) [ 3294.104874][T21010] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.5'. 17:10:26 executing program 0: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x30, 0x10, 0x801, 0x0, 0x0, {}, [@IFLA_TXQLEN={0x8}, @IFLA_GROUP={0x8}]}, 0x30}}, 0x0) r1 = openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000000)='/dev/cachefiles\x00', 0x40080, 0x0) r2 = eventfd2(0x3, 0x1) setsockopt$inet_sctp_SCTP_MAX_BURST(r1, 0x84, 0x14, &(0x7f0000000080)=@int=0x7fff, 0x4) ioctl$VHOST_NET_SET_BACKEND(r1, 0x4008af30, &(0x7f0000000040)={0x3, r2}) 17:10:26 executing program 4: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB="300000001800110300000000000000000a000000fe0000003f00000014000500002ec1ddb6edd8e4dcd163af3c00000000000000000000000008"], 0x1}}, 0x0) 17:10:26 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(r3, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_SIGNAL_MSI(r3, 0x4020aea5, &(0x7f0000000200)={0x10002, 0x110000, 0xffffffff, 0x100000001, 0x3ff}) openat$vsock(0xffffffffffffff9c, &(0x7f0000000280)='/dev/vsock\x00', 0x0, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_RUN(r4, 0xae80, 0x0) ioctl$PIO_SCRNMAP(0xffffffffffffffff, 0x4b41, &(0x7f0000000000)="798d") ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) ioctl$KVM_GET_REGS(0xffffffffffffffff, 0x8090ae81, 0x0) r5 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r5, 0x4008ae89, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r6 = openat$dlm_control(0xffffffffffffff9c, 0x0, 0x80000, 0x0) sendmsg(0xffffffffffffffff, 0x0, 0x0) r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x2) r8 = syz_open_dev$amidi(0x0, 0xffffffffffffffff, 0x2000000000241fff) r9 = fcntl$getown(r6, 0x9) r10 = fcntl$getown(r1, 0x9) kcmp$KCMP_EPOLL_TFD(r9, r10, 0x7, r0, &(0x7f0000000080)={r6, r4, 0x1}) setsockopt$inet_tcp_TLS_RX(r8, 0x6, 0x2, &(0x7f0000000040), 0x4) ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f0000000140)={[], 0x0, 0xfffffffffffffffd}) ioctl$KVM_SET_CPUID2(r7, 0x4008ae90, &(0x7f0000000440)=ANY=[@ANYBLOB="0a00000000000000010000800700000006000000020000000400000072000000050000000000000000000000000000000200000002000000070000000300000005000000fcd300000400000000000000000000000000000007000000ff0f0000020000001f0000000700000003000000050000000000000000000000000000000d000080000000000200000003000000000400000300000000000000000000000000000000000000070000800500000004000000060000000400000002000000010000000000000000000000000000000700008007000000010000000004000008000000080000000900000000000000000000000000000006000000ff7f000002000000050000000600000009000000e1ffffff000000000000000000000000010000801f0000000400000001001d0006000000060000009c00000000000000000000000000000006000000000000000000000009000000fffffffff9ffffff050000000000000000000000000000005e5bab9a01000000040000007f000000ff070000fc2b310900"/408]) ioctl$KVM_RUN(r7, 0xae80, 0x0) write$binfmt_script(r5, &(0x7f00000000c0)={'#! ', './file0', [{0x20, '/dev/kvm\x00'}, {0x20, '/dev/kvm\x00'}, {0x20, '&proc'}, {0x20, '/dev/kvm\x00'}], 0xa, "acce9866c95badeb10518a64bfb1983c58bc8a5cd5ad1a1760ce176377a80b6df3d3635940a2"}, 0x55) [ 3294.226898][T21028] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready 17:10:26 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = socket$inet(0x10, 0x3, 0xc) sendmsg(r1, &(0x7f0000011fc8)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="24000000060107031dfffd946fa2830020200a0009000200001d85460c1baba20400ff7e28000000110affffba010000000009b356da5a80d18be34c8546c8243929db2406b20cd37ed01cc0", 0x4c}], 0x1}, 0x0) [ 3294.356533][T21023] IPVS: Scheduler module ip_vs_ú” not found [ 3294.367827][T21015] syz-executor.3 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=0, oom_score_adj=1000 17:10:26 executing program 2: clone(0x80210a001ff1, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$IP_VS_SO_SET_ADD(r0, 0x0, 0x482, &(0x7f0000000040)={0x40011, @empty, 0x0, 0x0, '\xfa\x94\x00\x00\x00\x00\x00\x00\x00\x00z\x00'}, 0x2c) [ 3294.401532][T21028] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 3294.428954][T21038] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.5'. [ 3294.534252][T21015] CPU: 1 PID: 21015 Comm: syz-executor.3 Not tainted 5.1.0-rc7+ #97 [ 3294.542294][T21015] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3294.552365][T21015] Call Trace: [ 3294.555673][T21015] dump_stack+0x172/0x1f0 [ 3294.560025][T21015] dump_header+0x10f/0xb6c [ 3294.564466][T21015] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 3294.570291][T21015] ? ___ratelimit+0x60/0x595 [ 3294.574899][T21015] ? do_raw_spin_unlock+0x57/0x270 [ 3294.580044][T21015] oom_kill_process.cold+0x10/0x15 [ 3294.585169][T21015] out_of_memory+0x79a/0x1280 [ 3294.589858][T21015] ? lock_downgrade+0x880/0x880 [ 3294.594722][T21015] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3294.600986][T21015] ? oom_killer_disable+0x280/0x280 [ 3294.606196][T21015] ? find_held_lock+0x35/0x130 [ 3294.610552][T21047] IPVS: Scheduler module ip_vs_ú” not found [ 3294.610984][T21015] mem_cgroup_out_of_memory+0x1ca/0x230 [ 3294.622408][T21015] ? memcg_event_wake+0x230/0x230 [ 3294.623907][T21051] IPVS: Scheduler module ip_vs_ú” not found [ 3294.627451][T21015] ? do_raw_spin_unlock+0x57/0x270 [ 3294.627470][T21015] ? _raw_spin_unlock+0x2d/0x50 [ 3294.627494][T21015] try_charge+0x102c/0x15c0 [ 3294.647817][T21015] ? find_held_lock+0x35/0x130 [ 3294.652610][T21015] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 3294.658161][T21015] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 3294.663724][T21015] ? find_held_lock+0x35/0x130 [ 3294.668516][T21015] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 3294.674094][T21015] __memcg_kmem_charge_memcg+0x7c/0x130 [ 3294.679650][T21015] ? memcg_kmem_put_cache+0xb0/0xb0 [ 3294.685037][T21015] ? get_mem_cgroup_from_mm+0x128/0x2b0 [ 3294.690594][T21015] __memcg_kmem_charge+0x136/0x300 [ 3294.695723][T21015] __alloc_pages_nodemask+0x4bf/0x8d0 [ 3294.701122][T21015] ? __alloc_pages_slowpath+0x28b0/0x28b0 [ 3294.706864][T21015] ? copy_page_range+0x125a/0x1f90 [ 3294.711987][T21015] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 3294.718230][T21015] alloc_pages_current+0x107/0x210 [ 3294.723349][T21015] pte_alloc_one+0x1b/0x1a0 [ 3294.727854][T21015] __pte_alloc+0x20/0x310 [ 3294.732189][T21015] copy_page_range+0x1529/0x1f90 [ 3294.737133][T21015] ? perf_trace_lock+0xeb/0x510 [ 3294.741986][T21015] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3294.748258][T21015] ? pmd_alloc+0x180/0x180 [ 3294.752678][T21015] ? __rb_insert_augmented+0x231/0xdf0 [ 3294.758136][T21015] ? validate_mm_rb+0xa3/0xc0 [ 3294.762815][T21015] ? __vma_link_rb+0x279/0x370 [ 3294.767589][T21015] copy_process.part.0+0x568b/0x7980 [ 3294.772919][T21015] ? __cleanup_sighand+0x60/0x60 [ 3294.777905][T21015] _do_fork+0x257/0xfd0 [ 3294.782086][T21015] ? fork_idle+0x1d0/0x1d0 [ 3294.786516][T21015] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3294.791977][T21015] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3294.797440][T21015] ? do_syscall_64+0x26/0x610 [ 3294.802118][T21015] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3294.808181][T21015] ? do_syscall_64+0x26/0x610 [ 3294.812863][T21015] __x64_sys_clone+0xbf/0x150 [ 3294.817547][T21015] do_syscall_64+0x103/0x610 [ 3294.822143][T21015] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3294.828030][T21015] RIP: 0033:0x458da9 [ 3294.831935][T21015] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 3294.851575][T21015] RSP: 002b:00007fa14f198c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 3294.860011][T21015] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000000458da9 [ 3294.867983][T21015] RDX: 9999999999999999 RSI: 0000000000000000 RDI: 0000000089000000 [ 3294.875959][T21015] RBP: 000000000073bf00 R08: ffffffffffffffff R09: 0000000000000000 [ 3294.883939][T21015] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fa14f1996d4 [ 3294.891912][T21015] R13: 00000000004bf166 R14: 00000000004d01a0 R15: 00000000ffffffff [ 3294.930342][T21015] memory: usage 306964kB, limit 307200kB, failcnt 25267 [ 3294.952689][T21015] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3294.960244][T21015] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3294.978213][T21015] Memory cgroup stats for /syz3: cache:0KB rss:88612KB rss_huge:0KB shmem:44KB mapped_file:0KB dirty:132KB writeback:132KB swap:0KB inactive_anon:0KB active_anon:88604KB inactive_file:0KB active_file:0KB unevictable:0KB [ 3295.009037][T21015] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=syz3,mems_allowed=0-1,oom_memcg=/syz3,task_memcg=/syz3,task=syz-executor.3,pid=25193,uid=0 [ 3295.033431][T21015] Memory cgroup out of memory: Killed process 25193 (syz-executor.3) total-vm:72580kB, anon-rss:172kB, file-rss:35796kB, shmem-rss:0kB [ 3295.064742][ T1043] oom_reaper: reaped process 25193 (syz-executor.3), now anon-rss:0kB, file-rss:34836kB, shmem-rss:0kB [ 3295.401510][T21062] syz-executor.3 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=0, oom_score_adj=1000 [ 3295.415701][T21062] CPU: 1 PID: 21062 Comm: syz-executor.3 Not tainted 5.1.0-rc7+ #97 [ 3295.423707][T21062] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3295.433769][T21062] Call Trace: [ 3295.437069][T21062] dump_stack+0x172/0x1f0 [ 3295.441402][T21062] dump_header+0x10f/0xb6c [ 3295.445808][T21062] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 3295.451608][T21062] ? ___ratelimit+0x60/0x595 [ 3295.456185][T21062] ? do_raw_spin_unlock+0x57/0x270 [ 3295.461281][T21062] oom_kill_process.cold+0x10/0x15 [ 3295.466597][T21062] out_of_memory+0x79a/0x1280 [ 3295.471263][T21062] ? lock_downgrade+0x880/0x880 [ 3295.476123][T21062] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3295.482361][T21062] ? oom_killer_disable+0x280/0x280 [ 3295.487565][T21062] ? find_held_lock+0x35/0x130 [ 3295.492334][T21062] mem_cgroup_out_of_memory+0x1ca/0x230 [ 3295.497891][T21062] ? memcg_event_wake+0x230/0x230 [ 3295.502939][T21062] ? do_raw_spin_unlock+0x57/0x270 [ 3295.508041][T21062] ? _raw_spin_unlock+0x2d/0x50 [ 3295.512879][T21062] try_charge+0x102c/0x15c0 [ 3295.517376][T21062] ? find_held_lock+0x35/0x130 [ 3295.522141][T21062] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 3295.527677][T21062] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 3295.533220][T21062] ? find_held_lock+0x35/0x130 [ 3295.537969][T21062] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 3295.543510][T21062] __memcg_kmem_charge_memcg+0x7c/0x130 [ 3295.549040][T21062] ? memcg_kmem_put_cache+0xb0/0xb0 [ 3295.554227][T21062] ? get_mem_cgroup_from_mm+0x128/0x2b0 [ 3295.559767][T21062] __memcg_kmem_charge+0x136/0x300 [ 3295.564868][T21062] __alloc_pages_nodemask+0x4bf/0x8d0 [ 3295.570228][T21062] ? __alloc_pages_slowpath+0x28b0/0x28b0 [ 3295.575944][T21062] ? save_stack+0xa9/0xd0 [ 3295.580260][T21062] ? kmem_cache_alloc+0x11a/0x6f0 [ 3295.585268][T21062] ? anon_vma_fork+0x1ea/0x4a0 [ 3295.590026][T21062] ? copy_process.part.0+0x350f/0x7980 [ 3295.595484][T21062] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3295.601723][T21062] ? debug_smp_processor_id+0x3c/0x280 [ 3295.607188][T21062] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 3295.613423][T21062] alloc_pages_current+0x107/0x210 [ 3295.618537][T21062] get_zeroed_page+0x14/0x50 [ 3295.623143][T21062] __pud_alloc+0x3b/0x250 [ 3295.627471][T21062] pud_alloc+0xde/0x150 [ 3295.631631][T21062] copy_page_range+0x375/0x1f90 [ 3295.636489][T21062] ? find_held_lock+0x35/0x130 [ 3295.641258][T21062] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 3295.646976][T21062] ? vma_compute_subtree_gap+0x158/0x230 [ 3295.652630][T21062] ? vma_gap_callbacks_rotate+0x62/0x80 [ 3295.658163][T21062] ? pmd_alloc+0x180/0x180 [ 3295.662576][T21062] ? validate_mm_rb+0xa3/0xc0 [ 3295.667242][T21062] ? __vma_link_rb+0x279/0x370 [ 3295.671998][T21062] copy_process.part.0+0x568b/0x7980 [ 3295.677290][T21062] ? __cleanup_sighand+0x60/0x60 [ 3295.682216][T21062] ? semctl_down+0x5e0/0x9f0 [ 3295.686811][T21062] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3295.693048][T21062] _do_fork+0x257/0xfd0 [ 3295.697191][T21062] ? fork_idle+0x1d0/0x1d0 [ 3295.701604][T21062] ? __ia32_sys_mkdir+0x80/0x80 [ 3295.706460][T21062] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3295.711913][T21062] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3295.717365][T21062] ? do_syscall_64+0x26/0x610 [ 3295.722037][T21062] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3295.728232][T21062] ? do_syscall_64+0x26/0x610 [ 3295.732897][T21062] ? lockdep_hardirqs_on+0x418/0x5d0 [ 3295.738182][T21062] __ia32_sys_fork+0x1f/0x30 [ 3295.742778][T21062] do_syscall_64+0x103/0x610 [ 3295.747375][T21062] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3295.753253][T21062] RIP: 0033:0x2000000a [ 3295.757314][T21062] Code: Bad RIP value. [ 3295.761362][T21062] RSP: 002b:00007fa14f156bd8 EFLAGS: 00000202 ORIG_RAX: 0000000000000039 [ 3295.769757][T21062] RAX: ffffffffffffffda RBX: 0000000000000009 RCX: 000000002000000a [ 3295.777744][T21062] RDX: 0000000000000000 RSI: 0000000080000034 RDI: 0000000000000003 [ 3295.785711][T21062] RBP: 0000000000000080 R08: 0000000000000005 R09: 0000000000000006 [ 3295.793689][T21062] R10: 0000000000000007 R11: 0000000000000202 R12: 000000000000000b [ 3295.801644][T21062] R13: 000000000000000c R14: 000000000000000d R15: 00000000ffffffff [ 3295.816286][T21062] memory: usage 307200kB, limit 307200kB, failcnt 25324 [ 3295.823463][T21062] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3295.831065][T21062] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3295.838090][T21062] Memory cgroup stats for /syz3: cache:0KB rss:88612KB rss_huge:0KB shmem:44KB mapped_file:0KB dirty:132KB writeback:132KB swap:0KB inactive_anon:0KB active_anon:88648KB inactive_file:0KB active_file:0KB unevictable:0KB [ 3295.859724][T21062] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=syz3,mems_allowed=0-1,oom_memcg=/syz3,task_memcg=/syz3,task=syz-executor.3,pid=25229,uid=0 [ 3295.875434][T21062] Memory cgroup out of memory: Killed process 25229 (syz-executor.3) total-vm:72580kB, anon-rss:172kB, file-rss:35796kB, shmem-rss:0kB 17:10:28 executing program 3: openat$tun(0xffffffffffffff9c, &(0x7f0000000100)='/dev/net/tun\x00', 0x2, 0x0) statfs(&(0x7f0000000140)='./file0\x00', &(0x7f0000000180)=""/160) clone(0x802102001ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) syz_execute_func(&(0x7f0000000000)="994a2ae92c10964c0f05bf03000000c4a37bf0c50141e2e9c422e9aabb3c0000004a0fc7a4ea70db000000000f383a9e02000000110f4e5bc4a265aa104b26660f38091e2fa2631bc421045f4607c421dd589fc4e10bf8e426f2f045f619640f0f6f43a038fd52262e2e66450f7d64c60865f2ad0383397fd3ff3a0065f20f7cd8efa1a12ad764d38f53efaf6766f2ab440fec3f67ddea660f79cec462b1f72ec3c4899294d800000000000fc4634148f70000c2a0c10b00cca27a0e0fc442cd376d000f9f3c6436b2aa66450fc4650000c4e39978c104d9a1e8719e70ddcdcda2660f38346800c4e3295d4c3dc8a3c4c1045ccc7d75c4426507af0f0000000f5fd25cf3460f2ad0f30f5ea5a9a50000ffff660f79ca553131b83a00a2f1fbfb766208cf") getsockopt$sock_cred(0xffffffffffffff9c, 0x1, 0x11, &(0x7f0000000240)={0x0}, &(0x7f0000000280)=0xc) capset(&(0x7f00000002c0)={0x399f1736, r0}, &(0x7f0000000300)={0x4, 0x2, 0x8, 0x9, 0x3e, 0x3}) 17:10:28 executing program 0: r0 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/qat_adf_ctl\x00', 0x200000, 0x0) write$P9_RLERRORu(r0, &(0x7f0000000180)={0xe, 0x7, 0x2, {{0x1, '^'}}}, 0xe) getsockopt$inet_sctp6_SCTP_STATUS(0xffffffffffffff9c, 0x84, 0xe, &(0x7f0000000040)={0x0, 0x0, 0x1, 0x6, 0x0, 0x93, 0x101, 0xfff, {0x0, @in6={{0xa, 0x4e23, 0xffffffff, @remote, 0x1ff8000000000}}, 0x3, 0xb4, 0x466b7d96, 0x1000, 0x1}}, &(0x7f0000000100)=0xb0) setsockopt$inet_sctp_SCTP_DEFAULT_PRINFO(r0, 0x84, 0x72, &(0x7f0000000140)={r1, 0x30, 0x20}, 0xc) socket$inet6(0xa, 0x6, 0xfffffffffffd) 17:10:28 executing program 2: clone(0x80210a001ff1, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$IP_VS_SO_SET_ADD(r0, 0x0, 0x482, &(0x7f0000000040)={0x40011, @empty, 0x0, 0x0, '\xfa\x94\x00\x00\x00\x00\x00\xff\xff\xff\xff\x00'}, 0x2c) 17:10:28 executing program 4: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB="300000001800110300000000000000000a000000feffffff9e00000014000500002ec1ddb6edd8e4dcd163af3c00000000000000000000000008"], 0x1}}, 0x0) 17:10:28 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = socket$inet(0x10, 0x3, 0xc) sendmsg(r1, &(0x7f0000011fc8)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="24000000060107031dfffd946fa2830020200a0009000200001d85470c1baba20400ff7e28000000110affffba010000000009b356da5a80d18be34c8546c8243929db2406b20cd37ed01cc0", 0x4c}], 0x1}, 0x0) 17:10:28 executing program 1: r0 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vsock\x00', 0x0, 0x0) ioctl$KVM_ASSIGN_SET_MSIX_NR(r0, 0x4008ae73, &(0x7f0000000040)={0x7fffffff, 0x80000000}) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f00000003c0)=@nat={'nat\x00', 0x19, 0x1, 0x138, [0x20000100, 0x0, 0x0, 0x20000130, 0x20000208], 0x0, &(0x7f00000000c0), &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x0, 0xfffffffffffffffe, 0x1, [{{{0x9, 0x24, 0x0, 'bridge_slave_0\x00', 'sit0\x00', 'syzkaller0\x00', 'syzkaller1\x00', @dev={[], 0x22}, [0x0, 0xff, 0xff, 0xff, 0xff, 0xff], @random="4fcd9ab2f888", [0xff, 0xff, 0x0, 0x0, 0x0, 0xff], 0x70, 0x70, 0xa8}}, @snat={'snat\x00', 0x10, {{@remote, 0xfffffffffffffffe}}}}]}, {0x0, '\x00', 0x1, 0xffffffffffffffff}]}, 0x1b0) setsockopt$inet_udp_encap(r0, 0x11, 0x64, &(0x7f0000000080)=0x4, 0x4) r1 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_mreqn(r1, 0x0, 0x27, &(0x7f0000683ff4)={@multicast2, @loopback}, 0xc) setsockopt$inet_group_source_req(r1, 0x0, 0x2f, &(0x7f0000000280)={0x1, {{0x2, 0x0, @multicast2}}}, 0x108) [ 3295.897485][ T1043] oom_reaper: reaped process 25229 (syz-executor.3), now anon-rss:0kB, file-rss:34836kB, shmem-rss:0kB 17:10:28 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f033c123f319bd070") ioctl$sock_SIOCGPGRP(r0, 0x8904, &(0x7f0000000140)) fcntl$getownex(r0, 0x10, &(0x7f0000000180)={0x0, 0x0}) r2 = syz_open_procfs(r1, &(0x7f00000001c0)='net/rt_acct\x00') setsockopt$MISDN_TIME_STAMP(r2, 0x0, 0x1, &(0x7f00000000c0), 0x4) getdents64(r2, &(0x7f00000003c0)=""/207, 0x55) getdents(r2, &(0x7f0000000000)=""/173, 0xad) [ 3295.985810][T21069] Unknown ioctl 1074310771 17:10:28 executing program 0: r0 = creat(&(0x7f0000000000)='./file0\x00', 0x80) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f00000000c0)='TIPCv2\x00') sendmsg$TIPC_NL_LINK_SET(r0, &(0x7f0000000540)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x40020000}, 0xc, &(0x7f0000000500)={&(0x7f0000000100)={0x3e4, r1, 0x4, 0x70bd29, 0x25dfdbfd, {}, [@TIPC_NLA_LINK={0xf4, 0x4, [@TIPC_NLA_LINK_PROP={0x4}, @TIPC_NLA_LINK_PROP={0x2c, 0x7, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0x5}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x7}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1a}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x252}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x1}]}, @TIPC_NLA_LINK_NAME={0x14, 0x1, 'broadcast-link\x00'}, @TIPC_NLA_LINK_PROP={0x1c, 0x7, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x1}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x8001}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x19}]}, @TIPC_NLA_LINK_PROP={0x24, 0x7, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x6eaa}, @TIPC_NLA_PROP_TOL={0x8}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x6}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x17}]}, @TIPC_NLA_LINK_PROP={0x4c, 0x7, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0xd8}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x10}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x20}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x7f}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x401}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x310f}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x6}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x1}, @TIPC_NLA_PROP_WIN={0x8}]}, @TIPC_NLA_LINK_NAME={0x14, 0x1, 'broadcast-link\x00'}, @TIPC_NLA_LINK_NAME={0xc, 0x1, 'syz1\x00'}]}, @TIPC_NLA_BEARER={0x80, 0x1, [@TIPC_NLA_BEARER_PROP={0xc, 0x2, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0xa01a}]}, @TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x1}, @TIPC_NLA_BEARER_PROP={0x2c, 0x2, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1c}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x12}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x9}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x7}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x7f}]}, @TIPC_NLA_BEARER_PROP={0x14, 0x2, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x20}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x200}]}, @TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x5}, @TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0xa5}, @TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x34b}, @TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x800}, @TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x1ff}]}, @TIPC_NLA_LINK={0x30, 0x4, [@TIPC_NLA_LINK_NAME={0x14, 0x1, 'broadcast-link\x00'}, @TIPC_NLA_LINK_NAME={0xc, 0x1, 'syz0\x00'}, @TIPC_NLA_LINK_NAME={0xc, 0x1, 'syz0\x00'}]}, @TIPC_NLA_BEARER={0xe4, 0x1, [@TIPC_NLA_BEARER_PROP={0x1c, 0x2, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x3f}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x1}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x3}]}, @TIPC_NLA_BEARER_UDP_OPTS={0x38, 0x4, {{0x20, 0x1, @in6={0xa, 0x4e24, 0x81, @empty, 0x1}}, {0x14, 0x2, @in={0x2, 0x4e24, @loopback}}}}, @TIPC_NLA_BEARER_PROP={0x14, 0x2, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x1ff}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x1000}]}, @TIPC_NLA_BEARER_UDP_OPTS={0x2c, 0x4, {{0x14, 0x1, @in={0x2, 0x4e24, @initdev={0xac, 0x1e, 0x0, 0x0}}}, {0x14, 0x2, @in={0x2, 0x4e20, @multicast1}}}}, @TIPC_NLA_BEARER_PROP={0x3c, 0x2, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0x7fffffff}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0xa}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x7}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x4}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x3}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x20}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x800}]}, @TIPC_NLA_BEARER_NAME={0x10, 0x1, @l2={'eth', 0x3a, 'gre0\x00'}}]}, @TIPC_NLA_NODE={0x8, 0x6, [@TIPC_NLA_NODE_UP={0x4}]}, @TIPC_NLA_BEARER={0x134, 0x1, [@TIPC_NLA_BEARER_NAME={0x14, 0x1, @l2={'ib', 0x3a, 'ip6gretap0\x00'}}, @TIPC_NLA_BEARER_NAME={0x10, 0x1, @l2={'eth', 0x3a, 'vcan0\x00'}}, @TIPC_NLA_BEARER_UDP_OPTS={0x2c, 0x4, {{0x14, 0x1, @in={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}}, {0x14, 0x2, @in={0x2, 0x4e21, @local}}}}, @TIPC_NLA_BEARER_UDP_OPTS={0x38, 0x4, {{0x14, 0x1, @in={0x2, 0x4e23, @multicast1}}, {0x20, 0x2, @in6={0xa, 0x4e23, 0xfff, @initdev={0xfe, 0x88, [], 0x0, 0x0}, 0x1}}}}, @TIPC_NLA_BEARER_UDP_OPTS={0x38, 0x4, {{0x20, 0x1, @in6={0xa, 0x4e24, 0x0, @initdev={0xfe, 0x88, [], 0x0, 0x0}, 0x9}}, {0x14, 0x2, @in={0x2, 0x4e22, @rand_addr=0x5}}}}, @TIPC_NLA_BEARER_NAME={0x10, 0x1, @udp='udp:syz1\x00'}, @TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x6}, @TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x3}, @TIPC_NLA_BEARER_UDP_OPTS={0x38, 0x4, {{0x20, 0x1, @in6={0xa, 0x4e21, 0x1, @ipv4={[], [], @multicast2}, 0x7}}, {0x14, 0x2, @in={0x2, 0x5, @loopback}}}}, @TIPC_NLA_BEARER_NAME={0x18, 0x1, @l2={'eth', 0x3a, 'team_slave_0\x00'}}]}, @TIPC_NLA_SOCK={0xc, 0x2, [@TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0x1}]}]}, 0x3e4}, 0x1, 0x0, 0x0, 0x40}, 0x4000) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = socket$inet(0x2, 0x4000000000000001, 0x0) sendto$inet(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0) getsockopt$inet_tcp_buf(r2, 0x6, 0x1f, 0x0, &(0x7f0000000040)=0xfffffffffffffcd2) dup2(r2, r2) [ 3296.026915][T21069] Unknown ioctl 1074310771 17:10:28 executing program 1: ioctl$ASHMEM_SET_NAME(0xffffffffffffffff, 0x41007701, &(0x7f00000001c0)='/dev/usbmon#\x00') socket$inet6_udp(0xa, 0x2, 0x0) ioctl$DRM_IOCTL_RES_CTX(0xffffffffffffffff, 0xc0106426, &(0x7f00000006c0)={0x6, &(0x7f0000000640)=[{}, {}, {}, {}, {}, {}]}) r0 = socket$nl_xfrm(0x10, 0x3, 0x6) r1 = socket$inet6_udp(0xa, 0x2, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) connect$inet6(r1, &(0x7f0000000000)={0xa, 0x0, 0x0, @remote, 0x3}, 0x1c) r2 = socket$l2tp(0x18, 0x1, 0x1) setsockopt$inet6_MRT6_DEL_MFC_PROXY(r1, 0x29, 0xd3, &(0x7f00000000c0)={{0xa, 0x4e21, 0x7, @empty, 0x6}, {0xa, 0x4e23, 0x81, @mcast1, 0x9}, 0xbf0, [0xffff, 0x9, 0x0, 0x0, 0x2, 0x2e, 0x8001, 0x3]}, 0x5c) connect$l2tp(r2, &(0x7f0000000180)=@pppol2tpv3={0x18, 0x1, {0x0, r1, {0x2, 0x0, @multicast2}, 0x4}}, 0x26) r3 = shmget$private(0x0, 0x3000, 0x400, &(0x7f0000ffd000/0x3000)=nil) shmctl$SHM_INFO(r3, 0xe, &(0x7f00000004c0)=""/72) prctl$PR_SET_MM(0x23, 0xf, &(0x7f0000ffd000/0x2000)=nil) setsockopt$inet6_IPV6_XFRM_POLICY(r1, 0x29, 0x23, &(0x7f00000001c0)={{{@in6=@local, @in, 0x0, 0x0, 0x0, 0x0, 0xa}, {}, {}, 0x0, 0x0, 0x1}, {{@in, 0x0, 0x33}, 0x0, @in6=@mcast2, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe}}, 0xe8) sendmmsg(r2, &(0x7f0000005fc0), 0x800000000000059, 0x0) bind$netlink(r0, &(0x7f0000000080)={0x10, 0x0, 0x0, 0x1}, 0x41) r4 = socket$packet(0x11, 0x0, 0x300) r5 = syz_open_dev$vcsa(&(0x7f0000000400)='/dev/vcsa#\x00', 0xfffffffffffffff9, 0x400) ioctl$TCSETA(r5, 0x5406, &(0x7f00000002c0)={0x4, 0x5, 0x2, 0x6, 0x9, 0xef5, 0x9, 0xe0d, 0x9, 0x9}) ioctl$VIDIOC_G_SLICED_VBI_CAP(r5, 0xc0745645, &(0x7f0000000440)={0x5d, [0x80, 0x2, 0x9, 0x27, 0x8a7, 0x7, 0x5, 0xe82c, 0x10000, 0x5800000000000000, 0x7, 0x6, 0x0, 0x80000000, 0x9, 0x8, 0x209e, 0x1ff, 0x4, 0x2, 0x3, 0x3ff, 0xfffffffffffffffb, 0x2, 0x400, 0x80000001, 0x5db0, 0x40, 0x7f0f, 0x2, 0x0, 0x4, 0xc65, 0x3, 0x100000000, 0x3ff, 0x5, 0x7, 0xe5, 0x49cf, 0x80000001, 0x1, 0xff, 0x7ff, 0x4, 0x4c, 0x3, 0x9], 0xe}) setsockopt$packet_fanout(r4, 0x107, 0x12, &(0x7f0000000080)={0x0, 0x6, 0xfffffffffffffffd}, 0x4) getsockopt$SO_COOKIE(r0, 0x1, 0x39, &(0x7f0000000040), &(0x7f0000000140)=0x8) getsockopt$inet_sctp_SCTP_MAXSEG(r5, 0x84, 0xd, &(0x7f0000000300)=@assoc_value={0x0, 0xc06}, &(0x7f0000000340)=0x8) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r5, 0x84, 0x6f, &(0x7f00000003c0)={r6, 0x20, &(0x7f0000000380)=[@in={0x2, 0x4e24, @initdev={0xac, 0x1e, 0x1, 0x0}}, @in={0x2, 0x4e22, @loopback}]}, &(0x7f0000000540)=0x10) [ 3296.145347][ T7844] syz-executor.2 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=0, oom_score_adj=0 [ 3296.199967][T21085] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.5'. [ 3296.205055][ T7844] CPU: 1 PID: 7844 Comm: syz-executor.2 Not tainted 5.1.0-rc7+ #97 [ 3296.217214][ T7844] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3296.227282][ T7844] Call Trace: [ 3296.230590][ T7844] dump_stack+0x172/0x1f0 [ 3296.234949][ T7844] dump_header+0x10f/0xb6c [ 3296.239378][ T7844] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 3296.245198][ T7844] ? ___ratelimit+0x60/0x595 [ 3296.249805][ T7844] ? do_raw_spin_unlock+0x57/0x270 [ 3296.254947][ T7844] oom_kill_process.cold+0x10/0x15 [ 3296.260070][ T7844] out_of_memory+0x79a/0x1280 [ 3296.264765][ T7844] ? lock_downgrade+0x880/0x880 [ 3296.269625][ T7844] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3296.275877][ T7844] ? oom_killer_disable+0x280/0x280 [ 3296.281081][ T7844] ? find_held_lock+0x35/0x130 [ 3296.285871][ T7844] mem_cgroup_out_of_memory+0x1ca/0x230 [ 3296.289977][T21085] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.5'. [ 3296.291430][ T7844] ? memcg_event_wake+0x230/0x230 [ 3296.291457][ T7844] ? do_raw_spin_unlock+0x57/0x270 [ 3296.291475][ T7844] ? _raw_spin_unlock+0x2d/0x50 [ 3296.291495][ T7844] try_charge+0x102c/0x15c0 [ 3296.310898][ T7844] ? find_held_lock+0x35/0x130 [ 3296.310935][ T7844] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 3296.310955][ T7844] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 3296.330582][ T7844] ? find_held_lock+0x35/0x130 [ 3296.330603][ T7844] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 3296.330631][ T7844] __memcg_kmem_charge_memcg+0x7c/0x130 [ 3296.352009][ T7844] ? memcg_kmem_put_cache+0xb0/0xb0 [ 3296.357317][ T7844] ? get_mem_cgroup_from_mm+0x128/0x2b0 [ 3296.362882][ T7844] __memcg_kmem_charge+0x136/0x300 [ 3296.368027][ T7844] __alloc_pages_nodemask+0x4bf/0x8d0 [ 3296.373415][ T7844] ? __alloc_pages_slowpath+0x28b0/0x28b0 [ 3296.379157][ T7844] ? copy_page_range+0x125a/0x1f90 [ 3296.384286][ T7844] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 3296.390545][ T7844] alloc_pages_current+0x107/0x210 [ 3296.395671][ T7844] pte_alloc_one+0x1b/0x1a0 [ 3296.400191][ T7844] __pte_alloc+0x20/0x310 [ 3296.404542][ T7844] copy_page_range+0x1529/0x1f90 [ 3296.409493][ T7844] ? perf_trace_lock+0xeb/0x510 [ 3296.414353][ T7844] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3296.420639][ T7844] ? pmd_alloc+0x180/0x180 [ 3296.425067][ T7844] ? __rb_insert_augmented+0x231/0xdf0 [ 3296.430539][ T7844] ? validate_mm_rb+0xa3/0xc0 [ 3296.435230][ T7844] ? __vma_link_rb+0x279/0x370 [ 3296.440017][ T7844] copy_process.part.0+0x568b/0x7980 [ 3296.445351][ T7844] ? __cleanup_sighand+0x60/0x60 [ 3296.450323][ T7844] _do_fork+0x257/0xfd0 [ 3296.454492][ T7844] ? fork_idle+0x1d0/0x1d0 [ 3296.458938][ T7844] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3296.464408][ T7844] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3296.469883][ T7844] ? do_syscall_64+0x26/0x610 [ 3296.474565][ T7844] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3296.480637][ T7844] ? do_syscall_64+0x26/0x610 [ 3296.485336][ T7844] __x64_sys_clone+0xbf/0x150 [ 3296.490031][ T7844] do_syscall_64+0x103/0x610 [ 3296.494638][ T7844] entry_SYSCALL_64_after_hwframe+0x49/0xbe 17:10:28 executing program 0: r0 = socket$inet6(0xa, 0x100800000000002, 0x88) connect$inet6(r0, &(0x7f00000001c0)={0xa, 0x0, 0x0, @dev, 0x4}, 0x1c) setsockopt$sock_int(r0, 0x1, 0x7, &(0x7f0000000000), 0x4) r1 = syz_open_procfs(0x0, &(0x7f00000002c0)='smaps\x00') sendfile(r0, r1, 0x0, 0x88001) setxattr$security_smack_transmute(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='security.SMACK64TRANSMUTE\x00', &(0x7f00000000c0)='TRUE', 0x4, 0x2) 17:10:28 executing program 4: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB="300000001800110300000000000000000a000000fefffffff000000014000500002ec1ddb6edd8e4dcd163af3c00000000000000000000000008"], 0x1}}, 0x0) 17:10:29 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = socket$inet(0x10, 0x3, 0xc) sendmsg(r1, &(0x7f0000011fc8)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="24000000060107031dfffd946fa2830020200a0009000200001d85480c1baba20400ff7e28000000110affffba010000000009b356da5a80d18be34c8546c8243929db2406b20cd37ed01cc0", 0x4c}], 0x1}, 0x0) [ 3296.500534][ T7844] RIP: 0033:0x45737a [ 3296.504438][ T7844] Code: f7 d8 64 89 04 25 d4 02 00 00 64 4c 8b 0c 25 10 00 00 00 31 d2 4d 8d 91 d0 02 00 00 31 f6 bf 11 00 20 01 b8 38 00 00 00 0f 05 <48> 3d 00 f0 ff ff 0f 87 f5 00 00 00 85 c0 41 89 c5 0f 85 fc 00 00 [ 3296.524052][ T7844] RSP: 002b:0000000000a4fd30 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 3296.524068][ T7844] RAX: ffffffffffffffda RBX: 0000000000a4fd30 RCX: 000000000045737a [ 3296.524075][ T7844] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011 [ 3296.524083][ T7844] RBP: 0000000000a4fd70 R08: 0000000000000001 R09: 0000000001fdd940 [ 3296.524092][ T7844] R10: 0000000001fddc10 R11: 0000000000000246 R12: 0000000000000001 [ 3296.524100][ T7844] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000a4fdc0 [ 3296.584621][ T7844] memory: usage 307200kB, limit 307200kB, failcnt 15701 [ 3296.592837][ T7844] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3296.639814][ T7844] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3296.648490][ T7844] Memory cgroup stats for /syz2: cache:220KB rss:102312KB rss_huge:0KB shmem:124KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:102412KB inactive_file:0KB active_file:0KB unevictable:0KB [ 3296.682172][ T7844] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=11192,uid=0 [ 3296.704274][T21097] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.5'. [ 3296.707006][ T7844] Memory cgroup out of memory: Killed process 11192 (syz-executor.2) total-vm:72712kB, anon-rss:172kB, file-rss:35800kB, shmem-rss:0kB [ 3296.740758][ T1043] oom_reaper: reaped process 11192 (syz-executor.2), now anon-rss:0kB, file-rss:34840kB, shmem-rss:0kB [ 3296.768480][T21075] syz-executor.3 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=0, oom_score_adj=1000 [ 3296.807134][T21075] CPU: 1 PID: 21075 Comm: syz-executor.3 Not tainted 5.1.0-rc7+ #97 [ 3296.815163][T21075] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3296.825232][T21075] Call Trace: [ 3296.828542][T21075] dump_stack+0x172/0x1f0 [ 3296.832892][T21075] dump_header+0x10f/0xb6c [ 3296.837373][T21075] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 3296.843374][T21075] ? ___ratelimit+0x60/0x595 [ 3296.848137][T21075] ? do_raw_spin_unlock+0x57/0x270 [ 3296.853356][T21075] oom_kill_process.cold+0x10/0x15 [ 3296.853378][T21075] out_of_memory+0x79a/0x1280 [ 3296.853402][T21075] ? oom_killer_disable+0x280/0x280 [ 3296.853416][T21075] ? find_held_lock+0x35/0x130 [ 3296.853442][T21075] mem_cgroup_out_of_memory+0x1ca/0x230 [ 3296.863219][T21075] ? memcg_event_wake+0x230/0x230 [ 3296.863245][T21075] ? do_raw_spin_unlock+0x57/0x270 [ 3296.863263][T21075] ? _raw_spin_unlock+0x2d/0x50 [ 3296.863284][T21075] try_charge+0x102c/0x15c0 [ 3296.863296][T21075] ? find_held_lock+0x35/0x130 [ 3296.863321][T21075] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 3296.873264][T21075] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 3296.873281][T21075] ? find_held_lock+0x35/0x130 [ 3296.873298][T21075] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 3296.873330][T21075] __memcg_kmem_charge_memcg+0x7c/0x130 [ 3296.873350][T21075] ? memcg_kmem_put_cache+0xb0/0xb0 [ 3296.883903][T21075] ? get_mem_cgroup_from_mm+0x128/0x2b0 [ 3296.883936][T21075] __memcg_kmem_charge+0x136/0x300 [ 3296.883960][T21075] __alloc_pages_nodemask+0x4bf/0x8d0 [ 3296.883983][T21075] ? __alloc_pages_slowpath+0x28b0/0x28b0 [ 3296.884008][T21075] ? copy_page_range+0x125a/0x1f90 [ 3296.884031][T21075] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 3296.962091][T21075] alloc_pages_current+0x107/0x210 [ 3296.973433][T21075] pte_alloc_one+0x1b/0x1a0 [ 3296.973454][T21075] __pte_alloc+0x20/0x310 [ 3296.973477][T21075] copy_page_range+0x1529/0x1f90 [ 3296.973493][T21075] ? perf_trace_lock+0xeb/0x510 [ 3296.973508][T21075] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3296.973549][T21075] ? pmd_alloc+0x180/0x180 [ 3297.003403][T21075] ? __rb_insert_augmented+0x231/0xdf0 [ 3297.008876][T21075] ? validate_mm_rb+0xa3/0xc0 [ 3297.013569][T21075] ? __vma_link_rb+0x279/0x370 [ 3297.018352][T21075] copy_process.part.0+0x568b/0x7980 [ 3297.023679][T21075] ? __cleanup_sighand+0x60/0x60 [ 3297.028621][T21075] ? semctl_down+0x5e0/0x9f0 [ 3297.033202][T21075] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3297.039455][T21075] _do_fork+0x257/0xfd0 [ 3297.043629][T21075] ? fork_idle+0x1d0/0x1d0 [ 3297.048046][T21075] ? __ia32_sys_mkdir+0x80/0x80 [ 3297.052894][T21075] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3297.058359][T21075] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3297.063803][T21075] ? do_syscall_64+0x26/0x610 [ 3297.068478][T21075] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3297.074547][T21075] ? do_syscall_64+0x26/0x610 [ 3297.079211][T21075] ? lockdep_hardirqs_on+0x418/0x5d0 [ 3297.084502][T21075] __ia32_sys_fork+0x1f/0x30 [ 3297.089527][T21075] do_syscall_64+0x103/0x610 [ 3297.094104][T21075] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3297.099985][T21075] RIP: 0033:0x2000000a [ 3297.104070][T21075] Code: Bad RIP value. [ 3297.108130][T21075] RSP: 002b:00007fa14f198bd8 EFLAGS: 00000202 ORIG_RAX: 0000000000000039 [ 3297.116527][T21075] RAX: ffffffffffffffda RBX: 0000000000000009 RCX: 000000002000000a [ 3297.124497][T21075] RDX: 0000000000000000 RSI: 0000000080000034 RDI: 0000000000000003 [ 3297.132456][T21075] RBP: 0000000000000080 R08: 0000000000000005 R09: 0000000000000006 [ 3297.140434][T21075] R10: 0000000000000007 R11: 0000000000000202 R12: 000000000000000b [ 3297.148401][T21075] R13: 000000000000000c R14: 000000000000000d R15: 00000000ffffffff [ 3297.163328][T21075] memory: usage 307160kB, limit 307200kB, failcnt 25385 [ 3297.170687][T21075] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3297.180656][T21075] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3297.189262][T21075] Memory cgroup stats for /syz3: cache:0KB rss:88612KB rss_huge:0KB shmem:44KB mapped_file:0KB dirty:132KB writeback:132KB swap:0KB inactive_anon:0KB active_anon:88656KB inactive_file:0KB active_file:0KB unevictable:0KB [ 3297.212770][T21075] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=syz3,mems_allowed=0-1,oom_memcg=/syz3,task_memcg=/syz3,task=syz-executor.3,pid=25470,uid=0 [ 3297.228661][T21075] Memory cgroup out of memory: Killed process 25470 (syz-executor.3) total-vm:72580kB, anon-rss:172kB, file-rss:35796kB, shmem-rss:0kB [ 3297.246135][ T1043] oom_reaper: reaped process 25470 (syz-executor.3), now anon-rss:0kB, file-rss:34836kB, shmem-rss:0kB 17:10:29 executing program 3: openat$tun(0xffffffffffffff9c, &(0x7f0000000100)='/dev/net/tun\x00', 0x2, 0x0) clone(0x802102001ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) syz_execute_func(&(0x7f0000000000)="994a2ae92c10964c0f05bf03000000c4a37bf0c50141e2e9c422e9aabb3c0000004a0fc7a4ea70db000000000f383a9e02000000110f4e5bc4a265aa104b26660f38091e2fa2631bc421045f4607c421dd589fc4e10bf8e426f2f045f619640f0f6f43a038fd52262e2e66450f7d64c60865f2ad0383397fd3ff3a0065f20f7cd8efa1a12ad764d38f53efaf6766f2ab440fec3f67ddea660f79cec462b1f72ec3c4899294d800000000000fc4634148f70000c2a0c10b00cca27a0e0fc442cd376d000f9f3c6436b2aa66450fc4650000c4e39978c104d9a1e8719e70ddcdcda2660f38346800c4e3295d4c3dc8a3c4c1045ccc7d75c4426507af0f0000000f5fd25cf3460f2ad0f30f5ea5a9a50000ffff660f79ca553131b83a00a2f1fbfb766208cf") r0 = syz_open_dev$sndpcmp(&(0x7f0000000140)='/dev/snd/pcmC#D#p\x00', 0xbdba, 0x8000) getsockopt$inet_sctp_SCTP_PEER_ADDR_THLDS(0xffffffffffffff9c, 0x84, 0x1f, &(0x7f0000000180)={0x0, @in6={{0xa, 0x4e22, 0x40, @mcast1, 0x7}}, 0x5}, &(0x7f0000000240)=0x90) getsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f0000000280)={r1, @in6={{0xa, 0x4e24, 0x8, @loopback, 0x4}}, 0x0, 0x9, 0x7, 0x100, 0x80}, &(0x7f0000000340)=0x98) 17:10:29 executing program 4: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB="300000001800110300000000000000000a000000fe00f0ffff00000014000500002ec1ddb6edd8e4dcd163af3c00000000000000000000000008"], 0x1}}, 0x0) [ 3297.256003][T21098] syz-executor.2 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=0, oom_score_adj=1000 [ 3297.276879][T21098] CPU: 0 PID: 21098 Comm: syz-executor.2 Not tainted 5.1.0-rc7+ #97 [ 3297.284887][T21098] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3297.294981][T21098] Call Trace: [ 3297.298315][T21098] dump_stack+0x172/0x1f0 [ 3297.302656][T21098] dump_header+0x10f/0xb6c [ 3297.307078][T21098] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 3297.312891][T21098] ? ___ratelimit+0x60/0x595 [ 3297.312908][T21098] ? do_raw_spin_unlock+0x57/0x270 [ 3297.312937][T21098] oom_kill_process.cold+0x10/0x15 [ 3297.312957][T21098] out_of_memory+0x79a/0x1280 [ 3297.312980][T21098] ? oom_killer_disable+0x280/0x280 [ 3297.312993][T21098] ? find_held_lock+0x35/0x130 [ 3297.313021][T21098] mem_cgroup_out_of_memory+0x1ca/0x230 [ 3297.313039][T21098] ? memcg_event_wake+0x230/0x230 [ 3297.322740][T21098] ? do_raw_spin_unlock+0x57/0x270 [ 3297.322761][T21098] ? _raw_spin_unlock+0x2d/0x50 [ 3297.322783][T21098] try_charge+0x102c/0x15c0 [ 3297.322796][T21098] ? find_held_lock+0x35/0x130 [ 3297.322819][T21098] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 3297.322833][T21098] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 3297.322848][T21098] ? find_held_lock+0x35/0x130 [ 3297.322864][T21098] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 3297.322892][T21098] __memcg_kmem_charge_memcg+0x7c/0x130 [ 3297.322909][T21098] ? memcg_kmem_put_cache+0xb0/0xb0 [ 3297.322939][T21098] ? get_mem_cgroup_from_mm+0x128/0x2b0 [ 3297.322960][T21098] __memcg_kmem_charge+0x136/0x300 [ 3297.322982][T21098] __alloc_pages_nodemask+0x4bf/0x8d0 [ 3297.323002][T21098] ? __alloc_pages_slowpath+0x28b0/0x28b0 [ 3297.426189][T21098] ? do_huge_pmd_anonymous_page+0x420/0x1730 [ 3297.432180][T21098] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 3297.438438][T21098] alloc_pages_current+0x107/0x210 [ 3297.443566][T21098] pte_alloc_one+0x1b/0x1a0 [ 3297.448080][T21098] __pte_alloc+0x20/0x310 [ 3297.452422][T21098] __handle_mm_fault+0x3391/0x3ec0 [ 3297.452449][T21098] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 3297.452466][T21098] ? find_held_lock+0x35/0x130 [ 3297.452483][T21098] ? handle_mm_fault+0x322/0xb30 [ 3297.452512][T21098] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3297.452532][T21098] ? kasan_check_read+0x11/0x20 [ 3297.452553][T21098] handle_mm_fault+0x43f/0xb30 [ 3297.452575][T21098] __do_page_fault+0x5ef/0xda0 [ 3297.452600][T21098] do_page_fault+0x71/0x581 [ 3297.452616][T21098] ? page_fault+0x8/0x30 [ 3297.452633][T21098] page_fault+0x1e/0x30 [ 3297.452645][T21098] RIP: 0033:0x40050c [ 3297.452659][T21098] Code: 01 e9 cd 01 00 00 48 8b 44 24 10 48 0b 44 24 28 75 20 48 8b 14 24 48 8b 7c 24 20 be 02 00 00 00 e8 59 53 00 00 48 8b 4c 24 08 <66> 89 01 e9 a1 01 00 00 48 8b 44 24 08 48 8b 14 24 be 02 00 00 00 [ 3297.452668][T21098] RSP: 002b:0000000000a4fb90 EFLAGS: 00010206 [ 3297.452680][T21098] RAX: 0000000000040011 RBX: 00000000007400f0 RCX: 0000000020000040 [ 3297.452690][T21098] RDX: 0000000000000000 RSI: 0000000000000002 RDI: 0000000000040011 [ 3297.452707][T21098] RBP: fffffffffffffffe R08: 0000000000000000 R09: 0000000000000000 [ 3297.463354][T21098] R10: 0000000000a4fca0 R11: 0000000000000246 R12: 00000000007400f8 [ 3297.463364][T21098] R13: 00000000004beb51 R14: 0000000000000000 R15: 000000000073bf0c [ 3297.472461][T21098] memory: usage 307064kB, limit 307200kB, failcnt 15740 [ 3297.583899][T21098] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3297.591380][T21098] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3297.598342][T21098] Memory cgroup stats for /syz2: cache:220KB rss:102312KB rss_huge:0KB shmem:124KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:102376KB inactive_file:0KB active_file:0KB unevictable:0KB [ 3297.619805][T21098] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=11465,uid=0 [ 3297.635317][T21098] Memory cgroup out of memory: Killed process 11465 (syz-executor.2) total-vm:72712kB, anon-rss:172kB, file-rss:35800kB, shmem-rss:0kB [ 3297.651388][ T1043] oom_reaper: reaped process 11465 (syz-executor.2), now anon-rss:0kB, file-rss:34840kB, shmem-rss:0kB [ 3297.669335][T21109] syz-executor.3 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=3, oom_score_adj=1000 [ 3297.681746][T21100] IPVS: Scheduler module ip_vs_ú” not found [ 3297.690517][T21109] CPU: 0 PID: 21109 Comm: syz-executor.3 Not tainted 5.1.0-rc7+ #97 [ 3297.698522][T21109] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3297.708588][T21109] Call Trace: [ 3297.711894][T21109] dump_stack+0x172/0x1f0 [ 3297.716257][T21109] dump_header+0x10f/0xb6c [ 3297.720688][T21109] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 3297.726499][T21109] ? ___ratelimit+0x60/0x595 [ 3297.731098][T21109] ? do_raw_spin_unlock+0x57/0x270 [ 3297.736224][T21109] oom_kill_process.cold+0x10/0x15 [ 3297.741353][T21109] out_of_memory+0x79a/0x1280 [ 3297.746054][T21109] ? oom_killer_disable+0x280/0x280 [ 3297.751268][T21109] ? find_held_lock+0x35/0x130 [ 3297.756056][T21109] mem_cgroup_out_of_memory+0x1ca/0x230 [ 3297.760126][T21114] IPVS: Scheduler module ip_vs_ú” not found [ 3297.761611][T21109] ? memcg_event_wake+0x230/0x230 [ 3297.761637][T21109] ? do_raw_spin_unlock+0x57/0x270 [ 3297.761656][T21109] ? _raw_spin_unlock+0x2d/0x50 [ 3297.761676][T21109] try_charge+0x102c/0x15c0 [ 3297.761688][T21109] ? find_held_lock+0x35/0x130 [ 3297.761712][T21109] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 3297.761726][T21109] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 3297.761741][T21109] ? find_held_lock+0x35/0x130 [ 3297.761757][T21109] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 3297.761787][T21109] __memcg_kmem_charge_memcg+0x7c/0x130 17:10:30 executing program 2: clone(0x80210a001ff1, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$IP_VS_SO_SET_ADD(r0, 0x0, 0x482, &(0x7f0000000040)={0x40011, @empty, 0x0, 0x0, '\xfa\x94\x00\x00\x02\x00'}, 0x2c) 17:10:30 executing program 0: r0 = socket(0x40000000015, 0x5, 0x0) ioctl$sock_kcm_SIOCKCMUNATTACH(r0, 0x89e1, &(0x7f0000000000)) lsetxattr$trusted_overlay_origin(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='trusted.overlay.origin\x00', &(0x7f00000000c0)='y\x00', 0x2, 0x3) 17:10:30 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x20, &(0x7f0000000040)="0a0000319b4c74c8d6d07000000000") syz_execute_func(&(0x7f0000000180)="1c41b5b598cd801b69e4f56962f5696200d9d9d0c42e17795bf9f9680c0000008fe9589b26c7e4c753fbc4e101edfec4427d822a2a00c4c4c2b90a23f2168f4808eebce00000802000c422b18cb60700000051518fe9509b9b9bfc0000c1ea01eff265dc5f00c35b5b45363ef80f9966030faee42c240f54635bdedec4a1e1e0ef26400f0d18c401fe5ff6e30fad4336660fd2938c0000000f9dc36666450f17720d2e440fc7bf0d0000801d54111d00") 17:10:30 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = socket$inet(0x10, 0x3, 0xc) sendmsg(r1, &(0x7f0000011fc8)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="24000000060107031dfffd946fa2830020200a0009000200001d85490c1baba20400ff7e28000000110affffba010000000009b356da5a80d18be34c8546c8243929db2406b20cd37ed01cc0", 0x4c}], 0x1}, 0x0) 17:10:30 executing program 4: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB="300000001800110300000000000000000a000000fe7fffffff00000014000500002ec1ddb6edd8e4dcd163af3c00000000000000000000000008"], 0x1}}, 0x0) [ 3297.761808][T21109] ? memcg_kmem_put_cache+0xb0/0xb0 [ 3297.823946][T21109] ? get_mem_cgroup_from_mm+0x128/0x2b0 [ 3297.829513][T21109] __memcg_kmem_charge+0x136/0x300 [ 3297.834644][T21109] __alloc_pages_nodemask+0x4bf/0x8d0 [ 3297.840034][T21109] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3297.846470][T21109] ? __alloc_pages_slowpath+0x28b0/0x28b0 [ 3297.852207][T21109] ? copy_process.part.0+0x1d08/0x7980 [ 3297.857689][T21109] ? lockdep_hardirqs_on+0x418/0x5d0 [ 3297.862989][T21109] ? trace_hardirqs_on+0x67/0x230 [ 3297.868030][T21109] ? kasan_check_read+0x11/0x20 [ 3297.872900][T21109] copy_process.part.0+0x3e0/0x7980 [ 3297.878119][T21109] ? __lockdep_free_key_range+0x120/0x120 [ 3297.883852][T21109] ? sched_clock+0x2e/0x50 [ 3297.888281][T21109] ? psi_memstall_leave+0x12e/0x180 [ 3297.893486][T21109] ? find_held_lock+0x35/0x130 [ 3297.898275][T21109] ? psi_memstall_leave+0x12e/0x180 [ 3297.903502][T21109] ? __cleanup_sighand+0x60/0x60 [ 3297.908450][T21109] ? perf_trace_lock+0xeb/0x510 [ 3297.913309][T21109] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3297.919562][T21109] ? debug_smp_processor_id+0x3c/0x280 [ 3297.926169][T21109] ? __lockdep_free_key_range+0x120/0x120 [ 3297.931913][T21109] _do_fork+0x257/0xfd0 [ 3297.936110][T21109] ? fork_idle+0x1d0/0x1d0 [ 3297.940540][T21109] ? blkcg_maybe_throttle_current+0x5e2/0xfc0 [ 3297.946615][T21109] ? lock_downgrade+0x880/0x880 [ 3297.951479][T21109] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3297.957741][T21109] ? blkcg_exit_queue+0x30/0x30 [ 3297.962603][T21109] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3297.965600][T21122] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.5'. [ 3297.968069][T21109] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3297.968086][T21109] ? do_syscall_64+0x26/0x610 [ 3297.968103][T21109] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3297.968117][T21109] ? do_syscall_64+0x26/0x610 [ 3297.968141][T21109] __x64_sys_clone+0xbf/0x150 [ 3297.968161][T21109] do_syscall_64+0x103/0x610 [ 3297.968181][T21109] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3297.968201][T21109] RIP: 0033:0x45b779 17:10:30 executing program 4: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB="300000001800110300000000000000000a000000fe9effffff00000014000500002ec1ddb6edd8e4dcd163af3c00000000000000000000000008"], 0x1}}, 0x0) [ 3298.017459][T21109] Code: ff 48 85 f6 0f 84 d7 8e fb ff 48 83 ee 10 48 89 4e 08 48 89 3e 48 89 d7 4c 89 c2 4d 89 c8 4c 8b 54 24 08 b8 38 00 00 00 0f 05 <48> 85 c0 0f 8c ae 8e fb ff 74 01 c3 31 ed 48 f7 c7 00 00 01 00 75 [ 3298.037080][T21109] RSP: 002b:0000000000a4fa98 EFLAGS: 00000202 ORIG_RAX: 0000000000000038 [ 3298.045511][T21109] RAX: ffffffffffffffda RBX: 00007fa14f199700 RCX: 000000000045b779 [ 3298.053490][T21109] RDX: 00007fa14f1999d0 RSI: 00007fa14f198db0 RDI: 00000000003d0f00 [ 3298.063118][T21109] RBP: 0000000000a4fcb0 R08: 00007fa14f199700 R09: 00007fa14f199700 [ 3298.071130][T21109] R10: 00007fa14f1999d0 R11: 0000000000000202 R12: 0000000000000000 [ 3298.079105][T21109] R13: 0000000000a4fb4f R14: 00007fa14f1999c0 R15: 000000000073bf0c [ 3298.079408][ C0] net_ratelimit: 20 callbacks suppressed [ 3298.079416][ C0] protocol 88fb is buggy, dev hsr_slave_0 [ 3298.098614][ C0] protocol 88fb is buggy, dev hsr_slave_1 [ 3298.109770][T21109] memory: usage 307172kB, limit 307200kB, failcnt 25416 17:10:30 executing program 0: r0 = socket$inet_sctp(0x2, 0x1, 0x84) getsockopt$sock_buf(r0, 0x1, 0x3f, &(0x7f0000000000)=""/4, &(0x7f0000000040)=0x4) r1 = socket$packet(0x11, 0x3, 0x300) socket$nl_crypto(0x10, 0x3, 0x15) r2 = syz_open_dev$usb(&(0x7f0000000080)='/dev/bus/usb/00#/00#\x00', 0x3dc18f99, 0x301000) ioctl$VIDIOC_SUBDEV_DV_TIMINGS_CAP(r2, 0xc0905664, &(0x7f00000000c0)={0x0, 0x0, [], @raw_data=[0x10000, 0x100000000, 0xdc3, 0xd9, 0x1ff, 0x7, 0x4800000000000000, 0x7ff, 0x3, 0x82, 0x4, 0x0, 0x100000001, 0x620d, 0x1, 0x4, 0x6, 0x4, 0xfffffffffffffffe, 0x26, 0x6, 0x7, 0x20, 0xffffffffffffffc0, 0xfffffffffffffffd, 0x7, 0x2, 0xd0b, 0xac15, 0x0, 0x79, 0x7abc]}) ioctl$SG_GET_PACK_ID(r2, 0x227c, &(0x7f0000000180)) ioctl$VIDIOC_CREATE_BUFS(r2, 0xc100565c, &(0x7f00000001c0)={0x8001, 0x400000000000000, 0x7, {0xc, @sliced={0x5, [0xf000000000000000, 0x9, 0x6, 0x5, 0x401, 0x4, 0x3, 0x9, 0x7f, 0x9, 0x1b, 0x6, 0x3f, 0x7f, 0x6, 0x4, 0xff, 0x2, 0x130, 0x9, 0x2, 0x100000001, 0x2, 0x3ff, 0xfff, 0xff, 0x8, 0x5, 0x5, 0x5, 0xfffffffffffff445, 0x3, 0x3, 0xeb8, 0x4, 0xf7, 0x4ba, 0x2, 0xfc, 0x53, 0x3, 0x9a3d, 0x2, 0x7fff, 0x448, 0x10000, 0x6d8, 0x4], 0x17f2}}}) write$P9_RSTAT(r2, &(0x7f00000002c0)={0x94, 0x7d, 0x2, {0x0, 0x8d, 0x8, 0x3, {0x1, 0x1, 0x7}, 0x50000000, 0x5, 0x0, 0x800, 0x15, '/dev/bus/usb/00#/00#\x00', 0x4, 'proc', 0x2c, '&}keyringsystem-vmnet0systemposix_acl_access', 0x15, '/dev/bus/usb/00#/00#\x00'}}, 0x94) bind$vsock_stream(r2, &(0x7f0000000380)={0x28, 0x0, 0xffffffff}, 0x10) ioctl$BLKSECDISCARD(r2, 0x127d, &(0x7f00000003c0)=0x5) ioctl$SNDRV_TIMER_IOCTL_PAUSE(r2, 0x54a3) r3 = syz_open_dev$vbi(&(0x7f0000000400)='/dev/vbi#\x00', 0x1, 0x2) ioctl$TUNSETPERSIST(r2, 0x400454cb, 0x0) ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_CLIENT(r2, 0xc04c5349, &(0x7f0000000440)={0x7fff, 0x8, 0x3ff80000000000}) setsockopt$IP_VS_SO_SET_TIMEOUT(r3, 0x0, 0x48a, &(0x7f00000004c0)={0x4, 0x0, 0xff}, 0xc) r4 = syz_open_dev$dmmidi(&(0x7f0000000500)='/dev/dmmidi#\x00', 0x76ca, 0x109000) ioctl$SG_GET_LOW_DMA(r2, 0x227a, &(0x7f0000000540)) ioctl$KVM_S390_UCAS_MAP(r3, 0x4018ae50, &(0x7f0000000580)={0x1, 0x6, 0x7fffffff}) getsockopt$inet_sctp_SCTP_STREAM_SCHEDULER_VALUE(r2, 0x84, 0x7c, &(0x7f00000005c0)={0x0, 0x8, 0x7fff}, &(0x7f0000000600)=0x8) getsockopt$inet_sctp_SCTP_DELAYED_SACK(r4, 0x84, 0x10, &(0x7f0000000640)=@assoc_value={r5, 0x5}, &(0x7f0000000680)=0x8) setsockopt$inet_sctp_SCTP_DEFAULT_SEND_PARAM(r3, 0x84, 0xa, &(0x7f00000006c0)={0x6, 0x0, 0x8, 0x6, 0xa8a, 0x1, 0xffffffffffff0001, 0x3b0, r6}, 0x20) fcntl$setstatus(r1, 0x4, 0x40400) r7 = syz_genetlink_get_family_id$tipc(&(0x7f0000000740)='TIPC\x00') sendmsg$TIPC_CMD_SET_LINK_TOL(r4, &(0x7f0000000840)={&(0x7f0000000700)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000800)={&(0x7f0000000780)={0x68, r7, 0x506, 0x70bd2d, 0x25dfdbfd, {{}, 0x0, 0x4107, 0x0, {0x4c, 0x18, {0x1, @link='syz0\x00'}}}, ["", "", "", "", ""]}, 0x68}, 0x1, 0x0, 0x0, 0x4000011}, 0x0) bind$rds(r4, &(0x7f0000000880)={0x2, 0x4e21, @local}, 0x10) read$alg(r4, &(0x7f00000008c0)=""/197, 0xc5) ioctl$PIO_UNIMAP(r2, 0x4b67, &(0x7f0000000a00)={0x3, &(0x7f00000009c0)=[{0x9, 0x3}, {0x800, 0x800}, {0x3, 0x400}]}) getsockopt$inet_sctp_SCTP_STREAM_SCHEDULER_VALUE(r0, 0x84, 0x7c, &(0x7f0000000a40)={r5, 0xfffffffffffffffb, 0x3}, &(0x7f0000000a80)=0x8) r8 = semget$private(0x0, 0x0, 0x100) semctl$IPC_RMID(r8, 0x0, 0x0) [ 3298.115378][T21122] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.5'. [ 3298.119791][T21109] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3298.134251][T21109] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3298.141107][T21109] Memory cgroup stats for /syz3: cache:0KB rss:88612KB rss_huge:0KB shmem:44KB mapped_file:0KB dirty:132KB writeback:132KB swap:0KB inactive_anon:0KB active_anon:88672KB inactive_file:0KB active_file:0KB unevictable:0KB 17:10:30 executing program 1: r0 = syz_open_dev$evdev(&(0x7f0000000200)='/dev/input/event#\x00', 0x20, 0x101002) write$evdev(r0, &(0x7f0000000000)=[{{0x0, 0x7530}, 0x1, 0x40000000000004f, 0x2}], 0xfddb) pipe2(&(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x4800) r3 = getpgid(0x0) arch_prctl$ARCH_MAP_VDSO_64(0x2003, 0x3) ioctl$TIOCSPGRP(r1, 0x5410, &(0x7f0000000100)=r3) setsockopt$RDS_GET_MR_FOR_DEST(r2, 0x114, 0x7, &(0x7f0000000340)={@nfc={0x27, 0x1, 0x0, 0x3}, {&(0x7f0000000240)=""/218, 0xda}, &(0x7f0000000140), 0x40}, 0xa0) r4 = openat$proc_capi20(0xffffffffffffff9c, &(0x7f0000000040)='/proc/capi/capi20\x00', 0x410040, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000080)={0x2710, 0x3, 0x2, 0x1000, &(0x7f0000ffc000/0x1000)=nil}) [ 3298.172171][T21126] IPVS: Scheduler module ip_vs_ú” not found [ 3298.182080][ C0] protocol 88fb is buggy, dev hsr_slave_0 [ 3298.187880][ C0] protocol 88fb is buggy, dev hsr_slave_1 [ 3298.196894][T21109] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=syz3,mems_allowed=0-1,oom_memcg=/syz3,task_memcg=/syz3,task=syz-executor.3,pid=25519,uid=0 17:10:30 executing program 0: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f00000000c0)=0x100000001, 0x1d4) connect$inet6(r0, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f00000001c0)='tls\x00', 0x335) perf_event_open(&(0x7f0000000440)={0x1, 0x4d6, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shutdown(r0, 0x1) setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x1, &(0x7f0000000100), 0x28) sendmsg$TIPC_CMD_SHOW_PORTS(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x1c}, 0x1c}}, 0x4000) r1 = syz_open_dev$swradio(0x0, 0xffffffffffffffff, 0x2) ioctl$SG_SET_RESERVED_SIZE(r1, 0x2275, &(0x7f0000000000)=0x4) syz_genetlink_get_family_id$tipc(0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r1, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x3, &(0x7f0000000040)={0xffffffffffffffff}, 0x111, 0x7}}, 0x20) write$RDMA_USER_CM_CMD_ACCEPT(r1, &(0x7f0000000300)={0x8, 0x120, 0xfa00, {0x3, {0x4739, 0x6c, "5594e8835eafe81720baab04f390d5315f60a11fca83890c38a5d3ec8ed9ae167cfc13446b76317dd7db3ed74cbcf297bfe58ea36073913d2b8ad545708d05ff026026db1cffaa32c5b3a074bfe082a7ec2c9bbb602cc52b4a2314fe97907780a390dc8eb6c4e0bc9e282a0030612d943fd40680c09bf26690daabf49dcb3d6583febdc85d62d913ee2aea53c5ee7a7639b061b22c650e03559037c0ee05ab7c534372f9e7f1d1e8f3f1e059100718f0f9308cbd6e2968973c99b81ac163a7b074f75ddfccf88963dc9843029cf4e6aabe0e5bb73b4d16a6e922462d0a4d4d72c5564429301209bac02b4d111508d9fa5ceef08833a0f5008c8bed3d5007b4e8", 0xe8, 0x8, 0x57, 0x6, 0x9, 0x80, 0x5, 0x1}, r2}}, 0x128) sendmsg$TIPC_CMD_GET_NETID(0xffffffffffffffff, 0x0, 0x20000000) [ 3298.231274][T21135] IPVS: Scheduler module ip_vs_ú” not found 17:10:30 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = socket$inet(0x10, 0x3, 0xc) sendmsg(r1, &(0x7f0000011fc8)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="24000000060107031dfffd946fa2830020200a0009000200001d854a0c1baba20400ff7e28000000110affffba010000000009b356da5a80d18be34c8546c8243929db2406b20cd37ed01cc0", 0x4c}], 0x1}, 0x0) [ 3298.276505][T21109] Memory cgroup out of memory: Killed process 25519 (syz-executor.3) total-vm:72580kB, anon-rss:172kB, file-rss:35796kB, shmem-rss:0kB [ 3298.372463][T21149] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.5'. [ 3298.492895][T21109] syz-executor.3 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 3298.505622][T21109] CPU: 1 PID: 21109 Comm: syz-executor.3 Not tainted 5.1.0-rc7+ #97 [ 3298.513615][T21109] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3298.523657][T21109] Call Trace: [ 3298.526951][T21109] dump_stack+0x172/0x1f0 [ 3298.531268][T21109] dump_header+0x10f/0xb6c [ 3298.535674][T21109] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 3298.541464][T21109] ? ___ratelimit+0x60/0x595 [ 3298.546037][T21109] ? do_raw_spin_unlock+0x57/0x270 [ 3298.551138][T21109] oom_kill_process.cold+0x10/0x15 [ 3298.556238][T21109] out_of_memory+0x79a/0x1280 [ 3298.560898][T21109] ? lock_downgrade+0x880/0x880 [ 3298.565728][T21109] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3298.571963][T21109] ? oom_killer_disable+0x280/0x280 [ 3298.577139][T21109] ? find_held_lock+0x35/0x130 [ 3298.581905][T21109] mem_cgroup_out_of_memory+0x1ca/0x230 [ 3298.587437][T21109] ? memcg_event_wake+0x230/0x230 [ 3298.592452][T21109] ? do_raw_spin_unlock+0x57/0x270 [ 3298.597548][T21109] ? _raw_spin_unlock+0x2d/0x50 [ 3298.602382][T21109] try_charge+0x102c/0x15c0 [ 3298.606865][T21109] ? find_held_lock+0x35/0x130 [ 3298.611625][T21109] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 3298.617162][T21109] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3298.623408][T21109] ? kasan_check_read+0x11/0x20 [ 3298.628250][T21109] ? get_mem_cgroup_from_mm+0x128/0x2b0 [ 3298.633790][T21109] mem_cgroup_try_charge+0x24d/0x5e0 [ 3298.639091][T21109] mem_cgroup_try_charge_delay+0x1f/0xa0 [ 3298.644715][T21109] wp_page_copy+0x408/0x1740 [ 3298.649300][T21109] ? find_held_lock+0x35/0x130 [ 3298.654058][T21109] ? pmd_pfn+0x1d0/0x1d0 [ 3298.658288][T21109] ? lock_downgrade+0x880/0x880 [ 3298.663126][T21109] ? swp_swapcount+0x540/0x540 [ 3298.667889][T21109] ? kasan_check_read+0x11/0x20 [ 3298.672736][T21109] ? do_raw_spin_unlock+0x57/0x270 [ 3298.677861][T21109] do_wp_page+0x48e/0x1500 [ 3298.682276][T21109] ? finish_mkwrite_fault+0x4f0/0x4f0 [ 3298.687649][T21109] __handle_mm_fault+0x22e8/0x3ec0 [ 3298.692758][T21109] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 3298.698293][T21109] ? find_held_lock+0x35/0x130 [ 3298.703048][T21109] ? handle_mm_fault+0x322/0xb30 [ 3298.707988][T21109] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3298.714222][T21109] ? kasan_check_read+0x11/0x20 [ 3298.719066][T21109] handle_mm_fault+0x43f/0xb30 [ 3298.723830][T21109] __do_page_fault+0x5ef/0xda0 [ 3298.728579][T21109] do_page_fault+0x71/0x581 [ 3298.733067][T21109] ? page_fault+0x8/0x30 [ 3298.737289][T21109] page_fault+0x1e/0x30 [ 3298.741421][T21109] RIP: 0033:0x40b828 [ 3298.745298][T21109] Code: 00 00 49 8d be 88 00 00 00 48 89 ea 48 89 de 0f 85 dd 00 00 00 e8 38 2c 00 00 8b 05 e2 c7 32 00 48 8b 15 73 4c 64 00 83 c0 01 <89> 05 d2 c7 32 00 89 02 48 83 c4 08 5b 5d 41 5c 41 5d 41 5e 41 5f [ 3298.765409][T21109] RSP: 002b:0000000000a4fb60 EFLAGS: 00010206 [ 3298.771465][T21109] RAX: 0000000000000003 RBX: 0000001b2e121c1c RCX: 0000001b2f120000 [ 3298.779448][T21109] RDX: 0000001b2e120000 RSI: 0000000000001a89 RDI: ffffffffa38e5a89 [ 3298.787416][T21109] RBP: 0000001b2e121c20 R08: 00000000a38e5a89 R09: 00000000a38e5a8d [ 3298.795375][T21109] R10: 0000000000a4fca0 R11: 0000000000000246 R12: 0000001b2e121c24 [ 3298.803332][T21109] R13: 000000000032545b R14: 000000000073bf00 R15: 000000000073bf0c [ 3298.815610][ C1] protocol 88fb is buggy, dev hsr_slave_0 [ 3298.821532][ C1] protocol 88fb is buggy, dev hsr_slave_1 [ 3298.827577][ C1] protocol 88fb is buggy, dev hsr_slave_0 [ 3298.833432][ C1] protocol 88fb is buggy, dev hsr_slave_1 [ 3298.839324][ C1] protocol 88fb is buggy, dev hsr_slave_0 [ 3298.845258][ C1] protocol 88fb is buggy, dev hsr_slave_1 [ 3298.853753][T21109] memory: usage 307112kB, limit 307200kB, failcnt 25430 [ 3298.860851][T21109] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3298.868790][T21109] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 17:10:31 executing program 3: openat$proc_capi20ncci(0xffffffffffffff9c, &(0x7f0000000540)='/proc/capi/capi20ncci\x00', 0x0, 0x0) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100)='/dev/net/tun\x00', 0x2, 0x0) r1 = accept$inet(0xffffffffffffffff, &(0x7f0000000140)={0x2, 0x0, @initdev}, &(0x7f0000000180)=0x10) getsockopt$inet_IP_XFRM_POLICY(r1, 0x0, 0x11, &(0x7f00000001c0)={{{@in6=@loopback, @in6=@ipv4={[], [], @empty}}}, {{@in6=@empty}, 0x0, @in6=@initdev}}, &(0x7f00000002c0)=0xe8) ioctl$TUNSETSNDBUF(r0, 0x400454d4, &(0x7f00000004c0)=0x9) clone(0x802102001ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) syz_execute_func(&(0x7f0000000000)="994a2ae92c10964c0f05bf03000000c4a37bf0c50141e2e9c422e9aabb3c0000004a0fc7a4ea70db000000000f383a9e02000000110f4e5bc4a265aa104b26660f38091e2fa2631bc421045f4607c421dd589fc4e10bf8e426f2f045f619640f0f6f43a038fd52262e2e66450f7d64c60865f2ad0383397fd3ff3a0065f20f7cd8efa1a12ad764d38f53efaf6766f2ab440fec3f67ddea660f79cec462b1f72ec3c4899294d800000000000fc4634148f70000c2a0c10b00cca27a0e0fc442cd376d000f9f3c6436b2aa66450fc4650000c4e39978c104d9a1e8719e70ddcdcda2660f38346800c4e3295d4c3dc8a3c4c1045ccc7d75c4426507af0f0000000f5fd25cf3460f2ad0f30f5ea5a9a50000ffff660f79ca553131b83a00a2f1fbfb766208cf") r2 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000300)='/dev/qat_adf_ctl\x00', 0x0, 0x0) r3 = getgid() getgroups(0x1, &(0x7f0000000380)=[0xffffffffffffffff]) stat(&(0x7f00000003c0)='./file0\x00', &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) getgroups(0x3, &(0x7f0000000580)=[r3, r4, r5]) openat$cgroup_procs(r2, &(0x7f0000000340)='tasks\x00', 0x2, 0x0) ioctl$TUNGETSNDBUF(r0, 0x800454d3, &(0x7f0000000500)) 17:10:31 executing program 2: clone(0x80210a001ff1, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$IP_VS_SO_SET_ADD(r0, 0x0, 0x482, &(0x7f0000000040)={0x40011, @empty, 0x0, 0x0, '\xfa\x94\x00\x00\x03\x00'}, 0x2c) 17:10:31 executing program 4: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB="300000001800110300000000000000000a000000fef0ffffff00000014000500002ec1ddb6edd8e4dcd163af3c00000000000000000000000008"], 0x1}}, 0x0) 17:10:31 executing program 0: syz_open_dev$sndpcmp(&(0x7f0000000580)='/dev/snd/pcmC#D#p\x00', 0x0, 0x0) r0 = syz_open_dev$binder(0x0, 0x0, 0x805) mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r0, 0x0) 17:10:31 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = socket$inet(0x10, 0x3, 0xc) sendmsg(r1, &(0x7f0000011fc8)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="24000000060107031dfffd946fa2830020200a0009000200001d854b0c1baba20400ff7e28000000110affffba010000000009b356da5a80d18be34c8546c8243929db2406b20cd37ed01cc0", 0x4c}], 0x1}, 0x0) 17:10:31 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) r1 = socket(0x4, 0x800, 0x10000) sendmsg$kcm(r1, &(0x7f00000000c0)={&(0x7f0000000140)=@nfc={0x27, 0x0, 0x2, 0x6}, 0x80, &(0x7f0000000000)=[{&(0x7f00000001c0)="d871f9cdbc594421ea616d7e546a8633254e2eb578c8d6270b376f908afeaa6088cd24a43362c08dc0db59b9855a2d5b1945cbd8bb2bb2a59852ad0fbe3a0c9ee37e471a435a9ec10c8b5afc9fc6a54f651c8b0ee1cf79fc5509e23f8224eaba79b6c73b676b748afed453d4fa4cf42cbc7bc07e8f01733a1e6208a0f76b2a32c8e0e22b1c2f1aa8cb599b0995b972ddf8bb67fe731b0f30469e4b1d5374b57cb74d3f760d0f6d5774519b7aef83144372ccb887269d88c9d1511b8068c1533798bb42106ed056", 0xc7}, {&(0x7f00000002c0)="ae31fe8b4b35e58799e1d3b98b683704977b4bc24caa7aed685ca1a40e19cd22cfb88b69026c7dd4a8430b53d337799cb2598b5fd3afcd94ac88d78e7b6809c59fe2a02ab7711431f2ebe0b9e8362d1940cb70449af45a087364af072a631d538bf59ae247bb6a26e1062495270a9476e608446a7b17894fd31862e5c1b66c0c527c490e0a5ed63b", 0x88}, {&(0x7f0000000380)="943fc7f286b956047bdfa237d4dd277ea8e28dfb41f6ce76acc1d2b1dfb94d7933b63c45594b3540a0aea99209249fee76a2c1c0975b97820bc41e78512d048cbc12026a7fcee2ef556c592a6d843d7cd052448ac59fde8d0a5ccc16f68c24811eabcabb37272d4e8ee34baa4ee36670d2e8475cbc86", 0x76}, {&(0x7f0000000400)="010d74101c8f7085b846418b104db184e593b16d5a88024844646486be5938402445319b3000f67818c797df9d978d833fcdf9ec67b7c1a8f59a24b3846b40c53059a2f7264b0dabc58f3a510f99777546a48361c7cc3174115f677ed536033218eedaf1e9d37ae7a4516484a2a8ca5b58d64b960d6a8c608e78e75db039ff0e4228b6d7a62d6ae21e91e4162141908ad6e2cfcf095e08bab6292860050ec18aaf05f0668956f055cfedc46ad281cc210d4aa0d584ecb039c177189e13d1906efbc7ef5ee2e0cba11b3b146ea71ad18faaa89dc06c715e2b7d1e8dc47c6da995a4d276b57c660cf6cca74e6c0422", 0xee}], 0x4, &(0x7f00000005c0)=[{0x1010, 0x13d, 0x3, "0b217943bba0c76bcd7267e40d06a9655d7e93a920caed563c39bf8b2d84a0dd94a6062362de4f196ccda311788a02b0a311ceedbcdc9271123e1063d08d1833598c1aa2c7b199b2738d554971c6ec3f33ec2c93fcc914e508951c642e4417e8830e24c2ab2c2c1d429a86bddd4864fef921f950dd92db434d8b7889017174333c2e11ccc7d5aaf4da18bd6097071499b63b99d3be0fbd635f7dbbe54a285783f8c26c47fbea14c2bbe918f1f1e342692b75525b7f0a0d63ca385d1bb9ed414f606d6414dc787081dca881d74455edffa7573c0b858517c27744c58c57884766eaf028dbed80e33f6fe2059df270a4471b80e98837dca654ddfb0eef83c8e9453b7bcfc44a76b63c2baa274732ee04ea444bc227ec4eaaec0bbbe90aa6ce9e04fcdf8a58c8991b1b5bc9f5d18d97036ebf84fb737d8c4cd357e99df656034fa28f311c2bb9d3d21f96935cbc2e8bc43f60a81bfeed72ff7c19e3603d90cd827366b3da2ea170da3074781ad5ab70cf283534920a565c9986a545e3ca2142ce225831611e950f2e0c4344049050985111cbcab1509ac1c111ac9bc0b2fabbba9905f700ca2c6107e4ae6c288175847a671c7037b3ec7f4cdb8eed5e29515862189f2fa76b495afbf7374520016c1d71e3f82bc8bcea280e7eeb6909104f2bb29e38a7657e343c5cbdf0e126e41e3b9e69a87b7affbebd50ec9e789dbbc71bd0aa55dc0a988e274230aace50dedd4833bbc6079cdd0eeb4b3b28dbe4e8be4a8d17bcd4babdefdcac8ccdd65c0546ba3c451ecd6f35006659878cb9f473ef1b5c80dc69199f45f342c83a63df6a9da56f54c591a9e1023cb0041426890566cd9acf61daebd79eb5ddccef81c76e433a33e0f2f95cfbf88fc71669330447594c4d64ce3c58f4e9a575065449575b5424f37234261f1efa2880414a54a8d51d69ccab9de56c78023474359e01e53278e7faee86328bfc9441460f79cbd157c58d6cfd754132e2df199c8f7615aa3c71b5575b3a997f85fe259d4983afce2173e051ae110af89092941ce896a9c9a01764c569d9d27a248ef19fbb3bacc6700d76be972b15c376ead27f0cd6b66a8e9f0a84fc1fa7388aa39c8b0d6908e909cb1e9893282a1c79557f6d28e3aab3283eab4a346ef8e03f42079e23d09263b38d8d21273547a95db6e3a5c9699257e7e394627700c6f2507bec471fc34853633286eaaad09556f458b879dcaf3b6dbbf36bb7df1b2302d82549a1e888d88b6d3ce23e2fc07c51259513ab22df5f0591df5dbb0de8caafd5803579cceff23fad5fa4c682a45152d8f2cd4717d4a610d661e1a82d53b9e35aea01b08e18ff3f7600fb5a61a160602d6d6e71bb8893a07dc795b5a131084c883f79a042d459dfcc7e40d8af8d9bb715942c31e18d883f1fbac4f11c78c35b925254a5c983575bc35cd2fdca61d99ca68596d54e28642d3bf487dedb0763c8b0f536ae0ef934dfbbe70122242cc71382e49e94c252890955273c0290bff1e706a163fd5891edbb0354f14983dbd477147c9ec58f05f77782ef2cf7c9a3af46671a06d04342064e1f02b43fb7540b5e8078be1df2ee142630ac6541b0b26c7265dfa4f3a1b894242b06818274b4d5e1f1b4d2d66ebfe5ddd12879275dfc2fb1518bee9b37dcd4d2f5ac3bdd97760169f5c8c3feb330cf5cdc53cef98c144d335415a3d15b3d5dac77a4fbb00a073e90820fc8cda00fe06d83b033db4c5bfe5c59bc3485dbee8cdbf9c915f984de89fd352eb47ff48b2bb534f072b20cd6acbab23d146e7b35365d5c8886708f02e43c5dc7c78944cb6889d4ab56c184fcedd630e7cba54e19f9bbf3c86185531d3a45a7c992c52524a47150713e5d5cbdab4d11a781e7177121aa7d3679ea149ab7827a9abe4b94025a8dd367195b235556f806061b59003bcb6784f8aec323df6725313a9a13a6faac95ed2987b05f5f8c95021c03cb86fad71ef14f44f96adbcee5c7e54cccd74c6bbd63d750b6f16c941523f853f6a60122996b5f4aa15da4a58d673531b804ca34bbb6890eb3dd5d6952e5e210e2c2fb83328f633d79c9216b428b0c8e7f8197ab19a0e25cdbcc2e0917b5ccb1b156799b4ea965ee629cc9ad23f26c6757653bf31ebb568423e24e8d5f7e6ba7816ee7cad914d9b7f4575e2885ac7f852b4222450dbe3e31b3c349e63f275e7855a2430ade89d005b863e45d1a439f59862ee2b97683887e03b65b69c3852069d49a7e0470f0914aeeeaf875c0e13ed863759fb1406542289563d7f54ad4ce4088cfeb5d1ee9a565e4bcfdf2fc7d9cdb6a826468075c0cd68aca86a7181b68e8a90cdbd9687dee4cacdc27720f79a0b0c61d0f042d452e51d4b85bc2d5872be3a55ec4076e115421d392c6e4a991c1bde2fb9d79a488975713440ceb0da76e0575fa0b1853be6ac9c608e9bce9caa3ff02d0d721b4def4a4ee2c3693d0223000303715bcd61f2165d08fa10ffbcb88a220703b566d77228c4c5fcb7bffafe1079f34390ee8caf7331c9ae3b88327416a5ab23d44a72ce3d34309a4917d9b4f51e069a0cfbdb1baef3bbb02d9694eef2c186483b08d8ebcab52136141b6d778243575babdb340998203e140589ef139a05e60c6343861624457c597b327fef6ac5498abfc0ec8ebb2b897471452129b588553387532c94067e9e1a9d322e449412a837b205bd0bd912aa705cc4fe1ae2e0dcdb14c2adabc4ba86a887484b6fb88c8383eba8163be18666f70dd3c70467778a7b852dad62baf4528e8bfeaafac1bbe1dc605fd9d365a7af2ac321d474281ac6fa6a1067d461b2825947ebe06ce6e85fca8f5130323ee0fcafb1c5bb66ffcd87da3d21fae6fd7573d24b632f41e7e492193d4c1cdc1c4e9f10558e334e0990c6a69f5c472d9aa117903359d6638232c553570d30a6a5d9c6474e61c8a29cfd27814b96f9f0d95bb69c4198f3500a1829100d25af37d1f471cc08533233fd0897069d87909c4bd64526f9fd60a98bb0e462a9f491218569bb5ee1c60a68322ef77deb8ba4cf99f75017e873bb18af0fbc85d17ff02cff8cace3fc417c23ed0700d3df2a3e44ec1488511c851704b83c88cd1213cbb24aa36a1df4955c28f5efd68e97e1fc38b547b3e64bbb20bb1ce476305d63c803c106c421be53d868b179d2286ce610a74c025019ac44e8530ec8e87490f1ef5c9f2f84f97a3f85fb7948c9500d53b4255f7a76b8cd0a38799155b9d8512e474d043691e22cd47f4b10179e69a385c5824d509f6dc1200513a56931882bdb42f3b9fb2fa36ed0041653af40377ea4fc8af5989d3f844094d8b5a07e834ebd99005de245c78c0e417d72012bde86d497d7fca7e1397bf35142bde04c37f52a3703de057480af3c71774f26d4c8ad1cc2ce55b603f466bb7b0f8648b90469c69743c355a77dbe7d62bdda2557e79eba5bbae210c2b10f69b90e673462acbf1323d6652a288deb0b98b10aae38ec10a829f007b70cd5406474b6fe3f7a964f8470b7544ecc352b7cd4e6436217fd937a07ce726f116153dc986c8b69b1942e19e1f9b9e682acee9a6fcb33eb93fd474e9da41725c81c31c5af4e780cccb4f8139fa5bbb661749c941e9ff11bc13ef60e91023156c52dd0c7df4106f1e40ec98d593b39fc7b529fa5a43d3e6c53aba893afa4b64c44779f5f3ceafeb369df98bee72b7be2385ef54fb784a63d7abbb549a49685d1c4913abb403962141a591a93a0a4169bb836c7af415ae38496eb944c47c1a4e5a5b7ea859ff3ba048a3bc5edc368a82c0d42663f6e17fcadca04ab53b770af79e1f906a1cd6cc5f345550d3de23dbf63dcdb14419da6070e4af0344fbf7facba41128b5ba52461ef00d2e0a1c9bf69b305feab5accb6d5f5ad6611f4440aaeb456a4b8d68573f5ffe7f96d83a6f75b1f530da2c00075738c3d90ce6c5ede0e32479f32059f27f7bcb8b6111300d8577133bca19dee953e5e8b64a6e45c44ed6f9cbd3fbd5f2b74675c2ea2be02620905787371a92080cad92a50e4ea24a53d8a06279787f8b2f616e0f4ad87e04ec43b35ceb7154ab623c80377234cd436a5e29af5693dc948da5005cbd9fc86a8cd27b3e165ba066040f08dcdded025fdf4a6098966dcc2e6b4251cc2b6d73001ccd4991487ee9be3a30a4c08d0c278b8f1355b9192fb0813b87b3118b234641552f5417df7582f4f6de1d1cc39a505eed5909d58de65945b965346301a7b438d75213af04f0cd2e45b46a7bdffa3702f656da77cba265a52ff9efa172cb9481750463215121b846fa94de786a3c94e89082dd062676bde77b9d638eca3f242c3f836c0329acab6a9c630a8c95e3b03089f645684112644ecd4b8e4dae917abb093b9a4c82a14a3928d9c64ffa8aa8c84c12a66dc500a15bbea7c7d586ad6d3ee8bc036f4c207532cae9a1428333b3bf7649c4777845663c2b2f07cfb9ab2e28ffd0757279977ddba64ab8f0bca7afec80f824584a934fb0d62350f475b380b6fea7008992f1b09f15317d0b556567be65e015c2863c4d99aa71ce9d4b7c7ede49b398450d14a8fae413326e66256caf9e717867c3937918153884aec6fda492c8a8dd764f81fc077e03d3eda7c624cf8732ad92585ef009cf8d5727d9bb31c184b72a01dac184e4700c993956ae439e781423f48b6ef785a62eea2f4b49606fdece4f8f4a40511d575f4c66d2c5361ef7e49495b8e4fff2898d703897b27fa6cbb955301deeddd2ae2821f06cf3d224a74ea6e6d9ebf9899927585c2734f91d7a4242819ac508f9938180d4bc4c9a4e210d36f68fa612f4ad95740254b34139368a848f91572fb92113e5513eff707dfff99b496e4e8934211c0ca31c9dcdd07cd87f5b73dd9b5b5e68c85f4217fdd48f9f0a7a02117de0018340c7e3d36a5402183d0034dbe8afd52aa840d219c0e93c7362eed8e9a9359fe570ef0e2f90f98219af8ec263f97e281d15629cc95d84dc284074e31bb0684acfcffe5a1bc6409cd1c3f611421c2a3a744ee5330147c1d5d97043318b42c06b231e245d9df099cdcd2c03690e63ee64c34aadc99ca84ec9e8a3dc75a4860b838bc34e0d87fe0e700b949986861244a7f3095032ceb475fca63020d283930dcb9dc994bc017448290a6ff7079231f31e779fc399bb1c8aa0584869f757ac8396f6104a13e078d9d18e105fa33b10af57b7210ae604e3ca2f7cf3c6a2f6a5fd04b06093e2b9ba79b89a451eeab888b20ee76b072dc46519e22345455c15385a03253e4f0cb055e691920e569a774347c9a2c6c3fa9792e09ec690b5469a1714dedcfa62ec0042bfb9b2e6dc8655c44f7f58d62d97be1b11f2a672fa211213cfa178128a151d7f5b2cddb2d36593bbc599c7da2464c2d92b21b29349335edcc79b08129a61b2df91746e1f7d57d98527d39d91854aca4c8e0b4534ef96e2277926e87211ab6e2e70f6a65ef35e72ab040e57796b14315686401e9decf7768fe2d2fe1be30c6390382d27a70be15767041965d7204300a0ed5c4dfefb66ff17d72209a7eb0cf92bfb59efe792aa497503e3e35de3104afe70be6623c943a22d993dc8f0b8bd65abae8385ac11b57fc8542526a1cd86b4dd61c85e801f09e34121d96644933c27e2e05b25a4e00a650ecbdc83fafa9ba6fe77f3c7899dfcad6cf1dc3ea51a773bd0c96b2256220c75533927c42d39615d7e42b955fb542b0f8ae66c8cfbf2ca648e98e97202e6d7bd6e71386ad755a213f20efa3657b4e4e374bd48da8ebdf7ce17db445eb2c7"}, {0xc8, 0x1, 0x1, "219b1b04d75df767000f250c448da0b4dbc3cea8bbd4f75290604f973c4a0eda09f20b98371b410e0edaf5d3dd55d386db72f3570415af2f14a1c95620e34fe4532565129d6ad9962417d327388a34bd33996eba8950680acaed7c9b6cb77088b447f4e3fccc5d363054f88fa7316b6b0f596f7b5200aa4f56e7d48d4619228771dba854b4a67f94498d94f1efbb5ecffafd066b385688b13bd760997929dd4e59b28238a38e9b37b6e9a4c2edce0dda1480d0"}, {0x1010, 0x0, 0xb1, "8b1f5a0600455ee9f818b27258ea885710f21bd736ddfe73e60db3c198ced79429b7307d70bb2eb75ffb0f18719776bae405f8f983a1098cf12b272a3d600e9e885589afb5a2d513f8613c30ed8eeca636e5f6e155cdeab3e34d2c508f7de271245ed0ecb5751bb5f60a666002c8a9c6602c59641fe84b0a81d5cad374bdad01ba96600793a5eb4d480e0bdc3dd268bb4501c3e499d3311bc1b31c4beb71b9bdd5ff0ac2a5b3ef78e64a314314640d7d62deb7253e9b41f02bcfe235624f0812469dc1959a8d193ff721df38b9d3a829268617aa08cffcc087d6fc4da7f9c90ffe5f6fe859536a33bd87c912f969406435d779540b721f3639e4acbacc8820d0de58d9843e3629cd6bcf06a5998c99b606f1ca098a86f2709f78e006987e8b56ddc5d07d9f955d1e7dca4fd59bff136ad0519910d995600fc1c409dbf4f59171568a046fec4b2aa7889e9719067c052915c426531ad8f8f7206eb57557b1bc25079363389aaac93fdef2d813bc1c79d53b89ec68d52878018db479d8986da0fe68731e685f553fffef6449871c4e4b6bf989ad3c4cf158b272641cbdcd821b4c6e669ddee970302983c2c241572fff5971b0c2d86b6088e7cb76ab81da50af1b586bd1c2be76b683fe3aa9d80940a5dc98210fb5ed9ea2c86f0cc2a98edab7f80d7aab7cbda639d656aceed075df84fdcd32f9dda2e3a3d23e877445ad6620b1edea1f6e37083e7d6d6a39a54a73ba8b3beeb249009136d41dc2b6db33dfa6bc3e78cd735e3e2c7104e90575f88739ea25d8c2d6e9d7ebe5cfb8a2af6e1428f0b929031c487d24fc4678adae9ee1c39f4c6b0bd475f072577f95fb5bc205c5914870ca269879c1f10fd3e10d5fe009cc18236a9915991eb04d92b471e194b0a28c6c065c2404dfd7fc9dccea700f278404606ca20969e2312b168e87e72bedd3c0833962de22055114ae940a4bba2851326548f2acd4241377af1252bf3aa124b7419d784e87167ef132d7ae4a84161048b1d0f0ab09813758c90d1e95b6416072f929a25bd8ecebd67ae8007bf795fcf9d05f4550efc1fb8972f7d9412e9c59fdd7f59e91925b8a1d6fca88aabae4838fa40f5d0979f96a4c50a09bf553860029fd844cd61ad12ef5fdfa70afdb08cc435522d5425bfeb4480136ac6fc197384995c11c2a530ba86c99cb9b18af795ec8337d0f8e68b45ee0f3327a37beb2a2f825f04a0b9fbede26863b94e85cbccc83137a54ad8ae96169f0d97a8beb37e792e8a10a2f73b79c7a9c674f70f4ff81f3267ce0f28414a09c0679c1e002817e0f08d059ed33106ad0c3309503ec540298e7d6533ad71925bfc923ecbc08df30e4959ee29d7614020650c2cf6e3810ddada3aa73a0c688a3326b0a6f1ceb837f8366193045eb09709ba2502a6ce1223be91f357594b38b5f50f337b6829643046397af48b5811844bd4cb44f0941870e09bfb061ff19792701c9f1a5d85ad63cef6166cdd4c0fcf7a4f629a9db9a2f1f2238b371eb79e3403bb7a6894b66d31647eed2e07c7c31556036d1ac8cf3bf656a427263ffce264930e1df790139606649e7a2b518cde522c81a997ceef14aee90aa6ef0dc4174dba0dc616e748f18fa445086d893d9fcee4a6f66d202c5d55dbf54be8ae21a5987551d4cd66399e5b9aaf742c55e17805a194ab517a3a3a2cde91bdd464a608a8f00cb1ff39ac97e9c73630e6fcdfbc829f8a1d783cdc5d5f7544f2fb47cbc266194bbc1a4631fdb9c49b400cf77809e8541ff567b7f446f87e0f0082399271d34872a29375559b4e3be2281139799049f0de4fe8370abe8756aab8a5c1cd99590f4d09e738aaa653e50a638fee816986b59d8773c2aef6a1feebf5112d755f854c0b214bf5f1dfaa2184bdb0e4ad865baba24b82180e163cde7a63423cf3d78bac7571013da294cbc3d60e104f55b5943b9fa698934e6bcf00a5844ab2e1137327368b58ed074f173ec15f7450bad7069d89b4d114a7d5c5b506725c933928e44ef811bd59499fd1ff28171e9deedc3c62120b86585ddf7adec2807d02e1275614e4bc4ecd655469af3d965e8e6083eb1163b5f074f569601b0edb7bbf9b65d321ad21b636e05ac67e0f5595e273459a1fdfc0a329963a0cfc2c695f2538c213a8cbac0367d00c27f90b04af657a992edf8b7c02d24a95c4dca9576bbebb1bfc46931d1ba8b50dccc0b088e28d330dc9be0b79f0dac9a8813e2fb1ad9c570bacbd664489427ad6eee8508f097fde0c694f611dc81a08259e4c24dc170c1d637b5adf2da3ab8c4e5c76596eee9a4e88236077ca71a546137567ceec1e01d6f825a0daba042e30b22ab517126186c2a09db289c119129ff9314ac9f87e2bfeeedab217f2498771e93a34a2248a24664e7ee7bc12da8c853ff686265e470b80437f3a70099ba9ee64340948edd209d14353d7be8c8b2dd2144d74562ca41295ae3df8e78a9d4976851da5137c64b94f5a5a7a180a51d2844626cbc9f803b7981bcaebe4ad26ecb7f1c4ac6058cf309d4e73a8441d264d91fceab9b6df79456e13993b817aa5af7a246d0b0d80443b7b4dbb86541b59f7f6048311c3abc0be5f9927157a15c032c8737d1c7e2ca925963f6fbca2ce0c8d897354edf8e2b89bf1b154dbe204832db556517074361590ac675459aab764be6a03a4f73eff30bc339787606a5ef31c5b9a088fdb5ecaaf7b6dadc3385e7ca324e2a106ba383fd6e647fca8e3d5c71af24a2ab5f88add1ba25a8a8cfd9a1a579dbeb7a497f4517dfbe1faf468cd407d115103cc94369dacb1148f0ee1189cda05ad64d99d93a0c31d546a8a631769826cf9530ec3ca7d5ef99c3bc7adb89f451f3c4a1427700f9de223a9529bd5639b7266355ed2d885e293c47ddcf77af574bc22d0973ced5ba067f363585492ea8b920bac1850055de9c95934fce181ffab18da4f7be6893fefa14e7f68b80a423a42bc828267699e4403e9b906d61d3f566cc56fa975cd51e1e7a9e82b58b625dc99a16c5ff2984823352080d057e4d6ddc38a330ad7eff4c0bca8adf766c66029bc26d45570218c63c9fd5592ea6b39bcc4dcd8283178eb21bb181b0417c190e78a03caf185b3a81de34f876db6abefdf4080864f821f86fa7f2db569baa1459695fa251113868ea0062f4262beea72869086b8c2a8b2487494d6c559b8f546dd8c30528bebff2a6363bb16f44b8c3a098bae341cf731f67c3dd45e53c9f740112e5960fc38a19475ec511b65656651e8cb68fc5bad29d41636030efdd68324d3d8e02c19750ee73ce3bbcb11e4efc0ccafef7ff234f427f39807421c778ecb6620368f52e84b428f4a0bc8977309dcd67069884c7a7b21265fcec5ada3fd09e7583171dff2350dff205b523c487ef3c7d9746b133f7bddb646ce5c124b0d9440f22085309b1c2b701e782f0202b0be563e4f38a80140dfdc0cf102cfb8aaadf23041f94654da9e81511ac4cdc2144f1a5aeef1b3e44e5f99cf382b696249d9a525a2010a85a7a02351d37750211f5fafaa3af154105442b2379d9fbcc1b1f6ce20990684117351b3d232a9fdb835986bc02d471cb41bd610bb6053fada12a73c43a6543ca7d44da8c6b8515bedd44eedcfe5fe08e09a2f9057e7558422a5e37349df3580924ac6952ac511e016736d3a814dc9b9bd25c204815e363e395e723db5f2ee33ccb243218fd3deffc516c3ea926a4ab6d2f7d924b2e35e646cd6954f3cb5b85b25006db4faddabbd289971c61a28c8aecd5de565e283b3b6cf330a95c3858cbb288d55a70f7bcb4d943aa8bd1b31ac6bc9dafbdcce8dd0d70c54faf112b0d1a0019f84e3b5c5f7d8ecf7f11ac7afeb6f13a6bc762b49461d83e7e0d8cbc73ef45c3c6184ca4008835e39179d2f68acd8fa8a786ccc0fdade2681391bd68e9071759cb81cbf9d207a180b6ecbaaf8c147fd0ca50ccbfd36b1cf492d227f9b2edcc05c39b95032ce1aa6b9e1e7ccc9f5e64c2ececcc67c121bfd337ae4d7e4f7119f6f3a25bfaa5a146e952c8409f2a1de32eacf6b6bf02edae55d50f96ad3c9a5b8d79935bf985281ba7357fddbfa1fe565c32e70f5ee2798e71527f23403568358676dc585de48b3dacecf60b8391165750916a3c7f9cb82404d7d5aa646324dbda48ad911bda598968fffba753387c1af5070fdae519842dc6f90d8e3aa9484a70c5a45d8971543e0e92b7b6aab0d5c2b22b5d4a28b639bd5e6ef594c497feda411a5ecc18d759e9c87afca4d26ea6e6029e2b85316525380f28a19cda49947f515fa86d4fb01ed9ee4e7776b1f2691b25568c50dc25cd914b5fdaf0d944f16128b8e062790cb08c60e537801615f131b1ff5f8e18bac2054705f1789cdd47b8dfc5220a03ddc333b5ce3252fc9490765e22171b35f571bc665635d1d1076c351949e91ae05fdd7008dc92126b1f08dc18ee844a613932c9451af9ba43026b7b9b36bf529573a157d35f2e7d8220c471d8807c5aceb527b59be32093fedb9b3a04b9e4168d9e9e1f5bd87fe987fffff638fa90c2747ebeee708bda5ad63675473e27200c18d415d59a04a33432e51677c80311d2926fb821a7628682122f6225c88e7b0a25e489c3547acf97204f83d3b99879860753444c1a71d734fd9d212fbc5d0f2341e63f69e39afa55b6a106312f0e2b914a5d21e3299e5fa283ccf283137391e8af59b39d115c0c54ef90362cccf01b94f7dae4ef0b6d72f4f4065ab4f8ca4b048fa1f0a697c1d8e7036a6cef5f6592e208b1c02c47468b9a3b04abe942dfee10ee3c96f1735210e45ee5873cff6916a9ee4b7bd102da038bc558eb0d9fb484877642e39e676496c659a1672e6788032714b633748e81adacccf43aba657bdc76ff6ffb11086423bfbd1cbfc9e6fa6fa3187a4cf4f56a6e2d26215b8c6fcc568a489c9a6523f0699afbd48dd17a26367eee916387271927e36a9b1b9deea45b6eb71dac650d9e6e09142887b2b732cafaa7dd088e9b2a2533fa452b5e1c6629946161dcad4b15192a6d79b81636cc37f53cc6130563f12934fefeeb77f6d36cb4039f9b2f76e0540953588fa5af71beb99fe917120b06f1d1ebed6a77472abc336b50c4ad69071244629bed5d53234f7d6ab5daffcf385db23097eabe4f08d2e293268bae7abebd3d8ca51fd140ce30ca36bccee2514d42ea294f46b0f4dfcc8fb59ed8dbb73a5b1aa0b6899d0dff439d4239482aa458dd33a3a15a46f38a920705d8e9e842c1d3aa415d6b98dd7d96116b712b61673d35f4c72952d813d0155003f6eb54d0877dd94c2efd747bf416b7c37a65e0801caaac9c674f28083979cbf28fe936e65596aa042e0cf31e6aff2924dfd348482e326ce5af638c6b9c49579946fc64661a13ac33f93b6358ad299e131f4f4d39266ff061e2c1f73e56d850c9529bad0a06255c191576b47a08a6ff24bbc14392fd636639b67e57332a7be39d28ad6c8dda9d12206fc1240fc0b1c486b09cdf1e413c10e283caa9ba63479163a91ebd9ac98d135337c819cd7a991d3fb40ab44cda6040097f283244d1b6e024e959e03e5ea1317a5f7c13a01074c36a9a8de349292e4f20fa6b81685903d23e32e0e0ec7c3fe09e1091b9ac866c9ab9c504302fce5b0faeec47ad78cb8e854e02639fb4782194d94e665142297a039c7ec7ed2fd4124232383c9d28007b8cfaa618cd4417e3044e0395b7b00c618d82250377b79402639e3ee9726efae0fe9920f0dbac6cedef88a4784a87db4062d2e63af2cfd5473ace8f86"}, {0x100, 0x13f, 0xad, "b33b1d74d5c6e12cd9c2c631e98ff735b36559d6765e1dd020cfe20007778fc168368afd2523c0a6b64896b30e98574ccede8b39551225635de8f4386caa8a9b9a0075f258835776af82afc3fe8c123faebfed392f9cbddbe38195a0e3b3999924d8a3028b55ca3bfc64e630308d1fe5d6c33e5d43e0132f47f7eb5c6e91ea0d57bfa5b7d66e871831af19492e707888cee0c27f6800c145737feeec0be8b4cdbe877ba895c4411ce4b5ecf6624ae420ff5b310eb830a1745a7f288aeeb3f9bbd54a9c6b9dbec643d1bc25214b86a6a84a8941431366666b0d46388b3e44c009d6c6f0050c4c6fc5825818e261b4"}, {0x18, 0x11f, 0x3bf8000000000000, "02a045"}, {0xe8, 0x115, 0x3f, "1417bc759640c756cb63c0185ddcedbd0428d1d058ff9b3df01969fd146cec27f24dd4d2d455be69bd0a1d63a960419293af278bb4d7683275b0960e6428cd8c4b92d8574e4221d6f224b988d41f18a289f428c7943953587e1f767ef8071d6a17f057021fe5297e77a7893e844251fde109e684ef22c990af0e6638276c5015b5b71222ed493917a6d6cc78a65d82a741a29c5b5b9ca8b5cbfac0594f2c1567dd0002583288baad9afc23138e28dda960339f6ba6d123ca2e57a4a956d90fad643d3ea3a03edcf0a623bd386502e9973762f6"}, {0x28, 0x10e, 0x7, "949aec3107b74e927e8b5a4ed36436d13a763b03"}], 0x2310}, 0x890) sendmsg$nl_route(r0, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000040)=@newlink={0x50, 0x10, 0x705, 0x0, 0x0, {}, [@IFLA_OPERSTATE={0x8, 0x10, 0x6}, @IFLA_LINKINFO={0x25, 0x12, @veth={{0xc, 0x1, 'veth\x00'}, {0x18, 0x2, @VETH_INFO_PEER={0x14}}}}]}, 0x200}}, 0x0) [ 3298.876909][T21109] Memory cgroup stats for /syz3: cache:0KB rss:88612KB rss_huge:0KB shmem:44KB mapped_file:0KB dirty:132KB writeback:132KB swap:0KB inactive_anon:0KB active_anon:88652KB inactive_file:0KB active_file:0KB unevictable:0KB [ 3298.899108][T21109] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=syz3,mems_allowed=0-1,oom_memcg=/syz3,task_memcg=/syz3,task=syz-executor.3,pid=25567,uid=0 [ 3298.915040][T21109] Memory cgroup out of memory: Killed process 25567 (syz-executor.3) total-vm:72580kB, anon-rss:172kB, file-rss:35796kB, shmem-rss:0kB [ 3298.978770][T21162] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.5'. 17:10:31 executing program 4: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB="300000001800110300000000000000000a000000fe0002000000000014000500002ec1ddb6edd8e4dcd163af3c00000000000000000000000008"], 0x1}}, 0x0) 17:10:31 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = socket$inet(0x10, 0x3, 0xc) sendmsg(r1, &(0x7f0000011fc8)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="24000000060107031dfffd946fa2830020200a0009000200001d854c0c1baba20400ff7e28000000110affffba010000000009b356da5a80d18be34c8546c8243929db2406b20cd37ed01cc0", 0x4c}], 0x1}, 0x0) [ 3299.058857][T21181] netlink: 'syz-executor.1': attribute type 16 has an invalid length. [ 3299.078645][T21165] IPVS: Scheduler module ip_vs_ú” not found [ 3299.087549][T21181] netlink: 21 bytes leftover after parsing attributes in process `syz-executor.1'. 17:10:31 executing program 2: clone(0x80210a001ff1, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$IP_VS_SO_SET_ADD(r0, 0x0, 0x482, &(0x7f0000000040)={0x40011, @empty, 0x0, 0x0, '\xfa\x94\x00\x00\x04\x00'}, 0x2c) [ 3299.149751][T21176] IPVS: Scheduler module ip_vs_ú” not found 17:10:31 executing program 3: openat$tun(0xffffffffffffff9c, &(0x7f0000000100)='/dev/net/tun\x00', 0x2, 0x0) clone(0x802102001ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) 17:10:31 executing program 4: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB="300000001800110300000000000000000a000000fe00f0000000000014000500002ec1ddb6edd8e4dcd163af3c00000000000000000000000008"], 0x1}}, 0x0) [ 3299.232167][T21192] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.5'. 17:10:31 executing program 1: openat$proc_capi20ncci(0xffffffffffffff9c, &(0x7f0000000540)='/proc/capi/capi20ncci\x00', 0x0, 0x0) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100)='/dev/net/tun\x00', 0x2, 0x0) r1 = accept$inet(0xffffffffffffffff, &(0x7f0000000140)={0x2, 0x0, @initdev}, &(0x7f0000000180)=0x10) getsockopt$inet_IP_XFRM_POLICY(r1, 0x0, 0x11, &(0x7f00000001c0)={{{@in6=@loopback, @in6=@ipv4={[], [], @empty}}}, {{@in6=@empty}, 0x0, @in6=@initdev}}, &(0x7f00000002c0)=0xe8) ioctl$TUNSETSNDBUF(r0, 0x400454d4, &(0x7f00000004c0)=0x9) clone(0x802102001ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) syz_execute_func(&(0x7f0000000000)="994a2ae92c10964c0f05bf03000000c4a37bf0c50141e2e9c422e9aabb3c0000004a0fc7a4ea70db000000000f383a9e02000000110f4e5bc4a265aa104b26660f38091e2fa2631bc421045f4607c421dd589fc4e10bf8e426f2f045f619640f0f6f43a038fd52262e2e66450f7d64c60865f2ad0383397fd3ff3a0065f20f7cd8efa1a12ad764d38f53efaf6766f2ab440fec3f67ddea660f79cec462b1f72ec3c4899294d800000000000fc4634148f70000c2a0c10b00cca27a0e0fc442cd376d000f9f3c6436b2aa66450fc4650000c4e39978c104d9a1e8719e70ddcdcda2660f38346800c4e3295d4c3dc8a3c4c1045ccc7d75c4426507af0f0000000f5fd25cf3460f2ad0f30f5ea5a9a50000ffff660f79ca553131b83a00a2f1fbfb766208cf") r2 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000300)='/dev/qat_adf_ctl\x00', 0x0, 0x0) r3 = getgid() getgroups(0x1, &(0x7f0000000380)=[0xffffffffffffffff]) stat(&(0x7f00000003c0)='./file0\x00', &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) getgroups(0x3, &(0x7f0000000580)=[r3, r4, r5]) openat$cgroup_procs(r2, &(0x7f0000000340)='tasks\x00', 0x2, 0x0) ioctl$TUNGETSNDBUF(r0, 0x800454d3, &(0x7f0000000500)) [ 3299.311126][T21191] syz-executor.2 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=0 [ 3299.360811][T21191] CPU: 0 PID: 21191 Comm: syz-executor.2 Not tainted 5.1.0-rc7+ #97 [ 3299.368850][T21191] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3299.378935][T21191] Call Trace: [ 3299.382255][T21191] dump_stack+0x172/0x1f0 [ 3299.386606][T21191] dump_header+0x10f/0xb6c [ 3299.391045][T21191] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 3299.396980][T21191] ? ___ratelimit+0x60/0x595 [ 3299.401594][T21191] ? do_raw_spin_unlock+0x57/0x270 17:10:31 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = socket$inet(0x10, 0x3, 0xc) sendmsg(r1, &(0x7f0000011fc8)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="24000000060107031dfffd946fa2830020200a0009000200001d854d0c1baba20400ff7e28000000110affffba010000000009b356da5a80d18be34c8546c8243929db2406b20cd37ed01cc0", 0x4c}], 0x1}, 0x0) [ 3299.406735][T21191] oom_kill_process.cold+0x10/0x15 [ 3299.411869][T21191] out_of_memory+0x79a/0x1280 [ 3299.416569][T21191] ? lock_downgrade+0x880/0x880 [ 3299.421429][T21191] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3299.427686][T21191] ? oom_killer_disable+0x280/0x280 [ 3299.432896][T21191] ? find_held_lock+0x35/0x130 [ 3299.437694][T21191] mem_cgroup_out_of_memory+0x1ca/0x230 [ 3299.443260][T21191] ? memcg_event_wake+0x230/0x230 [ 3299.443284][T21191] ? do_raw_spin_unlock+0x57/0x270 [ 3299.443303][T21191] ? _raw_spin_unlock+0x2d/0x50 17:10:32 executing program 1: openat$proc_capi20ncci(0xffffffffffffff9c, &(0x7f0000000540)='/proc/capi/capi20ncci\x00', 0x0, 0x0) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100)='/dev/net/tun\x00', 0x2, 0x0) r1 = accept$inet(0xffffffffffffffff, &(0x7f0000000140)={0x2, 0x0, @initdev}, &(0x7f0000000180)=0x10) getsockopt$inet_IP_XFRM_POLICY(r1, 0x0, 0x11, &(0x7f00000001c0)={{{@in6=@loopback, @in6=@ipv4={[], [], @empty}}}, {{@in6=@empty}, 0x0, @in6=@initdev}}, &(0x7f00000002c0)=0xe8) ioctl$TUNSETSNDBUF(r0, 0x400454d4, &(0x7f00000004c0)=0x9) clone(0x802102001ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) syz_execute_func(&(0x7f0000000000)="994a2ae92c10964c0f05bf03000000c4a37bf0c50141e2e9c422e9aabb3c0000004a0fc7a4ea70db000000000f383a9e02000000110f4e5bc4a265aa104b26660f38091e2fa2631bc421045f4607c421dd589fc4e10bf8e426f2f045f619640f0f6f43a038fd52262e2e66450f7d64c60865f2ad0383397fd3ff3a0065f20f7cd8efa1a12ad764d38f53efaf6766f2ab440fec3f67ddea660f79cec462b1f72ec3c4899294d800000000000fc4634148f70000c2a0c10b00cca27a0e0fc442cd376d000f9f3c6436b2aa66450fc4650000c4e39978c104d9a1e8719e70ddcdcda2660f38346800c4e3295d4c3dc8a3c4c1045ccc7d75c4426507af0f0000000f5fd25cf3460f2ad0f30f5ea5a9a50000ffff660f79ca553131b83a00a2f1fbfb766208cf") r2 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000300)='/dev/qat_adf_ctl\x00', 0x0, 0x0) r3 = getgid() getgroups(0x1, &(0x7f0000000380)=[0xffffffffffffffff]) stat(&(0x7f00000003c0)='./file0\x00', &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) getgroups(0x3, &(0x7f0000000580)=[r3, r4, r5]) openat$cgroup_procs(r2, &(0x7f0000000340)='tasks\x00', 0x2, 0x0) ioctl$TUNGETSNDBUF(r0, 0x800454d3, &(0x7f0000000500)) [ 3299.443323][T21191] try_charge+0x102c/0x15c0 [ 3299.443337][T21191] ? find_held_lock+0x35/0x130 [ 3299.443362][T21191] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 3299.443380][T21191] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3299.443401][T21191] ? kasan_check_read+0x11/0x20 [ 3299.443422][T21191] ? get_mem_cgroup_from_mm+0x128/0x2b0 [ 3299.443441][T21191] mem_cgroup_try_charge+0x24d/0x5e0 [ 3299.443465][T21191] mem_cgroup_try_charge_delay+0x1f/0xa0 [ 3299.443486][T21191] wp_page_copy+0x408/0x1740 [ 3299.453619][T21191] ? find_held_lock+0x35/0x130 [ 3299.453646][T21191] ? pmd_pfn+0x1d0/0x1d0 [ 3299.453664][T21191] ? lock_downgrade+0x880/0x880 [ 3299.453678][T21191] ? swp_swapcount+0x540/0x540 [ 3299.453698][T21191] ? kasan_check_read+0x11/0x20 [ 3299.453713][T21191] ? do_raw_spin_unlock+0x57/0x270 [ 3299.453732][T21191] do_wp_page+0x48e/0x1500 [ 3299.453757][T21191] ? finish_mkwrite_fault+0x4f0/0x4f0 [ 3299.453784][T21191] __handle_mm_fault+0x22e8/0x3ec0 [ 3299.453806][T21191] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 3299.453820][T21191] ? find_held_lock+0x35/0x130 17:10:32 executing program 4: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB="300000001800110300000000000000000a000000fe004c110000000014000500002ec1ddb6edd8e4dcd163af3c00000000000000000000000008"], 0x1}}, 0x0) [ 3299.453837][T21191] ? handle_mm_fault+0x322/0xb30 [ 3299.453865][T21191] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3299.453882][T21191] ? kasan_check_read+0x11/0x20 [ 3299.453904][T21191] handle_mm_fault+0x43f/0xb30 [ 3299.453936][T21191] __do_page_fault+0x5ef/0xda0 [ 3299.453962][T21191] do_page_fault+0x71/0x581 [ 3299.453978][T21191] ? page_fault+0x8/0x30 [ 3299.454002][T21191] page_fault+0x1e/0x30 [ 3299.526249][T21208] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.5'. [ 3299.529240][T21191] RIP: 0033:0x4573ae [ 3299.529256][T21191] Code: 00 00 85 c0 41 89 c5 0f 85 fc 00 00 00 64 8b 04 25 d0 02 00 00 41 39 c4 0f 84 12 02 00 00 48 8b 05 97 f3 5f 00 48 85 c0 74 04 <48> 83 00 04 64 8b 04 25 d0 02 00 00 64 89 04 25 d4 02 00 00 0f 31 [ 3299.529265][T21191] RSP: 002b:0000000000a4fd30 EFLAGS: 00010206 [ 3299.529278][T21191] RAX: 0000000000a56248 RBX: 0000000000a4fd30 RCX: 000000000045737a [ 3299.529288][T21191] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011 [ 3299.529297][T21191] RBP: 0000000000a4fd70 R08: 0000000000000001 R09: 0000000001fdd940 [ 3299.529307][T21191] R10: 0000000001fddc10 R11: 0000000000000246 R12: 0000000000000001 [ 3299.529315][T21191] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000a4fdc0 [ 3299.594725][T21191] memory: usage 307200kB, limit 307200kB, failcnt 15776 [ 3299.673138][T21191] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3299.696445][T21191] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3299.712948][T21191] Memory cgroup stats for /syz2: cache:220KB rss:102240KB rss_huge:0KB shmem:124KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:102408KB inactive_file:0KB active_file:0KB unevictable:0KB [ 3299.759018][T21191] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=11490,uid=0 [ 3299.777675][T21191] Memory cgroup out of memory: Killed process 11490 (syz-executor.2) total-vm:72712kB, anon-rss:172kB, file-rss:35800kB, shmem-rss:0kB 17:10:32 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000080)='/dev/zero\x00', 0x80, 0x0) ioctl$UI_SET_SNDBIT(r1, 0x4004556a, 0x4) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x2) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_execute_func(&(0x7f0000000040)="660f1088000800006664f3460fbc85970000000fdf4ad7c4e1215d1fc46155f23aa46466440fd7cc420f6fc18fe978cba0001000003643ddc7") ioctl$SCSI_IOCTL_GET_BUS_NUMBER(r1, 0x5386, &(0x7f00000000c0)) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000028000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r3, 0xae80, 0x0) 17:10:32 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = socket$inet(0x10, 0x3, 0xc) sendmsg(r1, &(0x7f0000011fc8)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="24000000060107031dfffd946fa2830020200a0009000200001d854e0c1baba20400ff7e28000000110affffba010000000009b356da5a80d18be34c8546c8243929db2406b20cd37ed01cc0", 0x4c}], 0x1}, 0x0) 17:10:32 executing program 1: perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000001f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_open_dev$binder(&(0x7f0000000280)='/dev/binder#\x00', 0xffffffffffffffff, 0x0) r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0) ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0) ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000440)={0x44, 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="00634040000044a3000000000000000600000000000000000000000000000000000000000000000000000000000000000000000000000002ff0300"/68], 0x0, 0x0, 0x0}) ioctl$SNDRV_CTL_IOCTL_PCM_INFO(r0, 0xc1205531, &(0x7f0000000000)={0x6, 0x8000, 0x67b, 0x400, [], [], [], 0xfffffffffffffff9, 0x5, 0x6, 0x3, "123627a4a3afdaf2aae42ed0193fdfd6"}) 17:10:32 executing program 4: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB="300000001800110300000000000000000a000000fe00003f0000000014000500002ec1ddb6edd8e4dcd163af3c00000000000000000000000008"], 0x1}}, 0x0) [ 3299.814405][ T7846] syz-executor.3 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=0, oom_score_adj=0 17:10:32 executing program 0: r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x0) r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000040)='/dev/hwrng\x00', 0x80402, 0x0) ioctl$SG_SET_TIMEOUT(r1, 0x2201, &(0x7f0000000100)=0x9) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000000)={'nr0\x01\x00', 0x2}) ioctl$KDSETMODE(r0, 0x4b3a, 0x5) r2 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r2, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$TUNSETSTEERINGEBPF(r0, 0x400454d1, &(0x7f0000000080)) [ 3299.912221][ T7846] CPU: 1 PID: 7846 Comm: syz-executor.3 Not tainted 5.1.0-rc7+ #97 [ 3299.920161][ T7846] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3299.930231][ T7846] Call Trace: [ 3299.933546][ T7846] dump_stack+0x172/0x1f0 [ 3299.937901][ T7846] dump_header+0x10f/0xb6c [ 3299.942348][ T7846] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 3299.948163][ T7846] ? ___ratelimit+0x60/0x595 [ 3299.952769][ T7846] ? do_raw_spin_unlock+0x57/0x270 [ 3299.957896][ T7846] oom_kill_process.cold+0x10/0x15 [ 3299.963037][ T7846] out_of_memory+0x79a/0x1280 [ 3299.967744][ T7846] ? oom_killer_disable+0x280/0x280 [ 3299.972962][ T7846] ? find_held_lock+0x35/0x130 [ 3299.977769][ T7846] mem_cgroup_out_of_memory+0x1ca/0x230 [ 3299.983342][ T7846] ? memcg_event_wake+0x230/0x230 [ 3299.988403][ T7846] ? do_raw_spin_unlock+0x57/0x270 [ 3299.993535][ T7846] ? _raw_spin_unlock+0x2d/0x50 [ 3299.998403][ T7846] try_charge+0x102c/0x15c0 [ 3300.002909][ T7846] ? find_held_lock+0x35/0x130 [ 3300.002945][ T7846] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 3300.002961][ T7846] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 3300.002977][ T7846] ? find_held_lock+0x35/0x130 [ 3300.002992][ T7846] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 3300.003021][ T7846] __memcg_kmem_charge_memcg+0x7c/0x130 [ 3300.013320][ T7846] ? memcg_kmem_put_cache+0xb0/0xb0 [ 3300.013338][ T7846] ? get_mem_cgroup_from_mm+0x128/0x2b0 [ 3300.013356][ T7846] __memcg_kmem_charge+0x136/0x300 [ 3300.013377][ T7846] __alloc_pages_nodemask+0x4bf/0x8d0 [ 3300.013397][ T7846] ? __alloc_pages_slowpath+0x28b0/0x28b0 [ 3300.062586][ T7846] ? copy_page_range+0x125a/0x1f90 [ 3300.062826][T21238] binder: 21230:21238 got transaction to invalid handle [ 3300.067754][ T7846] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 3300.067777][ T7846] alloc_pages_current+0x107/0x210 [ 3300.067799][ T7846] pte_alloc_one+0x1b/0x1a0 [ 3300.075693][T21238] binder: 21230:21238 transaction failed 29201/-22, size 0-0 line 2995 [ 3300.081113][ T7846] __pte_alloc+0x20/0x310 [ 3300.081133][ T7846] copy_page_range+0x1529/0x1f90 [ 3300.081148][ T7846] ? perf_trace_lock+0xeb/0x510 [ 3300.081164][ T7846] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3300.081204][ T7846] ? pmd_alloc+0x180/0x180 [ 3300.107834][ T5] binder: undelivered TRANSACTION_ERROR: 29201 [ 3300.108666][ T7846] ? __rb_insert_augmented+0x231/0xdf0 [ 3300.108684][ T7846] ? validate_mm_rb+0xa3/0xc0 [ 3300.108703][ T7846] ? __vma_link_rb+0x279/0x370 [ 3300.108729][ T7846] copy_process.part.0+0x568b/0x7980 [ 3300.108780][ T7846] ? __cleanup_sighand+0x60/0x60 [ 3300.155802][ T7846] _do_fork+0x257/0xfd0 [ 3300.159977][ T7846] ? fork_idle+0x1d0/0x1d0 [ 3300.164399][ T7846] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3300.169872][ T7846] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3300.175521][ T7846] ? do_syscall_64+0x26/0x610 [ 3300.180380][ T7846] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3300.186479][ T7846] ? do_syscall_64+0x26/0x610 [ 3300.191176][ T7846] __x64_sys_clone+0xbf/0x150 [ 3300.195864][ T7846] do_syscall_64+0x103/0x610 [ 3300.200467][ T7846] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3300.206366][ T7846] RIP: 0033:0x45737a [ 3300.210251][ T7846] Code: f7 d8 64 89 04 25 d4 02 00 00 64 4c 8b 0c 25 10 00 00 00 31 d2 4d 8d 91 d0 02 00 00 31 f6 bf 11 00 20 01 b8 38 00 00 00 0f 05 <48> 3d 00 f0 ff ff 0f 87 f5 00 00 00 85 c0 41 89 c5 0f 85 fc 00 00 [ 3300.229863][ T7846] RSP: 002b:0000000000a4fd30 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 3300.238265][ T7846] RAX: ffffffffffffffda RBX: 0000000000a4fd30 RCX: 000000000045737a [ 3300.246319][ T7846] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011 [ 3300.254289][ T7846] RBP: 0000000000a4fd70 R08: 0000000000000001 R09: 00000000022d9940 [ 3300.262269][ T7846] R10: 00000000022d9c10 R11: 0000000000000246 R12: 0000000000000001 [ 3300.270286][ T7846] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000a4fdc0 [ 3300.288959][ T7846] memory: usage 307200kB, limit 307200kB, failcnt 25473 [ 3300.300332][ T7846] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3300.311394][ T7846] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3300.318887][ T7846] Memory cgroup stats for /syz3: cache:0KB rss:88480KB rss_huge:0KB shmem:44KB mapped_file:0KB dirty:132KB writeback:132KB swap:0KB inactive_anon:0KB active_anon:88680KB inactive_file:0KB active_file:0KB unevictable:0KB [ 3300.341270][ T7846] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=syz3,mems_allowed=0-1,oom_memcg=/syz3,task_memcg=/syz3,task=syz-executor.3,pid=26130,uid=0 [ 3300.360454][ T7846] Memory cgroup out of memory: Killed process 26130 (syz-executor.3) total-vm:72580kB, anon-rss:172kB, file-rss:35796kB, shmem-rss:0kB [ 3300.416675][T21191] syz-executor.2 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 3300.450500][T21191] CPU: 1 PID: 21191 Comm: syz-executor.2 Not tainted 5.1.0-rc7+ #97 [ 3300.459822][T21191] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3300.470057][T21191] Call Trace: [ 3300.470084][T21191] dump_stack+0x172/0x1f0 [ 3300.470104][T21191] dump_header+0x10f/0xb6c [ 3300.470121][T21191] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 3300.470136][T21191] ? ___ratelimit+0x60/0x595 [ 3300.470151][T21191] ? do_raw_spin_unlock+0x57/0x270 [ 3300.470170][T21191] oom_kill_process.cold+0x10/0x15 [ 3300.502912][T21191] out_of_memory+0x79a/0x1280 [ 3300.507624][T21191] ? oom_killer_disable+0x280/0x280 [ 3300.512833][T21191] ? find_held_lock+0x35/0x130 [ 3300.517617][T21191] mem_cgroup_out_of_memory+0x1ca/0x230 [ 3300.523172][T21191] ? memcg_event_wake+0x230/0x230 [ 3300.528220][T21191] ? do_raw_spin_unlock+0x57/0x270 [ 3300.533334][T21191] ? _raw_spin_unlock+0x2d/0x50 [ 3300.538168][T21191] try_charge+0x102c/0x15c0 [ 3300.542651][T21191] ? find_held_lock+0x35/0x130 [ 3300.547398][T21191] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 3300.552934][T21191] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3300.559167][T21191] ? kasan_check_read+0x11/0x20 [ 3300.564004][T21191] ? get_mem_cgroup_from_mm+0x128/0x2b0 [ 3300.569556][T21191] mem_cgroup_try_charge+0x24d/0x5e0 [ 3300.574835][T21191] mem_cgroup_try_charge_delay+0x1f/0xa0 [ 3300.580562][T21191] __handle_mm_fault+0x1e1f/0x3ec0 [ 3300.585666][T21191] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 3300.591214][T21191] ? find_held_lock+0x35/0x130 [ 3300.596003][T21191] ? handle_mm_fault+0x322/0xb30 [ 3300.600945][T21191] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3300.607358][T21191] ? kasan_check_read+0x11/0x20 [ 3300.612200][T21191] handle_mm_fault+0x43f/0xb30 [ 3300.616952][T21191] __do_page_fault+0x5ef/0xda0 [ 3300.621713][T21191] do_page_fault+0x71/0x581 [ 3300.626203][T21191] ? page_fault+0x8/0x30 [ 3300.630427][T21191] page_fault+0x1e/0x30 [ 3300.634560][T21191] RIP: 0033:0x40050c [ 3300.638434][T21191] Code: 01 e9 cd 01 00 00 48 8b 44 24 10 48 0b 44 24 28 75 20 48 8b 14 24 48 8b 7c 24 20 be 02 00 00 00 e8 59 53 00 00 48 8b 4c 24 08 <66> 89 01 e9 a1 01 00 00 48 8b 44 24 08 48 8b 14 24 be 02 00 00 00 [ 3300.658021][T21191] RSP: 002b:0000000000a4fb90 EFLAGS: 00010206 [ 3300.664071][T21191] RAX: 0000000000040011 RBX: 00000000007400f0 RCX: 0000000020000040 [ 3300.672027][T21191] RDX: 0000000000000000 RSI: 0000000000000002 RDI: 0000000000040011 [ 3300.680004][T21191] RBP: fffffffffffffffe R08: 0000000000000000 R09: 0000000000000000 [ 3300.687968][T21191] R10: 0000000000a4fca0 R11: 0000000000000246 R12: 00000000007400f8 [ 3300.695954][T21191] R13: 00000000004beb51 R14: 0000000000000000 R15: 000000000073bf0c [ 3300.708410][T21191] memory: usage 307000kB, limit 307200kB, failcnt 15794 [ 3300.718542][T21191] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3300.726429][T21191] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3300.733619][T21191] Memory cgroup stats for /syz2: cache:220KB rss:102372KB rss_huge:0KB shmem:124KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:102360KB inactive_file:0KB active_file:0KB unevictable:0KB 17:10:33 executing program 2: clone(0x80210a001ff1, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$IP_VS_SO_SET_ADD(r0, 0x0, 0x482, &(0x7f0000000040)={0x40011, @empty, 0x0, 0x0, '\xfa\x94\x00\x00\x05\x00'}, 0x2c) 17:10:33 executing program 4: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB="300000001800110300000000000000000a000000fe00114c0000000014000500002ec1ddb6edd8e4dcd163af3c00000000000000000000000008"], 0x1}}, 0x0) 17:10:33 executing program 1: r0 = perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = syz_open_dev$sg(&(0x7f00000000c0)='/dev/sg#\x00', 0x0, 0x0) ioctl$SG_SET_RESERVED_SIZE(r1, 0x227d, &(0x7f0000000080)) ioctl$PERF_EVENT_IOC_MODIFY_ATTRIBUTES(r0, 0x4008240b, &(0x7f00000001c0)={0x4, 0x70, 0x7ff, 0x80, 0x1000, 0x3, 0x0, 0x5, 0x20, 0x0, 0x8db9, 0xfff, 0x8, 0x2, 0x3, 0x5a4d4d48, 0x5, 0x330, 0x80, 0x5, 0x6, 0x0, 0x6, 0x0, 0x100000, 0x8, 0x6, 0x2, 0x2d, 0x8991, 0x0, 0x20, 0x5, 0x0, 0x1b9b, 0x5, 0x5a4c0956, 0x1, 0x0, 0x1, 0x7, @perf_bp={&(0x7f0000000000), 0x5}, 0x8, 0x1000, 0x9, 0x3, 0x576, 0x3, 0xffffffffffff22f2}) 17:10:33 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = socket$inet(0x10, 0x3, 0xc) sendmsg(r1, &(0x7f0000011fc8)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="24000000060107031dfffd946fa2830020200a0009000200001d854f0c1baba20400ff7e28000000110affffba010000000009b356da5a80d18be34c8546c8243929db2406b20cd37ed01cc0", 0x4c}], 0x1}, 0x0) 17:10:33 executing program 3: openat$tun(0xffffffffffffff9c, &(0x7f0000000100)='/dev/net/tun\x00', 0x2, 0x0) clone(0x802102001ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) syz_execute_func(&(0x7f0000000280)="994a2ae92c10964c0f05bf03000000c4a37bf0c50141e2e9c422e9aabb3c0000004a0fc7a4ea70db000000000f383a9e020000004e5bc4a265aa104b26660f38091e2fa2631bc421045f4607c421dd589fc4e10bf8e426f2f045f619640f0f6f43a038fd3650c050c02e66450f7d64c60865f2ad0383397fd3ff3a0065f20f7cd8efa1a12ad764d38f53efaf6766f2ab440fec3fc441fc77c462b1f72ec3c4899294d800000000000fc4634148f70000c2a0c10b00cca27a0e0fc442cd376d000f9f3c6436b2aa66450fc4650000c4e39978c104d9a1e8719e70ddcdcda2660f38346800c4e3295d4c3dc8a3c4c1045ccc7d75c4426507af0f0000000f5fd25cf3460f2ad0f30f5ea5a9a50000ffff660f79ca553131b83a00a2f1fb766208cf") 17:10:33 executing program 0: socket$inet_udplite(0x2, 0x2, 0x88) openat$null(0xffffffffffffff9c, &(0x7f0000000180)='/dev/null\x00', 0x0, 0x0) socket$inet_udplite(0x2, 0x2, 0x88) socket$inet_udplite(0x2, 0x2, 0x88) openat$null(0xffffffffffffff9c, &(0x7f0000000040)='/dev/null\x00', 0x0, 0x0) r0 = openat$null(0xffffffffffffff9c, &(0x7f0000000100)='/dev/null\x00', 0x0, 0x0) r1 = syz_open_dev$swradio(&(0x7f0000000040)='/dev/swradio#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f0000000080)={0x0, 0x3, 0x1, {0xb, @pix={0x0, 0x1f}}}) r2 = syz_genetlink_get_family_id$tipc2(&(0x7f00000001c0)='TIPCv2\x00') sendmsg$TIPC_NL_NET_SET(r0, &(0x7f0000000240)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000200)={&(0x7f00000003c0)={0x2ac, r2, 0x20, 0x70bd27, 0x25dfdbfd, {}, [@TIPC_NLA_MEDIA={0x28, 0x5, [@TIPC_NLA_MEDIA_PROP={0xc, 0x2, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x3}]}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'ib\x00'}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'eth\x00'}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'eth\x00'}]}, @TIPC_NLA_MON={0x2c, 0x9, [@TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x40}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x3}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0xfffffffffffff001}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x59}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x5e4}]}, @TIPC_NLA_NET={0x34, 0x7, [@TIPC_NLA_NET_NODEID={0xc, 0x3, 0x5}, @TIPC_NLA_NET_ID={0x8, 0x1, 0x400}, @TIPC_NLA_NET_ID={0x8, 0x1, 0x200}, @TIPC_NLA_NET_ID={0x8, 0x1, 0x5}, @TIPC_NLA_NET_NODEID={0xc, 0x3, 0x5}]}, @TIPC_NLA_NET={0x40, 0x7, [@TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0x1}, @TIPC_NLA_NET_ADDR={0x8, 0x2, 0x3}, @TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0x5}, @TIPC_NLA_NET_ADDR={0x8, 0x2, 0xfffffffffffffbff}, @TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0xfffffffffffffbff}, @TIPC_NLA_NET_ID={0x8, 0x1, 0x14a}]}, @TIPC_NLA_LINK={0x70, 0x4, [@TIPC_NLA_LINK_PROP={0x1c, 0x7, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x19}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x4d1d}, @TIPC_NLA_PROP_MTU={0x8}]}, @TIPC_NLA_LINK_NAME={0xc, 0x1, 'syz1\x00'}, @TIPC_NLA_LINK_PROP={0x1c, 0x7, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x2}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x73}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x4}]}, @TIPC_NLA_LINK_NAME={0x14, 0x1, 'broadcast-link\x00'}, @TIPC_NLA_LINK_PROP={0x14, 0x7, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x8}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x2}]}]}, @TIPC_NLA_MEDIA={0x98, 0x5, [@TIPC_NLA_MEDIA_PROP={0xc, 0x2, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0x3}]}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'ib\x00'}, @TIPC_NLA_MEDIA_PROP={0x14, 0x2, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0xb3}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x2}]}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'udp\x00'}, @TIPC_NLA_MEDIA_PROP={0xc, 0x2, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x5e9}]}, @TIPC_NLA_MEDIA_PROP={0x2c, 0x2, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x100}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x80000001}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x7ff}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x8}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x6}]}, @TIPC_NLA_MEDIA_PROP={0x2c, 0x2, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0xf28}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x5}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x81}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x5}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x8}]}]}, @TIPC_NLA_BEARER={0x7c, 0x1, [@TIPC_NLA_BEARER_NAME={0x10, 0x1, @udp='udp:syz1\x00'}, @TIPC_NLA_BEARER_PROP={0x1c, 0x2, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x6e}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x2}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x1f}]}, @TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x6}, @TIPC_NLA_BEARER_PROP={0x34, 0x2, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x10}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x782}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x5}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x5}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0xfffffffffffffff7}, @TIPC_NLA_PROP_MTU={0x8}]}, @TIPC_NLA_BEARER_NAME={0x10, 0x1, @udp='udp:syz0\x00'}]}, @TIPC_NLA_NET={0x1c, 0x7, [@TIPC_NLA_NET_ADDR={0x8, 0x2, 0x8}, @TIPC_NLA_NET_ID={0x8, 0x1, 0xffffffffffffff7f}, @TIPC_NLA_NET_ADDR={0x8, 0x2, 0x40}]}, @TIPC_NLA_NODE={0x1c, 0x6, [@TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x9}, @TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x9}]}, @TIPC_NLA_NET={0x14, 0x7, [@TIPC_NLA_NET_ID={0x8, 0x1, 0x1ff}, @TIPC_NLA_NET_ADDR={0x8, 0x2, 0x40}]}]}, 0x2ac}, 0x1, 0x0, 0x0, 0x10}, 0x10) syz_execute_func(&(0x7f0000000340)="c462653dce0fbdc52ecd8080000cc4e1ed64338a20d0d0f0408392300000002a6626f243e0ff0070e4c653fb0f450fbd27a95f5744be3c3b6446ddcb8f48508e307b8f69289bd19d670f381d6a2f67450f483bd1d97c7c63460f096161787896c401fe5ff666410fd7cae1b1c402010804f466400f38f556f6892a009f") [ 3300.755308][T21191] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=11682,uid=0 [ 3300.771022][T21191] Memory cgroup out of memory: Killed process 11682 (syz-executor.2) total-vm:72712kB, anon-rss:172kB, file-rss:35800kB, shmem-rss:0kB [ 3300.799784][T21220] IPVS: Scheduler module ip_vs_ú” not found 17:10:33 executing program 0: perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000001f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x10, 0x3, 0x0) remap_file_pages(&(0x7f0000003000/0x4000)=nil, 0x4000, 0x8, 0x7fff, 0x8c25a9bd15306384) sendmsg(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f00000002c0)="240000001100075e1dfffd726fa2830020200a0007000000000001a0f1ffffff0d00ff7e", 0x24}], 0x1}, 0x0) r1 = fanotify_init(0x4, 0x80000) fsetxattr$security_smack_transmute(r1, &(0x7f0000000000)='security.SMACK64TRANSMUTE\x00', &(0x7f0000000080)='TRUE', 0x4, 0x2) 17:10:33 executing program 0: r0 = socket$kcm(0x10, 0x2, 0x10) r1 = open(&(0x7f0000000000)='./file0\x00', 0x200100, 0xc0) getsockopt$inet_sctp6_SCTP_DEFAULT_SEND_PARAM(0xffffffffffffffff, 0x84, 0xa, &(0x7f00000000c0)={0x7ff, 0x5, 0xa, 0x3, 0xcf0, 0x7fa78b56, 0x0, 0x8, 0x0}, &(0x7f0000000100)=0x20) getsockopt$inet_sctp6_SCTP_ASSOCINFO(r1, 0x84, 0x1, &(0x7f0000000140)={r2, 0x0, 0x7, 0x1, 0x30e9, 0x7}, &(0x7f00000001c0)=0x14) sendmsg$kcm(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000180)="2e0000001d008103e00f80ecdb4cb9d90163190405000000000000fb12000100ac14141840d819a9060015000000", 0x2e}], 0x1}, 0x0) 17:10:33 executing program 0: r0 = socket$bt_hidp(0x1f, 0x3, 0x6) setsockopt$bt_BT_RCVMTU(r0, 0x112, 0xd, &(0x7f0000000040)=0x2, 0x2) r1 = open(&(0x7f00000000c0)='./file0\x00', 0xf8, 0x0) fcntl$setlease(r1, 0x400, 0x0) r2 = socket(0x10, 0x3, 0x0) r3 = syz_open_procfs(0x0, &(0x7f0000000000)='fdinfo/3\x00') r4 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r4, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") sendfile(r2, r3, 0x0, 0x80000001) 17:10:33 executing program 0: clone(0x200000041fc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = getpid() rt_tgsigqueueinfo(r0, r0, 0x16, &(0x7f00000000c0)) ptrace(0x10, r0) ptrace$getsig(0x2, r0, 0xffffffffff600003, 0x0) r1 = syz_open_dev$radio(&(0x7f0000000000)='/dev/radio#\x00', 0x0, 0x2) ioctl$KVM_GET_LAPIC(r1, 0x8400ae8e, &(0x7f0000000140)={"4a38cfeccf0d65bbc1ad7d7fddf11cf304bcad037e14593d1228e52afef23da5e753835deb2e2098d4644a858b678cd57af6edc36d30790fd64b957ac592add511d43e1b2b0da4386954d1e23090acdc24825927c7a351c50448807c9726d5c3c6f5558224f7d1856b4274e05e0b6bffea39a088f06e2f4aaf2c40a3893d590fe02860b422b6ea4d934344e817988bdeff4b224a3acbd8ad88db3de3de3f32ee3cea318dd944bee27897b46ab36eed4fd4584c6349032284d1b7f1eb6df5ca6286cfdd5f95267f88dfee437d0edc5f8642521f5de2eda560e4225b73b7a12205dc2386d13c88c39d99138d6c7ca6a2680ee223dfd530b40bf9f4dee9fffc848316093e896795eaf4376a124b3fd124973d77e9a6a0983bd9399f42bfbebed7ce025c03445157417fde02dadd2e87f8e1ddecee2932c515ae12c6b64fff4ebb4b2477d04623e202baf51aeba0fc9a3293a40902396a0d988ca0e9e81e28efe9a36041cb487084f6adc32b95977ed8028bf07b21c2b86d03329b21e78a3232a8431202c0b701abe7f683be387d4a000f74daec06a8a8049ff116e10d0966ec5534ba4c62732c670699c7a2da337407ce717460174f70064a9d02629548579931e8cabae270ee8979be0acda9dd453272d2654b728dc3e59adbd4bc6f29d6b554567f32a4b60b6148df2719c215badf1582613f6a3d0ca7906af0230079aca44fe2eaaa9adaef74bf1733fd284ca15315f51cdf314d30f2f1790c2f2a30106d1c30bcd2060cbdc94b3ef1f73bfcc026bc5e0ad477e904b0d6694b7554d145d507f56f72f5bfc506a8b2b662f6d42236337d06ef123cf875bedbf75edd653e252c7ccb73f6d246cfc85a391e69c50f45e3ee600e444a5dc9c108d5a8569389bc7de9de73d80cf0d906d797e5a672f1bf082339ffc52de87bbbbd421939fd0ff8d62049190732b64c3d0946e8c43e9913c87ab714732a177d2c0ae2481e71594acb9566cae23c47418bb6df7742f454c3991b216a43d3df1dd429ea4b70331a9e4252fbc5ff9444ad322d1e19a586c2629453a1a27dde82e30fd0ba64fca154edcd526c92cd4481ca890802a58eb4e899f3233a360ee3de11f891cf25e996416cb69cc5f93ec673b07ad16750ac390d70f45f83db2fe8fa63292f614c6af29de32b988290a5b372c84e6f7dd8e1d077e83d16d79351cbef7912a1a6944bf5d0a7ba4986447979d2e369f54609aa1d3662bc6af4b41a966a82a902f97cdd2884e713e54b635296a19f48a00aaf85841b829d5ad6cd9d0ad20687189d4e35a5c1ad0a2c9b0a46e80fea36b1d82db93598428b7a294b53723f4fd9ddf22f06ec2d83b629bb835de3ae0d2aef3677df9c495bd5bb10888c9aaa4a7426d7c6017527fd07ab1ee122457fc61457e722c8bb332a131d3f026da799e39f490f2c230b7317974f"}) 17:10:33 executing program 4: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB="300000001800110300000000000000000a000000fe0000f00000000014000500002ec1ddb6edd8e4dcd163af3c00000000000000000000000008"], 0x1}}, 0x0) 17:10:33 executing program 1: r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0) r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0) ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0) ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000540)={0x4c, 0x0, &(0x7f0000000040)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x28, 0x8, &(0x7f00000000c0)=[@ptr={0x70742a85, 0x0, 0x0}], &(0x7f0000000200)=[0x0]}}}], 0x0, 0x0, 0x0}) r2 = getpgrp(0xffffffffffffffff) r3 = gettid() r4 = openat$dlm_control(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dlm-control\x00', 0x480000, 0x0) r5 = syz_open_dev$usb(&(0x7f0000000180)='/dev/bus/usb/00#/00#\x00', 0x81, 0x100) ioctl$KVM_X86_SETUP_MCE(r5, 0x4008ae9c, &(0x7f00000001c0)={0x0, 0x1, 0x7}) kcmp$KCMP_EPOLL_TFD(r2, r3, 0x7, r1, &(0x7f0000000140)={r4, r0, 0x1}) [ 3301.058659][T21255] syz-executor.3 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=0, oom_score_adj=1000 [ 3301.102311][T21282] IPVS: Scheduler module ip_vs_ú” not found 17:10:33 executing program 2: clone(0x80210a001ff1, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$IP_VS_SO_SET_ADD(r0, 0x0, 0x482, &(0x7f0000000040)={0x40011, @empty, 0x0, 0x0, '\xfa\x94\x00\x00\x06\x00'}, 0x2c) 17:10:33 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = socket$inet(0x10, 0x3, 0xc) sendmsg(r1, &(0x7f0000011fc8)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="24000000060107031dfffd946fa2830020200a0009000200001d85500c1baba20400ff7e28000000110affffba010000000009b356da5a80d18be34c8546c8243929db2406b20cd37ed01cc0", 0x4c}], 0x1}, 0x0) [ 3301.128170][T21287] IPVS: Scheduler module ip_vs_ú” not found [ 3301.153289][T14203] binder: release 21291:21293 transaction 207 out, still active [ 3301.169562][T21255] CPU: 1 PID: 21255 Comm: syz-executor.3 Not tainted 5.1.0-rc7+ #97 [ 3301.177585][T21255] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3301.181827][T14203] binder: undelivered TRANSACTION_COMPLETE [ 3301.187652][T21255] Call Trace: [ 3301.187680][T21255] dump_stack+0x172/0x1f0 [ 3301.187703][T21255] dump_header+0x10f/0xb6c [ 3301.187730][T21255] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 3301.205562][T21255] ? ___ratelimit+0x60/0x595 [ 3301.215980][T21255] ? do_raw_spin_unlock+0x57/0x270 [ 3301.216002][T21255] oom_kill_process.cold+0x10/0x15 [ 3301.216019][T21255] out_of_memory+0x79a/0x1280 [ 3301.216036][T21255] ? lock_downgrade+0x880/0x880 [ 3301.216051][T21255] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3301.216073][T21255] ? oom_killer_disable+0x280/0x280 [ 3301.225316][T21293] binder: BINDER_SET_CONTEXT_MGR already set [ 3301.226281][T21255] ? find_held_lock+0x35/0x130 [ 3301.226313][T21255] mem_cgroup_out_of_memory+0x1ca/0x230 [ 3301.226333][T21255] ? memcg_event_wake+0x230/0x230 [ 3301.231884][T21293] binder: 21291:21293 ioctl 40046207 0 returned -16 [ 3301.235854][T21255] ? do_raw_spin_unlock+0x57/0x270 [ 3301.235880][T21255] ? _raw_spin_unlock+0x2d/0x50 [ 3301.286092][T21255] try_charge+0x102c/0x15c0 [ 3301.290623][T21255] ? find_held_lock+0x35/0x130 [ 3301.295419][T21255] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 3301.300992][T21255] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 3301.306563][T21255] ? find_held_lock+0x35/0x130 [ 3301.311349][T21255] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 3301.317020][T21255] __memcg_kmem_charge_memcg+0x7c/0x130 [ 3301.322587][T21255] ? memcg_kmem_put_cache+0xb0/0xb0 [ 3301.327812][T21255] ? get_mem_cgroup_from_mm+0x128/0x2b0 [ 3301.333378][T21255] __memcg_kmem_charge+0x136/0x300 [ 3301.338510][T21255] __alloc_pages_nodemask+0x4bf/0x8d0 [ 3301.343906][T21255] ? __alloc_pages_slowpath+0x28b0/0x28b0 [ 3301.349653][T21255] ? save_stack+0x45/0xd0 [ 3301.354006][T21255] ? __kasan_kmalloc.constprop.0+0xcf/0xe0 [ 3301.359829][T21255] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3301.366083][T21255] ? debug_smp_processor_id+0x3c/0x280 [ 3301.371575][T21255] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 3301.377882][T21255] alloc_pages_current+0x107/0x210 [ 3301.383031][T21255] pte_alloc_one+0x1b/0x1a0 [ 3301.387555][T21255] __pte_alloc+0x20/0x310 [ 3301.391908][T21255] copy_page_range+0x1529/0x1f90 [ 3301.396898][T21255] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 3301.402660][T21255] ? pmd_alloc+0x180/0x180 [ 3301.407101][T21255] ? validate_mm_rb+0xa3/0xc0 [ 3301.411807][T21255] ? __vma_link_rb+0x279/0x370 [ 3301.416607][T21255] copy_process.part.0+0x568b/0x7980 [ 3301.421960][T21255] ? __cleanup_sighand+0x60/0x60 [ 3301.426916][T21255] ? semctl_down+0x5e0/0x9f0 [ 3301.431529][T21255] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3301.437795][T21255] _do_fork+0x257/0xfd0 [ 3301.441975][T21255] ? fork_idle+0x1d0/0x1d0 [ 3301.446404][T21255] ? __ia32_sys_mkdir+0x80/0x80 [ 3301.451270][T21255] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3301.456740][T21255] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3301.456758][T21255] ? do_syscall_64+0x26/0x610 [ 3301.456776][T21255] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3301.456796][T21255] ? do_syscall_64+0x26/0x610 17:10:33 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = socket$inet(0x10, 0x3, 0xc) sendmsg(r1, &(0x7f0000011fc8)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="24000000060107031dfffd946fa2830020200a0009000200001d85510c1baba20400ff7e28000000110affffba010000000009b356da5a80d18be34c8546c8243929db2406b20cd37ed01cc0", 0x4c}], 0x1}, 0x0) 17:10:33 executing program 4: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB="300000001800110300000000000000000a000000fe00fffff000000014000500002ec1ddb6edd8e4dcd163af3c00000000000000000000000008"], 0x1}}, 0x0) [ 3301.477672][T21255] ? lockdep_hardirqs_on+0x418/0x5d0 [ 3301.477700][T21255] __ia32_sys_fork+0x1f/0x30 [ 3301.477719][T21255] do_syscall_64+0x103/0x610 [ 3301.477748][T21255] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3301.488972][T14203] binder_send_failed_reply: 58 callbacks suppressed [ 3301.488981][T14203] binder: send failed reply for transaction 207, target dead [ 3301.492216][T21255] RIP: 0033:0x2000028a [ 3301.492234][T21255] Code: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 99 4a 2a e9 2c 10 96 4c 0f 05 03 00 00 00 c4 a3 7b f0 c5 01 41 e2 e9 c4 22 e9 aa bb 3c 00 00 [ 3301.492242][T21255] RSP: 002b:00007fa14f198bd8 EFLAGS: 00000283 ORIG_RAX: 0000000000000039 [ 3301.492258][T21255] RAX: ffffffffffffffda RBX: 0000000000000009 RCX: 000000002000028a [ 3301.492267][T21255] RDX: 0000000000000000 RSI: 00000000800000f4 RDI: 0000000000000003 [ 3301.492275][T21255] RBP: 0000000000000080 R08: 0000000000000005 R09: 0000000000000006 [ 3301.492284][T21255] R10: 0000000000000007 R11: 0000000000000283 R12: 000000000000000b [ 3301.492293][T21255] R13: 000000000000000c R14: 000000000000000d R15: 00000000ffffffff [ 3301.528786][T21306] __nla_parse: 6 callbacks suppressed [ 3301.528797][T21306] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.5'. [ 3301.537108][T21255] memory: usage 307200kB, limit 307200kB, failcnt 25491 [ 3301.610614][T21255] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3301.619004][T21255] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3301.626844][T21255] Memory cgroup stats for /syz3: cache:0KB rss:88480KB rss_huge:0KB shmem:44KB mapped_file:0KB dirty:132KB writeback:132KB swap:0KB inactive_anon:0KB active_anon:88656KB inactive_file:0KB active_file:0KB unevictable:0KB [ 3301.649339][T21255] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=syz3,mems_allowed=0-1,oom_memcg=/syz3,task_memcg=/syz3,task=syz-executor.3,pid=26369,uid=0 [ 3301.667290][T21255] Memory cgroup out of memory: Killed process 26369 (syz-executor.3) total-vm:72580kB, anon-rss:172kB, file-rss:35796kB, shmem-rss:0kB [ 3301.685539][ T1043] oom_reaper: reaped process 26369 (syz-executor.3), now anon-rss:0kB, file-rss:34836kB, shmem-rss:0kB [ 3301.693634][ T7844] syz-executor.2 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=0, oom_score_adj=0 [ 3301.718049][ T7844] CPU: 0 PID: 7844 Comm: syz-executor.2 Not tainted 5.1.0-rc7+ #97 [ 3301.725987][ T7844] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3301.736046][ T7844] Call Trace: [ 3301.739346][ T7844] dump_stack+0x172/0x1f0 [ 3301.743694][ T7844] dump_header+0x10f/0xb6c [ 3301.748123][ T7844] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 3301.753950][ T7844] ? ___ratelimit+0x60/0x595 [ 3301.758551][ T7844] ? do_raw_spin_unlock+0x57/0x270 [ 3301.763675][ T7844] oom_kill_process.cold+0x10/0x15 [ 3301.768813][ T7844] out_of_memory+0x79a/0x1280 [ 3301.773516][ T7844] ? oom_killer_disable+0x280/0x280 [ 3301.778724][ T7844] ? find_held_lock+0x35/0x130 [ 3301.783519][ T7844] mem_cgroup_out_of_memory+0x1ca/0x230 [ 3301.789066][ T7844] ? memcg_event_wake+0x230/0x230 [ 3301.794102][ T7844] ? do_raw_spin_unlock+0x57/0x270 [ 3301.799226][ T7844] ? _raw_spin_unlock+0x2d/0x50 [ 3301.804087][ T7844] try_charge+0x102c/0x15c0 [ 3301.808600][ T7844] ? find_held_lock+0x35/0x130 [ 3301.813379][ T7844] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 3301.818946][ T7844] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 3301.824498][ T7844] ? find_held_lock+0x35/0x130 [ 3301.829254][ T7844] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 3301.834809][ T7844] __memcg_kmem_charge_memcg+0x7c/0x130 [ 3301.840356][ T7844] ? memcg_kmem_put_cache+0xb0/0xb0 [ 3301.845544][ T7844] ? get_mem_cgroup_from_mm+0x128/0x2b0 [ 3301.851093][ T7844] __memcg_kmem_charge+0x136/0x300 [ 3301.856205][ T7844] __alloc_pages_nodemask+0x4bf/0x8d0 [ 3301.861594][ T7844] ? __alloc_pages_slowpath+0x28b0/0x28b0 [ 3301.867315][ T7844] ? copy_page_range+0x125a/0x1f90 [ 3301.872439][ T7844] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 3301.878697][ T7844] alloc_pages_current+0x107/0x210 [ 3301.883811][ T7844] pte_alloc_one+0x1b/0x1a0 [ 3301.888317][ T7844] __pte_alloc+0x20/0x310 [ 3301.892671][ T7844] copy_page_range+0x1529/0x1f90 [ 3301.897620][ T7844] ? perf_trace_lock+0xeb/0x510 [ 3301.902512][ T7844] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3301.908767][ T7844] ? pmd_alloc+0x180/0x180 [ 3301.913191][ T7844] ? __rb_insert_augmented+0x231/0xdf0 [ 3301.918665][ T7844] ? validate_mm_rb+0xa3/0xc0 [ 3301.923907][ T7844] ? __vma_link_rb+0x279/0x370 [ 3301.928675][ T7844] copy_process.part.0+0x568b/0x7980 [ 3301.934009][ T7844] ? __cleanup_sighand+0x60/0x60 [ 3301.938983][ T7844] _do_fork+0x257/0xfd0 [ 3301.943140][ T7844] ? fork_idle+0x1d0/0x1d0 [ 3301.947546][ T7844] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3301.953001][ T7844] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3301.958460][ T7844] ? do_syscall_64+0x26/0x610 [ 3301.963133][ T7844] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3301.969184][ T7844] ? do_syscall_64+0x26/0x610 [ 3301.973910][ T7844] __x64_sys_clone+0xbf/0x150 [ 3301.978634][ T7844] do_syscall_64+0x103/0x610 [ 3301.983227][ T7844] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3301.989112][ T7844] RIP: 0033:0x45737a [ 3301.993002][ T7844] Code: f7 d8 64 89 04 25 d4 02 00 00 64 4c 8b 0c 25 10 00 00 00 31 d2 4d 8d 91 d0 02 00 00 31 f6 bf 11 00 20 01 b8 38 00 00 00 0f 05 <48> 3d 00 f0 ff ff 0f 87 f5 00 00 00 85 c0 41 89 c5 0f 85 fc 00 00 [ 3302.012715][ T7844] RSP: 002b:0000000000a4fd30 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 3302.021153][ T7844] RAX: ffffffffffffffda RBX: 0000000000a4fd30 RCX: 000000000045737a 17:10:34 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") syz_execute_func(&(0x7f0000000500)="984a2ae92cb8b64c0f05be03004000c4a37bf0c53c41e2e9c422e9aabb3c0000004a0fc7a4ea70db000000000f383a9e02000000110f4e5bc4a265aa104b26660f38091e2fdee51bc421045f450f2f02c421dd589fc4e10bf8c426f2f045f61964620f42c1bfffffffff0252262e2e66450f7d64c608c4a3bd4877f88a0383397fd3ff3a0065f20f7cd8efa1a12ad764d3cf53af6766f2ab440fec3f67ddea660f79cec462b1f72ec3c4899294d800000000000f2d8f0b000000c2a0c10b00cca27a0e0f414e53d2c40f0f9f3c6436b2aa66450fc4650000c4e39978c104c441c05983f9070bb3ddcdcda2660f38346800c4e3295e4c3dc8a3c4c1045ccc7d7526802d08000000fa0f5fd25c450f91f3f30f5ea5a9a50000ffffbedc4e61c9553131b83a00a2f1fbfb3b62") r1 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0x2, 0x2) ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_POOL(r1, 0x4058534c, &(0x7f0000000080)={0x2, 0x10000, 0xfffffffffffffff9, 0x8000, 0x8001, 0xfff}) 17:10:34 executing program 3: openat$tun(0xffffffffffffff9c, &(0x7f0000000100)='/dev/net/tun\x00', 0x2, 0x0) clone(0x802102001ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = syz_open_dev$radio(&(0x7f0000000140)='/dev/radio#\x00', 0x3, 0x2) ioctl$VIDIOC_SUBDEV_S_SELECTION(r0, 0xc040563e, &(0x7f0000000180)={0x1, 0x0, 0x2, 0x1, {0x2, 0x5, 0x6e86, 0x2}}) syz_execute_func(&(0x7f0000000000)="994a2ae92c10964c0f05bf03000000c4a37bf0c50141e2e9c422e9aabb3c0000004a0fc7a4ea70db000000000f383a9e02000000110f4e5bc4a265aa104b26660f38091e2fa2631bc421045f4607c421dd589fc4e10bf8e426f2f045f619640f0f6f43a038fd52262e2e66450f7d64c60865f2ad0383397fd3ff3a0065f20f7cd8efa1a12ad764d38f53efaf6766f2ab440fec3f67ddea660f79cec462b1f72ec3c4899294d800000000000fc4634148f70000c2a0c10b00cca27a0e0fc442cd376d000f9f3c6436b2aa66450fc4650000c4e39978c104d9a1e8719e70ddcdcda2660f38346800c4e3295d4c3dc8a3c4c1045ccc7d75c4426507af0f0000000f5fd25cf3460f2ad0f30f5ea5a9a50000ffff660f79ca553131b83a00a2f1fbfb766208cf") 17:10:34 executing program 4: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB="300000001800110300000000000000000a000000fe0000000001000014000500002ec1ddb6edd8e4dcd163af3c00000000000000000000000008"], 0x1}}, 0x0) 17:10:34 executing program 1: r0 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8) r1 = accept(0xffffffffffffffff, &(0x7f00000000c0)=@sco, &(0x7f0000000180)=0x80) getsockname$inet6(r1, &(0x7f00000001c0), &(0x7f0000000200)=0x1c) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r2, &(0x7f0000d65000)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000140)=ANY=[@ANYBLOB="14000000"], 0x14}}, 0x0) socket$nl_netfilter(0x10, 0x3, 0xc) r3 = fcntl$getown(r0, 0x9) prlimit64(r3, 0x6, &(0x7f0000000040)={0x401, 0x80}, &(0x7f0000000080)) 17:10:34 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = socket$inet(0x10, 0x3, 0xc) sendmsg(r1, &(0x7f0000011fc8)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="24000000060107031dfffd946fa2830020200a0009000200001d85520c1baba20400ff7e28000000110affffba010000000009b356da5a80d18be34c8546c8243929db2406b20cd37ed01cc0", 0x4c}], 0x1}, 0x0) [ 3302.031726][ T7844] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011 [ 3302.039701][ T7844] RBP: 0000000000a4fd70 R08: 0000000000000001 R09: 0000000001fdd940 [ 3302.047658][ T7844] R10: 0000000001fddc10 R11: 0000000000000246 R12: 0000000000000001 [ 3302.055627][ T7844] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000a4fdc0 [ 3302.095656][T21320] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.5'. [ 3302.114128][ T7844] memory: usage 307084kB, limit 307200kB, failcnt 15819 [ 3302.121131][ T7844] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3302.241109][ T7844] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 17:10:34 executing program 4: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB="300000001800110300000000000000000a000000fe0000000002000014000500002ec1ddb6edd8e4dcd163af3c00000000000000000000000008"], 0x1}}, 0x0) [ 3302.291943][ T7844] Memory cgroup stats for /syz2: cache:220KB rss:102372KB rss_huge:0KB shmem:124KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:102380KB inactive_file:0KB active_file:0KB unevictable:0KB 17:10:34 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = socket$inet(0x10, 0x3, 0xc) sendmsg(r1, &(0x7f0000011fc8)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="24000000060107031dfffd946fa2830020200a0009000200001d85530c1baba20400ff7e28000000110affffba010000000009b356da5a80d18be34c8546c8243929db2406b20cd37ed01cc0", 0x4c}], 0x1}, 0x0) [ 3302.342902][ T7844] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=12835,uid=0 [ 3302.408797][ T7844] Memory cgroup out of memory: Killed process 12835 (syz-executor.2) total-vm:72712kB, anon-rss:172kB, file-rss:35800kB, shmem-rss:0kB 17:10:35 executing program 1: r0 = msgget(0x1, 0x88) msgctl$IPC_STAT(r0, 0x2, &(0x7f0000000040)=""/157) perf_event_open(&(0x7f0000000240)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendmsg$key(0xffffffffffffffff, &(0x7f0000000180), 0x0) r1 = openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000380)='/dev/cachefiles\x00', 0x0, 0x0) sendmsg$key(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000100)=ANY=[@ANYBLOB="020900000200000000c47dd31b650aad"], 0x10}}, 0x0) sendmsg$key(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000184000)=ANY=[@ANYBLOB="020100021000000000000600000000000800120000ffff00000000000000000006000000000000060000800000000000e00000010b00000000000000000035000000000000000000000000ff00000000030006000000000002000004000000bb000000000000000003000500000000000200423b000000000000004000000000"], 0x80}}, 0x0) r2 = socket$key(0xf, 0x3, 0x2) sendmmsg(r2, &(0x7f0000000180), 0x400000000000117, 0x0) ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f00000002c0)=0x0) migrate_pages(r3, 0x0, &(0x7f0000000300)=0x7ff, &(0x7f0000000340)=0xfffffffffffffffd) [ 3302.545334][T21336] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.5'. [ 3302.572921][ T7846] syz-executor.3 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=0, oom_score_adj=0 [ 3302.594047][ T7846] CPU: 0 PID: 7846 Comm: syz-executor.3 Not tainted 5.1.0-rc7+ #97 [ 3302.601977][ T7846] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3302.612044][ T7846] Call Trace: [ 3302.615352][ T7846] dump_stack+0x172/0x1f0 [ 3302.619699][ T7846] dump_header+0x10f/0xb6c [ 3302.624131][ T7846] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 3302.629958][ T7846] ? ___ratelimit+0x60/0x595 [ 3302.634556][ T7846] ? do_raw_spin_unlock+0x57/0x270 [ 3302.639683][ T7846] oom_kill_process.cold+0x10/0x15 [ 3302.644816][ T7846] out_of_memory+0x79a/0x1280 [ 3302.649514][ T7846] ? oom_killer_disable+0x280/0x280 [ 3302.654729][ T7846] ? find_held_lock+0x35/0x130 [ 3302.659514][ T7846] mem_cgroup_out_of_memory+0x1ca/0x230 [ 3302.665082][ T7846] ? memcg_event_wake+0x230/0x230 [ 3302.670127][ T7846] ? do_raw_spin_unlock+0x57/0x270 [ 3302.675266][ T7846] ? _raw_spin_unlock+0x2d/0x50 [ 3302.680139][ T7846] try_charge+0x102c/0x15c0 [ 3302.684645][ T7846] ? find_held_lock+0x35/0x130 [ 3302.689428][ T7846] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 3302.694985][ T7846] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 3302.700539][ T7846] ? find_held_lock+0x35/0x130 [ 3302.705316][ T7846] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 3302.710887][ T7846] __memcg_kmem_charge_memcg+0x7c/0x130 [ 3302.716451][ T7846] ? memcg_kmem_put_cache+0xb0/0xb0 [ 3302.721664][ T7846] ? get_mem_cgroup_from_mm+0x128/0x2b0 [ 3302.727225][ T7846] __memcg_kmem_charge+0x136/0x300 [ 3302.732360][ T7846] __alloc_pages_nodemask+0x4bf/0x8d0 [ 3302.737782][ T7846] ? __alloc_pages_slowpath+0x28b0/0x28b0 [ 3302.743535][ T7846] ? copy_page_range+0x125a/0x1f90 [ 3302.748668][ T7846] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 3302.754935][ T7846] alloc_pages_current+0x107/0x210 [ 3302.760080][ T7846] pte_alloc_one+0x1b/0x1a0 [ 3302.764608][ T7846] __pte_alloc+0x20/0x310 [ 3302.768961][ T7846] copy_page_range+0x1529/0x1f90 [ 3302.773909][ T7846] ? perf_trace_lock+0xeb/0x510 [ 3302.778775][ T7846] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3302.785074][ T7846] ? pmd_alloc+0x180/0x180 [ 3302.789510][ T7846] ? __rb_insert_augmented+0x231/0xdf0 [ 3302.794986][ T7846] ? validate_mm_rb+0xa3/0xc0 [ 3302.799679][ T7846] ? __vma_link_rb+0x279/0x370 [ 3302.804470][ T7846] copy_process.part.0+0x568b/0x7980 [ 3302.809800][ T7846] ? __cleanup_sighand+0x60/0x60 [ 3302.814770][ T7846] _do_fork+0x257/0xfd0 [ 3302.818959][ T7846] ? fork_idle+0x1d0/0x1d0 [ 3302.823422][ T7846] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3302.828900][ T7846] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3302.834386][ T7846] ? do_syscall_64+0x26/0x610 [ 3302.839075][ T7846] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3302.845150][ T7846] ? do_syscall_64+0x26/0x610 [ 3302.849844][ T7846] __x64_sys_clone+0xbf/0x150 [ 3302.854539][ T7846] do_syscall_64+0x103/0x610 [ 3302.859179][ T7846] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3302.865085][ T7846] RIP: 0033:0x45737a [ 3302.868992][ T7846] Code: f7 d8 64 89 04 25 d4 02 00 00 64 4c 8b 0c 25 10 00 00 00 31 d2 4d 8d 91 d0 02 00 00 31 f6 bf 11 00 20 01 b8 38 00 00 00 0f 05 <48> 3d 00 f0 ff ff 0f 87 f5 00 00 00 85 c0 41 89 c5 0f 85 fc 00 00 [ 3302.888609][ T7846] RSP: 002b:0000000000a4fd30 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 3302.897041][ T7846] RAX: ffffffffffffffda RBX: 0000000000a4fd30 RCX: 000000000045737a [ 3302.905041][ T7846] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011 [ 3302.913029][ T7846] RBP: 0000000000a4fd70 R08: 0000000000000001 R09: 00000000022d9940 [ 3302.921023][ T7846] R10: 00000000022d9c10 R11: 0000000000000246 R12: 0000000000000001 [ 3302.929011][ T7846] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000a4fdc0 [ 3302.944665][ T7846] memory: usage 307060kB, limit 307200kB, failcnt 25539 [ 3302.951947][ T7846] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3303.123459][ T7846] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3303.130495][ T7846] Memory cgroup stats for /syz3: cache:0KB rss:88480KB rss_huge:0KB shmem:44KB mapped_file:0KB dirty:132KB writeback:132KB swap:0KB inactive_anon:0KB active_anon:88652KB inactive_file:0KB active_file:0KB unevictable:0KB [ 3303.174875][T21338] IPVS: Scheduler module ip_vs_ú” not found [ 3303.258124][ T7846] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=syz3,mems_allowed=0-1,oom_memcg=/syz3,task_memcg=/syz3,task=syz-executor.3,pid=26407,uid=0 [ 3303.280343][ T7846] Memory cgroup out of memory: Killed process 26407 (syz-executor.3) total-vm:72580kB, anon-rss:172kB, file-rss:35796kB, shmem-rss:0kB [ 3303.289154][T21369] IPVS: Scheduler module ip_vs_ú” not found [ 3303.298064][T21360] syz-executor.0 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=0, oom_score_adj=1000 [ 3303.302546][ T1043] oom_reaper: reaped process 26407 (syz-executor.3), now anon-rss:0kB, file-rss:34836kB, shmem-rss:0kB [ 3303.312462][T21360] CPU: 0 PID: 21360 Comm: syz-executor.0 Not tainted 5.1.0-rc7+ #97 [ 3303.312473][T21360] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3303.312479][T21360] Call Trace: [ 3303.312506][T21360] dump_stack+0x172/0x1f0 [ 3303.312528][T21360] dump_header+0x10f/0xb6c [ 3303.312547][T21360] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 3303.312563][T21360] ? ___ratelimit+0x60/0x595 [ 3303.312579][T21360] ? do_raw_spin_unlock+0x57/0x270 [ 3303.312597][T21360] oom_kill_process.cold+0x10/0x15 [ 3303.312614][T21360] out_of_memory+0x79a/0x1280 [ 3303.312637][T21360] ? oom_killer_disable+0x280/0x280 [ 3303.312649][T21360] ? find_held_lock+0x35/0x130 [ 3303.312677][T21360] mem_cgroup_out_of_memory+0x1ca/0x230 [ 3303.312691][T21360] ? memcg_event_wake+0x230/0x230 [ 3303.312713][T21360] ? do_raw_spin_unlock+0x57/0x270 17:10:35 executing program 2: clone(0x80210a001ff1, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$IP_VS_SO_SET_ADD(r0, 0x0, 0x482, &(0x7f0000000040)={0x40011, @empty, 0x0, 0x0, '\xfa\x94\x00\x00\a\x00'}, 0x2c) 17:10:35 executing program 4: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB="300000001800110300000000000000000a000000fe0000004c11000014000500002ec1ddb6edd8e4dcd163af3c00000000000000000000000008"], 0x1}}, 0x0) 17:10:35 executing program 0: unshare(0x8020000) r0 = syz_open_procfs$namespace(0x0, &(0x7f0000000140)='ns/ipc\x00') openat$snapshot(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snapshot\x00', 0x0, 0x0) setns(r0, 0x3) 17:10:35 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = socket$inet(0x10, 0x3, 0xc) sendmsg(r1, &(0x7f0000011fc8)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="24000000060107031dfffd946fa2830020200a0009000200001d85540c1baba20400ff7e28000000110affffba010000000009b356da5a80d18be34c8546c8243929db2406b20cd37ed01cc0", 0x4c}], 0x1}, 0x0) 17:10:35 executing program 1: timer_create(0x0, &(0x7f0000000100)={0x0, 0x0, 0x0, @thr={0x0, 0x0}}, 0x0) r0 = socket$inet6(0xa, 0x6, 0x1) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) connect$inet6(r0, &(0x7f0000000200)={0xa, 0x0, 0x0, @local, 0x7}, 0x316) sendmmsg(r0, &(0x7f0000007e00), 0x400000000000058, 0x3f00) [ 3303.312738][T21360] ? _raw_spin_unlock+0x2d/0x50 [ 3303.409437][T21360] try_charge+0x102c/0x15c0 [ 3303.413957][T21360] ? find_held_lock+0x35/0x130 [ 3303.418749][T21360] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 3303.424305][T21360] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 3303.429859][T21360] ? find_held_lock+0x35/0x130 [ 3303.434629][T21360] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 3303.440201][T21360] __memcg_kmem_charge_memcg+0x7c/0x130 [ 3303.445755][T21360] ? memcg_kmem_put_cache+0xb0/0xb0 [ 3303.450970][T21360] ? get_mem_cgroup_from_mm+0x128/0x2b0 [ 3303.456530][T21360] __memcg_kmem_charge+0x136/0x300 [ 3303.461666][T21360] __alloc_pages_nodemask+0x4bf/0x8d0 [ 3303.467063][T21360] ? __alloc_pages_slowpath+0x28b0/0x28b0 [ 3303.472806][T21360] ? copy_page_range+0x125a/0x1f90 [ 3303.477939][T21360] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 3303.484198][T21360] alloc_pages_current+0x107/0x210 [ 3303.489331][T21360] pte_alloc_one+0x1b/0x1a0 [ 3303.493856][T21360] __pte_alloc+0x20/0x310 [ 3303.498201][T21360] copy_page_range+0x1529/0x1f90 [ 3303.503162][T21360] ? perf_trace_lock+0xeb/0x510 [ 3303.508027][T21360] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3303.514313][T21360] ? pmd_alloc+0x180/0x180 [ 3303.518743][T21360] ? __rb_insert_augmented+0x231/0xdf0 [ 3303.524206][T21360] ? validate_mm_rb+0xa3/0xc0 [ 3303.528903][T21360] ? __vma_link_rb+0x279/0x370 [ 3303.533695][T21360] copy_process.part.0+0x568b/0x7980 [ 3303.539030][T21360] ? __cleanup_sighand+0x60/0x60 [ 3303.543997][T21360] ? check_stack_object+0x114/0x160 [ 3303.549247][T21360] ? __sanitizer_cov_trace_switch+0x49/0x80 [ 3303.555164][T21360] _do_fork+0x257/0xfd0 [ 3303.559342][T21360] ? fork_idle+0x1d0/0x1d0 [ 3303.563870][T21360] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3303.570130][T21360] ? key_get_type_from_user.constprop.0+0xe4/0x110 [ 3303.576649][T21360] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3303.582904][T21360] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3303.588379][T21360] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3303.592106][T21381] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.5'. [ 3303.593840][T21360] ? do_syscall_64+0x26/0x610 [ 3303.593857][T21360] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3303.593872][T21360] ? do_syscall_64+0x26/0x610 [ 3303.593896][T21360] __x64_sys_clone+0xbf/0x150 [ 3303.593916][T21360] do_syscall_64+0x103/0x610 [ 3303.593945][T21360] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3303.634403][T21360] RIP: 0033:0x2000050a [ 3303.638481][T21360] Code: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 98 4a 2a e9 2c b8 b6 4c 0f 05 03 00 40 00 c4 a3 7b f0 c5 3c 41 e2 e9 c4 22 e9 aa bb 3c 00 00 [ 3303.658099][T21360] RSP: 002b:0000000000400003 EFLAGS: 00000212 ORIG_RAX: 0000000000000038 [ 3303.666524][T21360] RAX: ffffffffffffffda RBX: 0000000000000009 RCX: 000000002000050a [ 3303.675120][T21360] RDX: dfaf83e69c634c96 RSI: 0000000000400003 RDI: 00007f3680240608 [ 3303.682563][T21384] IPVS: Scheduler module ip_vs_ú” not found [ 3303.683097][T21360] RBP: 0000000000000006 R08: 0000000000000005 R09: 0000000000000006 [ 3303.683107][T21360] R10: 0000000000000007 R11: 0000000000000212 R12: 000000000000000b [ 3303.683115][T21360] R13: 000000000000000c R14: 000000000000000d R15: 00000000ffffffff [ 3303.714801][T21360] memory: usage 307136kB, limit 307200kB, failcnt 645 [ 3303.722311][T21360] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3303.729961][T21360] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3303.732150][T21390] IPVS: Scheduler module ip_vs_ú” not found [ 3303.744404][T21360] Memory cgroup stats for /syz0: cache:16384KB rss:206452KB rss_huge:165888KB shmem:16544KB mapped_file:0KB dirty:0KB writeback:132KB swap:0KB inactive_anon:16484KB active_anon:206508KB inactive_file:0KB active_file:0KB unevictable:0KB [ 3303.771669][T21360] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=18318,uid=0 [ 3303.787469][T21360] Memory cgroup out of memory: Killed process 18318 (syz-executor.0) total-vm:72712kB, anon-rss:2220kB, file-rss:35812kB, shmem-rss:0kB [ 3303.806086][ T1043] oom_reaper: reaped process 18318 (syz-executor.0), now anon-rss:0kB, file-rss:34852kB, shmem-rss:0kB [ 3303.926420][T21356] syz-executor.0 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=0, oom_score_adj=1000 [ 3303.939273][T21356] CPU: 0 PID: 21356 Comm: syz-executor.0 Not tainted 5.1.0-rc7+ #97 [ 3303.947269][T21356] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3303.957326][T21356] Call Trace: [ 3303.957351][T21356] dump_stack+0x172/0x1f0 [ 3303.957373][T21356] dump_header+0x10f/0xb6c [ 3303.957391][T21356] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 3303.957409][T21356] ? ___ratelimit+0x60/0x595 [ 3303.957425][T21356] ? do_raw_spin_unlock+0x57/0x270 [ 3303.957445][T21356] oom_kill_process.cold+0x10/0x15 [ 3303.957463][T21356] out_of_memory+0x79a/0x1280 [ 3303.957482][T21356] ? lock_downgrade+0x880/0x880 [ 3303.957503][T21356] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3303.969511][T21356] ? oom_killer_disable+0x280/0x280 [ 3303.969526][T21356] ? find_held_lock+0x35/0x130 [ 3303.969552][T21356] mem_cgroup_out_of_memory+0x1ca/0x230 [ 3303.990133][T21356] ? memcg_event_wake+0x230/0x230 [ 3304.005887][T21356] ? do_raw_spin_unlock+0x57/0x270 [ 3304.005905][T21356] ? _raw_spin_unlock+0x2d/0x50 [ 3304.005936][T21356] try_charge+0xa87/0x15c0 [ 3304.005949][T21356] ? find_held_lock+0x35/0x130 [ 3304.005975][T21356] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 3304.005991][T21356] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 3304.006007][T21356] ? find_held_lock+0x35/0x130 [ 3304.006024][T21356] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 3304.006051][T21356] __memcg_kmem_charge_memcg+0x7c/0x130 [ 3304.006067][T21356] ? memcg_kmem_put_cache+0xb0/0xb0 [ 3304.006087][T21356] ? get_mem_cgroup_from_mm+0x128/0x2b0 [ 3304.006107][T21356] __memcg_kmem_charge+0x136/0x300 [ 3304.006128][T21356] __alloc_pages_nodemask+0x4bf/0x8d0 [ 3304.006151][T21356] ? __alloc_pages_slowpath+0x28b0/0x28b0 [ 3304.006175][T21356] ? copy_page_range+0x125a/0x1f90 [ 3304.106949][T21356] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 3304.113217][T21356] alloc_pages_current+0x107/0x210 [ 3304.118388][T21356] pte_alloc_one+0x1b/0x1a0 [ 3304.122911][T21356] __pte_alloc+0x20/0x310 [ 3304.127270][T21356] copy_page_range+0x1529/0x1f90 [ 3304.132255][T21356] ? perf_trace_lock+0xeb/0x510 [ 3304.137511][T21356] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3304.143780][T21356] ? pmd_alloc+0x180/0x180 [ 3304.148203][T21356] ? __rb_insert_augmented+0x231/0xdf0 [ 3304.153663][T21356] ? validate_mm_rb+0xa3/0xc0 [ 3304.158341][T21356] ? __vma_link_rb+0x279/0x370 [ 3304.163986][T21356] copy_process.part.0+0x568b/0x7980 [ 3304.169284][T21356] ? __cleanup_sighand+0x60/0x60 [ 3304.174248][T21356] ? finish_task_switch+0x146/0x780 [ 3304.179451][T21356] ? lockdep_hardirqs_on+0x418/0x5d0 [ 3304.184735][T21356] ? trace_hardirqs_on+0x67/0x230 [ 3304.189759][T21356] ? kasan_check_read+0x11/0x20 [ 3304.194604][T21356] _do_fork+0x257/0xfd0 [ 3304.198748][T21356] ? fork_idle+0x1d0/0x1d0 [ 3304.203165][T21356] ? __sched_text_start+0x8/0x8 [ 3304.208032][T21356] ? prepare_exit_to_usermode+0x279/0x2e0 [ 3304.213755][T21356] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3304.219199][T21356] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3304.224652][T21356] ? do_syscall_64+0x26/0x610 [ 3304.229349][T21356] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3304.235424][T21356] ? do_syscall_64+0x26/0x610 [ 3304.240094][T21356] __x64_sys_clone+0xbf/0x150 [ 3304.244770][T21356] do_syscall_64+0x103/0x610 [ 3304.249369][T21356] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3304.255252][T21356] RIP: 0033:0x2000050a [ 3304.259304][T21356] Code: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 98 4a 2a e9 2c b8 b6 4c 0f 05 03 00 40 00 c4 a3 7b f0 c5 3c 41 e2 e9 c4 22 e9 aa bb 3c 00 00 [ 3304.278896][T21356] RSP: 002b:0000000000400003 EFLAGS: 00000212 ORIG_RAX: 0000000000000038 [ 3304.287304][T21356] RAX: ffffffffffffffda RBX: 0000000000000009 RCX: 000000002000050a [ 3304.295275][T21356] RDX: dfaf83e69c634c96 RSI: 0000000000400003 RDI: 00007f3680240608 [ 3304.303244][T21356] RBP: 0000000000000006 R08: 0000000000000005 R09: 0000000000000006 [ 3304.311212][T21356] R10: 0000000000000007 R11: 0000000000000212 R12: 000000000000000b [ 3304.319269][T21356] R13: 000000000000000c R14: 000000000000000d R15: 00000000ffffffff [ 3304.327683][T21356] memory: usage 307200kB, limit 307200kB, failcnt 1027 [ 3304.334781][T21356] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3304.344092][T21356] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3304.351538][T21356] Memory cgroup stats for /syz0: cache:16384KB rss:204348KB rss_huge:163840KB shmem:16544KB mapped_file:0KB dirty:0KB writeback:132KB swap:0KB inactive_anon:16484KB active_anon:204380KB inactive_file:0KB active_file:0KB unevictable:0KB [ 3304.375169][T21356] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=29609,uid=0 [ 3304.393762][T21356] Memory cgroup out of memory: Killed process 29609 (syz-executor.0) total-vm:72712kB, anon-rss:2232kB, file-rss:35796kB, shmem-rss:0kB [ 3304.411158][ T1043] oom_reaper: reaped process 29609 (syz-executor.0), now anon-rss:0kB, file-rss:34836kB, shmem-rss:0kB [ 3304.413780][T21352] syz-executor.0 invoked oom-killer: gfp_mask=0x40cc0(GFP_KERNEL|__GFP_COMP), order=0, oom_score_adj=1000 [ 3304.422387][ C0] net_ratelimit: 20 callbacks suppressed [ 3304.422395][ C0] protocol 88fb is buggy, dev hsr_slave_0 [ 3304.422456][ C0] protocol 88fb is buggy, dev hsr_slave_1 [ 3304.422547][ C0] protocol 88fb is buggy, dev hsr_slave_0 [ 3304.422594][ C0] protocol 88fb is buggy, dev hsr_slave_1 [ 3304.507887][T21352] CPU: 0 PID: 21352 Comm: syz-executor.0 Not tainted 5.1.0-rc7+ #97 [ 3304.515940][T21352] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3304.526007][T21352] Call Trace: [ 3304.529320][T21352] dump_stack+0x172/0x1f0 [ 3304.533666][T21352] dump_header+0x10f/0xb6c [ 3304.538445][T21352] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 3304.544267][T21352] ? ___ratelimit+0x60/0x595 [ 3304.548856][T21352] ? do_raw_spin_unlock+0x57/0x270 [ 3304.553975][T21352] oom_kill_process.cold+0x10/0x15 [ 3304.559086][T21352] out_of_memory+0x79a/0x1280 [ 3304.564992][T21352] ? oom_killer_disable+0x280/0x280 [ 3304.570195][T21352] ? find_held_lock+0x35/0x130 [ 3304.574979][T21352] mem_cgroup_out_of_memory+0x1ca/0x230 [ 3304.580523][T21352] ? memcg_event_wake+0x230/0x230 [ 3304.585549][T21352] ? do_raw_spin_unlock+0x57/0x270 [ 3304.590667][T21352] ? _raw_spin_unlock+0x2d/0x50 [ 3304.595529][T21352] try_charge+0x102c/0x15c0 [ 3304.600040][T21352] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 3304.606274][T21352] ? should_fail+0x1de/0x852 [ 3304.610869][T21352] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 3304.616417][T21352] ? rcu_read_lock_sched_held+0x110/0x130 [ 3304.622146][T21352] ? __alloc_pages_nodemask+0x61d/0x8d0 [ 3304.627688][T21352] ? __lockdep_free_key_range+0x120/0x120 [ 3304.633413][T21352] __memcg_kmem_charge_memcg+0x7c/0x130 [ 3304.638961][T21352] ? memcg_kmem_put_cache+0xb0/0xb0 [ 3304.644152][T21352] ? cache_grow_begin+0x594/0x860 [ 3304.649172][T21352] ? lockdep_hardirqs_on+0x418/0x5d0 [ 3304.654453][T21352] ? trace_hardirqs_on+0x67/0x230 [ 3304.659478][T21352] cache_grow_begin+0x5c0/0x860 [ 3304.664325][T21352] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 3304.670577][T21352] ? __cpuset_node_allowed+0x136/0x540 [ 3304.676051][T21352] fallback_alloc+0x1fd/0x2d0 [ 3304.680736][T21352] ____cache_alloc_node+0x1be/0x1e0 [ 3304.685942][T21352] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 3304.692282][T21352] kmem_cache_alloc+0x1e8/0x6f0 [ 3304.697138][T21352] ? validate_mm_rb+0xa3/0xc0 [ 3304.701836][T21352] vm_area_dup+0x21/0x170 [ 3304.706176][T21352] copy_process.part.0+0x3431/0x7980 [ 3304.711505][T21352] ? __cleanup_sighand+0x60/0x60 [ 3304.716448][T21352] ? check_stack_object+0x114/0x160 [ 3304.721641][T21352] ? __sanitizer_cov_trace_switch+0x49/0x80 [ 3304.727536][T21352] _do_fork+0x257/0xfd0 [ 3304.731698][T21352] ? fork_idle+0x1d0/0x1d0 [ 3304.736123][T21352] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3304.742377][T21352] ? key_get_type_from_user.constprop.0+0xe4/0x110 [ 3304.748881][T21352] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3304.755122][T21352] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3304.760578][T21352] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3304.766033][T21352] ? do_syscall_64+0x26/0x610 [ 3304.770704][T21352] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3304.776760][T21352] ? do_syscall_64+0x26/0x610 [ 3304.781443][T21352] __x64_sys_clone+0xbf/0x150 [ 3304.786122][T21352] do_syscall_64+0x103/0x610 [ 3304.790713][T21352] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3304.796599][T21352] RIP: 0033:0x2000050a [ 3304.800666][T21352] Code: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 98 4a 2a e9 2c b8 b6 4c 0f 05 03 00 40 00 c4 a3 7b f0 c5 3c 41 e2 e9 c4 22 e9 aa bb 3c 00 00 [ 3304.820287][T21352] RSP: 002b:0000000000400003 EFLAGS: 00000212 ORIG_RAX: 0000000000000038 [ 3304.828698][T21352] RAX: ffffffffffffffda RBX: 0000000000000009 RCX: 000000002000050a [ 3304.836673][T21352] RDX: dfaf83e69c634c96 RSI: 0000000000400003 RDI: 00007f3680240608 [ 3304.844639][T21352] RBP: 0000000000000006 R08: 0000000000000005 R09: 0000000000000006 [ 3304.852620][T21352] R10: 0000000000000007 R11: 0000000000000212 R12: 000000000000000b [ 3304.860590][T21352] R13: 000000000000000c R14: 000000000000000d R15: 00000000ffffffff [ 3304.868911][T21352] memory: usage 307036kB, limit 307200kB, failcnt 1155 [ 3304.875865][T21352] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3304.883423][T21352] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3304.890272][T21352] Memory cgroup stats for /syz0: cache:16384KB rss:202260KB rss_huge:161792KB shmem:16544KB mapped_file:0KB dirty:0KB writeback:132KB swap:0KB inactive_anon:16484KB active_anon:202228KB inactive_file:0KB active_file:0KB unevictable:0KB [ 3304.913451][T21352] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=7556,uid=0 [ 3304.928830][T21352] Memory cgroup out of memory: Killed process 7556 (syz-executor.0) total-vm:72976kB, anon-rss:2244kB, file-rss:35784kB, shmem-rss:0kB [ 3304.949220][ T1043] oom_reaper: reaped process 7556 (syz-executor.0), now anon-rss:0kB, file-rss:34824kB, shmem-rss:0kB [ 3305.051684][ C1] protocol 88fb is buggy, dev hsr_slave_0 [ 3305.057727][ C1] protocol 88fb is buggy, dev hsr_slave_1 [ 3305.063824][ C1] protocol 88fb is buggy, dev hsr_slave_0 [ 3305.069725][ C1] protocol 88fb is buggy, dev hsr_slave_1 [ 3305.075766][ C1] protocol 88fb is buggy, dev hsr_slave_0 [ 3305.076751][T21397] syz-executor.0 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=0, oom_score_adj=1000 [ 3305.081749][ C1] protocol 88fb is buggy, dev hsr_slave_1 [ 3305.100973][T21397] CPU: 0 PID: 21397 Comm: syz-executor.0 Not tainted 5.1.0-rc7+ #97 [ 3305.108981][T21397] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3305.119046][T21397] Call Trace: [ 3305.122352][T21397] dump_stack+0x172/0x1f0 [ 3305.126694][T21397] dump_header+0x10f/0xb6c [ 3305.131115][T21397] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 3305.136938][T21397] ? ___ratelimit+0x60/0x595 [ 3305.141537][T21397] ? do_raw_spin_unlock+0x57/0x270 [ 3305.146665][T21397] oom_kill_process.cold+0x10/0x15 [ 3305.151795][T21397] out_of_memory+0x79a/0x1280 [ 3305.156487][T21397] ? lock_downgrade+0x880/0x880 [ 3305.161336][T21397] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3305.167586][T21397] ? oom_killer_disable+0x280/0x280 [ 3305.172789][T21397] ? find_held_lock+0x35/0x130 [ 3305.177579][T21397] mem_cgroup_out_of_memory+0x1ca/0x230 [ 3305.183151][T21397] ? memcg_event_wake+0x230/0x230 [ 3305.188181][T21397] ? do_raw_spin_unlock+0x57/0x270 [ 3305.193301][T21397] ? _raw_spin_unlock+0x2d/0x50 [ 3305.198165][T21397] try_charge+0xa87/0x15c0 [ 3305.202626][T21397] ? find_held_lock+0x35/0x130 [ 3305.207418][T21397] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 3305.212978][T21397] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 3305.218540][T21397] ? find_held_lock+0x35/0x130 [ 3305.223319][T21397] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 3305.228898][T21397] __memcg_kmem_charge_memcg+0x7c/0x130 [ 3305.234461][T21397] ? memcg_kmem_put_cache+0xb0/0xb0 [ 3305.239674][T21397] ? get_mem_cgroup_from_mm+0x128/0x2b0 [ 3305.245245][T21397] __memcg_kmem_charge+0x136/0x300 [ 3305.250371][T21397] __alloc_pages_nodemask+0x4bf/0x8d0 [ 3305.255749][T21397] ? __alloc_pages_slowpath+0x28b0/0x28b0 [ 3305.261485][T21397] ? is_dynamic_key+0x1c0/0x1c0 [ 3305.266335][T21397] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 3305.272591][T21397] alloc_pages_current+0x107/0x210 [ 3305.277713][T21397] pte_alloc_one+0x1b/0x1a0 [ 3305.282241][T21397] __handle_mm_fault+0x3491/0x3ec0 [ 3305.287369][T21397] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 3305.292912][T21397] ? find_held_lock+0x35/0x130 [ 3305.297672][T21397] ? handle_mm_fault+0x322/0xb30 [ 3305.302615][T21397] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3305.308867][T21397] ? kasan_check_read+0x11/0x20 [ 3305.313719][T21397] handle_mm_fault+0x43f/0xb30 [ 3305.318502][T21397] __do_page_fault+0x5ef/0xda0 [ 3305.323276][T21397] do_page_fault+0x71/0x581 [ 3305.327792][T21397] page_fault+0x1e/0x30 [ 3305.331951][T21397] RIP: 0010:strncpy_from_user+0x1e1/0x380 [ 3305.337653][T21397] Code: 48 83 eb 08 bf 07 00 00 00 49 83 c4 08 48 89 de e8 54 fb 2d fe 48 83 fb 07 0f 86 17 01 00 00 e8 a5 f9 2d fe 48 8b 45 d0 31 f6 <4e> 8b 3c 20 31 ff 89 75 cc e8 11 fb 2d fe 8b 75 cc 85 f6 0f 84 5a [ 3305.357249][T21397] RSP: 0018:ffff88820df2fcb0 EFLAGS: 00010246 [ 3305.363310][T21397] RAX: 0000000000400003 RBX: 0000000000000fe0 RCX: ffffffff83429272 [ 3305.371282][T21397] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000007 [ 3305.379255][T21397] RBP: ffff88820df2fce8 R08: ffff88802dbd4700 R09: ffff8880aa594dc0 [ 3305.387222][T21397] R10: 000000000000001c R11: ffff88808bac30bf R12: 0000000000000000 [ 3305.395214][T21397] R13: ffff88808bac20e0 R14: 0000000000000fe0 R15: 00007ffffffff000 [ 3305.403222][T21397] ? strncpy_from_user+0x142/0x380 [ 3305.408371][T21397] getname_flags+0x11b/0x5b0 [ 3305.412987][T21397] do_renameat2+0x199/0xc40 [ 3305.417503][T21397] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3305.423750][T21397] ? debug_smp_processor_id+0x3c/0x280 [ 3305.429224][T21397] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 3305.434966][T21397] ? user_path_create+0x50/0x50 [ 3305.439821][T21397] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3305.446068][T21397] ? security_capable+0x9b/0xd0 [ 3305.450940][T21397] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3305.457182][T21397] ? ns_capable_common+0x93/0x100 [ 3305.462218][T21397] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3305.467686][T21397] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3305.473150][T21397] ? do_syscall_64+0x26/0x610 [ 3305.477814][T21397] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3305.483879][T21397] ? do_syscall_64+0x26/0x610 [ 3305.488571][T21397] __x64_sys_renameat+0x9a/0x100 [ 3305.493513][T21397] do_syscall_64+0x103/0x610 [ 3305.498095][T21397] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3305.503976][T21397] RIP: 0033:0x2000050a [ 3305.508050][T21397] Code: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 98 4a 2a e9 2c b8 b6 4c 0f 05 03 00 40 00 c4 a3 7b f0 c5 3c 41 e2 e9 c4 22 e9 aa bb 3c 00 00 [ 3305.527660][T21397] RSP: 002b:0000000000400003 EFLAGS: 00000212 ORIG_RAX: 0000000000000108 [ 3305.536077][T21397] RAX: ffffffffffffffda RBX: 0000000000000009 RCX: 000000002000050a [ 3305.544052][T21397] RDX: dfaf83e69c634c96 RSI: 0000000000400003 RDI: 00007f3680240608 [ 3305.552034][T21397] RBP: 0000000000000013 R08: 0000000000000005 R09: 0000000000000006 [ 3305.560007][T21397] R10: 0000000000000007 R11: 0000000000000212 R12: 000000000000000b [ 3305.567977][T21397] R13: 000000000000000c R14: 000000000000000d R15: 00000000ffffffff [ 3305.576412][T21397] memory: usage 307200kB, limit 307200kB, failcnt 1443 [ 3305.583439][T21397] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3305.590910][T21397] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3305.597967][T21397] Memory cgroup stats for /syz0: cache:16384KB rss:200128KB rss_huge:159744KB shmem:16544KB mapped_file:0KB dirty:0KB writeback:132KB swap:0KB inactive_anon:16484KB active_anon:200148KB inactive_file:0KB active_file:0KB unevictable:0KB [ 3305.620701][T21397] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=8180,uid=0 [ 3305.636190][T21397] Memory cgroup out of memory: Killed process 8180 (syz-executor.0) total-vm:72976kB, anon-rss:2244kB, file-rss:35784kB, shmem-rss:0kB [ 3305.664580][T21362] syz-executor.0 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=0, oom_score_adj=1000 [ 3305.677580][T21362] CPU: 1 PID: 21362 Comm: syz-executor.0 Not tainted 5.1.0-rc7+ #97 [ 3305.685576][T21362] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3305.695641][T21362] Call Trace: [ 3305.698955][T21362] dump_stack+0x172/0x1f0 [ 3305.703302][T21362] dump_header+0x10f/0xb6c [ 3305.707747][T21362] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 3305.713569][T21362] ? ___ratelimit+0x60/0x595 [ 3305.718170][T21362] ? do_raw_spin_unlock+0x57/0x270 [ 3305.723304][T21362] oom_kill_process.cold+0x10/0x15 [ 3305.728429][T21362] out_of_memory+0x79a/0x1280 [ 3305.733129][T21362] ? oom_killer_disable+0x280/0x280 [ 3305.738333][T21362] ? find_held_lock+0x35/0x130 [ 3305.743120][T21362] mem_cgroup_out_of_memory+0x1ca/0x230 [ 3305.748674][T21362] ? memcg_event_wake+0x230/0x230 [ 3305.753714][T21362] ? do_raw_spin_unlock+0x57/0x270 [ 3305.758847][T21362] ? _raw_spin_unlock+0x2d/0x50 [ 3305.763717][T21362] try_charge+0xa87/0x15c0 [ 3305.768184][T21362] ? find_held_lock+0x35/0x130 [ 3305.772971][T21362] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 3305.778532][T21362] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 3305.784093][T21362] ? find_held_lock+0x35/0x130 [ 3305.788873][T21362] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 3305.794448][T21362] __memcg_kmem_charge_memcg+0x7c/0x130 [ 3305.800008][T21362] ? memcg_kmem_put_cache+0xb0/0xb0 [ 3305.805217][T21362] ? get_mem_cgroup_from_mm+0x128/0x2b0 [ 3305.810770][T21362] __memcg_kmem_charge+0x136/0x300 [ 3305.815892][T21362] __alloc_pages_nodemask+0x4bf/0x8d0 [ 3305.821279][T21362] ? __alloc_pages_slowpath+0x28b0/0x28b0 [ 3305.827014][T21362] ? is_dynamic_key+0x1c0/0x1c0 [ 3305.831873][T21362] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 3305.838131][T21362] alloc_pages_current+0x107/0x210 [ 3305.843254][T21362] pte_alloc_one+0x1b/0x1a0 [ 3305.847772][T21362] __handle_mm_fault+0x3491/0x3ec0 [ 3305.852896][T21362] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 3305.858448][T21362] ? find_held_lock+0x35/0x130 [ 3305.863218][T21362] ? handle_mm_fault+0x322/0xb30 [ 3305.868176][T21362] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3305.874424][T21362] ? kasan_check_read+0x11/0x20 [ 3305.879259][T21362] handle_mm_fault+0x43f/0xb30 [ 3305.884007][T21362] __do_page_fault+0x5ef/0xda0 [ 3305.888755][T21362] do_page_fault+0x71/0x581 [ 3305.893240][T21362] page_fault+0x1e/0x30 [ 3305.897379][T21362] RIP: 0010:strncpy_from_user+0x1e1/0x380 [ 3305.903075][T21362] Code: 48 83 eb 08 bf 07 00 00 00 49 83 c4 08 48 89 de e8 54 fb 2d fe 48 83 fb 07 0f 86 17 01 00 00 e8 a5 f9 2d fe 48 8b 45 d0 31 f6 <4e> 8b 3c 20 31 ff 89 75 cc e8 11 fb 2d fe 8b 75 cc 85 f6 0f 84 5a [ 3305.922664][T21362] RSP: 0018:ffff888201967cb0 EFLAGS: 00010246 [ 3305.928713][T21362] RAX: 0000000000400003 RBX: 0000000000000fe0 RCX: ffffffff83429272 [ 3305.936673][T21362] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000007 [ 3305.944648][T21362] RBP: ffff888201967ce8 R08: ffff88808f5c8140 R09: ffff8880aa594dc0 [ 3305.952618][T21362] R10: 000000000000001c R11: ffff888059ed513f R12: 0000000000000000 [ 3305.960574][T21362] R13: ffff888059ed4160 R14: 0000000000000fe0 R15: 00007ffffffff000 [ 3305.968546][T21362] ? strncpy_from_user+0x142/0x380 [ 3305.973650][T21362] getname_flags+0x11b/0x5b0 [ 3305.978223][T21362] do_renameat2+0x199/0xc40 [ 3305.982712][T21362] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3305.988948][T21362] ? debug_smp_processor_id+0x3c/0x280 [ 3305.994398][T21362] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 3306.000103][T21362] ? user_path_create+0x50/0x50 [ 3306.004946][T21362] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3306.011173][T21362] ? security_capable+0x9b/0xd0 [ 3306.016013][T21362] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3306.022237][T21362] ? ns_capable_common+0x93/0x100 [ 3306.027246][T21362] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3306.035394][T21362] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3306.040830][T21362] ? do_syscall_64+0x26/0x610 [ 3306.045487][T21362] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3306.051533][T21362] ? do_syscall_64+0x26/0x610 [ 3306.056211][T21362] __x64_sys_renameat+0x9a/0x100 [ 3306.061134][T21362] do_syscall_64+0x103/0x610 [ 3306.065709][T21362] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3306.071587][T21362] RIP: 0033:0x2000050a [ 3306.075645][T21362] Code: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 98 4a 2a e9 2c b8 b6 4c 0f 05 03 00 40 00 c4 a3 7b f0 c5 3c 41 e2 e9 c4 22 e9 aa bb 3c 00 00 [ 3306.095409][T21362] RSP: 002b:0000000000400003 EFLAGS: 00000212 ORIG_RAX: 0000000000000108 [ 3306.103809][T21362] RAX: ffffffffffffffda RBX: 0000000000000009 RCX: 000000002000050a [ 3306.111783][T21362] RDX: dfaf83e69c634c96 RSI: 0000000000400003 RDI: 00007f3680240608 [ 3306.119741][T21362] RBP: 0000000000000013 R08: 0000000000000005 R09: 0000000000000006 [ 3306.127700][T21362] R10: 0000000000000007 R11: 0000000000000212 R12: 000000000000000b [ 3306.135678][T21362] R13: 000000000000000c R14: 000000000000000d R15: 00000000ffffffff [ 3306.152765][T21362] memory: usage 307200kB, limit 307200kB, failcnt 1573 [ 3306.159821][T21362] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3306.169512][T21362] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3306.176633][T21362] Memory cgroup stats for /syz0: cache:16384KB rss:198012KB rss_huge:157696KB shmem:16544KB mapped_file:0KB dirty:0KB writeback:132KB swap:0KB inactive_anon:16484KB active_anon:198004KB inactive_file:0KB active_file:0KB unevictable:0KB [ 3306.199442][T21362] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=5629,uid=0 [ 3306.214989][T21362] Memory cgroup out of memory: Killed process 5629 (syz-executor.0) total-vm:72580kB, anon-rss:2220kB, file-rss:35812kB, shmem-rss:0kB [ 3306.233147][T21395] syz-executor.0 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=0, oom_score_adj=1000 [ 3306.252325][T21395] CPU: 0 PID: 21395 Comm: syz-executor.0 Not tainted 5.1.0-rc7+ #97 [ 3306.260341][T21395] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3306.270412][T21395] Call Trace: [ 3306.273723][T21395] dump_stack+0x172/0x1f0 [ 3306.278075][T21395] dump_header+0x10f/0xb6c [ 3306.282510][T21395] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 3306.288331][T21395] ? ___ratelimit+0x60/0x595 [ 3306.292944][T21395] ? do_raw_spin_unlock+0x57/0x270 [ 3306.298068][T21395] oom_kill_process.cold+0x10/0x15 [ 3306.303192][T21395] out_of_memory+0x79a/0x1280 [ 3306.307892][T21395] ? oom_killer_disable+0x280/0x280 [ 3306.313103][T21395] ? find_held_lock+0x35/0x130 [ 3306.317889][T21395] mem_cgroup_out_of_memory+0x1ca/0x230 [ 3306.323455][T21395] ? memcg_event_wake+0x230/0x230 [ 3306.328500][T21395] ? do_raw_spin_unlock+0x57/0x270 [ 3306.333620][T21395] ? _raw_spin_unlock+0x2d/0x50 [ 3306.338488][T21395] try_charge+0xa87/0x15c0 [ 3306.342909][T21395] ? find_held_lock+0x35/0x130 [ 3306.347707][T21395] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 3306.353272][T21395] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 3306.358828][T21395] ? find_held_lock+0x35/0x130 [ 3306.363604][T21395] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 3306.369179][T21395] __memcg_kmem_charge_memcg+0x7c/0x130 [ 3306.374735][T21395] ? memcg_kmem_put_cache+0xb0/0xb0 [ 3306.379952][T21395] ? get_mem_cgroup_from_mm+0x128/0x2b0 [ 3306.385566][T21395] __memcg_kmem_charge+0x136/0x300 [ 3306.390693][T21395] __alloc_pages_nodemask+0x4bf/0x8d0 [ 3306.396081][T21395] ? __alloc_pages_slowpath+0x28b0/0x28b0 [ 3306.401817][T21395] ? is_dynamic_key+0x1c0/0x1c0 [ 3306.406675][T21395] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 3306.412936][T21395] alloc_pages_current+0x107/0x210 [ 3306.418062][T21395] pte_alloc_one+0x1b/0x1a0 [ 3306.422576][T21395] __handle_mm_fault+0x3491/0x3ec0 [ 3306.427711][T21395] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 3306.433351][T21395] ? find_held_lock+0x35/0x130 [ 3306.438132][T21395] ? handle_mm_fault+0x322/0xb30 [ 3306.443088][T21395] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3306.449353][T21395] ? kasan_check_read+0x11/0x20 [ 3306.454252][T21395] handle_mm_fault+0x43f/0xb30 [ 3306.459023][T21395] __do_page_fault+0x5ef/0xda0 [ 3306.463808][T21395] do_page_fault+0x71/0x581 17:10:39 executing program 3: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100)='/dev/net/tun\x00', 0x400003, 0x0) ppoll(&(0x7f0000000200)=[{r0, 0x2000}, {r0}, {r0}, {r0, 0x2080}, {r0, 0x1008}, {r0, 0x4028}, {r0, 0x1}, {r0, 0x8100}, {r0, 0xc040}], 0x9, &(0x7f0000000280)={0x77359400}, &(0x7f00000002c0)={0x9}, 0x8) clone(0x802102001ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) syz_execute_func(&(0x7f0000000000)="994a2ae92c10964c0f05bf03000000c4a37bf0c50141e2e9c422e9aabb3c0000004a0fc7a4ea70db000000000f383a9e02000000110f4e5bc4a265aa104b26660f38091e2fa2631bc421045f4607c421dd589fc4e10bf8e426f2f045f619640f0f6f43a038fd52262e2e66450f7d64c60865f2ad0383397fd3ff3a0065f20f7cd8efa1a12ad764d38f53efaf6766f2ab440fec3f67ddea660f79cec462b1f72ec3c4899294d800000000000fc4634148f70000c2a0c10b00cca27a0e0fc442cd376d000f9f3c6436b2aa66450fc4650000c4e39978c104d9a1e8719e70ddcdcda2660f38346800c4e3295d4c3dc8a3c4c1045ccc7d75c4426507af0f0000000f5fd25cf3460f2ad0f30f5ea5a9a50000ffff660f79ca553131b83a00a2f1fbfb766208cf") r1 = openat$dlm_monitor(0xffffffffffffff9c, &(0x7f0000000140)='/dev/dlm-monitor\x00', 0x404800, 0x0) syz_execute_func(&(0x7f0000000180)="3664fe44d7006666f247af66420f677000660f2a68270f6e9f39c40000c4a2212c2664440f73d2bd4071037a45f2a6") ioctl$sock_bt_cmtp_CMTPCONNDEL(r1, 0x400443c9, &(0x7f00000001c0)={{0x6, 0x81, 0x4, 0x5, 0x8001, 0x101}}) 17:10:39 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = socket$inet(0x10, 0x3, 0xc) sendmsg(r1, &(0x7f0000011fc8)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="24000000060107031dfffd946fa2830020200a0009000200001d85550c1baba20400ff7e28000000110affffba010000000009b356da5a80d18be34c8546c8243929db2406b20cd37ed01cc0", 0x4c}], 0x1}, 0x0) 17:10:39 executing program 4: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB="300000001800110300000000000000000a000000fe000000003f000014000500002ec1ddb6edd8e4dcd163af3c00000000000000000000000008"], 0x1}}, 0x0) 17:10:39 executing program 1: sendmsg(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000004000)=[{0x0}], 0x1}, 0x0) io_getevents(0x0, 0x0, 0x0, 0x0, &(0x7f0000000280)={0x0, 0x989680}) r0 = syz_open_procfs(0x0, &(0x7f0000000040)='cmdline\x00') preadv(r0, &(0x7f0000000100), 0x2a2, 0x0) ioctl$VHOST_SET_VRING_NUM(r0, 0x4008af10, &(0x7f00000000c0)={0x3, 0x8}) fsetxattr$security_smack_transmute(r0, &(0x7f0000000000)='security.SMACK64TRANSMUTE\x00', &(0x7f0000000080)='TRUE', 0x4, 0x3) 17:10:39 executing program 2: clone(0x80210a001ff1, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$IP_VS_SO_SET_ADD(r0, 0x0, 0x482, &(0x7f0000000040)={0x40011, @empty, 0x0, 0x0, '\xfa\x94\x00\x00H\x00'}, 0x2c) [ 3306.468325][T21395] page_fault+0x1e/0x30 [ 3306.472488][T21395] RIP: 0010:strncpy_from_user+0x1e1/0x380 [ 3306.478209][T21395] Code: 48 83 eb 08 bf 07 00 00 00 49 83 c4 08 48 89 de e8 54 fb 2d fe 48 83 fb 07 0f 86 17 01 00 00 e8 a5 f9 2d fe 48 8b 45 d0 31 f6 <4e> 8b 3c 20 31 ff 89 75 cc e8 11 fb 2d fe 8b 75 cc 85 f6 0f 84 5a [ 3306.497829][T21395] RSP: 0018:ffff888205e57cb0 EFLAGS: 00010246 [ 3306.503908][T21395] RAX: 0000000000400003 RBX: 0000000000000fe0 RCX: ffffffff83429272 [ 3306.511903][T21395] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000007 [ 3306.519903][T21395] RBP: ffff888205e57ce8 R08: ffff8880988b6040 R09: ffff8880aa594dc0 [ 3306.527891][T21395] R10: 000000000000001c R11: ffff88804000d27f R12: 0000000000000000 [ 3306.535877][T21395] R13: ffff88804000c2a0 R14: 0000000000000fe0 R15: 00007ffffffff000 [ 3306.535912][T21395] ? strncpy_from_user+0x142/0x380 [ 3306.535949][T21395] getname_flags+0x11b/0x5b0 [ 3306.535971][T21395] do_renameat2+0x199/0xc40 [ 3306.535991][T21395] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3306.536008][T21395] ? debug_smp_processor_id+0x3c/0x280 [ 3306.536027][T21395] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 3306.536042][T21395] ? user_path_create+0x50/0x50 [ 3306.536060][T21395] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3306.536078][T21395] ? security_capable+0x9b/0xd0 [ 3306.536097][T21395] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3306.597774][T21395] ? ns_capable_common+0x93/0x100 [ 3306.597797][T21395] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3306.597814][T21395] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3306.597830][T21395] ? do_syscall_64+0x26/0x610 [ 3306.597847][T21395] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3306.597861][T21395] ? do_syscall_64+0x26/0x610 [ 3306.597884][T21395] __x64_sys_renameat+0x9a/0x100 [ 3306.597904][T21395] do_syscall_64+0x103/0x610 [ 3306.638733][T21395] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3306.644638][T21395] RIP: 0033:0x2000050a [ 3306.648718][T21395] Code: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 98 4a 2a e9 2c b8 b6 4c 0f 05 03 00 40 00 c4 a3 7b f0 c5 3c 41 e2 e9 c4 22 e9 aa bb 3c 00 00 [ 3306.668426][T21395] RSP: 002b:0000000000400003 EFLAGS: 00000212 ORIG_RAX: 0000000000000108 [ 3306.676861][T21395] RAX: ffffffffffffffda RBX: 0000000000000009 RCX: 000000002000050a [ 3306.684852][T21395] RDX: dfaf83e69c634c96 RSI: 0000000000400003 RDI: 00007f3680240608 [ 3306.692830][T21395] RBP: 0000000000000013 R08: 0000000000000005 R09: 0000000000000006 [ 3306.700812][T21395] R10: 0000000000000007 R11: 0000000000000212 R12: 000000000000000b [ 3306.708790][T21395] R13: 000000000000000c R14: 000000000000000d R15: 00000000ffffffff [ 3306.725441][T21395] memory: usage 307200kB, limit 307200kB, failcnt 1682 [ 3306.731920][T21471] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.5'. [ 3306.732507][T21395] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3306.749154][T21395] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3306.756142][T21395] Memory cgroup stats for /syz0: cache:16384KB rss:195892KB rss_huge:155648KB shmem:16544KB mapped_file:0KB dirty:0KB writeback:132KB swap:0KB inactive_anon:16484KB active_anon:195880KB inactive_file:0KB active_file:0KB unevictable:0KB [ 3306.778891][T21395] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=12604,uid=0 [ 3306.794416][T21395] Memory cgroup out of memory: Killed process 12604 (syz-executor.0) total-vm:72580kB, anon-rss:2220kB, file-rss:35812kB, shmem-rss:0kB [ 3306.829190][T21407] syz-executor.0 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=0, oom_score_adj=1000 [ 3306.841386][T21407] CPU: 0 PID: 21407 Comm: syz-executor.0 Not tainted 5.1.0-rc7+ #97 [ 3306.849370][T21407] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3306.859437][T21407] Call Trace: [ 3306.862750][T21407] dump_stack+0x172/0x1f0 [ 3306.867099][T21407] dump_header+0x10f/0xb6c [ 3306.871531][T21407] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 3306.877356][T21407] ? ___ratelimit+0x60/0x595 [ 3306.882044][T21407] ? do_raw_spin_unlock+0x57/0x270 [ 3306.887176][T21407] oom_kill_process.cold+0x10/0x15 [ 3306.892299][T21407] out_of_memory+0x79a/0x1280 [ 3306.897020][T21407] ? oom_killer_disable+0x280/0x280 [ 3306.902228][T21407] ? find_held_lock+0x35/0x130 [ 3306.907023][T21407] mem_cgroup_out_of_memory+0x1ca/0x230 [ 3306.912580][T21407] ? memcg_event_wake+0x230/0x230 [ 3306.917630][T21407] ? do_raw_spin_unlock+0x57/0x270 [ 3306.922762][T21407] ? _raw_spin_unlock+0x2d/0x50 17:10:39 executing program 1: r0 = syz_open_dev$video(&(0x7f0000000080)='/dev/video#\x00', 0x9, 0x0) openat$tun(0xffffffffffffff9c, &(0x7f0000000000)='/dev/net/tun\x00', 0x18040, 0x0) ioctl$VIDIOC_G_AUDIO(r0, 0x80345621, &(0x7f00000000c0)) [ 3306.927638][T21407] try_charge+0xa87/0x15c0 [ 3306.932063][T21407] ? find_held_lock+0x35/0x130 [ 3306.936854][T21407] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 3306.942406][T21407] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 3306.947975][T21407] ? find_held_lock+0x35/0x130 [ 3306.952752][T21407] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 3306.958339][T21407] __memcg_kmem_charge_memcg+0x7c/0x130 [ 3306.963906][T21407] ? memcg_kmem_put_cache+0xb0/0xb0 [ 3306.969129][T21407] ? get_mem_cgroup_from_mm+0x128/0x2b0 [ 3306.974691][T21407] __memcg_kmem_charge+0x136/0x300 17:10:39 executing program 4: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB="300000001800110300000000000000000a000000fe00ffffff9e000014000500002ec1ddb6edd8e4dcd163af3c00000000000000000000000008"], 0x1}}, 0x0) [ 3306.979821][T21407] __alloc_pages_nodemask+0x4bf/0x8d0 [ 3306.985214][T21407] ? __alloc_pages_slowpath+0x28b0/0x28b0 [ 3306.990972][T21407] ? is_dynamic_key+0x1c0/0x1c0 [ 3306.995834][T21407] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 3307.002625][T21407] alloc_pages_current+0x107/0x210 [ 3307.002650][T21407] pte_alloc_one+0x1b/0x1a0 [ 3307.002672][T21407] __handle_mm_fault+0x3491/0x3ec0 [ 3307.002696][T21407] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 3307.002711][T21407] ? find_held_lock+0x35/0x130 [ 3307.002726][T21407] ? handle_mm_fault+0x322/0xb30 [ 3307.002754][T21407] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3307.002774][T21407] ? kasan_check_read+0x11/0x20 [ 3307.002794][T21407] handle_mm_fault+0x43f/0xb30 [ 3307.002814][T21407] __do_page_fault+0x5ef/0xda0 [ 3307.002838][T21407] do_page_fault+0x71/0x581 [ 3307.010620][T21464] IPVS: Scheduler module ip_vs_ú” not found [ 3307.012479][T21407] page_fault+0x1e/0x30 [ 3307.012497][T21407] RIP: 0010:strncpy_from_user+0x1e1/0x380 [ 3307.012512][T21407] Code: 48 83 eb 08 bf 07 00 00 00 49 83 c4 08 48 89 de e8 54 fb 2d fe 48 83 fb 07 0f 86 17 01 00 00 e8 a5 f9 2d fe 48 8b 45 d0 31 f6 <4e> 8b 3c 20 31 ff 89 75 cc e8 11 fb 2d fe 8b 75 cc 85 f6 0f 84 5a [ 3307.012521][T21407] RSP: 0018:ffff8881f70ffcb0 EFLAGS: 00010246 [ 3307.012534][T21407] RAX: 0000000000400003 RBX: 0000000000000fe0 RCX: ffffffff83429272 [ 3307.012543][T21407] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000007 [ 3307.012553][T21407] RBP: ffff8881f70ffce8 R08: ffff88805c5ea600 R09: ffff8880aa594dc0 [ 3307.012561][T21407] R10: 000000000000001c R11: ffff88804b060fff R12: 0000000000000000 [ 3307.012570][T21407] R13: ffff88804b060020 R14: 0000000000000fe0 R15: 00007ffffffff000 [ 3307.012596][T21407] ? strncpy_from_user+0x142/0x380 [ 3307.012623][T21407] getname_flags+0x11b/0x5b0 [ 3307.023268][T21407] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3307.023290][T21407] do_renameat2+0x199/0xc40 [ 3307.023315][T21407] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 3307.023330][T21407] ? user_path_create+0x50/0x50 [ 3307.023347][T21407] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 17:10:39 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = socket$inet(0x10, 0x3, 0xc) sendmsg(r1, &(0x7f0000011fc8)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="24000000060107031dfffd946fa2830020200a0009000200001d85560c1baba20400ff7e28000000110affffba010000000009b356da5a80d18be34c8546c8243929db2406b20cd37ed01cc0", 0x4c}], 0x1}, 0x0) [ 3307.023365][T21407] ? security_capable+0x9b/0xd0 [ 3307.023385][T21407] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3307.023399][T21407] ? ns_capable_common+0x93/0x100 [ 3307.023417][T21407] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3307.023433][T21407] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3307.023448][T21407] ? do_syscall_64+0x26/0x610 [ 3307.023469][T21407] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3307.161300][T21500] IPVS: Scheduler module ip_vs_ú” not found [ 3307.165586][T21407] ? do_syscall_64+0x26/0x610 [ 3307.165610][T21407] __x64_sys_renameat+0x9a/0x100 [ 3307.165628][T21407] do_syscall_64+0x103/0x610 [ 3307.165651][T21407] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3307.165664][T21407] RIP: 0033:0x2000050a [ 3307.165680][T21407] Code: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 98 4a 2a e9 2c b8 b6 4c 0f 05 03 00 40 00 c4 a3 7b f0 c5 3c 41 e2 e9 c4 22 e9 aa bb 3c 00 00 [ 3307.165689][T21407] RSP: 002b:0000000000400003 EFLAGS: 00000212 ORIG_RAX: 0000000000000108 [ 3307.165703][T21407] RAX: ffffffffffffffda RBX: 0000000000000009 RCX: 000000002000050a [ 3307.165711][T21407] RDX: dfaf83e69c634c96 RSI: 0000000000400003 RDI: 00007f3680240608 [ 3307.165719][T21407] RBP: 0000000000000013 R08: 0000000000000005 R09: 0000000000000006 [ 3307.165728][T21407] R10: 0000000000000007 R11: 0000000000000212 R12: 000000000000000b [ 3307.165736][T21407] R13: 000000000000000c R14: 000000000000000d R15: 00000000ffffffff [ 3307.187698][T21407] memory: usage 307200kB, limit 307200kB, failcnt 1797 [ 3307.221985][T21407] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 17:10:39 executing program 4: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB="300000001800110300000000000000000a000000fe00fffffff0000014000500002ec1ddb6edd8e4dcd163af3c00000000000000000000000008"], 0x1}}, 0x0) [ 3307.231484][T21407] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3307.231493][T21407] Memory cgroup stats for /syz0: cache:16384KB rss:193780KB rss_huge:153600KB shmem:16544KB mapped_file:0KB dirty:0KB writeback:132KB swap:0KB inactive_anon:16484KB active_anon:193788KB inactive_file:0KB active_file:0KB unevictable:0KB [ 3307.358809][T21407] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=16226,uid=0 [ 3307.374362][T21407] Memory cgroup out of memory: Killed process 16226 (syz-executor.0) total-vm:72580kB, anon-rss:2212kB, file-rss:35788kB, shmem-rss:0kB [ 3307.391978][ T1043] oom_reaper: reaped process 16226 (syz-executor.0), now anon-rss:0kB, file-rss:34828kB, shmem-rss:0kB [ 3307.545402][T21399] syz-executor.0 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=0, oom_score_adj=1000 [ 3307.559478][T21507] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.5'. [ 3307.600028][T21399] CPU: 1 PID: 21399 Comm: syz-executor.0 Not tainted 5.1.0-rc7+ #97 [ 3307.608052][T21399] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3307.618110][T21399] Call Trace: [ 3307.621415][T21399] dump_stack+0x172/0x1f0 [ 3307.625768][T21399] dump_header+0x10f/0xb6c [ 3307.630207][T21399] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 3307.636033][T21399] ? ___ratelimit+0x60/0x595 [ 3307.640634][T21399] ? do_raw_spin_unlock+0x57/0x270 [ 3307.645762][T21399] oom_kill_process.cold+0x10/0x15 [ 3307.650883][T21399] out_of_memory+0x79a/0x1280 [ 3307.655570][T21399] ? lock_downgrade+0x880/0x880 [ 3307.660427][T21399] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3307.666679][T21399] ? oom_killer_disable+0x280/0x280 [ 3307.671893][T21399] ? find_held_lock+0x35/0x130 [ 3307.676690][T21399] mem_cgroup_out_of_memory+0x1ca/0x230 [ 3307.682252][T21399] ? memcg_event_wake+0x230/0x230 [ 3307.687551][T21399] ? do_raw_spin_unlock+0x57/0x270 [ 3307.692672][T21399] ? _raw_spin_unlock+0x2d/0x50 [ 3307.697532][T21399] try_charge+0x102c/0x15c0 [ 3307.702042][T21399] ? find_held_lock+0x35/0x130 [ 3307.707051][T21399] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 3307.712611][T21399] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 3307.712629][T21399] ? find_held_lock+0x35/0x130 [ 3307.712643][T21399] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 3307.712677][T21399] __memcg_kmem_charge_memcg+0x7c/0x130 [ 3307.722974][T21399] ? memcg_kmem_put_cache+0xb0/0xb0 [ 3307.722994][T21399] ? get_mem_cgroup_from_mm+0x128/0x2b0 [ 3307.723013][T21399] __memcg_kmem_charge+0x136/0x300 [ 3307.723040][T21399] __alloc_pages_nodemask+0x4bf/0x8d0 [ 3307.739299][T21399] ? __alloc_pages_slowpath+0x28b0/0x28b0 [ 3307.739327][T21399] ? is_dynamic_key+0x1c0/0x1c0 [ 3307.749965][T21399] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 3307.749987][T21399] alloc_pages_current+0x107/0x210 [ 3307.750008][T21399] pte_alloc_one+0x1b/0x1a0 [ 3307.761082][T21399] __handle_mm_fault+0x3491/0x3ec0 [ 3307.761107][T21399] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 3307.761127][T21399] ? find_held_lock+0x35/0x130 [ 3307.772202][T21399] ? handle_mm_fault+0x322/0xb30 [ 3307.772231][T21399] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3307.772252][T21399] ? kasan_check_read+0x11/0x20 [ 3307.772272][T21399] handle_mm_fault+0x43f/0xb30 [ 3307.818013][T21399] __do_page_fault+0x5ef/0xda0 [ 3307.822803][T21399] do_page_fault+0x71/0x581 [ 3307.827327][T21399] page_fault+0x1e/0x30 [ 3307.831493][T21399] RIP: 0010:strncpy_from_user+0x1e1/0x380 [ 3307.837219][T21399] Code: 48 83 eb 08 bf 07 00 00 00 49 83 c4 08 48 89 de e8 54 fb 2d fe 48 83 fb 07 0f 86 17 01 00 00 e8 a5 f9 2d fe 48 8b 45 d0 31 f6 <4e> 8b 3c 20 31 ff 89 75 cc e8 11 fb 2d fe 8b 75 cc 85 f6 0f 84 5a [ 3307.856834][T21399] RSP: 0018:ffff8881fff6fcb0 EFLAGS: 00010246 [ 3307.862915][T21399] RAX: 0000000000400003 RBX: 0000000000000fe0 RCX: ffffffff83429272 [ 3307.870910][T21399] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000007 [ 3307.878897][T21399] RBP: ffff8881fff6fce8 R08: ffff88802965e400 R09: ffff8880aa594dc0 [ 3307.886883][T21399] R10: 000000000000001c R11: ffff8880478ff0ff R12: 0000000000000000 [ 3307.894860][T21399] R13: ffff8880478fe120 R14: 0000000000000fe0 R15: 00007ffffffff000 [ 3307.902863][T21399] ? strncpy_from_user+0x142/0x380 [ 3307.908003][T21399] getname_flags+0x11b/0x5b0 [ 3307.912598][T21399] do_renameat2+0x199/0xc40 [ 3307.917099][T21399] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3307.923328][T21399] ? debug_smp_processor_id+0x3c/0x280 [ 3307.928778][T21399] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 3307.934491][T21399] ? user_path_create+0x50/0x50 [ 3307.939348][T21399] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3307.945580][T21399] ? security_capable+0x9b/0xd0 [ 3307.950419][T21399] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3307.956652][T21399] ? ns_capable_common+0x93/0x100 [ 3307.961682][T21399] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3307.967127][T21399] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3307.972583][T21399] ? do_syscall_64+0x26/0x610 [ 3307.977250][T21399] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3307.983302][T21399] ? do_syscall_64+0x26/0x610 [ 3307.987974][T21399] __x64_sys_renameat+0x9a/0x100 [ 3307.992922][T21399] do_syscall_64+0x103/0x610 [ 3307.997534][T21399] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3308.003435][T21399] RIP: 0033:0x2000050a [ 3308.007501][T21399] Code: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 98 4a 2a e9 2c b8 b6 4c 0f 05 03 00 40 00 c4 a3 7b f0 c5 3c 41 e2 e9 c4 22 e9 aa bb 3c 00 00 [ 3308.027108][T21399] RSP: 002b:0000000000400003 EFLAGS: 00000212 ORIG_RAX: 0000000000000108 [ 3308.035527][T21399] RAX: ffffffffffffffda RBX: 0000000000000009 RCX: 000000002000050a [ 3308.044274][T21399] RDX: dfaf83e69c634c96 RSI: 0000000000400003 RDI: 00007f3680240608 [ 3308.052250][T21399] RBP: 0000000000000013 R08: 0000000000000005 R09: 0000000000000006 [ 3308.061166][T21399] R10: 0000000000000007 R11: 0000000000000212 R12: 000000000000000b [ 3308.069124][T21399] R13: 000000000000000c R14: 000000000000000d R15: 00000000ffffffff [ 3308.083695][T21399] memory: usage 290656kB, limit 307200kB, failcnt 2381 [ 3308.090646][T21399] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3308.098370][T21399] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3308.105409][T21399] Memory cgroup stats for /syz0: cache:228KB rss:191672KB rss_huge:151552KB shmem:200KB mapped_file:0KB dirty:0KB writeback:132KB swap:0KB inactive_anon:104KB active_anon:191644KB inactive_file:0KB active_file:0KB unevictable:0KB [ 3308.127819][T21399] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=6618,uid=0 [ 3308.143904][T21399] Memory cgroup out of memory: Killed process 6618 (syz-executor.0) total-vm:72976kB, anon-rss:2244kB, file-rss:35780kB, shmem-rss:0kB [ 3308.171370][T21436] syz-executor.0 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=0, oom_score_adj=1000 [ 3308.188741][T21436] CPU: 0 PID: 21436 Comm: syz-executor.0 Not tainted 5.1.0-rc7+ #97 [ 3308.196746][T21436] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3308.207022][T21436] Call Trace: [ 3308.210324][T21436] dump_stack+0x172/0x1f0 [ 3308.214668][T21436] dump_header+0x10f/0xb6c [ 3308.219095][T21436] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 3308.224910][T21436] ? ___ratelimit+0x60/0x595 [ 3308.229519][T21436] ? do_raw_spin_unlock+0x57/0x270 [ 3308.234647][T21436] oom_kill_process.cold+0x10/0x15 [ 3308.239769][T21436] out_of_memory+0x79a/0x1280 [ 3308.244468][T21436] ? oom_killer_disable+0x280/0x280 [ 3308.249673][T21436] ? find_held_lock+0x35/0x130 [ 3308.254457][T21436] mem_cgroup_out_of_memory+0x1ca/0x230 [ 3308.260015][T21436] ? memcg_event_wake+0x230/0x230 [ 3308.265054][T21436] ? do_raw_spin_unlock+0x57/0x270 [ 3308.270180][T21436] ? _raw_spin_unlock+0x2d/0x50 [ 3308.275042][T21436] try_charge+0xa87/0x15c0 [ 3308.279466][T21436] ? find_held_lock+0x35/0x130 [ 3308.284256][T21436] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 3308.289810][T21436] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 3308.295367][T21436] ? find_held_lock+0x35/0x130 [ 3308.300150][T21436] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 3308.305716][T21436] __memcg_kmem_charge_memcg+0x7c/0x130 [ 3308.311276][T21436] ? memcg_kmem_put_cache+0xb0/0xb0 [ 3308.316489][T21436] ? get_mem_cgroup_from_mm+0x128/0x2b0 [ 3308.322049][T21436] __memcg_kmem_charge+0x136/0x300 [ 3308.327176][T21436] __alloc_pages_nodemask+0x4bf/0x8d0 [ 3308.332561][T21436] ? __alloc_pages_slowpath+0x28b0/0x28b0 [ 3308.338304][T21436] ? is_dynamic_key+0x1c0/0x1c0 [ 3308.343162][T21436] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 3308.349411][T21436] alloc_pages_current+0x107/0x210 [ 3308.354541][T21436] pte_alloc_one+0x1b/0x1a0 [ 3308.359057][T21436] __handle_mm_fault+0x3491/0x3ec0 [ 3308.364185][T21436] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 3308.369741][T21436] ? find_held_lock+0x35/0x130 [ 3308.374515][T21436] ? handle_mm_fault+0x322/0xb30 [ 3308.379467][T21436] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3308.385717][T21436] ? kasan_check_read+0x11/0x20 [ 3308.390581][T21436] handle_mm_fault+0x43f/0xb30 [ 3308.395362][T21436] __do_page_fault+0x5ef/0xda0 [ 3308.400148][T21436] do_page_fault+0x71/0x581 [ 3308.404664][T21436] page_fault+0x1e/0x30 [ 3308.408825][T21436] RIP: 0010:strncpy_from_user+0x1e1/0x380 [ 3308.414548][T21436] Code: 48 83 eb 08 bf 07 00 00 00 49 83 c4 08 48 89 de e8 54 fb 2d fe 48 83 fb 07 0f 86 17 01 00 00 e8 a5 f9 2d fe 48 8b 45 d0 31 f6 <4e> 8b 3c 20 31 ff 89 75 cc e8 11 fb 2d fe 8b 75 cc 85 f6 0f 84 5a [ 3308.434165][T21436] RSP: 0018:ffff88820f037cb0 EFLAGS: 00010246 [ 3308.440241][T21436] RAX: 0000000000400003 RBX: 0000000000000fe0 RCX: ffffffff83429272 [ 3308.448254][T21436] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000007 [ 3308.456239][T21436] RBP: ffff88820f037ce8 R08: ffff888099732040 R09: ffff8880aa594dc0 [ 3308.464215][T21436] R10: 000000000000001c R11: ffff888088a8f77f R12: 0000000000000000 [ 3308.472200][T21436] R13: ffff888088a8e7a0 R14: 0000000000000fe0 R15: 00007ffffffff000 [ 3308.480202][T21436] ? strncpy_from_user+0x142/0x380 [ 3308.485337][T21436] getname_flags+0x11b/0x5b0 [ 3308.489949][T21436] do_renameat2+0x199/0xc40 [ 3308.494462][T21436] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3308.500711][T21436] ? debug_smp_processor_id+0x3c/0x280 [ 3308.506183][T21436] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 3308.511912][T21436] ? user_path_create+0x50/0x50 [ 3308.516783][T21436] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3308.523032][T21436] ? security_capable+0x9b/0xd0 [ 3308.527901][T21436] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3308.534155][T21436] ? ns_capable_common+0x93/0x100 [ 3308.539193][T21436] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3308.544672][T21436] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3308.550140][T21436] ? do_syscall_64+0x26/0x610 [ 3308.555003][T21436] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3308.561079][T21436] ? do_syscall_64+0x26/0x610 [ 3308.565772][T21436] __x64_sys_renameat+0x9a/0x100 [ 3308.570724][T21436] do_syscall_64+0x103/0x610 [ 3308.575326][T21436] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3308.581219][T21436] RIP: 0033:0x2000050a [ 3308.585303][T21436] Code: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 98 4a 2a e9 2c b8 b6 4c 0f 05 03 00 40 00 c4 a3 7b f0 c5 3c 41 e2 e9 c4 22 e9 aa bb 3c 00 00 [ 3308.604918][T21436] RSP: 002b:0000000000400003 EFLAGS: 00000212 ORIG_RAX: 0000000000000108 [ 3308.613349][T21436] RAX: ffffffffffffffda RBX: 0000000000000009 RCX: 000000002000050a [ 3308.621328][T21436] RDX: dfaf83e69c634c96 RSI: 0000000000400003 RDI: 00007f3680240608 [ 3308.629303][T21436] RBP: 0000000000000013 R08: 0000000000000005 R09: 0000000000000006 [ 3308.637282][T21436] R10: 0000000000000007 R11: 0000000000000212 R12: 000000000000000b [ 3308.645266][T21436] R13: 000000000000000c R14: 000000000000000d R15: 00000000ffffffff [ 3308.892891][T21436] memory: usage 307200kB, limit 307200kB, failcnt 3401 [ 3308.899962][T21436] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3308.907652][T21436] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3308.914662][T21436] Memory cgroup stats for /syz0: cache:228KB rss:189664KB rss_huge:149504KB shmem:200KB mapped_file:0KB dirty:0KB writeback:132KB swap:0KB inactive_anon:104KB active_anon:189728KB inactive_file:0KB active_file:0KB unevictable:0KB [ 3308.937108][T21436] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=11007,uid=0 [ 3308.952762][T21436] Memory cgroup out of memory: Killed process 11007 (syz-executor.0) total-vm:72844kB, anon-rss:2236kB, file-rss:35788kB, shmem-rss:0kB [ 3308.981467][T21434] syz-executor.0 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=0, oom_score_adj=1000 [ 3309.002705][T21434] CPU: 1 PID: 21434 Comm: syz-executor.0 Not tainted 5.1.0-rc7+ #97 [ 3309.010704][T21434] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3309.020773][T21434] Call Trace: [ 3309.024076][T21434] dump_stack+0x172/0x1f0 [ 3309.028423][T21434] dump_header+0x10f/0xb6c [ 3309.032862][T21434] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 3309.038681][T21434] ? ___ratelimit+0x60/0x595 [ 3309.043285][T21434] ? do_raw_spin_unlock+0x57/0x270 [ 3309.048416][T21434] oom_kill_process.cold+0x10/0x15 [ 3309.053537][T21434] out_of_memory+0x79a/0x1280 [ 3309.058232][T21434] ? oom_killer_disable+0x280/0x280 [ 3309.063434][T21434] ? find_held_lock+0x35/0x130 [ 3309.068223][T21434] mem_cgroup_out_of_memory+0x1ca/0x230 [ 3309.073780][T21434] ? memcg_event_wake+0x230/0x230 [ 3309.078829][T21434] ? do_raw_spin_unlock+0x57/0x270 [ 3309.083974][T21434] ? _raw_spin_unlock+0x2d/0x50 [ 3309.088840][T21434] try_charge+0xa87/0x15c0 [ 3309.093266][T21434] ? find_held_lock+0x35/0x130 [ 3309.098054][T21434] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 3309.103605][T21434] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 3309.109161][T21434] ? find_held_lock+0x35/0x130 [ 3309.113948][T21434] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 3309.119521][T21434] __memcg_kmem_charge_memcg+0x7c/0x130 [ 3309.125080][T21434] ? memcg_kmem_put_cache+0xb0/0xb0 [ 3309.130284][T21434] ? get_mem_cgroup_from_mm+0x128/0x2b0 [ 3309.135835][T21434] __memcg_kmem_charge+0x136/0x300 [ 3309.140960][T21434] __alloc_pages_nodemask+0x4bf/0x8d0 [ 3309.146336][T21434] ? __alloc_pages_slowpath+0x28b0/0x28b0 [ 3309.152058][T21434] ? copy_page_range+0x125a/0x1f90 [ 3309.157155][T21434] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 3309.163383][T21434] alloc_pages_current+0x107/0x210 [ 3309.168494][T21434] pte_alloc_one+0x1b/0x1a0 [ 3309.172995][T21434] __pte_alloc+0x20/0x310 [ 3309.177306][T21434] copy_page_range+0x1529/0x1f90 [ 3309.182225][T21434] ? perf_trace_lock+0xeb/0x510 [ 3309.187085][T21434] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3309.193334][T21434] ? pmd_alloc+0x180/0x180 [ 3309.197748][T21434] ? vma_compute_subtree_gap+0x158/0x230 [ 3309.203368][T21434] ? validate_mm_rb+0xa3/0xc0 [ 3309.208029][T21434] ? __vma_link_rb+0x279/0x370 [ 3309.212798][T21434] copy_process.part.0+0x568b/0x7980 [ 3309.218099][T21434] ? __cleanup_sighand+0x60/0x60 [ 3309.223025][T21434] ? check_stack_object+0x114/0x160 [ 3309.228207][T21434] ? __sanitizer_cov_trace_switch+0x49/0x80 [ 3309.234085][T21434] _do_fork+0x257/0xfd0 [ 3309.238230][T21434] ? fork_idle+0x1d0/0x1d0 [ 3309.242634][T21434] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3309.248855][T21434] ? key_get_type_from_user.constprop.0+0xe4/0x110 [ 3309.255341][T21434] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3309.261569][T21434] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3309.267022][T21434] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3309.272635][T21434] ? do_syscall_64+0x26/0x610 [ 3309.277293][T21434] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3309.283343][T21434] ? do_syscall_64+0x26/0x610 [ 3309.288009][T21434] __x64_sys_clone+0xbf/0x150 [ 3309.292670][T21434] do_syscall_64+0x103/0x610 [ 3309.297335][T21434] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3309.303205][T21434] RIP: 0033:0x2000050a [ 3309.307262][T21434] Code: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 98 4a 2a e9 2c b8 b6 4c 0f 05 03 00 40 00 c4 a3 7b f0 c5 3c 41 e2 e9 c4 22 e9 aa bb 3c 00 00 [ 3309.326867][T21434] RSP: 002b:0000000000400003 EFLAGS: 00000212 ORIG_RAX: 0000000000000038 [ 3309.335277][T21434] RAX: ffffffffffffffda RBX: 0000000000000009 RCX: 000000002000050a [ 3309.343250][T21434] RDX: dfaf83e69c634c96 RSI: 0000000000400003 RDI: 00007f3680240608 [ 3309.351222][T21434] RBP: 0000000000000006 R08: 0000000000000005 R09: 0000000000000006 [ 3309.359187][T21434] R10: 0000000000000007 R11: 0000000000000212 R12: 000000000000000b [ 3309.367152][T21434] R13: 000000000000000c R14: 000000000000000d R15: 00000000ffffffff [ 3309.393958][T21434] memory: usage 307200kB, limit 307200kB, failcnt 3502 [ 3309.401005][T21434] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3309.408741][T21434] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3309.415985][T21434] Memory cgroup stats for /syz0: cache:228KB rss:187600KB rss_huge:147456KB shmem:200KB mapped_file:0KB dirty:0KB writeback:132KB swap:0KB inactive_anon:104KB active_anon:187608KB inactive_file:0KB active_file:0KB unevictable:0KB [ 3309.439102][T21434] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=11200,uid=0 [ 3309.455813][T21434] Memory cgroup out of memory: Killed process 11200 (syz-executor.0) total-vm:72976kB, anon-rss:2244kB, file-rss:35780kB, shmem-rss:0kB [ 3309.485286][T21350] syz-executor.0 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 3309.510197][T21350] CPU: 1 PID: 21350 Comm: syz-executor.0 Not tainted 5.1.0-rc7+ #97 [ 3309.518221][T21350] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3309.528289][T21350] Call Trace: [ 3309.531604][T21350] dump_stack+0x172/0x1f0 [ 3309.535966][T21350] dump_header+0x10f/0xb6c [ 3309.540406][T21350] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 3309.546228][T21350] ? ___ratelimit+0x60/0x595 [ 3309.550827][T21350] ? do_raw_spin_unlock+0x57/0x270 [ 3309.555961][T21350] oom_kill_process.cold+0x10/0x15 [ 3309.561092][T21350] out_of_memory+0x79a/0x1280 [ 3309.565791][T21350] ? oom_killer_disable+0x280/0x280 [ 3309.570995][T21350] ? find_held_lock+0x35/0x130 [ 3309.575790][T21350] mem_cgroup_out_of_memory+0x1ca/0x230 [ 3309.581357][T21350] ? memcg_event_wake+0x230/0x230 [ 3309.586394][T21350] ? do_raw_spin_unlock+0x57/0x270 [ 3309.591515][T21350] ? _raw_spin_unlock+0x2d/0x50 [ 3309.596471][T21350] try_charge+0xa87/0x15c0 [ 3309.601143][T21350] ? find_held_lock+0x35/0x130 [ 3309.605900][T21350] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 3309.611441][T21350] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3309.617721][T21350] ? kasan_check_read+0x11/0x20 [ 3309.622570][T21350] ? get_mem_cgroup_from_mm+0x128/0x2b0 [ 3309.628102][T21350] mem_cgroup_try_charge+0x24d/0x5e0 [ 3309.633375][T21350] mem_cgroup_try_charge_delay+0x1f/0xa0 [ 3309.638995][T21350] wp_page_copy+0x408/0x1740 [ 3309.643574][T21350] ? find_held_lock+0x35/0x130 [ 3309.648328][T21350] ? pmd_pfn+0x1d0/0x1d0 [ 3309.652559][T21350] ? lock_downgrade+0x880/0x880 [ 3309.657395][T21350] ? swp_swapcount+0x540/0x540 [ 3309.662146][T21350] ? kasan_check_read+0x11/0x20 [ 3309.666982][T21350] ? do_raw_spin_unlock+0x57/0x270 [ 3309.672084][T21350] do_wp_page+0x48e/0x1500 [ 3309.676488][T21350] ? finish_mkwrite_fault+0x4f0/0x4f0 [ 3309.681865][T21350] __handle_mm_fault+0x22e8/0x3ec0 [ 3309.686968][T21350] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 3309.692499][T21350] ? find_held_lock+0x35/0x130 [ 3309.697249][T21350] ? handle_mm_fault+0x322/0xb30 [ 3309.702177][T21350] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3309.708406][T21350] ? kasan_check_read+0x11/0x20 [ 3309.713242][T21350] handle_mm_fault+0x43f/0xb30 [ 3309.717992][T21350] __do_page_fault+0x5ef/0xda0 [ 3309.722749][T21350] do_page_fault+0x71/0x581 [ 3309.727240][T21350] page_fault+0x1e/0x30 [ 3309.731381][T21350] RIP: 0010:__put_user_4+0x1c/0x30 [ 3309.736475][T21350] Code: 1f 00 c3 90 66 2e 0f 1f 84 00 00 00 00 00 65 48 8b 1c 25 00 ee 01 00 48 8b 9b 18 14 00 00 48 83 eb 03 48 39 d9 73 3c 0f 1f 00 <89> 01 31 c0 0f 1f 00 c3 66 90 66 2e 0f 1f 84 00 00 00 00 00 65 48 [ 3309.756074][T21350] RSP: 0018:ffff8882112c7ed0 EFLAGS: 00010293 [ 3309.762125][T21350] RAX: 0000000000000000 RBX: 00007fffffffeffd RCX: 00007f3680240608 [ 3309.770104][T21350] RDX: 0000000000000000 RSI: ffffffff819ace93 RDI: 0000000000000286 [ 3309.778062][T21350] RBP: ffff8882112c7f10 R08: ffff88802e91a240 R09: 0000000000000001 [ 3309.786025][T21350] R10: ffff88802e91aac0 R11: ffff88802e91a240 R12: 0000000000000000 [ 3309.793986][T21350] R13: 00007f3680240608 R14: 0000000000400003 R15: 0000000000000000 [ 3309.801985][T21350] ? __might_fault+0x1a3/0x1e0 [ 3309.806747][T21350] ? __x64_sys_getresgid+0x1aa/0x290 [ 3309.812037][T21350] ? trace_hardirqs_on+0x67/0x230 [ 3309.817067][T21350] do_syscall_64+0x103/0x610 [ 3309.821646][T21350] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3309.827524][T21350] RIP: 0033:0x2000050a [ 3309.831585][T21350] Code: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 98 4a 2a e9 2c b8 b6 4c 0f 05 03 00 40 00 c4 a3 7b f0 c5 3c 41 e2 e9 c4 22 e9 aa bb 3c 00 00 [ 3309.851294][T21350] RSP: 002b:0000000000400003 EFLAGS: 00000217 ORIG_RAX: 0000000000000078 [ 3309.859693][T21350] RAX: ffffffffffffffda RBX: 0000000000000009 RCX: 000000002000050a [ 3309.867647][T21350] RDX: dfaf83e69c634c96 RSI: 0000000000400003 RDI: 00007f3680240608 [ 3309.875598][T21350] RBP: 00000000000000fa R08: 0000000000000005 R09: 0000000000000006 [ 3309.883553][T21350] R10: 0000000000000007 R11: 0000000000000217 R12: 000000000000000b [ 3309.891510][T21350] R13: 000000000000000c R14: 000000000000000d R15: 00000000ffffffff [ 3309.918243][T21350] memory: usage 307200kB, limit 307200kB, failcnt 3628 [ 3309.925392][T21350] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3309.933045][T21350] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3309.939981][T21350] Memory cgroup stats for /syz0: cache:228KB rss:185428KB rss_huge:145408KB shmem:200KB mapped_file:0KB dirty:0KB writeback:132KB swap:0KB inactive_anon:104KB active_anon:185428KB inactive_file:0KB active_file:0KB unevictable:0KB [ 3309.962445][T21350] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=26321,uid=0 [ 3309.978168][T21350] Memory cgroup out of memory: Killed process 26321 (syz-executor.0) total-vm:72712kB, anon-rss:2220kB, file-rss:35804kB, shmem-rss:0kB [ 3310.001392][ T1043] oom_reaper: reaped process 26321 (syz-executor.0), now anon-rss:0kB, file-rss:34844kB, shmem-rss:0kB [ 3310.342383][T21578] syz-executor.0 invoked oom-killer: gfp_mask=0x40cc0(GFP_KERNEL|__GFP_COMP), order=0, oom_score_adj=1000 [ 3310.385760][T21578] CPU: 1 PID: 21578 Comm: syz-executor.0 Not tainted 5.1.0-rc7+ #97 [ 3310.393787][T21578] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3310.403845][T21578] Call Trace: [ 3310.407138][T21578] dump_stack+0x172/0x1f0 [ 3310.411480][T21578] dump_header+0x10f/0xb6c [ 3310.415903][T21578] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 3310.421728][T21578] ? ___ratelimit+0x60/0x595 [ 3310.426333][T21578] ? do_raw_spin_unlock+0x57/0x270 [ 3310.431447][T21578] oom_kill_process.cold+0x10/0x15 [ 3310.436550][T21578] out_of_memory+0x79a/0x1280 [ 3310.441231][T21578] ? lock_downgrade+0x880/0x880 [ 3310.446079][T21578] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3310.452338][T21578] ? oom_killer_disable+0x280/0x280 [ 3310.457516][T21578] ? find_held_lock+0x35/0x130 [ 3310.462271][T21578] mem_cgroup_out_of_memory+0x1ca/0x230 [ 3310.467796][T21578] ? memcg_event_wake+0x230/0x230 [ 3310.472823][T21578] ? do_raw_spin_unlock+0x57/0x270 [ 3310.477936][T21578] ? _raw_spin_unlock+0x2d/0x50 [ 3310.482770][T21578] try_charge+0xa87/0x15c0 [ 3310.487177][T21578] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 3310.493397][T21578] ? should_fail+0x1de/0x852 [ 3310.497972][T21578] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 3310.503505][T21578] ? rcu_read_lock_sched_held+0x110/0x130 [ 3310.509207][T21578] ? __alloc_pages_nodemask+0x61d/0x8d0 [ 3310.514739][T21578] ? __lockdep_free_key_range+0x120/0x120 [ 3310.520460][T21578] __memcg_kmem_charge_memcg+0x7c/0x130 [ 3310.526003][T21578] ? memcg_kmem_put_cache+0xb0/0xb0 [ 3310.531183][T21578] ? cache_grow_begin+0x594/0x860 [ 3310.536192][T21578] ? lockdep_hardirqs_on+0x418/0x5d0 [ 3310.541455][T21578] ? trace_hardirqs_on+0x67/0x230 [ 3310.546463][T21578] cache_grow_begin+0x5c0/0x860 [ 3310.551297][T21578] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 3310.557517][T21578] ? __cpuset_node_allowed+0x136/0x540 [ 3310.562966][T21578] fallback_alloc+0x1fd/0x2d0 [ 3310.567633][T21578] ____cache_alloc_node+0x1be/0x1e0 [ 3310.572814][T21578] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 3310.579039][T21578] kmem_cache_alloc+0x1e8/0x6f0 [ 3310.583876][T21578] ? anon_vma_clone+0x320/0x480 [ 3310.588721][T21578] anon_vma_fork+0xfc/0x4a0 [ 3310.593211][T21578] ? dup_userfaultfd+0x15e/0x6d0 [ 3310.598131][T21578] ? memcpy+0x46/0x50 [ 3310.602124][T21578] copy_process.part.0+0x350f/0x7980 [ 3310.607409][T21578] ? __cleanup_sighand+0x60/0x60 [ 3310.612330][T21578] ? check_stack_object+0x114/0x160 [ 3310.617506][T21578] ? __sanitizer_cov_trace_switch+0x49/0x80 [ 3310.623398][T21578] _do_fork+0x257/0xfd0 [ 3310.627539][T21578] ? fork_idle+0x1d0/0x1d0 [ 3310.631946][T21578] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3310.638166][T21578] ? key_get_type_from_user.constprop.0+0xe4/0x110 [ 3310.644648][T21578] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3310.650869][T21578] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3310.656312][T21578] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3310.661854][T21578] ? do_syscall_64+0x26/0x610 [ 3310.666527][T21578] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3310.672590][T21578] ? do_syscall_64+0x26/0x610 [ 3310.677254][T21578] __x64_sys_clone+0xbf/0x150 [ 3310.681917][T21578] do_syscall_64+0x103/0x610 [ 3310.686501][T21578] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3310.692374][T21578] RIP: 0033:0x2000050a [ 3310.696430][T21578] Code: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 98 4a 2a e9 2c b8 b6 4c 0f 05 03 00 40 00 c4 a3 7b f0 c5 3c 41 e2 e9 c4 22 e9 aa bb 3c 00 00 [ 3310.716019][T21578] RSP: 002b:0000000000400003 EFLAGS: 00000212 ORIG_RAX: 0000000000000038 [ 3310.724507][T21578] RAX: ffffffffffffffda RBX: 0000000000000009 RCX: 000000002000050a 17:10:43 executing program 0: r0 = perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0xc8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000001b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = syz_open_dev$dspn(&(0x7f0000000000)='/dev/dsp#\x00', 0x0, 0x0) close(r0) getsockopt(r1, 0xdf, 0x40, &(0x7f0000000200)=""/4096, &(0x7f0000000040)=0x1000) getsockopt$inet_sctp_SCTP_ASSOCINFO(r1, 0x84, 0x1, &(0x7f0000000080)={0x0, 0x1, 0x0, 0xffffffffffffff24, 0x8, 0x200}, &(0x7f00000000c0)=0x14) getsockopt$inet_sctp_SCTP_GET_PEER_ADDRS(r1, 0x84, 0x6c, &(0x7f0000001200)={r2, 0xad, "473f5ecdc52d0fb592f85bc4bf56ee201e9a4208a912fc5cf516311172163700cebaad701600988d0b6959c645b42fe8957d73b0220b0c7d39f3342f2041abe30e0ac03a8456702120d8b3094a5c37473424f4d6ece631d36abc1f3b924e63132e2c267193601f9106f2ba74b8c40c95bf297fd5834703ad8c42a9e735a32821f0861b4181ba4fceac1dcd0b0639e1e6cbcbafde3baa69335e3be583b668160e05141e5913feb645c5b712a005"}, &(0x7f0000000100)=0xb5) 17:10:43 executing program 2: clone(0x80210a001ff1, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$IP_VS_SO_SET_ADD(r0, 0x0, 0x482, &(0x7f0000000040)={0x40011, @empty, 0x0, 0x0, '\xfa\x94\x00\x00L\x00'}, 0x2c) 17:10:43 executing program 1: r0 = socket$inet(0x10, 0x3, 0xc) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000040)={0x0, 0x0}, &(0x7f0000000080)=0xc) r2 = getpgrp(0x0) stat(&(0x7f0000000780)='./file0\x00', &(0x7f00000007c0)={0x0, 0x0, 0x0, 0x0, 0x0}) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000a40)={0x0}, &(0x7f0000000a80)=0xc) getresuid(&(0x7f0000000ac0)=0x0, &(0x7f0000000b00), &(0x7f0000000b40)) r6 = getegid() ioctl$TIOCGPGRP(0xffffffffffffff9c, 0x540f, &(0x7f0000000b80)=0x0) lstat(&(0x7f0000000bc0)='./file0\x00', &(0x7f0000000c00)={0x0, 0x0, 0x0, 0x0, 0x0}) getresgid(&(0x7f0000000c80)=0x0, &(0x7f0000000cc0), &(0x7f0000000d00)) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000d40)={0x0}, &(0x7f0000000d80)=0xc) stat(&(0x7f0000000dc0)='./file0\x00', &(0x7f0000000e00)={0x0, 0x0, 0x0, 0x0, 0x0}) r12 = getegid() fcntl$getownex(r0, 0x10, &(0x7f0000000e80)={0x0, 0x0}) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000ec0)={0x0, 0x0}, &(0x7f0000000f00)=0xc) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000f40)={0x0, 0x0, 0x0}, &(0x7f0000000f80)=0xc) sendmsg$netlink(r0, &(0x7f00000010c0)={0x0, 0x0, &(0x7f0000000a00)=[{&(0x7f0000000180)={0x5d4, 0x10, 0x1, 0x70bd29, 0x25dfdbfe, "", [@typed={0xc, 0x28, @u64=0x1c0000}, @nested={0xb0, 0x3b, [@typed={0x4, 0x71}, @typed={0x8, 0x11, @fd=r0}, @generic="8da379cea57a5c9b50b350e3344e623e5bf63e1faee46b98bdd59042d5d7b56e48e4566a36fdd9a8a00ef37ddc64ad73574a8ac78e36f9abca6dc4f5d3e6f7abf1d439a913641e70358914b66bff3ddbe60d1ac633e54b5105cf81befdae1da343a1dbb7049bc5736330fa599d6718093383dfe25251a7a97ce147ac41ad6fbb68c38f8865e84b6ae3c7b4f5b88daec20d19355d7ed736a97fc499248387d3ca"]}, @typed={0x8, 0x17, @uid=r1}, @typed={0x8, 0x7a, @pid=r2}, @nested={0x2c0, 0x1e, [@generic="75cea3bf407414c7a0168961bf6da119441cf5432ec90f0cce0a578e15c0dc093cda63e99e4a4d2edbf8574c289acdf4c966222fb50870bef47100d4c80b175c1dd5bef2f59fd2345d47c0603be143c079f4988c0c38e42bfa8f77126e39a0d00a08d0ae669b752112d7fe94924a77e9471418beb4d7db1403df36ded3fcb95eb7463f16c96377d7a6e1450b80dba2c346b58df49169190d2b34024748", @typed={0x8, 0x7e, @u32=0x7}, @generic="dcb312bf8b6a2c0212750ea774604417a61477a6be4467a4d641c8c74e65407eefb65205086dd17c8ed879ffc9aaa046198a1c87c95043480297a63a6f000b780dcc487fbcf9da6a69f4b117b665d08ce04be19469ee91d41c27148b249d8c7c2973b72d28503e2e456fa6f9b1019e0bc52613a546a835f880921ebd3bcf2618d0f523ca9f8d58a90072f520eb81d056c5953fcaac6526", @typed={0x18, 0x86, @str='posix_acl_accesst\x00'}, @generic="81155ee6b6ebbfc5e75651b5f99e9f32d73cb86684c90baa8c650f41307ed9626c04dfed78fd1c067ec89c74ec4b45115b2c72285f06c8a63880cae7cdb943321c52037d96bfd0bfd612a9f3e8eacf89c8f196ccc01dd9e6066f95e4d4edbdd364e45d4900a6d031ef2339de844d9d3c9dde6d0b", @generic="094a8cb6ef58790febdb2b6dd57508046dbd044649b88aa89eace415fba6159b481a35e6f487e9dd4eaad535736fa80825e5e7d5020ded48d604695d0e4d6e27f72241d9aafa98abb079736f077043de686fbad6134b487acd24d1e8ab1ed05e4a972d1973166f1c39f1f3", @generic="7559695c38e538857eed405774704bb6348ed988d52f8a4f7e58ca6f333d754aa7b33959806634bf12035a14989ec0a5238dd80a034b95e4c3aeab00e294477c44a514e666c9f8df7acb073e645b2c1612ca11d0e4ebcc29f5bb0305cd2d47f06b1e25c30d3ebddd6d8c7790631363b877039138cbaa350020cffb835769a93bfabdaaf00e3f444a70"]}, @generic="3be3f1dc4b1db979033cf7935b28b2407d144cdf0b3dc9c191ccccb8bcf0e792bc71795651aac7b373923ada21a3b6c9e0e65d444a45332890c1ee5bf017c4d24a35cc5022bbc7b15013d71582fcf04a64ad74b561e5ceb667a97e803c6072fedeb4eef72696e371dc8c53a224c17996cf722ec4a8ece613e7716275ad1556a9f2fff15b55bed92656124fa1792f05f7bc44fd2c02162343766704a67692e4ee0cc0b99ebe5fe061a9be95792fb8fd0c1537aa86cc37331fb239441677e26be7d009ac18716870b474bf72f95270ecf3bf35b2f1ab5194bd360b8ed9fbe19ca55735fb078c4f", @typed={0x8, 0x19, @ipv4=@loopback}, @nested={0x88, 0x5, [@generic="a4d4a052a6383bbdee7246a44a0f005070c223d2cfe4c6295beef8519b8215772842d86c84dfb3a57452a8b1754a8c799a86fbee0c3995390738261081d95c677a25aaaa6ca860ada77a1e304ca2bd7596db19c47ba92f9435732153aaebea2e9725b3bf99ceb870bcf9206a305a6d5601f790273b9d6cb42af7fc9354e8b72544"]}, @generic="6e5eaccb19435ff0071cf9dbf94c53fcbf2cde666f99637ba4c1fb59203dea50336e55ca926b54fa39651c20619c51270c585e1431fd7c27ce9b37bd0adef4fcddcef4c0557be516ce60382550b332b0d35f5f1d922272dbc5a99aac44f0e693c760630bebe68085d96aedc05a0d31c551d0e2cc80a2bbc5a8504d6b4ceeafcbf6a72caff0eddd5048ee331f6667824b5389cc833932185b8bb0d8f92feb8d2b10333ff2406db90922806ee2a11dfedc71510dfa96df71cd75838949560712737e70"]}, 0x5d4}, {&(0x7f0000000840)={0x1ac, 0x25, 0x100, 0x70bd28, 0x25dfdbfb, "", [@nested={0xe8, 0x8c, [@generic="c1f34d66ff16e30550c837ea2bc227390fbde778b9f80fe50a7ba2c347c77af1006581018c4f4509106388921897dee837e96418ce0a61aab691542b2df4d4d26fa239db9b981cca80f35122b1a00e9ba19dfcc425ea0c4d0c57936098ab278a5f2e9f6e93ad412285fd68cb2ab6d19b9bfdc88959c65f5078e7e04b011bbcea4ebe1fec8b84a56137eefda3c850d2f166d19f16b45e909c6b3e019c26520fe3e47ba6acd80bded735bc24106ffb277836dd49ee322392799bab9b880fff704bf2825b7a1ed068f1e3ecbf4ec7588cfcbb9cff9b81c9860802222e41b5ac1065f6c7"]}, @generic='m', @nested={0x70, 0x89, [@typed={0x4, 0x8a}, @typed={0x8, 0xa, @str='\x00'}, @typed={0x8, 0x4e, @uid=r3}, @typed={0x8, 0x7f, @ipv4=@broadcast}, @generic="32161d318c249da42ef417ab10edaaedfdec842f94d535d60c74c450aedfc1fd9e971ed8e5ff1717236cf82261d3a95309d9c3a05e827d1ef60f9232c53862919f374508ebe7484fd16b68a9f10e"]}, @typed={0x40, 0x1c, @str='cpusetem0nodev\\selinux\'vmnet0\xcd#\'em1\xc1posix_acl_access&md5sum\x00'}]}, 0x1ac}], 0x2, &(0x7f0000000fc0)=[@cred={0x20, 0x1, 0x2, r4, r5, r6}, @rights={0x28, 0x1, 0x1, [r0, r0, r0, r0, r0]}, @cred={0x20, 0x1, 0x2, r7, r8, r9}, @cred={0x20, 0x1, 0x2, r10, r11, r12}, @rights={0x20, 0x1, 0x1, [r0, r0, r0, r0]}, @rights={0x18, 0x1, 0x1, [r0, r0]}, @rights={0x18, 0x1, 0x1, [r0, r0]}, @cred={0x20, 0x1, 0x2, r13, r14, r15}], 0xf8, 0x4000000}, 0x40800) sendmsg(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000100)="24000000100007031dfffd946fa2830020200a0009000300001c85680c1ba3a20400ff7e280000000b0affffba1600001c0009b300800000d189ec4c8546c8243929db2404b20cd37ed01cce", 0x4c}], 0x1}, 0x0) 17:10:43 executing program 4: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB="300000001800110300000000000000000a000000fe0000f0ffff000014000500002ec1ddb6edd8e4dcd163af3c00000000000000000000000008"], 0x1}}, 0x0) 17:10:43 executing program 3: ioctl$sock_SIOCGPGRP(0xffffffffffffffff, 0x8904, &(0x7f0000000400)=0x0) sched_setaffinity(r0, 0x8, &(0x7f0000000440)=0x5) openat$tun(0xffffffffffffff9c, &(0x7f0000000100)='/dev/net/tun\x00', 0x2, 0x0) clone(0x802102001ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) syz_execute_func(&(0x7f0000000140)="994a2ae92c10964c0f05bf03000000c4a37bf0c50141e2e9c422e9aabb3c0000004a0fc7a4ea70db00001be10f383a9e02000000c4e31538b365566666f34e5bc4a265aa104b26660f38091e2fa2631bc421045f4607c421dd589fc4e10bf8e426f3ad0f0f6f43a038fd52262e2e66450f7d64c60865f2ad0383397fd3ff3a0065f20f7cd8efa1a12ad764d38f53efaf6766f2ab440fec3f67ddea660f79cec462b1f72ec3c4899294d800008000000fc4634148f70000c2a0c10b00cca27a0e0fc442cd376d000f9f3c6436b2aa66450fc4650000c4e39978c104d9a1e8719e70ddcdcda2660f38346800c4e3295d4c3dc8a3c4c1045ccc7d75c4426507af0f0000000f5fd25cf3460f2ad0f30f5ea5a9a50000ffff660f79ca553131b83a00a2f1fbfb766208cf") r1 = openat$dlm_control(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dlm-control\x00', 0xa4002, 0x0) r2 = syz_genetlink_get_family_id$tipc(&(0x7f0000000080)='TIPC\x00') sendmsg$TIPC_CMD_SHOW_PORTS(r1, &(0x7f00000003c0)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000380)={&(0x7f0000000340)={0x1c, r2, 0x300, 0x70bd28, 0x25dfdbff, {}, ["", "", "", "", "", "", "", "", ""]}, 0x1c}}, 0x4) sendmsg$TIPC_CMD_SHOW_NAME_TABLE(r1, &(0x7f00000002c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x40048}, 0xc, &(0x7f0000000280)={&(0x7f00000000c0)={0x30, r2, 0x202, 0x70bd28, 0x25dfdbfc, {{}, 0x0, 0x5, 0x0, {0x14, 0x19, {0x7, 0x9, 0x7ff, 0x20}}}, ["", "", ""]}, 0x30}, 0x1, 0x0, 0x0, 0x800}, 0x24008080) 17:10:43 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = socket$inet(0x10, 0x3, 0xc) sendmsg(r1, &(0x7f0000011fc8)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="24000000060107031dfffd946fa2830020200a0009000200001d85570c1baba20400ff7e28000000110affffba010000000009b356da5a80d18be34c8546c8243929db2406b20cd37ed01cc0", 0x4c}], 0x1}, 0x0) [ 3310.732463][T21578] RDX: dfaf83e69c634c96 RSI: 0000000000400003 RDI: 00007f3680240608 [ 3310.740414][T21578] RBP: 0000000000000006 R08: 0000000000000005 R09: 0000000000000006 [ 3310.748371][T21578] R10: 0000000000000007 R11: 0000000000000212 R12: 000000000000000b [ 3310.756329][T21578] R13: 000000000000000c R14: 000000000000000d R15: 00000000ffffffff [ 3310.775437][T21578] memory: usage 306956kB, limit 307200kB, failcnt 5004 [ 3310.800913][T21578] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3310.809469][T21578] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3310.816496][ C0] net_ratelimit: 20 callbacks suppressed [ 3310.816504][ C0] protocol 88fb is buggy, dev hsr_slave_0 [ 3310.816564][ C0] protocol 88fb is buggy, dev hsr_slave_1 [ 3310.816660][ C0] protocol 88fb is buggy, dev hsr_slave_0 [ 3310.816707][ C0] protocol 88fb is buggy, dev hsr_slave_1 [ 3310.822483][T21650] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.5'. [ 3310.831767][T21578] Memory cgroup stats for /syz0: cache:228KB rss:183364KB rss_huge:143360KB shmem:200KB mapped_file:0KB dirty:0KB writeback:132KB swap:0KB inactive_anon:104KB active_anon:183256KB inactive_file:0KB active_file:0KB unevictable:0KB 17:10:43 executing program 4: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB="300000001800110300000000000000000a000000fe007fffffff000014000500002ec1ddb6edd8e4dcd163af3c00000000000000000000000008"], 0x1}}, 0x0) [ 3310.900348][T21578] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=9862,uid=0 [ 3310.917145][T21578] Memory cgroup out of memory: Killed process 9862 (syz-executor.0) total-vm:72580kB, anon-rss:2220kB, file-rss:35804kB, shmem-rss:0kB [ 3310.933996][ T1043] oom_reaper: reaped process 9862 (syz-executor.0), now anon-rss:0kB, file-rss:34844kB, shmem-rss:0kB [ 3310.950260][T21570] syz-executor.0 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=0, oom_score_adj=1000 [ 3310.972163][T21570] CPU: 1 PID: 21570 Comm: syz-executor.0 Not tainted 5.1.0-rc7+ #97 [ 3310.980183][T21570] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3310.990250][T21570] Call Trace: [ 3310.993560][T21570] dump_stack+0x172/0x1f0 [ 3310.997913][T21570] dump_header+0x10f/0xb6c [ 3311.002627][T21570] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 3311.008445][T21570] ? ___ratelimit+0x60/0x595 [ 3311.013046][T21570] ? do_raw_spin_unlock+0x57/0x270 [ 3311.018170][T21570] oom_kill_process.cold+0x10/0x15 [ 3311.023298][T21570] out_of_memory+0x79a/0x1280 [ 3311.027994][T21570] ? oom_killer_disable+0x280/0x280 [ 3311.033388][T21570] ? find_held_lock+0x35/0x130 [ 3311.038174][T21570] mem_cgroup_out_of_memory+0x1ca/0x230 [ 3311.043727][T21570] ? memcg_event_wake+0x230/0x230 [ 3311.048777][T21570] ? do_raw_spin_unlock+0x57/0x270 [ 3311.053904][T21570] ? _raw_spin_unlock+0x2d/0x50 [ 3311.058788][T21570] try_charge+0xa87/0x15c0 [ 3311.063213][T21570] ? find_held_lock+0x35/0x130 [ 3311.067998][T21570] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 3311.073557][T21570] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 3311.079116][T21570] ? find_held_lock+0x35/0x130 [ 3311.083898][T21570] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 3311.089476][T21570] __memcg_kmem_charge_memcg+0x7c/0x130 [ 3311.095035][T21570] ? memcg_kmem_put_cache+0xb0/0xb0 [ 3311.100246][T21570] ? get_mem_cgroup_from_mm+0x128/0x2b0 [ 3311.105807][T21570] __memcg_kmem_charge+0x136/0x300 [ 3311.110939][T21570] __alloc_pages_nodemask+0x4bf/0x8d0 [ 3311.116328][T21570] ? __alloc_pages_slowpath+0x28b0/0x28b0 [ 3311.122073][T21570] ? copy_page_range+0x125a/0x1f90 [ 3311.127194][T21570] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 3311.134603][T21570] alloc_pages_current+0x107/0x210 [ 3311.139742][T21570] pte_alloc_one+0x1b/0x1a0 [ 3311.144265][T21570] __pte_alloc+0x20/0x310 [ 3311.148624][T21570] copy_page_range+0x1529/0x1f90 [ 3311.153835][T21570] ? perf_trace_lock+0xeb/0x510 [ 3311.158696][T21570] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3311.165001][T21570] ? pmd_alloc+0x180/0x180 [ 3311.169431][T21570] ? __rb_insert_augmented+0x231/0xdf0 [ 3311.174891][T21570] ? validate_mm_rb+0xa3/0xc0 [ 3311.174911][T21570] ? __vma_link_rb+0x279/0x370 [ 3311.174944][T21570] copy_process.part.0+0x568b/0x7980 [ 3311.174994][T21570] ? __cleanup_sighand+0x60/0x60 [ 3311.175019][T21570] ? check_stack_object+0x114/0x160 [ 3311.199834][T21570] ? __sanitizer_cov_trace_switch+0x49/0x80 [ 3311.205763][T21570] _do_fork+0x257/0xfd0 [ 3311.209950][T21570] ? fork_idle+0x1d0/0x1d0 [ 3311.214382][T21570] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3311.220892][T21570] ? key_get_type_from_user.constprop.0+0xe4/0x110 [ 3311.227408][T21570] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3311.227424][T21570] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3311.227438][T21570] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3311.227452][T21570] ? do_syscall_64+0x26/0x610 [ 3311.227466][T21570] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3311.227480][T21570] ? do_syscall_64+0x26/0x610 [ 3311.227501][T21570] __x64_sys_clone+0xbf/0x150 [ 3311.264703][T21570] do_syscall_64+0x103/0x610 [ 3311.269316][T21570] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3311.275220][T21570] RIP: 0033:0x2000050a [ 3311.279295][T21570] Code: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 98 4a 2a e9 2c b8 b6 4c 0f 05 03 00 40 00 c4 a3 7b f0 c5 3c 41 e2 e9 c4 22 e9 aa bb 3c 00 00 17:10:43 executing program 3: r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000140)='/dev/zero\x00', 0x400, 0x0) ioctl$VIDIOC_SUBDEV_ENUM_MBUS_CODE(r0, 0xc0305602, &(0x7f0000000180)={0x0, 0x80, 0x1017, 0xec4a8400fdb2da8a}) openat$tun(0xffffffffffffff9c, &(0x7f0000000100)='/dev/net/tun\x00', 0x2, 0x0) clone(0x802102001ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) syz_execute_func(&(0x7f0000000000)="994a2ae92c10964c0f05bf03000000c4a37bf0c50141e2e9c422e9aabb3c0000004a0fc7a4ea70db000000000f383a9e02000000110f4e5bc4a265aa104b26660f38091e2fa2631bc421045f4607c421dd589fc4e10bf8e426f2f045f619640f0f6f43a038fd52262e2e66450f7d64c60865f2ad0383397fd3ff3a0065f20f7cd8efa1a12ad764d38f53efaf6766f2ab440fec3f67ddea660f79cec462b1f72ec3c4899294d800000000000fc4634148f70000c2a0c10b00cca27a0e0fc442cd376d000f9f3c6436b2aa66450fc4650000c4e39978c104d9a1e8719e70ddcdcda2660f38346800c4e3295d4c3dc8a3c4c1045ccc7d75c4426507af0f0000000f5fd25cf3460f2ad0f30f5ea5a9a50000ffff660f79ca553131b83a00a2f1fbfb766208cf") 17:10:43 executing program 1: msgrcv(0x0, 0x0, 0x72, 0x0, 0x0) msgctl$IPC_SET(0x0, 0x1, &(0x7f0000000700)) r0 = request_key(&(0x7f0000000000)='syzkaller\x00', &(0x7f0000000040)={'syz', 0x2}, &(0x7f0000000080)='^@\x00', 0xfffffffffffffffc) keyctl$KEYCTL_PKEY_SIGN(0x1b, &(0x7f00000000c0)={r0, 0x7fff, 0x400}, &(0x7f0000000100)={'enc=', 'oaep', ' hash=', {'rmd320-generic\x00'}}, &(0x7f0000000180)="33afc241d2d1e9ab7e5e114989beee770707c50cc9b44b06c89217e2e3603f079079e1cfe37e6014a9eb77aacf2b1eae9bd7168012d18a7d1e967b607f192d48fd7c5fe96e4861470b31bcef5131bae5fda94243bc75f4f2e7e3ade3b90c7c59877bed94fb725bc5a1a77fe41343d5073ae98aa67fb9a90316aefb010145ad5a0e2aa2e6fdd7fb526aeaa5045168273728ff3b4c2912dad88665b7258867ce1d9ad1a2fc0e5d99cc2dbaaa0e470e15173b4d3ac980636dbff99baa5aaf75650a7c9c4023f858b1f280981f15", &(0x7f0000000280)=""/81) r1 = syz_open_dev$media(&(0x7f0000000300)='/dev/media#\x00', 0x10000000000, 0x40040) ioctl$NBD_SET_BLKSIZE(r1, 0xab01, 0x4) [ 3311.298911][T21570] RSP: 002b:0000000000400003 EFLAGS: 00000212 ORIG_RAX: 0000000000000038 [ 3311.307354][T21570] RAX: ffffffffffffffda RBX: 0000000000000009 RCX: 000000002000050a [ 3311.315339][T21570] RDX: dfaf83e69c634c96 RSI: 0000000000400003 RDI: 00007f3680240608 [ 3311.323318][T21570] RBP: 0000000000000006 R08: 0000000000000005 R09: 0000000000000006 [ 3311.331300][T21570] R10: 0000000000000007 R11: 0000000000000212 R12: 000000000000000b [ 3311.339288][T21570] R13: 000000000000000c R14: 000000000000000d R15: 00000000ffffffff 17:10:43 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = socket$inet(0x10, 0x3, 0xc) sendmsg(r1, &(0x7f0000011fc8)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="24000000060107031dfffd946fa2830020200a0009000200001d85580c1baba20400ff7e28000000110affffba010000000009b356da5a80d18be34c8546c8243929db2406b20cd37ed01cc0", 0x4c}], 0x1}, 0x0) [ 3311.363114][T21657] IPVS: Scheduler module ip_vs_ú” not found [ 3311.382460][T21570] memory: usage 307200kB, limit 307200kB, failcnt 5153 [ 3311.389611][T21570] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3311.397466][T21570] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3311.411939][T21570] Memory cgroup stats for /syz0: cache:228KB rss:181268KB rss_huge:143360KB shmem:200KB mapped_file:0KB dirty:0KB writeback:132KB swap:0KB inactive_anon:104KB active_anon:181192KB inactive_file:0KB active_file:0KB unevictable:0KB [ 3311.420650][T21679] IPVS: Scheduler module ip_vs_ú” not found [ 3311.434869][T21570] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=7699,uid=0 [ 3311.451684][ C1] protocol 88fb is buggy, dev hsr_slave_0 [ 3311.457315][T21570] Memory cgroup out of memory: Killed process 7699 (syz-executor.0) total-vm:72844kB, anon-rss:2236kB, file-rss:35784kB, shmem-rss:0kB [ 3311.461467][ C1] protocol 88fb is buggy, dev hsr_slave_1 [ 3311.481372][ C1] protocol 88fb is buggy, dev hsr_slave_0 [ 3311.487289][ C1] protocol 88fb is buggy, dev hsr_slave_1 [ 3311.493408][ C1] protocol 88fb is buggy, dev hsr_slave_0 [ 3311.499292][ C1] protocol 88fb is buggy, dev hsr_slave_1 [ 3311.533392][T21553] syz-executor.0 invoked oom-killer: gfp_mask=0x40cc0(GFP_KERNEL|__GFP_COMP), order=0, oom_score_adj=1000 [ 3311.565472][T21553] CPU: 1 PID: 21553 Comm: syz-executor.0 Not tainted 5.1.0-rc7+ #97 [ 3311.573501][T21553] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3311.583571][T21553] Call Trace: [ 3311.586875][T21553] dump_stack+0x172/0x1f0 [ 3311.591211][T21553] dump_header+0x10f/0xb6c [ 3311.595643][T21553] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 3311.601465][T21553] ? ___ratelimit+0x60/0x595 [ 3311.606072][T21553] ? do_raw_spin_unlock+0x57/0x270 [ 3311.611201][T21553] oom_kill_process.cold+0x10/0x15 [ 3311.616325][T21553] out_of_memory+0x79a/0x1280 [ 3311.621021][T21553] ? oom_killer_disable+0x280/0x280 [ 3311.626227][T21553] ? find_held_lock+0x35/0x130 [ 3311.631013][T21553] mem_cgroup_out_of_memory+0x1ca/0x230 [ 3311.636572][T21553] ? memcg_event_wake+0x230/0x230 [ 3311.641611][T21553] ? do_raw_spin_unlock+0x57/0x270 [ 3311.646744][T21553] ? _raw_spin_unlock+0x2d/0x50 [ 3311.651605][T21553] try_charge+0xa87/0x15c0 [ 3311.656032][T21553] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 3311.662288][T21553] ? should_fail+0x1de/0x852 [ 3311.666898][T21553] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 3311.672469][T21553] ? rcu_read_lock_sched_held+0x110/0x130 [ 3311.678202][T21553] ? __alloc_pages_nodemask+0x61d/0x8d0 [ 3311.683769][T21553] ? __lockdep_free_key_range+0x120/0x120 [ 3311.689514][T21553] __memcg_kmem_charge_memcg+0x7c/0x130 [ 3311.695076][T21553] ? memcg_kmem_put_cache+0xb0/0xb0 [ 3311.700283][T21553] ? cache_grow_begin+0x594/0x860 [ 3311.705322][T21553] ? lockdep_hardirqs_on+0x418/0x5d0 [ 3311.710621][T21553] ? trace_hardirqs_on+0x67/0x230 [ 3311.712599][T21697] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.5'. [ 3311.715656][T21553] cache_grow_begin+0x5c0/0x860 [ 3311.715677][T21553] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 3311.715701][T21553] ? __cpuset_node_allowed+0x136/0x540 [ 3311.741522][T21553] fallback_alloc+0x1fd/0x2d0 [ 3311.746232][T21553] ____cache_alloc_node+0x1be/0x1e0 [ 3311.751446][T21553] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 3311.757714][T21553] kmem_cache_alloc+0x1e8/0x6f0 [ 3311.762579][T21553] ? call_rwsem_wake+0x1b/0x30 [ 3311.762604][T21553] anon_vma_clone+0x238/0x480 [ 3311.762628][T21553] anon_vma_fork+0x8f/0x4a0 [ 3311.776559][T21553] ? dup_userfaultfd+0x15e/0x6d0 [ 3311.781510][T21553] ? memcpy+0x46/0x50 [ 3311.785530][T21553] copy_process.part.0+0x350f/0x7980 [ 3311.790857][T21553] ? __cleanup_sighand+0x60/0x60 [ 3311.795827][T21553] ? check_stack_object+0x114/0x160 [ 3311.801035][T21553] ? __sanitizer_cov_trace_switch+0x49/0x80 [ 3311.806959][T21553] _do_fork+0x257/0xfd0 [ 3311.811135][T21553] ? fork_idle+0x1d0/0x1d0 [ 3311.815565][T21553] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3311.821815][T21553] ? key_get_type_from_user.constprop.0+0xe4/0x110 [ 3311.828336][T21553] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3311.834590][T21553] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3311.840056][T21553] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3311.845522][T21553] ? do_syscall_64+0x26/0x610 [ 3311.850205][T21553] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3311.856282][T21553] ? do_syscall_64+0x26/0x610 [ 3311.860990][T21553] __x64_sys_clone+0xbf/0x150 [ 3311.865682][T21553] do_syscall_64+0x103/0x610 [ 3311.870289][T21553] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3311.876188][T21553] RIP: 0033:0x2000050a [ 3311.880259][T21553] Code: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 98 4a 2a e9 2c b8 b6 4c 0f 05 03 00 40 00 c4 a3 7b f0 c5 3c 41 e2 e9 c4 22 e9 aa bb 3c 00 00 [ 3311.899878][T21553] RSP: 002b:0000000000400003 EFLAGS: 00000212 ORIG_RAX: 0000000000000038 [ 3311.908302][T21553] RAX: ffffffffffffffda RBX: 0000000000000009 RCX: 000000002000050a [ 3311.916288][T21553] RDX: dfaf83e69c634c96 RSI: 0000000000400003 RDI: 00007f3680240608 [ 3311.924271][T21553] RBP: 0000000000000006 R08: 0000000000000005 R09: 0000000000000006 17:10:44 executing program 4: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB="300000001800110300000000000000000a000000fe009effffff000014000500002ec1ddb6edd8e4dcd163af3c00000000000000000000000008"], 0x1}}, 0x0) 17:10:44 executing program 1: r0 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = perf_event_open(&(0x7f0000000080)={0x2, 0x70, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r2 = fcntl$dupfd(r1, 0x0, 0xffffffffffffffff) r3 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r2, 0x10e, 0x1, &(0x7f0000000400)=0x1, 0x0) ioctl$TIOCGPGRP(r2, 0x540f, &(0x7f00000009c0)=0x0) ptrace$setopts(0x4206, r4, 0x0, 0xb0825a217b88a99b) connect$inet6(r2, &(0x7f0000000000)={0xa, 0x0, 0x4c, @dev={0xfe, 0x80, [], 0x1c}, 0x80000000000003}, 0x1c) r5 = socket$l2tp(0x18, 0x1, 0x1) r6 = request_key(&(0x7f0000000100)='pkcs7_test\x00', &(0x7f0000000140)={'syz', 0x2}, &(0x7f0000000480)='(\xcf\x11\x16\xc0\x83\xceC\xcc-\xcff\xbb!\xca\xcf\xd9v\xd0\xe7\xb4h8\xc9\xfb#\x16)\xf0\xc3\n\x86\xf1~\xe9\xabHe+\x9c]8}2\xc34h\x13\x15R\ax\x9e\x15b\xa2\x94T\x01!\x11\xb1\xa9\x9f<\xf8e\xf7\xfd3\xb3\xa2\x95\xfa\xf1\x13\xfe\x9f\xf3\xa0\x87@f\xa29?\x8bl\x15\x15\xed\xc8\x8cj\xa96\x19:\x1b\xab\x16\xab\xce\x1b\xbf\x14\xc5\x83[\x8d\xf6\xbf\x81\xe1m\x83\xfb\xac6RI\x0e[-\xff\x00$\xdc\xe1\xe6\xe3\xfb0\xc9\xe2\x0f\xe6\x97o\x7fl1\x8d\xb4m\xeb\x0eP\xdc)\xb0\x99P\xd4\xd3u7W\x12\x00\x86\x95\r$\xf9E\x00\x00\x00\x00\x00\x00\x00\x00n\xa6m>|\xfa\xd4V7\xb2\x18\x86\xcd\xd9X\x88\xa0\x81/\xd0|\x18\x16C\xbb\xbfN\xff\xf0\xde\x11\xa8i\xb6<_\x9c\x88Il;\xeb\x12\xcc\xc7\xc4\xcd\xe5\xeb\xd6\xaa5\x96M\x1b\x11j\xfe\xf2\xd28\xa4\xf258\x9f\xab\xcd\xcf]9G\xe2\x04k\xa54fQ\x907\xd6\xf2qb\xbe\x00\x00\x00\x00\x00\x00\x00\b\xc2vpB\x90\xa53\xc9\xdff\x19G\x17f}\xfe\xb0\xd2\x89\x0e9*\xe5q\xd5\xa9\xc0T\x85\xf0\xb0\x86\\\x8f\xa7|\xfa\v]\x89\xb9oJ\xd6\x85\xf4\x15\xb5\xa6\xd7\xb3\xc6\x95 \xd0\xd7\xf9X\xbe\xb1\xdf\xb9\xd9b\x8ay\xd4\xc2\xb9\x1fs\"o\xa7W\x1c\xc4\xc2k\xc8\xc0,${?\x84\xbb\xb1i\ab\xe8\x00e\xacZH^\xe8\x91\xae\v*j\x90\x1dA\'\xf3\x8e\x84\xaa\xf92,\x8e\x0e\'\x86\xe3\xbe\x9f\x83]\xa2w&\x87\xf84\x9eM\x87\x1d\x00', 0xfffffffffffffffb) keyctl$update(0x2, r6, &(0x7f0000000640)="3f1ea89d4dc706e033befdf4506d7089a02bbace26134496c3dfb036b2a6880515904d4dca51183a6f134aa91755362029cd213b0d2aaa6f7da71e107cce9570016684f0c9", 0xffffff20) connect$l2tp(r5, &(0x7f0000000040)=@pppol2tpv3={0x18, 0x1, {0x0, r3, {0x2, 0x0, @multicast2}, 0x4}}, 0x2e) setsockopt$inet6_IPV6_XFRM_POLICY(r3, 0x29, 0x23, &(0x7f00000001c0)={{{@in6=@local, @in, 0x0, 0x0, 0x0, 0x0, 0xa}, {}, {}, 0x0, 0x0, 0x1}, {{@in, 0x0, 0x32}, 0x2, @in=@loopback, 0x0, 0x4}}, 0xe8) sendmmsg(r5, &(0x7f0000005fc0), 0x800000000000059, 0x0) r7 = syz_genetlink_get_family_id$tipc(&(0x7f0000000880)='TIPC\x00') ioctl$VIDIOC_G_SELECTION(r2, 0xc040565e, &(0x7f00000007c0)={0x5, 0x102, 0x2, {0x1f, 0x0, 0xc9, 0x8703}}) sendmsg$TIPC_CMD_GET_NODES(r2, &(0x7f0000000780)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000740)={&(0x7f0000000700)={0x1c, r7, 0x302, 0x70bd29, 0x25dfdbfb, {}, ["", "", "", "", "", "", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x8c5}, 0x2000c010) ioctl$PERF_EVENT_IOC_SET_FILTER(r1, 0x40082406, &(0x7f00000002c0)='(\xcf\x11\x16\xc0\x83\xceC\xcc-\xcff\xbb!\xca\xcf\xd9v\xd0\xe7\xb4h8\xc9\xfb#\x16)\xf0\xc3\n\x86\xf1~\xe9\xabHe+\x9c]8}2\xc34h\x13\x15R\ax\x9e\x15b\xa2\x94T\x01!\x11\xb1\xa9\x9f<\xf8e\xf7\xfd3\xb3\xa2\x95\xfa\xf1\x13\xfe\x9f\xf3\xa0\x87@f\xa29?\x8bl\x15\x15\xed\xc8\x8cj\xa96\x19:\x1b\xab\x16\xab\xce\x1b\xbf\x14\xc5\x83[\x8d\xf6\xbf\x81\xe1m\x83\xfb\xac6RI\x0e[-\xff\x00$\xdc\xe1\xe6\xe3\xfb0\xc9\xe2\x0f\xe6\x97o\x7fl1\x8d\xb4m\xeb\x0eP\xdc)\xb0\x99P\xd4\xd3u7W\x12\x00\x86\x95\r$\xf9E\x00\x00\x00\x00\x00\x00\x00\x00n\xa6m>|\xfa\xd4V7\xb2\x18\x86\xcd\xd9X\x88\xa0\x81/\xd0|\x18\x16C\xbb\xbfN\xff\xf0\xde\x11\xa8i\xb6<_\x9c\x88Il;\xeb\x12\xcc\xc7\xc4\xcd\xe5\xeb\xd6\xaa5\x96M\x1b\x11j\xfe\xf2\xd28\xa4\xf258\x9f\xab\xcd\xcf]9G\xe2\x04k\xa54fQ\x907\xd6\xf2qb\xbe\x00\x00\x00\x00\x00\x00\x00\b\xc2vpB\x90\xa53\xc9\xdff\x19G\x17f}\xfe\xb0\xd2\x89\x0e9*\xe5q\xd5\xa9\xc0T\x85\xf0\xb0\x86\\\x8f\xa7|\xfa\v]\x89\xb9oJ\xd6\x85\xf4\x15\xb5\xa6\xd7\xb3\xc6\x95 \xd0\xd7\xf9X\xbe\xb1\xdf\xb9\xd9b\x8ay\xd4\xc2\xb9\x1fs\"o\xa7W\x1c\xc4\xc2k\xc8\xc0,${?\x84\xbb\xb1i\ab\xe8\x00e\xacZH^\xe8\x91\xae\v*j\x90\x1dA\'\xf3\x8e\x84\xaa\xf92,\x8e\x0e\'\x86\xe3\xbe\x9f\x83]\xa2w&\x87\xf84\x9eM\x87\x1d\x00'/415) r8 = openat$cachefiles(0xffffffffffffff9c, &(0x7f00000006c0)='/dev/cachefiles\x00', 0x200200, 0x0) io_setup(0x7, &(0x7f0000000800)=0x0) io_submit(r9, 0x2, &(0x7f0000000a40)=[&(0x7f0000000840)={0x0, 0x0, 0x0, 0xd, 0xa264, r0, &(0x7f00000008c0)="6e56cfaac489b560782683011f55bf253a78137d021140bcedf8fd5175aa9f0e282dc5a7dbfc6a02f12ce67b706e818496a718a03c69dfdc103bf372a7146e6e4ebbbdd5ac13c70bffcab9d0d65660c781e0cd2d539008e489873c4b12bbb28d818ebfecc2026c255e56c33007a00e10b95664352ae66bfc4ce357d8bdbaa398bd10a20ae89d7e111a242a2262eb29085a0444cdff1e25a279fd416d02af224cbca918961bdb295007298fe899376b707a82b24eb4b12681948122a03029dcdec2f648bba8c23f7830a55aa17c3f2b3a1f5afef83e8798ea2ba6ec50c9f5593f55fa9b0694ae4b42ce955bdd464a70", 0xef, 0x400, 0x0, 0x0, r8}, &(0x7f0000000a00)={0x0, 0x0, 0x0, 0x5074680e8c498565, 0x9, r2, &(0x7f00000009c0), 0x0, 0x4, 0x0, 0x0, r0}]) [ 3311.932253][T21553] R10: 0000000000000007 R11: 0000000000000212 R12: 000000000000000b [ 3311.940234][T21553] R13: 000000000000000c R14: 000000000000000d R15: 00000000ffffffff [ 3312.011997][T21553] memory: usage 307132kB, limit 307200kB, failcnt 5294 [ 3312.018911][T21553] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3312.030511][T21553] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3312.037474][T21553] Memory cgroup stats for /syz0: cache:228KB rss:179128KB rss_huge:141312KB shmem:200KB mapped_file:0KB dirty:0KB writeback:132KB swap:0KB inactive_anon:104KB active_anon:179052KB inactive_file:0KB active_file:0KB unevictable:0KB [ 3312.063453][T21553] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=20760,uid=0 [ 3312.079792][T21553] Memory cgroup out of memory: Killed process 20760 (syz-executor.0) total-vm:72712kB, anon-rss:2228kB, file-rss:35796kB, shmem-rss:0kB [ 3312.100655][T21548] syz-executor.0 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=0, oom_score_adj=1000 [ 3312.125399][T21548] CPU: 0 PID: 21548 Comm: syz-executor.0 Not tainted 5.1.0-rc7+ #97 [ 3312.133529][T21548] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3312.143579][T21548] Call Trace: [ 3312.146878][T21548] dump_stack+0x172/0x1f0 [ 3312.151217][T21548] dump_header+0x10f/0xb6c [ 3312.155653][T21548] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 3312.161466][T21548] ? ___ratelimit+0x60/0x595 [ 3312.166072][T21548] ? do_raw_spin_unlock+0x57/0x270 [ 3312.171292][T21548] oom_kill_process.cold+0x10/0x15 [ 3312.176418][T21548] out_of_memory+0x79a/0x1280 [ 3312.181115][T21548] ? oom_killer_disable+0x280/0x280 [ 3312.186485][T21548] ? find_held_lock+0x35/0x130 [ 3312.191281][T21548] mem_cgroup_out_of_memory+0x1ca/0x230 [ 3312.196841][T21548] ? memcg_event_wake+0x230/0x230 [ 3312.201883][T21548] ? do_raw_spin_unlock+0x57/0x270 [ 3312.207003][T21548] ? _raw_spin_unlock+0x2d/0x50 [ 3312.211877][T21548] try_charge+0xa87/0x15c0 [ 3312.216308][T21548] ? find_held_lock+0x35/0x130 [ 3312.221089][T21548] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 3312.226645][T21548] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 3312.232196][T21548] ? find_held_lock+0x35/0x130 [ 3312.236978][T21548] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 3312.242549][T21548] __memcg_kmem_charge_memcg+0x7c/0x130 [ 3312.248113][T21548] ? memcg_kmem_put_cache+0xb0/0xb0 [ 3312.253323][T21548] ? get_mem_cgroup_from_mm+0x128/0x2b0 [ 3312.258884][T21548] __memcg_kmem_charge+0x136/0x300 [ 3312.264020][T21548] __alloc_pages_nodemask+0x4bf/0x8d0 [ 3312.269406][T21548] ? __alloc_pages_slowpath+0x28b0/0x28b0 [ 3312.275146][T21548] ? copy_page_range+0x125a/0x1f90 [ 3312.280279][T21548] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 3312.286533][T21548] alloc_pages_current+0x107/0x210 [ 3312.291660][T21548] pte_alloc_one+0x1b/0x1a0 [ 3312.296177][T21548] __pte_alloc+0x20/0x310 [ 3312.300513][T21548] copy_page_range+0x1529/0x1f90 [ 3312.305452][T21548] ? perf_trace_lock+0xeb/0x510 [ 3312.310304][T21548] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3312.316590][T21548] ? pmd_alloc+0x180/0x180 [ 3312.321015][T21548] ? __rb_insert_augmented+0x231/0xdf0 [ 3312.326480][T21548] ? validate_mm_rb+0xa3/0xc0 [ 3312.331159][T21548] ? __vma_link_rb+0x279/0x370 [ 3312.335945][T21548] copy_process.part.0+0x568b/0x7980 [ 3312.341277][T21548] ? __cleanup_sighand+0x60/0x60 [ 3312.346228][T21548] ? check_stack_object+0x114/0x160 [ 3312.351434][T21548] ? __sanitizer_cov_trace_switch+0x49/0x80 [ 3312.357340][T21548] _do_fork+0x257/0xfd0 [ 3312.361511][T21548] ? fork_idle+0x1d0/0x1d0 [ 3312.365944][T21548] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3312.372195][T21548] ? key_get_type_from_user.constprop.0+0xe4/0x110 [ 3312.378710][T21548] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3312.384961][T21548] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3312.390422][T21548] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3312.395884][T21548] ? do_syscall_64+0x26/0x610 [ 3312.400573][T21548] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3312.406642][T21548] ? do_syscall_64+0x26/0x610 [ 3312.411331][T21548] __x64_sys_clone+0xbf/0x150 [ 3312.416020][T21548] do_syscall_64+0x103/0x610 [ 3312.420621][T21548] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3312.426520][T21548] RIP: 0033:0x2000050a [ 3312.430591][T21548] Code: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 98 4a 2a e9 2c b8 b6 4c 0f 05 03 00 40 00 c4 a3 7b f0 c5 3c 41 e2 e9 c4 22 e9 aa bb 3c 00 00 [ 3312.450203][T21548] RSP: 002b:0000000000400003 EFLAGS: 00000212 ORIG_RAX: 0000000000000038 [ 3312.458633][T21548] RAX: ffffffffffffffda RBX: 0000000000000009 RCX: 000000002000050a [ 3312.466788][T21548] RDX: dfaf83e69c634c96 RSI: 0000000000400003 RDI: 00007f3680240608 [ 3312.474763][T21548] RBP: 0000000000000006 R08: 0000000000000005 R09: 0000000000000006 [ 3312.482734][T21548] R10: 0000000000000007 R11: 0000000000000212 R12: 000000000000000b [ 3312.490710][T21548] R13: 000000000000000c R14: 000000000000000d R15: 00000000ffffffff [ 3312.502808][T21548] memory: usage 307200kB, limit 307200kB, failcnt 5360 [ 3312.510247][T21548] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3312.517920][T21548] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3312.526141][T21548] Memory cgroup stats for /syz0: cache:228KB rss:179128KB rss_huge:141312KB shmem:200KB mapped_file:0KB dirty:0KB writeback:132KB swap:0KB inactive_anon:104KB active_anon:178996KB inactive_file:0KB active_file:0KB unevictable:0KB [ 3312.548673][T21548] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=328,uid=0 [ 3312.564124][T21548] Memory cgroup out of memory: Killed process 328 (syz-executor.0) total-vm:72448kB, anon-rss:2216kB, file-rss:35800kB, shmem-rss:0kB [ 3312.581083][ T1043] oom_reaper: reaped process 328 (syz-executor.0), now anon-rss:0kB, file-rss:34840kB, shmem-rss:0kB [ 3312.674244][T21576] syz-executor.0 invoked oom-killer: gfp_mask=0x40cc0(GFP_KERNEL|__GFP_COMP), order=1, oom_score_adj=1000 [ 3312.715483][T21576] CPU: 1 PID: 21576 Comm: syz-executor.0 Not tainted 5.1.0-rc7+ #97 [ 3312.723509][T21576] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3312.733574][T21576] Call Trace: [ 3312.736880][T21576] dump_stack+0x172/0x1f0 [ 3312.741490][T21576] dump_header+0x10f/0xb6c [ 3312.745910][T21576] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 3312.751710][T21576] ? ___ratelimit+0x60/0x595 [ 3312.756302][T21576] ? do_raw_spin_unlock+0x57/0x270 [ 3312.761415][T21576] oom_kill_process.cold+0x10/0x15 [ 3312.766522][T21576] out_of_memory+0x79a/0x1280 [ 3312.771201][T21576] ? oom_killer_disable+0x280/0x280 [ 3312.776398][T21576] ? find_held_lock+0x35/0x130 [ 3312.781155][T21576] mem_cgroup_out_of_memory+0x1ca/0x230 [ 3312.786682][T21576] ? memcg_event_wake+0x230/0x230 [ 3312.791693][T21576] ? do_raw_spin_unlock+0x57/0x270 [ 3312.796796][T21576] ? _raw_spin_unlock+0x2d/0x50 [ 3312.801680][T21576] try_charge+0xa87/0x15c0 [ 3312.806115][T21576] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 3312.811650][T21576] ? rcu_read_lock_sched_held+0x110/0x130 [ 3312.817364][T21576] ? __alloc_pages_nodemask+0x61d/0x8d0 [ 3312.822917][T21576] ? __lockdep_free_key_range+0x120/0x120 [ 3312.828674][T21576] __memcg_kmem_charge_memcg+0x7c/0x130 [ 3312.834219][T21576] ? memcg_kmem_put_cache+0xb0/0xb0 [ 3312.839401][T21576] ? cache_grow_begin+0x594/0x860 [ 3312.844410][T21576] ? lockdep_hardirqs_on+0x418/0x5d0 [ 3312.849678][T21576] ? trace_hardirqs_on+0x67/0x230 [ 3312.854703][T21576] cache_grow_begin+0x5c0/0x860 [ 3312.859641][T21576] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 3312.865867][T21576] ? __cpuset_node_allowed+0x136/0x540 [ 3312.871317][T21576] fallback_alloc+0x1fd/0x2d0 [ 3312.875984][T21576] ____cache_alloc_node+0x1be/0x1e0 [ 3312.881168][T21576] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 3312.887410][T21576] kmem_cache_alloc_node+0xe3/0x710 [ 3312.892607][T21576] ? lockdep_hardirqs_on+0x418/0x5d0 [ 3312.897877][T21576] ? trace_hardirqs_on+0x67/0x230 [ 3312.902887][T21576] copy_process.part.0+0x1d08/0x7980 [ 3312.908245][T21576] ? perf_trace_lock+0xeb/0x510 [ 3312.913093][T21576] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3312.919330][T21576] ? debug_smp_processor_id+0x3c/0x280 [ 3312.924777][T21576] ? __lockdep_free_key_range+0x120/0x120 [ 3312.930504][T21576] ? __might_fault+0x12b/0x1e0 [ 3312.935285][T21576] ? find_held_lock+0x35/0x130 [ 3312.940061][T21576] ? __might_fault+0x12b/0x1e0 [ 3312.944825][T21576] ? __cleanup_sighand+0x60/0x60 [ 3312.949761][T21576] ? check_stack_object+0x114/0x160 [ 3312.954957][T21576] ? __sanitizer_cov_trace_switch+0x49/0x80 [ 3312.960859][T21576] _do_fork+0x257/0xfd0 [ 3312.965032][T21576] ? fork_idle+0x1d0/0x1d0 [ 3312.969449][T21576] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3312.975686][T21576] ? key_get_type_from_user.constprop.0+0xe4/0x110 [ 3312.982182][T21576] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3312.988408][T21576] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3312.993873][T21576] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3312.999342][T21576] ? do_syscall_64+0x26/0x610 [ 3313.004609][T21576] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3313.010669][T21576] ? do_syscall_64+0x26/0x610 [ 3313.015350][T21576] __x64_sys_clone+0xbf/0x150 [ 3313.020034][T21576] do_syscall_64+0x103/0x610 [ 3313.024625][T21576] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3313.030521][T21576] RIP: 0033:0x2000050a [ 3313.034585][T21576] Code: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 98 4a 2a e9 2c b8 b6 4c 0f 05 03 00 40 00 c4 a3 7b f0 c5 3c 41 e2 e9 c4 22 e9 aa bb 3c 00 00 [ 3313.054180][T21576] RSP: 002b:0000000000400003 EFLAGS: 00000212 ORIG_RAX: 0000000000000038 [ 3313.062584][T21576] RAX: ffffffffffffffda RBX: 0000000000000009 RCX: 000000002000050a [ 3313.070557][T21576] RDX: dfaf83e69c634c96 RSI: 0000000000400003 RDI: 00007f3680240608 [ 3313.078621][T21576] RBP: 0000000000000006 R08: 0000000000000005 R09: 0000000000000006 [ 3313.086581][T21576] R10: 0000000000000007 R11: 0000000000000212 R12: 000000000000000b [ 3313.094541][T21576] R13: 000000000000000c R14: 000000000000000d R15: 00000000ffffffff [ 3313.108176][T21576] memory: usage 307200kB, limit 307200kB, failcnt 5873 [ 3313.115236][T21576] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3313.122861][T21576] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3313.129787][T21576] Memory cgroup stats for /syz0: cache:228KB rss:176952KB rss_huge:139264KB shmem:200KB mapped_file:0KB dirty:0KB writeback:132KB swap:0KB inactive_anon:104KB active_anon:176860KB inactive_file:0KB active_file:0KB unevictable:0KB [ 3313.152309][T21576] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=10792,uid=0 [ 3313.168060][T21576] Memory cgroup out of memory: Killed process 10792 (syz-executor.0) total-vm:72844kB, anon-rss:2236kB, file-rss:35780kB, shmem-rss:0kB [ 3313.186319][ T1043] oom_reaper: reaped process 10792 (syz-executor.0), now anon-rss:0kB, file-rss:34820kB, shmem-rss:0kB [ 3313.213782][T21585] syz-executor.0 invoked oom-killer: gfp_mask=0x40cc0(GFP_KERNEL|__GFP_COMP), order=1, oom_score_adj=1000 [ 3313.263558][T21585] CPU: 0 PID: 21585 Comm: syz-executor.0 Not tainted 5.1.0-rc7+ #97 [ 3313.271594][T21585] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3313.281661][T21585] Call Trace: [ 3313.284980][T21585] dump_stack+0x172/0x1f0 [ 3313.289319][T21585] dump_header+0x10f/0xb6c [ 3313.293741][T21585] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 3313.299559][T21585] ? ___ratelimit+0x60/0x595 [ 3313.304157][T21585] ? do_raw_spin_unlock+0x57/0x270 [ 3313.309268][T21585] oom_kill_process.cold+0x10/0x15 [ 3313.314374][T21585] out_of_memory+0x79a/0x1280 [ 3313.319053][T21585] ? oom_killer_disable+0x280/0x280 [ 3313.324257][T21585] ? find_held_lock+0x35/0x130 [ 3313.329050][T21585] mem_cgroup_out_of_memory+0x1ca/0x230 [ 3313.334595][T21585] ? memcg_event_wake+0x230/0x230 [ 3313.339608][T21585] ? do_raw_spin_unlock+0x57/0x270 [ 3313.344716][T21585] ? _raw_spin_unlock+0x2d/0x50 [ 3313.349579][T21585] try_charge+0xa87/0x15c0 [ 3313.353998][T21585] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 3313.359531][T21585] ? rcu_read_lock_sched_held+0x110/0x130 [ 3313.365251][T21585] ? __alloc_pages_nodemask+0x61d/0x8d0 [ 3313.370797][T21585] ? __lockdep_free_key_range+0x120/0x120 [ 3313.376515][T21585] __memcg_kmem_charge_memcg+0x7c/0x130 [ 3313.382066][T21585] ? memcg_kmem_put_cache+0xb0/0xb0 [ 3313.387283][T21585] ? cache_grow_begin+0x594/0x860 [ 3313.392318][T21585] ? lockdep_hardirqs_on+0x418/0x5d0 [ 3313.397603][T21585] ? trace_hardirqs_on+0x67/0x230 [ 3313.402642][T21585] cache_grow_begin+0x5c0/0x860 [ 3313.407512][T21585] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 3313.413763][T21585] ? __cpuset_node_allowed+0x136/0x540 [ 3313.419229][T21585] fallback_alloc+0x1fd/0x2d0 [ 3313.423919][T21585] ____cache_alloc_node+0x1be/0x1e0 [ 3313.429135][T21585] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 3313.435393][T21585] kmem_cache_alloc_node+0xe3/0x710 [ 3313.440591][T21585] ? lockdep_hardirqs_on+0x418/0x5d0 [ 3313.445873][T21585] ? trace_hardirqs_on+0x67/0x230 [ 3313.450897][T21585] copy_process.part.0+0x1d08/0x7980 [ 3313.456169][T21585] ? perf_trace_lock+0xeb/0x510 [ 3313.461003][T21585] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3313.467243][T21585] ? debug_smp_processor_id+0x3c/0x280 [ 3313.472712][T21585] ? __lockdep_free_key_range+0x120/0x120 [ 3313.478432][T21585] ? __might_fault+0x12b/0x1e0 [ 3313.483192][T21585] ? find_held_lock+0x35/0x130 [ 3313.487981][T21585] ? __might_fault+0x12b/0x1e0 [ 3313.492764][T21585] ? __cleanup_sighand+0x60/0x60 [ 3313.497708][T21585] ? check_stack_object+0x114/0x160 [ 3313.502992][T21585] ? __sanitizer_cov_trace_switch+0x49/0x80 [ 3313.508902][T21585] _do_fork+0x257/0xfd0 [ 3313.513084][T21585] ? fork_idle+0x1d0/0x1d0 [ 3313.517496][T21585] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3313.523737][T21585] ? key_get_type_from_user.constprop.0+0xe4/0x110 [ 3313.530244][T21585] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3313.536485][T21585] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3313.541960][T21585] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3313.547426][T21585] ? do_syscall_64+0x26/0x610 [ 3313.552109][T21585] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3313.558173][T21585] ? do_syscall_64+0x26/0x610 [ 3313.562854][T21585] __x64_sys_clone+0xbf/0x150 [ 3313.567545][T21585] do_syscall_64+0x103/0x610 [ 3313.572153][T21585] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3313.578038][T21585] RIP: 0033:0x2000050a [ 3313.582101][T21585] Code: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 98 4a 2a e9 2c b8 b6 4c 0f 05 03 00 40 00 c4 a3 7b f0 c5 3c 41 e2 e9 c4 22 e9 aa bb 3c 00 00 [ 3313.601716][T21585] RSP: 002b:0000000000400003 EFLAGS: 00000212 ORIG_RAX: 0000000000000038 [ 3313.610127][T21585] RAX: ffffffffffffffda RBX: 0000000000000009 RCX: 000000002000050a [ 3313.618089][T21585] RDX: dfaf83e69c634c96 RSI: 0000000000400003 RDI: 00007f3680240608 [ 3313.626055][T21585] RBP: 0000000000000006 R08: 0000000000000005 R09: 0000000000000006 [ 3313.634028][T21585] R10: 0000000000000007 R11: 0000000000000212 R12: 000000000000000b [ 3313.641993][T21585] R13: 000000000000000c R14: 000000000000000d R15: 00000000ffffffff [ 3313.652255][T21585] memory: usage 306620kB, limit 307200kB, failcnt 6022 [ 3313.659168][T21585] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3313.666742][T21585] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3313.673640][T21585] Memory cgroup stats for /syz0: cache:228KB rss:174804KB rss_huge:137216KB shmem:200KB mapped_file:0KB dirty:0KB writeback:132KB swap:0KB inactive_anon:104KB active_anon:174700KB inactive_file:0KB active_file:0KB unevictable:0KB [ 3313.695872][T21585] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=5003,uid=0 [ 3313.711248][T21585] Memory cgroup out of memory: Killed process 5003 (syz-executor.0) total-vm:72712kB, anon-rss:2228kB, file-rss:35792kB, shmem-rss:0kB [ 3313.730615][T21615] syz-executor.0 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=0, oom_score_adj=1000 [ 3313.755851][T21615] CPU: 0 PID: 21615 Comm: syz-executor.0 Not tainted 5.1.0-rc7+ #97 [ 3313.763883][T21615] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3313.773955][T21615] Call Trace: [ 3313.777268][T21615] dump_stack+0x172/0x1f0 [ 3313.781613][T21615] dump_header+0x10f/0xb6c [ 3313.786043][T21615] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 3313.791859][T21615] ? ___ratelimit+0x60/0x595 [ 3313.796455][T21615] ? do_raw_spin_unlock+0x57/0x270 [ 3313.801581][T21615] oom_kill_process.cold+0x10/0x15 [ 3313.806705][T21615] out_of_memory+0x79a/0x1280 [ 3313.811399][T21615] ? oom_killer_disable+0x280/0x280 [ 3313.816602][T21615] ? find_held_lock+0x35/0x130 [ 3313.821387][T21615] mem_cgroup_out_of_memory+0x1ca/0x230 [ 3313.826951][T21615] ? memcg_event_wake+0x230/0x230 [ 3313.831998][T21615] ? do_raw_spin_unlock+0x57/0x270 [ 3313.837125][T21615] ? _raw_spin_unlock+0x2d/0x50 [ 3313.841994][T21615] try_charge+0xa87/0x15c0 [ 3313.846419][T21615] ? find_held_lock+0x35/0x130 [ 3313.851200][T21615] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 3313.856759][T21615] ? get_mem_cgroup_from_mm+0x10b/0x2b0 17:10:46 executing program 0: r0 = perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = add_key$keyring(&(0x7f0000000000)='keyring\x00', &(0x7f00000000c0)={'syz'}, 0x0, 0x0, 0xffffffffffffffff) keyctl$setperm(0x5, r1, 0x10000400) ioctl$EXT4_IOC_ALLOC_DA_BLKS(r0, 0x660c) r2 = syz_open_dev$sndpcmp(&(0x7f0000000040)='/dev/snd/pcmC#D#p\x00', 0x80000001, 0x400000) ioctl$sock_bt_hidp_HIDPGETCONNINFO(r2, 0x800448d3, &(0x7f00000001c0)={{0x2, 0x3, 0x40, 0x1f, 0x100000000, 0x6}, 0x9, 0x4714, 0x85f, 0x800000, 0x8000, "c7c30b37bad3c95b182eb30b08b6891ceb0aa38fd9847afd45f6bd798996705af51021af1e1126ebf6211c81cdf36783fbc9bf594122fba13e5cbb4bf1cc1ef5f7eb5c832a57b81a3f8474a88ab97473cdb4df1638c09740d5654dd2c0f7dd3a5161cad8ff2e504d9030c84c99306974f3fc5a0e0522b43fb09353844a666f4c"}) 17:10:46 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = socket$inet(0x10, 0x3, 0xc) sendmsg(r1, &(0x7f0000011fc8)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="24000000060107031dfffd946fa2830020200a0009000200001d85590c1baba20400ff7e28000000110affffba010000000009b356da5a80d18be34c8546c8243929db2406b20cd37ed01cc0", 0x4c}], 0x1}, 0x0) 17:10:46 executing program 4: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB="300000001800110300000000000000000a000000fe00f0ffffff000014000500002ec1ddb6edd8e4dcd163af3c00000000000000000000000008"], 0x1}}, 0x0) 17:10:46 executing program 2: clone(0x80210a001ff1, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$IP_VS_SO_SET_ADD(r0, 0x0, 0x482, &(0x7f0000000040)={0x40011, @empty, 0x0, 0x0, '\xfa\x94\x00\x00`\x00'}, 0x2c) 17:10:46 executing program 1: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) socketpair(0x9, 0xfffffffffffffffe, 0xf3, &(0x7f0000000180)={0xffffffffffffffff}) setsockopt$packet_tx_ring(r1, 0x107, 0xd, &(0x7f00000001c0)=@req3={0x3, 0xff, 0x0, 0x7fffffff, 0xffffffffffffffff, 0xfff, 0x8}, 0x1c) prctl$PR_SET_NAME(0xf, &(0x7f0000000080)='#\x00') setsockopt(r0, 0xc3, 0x1, &(0x7f0000000140)="fafe617f18bc", 0x6) socket$inet6(0xa, 0x400000000001, 0x0) setsockopt$inet6_MRT6_ADD_MFC(r1, 0x29, 0xcc, &(0x7f0000000000)={{0xa, 0x1ff, 0xfffffffffffffff9, @mcast2, 0x5}, {0xa, 0x4e20, 0x400, @rand_addr="5cbfd2902ebbc34f4a2b49314bff17a5", 0x100}, 0x1000, [0x0, 0x1, 0xfffffffffffffffc, 0x7fff, 0x5c17, 0x0, 0x553, 0x1000]}, 0x5c) r2 = dup(r1) sendto$inet6(r2, 0x0, 0x0, 0x20000008, &(0x7f0000000100)={0xa, 0x0, 0x0, @loopback}, 0x1c) ioctl$EVIOCGPROP(r2, 0x80404509, &(0x7f0000000200)=""/222) socket$inet6(0xa, 0x8000a, 0x4) [ 3313.862315][T21615] ? find_held_lock+0x35/0x130 [ 3313.867096][T21615] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 3313.872671][T21615] __memcg_kmem_charge_memcg+0x7c/0x130 [ 3313.878241][T21615] ? memcg_kmem_put_cache+0xb0/0xb0 [ 3313.883459][T21615] ? get_mem_cgroup_from_mm+0x128/0x2b0 [ 3313.889022][T21615] __memcg_kmem_charge+0x136/0x300 [ 3313.894153][T21615] __alloc_pages_nodemask+0x4bf/0x8d0 [ 3313.899543][T21615] ? __alloc_pages_slowpath+0x28b0/0x28b0 [ 3313.905289][T21615] ? copy_page_range+0x125a/0x1f90 [ 3313.910430][T21615] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 3313.916695][T21615] alloc_pages_current+0x107/0x210 [ 3313.921822][T21615] pte_alloc_one+0x1b/0x1a0 [ 3313.926348][T21615] __pte_alloc+0x20/0x310 [ 3313.930701][T21615] copy_page_range+0x1529/0x1f90 [ 3313.935654][T21615] ? perf_trace_lock+0xeb/0x510 [ 3313.940521][T21615] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3313.946802][T21615] ? pmd_alloc+0x180/0x180 [ 3313.946822][T21615] ? __rb_insert_augmented+0x231/0xdf0 [ 3313.946840][T21615] ? validate_mm_rb+0xa3/0xc0 [ 3313.956710][T21615] ? __vma_link_rb+0x279/0x370 [ 3313.956734][T21615] copy_process.part.0+0x568b/0x7980 [ 3313.956780][T21615] ? __cleanup_sighand+0x60/0x60 [ 3313.956807][T21615] ? check_stack_object+0x114/0x160 [ 3313.956825][T21615] ? __sanitizer_cov_trace_switch+0x49/0x80 [ 3313.956849][T21615] _do_fork+0x257/0xfd0 [ 3313.956870][T21615] ? fork_idle+0x1d0/0x1d0 [ 3313.956884][T21615] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3313.956900][T21615] ? key_get_type_from_user.constprop.0+0xe4/0x110 [ 3313.956921][T21615] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3313.956949][T21615] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3313.956969][T21615] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3314.026018][T21615] ? do_syscall_64+0x26/0x610 [ 3314.033101][T21615] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3314.034766][T21739] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.5'. [ 3314.039174][T21615] ? do_syscall_64+0x26/0x610 [ 3314.039199][T21615] __x64_sys_clone+0xbf/0x150 [ 3314.039220][T21615] do_syscall_64+0x103/0x610 17:10:46 executing program 2: clone(0x80210a001ff1, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$IP_VS_SO_SET_ADD(r0, 0x0, 0x482, &(0x7f0000000040)={0x40011, @empty, 0x0, 0x0, '\xfa\x94\x00\x00h\x00'}, 0x2c) [ 3314.039248][T21615] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3314.039261][T21615] RIP: 0033:0x2000050a [ 3314.039277][T21615] Code: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 98 4a 2a e9 2c b8 b6 4c 0f 05 03 00 40 00 c4 a3 7b f0 c5 3c 41 e2 e9 c4 22 e9 aa bb 3c 00 00 [ 3314.039292][T21615] RSP: 002b:0000000000400003 EFLAGS: 00000212 ORIG_RAX: 0000000000000038 [ 3314.100410][T21615] RAX: ffffffffffffffda RBX: 0000000000000009 RCX: 000000002000050a [ 3314.108389][T21615] RDX: dfaf83e69c634c96 RSI: 0000000000400003 RDI: 00007f3680240608 [ 3314.116366][T21615] RBP: 0000000000000006 R08: 0000000000000005 R09: 0000000000000006 [ 3314.124345][T21615] R10: 0000000000000007 R11: 0000000000000212 R12: 000000000000000b [ 3314.132326][T21615] R13: 000000000000000c R14: 000000000000000d R15: 00000000ffffffff [ 3314.156376][T21615] memory: usage 307200kB, limit 307200kB, failcnt 6170 17:10:46 executing program 4: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB="300000001800110300000000000000000a000000fe0000020000000014000500002ec1ddb6edd8e4dcd163af3c00000000000000000000000008"], 0x1}}, 0x0) [ 3314.163532][T21615] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3314.171041][T21615] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3314.178401][T21615] Memory cgroup stats for /syz0: cache:228KB rss:172616KB rss_huge:135168KB shmem:200KB mapped_file:0KB dirty:0KB writeback:132KB swap:0KB inactive_anon:104KB active_anon:172548KB inactive_file:0KB active_file:0KB unevictable:0KB [ 3314.201289][T21615] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=8542,uid=0 [ 3314.216737][T21615] Memory cgroup out of memory: Killed process 8542 (syz-executor.0) total-vm:72580kB, anon-rss:2220kB, file-rss:35800kB, shmem-rss:0kB [ 3314.252924][T21616] syz-executor.0 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=0, oom_score_adj=1000 [ 3314.273259][T21616] CPU: 0 PID: 21616 Comm: syz-executor.0 Not tainted 5.1.0-rc7+ #97 [ 3314.281267][T21616] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3314.291338][T21616] Call Trace: [ 3314.294647][T21616] dump_stack+0x172/0x1f0 [ 3314.298996][T21616] dump_header+0x10f/0xb6c [ 3314.303428][T21616] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 3314.309256][T21616] ? ___ratelimit+0x60/0x595 [ 3314.313861][T21616] ? do_raw_spin_unlock+0x57/0x270 [ 3314.318993][T21616] oom_kill_process.cold+0x10/0x15 [ 3314.324124][T21616] out_of_memory+0x79a/0x1280 [ 3314.328823][T21616] ? oom_killer_disable+0x280/0x280 [ 3314.334029][T21616] ? find_held_lock+0x35/0x130 [ 3314.338816][T21616] mem_cgroup_out_of_memory+0x1ca/0x230 [ 3314.344370][T21616] ? memcg_event_wake+0x230/0x230 [ 3314.349410][T21616] ? do_raw_spin_unlock+0x57/0x270 [ 3314.354536][T21616] ? _raw_spin_unlock+0x2d/0x50 [ 3314.359397][T21616] try_charge+0xa87/0x15c0 [ 3314.363827][T21616] ? find_held_lock+0x35/0x130 [ 3314.368611][T21616] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 3314.374158][T21616] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 3314.379707][T21616] ? find_held_lock+0x35/0x130 [ 3314.384479][T21616] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 3314.390051][T21616] __memcg_kmem_charge_memcg+0x7c/0x130 [ 3314.395604][T21616] ? memcg_kmem_put_cache+0xb0/0xb0 [ 3314.400808][T21616] ? get_mem_cgroup_from_mm+0x128/0x2b0 [ 3314.406362][T21616] __memcg_kmem_charge+0x136/0x300 [ 3314.411489][T21616] __alloc_pages_nodemask+0x4bf/0x8d0 [ 3314.416877][T21616] ? __alloc_pages_slowpath+0x28b0/0x28b0 [ 3314.422614][T21616] ? copy_page_range+0x125a/0x1f90 [ 3314.427736][T21616] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 3314.433987][T21616] alloc_pages_current+0x107/0x210 [ 3314.439116][T21616] pte_alloc_one+0x1b/0x1a0 [ 3314.443626][T21616] __pte_alloc+0x20/0x310 [ 3314.447978][T21616] copy_page_range+0x1529/0x1f90 [ 3314.452938][T21616] ? perf_trace_lock+0xeb/0x510 [ 3314.457796][T21616] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3314.464081][T21616] ? pmd_alloc+0x180/0x180 [ 3314.468507][T21616] ? __rb_insert_augmented+0x231/0xdf0 17:10:47 executing program 3: clone(0x802102001ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) syz_execute_func(&(0x7f0000000000)="994a2ae92c10964c0f05bf03000000c4a37bf0c50141e2e9c422e9aabb3c0000004a0fc7a4ea70db000000000f383a9e02000000110f4e5bc4a265aa104b26660f38091e2fa2631bc421045f4607c421dd589fc4e10bf8e426f2f045f619640f0f6f43a038fd52262e2e66450f7d64c60865f2ad0383397fd3ff3a0065f20f7cd8efa1a12ad764d38f53efaf6766f2ab440fec3f67ddea660f79cec462b1f72ec3c4899294d800000000000fc4634148f70000c2a0c10b00cca27a0e0fc442cd376d000f9f3c6436b2aa66450fc4650000c4e39978c104d9a1e8719e70ddcdcda2660f38346800c4e3295d4c3dc8a3c4c1045ccc7d75c4426507af0f0000000f5fd25cf3460f2ad0f30f5ea5a9a50000ffff660f79ca553131b83a00a2f1fbfb766208cf") r0 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/autofs\x00', 0x102, 0x0) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000180)=0xa0, 0x4) 17:10:47 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="0adc1f123c123f319bd070") syz_genetlink_get_family_id$team(&(0x7f0000000300)='team\x00') r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f0000000080)={0x26, 'hash\x00', 0x0, 0x0, 'ghash-generic\x00'}, 0x7) r2 = accept4(r1, 0x0, 0x0, 0x0) r3 = semget$private(0x0, 0x0, 0x100) stat(&(0x7f0000000000)='./file0\x00', &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x0}) r5 = getegid() r6 = geteuid() r7 = getgid() r8 = openat$full(0xffffffffffffff9c, &(0x7f0000000280)='/dev/full\x00', 0x200400, 0x0) ioctl$BLKRAGET(r8, 0x1263, &(0x7f00000002c0)) semctl$IPC_SET(r3, 0x0, 0x1, &(0x7f0000000180)={{0x3, r4, r5, r6, r7, 0x178, 0x1f}, 0xfffffffffffffffe, 0x10000, 0x7}) recvmmsg(0xffffffffffffffff, &(0x7f00000061c0)=[{{0x0, 0x0, &(0x7f0000002e40)=[{&(0x7f0000002c80)=""/141, 0x8d}], 0x1}}], 0x1, 0x0, 0x0) setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000200)="ad56b6cc0400aeb995298992ea5400c2", 0x10) sendmmsg$unix(r2, &(0x7f0000000680), 0x4924924924925c6, 0x0) r9 = dup2(r2, r1) ioctl$BLKIOMIN(r9, 0x1278, &(0x7f0000000240)) socket$alg(0x26, 0x5, 0x0) 17:10:47 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = socket$inet(0x10, 0x3, 0xc) sendmsg(r1, &(0x7f0000011fc8)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="24000000060107031dfffd946fa2830020200a0009000200001d855a0c1baba20400ff7e28000000110affffba010000000009b356da5a80d18be34c8546c8243929db2406b20cd37ed01cc0", 0x4c}], 0x1}, 0x0) [ 3314.473980][T21616] ? validate_mm_rb+0xa3/0xc0 [ 3314.478673][T21616] ? __vma_link_rb+0x279/0x370 [ 3314.483455][T21616] copy_process.part.0+0x568b/0x7980 [ 3314.488781][T21616] ? __cleanup_sighand+0x60/0x60 [ 3314.493733][T21616] ? check_stack_object+0x114/0x160 [ 3314.498953][T21616] ? __sanitizer_cov_trace_switch+0x49/0x80 [ 3314.504872][T21616] _do_fork+0x257/0xfd0 [ 3314.509045][T21616] ? fork_idle+0x1d0/0x1d0 [ 3314.509071][T21616] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3314.519720][T21616] ? key_get_type_from_user.constprop.0+0xe4/0x110 [ 3314.526247][T21616] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3314.532505][T21616] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3314.537982][T21616] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3314.543451][T21616] ? do_syscall_64+0x26/0x610 [ 3314.548264][T21616] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3314.554351][T21616] ? do_syscall_64+0x26/0x610 [ 3314.559043][T21616] __x64_sys_clone+0xbf/0x150 [ 3314.563737][T21616] do_syscall_64+0x103/0x610 [ 3314.568367][T21616] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3314.574352][T21616] RIP: 0033:0x2000050a [ 3314.578431][T21616] Code: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 98 4a 2a e9 2c b8 b6 4c 0f 05 03 00 40 00 c4 a3 7b f0 c5 3c 41 e2 e9 c4 22 e9 aa bb 3c 00 00 [ 3314.598131][T21616] RSP: 002b:0000000000400003 EFLAGS: 00000212 ORIG_RAX: 0000000000000038 [ 3314.598147][T21616] RAX: ffffffffffffffda RBX: 0000000000000009 RCX: 000000002000050a [ 3314.598155][T21616] RDX: dfaf83e69c634c96 RSI: 0000000000400003 RDI: 00007f3680240608 [ 3314.598162][T21616] RBP: 0000000000000006 R08: 0000000000000005 R09: 0000000000000006 [ 3314.598170][T21616] R10: 0000000000000007 R11: 0000000000000212 R12: 000000000000000b [ 3314.598178][T21616] R13: 000000000000000c R14: 000000000000000d R15: 00000000ffffffff [ 3314.607129][T21616] memory: usage 307200kB, limit 307200kB, failcnt 6282 [ 3314.607140][T21616] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3314.607149][T21616] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 17:10:47 executing program 4: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB="300000001800110300000000000000000a000000fe0000f00000000014000500002ec1ddb6edd8e4dcd163af3c00000000000000000000000008"], 0x1}}, 0x0) [ 3314.607156][T21616] Memory cgroup stats for /syz0: cache:228KB rss:170448KB rss_huge:133120KB shmem:200KB mapped_file:0KB dirty:0KB writeback:132KB swap:0KB inactive_anon:104KB active_anon:170412KB inactive_file:0KB active_file:0KB unevictable:0KB [ 3314.700570][T21616] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=13121,uid=0 [ 3314.716163][T21616] Memory cgroup out of memory: Killed process 13121 (syz-executor.0) total-vm:72580kB, anon-rss:2220kB, file-rss:35800kB, shmem-rss:0kB [ 3314.732242][ T1043] oom_reaper: reaped process 13121 (syz-executor.0), now anon-rss:0kB, file-rss:34840kB, shmem-rss:0kB [ 3314.746541][T21613] syz-executor.0 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=0, oom_score_adj=1000 [ 3314.814761][T21613] CPU: 0 PID: 21613 Comm: syz-executor.0 Not tainted 5.1.0-rc7+ #97 [ 3314.822782][T21613] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3314.832842][T21613] Call Trace: [ 3314.836150][T21613] dump_stack+0x172/0x1f0 [ 3314.840497][T21613] dump_header+0x10f/0xb6c [ 3314.844940][T21613] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 3314.850755][T21613] ? ___ratelimit+0x60/0x595 [ 3314.855355][T21613] ? do_raw_spin_unlock+0x57/0x270 [ 3314.860480][T21613] oom_kill_process.cold+0x10/0x15 [ 3314.865602][T21613] out_of_memory+0x79a/0x1280 [ 3314.870299][T21613] ? oom_killer_disable+0x280/0x280 [ 3314.875504][T21613] ? find_held_lock+0x35/0x130 [ 3314.880292][T21613] mem_cgroup_out_of_memory+0x1ca/0x230 [ 3314.885845][T21613] ? memcg_event_wake+0x230/0x230 [ 3314.891147][T21613] ? do_raw_spin_unlock+0x57/0x270 [ 3314.896980][T21613] ? _raw_spin_unlock+0x2d/0x50 [ 3314.901949][T21613] try_charge+0xa87/0x15c0 [ 3314.906374][T21613] ? find_held_lock+0x35/0x130 17:10:47 executing program 1: r0 = socket(0x10, 0x3, 0x0) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = syz_genetlink_get_family_id$tipc(&(0x7f0000000080)='TIPC\x00') socket(0x15, 0x8, 0x3) sendmsg$TIPC_CMD_SET_NODE_ADDR(r0, &(0x7f00000001c0)={&(0x7f0000000040), 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x24, r1, 0x111, 0x70bd28, 0x25dfdbfb, {{}, 0x0, 0x8001, 0x0, {0x8, 0x11, 0x2}}, ["", "", ""]}, 0x24}}, 0x0) r2 = syz_open_dev$sndpcmp(&(0x7f0000000200)='/dev/snd/pcmC#D#p\x00', 0xce, 0x30040) ioctl$DRM_IOCTL_ADD_CTX(0xffffffffffffffff, 0xc0086420, &(0x7f0000000240)={0x0}) ioctl$DRM_IOCTL_NEW_CTX(r2, 0x40086425, &(0x7f0000000280)={r3, 0x1}) write(r0, &(0x7f0000000000)="26000000130047f1eb14c1f8000022ff001000e313000000010000000000000006000300054b", 0x26) [ 3314.911158][T21613] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 3314.916711][T21613] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 3314.922270][T21613] ? find_held_lock+0x35/0x130 [ 3314.927048][T21613] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 3314.932695][T21613] __memcg_kmem_charge_memcg+0x7c/0x130 [ 3314.938252][T21613] ? memcg_kmem_put_cache+0xb0/0xb0 [ 3314.943466][T21613] ? get_mem_cgroup_from_mm+0x128/0x2b0 [ 3314.949025][T21613] __memcg_kmem_charge+0x136/0x300 [ 3314.949049][T21613] __alloc_pages_nodemask+0x4bf/0x8d0 [ 3314.949073][T21613] ? __alloc_pages_slowpath+0x28b0/0x28b0 [ 3314.949102][T21613] ? is_dynamic_key+0x1c0/0x1c0 [ 3314.949117][T21613] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 3314.949138][T21613] alloc_pages_current+0x107/0x210 [ 3314.949158][T21613] pte_alloc_one+0x1b/0x1a0 [ 3314.985990][T21613] __handle_mm_fault+0x3491/0x3ec0 [ 3314.991118][T21613] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 3314.996674][T21613] ? find_held_lock+0x35/0x130 [ 3315.001444][T21613] ? handle_mm_fault+0x322/0xb30 [ 3315.001474][T21613] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3315.001495][T21613] ? kasan_check_read+0x11/0x20 [ 3315.001518][T21613] handle_mm_fault+0x43f/0xb30 [ 3315.001541][T21613] __do_page_fault+0x5ef/0xda0 [ 3315.001568][T21613] do_page_fault+0x71/0x581 [ 3315.001588][T21613] page_fault+0x1e/0x30 [ 3315.001605][T21613] RIP: 0010:strncpy_from_user+0x1e1/0x380 [ 3315.001619][T21613] Code: 48 83 eb 08 bf 07 00 00 00 49 83 c4 08 48 89 de e8 54 fb 2d fe 48 83 fb 07 0f 86 17 01 00 00 e8 a5 f9 2d fe 48 8b 45 d0 31 f6 <4e> 8b 3c 20 31 ff 89 75 cc e8 11 fb 2d fe 8b 75 cc 85 f6 0f 84 5a [ 3315.001628][T21613] RSP: 0018:ffff88800dc7fcb0 EFLAGS: 00010246 [ 3315.001639][T21613] RAX: 0000000000400003 RBX: 0000000000000fe0 RCX: ffffffff83429272 [ 3315.001647][T21613] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000007 [ 3315.001656][T21613] RBP: ffff88800dc7fce8 R08: ffff88800dc701c0 R09: ffff8880aa594dc0 [ 3315.001665][T21613] R10: 000000000000001c R11: ffff888049e4dc3f R12: 0000000000000000 [ 3315.001673][T21613] R13: ffff888049e4cc60 R14: 0000000000000fe0 R15: 00007ffffffff000 [ 3315.001697][T21613] ? strncpy_from_user+0x142/0x380 [ 3315.001727][T21613] getname_flags+0x11b/0x5b0 [ 3315.001740][T21613] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3315.002260][T21613] do_renameat2+0x199/0xc40 [ 3315.002287][T21613] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 3315.042143][T21613] ? user_path_create+0x50/0x50 [ 3315.042166][T21613] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3315.042184][T21613] ? security_capable+0x9b/0xd0 [ 3315.042204][T21613] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3315.042219][T21613] ? ns_capable_common+0x93/0x100 [ 3315.042247][T21613] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3315.042264][T21613] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3315.042280][T21613] ? do_syscall_64+0x26/0x610 [ 3315.042294][T21613] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3315.042307][T21613] ? do_syscall_64+0x26/0x610 [ 3315.042327][T21613] __x64_sys_renameat+0x9a/0x100 [ 3315.042347][T21613] do_syscall_64+0x103/0x610 [ 3315.042366][T21613] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3315.042377][T21613] RIP: 0033:0x2000050a [ 3315.042393][T21613] Code: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 98 4a 2a e9 2c b8 b6 4c 0f 05 03 00 40 00 c4 a3 7b f0 c5 3c 41 e2 e9 c4 22 e9 aa bb 3c 00 00 [ 3315.042401][T21613] RSP: 002b:0000000000400003 EFLAGS: 00000212 ORIG_RAX: 0000000000000108 [ 3315.042421][T21613] RAX: ffffffffffffffda RBX: 0000000000000009 RCX: 000000002000050a [ 3315.128422][T21613] RDX: dfaf83e69c634c96 RSI: 0000000000400003 RDI: 00007f3680240608 [ 3315.128432][T21613] RBP: 0000000000000013 R08: 0000000000000005 R09: 0000000000000006 [ 3315.128441][T21613] R10: 0000000000000007 R11: 0000000000000212 R12: 000000000000000b [ 3315.128458][T21613] R13: 000000000000000c R14: 000000000000000d R15: 00000000ffffffff [ 3315.166393][T21613] memory: usage 307040kB, limit 307200kB, failcnt 6452 [ 3315.274849][T21769] IPVS: Scheduler module ip_vs_ú” not found [ 3315.275892][T21613] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3315.296302][T21613] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3315.303222][T21613] Memory cgroup stats for /syz0: cache:228KB rss:168312KB rss_huge:131072KB shmem:200KB mapped_file:0KB dirty:0KB writeback:132KB swap:0KB inactive_anon:104KB active_anon:168280KB inactive_file:0KB active_file:0KB unevictable:0KB [ 3315.325448][T21613] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=14265,uid=0 [ 3315.340923][T21613] Memory cgroup out of memory: Killed process 14265 (syz-executor.0) total-vm:72712kB, anon-rss:2220kB, file-rss:35796kB, shmem-rss:0kB [ 3315.361380][T21618] syz-executor.0 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=0, oom_score_adj=1000 [ 3315.409025][T21618] CPU: 1 PID: 21618 Comm: syz-executor.0 Not tainted 5.1.0-rc7+ #97 [ 3315.417052][T21618] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3315.427113][T21618] Call Trace: [ 3315.430421][T21618] dump_stack+0x172/0x1f0 [ 3315.434773][T21618] dump_header+0x10f/0xb6c [ 3315.439206][T21618] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 3315.445024][T21618] ? ___ratelimit+0x60/0x595 [ 3315.449621][T21618] ? do_raw_spin_unlock+0x57/0x270 [ 3315.454748][T21618] oom_kill_process.cold+0x10/0x15 [ 3315.459863][T21618] out_of_memory+0x79a/0x1280 [ 3315.464550][T21618] ? oom_killer_disable+0x280/0x280 [ 3315.469759][T21618] ? find_held_lock+0x35/0x130 [ 3315.474546][T21618] mem_cgroup_out_of_memory+0x1ca/0x230 [ 3315.480100][T21618] ? memcg_event_wake+0x230/0x230 [ 3315.485136][T21618] ? do_raw_spin_unlock+0x57/0x270 [ 3315.490252][T21618] ? _raw_spin_unlock+0x2d/0x50 [ 3315.495119][T21618] try_charge+0xa87/0x15c0 [ 3315.499541][T21618] ? find_held_lock+0x35/0x130 [ 3315.504320][T21618] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 3315.509870][T21618] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 3315.515426][T21618] ? find_held_lock+0x35/0x130 [ 3315.520199][T21618] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 3315.525772][T21618] __memcg_kmem_charge_memcg+0x7c/0x130 [ 3315.531330][T21618] ? memcg_kmem_put_cache+0xb0/0xb0 [ 3315.536543][T21618] ? get_mem_cgroup_from_mm+0x128/0x2b0 [ 3315.542099][T21618] __memcg_kmem_charge+0x136/0x300 [ 3315.547282][T21618] __alloc_pages_nodemask+0x4bf/0x8d0 [ 3315.552696][T21618] ? __alloc_pages_slowpath+0x28b0/0x28b0 [ 3315.558439][T21618] ? is_dynamic_key+0x1c0/0x1c0 [ 3315.563297][T21618] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 3315.569563][T21618] alloc_pages_current+0x107/0x210 [ 3315.574204][T21807] IPVS: Scheduler module ip_vs_ú” not found [ 3315.574694][T21618] pte_alloc_one+0x1b/0x1a0 [ 3315.585087][T21618] __handle_mm_fault+0x3491/0x3ec0 [ 3315.590222][T21618] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 3315.595780][T21618] ? find_held_lock+0x35/0x130 [ 3315.600567][T21618] ? handle_mm_fault+0x322/0xb30 [ 3315.605521][T21618] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3315.611781][T21618] ? kasan_check_read+0x11/0x20 [ 3315.616651][T21618] handle_mm_fault+0x43f/0xb30 [ 3315.621430][T21618] __do_page_fault+0x5ef/0xda0 [ 3315.626211][T21618] do_page_fault+0x71/0x581 [ 3315.630721][T21618] page_fault+0x1e/0x30 [ 3315.634887][T21618] RIP: 0010:strncpy_from_user+0x1e1/0x380 [ 3315.640612][T21618] Code: 48 83 eb 08 bf 07 00 00 00 49 83 c4 08 48 89 de e8 54 fb 2d fe 48 83 fb 07 0f 86 17 01 00 00 e8 a5 f9 2d fe 48 8b 45 d0 31 f6 <4e> 8b 3c 20 31 ff 89 75 cc e8 11 fb 2d fe 8b 75 cc 85 f6 0f 84 5a [ 3315.660227][T21618] RSP: 0018:ffff88800dd47cb0 EFLAGS: 00010246 [ 3315.666300][T21618] RAX: 0000000000400003 RBX: 0000000000000fe0 RCX: ffffffff83429272 [ 3315.674272][T21618] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000007 [ 3315.674291][T21618] RBP: ffff88800dd47ce8 R08: ffff88800dd382c0 R09: ffff8880aa594dc0 [ 3315.690236][T21618] R10: 000000000000001c R11: ffff888049e51cbf R12: 0000000000000000 [ 3315.690246][T21618] R13: ffff888049e50ce0 R14: 0000000000000fe0 R15: 00007ffffffff000 [ 3315.690277][T21618] ? strncpy_from_user+0x142/0x380 [ 3315.690305][T21618] getname_flags+0x11b/0x5b0 [ 3315.715949][T21618] do_renameat2+0x199/0xc40 [ 3315.720468][T21618] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3315.726710][T21618] ? debug_smp_processor_id+0x3c/0x280 [ 3315.732176][T21618] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 3315.737892][T21618] ? user_path_create+0x50/0x50 [ 3315.742729][T21618] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3315.748982][T21618] ? security_capable+0x9b/0xd0 [ 3315.753830][T21618] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3315.760051][T21618] ? ns_capable_common+0x93/0x100 [ 3315.765062][T21618] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3315.770503][T21618] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3315.775951][T21618] ? do_syscall_64+0x26/0x610 [ 3315.780613][T21618] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3315.786854][T21618] ? do_syscall_64+0x26/0x610 [ 3315.791519][T21618] __x64_sys_renameat+0x9a/0x100 [ 3315.796443][T21618] do_syscall_64+0x103/0x610 [ 3315.801026][T21618] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3315.806901][T21618] RIP: 0033:0x2000050a [ 3315.810962][T21618] Code: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 98 4a 2a e9 2c b8 b6 4c 0f 05 03 00 40 00 c4 a3 7b f0 c5 3c 41 e2 e9 c4 22 e9 aa bb 3c 00 00 [ 3315.830567][T21618] RSP: 002b:0000000000400003 EFLAGS: 00000212 ORIG_RAX: 0000000000000108 [ 3315.838983][T21618] RAX: ffffffffffffffda RBX: 0000000000000009 RCX: 000000002000050a [ 3315.846952][T21618] RDX: dfaf83e69c634c96 RSI: 0000000000400003 RDI: 00007f3680240608 [ 3315.854939][T21618] RBP: 0000000000000013 R08: 0000000000000005 R09: 0000000000000006 [ 3315.862910][T21618] R10: 0000000000000007 R11: 0000000000000212 R12: 000000000000000b [ 3315.870898][T21618] R13: 000000000000000c R14: 000000000000000d R15: 00000000ffffffff [ 3315.884431][ C1] net_ratelimit: 14 callbacks suppressed [ 3315.884440][ C1] protocol 88fb is buggy, dev hsr_slave_0 [ 3315.896131][ C1] protocol 88fb is buggy, dev hsr_slave_1 [ 3315.902059][ C1] protocol 88fb is buggy, dev hsr_slave_0 [ 3315.907876][ C1] protocol 88fb is buggy, dev hsr_slave_1 [ 3315.913974][ C1] protocol 88fb is buggy, dev hsr_slave_0 [ 3315.919797][ C1] protocol 88fb is buggy, dev hsr_slave_1 [ 3315.927776][T21618] memory: usage 307180kB, limit 307200kB, failcnt 6587 [ 3315.936363][T21618] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3315.944538][T21618] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3315.951402][T21618] Memory cgroup stats for /syz0: cache:228KB rss:166152KB rss_huge:129024KB shmem:200KB mapped_file:0KB dirty:0KB writeback:132KB swap:0KB inactive_anon:104KB active_anon:166116KB inactive_file:0KB active_file:0KB unevictable:0KB [ 3315.974356][T21618] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=2233,uid=0 [ 3315.989756][T21618] Memory cgroup out of memory: Killed process 2233 (syz-executor.0) total-vm:72844kB, anon-rss:2228kB, file-rss:35784kB, shmem-rss:0kB [ 3316.017361][T21434] syz-executor.0 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=0, oom_score_adj=1000 [ 3316.031692][T21434] CPU: 0 PID: 21434 Comm: syz-executor.0 Not tainted 5.1.0-rc7+ #97 [ 3316.039678][T21434] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3316.049738][T21434] Call Trace: [ 3316.053051][T21434] dump_stack+0x172/0x1f0 [ 3316.059653][T21434] dump_header+0x10f/0xb6c [ 3316.064087][T21434] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 3316.069903][T21434] ? ___ratelimit+0x60/0x595 [ 3316.074510][T21434] ? do_raw_spin_unlock+0x57/0x270 [ 3316.079638][T21434] oom_kill_process.cold+0x10/0x15 [ 3316.084763][T21434] out_of_memory+0x79a/0x1280 [ 3316.089453][T21434] ? oom_killer_disable+0x280/0x280 [ 3316.094657][T21434] ? find_held_lock+0x35/0x130 [ 3316.099443][T21434] mem_cgroup_out_of_memory+0x1ca/0x230 [ 3316.105001][T21434] ? memcg_event_wake+0x230/0x230 [ 3316.110051][T21434] ? do_raw_spin_unlock+0x57/0x270 [ 3316.115181][T21434] ? _raw_spin_unlock+0x2d/0x50 [ 3316.120043][T21434] try_charge+0xa87/0x15c0 [ 3316.124468][T21434] ? find_held_lock+0x35/0x130 [ 3316.129259][T21434] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 3316.135131][T21434] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 3316.140684][T21434] ? find_held_lock+0x35/0x130 [ 3316.145458][T21434] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 3316.151033][T21434] __memcg_kmem_charge_memcg+0x7c/0x130 [ 3316.156592][T21434] ? memcg_kmem_put_cache+0xb0/0xb0 [ 3316.161798][T21434] ? get_mem_cgroup_from_mm+0x128/0x2b0 [ 3316.167449][T21434] __memcg_kmem_charge+0x136/0x300 [ 3316.172576][T21434] __alloc_pages_nodemask+0x4bf/0x8d0 [ 3316.177961][T21434] ? find_held_lock+0x35/0x130 [ 3316.182741][T21434] ? __alloc_pages_slowpath+0x28b0/0x28b0 [ 3316.188472][T21434] ? kasan_check_write+0x14/0x20 [ 3316.193425][T21434] ? lock_downgrade+0x880/0x880 [ 3316.198291][T21434] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 3316.204542][T21434] alloc_pages_current+0x107/0x210 [ 3316.209671][T21434] pte_alloc_one+0x1b/0x1a0 [ 3316.214187][T21434] __pte_alloc+0x20/0x310 [ 3316.218525][T21434] copy_page_range+0x1529/0x1f90 [ 3316.223490][T21434] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 3316.229217][T21434] ? pmd_alloc+0x180/0x180 [ 3316.233650][T21434] ? validate_mm_rb+0xa3/0xc0 [ 3316.238342][T21434] ? __vma_link_rb+0x279/0x370 [ 3316.243126][T21434] copy_process.part.0+0x568b/0x7980 [ 3316.248548][T21434] ? __cleanup_sighand+0x60/0x60 [ 3316.253508][T21434] ? check_stack_object+0x114/0x160 [ 3316.258707][T21434] ? __sanitizer_cov_trace_switch+0x49/0x80 [ 3316.264612][T21434] _do_fork+0x257/0xfd0 [ 3316.268781][T21434] ? fork_idle+0x1d0/0x1d0 [ 3316.273205][T21434] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3316.279469][T21434] ? key_get_type_from_user.constprop.0+0xe4/0x110 [ 3316.285987][T21434] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3316.292232][T21434] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3316.297695][T21434] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3316.303157][T21434] ? do_syscall_64+0x26/0x610 [ 3316.307838][T21434] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3316.313908][T21434] ? do_syscall_64+0x26/0x610 [ 3316.318781][T21434] __x64_sys_clone+0xbf/0x150 [ 3316.323464][T21434] do_syscall_64+0x103/0x610 [ 3316.328060][T21434] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3316.333961][T21434] RIP: 0033:0x2000050a [ 3316.338037][T21434] Code: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 98 4a 2a e9 2c b8 b6 4c 0f 05 03 00 40 00 c4 a3 7b f0 c5 3c 41 e2 e9 c4 22 e9 aa bb 3c 00 00 [ 3316.357649][T21434] RSP: 002b:0000000000400003 EFLAGS: 00000212 ORIG_RAX: 0000000000000038 [ 3316.366078][T21434] RAX: ffffffffffffffda RBX: 0000000000000009 RCX: 000000002000050a [ 3316.374050][T21434] RDX: dfaf83e69c634c96 RSI: 0000000000400003 RDI: 00007f3680240608 [ 3316.382020][T21434] RBP: 0000000000000006 R08: 0000000000000005 R09: 0000000000000006 [ 3316.389993][T21434] R10: 0000000000000007 R11: 0000000000000212 R12: 000000000000000b [ 3316.397960][T21434] R13: 000000000000000c R14: 000000000000000d R15: 00000000ffffffff [ 3316.406392][T21434] memory: usage 307200kB, limit 307200kB, failcnt 6708 [ 3316.413516][T21434] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3316.420982][T21434] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3316.428136][T21434] Memory cgroup stats for /syz0: cache:228KB rss:164024KB rss_huge:126976KB shmem:200KB mapped_file:0KB dirty:0KB writeback:132KB swap:0KB inactive_anon:104KB active_anon:163996KB inactive_file:0KB active_file:0KB unevictable:0KB [ 3316.450387][T21434] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=4023,uid=0 [ 3316.465782][T21434] Memory cgroup out of memory: Killed process 4023 (syz-executor.0) total-vm:72712kB, anon-rss:2228kB, file-rss:35788kB, shmem-rss:0kB [ 3316.492616][ T1043] oom_reaper: reaped process 4023 (syz-executor.0), now anon-rss:0kB, file-rss:34828kB, shmem-rss:0kB [ 3316.540256][T21630] syz-executor.0 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=0, oom_score_adj=1000 [ 3316.598613][T21630] CPU: 0 PID: 21630 Comm: syz-executor.0 Not tainted 5.1.0-rc7+ #97 [ 3316.606642][T21630] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3316.616739][T21630] Call Trace: [ 3316.620048][T21630] dump_stack+0x172/0x1f0 [ 3316.624397][T21630] dump_header+0x10f/0xb6c [ 3316.628830][T21630] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 3316.634649][T21630] ? ___ratelimit+0x60/0x595 [ 3316.639255][T21630] ? do_raw_spin_unlock+0x57/0x270 [ 3316.644384][T21630] oom_kill_process.cold+0x10/0x15 [ 3316.649506][T21630] out_of_memory+0x79a/0x1280 [ 3316.654200][T21630] ? oom_killer_disable+0x280/0x280 [ 3316.659406][T21630] ? find_held_lock+0x35/0x130 [ 3316.664188][T21630] mem_cgroup_out_of_memory+0x1ca/0x230 [ 3316.669737][T21630] ? memcg_event_wake+0x230/0x230 [ 3316.674772][T21630] ? do_raw_spin_unlock+0x57/0x270 [ 3316.679894][T21630] ? _raw_spin_unlock+0x2d/0x50 [ 3316.684764][T21630] try_charge+0xa87/0x15c0 [ 3316.689183][T21630] ? find_held_lock+0x35/0x130 [ 3316.693968][T21630] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 3316.699521][T21630] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 3316.705069][T21630] ? find_held_lock+0x35/0x130 [ 3316.709836][T21630] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 3316.715409][T21630] __memcg_kmem_charge_memcg+0x7c/0x130 [ 3316.720970][T21630] ? memcg_kmem_put_cache+0xb0/0xb0 [ 3316.726181][T21630] ? get_mem_cgroup_from_mm+0x128/0x2b0 [ 3316.731738][T21630] __memcg_kmem_charge+0x136/0x300 [ 3316.736864][T21630] __alloc_pages_nodemask+0x4bf/0x8d0 [ 3316.742254][T21630] ? __pud_alloc+0x1d3/0x250 [ 3316.746853][T21630] ? __alloc_pages_slowpath+0x28b0/0x28b0 [ 3316.752575][T21630] ? __pud_alloc+0x1d3/0x250 [ 3316.757179][T21630] ? lock_downgrade+0x880/0x880 [ 3316.762034][T21630] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 3316.768282][T21630] alloc_pages_current+0x107/0x210 [ 3316.773402][T21630] ? do_raw_spin_unlock+0x57/0x270 [ 3316.778528][T21630] __pmd_alloc+0x41/0x460 [ 3316.782869][T21630] ? pmd_val+0x100/0x100 [ 3316.787128][T21630] pmd_alloc+0x10c/0x180 [ 3316.791377][T21630] copy_page_range+0x62e/0x1f90 [ 3316.796241][T21630] ? perf_trace_lock+0xeb/0x510 [ 3316.801096][T21630] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3316.807348][T21630] ? debug_smp_processor_id+0x3c/0x280 [ 3316.812827][T21630] ? copy_process.part.0+0x3121/0x7980 [ 3316.818292][T21630] ? copy_process.part.0+0x3121/0x7980 [ 3316.823766][T21630] ? pmd_alloc+0x180/0x180 [ 3316.828187][T21630] ? vma_compute_subtree_gap+0x158/0x230 [ 3316.833822][T21630] ? validate_mm_rb+0xa3/0xc0 [ 3316.838504][T21630] ? __vma_link_rb+0x279/0x370 [ 3316.843288][T21630] copy_process.part.0+0x568b/0x7980 [ 3316.848614][T21630] ? __cleanup_sighand+0x60/0x60 [ 3316.853572][T21630] ? check_stack_object+0x114/0x160 [ 3316.858772][T21630] ? __sanitizer_cov_trace_switch+0x49/0x80 [ 3316.864659][T21630] _do_fork+0x257/0xfd0 [ 3316.868811][T21630] ? fork_idle+0x1d0/0x1d0 [ 3316.873223][T21630] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3316.879472][T21630] ? key_get_type_from_user.constprop.0+0xe4/0x110 [ 3316.885971][T21630] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3316.892210][T21630] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3316.897675][T21630] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3316.903120][T21630] ? do_syscall_64+0x26/0x610 [ 3316.907781][T21630] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3316.913828][T21630] ? do_syscall_64+0x26/0x610 [ 3316.918500][T21630] __x64_sys_clone+0xbf/0x150 [ 3316.923168][T21630] do_syscall_64+0x103/0x610 [ 3316.927752][T21630] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3316.933626][T21630] RIP: 0033:0x2000050a [ 3316.937677][T21630] Code: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 98 4a 2a e9 2c b8 b6 4c 0f 05 03 00 40 00 c4 a3 7b f0 c5 3c 41 e2 e9 c4 22 e9 aa bb 3c 00 00 [ 3316.957268][T21630] RSP: 002b:0000000000400003 EFLAGS: 00000212 ORIG_RAX: 0000000000000038 [ 3316.965666][T21630] RAX: ffffffffffffffda RBX: 0000000000000009 RCX: 000000002000050a [ 3316.973622][T21630] RDX: dfaf83e69c634c96 RSI: 0000000000400003 RDI: 00007f3680240608 [ 3316.981584][T21630] RBP: 0000000000000006 R08: 0000000000000005 R09: 0000000000000006 [ 3316.989557][T21630] R10: 0000000000000007 R11: 0000000000000212 R12: 000000000000000b [ 3316.997515][T21630] R13: 000000000000000c R14: 000000000000000d R15: 00000000ffffffff [ 3317.005803][T21630] memory: usage 307040kB, limit 307200kB, failcnt 6920 [ 3317.013217][T21630] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3317.020686][T21630] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3317.027620][T21630] Memory cgroup stats for /syz0: cache:228KB rss:161904KB rss_huge:124928KB shmem:200KB mapped_file:0KB dirty:0KB writeback:132KB swap:0KB inactive_anon:104KB active_anon:161840KB inactive_file:0KB active_file:0KB unevictable:0KB [ 3317.049840][T21630] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=10889,uid=0 [ 3317.065445][T21630] Memory cgroup out of memory: Killed process 10889 (syz-executor.0) total-vm:72580kB, anon-rss:2220kB, file-rss:35796kB, shmem-rss:0kB [ 3317.086894][T21555] syz-executor.0 invoked oom-killer: gfp_mask=0x40cc0(GFP_KERNEL|__GFP_COMP), order=0, oom_score_adj=1000 [ 3317.120920][T21555] CPU: 1 PID: 21555 Comm: syz-executor.0 Not tainted 5.1.0-rc7+ #97 [ 3317.129049][T21555] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3317.139631][T21555] Call Trace: [ 3317.142948][T21555] dump_stack+0x172/0x1f0 [ 3317.147296][T21555] dump_header+0x10f/0xb6c [ 3317.151727][T21555] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 3317.157549][T21555] ? ___ratelimit+0x60/0x595 [ 3317.162147][T21555] ? do_raw_spin_unlock+0x57/0x270 [ 3317.167281][T21555] oom_kill_process.cold+0x10/0x15 [ 3317.172410][T21555] out_of_memory+0x79a/0x1280 [ 3317.177104][T21555] ? oom_killer_disable+0x280/0x280 [ 3317.182309][T21555] ? find_held_lock+0x35/0x130 [ 3317.187093][T21555] mem_cgroup_out_of_memory+0x1ca/0x230 [ 3317.192649][T21555] ? memcg_event_wake+0x230/0x230 [ 3317.197686][T21555] ? do_raw_spin_unlock+0x57/0x270 [ 3317.202808][T21555] ? _raw_spin_unlock+0x2d/0x50 [ 3317.207682][T21555] try_charge+0xa87/0x15c0 [ 3317.212103][T21555] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 3317.218363][T21555] ? should_fail+0x1de/0x852 [ 3317.222986][T21555] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 3317.228554][T21555] ? rcu_read_lock_sched_held+0x110/0x130 [ 3317.234284][T21555] ? __alloc_pages_nodemask+0x61d/0x8d0 [ 3317.239843][T21555] ? __lockdep_free_key_range+0x120/0x120 [ 3317.245588][T21555] __memcg_kmem_charge_memcg+0x7c/0x130 [ 3317.251151][T21555] ? memcg_kmem_put_cache+0xb0/0xb0 [ 3317.256361][T21555] ? cache_grow_begin+0x594/0x860 [ 3317.261401][T21555] ? lockdep_hardirqs_on+0x418/0x5d0 [ 3317.266696][T21555] ? trace_hardirqs_on+0x67/0x230 [ 3317.271743][T21555] cache_grow_begin+0x5c0/0x860 [ 3317.276614][T21555] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 3317.282853][T21555] ? __cpuset_node_allowed+0x136/0x540 [ 3317.288301][T21555] fallback_alloc+0x1fd/0x2d0 [ 3317.292986][T21555] ____cache_alloc_node+0x1be/0x1e0 [ 3317.298166][T21555] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 3317.304415][T21555] kmem_cache_alloc+0x1e8/0x6f0 [ 3317.309267][T21555] ? call_rwsem_wake+0x1b/0x30 [ 3317.314034][T21555] anon_vma_clone+0x238/0x480 [ 3317.318729][T21555] anon_vma_fork+0x8f/0x4a0 [ 3317.323254][T21555] ? dup_userfaultfd+0x15e/0x6d0 [ 3317.328202][T21555] ? memcpy+0x46/0x50 [ 3317.332178][T21555] copy_process.part.0+0x350f/0x7980 [ 3317.337468][T21555] ? __cleanup_sighand+0x60/0x60 [ 3317.342396][T21555] ? check_stack_object+0x114/0x160 [ 3317.347578][T21555] ? __sanitizer_cov_trace_switch+0x49/0x80 [ 3317.353466][T21555] _do_fork+0x257/0xfd0 [ 3317.357624][T21555] ? fork_idle+0x1d0/0x1d0 [ 3317.362048][T21555] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3317.368280][T21555] ? key_get_type_from_user.constprop.0+0xe4/0x110 [ 3317.374770][T21555] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3317.380990][T21555] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3317.386429][T21555] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3317.391866][T21555] ? do_syscall_64+0x26/0x610 [ 3317.396523][T21555] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3317.402569][T21555] ? do_syscall_64+0x26/0x610 [ 3317.407238][T21555] __x64_sys_clone+0xbf/0x150 [ 3317.411903][T21555] do_syscall_64+0x103/0x610 [ 3317.416484][T21555] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3317.422354][T21555] RIP: 0033:0x2000050a [ 3317.426422][T21555] Code: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 98 4a 2a e9 2c b8 b6 4c 0f 05 03 00 40 00 c4 a3 7b f0 c5 3c 41 e2 e9 c4 22 e9 aa bb 3c 00 00 [ 3317.446011][T21555] RSP: 002b:0000000000400003 EFLAGS: 00000212 ORIG_RAX: 0000000000000038 [ 3317.454407][T21555] RAX: ffffffffffffffda RBX: 0000000000000009 RCX: 000000002000050a [ 3317.462366][T21555] RDX: dfaf83e69c634c96 RSI: 0000000000400003 RDI: 00007f3680240608 [ 3317.470348][T21555] RBP: 0000000000000006 R08: 0000000000000005 R09: 0000000000000006 [ 3317.478319][T21555] R10: 0000000000000007 R11: 0000000000000212 R12: 000000000000000b [ 3317.486274][T21555] R13: 000000000000000c R14: 000000000000000d R15: 00000000ffffffff [ 3317.501801][ C0] protocol 88fb is buggy, dev hsr_slave_0 [ 3317.502024][T21555] memory: usage 307136kB, limit 307200kB, failcnt 7026 [ 3317.507622][ C0] protocol 88fb is buggy, dev hsr_slave_1 [ 3317.507716][ C0] protocol 88fb is buggy, dev hsr_slave_0 [ 3317.515412][T21555] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3317.520416][ C0] protocol 88fb is buggy, dev hsr_slave_1 [ 3317.539862][T21555] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3317.546916][T21555] Memory cgroup stats for /syz0: cache:228KB rss:159748KB rss_huge:122880KB shmem:200KB mapped_file:0KB dirty:0KB writeback:132KB swap:0KB inactive_anon:104KB active_anon:159708KB inactive_file:0KB active_file:0KB unevictable:0KB [ 3317.569283][T21555] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=24013,uid=0 [ 3317.584973][T21555] Memory cgroup out of memory: Killed process 24013 (syz-executor.0) total-vm:72712kB, anon-rss:2224kB, file-rss:35788kB, shmem-rss:0kB [ 3317.606448][T21594] syz-executor.0 invoked oom-killer: gfp_mask=0x40cc0(GFP_KERNEL|__GFP_COMP), order=0, oom_score_adj=1000 [ 3317.647679][T21594] CPU: 0 PID: 21594 Comm: syz-executor.0 Not tainted 5.1.0-rc7+ #97 [ 3317.655719][T21594] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3317.665784][T21594] Call Trace: [ 3317.669091][T21594] dump_stack+0x172/0x1f0 [ 3317.673446][T21594] dump_header+0x10f/0xb6c [ 3317.677876][T21594] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 3317.683690][T21594] ? ___ratelimit+0x60/0x595 [ 3317.688291][T21594] ? do_raw_spin_unlock+0x57/0x270 [ 3317.693416][T21594] oom_kill_process.cold+0x10/0x15 [ 3317.698541][T21594] out_of_memory+0x79a/0x1280 [ 3317.703232][T21594] ? oom_killer_disable+0x280/0x280 [ 3317.708453][T21594] ? find_held_lock+0x35/0x130 [ 3317.713247][T21594] mem_cgroup_out_of_memory+0x1ca/0x230 [ 3317.718797][T21594] ? memcg_event_wake+0x230/0x230 [ 3317.723836][T21594] ? do_raw_spin_unlock+0x57/0x270 [ 3317.728973][T21594] ? _raw_spin_unlock+0x2d/0x50 [ 3317.733834][T21594] try_charge+0xa87/0x15c0 [ 3317.738267][T21594] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 3317.744517][T21594] ? should_fail+0x1de/0x852 [ 3317.749126][T21594] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 3317.754697][T21594] ? rcu_read_lock_sched_held+0x110/0x130 [ 3317.760433][T21594] ? __alloc_pages_nodemask+0x61d/0x8d0 [ 3317.766072][T21594] ? __lockdep_free_key_range+0x120/0x120 [ 3317.771844][T21594] __memcg_kmem_charge_memcg+0x7c/0x130 [ 3317.777402][T21594] ? memcg_kmem_put_cache+0xb0/0xb0 [ 3317.782609][T21594] ? cache_grow_begin+0x594/0x860 [ 3317.787643][T21594] ? lockdep_hardirqs_on+0x418/0x5d0 [ 3317.792943][T21594] ? trace_hardirqs_on+0x67/0x230 [ 3317.797978][T21594] cache_grow_begin+0x5c0/0x860 [ 3317.802837][T21594] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 3317.809081][T21594] ? __cpuset_node_allowed+0x136/0x540 [ 3317.814554][T21594] fallback_alloc+0x1fd/0x2d0 [ 3317.819233][T21594] ____cache_alloc_node+0x1be/0x1e0 [ 3317.824421][T21594] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 3317.830648][T21594] kmem_cache_alloc+0x1e8/0x6f0 [ 3317.835495][T21594] ? call_rwsem_wake+0x1b/0x30 [ 3317.840270][T21594] anon_vma_clone+0x238/0x480 [ 3317.844942][T21594] anon_vma_fork+0x8f/0x4a0 [ 3317.849429][T21594] ? dup_userfaultfd+0x15e/0x6d0 [ 3317.854361][T21594] ? memcpy+0x46/0x50 [ 3317.858357][T21594] copy_process.part.0+0x350f/0x7980 [ 3317.863656][T21594] ? __cleanup_sighand+0x60/0x60 [ 3317.868578][T21594] ? check_stack_object+0x114/0x160 [ 3317.873769][T21594] ? __sanitizer_cov_trace_switch+0x49/0x80 [ 3317.879662][T21594] _do_fork+0x257/0xfd0 [ 3317.883807][T21594] ? fork_idle+0x1d0/0x1d0 [ 3317.888204][T21594] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3317.894441][T21594] ? key_get_type_from_user.constprop.0+0xe4/0x110 [ 3317.900961][T21594] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3317.907209][T21594] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3317.912676][T21594] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3317.918140][T21594] ? do_syscall_64+0x26/0x610 [ 3317.922820][T21594] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3317.928883][T21594] ? do_syscall_64+0x26/0x610 [ 3317.933567][T21594] __x64_sys_clone+0xbf/0x150 [ 3317.938246][T21594] do_syscall_64+0x103/0x610 [ 3317.942838][T21594] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3317.948722][T21594] RIP: 0033:0x2000050a [ 3317.952786][T21594] Code: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 98 4a 2a e9 2c b8 b6 4c 0f 05 03 00 40 00 c4 a3 7b f0 c5 3c 41 e2 e9 c4 22 e9 aa bb 3c 00 00 [ 3317.972394][T21594] RSP: 002b:0000000000400003 EFLAGS: 00000212 ORIG_RAX: 0000000000000038 [ 3317.980801][T21594] RAX: ffffffffffffffda RBX: 0000000000000009 RCX: 000000002000050a [ 3317.988756][T21594] RDX: dfaf83e69c634c96 RSI: 0000000000400003 RDI: 00007f3680240608 [ 3317.996714][T21594] RBP: 0000000000000006 R08: 0000000000000005 R09: 0000000000000006 [ 3318.004854][T21594] R10: 0000000000000007 R11: 0000000000000212 R12: 000000000000000b [ 3318.012913][T21594] R13: 000000000000000c R14: 000000000000000d R15: 00000000ffffffff [ 3318.021754][T21594] memory: usage 307084kB, limit 307200kB, failcnt 7144 [ 3318.028769][T21594] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3318.036538][T21594] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3318.043712][T21594] Memory cgroup stats for /syz0: cache:228KB rss:157600KB rss_huge:120832KB shmem:200KB mapped_file:0KB dirty:0KB writeback:132KB swap:0KB inactive_anon:104KB active_anon:157568KB inactive_file:0KB active_file:0KB unevictable:0KB [ 3318.067971][T21594] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=5828,uid=0 [ 3318.083572][T21594] Memory cgroup out of memory: Killed process 5828 (syz-executor.0) total-vm:72712kB, anon-rss:2228kB, file-rss:35784kB, shmem-rss:0kB [ 3318.104599][T21581] syz-executor.0 invoked oom-killer: gfp_mask=0x40cc0(GFP_KERNEL|__GFP_COMP), order=0, oom_score_adj=1000 [ 3318.151695][T21581] CPU: 0 PID: 21581 Comm: syz-executor.0 Not tainted 5.1.0-rc7+ #97 [ 3318.161981][T21581] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3318.172052][T21581] Call Trace: [ 3318.175358][T21581] dump_stack+0x172/0x1f0 [ 3318.179699][T21581] dump_header+0x10f/0xb6c [ 3318.184120][T21581] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 3318.189917][T21581] ? ___ratelimit+0x60/0x595 [ 3318.194520][T21581] ? do_raw_spin_unlock+0x57/0x270 [ 3318.199642][T21581] oom_kill_process.cold+0x10/0x15 [ 3318.204768][T21581] out_of_memory+0x79a/0x1280 [ 3318.209465][T21581] ? oom_killer_disable+0x280/0x280 [ 3318.214665][T21581] ? find_held_lock+0x35/0x130 [ 3318.219443][T21581] mem_cgroup_out_of_memory+0x1ca/0x230 [ 3318.224993][T21581] ? memcg_event_wake+0x230/0x230 [ 3318.230032][T21581] ? do_raw_spin_unlock+0x57/0x270 [ 3318.235159][T21581] ? _raw_spin_unlock+0x2d/0x50 [ 3318.240017][T21581] try_charge+0xa87/0x15c0 [ 3318.244443][T21581] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 3318.250696][T21581] ? should_fail+0x1de/0x852 [ 3318.255306][T21581] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 3318.260869][T21581] ? rcu_read_lock_sched_held+0x110/0x130 [ 3318.266598][T21581] ? __alloc_pages_nodemask+0x61d/0x8d0 [ 3318.272183][T21581] ? __lockdep_free_key_range+0x120/0x120 [ 3318.277920][T21581] __memcg_kmem_charge_memcg+0x7c/0x130 [ 3318.283486][T21581] ? memcg_kmem_put_cache+0xb0/0xb0 [ 3318.288691][T21581] ? cache_grow_begin+0x594/0x860 [ 3318.293714][T21581] ? lockdep_hardirqs_on+0x418/0x5d0 [ 3318.299003][T21581] ? trace_hardirqs_on+0x67/0x230 [ 3318.304041][T21581] cache_grow_begin+0x5c0/0x860 [ 3318.308896][T21581] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 3318.315137][T21581] ? __cpuset_node_allowed+0x136/0x540 [ 3318.320582][T21581] fallback_alloc+0x1fd/0x2d0 [ 3318.325274][T21581] ____cache_alloc_node+0x1be/0x1e0 [ 3318.330465][T21581] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 3318.336689][T21581] kmem_cache_alloc+0x1e8/0x6f0 [ 3318.341529][T21581] ? call_rwsem_wake+0x1b/0x30 [ 3318.346386][T21581] anon_vma_clone+0x238/0x480 [ 3318.351063][T21581] anon_vma_fork+0x8f/0x4a0 [ 3318.355548][T21581] ? dup_userfaultfd+0x15e/0x6d0 [ 3318.360466][T21581] ? memcpy+0x46/0x50 [ 3318.364450][T21581] copy_process.part.0+0x350f/0x7980 [ 3318.369745][T21581] ? __cleanup_sighand+0x60/0x60 [ 3318.374671][T21581] ? check_stack_object+0x114/0x160 [ 3318.379848][T21581] ? __sanitizer_cov_trace_switch+0x49/0x80 [ 3318.385740][T21581] _do_fork+0x257/0xfd0 [ 3318.389895][T21581] ? fork_idle+0x1d0/0x1d0 [ 3318.394295][T21581] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3318.400516][T21581] ? key_get_type_from_user.constprop.0+0xe4/0x110 [ 3318.407018][T21581] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3318.413285][T21581] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3318.418744][T21581] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3318.424197][T21581] ? do_syscall_64+0x26/0x610 [ 3318.428881][T21581] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3318.434945][T21581] ? do_syscall_64+0x26/0x610 [ 3318.439606][T21581] __x64_sys_clone+0xbf/0x150 [ 3318.444284][T21581] do_syscall_64+0x103/0x610 [ 3318.448882][T21581] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3318.454770][T21581] RIP: 0033:0x2000050a [ 3318.458820][T21581] Code: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 98 4a 2a e9 2c b8 b6 4c 0f 05 03 00 40 00 c4 a3 7b f0 c5 3c 41 e2 e9 c4 22 e9 aa bb 3c 00 00 [ 3318.478412][T21581] RSP: 002b:0000000000400003 EFLAGS: 00000212 ORIG_RAX: 0000000000000038 [ 3318.486815][T21581] RAX: ffffffffffffffda RBX: 0000000000000009 RCX: 000000002000050a [ 3318.494784][T21581] RDX: dfaf83e69c634c96 RSI: 0000000000400003 RDI: 00007f3680240608 [ 3318.502749][T21581] RBP: 0000000000000006 R08: 0000000000000005 R09: 0000000000000006 [ 3318.510716][T21581] R10: 0000000000000007 R11: 0000000000000212 R12: 000000000000000b [ 3318.518672][T21581] R13: 000000000000000c R14: 000000000000000d R15: 00000000ffffffff [ 3318.536442][T21581] memory: usage 307088kB, limit 307200kB, failcnt 7222 [ 3318.544011][T21581] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3318.551480][T21581] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3318.565303][T21581] Memory cgroup stats for /syz0: cache:228KB rss:155440KB rss_huge:118784KB shmem:200KB mapped_file:0KB dirty:0KB writeback:132KB swap:0KB inactive_anon:104KB active_anon:155404KB inactive_file:0KB active_file:0KB unevictable:0KB [ 3318.587800][T21581] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=6017,uid=0 [ 3318.603245][T21581] Memory cgroup out of memory: Killed process 6017 (syz-executor.0) total-vm:72712kB, anon-rss:2228kB, file-rss:35784kB, shmem-rss:0kB [ 3318.624035][T21532] syz-executor.0 invoked oom-killer: gfp_mask=0x40cc0(GFP_KERNEL|__GFP_COMP), order=1, oom_score_adj=1000 [ 3318.661750][T21532] CPU: 1 PID: 21532 Comm: syz-executor.0 Not tainted 5.1.0-rc7+ #97 [ 3318.669814][T21532] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3318.679882][T21532] Call Trace: [ 3318.683187][T21532] dump_stack+0x172/0x1f0 [ 3318.687530][T21532] dump_header+0x10f/0xb6c [ 3318.691964][T21532] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 3318.697788][T21532] ? ___ratelimit+0x60/0x595 [ 3318.702384][T21532] ? do_raw_spin_unlock+0x57/0x270 [ 3318.707694][T21532] oom_kill_process.cold+0x10/0x15 [ 3318.712819][T21532] out_of_memory+0x79a/0x1280 [ 3318.717516][T21532] ? oom_killer_disable+0x280/0x280 [ 3318.722722][T21532] ? find_held_lock+0x35/0x130 [ 3318.727503][T21532] mem_cgroup_out_of_memory+0x1ca/0x230 [ 3318.733055][T21532] ? memcg_event_wake+0x230/0x230 [ 3318.738093][T21532] ? do_raw_spin_unlock+0x57/0x270 [ 3318.743214][T21532] ? _raw_spin_unlock+0x2d/0x50 [ 3318.748074][T21532] try_charge+0xa87/0x15c0 [ 3318.752509][T21532] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 3318.758062][T21532] ? rcu_read_lock_sched_held+0x110/0x130 [ 3318.763785][T21532] ? __alloc_pages_nodemask+0x61d/0x8d0 [ 3318.769332][T21532] ? __lockdep_free_key_range+0x120/0x120 [ 3318.775065][T21532] __memcg_kmem_charge_memcg+0x7c/0x130 [ 3318.780622][T21532] ? memcg_kmem_put_cache+0xb0/0xb0 [ 3318.785823][T21532] ? cache_grow_begin+0x594/0x860 [ 3318.790854][T21532] ? lockdep_hardirqs_on+0x418/0x5d0 [ 3318.796150][T21532] ? trace_hardirqs_on+0x67/0x230 [ 3318.801189][T21532] cache_grow_begin+0x5c0/0x860 [ 3318.806046][T21532] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 3318.812295][T21532] ? __cpuset_node_allowed+0x136/0x540 [ 3318.817800][T21532] fallback_alloc+0x1fd/0x2d0 [ 3318.822490][T21532] ____cache_alloc_node+0x1be/0x1e0 [ 3318.827690][T21532] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 3318.834025][T21532] kmem_cache_alloc_node+0xe3/0x710 [ 3318.839222][T21532] ? lockdep_hardirqs_on+0x418/0x5d0 [ 3318.844509][T21532] ? trace_hardirqs_on+0x67/0x230 [ 3318.849544][T21532] copy_process.part.0+0x1d08/0x7980 [ 3318.854836][T21532] ? perf_trace_lock+0xeb/0x510 [ 3318.859696][T21532] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3318.865947][T21532] ? debug_smp_processor_id+0x3c/0x280 [ 3318.871407][T21532] ? __lockdep_free_key_range+0x120/0x120 [ 3318.877136][T21532] ? __might_fault+0x12b/0x1e0 [ 3318.881895][T21532] ? find_held_lock+0x35/0x130 [ 3318.886639][T21532] ? __might_fault+0x12b/0x1e0 [ 3318.891391][T21532] ? __cleanup_sighand+0x60/0x60 [ 3318.896334][T21532] ? check_stack_object+0x114/0x160 [ 3318.901528][T21532] ? __sanitizer_cov_trace_switch+0x49/0x80 [ 3318.907414][T21532] _do_fork+0x257/0xfd0 [ 3318.911577][T21532] ? fork_idle+0x1d0/0x1d0 [ 3318.915991][T21532] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3318.922213][T21532] ? key_get_type_from_user.constprop.0+0xe4/0x110 [ 3318.928733][T21532] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3318.934968][T21532] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3318.940411][T21532] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3318.945854][T21532] ? do_syscall_64+0x26/0x610 [ 3318.950514][T21532] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3318.956650][T21532] ? do_syscall_64+0x26/0x610 [ 3318.961309][T21532] __x64_sys_clone+0xbf/0x150 [ 3318.965970][T21532] do_syscall_64+0x103/0x610 [ 3318.970539][T21532] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3318.976410][T21532] RIP: 0033:0x2000050a [ 3318.980460][T21532] Code: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 98 4a 2a e9 2c b8 b6 4c 0f 05 03 00 40 00 c4 a3 7b f0 c5 3c 41 e2 e9 c4 22 e9 aa bb 3c 00 00 [ 3319.000048][T21532] RSP: 002b:0000000000400003 EFLAGS: 00000212 ORIG_RAX: 0000000000000038 [ 3319.008887][T21532] RAX: ffffffffffffffda RBX: 0000000000000009 RCX: 000000002000050a [ 3319.017107][T21532] RDX: dfaf83e69c634c96 RSI: 0000000000400003 RDI: 00007f3680240608 [ 3319.025066][T21532] RBP: 0000000000000006 R08: 0000000000000005 R09: 0000000000000006 [ 3319.033038][T21532] R10: 0000000000000007 R11: 0000000000000212 R12: 000000000000000b [ 3319.041011][T21532] R13: 000000000000000c R14: 000000000000000d R15: 00000000ffffffff [ 3319.056217][T21532] memory: usage 307200kB, limit 307200kB, failcnt 7388 [ 3319.063213][T21532] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3319.070673][T21532] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3319.077611][T21532] Memory cgroup stats for /syz0: cache:228KB rss:153344KB rss_huge:116736KB shmem:200KB mapped_file:0KB dirty:0KB writeback:132KB swap:0KB inactive_anon:104KB active_anon:153308KB inactive_file:0KB active_file:0KB unevictable:0KB [ 3319.099821][T21532] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=6086,uid=0 [ 3319.115249][T21532] Memory cgroup out of memory: Killed process 6086 (syz-executor.0) total-vm:72712kB, anon-rss:2228kB, file-rss:35784kB, shmem-rss:0kB [ 3319.133061][ T1043] oom_reaper: reaped process 6086 (syz-executor.0), now anon-rss:0kB, file-rss:34824kB, shmem-rss:0kB [ 3319.312849][T21486] syz-executor.0 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=0, oom_score_adj=1000 [ 3319.325037][T21486] CPU: 0 PID: 21486 Comm: syz-executor.0 Not tainted 5.1.0-rc7+ #97 [ 3319.333028][T21486] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3319.343099][T21486] Call Trace: [ 3319.346404][T21486] dump_stack+0x172/0x1f0 [ 3319.350743][T21486] dump_header+0x10f/0xb6c [ 3319.355170][T21486] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 3319.360985][T21486] ? ___ratelimit+0x60/0x595 [ 3319.365576][T21486] ? do_raw_spin_unlock+0x57/0x270 [ 3319.370699][T21486] oom_kill_process.cold+0x10/0x15 [ 3319.375816][T21486] out_of_memory+0x79a/0x1280 [ 3319.380492][T21486] ? lock_downgrade+0x880/0x880 [ 3319.385354][T21486] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3319.391597][T21486] ? oom_killer_disable+0x280/0x280 [ 3319.396796][T21486] ? find_held_lock+0x35/0x130 [ 3319.401567][T21486] mem_cgroup_out_of_memory+0x1ca/0x230 [ 3319.407112][T21486] ? memcg_event_wake+0x230/0x230 [ 3319.412138][T21486] ? do_raw_spin_unlock+0x57/0x270 [ 3319.417256][T21486] ? _raw_spin_unlock+0x2d/0x50 [ 3319.422104][T21486] try_charge+0xa87/0x15c0 [ 3319.426504][T21486] ? find_held_lock+0x35/0x130 [ 3319.431374][T21486] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 3319.436944][T21486] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 3319.442499][T21486] ? find_held_lock+0x35/0x130 [ 3319.447262][T21486] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 3319.452817][T21486] __memcg_kmem_charge_memcg+0x7c/0x130 [ 3319.458367][T21486] ? memcg_kmem_put_cache+0xb0/0xb0 [ 3319.463587][T21486] ? get_mem_cgroup_from_mm+0x128/0x2b0 [ 3319.469122][T21486] __memcg_kmem_charge+0x136/0x300 [ 3319.474243][T21486] __alloc_pages_nodemask+0x4bf/0x8d0 [ 3319.479617][T21486] ? __alloc_pages_slowpath+0x28b0/0x28b0 [ 3319.485329][T21486] ? is_dynamic_key+0x1c0/0x1c0 [ 3319.490191][T21486] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 3319.496434][T21486] alloc_pages_current+0x107/0x210 [ 3319.501545][T21486] pte_alloc_one+0x1b/0x1a0 [ 3319.506045][T21486] __handle_mm_fault+0x3491/0x3ec0 [ 3319.511159][T21486] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 3319.516702][T21486] ? find_held_lock+0x35/0x130 [ 3319.521464][T21486] ? handle_mm_fault+0x322/0xb30 [ 3319.526393][T21486] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3319.532632][T21486] ? kasan_check_read+0x11/0x20 [ 3319.537493][T21486] handle_mm_fault+0x43f/0xb30 [ 3319.542375][T21486] __do_page_fault+0x5ef/0xda0 [ 3319.547129][T21486] do_page_fault+0x71/0x581 [ 3319.551629][T21486] page_fault+0x1e/0x30 [ 3319.555796][T21486] RIP: 0010:strncpy_from_user+0x1e1/0x380 [ 3319.561507][T21486] Code: 48 83 eb 08 bf 07 00 00 00 49 83 c4 08 48 89 de e8 54 fb 2d fe 48 83 fb 07 0f 86 17 01 00 00 e8 a5 f9 2d fe 48 8b 45 d0 31 f6 <4e> 8b 3c 20 31 ff 89 75 cc e8 11 fb 2d fe 8b 75 cc 85 f6 0f 84 5a [ 3319.581094][T21486] RSP: 0018:ffff888212d2fcb0 EFLAGS: 00010246 [ 3319.587145][T21486] RAX: 0000000000400003 RBX: 0000000000000fe0 RCX: ffffffff83429272 [ 3319.595132][T21486] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000007 [ 3319.603122][T21486] RBP: ffff888212d2fce8 R08: ffff8880897e83c0 R09: ffff8880aa594dc0 [ 3319.611079][T21486] R10: 000000000000001c R11: ffff88801499f6bf R12: 0000000000000000 [ 3319.619051][T21486] R13: ffff88801499e6e0 R14: 0000000000000fe0 R15: 00007ffffffff000 [ 3319.627035][T21486] ? strncpy_from_user+0x142/0x380 [ 3319.632159][T21486] getname_flags+0x11b/0x5b0 [ 3319.636750][T21486] do_renameat2+0x199/0xc40 [ 3319.641245][T21486] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3319.647475][T21486] ? debug_smp_processor_id+0x3c/0x280 [ 3319.652953][T21486] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 3319.658675][T21486] ? user_path_create+0x50/0x50 [ 3319.663529][T21486] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3319.669773][T21486] ? security_capable+0x9b/0xd0 [ 3319.674629][T21486] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3319.680868][T21486] ? ns_capable_common+0x93/0x100 [ 3319.685881][T21486] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3319.691330][T21486] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3319.696789][T21486] ? do_syscall_64+0x26/0x610 [ 3319.701457][T21486] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3319.707510][T21486] ? do_syscall_64+0x26/0x610 [ 3319.712191][T21486] __x64_sys_renameat+0x9a/0x100 [ 3319.717124][T21486] do_syscall_64+0x103/0x610 [ 3319.721712][T21486] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3319.727598][T21486] RIP: 0033:0x2000050a [ 3319.731659][T21486] Code: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 98 4a 2a e9 2c b8 b6 4c 0f 05 03 00 40 00 c4 a3 7b f0 c5 3c 41 e2 e9 c4 22 e9 aa bb 3c 00 00 [ 3319.751358][T21486] RSP: 002b:0000000000400003 EFLAGS: 00000212 ORIG_RAX: 0000000000000108 [ 3319.759776][T21486] RAX: ffffffffffffffda RBX: 0000000000000009 RCX: 000000002000050a [ 3319.767739][T21486] RDX: dfaf83e69c634c96 RSI: 0000000000400003 RDI: 00007f3680240608 [ 3319.775709][T21486] RBP: 0000000000000013 R08: 0000000000000005 R09: 0000000000000006 [ 3319.783699][T21486] R10: 0000000000000007 R11: 0000000000000212 R12: 000000000000000b [ 3319.791767][T21486] R13: 000000000000000c R14: 000000000000000d R15: 00000000ffffffff [ 3319.800698][T21486] memory: usage 307200kB, limit 307200kB, failcnt 7919 [ 3319.807661][T21486] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3319.815232][T21486] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3319.822132][T21486] Memory cgroup stats for /syz0: cache:228KB rss:151184KB rss_huge:114688KB shmem:200KB mapped_file:0KB dirty:0KB writeback:132KB swap:0KB inactive_anon:104KB active_anon:151160KB inactive_file:0KB active_file:0KB unevictable:0KB [ 3319.844377][T21486] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=6205,uid=0 [ 3319.859703][T21486] Memory cgroup out of memory: Killed process 6205 (syz-executor.0) total-vm:72712kB, anon-rss:2228kB, file-rss:35784kB, shmem-rss:0kB [ 3319.884308][ T1043] oom_reaper: reaped process 6205 (syz-executor.0), now anon-rss:0kB, file-rss:34824kB, shmem-rss:0kB [ 3319.900595][T21400] syz-executor.0 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=0, oom_score_adj=1000 [ 3319.952715][T21400] CPU: 1 PID: 21400 Comm: syz-executor.0 Not tainted 5.1.0-rc7+ #97 [ 3319.960858][T21400] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3319.970923][T21400] Call Trace: [ 3319.974242][T21400] dump_stack+0x172/0x1f0 [ 3319.978582][T21400] dump_header+0x10f/0xb6c [ 3319.983007][T21400] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 3319.988821][T21400] ? ___ratelimit+0x60/0x595 [ 3319.993415][T21400] ? do_raw_spin_unlock+0x57/0x270 [ 3319.998540][T21400] oom_kill_process.cold+0x10/0x15 [ 3320.003774][T21400] out_of_memory+0x79a/0x1280 [ 3320.008471][T21400] ? oom_killer_disable+0x280/0x280 [ 3320.013676][T21400] ? find_held_lock+0x35/0x130 [ 3320.018457][T21400] mem_cgroup_out_of_memory+0x1ca/0x230 [ 3320.023999][T21400] ? memcg_event_wake+0x230/0x230 [ 3320.029011][T21400] ? do_raw_spin_unlock+0x57/0x270 [ 3320.034110][T21400] ? _raw_spin_unlock+0x2d/0x50 [ 3320.038945][T21400] try_charge+0xa87/0x15c0 [ 3320.043342][T21400] ? find_held_lock+0x35/0x130 [ 3320.048090][T21400] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 3320.053613][T21400] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 3320.059137][T21400] ? find_held_lock+0x35/0x130 [ 3320.063885][T21400] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 3320.069421][T21400] __memcg_kmem_charge_memcg+0x7c/0x130 [ 3320.074959][T21400] ? memcg_kmem_put_cache+0xb0/0xb0 [ 3320.080144][T21400] ? get_mem_cgroup_from_mm+0x128/0x2b0 [ 3320.085672][T21400] __memcg_kmem_charge+0x136/0x300 [ 3320.090768][T21400] __alloc_pages_nodemask+0x4bf/0x8d0 [ 3320.096122][T21400] ? __alloc_pages_slowpath+0x28b0/0x28b0 [ 3320.101843][T21400] ? copy_page_range+0x125a/0x1f90 [ 3320.106942][T21400] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 3320.113165][T21400] alloc_pages_current+0x107/0x210 [ 3320.118263][T21400] pte_alloc_one+0x1b/0x1a0 [ 3320.122753][T21400] __pte_alloc+0x20/0x310 [ 3320.127082][T21400] copy_page_range+0x1529/0x1f90 [ 3320.132001][T21400] ? perf_trace_lock+0xeb/0x510 [ 3320.136853][T21400] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3320.143097][T21400] ? pmd_alloc+0x180/0x180 [ 3320.147523][T21400] ? __rb_insert_augmented+0x231/0xdf0 [ 3320.152978][T21400] ? validate_mm_rb+0xa3/0xc0 [ 3320.157654][T21400] ? __vma_link_rb+0x279/0x370 [ 3320.164431][T21400] copy_process.part.0+0x568b/0x7980 [ 3320.169722][T21400] ? __cleanup_sighand+0x60/0x60 [ 3320.174653][T21400] ? check_stack_object+0x114/0x160 [ 3320.179833][T21400] ? __sanitizer_cov_trace_switch+0x49/0x80 [ 3320.185711][T21400] _do_fork+0x257/0xfd0 [ 3320.189857][T21400] ? fork_idle+0x1d0/0x1d0 [ 3320.194258][T21400] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3320.200483][T21400] ? key_get_type_from_user.constprop.0+0xe4/0x110 [ 3320.206970][T21400] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3320.213192][T21400] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3320.218628][T21400] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3320.224066][T21400] ? do_syscall_64+0x26/0x610 [ 3320.228744][T21400] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3320.234807][T21400] ? do_syscall_64+0x26/0x610 [ 3320.239486][T21400] __x64_sys_clone+0xbf/0x150 [ 3320.244160][T21400] do_syscall_64+0x103/0x610 [ 3320.248733][T21400] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3320.254608][T21400] RIP: 0033:0x2000050a [ 3320.258657][T21400] Code: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 98 4a 2a e9 2c b8 b6 4c 0f 05 03 00 40 00 c4 a3 7b f0 c5 3c 41 e2 e9 c4 22 e9 aa bb 3c 00 00 [ 3320.278253][T21400] RSP: 002b:0000000000400003 EFLAGS: 00000212 ORIG_RAX: 0000000000000038 [ 3320.286650][T21400] RAX: ffffffffffffffda RBX: 0000000000000009 RCX: 000000002000050a [ 3320.294628][T21400] RDX: dfaf83e69c634c96 RSI: 0000000000400003 RDI: 00007f3680240608 [ 3320.302586][T21400] RBP: 0000000000000006 R08: 0000000000000005 R09: 0000000000000006 [ 3320.310541][T21400] R10: 0000000000000007 R11: 0000000000000212 R12: 000000000000000b [ 3320.318585][T21400] R13: 000000000000000c R14: 000000000000000d R15: 00000000ffffffff [ 3320.331863][T21400] memory: usage 307200kB, limit 307200kB, failcnt 8090 [ 3320.338753][T21400] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3320.346331][T21400] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3320.353278][T21400] Memory cgroup stats for /syz0: cache:228KB rss:149036KB rss_huge:112640KB shmem:200KB mapped_file:0KB dirty:0KB writeback:132KB swap:0KB inactive_anon:104KB active_anon:149032KB inactive_file:0KB active_file:0KB unevictable:0KB [ 3320.375630][T21400] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=6768,uid=0 [ 3320.391015][T21400] Memory cgroup out of memory: Killed process 6768 (syz-executor.0) total-vm:72712kB, anon-rss:2228kB, file-rss:35784kB, shmem-rss:0kB [ 3320.418554][T21429] syz-executor.0 invoked oom-killer: gfp_mask=0x40cc0(GFP_KERNEL|__GFP_COMP), order=1, oom_score_adj=1000 [ 3320.470703][T21429] CPU: 1 PID: 21429 Comm: syz-executor.0 Not tainted 5.1.0-rc7+ #97 [ 3320.478743][T21429] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3320.488808][T21429] Call Trace: [ 3320.492120][T21429] dump_stack+0x172/0x1f0 [ 3320.496467][T21429] dump_header+0x10f/0xb6c [ 3320.500888][T21429] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 3320.506814][T21429] ? ___ratelimit+0x60/0x595 [ 3320.511408][T21429] ? do_raw_spin_unlock+0x57/0x270 [ 3320.516525][T21429] oom_kill_process.cold+0x10/0x15 [ 3320.521644][T21429] out_of_memory+0x79a/0x1280 [ 3320.526338][T21429] ? oom_killer_disable+0x280/0x280 [ 3320.531541][T21429] ? find_held_lock+0x35/0x130 [ 3320.536319][T21429] mem_cgroup_out_of_memory+0x1ca/0x230 [ 3320.541865][T21429] ? memcg_event_wake+0x230/0x230 [ 3320.546915][T21429] ? do_raw_spin_unlock+0x57/0x270 [ 3320.553110][T21429] ? _raw_spin_unlock+0x2d/0x50 [ 3320.557980][T21429] try_charge+0xa87/0x15c0 [ 3320.562409][T21429] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 3320.567968][T21429] ? rcu_read_lock_sched_held+0x110/0x130 [ 3320.573694][T21429] ? __alloc_pages_nodemask+0x61d/0x8d0 [ 3320.579238][T21429] ? __lockdep_free_key_range+0x120/0x120 [ 3320.584974][T21429] __memcg_kmem_charge_memcg+0x7c/0x130 [ 3320.590524][T21429] ? memcg_kmem_put_cache+0xb0/0xb0 [ 3320.595720][T21429] ? cache_grow_begin+0x594/0x860 [ 3320.600751][T21429] ? lockdep_hardirqs_on+0x418/0x5d0 [ 3320.606036][T21429] ? trace_hardirqs_on+0x67/0x230 [ 3320.611067][T21429] cache_grow_begin+0x5c0/0x860 [ 3320.615940][T21429] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 3320.622186][T21429] ? __cpuset_node_allowed+0x136/0x540 [ 3320.627660][T21429] fallback_alloc+0x1fd/0x2d0 [ 3320.632350][T21429] ____cache_alloc_node+0x1be/0x1e0 [ 3320.637546][T21429] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 3320.643883][T21429] kmem_cache_alloc_node+0xe3/0x710 [ 3320.649079][T21429] ? lockdep_hardirqs_on+0x418/0x5d0 [ 3320.654462][T21429] ? trace_hardirqs_on+0x67/0x230 [ 3320.659600][T21429] copy_process.part.0+0x1d08/0x7980 [ 3320.664890][T21429] ? perf_trace_lock+0xeb/0x510 [ 3320.669744][T21429] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3320.675987][T21429] ? debug_smp_processor_id+0x3c/0x280 [ 3320.681582][T21429] ? __lockdep_free_key_range+0x120/0x120 [ 3320.687313][T21429] ? __might_fault+0x12b/0x1e0 [ 3320.692079][T21429] ? find_held_lock+0x35/0x130 [ 3320.696847][T21429] ? __might_fault+0x12b/0x1e0 [ 3320.701619][T21429] ? __cleanup_sighand+0x60/0x60 [ 3320.706593][T21429] ? check_stack_object+0x114/0x160 [ 3320.711980][T21429] ? __sanitizer_cov_trace_switch+0x49/0x80 [ 3320.717882][T21429] _do_fork+0x257/0xfd0 [ 3320.722052][T21429] ? fork_idle+0x1d0/0x1d0 [ 3320.726474][T21429] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3320.732720][T21429] ? key_get_type_from_user.constprop.0+0xe4/0x110 [ 3320.739232][T21429] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3320.745476][T21429] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3320.750967][T21429] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3320.756433][T21429] ? do_syscall_64+0x26/0x610 [ 3320.761117][T21429] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3320.767181][T21429] ? do_syscall_64+0x26/0x610 [ 3320.771870][T21429] __x64_sys_clone+0xbf/0x150 [ 3320.776557][T21429] do_syscall_64+0x103/0x610 [ 3320.781156][T21429] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3320.787046][T21429] RIP: 0033:0x2000050a [ 3320.791113][T21429] Code: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 98 4a 2a e9 2c b8 b6 4c 0f 05 03 00 40 00 c4 a3 7b f0 c5 3c 41 e2 e9 c4 22 e9 aa bb 3c 00 00 [ 3320.810812][T21429] RSP: 002b:0000000000400003 EFLAGS: 00000212 ORIG_RAX: 0000000000000038 [ 3320.819229][T21429] RAX: ffffffffffffffda RBX: 0000000000000009 RCX: 000000002000050a [ 3320.827206][T21429] RDX: dfaf83e69c634c96 RSI: 0000000000400003 RDI: 00007f3680240608 [ 3320.835178][T21429] RBP: 0000000000000006 R08: 0000000000000005 R09: 0000000000000006 [ 3320.843238][T21429] R10: 0000000000000007 R11: 0000000000000212 R12: 000000000000000b [ 3320.851213][T21429] R13: 000000000000000c R14: 000000000000000d R15: 00000000ffffffff [ 3320.866301][T21429] memory: usage 307180kB, limit 307200kB, failcnt 8205 [ 3320.873421][T21429] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3320.880980][T21429] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3320.888001][T21429] Memory cgroup stats for /syz0: cache:228KB rss:146888KB rss_huge:110592KB shmem:200KB mapped_file:0KB dirty:0KB writeback:132KB swap:0KB inactive_anon:104KB active_anon:146880KB inactive_file:0KB active_file:0KB unevictable:0KB [ 3320.910481][T21429] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=3259,uid=0 [ 3320.926103][T21429] Memory cgroup out of memory: Killed process 3259 (syz-executor.0) total-vm:72448kB, anon-rss:2212kB, file-rss:35800kB, shmem-rss:0kB [ 3320.942223][ T1043] oom_reaper: reaped process 3259 (syz-executor.0), now anon-rss:0kB, file-rss:34840kB, shmem-rss:0kB [ 3320.966444][T21343] syz-executor.0 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=0, oom_score_adj=1000 [ 3321.019546][T21343] CPU: 1 PID: 21343 Comm: syz-executor.0 Not tainted 5.1.0-rc7+ #97 [ 3321.027573][T21343] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3321.037627][T21343] Call Trace: [ 3321.040938][T21343] dump_stack+0x172/0x1f0 [ 3321.045284][T21343] dump_header+0x10f/0xb6c [ 3321.049706][T21343] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 3321.055516][T21343] ? ___ratelimit+0x60/0x595 [ 3321.060105][T21343] ? do_raw_spin_unlock+0x57/0x270 [ 3321.065235][T21343] oom_kill_process.cold+0x10/0x15 [ 3321.070351][T21343] out_of_memory+0x79a/0x1280 [ 3321.075014][T21343] ? oom_killer_disable+0x280/0x280 [ 3321.080188][T21343] ? find_held_lock+0x35/0x130 [ 3321.084951][T21343] mem_cgroup_out_of_memory+0x1ca/0x230 [ 3321.090479][T21343] ? memcg_event_wake+0x230/0x230 [ 3321.095487][T21343] ? do_raw_spin_unlock+0x57/0x270 [ 3321.100580][T21343] ? _raw_spin_unlock+0x2d/0x50 [ 3321.105417][T21343] try_charge+0xa87/0x15c0 [ 3321.109842][T21343] ? find_held_lock+0x35/0x130 [ 3321.114598][T21343] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 3321.120136][T21343] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 3321.125662][T21343] ? find_held_lock+0x35/0x130 [ 3321.130423][T21343] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 3321.135968][T21343] __memcg_kmem_charge_memcg+0x7c/0x130 [ 3321.141495][T21343] ? memcg_kmem_put_cache+0xb0/0xb0 [ 3321.146681][T21343] ? get_mem_cgroup_from_mm+0x128/0x2b0 [ 3321.152231][T21343] __memcg_kmem_charge+0x136/0x300 [ 3321.157334][T21343] __alloc_pages_nodemask+0x4bf/0x8d0 [ 3321.162691][T21343] ? __pud_alloc+0x1d3/0x250 [ 3321.167268][T21343] ? __alloc_pages_slowpath+0x28b0/0x28b0 [ 3321.172981][T21343] ? __pud_alloc+0x1d3/0x250 [ 3321.177643][T21343] ? lock_downgrade+0x880/0x880 [ 3321.182476][T21343] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 3321.188700][T21343] alloc_pages_current+0x107/0x210 [ 3321.193818][T21343] ? do_raw_spin_unlock+0x57/0x270 [ 3321.198914][T21343] __pmd_alloc+0x41/0x460 [ 3321.203409][T21343] ? pmd_val+0x100/0x100 [ 3321.207639][T21343] pmd_alloc+0x10c/0x180 [ 3321.211864][T21343] copy_page_range+0x62e/0x1f90 [ 3321.216706][T21343] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 3321.222404][T21343] ? vma_compute_subtree_gap+0x158/0x230 [ 3321.228016][T21343] ? vma_gap_callbacks_rotate+0x62/0x80 [ 3321.233543][T21343] ? pmd_alloc+0x180/0x180 [ 3321.237944][T21343] ? validate_mm_rb+0xa3/0xc0 [ 3321.242621][T21343] ? __vma_link_rb+0x279/0x370 [ 3321.247369][T21343] copy_process.part.0+0x568b/0x7980 [ 3321.252659][T21343] ? __cleanup_sighand+0x60/0x60 [ 3321.257585][T21343] ? check_stack_object+0x114/0x160 [ 3321.262768][T21343] ? __sanitizer_cov_trace_switch+0x49/0x80 [ 3321.268651][T21343] _do_fork+0x257/0xfd0 [ 3321.272795][T21343] ? fork_idle+0x1d0/0x1d0 [ 3321.277195][T21343] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3321.283422][T21343] ? key_get_type_from_user.constprop.0+0xe4/0x110 [ 3321.289915][T21343] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3321.296150][T21343] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3321.301604][T21343] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3321.307073][T21343] ? do_syscall_64+0x26/0x610 [ 3321.311759][T21343] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3321.317820][T21343] ? do_syscall_64+0x26/0x610 [ 3321.322483][T21343] __x64_sys_clone+0xbf/0x150 [ 3321.327141][T21343] do_syscall_64+0x103/0x610 [ 3321.331716][T21343] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3321.337593][T21343] RIP: 0033:0x2000050a [ 3321.341646][T21343] Code: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 98 4a 2a e9 2c b8 b6 4c 0f 05 03 00 40 00 c4 a3 7b f0 c5 3c 41 e2 e9 c4 22 e9 aa bb 3c 00 00 [ 3321.361253][T21343] RSP: 002b:0000000000400003 EFLAGS: 00000212 ORIG_RAX: 0000000000000038 [ 3321.369655][T21343] RAX: ffffffffffffffda RBX: 0000000000000009 RCX: 000000002000050a [ 3321.377700][T21343] RDX: dfaf83e69c634c96 RSI: 0000000000400003 RDI: 00007f3680240608 [ 3321.385671][T21343] RBP: 0000000000000006 R08: 0000000000000005 R09: 0000000000000006 [ 3321.393628][T21343] R10: 0000000000000007 R11: 0000000000000212 R12: 000000000000000b [ 3321.401589][T21343] R13: 000000000000000c R14: 000000000000000d R15: 00000000ffffffff [ 3321.416416][T21343] memory: usage 307040kB, limit 307200kB, failcnt 8360 [ 3321.423411][T21343] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3321.430943][T21343] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3321.437966][T21343] Memory cgroup stats for /syz0: cache:228KB rss:144816KB rss_huge:108544KB shmem:200KB mapped_file:0KB dirty:0KB writeback:132KB swap:0KB inactive_anon:104KB active_anon:144780KB inactive_file:0KB active_file:0KB unevictable:0KB [ 3321.460496][T21343] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=15448,uid=0 [ 3321.476166][T21343] Memory cgroup out of memory: Killed process 15448 (syz-executor.0) total-vm:72580kB, anon-rss:2212kB, file-rss:35796kB, shmem-rss:0kB [ 3321.507369][T21420] syz-executor.0 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 3321.542798][T21420] CPU: 1 PID: 21420 Comm: syz-executor.0 Not tainted 5.1.0-rc7+ #97 [ 3321.550824][T21420] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3321.560888][T21420] Call Trace: [ 3321.564203][T21420] dump_stack+0x172/0x1f0 [ 3321.568548][T21420] dump_header+0x10f/0xb6c [ 3321.572978][T21420] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 3321.579752][T21420] ? ___ratelimit+0x60/0x595 [ 3321.584349][T21420] ? do_raw_spin_unlock+0x57/0x270 [ 3321.589463][T21420] oom_kill_process.cold+0x10/0x15 [ 3321.594581][T21420] out_of_memory+0x79a/0x1280 [ 3321.599273][T21420] ? oom_killer_disable+0x280/0x280 [ 3321.604478][T21420] ? find_held_lock+0x35/0x130 [ 3321.609275][T21420] mem_cgroup_out_of_memory+0x1ca/0x230 [ 3321.614828][T21420] ? memcg_event_wake+0x230/0x230 [ 3321.620216][T21420] ? do_raw_spin_unlock+0x57/0x270 [ 3321.625335][T21420] ? _raw_spin_unlock+0x2d/0x50 [ 3321.630192][T21420] try_charge+0xa87/0x15c0 [ 3321.634609][T21420] ? find_held_lock+0x35/0x130 [ 3321.639384][T21420] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 3321.644949][T21420] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3321.651199][T21420] ? kasan_check_read+0x11/0x20 [ 3321.656059][T21420] ? get_mem_cgroup_from_mm+0x128/0x2b0 [ 3321.661611][T21420] mem_cgroup_try_charge+0x24d/0x5e0 [ 3321.666912][T21420] mem_cgroup_try_charge_delay+0x1f/0xa0 [ 3321.672561][T21420] wp_page_copy+0x408/0x1740 [ 3321.677151][T21420] ? find_held_lock+0x35/0x130 [ 3321.681943][T21420] ? pmd_pfn+0x1d0/0x1d0 [ 3321.686200][T21420] ? lock_downgrade+0x880/0x880 [ 3321.691048][T21420] ? swp_swapcount+0x540/0x540 [ 3321.695818][T21420] ? kasan_check_read+0x11/0x20 [ 3321.700668][T21420] ? do_raw_spin_unlock+0x57/0x270 [ 3321.705790][T21420] do_wp_page+0x48e/0x1500 [ 3321.710217][T21420] ? finish_mkwrite_fault+0x4f0/0x4f0 [ 3321.715614][T21420] __handle_mm_fault+0x22e8/0x3ec0 [ 3321.720746][T21420] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 3321.726297][T21420] ? find_held_lock+0x35/0x130 [ 3321.731067][T21420] ? handle_mm_fault+0x322/0xb30 [ 3321.736050][T21420] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3321.742302][T21420] ? kasan_check_read+0x11/0x20 [ 3321.747164][T21420] handle_mm_fault+0x43f/0xb30 [ 3321.751927][T21420] __do_page_fault+0x5ef/0xda0 [ 3321.756685][T21420] do_page_fault+0x71/0x581 [ 3321.761173][T21420] page_fault+0x1e/0x30 [ 3321.765324][T21420] RIP: 0010:__put_user_4+0x1c/0x30 [ 3321.770430][T21420] Code: 1f 00 c3 90 66 2e 0f 1f 84 00 00 00 00 00 65 48 8b 1c 25 00 ee 01 00 48 8b 9b 18 14 00 00 48 83 eb 03 48 39 d9 73 3c 0f 1f 00 <89> 01 31 c0 0f 1f 00 c3 66 90 66 2e 0f 1f 84 00 00 00 00 00 65 48 [ 3321.790043][T21420] RSP: 0018:ffff88820db07ed0 EFLAGS: 00010293 [ 3321.796090][T21420] RAX: 0000000000000000 RBX: 00007fffffffeffd RCX: 00007f3680240608 [ 3321.804051][T21420] RDX: 0000000000000000 RSI: ffffffff819ace93 RDI: 0000000000000286 [ 3321.812021][T21420] RBP: ffff88820db07f10 R08: ffff888014daa680 R09: 0000000000000001 [ 3321.819973][T21420] R10: ffff888014daaf00 R11: ffff888014daa680 R12: 0000000000000000 [ 3321.827946][T21420] R13: 00007f3680240608 R14: 0000000000400003 R15: 0000000000000000 [ 3321.835938][T21420] ? __might_fault+0x1a3/0x1e0 [ 3321.840703][T21420] ? __x64_sys_getresgid+0x1aa/0x290 [ 3321.845990][T21420] ? trace_hardirqs_on+0x67/0x230 [ 3321.851010][T21420] do_syscall_64+0x103/0x610 [ 3321.855602][T21420] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3321.861475][T21420] RIP: 0033:0x2000050a [ 3321.865524][T21420] Code: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 98 4a 2a e9 2c b8 b6 4c 0f 05 03 00 40 00 c4 a3 7b f0 c5 3c 41 e2 e9 c4 22 e9 aa bb 3c 00 00 [ 3321.885112][T21420] RSP: 002b:0000000000400003 EFLAGS: 00000217 ORIG_RAX: 0000000000000078 [ 3321.893525][T21420] RAX: ffffffffffffffda RBX: 0000000000000009 RCX: 000000002000050a [ 3321.901484][T21420] RDX: dfaf83e69c634c96 RSI: 0000000000400003 RDI: 00007f3680240608 [ 3321.909437][T21420] RBP: 00000000000000fa R08: 0000000000000005 R09: 0000000000000006 [ 3321.917413][T21420] R10: 0000000000000007 R11: 0000000000000217 R12: 000000000000000b [ 3321.925399][T21420] R13: 000000000000000c R14: 000000000000000d R15: 00000000ffffffff [ 3321.939055][T21420] memory: usage 307200kB, limit 307200kB, failcnt 8483 [ 3321.946097][ C0] net_ratelimit: 16 callbacks suppressed [ 3321.946105][ C0] protocol 88fb is buggy, dev hsr_slave_0 [ 3321.946160][ C0] protocol 88fb is buggy, dev hsr_slave_1 [ 3321.946259][ C0] protocol 88fb is buggy, dev hsr_slave_0 [ 3321.946304][ C0] protocol 88fb is buggy, dev hsr_slave_1 [ 3321.976366][T21420] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3321.983991][T21420] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3321.990849][T21420] Memory cgroup stats for /syz0: cache:228KB rss:142660KB rss_huge:106496KB shmem:200KB mapped_file:0KB dirty:0KB writeback:132KB swap:0KB inactive_anon:104KB active_anon:142660KB inactive_file:0KB active_file:0KB unevictable:0KB [ 3322.013260][T21420] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=15580,uid=0 [ 3322.029389][T21420] Memory cgroup out of memory: Killed process 15580 (syz-executor.0) total-vm:72580kB, anon-rss:2212kB, file-rss:35796kB, shmem-rss:0kB [ 3322.074812][T21557] syz-executor.0 invoked oom-killer: gfp_mask=0x40cc0(GFP_KERNEL|__GFP_COMP), order=0, oom_score_adj=1000 [ 3322.091636][T21557] CPU: 1 PID: 21557 Comm: syz-executor.0 Not tainted 5.1.0-rc7+ #97 [ 3322.100071][T21557] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3322.110140][T21557] Call Trace: [ 3322.113448][T21557] dump_stack+0x172/0x1f0 [ 3322.117794][T21557] dump_header+0x10f/0xb6c [ 3322.122230][T21557] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 3322.128054][T21557] ? ___ratelimit+0x60/0x595 [ 3322.132657][T21557] ? do_raw_spin_unlock+0x57/0x270 [ 3322.138268][T21557] oom_kill_process.cold+0x10/0x15 [ 3322.143396][T21557] out_of_memory+0x79a/0x1280 [ 3322.148092][T21557] ? oom_killer_disable+0x280/0x280 [ 3322.153294][T21557] ? find_held_lock+0x35/0x130 [ 3322.158077][T21557] mem_cgroup_out_of_memory+0x1ca/0x230 [ 3322.163627][T21557] ? memcg_event_wake+0x230/0x230 [ 3322.168663][T21557] ? do_raw_spin_unlock+0x57/0x270 [ 3322.173780][T21557] ? _raw_spin_unlock+0x2d/0x50 [ 3322.178638][T21557] try_charge+0xa87/0x15c0 [ 3322.183063][T21557] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 3322.189304][T21557] ? should_fail+0x1de/0x852 [ 3322.193907][T21557] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 3322.199676][T21557] ? rcu_read_lock_sched_held+0x110/0x130 [ 3322.205416][T21557] ? __alloc_pages_nodemask+0x61d/0x8d0 [ 3322.210978][T21557] ? __lockdep_free_key_range+0x120/0x120 [ 3322.216724][T21557] __memcg_kmem_charge_memcg+0x7c/0x130 [ 3322.222291][T21557] ? memcg_kmem_put_cache+0xb0/0xb0 [ 3322.227498][T21557] ? cache_grow_begin+0x594/0x860 [ 3322.232533][T21557] ? lockdep_hardirqs_on+0x418/0x5d0 [ 3322.237828][T21557] ? trace_hardirqs_on+0x67/0x230 [ 3322.242861][T21557] cache_grow_begin+0x5c0/0x860 [ 3322.247719][T21557] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 3322.253976][T21557] ? __cpuset_node_allowed+0x136/0x540 [ 3322.259445][T21557] fallback_alloc+0x1fd/0x2d0 [ 3322.264135][T21557] ____cache_alloc_node+0x1be/0x1e0 [ 3322.269334][T21557] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 3322.275580][T21557] kmem_cache_alloc+0x1e8/0x6f0 [ 3322.280431][T21557] ? anon_vma_clone+0x320/0x480 [ 3322.285295][T21557] anon_vma_fork+0xfc/0x4a0 [ 3322.289802][T21557] ? dup_userfaultfd+0x15e/0x6d0 [ 3322.294753][T21557] ? memcpy+0x46/0x50 [ 3322.298756][T21557] copy_process.part.0+0x350f/0x7980 [ 3322.304080][T21557] ? __cleanup_sighand+0x60/0x60 [ 3322.309033][T21557] ? check_stack_object+0x114/0x160 [ 3322.314234][T21557] ? __sanitizer_cov_trace_switch+0x49/0x80 [ 3322.320143][T21557] _do_fork+0x257/0xfd0 [ 3322.324338][T21557] ? fork_idle+0x1d0/0x1d0 [ 3322.328766][T21557] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3322.335023][T21557] ? key_get_type_from_user.constprop.0+0xe4/0x110 [ 3322.341535][T21557] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3322.347780][T21557] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3322.353245][T21557] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3322.358711][T21557] ? do_syscall_64+0x26/0x610 [ 3322.363398][T21557] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3322.369464][T21557] ? do_syscall_64+0x26/0x610 [ 3322.374155][T21557] __x64_sys_clone+0xbf/0x150 [ 3322.378839][T21557] do_syscall_64+0x103/0x610 [ 3322.383441][T21557] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3322.389335][T21557] RIP: 0033:0x2000050a [ 3322.393408][T21557] Code: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 98 4a 2a e9 2c b8 b6 4c 0f 05 03 00 40 00 c4 a3 7b f0 c5 3c 41 e2 e9 c4 22 e9 aa bb 3c 00 00 [ 3322.413023][T21557] RSP: 002b:0000000000400003 EFLAGS: 00000212 ORIG_RAX: 0000000000000038 [ 3322.421447][T21557] RAX: ffffffffffffffda RBX: 0000000000000009 RCX: 000000002000050a [ 3322.429433][T21557] RDX: dfaf83e69c634c96 RSI: 0000000000400003 RDI: 00007f3680240608 [ 3322.437414][T21557] RBP: 0000000000000006 R08: 0000000000000005 R09: 0000000000000006 [ 3322.445391][T21557] R10: 0000000000000007 R11: 0000000000000212 R12: 000000000000000b [ 3322.453366][T21557] R13: 000000000000000c R14: 000000000000000d R15: 00000000ffffffff [ 3322.466791][ C1] protocol 88fb is buggy, dev hsr_slave_0 [ 3322.472747][ C1] protocol 88fb is buggy, dev hsr_slave_1 [ 3322.478794][ C1] protocol 88fb is buggy, dev hsr_slave_0 [ 3322.484717][ C1] protocol 88fb is buggy, dev hsr_slave_1 [ 3322.490693][ C1] protocol 88fb is buggy, dev hsr_slave_0 [ 3322.496594][ C1] protocol 88fb is buggy, dev hsr_slave_1 [ 3322.527378][T21557] memory: usage 307200kB, limit 307200kB, failcnt 8624 [ 3322.534553][T21557] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3322.542661][T21557] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3322.549732][T21557] Memory cgroup stats for /syz0: cache:228KB rss:140536KB rss_huge:104448KB shmem:200KB mapped_file:0KB dirty:0KB writeback:132KB swap:0KB inactive_anon:104KB active_anon:140476KB inactive_file:0KB active_file:0KB unevictable:0KB [ 3322.573256][T21557] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=17356,uid=0 [ 3322.589553][T21557] Memory cgroup out of memory: Killed process 17356 (syz-executor.0) total-vm:72580kB, anon-rss:2212kB, file-rss:35796kB, shmem-rss:0kB [ 3322.618880][T21492] syz-executor.0 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 3322.650520][T21492] CPU: 1 PID: 21492 Comm: syz-executor.0 Not tainted 5.1.0-rc7+ #97 [ 3322.658550][T21492] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3322.668615][T21492] Call Trace: [ 3322.671921][T21492] dump_stack+0x172/0x1f0 [ 3322.676280][T21492] dump_header+0x10f/0xb6c [ 3322.680710][T21492] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 3322.686530][T21492] ? ___ratelimit+0x60/0x595 [ 3322.691125][T21492] ? do_raw_spin_unlock+0x57/0x270 [ 3322.696250][T21492] oom_kill_process.cold+0x10/0x15 [ 3322.701370][T21492] out_of_memory+0x79a/0x1280 [ 3322.706062][T21492] ? oom_killer_disable+0x280/0x280 [ 3322.711258][T21492] ? find_held_lock+0x35/0x130 [ 3322.716043][T21492] mem_cgroup_out_of_memory+0x1ca/0x230 [ 3322.721596][T21492] ? memcg_event_wake+0x230/0x230 [ 3322.726636][T21492] ? do_raw_spin_unlock+0x57/0x270 [ 3322.731756][T21492] ? _raw_spin_unlock+0x2d/0x50 [ 3322.736617][T21492] try_charge+0xa87/0x15c0 [ 3322.741032][T21492] ? find_held_lock+0x35/0x130 [ 3322.745813][T21492] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 3322.751369][T21492] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3322.757623][T21492] ? kasan_check_read+0x11/0x20 [ 3322.762488][T21492] ? get_mem_cgroup_from_mm+0x128/0x2b0 [ 3322.768047][T21492] mem_cgroup_try_charge+0x24d/0x5e0 [ 3322.773346][T21492] mem_cgroup_try_charge_delay+0x1f/0xa0 [ 3322.778991][T21492] wp_page_copy+0x408/0x1740 [ 3322.783586][T21492] ? find_held_lock+0x35/0x130 [ 3322.788363][T21492] ? pmd_pfn+0x1d0/0x1d0 [ 3322.792616][T21492] ? lock_downgrade+0x880/0x880 [ 3322.797469][T21492] ? swp_swapcount+0x540/0x540 [ 3322.802245][T21492] ? kasan_check_read+0x11/0x20 [ 3322.807098][T21492] ? do_raw_spin_unlock+0x57/0x270 [ 3322.812218][T21492] do_wp_page+0x48e/0x1500 [ 3322.816647][T21492] ? finish_mkwrite_fault+0x4f0/0x4f0 [ 3322.822038][T21492] __handle_mm_fault+0x22e8/0x3ec0 [ 3322.827162][T21492] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 3322.832710][T21492] ? find_held_lock+0x35/0x130 [ 3322.837483][T21492] ? handle_mm_fault+0x322/0xb30 [ 3322.842433][T21492] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3322.848703][T21492] ? kasan_check_read+0x11/0x20 [ 3322.853609][T21492] handle_mm_fault+0x43f/0xb30 [ 3322.858389][T21492] __do_page_fault+0x5ef/0xda0 [ 3322.863178][T21492] do_page_fault+0x71/0x581 [ 3322.867698][T21492] page_fault+0x1e/0x30 [ 3322.871871][T21492] RIP: 0010:__put_user_4+0x1c/0x30 [ 3322.876987][T21492] Code: 1f 00 c3 90 66 2e 0f 1f 84 00 00 00 00 00 65 48 8b 1c 25 00 ee 01 00 48 8b 9b 18 14 00 00 48 83 eb 03 48 39 d9 73 3c 0f 1f 00 <89> 01 31 c0 0f 1f 00 c3 66 90 66 2e 0f 1f 84 00 00 00 00 00 65 48 [ 3322.896608][T21492] RSP: 0018:ffff88821366fed0 EFLAGS: 00010293 [ 3322.902682][T21492] RAX: 0000000000000000 RBX: 00007fffffffeffd RCX: 00007f3680240608 [ 3322.910656][T21492] RDX: 0000000000000000 RSI: ffffffff819ace93 RDI: 0000000000000286 [ 3322.918640][T21492] RBP: ffff88821366ff10 R08: ffff888051672500 R09: 0000000000000001 [ 3322.926619][T21492] R10: ffff888051672d80 R11: ffff888051672500 R12: 0000000000000000 [ 3322.935205][T21492] R13: 00007f3680240608 R14: 0000000000400003 R15: 0000000000000000 [ 3322.943218][T21492] ? __might_fault+0x1a3/0x1e0 [ 3322.947999][T21492] ? __x64_sys_getresgid+0x1aa/0x290 [ 3322.953290][T21492] ? trace_hardirqs_on+0x67/0x230 [ 3322.958327][T21492] do_syscall_64+0x103/0x610 [ 3322.962940][T21492] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3322.968852][T21492] RIP: 0033:0x2000050a [ 3322.972937][T21492] Code: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 98 4a 2a e9 2c b8 b6 4c 0f 05 03 00 40 00 c4 a3 7b f0 c5 3c 41 e2 e9 c4 22 e9 aa bb 3c 00 00 [ 3322.992546][T21492] RSP: 002b:0000000000400003 EFLAGS: 00000217 ORIG_RAX: 0000000000000078 [ 3323.000971][T21492] RAX: ffffffffffffffda RBX: 0000000000000009 RCX: 000000002000050a [ 3323.009396][T21492] RDX: dfaf83e69c634c96 RSI: 0000000000400003 RDI: 00007f3680240608 [ 3323.017374][T21492] RBP: 00000000000000fa R08: 0000000000000005 R09: 0000000000000006 [ 3323.025348][T21492] R10: 0000000000000007 R11: 0000000000000217 R12: 000000000000000b [ 3323.033321][T21492] R13: 000000000000000c R14: 000000000000000d R15: 00000000ffffffff [ 3323.056791][T21492] memory: usage 307200kB, limit 307200kB, failcnt 8735 [ 3323.063918][T21492] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3323.071531][T21492] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3323.078784][T21492] Memory cgroup stats for /syz0: cache:228KB rss:138372KB rss_huge:102400KB shmem:200KB mapped_file:0KB dirty:0KB writeback:132KB swap:0KB inactive_anon:104KB active_anon:138372KB inactive_file:0KB active_file:0KB unevictable:0KB [ 3323.101255][T21492] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=21198,uid=0 [ 3323.116987][T21492] Memory cgroup out of memory: Killed process 21198 (syz-executor.0) total-vm:72580kB, anon-rss:2212kB, file-rss:35796kB, shmem-rss:0kB [ 3323.138322][T21601] syz-executor.0 invoked oom-killer: gfp_mask=0x40cc0(GFP_KERNEL|__GFP_COMP), order=0, oom_score_adj=1000 [ 3323.156310][T21601] CPU: 0 PID: 21601 Comm: syz-executor.0 Not tainted 5.1.0-rc7+ #97 [ 3323.164322][T21601] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3323.174386][T21601] Call Trace: [ 3323.177699][T21601] dump_stack+0x172/0x1f0 [ 3323.182047][T21601] dump_header+0x10f/0xb6c [ 3323.186475][T21601] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 3323.192298][T21601] ? ___ratelimit+0x60/0x595 [ 3323.196901][T21601] ? do_raw_spin_unlock+0x57/0x270 [ 3323.202041][T21601] oom_kill_process.cold+0x10/0x15 [ 3323.207171][T21601] out_of_memory+0x79a/0x1280 [ 3323.211867][T21601] ? oom_killer_disable+0x280/0x280 [ 3323.217074][T21601] ? find_held_lock+0x35/0x130 [ 3323.221862][T21601] mem_cgroup_out_of_memory+0x1ca/0x230 [ 3323.227426][T21601] ? memcg_event_wake+0x230/0x230 [ 3323.232472][T21601] ? do_raw_spin_unlock+0x57/0x270 [ 3323.237597][T21601] ? _raw_spin_unlock+0x2d/0x50 [ 3323.242468][T21601] try_charge+0xa87/0x15c0 [ 3323.246899][T21601] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 3323.253150][T21601] ? should_fail+0x1de/0x852 [ 3323.257761][T21601] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 3323.263322][T21601] ? rcu_read_lock_sched_held+0x110/0x130 [ 3323.269050][T21601] ? __alloc_pages_nodemask+0x61d/0x8d0 [ 3323.274601][T21601] ? __lockdep_free_key_range+0x120/0x120 [ 3323.280341][T21601] __memcg_kmem_charge_memcg+0x7c/0x130 [ 3323.285899][T21601] ? memcg_kmem_put_cache+0xb0/0xb0 [ 3323.291107][T21601] ? cache_grow_begin+0x594/0x860 [ 3323.296138][T21601] ? lockdep_hardirqs_on+0x418/0x5d0 [ 3323.301428][T21601] ? trace_hardirqs_on+0x67/0x230 [ 3323.306465][T21601] cache_grow_begin+0x5c0/0x860 [ 3323.311330][T21601] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 3323.317576][T21601] ? __cpuset_node_allowed+0x136/0x540 [ 3323.323055][T21601] fallback_alloc+0x1fd/0x2d0 [ 3323.327747][T21601] ____cache_alloc_node+0x1be/0x1e0 [ 3323.332954][T21601] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 3323.339209][T21601] kmem_cache_alloc+0x1e8/0x6f0 [ 3323.344074][T21601] ? call_rwsem_wake+0x1b/0x30 [ 3323.348858][T21601] anon_vma_clone+0x238/0x480 [ 3323.353550][T21601] anon_vma_fork+0x8f/0x4a0 [ 3323.358060][T21601] ? dup_userfaultfd+0x15e/0x6d0 [ 3323.363005][T21601] ? memcpy+0x46/0x50 [ 3323.367000][T21601] copy_process.part.0+0x350f/0x7980 [ 3323.372324][T21601] ? __cleanup_sighand+0x60/0x60 [ 3323.377282][T21601] ? check_stack_object+0x114/0x160 [ 3323.382476][T21601] ? __sanitizer_cov_trace_switch+0x49/0x80 [ 3323.388372][T21601] _do_fork+0x257/0xfd0 [ 3323.392519][T21601] ? fork_idle+0x1d0/0x1d0 [ 3323.396919][T21601] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3323.403147][T21601] ? key_get_type_from_user.constprop.0+0xe4/0x110 [ 3323.409632][T21601] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3323.415857][T21601] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3323.421297][T21601] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3323.426737][T21601] ? do_syscall_64+0x26/0x610 [ 3323.431408][T21601] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3323.437466][T21601] ? do_syscall_64+0x26/0x610 [ 3323.442135][T21601] __x64_sys_clone+0xbf/0x150 [ 3323.446797][T21601] do_syscall_64+0x103/0x610 [ 3323.451380][T21601] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3323.457272][T21601] RIP: 0033:0x2000050a [ 3323.461334][T21601] Code: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 98 4a 2a e9 2c b8 b6 4c 0f 05 03 00 40 00 c4 a3 7b f0 c5 3c 41 e2 e9 c4 22 e9 aa bb 3c 00 00 [ 3323.480960][T21601] RSP: 002b:0000000000400003 EFLAGS: 00000212 ORIG_RAX: 0000000000000038 [ 3323.489379][T21601] RAX: ffffffffffffffda RBX: 0000000000000009 RCX: 000000002000050a [ 3323.497344][T21601] RDX: dfaf83e69c634c96 RSI: 0000000000400003 RDI: 00007f3680240608 [ 3323.505311][T21601] RBP: 0000000000000006 R08: 0000000000000005 R09: 0000000000000006 [ 3323.513276][T21601] R10: 0000000000000007 R11: 0000000000000212 R12: 000000000000000b [ 3323.521255][T21601] R13: 000000000000000c R14: 000000000000000d R15: 00000000ffffffff [ 3323.532491][T21601] memory: usage 307196kB, limit 307200kB, failcnt 8828 [ 3323.539368][T21601] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3323.546951][T21601] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3323.554034][T21601] Memory cgroup stats for /syz0: cache:228KB rss:136264KB rss_huge:100352KB shmem:200KB mapped_file:0KB dirty:0KB writeback:132KB swap:0KB inactive_anon:104KB active_anon:136240KB inactive_file:0KB active_file:0KB unevictable:0KB [ 3323.576316][T21601] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=32736,uid=0 [ 3323.591814][T21601] Memory cgroup out of memory: Killed process 32736 (syz-executor.0) total-vm:72712kB, anon-rss:2228kB, file-rss:35780kB, shmem-rss:0kB [ 3323.607534][ T1043] oom_reaper: reaped process 32736 (syz-executor.0), now anon-rss:0kB, file-rss:34820kB, shmem-rss:0kB [ 3323.624071][T21453] syz-executor.0 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 3323.656443][T21453] CPU: 1 PID: 21453 Comm: syz-executor.0 Not tainted 5.1.0-rc7+ #97 [ 3323.664472][T21453] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3323.674534][T21453] Call Trace: [ 3323.677840][T21453] dump_stack+0x172/0x1f0 [ 3323.682188][T21453] dump_header+0x10f/0xb6c [ 3323.686611][T21453] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 3323.692416][T21453] ? ___ratelimit+0x60/0x595 [ 3323.697012][T21453] ? do_raw_spin_unlock+0x57/0x270 [ 3323.702162][T21453] oom_kill_process.cold+0x10/0x15 [ 3323.707300][T21453] out_of_memory+0x79a/0x1280 [ 3323.711990][T21453] ? oom_killer_disable+0x280/0x280 [ 3323.717194][T21453] ? find_held_lock+0x35/0x130 [ 3323.721979][T21453] mem_cgroup_out_of_memory+0x1ca/0x230 [ 3323.727522][T21453] ? memcg_event_wake+0x230/0x230 [ 3323.732558][T21453] ? do_raw_spin_unlock+0x57/0x270 [ 3323.737676][T21453] ? _raw_spin_unlock+0x2d/0x50 [ 3323.742538][T21453] try_charge+0xa87/0x15c0 [ 3323.746960][T21453] ? find_held_lock+0x35/0x130 [ 3323.751745][T21453] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 3323.757300][T21453] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3323.763550][T21453] ? kasan_check_read+0x11/0x20 [ 3323.768413][T21453] ? get_mem_cgroup_from_mm+0x128/0x2b0 [ 3323.773972][T21453] mem_cgroup_try_charge+0x24d/0x5e0 [ 3323.779267][T21453] mem_cgroup_try_charge_delay+0x1f/0xa0 [ 3323.784909][T21453] wp_page_copy+0x408/0x1740 [ 3323.789504][T21453] ? find_held_lock+0x35/0x130 [ 3323.794277][T21453] ? pmd_pfn+0x1d0/0x1d0 [ 3323.798520][T21453] ? lock_downgrade+0x880/0x880 [ 3323.803376][T21453] ? swp_swapcount+0x540/0x540 [ 3323.808151][T21453] ? kasan_check_read+0x11/0x20 [ 3323.813007][T21453] ? do_raw_spin_unlock+0x57/0x270 [ 3323.818126][T21453] do_wp_page+0x48e/0x1500 [ 3323.822556][T21453] ? finish_mkwrite_fault+0x4f0/0x4f0 [ 3323.827960][T21453] __handle_mm_fault+0x22e8/0x3ec0 [ 3323.833084][T21453] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 3323.838628][T21453] ? find_held_lock+0x35/0x130 [ 3323.843398][T21453] ? handle_mm_fault+0x322/0xb30 [ 3323.848348][T21453] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3323.854596][T21453] ? kasan_check_read+0x11/0x20 [ 3323.859459][T21453] handle_mm_fault+0x43f/0xb30 [ 3323.864237][T21453] __do_page_fault+0x5ef/0xda0 [ 3323.869018][T21453] do_page_fault+0x71/0x581 [ 3323.873528][T21453] page_fault+0x1e/0x30 [ 3323.877686][T21453] RIP: 0010:__put_user_4+0x1c/0x30 [ 3323.882800][T21453] Code: 1f 00 c3 90 66 2e 0f 1f 84 00 00 00 00 00 65 48 8b 1c 25 00 ee 01 00 48 8b 9b 18 14 00 00 48 83 eb 03 48 39 d9 73 3c 0f 1f 00 <89> 01 31 c0 0f 1f 00 c3 66 90 66 2e 0f 1f 84 00 00 00 00 00 65 48 [ 3323.902411][T21453] RSP: 0018:ffff88821b00fed0 EFLAGS: 00010293 [ 3323.908492][T21453] RAX: 0000000000000000 RBX: 00007fffffffeffd RCX: 00007f3680240608 [ 3323.916499][T21453] RDX: 0000000000000000 RSI: ffffffff819ace93 RDI: 0000000000000286 [ 3323.924486][T21453] RBP: ffff88821b00ff10 R08: ffff888064482680 R09: 0000000000000001 [ 3323.932470][T21453] R10: ffff888064482f00 R11: ffff888064482680 R12: 0000000000000000 [ 3323.940456][T21453] R13: 00007f3680240608 R14: 0000000000400003 R15: 0000000000000000 [ 3323.948467][T21453] ? __might_fault+0x1a3/0x1e0 [ 3323.953254][T21453] ? __x64_sys_getresgid+0x1aa/0x290 [ 3323.958556][T21453] ? trace_hardirqs_on+0x67/0x230 [ 3323.963606][T21453] do_syscall_64+0x103/0x610 [ 3323.968306][T21453] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3323.974206][T21453] RIP: 0033:0x2000050a [ 3323.978278][T21453] Code: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 98 4a 2a e9 2c b8 b6 4c 0f 05 03 00 40 00 c4 a3 7b f0 c5 3c 41 e2 e9 c4 22 e9 aa bb 3c 00 00 [ 3323.997908][T21453] RSP: 002b:0000000000400003 EFLAGS: 00000217 ORIG_RAX: 0000000000000078 [ 3324.006337][T21453] RAX: ffffffffffffffda RBX: 0000000000000009 RCX: 000000002000050a [ 3324.014317][T21453] RDX: dfaf83e69c634c96 RSI: 0000000000400003 RDI: 00007f3680240608 [ 3324.022300][T21453] RBP: 00000000000000fa R08: 0000000000000005 R09: 0000000000000006 [ 3324.032077][T21453] R10: 0000000000000007 R11: 0000000000000217 R12: 000000000000000b [ 3324.040666][T21453] R13: 000000000000000c R14: 000000000000000d R15: 00000000ffffffff [ 3324.057964][T21453] memory: usage 307164kB, limit 307200kB, failcnt 8953 [ 3324.065187][T21453] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3324.073252][T21453] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3324.080197][T21453] Memory cgroup stats for /syz0: cache:228KB rss:134148KB rss_huge:98304KB shmem:200KB mapped_file:0KB dirty:0KB writeback:132KB swap:0KB inactive_anon:104KB active_anon:134108KB inactive_file:0KB active_file:0KB unevictable:0KB [ 3324.102832][T21453] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=3263,uid=0 [ 3324.118481][T21453] Memory cgroup out of memory: Killed process 3263 (syz-executor.0) total-vm:72712kB, anon-rss:2228kB, file-rss:35780kB, shmem-rss:0kB [ 3324.140442][T21565] syz-executor.0 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=0, oom_score_adj=1000 [ 3324.155733][T21565] CPU: 0 PID: 21565 Comm: syz-executor.0 Not tainted 5.1.0-rc7+ #97 [ 3324.163748][T21565] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3324.173815][T21565] Call Trace: [ 3324.177124][T21565] dump_stack+0x172/0x1f0 [ 3324.181475][T21565] dump_header+0x10f/0xb6c [ 3324.185907][T21565] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 3324.191730][T21565] ? ___ratelimit+0x60/0x595 [ 3324.196327][T21565] ? do_raw_spin_unlock+0x57/0x270 [ 3324.201455][T21565] oom_kill_process.cold+0x10/0x15 [ 3324.206580][T21565] out_of_memory+0x79a/0x1280 [ 3324.211281][T21565] ? oom_killer_disable+0x280/0x280 [ 3324.216483][T21565] ? find_held_lock+0x35/0x130 [ 3324.221269][T21565] mem_cgroup_out_of_memory+0x1ca/0x230 [ 3324.226839][T21565] ? memcg_event_wake+0x230/0x230 [ 3324.231884][T21565] ? do_raw_spin_unlock+0x57/0x270 [ 3324.237010][T21565] ? _raw_spin_unlock+0x2d/0x50 [ 3324.241883][T21565] try_charge+0xa87/0x15c0 [ 3324.246313][T21565] ? find_held_lock+0x35/0x130 [ 3324.251124][T21565] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 3324.256680][T21565] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 3324.262235][T21565] ? find_held_lock+0x35/0x130 [ 3324.267014][T21565] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 3324.272584][T21565] __memcg_kmem_charge_memcg+0x7c/0x130 [ 3324.278136][T21565] ? memcg_kmem_put_cache+0xb0/0xb0 [ 3324.283344][T21565] ? get_mem_cgroup_from_mm+0x128/0x2b0 [ 3324.288897][T21565] __memcg_kmem_charge+0x136/0x300 [ 3324.294032][T21565] __alloc_pages_nodemask+0x4bf/0x8d0 [ 3324.299416][T21565] ? __alloc_pages_slowpath+0x28b0/0x28b0 [ 3324.305152][T21565] ? copy_page_range+0x125a/0x1f90 [ 3324.310278][T21565] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 3324.316529][T21565] alloc_pages_current+0x107/0x210 [ 3324.321672][T21565] pte_alloc_one+0x1b/0x1a0 [ 3324.326179][T21565] __pte_alloc+0x20/0x310 [ 3324.330521][T21565] copy_page_range+0x1529/0x1f90 [ 3324.335471][T21565] ? perf_trace_lock+0xeb/0x510 [ 3324.340333][T21565] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3324.346618][T21565] ? pmd_alloc+0x180/0x180 [ 3324.351048][T21565] ? __rb_insert_augmented+0x231/0xdf0 [ 3324.356603][T21565] ? validate_mm_rb+0xa3/0xc0 [ 3324.361297][T21565] ? __vma_link_rb+0x279/0x370 [ 3324.366082][T21565] copy_process.part.0+0x568b/0x7980 [ 3324.371412][T21565] ? __cleanup_sighand+0x60/0x60 [ 3324.376372][T21565] ? check_stack_object+0x114/0x160 [ 3324.381575][T21565] ? __sanitizer_cov_trace_switch+0x49/0x80 [ 3324.387477][T21565] _do_fork+0x257/0xfd0 [ 3324.391640][T21565] ? fork_idle+0x1d0/0x1d0 [ 3324.396052][T21565] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3324.402277][T21565] ? key_get_type_from_user.constprop.0+0xe4/0x110 [ 3324.408761][T21565] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3324.414989][T21565] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3324.420428][T21565] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3324.426127][T21565] ? do_syscall_64+0x26/0x610 [ 3324.430788][T21565] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3324.436839][T21565] ? do_syscall_64+0x26/0x610 [ 3324.441508][T21565] __x64_sys_clone+0xbf/0x150 [ 3324.446178][T21565] do_syscall_64+0x103/0x610 [ 3324.450762][T21565] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3324.456684][T21565] RIP: 0033:0x2000050a [ 3324.460746][T21565] Code: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 98 4a 2a e9 2c b8 b6 4c 0f 05 03 00 40 00 c4 a3 7b f0 c5 3c 41 e2 e9 c4 22 e9 aa bb 3c 00 00 [ 3324.480379][T21565] RSP: 002b:0000000000400003 EFLAGS: 00000212 ORIG_RAX: 0000000000000038 [ 3324.488797][T21565] RAX: ffffffffffffffda RBX: 0000000000000009 RCX: 000000002000050a [ 3324.496759][T21565] RDX: dfaf83e69c634c96 RSI: 0000000000400003 RDI: 00007f3680240608 [ 3324.504716][T21565] RBP: 0000000000000006 R08: 0000000000000005 R09: 0000000000000006 [ 3324.512760][T21565] R10: 0000000000000007 R11: 0000000000000212 R12: 000000000000000b [ 3324.520733][T21565] R13: 000000000000000c R14: 000000000000000d R15: 00000000ffffffff [ 3324.529354][T21565] memory: usage 307196kB, limit 307200kB, failcnt 9071 [ 3324.537787][T21565] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3324.545413][T21565] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3324.552332][T21565] Memory cgroup stats for /syz0: cache:228KB rss:132016KB rss_huge:96256KB shmem:200KB mapped_file:0KB dirty:0KB writeback:132KB swap:0KB inactive_anon:104KB active_anon:131984KB inactive_file:0KB active_file:0KB unevictable:0KB [ 3324.574494][T21565] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=5727,uid=0 [ 3324.589946][T21565] Memory cgroup out of memory: Killed process 5727 (syz-executor.0) total-vm:72712kB, anon-rss:2228kB, file-rss:35780kB, shmem-rss:0kB [ 3324.611390][T21530] syz-executor.0 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 3324.661694][T21530] CPU: 0 PID: 21530 Comm: syz-executor.0 Not tainted 5.1.0-rc7+ #97 [ 3324.669732][T21530] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3324.679889][T21530] Call Trace: [ 3324.683201][T21530] dump_stack+0x172/0x1f0 [ 3324.687577][T21530] dump_header+0x10f/0xb6c [ 3324.692012][T21530] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 3324.697831][T21530] ? ___ratelimit+0x60/0x595 [ 3324.702429][T21530] ? do_raw_spin_unlock+0x57/0x270 [ 3324.707559][T21530] oom_kill_process.cold+0x10/0x15 [ 3324.712767][T21530] out_of_memory+0x79a/0x1280 [ 3324.717462][T21530] ? oom_killer_disable+0x280/0x280 [ 3324.722661][T21530] ? find_held_lock+0x35/0x130 [ 3324.727478][T21530] mem_cgroup_out_of_memory+0x1ca/0x230 [ 3324.733032][T21530] ? memcg_event_wake+0x230/0x230 [ 3324.738104][T21530] ? do_raw_spin_unlock+0x57/0x270 [ 3324.743233][T21530] ? _raw_spin_unlock+0x2d/0x50 [ 3324.748120][T21530] try_charge+0xa87/0x15c0 [ 3324.752554][T21530] ? find_held_lock+0x35/0x130 [ 3324.757348][T21530] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 3324.762915][T21530] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3324.769185][T21530] ? kasan_check_read+0x11/0x20 [ 3324.774053][T21530] ? get_mem_cgroup_from_mm+0x128/0x2b0 [ 3324.779607][T21530] mem_cgroup_try_charge+0x24d/0x5e0 [ 3324.784908][T21530] mem_cgroup_try_charge_delay+0x1f/0xa0 [ 3324.790565][T21530] wp_page_copy+0x408/0x1740 [ 3324.795157][T21530] ? find_held_lock+0x35/0x130 [ 3324.799938][T21530] ? pmd_pfn+0x1d0/0x1d0 [ 3324.804191][T21530] ? lock_downgrade+0x880/0x880 [ 3324.809042][T21530] ? swp_swapcount+0x540/0x540 [ 3324.813791][T21530] ? kasan_check_read+0x11/0x20 [ 3324.818624][T21530] ? do_raw_spin_unlock+0x57/0x270 [ 3324.823740][T21530] do_wp_page+0x48e/0x1500 [ 3324.828248][T21530] ? finish_mkwrite_fault+0x4f0/0x4f0 [ 3324.833610][T21530] __handle_mm_fault+0x22e8/0x3ec0 [ 3324.838737][T21530] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 3324.844281][T21530] ? find_held_lock+0x35/0x130 [ 3324.849065][T21530] ? handle_mm_fault+0x322/0xb30 [ 3324.854006][T21530] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3324.860343][T21530] ? kasan_check_read+0x11/0x20 [ 3324.865228][T21530] handle_mm_fault+0x43f/0xb30 [ 3324.870007][T21530] __do_page_fault+0x5ef/0xda0 [ 3324.874765][T21530] do_page_fault+0x71/0x581 [ 3324.879267][T21530] page_fault+0x1e/0x30 [ 3324.883423][T21530] RIP: 0010:__put_user_4+0x1c/0x30 [ 3324.888527][T21530] Code: 1f 00 c3 90 66 2e 0f 1f 84 00 00 00 00 00 65 48 8b 1c 25 00 ee 01 00 48 8b 9b 18 14 00 00 48 83 eb 03 48 39 d9 73 3c 0f 1f 00 <89> 01 31 c0 0f 1f 00 c3 66 90 66 2e 0f 1f 84 00 00 00 00 00 65 48 [ 3324.908118][T21530] RSP: 0018:ffff88804cc57ed0 EFLAGS: 00010293 [ 3324.914167][T21530] RAX: 0000000000000000 RBX: 00007fffffffeffd RCX: 00007f3680240608 [ 3324.922223][T21530] RDX: 0000000000000000 RSI: ffffffff819ace93 RDI: 0000000000000286 [ 3324.930217][T21530] RBP: ffff88804cc57f10 R08: ffff88802b54c0c0 R09: 0000000000000001 [ 3324.938208][T21530] R10: ffff88802b54c940 R11: ffff88802b54c0c0 R12: 0000000000000000 [ 3324.946193][T21530] R13: 00007f3680240608 R14: 0000000000400003 R15: 0000000000000000 [ 3324.954175][T21530] ? __might_fault+0x1a3/0x1e0 [ 3324.958942][T21530] ? __x64_sys_getresgid+0x1aa/0x290 [ 3324.964234][T21530] ? trace_hardirqs_on+0x67/0x230 [ 3324.969275][T21530] do_syscall_64+0x103/0x610 [ 3324.973857][T21530] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3324.979752][T21530] RIP: 0033:0x2000050a [ 3324.983821][T21530] Code: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 98 4a 2a e9 2c b8 b6 4c 0f 05 03 00 40 00 c4 a3 7b f0 c5 3c 41 e2 e9 c4 22 e9 aa bb 3c 00 00 [ 3325.003963][T21530] RSP: 002b:0000000000400003 EFLAGS: 00000217 ORIG_RAX: 0000000000000078 [ 3325.012376][T21530] RAX: ffffffffffffffda RBX: 0000000000000009 RCX: 000000002000050a [ 3325.020360][T21530] RDX: dfaf83e69c634c96 RSI: 0000000000400003 RDI: 00007f3680240608 [ 3325.028336][T21530] RBP: 00000000000000fa R08: 0000000000000005 R09: 0000000000000006 [ 3325.036316][T21530] R10: 0000000000000007 R11: 0000000000000217 R12: 000000000000000b [ 3325.044295][T21530] R13: 000000000000000c R14: 000000000000000d R15: 00000000ffffffff [ 3325.052719][T21530] memory: usage 307200kB, limit 307200kB, failcnt 9181 [ 3325.061083][T21530] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3325.068976][T21530] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3325.076031][T21530] Memory cgroup stats for /syz0: cache:228KB rss:129892KB rss_huge:94208KB shmem:200KB mapped_file:0KB dirty:0KB writeback:132KB swap:0KB inactive_anon:104KB active_anon:129844KB inactive_file:0KB active_file:0KB unevictable:0KB [ 3325.098463][T21530] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=5778,uid=0 [ 3325.115166][T21530] Memory cgroup out of memory: Killed process 5778 (syz-executor.0) total-vm:72712kB, anon-rss:2228kB, file-rss:35780kB, shmem-rss:0kB [ 3325.137012][T21482] syz-executor.0 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=0, oom_score_adj=1000 [ 3325.165843][T21482] CPU: 1 PID: 21482 Comm: syz-executor.0 Not tainted 5.1.0-rc7+ #97 [ 3325.173888][T21482] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3325.183969][T21482] Call Trace: [ 3325.187513][T21482] dump_stack+0x172/0x1f0 [ 3325.191862][T21482] dump_header+0x10f/0xb6c [ 3325.196298][T21482] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 3325.202114][T21482] ? ___ratelimit+0x60/0x595 [ 3325.206717][T21482] ? do_raw_spin_unlock+0x57/0x270 [ 3325.211851][T21482] oom_kill_process.cold+0x10/0x15 [ 3325.216988][T21482] out_of_memory+0x79a/0x1280 [ 3325.221684][T21482] ? oom_killer_disable+0x280/0x280 [ 3325.226940][T21482] ? find_held_lock+0x35/0x130 [ 3325.231726][T21482] mem_cgroup_out_of_memory+0x1ca/0x230 [ 3325.237300][T21482] ? memcg_event_wake+0x230/0x230 [ 3325.242344][T21482] ? do_raw_spin_unlock+0x57/0x270 [ 3325.247483][T21482] ? _raw_spin_unlock+0x2d/0x50 [ 3325.252350][T21482] try_charge+0xa87/0x15c0 [ 3325.256781][T21482] ? find_held_lock+0x35/0x130 [ 3325.261557][T21482] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 3325.267112][T21482] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 3325.272665][T21482] ? find_held_lock+0x35/0x130 [ 3325.277446][T21482] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 3325.283035][T21482] __memcg_kmem_charge_memcg+0x7c/0x130 [ 3325.288593][T21482] ? memcg_kmem_put_cache+0xb0/0xb0 [ 3325.293801][T21482] ? get_mem_cgroup_from_mm+0x128/0x2b0 [ 3325.299362][T21482] __memcg_kmem_charge+0x136/0x300 [ 3325.304485][T21482] __alloc_pages_nodemask+0x4bf/0x8d0 [ 3325.309860][T21482] ? __alloc_pages_slowpath+0x28b0/0x28b0 [ 3325.315594][T21482] ? copy_page_range+0x125a/0x1f90 [ 3325.320709][T21482] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 3325.327220][T21482] alloc_pages_current+0x107/0x210 [ 3325.332345][T21482] pte_alloc_one+0x1b/0x1a0 [ 3325.336865][T21482] __pte_alloc+0x20/0x310 [ 3325.341206][T21482] copy_page_range+0x1529/0x1f90 [ 3325.346159][T21482] ? perf_trace_lock+0xeb/0x510 [ 3325.351023][T21482] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3325.357329][T21482] ? pmd_alloc+0x180/0x180 [ 3325.361781][T21482] ? __rb_insert_augmented+0x231/0xdf0 [ 3325.367348][T21482] ? validate_mm_rb+0xa3/0xc0 [ 3325.372039][T21482] ? __vma_link_rb+0x279/0x370 [ 3325.376814][T21482] copy_process.part.0+0x568b/0x7980 [ 3325.382145][T21482] ? __cleanup_sighand+0x60/0x60 [ 3325.387106][T21482] ? check_stack_object+0x114/0x160 [ 3325.392312][T21482] ? __sanitizer_cov_trace_switch+0x49/0x80 [ 3325.398216][T21482] _do_fork+0x257/0xfd0 [ 3325.402387][T21482] ? fork_idle+0x1d0/0x1d0 [ 3325.406804][T21482] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3325.413046][T21482] ? key_get_type_from_user.constprop.0+0xe4/0x110 [ 3325.419560][T21482] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3325.425805][T21482] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3325.431267][T21482] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3325.436755][T21482] ? do_syscall_64+0x26/0x610 [ 3325.441443][T21482] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3325.447520][T21482] ? do_syscall_64+0x26/0x610 [ 3325.452213][T21482] __x64_sys_clone+0xbf/0x150 [ 3325.456899][T21482] do_syscall_64+0x103/0x610 [ 3325.461595][T21482] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3325.467490][T21482] RIP: 0033:0x2000050a [ 3325.471557][T21482] Code: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 98 4a 2a e9 2c b8 b6 4c 0f 05 03 00 40 00 c4 a3 7b f0 c5 3c 41 e2 e9 c4 22 e9 aa bb 3c 00 00 [ 3325.491165][T21482] RSP: 002b:0000000000400003 EFLAGS: 00000212 ORIG_RAX: 0000000000000038 [ 3325.499584][T21482] RAX: ffffffffffffffda RBX: 0000000000000009 RCX: 000000002000050a [ 3325.507561][T21482] RDX: dfaf83e69c634c96 RSI: 0000000000400003 RDI: 00007f3680240608 [ 3325.515820][T21482] RBP: 0000000000000006 R08: 0000000000000005 R09: 0000000000000006 [ 3325.523800][T21482] R10: 0000000000000007 R11: 0000000000000212 R12: 000000000000000b [ 3325.531776][T21482] R13: 000000000000000c R14: 000000000000000d R15: 00000000ffffffff [ 3325.549376][T21482] memory: usage 307176kB, limit 307200kB, failcnt 9280 [ 3325.556480][T21482] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3325.564632][T21482] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3325.571701][T21482] Memory cgroup stats for /syz0: cache:228KB rss:127744KB rss_huge:92160KB shmem:200KB mapped_file:0KB dirty:0KB writeback:132KB swap:0KB inactive_anon:104KB active_anon:127680KB inactive_file:0KB active_file:0KB unevictable:0KB [ 3325.594010][T21482] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=5883,uid=0 [ 3325.609548][T21482] Memory cgroup out of memory: Killed process 5883 (syz-executor.0) total-vm:72712kB, anon-rss:2228kB, file-rss:35780kB, shmem-rss:0kB [ 3325.630947][T21428] syz-executor.0 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=0, oom_score_adj=1000 [ 3325.660442][T21428] CPU: 1 PID: 21428 Comm: syz-executor.0 Not tainted 5.1.0-rc7+ #97 [ 3325.668469][T21428] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3325.678534][T21428] Call Trace: [ 3325.681839][T21428] dump_stack+0x172/0x1f0 [ 3325.686183][T21428] dump_header+0x10f/0xb6c [ 3325.690612][T21428] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 3325.696430][T21428] ? ___ratelimit+0x60/0x595 [ 3325.701034][T21428] ? do_raw_spin_unlock+0x57/0x270 [ 3325.706161][T21428] oom_kill_process.cold+0x10/0x15 [ 3325.711287][T21428] out_of_memory+0x79a/0x1280 [ 3325.716066][T21428] ? oom_killer_disable+0x280/0x280 [ 3325.721263][T21428] ? find_held_lock+0x35/0x130 [ 3325.726046][T21428] mem_cgroup_out_of_memory+0x1ca/0x230 [ 3325.731602][T21428] ? memcg_event_wake+0x230/0x230 [ 3325.736646][T21428] ? do_raw_spin_unlock+0x57/0x270 [ 3325.741790][T21428] ? _raw_spin_unlock+0x2d/0x50 [ 3325.746767][T21428] try_charge+0xa87/0x15c0 [ 3325.751198][T21428] ? find_held_lock+0x35/0x130 [ 3325.755994][T21428] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 3325.761558][T21428] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 3325.767112][T21428] ? find_held_lock+0x35/0x130 [ 3325.771891][T21428] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 3325.777478][T21428] __memcg_kmem_charge_memcg+0x7c/0x130 [ 3325.783039][T21428] ? memcg_kmem_put_cache+0xb0/0xb0 [ 3325.788255][T21428] ? get_mem_cgroup_from_mm+0x128/0x2b0 [ 3325.793819][T21428] __memcg_kmem_charge+0x136/0x300 [ 3325.798962][T21428] __alloc_pages_nodemask+0x4bf/0x8d0 [ 3325.804345][T21428] ? __alloc_pages_slowpath+0x28b0/0x28b0 [ 3325.810081][T21428] ? copy_page_range+0x125a/0x1f90 [ 3325.815197][T21428] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 3325.821446][T21428] alloc_pages_current+0x107/0x210 [ 3325.826566][T21428] pte_alloc_one+0x1b/0x1a0 [ 3325.831076][T21428] __pte_alloc+0x20/0x310 [ 3325.835426][T21428] copy_page_range+0x1529/0x1f90 [ 3325.840377][T21428] ? perf_trace_lock+0xeb/0x510 [ 3325.845245][T21428] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3325.851533][T21428] ? pmd_alloc+0x180/0x180 [ 3325.855966][T21428] ? __rb_insert_augmented+0x231/0xdf0 [ 3325.861435][T21428] ? validate_mm_rb+0xa3/0xc0 [ 3325.866112][T21428] ? __vma_link_rb+0x279/0x370 [ 3325.870874][T21428] copy_process.part.0+0x568b/0x7980 [ 3325.876166][T21428] ? __cleanup_sighand+0x60/0x60 [ 3325.881093][T21428] ? check_stack_object+0x114/0x160 [ 3325.886292][T21428] ? __sanitizer_cov_trace_switch+0x49/0x80 [ 3325.892173][T21428] _do_fork+0x257/0xfd0 [ 3325.896315][T21428] ? fork_idle+0x1d0/0x1d0 [ 3325.900731][T21428] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3325.906975][T21428] ? key_get_type_from_user.constprop.0+0xe4/0x110 [ 3325.913482][T21428] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3325.919726][T21428] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3325.925180][T21428] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3325.930630][T21428] ? do_syscall_64+0x26/0x610 [ 3325.935297][T21428] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3325.941355][T21428] ? do_syscall_64+0x26/0x610 [ 3325.946028][T21428] __x64_sys_clone+0xbf/0x150 [ 3325.950975][T21428] do_syscall_64+0x103/0x610 [ 3325.955561][T21428] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3325.961445][T21428] RIP: 0033:0x2000050a [ 3325.965535][T21428] Code: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 98 4a 2a e9 2c b8 b6 4c 0f 05 03 00 40 00 c4 a3 7b f0 c5 3c 41 e2 e9 c4 22 e9 aa bb 3c 00 00 [ 3325.985306][T21428] RSP: 002b:0000000000400003 EFLAGS: 00000212 ORIG_RAX: 0000000000000038 [ 3325.993704][T21428] RAX: ffffffffffffffda RBX: 0000000000000009 RCX: 000000002000050a [ 3326.001661][T21428] RDX: dfaf83e69c634c96 RSI: 0000000000400003 RDI: 00007f3680240608 [ 3326.009640][T21428] RBP: 0000000000000006 R08: 0000000000000005 R09: 0000000000000006 [ 3326.017599][T21428] R10: 0000000000000007 R11: 0000000000000212 R12: 000000000000000b [ 3326.025561][T21428] R13: 000000000000000c R14: 000000000000000d R15: 00000000ffffffff [ 3326.037949][T21428] memory: usage 307100kB, limit 307200kB, failcnt 9405 [ 3326.045207][T21428] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3326.053217][T21428] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3326.064652][T21428] Memory cgroup stats for /syz0: cache:228KB rss:125608KB rss_huge:90112KB shmem:200KB mapped_file:0KB dirty:0KB writeback:132KB swap:0KB inactive_anon:104KB active_anon:125540KB inactive_file:0KB active_file:0KB unevictable:0KB [ 3326.086775][T21428] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=5930,uid=0 [ 3326.102741][T21428] Memory cgroup out of memory: Killed process 5930 (syz-executor.0) total-vm:72712kB, anon-rss:2228kB, file-rss:35780kB, shmem-rss:0kB [ 3326.118475][ T1043] oom_reaper: reaped process 5930 (syz-executor.0), now anon-rss:0kB, file-rss:34820kB, shmem-rss:0kB [ 3326.135868][T21520] syz-executor.0 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=0, oom_score_adj=1000 [ 3326.169253][T21520] CPU: 1 PID: 21520 Comm: syz-executor.0 Not tainted 5.1.0-rc7+ #97 [ 3326.177293][T21520] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3326.187456][T21520] Call Trace: [ 3326.190773][T21520] dump_stack+0x172/0x1f0 [ 3326.195121][T21520] dump_header+0x10f/0xb6c [ 3326.199551][T21520] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 3326.205369][T21520] ? ___ratelimit+0x60/0x595 [ 3326.209976][T21520] ? do_raw_spin_unlock+0x57/0x270 [ 3326.215100][T21520] oom_kill_process.cold+0x10/0x15 [ 3326.220226][T21520] out_of_memory+0x79a/0x1280 [ 3326.224919][T21520] ? oom_killer_disable+0x280/0x280 [ 3326.230126][T21520] ? find_held_lock+0x35/0x130 [ 3326.234926][T21520] mem_cgroup_out_of_memory+0x1ca/0x230 [ 3326.240502][T21520] ? memcg_event_wake+0x230/0x230 [ 3326.245557][T21520] ? do_raw_spin_unlock+0x57/0x270 [ 3326.250691][T21520] ? _raw_spin_unlock+0x2d/0x50 [ 3326.255658][T21520] try_charge+0xa87/0x15c0 [ 3326.260090][T21520] ? find_held_lock+0x35/0x130 [ 3326.264880][T21520] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 3326.270439][T21520] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 3326.275997][T21520] ? find_held_lock+0x35/0x130 [ 3326.280779][T21520] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 3326.286347][T21520] __memcg_kmem_charge_memcg+0x7c/0x130 [ 3326.291896][T21520] ? memcg_kmem_put_cache+0xb0/0xb0 [ 3326.297110][T21520] ? get_mem_cgroup_from_mm+0x128/0x2b0 [ 3326.302671][T21520] __memcg_kmem_charge+0x136/0x300 [ 3326.307801][T21520] __alloc_pages_nodemask+0x4bf/0x8d0 [ 3326.313188][T21520] ? __alloc_pages_slowpath+0x28b0/0x28b0 [ 3326.318926][T21520] ? is_dynamic_key+0x1c0/0x1c0 [ 3326.323793][T21520] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 3326.330049][T21520] alloc_pages_current+0x107/0x210 [ 3326.335176][T21520] pte_alloc_one+0x1b/0x1a0 [ 3326.339695][T21520] __handle_mm_fault+0x3491/0x3ec0 [ 3326.344960][T21520] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 3326.350782][T21520] ? find_held_lock+0x35/0x130 [ 3326.355563][T21520] ? handle_mm_fault+0x322/0xb30 [ 3326.360527][T21520] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3326.366790][T21520] ? kasan_check_read+0x11/0x20 [ 3326.371758][T21520] handle_mm_fault+0x43f/0xb30 [ 3326.376544][T21520] __do_page_fault+0x5ef/0xda0 [ 3326.381329][T21520] do_page_fault+0x71/0x581 [ 3326.385843][T21520] page_fault+0x1e/0x30 [ 3326.390001][T21520] RIP: 0010:strncpy_from_user+0x1e1/0x380 [ 3326.395725][T21520] Code: 48 83 eb 08 bf 07 00 00 00 49 83 c4 08 48 89 de e8 54 fb 2d fe 48 83 fb 07 0f 86 17 01 00 00 e8 a5 f9 2d fe 48 8b 45 d0 31 f6 <4e> 8b 3c 20 31 ff 89 75 cc e8 11 fb 2d fe 8b 75 cc 85 f6 0f 84 5a [ 3326.415348][T21520] RSP: 0018:ffff88821539fcb0 EFLAGS: 00010246 [ 3326.421413][T21520] RAX: 0000000000400003 RBX: 0000000000000fe0 RCX: ffffffff83429272 [ 3326.429374][T21520] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000007 [ 3326.437339][T21520] RBP: ffff88821539fce8 R08: ffff8880299d4700 R09: ffff8880aa594dc0 [ 3326.445420][T21520] R10: 000000000000001c R11: ffff88801495973f R12: 0000000000000000 [ 3326.453386][T21520] R13: ffff888014958760 R14: 0000000000000fe0 R15: 00007ffffffff000 [ 3326.461482][T21520] ? strncpy_from_user+0x142/0x380 [ 3326.466626][T21520] getname_flags+0x11b/0x5b0 [ 3326.471213][T21520] do_renameat2+0x199/0xc40 [ 3326.475717][T21520] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3326.481978][T21520] ? debug_smp_processor_id+0x3c/0x280 [ 3326.487455][T21520] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 3326.493172][T21520] ? user_path_create+0x50/0x50 [ 3326.498039][T21520] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3326.504279][T21520] ? security_capable+0x9b/0xd0 [ 3326.509114][T21520] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3326.515347][T21520] ? ns_capable_common+0x93/0x100 [ 3326.520369][T21520] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3326.525811][T21520] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3326.531251][T21520] ? do_syscall_64+0x26/0x610 [ 3326.535943][T21520] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3326.542019][T21520] ? do_syscall_64+0x26/0x610 [ 3326.546692][T21520] __x64_sys_renameat+0x9a/0x100 [ 3326.551635][T21520] do_syscall_64+0x103/0x610 [ 3326.556248][T21520] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3326.562181][T21520] RIP: 0033:0x2000050a [ 3326.566244][T21520] Code: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 98 4a 2a e9 2c b8 b6 4c 0f 05 03 00 40 00 c4 a3 7b f0 c5 3c 41 e2 e9 c4 22 e9 aa bb 3c 00 00 [ 3326.585843][T21520] RSP: 002b:0000000000400003 EFLAGS: 00000212 ORIG_RAX: 0000000000000108 [ 3326.594253][T21520] RAX: ffffffffffffffda RBX: 0000000000000009 RCX: 000000002000050a [ 3326.602230][T21520] RDX: dfaf83e69c634c96 RSI: 0000000000400003 RDI: 00007f3680240608 [ 3326.610194][T21520] RBP: 0000000000000013 R08: 0000000000000005 R09: 0000000000000006 [ 3326.618166][T21520] R10: 0000000000000007 R11: 0000000000000212 R12: 000000000000000b [ 3326.626141][T21520] R13: 000000000000000c R14: 000000000000000d R15: 00000000ffffffff [ 3326.641755][T21520] memory: usage 307128kB, limit 307200kB, failcnt 9524 [ 3326.648661][T21520] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3326.656348][T21520] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3326.663522][T21520] Memory cgroup stats for /syz0: cache:228KB rss:123472KB rss_huge:88064KB shmem:200KB mapped_file:0KB dirty:0KB writeback:132KB swap:0KB inactive_anon:104KB active_anon:123444KB inactive_file:0KB active_file:0KB unevictable:0KB [ 3326.685790][T21520] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=6144,uid=0 [ 3326.701140][T21520] Memory cgroup out of memory: Killed process 6144 (syz-executor.0) total-vm:72712kB, anon-rss:2228kB, file-rss:35780kB, shmem-rss:0kB [ 3326.717575][ T1043] oom_reaper: reaped process 6144 (syz-executor.0), now anon-rss:0kB, file-rss:34820kB, shmem-rss:0kB [ 3326.737077][T21567] syz-executor.0 invoked oom-killer: gfp_mask=0x40cc0(GFP_KERNEL|__GFP_COMP), order=0, oom_score_adj=1000 [ 3326.797408][T21567] CPU: 0 PID: 21567 Comm: syz-executor.0 Not tainted 5.1.0-rc7+ #97 [ 3326.805445][T21567] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3326.815509][T21567] Call Trace: [ 3326.818817][T21567] dump_stack+0x172/0x1f0 [ 3326.823166][T21567] dump_header+0x10f/0xb6c [ 3326.827597][T21567] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 3326.833416][T21567] ? ___ratelimit+0x60/0x595 [ 3326.838024][T21567] ? do_raw_spin_unlock+0x57/0x270 [ 3326.843162][T21567] oom_kill_process.cold+0x10/0x15 [ 3326.848290][T21567] out_of_memory+0x79a/0x1280 [ 3326.852989][T21567] ? oom_killer_disable+0x280/0x280 [ 3326.858198][T21567] ? find_held_lock+0x35/0x130 [ 3326.862976][T21567] mem_cgroup_out_of_memory+0x1ca/0x230 [ 3326.868510][T21567] ? memcg_event_wake+0x230/0x230 [ 3326.873536][T21567] ? do_raw_spin_unlock+0x57/0x270 [ 3326.878656][T21567] ? _raw_spin_unlock+0x2d/0x50 [ 3326.883513][T21567] try_charge+0x102c/0x15c0 [ 3326.888001][T21567] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 3326.894236][T21567] ? should_fail+0x1de/0x852 [ 3326.898821][T21567] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 3326.904373][T21567] ? rcu_read_lock_sched_held+0x110/0x130 [ 3326.910084][T21567] ? __alloc_pages_nodemask+0x61d/0x8d0 [ 3326.915611][T21567] ? __lockdep_free_key_range+0x120/0x120 [ 3326.921327][T21567] __memcg_kmem_charge_memcg+0x7c/0x130 [ 3326.926873][T21567] ? memcg_kmem_put_cache+0xb0/0xb0 [ 3326.932075][T21567] ? cache_grow_begin+0x594/0x860 [ 3326.937086][T21567] ? lockdep_hardirqs_on+0x418/0x5d0 [ 3326.942387][T21567] ? trace_hardirqs_on+0x67/0x230 [ 3326.947419][T21567] cache_grow_begin+0x5c0/0x860 [ 3326.952273][T21567] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 3326.958519][T21567] ? __cpuset_node_allowed+0x136/0x540 [ 3326.964064][T21567] fallback_alloc+0x1fd/0x2d0 [ 3326.968730][T21567] ____cache_alloc_node+0x1be/0x1e0 [ 3326.973913][T21567] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 3326.980165][T21567] kmem_cache_alloc+0x1e8/0x6f0 [ 3326.985000][T21567] ? call_rwsem_wake+0x1b/0x30 [ 3326.989752][T21567] anon_vma_clone+0x238/0x480 [ 3326.994436][T21567] anon_vma_fork+0x8f/0x4a0 [ 3326.998927][T21567] ? dup_userfaultfd+0x15e/0x6d0 [ 3327.003861][T21567] ? memcpy+0x46/0x50 [ 3327.007836][T21567] copy_process.part.0+0x350f/0x7980 [ 3327.013129][T21567] ? __cleanup_sighand+0x60/0x60 [ 3327.018057][T21567] ? check_stack_object+0x114/0x160 [ 3327.023245][T21567] ? __sanitizer_cov_trace_switch+0x49/0x80 [ 3327.029126][T21567] _do_fork+0x257/0xfd0 [ 3327.033268][T21567] ? fork_idle+0x1d0/0x1d0 [ 3327.037666][T21567] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3327.044016][T21567] ? key_get_type_from_user.constprop.0+0xe4/0x110 [ 3327.050504][T21567] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3327.056728][T21567] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3327.062177][T21567] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3327.067641][T21567] ? do_syscall_64+0x26/0x610 [ 3327.072306][T21567] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3327.078373][T21567] ? do_syscall_64+0x26/0x610 [ 3327.083047][T21567] __x64_sys_clone+0xbf/0x150 [ 3327.087713][T21567] do_syscall_64+0x103/0x610 [ 3327.092293][T21567] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3327.098191][T21567] RIP: 0033:0x2000050a [ 3327.102246][T21567] Code: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 98 4a 2a e9 2c b8 b6 4c 0f 05 03 00 40 00 c4 a3 7b f0 c5 3c 41 e2 e9 c4 22 e9 aa bb 3c 00 00 [ 3327.121838][T21567] RSP: 002b:0000000000400003 EFLAGS: 00000212 ORIG_RAX: 0000000000000038 [ 3327.130241][T21567] RAX: ffffffffffffffda RBX: 0000000000000009 RCX: 000000002000050a [ 3327.138204][T21567] RDX: dfaf83e69c634c96 RSI: 0000000000400003 RDI: 00007f3680240608 [ 3327.146165][T21567] RBP: 0000000000000006 R08: 0000000000000005 R09: 0000000000000006 [ 3327.154124][T21567] R10: 0000000000000007 R11: 0000000000000212 R12: 000000000000000b [ 3327.162085][T21567] R13: 000000000000000c R14: 000000000000000d R15: 00000000ffffffff [ 3327.170382][T21567] memory: usage 307200kB, limit 307200kB, failcnt 9660 [ 3327.177349][T21567] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3327.184929][T21567] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3327.191853][T21567] Memory cgroup stats for /syz0: cache:228KB rss:121328KB rss_huge:86016KB shmem:200KB mapped_file:0KB dirty:0KB writeback:132KB swap:0KB inactive_anon:104KB active_anon:121300KB inactive_file:0KB active_file:0KB unevictable:0KB [ 3327.214192][T21567] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=13235,uid=0 [ 3327.229706][T21567] Memory cgroup out of memory: Killed process 13235 (syz-executor.0) total-vm:72580kB, anon-rss:2220kB, file-rss:35788kB, shmem-rss:0kB [ 3327.248177][ T1043] oom_reaper: reaped process 13235 (syz-executor.0), now anon-rss:0kB, file-rss:34828kB, shmem-rss:0kB [ 3327.331306][T21424] syz-executor.0 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 3327.361415][T21424] CPU: 1 PID: 21424 Comm: syz-executor.0 Not tainted 5.1.0-rc7+ #97 [ 3327.369448][T21424] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3327.379516][T21424] Call Trace: [ 3327.382828][T21424] dump_stack+0x172/0x1f0 [ 3327.387175][T21424] dump_header+0x10f/0xb6c [ 3327.391600][T21424] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 3327.397416][T21424] ? ___ratelimit+0x60/0x595 [ 3327.402033][T21424] ? do_raw_spin_unlock+0x57/0x270 [ 3327.407181][T21424] oom_kill_process.cold+0x10/0x15 [ 3327.412298][T21424] out_of_memory+0x79a/0x1280 [ 3327.416996][T21424] ? oom_killer_disable+0x280/0x280 [ 3327.422187][T21424] ? find_held_lock+0x35/0x130 [ 3327.426945][T21424] mem_cgroup_out_of_memory+0x1ca/0x230 [ 3327.432487][T21424] ? memcg_event_wake+0x230/0x230 [ 3327.437527][T21424] ? do_raw_spin_unlock+0x57/0x270 [ 3327.442634][T21424] ? _raw_spin_unlock+0x2d/0x50 [ 3327.447468][T21424] try_charge+0xa87/0x15c0 [ 3327.451880][T21424] ? find_held_lock+0x35/0x130 [ 3327.456667][T21424] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 3327.462217][T21424] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3327.468494][T21424] ? kasan_check_read+0x11/0x20 [ 3327.473358][T21424] ? get_mem_cgroup_from_mm+0x128/0x2b0 [ 3327.478903][T21424] mem_cgroup_try_charge+0x24d/0x5e0 [ 3327.484201][T21424] mem_cgroup_try_charge_delay+0x1f/0xa0 [ 3327.489824][T21424] wp_page_copy+0x408/0x1740 [ 3327.494413][T21424] ? find_held_lock+0x35/0x130 [ 3327.499177][T21424] ? pmd_pfn+0x1d0/0x1d0 [ 3327.503408][T21424] ? lock_downgrade+0x880/0x880 [ 3327.508253][T21424] ? swp_swapcount+0x540/0x540 [ 3327.513018][T21424] ? kasan_check_read+0x11/0x20 [ 3327.517876][T21424] ? do_raw_spin_unlock+0x57/0x270 [ 3327.522988][T21424] do_wp_page+0x48e/0x1500 [ 3327.527394][T21424] ? finish_mkwrite_fault+0x4f0/0x4f0 [ 3327.532784][T21424] __handle_mm_fault+0x22e8/0x3ec0 [ 3327.537911][T21424] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 3327.543463][T21424] ? find_held_lock+0x35/0x130 [ 3327.548219][T21424] ? handle_mm_fault+0x322/0xb30 [ 3327.553165][T21424] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3327.559403][T21424] ? kasan_check_read+0x11/0x20 [ 3327.564258][T21424] handle_mm_fault+0x43f/0xb30 [ 3327.569010][T21424] __do_page_fault+0x5ef/0xda0 [ 3327.573783][T21424] do_page_fault+0x71/0x581 [ 3327.578297][T21424] page_fault+0x1e/0x30 [ 3327.582454][T21424] RIP: 0010:__put_user_4+0x1c/0x30 [ 3327.587565][T21424] Code: 1f 00 c3 90 66 2e 0f 1f 84 00 00 00 00 00 65 48 8b 1c 25 00 ee 01 00 48 8b 9b 18 14 00 00 48 83 eb 03 48 39 d9 73 3c 0f 1f 00 <89> 01 31 c0 0f 1f 00 c3 66 90 66 2e 0f 1f 84 00 00 00 00 00 65 48 [ 3327.607950][T21424] RSP: 0018:ffff8881f745fed0 EFLAGS: 00010293 [ 3327.614021][T21424] RAX: 0000000000000000 RBX: 00007fffffffeffd RCX: 00007f3680240608 [ 3327.621995][T21424] RDX: 0000000000000000 RSI: ffffffff819ace93 RDI: 0000000000000286 [ 3327.629961][T21424] RBP: ffff8881f745ff10 R08: ffff8880591c2540 R09: 0000000000000001 [ 3327.637942][T21424] R10: ffff8880591c2dc0 R11: ffff8880591c2540 R12: 0000000000000000 [ 3327.645920][T21424] R13: 00007f3680240608 R14: 0000000000400003 R15: 0000000000000000 [ 3327.653927][T21424] ? __might_fault+0x1a3/0x1e0 [ 3327.659660][T21424] ? __x64_sys_getresgid+0x1aa/0x290 [ 3327.664939][T21424] ? trace_hardirqs_on+0x67/0x230 [ 3327.669955][T21424] do_syscall_64+0x103/0x610 [ 3327.674549][T21424] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3327.680432][T21424] RIP: 0033:0x2000050a [ 3327.684517][T21424] Code: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 98 4a 2a e9 2c b8 b6 4c 0f 05 03 00 40 00 c4 a3 7b f0 c5 3c 41 e2 e9 c4 22 e9 aa bb 3c 00 00 [ 3327.704112][T21424] RSP: 002b:0000000000400003 EFLAGS: 00000217 ORIG_RAX: 0000000000000078 [ 3327.712553][T21424] RAX: ffffffffffffffda RBX: 0000000000000009 RCX: 000000002000050a [ 3327.720808][T21424] RDX: dfaf83e69c634c96 RSI: 0000000000400003 RDI: 00007f3680240608 [ 3327.728778][T21424] RBP: 00000000000000fa R08: 0000000000000005 R09: 0000000000000006 [ 3327.736753][T21424] R10: 0000000000000007 R11: 0000000000000217 R12: 000000000000000b [ 3327.744730][T21424] R13: 000000000000000c R14: 000000000000000d R15: 00000000ffffffff [ 3327.761716][T21424] memory: usage 307040kB, limit 307200kB, failcnt 9901 [ 3327.768614][T21424] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3327.776255][T21424] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3327.783212][T21424] Memory cgroup stats for /syz0: cache:228KB rss:119208KB rss_huge:83968KB shmem:200KB mapped_file:0KB dirty:0KB writeback:132KB swap:0KB inactive_anon:104KB active_anon:119176KB inactive_file:0KB active_file:0KB unevictable:0KB [ 3327.805403][T21424] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=12753,uid=0 [ 3327.820852][T21424] Memory cgroup out of memory: Killed process 12753 (syz-executor.0) total-vm:72580kB, anon-rss:2212kB, file-rss:35792kB, shmem-rss:0kB [ 3327.843438][ T1043] oom_reaper: reaped process 12753 (syz-executor.0), now anon-rss:0kB, file-rss:34832kB, shmem-rss:0kB [ 3327.865342][T21483] syz-executor.0 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=0, oom_score_adj=1000 [ 3327.913494][T21483] CPU: 0 PID: 21483 Comm: syz-executor.0 Not tainted 5.1.0-rc7+ #97 [ 3327.921538][T21483] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3327.931608][T21483] Call Trace: [ 3327.934955][T21483] dump_stack+0x172/0x1f0 [ 3327.939297][T21483] dump_header+0x10f/0xb6c [ 3327.943727][T21483] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 3327.949541][T21483] ? ___ratelimit+0x60/0x595 [ 3327.954145][T21483] ? do_raw_spin_unlock+0x57/0x270 [ 3327.959262][T21483] oom_kill_process.cold+0x10/0x15 [ 3327.964373][T21483] out_of_memory+0x79a/0x1280 [ 3327.969047][T21483] ? oom_killer_disable+0x280/0x280 [ 3327.974278][T21483] ? find_held_lock+0x35/0x130 [ 3327.979298][T21483] mem_cgroup_out_of_memory+0x1ca/0x230 [ 3327.984832][T21483] ? memcg_event_wake+0x230/0x230 [ 3327.989857][T21483] ? do_raw_spin_unlock+0x57/0x270 [ 3327.994958][T21483] ? _raw_spin_unlock+0x2d/0x50 [ 3328.000012][T21483] try_charge+0xa87/0x15c0 [ 3328.004409][T21483] ? find_held_lock+0x35/0x130 [ 3328.009164][T21483] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 3328.014698][T21483] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 3328.020228][T21483] ? find_held_lock+0x35/0x130 [ 3328.024980][T21483] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 3328.030517][T21483] __memcg_kmem_charge_memcg+0x7c/0x130 [ 3328.036046][T21483] ? memcg_kmem_put_cache+0xb0/0xb0 [ 3328.041228][T21483] ? get_mem_cgroup_from_mm+0x128/0x2b0 [ 3328.046761][T21483] __memcg_kmem_charge+0x136/0x300 [ 3328.051860][T21483] __alloc_pages_nodemask+0x4bf/0x8d0 [ 3328.057398][T21483] ? __alloc_pages_slowpath+0x28b0/0x28b0 [ 3328.063305][T21483] ? is_dynamic_key+0x1c0/0x1c0 [ 3328.068163][T21483] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 3328.074393][T21483] alloc_pages_current+0x107/0x210 [ 3328.079669][T21483] pte_alloc_one+0x1b/0x1a0 [ 3328.084157][T21483] __handle_mm_fault+0x3491/0x3ec0 [ 3328.089263][T21483] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 3328.094796][T21483] ? find_held_lock+0x35/0x130 [ 3328.099547][T21483] ? handle_mm_fault+0x322/0xb30 [ 3328.104490][T21483] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3328.110719][T21483] ? kasan_check_read+0x11/0x20 [ 3328.115558][T21483] handle_mm_fault+0x43f/0xb30 [ 3328.120306][T21483] __do_page_fault+0x5ef/0xda0 [ 3328.125069][T21483] do_page_fault+0x71/0x581 [ 3328.129563][T21483] page_fault+0x1e/0x30 [ 3328.133706][T21483] RIP: 0010:strncpy_from_user+0x1e1/0x380 [ 3328.139891][T21483] Code: 48 83 eb 08 bf 07 00 00 00 49 83 c4 08 48 89 de e8 54 fb 2d fe 48 83 fb 07 0f 86 17 01 00 00 e8 a5 f9 2d fe 48 8b 45 d0 31 f6 <4e> 8b 3c 20 31 ff 89 75 cc e8 11 fb 2d fe 8b 75 cc 85 f6 0f 84 5a [ 3328.161420][T21483] RSP: 0018:ffff888212eb7cb0 EFLAGS: 00010246 [ 3328.167475][T21483] RAX: 0000000000400003 RBX: 0000000000000fe0 RCX: ffffffff83429272 [ 3328.175445][T21483] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000007 [ 3328.183431][T21483] RBP: ffff888212eb7ce8 R08: ffff88803dda02c0 R09: ffff8880aa594dc0 [ 3328.191402][T21483] R10: 000000000000001c R11: ffff888092e4563f R12: 0000000000000000 [ 3328.199382][T21483] R13: ffff888092e44660 R14: 0000000000000fe0 R15: 00007ffffffff000 [ 3328.207389][T21483] ? strncpy_from_user+0x142/0x380 [ 3328.212511][T21483] getname_flags+0x11b/0x5b0 [ 3328.217086][T21483] do_renameat2+0x199/0xc40 [ 3328.221583][T21483] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3328.227817][T21483] ? debug_smp_processor_id+0x3c/0x280 [ 3328.233265][T21483] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 3328.238966][T21483] ? user_path_create+0x50/0x50 [ 3328.243798][T21483] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3328.250020][T21483] ? security_capable+0x9b/0xd0 [ 3328.254854][T21483] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3328.261077][T21483] ? ns_capable_common+0x93/0x100 [ 3328.266082][T21483] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3328.271521][T21483] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3328.276969][T21483] ? do_syscall_64+0x26/0x610 [ 3328.281636][T21483] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3328.287701][T21483] ? do_syscall_64+0x26/0x610 [ 3328.292376][T21483] __x64_sys_renameat+0x9a/0x100 [ 3328.297299][T21483] do_syscall_64+0x103/0x610 [ 3328.301880][T21483] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3328.307777][T21483] RIP: 0033:0x2000050a [ 3328.311834][T21483] Code: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 98 4a 2a e9 2c b8 b6 4c 0f 05 03 00 40 00 c4 a3 7b f0 c5 3c 41 e2 e9 c4 22 e9 aa bb 3c 00 00 [ 3328.331432][T21483] RSP: 002b:0000000000400003 EFLAGS: 00000212 ORIG_RAX: 0000000000000108 [ 3328.339833][T21483] RAX: ffffffffffffffda RBX: 0000000000000009 RCX: 000000002000050a [ 3328.347810][T21483] RDX: dfaf83e69c634c96 RSI: 0000000000400003 RDI: 00007f3680240608 [ 3328.355793][T21483] RBP: 0000000000000013 R08: 0000000000000005 R09: 0000000000000006 [ 3328.363751][T21483] R10: 0000000000000007 R11: 0000000000000212 R12: 000000000000000b [ 3328.371710][T21483] R13: 000000000000000c R14: 000000000000000d R15: 00000000ffffffff [ 3328.380035][ C0] net_ratelimit: 20 callbacks suppressed [ 3328.380049][ C0] protocol 88fb is buggy, dev hsr_slave_0 [ 3328.391634][ C0] protocol 88fb is buggy, dev hsr_slave_1 [ 3328.397484][ C0] protocol 88fb is buggy, dev hsr_slave_0 [ 3328.403326][ C0] protocol 88fb is buggy, dev hsr_slave_1 [ 3328.409395][T21483] memory: usage 307040kB, limit 307200kB, failcnt 10057 [ 3328.416511][T21483] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3328.424129][T21483] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3328.431038][T21483] Memory cgroup stats for /syz0: cache:228KB rss:117104KB rss_huge:81920KB shmem:200KB mapped_file:0KB dirty:0KB writeback:132KB swap:0KB inactive_anon:104KB active_anon:117100KB inactive_file:0KB active_file:0KB unevictable:0KB [ 3328.453591][T21483] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=829,uid=0 [ 3328.469051][T21483] Memory cgroup out of memory: Killed process 829 (syz-executor.0) total-vm:72580kB, anon-rss:2212kB, file-rss:35792kB, shmem-rss:0kB [ 3328.487454][ T1043] oom_reaper: reaped process 829 (syz-executor.0), now anon-rss:0kB, file-rss:34832kB, shmem-rss:0kB [ 3328.505072][T21636] syz-executor.0 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=0, oom_score_adj=1000 [ 3328.553977][T21636] CPU: 0 PID: 21636 Comm: syz-executor.0 Not tainted 5.1.0-rc7+ #97 [ 3328.562000][T21636] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3328.572063][T21636] Call Trace: [ 3328.575367][T21636] dump_stack+0x172/0x1f0 [ 3328.579709][T21636] dump_header+0x10f/0xb6c [ 3328.584135][T21636] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 3328.590083][T21636] ? ___ratelimit+0x60/0x595 [ 3328.594679][T21636] ? do_raw_spin_unlock+0x57/0x270 [ 3328.599803][T21636] oom_kill_process.cold+0x10/0x15 [ 3328.604944][T21636] out_of_memory+0x79a/0x1280 [ 3328.609648][T21636] ? oom_killer_disable+0x280/0x280 [ 3328.615039][T21636] ? find_held_lock+0x35/0x130 [ 3328.619812][T21636] mem_cgroup_out_of_memory+0x1ca/0x230 [ 3328.625355][T21636] ? memcg_event_wake+0x230/0x230 [ 3328.630382][T21636] ? do_raw_spin_unlock+0x57/0x270 [ 3328.635478][T21636] ? _raw_spin_unlock+0x2d/0x50 [ 3328.640309][T21636] try_charge+0xa87/0x15c0 [ 3328.644713][T21636] ? find_held_lock+0x35/0x130 [ 3328.649462][T21636] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 3328.654987][T21636] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 3328.660513][T21636] ? find_held_lock+0x35/0x130 [ 3328.665261][T21636] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 3328.670793][T21636] __memcg_kmem_charge_memcg+0x7c/0x130 [ 3328.676328][T21636] ? memcg_kmem_put_cache+0xb0/0xb0 [ 3328.681522][T21636] ? get_mem_cgroup_from_mm+0x128/0x2b0 [ 3328.687050][T21636] __memcg_kmem_charge+0x136/0x300 [ 3328.692152][T21636] __alloc_pages_nodemask+0x4bf/0x8d0 [ 3328.697515][T21636] ? __alloc_pages_slowpath+0x28b0/0x28b0 [ 3328.703236][T21636] ? is_dynamic_key+0x1c0/0x1c0 [ 3328.708090][T21636] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 3328.714312][T21636] alloc_pages_current+0x107/0x210 [ 3328.719428][T21636] pte_alloc_one+0x1b/0x1a0 [ 3328.723922][T21636] __handle_mm_fault+0x3491/0x3ec0 [ 3328.729048][T21636] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 3328.734591][T21636] ? find_held_lock+0x35/0x130 [ 3328.739347][T21636] ? handle_mm_fault+0x322/0xb30 [ 3328.744289][T21636] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3328.750516][T21636] ? kasan_check_read+0x11/0x20 [ 3328.755366][T21636] handle_mm_fault+0x43f/0xb30 [ 3328.760130][T21636] __do_page_fault+0x5ef/0xda0 [ 3328.764881][T21636] do_page_fault+0x71/0x581 [ 3328.769375][T21636] page_fault+0x1e/0x30 [ 3328.773516][T21636] RIP: 0010:strncpy_from_user+0x1e1/0x380 [ 3328.779217][T21636] Code: 48 83 eb 08 bf 07 00 00 00 49 83 c4 08 48 89 de e8 54 fb 2d fe 48 83 fb 07 0f 86 17 01 00 00 e8 a5 f9 2d fe 48 8b 45 d0 31 f6 <4e> 8b 3c 20 31 ff 89 75 cc e8 11 fb 2d fe 8b 75 cc 85 f6 0f 84 5a [ 3328.798812][T21636] RSP: 0018:ffff8882070cfcb0 EFLAGS: 00010246 [ 3328.804867][T21636] RAX: 0000000000400003 RBX: 0000000000000fe0 RCX: ffffffff83429272 [ 3328.812824][T21636] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000007 [ 3328.820781][T21636] RBP: ffff8882070cfce8 R08: ffff888065816500 R09: ffff8880aa594dc0 [ 3328.828739][T21636] R10: 000000000000001c R11: ffff888067cd1a7f R12: 0000000000000000 [ 3328.836715][T21636] R13: ffff888067cd0aa0 R14: 0000000000000fe0 R15: 00007ffffffff000 [ 3328.844694][T21636] ? strncpy_from_user+0x142/0x380 [ 3328.849809][T21636] getname_flags+0x11b/0x5b0 [ 3328.854424][T21636] do_renameat2+0x199/0xc40 [ 3328.858917][T21636] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3328.865149][T21636] ? debug_smp_processor_id+0x3c/0x280 [ 3328.870594][T21636] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 3328.876297][T21636] ? user_path_create+0x50/0x50 [ 3328.881156][T21636] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3328.887402][T21636] ? security_capable+0x9b/0xd0 [ 3328.892273][T21636] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3328.898503][T21636] ? ns_capable_common+0x93/0x100 [ 3328.903515][T21636] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3328.908962][T21636] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3328.914406][T21636] ? do_syscall_64+0x26/0x610 [ 3328.919067][T21636] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3328.925116][T21636] ? do_syscall_64+0x26/0x610 [ 3328.929780][T21636] __x64_sys_renameat+0x9a/0x100 [ 3328.934709][T21636] do_syscall_64+0x103/0x610 [ 3328.939305][T21636] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3328.945189][T21636] RIP: 0033:0x2000050a [ 3328.949243][T21636] Code: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 98 4a 2a e9 2c b8 b6 4c 0f 05 03 00 40 00 c4 a3 7b f0 c5 3c 41 e2 e9 c4 22 e9 aa bb 3c 00 00 [ 3328.968855][T21636] RSP: 002b:0000000000400003 EFLAGS: 00000212 ORIG_RAX: 0000000000000108 [ 3328.977260][T21636] RAX: ffffffffffffffda RBX: 0000000000000009 RCX: 000000002000050a [ 3328.985244][T21636] RDX: dfaf83e69c634c96 RSI: 0000000000400003 RDI: 00007f3680240608 [ 3328.993201][T21636] RBP: 0000000000000013 R08: 0000000000000005 R09: 0000000000000006 [ 3329.001158][T21636] R10: 0000000000000007 R11: 0000000000000212 R12: 000000000000000b [ 3329.009125][T21636] R13: 000000000000000c R14: 000000000000000d R15: 00000000ffffffff [ 3329.017374][T21636] memory: usage 307040kB, limit 307200kB, failcnt 10170 [ 3329.021829][ C1] protocol 88fb is buggy, dev hsr_slave_0 [ 3329.024388][T21636] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3329.030246][ C1] protocol 88fb is buggy, dev hsr_slave_1 [ 3329.037673][T21636] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3329.037682][T21636] Memory cgroup stats for /syz0: cache:228KB rss:114972KB rss_huge:79872KB shmem:200KB mapped_file:0KB dirty:0KB writeback:132KB swap:0KB inactive_anon:104KB active_anon:114936KB inactive_file:0KB active_file:0KB unevictable:0KB [ 3329.043700][ C1] protocol 88fb is buggy, dev hsr_slave_0 [ 3329.050390][T21636] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=1863,uid=0 [ 3329.050512][T21636] Memory cgroup out of memory: Killed process 1863 (syz-executor.0) total-vm:72580kB, anon-rss:2212kB, file-rss:35792kB, shmem-rss:0kB [ 3329.072859][ C1] protocol 88fb is buggy, dev hsr_slave_1 [ 3329.114969][ C1] protocol 88fb is buggy, dev hsr_slave_0 [ 3329.120860][ C1] protocol 88fb is buggy, dev hsr_slave_1 [ 3329.152850][T21421] syz-executor.0 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 3329.172097][T21421] CPU: 0 PID: 21421 Comm: syz-executor.0 Not tainted 5.1.0-rc7+ #97 [ 3329.180107][T21421] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3329.190174][T21421] Call Trace: [ 3329.193482][T21421] dump_stack+0x172/0x1f0 [ 3329.197827][T21421] dump_header+0x10f/0xb6c [ 3329.202266][T21421] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 3329.208083][T21421] ? ___ratelimit+0x60/0x595 [ 3329.212768][T21421] ? do_raw_spin_unlock+0x57/0x270 [ 3329.217895][T21421] oom_kill_process.cold+0x10/0x15 [ 3329.223033][T21421] out_of_memory+0x79a/0x1280 [ 3329.227728][T21421] ? oom_killer_disable+0x280/0x280 [ 3329.232925][T21421] ? find_held_lock+0x35/0x130 [ 3329.237750][T21421] mem_cgroup_out_of_memory+0x1ca/0x230 [ 3329.243309][T21421] ? memcg_event_wake+0x230/0x230 [ 3329.248353][T21421] ? do_raw_spin_unlock+0x57/0x270 [ 3329.253480][T21421] ? _raw_spin_unlock+0x2d/0x50 [ 3329.258337][T21421] try_charge+0xa87/0x15c0 [ 3329.262753][T21421] ? find_held_lock+0x35/0x130 [ 3329.267531][T21421] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 3329.273085][T21421] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3329.279333][T21421] ? kasan_check_read+0x11/0x20 [ 3329.284197][T21421] ? get_mem_cgroup_from_mm+0x128/0x2b0 [ 3329.289753][T21421] mem_cgroup_try_charge+0x24d/0x5e0 [ 3329.295063][T21421] mem_cgroup_try_charge_delay+0x1f/0xa0 [ 3329.300709][T21421] wp_page_copy+0x408/0x1740 [ 3329.305303][T21421] ? find_held_lock+0x35/0x130 [ 3329.310083][T21421] ? pmd_pfn+0x1d0/0x1d0 [ 3329.314332][T21421] ? lock_downgrade+0x880/0x880 [ 3329.319187][T21421] ? swp_swapcount+0x540/0x540 [ 3329.323972][T21421] ? kasan_check_read+0x11/0x20 [ 3329.328831][T21421] ? do_raw_spin_unlock+0x57/0x270 [ 3329.333956][T21421] do_wp_page+0x48e/0x1500 [ 3329.338385][T21421] ? finish_mkwrite_fault+0x4f0/0x4f0 [ 3329.343772][T21421] __handle_mm_fault+0x22e8/0x3ec0 [ 3329.348900][T21421] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 3329.354452][T21421] ? find_held_lock+0x35/0x130 [ 3329.359225][T21421] ? handle_mm_fault+0x322/0xb30 [ 3329.364189][T21421] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3329.370443][T21421] ? kasan_check_read+0x11/0x20 [ 3329.375331][T21421] handle_mm_fault+0x43f/0xb30 [ 3329.380104][T21421] __do_page_fault+0x5ef/0xda0 [ 3329.384887][T21421] do_page_fault+0x71/0x581 [ 3329.389402][T21421] page_fault+0x1e/0x30 [ 3329.393558][T21421] RIP: 0010:__put_user_4+0x1c/0x30 [ 3329.398668][T21421] Code: 1f 00 c3 90 66 2e 0f 1f 84 00 00 00 00 00 65 48 8b 1c 25 00 ee 01 00 48 8b 9b 18 14 00 00 48 83 eb 03 48 39 d9 73 3c 0f 1f 00 <89> 01 31 c0 0f 1f 00 c3 66 90 66 2e 0f 1f 84 00 00 00 00 00 65 48 [ 3329.418275][T21421] RSP: 0018:ffff88820fc37ed0 EFLAGS: 00010293 [ 3329.424351][T21421] RAX: 0000000000000000 RBX: 00007fffffffeffd RCX: 00007f3680240608 [ 3329.432327][T21421] RDX: 0000000000000000 RSI: ffffffff819ace93 RDI: 0000000000000286 [ 3329.440303][T21421] RBP: ffff88820fc37f10 R08: ffff8880a8e3c2c0 R09: 0000000000000001 [ 3329.448281][T21421] R10: ffff8880a8e3cb40 R11: ffff8880a8e3c2c0 R12: 0000000000000000 [ 3329.456261][T21421] R13: 00007f3680240608 R14: 0000000000400003 R15: 0000000000000000 [ 3329.464269][T21421] ? __might_fault+0x1a3/0x1e0 [ 3329.469049][T21421] ? __x64_sys_getresgid+0x1aa/0x290 [ 3329.474337][T21421] ? trace_hardirqs_on+0x67/0x230 [ 3329.479375][T21421] do_syscall_64+0x103/0x610 [ 3329.483985][T21421] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3329.489876][T21421] RIP: 0033:0x2000050a [ 3329.493951][T21421] Code: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 98 4a 2a e9 2c b8 b6 4c 0f 05 03 00 40 00 c4 a3 7b f0 c5 3c 41 e2 e9 c4 22 e9 aa bb 3c 00 00 [ 3329.513565][T21421] RSP: 002b:0000000000400003 EFLAGS: 00000217 ORIG_RAX: 0000000000000078 [ 3329.521986][T21421] RAX: ffffffffffffffda RBX: 0000000000000009 RCX: 000000002000050a [ 3329.529976][T21421] RDX: dfaf83e69c634c96 RSI: 0000000000400003 RDI: 00007f3680240608 [ 3329.537963][T21421] RBP: 00000000000000fa R08: 0000000000000005 R09: 0000000000000006 [ 3329.545950][T21421] R10: 0000000000000007 R11: 0000000000000217 R12: 000000000000000b [ 3329.553930][T21421] R13: 000000000000000c R14: 000000000000000d R15: 00000000ffffffff [ 3329.570722][T21421] memory: usage 307200kB, limit 307200kB, failcnt 10437 [ 3329.583992][T21421] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3329.591799][T21421] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3329.598735][T21421] Memory cgroup stats for /syz0: cache:228KB rss:112824KB rss_huge:77824KB shmem:200KB mapped_file:0KB dirty:0KB writeback:132KB swap:0KB inactive_anon:104KB active_anon:112816KB inactive_file:0KB active_file:0KB unevictable:0KB [ 3329.621152][T21421] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=7869,uid=0 [ 3329.636765][T21421] Memory cgroup out of memory: Killed process 7869 (syz-executor.0) total-vm:72712kB, anon-rss:2212kB, file-rss:35788kB, shmem-rss:0kB [ 3329.666616][T21639] syz-executor.0 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 3329.677051][T21639] CPU: 0 PID: 21639 Comm: syz-executor.0 Not tainted 5.1.0-rc7+ #97 [ 3329.685048][T21639] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3329.695118][T21639] Call Trace: [ 3329.698422][T21639] dump_stack+0x172/0x1f0 [ 3329.702765][T21639] dump_header+0x10f/0xb6c [ 3329.707196][T21639] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 3329.713022][T21639] ? ___ratelimit+0x60/0x595 [ 3329.717625][T21639] ? do_raw_spin_unlock+0x57/0x270 [ 3329.722751][T21639] oom_kill_process.cold+0x10/0x15 [ 3329.727873][T21639] out_of_memory+0x79a/0x1280 [ 3329.732568][T21639] ? oom_killer_disable+0x280/0x280 [ 3329.737776][T21639] ? find_held_lock+0x35/0x130 [ 3329.742562][T21639] mem_cgroup_out_of_memory+0x1ca/0x230 [ 3329.748121][T21639] ? memcg_event_wake+0x230/0x230 [ 3329.753170][T21639] ? do_raw_spin_unlock+0x57/0x270 [ 3329.758298][T21639] ? _raw_spin_unlock+0x2d/0x50 [ 3329.763169][T21639] try_charge+0xa87/0x15c0 [ 3329.767596][T21639] ? find_held_lock+0x35/0x130 [ 3329.772382][T21639] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 3329.777954][T21639] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3329.784208][T21639] ? kasan_check_read+0x11/0x20 [ 3329.789078][T21639] ? get_mem_cgroup_from_mm+0x128/0x2b0 [ 3329.794635][T21639] mem_cgroup_try_charge+0x24d/0x5e0 [ 3329.799943][T21639] mem_cgroup_try_charge_delay+0x1f/0xa0 [ 3329.805590][T21639] wp_page_copy+0x408/0x1740 [ 3329.810184][T21639] ? find_held_lock+0x35/0x130 [ 3329.814972][T21639] ? pmd_pfn+0x1d0/0x1d0 [ 3329.819278][T21639] ? lock_downgrade+0x880/0x880 [ 3329.824138][T21639] ? swp_swapcount+0x540/0x540 [ 3329.828906][T21639] ? kasan_check_read+0x11/0x20 [ 3329.833773][T21639] ? do_raw_spin_unlock+0x57/0x270 [ 3329.838899][T21639] do_wp_page+0x48e/0x1500 [ 3329.843337][T21639] ? finish_mkwrite_fault+0x4f0/0x4f0 [ 3329.848726][T21639] __handle_mm_fault+0x22e8/0x3ec0 [ 3329.853943][T21639] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 3329.859489][T21639] ? find_held_lock+0x35/0x130 [ 3329.864264][T21639] ? handle_mm_fault+0x322/0xb30 [ 3329.869213][T21639] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3329.875465][T21639] ? kasan_check_read+0x11/0x20 [ 3329.880324][T21639] handle_mm_fault+0x43f/0xb30 [ 3329.885101][T21639] __do_page_fault+0x5ef/0xda0 [ 3329.889873][T21639] do_page_fault+0x71/0x581 [ 3329.894381][T21639] page_fault+0x1e/0x30 [ 3329.898538][T21639] RIP: 0010:__put_user_4+0x1c/0x30 [ 3329.903653][T21639] Code: 1f 00 c3 90 66 2e 0f 1f 84 00 00 00 00 00 65 48 8b 1c 25 00 ee 01 00 48 8b 9b 18 14 00 00 48 83 eb 03 48 39 d9 73 3c 0f 1f 00 <89> 01 31 c0 0f 1f 00 c3 66 90 66 2e 0f 1f 84 00 00 00 00 00 65 48 [ 3329.923272][T21639] RSP: 0018:ffff888211d67ed0 EFLAGS: 00010293 [ 3329.929374][T21639] RAX: 0000000000000000 RBX: 00007fffffffeffd RCX: 00007f3680240608 [ 3329.937356][T21639] RDX: 0000000000000000 RSI: ffffffff819ace93 RDI: 0000000000000286 [ 3329.945340][T21639] RBP: ffff888211d67f10 R08: ffff8880499b4140 R09: 0000000000000001 [ 3329.953320][T21639] R10: ffff8880499b49c0 R11: ffff8880499b4140 R12: 0000000000000000 [ 3329.961660][T21639] R13: 00007f3680240608 R14: 0000000000400003 R15: 0000000000000000 [ 3329.969671][T21639] ? __might_fault+0x1a3/0x1e0 [ 3329.974457][T21639] ? __x64_sys_getresgid+0x1aa/0x290 [ 3329.979750][T21639] ? trace_hardirqs_on+0x67/0x230 [ 3329.984784][T21639] do_syscall_64+0x103/0x610 [ 3329.989395][T21639] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3329.995300][T21639] RIP: 0033:0x2000050a [ 3329.999368][T21639] Code: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 98 4a 2a e9 2c b8 b6 4c 0f 05 03 00 40 00 c4 a3 7b f0 c5 3c 41 e2 e9 c4 22 e9 aa bb 3c 00 00 [ 3330.019186][T21639] RSP: 002b:0000000000400003 EFLAGS: 00000217 ORIG_RAX: 0000000000000078 [ 3330.027609][T21639] RAX: ffffffffffffffda RBX: 0000000000000009 RCX: 000000002000050a [ 3330.035587][T21639] RDX: dfaf83e69c634c96 RSI: 0000000000400003 RDI: 00007f3680240608 [ 3330.043563][T21639] RBP: 00000000000000fa R08: 0000000000000005 R09: 0000000000000006 [ 3330.051540][T21639] R10: 0000000000000007 R11: 0000000000000217 R12: 000000000000000b [ 3330.061006][T21639] R13: 000000000000000c R14: 000000000000000d R15: 00000000ffffffff [ 3330.072883][T21639] memory: usage 307200kB, limit 307200kB, failcnt 10529 [ 3330.080003][T21639] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3330.088221][T21639] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3330.095682][T21639] Memory cgroup stats for /syz0: cache:228KB rss:110692KB rss_huge:75776KB shmem:200KB mapped_file:0KB dirty:0KB writeback:132KB swap:0KB inactive_anon:104KB active_anon:110676KB inactive_file:0KB active_file:0KB unevictable:0KB [ 3330.118108][T21639] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=12414,uid=0 [ 3330.133826][T21639] Memory cgroup out of memory: Killed process 12414 (syz-executor.0) total-vm:72580kB, anon-rss:2212kB, file-rss:35788kB, shmem-rss:0kB [ 3330.153092][ T1043] oom_reaper: reaped process 12414 (syz-executor.0), now anon-rss:0kB, file-rss:34828kB, shmem-rss:0kB [ 3330.548350][T21815] syz-executor.0 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=0, oom_score_adj=1000 [ 3330.570975][T21815] CPU: 0 PID: 21815 Comm: syz-executor.0 Not tainted 5.1.0-rc7+ #97 [ 3330.578995][T21815] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3330.589060][T21815] Call Trace: [ 3330.592371][T21815] dump_stack+0x172/0x1f0 [ 3330.596717][T21815] dump_header+0x10f/0xb6c [ 3330.601138][T21815] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 3330.606959][T21815] ? ___ratelimit+0x60/0x595 [ 3330.611550][T21815] ? do_raw_spin_unlock+0x57/0x270 [ 3330.616661][T21815] oom_kill_process.cold+0x10/0x15 [ 3330.621763][T21815] out_of_memory+0x79a/0x1280 [ 3330.626429][T21815] ? lock_downgrade+0x880/0x880 [ 3330.631266][T21815] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3330.637512][T21815] ? oom_killer_disable+0x280/0x280 [ 3330.642692][T21815] ? find_held_lock+0x35/0x130 [ 3330.647449][T21815] mem_cgroup_out_of_memory+0x1ca/0x230 [ 3330.653157][T21815] ? memcg_event_wake+0x230/0x230 [ 3330.658177][T21815] ? do_raw_spin_unlock+0x57/0x270 [ 3330.663275][T21815] ? _raw_spin_unlock+0x2d/0x50 [ 3330.668131][T21815] try_charge+0xa87/0x15c0 [ 3330.672531][T21815] ? find_held_lock+0x35/0x130 [ 3330.677385][T21815] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 3330.682916][T21815] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 3330.688451][T21815] ? find_held_lock+0x35/0x130 [ 3330.693201][T21815] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 3330.698737][T21815] __memcg_kmem_charge_memcg+0x7c/0x130 [ 3330.704271][T21815] ? memcg_kmem_put_cache+0xb0/0xb0 [ 3330.709451][T21815] ? get_mem_cgroup_from_mm+0x128/0x2b0 [ 3330.714987][T21815] __memcg_kmem_charge+0x136/0x300 [ 3330.720104][T21815] __alloc_pages_nodemask+0x4bf/0x8d0 [ 3330.725469][T21815] ? __alloc_pages_slowpath+0x28b0/0x28b0 [ 3330.731181][T21815] ? is_dynamic_key+0x1c0/0x1c0 [ 3330.736018][T21815] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 3330.742263][T21815] alloc_pages_current+0x107/0x210 [ 3330.747372][T21815] pte_alloc_one+0x1b/0x1a0 [ 3330.751880][T21815] __handle_mm_fault+0x3491/0x3ec0 [ 3330.756982][T21815] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 3330.762516][T21815] ? find_held_lock+0x35/0x130 [ 3330.767272][T21815] ? handle_mm_fault+0x322/0xb30 [ 3330.772201][T21815] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3330.778436][T21815] ? kasan_check_read+0x11/0x20 [ 3330.783283][T21815] handle_mm_fault+0x43f/0xb30 [ 3330.788037][T21815] __do_page_fault+0x5ef/0xda0 [ 3330.792827][T21815] do_page_fault+0x71/0x581 [ 3330.797337][T21815] page_fault+0x1e/0x30 [ 3330.801493][T21815] RIP: 0010:strncpy_from_user+0x1e1/0x380 [ 3330.807191][T21815] Code: 48 83 eb 08 bf 07 00 00 00 49 83 c4 08 48 89 de e8 54 fb 2d fe 48 83 fb 07 0f 86 17 01 00 00 e8 a5 f9 2d fe 48 8b 45 d0 31 f6 <4e> 8b 3c 20 31 ff 89 75 cc e8 11 fb 2d fe 8b 75 cc 85 f6 0f 84 5a [ 3330.826781][T21815] RSP: 0018:ffff88801f0dfcb0 EFLAGS: 00010246 [ 3330.832845][T21815] RAX: 0000000000400003 RBX: 0000000000000fe0 RCX: ffffffff83429272 [ 3330.840802][T21815] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000007 [ 3330.848764][T21815] RBP: ffff88801f0dfce8 R08: ffff8880a35e25c0 R09: ffff8880aa594dc0 [ 3330.856723][T21815] R10: 000000000000001c R11: ffff8880202731bf R12: 0000000000000000 [ 3330.864680][T21815] R13: ffff8880202721e0 R14: 0000000000000fe0 R15: 00007ffffffff000 [ 3330.872658][T21815] ? strncpy_from_user+0x142/0x380 [ 3330.877791][T21815] getname_flags+0x11b/0x5b0 [ 3330.882381][T21815] do_renameat2+0x199/0xc40 [ 3330.886881][T21815] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3330.893110][T21815] ? debug_smp_processor_id+0x3c/0x280 [ 3330.898556][T21815] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 3330.904259][T21815] ? user_path_create+0x50/0x50 [ 3330.909094][T21815] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3330.915339][T21815] ? security_capable+0x9b/0xd0 [ 3330.920203][T21815] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3330.926432][T21815] ? ns_capable_common+0x93/0x100 [ 3330.931451][T21815] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3330.936915][T21815] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3330.942374][T21815] ? do_syscall_64+0x26/0x610 [ 3330.947037][T21815] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3330.953087][T21815] ? do_syscall_64+0x26/0x610 [ 3330.957755][T21815] __x64_sys_renameat+0x9a/0x100 [ 3330.962686][T21815] do_syscall_64+0x103/0x610 [ 3330.967274][T21815] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3330.973152][T21815] RIP: 0033:0x2000050a [ 3330.977204][T21815] Code: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 98 4a 2a e9 2c b8 b6 4c 0f 05 03 00 40 00 c4 a3 7b f0 c5 3c 41 e2 e9 c4 22 e9 aa bb 3c 00 00 [ 3330.996810][T21815] RSP: 002b:0000000000400003 EFLAGS: 00000212 ORIG_RAX: 0000000000000108 [ 3331.005306][T21815] RAX: ffffffffffffffda RBX: 0000000000000009 RCX: 000000002000050a [ 3331.013290][T21815] RDX: dfaf83e69c634c96 RSI: 0000000000400003 RDI: 00007f3680240608 [ 3331.021292][T21815] RBP: 0000000000000013 R08: 0000000000000005 R09: 0000000000000006 [ 3331.029259][T21815] R10: 0000000000000007 R11: 0000000000000212 R12: 000000000000000b [ 3331.037220][T21815] R13: 000000000000000c R14: 000000000000000d R15: 00000000ffffffff [ 3331.045774][T21815] memory: usage 307200kB, limit 307200kB, failcnt 12365 [ 3331.052802][T21815] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3331.060272][T21815] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3331.067314][T21815] Memory cgroup stats for /syz0: cache:228KB rss:108576KB rss_huge:73728KB shmem:200KB mapped_file:0KB dirty:0KB writeback:132KB swap:0KB inactive_anon:104KB active_anon:108576KB inactive_file:0KB active_file:0KB unevictable:0KB [ 3331.089512][T21815] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=10866,uid=0 [ 3331.105034][T21815] Memory cgroup out of memory: Killed process 10866 (syz-executor.0) total-vm:72580kB, anon-rss:2220kB, file-rss:35780kB, shmem-rss:0kB [ 3331.138821][T21816] syz-executor.0 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=0, oom_score_adj=1000 [ 3331.181676][T21816] CPU: 0 PID: 21816 Comm: syz-executor.0 Not tainted 5.1.0-rc7+ #97 [ 3331.189709][T21816] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3331.199775][T21816] Call Trace: [ 3331.203080][T21816] dump_stack+0x172/0x1f0 [ 3331.207428][T21816] dump_header+0x10f/0xb6c [ 3331.211854][T21816] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 3331.217676][T21816] ? ___ratelimit+0x60/0x595 [ 3331.222280][T21816] ? do_raw_spin_unlock+0x57/0x270 [ 3331.227411][T21816] oom_kill_process.cold+0x10/0x15 [ 3331.232539][T21816] out_of_memory+0x79a/0x1280 [ 3331.237236][T21816] ? oom_killer_disable+0x280/0x280 [ 3331.242452][T21816] ? find_held_lock+0x35/0x130 [ 3331.247249][T21816] mem_cgroup_out_of_memory+0x1ca/0x230 [ 3331.252805][T21816] ? memcg_event_wake+0x230/0x230 [ 3331.257846][T21816] ? do_raw_spin_unlock+0x57/0x270 [ 3331.262967][T21816] ? _raw_spin_unlock+0x2d/0x50 [ 3331.267824][T21816] try_charge+0xa87/0x15c0 [ 3331.272261][T21816] ? find_held_lock+0x35/0x130 [ 3331.277045][T21816] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 3331.282604][T21816] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 3331.288158][T21816] ? find_held_lock+0x35/0x130 [ 3331.292942][T21816] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 3331.298517][T21816] __memcg_kmem_charge_memcg+0x7c/0x130 [ 3331.304068][T21816] ? memcg_kmem_put_cache+0xb0/0xb0 [ 3331.309279][T21816] ? get_mem_cgroup_from_mm+0x128/0x2b0 [ 3331.314843][T21816] __memcg_kmem_charge+0x136/0x300 [ 3331.319968][T21816] __alloc_pages_nodemask+0x4bf/0x8d0 [ 3331.325421][T21816] ? __alloc_pages_slowpath+0x28b0/0x28b0 [ 3331.331153][T21816] ? is_dynamic_key+0x1c0/0x1c0 [ 3331.335991][T21816] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 3331.342487][T21816] alloc_pages_current+0x107/0x210 [ 3331.347595][T21816] pte_alloc_one+0x1b/0x1a0 [ 3331.352089][T21816] __handle_mm_fault+0x3491/0x3ec0 [ 3331.357189][T21816] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 3331.362745][T21816] ? find_held_lock+0x35/0x130 [ 3331.367500][T21816] ? handle_mm_fault+0x322/0xb30 [ 3331.372427][T21816] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3331.378654][T21816] ? kasan_check_read+0x11/0x20 [ 3331.383499][T21816] handle_mm_fault+0x43f/0xb30 [ 3331.388252][T21816] __do_page_fault+0x5ef/0xda0 [ 3331.393005][T21816] do_page_fault+0x71/0x581 [ 3331.397513][T21816] page_fault+0x1e/0x30 [ 3331.401654][T21816] RIP: 0010:strncpy_from_user+0x1e1/0x380 [ 3331.407362][T21816] Code: 48 83 eb 08 bf 07 00 00 00 49 83 c4 08 48 89 de e8 54 fb 2d fe 48 83 fb 07 0f 86 17 01 00 00 e8 a5 f9 2d fe 48 8b 45 d0 31 f6 <4e> 8b 3c 20 31 ff 89 75 cc e8 11 fb 2d fe 8b 75 cc 85 f6 0f 84 5a [ 3331.426968][T21816] RSP: 0018:ffff88801031fcb0 EFLAGS: 00010246 [ 3331.433019][T21816] RAX: 0000000000400003 RBX: 0000000000000fe0 RCX: ffffffff83429272 [ 3331.440977][T21816] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000007 [ 3331.448944][T21816] RBP: ffff88801031fce8 R08: ffff8880a47f0600 R09: ffff8880aa594dc0 [ 3331.456901][T21816] R10: 000000000000001c R11: ffff8880202751ff R12: 0000000000000000 [ 3331.464852][T21816] R13: ffff888020274220 R14: 0000000000000fe0 R15: 00007ffffffff000 [ 3331.472843][T21816] ? strncpy_from_user+0x142/0x380 [ 3331.477962][T21816] getname_flags+0x11b/0x5b0 [ 3331.482541][T21816] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3331.488783][T21816] do_renameat2+0x199/0xc40 [ 3331.493277][T21816] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 3331.498981][T21816] ? user_path_create+0x50/0x50 [ 3331.503818][T21816] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3331.510072][T21816] ? security_capable+0x9b/0xd0 [ 3331.514917][T21816] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3331.521146][T21816] ? ns_capable_common+0x93/0x100 [ 3331.526175][T21816] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3331.531622][T21816] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3331.537062][T21816] ? do_syscall_64+0x26/0x610 [ 3331.541721][T21816] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3331.547776][T21816] ? do_syscall_64+0x26/0x610 [ 3331.552442][T21816] __x64_sys_renameat+0x9a/0x100 [ 3331.557372][T21816] do_syscall_64+0x103/0x610 [ 3331.561956][T21816] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3331.567835][T21816] RIP: 0033:0x2000050a [ 3331.571889][T21816] Code: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 98 4a 2a e9 2c b8 b6 4c 0f 05 03 00 40 00 c4 a3 7b f0 c5 3c 41 e2 e9 c4 22 e9 aa bb 3c 00 00 [ 3331.591483][T21816] RSP: 002b:0000000000400003 EFLAGS: 00000212 ORIG_RAX: 0000000000000108 [ 3331.599885][T21816] RAX: ffffffffffffffda RBX: 0000000000000009 RCX: 000000002000050a [ 3331.607846][T21816] RDX: dfaf83e69c634c96 RSI: 0000000000400003 RDI: 00007f3680240608 [ 3331.615910][T21816] RBP: 0000000000000013 R08: 0000000000000005 R09: 0000000000000006 [ 3331.623872][T21816] R10: 0000000000000007 R11: 0000000000000212 R12: 000000000000000b [ 3331.631829][T21816] R13: 000000000000000c R14: 000000000000000d R15: 00000000ffffffff [ 3331.641983][T21816] memory: usage 307180kB, limit 307200kB, failcnt 12483 [ 3331.649094][T21816] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3331.659127][T21816] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3331.666568][T21816] Memory cgroup stats for /syz0: cache:228KB rss:106484KB rss_huge:71680KB shmem:200KB mapped_file:0KB dirty:0KB writeback:132KB swap:0KB inactive_anon:104KB active_anon:106424KB inactive_file:0KB active_file:0KB unevictable:0KB [ 3331.688917][T21816] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=10992,uid=0 [ 3331.704670][T21816] Memory cgroup out of memory: Killed process 10992 (syz-executor.0) total-vm:72580kB, anon-rss:2220kB, file-rss:35780kB, shmem-rss:0kB [ 3331.727020][T21819] syz-executor.0 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=0, oom_score_adj=1000 [ 3331.742600][T21819] CPU: 0 PID: 21819 Comm: syz-executor.0 Not tainted 5.1.0-rc7+ #97 [ 3331.750618][T21819] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3331.760686][T21819] Call Trace: [ 3331.763999][T21819] dump_stack+0x172/0x1f0 [ 3331.768355][T21819] dump_header+0x10f/0xb6c [ 3331.772794][T21819] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 3331.778619][T21819] ? ___ratelimit+0x60/0x595 [ 3331.783310][T21819] ? do_raw_spin_unlock+0x57/0x270 [ 3331.788437][T21819] oom_kill_process.cold+0x10/0x15 [ 3331.793558][T21819] out_of_memory+0x79a/0x1280 [ 3331.798258][T21819] ? oom_killer_disable+0x280/0x280 [ 3331.803468][T21819] ? find_held_lock+0x35/0x130 [ 3331.808257][T21819] mem_cgroup_out_of_memory+0x1ca/0x230 [ 3331.813813][T21819] ? memcg_event_wake+0x230/0x230 [ 3331.818857][T21819] ? do_raw_spin_unlock+0x57/0x270 [ 3331.823979][T21819] ? _raw_spin_unlock+0x2d/0x50 [ 3331.828841][T21819] try_charge+0xa87/0x15c0 [ 3331.833268][T21819] ? find_held_lock+0x35/0x130 [ 3331.838050][T21819] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 3331.843603][T21819] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 3331.849152][T21819] ? find_held_lock+0x35/0x130 [ 3331.853946][T21819] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 3331.859515][T21819] __memcg_kmem_charge_memcg+0x7c/0x130 [ 3331.865067][T21819] ? memcg_kmem_put_cache+0xb0/0xb0 [ 3331.870283][T21819] ? get_mem_cgroup_from_mm+0x128/0x2b0 [ 3331.875836][T21819] __memcg_kmem_charge+0x136/0x300 [ 3331.880964][T21819] __alloc_pages_nodemask+0x4bf/0x8d0 [ 3331.886348][T21819] ? __alloc_pages_slowpath+0x28b0/0x28b0 [ 3331.892091][T21819] ? is_dynamic_key+0x1c0/0x1c0 [ 3331.896956][T21819] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 3331.903210][T21819] alloc_pages_current+0x107/0x210 [ 3331.908340][T21819] pte_alloc_one+0x1b/0x1a0 [ 3331.912858][T21819] __handle_mm_fault+0x3491/0x3ec0 [ 3331.917994][T21819] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 3331.923541][T21819] ? find_held_lock+0x35/0x130 [ 3331.928309][T21819] ? handle_mm_fault+0x322/0xb30 [ 3331.933273][T21819] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3331.939536][T21819] ? kasan_check_read+0x11/0x20 [ 3331.944404][T21819] handle_mm_fault+0x43f/0xb30 [ 3331.949180][T21819] __do_page_fault+0x5ef/0xda0 [ 3331.953979][T21819] do_page_fault+0x71/0x581 [ 3331.958501][T21819] page_fault+0x1e/0x30 [ 3331.962663][T21819] RIP: 0010:strncpy_from_user+0x1e1/0x380 [ 3331.968382][T21819] Code: 48 83 eb 08 bf 07 00 00 00 49 83 c4 08 48 89 de e8 54 fb 2d fe 48 83 fb 07 0f 86 17 01 00 00 e8 a5 f9 2d fe 48 8b 45 d0 31 f6 <4e> 8b 3c 20 31 ff 89 75 cc e8 11 fb 2d fe 8b 75 cc 85 f6 0f 84 5a [ 3331.987994][T21819] RSP: 0018:ffff888010327cb0 EFLAGS: 00010246 [ 3331.994061][T21819] RAX: 0000000000400003 RBX: 0000000000000fe0 RCX: ffffffff83429272 [ 3332.002022][T21819] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000007 [ 3332.009981][T21819] RBP: ffff888010327ce8 R08: ffff88805172e6c0 R09: ffff8880aa594dc0 [ 3332.017947][T21819] R10: 000000000000001c R11: ffff88802027723f R12: 0000000000000000 [ 3332.027330][T21819] R13: ffff888020276260 R14: 0000000000000fe0 R15: 00007ffffffff000 [ 3332.036391][T21819] ? strncpy_from_user+0x142/0x380 [ 3332.041502][T21819] getname_flags+0x11b/0x5b0 [ 3332.046083][T21819] do_renameat2+0x199/0xc40 [ 3332.050576][T21819] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3332.056810][T21819] ? debug_smp_processor_id+0x3c/0x280 [ 3332.062366][T21819] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 3332.068088][T21819] ? user_path_create+0x50/0x50 [ 3332.072925][T21819] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3332.079191][T21819] ? security_capable+0x9b/0xd0 [ 3332.084033][T21819] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3332.090260][T21819] ? ns_capable_common+0x93/0x100 [ 3332.095277][T21819] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3332.100725][T21819] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3332.106172][T21819] ? do_syscall_64+0x26/0x610 [ 3332.110844][T21819] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3332.116899][T21819] ? do_syscall_64+0x26/0x610 [ 3332.121576][T21819] __x64_sys_renameat+0x9a/0x100 [ 3332.126526][T21819] do_syscall_64+0x103/0x610 [ 3332.131106][T21819] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3332.136980][T21819] RIP: 0033:0x2000050a [ 3332.141454][T21819] Code: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 98 4a 2a e9 2c b8 b6 4c 0f 05 03 00 40 00 c4 a3 7b f0 c5 3c 41 e2 e9 c4 22 e9 aa bb 3c 00 00 [ 3332.161246][T21819] RSP: 002b:0000000000400003 EFLAGS: 00000212 ORIG_RAX: 0000000000000108 [ 3332.169646][T21819] RAX: ffffffffffffffda RBX: 0000000000000009 RCX: 000000002000050a [ 3332.177605][T21819] RDX: dfaf83e69c634c96 RSI: 0000000000400003 RDI: 00007f3680240608 [ 3332.185576][T21819] RBP: 0000000000000013 R08: 0000000000000005 R09: 0000000000000006 [ 3332.193533][T21819] R10: 0000000000000007 R11: 0000000000000212 R12: 000000000000000b [ 3332.201488][T21819] R13: 000000000000000c R14: 000000000000000d R15: 00000000ffffffff [ 3332.213857][T21819] memory: usage 307200kB, limit 307200kB, failcnt 12586 [ 3332.220979][T21819] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3332.228641][T21819] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3332.235698][T21819] Memory cgroup stats for /syz0: cache:228KB rss:104360KB rss_huge:69632KB shmem:200KB mapped_file:0KB dirty:0KB writeback:132KB swap:0KB inactive_anon:104KB active_anon:104344KB inactive_file:0KB active_file:0KB unevictable:0KB [ 3332.258118][T21819] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=11069,uid=0 [ 3332.273949][T21819] Memory cgroup out of memory: Killed process 11069 (syz-executor.0) total-vm:72580kB, anon-rss:2220kB, file-rss:35780kB, shmem-rss:0kB [ 3332.296303][T21822] syz-executor.0 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=0, oom_score_adj=1000 [ 3332.311105][T21822] CPU: 0 PID: 21822 Comm: syz-executor.0 Not tainted 5.1.0-rc7+ #97 [ 3332.319108][T21822] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3332.329170][T21822] Call Trace: [ 3332.332476][T21822] dump_stack+0x172/0x1f0 [ 3332.336823][T21822] dump_header+0x10f/0xb6c [ 3332.341262][T21822] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 3332.347083][T21822] ? ___ratelimit+0x60/0x595 [ 3332.351688][T21822] ? do_raw_spin_unlock+0x57/0x270 [ 3332.356822][T21822] oom_kill_process.cold+0x10/0x15 [ 3332.361953][T21822] out_of_memory+0x79a/0x1280 [ 3332.366648][T21822] ? oom_killer_disable+0x280/0x280 [ 3332.371849][T21822] ? find_held_lock+0x35/0x130 [ 3332.376635][T21822] mem_cgroup_out_of_memory+0x1ca/0x230 [ 3332.382191][T21822] ? memcg_event_wake+0x230/0x230 [ 3332.387228][T21822] ? do_raw_spin_unlock+0x57/0x270 [ 3332.392364][T21822] ? _raw_spin_unlock+0x2d/0x50 [ 3332.397233][T21822] try_charge+0xa87/0x15c0 [ 3332.401670][T21822] ? find_held_lock+0x35/0x130 [ 3332.406454][T21822] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 3332.412040][T21822] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 3332.417602][T21822] ? find_held_lock+0x35/0x130 [ 3332.422380][T21822] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 3332.427953][T21822] __memcg_kmem_charge_memcg+0x7c/0x130 [ 3332.433508][T21822] ? memcg_kmem_put_cache+0xb0/0xb0 [ 3332.438714][T21822] ? get_mem_cgroup_from_mm+0x128/0x2b0 [ 3332.444275][T21822] __memcg_kmem_charge+0x136/0x300 [ 3332.449421][T21822] __alloc_pages_nodemask+0x4bf/0x8d0 [ 3332.454812][T21822] ? __alloc_pages_slowpath+0x28b0/0x28b0 [ 3332.460545][T21822] ? is_dynamic_key+0x1c0/0x1c0 [ 3332.465403][T21822] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 3332.471653][T21822] alloc_pages_current+0x107/0x210 [ 3332.476775][T21822] pte_alloc_one+0x1b/0x1a0 [ 3332.481285][T21822] __handle_mm_fault+0x3491/0x3ec0 [ 3332.486408][T21822] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 3332.491960][T21822] ? find_held_lock+0x35/0x130 [ 3332.496732][T21822] ? handle_mm_fault+0x322/0xb30 [ 3332.501680][T21822] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3332.507928][T21822] ? kasan_check_read+0x11/0x20 [ 3332.512797][T21822] handle_mm_fault+0x43f/0xb30 [ 3332.517571][T21822] __do_page_fault+0x5ef/0xda0 [ 3332.522350][T21822] do_page_fault+0x71/0x581 [ 3332.526864][T21822] page_fault+0x1e/0x30 [ 3332.531024][T21822] RIP: 0010:strncpy_from_user+0x1e1/0x380 [ 3332.536744][T21822] Code: 48 83 eb 08 bf 07 00 00 00 49 83 c4 08 48 89 de e8 54 fb 2d fe 48 83 fb 07 0f 86 17 01 00 00 e8 a5 f9 2d fe 48 8b 45 d0 31 f6 <4e> 8b 3c 20 31 ff 89 75 cc e8 11 fb 2d fe 8b 75 cc 85 f6 0f 84 5a [ 3332.556350][T21822] RSP: 0018:ffff88801028fcb0 EFLAGS: 00010246 [ 3332.562422][T21822] RAX: 0000000000400003 RBX: 0000000000000fe0 RCX: ffffffff83429272 [ 3332.570397][T21822] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000007 [ 3332.578370][T21822] RBP: ffff88801028fce8 R08: ffff88809732a680 R09: ffff8880aa594dc0 [ 3332.586347][T21822] R10: 000000000000001c R11: ffff88802027927f R12: 0000000000000000 [ 3332.594323][T21822] R13: ffff8880202782a0 R14: 0000000000000fe0 R15: 00007ffffffff000 [ 3332.602320][T21822] ? strncpy_from_user+0x142/0x380 [ 3332.607451][T21822] getname_flags+0x11b/0x5b0 [ 3332.612045][T21822] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3332.618292][T21822] do_renameat2+0x199/0xc40 [ 3332.622816][T21822] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 3332.628541][T21822] ? user_path_create+0x50/0x50 [ 3332.633402][T21822] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3332.639653][T21822] ? security_capable+0x9b/0xd0 [ 3332.644512][T21822] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3332.650751][T21822] ? ns_capable_common+0x93/0x100 [ 3332.655786][T21822] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3332.661254][T21822] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3332.666738][T21822] ? do_syscall_64+0x26/0x610 [ 3332.671419][T21822] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3332.677488][T21822] ? do_syscall_64+0x26/0x610 [ 3332.682178][T21822] __x64_sys_renameat+0x9a/0x100 [ 3332.687124][T21822] do_syscall_64+0x103/0x610 [ 3332.692509][T21822] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3332.698413][T21822] RIP: 0033:0x2000050a [ 3332.702490][T21822] Code: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 98 4a 2a e9 2c b8 b6 4c 0f 05 03 00 40 00 c4 a3 7b f0 c5 3c 41 e2 e9 c4 22 e9 aa bb 3c 00 00 [ 3332.722100][T21822] RSP: 002b:0000000000400003 EFLAGS: 00000212 ORIG_RAX: 0000000000000108 [ 3332.730527][T21822] RAX: ffffffffffffffda RBX: 0000000000000009 RCX: 000000002000050a [ 3332.738513][T21822] RDX: dfaf83e69c634c96 RSI: 0000000000400003 RDI: 00007f3680240608 [ 3332.746496][T21822] RBP: 0000000000000013 R08: 0000000000000005 R09: 0000000000000006 [ 3332.754476][T21822] R10: 0000000000000007 R11: 0000000000000212 R12: 000000000000000b [ 3332.762458][T21822] R13: 000000000000000c R14: 000000000000000d R15: 00000000ffffffff [ 3332.785861][T21822] memory: usage 307200kB, limit 307200kB, failcnt 12689 [ 3332.792972][T21822] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3332.800431][T21822] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3332.807414][T21822] Memory cgroup stats for /syz0: cache:228KB rss:102204KB rss_huge:67584KB shmem:200KB mapped_file:0KB dirty:0KB writeback:132KB swap:0KB inactive_anon:104KB active_anon:102188KB inactive_file:0KB active_file:0KB unevictable:0KB [ 3332.829630][T21822] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=11270,uid=0 [ 3332.845127][T21822] Memory cgroup out of memory: Killed process 11270 (syz-executor.0) total-vm:72580kB, anon-rss:2220kB, file-rss:35780kB, shmem-rss:0kB [ 3332.868117][T21825] syz-executor.0 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=0, oom_score_adj=1000 [ 3332.902700][T21825] CPU: 1 PID: 21825 Comm: syz-executor.0 Not tainted 5.1.0-rc7+ #97 [ 3332.910736][T21825] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3332.920816][T21825] Call Trace: [ 3332.924135][T21825] dump_stack+0x172/0x1f0 [ 3332.928488][T21825] dump_header+0x10f/0xb6c [ 3332.932926][T21825] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 3332.938774][T21825] ? ___ratelimit+0x60/0x595 [ 3332.943374][T21825] ? do_raw_spin_unlock+0x57/0x270 [ 3332.948509][T21825] oom_kill_process.cold+0x10/0x15 [ 3332.953640][T21825] out_of_memory+0x79a/0x1280 [ 3332.958332][T21825] ? oom_killer_disable+0x280/0x280 [ 3332.963531][T21825] ? find_held_lock+0x35/0x130 [ 3332.968308][T21825] mem_cgroup_out_of_memory+0x1ca/0x230 [ 3332.973865][T21825] ? memcg_event_wake+0x230/0x230 [ 3332.978908][T21825] ? do_raw_spin_unlock+0x57/0x270 [ 3332.984051][T21825] ? _raw_spin_unlock+0x2d/0x50 [ 3332.988922][T21825] try_charge+0xa87/0x15c0 [ 3332.993353][T21825] ? find_held_lock+0x35/0x130 [ 3332.998131][T21825] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 3333.004237][T21825] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 3333.009796][T21825] ? find_held_lock+0x35/0x130 [ 3333.015179][T21825] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 3333.020751][T21825] __memcg_kmem_charge_memcg+0x7c/0x130 [ 3333.026304][T21825] ? memcg_kmem_put_cache+0xb0/0xb0 [ 3333.031516][T21825] ? get_mem_cgroup_from_mm+0x128/0x2b0 [ 3333.037083][T21825] __memcg_kmem_charge+0x136/0x300 [ 3333.042219][T21825] __alloc_pages_nodemask+0x4bf/0x8d0 [ 3333.047617][T21825] ? __alloc_pages_slowpath+0x28b0/0x28b0 [ 3333.053356][T21825] ? is_dynamic_key+0x1c0/0x1c0 [ 3333.058211][T21825] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 3333.064471][T21825] alloc_pages_current+0x107/0x210 [ 3333.069596][T21825] pte_alloc_one+0x1b/0x1a0 [ 3333.074104][T21825] __handle_mm_fault+0x3491/0x3ec0 [ 3333.079211][T21825] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 3333.084763][T21825] ? find_held_lock+0x35/0x130 [ 3333.089533][T21825] ? handle_mm_fault+0x322/0xb30 [ 3333.094477][T21825] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3333.100722][T21825] ? kasan_check_read+0x11/0x20 [ 3333.105586][T21825] handle_mm_fault+0x43f/0xb30 [ 3333.110435][T21825] __do_page_fault+0x5ef/0xda0 [ 3333.115192][T21825] do_page_fault+0x71/0x581 [ 3333.119685][T21825] page_fault+0x1e/0x30 [ 3333.123840][T21825] RIP: 0010:strncpy_from_user+0x1e1/0x380 [ 3333.129554][T21825] Code: 48 83 eb 08 bf 07 00 00 00 49 83 c4 08 48 89 de e8 54 fb 2d fe 48 83 fb 07 0f 86 17 01 00 00 e8 a5 f9 2d fe 48 8b 45 d0 31 f6 <4e> 8b 3c 20 31 ff 89 75 cc e8 11 fb 2d fe 8b 75 cc 85 f6 0f 84 5a [ 3333.149148][T21825] RSP: 0018:ffff8880103efcb0 EFLAGS: 00010246 [ 3333.155203][T21825] RAX: 0000000000400003 RBX: 0000000000000fe0 RCX: ffffffff83429272 [ 3333.163178][T21825] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000007 [ 3333.171145][T21825] RBP: ffff8880103efce8 R08: ffff8880103e2080 R09: ffff8880aa594dc0 [ 3333.179103][T21825] R10: 000000000000001c R11: ffff88802027d2ff R12: 0000000000000000 [ 3333.187071][T21825] R13: ffff88802027c320 R14: 0000000000000fe0 R15: 00007ffffffff000 [ 3333.195073][T21825] ? strncpy_from_user+0x142/0x380 [ 3333.200175][T21825] getname_flags+0x11b/0x5b0 [ 3333.204761][T21825] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3333.211002][T21825] do_renameat2+0x199/0xc40 [ 3333.215502][T21825] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 3333.221205][T21825] ? user_path_create+0x50/0x50 [ 3333.226057][T21825] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3333.232300][T21825] ? security_capable+0x9b/0xd0 [ 3333.237141][T21825] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3333.243379][T21825] ? ns_capable_common+0x93/0x100 [ 3333.248420][T21825] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3333.253949][T21825] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3333.259403][T21825] ? do_syscall_64+0x26/0x610 [ 3333.264078][T21825] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3333.270143][T21825] ? do_syscall_64+0x26/0x610 [ 3333.274812][T21825] __x64_sys_renameat+0x9a/0x100 [ 3333.279745][T21825] do_syscall_64+0x103/0x610 [ 3333.284342][T21825] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3333.290230][T21825] RIP: 0033:0x2000050a [ 3333.294294][T21825] Code: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 98 4a 2a e9 2c b8 b6 4c 0f 05 03 00 40 00 c4 a3 7b f0 c5 3c 41 e2 e9 c4 22 e9 aa bb 3c 00 00 [ 3333.313902][T21825] RSP: 002b:0000000000400003 EFLAGS: 00000212 ORIG_RAX: 0000000000000108 [ 3333.322318][T21825] RAX: ffffffffffffffda RBX: 0000000000000009 RCX: 000000002000050a [ 3333.330312][T21825] RDX: dfaf83e69c634c96 RSI: 0000000000400003 RDI: 00007f3680240608 [ 3333.338290][T21825] RBP: 0000000000000013 R08: 0000000000000005 R09: 0000000000000006 [ 3333.346261][T21825] R10: 0000000000000007 R11: 0000000000000212 R12: 000000000000000b [ 3333.354243][T21825] R13: 000000000000000c R14: 000000000000000d R15: 00000000ffffffff [ 3333.370791][T21825] memory: usage 306976kB, limit 307200kB, failcnt 12800 [ 3333.377897][T21825] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3333.385581][T21825] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3333.392548][T21825] Memory cgroup stats for /syz0: cache:228KB rss:100120KB rss_huge:65536KB shmem:200KB mapped_file:0KB dirty:0KB writeback:132KB swap:0KB inactive_anon:104KB active_anon:100088KB inactive_file:0KB active_file:0KB unevictable:0KB [ 3333.414861][T21825] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=18393,uid=0 [ 3333.430531][T21825] Memory cgroup out of memory: Killed process 18393 (syz-executor.0) total-vm:72580kB, anon-rss:2212kB, file-rss:35784kB, shmem-rss:0kB [ 3333.452751][T21824] syz-executor.0 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=0, oom_score_adj=1000 [ 3333.471780][T21824] CPU: 0 PID: 21824 Comm: syz-executor.0 Not tainted 5.1.0-rc7+ #97 [ 3333.479798][T21824] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3333.489867][T21824] Call Trace: [ 3333.493175][T21824] dump_stack+0x172/0x1f0 [ 3333.497645][T21824] dump_header+0x10f/0xb6c [ 3333.502079][T21824] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 3333.507911][T21824] ? ___ratelimit+0x60/0x595 [ 3333.512523][T21824] ? do_raw_spin_unlock+0x57/0x270 [ 3333.517657][T21824] oom_kill_process.cold+0x10/0x15 [ 3333.522792][T21824] out_of_memory+0x79a/0x1280 [ 3333.527491][T21824] ? oom_killer_disable+0x280/0x280 [ 3333.532700][T21824] ? find_held_lock+0x35/0x130 [ 3333.537484][T21824] mem_cgroup_out_of_memory+0x1ca/0x230 [ 3333.543042][T21824] ? memcg_event_wake+0x230/0x230 [ 3333.548087][T21824] ? do_raw_spin_unlock+0x57/0x270 [ 3333.553211][T21824] ? _raw_spin_unlock+0x2d/0x50 [ 3333.558095][T21824] try_charge+0xa87/0x15c0 [ 3333.562523][T21824] ? find_held_lock+0x35/0x130 [ 3333.567310][T21824] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 3333.572868][T21824] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 3333.578419][T21824] ? find_held_lock+0x35/0x130 [ 3333.583188][T21824] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 3333.588753][T21824] __memcg_kmem_charge_memcg+0x7c/0x130 [ 3333.594321][T21824] ? memcg_kmem_put_cache+0xb0/0xb0 [ 3333.599538][T21824] ? get_mem_cgroup_from_mm+0x128/0x2b0 [ 3333.605111][T21824] __memcg_kmem_charge+0x136/0x300 [ 3333.610263][T21824] __alloc_pages_nodemask+0x4bf/0x8d0 [ 3333.615654][T21824] ? __alloc_pages_slowpath+0x28b0/0x28b0 [ 3333.621396][T21824] ? is_dynamic_key+0x1c0/0x1c0 [ 3333.626259][T21824] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 3333.632518][T21824] alloc_pages_current+0x107/0x210 [ 3333.637737][T21824] pte_alloc_one+0x1b/0x1a0 [ 3333.642261][T21824] __handle_mm_fault+0x3491/0x3ec0 [ 3333.647395][T21824] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 3333.652966][T21824] ? find_held_lock+0x35/0x130 [ 3333.657750][T21824] ? handle_mm_fault+0x322/0xb30 [ 3333.662714][T21824] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3333.668987][T21824] ? kasan_check_read+0x11/0x20 [ 3333.673866][T21824] handle_mm_fault+0x43f/0xb30 [ 3333.678651][T21824] __do_page_fault+0x5ef/0xda0 [ 3333.683438][T21824] do_page_fault+0x71/0x581 [ 3333.687963][T21824] page_fault+0x1e/0x30 [ 3333.692136][T21824] RIP: 0010:strncpy_from_user+0x1e1/0x380 [ 3333.697868][T21824] Code: 48 83 eb 08 bf 07 00 00 00 49 83 c4 08 48 89 de e8 54 fb 2d fe 48 83 fb 07 0f 86 17 01 00 00 e8 a5 f9 2d fe 48 8b 45 d0 31 f6 <4e> 8b 3c 20 31 ff 89 75 cc e8 11 fb 2d fe 8b 75 cc 85 f6 0f 84 5a [ 3333.717482][T21824] RSP: 0018:ffff88801039fcb0 EFLAGS: 00010246 [ 3333.723556][T21824] RAX: 0000000000400003 RBX: 0000000000000fe0 RCX: ffffffff83429272 [ 3333.731623][T21824] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000007 [ 3333.739605][T21824] RBP: ffff88801039fce8 R08: ffff888010392040 R09: ffff8880aa594dc0 [ 3333.747608][T21824] R10: 000000000000001c R11: ffff88802027b2bf R12: 0000000000000000 [ 3333.755594][T21824] R13: ffff88802027a2e0 R14: 0000000000000fe0 R15: 00007ffffffff000 [ 3333.763687][T21824] ? strncpy_from_user+0x142/0x380 [ 3333.768834][T21824] getname_flags+0x11b/0x5b0 [ 3333.773449][T21824] do_renameat2+0x199/0xc40 [ 3333.777982][T21824] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3333.784255][T21824] ? debug_smp_processor_id+0x3c/0x280 [ 3333.789728][T21824] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 3333.795459][T21824] ? user_path_create+0x50/0x50 [ 3333.800322][T21824] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3333.806573][T21824] ? security_capable+0x9b/0xd0 [ 3333.811440][T21824] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3333.817695][T21824] ? ns_capable_common+0x93/0x100 [ 3333.822756][T21824] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3333.828256][T21824] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3333.833729][T21824] ? do_syscall_64+0x26/0x610 [ 3333.838413][T21824] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3333.844487][T21824] ? do_syscall_64+0x26/0x610 [ 3333.849175][T21824] __x64_sys_renameat+0x9a/0x100 [ 3333.854127][T21824] do_syscall_64+0x103/0x610 [ 3333.858726][T21824] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3333.864621][T21824] RIP: 0033:0x2000050a [ 3333.868690][T21824] Code: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 98 4a 2a e9 2c b8 b6 4c 0f 05 03 00 40 00 c4 a3 7b f0 c5 3c 41 e2 e9 c4 22 e9 aa bb 3c 00 00 [ 3333.888316][T21824] RSP: 002b:0000000000400003 EFLAGS: 00000212 ORIG_RAX: 0000000000000108 [ 3333.896739][T21824] RAX: ffffffffffffffda RBX: 0000000000000009 RCX: 000000002000050a [ 3333.904716][T21824] RDX: dfaf83e69c634c96 RSI: 0000000000400003 RDI: 00007f3680240608 [ 3333.912785][T21824] RBP: 0000000000000013 R08: 0000000000000005 R09: 0000000000000006 [ 3333.920766][T21824] R10: 0000000000000007 R11: 0000000000000212 R12: 000000000000000b [ 3333.928744][T21824] R13: 000000000000000c R14: 000000000000000d R15: 00000000ffffffff [ 3333.949643][T21824] memory: usage 307200kB, limit 307200kB, failcnt 12945 [ 3333.956770][T21824] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3333.964391][T21824] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3333.971237][T21824] Memory cgroup stats for /syz0: cache:228KB rss:97972KB rss_huge:63488KB shmem:200KB mapped_file:0KB dirty:0KB writeback:132KB swap:0KB inactive_anon:104KB active_anon:97916KB inactive_file:0KB active_file:0KB unevictable:0KB [ 3333.993317][T21824] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=32392,uid=0 [ 3334.009029][T21824] Memory cgroup out of memory: Killed process 32392 (syz-executor.0) total-vm:72448kB, anon-rss:2212kB, file-rss:35784kB, shmem-rss:0kB [ 3334.026030][ T1043] oom_reaper: reaped process 32392 (syz-executor.0), now anon-rss:0kB, file-rss:34824kB, shmem-rss:0kB [ 3334.090665][T21619] syz-executor.0 invoked oom-killer: gfp_mask=0x40cc0(GFP_KERNEL|__GFP_COMP), order=1, oom_score_adj=1000 [ 3334.125397][T21619] CPU: 0 PID: 21619 Comm: syz-executor.0 Not tainted 5.1.0-rc7+ #97 [ 3334.133740][T21619] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3334.143831][T21619] Call Trace: [ 3334.147114][T21619] dump_stack+0x172/0x1f0 [ 3334.151522][T21619] dump_header+0x10f/0xb6c [ 3334.155926][T21619] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 3334.161737][T21619] ? ___ratelimit+0x60/0x595 [ 3334.166321][T21619] ? do_raw_spin_unlock+0x57/0x270 [ 3334.171438][T21619] oom_kill_process.cold+0x10/0x15 [ 3334.176533][T21619] out_of_memory+0x79a/0x1280 [ 3334.181196][T21619] ? oom_killer_disable+0x280/0x280 [ 3334.186383][T21619] ? find_held_lock+0x35/0x130 [ 3334.191144][T21619] mem_cgroup_out_of_memory+0x1ca/0x230 [ 3334.196673][T21619] ? memcg_event_wake+0x230/0x230 [ 3334.201695][T21619] ? do_raw_spin_unlock+0x57/0x270 [ 3334.206807][T21619] ? _raw_spin_unlock+0x2d/0x50 [ 3334.211666][T21619] try_charge+0xa87/0x15c0 [ 3334.216077][T21619] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 3334.221806][T21619] ? rcu_read_lock_sched_held+0x110/0x130 [ 3334.227521][T21619] ? __alloc_pages_nodemask+0x61d/0x8d0 [ 3334.233057][T21619] ? __lockdep_free_key_range+0x120/0x120 [ 3334.238785][T21619] __memcg_kmem_charge_memcg+0x7c/0x130 [ 3334.244329][T21619] ? memcg_kmem_put_cache+0xb0/0xb0 [ 3334.249537][T21619] ? cache_grow_begin+0x594/0x860 [ 3334.254553][T21619] ? lockdep_hardirqs_on+0x418/0x5d0 [ 3334.259831][T21619] ? trace_hardirqs_on+0x67/0x230 [ 3334.264847][T21619] cache_grow_begin+0x5c0/0x860 [ 3334.269686][T21619] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 3334.275915][T21619] ? __cpuset_node_allowed+0x136/0x540 [ 3334.281383][T21619] fallback_alloc+0x1fd/0x2d0 [ 3334.286057][T21619] ____cache_alloc_node+0x1be/0x1e0 [ 3334.291269][T21619] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 3334.297505][T21619] kmem_cache_alloc_node+0xe3/0x710 [ 3334.302696][T21619] ? lockdep_hardirqs_on+0x418/0x5d0 [ 3334.308159][T21619] ? trace_hardirqs_on+0x67/0x230 [ 3334.313178][T21619] copy_process.part.0+0x1d08/0x7980 [ 3334.318455][T21619] ? perf_trace_lock+0xeb/0x510 [ 3334.323292][T21619] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3334.329524][T21619] ? debug_smp_processor_id+0x3c/0x280 [ 3334.334989][T21619] ? __lockdep_free_key_range+0x120/0x120 [ 3334.340702][T21619] ? __might_fault+0x12b/0x1e0 [ 3334.345466][T21619] ? find_held_lock+0x35/0x130 [ 3334.350234][T21619] ? __might_fault+0x12b/0x1e0 [ 3334.355001][T21619] ? __cleanup_sighand+0x60/0x60 [ 3334.359941][T21619] ? check_stack_object+0x114/0x160 [ 3334.365135][T21619] ? __sanitizer_cov_trace_switch+0x49/0x80 [ 3334.371023][T21619] _do_fork+0x257/0xfd0 [ 3334.375178][T21619] ? fork_idle+0x1d0/0x1d0 [ 3334.379580][T21619] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3334.385811][T21619] ? key_get_type_from_user.constprop.0+0xe4/0x110 [ 3334.392307][T21619] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3334.398563][T21619] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3334.404015][T21619] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3334.409485][T21619] ? do_syscall_64+0x26/0x610 [ 3334.414244][T21619] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3334.420298][T21619] ? do_syscall_64+0x26/0x610 [ 3334.424973][T21619] __x64_sys_clone+0xbf/0x150 [ 3334.429642][T21619] do_syscall_64+0x103/0x610 [ 3334.434227][T21619] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3334.440288][T21619] RIP: 0033:0x2000050a [ 3334.444362][T21619] Code: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 98 4a 2a e9 2c b8 b6 4c 0f 05 03 00 40 00 c4 a3 7b f0 c5 3c 41 e2 e9 c4 22 e9 aa bb 3c 00 00 [ 3334.464134][T21619] RSP: 002b:0000000000400003 EFLAGS: 00000212 ORIG_RAX: 0000000000000038 [ 3334.472535][T21619] RAX: ffffffffffffffda RBX: 0000000000000009 RCX: 000000002000050a [ 3334.480496][T21619] RDX: dfaf83e69c634c96 RSI: 0000000000400003 RDI: 00007f3680240608 [ 3334.488455][T21619] RBP: 0000000000000006 R08: 0000000000000005 R09: 0000000000000006 [ 3334.496414][T21619] R10: 0000000000000007 R11: 0000000000000212 R12: 000000000000000b [ 3334.504382][T21619] R13: 000000000000000c R14: 000000000000000d R15: 00000000ffffffff [ 3334.521773][T21619] memory: usage 307200kB, limit 307200kB, failcnt 13126 [ 3334.528752][T21619] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3334.536463][T21619] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3334.543409][T21619] Memory cgroup stats for /syz0: cache:228KB rss:95856KB rss_huge:61440KB shmem:200KB mapped_file:0KB dirty:0KB writeback:132KB swap:0KB inactive_anon:104KB active_anon:95828KB inactive_file:0KB active_file:0KB unevictable:0KB [ 3334.565705][T21619] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=14380,uid=0 [ 3334.581149][T21619] Memory cgroup out of memory: Killed process 14380 (syz-executor.0) total-vm:72580kB, anon-rss:2212kB, file-rss:35784kB, shmem-rss:0kB [ 3334.603988][T21828] syz-executor.0 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=0, oom_score_adj=1000 [ 3334.652699][T21828] CPU: 1 PID: 21828 Comm: syz-executor.0 Not tainted 5.1.0-rc7+ #97 [ 3334.660734][T21828] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3334.670810][T21828] Call Trace: [ 3334.674118][T21828] dump_stack+0x172/0x1f0 [ 3334.678479][T21828] dump_header+0x10f/0xb6c [ 3334.682911][T21828] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 3334.688730][T21828] ? ___ratelimit+0x60/0x595 [ 3334.693340][T21828] ? do_raw_spin_unlock+0x57/0x270 [ 3334.698463][T21828] oom_kill_process.cold+0x10/0x15 [ 3334.703583][T21828] out_of_memory+0x79a/0x1280 [ 3334.708272][T21828] ? oom_killer_disable+0x280/0x280 [ 3334.713474][T21828] ? find_held_lock+0x35/0x130 [ 3334.718264][T21828] mem_cgroup_out_of_memory+0x1ca/0x230 [ 3334.723820][T21828] ? memcg_event_wake+0x230/0x230 [ 3334.728860][T21828] ? do_raw_spin_unlock+0x57/0x270 [ 3334.734007][T21828] ? _raw_spin_unlock+0x2d/0x50 [ 3334.738870][T21828] try_charge+0xa87/0x15c0 [ 3334.743293][T21828] ? find_held_lock+0x35/0x130 [ 3334.748077][T21828] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 3334.753665][T21828] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 3334.759313][T21828] ? find_held_lock+0x35/0x130 [ 3334.764169][T21828] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 3334.769746][T21828] __memcg_kmem_charge_memcg+0x7c/0x130 [ 3334.775301][T21828] ? memcg_kmem_put_cache+0xb0/0xb0 [ 3334.780991][T21828] ? get_mem_cgroup_from_mm+0x128/0x2b0 [ 3334.786546][T21828] __memcg_kmem_charge+0x136/0x300 [ 3334.791675][T21828] __alloc_pages_nodemask+0x4bf/0x8d0 [ 3334.797050][T21828] ? __alloc_pages_slowpath+0x28b0/0x28b0 [ 3334.802882][T21828] ? is_dynamic_key+0x1c0/0x1c0 [ 3334.807743][T21828] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 3334.811761][ C0] net_ratelimit: 20 callbacks suppressed [ 3334.811770][ C0] protocol 88fb is buggy, dev hsr_slave_0 [ 3334.813992][T21828] alloc_pages_current+0x107/0x210 [ 3334.819687][ C0] protocol 88fb is buggy, dev hsr_slave_1 [ 3334.825345][T21828] pte_alloc_one+0x1b/0x1a0 [ 3334.825364][T21828] __handle_mm_fault+0x3491/0x3ec0 [ 3334.825383][T21828] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 3334.825397][T21828] ? find_held_lock+0x35/0x130 [ 3334.825413][T21828] ? handle_mm_fault+0x322/0xb30 [ 3334.825438][T21828] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3334.830682][ C0] protocol 88fb is buggy, dev hsr_slave_0 [ 3334.836265][T21828] ? kasan_check_read+0x11/0x20 [ 3334.836286][T21828] handle_mm_fault+0x43f/0xb30 [ 3334.836307][T21828] __do_page_fault+0x5ef/0xda0 [ 3334.836330][T21828] do_page_fault+0x71/0x581 [ 3334.840893][ C0] protocol 88fb is buggy, dev hsr_slave_1 [ 3334.845952][T21828] page_fault+0x1e/0x30 [ 3334.845970][T21828] RIP: 0010:strncpy_from_user+0x1e1/0x380 [ 3334.845985][T21828] Code: 48 83 eb 08 bf 07 00 00 00 49 83 c4 08 48 89 de e8 54 fb 2d fe 48 83 fb 07 0f 86 17 01 00 00 e8 a5 f9 2d fe 48 8b 45 d0 31 f6 <4e> 8b 3c 20 31 ff 89 75 cc e8 11 fb 2d fe 8b 75 cc 85 f6 0f 84 5a [ 3334.846000][T21828] RSP: 0018:ffff88802028fcb0 EFLAGS: 00010246 [ 3334.933627][T21828] RAX: 0000000000400003 RBX: 0000000000000fe0 RCX: ffffffff83429272 [ 3334.941609][T21828] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000007 [ 3334.949588][T21828] RBP: ffff88802028fce8 R08: ffff88802027e1c0 R09: ffff8880aa594dc0 [ 3334.957559][T21828] R10: 000000000000001c R11: ffff88802c531c3f R12: 0000000000000000 [ 3334.965622][T21828] R13: ffff88802c530c60 R14: 0000000000000fe0 R15: 00007ffffffff000 [ 3334.973620][T21828] ? strncpy_from_user+0x142/0x380 [ 3334.978851][T21828] getname_flags+0x11b/0x5b0 [ 3334.983714][T21828] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3334.989974][T21828] do_renameat2+0x199/0xc40 [ 3334.994492][T21828] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 3335.000297][T21828] ? user_path_create+0x50/0x50 [ 3335.005609][T21828] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3335.011856][T21828] ? security_capable+0x9b/0xd0 [ 3335.016726][T21828] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3335.022968][T21828] ? ns_capable_common+0x93/0x100 [ 3335.028008][T21828] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3335.033474][T21828] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3335.038942][T21828] ? do_syscall_64+0x26/0x610 [ 3335.043605][T21828] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3335.049661][T21828] ? do_syscall_64+0x26/0x610 [ 3335.054348][T21828] __x64_sys_renameat+0x9a/0x100 [ 3335.059313][T21828] do_syscall_64+0x103/0x610 [ 3335.064337][T21828] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3335.070217][T21828] RIP: 0033:0x2000050a [ 3335.074288][T21828] Code: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 98 4a 2a e9 2c b8 b6 4c 0f 05 03 00 40 00 c4 a3 7b f0 c5 3c 41 e2 e9 c4 22 e9 aa bb 3c 00 00 [ 3335.093915][T21828] RSP: 002b:0000000000400003 EFLAGS: 00000212 ORIG_RAX: 0000000000000108 [ 3335.102358][T21828] RAX: ffffffffffffffda RBX: 0000000000000009 RCX: 000000002000050a [ 3335.110338][T21828] RDX: dfaf83e69c634c96 RSI: 0000000000400003 RDI: 00007f3680240608 [ 3335.118309][T21828] RBP: 0000000000000013 R08: 0000000000000005 R09: 0000000000000006 [ 3335.126281][T21828] R10: 0000000000000007 R11: 0000000000000212 R12: 000000000000000b [ 3335.134956][T21828] R13: 000000000000000c R14: 000000000000000d R15: 00000000ffffffff [ 3335.147687][T21828] memory: usage 307200kB, limit 307200kB, failcnt 13218 [ 3335.154828][T21828] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3335.162355][T21828] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3335.169220][T21828] Memory cgroup stats for /syz0: cache:228KB rss:93720KB rss_huge:59392KB shmem:200KB mapped_file:0KB dirty:0KB writeback:132KB swap:0KB inactive_anon:104KB active_anon:93696KB inactive_file:0KB active_file:0KB unevictable:0KB [ 3335.191277][T21828] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=8677,uid=0 [ 3335.206656][T21828] Memory cgroup out of memory: Killed process 8677 (syz-executor.0) total-vm:72580kB, anon-rss:2204kB, file-rss:35788kB, shmem-rss:0kB [ 3335.238059][T21620] syz-executor.0 invoked oom-killer: gfp_mask=0x40cc0(GFP_KERNEL|__GFP_COMP), order=1, oom_score_adj=1000 [ 3335.279309][T21620] CPU: 0 PID: 21620 Comm: syz-executor.0 Not tainted 5.1.0-rc7+ #97 [ 3335.287410][T21620] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3335.297471][T21620] Call Trace: [ 3335.300776][T21620] dump_stack+0x172/0x1f0 [ 3335.305124][T21620] dump_header+0x10f/0xb6c [ 3335.309659][T21620] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 3335.315483][T21620] ? ___ratelimit+0x60/0x595 [ 3335.320268][T21620] ? do_raw_spin_unlock+0x57/0x270 [ 3335.325400][T21620] oom_kill_process.cold+0x10/0x15 [ 3335.330699][T21620] out_of_memory+0x79a/0x1280 [ 3335.335392][T21620] ? oom_killer_disable+0x280/0x280 [ 3335.340592][T21620] ? find_held_lock+0x35/0x130 [ 3335.345377][T21620] mem_cgroup_out_of_memory+0x1ca/0x230 [ 3335.350940][T21620] ? memcg_event_wake+0x230/0x230 [ 3335.356000][T21620] ? do_raw_spin_unlock+0x57/0x270 [ 3335.361130][T21620] ? _raw_spin_unlock+0x2d/0x50 [ 3335.365992][T21620] try_charge+0xa87/0x15c0 [ 3335.370425][T21620] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 3335.375987][T21620] ? rcu_read_lock_sched_held+0x110/0x130 [ 3335.381713][T21620] ? __alloc_pages_nodemask+0x61d/0x8d0 [ 3335.387273][T21620] ? __lockdep_free_key_range+0x120/0x120 [ 3335.393021][T21620] __memcg_kmem_charge_memcg+0x7c/0x130 [ 3335.398580][T21620] ? memcg_kmem_put_cache+0xb0/0xb0 [ 3335.403788][T21620] ? cache_grow_begin+0x594/0x860 [ 3335.408821][T21620] ? lockdep_hardirqs_on+0x418/0x5d0 [ 3335.414114][T21620] ? trace_hardirqs_on+0x67/0x230 [ 3335.419149][T21620] cache_grow_begin+0x5c0/0x860 [ 3335.424017][T21620] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 3335.430272][T21620] ? __cpuset_node_allowed+0x136/0x540 [ 3335.435752][T21620] fallback_alloc+0x1fd/0x2d0 [ 3335.440443][T21620] ____cache_alloc_node+0x1be/0x1e0 [ 3335.445645][T21620] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 3335.451897][T21620] kmem_cache_alloc_node+0xe3/0x710 [ 3335.457119][T21620] ? lockdep_hardirqs_on+0x418/0x5d0 [ 3335.462411][T21620] ? trace_hardirqs_on+0x67/0x230 [ 3335.467455][T21620] copy_process.part.0+0x1d08/0x7980 [ 3335.472753][T21620] ? perf_trace_lock+0xeb/0x510 [ 3335.477614][T21620] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3335.483859][T21620] ? debug_smp_processor_id+0x3c/0x280 [ 3335.489323][T21620] ? __lockdep_free_key_range+0x120/0x120 [ 3335.495045][T21620] ? __might_fault+0x12b/0x1e0 [ 3335.499795][T21620] ? find_held_lock+0x35/0x130 [ 3335.504542][T21620] ? __might_fault+0x12b/0x1e0 [ 3335.509385][T21620] ? __cleanup_sighand+0x60/0x60 [ 3335.514314][T21620] ? check_stack_object+0x114/0x160 [ 3335.519595][T21620] ? __sanitizer_cov_trace_switch+0x49/0x80 [ 3335.525479][T21620] _do_fork+0x257/0xfd0 [ 3335.529621][T21620] ? fork_idle+0x1d0/0x1d0 [ 3335.534019][T21620] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3335.540367][T21620] ? key_get_type_from_user.constprop.0+0xe4/0x110 [ 3335.546863][T21620] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3335.553090][T21620] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3335.558529][T21620] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3335.563970][T21620] ? do_syscall_64+0x26/0x610 [ 3335.568648][T21620] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3335.574705][T21620] ? do_syscall_64+0x26/0x610 [ 3335.579409][T21620] __x64_sys_clone+0xbf/0x150 [ 3335.584085][T21620] do_syscall_64+0x103/0x610 [ 3335.588661][T21620] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3335.594533][T21620] RIP: 0033:0x2000050a [ 3335.598581][T21620] Code: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 98 4a 2a e9 2c b8 b6 4c 0f 05 03 00 40 00 c4 a3 7b f0 c5 3c 41 e2 e9 c4 22 e9 aa bb 3c 00 00 [ 3335.618170][T21620] RSP: 002b:0000000000400003 EFLAGS: 00000212 ORIG_RAX: 0000000000000038 [ 3335.626585][T21620] RAX: ffffffffffffffda RBX: 0000000000000009 RCX: 000000002000050a [ 3335.634549][T21620] RDX: dfaf83e69c634c96 RSI: 0000000000400003 RDI: 00007f3680240608 [ 3335.642526][T21620] RBP: 0000000000000006 R08: 0000000000000005 R09: 0000000000000006 [ 3335.650494][T21620] R10: 0000000000000007 R11: 0000000000000212 R12: 000000000000000b [ 3335.658458][T21620] R13: 000000000000000c R14: 000000000000000d R15: 00000000ffffffff [ 3335.668726][T21620] memory: usage 307128kB, limit 307200kB, failcnt 13358 [ 3335.671729][ C1] protocol 88fb is buggy, dev hsr_slave_0 [ 3335.675748][T21620] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3335.675763][T21620] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3335.681697][ C1] protocol 88fb is buggy, dev hsr_slave_1 [ 3335.689083][T21620] Memory cgroup stats for /syz0: cache:228KB rss:91564KB rss_huge:57344KB shmem:200KB mapped_file:0KB dirty:0KB writeback:132KB swap:0KB inactive_anon:104KB active_anon:91572KB inactive_file:0KB active_file:0KB unevictable:0KB [ 3335.696157][ C1] protocol 88fb is buggy, dev hsr_slave_0 [ 3335.701925][T21620] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=17803,uid=0 [ 3335.724153][ C1] protocol 88fb is buggy, dev hsr_slave_1 [ 3335.729669][T21620] Memory cgroup out of memory: Killed process 17803 (syz-executor.0) total-vm:72448kB, anon-rss:2204kB, file-rss:35788kB, shmem-rss:0kB [ 3335.750033][T21623] syz-executor.0 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=0, oom_score_adj=1000 [ 3335.751308][ C1] protocol 88fb is buggy, dev hsr_slave_0 [ 3335.783428][ C1] protocol 88fb is buggy, dev hsr_slave_1 [ 3335.784433][T21623] CPU: 0 PID: 21623 Comm: syz-executor.0 Not tainted 5.1.0-rc7+ #97 [ 3335.797141][T21623] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3335.807202][T21623] Call Trace: [ 3335.810512][T21623] dump_stack+0x172/0x1f0 [ 3335.814861][T21623] dump_header+0x10f/0xb6c [ 3335.819295][T21623] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 3335.825114][T21623] ? ___ratelimit+0x60/0x595 [ 3335.829711][T21623] ? do_raw_spin_unlock+0x57/0x270 [ 3335.834836][T21623] oom_kill_process.cold+0x10/0x15 [ 3335.839973][T21623] out_of_memory+0x79a/0x1280 [ 3335.844839][T21623] ? oom_killer_disable+0x280/0x280 [ 3335.850048][T21623] ? find_held_lock+0x35/0x130 [ 3335.854838][T21623] mem_cgroup_out_of_memory+0x1ca/0x230 [ 3335.860394][T21623] ? memcg_event_wake+0x230/0x230 [ 3335.865573][T21623] ? do_raw_spin_unlock+0x57/0x270 [ 3335.870695][T21623] ? _raw_spin_unlock+0x2d/0x50 [ 3335.875562][T21623] try_charge+0xa87/0x15c0 [ 3335.879983][T21623] ? find_held_lock+0x35/0x130 [ 3335.884768][T21623] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 3335.890513][T21623] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 3335.896068][T21623] ? find_held_lock+0x35/0x130 [ 3335.900842][T21623] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 3335.906419][T21623] __memcg_kmem_charge_memcg+0x7c/0x130 [ 3335.912142][T21623] ? memcg_kmem_put_cache+0xb0/0xb0 [ 3335.917366][T21623] ? get_mem_cgroup_from_mm+0x128/0x2b0 [ 3335.922929][T21623] __memcg_kmem_charge+0x136/0x300 [ 3335.928074][T21623] __alloc_pages_nodemask+0x4bf/0x8d0 [ 3335.933468][T21623] ? __alloc_pages_slowpath+0x28b0/0x28b0 [ 3335.939210][T21623] ? copy_page_range+0x125a/0x1f90 [ 3335.944338][T21623] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 3335.950591][T21623] alloc_pages_current+0x107/0x210 [ 3335.955717][T21623] pte_alloc_one+0x1b/0x1a0 [ 3335.960234][T21623] __pte_alloc+0x20/0x310 [ 3335.964579][T21623] copy_page_range+0x1529/0x1f90 [ 3335.969519][T21623] ? perf_trace_lock+0xeb/0x510 [ 3335.974372][T21623] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3335.980648][T21623] ? pmd_alloc+0x180/0x180 [ 3335.985072][T21623] ? __rb_insert_augmented+0x231/0xdf0 [ 3335.990534][T21623] ? validate_mm_rb+0xa3/0xc0 [ 3335.995212][T21623] ? __vma_link_rb+0x279/0x370 [ 3335.999988][T21623] copy_process.part.0+0x568b/0x7980 [ 3336.005509][T21623] ? __cleanup_sighand+0x60/0x60 [ 3336.010461][T21623] ? check_stack_object+0x114/0x160 [ 3336.015664][T21623] ? __sanitizer_cov_trace_switch+0x49/0x80 [ 3336.021567][T21623] _do_fork+0x257/0xfd0 [ 3336.025735][T21623] ? fork_idle+0x1d0/0x1d0 [ 3336.030152][T21623] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3336.036395][T21623] ? key_get_type_from_user.constprop.0+0xe4/0x110 [ 3336.042903][T21623] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3336.049155][T21623] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3336.054615][T21623] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3336.062162][T21623] ? do_syscall_64+0x26/0x610 [ 3336.066844][T21623] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3336.072915][T21623] ? do_syscall_64+0x26/0x610 [ 3336.077610][T21623] __x64_sys_clone+0xbf/0x150 [ 3336.082358][T21623] do_syscall_64+0x103/0x610 [ 3336.086965][T21623] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3336.092854][T21623] RIP: 0033:0x2000050a [ 3336.096922][T21623] Code: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 98 4a 2a e9 2c b8 b6 4c 0f 05 03 00 40 00 c4 a3 7b f0 c5 3c 41 e2 e9 c4 22 e9 aa bb 3c 00 00 [ 3336.116626][T21623] RSP: 002b:0000000000400003 EFLAGS: 00000212 ORIG_RAX: 0000000000000038 [ 3336.125052][T21623] RAX: ffffffffffffffda RBX: 0000000000000009 RCX: 000000002000050a [ 3336.133032][T21623] RDX: dfaf83e69c634c96 RSI: 0000000000400003 RDI: 00007f3680240608 [ 3336.141354][T21623] RBP: 0000000000000006 R08: 0000000000000005 R09: 0000000000000006 [ 3336.149336][T21623] R10: 0000000000000007 R11: 0000000000000212 R12: 000000000000000b [ 3336.157320][T21623] R13: 000000000000000c R14: 000000000000000d R15: 00000000ffffffff [ 3336.168998][T21623] memory: usage 307200kB, limit 307200kB, failcnt 13442 [ 3336.188592][T21623] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3336.196386][T21623] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3336.203602][T21623] Memory cgroup stats for /syz0: cache:228KB rss:89452KB rss_huge:55296KB shmem:200KB mapped_file:0KB dirty:0KB writeback:132KB swap:0KB inactive_anon:104KB active_anon:89444KB inactive_file:0KB active_file:0KB unevictable:0KB [ 3336.225628][T21623] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=7681,uid=0 [ 3336.240996][T21623] Memory cgroup out of memory: Killed process 7681 (syz-executor.0) total-vm:72976kB, anon-rss:2256kB, file-rss:34816kB, shmem-rss:0kB [ 3336.263735][T21434] syz-executor.0 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=0, oom_score_adj=1000 [ 3336.298827][T21434] CPU: 0 PID: 21434 Comm: syz-executor.0 Not tainted 5.1.0-rc7+ #97 [ 3336.306903][T21434] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3336.317073][T21434] Call Trace: [ 3336.320385][T21434] dump_stack+0x172/0x1f0 [ 3336.324735][T21434] dump_header+0x10f/0xb6c [ 3336.329166][T21434] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 3336.335076][T21434] ? ___ratelimit+0x60/0x595 [ 3336.339681][T21434] ? do_raw_spin_unlock+0x57/0x270 [ 3336.344817][T21434] oom_kill_process.cold+0x10/0x15 [ 3336.349960][T21434] out_of_memory+0x79a/0x1280 [ 3336.354671][T21434] ? oom_killer_disable+0x280/0x280 [ 3336.359976][T21434] ? find_held_lock+0x35/0x130 [ 3336.364773][T21434] mem_cgroup_out_of_memory+0x1ca/0x230 [ 3336.370330][T21434] ? memcg_event_wake+0x230/0x230 [ 3336.375378][T21434] ? do_raw_spin_unlock+0x57/0x270 [ 3336.380508][T21434] ? _raw_spin_unlock+0x2d/0x50 [ 3336.385376][T21434] try_charge+0xa87/0x15c0 [ 3336.389801][T21434] ? find_held_lock+0x35/0x130 [ 3336.394585][T21434] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 3336.400138][T21434] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 3336.405695][T21434] ? find_held_lock+0x35/0x130 [ 3336.410474][T21434] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 3336.416053][T21434] __memcg_kmem_charge_memcg+0x7c/0x130 [ 3336.421609][T21434] ? memcg_kmem_put_cache+0xb0/0xb0 [ 3336.426837][T21434] ? get_mem_cgroup_from_mm+0x128/0x2b0 [ 3336.432407][T21434] __memcg_kmem_charge+0x136/0x300 [ 3336.437540][T21434] __alloc_pages_nodemask+0x4bf/0x8d0 [ 3336.442920][T21434] ? find_held_lock+0x35/0x130 [ 3336.447706][T21434] ? __alloc_pages_slowpath+0x28b0/0x28b0 [ 3336.453441][T21434] ? kasan_check_write+0x14/0x20 [ 3336.458393][T21434] ? lock_downgrade+0x880/0x880 [ 3336.463263][T21434] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 3336.469515][T21434] alloc_pages_current+0x107/0x210 [ 3336.474910][T21434] pte_alloc_one+0x1b/0x1a0 [ 3336.479429][T21434] __pte_alloc+0x20/0x310 [ 3336.483765][T21434] copy_page_range+0x1529/0x1f90 [ 3336.488736][T21434] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 3336.494482][T21434] ? pmd_alloc+0x180/0x180 [ 3336.498916][T21434] ? validate_mm_rb+0xa3/0xc0 [ 3336.503614][T21434] ? __vma_link_rb+0x279/0x370 [ 3336.508395][T21434] copy_process.part.0+0x568b/0x7980 [ 3336.513696][T21434] ? __cleanup_sighand+0x60/0x60 [ 3336.518641][T21434] ? check_stack_object+0x114/0x160 [ 3336.523840][T21434] ? __sanitizer_cov_trace_switch+0x49/0x80 [ 3336.529725][T21434] _do_fork+0x257/0xfd0 [ 3336.533871][T21434] ? fork_idle+0x1d0/0x1d0 [ 3336.538272][T21434] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3336.544505][T21434] ? key_get_type_from_user.constprop.0+0xe4/0x110 [ 3336.550992][T21434] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3336.557214][T21434] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3336.562655][T21434] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3336.568097][T21434] ? do_syscall_64+0x26/0x610 [ 3336.572777][T21434] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3336.578828][T21434] ? do_syscall_64+0x26/0x610 [ 3336.583496][T21434] __x64_sys_clone+0xbf/0x150 [ 3336.588160][T21434] do_syscall_64+0x103/0x610 [ 3336.592738][T21434] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3336.598615][T21434] RIP: 0033:0x2000050a [ 3336.602683][T21434] Code: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 98 4a 2a e9 2c b8 b6 4c 0f 05 03 00 40 00 c4 a3 7b f0 c5 3c 41 e2 e9 c4 22 e9 aa bb 3c 00 00 [ 3336.622277][T21434] RSP: 002b:0000000000400003 EFLAGS: 00000212 ORIG_RAX: 0000000000000038 [ 3336.630766][T21434] RAX: ffffffffffffffda RBX: 0000000000000009 RCX: 000000002000050a [ 3336.638730][T21434] RDX: dfaf83e69c634c96 RSI: 0000000000400003 RDI: 00007f3680240608 [ 3336.646693][T21434] RBP: 0000000000000006 R08: 0000000000000005 R09: 0000000000000006 [ 3336.654652][T21434] R10: 0000000000000007 R11: 0000000000000212 R12: 000000000000000b [ 3336.662611][T21434] R13: 000000000000000c R14: 000000000000000d R15: 00000000ffffffff [ 3336.675633][T21434] memory: usage 307200kB, limit 307200kB, failcnt 13642 [ 3336.683927][T21434] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3336.693959][T21434] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3336.700901][T21434] Memory cgroup stats for /syz0: cache:228KB rss:87372KB rss_huge:53248KB shmem:200KB mapped_file:0KB dirty:0KB writeback:132KB swap:0KB inactive_anon:104KB active_anon:87296KB inactive_file:0KB active_file:0KB unevictable:0KB [ 3336.723147][T21434] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=2027,uid=0 [ 3336.738972][T21434] Memory cgroup out of memory: Killed process 2027 (syz-executor.0) total-vm:72844kB, anon-rss:2236kB, file-rss:34816kB, shmem-rss:0kB [ 3336.757783][ T1043] oom_reaper: reaped process 2027 (syz-executor.0), now anon-rss:0kB, file-rss:34816kB, shmem-rss:0kB [ 3336.845225][T21434] syz-executor.0 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 3336.855745][T21434] CPU: 1 PID: 21434 Comm: syz-executor.0 Not tainted 5.1.0-rc7+ #97 [ 3336.863729][T21434] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3336.873797][T21434] Call Trace: [ 3336.877104][T21434] dump_stack+0x172/0x1f0 [ 3336.881456][T21434] dump_header+0x10f/0xb6c [ 3336.885885][T21434] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 3336.891697][T21434] ? ___ratelimit+0x60/0x595 [ 3336.896294][T21434] ? do_raw_spin_unlock+0x57/0x270 [ 3336.901397][T21434] oom_kill_process.cold+0x10/0x15 [ 3336.906516][T21434] out_of_memory+0x79a/0x1280 [ 3336.911211][T21434] ? lock_downgrade+0x880/0x880 [ 3336.916065][T21434] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3336.922318][T21434] ? oom_killer_disable+0x280/0x280 [ 3336.927525][T21434] ? find_held_lock+0x35/0x130 [ 3336.932322][T21434] mem_cgroup_out_of_memory+0x1ca/0x230 [ 3336.937885][T21434] ? memcg_event_wake+0x230/0x230 [ 3336.942923][T21434] ? do_raw_spin_unlock+0x57/0x270 [ 3336.948064][T21434] ? _raw_spin_unlock+0x2d/0x50 [ 3336.952916][T21434] try_charge+0xa87/0x15c0 [ 3336.957334][T21434] ? find_held_lock+0x35/0x130 [ 3336.962109][T21434] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 3336.967653][T21434] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3336.973887][T21434] ? kasan_check_read+0x11/0x20 [ 3336.978731][T21434] ? get_mem_cgroup_from_mm+0x128/0x2b0 [ 3336.984292][T21434] mem_cgroup_try_charge+0x24d/0x5e0 [ 3336.989580][T21434] mem_cgroup_try_charge_delay+0x1f/0xa0 [ 3336.995205][T21434] wp_page_copy+0x408/0x1740 [ 3336.999794][T21434] ? find_held_lock+0x35/0x130 [ 3337.005170][T21434] ? pmd_pfn+0x1d0/0x1d0 [ 3337.009418][T21434] ? lock_downgrade+0x880/0x880 [ 3337.014263][T21434] ? swp_swapcount+0x540/0x540 [ 3337.019043][T21434] ? kasan_check_read+0x11/0x20 [ 3337.023898][T21434] ? do_raw_spin_unlock+0x57/0x270 [ 3337.029018][T21434] do_wp_page+0x48e/0x1500 [ 3337.033432][T21434] ? finish_mkwrite_fault+0x4f0/0x4f0 [ 3337.038822][T21434] __handle_mm_fault+0x22e8/0x3ec0 [ 3337.043955][T21434] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 3337.049514][T21434] ? find_held_lock+0x35/0x130 [ 3337.054274][T21434] ? handle_mm_fault+0x322/0xb30 [ 3337.059207][T21434] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3337.065460][T21434] ? kasan_check_read+0x11/0x20 [ 3337.070322][T21434] handle_mm_fault+0x43f/0xb30 [ 3337.075102][T21434] __do_page_fault+0x5ef/0xda0 [ 3337.079860][T21434] do_page_fault+0x71/0x581 [ 3337.084460][T21434] page_fault+0x1e/0x30 [ 3337.088615][T21434] RIP: 0010:__put_user_4+0x1c/0x30 [ 3337.093736][T21434] Code: 1f 00 c3 90 66 2e 0f 1f 84 00 00 00 00 00 65 48 8b 1c 25 00 ee 01 00 48 8b 9b 18 14 00 00 48 83 eb 03 48 39 d9 73 3c 0f 1f 00 <89> 01 31 c0 0f 1f 00 c3 66 90 66 2e 0f 1f 84 00 00 00 00 00 65 48 [ 3337.113348][T21434] RSP: 0018:ffff8882026d7ed0 EFLAGS: 00010293 [ 3337.119401][T21434] RAX: 0000000000000000 RBX: 00007fffffffeffd RCX: 00007f3680240608 [ 3337.127373][T21434] RDX: 0000000000000000 RSI: ffffffff819ace93 RDI: 0000000000000286 [ 3337.135347][T21434] RBP: ffff8882026d7f10 R08: ffff88803eb30000 R09: 0000000000000001 [ 3337.143319][T21434] R10: ffff88803eb30880 R11: ffff88803eb30000 R12: 0000000000000000 [ 3337.151297][T21434] R13: 00007f3680240608 R14: 0000000000400003 R15: 0000000000000000 [ 3337.159283][T21434] ? __might_fault+0x1a3/0x1e0 [ 3337.164059][T21434] ? __x64_sys_getresgid+0x1aa/0x290 [ 3337.169348][T21434] ? trace_hardirqs_on+0x67/0x230 [ 3337.174361][T21434] do_syscall_64+0x103/0x610 [ 3337.178945][T21434] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3337.184833][T21434] RIP: 0033:0x2000050a [ 3337.188895][T21434] Code: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 98 4a 2a e9 2c b8 b6 4c 0f 05 03 00 40 00 c4 a3 7b f0 c5 3c 41 e2 e9 c4 22 e9 aa bb 3c 00 00 [ 3337.208490][T21434] RSP: 002b:0000000000400003 EFLAGS: 00000217 ORIG_RAX: 0000000000000078 [ 3337.216891][T21434] RAX: ffffffffffffffda RBX: 0000000000000009 RCX: 000000002000050a [ 3337.224863][T21434] RDX: dfaf83e69c634c96 RSI: 0000000000400003 RDI: 00007f3680240608 [ 3337.232848][T21434] RBP: 00000000000000fa R08: 0000000000000005 R09: 0000000000000006 [ 3337.240826][T21434] R10: 0000000000000007 R11: 0000000000000217 R12: 000000000000000b [ 3337.248787][T21434] R13: 000000000000000c R14: 000000000000000d R15: 00000000ffffffff [ 3337.262289][T21434] memory: usage 307040kB, limit 307200kB, failcnt 13948 [ 3337.269413][T21434] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3337.277081][T21434] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3337.284121][T21434] Memory cgroup stats for /syz0: cache:228KB rss:85256KB rss_huge:53248KB shmem:200KB mapped_file:0KB dirty:0KB writeback:132KB swap:0KB inactive_anon:104KB active_anon:85204KB inactive_file:0KB active_file:0KB unevictable:0KB [ 3337.306419][T21434] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=19636,uid=0 [ 3337.322147][T21434] Memory cgroup out of memory: Killed process 19636 (syz-executor.0) total-vm:72964kB, anon-rss:2232kB, file-rss:34816kB, shmem-rss:0kB [ 3337.345109][T21630] syz-executor.0 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=0, oom_score_adj=1000 [ 3337.361882][T21630] CPU: 1 PID: 21630 Comm: syz-executor.0 Not tainted 5.1.0-rc7+ #97 [ 3337.369913][T21630] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3337.379994][T21630] Call Trace: [ 3337.383305][T21630] dump_stack+0x172/0x1f0 [ 3337.387696][T21630] dump_header+0x10f/0xb6c [ 3337.392128][T21630] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 3337.397943][T21630] ? ___ratelimit+0x60/0x595 [ 3337.402523][T21630] ? do_raw_spin_unlock+0x57/0x270 [ 3337.407623][T21630] oom_kill_process.cold+0x10/0x15 [ 3337.412748][T21630] out_of_memory+0x79a/0x1280 [ 3337.417430][T21630] ? oom_killer_disable+0x280/0x280 [ 3337.422633][T21630] ? find_held_lock+0x35/0x130 [ 3337.427389][T21630] mem_cgroup_out_of_memory+0x1ca/0x230 [ 3337.432946][T21630] ? memcg_event_wake+0x230/0x230 [ 3337.437975][T21630] ? do_raw_spin_unlock+0x57/0x270 [ 3337.443075][T21630] ? _raw_spin_unlock+0x2d/0x50 [ 3337.447908][T21630] try_charge+0xa87/0x15c0 [ 3337.452326][T21630] ? find_held_lock+0x35/0x130 [ 3337.457091][T21630] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 3337.462623][T21630] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 3337.468157][T21630] ? find_held_lock+0x35/0x130 [ 3337.472944][T21630] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 3337.478503][T21630] __memcg_kmem_charge_memcg+0x7c/0x130 [ 3337.484045][T21630] ? memcg_kmem_put_cache+0xb0/0xb0 [ 3337.489233][T21630] ? get_mem_cgroup_from_mm+0x128/0x2b0 [ 3337.494796][T21630] __memcg_kmem_charge+0x136/0x300 [ 3337.499909][T21630] __alloc_pages_nodemask+0x4bf/0x8d0 [ 3337.505282][T21630] ? __alloc_pages_slowpath+0x28b0/0x28b0 [ 3337.510996][T21630] ? copy_page_range+0x125a/0x1f90 [ 3337.516099][T21630] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 3337.522329][T21630] alloc_pages_current+0x107/0x210 [ 3337.527427][T21630] pte_alloc_one+0x1b/0x1a0 [ 3337.531943][T21630] __pte_alloc+0x20/0x310 [ 3337.536288][T21630] copy_page_range+0x1529/0x1f90 [ 3337.541223][T21630] ? perf_trace_lock+0xeb/0x510 [ 3337.546083][T21630] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3337.552476][T21630] ? pmd_alloc+0x180/0x180 [ 3337.556892][T21630] ? __rb_insert_augmented+0x231/0xdf0 [ 3337.562343][T21630] ? validate_mm_rb+0xa3/0xc0 [ 3337.567014][T21630] ? __vma_link_rb+0x279/0x370 [ 3337.571882][T21630] copy_process.part.0+0x568b/0x7980 [ 3337.577188][T21630] ? __cleanup_sighand+0x60/0x60 [ 3337.582119][T21630] ? check_stack_object+0x114/0x160 [ 3337.587303][T21630] ? __sanitizer_cov_trace_switch+0x49/0x80 [ 3337.593205][T21630] _do_fork+0x257/0xfd0 [ 3337.597387][T21630] ? fork_idle+0x1d0/0x1d0 [ 3337.601797][T21630] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3337.608041][T21630] ? key_get_type_from_user.constprop.0+0xe4/0x110 [ 3337.614550][T21630] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3337.620796][T21630] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3337.626272][T21630] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3337.631733][T21630] ? do_syscall_64+0x26/0x610 [ 3337.636418][T21630] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3337.642493][T21630] ? do_syscall_64+0x26/0x610 [ 3337.647156][T21630] __x64_sys_clone+0xbf/0x150 [ 3337.651833][T21630] do_syscall_64+0x103/0x610 [ 3337.656423][T21630] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3337.662298][T21630] RIP: 0033:0x2000050a [ 3337.666347][T21630] Code: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 98 4a 2a e9 2c b8 b6 4c 0f 05 03 00 40 00 c4 a3 7b f0 c5 3c 41 e2 e9 c4 22 e9 aa bb 3c 00 00 [ 3337.685947][T21630] RSP: 002b:0000000000400003 EFLAGS: 00000212 ORIG_RAX: 0000000000000038 [ 3337.694361][T21630] RAX: ffffffffffffffda RBX: 0000000000000009 RCX: 000000002000050a [ 3337.702356][T21630] RDX: dfaf83e69c634c96 RSI: 0000000000400003 RDI: 00007f3680240608 [ 3337.710323][T21630] RBP: 0000000000000006 R08: 0000000000000005 R09: 0000000000000006 [ 3337.718290][T21630] R10: 0000000000000007 R11: 0000000000000212 R12: 000000000000000b [ 3337.726269][T21630] R13: 000000000000000c R14: 000000000000000d R15: 00000000ffffffff [ 3337.740140][T21630] memory: usage 307200kB, limit 307200kB, failcnt 13979 [ 3337.747258][T21630] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3337.754983][T21630] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3337.762029][T21630] Memory cgroup stats for /syz0: cache:228KB rss:85256KB rss_huge:53248KB shmem:200KB mapped_file:0KB dirty:0KB writeback:132KB swap:0KB inactive_anon:104KB active_anon:85104KB inactive_file:0KB active_file:0KB unevictable:0KB [ 3337.784650][T21630] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=19657,uid=0 [ 3337.800267][T21630] Memory cgroup out of memory: Killed process 19657 (syz-executor.0) total-vm:72964kB, anon-rss:2232kB, file-rss:34816kB, shmem-rss:0kB [ 3337.818757][ T1043] oom_reaper: reaped process 19657 (syz-executor.0), now anon-rss:0kB, file-rss:34816kB, shmem-rss:0kB [ 3337.869882][T21853] syz-executor.0 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=0, oom_score_adj=1000 [ 3337.920375][T21853] CPU: 1 PID: 21853 Comm: syz-executor.0 Not tainted 5.1.0-rc7+ #97 [ 3337.928405][T21853] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3337.938474][T21853] Call Trace: [ 3337.941972][T21853] dump_stack+0x172/0x1f0 [ 3337.946309][T21853] dump_header+0x10f/0xb6c [ 3337.950712][T21853] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 3337.956511][T21853] ? ___ratelimit+0x60/0x595 [ 3337.961096][T21853] ? do_raw_spin_unlock+0x57/0x270 [ 3337.966201][T21853] oom_kill_process.cold+0x10/0x15 [ 3337.971299][T21853] out_of_memory+0x79a/0x1280 [ 3337.975991][T21853] ? oom_killer_disable+0x280/0x280 [ 3337.981500][T21853] ? find_held_lock+0x35/0x130 [ 3337.986282][T21853] mem_cgroup_out_of_memory+0x1ca/0x230 [ 3337.991829][T21853] ? memcg_event_wake+0x230/0x230 [ 3337.996971][T21853] ? do_raw_spin_unlock+0x57/0x270 [ 3338.002089][T21853] ? _raw_spin_unlock+0x2d/0x50 [ 3338.006924][T21853] try_charge+0xa87/0x15c0 [ 3338.011327][T21853] ? find_held_lock+0x35/0x130 [ 3338.016096][T21853] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 3338.021646][T21853] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 3338.027207][T21853] ? find_held_lock+0x35/0x130 [ 3338.031984][T21853] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 3338.037559][T21853] __memcg_kmem_charge_memcg+0x7c/0x130 [ 3338.043123][T21853] ? memcg_kmem_put_cache+0xb0/0xb0 [ 3338.048318][T21853] ? get_mem_cgroup_from_mm+0x128/0x2b0 [ 3338.053874][T21853] __memcg_kmem_charge+0x136/0x300 [ 3338.060151][T21853] __alloc_pages_nodemask+0x4bf/0x8d0 [ 3338.065868][T21853] ? __alloc_pages_slowpath+0x28b0/0x28b0 [ 3338.071595][T21853] ? copy_page_range+0x125a/0x1f90 [ 3338.076724][T21853] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 3338.082975][T21853] alloc_pages_current+0x107/0x210 [ 3338.088080][T21853] pte_alloc_one+0x1b/0x1a0 [ 3338.092588][T21853] __pte_alloc+0x20/0x310 [ 3338.096945][T21853] copy_page_range+0x1529/0x1f90 [ 3338.101884][T21853] ? perf_trace_lock+0xeb/0x510 [ 3338.106721][T21853] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3338.112999][T21853] ? pmd_alloc+0x180/0x180 [ 3338.117428][T21853] ? __rb_insert_augmented+0x231/0xdf0 [ 3338.122884][T21853] ? validate_mm_rb+0xa3/0xc0 [ 3338.127548][T21853] ? __vma_link_rb+0x279/0x370 [ 3338.132321][T21853] copy_process.part.0+0x568b/0x7980 [ 3338.137656][T21853] ? __cleanup_sighand+0x60/0x60 [ 3338.142596][T21853] ? check_stack_object+0x114/0x160 [ 3338.148251][T21853] ? __sanitizer_cov_trace_switch+0x49/0x80 [ 3338.154163][T21853] _do_fork+0x257/0xfd0 [ 3338.158427][T21853] ? fork_idle+0x1d0/0x1d0 [ 3338.162849][T21853] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3338.169076][T21853] ? key_get_type_from_user.constprop.0+0xe4/0x110 [ 3338.175582][T21853] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3338.181819][T21853] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3338.187263][T21853] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3338.192809][T21853] ? do_syscall_64+0x26/0x610 [ 3338.197492][T21853] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3338.203552][T21853] ? do_syscall_64+0x26/0x610 [ 3338.208217][T21853] __x64_sys_clone+0xbf/0x150 [ 3338.212900][T21853] do_syscall_64+0x103/0x610 [ 3338.217509][T21853] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3338.223393][T21853] RIP: 0033:0x2000050a [ 3338.227443][T21853] Code: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 98 4a 2a e9 2c b8 b6 4c 0f 05 03 00 40 00 c4 a3 7b f0 c5 3c 41 e2 e9 c4 22 e9 aa bb 3c 00 00 [ 3338.247036][T21853] RSP: 002b:0000000000400003 EFLAGS: 00000212 ORIG_RAX: 0000000000000038 [ 3338.256059][T21853] RAX: ffffffffffffffda RBX: 0000000000000009 RCX: 000000002000050a [ 3338.264222][T21853] RDX: dfaf83e69c634c96 RSI: 0000000000400003 RDI: 00007f3680240608 [ 3338.272196][T21853] RBP: 0000000000000006 R08: 0000000000000005 R09: 0000000000000006 [ 3338.280168][T21853] R10: 0000000000000007 R11: 0000000000000212 R12: 000000000000000b [ 3338.288129][T21853] R13: 000000000000000c R14: 000000000000000d R15: 00000000ffffffff [ 3338.301762][T21853] memory: usage 307036kB, limit 307200kB, failcnt 14166 [ 3338.308719][T21853] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3338.316572][T21853] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3338.323584][T21853] Memory cgroup stats for /syz0: cache:228KB rss:83000KB rss_huge:51200KB shmem:200KB mapped_file:0KB dirty:0KB writeback:132KB swap:0KB inactive_anon:104KB active_anon:82928KB inactive_file:0KB active_file:0KB unevictable:0KB [ 3338.345607][T21853] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=9254,uid=0 [ 3338.361000][T21853] Memory cgroup out of memory: Killed process 9254 (syz-executor.0) total-vm:72712kB, anon-rss:2220kB, file-rss:34816kB, shmem-rss:0kB [ 3338.383735][T21849] syz-executor.0 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 3338.440093][T21849] CPU: 1 PID: 21849 Comm: syz-executor.0 Not tainted 5.1.0-rc7+ #97 [ 3338.448617][T21849] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3338.459204][T21849] Call Trace: [ 3338.462507][T21849] dump_stack+0x172/0x1f0 [ 3338.466851][T21849] dump_header+0x10f/0xb6c [ 3338.471279][T21849] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 3338.477098][T21849] ? ___ratelimit+0x60/0x595 [ 3338.481695][T21849] ? do_raw_spin_unlock+0x57/0x270 [ 3338.486822][T21849] oom_kill_process.cold+0x10/0x15 [ 3338.491945][T21849] out_of_memory+0x79a/0x1280 [ 3338.496644][T21849] ? oom_killer_disable+0x280/0x280 [ 3338.501846][T21849] ? find_held_lock+0x35/0x130 [ 3338.506629][T21849] mem_cgroup_out_of_memory+0x1ca/0x230 [ 3338.512187][T21849] ? memcg_event_wake+0x230/0x230 [ 3338.517232][T21849] ? do_raw_spin_unlock+0x57/0x270 [ 3338.522353][T21849] ? _raw_spin_unlock+0x2d/0x50 [ 3338.527215][T21849] try_charge+0xa87/0x15c0 [ 3338.531632][T21849] ? find_held_lock+0x35/0x130 [ 3338.536413][T21849] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 3338.541972][T21849] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3338.548223][T21849] ? kasan_check_read+0x11/0x20 [ 3338.553089][T21849] ? get_mem_cgroup_from_mm+0x128/0x2b0 [ 3338.558643][T21849] mem_cgroup_try_charge+0x24d/0x5e0 [ 3338.563952][T21849] mem_cgroup_try_charge_delay+0x1f/0xa0 [ 3338.569599][T21849] wp_page_copy+0x408/0x1740 [ 3338.574206][T21849] ? find_held_lock+0x35/0x130 [ 3338.578985][T21849] ? pmd_pfn+0x1d0/0x1d0 [ 3338.583239][T21849] ? lock_downgrade+0x880/0x880 [ 3338.588100][T21849] ? swp_swapcount+0x540/0x540 [ 3338.592872][T21849] ? kasan_check_read+0x11/0x20 [ 3338.597728][T21849] ? do_raw_spin_unlock+0x57/0x270 [ 3338.602857][T21849] do_wp_page+0x48e/0x1500 [ 3338.607287][T21849] ? finish_mkwrite_fault+0x4f0/0x4f0 [ 3338.612687][T21849] __handle_mm_fault+0x22e8/0x3ec0 [ 3338.617809][T21849] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 3338.623349][T21849] ? find_held_lock+0x35/0x130 [ 3338.628121][T21849] ? handle_mm_fault+0x322/0xb30 [ 3338.633067][T21849] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3338.639305][T21849] ? kasan_check_read+0x11/0x20 [ 3338.644138][T21849] handle_mm_fault+0x43f/0xb30 [ 3338.648913][T21849] __do_page_fault+0x5ef/0xda0 [ 3338.653698][T21849] do_page_fault+0x71/0x581 [ 3338.658214][T21849] page_fault+0x1e/0x30 [ 3338.662378][T21849] RIP: 0010:__put_user_4+0x1c/0x30 [ 3338.667470][T21849] Code: 1f 00 c3 90 66 2e 0f 1f 84 00 00 00 00 00 65 48 8b 1c 25 00 ee 01 00 48 8b 9b 18 14 00 00 48 83 eb 03 48 39 d9 73 3c 0f 1f 00 <89> 01 31 c0 0f 1f 00 c3 66 90 66 2e 0f 1f 84 00 00 00 00 00 65 48 [ 3338.687081][T21849] RSP: 0018:ffff88804f6afed0 EFLAGS: 00010293 [ 3338.693142][T21849] RAX: 0000000000000000 RBX: 00007fffffffeffd RCX: 00007f3680240608 [ 3338.701110][T21849] RDX: 0000000000000000 RSI: ffffffff819ace93 RDI: 0000000000000286 [ 3338.709067][T21849] RBP: ffff88804f6aff10 R08: ffff88804f6a6700 R09: 0000000000000001 [ 3338.717039][T21849] R10: ffff88804f6a6f80 R11: ffff88804f6a6700 R12: 0000000000000000 [ 3338.725023][T21849] R13: 00007f3680240608 R14: 0000000000400003 R15: 0000000000000000 [ 3338.733017][T21849] ? __might_fault+0x1a3/0x1e0 [ 3338.737797][T21849] ? __x64_sys_getresgid+0x1aa/0x290 [ 3338.743083][T21849] ? trace_hardirqs_on+0x67/0x230 [ 3338.748093][T21849] do_syscall_64+0x103/0x610 [ 3338.752691][T21849] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3338.758587][T21849] RIP: 0033:0x2000050a [ 3338.762650][T21849] Code: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 98 4a 2a e9 2c b8 b6 4c 0f 05 03 00 40 00 c4 a3 7b f0 c5 3c 41 e2 e9 c4 22 e9 aa bb 3c 00 00 [ 3338.782245][T21849] RSP: 002b:0000000000400003 EFLAGS: 00000217 ORIG_RAX: 0000000000000078 [ 3338.790644][T21849] RAX: ffffffffffffffda RBX: 0000000000000009 RCX: 000000002000050a [ 3338.798614][T21849] RDX: dfaf83e69c634c96 RSI: 0000000000400003 RDI: 00007f3680240608 [ 3338.806682][T21849] RBP: 00000000000000fa R08: 0000000000000005 R09: 0000000000000006 [ 3338.814651][T21849] R10: 0000000000000007 R11: 0000000000000217 R12: 000000000000000b [ 3338.822623][T21849] R13: 000000000000000c R14: 000000000000000d R15: 00000000ffffffff [ 3338.835537][T21849] memory: usage 307200kB, limit 307200kB, failcnt 14289 [ 3338.842713][T21849] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3338.850530][T21849] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3338.857559][T21849] Memory cgroup stats for /syz0: cache:228KB rss:80900KB rss_huge:49152KB shmem:200KB mapped_file:0KB dirty:0KB writeback:132KB swap:0KB inactive_anon:104KB active_anon:80852KB inactive_file:0KB active_file:0KB unevictable:0KB [ 3338.879665][T21849] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=1970,uid=0 [ 3338.895301][T21849] Memory cgroup out of memory: Killed process 1970 (syz-executor.0) total-vm:72712kB, anon-rss:2220kB, file-rss:34816kB, shmem-rss:0kB [ 3338.918665][T21852] syz-executor.0 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=0, oom_score_adj=1000 [ 3338.938513][T21852] CPU: 0 PID: 21852 Comm: syz-executor.0 Not tainted 5.1.0-rc7+ #97 [ 3338.946533][T21852] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3338.956595][T21852] Call Trace: [ 3338.959905][T21852] dump_stack+0x172/0x1f0 [ 3338.964266][T21852] dump_header+0x10f/0xb6c [ 3338.968699][T21852] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 3338.974516][T21852] ? ___ratelimit+0x60/0x595 [ 3338.979119][T21852] ? do_raw_spin_unlock+0x57/0x270 [ 3338.984266][T21852] oom_kill_process.cold+0x10/0x15 [ 3338.989401][T21852] out_of_memory+0x79a/0x1280 [ 3338.994104][T21852] ? oom_killer_disable+0x280/0x280 [ 3338.999310][T21852] ? find_held_lock+0x35/0x130 [ 3339.004599][T21852] mem_cgroup_out_of_memory+0x1ca/0x230 [ 3339.010155][T21852] ? memcg_event_wake+0x230/0x230 [ 3339.015198][T21852] ? do_raw_spin_unlock+0x57/0x270 [ 3339.020332][T21852] ? _raw_spin_unlock+0x2d/0x50 [ 3339.025200][T21852] try_charge+0xa87/0x15c0 [ 3339.029625][T21852] ? find_held_lock+0x35/0x130 [ 3339.034406][T21852] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 3339.039960][T21852] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 3339.045516][T21852] ? find_held_lock+0x35/0x130 [ 3339.050294][T21852] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 3339.055865][T21852] __memcg_kmem_charge_memcg+0x7c/0x130 [ 3339.061421][T21852] ? memcg_kmem_put_cache+0xb0/0xb0 [ 3339.066641][T21852] ? get_mem_cgroup_from_mm+0x128/0x2b0 [ 3339.072206][T21852] __memcg_kmem_charge+0x136/0x300 [ 3339.077339][T21852] __alloc_pages_nodemask+0x4bf/0x8d0 [ 3339.082735][T21852] ? __alloc_pages_slowpath+0x28b0/0x28b0 [ 3339.088488][T21852] ? copy_page_range+0x125a/0x1f90 [ 3339.093623][T21852] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 3339.099879][T21852] alloc_pages_current+0x107/0x210 [ 3339.105005][T21852] pte_alloc_one+0x1b/0x1a0 [ 3339.110089][T21852] __pte_alloc+0x20/0x310 [ 3339.114436][T21852] copy_page_range+0x1529/0x1f90 [ 3339.119380][T21852] ? perf_trace_lock+0xeb/0x510 [ 3339.124246][T21852] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3339.130550][T21852] ? pmd_alloc+0x180/0x180 [ 3339.134986][T21852] ? __rb_insert_augmented+0x231/0xdf0 [ 3339.140457][T21852] ? validate_mm_rb+0xa3/0xc0 [ 3339.145147][T21852] ? __vma_link_rb+0x279/0x370 [ 3339.149923][T21852] copy_process.part.0+0x568b/0x7980 [ 3339.155270][T21852] ? __cleanup_sighand+0x60/0x60 [ 3339.160230][T21852] ? check_stack_object+0x114/0x160 [ 3339.165704][T21852] ? __sanitizer_cov_trace_switch+0x49/0x80 [ 3339.171607][T21852] _do_fork+0x257/0xfd0 [ 3339.175781][T21852] ? fork_idle+0x1d0/0x1d0 [ 3339.180184][T21852] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3339.186414][T21852] ? key_get_type_from_user.constprop.0+0xe4/0x110 [ 3339.192908][T21852] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3339.199145][T21852] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3339.204589][T21852] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3339.210029][T21852] ? do_syscall_64+0x26/0x610 [ 3339.214688][T21852] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3339.220771][T21852] ? do_syscall_64+0x26/0x610 [ 3339.225437][T21852] __x64_sys_clone+0xbf/0x150 [ 3339.230100][T21852] do_syscall_64+0x103/0x610 [ 3339.234676][T21852] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3339.240547][T21852] RIP: 0033:0x2000050a [ 3339.244598][T21852] Code: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 98 4a 2a e9 2c b8 b6 4c 0f 05 03 00 40 00 c4 a3 7b f0 c5 3c 41 e2 e9 c4 22 e9 aa bb 3c 00 00 [ 3339.264189][T21852] RSP: 002b:0000000000400003 EFLAGS: 00000212 ORIG_RAX: 0000000000000038 [ 3339.272588][T21852] RAX: ffffffffffffffda RBX: 0000000000000009 RCX: 000000002000050a [ 3339.280548][T21852] RDX: dfaf83e69c634c96 RSI: 0000000000400003 RDI: 00007f3680240608 [ 3339.288506][T21852] RBP: 0000000000000006 R08: 0000000000000005 R09: 0000000000000006 [ 3339.296462][T21852] R10: 0000000000000007 R11: 0000000000000212 R12: 000000000000000b [ 3339.304440][T21852] R13: 000000000000000c R14: 000000000000000d R15: 00000000ffffffff [ 3339.313279][T21852] memory: usage 307200kB, limit 307200kB, failcnt 14385 [ 3339.320233][T21852] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3339.327850][T21852] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3339.334867][T21852] Memory cgroup stats for /syz0: cache:228KB rss:78776KB rss_huge:47104KB shmem:200KB mapped_file:0KB dirty:0KB writeback:132KB swap:0KB inactive_anon:104KB active_anon:78736KB inactive_file:0KB active_file:0KB unevictable:0KB [ 3339.356954][T21852] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=6259,uid=0 [ 3339.372442][T21852] Memory cgroup out of memory: Killed process 6259 (syz-executor.0) total-vm:72580kB, anon-rss:2220kB, file-rss:34816kB, shmem-rss:0kB [ 3339.395157][T21855] syz-executor.0 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 3339.431691][T21855] CPU: 1 PID: 21855 Comm: syz-executor.0 Not tainted 5.1.0-rc7+ #97 [ 3339.439746][T21855] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3339.449818][T21855] Call Trace: [ 3339.453123][T21855] dump_stack+0x172/0x1f0 [ 3339.457469][T21855] dump_header+0x10f/0xb6c [ 3339.461893][T21855] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 3339.467713][T21855] ? ___ratelimit+0x60/0x595 [ 3339.472324][T21855] ? do_raw_spin_unlock+0x57/0x270 [ 3339.477452][T21855] oom_kill_process.cold+0x10/0x15 [ 3339.482619][T21855] out_of_memory+0x79a/0x1280 [ 3339.487315][T21855] ? oom_killer_disable+0x280/0x280 [ 3339.492522][T21855] ? find_held_lock+0x35/0x130 [ 3339.497308][T21855] mem_cgroup_out_of_memory+0x1ca/0x230 [ 3339.502864][T21855] ? memcg_event_wake+0x230/0x230 [ 3339.507906][T21855] ? do_raw_spin_unlock+0x57/0x270 [ 3339.513030][T21855] ? _raw_spin_unlock+0x2d/0x50 [ 3339.517892][T21855] try_charge+0xa87/0x15c0 [ 3339.522313][T21855] ? find_held_lock+0x35/0x130 [ 3339.527099][T21855] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 3339.532657][T21855] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3339.539388][T21855] ? kasan_check_read+0x11/0x20 [ 3339.544256][T21855] ? get_mem_cgroup_from_mm+0x128/0x2b0 [ 3339.549815][T21855] mem_cgroup_try_charge+0x24d/0x5e0 [ 3339.555112][T21855] mem_cgroup_try_charge_delay+0x1f/0xa0 [ 3339.560755][T21855] wp_page_copy+0x408/0x1740 [ 3339.565338][T21855] ? find_held_lock+0x35/0x130 [ 3339.570092][T21855] ? pmd_pfn+0x1d0/0x1d0 [ 3339.574407][T21855] ? lock_downgrade+0x880/0x880 [ 3339.579245][T21855] ? swp_swapcount+0x540/0x540 [ 3339.583995][T21855] ? kasan_check_read+0x11/0x20 [ 3339.588826][T21855] ? do_raw_spin_unlock+0x57/0x270 [ 3339.593926][T21855] do_wp_page+0x48e/0x1500 [ 3339.598336][T21855] ? finish_mkwrite_fault+0x4f0/0x4f0 [ 3339.603700][T21855] __handle_mm_fault+0x22e8/0x3ec0 [ 3339.608796][T21855] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 3339.614328][T21855] ? find_held_lock+0x35/0x130 [ 3339.619076][T21855] ? handle_mm_fault+0x322/0xb30 [ 3339.624006][T21855] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3339.630232][T21855] ? kasan_check_read+0x11/0x20 [ 3339.635074][T21855] handle_mm_fault+0x43f/0xb30 [ 3339.639833][T21855] __do_page_fault+0x5ef/0xda0 [ 3339.644605][T21855] do_page_fault+0x71/0x581 [ 3339.649109][T21855] page_fault+0x1e/0x30 [ 3339.653251][T21855] RIP: 0010:__put_user_4+0x1c/0x30 [ 3339.658362][T21855] Code: 1f 00 c3 90 66 2e 0f 1f 84 00 00 00 00 00 65 48 8b 1c 25 00 ee 01 00 48 8b 9b 18 14 00 00 48 83 eb 03 48 39 d9 73 3c 0f 1f 00 <89> 01 31 c0 0f 1f 00 c3 66 90 66 2e 0f 1f 84 00 00 00 00 00 65 48 [ 3339.677972][T21855] RSP: 0018:ffff88802fe07ed0 EFLAGS: 00010293 [ 3339.684028][T21855] RAX: 0000000000000000 RBX: 00007fffffffeffd RCX: 00007f3680240608 [ 3339.692002][T21855] RDX: 0000000000000000 RSI: ffffffff819ace93 RDI: 0000000000000286 [ 3339.699964][T21855] RBP: ffff88802fe07f10 R08: ffff88804f7f8100 R09: 0000000000000001 [ 3339.708311][T21855] R10: ffff88804f7f8980 R11: ffff88804f7f8100 R12: 0000000000000000 [ 3339.716277][T21855] R13: 00007f3680240608 R14: 0000000000400003 R15: 0000000000000000 [ 3339.724256][T21855] ? __might_fault+0x1a3/0x1e0 [ 3339.729011][T21855] ? __x64_sys_getresgid+0x1aa/0x290 [ 3339.734295][T21855] ? trace_hardirqs_on+0x67/0x230 [ 3339.739319][T21855] do_syscall_64+0x103/0x610 [ 3339.743897][T21855] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3339.749770][T21855] RIP: 0033:0x2000050a [ 3339.753819][T21855] Code: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 98 4a 2a e9 2c b8 b6 4c 0f 05 03 00 40 00 c4 a3 7b f0 c5 3c 41 e2 e9 c4 22 e9 aa bb 3c 00 00 [ 3339.773410][T21855] RSP: 002b:0000000000400003 EFLAGS: 00000217 ORIG_RAX: 0000000000000078 [ 3339.781807][T21855] RAX: ffffffffffffffda RBX: 0000000000000009 RCX: 000000002000050a [ 3339.789764][T21855] RDX: dfaf83e69c634c96 RSI: 0000000000400003 RDI: 00007f3680240608 [ 3339.797726][T21855] RBP: 00000000000000fa R08: 0000000000000005 R09: 0000000000000006 [ 3339.805698][T21855] R10: 0000000000000007 R11: 0000000000000217 R12: 000000000000000b [ 3339.813654][T21855] R13: 000000000000000c R14: 000000000000000d R15: 00000000ffffffff [ 3339.829173][T21855] memory: usage 307084kB, limit 307200kB, failcnt 14490 [ 3339.836466][T21855] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3339.844102][T21855] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3339.851036][T21855] Memory cgroup stats for /syz0: cache:228KB rss:76676KB rss_huge:45056KB shmem:200KB mapped_file:0KB dirty:0KB writeback:132KB swap:0KB inactive_anon:104KB active_anon:76628KB inactive_file:0KB active_file:0KB unevictable:0KB [ 3339.873420][ C1] net_ratelimit: 14 callbacks suppressed [ 3339.873428][ C1] protocol 88fb is buggy, dev hsr_slave_0 [ 3339.873488][ C1] protocol 88fb is buggy, dev hsr_slave_1 [ 3339.873588][ C1] protocol 88fb is buggy, dev hsr_slave_0 [ 3339.873624][ C1] protocol 88fb is buggy, dev hsr_slave_1 [ 3339.902870][T21855] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=6266,uid=0 [ 3339.918949][T21855] Memory cgroup out of memory: Killed process 6266 (syz-executor.0) total-vm:72580kB, anon-rss:2220kB, file-rss:34816kB, shmem-rss:0kB [ 3339.933168][ C1] protocol 88fb is buggy, dev hsr_slave_0 [ 3339.933242][ C1] protocol 88fb is buggy, dev hsr_slave_1 [ 3339.955465][T21856] syz-executor.0 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=0, oom_score_adj=1000 [ 3339.969065][T21856] CPU: 0 PID: 21856 Comm: syz-executor.0 Not tainted 5.1.0-rc7+ #97 [ 3339.977076][T21856] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3339.987146][T21856] Call Trace: [ 3339.990454][T21856] dump_stack+0x172/0x1f0 [ 3339.994805][T21856] dump_header+0x10f/0xb6c [ 3339.999267][T21856] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 3340.005311][T21856] ? ___ratelimit+0x60/0x595 [ 3340.009909][T21856] ? do_raw_spin_unlock+0x57/0x270 [ 3340.015045][T21856] oom_kill_process.cold+0x10/0x15 [ 3340.020170][T21856] out_of_memory+0x79a/0x1280 [ 3340.024867][T21856] ? oom_killer_disable+0x280/0x280 [ 3340.030077][T21856] ? find_held_lock+0x35/0x130 [ 3340.034869][T21856] mem_cgroup_out_of_memory+0x1ca/0x230 [ 3340.040422][T21856] ? memcg_event_wake+0x230/0x230 [ 3340.045467][T21856] ? do_raw_spin_unlock+0x57/0x270 [ 3340.051092][T21856] ? _raw_spin_unlock+0x2d/0x50 [ 3340.055970][T21856] try_charge+0xa87/0x15c0 [ 3340.062757][T21856] ? find_held_lock+0x35/0x130 [ 3340.067550][T21856] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 3340.073118][T21856] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 3340.078677][T21856] ? find_held_lock+0x35/0x130 [ 3340.083448][T21856] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 3340.089105][T21856] __memcg_kmem_charge_memcg+0x7c/0x130 [ 3340.095092][T21856] ? memcg_kmem_put_cache+0xb0/0xb0 [ 3340.100307][T21856] ? get_mem_cgroup_from_mm+0x128/0x2b0 [ 3340.106002][T21856] __memcg_kmem_charge+0x136/0x300 [ 3340.111123][T21856] __alloc_pages_nodemask+0x4bf/0x8d0 [ 3340.116512][T21856] ? __alloc_pages_slowpath+0x28b0/0x28b0 [ 3340.122256][T21856] ? is_dynamic_key+0x1c0/0x1c0 [ 3340.127106][T21856] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 3340.133541][T21856] alloc_pages_current+0x107/0x210 [ 3340.138656][T21856] pte_alloc_one+0x1b/0x1a0 [ 3340.143173][T21856] __handle_mm_fault+0x3491/0x3ec0 [ 3340.148305][T21856] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 3340.153861][T21856] ? find_held_lock+0x35/0x130 [ 3340.158638][T21856] ? handle_mm_fault+0x322/0xb30 [ 3340.163599][T21856] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3340.169849][T21856] ? kasan_check_read+0x11/0x20 [ 3340.174710][T21856] handle_mm_fault+0x43f/0xb30 [ 3340.179487][T21856] __do_page_fault+0x5ef/0xda0 [ 3340.184284][T21856] do_page_fault+0x71/0x581 [ 3340.188796][T21856] page_fault+0x1e/0x30 [ 3340.192968][T21856] RIP: 0010:strncpy_from_user+0x1e1/0x380 [ 3340.198696][T21856] Code: 48 83 eb 08 bf 07 00 00 00 49 83 c4 08 48 89 de e8 54 fb 2d fe 48 83 fb 07 0f 86 17 01 00 00 e8 a5 f9 2d fe 48 8b 45 d0 31 f6 <4e> 8b 3c 20 31 ff 89 75 cc e8 11 fb 2d fe 8b 75 cc 85 f6 0f 84 5a [ 3340.218393][T21856] RSP: 0018:ffff88802fe17cb0 EFLAGS: 00010246 [ 3340.224470][T21856] RAX: 0000000000400003 RBX: 0000000000000fe0 RCX: ffffffff83429272 [ 3340.232451][T21856] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000007 [ 3340.240435][T21856] RBP: ffff88802fe17ce8 R08: ffff88802fe08140 R09: ffff8880aa594dc0 [ 3340.248397][T21856] R10: 000000000000001c R11: ffff88802ff2daff R12: 0000000000000000 [ 3340.256370][T21856] R13: ffff88802ff2cb20 R14: 0000000000000fe0 R15: 00007ffffffff000 [ 3340.264381][T21856] ? strncpy_from_user+0x142/0x380 [ 3340.269492][T21856] getname_flags+0x11b/0x5b0 [ 3340.274067][T21856] do_renameat2+0x199/0xc40 [ 3340.278584][T21856] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3340.284833][T21856] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3340.290287][T21856] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 3340.295997][T21856] ? user_path_create+0x50/0x50 [ 3340.300840][T21856] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3340.307069][T21856] ? security_capable+0x9b/0xd0 [ 3340.311915][T21856] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3340.318243][T21856] ? ns_capable_common+0x93/0x100 [ 3340.323256][T21856] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3340.328705][T21856] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3340.334160][T21856] ? do_syscall_64+0x26/0x610 [ 3340.338834][T21856] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3340.344883][T21856] ? do_syscall_64+0x26/0x610 [ 3340.349640][T21856] __x64_sys_renameat+0x9a/0x100 [ 3340.354585][T21856] do_syscall_64+0x103/0x610 [ 3340.359165][T21856] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3340.365042][T21856] RIP: 0033:0x2000050a [ 3340.369094][T21856] Code: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 98 4a 2a e9 2c b8 b6 4c 0f 05 03 00 40 00 c4 a3 7b f0 c5 3c 41 e2 e9 c4 22 e9 aa bb 3c 00 00 [ 3340.388685][T21856] RSP: 002b:0000000000400003 EFLAGS: 00000212 ORIG_RAX: 0000000000000108 [ 3340.397085][T21856] RAX: ffffffffffffffda RBX: 0000000000000009 RCX: 000000002000050a [ 3340.405049][T21856] RDX: dfaf83e69c634c96 RSI: 0000000000400003 RDI: 00007f3680240608 [ 3340.413009][T21856] RBP: 0000000000000013 R08: 0000000000000005 R09: 0000000000000006 [ 3340.420968][T21856] R10: 0000000000000007 R11: 0000000000000212 R12: 000000000000000b [ 3340.428930][T21856] R13: 000000000000000c R14: 000000000000000d R15: 00000000ffffffff [ 3340.437498][T21856] memory: usage 307200kB, limit 307200kB, failcnt 14607 [ 3340.444625][T21856] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3340.452292][T21856] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3340.459143][T21856] Memory cgroup stats for /syz0: cache:228KB rss:74516KB rss_huge:43008KB shmem:200KB mapped_file:0KB dirty:0KB writeback:132KB swap:0KB inactive_anon:104KB active_anon:74496KB inactive_file:0KB active_file:0KB unevictable:0KB [ 3340.481095][T21856] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=1986,uid=0 [ 3340.497448][T21856] Memory cgroup out of memory: Killed process 1986 (syz-executor.0) total-vm:72580kB, anon-rss:2220kB, file-rss:34816kB, shmem-rss:0kB [ 3340.520628][T21848] syz-executor.0 invoked oom-killer: gfp_mask=0x40cc0(GFP_KERNEL|__GFP_COMP), order=1, oom_score_adj=1000 [ 3340.562141][T21848] CPU: 1 PID: 21848 Comm: syz-executor.0 Not tainted 5.1.0-rc7+ #97 [ 3340.570174][T21848] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3340.580239][T21848] Call Trace: [ 3340.583548][T21848] dump_stack+0x172/0x1f0 [ 3340.587899][T21848] dump_header+0x10f/0xb6c [ 3340.592333][T21848] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 3340.598238][T21848] ? ___ratelimit+0x60/0x595 [ 3340.602834][T21848] ? do_raw_spin_unlock+0x57/0x270 [ 3340.607970][T21848] oom_kill_process.cold+0x10/0x15 [ 3340.613095][T21848] out_of_memory+0x79a/0x1280 [ 3340.617790][T21848] ? oom_killer_disable+0x280/0x280 [ 3340.623081][T21848] ? find_held_lock+0x35/0x130 [ 3340.627868][T21848] mem_cgroup_out_of_memory+0x1ca/0x230 [ 3340.633424][T21848] ? memcg_event_wake+0x230/0x230 [ 3340.638498][T21848] ? do_raw_spin_unlock+0x57/0x270 [ 3340.643618][T21848] ? _raw_spin_unlock+0x2d/0x50 [ 3340.649002][T21848] try_charge+0xa87/0x15c0 [ 3340.653443][T21848] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 3340.659007][T21848] ? rcu_read_lock_sched_held+0x110/0x130 [ 3340.664738][T21848] ? __alloc_pages_nodemask+0x61d/0x8d0 [ 3340.670306][T21848] __memcg_kmem_charge_memcg+0x7c/0x130 [ 3340.675861][T21848] ? memcg_kmem_put_cache+0xb0/0xb0 [ 3340.681088][T21848] cache_grow_begin+0x5c0/0x860 [ 3340.685961][T21848] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 3340.692214][T21848] ? __cpuset_node_allowed+0x136/0x540 [ 3340.697684][T21848] fallback_alloc+0x1fd/0x2d0 [ 3340.702379][T21848] ____cache_alloc_node+0x1be/0x1e0 [ 3340.707580][T21848] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 3340.713835][T21848] kmem_cache_alloc_node+0xe3/0x710 [ 3340.719028][T21848] ? lockdep_hardirqs_on+0x418/0x5d0 [ 3340.724293][T21848] ? trace_hardirqs_on+0x67/0x230 [ 3340.729300][T21848] copy_process.part.0+0x1d08/0x7980 [ 3340.734581][T21848] ? perf_trace_lock+0xeb/0x510 [ 3340.739428][T21848] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3340.745655][T21848] ? debug_smp_processor_id+0x3c/0x280 [ 3340.751100][T21848] ? __lockdep_free_key_range+0x120/0x120 [ 3340.756820][T21848] ? __might_fault+0x12b/0x1e0 [ 3340.761585][T21848] ? find_held_lock+0x35/0x130 [ 3340.766344][T21848] ? __might_fault+0x12b/0x1e0 [ 3340.771097][T21848] ? __cleanup_sighand+0x60/0x60 [ 3340.776047][T21848] ? check_stack_object+0x114/0x160 [ 3340.781240][T21848] ? __sanitizer_cov_trace_switch+0x49/0x80 [ 3340.787120][T21848] _do_fork+0x257/0xfd0 [ 3340.791259][T21848] ? fork_idle+0x1d0/0x1d0 [ 3340.795667][T21848] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3340.801900][T21848] ? key_get_type_from_user.constprop.0+0xe4/0x110 [ 3340.808393][T21848] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3340.814637][T21848] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3340.820097][T21848] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3340.825543][T21848] ? do_syscall_64+0x26/0x610 [ 3340.830202][T21848] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3340.836268][T21848] ? do_syscall_64+0x26/0x610 [ 3340.840958][T21848] __x64_sys_clone+0xbf/0x150 [ 3340.845642][T21848] do_syscall_64+0x103/0x610 [ 3340.850215][T21848] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3340.856101][T21848] RIP: 0033:0x2000050a [ 3340.860274][T21848] Code: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 98 4a 2a e9 2c b8 b6 4c 0f 05 03 00 40 00 c4 a3 7b f0 c5 3c 41 e2 e9 c4 22 e9 aa bb 3c 00 00 [ 3340.879869][T21848] RSP: 002b:0000000000400003 EFLAGS: 00000212 ORIG_RAX: 0000000000000038 [ 3340.888310][T21848] RAX: ffffffffffffffda RBX: 0000000000000009 RCX: 000000002000050a [ 3340.896287][T21848] RDX: dfaf83e69c634c96 RSI: 0000000000400003 RDI: 00007f3680240608 [ 3340.904277][T21848] RBP: 0000000000000006 R08: 0000000000000005 R09: 0000000000000006 [ 3340.912243][T21848] R10: 0000000000000007 R11: 0000000000000212 R12: 000000000000000b [ 3340.920216][T21848] R13: 000000000000000c R14: 000000000000000d R15: 00000000ffffffff [ 3340.932737][T21848] memory: usage 307200kB, limit 307200kB, failcnt 14704 [ 3340.939718][T21848] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3340.947310][T21848] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3340.954236][T21848] Memory cgroup stats for /syz0: cache:228KB rss:72396KB rss_huge:40960KB shmem:200KB mapped_file:0KB dirty:0KB writeback:132KB swap:0KB inactive_anon:104KB active_anon:72340KB inactive_file:0KB active_file:0KB unevictable:0KB [ 3340.976175][T21848] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=12590,uid=0 [ 3340.991684][T21848] Memory cgroup out of memory: Killed process 12590 (syz-executor.0) total-vm:72580kB, anon-rss:2220kB, file-rss:34816kB, shmem-rss:0kB [ 3341.020466][T21594] syz-executor.0 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=0, oom_score_adj=1000 [ 3341.083495][T21594] CPU: 1 PID: 21594 Comm: syz-executor.0 Not tainted 5.1.0-rc7+ #97 [ 3341.091532][T21594] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3341.101597][T21594] Call Trace: [ 3341.104906][T21594] dump_stack+0x172/0x1f0 [ 3341.109262][T21594] dump_header+0x10f/0xb6c [ 3341.113697][T21594] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 3341.119522][T21594] ? ___ratelimit+0x60/0x595 [ 3341.124136][T21594] ? do_raw_spin_unlock+0x57/0x270 [ 3341.129271][T21594] oom_kill_process.cold+0x10/0x15 [ 3341.134881][T21594] out_of_memory+0x79a/0x1280 [ 3341.139612][T21594] ? oom_killer_disable+0x280/0x280 [ 3341.144821][T21594] ? find_held_lock+0x35/0x130 [ 3341.149625][T21594] mem_cgroup_out_of_memory+0x1ca/0x230 [ 3341.155209][T21594] ? memcg_event_wake+0x230/0x230 [ 3341.160254][T21594] ? do_raw_spin_unlock+0x57/0x270 [ 3341.165374][T21594] ? _raw_spin_unlock+0x2d/0x50 [ 3341.170220][T21594] try_charge+0xa87/0x15c0 [ 3341.174639][T21594] ? find_held_lock+0x35/0x130 [ 3341.179429][T21594] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 3341.185583][T21594] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 3341.191136][T21594] ? find_held_lock+0x35/0x130 [ 3341.195898][T21594] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 3341.201452][T21594] __memcg_kmem_charge_memcg+0x7c/0x130 [ 3341.206981][T21594] ? memcg_kmem_put_cache+0xb0/0xb0 [ 3341.212176][T21594] ? get_mem_cgroup_from_mm+0x128/0x2b0 [ 3341.217747][T21594] __memcg_kmem_charge+0x136/0x300 [ 3341.222857][T21594] __alloc_pages_nodemask+0x4bf/0x8d0 [ 3341.228233][T21594] ? __alloc_pages_slowpath+0x28b0/0x28b0 [ 3341.233971][T21594] ? copy_page_range+0x125a/0x1f90 [ 3341.239078][T21594] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 3341.245304][T21594] alloc_pages_current+0x107/0x210 [ 3341.250402][T21594] pte_alloc_one+0x1b/0x1a0 [ 3341.255084][T21594] __pte_alloc+0x20/0x310 [ 3341.259433][T21594] copy_page_range+0x1529/0x1f90 [ 3341.264352][T21594] ? perf_trace_lock+0xeb/0x510 [ 3341.269197][T21594] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3341.275463][T21594] ? pmd_alloc+0x180/0x180 [ 3341.279879][T21594] ? __rb_insert_augmented+0x231/0xdf0 [ 3341.285321][T21594] ? validate_mm_rb+0xa3/0xc0 [ 3341.289994][T21594] ? __vma_link_rb+0x279/0x370 [ 3341.294766][T21594] copy_process.part.0+0x568b/0x7980 [ 3341.300071][T21594] ? __cleanup_sighand+0x60/0x60 [ 3341.305000][T21594] ? check_stack_object+0x114/0x160 [ 3341.310200][T21594] ? __sanitizer_cov_trace_switch+0x49/0x80 [ 3341.316098][T21594] _do_fork+0x257/0xfd0 [ 3341.320269][T21594] ? fork_idle+0x1d0/0x1d0 [ 3341.324669][T21594] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3341.330897][T21594] ? key_get_type_from_user.constprop.0+0xe4/0x110 [ 3341.337399][T21594] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3341.343634][T21594] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3341.349072][T21594] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3341.354523][T21594] ? do_syscall_64+0x26/0x610 [ 3341.359205][T21594] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3341.365277][T21594] ? do_syscall_64+0x26/0x610 [ 3341.369958][T21594] __x64_sys_clone+0xbf/0x150 [ 3341.371707][ C0] protocol 88fb is buggy, dev hsr_slave_0 [ 3341.374633][T21594] do_syscall_64+0x103/0x610 [ 3341.380413][ C0] protocol 88fb is buggy, dev hsr_slave_1 [ 3341.384942][T21594] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3341.384956][T21594] RIP: 0033:0x2000050a [ 3341.384970][T21594] Code: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 98 4a 2a e9 2c b8 b6 4c 0f 05 03 00 40 00 c4 a3 7b f0 c5 3c 41 e2 e9 c4 22 e9 aa bb 3c 00 00 [ 3341.384977][T21594] RSP: 002b:0000000000400003 EFLAGS: 00000212 ORIG_RAX: 0000000000000038 [ 3341.384991][T21594] RAX: ffffffffffffffda RBX: 0000000000000009 RCX: 000000002000050a [ 3341.385001][T21594] RDX: dfaf83e69c634c96 RSI: 0000000000400003 RDI: 00007f3680240608 [ 3341.385010][T21594] RBP: 0000000000000006 R08: 0000000000000005 R09: 0000000000000006 [ 3341.385025][T21594] R10: 0000000000000007 R11: 0000000000000212 R12: 000000000000000b [ 3341.390874][ C0] protocol 88fb is buggy, dev hsr_slave_0 [ 3341.396617][T21594] R13: 000000000000000c R14: 000000000000000d R15: 00000000ffffffff [ 3341.423279][T21594] memory: usage 307184kB, limit 307200kB, failcnt 14826 [ 3341.428908][ C0] protocol 88fb is buggy, dev hsr_slave_1 [ 3341.437103][T21594] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3341.495895][T21594] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3341.503208][T21594] Memory cgroup stats for /syz0: cache:228KB rss:70232KB rss_huge:38912KB shmem:200KB mapped_file:0KB dirty:0KB writeback:132KB swap:0KB inactive_anon:104KB active_anon:70216KB inactive_file:0KB active_file:0KB unevictable:0KB [ 3341.526761][T21594] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=9412,uid=0 [ 3341.542576][T21594] Memory cgroup out of memory: Killed process 9412 (syz-executor.0) total-vm:72712kB, anon-rss:2220kB, file-rss:34816kB, shmem-rss:0kB [ 3341.566601][T21866] syz-executor.0 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 3341.588785][T21866] CPU: 1 PID: 21866 Comm: syz-executor.0 Not tainted 5.1.0-rc7+ #97 [ 3341.596819][T21866] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3341.606888][T21866] Call Trace: [ 3341.610201][T21866] dump_stack+0x172/0x1f0 [ 3341.614556][T21866] dump_header+0x10f/0xb6c [ 3341.618996][T21866] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 3341.624817][T21866] ? ___ratelimit+0x60/0x595 [ 3341.629419][T21866] ? do_raw_spin_unlock+0x57/0x270 [ 3341.634548][T21866] oom_kill_process.cold+0x10/0x15 [ 3341.639673][T21866] out_of_memory+0x79a/0x1280 [ 3341.644382][T21866] ? oom_killer_disable+0x280/0x280 [ 3341.649595][T21866] ? find_held_lock+0x35/0x130 [ 3341.654383][T21866] mem_cgroup_out_of_memory+0x1ca/0x230 [ 3341.659962][T21866] ? memcg_event_wake+0x230/0x230 [ 3341.665012][T21866] ? do_raw_spin_unlock+0x57/0x270 [ 3341.670144][T21866] ? _raw_spin_unlock+0x2d/0x50 [ 3341.675013][T21866] try_charge+0xa87/0x15c0 [ 3341.679440][T21866] ? find_held_lock+0x35/0x130 [ 3341.684226][T21866] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 3341.690232][T21866] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3341.696763][T21866] ? kasan_check_read+0x11/0x20 [ 3341.701637][T21866] ? get_mem_cgroup_from_mm+0x128/0x2b0 [ 3341.707206][T21866] mem_cgroup_try_charge+0x24d/0x5e0 [ 3341.712514][T21866] mem_cgroup_try_charge_delay+0x1f/0xa0 [ 3341.718221][T21866] wp_page_copy+0x408/0x1740 [ 3341.722861][T21866] ? find_held_lock+0x35/0x130 [ 3341.727647][T21866] ? pmd_pfn+0x1d0/0x1d0 [ 3341.731905][T21866] ? lock_downgrade+0x880/0x880 [ 3341.736791][T21866] ? swp_swapcount+0x540/0x540 [ 3341.741607][T21866] ? kasan_check_read+0x11/0x20 [ 3341.746483][T21866] ? do_raw_spin_unlock+0x57/0x270 [ 3341.751609][T21866] do_wp_page+0x48e/0x1500 [ 3341.756048][T21866] ? finish_mkwrite_fault+0x4f0/0x4f0 [ 3341.761468][T21866] __handle_mm_fault+0x22e8/0x3ec0 [ 3341.766610][T21866] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 3341.772172][T21866] ? find_held_lock+0x35/0x130 [ 3341.776973][T21866] ? handle_mm_fault+0x322/0xb30 [ 3341.781954][T21866] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3341.788212][T21866] ? kasan_check_read+0x11/0x20 [ 3341.793083][T21866] handle_mm_fault+0x43f/0xb30 [ 3341.797862][T21866] __do_page_fault+0x5ef/0xda0 [ 3341.802655][T21866] do_page_fault+0x71/0x581 [ 3341.807153][T21866] page_fault+0x1e/0x30 [ 3341.811305][T21866] RIP: 0010:__put_user_4+0x1c/0x30 [ 3341.816418][T21866] Code: 1f 00 c3 90 66 2e 0f 1f 84 00 00 00 00 00 65 48 8b 1c 25 00 ee 01 00 48 8b 9b 18 14 00 00 48 83 eb 03 48 39 d9 73 3c 0f 1f 00 <89> 01 31 c0 0f 1f 00 c3 66 90 66 2e 0f 1f 84 00 00 00 00 00 65 48 [ 3341.836123][T21866] RSP: 0018:ffff88804bc27ed0 EFLAGS: 00010293 [ 3341.842193][T21866] RAX: 0000000000000000 RBX: 00007fffffffeffd RCX: 00007f3680240608 [ 3341.850157][T21866] RDX: 0000000000000000 RSI: ffffffff819ace93 RDI: 0000000000000286 [ 3341.858129][T21866] RBP: ffff88804bc27f10 R08: ffff888047b6e4c0 R09: 0000000000000001 [ 3341.866193][T21866] R10: ffff888047b6ed40 R11: ffff888047b6e4c0 R12: 0000000000000000 [ 3341.874169][T21866] R13: 00007f3680240608 R14: 0000000000400003 R15: 0000000000000000 [ 3341.882180][T21866] ? __might_fault+0x1a3/0x1e0 [ 3341.887027][T21866] ? __x64_sys_getresgid+0x1aa/0x290 [ 3341.892320][T21866] ? trace_hardirqs_on+0x67/0x230 [ 3341.897364][T21866] do_syscall_64+0x103/0x610 [ 3341.901968][T21866] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3341.907861][T21866] RIP: 0033:0x2000050a [ 3341.911928][T21866] Code: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 98 4a 2a e9 2c b8 b6 4c 0f 05 03 00 40 00 c4 a3 7b f0 c5 3c 41 e2 e9 c4 22 e9 aa bb 3c 00 00 [ 3341.931660][T21866] RSP: 002b:0000000000400003 EFLAGS: 00000217 ORIG_RAX: 0000000000000078 [ 3341.940076][T21866] RAX: ffffffffffffffda RBX: 0000000000000009 RCX: 000000002000050a [ 3341.948037][T21866] RDX: dfaf83e69c634c96 RSI: 0000000000400003 RDI: 00007f3680240608 [ 3341.956013][T21866] RBP: 00000000000000fa R08: 0000000000000005 R09: 0000000000000006 [ 3341.964005][T21866] R10: 0000000000000007 R11: 0000000000000217 R12: 000000000000000b [ 3341.971981][T21866] R13: 000000000000000c R14: 000000000000000d R15: 00000000ffffffff [ 3341.984742][T21866] memory: usage 307200kB, limit 307200kB, failcnt 14923 [ 3341.991855][T21866] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3341.999311][T21866] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3342.006284][T21866] Memory cgroup stats for /syz0: cache:228KB rss:68144KB rss_huge:36864KB shmem:200KB mapped_file:0KB dirty:0KB writeback:132KB swap:0KB inactive_anon:104KB active_anon:68084KB inactive_file:0KB active_file:0KB unevictable:0KB [ 3342.032753][T21866] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=14099,uid=0 [ 3342.048297][T21866] Memory cgroup out of memory: Killed process 14099 (syz-executor.0) total-vm:72448kB, anon-rss:2212kB, file-rss:34816kB, shmem-rss:0kB [ 3342.082130][T21868] syz-executor.0 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 3342.136724][T21868] CPU: 1 PID: 21868 Comm: syz-executor.0 Not tainted 5.1.0-rc7+ #97 [ 3342.144852][T21868] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3342.154917][T21868] Call Trace: [ 3342.158307][T21868] dump_stack+0x172/0x1f0 [ 3342.162654][T21868] dump_header+0x10f/0xb6c [ 3342.167088][T21868] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 3342.172908][T21868] ? ___ratelimit+0x60/0x595 [ 3342.177515][T21868] ? do_raw_spin_unlock+0x57/0x270 [ 3342.182640][T21868] oom_kill_process.cold+0x10/0x15 [ 3342.187769][T21868] out_of_memory+0x79a/0x1280 [ 3342.192468][T21868] ? oom_killer_disable+0x280/0x280 [ 3342.197678][T21868] ? find_held_lock+0x35/0x130 [ 3342.202474][T21868] mem_cgroup_out_of_memory+0x1ca/0x230 [ 3342.208047][T21868] ? memcg_event_wake+0x230/0x230 [ 3342.213101][T21868] ? do_raw_spin_unlock+0x57/0x270 [ 3342.218233][T21868] ? _raw_spin_unlock+0x2d/0x50 [ 3342.223110][T21868] try_charge+0xa87/0x15c0 [ 3342.227537][T21868] ? find_held_lock+0x35/0x130 [ 3342.232336][T21868] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 3342.237988][T21868] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3342.244254][T21868] ? kasan_check_read+0x11/0x20 [ 3342.249133][T21868] ? get_mem_cgroup_from_mm+0x128/0x2b0 [ 3342.254701][T21868] mem_cgroup_try_charge+0x24d/0x5e0 [ 3342.260018][T21868] mem_cgroup_try_charge_delay+0x1f/0xa0 [ 3342.265678][T21868] wp_page_copy+0x408/0x1740 [ 3342.270281][T21868] ? find_held_lock+0x35/0x130 [ 3342.275071][T21868] ? pmd_pfn+0x1d0/0x1d0 [ 3342.279342][T21868] ? lock_downgrade+0x880/0x880 [ 3342.284179][T21868] ? swp_swapcount+0x540/0x540 [ 3342.288930][T21868] ? kasan_check_read+0x11/0x20 [ 3342.293792][T21868] ? do_raw_spin_unlock+0x57/0x270 [ 3342.298941][T21868] do_wp_page+0x48e/0x1500 [ 3342.303367][T21868] ? finish_mkwrite_fault+0x4f0/0x4f0 [ 3342.308765][T21868] __handle_mm_fault+0x22e8/0x3ec0 [ 3342.313888][T21868] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 3342.319425][T21868] ? find_held_lock+0x35/0x130 [ 3342.324277][T21868] ? handle_mm_fault+0x322/0xb30 [ 3342.329210][T21868] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3342.335454][T21868] ? kasan_check_read+0x11/0x20 [ 3342.340317][T21868] handle_mm_fault+0x43f/0xb30 [ 3342.345092][T21868] __do_page_fault+0x5ef/0xda0 [ 3342.349839][T21868] do_page_fault+0x71/0x581 [ 3342.354344][T21868] page_fault+0x1e/0x30 [ 3342.358511][T21868] RIP: 0010:__put_user_4+0x1c/0x30 [ 3342.363703][T21868] Code: 1f 00 c3 90 66 2e 0f 1f 84 00 00 00 00 00 65 48 8b 1c 25 00 ee 01 00 48 8b 9b 18 14 00 00 48 83 eb 03 48 39 d9 73 3c 0f 1f 00 <89> 01 31 c0 0f 1f 00 c3 66 90 66 2e 0f 1f 84 00 00 00 00 00 65 48 [ 3342.383383][T21868] RSP: 0018:ffff88804bc47ed0 EFLAGS: 00010293 [ 3342.389428][T21868] RAX: 0000000000000000 RBX: 00007fffffffeffd RCX: 00007f3680240608 [ 3342.397397][T21868] RDX: 0000000000000000 RSI: ffffffff819ace93 RDI: 0000000000000286 [ 3342.405372][T21868] RBP: ffff88804bc47f10 R08: ffff888059ca0480 R09: 0000000000000001 [ 3342.413359][T21868] R10: ffff888059ca0d00 R11: ffff888059ca0480 R12: 0000000000000000 [ 3342.421349][T21868] R13: 00007f3680240608 R14: 0000000000400003 R15: 0000000000000000 [ 3342.429333][T21868] ? __might_fault+0x1a3/0x1e0 [ 3342.434101][T21868] ? __x64_sys_getresgid+0x1aa/0x290 [ 3342.439400][T21868] ? trace_hardirqs_on+0x67/0x230 [ 3342.444416][T21868] do_syscall_64+0x103/0x610 [ 3342.448992][T21868] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3342.454896][T21868] RIP: 0033:0x2000050a [ 3342.458967][T21868] Code: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 98 4a 2a e9 2c b8 b6 4c 0f 05 03 00 40 00 c4 a3 7b f0 c5 3c 41 e2 e9 c4 22 e9 aa bb 3c 00 00 [ 3342.478593][T21868] RSP: 002b:0000000000400003 EFLAGS: 00000217 ORIG_RAX: 0000000000000078 [ 3342.487025][T21868] RAX: ffffffffffffffda RBX: 0000000000000009 RCX: 000000002000050a [ 3342.494994][T21868] RDX: dfaf83e69c634c96 RSI: 0000000000400003 RDI: 00007f3680240608 [ 3342.502964][T21868] RBP: 00000000000000fa R08: 0000000000000005 R09: 0000000000000006 [ 3342.510940][T21868] R10: 0000000000000007 R11: 0000000000000217 R12: 000000000000000b [ 3342.518900][T21868] R13: 000000000000000c R14: 000000000000000d R15: 00000000ffffffff [ 3342.533502][T21868] memory: usage 307192kB, limit 307200kB, failcnt 15055 [ 3342.540641][T21868] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3342.548291][T21868] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3342.555349][T21868] Memory cgroup stats for /syz0: cache:228KB rss:66032KB rss_huge:34816KB shmem:200KB mapped_file:0KB dirty:0KB writeback:132KB swap:0KB inactive_anon:104KB active_anon:66024KB inactive_file:0KB active_file:0KB unevictable:0KB [ 3342.577750][T21868] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=20754,uid=0 [ 3342.593466][T21868] Memory cgroup out of memory: Killed process 20754 (syz-executor.0) total-vm:72580kB, anon-rss:2220kB, file-rss:34816kB, shmem-rss:0kB [ 3342.617091][T21869] syz-executor.0 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=0, oom_score_adj=1000 [ 3342.630612][T21869] CPU: 0 PID: 21869 Comm: syz-executor.0 Not tainted 5.1.0-rc7+ #97 [ 3342.638621][T21869] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3342.648688][T21869] Call Trace: [ 3342.651998][T21869] dump_stack+0x172/0x1f0 [ 3342.656346][T21869] dump_header+0x10f/0xb6c [ 3342.660785][T21869] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 3342.666615][T21869] ? ___ratelimit+0x60/0x595 [ 3342.671221][T21869] ? do_raw_spin_unlock+0x57/0x270 [ 3342.676353][T21869] oom_kill_process.cold+0x10/0x15 [ 3342.681481][T21869] out_of_memory+0x79a/0x1280 [ 3342.686180][T21869] ? oom_killer_disable+0x280/0x280 [ 3342.691388][T21869] ? find_held_lock+0x35/0x130 [ 3342.696180][T21869] mem_cgroup_out_of_memory+0x1ca/0x230 [ 3342.701750][T21869] ? memcg_event_wake+0x230/0x230 [ 3342.706804][T21869] ? do_raw_spin_unlock+0x57/0x270 [ 3342.711942][T21869] ? _raw_spin_unlock+0x2d/0x50 [ 3342.716814][T21869] try_charge+0xa87/0x15c0 [ 3342.721275][T21869] ? find_held_lock+0x35/0x130 [ 3342.726064][T21869] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 3342.731619][T21869] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 3342.737182][T21869] ? find_held_lock+0x35/0x130 [ 3342.741969][T21869] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 3342.747546][T21869] __memcg_kmem_charge_memcg+0x7c/0x130 [ 3342.753102][T21869] ? memcg_kmem_put_cache+0xb0/0xb0 [ 3342.758308][T21869] ? get_mem_cgroup_from_mm+0x128/0x2b0 [ 3342.764211][T21869] __memcg_kmem_charge+0x136/0x300 [ 3342.769344][T21869] __alloc_pages_nodemask+0x4bf/0x8d0 [ 3342.774733][T21869] ? __alloc_pages_slowpath+0x28b0/0x28b0 [ 3342.780476][T21869] ? is_dynamic_key+0x1c0/0x1c0 [ 3342.785336][T21869] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 3342.791594][T21869] alloc_pages_current+0x107/0x210 [ 3342.796721][T21869] pte_alloc_one+0x1b/0x1a0 [ 3342.801235][T21869] __handle_mm_fault+0x3491/0x3ec0 [ 3342.806387][T21869] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 3342.811955][T21869] ? find_held_lock+0x35/0x130 [ 3342.816732][T21869] ? handle_mm_fault+0x322/0xb30 [ 3342.822819][T21869] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3342.829073][T21869] ? kasan_check_read+0x11/0x20 [ 3342.833953][T21869] handle_mm_fault+0x43f/0xb30 [ 3342.838734][T21869] __do_page_fault+0x5ef/0xda0 [ 3342.843513][T21869] do_page_fault+0x71/0x581 [ 3342.848030][T21869] page_fault+0x1e/0x30 [ 3342.852194][T21869] RIP: 0010:strncpy_from_user+0x1e1/0x380 [ 3342.857914][T21869] Code: 48 83 eb 08 bf 07 00 00 00 49 83 c4 08 48 89 de e8 54 fb 2d fe 48 83 fb 07 0f 86 17 01 00 00 e8 a5 f9 2d fe 48 8b 45 d0 31 f6 <4e> 8b 3c 20 31 ff 89 75 cc e8 11 fb 2d fe 8b 75 cc 85 f6 0f 84 5a [ 3342.877621][T21869] RSP: 0018:ffff88804bca7cb0 EFLAGS: 00010246 [ 3342.883699][T21869] RAX: 0000000000400003 RBX: 0000000000000fe0 RCX: ffffffff83429272 [ 3342.891679][T21869] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000007 [ 3342.899683][T21869] RBP: ffff88804bca7ce8 R08: ffff88804bc98500 R09: ffff8880aa594dc0 [ 3342.907663][T21869] R10: 000000000000001c R11: ffff88804bce763f R12: 0000000000000000 [ 3342.915639][T21869] R13: ffff88804bce6660 R14: 0000000000000fe0 R15: 00007ffffffff000 [ 3342.923648][T21869] ? strncpy_from_user+0x142/0x380 [ 3342.928790][T21869] getname_flags+0x11b/0x5b0 [ 3342.933406][T21869] do_renameat2+0x199/0xc40 [ 3342.937930][T21869] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3342.944198][T21869] ? debug_smp_processor_id+0x3c/0x280 [ 3342.949680][T21869] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 3342.955410][T21869] ? user_path_create+0x50/0x50 [ 3342.960274][T21869] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3342.966526][T21869] ? security_capable+0x9b/0xd0 [ 3342.971389][T21869] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3342.977632][T21869] ? ns_capable_common+0x93/0x100 [ 3342.982664][T21869] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3342.988125][T21869] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3342.993585][T21869] ? do_syscall_64+0x26/0x610 [ 3342.998266][T21869] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3343.004838][T21869] ? do_syscall_64+0x26/0x610 [ 3343.009535][T21869] __x64_sys_renameat+0x9a/0x100 [ 3343.014491][T21869] do_syscall_64+0x103/0x610 [ 3343.019093][T21869] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3343.024990][T21869] RIP: 0033:0x2000050a [ 3343.029059][T21869] Code: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 98 4a 2a e9 2c b8 b6 4c 0f 05 03 00 40 00 c4 a3 7b f0 c5 3c 41 e2 e9 c4 22 e9 aa bb 3c 00 00 [ 3343.048670][T21869] RSP: 002b:0000000000400003 EFLAGS: 00000212 ORIG_RAX: 0000000000000108 [ 3343.057094][T21869] RAX: ffffffffffffffda RBX: 0000000000000009 RCX: 000000002000050a [ 3343.065161][T21869] RDX: dfaf83e69c634c96 RSI: 0000000000400003 RDI: 00007f3680240608 [ 3343.073136][T21869] RBP: 0000000000000013 R08: 0000000000000005 R09: 0000000000000006 [ 3343.081117][T21869] R10: 0000000000000007 R11: 0000000000000212 R12: 000000000000000b [ 3343.089092][T21869] R13: 000000000000000c R14: 000000000000000d R15: 00000000ffffffff [ 3343.103684][T21869] memory: usage 307200kB, limit 307200kB, failcnt 15161 [ 3343.110665][T21869] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3343.118332][T21869] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3343.125351][T21869] Memory cgroup stats for /syz0: cache:228KB rss:63964KB rss_huge:32768KB shmem:200KB mapped_file:0KB dirty:0KB writeback:132KB swap:0KB inactive_anon:104KB active_anon:63924KB inactive_file:0KB active_file:0KB unevictable:0KB [ 3343.147353][T21869] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=20761,uid=0 [ 3343.162925][T21869] Memory cgroup out of memory: Killed process 20761 (syz-executor.0) total-vm:72580kB, anon-rss:2220kB, file-rss:34816kB, shmem-rss:0kB [ 3343.178954][ T1043] oom_reaper: reaped process 20761 (syz-executor.0), now anon-rss:0kB, file-rss:34816kB, shmem-rss:0kB [ 3343.193562][T21862] syz-executor.0 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=0, oom_score_adj=1000 [ 3343.229206][T21862] CPU: 1 PID: 21862 Comm: syz-executor.0 Not tainted 5.1.0-rc7+ #97 [ 3343.237235][T21862] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3343.247303][T21862] Call Trace: [ 3343.250706][T21862] dump_stack+0x172/0x1f0 [ 3343.255058][T21862] dump_header+0x10f/0xb6c [ 3343.259487][T21862] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 3343.265310][T21862] ? ___ratelimit+0x60/0x595 [ 3343.269918][T21862] ? do_raw_spin_unlock+0x57/0x270 [ 3343.275054][T21862] oom_kill_process.cold+0x10/0x15 [ 3343.280178][T21862] out_of_memory+0x79a/0x1280 [ 3343.284868][T21862] ? oom_killer_disable+0x280/0x280 [ 3343.290066][T21862] ? find_held_lock+0x35/0x130 [ 3343.294851][T21862] mem_cgroup_out_of_memory+0x1ca/0x230 [ 3343.300403][T21862] ? memcg_event_wake+0x230/0x230 [ 3343.305442][T21862] ? do_raw_spin_unlock+0x57/0x270 [ 3343.310556][T21862] ? _raw_spin_unlock+0x2d/0x50 [ 3343.315430][T21862] try_charge+0xa87/0x15c0 [ 3343.319850][T21862] ? find_held_lock+0x35/0x130 [ 3343.324637][T21862] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 3343.330199][T21862] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 3343.335756][T21862] ? find_held_lock+0x35/0x130 [ 3343.340524][T21862] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 3343.346094][T21862] __memcg_kmem_charge_memcg+0x7c/0x130 [ 3343.351651][T21862] ? memcg_kmem_put_cache+0xb0/0xb0 [ 3343.356862][T21862] ? get_mem_cgroup_from_mm+0x128/0x2b0 [ 3343.362421][T21862] __memcg_kmem_charge+0x136/0x300 [ 3343.367543][T21862] __alloc_pages_nodemask+0x4bf/0x8d0 [ 3343.372931][T21862] ? __alloc_pages_slowpath+0x28b0/0x28b0 [ 3343.378679][T21862] ? copy_page_range+0x125a/0x1f90 [ 3343.383801][T21862] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 3343.390058][T21862] alloc_pages_current+0x107/0x210 [ 3343.395182][T21862] pte_alloc_one+0x1b/0x1a0 [ 3343.399689][T21862] __pte_alloc+0x20/0x310 [ 3343.404030][T21862] copy_page_range+0x1529/0x1f90 [ 3343.408984][T21862] ? perf_trace_lock+0xeb/0x510 [ 3343.413839][T21862] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3343.420114][T21862] ? pmd_alloc+0x180/0x180 [ 3343.424540][T21862] ? __rb_insert_augmented+0x231/0xdf0 [ 3343.429990][T21862] ? validate_mm_rb+0xa3/0xc0 [ 3343.434646][T21862] ? __vma_link_rb+0x279/0x370 [ 3343.439408][T21862] copy_process.part.0+0x568b/0x7980 [ 3343.444724][T21862] ? __cleanup_sighand+0x60/0x60 [ 3343.449665][T21862] ? check_stack_object+0x114/0x160 [ 3343.454854][T21862] ? __sanitizer_cov_trace_switch+0x49/0x80 [ 3343.460732][T21862] _do_fork+0x257/0xfd0 [ 3343.464896][T21862] ? fork_idle+0x1d0/0x1d0 [ 3343.469317][T21862] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3343.475543][T21862] ? key_get_type_from_user.constprop.0+0xe4/0x110 [ 3343.482047][T21862] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3343.488291][T21862] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3343.493748][T21862] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3343.499189][T21862] ? do_syscall_64+0x26/0x610 [ 3343.503857][T21862] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3343.509917][T21862] ? do_syscall_64+0x26/0x610 [ 3343.514766][T21862] __x64_sys_clone+0xbf/0x150 [ 3343.519430][T21862] do_syscall_64+0x103/0x610 [ 3343.524025][T21862] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3343.529914][T21862] RIP: 0033:0x2000050a [ 3343.533976][T21862] Code: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 98 4a 2a e9 2c b8 b6 4c 0f 05 03 00 40 00 c4 a3 7b f0 c5 3c 41 e2 e9 c4 22 e9 aa bb 3c 00 00 [ 3343.553591][T21862] RSP: 002b:0000000000400003 EFLAGS: 00000212 ORIG_RAX: 0000000000000038 [ 3343.562000][T21862] RAX: ffffffffffffffda RBX: 0000000000000009 RCX: 000000002000050a [ 3343.569971][T21862] RDX: dfaf83e69c634c96 RSI: 0000000000400003 RDI: 00007f3680240608 [ 3343.577930][T21862] RBP: 0000000000000006 R08: 0000000000000005 R09: 0000000000000006 [ 3343.585906][T21862] R10: 0000000000000007 R11: 0000000000000212 R12: 000000000000000b [ 3343.593884][T21862] R13: 000000000000000c R14: 000000000000000d R15: 00000000ffffffff [ 3343.607636][T21862] memory: usage 307200kB, limit 307200kB, failcnt 15268 [ 3343.614755][T21862] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3343.622377][T21862] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3343.629264][T21862] Memory cgroup stats for /syz0: cache:228KB rss:61844KB rss_huge:32768KB shmem:200KB mapped_file:0KB dirty:0KB writeback:132KB swap:0KB inactive_anon:104KB active_anon:61796KB inactive_file:0KB active_file:0KB unevictable:0KB [ 3343.651209][T21862] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=10813,uid=0 [ 3343.666712][T21862] Memory cgroup out of memory: Killed process 10813 (syz-executor.0) total-vm:72580kB, anon-rss:2212kB, file-rss:34816kB, shmem-rss:0kB [ 3343.690560][T21863] syz-executor.0 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 3343.741762][T21863] CPU: 1 PID: 21863 Comm: syz-executor.0 Not tainted 5.1.0-rc7+ #97 [ 3343.749792][T21863] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3343.759856][T21863] Call Trace: [ 3343.763163][T21863] dump_stack+0x172/0x1f0 [ 3343.767516][T21863] dump_header+0x10f/0xb6c [ 3343.771958][T21863] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 3343.777792][T21863] ? ___ratelimit+0x60/0x595 [ 3343.782395][T21863] ? do_raw_spin_unlock+0x57/0x270 [ 3343.787526][T21863] oom_kill_process.cold+0x10/0x15 [ 3343.792646][T21863] out_of_memory+0x79a/0x1280 [ 3343.797367][T21863] ? oom_killer_disable+0x280/0x280 [ 3343.802567][T21863] ? find_held_lock+0x35/0x130 [ 3343.807354][T21863] mem_cgroup_out_of_memory+0x1ca/0x230 [ 3343.812908][T21863] ? memcg_event_wake+0x230/0x230 [ 3343.817966][T21863] ? do_raw_spin_unlock+0x57/0x270 [ 3343.823085][T21863] ? _raw_spin_unlock+0x2d/0x50 [ 3343.827959][T21863] try_charge+0xa87/0x15c0 [ 3343.832383][T21863] ? find_held_lock+0x35/0x130 [ 3343.837171][T21863] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 3343.842735][T21863] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3343.848997][T21863] ? kasan_check_read+0x11/0x20 [ 3343.853865][T21863] ? get_mem_cgroup_from_mm+0x128/0x2b0 [ 3343.859422][T21863] mem_cgroup_try_charge+0x24d/0x5e0 [ 3343.864758][T21863] mem_cgroup_try_charge_delay+0x1f/0xa0 [ 3343.870413][T21863] wp_page_copy+0x408/0x1740 [ 3343.875011][T21863] ? find_held_lock+0x35/0x130 [ 3343.879793][T21863] ? pmd_pfn+0x1d0/0x1d0 [ 3343.884052][T21863] ? lock_downgrade+0x880/0x880 [ 3343.888919][T21863] ? swp_swapcount+0x540/0x540 [ 3343.893711][T21863] ? kasan_check_read+0x11/0x20 [ 3343.898762][T21863] ? do_raw_spin_unlock+0x57/0x270 [ 3343.903891][T21863] do_wp_page+0x48e/0x1500 [ 3343.908326][T21863] ? finish_mkwrite_fault+0x4f0/0x4f0 [ 3343.913699][T21863] __handle_mm_fault+0x22e8/0x3ec0 [ 3343.918801][T21863] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 3343.925403][T21863] ? find_held_lock+0x35/0x130 [ 3343.930176][T21863] ? handle_mm_fault+0x322/0xb30 [ 3343.935114][T21863] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3343.941364][T21863] ? kasan_check_read+0x11/0x20 [ 3343.946228][T21863] handle_mm_fault+0x43f/0xb30 [ 3343.950998][T21863] __do_page_fault+0x5ef/0xda0 [ 3343.955759][T21863] do_page_fault+0x71/0x581 [ 3343.960253][T21863] page_fault+0x1e/0x30 [ 3343.964405][T21863] RIP: 0010:__put_user_4+0x1c/0x30 [ 3343.969509][T21863] Code: 1f 00 c3 90 66 2e 0f 1f 84 00 00 00 00 00 65 48 8b 1c 25 00 ee 01 00 48 8b 9b 18 14 00 00 48 83 eb 03 48 39 d9 73 3c 0f 1f 00 <89> 01 31 c0 0f 1f 00 c3 66 90 66 2e 0f 1f 84 00 00 00 00 00 65 48 [ 3343.989100][T21863] RSP: 0018:ffff88804bc0fed0 EFLAGS: 00010293 [ 3343.995176][T21863] RAX: 0000000000000000 RBX: 00007fffffffeffd RCX: 00007f3680240608 [ 3344.003147][T21863] RDX: 0000000000000000 RSI: ffffffff819ace93 RDI: 0000000000000286 [ 3344.011116][T21863] RBP: ffff88804bc0ff10 R08: ffff88804bc00300 R09: 0000000000000001 [ 3344.019092][T21863] R10: ffff88804bc00b80 R11: ffff88804bc00300 R12: 0000000000000000 [ 3344.031763][T21863] R13: 00007f3680240608 R14: 0000000000400003 R15: 0000000000000000 [ 3344.039747][T21863] ? __might_fault+0x1a3/0x1e0 [ 3344.044623][T21863] ? __x64_sys_getresgid+0x1aa/0x290 [ 3344.049906][T21863] ? trace_hardirqs_on+0x67/0x230 [ 3344.054920][T21863] do_syscall_64+0x103/0x610 [ 3344.059509][T21863] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3344.065488][T21863] RIP: 0033:0x2000050a [ 3344.069551][T21863] Code: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 98 4a 2a e9 2c b8 b6 4c 0f 05 03 00 40 00 c4 a3 7b f0 c5 3c 41 e2 e9 c4 22 e9 aa bb 3c 00 00 [ 3344.089230][T21863] RSP: 002b:0000000000400003 EFLAGS: 00000217 ORIG_RAX: 0000000000000078 [ 3344.097637][T21863] RAX: ffffffffffffffda RBX: 0000000000000009 RCX: 000000002000050a [ 3344.105608][T21863] RDX: dfaf83e69c634c96 RSI: 0000000000400003 RDI: 00007f3680240608 [ 3344.113581][T21863] RBP: 00000000000000fa R08: 0000000000000005 R09: 0000000000000006 [ 3344.121542][T21863] R10: 0000000000000007 R11: 0000000000000217 R12: 000000000000000b [ 3344.129514][T21863] R13: 000000000000000c R14: 000000000000000d R15: 00000000ffffffff [ 3344.144097][T21863] memory: usage 307200kB, limit 307200kB, failcnt 15383 [ 3344.151315][T21863] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3344.159141][T21863] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3344.166297][T21863] Memory cgroup stats for /syz0: cache:228KB rss:59720KB rss_huge:30720KB shmem:200KB mapped_file:0KB dirty:0KB writeback:132KB swap:0KB inactive_anon:104KB active_anon:59716KB inactive_file:0KB active_file:0KB unevictable:0KB [ 3344.188676][T21863] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=2080,uid=0 [ 3344.204326][T21863] Memory cgroup out of memory: Killed process 2080 (syz-executor.0) total-vm:72580kB, anon-rss:2212kB, file-rss:34816kB, shmem-rss:0kB [ 3344.228182][T21865] syz-executor.0 invoked oom-killer: gfp_mask=0x40cc0(GFP_KERNEL|__GFP_COMP), order=1, oom_score_adj=1000 [ 3344.242202][T21865] CPU: 0 PID: 21865 Comm: syz-executor.0 Not tainted 5.1.0-rc7+ #97 [ 3344.250225][T21865] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3344.260299][T21865] Call Trace: [ 3344.263606][T21865] dump_stack+0x172/0x1f0 [ 3344.267963][T21865] dump_header+0x10f/0xb6c [ 3344.272396][T21865] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 3344.278215][T21865] ? ___ratelimit+0x60/0x595 [ 3344.282821][T21865] ? do_raw_spin_unlock+0x57/0x270 [ 3344.287953][T21865] oom_kill_process.cold+0x10/0x15 [ 3344.293080][T21865] out_of_memory+0x79a/0x1280 [ 3344.297777][T21865] ? oom_killer_disable+0x280/0x280 [ 3344.302989][T21865] ? find_held_lock+0x35/0x130 [ 3344.307778][T21865] mem_cgroup_out_of_memory+0x1ca/0x230 [ 3344.313339][T21865] ? memcg_event_wake+0x230/0x230 [ 3344.318394][T21865] ? do_raw_spin_unlock+0x57/0x270 [ 3344.323519][T21865] ? _raw_spin_unlock+0x2d/0x50 [ 3344.328385][T21865] try_charge+0xa87/0x15c0 [ 3344.332822][T21865] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 3344.338382][T21865] ? rcu_read_lock_sched_held+0x110/0x130 [ 3344.344125][T21865] ? __alloc_pages_nodemask+0x61d/0x8d0 [ 3344.349704][T21865] ? __lockdep_free_key_range+0x120/0x120 [ 3344.355440][T21865] __memcg_kmem_charge_memcg+0x7c/0x130 [ 3344.360991][T21865] ? memcg_kmem_put_cache+0xb0/0xb0 [ 3344.366191][T21865] ? cache_grow_begin+0x594/0x860 [ 3344.371223][T21865] ? lockdep_hardirqs_on+0x418/0x5d0 [ 3344.376525][T21865] ? trace_hardirqs_on+0x67/0x230 [ 3344.381587][T21865] cache_grow_begin+0x5c0/0x860 [ 3344.386450][T21865] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 3344.392702][T21865] ? __cpuset_node_allowed+0x136/0x540 [ 3344.398175][T21865] fallback_alloc+0x1fd/0x2d0 [ 3344.402882][T21865] ____cache_alloc_node+0x1be/0x1e0 [ 3344.408090][T21865] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 3344.414601][T21865] kmem_cache_alloc_node+0xe3/0x710 [ 3344.420088][T21865] ? lockdep_hardirqs_on+0x418/0x5d0 [ 3344.425385][T21865] ? trace_hardirqs_on+0x67/0x230 [ 3344.430433][T21865] copy_process.part.0+0x1d08/0x7980 [ 3344.435719][T21865] ? perf_trace_lock+0xeb/0x510 [ 3344.440569][T21865] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3344.446820][T21865] ? debug_smp_processor_id+0x3c/0x280 [ 3344.452375][T21865] ? __lockdep_free_key_range+0x120/0x120 [ 3344.458105][T21865] ? __might_fault+0x12b/0x1e0 [ 3344.462876][T21865] ? find_held_lock+0x35/0x130 [ 3344.467650][T21865] ? __might_fault+0x12b/0x1e0 [ 3344.472431][T21865] ? __cleanup_sighand+0x60/0x60 [ 3344.477388][T21865] ? check_stack_object+0x114/0x160 [ 3344.482594][T21865] ? __sanitizer_cov_trace_switch+0x49/0x80 [ 3344.488499][T21865] _do_fork+0x257/0xfd0 [ 3344.492663][T21865] ? fork_idle+0x1d0/0x1d0 [ 3344.497088][T21865] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3344.503341][T21865] ? key_get_type_from_user.constprop.0+0xe4/0x110 [ 3344.509860][T21865] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3344.516103][T21865] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3344.521572][T21865] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3344.527029][T21865] ? do_syscall_64+0x26/0x610 [ 3344.531709][T21865] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3344.537780][T21865] ? do_syscall_64+0x26/0x610 [ 3344.542471][T21865] __x64_sys_clone+0xbf/0x150 [ 3344.547160][T21865] do_syscall_64+0x103/0x610 [ 3344.551756][T21865] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3344.557667][T21865] RIP: 0033:0x2000050a [ 3344.561740][T21865] Code: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 98 4a 2a e9 2c b8 b6 4c 0f 05 03 00 40 00 c4 a3 7b f0 c5 3c 41 e2 e9 c4 22 e9 aa bb 3c 00 00 [ 3344.581351][T21865] RSP: 002b:0000000000400003 EFLAGS: 00000212 ORIG_RAX: 0000000000000038 [ 3344.589777][T21865] RAX: ffffffffffffffda RBX: 0000000000000009 RCX: 000000002000050a [ 3344.597751][T21865] RDX: dfaf83e69c634c96 RSI: 0000000000400003 RDI: 00007f3680240608 [ 3344.605721][T21865] RBP: 0000000000000006 R08: 0000000000000005 R09: 0000000000000006 [ 3344.613694][T21865] R10: 0000000000000007 R11: 0000000000000212 R12: 000000000000000b [ 3344.621664][T21865] R13: 000000000000000c R14: 000000000000000d R15: 00000000ffffffff [ 3344.641703][T21865] memory: usage 307200kB, limit 307200kB, failcnt 15505 [ 3344.648840][T21865] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3344.656892][T21865] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3344.663972][T21865] Memory cgroup stats for /syz0: cache:228KB rss:57628KB rss_huge:28672KB shmem:200KB mapped_file:0KB dirty:0KB writeback:132KB swap:0KB inactive_anon:104KB active_anon:57572KB inactive_file:0KB active_file:0KB unevictable:0KB [ 3344.686060][T21865] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=9873,uid=0 [ 3344.701654][T21865] Memory cgroup out of memory: Killed process 9873 (syz-executor.0) total-vm:72448kB, anon-rss:2212kB, file-rss:34816kB, shmem-rss:0kB [ 3344.725631][T21864] syz-executor.0 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=0, oom_score_adj=1000 [ 3344.739303][T21864] CPU: 0 PID: 21864 Comm: syz-executor.0 Not tainted 5.1.0-rc7+ #97 [ 3344.747308][T21864] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3344.757370][T21864] Call Trace: [ 3344.760678][T21864] dump_stack+0x172/0x1f0 [ 3344.765023][T21864] dump_header+0x10f/0xb6c [ 3344.769451][T21864] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 3344.775277][T21864] ? ___ratelimit+0x60/0x595 [ 3344.779876][T21864] ? do_raw_spin_unlock+0x57/0x270 [ 3344.785000][T21864] oom_kill_process.cold+0x10/0x15 [ 3344.790118][T21864] out_of_memory+0x79a/0x1280 [ 3344.794809][T21864] ? oom_killer_disable+0x280/0x280 [ 3344.800012][T21864] ? find_held_lock+0x35/0x130 [ 3344.804800][T21864] mem_cgroup_out_of_memory+0x1ca/0x230 [ 3344.810353][T21864] ? memcg_event_wake+0x230/0x230 [ 3344.815395][T21864] ? do_raw_spin_unlock+0x57/0x270 [ 3344.820519][T21864] ? _raw_spin_unlock+0x2d/0x50 [ 3344.825384][T21864] try_charge+0xa87/0x15c0 [ 3344.829808][T21864] ? find_held_lock+0x35/0x130 [ 3344.834591][T21864] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 3344.840135][T21864] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 3344.845690][T21864] ? find_held_lock+0x35/0x130 [ 3344.850472][T21864] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 3344.856041][T21864] __memcg_kmem_charge_memcg+0x7c/0x130 [ 3344.861592][T21864] ? memcg_kmem_put_cache+0xb0/0xb0 [ 3344.866803][T21864] ? get_mem_cgroup_from_mm+0x128/0x2b0 [ 3344.872365][T21864] __memcg_kmem_charge+0x136/0x300 [ 3344.877495][T21864] __alloc_pages_nodemask+0x4bf/0x8d0 [ 3344.882883][T21864] ? __alloc_pages_slowpath+0x28b0/0x28b0 [ 3344.888625][T21864] ? copy_page_range+0x125a/0x1f90 [ 3344.893742][T21864] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 3344.899995][T21864] alloc_pages_current+0x107/0x210 [ 3344.905129][T21864] pte_alloc_one+0x1b/0x1a0 [ 3344.909648][T21864] __pte_alloc+0x20/0x310 [ 3344.913990][T21864] copy_page_range+0x1529/0x1f90 [ 3344.918925][T21864] ? perf_trace_lock+0xeb/0x510 [ 3344.923786][T21864] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3344.930065][T21864] ? pmd_alloc+0x180/0x180 [ 3344.934492][T21864] ? __rb_insert_augmented+0x231/0xdf0 [ 3344.939963][T21864] ? validate_mm_rb+0xa3/0xc0 [ 3344.944644][T21864] ? __vma_link_rb+0x279/0x370 [ 3344.949420][T21864] copy_process.part.0+0x568b/0x7980 [ 3344.954751][T21864] ? __cleanup_sighand+0x60/0x60 [ 3344.959710][T21864] ? check_stack_object+0x114/0x160 [ 3344.964913][T21864] ? __sanitizer_cov_trace_switch+0x49/0x80 [ 3344.970834][T21864] _do_fork+0x257/0xfd0 [ 3344.975002][T21864] ? fork_idle+0x1d0/0x1d0 [ 3344.979421][T21864] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3344.985760][T21864] ? key_get_type_from_user.constprop.0+0xe4/0x110 [ 3344.992284][T21864] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3344.998537][T21864] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3345.005520][T21864] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3345.010980][T21864] ? do_syscall_64+0x26/0x610 [ 3345.015655][T21864] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3345.021734][T21864] ? do_syscall_64+0x26/0x610 [ 3345.026432][T21864] __x64_sys_clone+0xbf/0x150 [ 3345.031120][T21864] do_syscall_64+0x103/0x610 [ 3345.035718][T21864] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3345.041609][T21864] RIP: 0033:0x2000050a [ 3345.045679][T21864] Code: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 98 4a 2a e9 2c b8 b6 4c 0f 05 03 00 40 00 c4 a3 7b f0 c5 3c 41 e2 e9 c4 22 e9 aa bb 3c 00 00 [ 3345.065288][T21864] RSP: 002b:0000000000400003 EFLAGS: 00000212 ORIG_RAX: 0000000000000038 [ 3345.073710][T21864] RAX: ffffffffffffffda RBX: 0000000000000009 RCX: 000000002000050a [ 3345.081686][T21864] RDX: dfaf83e69c634c96 RSI: 0000000000400003 RDI: 00007f3680240608 [ 3345.089666][T21864] RBP: 0000000000000006 R08: 0000000000000005 R09: 0000000000000006 [ 3345.097648][T21864] R10: 0000000000000007 R11: 0000000000000212 R12: 000000000000000b [ 3345.105625][T21864] R13: 000000000000000c R14: 000000000000000d R15: 00000000ffffffff [ 3345.125747][T21864] memory: usage 307200kB, limit 307200kB, failcnt 15604 [ 3345.132946][T21864] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3345.140405][T21864] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3345.147371][T21864] Memory cgroup stats for /syz0: cache:228KB rss:55476KB rss_huge:26624KB shmem:200KB mapped_file:0KB dirty:0KB writeback:132KB swap:0KB inactive_anon:104KB active_anon:55488KB inactive_file:0KB active_file:0KB unevictable:0KB [ 3345.169612][T21864] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=12443,uid=0 [ 3345.185156][T21864] Memory cgroup out of memory: Killed process 12443 (syz-executor.0) total-vm:72448kB, anon-rss:2212kB, file-rss:34816kB, shmem-rss:0kB [ 3345.209416][T21860] syz-executor.0 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=0, oom_score_adj=1000 [ 3345.269898][T21860] CPU: 1 PID: 21860 Comm: syz-executor.0 Not tainted 5.1.0-rc7+ #97 [ 3345.277952][T21860] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3345.288028][T21860] Call Trace: [ 3345.291330][T21860] dump_stack+0x172/0x1f0 [ 3345.295676][T21860] dump_header+0x10f/0xb6c [ 3345.300143][T21860] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 3345.305976][T21860] ? ___ratelimit+0x60/0x595 [ 3345.310575][T21860] ? do_raw_spin_unlock+0x57/0x270 [ 3345.315696][T21860] oom_kill_process.cold+0x10/0x15 [ 3345.320817][T21860] out_of_memory+0x79a/0x1280 [ 3345.325511][T21860] ? oom_killer_disable+0x280/0x280 [ 3345.330710][T21860] ? find_held_lock+0x35/0x130 [ 3345.335495][T21860] mem_cgroup_out_of_memory+0x1ca/0x230 [ 3345.341043][T21860] ? memcg_event_wake+0x230/0x230 [ 3345.346100][T21860] ? do_raw_spin_unlock+0x57/0x270 [ 3345.351240][T21860] ? _raw_spin_unlock+0x2d/0x50 [ 3345.356107][T21860] try_charge+0xa87/0x15c0 [ 3345.360534][T21860] ? find_held_lock+0x35/0x130 [ 3345.365336][T21860] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 3345.370897][T21860] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 3345.376461][T21860] ? find_held_lock+0x35/0x130 [ 3345.381226][T21860] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 3345.386769][T21860] __memcg_kmem_charge_memcg+0x7c/0x130 [ 3345.392320][T21860] ? memcg_kmem_put_cache+0xb0/0xb0 [ 3345.397530][T21860] ? get_mem_cgroup_from_mm+0x128/0x2b0 [ 3345.403076][T21860] __memcg_kmem_charge+0x136/0x300 [ 3345.408175][T21860] __alloc_pages_nodemask+0x4bf/0x8d0 [ 3345.413551][T21860] ? __alloc_pages_slowpath+0x28b0/0x28b0 [ 3345.419271][T21860] ? copy_page_range+0x125a/0x1f90 [ 3345.424367][T21860] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 3345.430588][T21860] alloc_pages_current+0x107/0x210 [ 3345.435702][T21860] pte_alloc_one+0x1b/0x1a0 [ 3345.440553][T21860] __pte_alloc+0x20/0x310 [ 3345.444868][T21860] copy_page_range+0x1529/0x1f90 [ 3345.449788][T21860] ? perf_trace_lock+0xeb/0x510 [ 3345.454640][T21860] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3345.460896][T21860] ? pmd_alloc+0x180/0x180 [ 3345.465299][T21860] ? __rb_insert_augmented+0x231/0xdf0 [ 3345.470737][T21860] ? validate_mm_rb+0xa3/0xc0 [ 3345.475418][T21860] ? __vma_link_rb+0x279/0x370 [ 3345.480182][T21860] copy_process.part.0+0x568b/0x7980 [ 3345.485470][T21860] ? __cleanup_sighand+0x60/0x60 [ 3345.490394][T21860] ? check_stack_object+0x114/0x160 [ 3345.495589][T21860] ? __sanitizer_cov_trace_switch+0x49/0x80 [ 3345.501484][T21860] _do_fork+0x257/0xfd0 [ 3345.505627][T21860] ? fork_idle+0x1d0/0x1d0 [ 3345.510025][T21860] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3345.516264][T21860] ? key_get_type_from_user.constprop.0+0xe4/0x110 [ 3345.522769][T21860] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3345.528997][T21860] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3345.531728][ C0] net_ratelimit: 16 callbacks suppressed [ 3345.531737][ C0] protocol 88fb is buggy, dev hsr_slave_0 [ 3345.534475][T21860] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3345.540176][ C0] protocol 88fb is buggy, dev hsr_slave_1 [ 3345.545811][T21860] ? do_syscall_64+0x26/0x610 [ 3345.545826][T21860] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3345.545838][T21860] ? do_syscall_64+0x26/0x610 [ 3345.545857][T21860] __x64_sys_clone+0xbf/0x150 [ 3345.545875][T21860] do_syscall_64+0x103/0x610 [ 3345.545895][T21860] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3345.551480][ C0] protocol 88fb is buggy, dev hsr_slave_0 [ 3345.557068][T21860] RIP: 0033:0x2000050a [ 3345.557083][T21860] Code: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 98 4a 2a e9 2c b8 b6 4c 0f 05 03 00 40 00 c4 a3 7b f0 c5 3c 41 e2 e9 c4 22 e9 aa bb 3c 00 00 [ 3345.557090][T21860] RSP: 002b:0000000000400003 EFLAGS: 00000212 ORIG_RAX: 0000000000000038 [ 3345.557103][T21860] RAX: ffffffffffffffda RBX: 0000000000000009 RCX: 000000002000050a [ 3345.557112][T21860] RDX: dfaf83e69c634c96 RSI: 0000000000400003 RDI: 00007f3680240608 [ 3345.557126][T21860] RBP: 0000000000000006 R08: 0000000000000005 R09: 0000000000000006 [ 3345.561898][ C0] protocol 88fb is buggy, dev hsr_slave_1 [ 3345.567851][T21860] R10: 0000000000000007 R11: 0000000000000212 R12: 000000000000000b [ 3345.662886][T21860] R13: 000000000000000c R14: 000000000000000d R15: 00000000ffffffff [ 3345.677781][T21860] memory: usage 307200kB, limit 307200kB, failcnt 15753 [ 3345.684978][T21860] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3345.692885][T21860] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3345.699913][T21860] Memory cgroup stats for /syz0: cache:228KB rss:53392KB rss_huge:24576KB shmem:200KB mapped_file:0KB dirty:0KB writeback:132KB swap:0KB inactive_anon:104KB active_anon:53384KB inactive_file:0KB active_file:0KB unevictable:0KB [ 3345.722313][T21860] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=12561,uid=0 [ 3345.739142][T21860] Memory cgroup out of memory: Killed process 12561 (syz-executor.0) total-vm:72448kB, anon-rss:2212kB, file-rss:34816kB, shmem-rss:0kB [ 3345.763419][T21871] syz-executor.0 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=0, oom_score_adj=1000 [ 3345.791660][T21871] CPU: 1 PID: 21871 Comm: syz-executor.0 Not tainted 5.1.0-rc7+ #97 [ 3345.799689][T21871] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3345.809761][T21871] Call Trace: [ 3345.813081][T21871] dump_stack+0x172/0x1f0 [ 3345.817429][T21871] dump_header+0x10f/0xb6c [ 3345.821862][T21871] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 3345.827689][T21871] ? ___ratelimit+0x60/0x595 [ 3345.832300][T21871] ? do_raw_spin_unlock+0x57/0x270 [ 3345.837439][T21871] oom_kill_process.cold+0x10/0x15 [ 3345.842568][T21871] out_of_memory+0x79a/0x1280 [ 3345.847261][T21871] ? oom_killer_disable+0x280/0x280 [ 3345.852462][T21871] ? find_held_lock+0x35/0x130 [ 3345.857245][T21871] mem_cgroup_out_of_memory+0x1ca/0x230 [ 3345.862799][T21871] ? memcg_event_wake+0x230/0x230 [ 3345.867846][T21871] ? do_raw_spin_unlock+0x57/0x270 [ 3345.872979][T21871] ? _raw_spin_unlock+0x2d/0x50 [ 3345.877846][T21871] try_charge+0xa87/0x15c0 [ 3345.882269][T21871] ? find_held_lock+0x35/0x130 [ 3345.887057][T21871] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 3345.892619][T21871] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 3345.898176][T21871] ? find_held_lock+0x35/0x130 [ 3345.902954][T21871] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 3345.908522][T21871] __memcg_kmem_charge_memcg+0x7c/0x130 [ 3345.914074][T21871] ? memcg_kmem_put_cache+0xb0/0xb0 [ 3345.919298][T21871] ? get_mem_cgroup_from_mm+0x128/0x2b0 [ 3345.924873][T21871] __memcg_kmem_charge+0x136/0x300 [ 3345.930004][T21871] __alloc_pages_nodemask+0x4bf/0x8d0 [ 3345.935393][T21871] ? __alloc_pages_slowpath+0x28b0/0x28b0 [ 3345.941134][T21871] ? is_dynamic_key+0x1c0/0x1c0 [ 3345.945997][T21871] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 3345.952255][T21871] alloc_pages_current+0x107/0x210 [ 3345.957384][T21871] pte_alloc_one+0x1b/0x1a0 [ 3345.961905][T21871] __handle_mm_fault+0x3491/0x3ec0 [ 3345.967038][T21871] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 3345.972591][T21871] ? find_held_lock+0x35/0x130 [ 3345.977364][T21871] ? handle_mm_fault+0x322/0xb30 [ 3345.982325][T21871] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3345.988576][T21871] ? kasan_check_read+0x11/0x20 [ 3345.993439][T21871] handle_mm_fault+0x43f/0xb30 [ 3345.998218][T21871] __do_page_fault+0x5ef/0xda0 [ 3346.003502][T21871] do_page_fault+0x71/0x581 [ 3346.007988][T21871] page_fault+0x1e/0x30 [ 3346.012143][T21871] RIP: 0010:strncpy_from_user+0x1e1/0x380 [ 3346.017869][T21871] Code: 48 83 eb 08 bf 07 00 00 00 49 83 c4 08 48 89 de e8 54 fb 2d fe 48 83 fb 07 0f 86 17 01 00 00 e8 a5 f9 2d fe 48 8b 45 d0 31 f6 <4e> 8b 3c 20 31 ff 89 75 cc e8 11 fb 2d fe 8b 75 cc 85 f6 0f 84 5a [ 3346.042837][T21871] RSP: 0018:ffff8880645a7cb0 EFLAGS: 00010246 [ 3346.048894][T21871] RAX: 0000000000400003 RBX: 0000000000000fe0 RCX: ffffffff83429272 [ 3346.056863][T21871] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000007 [ 3346.064841][T21871] RBP: ffff8880645a7ce8 R08: ffff88809398c580 R09: ffff8880aa594dc0 [ 3346.072814][T21871] R10: 000000000000001c R11: ffff888019c47a7f R12: 0000000000000000 [ 3346.080787][T21871] R13: ffff888019c46aa0 R14: 0000000000000fe0 R15: 00007ffffffff000 [ 3346.088771][T21871] ? strncpy_from_user+0x142/0x380 [ 3346.093901][T21871] getname_flags+0x11b/0x5b0 [ 3346.098508][T21871] do_renameat2+0x199/0xc40 [ 3346.103005][T21871] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3346.109228][T21871] ? debug_smp_processor_id+0x3c/0x280 [ 3346.114695][T21871] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 3346.120433][T21871] ? user_path_create+0x50/0x50 [ 3346.125274][T21871] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3346.131502][T21871] ? security_capable+0x9b/0xd0 [ 3346.137487][T21871] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3346.143818][T21871] ? ns_capable_common+0x93/0x100 [ 3346.149297][T21871] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3346.154761][T21871] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3346.160219][T21871] ? do_syscall_64+0x26/0x610 [ 3346.166044][T21871] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3346.172115][T21871] ? do_syscall_64+0x26/0x610 [ 3346.176814][T21871] __x64_sys_renameat+0x9a/0x100 [ 3346.181758][T21871] do_syscall_64+0x103/0x610 [ 3346.186333][T21871] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3346.192226][T21871] RIP: 0033:0x2000050a [ 3346.196303][T21871] Code: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 98 4a 2a e9 2c b8 b6 4c 0f 05 03 00 40 00 c4 a3 7b f0 c5 3c 41 e2 e9 c4 22 e9 aa bb 3c 00 00 [ 3346.215922][T21871] RSP: 002b:0000000000400003 EFLAGS: 00000212 ORIG_RAX: 0000000000000108 [ 3346.224347][T21871] RAX: ffffffffffffffda RBX: 0000000000000009 RCX: 000000002000050a [ 3346.232316][T21871] RDX: dfaf83e69c634c96 RSI: 0000000000400003 RDI: 00007f3680240608 [ 3346.240287][T21871] RBP: 0000000000000013 R08: 0000000000000005 R09: 0000000000000006 [ 3346.248250][T21871] R10: 0000000000000007 R11: 0000000000000212 R12: 000000000000000b [ 3346.256219][T21871] R13: 000000000000000c R14: 000000000000000d R15: 00000000ffffffff [ 3346.269126][ C1] protocol 88fb is buggy, dev hsr_slave_0 [ 3346.275073][ C1] protocol 88fb is buggy, dev hsr_slave_1 [ 3346.281012][ C1] protocol 88fb is buggy, dev hsr_slave_0 [ 3346.286921][ C1] protocol 88fb is buggy, dev hsr_slave_1 [ 3346.292949][ C1] protocol 88fb is buggy, dev hsr_slave_0 [ 3346.298815][ C1] protocol 88fb is buggy, dev hsr_slave_1 [ 3346.304874][T21871] memory: usage 307200kB, limit 307200kB, failcnt 15876 [ 3346.312312][T21871] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3346.319778][T21871] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3346.326695][T21871] Memory cgroup stats for /syz0: cache:228KB rss:51272KB rss_huge:22528KB shmem:200KB mapped_file:0KB dirty:0KB writeback:132KB swap:0KB inactive_anon:104KB active_anon:51236KB inactive_file:0KB active_file:0KB unevictable:0KB [ 3346.348692][T21871] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=9392,uid=0 [ 3346.364120][T21871] Memory cgroup out of memory: Killed process 9392 (syz-executor.0) total-vm:72580kB, anon-rss:2212kB, file-rss:34816kB, shmem-rss:0kB [ 3346.396219][T21867] syz-executor.0 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=0, oom_score_adj=1000 [ 3346.461694][T21867] CPU: 1 PID: 21867 Comm: syz-executor.0 Not tainted 5.1.0-rc7+ #97 [ 3346.469736][T21867] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3346.479808][T21867] Call Trace: [ 3346.483202][T21867] dump_stack+0x172/0x1f0 [ 3346.487547][T21867] dump_header+0x10f/0xb6c [ 3346.491981][T21867] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 3346.497801][T21867] ? ___ratelimit+0x60/0x595 [ 3346.502397][T21867] ? do_raw_spin_unlock+0x57/0x270 [ 3346.507518][T21867] oom_kill_process.cold+0x10/0x15 [ 3346.512669][T21867] out_of_memory+0x79a/0x1280 [ 3346.517364][T21867] ? oom_killer_disable+0x280/0x280 [ 3346.522564][T21867] ? find_held_lock+0x35/0x130 [ 3346.527354][T21867] mem_cgroup_out_of_memory+0x1ca/0x230 [ 3346.533016][T21867] ? memcg_event_wake+0x230/0x230 [ 3346.538062][T21867] ? do_raw_spin_unlock+0x57/0x270 [ 3346.543180][T21867] ? _raw_spin_unlock+0x2d/0x50 [ 3346.548565][T21867] try_charge+0xa87/0x15c0 [ 3346.552991][T21867] ? find_held_lock+0x35/0x130 [ 3346.557775][T21867] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 3346.563331][T21867] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 3346.568883][T21867] ? find_held_lock+0x35/0x130 [ 3346.573654][T21867] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 3346.579222][T21867] __memcg_kmem_charge_memcg+0x7c/0x130 [ 3346.584793][T21867] ? memcg_kmem_put_cache+0xb0/0xb0 [ 3346.590020][T21867] ? get_mem_cgroup_from_mm+0x128/0x2b0 [ 3346.595560][T21867] __memcg_kmem_charge+0x136/0x300 [ 3346.600667][T21867] __alloc_pages_nodemask+0x4bf/0x8d0 [ 3346.606042][T21867] ? __alloc_pages_slowpath+0x28b0/0x28b0 [ 3346.611765][T21867] ? save_stack+0x45/0xd0 [ 3346.616079][T21867] ? __kasan_kmalloc.constprop.0+0xcf/0xe0 [ 3346.621892][T21867] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3346.628136][T21867] ? debug_smp_processor_id+0x3c/0x280 [ 3346.633590][T21867] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 3346.639823][T21867] alloc_pages_current+0x107/0x210 [ 3346.644951][T21867] pte_alloc_one+0x1b/0x1a0 [ 3346.649456][T21867] __pte_alloc+0x20/0x310 [ 3346.653772][T21867] copy_page_range+0x1529/0x1f90 [ 3346.658702][T21867] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 3346.664421][T21867] ? pmd_alloc+0x180/0x180 [ 3346.668832][T21867] ? validate_mm_rb+0xa3/0xc0 [ 3346.673494][T21867] ? __vma_link_rb+0x279/0x370 [ 3346.678245][T21867] copy_process.part.0+0x568b/0x7980 [ 3346.683565][T21867] ? __cleanup_sighand+0x60/0x60 [ 3346.688516][T21867] ? check_stack_object+0x114/0x160 [ 3346.693713][T21867] ? __sanitizer_cov_trace_switch+0x49/0x80 [ 3346.699682][T21867] _do_fork+0x257/0xfd0 [ 3346.703844][T21867] ? fork_idle+0x1d0/0x1d0 [ 3346.708268][T21867] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3346.714530][T21867] ? key_get_type_from_user.constprop.0+0xe4/0x110 [ 3346.721024][T21867] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3346.727264][T21867] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3346.732992][T21867] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3346.738472][T21867] ? do_syscall_64+0x26/0x610 [ 3346.743154][T21867] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3346.749216][T21867] ? do_syscall_64+0x26/0x610 [ 3346.753880][T21867] __x64_sys_clone+0xbf/0x150 [ 3346.758545][T21867] do_syscall_64+0x103/0x610 [ 3346.763266][T21867] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3346.769181][T21867] RIP: 0033:0x2000050a [ 3346.773236][T21867] Code: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 98 4a 2a e9 2c b8 b6 4c 0f 05 03 00 40 00 c4 a3 7b f0 c5 3c 41 e2 e9 c4 22 e9 aa bb 3c 00 00 [ 3346.792850][T21867] RSP: 002b:0000000000400003 EFLAGS: 00000212 ORIG_RAX: 0000000000000038 [ 3346.801251][T21867] RAX: ffffffffffffffda RBX: 0000000000000009 RCX: 000000002000050a [ 3346.809214][T21867] RDX: dfaf83e69c634c96 RSI: 0000000000400003 RDI: 00007f3680240608 [ 3346.817265][T21867] RBP: 0000000000000006 R08: 0000000000000005 R09: 0000000000000006 [ 3346.825238][T21867] R10: 0000000000000007 R11: 0000000000000212 R12: 000000000000000b [ 3346.833208][T21867] R13: 000000000000000c R14: 000000000000000d R15: 00000000ffffffff [ 3346.846866][T21867] memory: usage 307200kB, limit 307200kB, failcnt 16051 [ 3346.853927][T21867] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3346.861396][T21867] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3346.868407][T21867] Memory cgroup stats for /syz0: cache:228KB rss:49128KB rss_huge:20480KB shmem:200KB mapped_file:0KB dirty:0KB writeback:132KB swap:0KB inactive_anon:104KB active_anon:49116KB inactive_file:0KB active_file:0KB unevictable:0KB [ 3346.890349][T21867] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=4610,uid=0 [ 3346.906093][T21867] Memory cgroup out of memory: Killed process 4610 (syz-executor.0) total-vm:72448kB, anon-rss:2212kB, file-rss:34816kB, shmem-rss:0kB [ 3346.929612][T21870] syz-executor.0 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=3, oom_score_adj=1000 [ 3346.944314][T21870] CPU: 1 PID: 21870 Comm: syz-executor.0 Not tainted 5.1.0-rc7+ #97 [ 3346.952326][T21870] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3346.962390][T21870] Call Trace: [ 3346.965698][T21870] dump_stack+0x172/0x1f0 [ 3346.970045][T21870] dump_header+0x10f/0xb6c [ 3346.974475][T21870] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 3346.980293][T21870] ? ___ratelimit+0x60/0x595 [ 3346.984893][T21870] ? do_raw_spin_unlock+0x57/0x270 [ 3346.990021][T21870] oom_kill_process.cold+0x10/0x15 [ 3346.995144][T21870] out_of_memory+0x79a/0x1280 [ 3346.999846][T21870] ? oom_killer_disable+0x280/0x280 [ 3347.005523][T21870] ? find_held_lock+0x35/0x130 [ 3347.010315][T21870] mem_cgroup_out_of_memory+0x1ca/0x230 [ 3347.015871][T21870] ? memcg_event_wake+0x230/0x230 [ 3347.020915][T21870] ? do_raw_spin_unlock+0x57/0x270 [ 3347.026047][T21870] ? _raw_spin_unlock+0x2d/0x50 [ 3347.030912][T21870] try_charge+0xa87/0x15c0 [ 3347.035346][T21870] ? find_held_lock+0x35/0x130 [ 3347.040129][T21870] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 3347.045679][T21870] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 3347.051225][T21870] ? find_held_lock+0x35/0x130 [ 3347.056006][T21870] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 3347.061576][T21870] __memcg_kmem_charge_memcg+0x7c/0x130 [ 3347.067140][T21870] ? memcg_kmem_put_cache+0xb0/0xb0 [ 3347.072357][T21870] ? get_mem_cgroup_from_mm+0x128/0x2b0 [ 3347.077928][T21870] __memcg_kmem_charge+0x136/0x300 [ 3347.083069][T21870] __alloc_pages_nodemask+0x4bf/0x8d0 [ 3347.088452][T21870] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3347.094714][T21870] ? __alloc_pages_slowpath+0x28b0/0x28b0 [ 3347.100467][T21870] ? copy_process.part.0+0x1d08/0x7980 [ 3347.105933][T21870] ? lockdep_hardirqs_on+0x418/0x5d0 [ 3347.111232][T21870] ? trace_hardirqs_on+0x67/0x230 [ 3347.116278][T21870] copy_process.part.0+0x3e0/0x7980 [ 3347.121482][T21870] ? perf_trace_lock+0xeb/0x510 [ 3347.126337][T21870] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3347.132587][T21870] ? debug_smp_processor_id+0x3c/0x280 [ 3347.138608][T21870] ? __lockdep_free_key_range+0x120/0x120 [ 3347.144346][T21870] ? __might_fault+0x12b/0x1e0 [ 3347.149117][T21870] ? find_held_lock+0x35/0x130 [ 3347.153891][T21870] ? __might_fault+0x12b/0x1e0 [ 3347.158676][T21870] ? __cleanup_sighand+0x60/0x60 [ 3347.163635][T21870] ? check_stack_object+0x114/0x160 [ 3347.168839][T21870] ? __sanitizer_cov_trace_switch+0x49/0x80 [ 3347.174737][T21870] _do_fork+0x257/0xfd0 [ 3347.178887][T21870] ? fork_idle+0x1d0/0x1d0 [ 3347.183289][T21870] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3347.189523][T21870] ? key_get_type_from_user.constprop.0+0xe4/0x110 [ 3347.196191][T21870] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3347.202423][T21870] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3347.207872][T21870] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3347.213498][T21870] ? do_syscall_64+0x26/0x610 [ 3347.218161][T21870] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3347.224211][T21870] ? do_syscall_64+0x26/0x610 [ 3347.228875][T21870] __x64_sys_clone+0xbf/0x150 [ 3347.233544][T21870] do_syscall_64+0x103/0x610 [ 3347.238121][T21870] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3347.243994][T21870] RIP: 0033:0x2000050a [ 3347.248065][T21870] Code: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 98 4a 2a e9 2c b8 b6 4c 0f 05 03 00 40 00 c4 a3 7b f0 c5 3c 41 e2 e9 c4 22 e9 aa bb 3c 00 00 [ 3347.267663][T21870] RSP: 002b:0000000000400003 EFLAGS: 00000212 ORIG_RAX: 0000000000000038 [ 3347.276066][T21870] RAX: ffffffffffffffda RBX: 0000000000000009 RCX: 000000002000050a [ 3347.284030][T21870] RDX: dfaf83e69c634c96 RSI: 0000000000400003 RDI: 00007f3680240608 [ 3347.291991][T21870] RBP: 0000000000000006 R08: 0000000000000005 R09: 0000000000000006 [ 3347.299971][T21870] R10: 0000000000000007 R11: 0000000000000212 R12: 000000000000000b [ 3347.307932][T21870] R13: 000000000000000c R14: 000000000000000d R15: 00000000ffffffff [ 3347.321128][T21870] memory: usage 307200kB, limit 307200kB, failcnt 16159 [ 3347.328209][T21870] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3347.335857][T21870] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3347.342886][T21870] Memory cgroup stats for /syz0: cache:228KB rss:46960KB rss_huge:18432KB shmem:200KB mapped_file:0KB dirty:0KB writeback:132KB swap:0KB inactive_anon:104KB active_anon:46996KB inactive_file:0KB active_file:0KB unevictable:0KB [ 3347.365172][T21870] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=9196,uid=0 [ 3347.380861][T21870] Memory cgroup out of memory: Killed process 9196 (syz-executor.0) total-vm:72448kB, anon-rss:2204kB, file-rss:34816kB, shmem-rss:0kB [ 3347.404503][T21875] syz-executor.0 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=3, oom_score_adj=1000 [ 3347.442987][T21875] CPU: 0 PID: 21875 Comm: syz-executor.0 Not tainted 5.1.0-rc7+ #97 [ 3347.451019][T21875] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3347.461093][T21875] Call Trace: [ 3347.464399][T21875] dump_stack+0x172/0x1f0 [ 3347.468746][T21875] dump_header+0x10f/0xb6c [ 3347.473175][T21875] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 3347.478996][T21875] ? ___ratelimit+0x60/0x595 [ 3347.483598][T21875] ? do_raw_spin_unlock+0x57/0x270 [ 3347.488726][T21875] oom_kill_process.cold+0x10/0x15 [ 3347.493850][T21875] out_of_memory+0x79a/0x1280 [ 3347.498545][T21875] ? oom_killer_disable+0x280/0x280 [ 3347.503745][T21875] ? find_held_lock+0x35/0x130 [ 3347.508534][T21875] mem_cgroup_out_of_memory+0x1ca/0x230 [ 3347.514092][T21875] ? memcg_event_wake+0x230/0x230 [ 3347.519138][T21875] ? do_raw_spin_unlock+0x57/0x270 [ 3347.524266][T21875] ? _raw_spin_unlock+0x2d/0x50 [ 3347.529131][T21875] try_charge+0xa87/0x15c0 [ 3347.533551][T21875] ? find_held_lock+0x35/0x130 [ 3347.538334][T21875] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 3347.543889][T21875] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 3347.549440][T21875] ? find_held_lock+0x35/0x130 [ 3347.554212][T21875] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 3347.559780][T21875] __memcg_kmem_charge_memcg+0x7c/0x130 [ 3347.565333][T21875] ? memcg_kmem_put_cache+0xb0/0xb0 [ 3347.570551][T21875] ? get_mem_cgroup_from_mm+0x128/0x2b0 [ 3347.576110][T21875] __memcg_kmem_charge+0x136/0x300 [ 3347.581235][T21875] __alloc_pages_nodemask+0x4bf/0x8d0 [ 3347.586616][T21875] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3347.592868][T21875] ? __alloc_pages_slowpath+0x28b0/0x28b0 [ 3347.598596][T21875] ? copy_process.part.0+0x1d08/0x7980 [ 3347.604065][T21875] ? lockdep_hardirqs_on+0x418/0x5d0 [ 3347.609355][T21875] ? trace_hardirqs_on+0x67/0x230 [ 3347.614394][T21875] copy_process.part.0+0x3e0/0x7980 [ 3347.619596][T21875] ? perf_trace_lock+0xeb/0x510 [ 3347.624451][T21875] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3347.630701][T21875] ? debug_smp_processor_id+0x3c/0x280 [ 3347.636168][T21875] ? __lockdep_free_key_range+0x120/0x120 [ 3347.641887][T21875] ? __might_fault+0x12b/0x1e0 [ 3347.646634][T21875] ? find_held_lock+0x35/0x130 [ 3347.651392][T21875] ? __might_fault+0x12b/0x1e0 [ 3347.656157][T21875] ? __cleanup_sighand+0x60/0x60 [ 3347.661082][T21875] ? check_stack_object+0x114/0x160 [ 3347.666296][T21875] ? __sanitizer_cov_trace_switch+0x49/0x80 [ 3347.672178][T21875] _do_fork+0x257/0xfd0 [ 3347.676322][T21875] ? fork_idle+0x1d0/0x1d0 [ 3347.680753][T21875] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3347.686983][T21875] ? key_get_type_from_user.constprop.0+0xe4/0x110 [ 3347.693470][T21875] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3347.699695][T21875] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3347.705133][T21875] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3347.710574][T21875] ? do_syscall_64+0x26/0x610 [ 3347.715233][T21875] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3347.721284][T21875] ? do_syscall_64+0x26/0x610 [ 3347.725958][T21875] __x64_sys_clone+0xbf/0x150 [ 3347.730628][T21875] do_syscall_64+0x103/0x610 [ 3347.735207][T21875] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3347.741084][T21875] RIP: 0033:0x2000050a [ 3347.745136][T21875] Code: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 98 4a 2a e9 2c b8 b6 4c 0f 05 03 00 40 00 c4 a3 7b f0 c5 3c 41 e2 e9 c4 22 e9 aa bb 3c 00 00 [ 3347.764742][T21875] RSP: 002b:0000000000400003 EFLAGS: 00000212 ORIG_RAX: 0000000000000038 [ 3347.773145][T21875] RAX: ffffffffffffffda RBX: 0000000000000009 RCX: 000000002000050a [ 3347.781109][T21875] RDX: dfaf83e69c634c96 RSI: 0000000000400003 RDI: 00007f3680240608 [ 3347.789068][T21875] RBP: 0000000000000006 R08: 0000000000000005 R09: 0000000000000006 [ 3347.797114][T21875] R10: 0000000000000007 R11: 0000000000000212 R12: 000000000000000b [ 3347.805070][T21875] R13: 000000000000000c R14: 000000000000000d R15: 00000000ffffffff [ 3347.814073][T21875] memory: usage 307128kB, limit 307200kB, failcnt 16282 [ 3347.821052][T21875] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3347.828621][T21875] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3347.835639][T21875] Memory cgroup stats for /syz0: cache:228KB rss:44892KB rss_huge:16384KB shmem:200KB mapped_file:0KB dirty:0KB writeback:132KB swap:0KB inactive_anon:104KB active_anon:44856KB inactive_file:0KB active_file:0KB unevictable:0KB [ 3347.857823][T21875] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=9238,uid=0 [ 3347.873334][T21875] Memory cgroup out of memory: Killed process 9238 (syz-executor.0) total-vm:72448kB, anon-rss:2204kB, file-rss:34816kB, shmem-rss:0kB [ 3347.896878][T21874] syz-executor.0 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 3347.927723][T21874] CPU: 0 PID: 21874 Comm: syz-executor.0 Not tainted 5.1.0-rc7+ #97 [ 3347.935762][T21874] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3347.945839][T21874] Call Trace: [ 3347.949184][T21874] dump_stack+0x172/0x1f0 [ 3347.953538][T21874] dump_header+0x10f/0xb6c [ 3347.957978][T21874] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 3347.963802][T21874] ? ___ratelimit+0x60/0x595 [ 3347.968409][T21874] ? do_raw_spin_unlock+0x57/0x270 [ 3347.973542][T21874] oom_kill_process.cold+0x10/0x15 [ 3347.978671][T21874] out_of_memory+0x79a/0x1280 [ 3347.983387][T21874] ? oom_killer_disable+0x280/0x280 [ 3347.988604][T21874] ? find_held_lock+0x35/0x130 [ 3347.993397][T21874] mem_cgroup_out_of_memory+0x1ca/0x230 [ 3347.998976][T21874] ? memcg_event_wake+0x230/0x230 [ 3348.004192][T21874] ? do_raw_spin_unlock+0x57/0x270 [ 3348.009351][T21874] ? _raw_spin_unlock+0x2d/0x50 [ 3348.014220][T21874] try_charge+0xa87/0x15c0 [ 3348.018646][T21874] ? find_held_lock+0x35/0x130 [ 3348.023429][T21874] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 3348.028981][T21874] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3348.035232][T21874] ? kasan_check_read+0x11/0x20 [ 3348.040104][T21874] ? get_mem_cgroup_from_mm+0x128/0x2b0 [ 3348.045663][T21874] mem_cgroup_try_charge+0x24d/0x5e0 [ 3348.050969][T21874] mem_cgroup_try_charge_delay+0x1f/0xa0 [ 3348.057425][T21874] wp_page_copy+0x408/0x1740 [ 3348.063158][T21874] ? find_held_lock+0x35/0x130 [ 3348.067951][T21874] ? pmd_pfn+0x1d0/0x1d0 [ 3348.072201][T21874] ? lock_downgrade+0x880/0x880 [ 3348.077092][T21874] ? swp_swapcount+0x540/0x540 [ 3348.081872][T21874] ? kasan_check_read+0x11/0x20 [ 3348.086734][T21874] ? do_raw_spin_unlock+0x57/0x270 [ 3348.091853][T21874] do_wp_page+0x48e/0x1500 [ 3348.096285][T21874] ? finish_mkwrite_fault+0x4f0/0x4f0 [ 3348.101772][T21874] __handle_mm_fault+0x22e8/0x3ec0 [ 3348.106902][T21874] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 3348.112461][T21874] ? find_held_lock+0x35/0x130 [ 3348.117234][T21874] ? handle_mm_fault+0x322/0xb30 [ 3348.122200][T21874] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3348.128467][T21874] ? kasan_check_read+0x11/0x20 [ 3348.133806][T21874] handle_mm_fault+0x43f/0xb30 [ 3348.138590][T21874] __do_page_fault+0x5ef/0xda0 [ 3348.143374][T21874] do_page_fault+0x71/0x581 [ 3348.147891][T21874] page_fault+0x1e/0x30 [ 3348.152078][T21874] RIP: 0010:__put_user_4+0x1c/0x30 [ 3348.157193][T21874] Code: 1f 00 c3 90 66 2e 0f 1f 84 00 00 00 00 00 65 48 8b 1c 25 00 ee 01 00 48 8b 9b 18 14 00 00 48 83 eb 03 48 39 d9 73 3c 0f 1f 00 <89> 01 31 c0 0f 1f 00 c3 66 90 66 2e 0f 1f 84 00 00 00 00 00 65 48 [ 3348.176890][T21874] RSP: 0018:ffff88804bd27ed0 EFLAGS: 00010293 [ 3348.182975][T21874] RAX: 0000000000000000 RBX: 00007fffffffeffd RCX: 00007f3680240608 [ 3348.190975][T21874] RDX: 0000000000000000 RSI: ffffffff819ace93 RDI: 0000000000000286 [ 3348.198963][T21874] RBP: ffff88804bd27f10 R08: ffff88804bd1c640 R09: 0000000000000001 [ 3348.206948][T21874] R10: ffff88804bd1cec0 R11: ffff88804bd1c640 R12: 0000000000000000 [ 3348.214949][T21874] R13: 00007f3680240608 R14: 0000000000400003 R15: 0000000000000000 [ 3348.222957][T21874] ? __might_fault+0x1a3/0x1e0 [ 3348.227744][T21874] ? __x64_sys_getresgid+0x1aa/0x290 [ 3348.233034][T21874] ? trace_hardirqs_on+0x67/0x230 [ 3348.238073][T21874] do_syscall_64+0x103/0x610 [ 3348.242674][T21874] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3348.248564][T21874] RIP: 0033:0x2000050a [ 3348.252634][T21874] Code: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 98 4a 2a e9 2c b8 b6 4c 0f 05 03 00 40 00 c4 a3 7b f0 c5 3c 41 e2 e9 c4 22 e9 aa bb 3c 00 00 [ 3348.272254][T21874] RSP: 002b:0000000000400003 EFLAGS: 00000217 ORIG_RAX: 0000000000000078 [ 3348.280680][T21874] RAX: ffffffffffffffda RBX: 0000000000000009 RCX: 000000002000050a [ 3348.288659][T21874] RDX: dfaf83e69c634c96 RSI: 0000000000400003 RDI: 00007f3680240608 [ 3348.296727][T21874] RBP: 00000000000000fa R08: 0000000000000005 R09: 0000000000000006 [ 3348.304704][T21874] R10: 0000000000000007 R11: 0000000000000217 R12: 000000000000000b [ 3348.312685][T21874] R13: 000000000000000c R14: 000000000000000d R15: 00000000ffffffff [ 3348.331454][T21874] memory: usage 307200kB, limit 307200kB, failcnt 16410 [ 3348.338681][T21874] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3348.346269][T21874] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3348.353351][T21874] Memory cgroup stats for /syz0: cache:228KB rss:42756KB rss_huge:14336KB shmem:200KB mapped_file:0KB dirty:0KB writeback:132KB swap:0KB inactive_anon:104KB active_anon:42720KB inactive_file:0KB active_file:0KB unevictable:0KB [ 3348.375568][T21874] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=23656,uid=0 [ 3348.391164][T21874] Memory cgroup out of memory: Killed process 23656 (syz-executor.0) total-vm:72448kB, anon-rss:2204kB, file-rss:34816kB, shmem-rss:0kB [ 3348.394478][ T1043] oom_reaper: reaped process 23656 (syz-executor.0), now anon-rss:0kB, file-rss:34688kB, shmem-rss:0kB [ 3348.424635][T21882] syz-executor.0 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=3, oom_score_adj=1000 [ 3348.436921][T21882] CPU: 0 PID: 21882 Comm: syz-executor.0 Not tainted 5.1.0-rc7+ #97 [ 3348.444924][T21882] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3348.455003][T21882] Call Trace: [ 3348.458317][T21882] dump_stack+0x172/0x1f0 [ 3348.462663][T21882] dump_header+0x10f/0xb6c [ 3348.467094][T21882] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 3348.472913][T21882] ? ___ratelimit+0x60/0x595 [ 3348.477520][T21882] ? do_raw_spin_unlock+0x57/0x270 [ 3348.482648][T21882] oom_kill_process.cold+0x10/0x15 [ 3348.487774][T21882] out_of_memory+0x79a/0x1280 [ 3348.492470][T21882] ? oom_killer_disable+0x280/0x280 [ 3348.497679][T21882] ? find_held_lock+0x35/0x130 [ 3348.502473][T21882] mem_cgroup_out_of_memory+0x1ca/0x230 [ 3348.508033][T21882] ? memcg_event_wake+0x230/0x230 [ 3348.513084][T21882] ? do_raw_spin_unlock+0x57/0x270 [ 3348.518211][T21882] ? _raw_spin_unlock+0x2d/0x50 [ 3348.523080][T21882] try_charge+0xa87/0x15c0 [ 3348.527503][T21882] ? find_held_lock+0x35/0x130 [ 3348.532300][T21882] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 3348.537861][T21882] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 3348.543420][T21882] ? find_held_lock+0x35/0x130 [ 3348.548195][T21882] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 3348.553761][T21882] __memcg_kmem_charge_memcg+0x7c/0x130 [ 3348.559323][T21882] ? memcg_kmem_put_cache+0xb0/0xb0 [ 3348.564533][T21882] ? get_mem_cgroup_from_mm+0x128/0x2b0 [ 3348.570092][T21882] __memcg_kmem_charge+0x136/0x300 [ 3348.575226][T21882] __alloc_pages_nodemask+0x4bf/0x8d0 [ 3348.580617][T21882] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3348.586873][T21882] ? __alloc_pages_slowpath+0x28b0/0x28b0 [ 3348.592606][T21882] ? copy_process.part.0+0x1d08/0x7980 [ 3348.598080][T21882] ? lockdep_hardirqs_on+0x418/0x5d0 [ 3348.603376][T21882] ? trace_hardirqs_on+0x67/0x230 [ 3348.608421][T21882] copy_process.part.0+0x3e0/0x7980 [ 3348.613977][T21882] ? perf_trace_lock+0xeb/0x510 [ 3348.618833][T21882] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3348.625083][T21882] ? debug_smp_processor_id+0x3c/0x280 [ 3348.630555][T21882] ? __lockdep_free_key_range+0x120/0x120 [ 3348.636289][T21882] ? __might_fault+0x12b/0x1e0 [ 3348.641064][T21882] ? find_held_lock+0x35/0x130 [ 3348.645836][T21882] ? __might_fault+0x12b/0x1e0 [ 3348.650611][T21882] ? __cleanup_sighand+0x60/0x60 [ 3348.655562][T21882] ? check_stack_object+0x114/0x160 [ 3348.660762][T21882] ? __sanitizer_cov_trace_switch+0x49/0x80 [ 3348.666666][T21882] _do_fork+0x257/0xfd0 [ 3348.670837][T21882] ? fork_idle+0x1d0/0x1d0 [ 3348.675263][T21882] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3348.681505][T21882] ? key_get_type_from_user.constprop.0+0xe4/0x110 [ 3348.688107][T21882] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3348.694360][T21882] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3348.699825][T21882] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3348.705292][T21882] ? do_syscall_64+0x26/0x610 [ 3348.709981][T21882] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3348.716051][T21882] ? do_syscall_64+0x26/0x610 [ 3348.720750][T21882] __x64_sys_clone+0xbf/0x150 [ 3348.725445][T21882] do_syscall_64+0x103/0x610 [ 3348.730045][T21882] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3348.735949][T21882] RIP: 0033:0x2000050a [ 3348.740029][T21882] Code: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 98 4a 2a e9 2c b8 b6 4c 0f 05 03 00 40 00 c4 a3 7b f0 c5 3c 41 e2 e9 c4 22 e9 aa bb 3c 00 00 [ 3348.759641][T21882] RSP: 002b:0000000000400003 EFLAGS: 00000212 ORIG_RAX: 0000000000000038 [ 3348.768069][T21882] RAX: ffffffffffffffda RBX: 0000000000000009 RCX: 000000002000050a [ 3348.776046][T21882] RDX: dfaf83e69c634c96 RSI: 0000000000400003 RDI: 00007f3680240608 [ 3348.784020][T21882] RBP: 0000000000000006 R08: 0000000000000005 R09: 0000000000000006 [ 3348.791993][T21882] R10: 0000000000000007 R11: 0000000000000212 R12: 000000000000000b [ 3348.799976][T21882] R13: 000000000000000c R14: 000000000000000d R15: 00000000ffffffff [ 3348.824985][T21882] memory: usage 307200kB, limit 307200kB, failcnt 16541 [ 3348.832298][T21882] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3348.839870][T21882] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3348.846919][T21882] Memory cgroup stats for /syz0: cache:228KB rss:40600KB rss_huge:12288KB shmem:200KB mapped_file:0KB dirty:0KB writeback:132KB swap:0KB inactive_anon:104KB active_anon:40592KB inactive_file:0KB active_file:0KB unevictable:0KB [ 3348.869143][T21882] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=1947,uid=0 [ 3348.884912][T21882] Memory cgroup out of memory: Killed process 1947 (syz-executor.0) total-vm:72448kB, anon-rss:2204kB, file-rss:34816kB, shmem-rss:0kB [ 3348.909574][T21878] syz-executor.0 invoked oom-killer: gfp_mask=0x40cc0(GFP_KERNEL|__GFP_COMP), order=1, oom_score_adj=1000 [ 3348.943863][T21878] CPU: 0 PID: 21878 Comm: syz-executor.0 Not tainted 5.1.0-rc7+ #97 [ 3348.951907][T21878] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3348.961988][T21878] Call Trace: [ 3348.965301][T21878] dump_stack+0x172/0x1f0 [ 3348.969650][T21878] dump_header+0x10f/0xb6c [ 3348.974079][T21878] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 3348.979904][T21878] ? ___ratelimit+0x60/0x595 [ 3348.984518][T21878] ? do_raw_spin_unlock+0x57/0x270 [ 3348.989651][T21878] oom_kill_process.cold+0x10/0x15 [ 3348.994777][T21878] out_of_memory+0x79a/0x1280 [ 3348.999466][T21878] ? oom_killer_disable+0x280/0x280 [ 3349.006195][T21878] ? find_held_lock+0x35/0x130 [ 3349.010989][T21878] mem_cgroup_out_of_memory+0x1ca/0x230 [ 3349.016537][T21878] ? memcg_event_wake+0x230/0x230 [ 3349.021574][T21878] ? do_raw_spin_unlock+0x57/0x270 [ 3349.026701][T21878] ? _raw_spin_unlock+0x2d/0x50 [ 3349.031562][T21878] try_charge+0xa87/0x15c0 [ 3349.035994][T21878] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 3349.041647][T21878] ? rcu_read_lock_sched_held+0x110/0x130 [ 3349.047375][T21878] ? __alloc_pages_nodemask+0x61d/0x8d0 [ 3349.052926][T21878] ? __lockdep_free_key_range+0x120/0x120 [ 3349.058673][T21878] __memcg_kmem_charge_memcg+0x7c/0x130 [ 3349.064236][T21878] ? memcg_kmem_put_cache+0xb0/0xb0 [ 3349.069449][T21878] ? cache_grow_begin+0x594/0x860 [ 3349.074481][T21878] ? lockdep_hardirqs_on+0x418/0x5d0 [ 3349.079772][T21878] ? trace_hardirqs_on+0x67/0x230 [ 3349.084894][T21878] cache_grow_begin+0x5c0/0x860 [ 3349.089759][T21878] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 3349.096019][T21878] ? __cpuset_node_allowed+0x136/0x540 [ 3349.101493][T21878] fallback_alloc+0x1fd/0x2d0 [ 3349.106195][T21878] ____cache_alloc_node+0x1be/0x1e0 [ 3349.111400][T21878] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 3349.117658][T21878] kmem_cache_alloc_node+0xe3/0x710 [ 3349.122862][T21878] ? lockdep_hardirqs_on+0x418/0x5d0 [ 3349.128156][T21878] ? trace_hardirqs_on+0x67/0x230 [ 3349.133208][T21878] copy_process.part.0+0x1d08/0x7980 [ 3349.138536][T21878] ? perf_trace_lock+0xeb/0x510 [ 3349.143391][T21878] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3349.149647][T21878] ? debug_smp_processor_id+0x3c/0x280 [ 3349.155123][T21878] ? __lockdep_free_key_range+0x120/0x120 [ 3349.160858][T21878] ? __might_fault+0x12b/0x1e0 [ 3349.165632][T21878] ? find_held_lock+0x35/0x130 [ 3349.170403][T21878] ? __might_fault+0x12b/0x1e0 [ 3349.175182][T21878] ? __cleanup_sighand+0x60/0x60 [ 3349.180140][T21878] ? check_stack_object+0x114/0x160 [ 3349.185343][T21878] ? __sanitizer_cov_trace_switch+0x49/0x80 [ 3349.191235][T21878] _do_fork+0x257/0xfd0 [ 3349.195392][T21878] ? fork_idle+0x1d0/0x1d0 [ 3349.195411][T21878] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3349.195430][T21878] ? key_get_type_from_user.constprop.0+0xe4/0x110 [ 3349.195450][T21878] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3349.195471][T21878] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3349.206117][T21878] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3349.206134][T21878] ? do_syscall_64+0x26/0x610 [ 3349.206148][T21878] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3349.206160][T21878] ? do_syscall_64+0x26/0x610 [ 3349.206180][T21878] __x64_sys_clone+0xbf/0x150 [ 3349.206199][T21878] do_syscall_64+0x103/0x610 [ 3349.206220][T21878] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3349.206233][T21878] RIP: 0033:0x2000050a [ 3349.206257][T21878] Code: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 98 4a 2a e9 2c b8 b6 4c 0f 05 03 00 40 00 c4 a3 7b f0 c5 3c 41 e2 e9 c4 22 e9 aa bb 3c 00 00 [ 3349.206272][T21878] RSP: 002b:0000000000400003 EFLAGS: 00000212 ORIG_RAX: 0000000000000038 [ 3349.218999][T21878] RAX: ffffffffffffffda RBX: 0000000000000009 RCX: 000000002000050a [ 3349.219010][T21878] RDX: dfaf83e69c634c96 RSI: 0000000000400003 RDI: 00007f3680240608 [ 3349.219019][T21878] RBP: 0000000000000006 R08: 0000000000000005 R09: 0000000000000006 [ 3349.219029][T21878] R10: 0000000000000007 R11: 0000000000000212 R12: 000000000000000b [ 3349.219038][T21878] R13: 000000000000000c R14: 000000000000000d R15: 00000000ffffffff [ 3349.219332][T21878] memory: usage 307164kB, limit 307200kB, failcnt 16669 [ 3349.234817][T21878] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3349.245554][T21878] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3349.245563][T21878] Memory cgroup stats for /syz0: cache:228KB rss:38456KB rss_huge:10240KB shmem:200KB mapped_file:0KB dirty:0KB writeback:132KB swap:0KB inactive_anon:104KB active_anon:38488KB inactive_file:0KB active_file:0KB unevictable:0KB [ 3349.245644][T21878] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=2040,uid=0 [ 3349.245754][T21878] Memory cgroup out of memory: Killed process 2040 (syz-executor.0) total-vm:72448kB, anon-rss:2204kB, file-rss:34816kB, shmem-rss:0kB [ 3349.413542][ T1043] oom_reaper: reaped process 2040 (syz-executor.0), now anon-rss:0kB, file-rss:34816kB, shmem-rss:0kB [ 3349.610183][T22008] syz-executor.0 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 3349.833899][T22008] CPU: 1 PID: 22008 Comm: syz-executor.0 Not tainted 5.1.0-rc7+ #97 [ 3349.841946][T22008] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3349.852013][T22008] Call Trace: [ 3349.855307][T22008] dump_stack+0x172/0x1f0 [ 3349.859627][T22008] dump_header+0x10f/0xb6c [ 3349.864047][T22008] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 3349.869944][T22008] ? ___ratelimit+0x60/0x595 [ 3349.874529][T22008] ? do_raw_spin_unlock+0x57/0x270 [ 3349.879718][T22008] oom_kill_process.cold+0x10/0x15 [ 3349.884844][T22008] out_of_memory+0x79a/0x1280 [ 3349.889527][T22008] ? oom_killer_disable+0x280/0x280 [ 3349.894713][T22008] ? find_held_lock+0x35/0x130 [ 3349.899522][T22008] mem_cgroup_out_of_memory+0x1ca/0x230 [ 3349.905067][T22008] ? memcg_event_wake+0x230/0x230 [ 3349.910094][T22008] ? do_raw_spin_unlock+0x57/0x270 [ 3349.915458][T22008] ? _raw_spin_unlock+0x2d/0x50 [ 3349.920307][T22008] try_charge+0xa87/0x15c0 [ 3349.924726][T22008] ? find_held_lock+0x35/0x130 [ 3349.929510][T22008] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 3349.935050][T22008] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3349.941309][T22008] ? kasan_check_read+0x11/0x20 [ 3349.946180][T22008] ? get_mem_cgroup_from_mm+0x128/0x2b0 [ 3349.951738][T22008] mem_cgroup_try_charge+0x24d/0x5e0 [ 3349.957035][T22008] mem_cgroup_try_charge_delay+0x1f/0xa0 [ 3349.962672][T22008] wp_page_copy+0x408/0x1740 [ 3349.967270][T22008] ? find_held_lock+0x35/0x130 [ 3349.972279][T22008] ? pmd_pfn+0x1d0/0x1d0 [ 3349.976512][T22008] ? lock_downgrade+0x880/0x880 [ 3349.981352][T22008] ? swp_swapcount+0x540/0x540 [ 3349.986124][T22008] ? kasan_check_read+0x11/0x20 [ 3349.990978][T22008] ? do_raw_spin_unlock+0x57/0x270 [ 3349.996085][T22008] do_wp_page+0x48e/0x1500 [ 3350.000581][T22008] ? finish_mkwrite_fault+0x4f0/0x4f0 [ 3350.005983][T22008] __handle_mm_fault+0x22e8/0x3ec0 [ 3350.011107][T22008] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 3350.016641][T22008] ? find_held_lock+0x35/0x130 [ 3350.021407][T22008] ? handle_mm_fault+0x322/0xb30 [ 3350.026358][T22008] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3350.032606][T22008] ? kasan_check_read+0x11/0x20 [ 3350.037451][T22008] handle_mm_fault+0x43f/0xb30 [ 3350.042228][T22008] __do_page_fault+0x5ef/0xda0 [ 3350.047010][T22008] do_page_fault+0x71/0x581 [ 3350.051512][T22008] page_fault+0x1e/0x30 [ 3350.055748][T22008] RIP: 0010:__put_user_4+0x1c/0x30 [ 3350.062430][T22008] Code: 1f 00 c3 90 66 2e 0f 1f 84 00 00 00 00 00 65 48 8b 1c 25 00 ee 01 00 48 8b 9b 18 14 00 00 48 83 eb 03 48 39 d9 73 3c 0f 1f 00 <89> 01 31 c0 0f 1f 00 c3 66 90 66 2e 0f 1f 84 00 00 00 00 00 65 48 [ 3350.082228][T22008] RSP: 0018:ffff88804bb27ed0 EFLAGS: 00010293 [ 3350.088310][T22008] RAX: 0000000000000000 RBX: 00007fffffffeffd RCX: 00007f3680240608 [ 3350.096286][T22008] RDX: 0000000000000000 RSI: ffffffff819ace93 RDI: 0000000000000286 [ 3350.104261][T22008] RBP: ffff88804bb27f10 R08: ffff888046118080 R09: 0000000000000001 [ 3350.112236][T22008] R10: ffff888046118900 R11: ffff888046118080 R12: 0000000000000000 [ 3350.120196][T22008] R13: 00007f3680240608 R14: 0000000000400003 R15: 0000000000000000 [ 3350.128194][T22008] ? __might_fault+0x1a3/0x1e0 [ 3350.132971][T22008] ? __x64_sys_getresgid+0x1aa/0x290 [ 3350.138250][T22008] ? trace_hardirqs_on+0x67/0x230 [ 3350.143282][T22008] do_syscall_64+0x103/0x610 [ 3350.147893][T22008] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3350.153781][T22008] RIP: 0033:0x2000050a [ 3350.157955][T22008] Code: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 98 4a 2a e9 2c b8 b6 4c 0f 05 03 00 40 00 c4 a3 7b f0 c5 3c 41 e2 e9 c4 22 e9 aa bb 3c 00 00 [ 3350.177553][T22008] RSP: 002b:0000000000400003 EFLAGS: 00000217 ORIG_RAX: 0000000000000078 [ 3350.185980][T22008] RAX: ffffffffffffffda RBX: 0000000000000009 RCX: 000000002000050a [ 3350.193963][T22008] RDX: dfaf83e69c634c96 RSI: 0000000000400003 RDI: 00007f3680240608 [ 3350.201957][T22008] RBP: 00000000000000fa R08: 0000000000000005 R09: 0000000000000006 [ 3350.209933][T22008] R10: 0000000000000007 R11: 0000000000000217 R12: 000000000000000b [ 3350.217988][T22008] R13: 000000000000000c R14: 000000000000000d R15: 00000000ffffffff [ 3350.233037][T22008] memory: usage 307048kB, limit 307200kB, failcnt 18417 [ 3350.240085][T22008] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3350.247956][T22008] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3350.254980][T22008] Memory cgroup stats for /syz0: cache:228KB rss:36380KB rss_huge:8192KB shmem:200KB mapped_file:0KB dirty:0KB writeback:132KB swap:0KB inactive_anon:104KB active_anon:36344KB inactive_file:0KB active_file:0KB unevictable:0KB [ 3350.276996][T22008] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=12754,uid=0 [ 3350.292713][T22008] Memory cgroup out of memory: Killed process 12754 (syz-executor.0) total-vm:72448kB, anon-rss:2204kB, file-rss:34816kB, shmem-rss:0kB [ 3350.317447][T22002] syz-executor.0 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 3350.347746][T22002] CPU: 0 PID: 22002 Comm: syz-executor.0 Not tainted 5.1.0-rc7+ #97 [ 3350.355786][T22002] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3350.365862][T22002] Call Trace: [ 3350.369182][T22002] dump_stack+0x172/0x1f0 [ 3350.373537][T22002] dump_header+0x10f/0xb6c [ 3350.377984][T22002] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 3350.383809][T22002] ? ___ratelimit+0x60/0x595 [ 3350.388415][T22002] ? do_raw_spin_unlock+0x57/0x270 [ 3350.393552][T22002] oom_kill_process.cold+0x10/0x15 [ 3350.398683][T22002] out_of_memory+0x79a/0x1280 [ 3350.403381][T22002] ? oom_killer_disable+0x280/0x280 [ 3350.408591][T22002] ? find_held_lock+0x35/0x130 [ 3350.413378][T22002] mem_cgroup_out_of_memory+0x1ca/0x230 [ 3350.418946][T22002] ? memcg_event_wake+0x230/0x230 [ 3350.423996][T22002] ? do_raw_spin_unlock+0x57/0x270 [ 3350.429121][T22002] ? _raw_spin_unlock+0x2d/0x50 [ 3350.433986][T22002] try_charge+0xa87/0x15c0 [ 3350.438404][T22002] ? find_held_lock+0x35/0x130 [ 3350.443180][T22002] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 3350.448731][T22002] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3350.454994][T22002] ? kasan_check_read+0x11/0x20 [ 3350.459869][T22002] ? get_mem_cgroup_from_mm+0x128/0x2b0 [ 3350.465435][T22002] mem_cgroup_try_charge+0x24d/0x5e0 [ 3350.470742][T22002] mem_cgroup_try_charge_delay+0x1f/0xa0 [ 3350.476384][T22002] wp_page_copy+0x408/0x1740 [ 3350.480983][T22002] ? find_held_lock+0x35/0x130 [ 3350.485766][T22002] ? pmd_pfn+0x1d0/0x1d0 [ 3350.490014][T22002] ? lock_downgrade+0x880/0x880 [ 3350.494873][T22002] ? swp_swapcount+0x540/0x540 [ 3350.499646][T22002] ? kasan_check_read+0x11/0x20 [ 3350.504501][T22002] ? do_raw_spin_unlock+0x57/0x270 [ 3350.509621][T22002] do_wp_page+0x48e/0x1500 [ 3350.514052][T22002] ? finish_mkwrite_fault+0x4f0/0x4f0 [ 3350.519447][T22002] __handle_mm_fault+0x22e8/0x3ec0 [ 3350.524581][T22002] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 3350.530134][T22002] ? find_held_lock+0x35/0x130 [ 3350.534905][T22002] ? handle_mm_fault+0x322/0xb30 [ 3350.539867][T22002] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3350.546111][T22002] ? kasan_check_read+0x11/0x20 [ 3350.550961][T22002] handle_mm_fault+0x43f/0xb30 [ 3350.555716][T22002] __do_page_fault+0x5ef/0xda0 [ 3350.560468][T22002] do_page_fault+0x71/0x581 [ 3350.564962][T22002] page_fault+0x1e/0x30 [ 3350.569108][T22002] RIP: 0010:__put_user_4+0x1c/0x30 [ 3350.574354][T22002] Code: 1f 00 c3 90 66 2e 0f 1f 84 00 00 00 00 00 65 48 8b 1c 25 00 ee 01 00 48 8b 9b 18 14 00 00 48 83 eb 03 48 39 d9 73 3c 0f 1f 00 <89> 01 31 c0 0f 1f 00 c3 66 90 66 2e 0f 1f 84 00 00 00 00 00 65 48 [ 3350.593962][T22002] RSP: 0018:ffff888064a07ed0 EFLAGS: 00010293 [ 3350.600018][T22002] RAX: 0000000000000000 RBX: 00007fffffffeffd RCX: 00007f3680240608 [ 3350.607974][T22002] RDX: 0000000000000000 RSI: ffffffff819ace93 RDI: 0000000000000286 [ 3350.615930][T22002] RBP: ffff888064a07f10 R08: ffff88804bacc700 R09: 0000000000000001 [ 3350.623899][T22002] R10: ffff88804baccf80 R11: ffff88804bacc700 R12: 0000000000000000 [ 3350.631858][T22002] R13: 00007f3680240608 R14: 0000000000400003 R15: 0000000000000000 [ 3350.639829][T22002] ? __might_fault+0x1a3/0x1e0 [ 3350.644581][T22002] ? __x64_sys_getresgid+0x1aa/0x290 [ 3350.649873][T22002] ? trace_hardirqs_on+0x67/0x230 [ 3350.654886][T22002] do_syscall_64+0x103/0x610 [ 3350.659468][T22002] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3350.665358][T22002] RIP: 0033:0x2000050a [ 3350.669419][T22002] Code: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 98 4a 2a e9 2c b8 b6 4c 0f 05 03 00 40 00 c4 a3 7b f0 c5 3c 41 e2 e9 c4 22 e9 aa bb 3c 00 00 [ 3350.689013][T22002] RSP: 002b:0000000000400003 EFLAGS: 00000217 ORIG_RAX: 0000000000000078 [ 3350.697414][T22002] RAX: ffffffffffffffda RBX: 0000000000000009 RCX: 000000002000050a [ 3350.705377][T22002] RDX: dfaf83e69c634c96 RSI: 0000000000400003 RDI: 00007f3680240608 [ 3350.713364][T22002] RBP: 00000000000000fa R08: 0000000000000005 R09: 0000000000000006 [ 3350.721347][T22002] R10: 0000000000000007 R11: 0000000000000217 R12: 000000000000000b [ 3350.729325][T22002] R13: 000000000000000c R14: 000000000000000d R15: 00000000ffffffff [ 3350.738238][T22002] memory: usage 307144kB, limit 307200kB, failcnt 18556 [ 3350.741893][ C1] net_ratelimit: 14 callbacks suppressed [ 3350.741902][ C1] protocol 88fb is buggy, dev hsr_slave_0 [ 3350.745347][T22002] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3350.751066][ C1] protocol 88fb is buggy, dev hsr_slave_1 [ 3350.756725][T22002] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3350.756735][T22002] Memory cgroup stats for /syz0: cache:228KB rss:34276KB rss_huge:6144KB shmem:200KB mapped_file:0KB dirty:0KB writeback:132KB swap:0KB inactive_anon:104KB active_anon:34272KB inactive_file:0KB active_file:0KB unevictable:0KB [ 3350.764523][ C1] protocol 88fb is buggy, dev hsr_slave_0 [ 3350.769969][T22002] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=12761,uid=0 [ 3350.770083][T22002] Memory cgroup out of memory: Killed process 12761 (syz-executor.0) total-vm:72448kB, anon-rss:2204kB, file-rss:34816kB, shmem-rss:0kB [ 3350.777092][ C1] protocol 88fb is buggy, dev hsr_slave_1 [ 3350.802713][ T1043] oom_reaper: reaped process 12761 (syz-executor.0), now anon-rss:0kB, file-rss:34816kB, shmem-rss:0kB [ 3350.804987][ C1] protocol 88fb is buggy, dev hsr_slave_0 [ 3350.857390][ C1] protocol 88fb is buggy, dev hsr_slave_1 [ 3350.945279][T21446] syz-executor.0 invoked oom-killer: gfp_mask=0x40cc0(GFP_KERNEL|__GFP_COMP), order=1, oom_score_adj=1000 [ 3350.967947][T21446] CPU: 1 PID: 21446 Comm: syz-executor.0 Not tainted 5.1.0-rc7+ #97 [ 3350.975977][T21446] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3350.986052][T21446] Call Trace: [ 3350.989332][T21446] dump_stack+0x172/0x1f0 [ 3350.993667][T21446] dump_header+0x10f/0xb6c [ 3350.998089][T21446] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 3351.004354][T21446] ? ___ratelimit+0x60/0x595 [ 3351.008927][T21446] ? do_raw_spin_unlock+0x57/0x270 [ 3351.014399][T21446] oom_kill_process.cold+0x10/0x15 [ 3351.019513][T21446] out_of_memory+0x79a/0x1280 [ 3351.024185][T21446] ? oom_killer_disable+0x280/0x280 [ 3351.029364][T21446] ? find_held_lock+0x35/0x130 [ 3351.034143][T21446] mem_cgroup_out_of_memory+0x1ca/0x230 [ 3351.039684][T21446] ? memcg_event_wake+0x230/0x230 [ 3351.044699][T21446] ? do_raw_spin_unlock+0x57/0x270 [ 3351.049811][T21446] ? _raw_spin_unlock+0x2d/0x50 [ 3351.054667][T21446] try_charge+0xa87/0x15c0 [ 3351.059083][T21446] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 3351.064615][T21446] ? rcu_read_lock_sched_held+0x110/0x130 [ 3351.070321][T21446] ? __alloc_pages_nodemask+0x61d/0x8d0 [ 3351.075859][T21446] ? __lockdep_free_key_range+0x120/0x120 [ 3351.081590][T21446] __memcg_kmem_charge_memcg+0x7c/0x130 [ 3351.087139][T21446] ? memcg_kmem_put_cache+0xb0/0xb0 [ 3351.092342][T21446] ? cache_grow_begin+0x594/0x860 [ 3351.097371][T21446] ? lockdep_hardirqs_on+0x418/0x5d0 [ 3351.102650][T21446] ? trace_hardirqs_on+0x67/0x230 [ 3351.107657][T21446] cache_grow_begin+0x5c0/0x860 [ 3351.112773][T21446] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 3351.119034][T21446] ? __cpuset_node_allowed+0x136/0x540 [ 3351.124494][T21446] fallback_alloc+0x1fd/0x2d0 [ 3351.129158][T21446] ____cache_alloc_node+0x1be/0x1e0 [ 3351.134352][T21446] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 3351.140589][T21446] kmem_cache_alloc_node+0xe3/0x710 [ 3351.145773][T21446] ? lockdep_hardirqs_on+0x418/0x5d0 [ 3351.151046][T21446] ? trace_hardirqs_on+0x67/0x230 [ 3351.156077][T21446] copy_process.part.0+0x1d08/0x7980 [ 3351.161359][T21446] ? perf_trace_lock+0xeb/0x510 [ 3351.166196][T21446] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3351.172430][T21446] ? debug_smp_processor_id+0x3c/0x280 [ 3351.177898][T21446] ? __lockdep_free_key_range+0x120/0x120 [ 3351.183626][T21446] ? __might_fault+0x12b/0x1e0 [ 3351.188377][T21446] ? find_held_lock+0x35/0x130 [ 3351.193139][T21446] ? __might_fault+0x12b/0x1e0 [ 3351.197922][T21446] ? __cleanup_sighand+0x60/0x60 [ 3351.202874][T21446] ? check_stack_object+0x114/0x160 [ 3351.208051][T21446] ? __sanitizer_cov_trace_switch+0x49/0x80 [ 3351.213954][T21446] _do_fork+0x257/0xfd0 [ 3351.218123][T21446] ? fork_idle+0x1d0/0x1d0 [ 3351.222533][T21446] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3351.228771][T21446] ? key_get_type_from_user.constprop.0+0xe4/0x110 [ 3351.235554][T21446] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3351.242155][T21446] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3351.247603][T21446] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3351.253072][T21446] ? do_syscall_64+0x26/0x610 [ 3351.257781][T21446] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3351.263849][T21446] ? do_syscall_64+0x26/0x610 [ 3351.268526][T21446] __x64_sys_clone+0xbf/0x150 [ 3351.273216][T21446] do_syscall_64+0x103/0x610 [ 3351.277817][T21446] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3351.283702][T21446] RIP: 0033:0x2000050a [ 3351.287754][T21446] Code: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 98 4a 2a e9 2c b8 b6 4c 0f 05 03 00 40 00 c4 a3 7b f0 c5 3c 41 e2 e9 c4 22 e9 aa bb 3c 00 00 [ 3351.307348][T21446] RSP: 002b:0000000000400003 EFLAGS: 00000212 ORIG_RAX: 0000000000000038 [ 3351.315750][T21446] RAX: ffffffffffffffda RBX: 0000000000000009 RCX: 000000002000050a [ 3351.323715][T21446] RDX: dfaf83e69c634c96 RSI: 0000000000400003 RDI: 00007f3680240608 [ 3351.331721][T21446] RBP: 0000000000000006 R08: 0000000000000005 R09: 0000000000000006 [ 3351.339702][T21446] R10: 0000000000000007 R11: 0000000000000212 R12: 000000000000000b [ 3351.347673][T21446] R13: 000000000000000c R14: 000000000000000d R15: 00000000ffffffff [ 3351.360231][T21446] memory: usage 307200kB, limit 307200kB, failcnt 19034 [ 3351.367339][T21446] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3351.367350][T21446] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3351.367358][T21446] Memory cgroup stats for /syz0: cache:228KB rss:32108KB rss_huge:4096KB shmem:200KB mapped_file:0KB dirty:0KB writeback:132KB swap:0KB inactive_anon:104KB active_anon:32108KB inactive_file:0KB active_file:0KB unevictable:0KB [ 3351.382045][T21446] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=29444,uid=0 [ 3351.419916][T21446] Memory cgroup out of memory: Killed process 29444 (syz-executor.0) total-vm:72448kB, anon-rss:2204kB, file-rss:34816kB, shmem-rss:0kB [ 3351.443902][T22046] syz-executor.0 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=0, oom_score_adj=1000 [ 3351.443921][T22046] CPU: 0 PID: 22046 Comm: syz-executor.0 Not tainted 5.1.0-rc7+ #97 [ 3351.463987][T22046] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3351.474043][T22046] Call Trace: [ 3351.474068][T22046] dump_stack+0x172/0x1f0 [ 3351.474091][T22046] dump_header+0x10f/0xb6c [ 3351.474112][T22046] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 3351.481713][T22046] ? ___ratelimit+0x60/0x595 [ 3351.481731][T22046] ? do_raw_spin_unlock+0x57/0x270 [ 3351.481752][T22046] oom_kill_process.cold+0x10/0x15 [ 3351.481771][T22046] out_of_memory+0x79a/0x1280 [ 3351.481793][T22046] ? oom_killer_disable+0x280/0x280 [ 3351.481805][T22046] ? find_held_lock+0x35/0x130 [ 3351.481833][T22046] mem_cgroup_out_of_memory+0x1ca/0x230 [ 3351.481848][T22046] ? memcg_event_wake+0x230/0x230 [ 3351.481870][T22046] ? do_raw_spin_unlock+0x57/0x270 [ 3351.492077][T22046] ? _raw_spin_unlock+0x2d/0x50 [ 3351.492099][T22046] try_charge+0xa87/0x15c0 [ 3351.492113][T22046] ? find_held_lock+0x35/0x130 [ 3351.492137][T22046] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 3351.492151][T22046] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 3351.492167][T22046] ? find_held_lock+0x35/0x130 [ 3351.492186][T22046] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 3351.501894][T22046] __memcg_kmem_charge_memcg+0x7c/0x130 [ 3351.501912][T22046] ? memcg_kmem_put_cache+0xb0/0xb0 [ 3351.501933][T22046] ? get_mem_cgroup_from_mm+0x128/0x2b0 [ 3351.501963][T22046] __memcg_kmem_charge+0x136/0x300 [ 3351.501985][T22046] __alloc_pages_nodemask+0x4bf/0x8d0 [ 3351.502008][T22046] ? __alloc_pages_slowpath+0x28b0/0x28b0 [ 3351.502033][T22046] ? is_dynamic_key+0x1c0/0x1c0 [ 3351.511795][T22046] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 3351.511819][T22046] alloc_pages_current+0x107/0x210 [ 3351.511842][T22046] pte_alloc_one+0x1b/0x1a0 [ 3351.511861][T22046] __handle_mm_fault+0x3491/0x3ec0 [ 3351.511883][T22046] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 3351.511898][T22046] ? find_held_lock+0x35/0x130 [ 3351.511915][T22046] ? handle_mm_fault+0x322/0xb30 [ 3351.511950][T22046] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3351.527427][T22046] ? kasan_check_read+0x11/0x20 [ 3351.527453][T22046] handle_mm_fault+0x43f/0xb30 [ 3351.527478][T22046] __do_page_fault+0x5ef/0xda0 [ 3351.527502][T22046] do_page_fault+0x71/0x581 [ 3351.527529][T22046] page_fault+0x1e/0x30 [ 3351.537667][T22046] RIP: 0010:strncpy_from_user+0x1e1/0x380 [ 3351.537684][T22046] Code: 48 83 eb 08 bf 07 00 00 00 49 83 c4 08 48 89 de e8 54 fb 2d fe 48 83 fb 07 0f 86 17 01 00 00 e8 a5 f9 2d fe 48 8b 45 d0 31 f6 <4e> 8b 3c 20 31 ff 89 75 cc e8 11 fb 2d fe 8b 75 cc 85 f6 0f 84 5a [ 3351.537693][T22046] RSP: 0018:ffff888208fc7cb0 EFLAGS: 00010246 [ 3351.537707][T22046] RAX: 0000000000400003 RBX: 0000000000000fe0 RCX: ffffffff83429272 [ 3351.537716][T22046] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000007 [ 3351.537726][T22046] RBP: ffff888208fc7ce8 R08: ffff88804c7b8340 R09: ffff8880aa594dc0 [ 3351.537735][T22046] R10: 000000000000001c R11: ffff88804be3f43f R12: 0000000000000000 [ 3351.537743][T22046] R13: ffff88804be3e460 R14: 0000000000000fe0 R15: 00007ffffffff000 [ 3351.537769][T22046] ? strncpy_from_user+0x142/0x380 [ 3351.537797][T22046] getname_flags+0x11b/0x5b0 [ 3351.547039][T22046] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3351.547062][T22046] do_renameat2+0x199/0xc40 [ 3351.547097][T22046] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 3351.557396][T22046] ? user_path_create+0x50/0x50 [ 3351.557418][T22046] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3351.557436][T22046] ? security_capable+0x9b/0xd0 [ 3351.557456][T22046] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3351.557470][T22046] ? ns_capable_common+0x93/0x100 [ 3351.557490][T22046] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3351.557510][T22046] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3351.811252][T22046] ? do_syscall_64+0x26/0x610 [ 3351.815915][T22046] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3351.821978][T22046] ? do_syscall_64+0x26/0x610 [ 3351.826646][T22046] __x64_sys_renameat+0x9a/0x100 [ 3351.831594][T22046] do_syscall_64+0x103/0x610 [ 3351.836181][T22046] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3351.842141][T22046] RIP: 0033:0x2000050a [ 3351.846193][T22046] Code: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 98 4a 2a e9 2c b8 b6 4c 0f 05 03 00 40 00 c4 a3 7b f0 c5 3c 41 e2 e9 c4 22 e9 aa bb 3c 00 00 [ 3351.865788][T22046] RSP: 002b:0000000000400003 EFLAGS: 00000212 ORIG_RAX: 0000000000000108 [ 3351.874193][T22046] RAX: ffffffffffffffda RBX: 0000000000000009 RCX: 000000002000050a [ 3351.882154][T22046] RDX: dfaf83e69c634c96 RSI: 0000000000400003 RDI: 00007f3680240608 [ 3351.890118][T22046] RBP: 0000000000000013 R08: 0000000000000005 R09: 0000000000000006 [ 3351.898082][T22046] R10: 0000000000000007 R11: 0000000000000212 R12: 000000000000000b [ 3351.906071][T22046] R13: 000000000000000c R14: 000000000000000d R15: 00000000ffffffff [ 3351.925111][T22046] memory: usage 307196kB, limit 307200kB, failcnt 19132 [ 3351.932340][ C0] protocol 88fb is buggy, dev hsr_slave_0 [ 3351.932408][ C0] protocol 88fb is buggy, dev hsr_slave_1 [ 3351.932513][ C0] protocol 88fb is buggy, dev hsr_slave_0 [ 3351.932566][ C0] protocol 88fb is buggy, dev hsr_slave_1 [ 3351.955907][T22046] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3351.963489][T22046] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3351.970347][T22046] Memory cgroup stats for /syz0: cache:228KB rss:29992KB rss_huge:2048KB shmem:200KB mapped_file:0KB dirty:0KB writeback:132KB swap:0KB inactive_anon:104KB active_anon:30016KB inactive_file:0KB active_file:0KB unevictable:0KB [ 3351.992357][T22046] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=14098,uid=0 [ 3351.992489][T22046] Memory cgroup out of memory: Killed process 14098 (syz-executor.0) total-vm:72448kB, anon-rss:2180kB, file-rss:34816kB, shmem-rss:0kB [ 3352.040602][T22043] syz-executor.0 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 3352.069249][T22043] CPU: 1 PID: 22043 Comm: syz-executor.0 Not tainted 5.1.0-rc7+ #97 [ 3352.077397][T22043] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3352.087466][T22043] Call Trace: [ 3352.090785][T22043] dump_stack+0x172/0x1f0 [ 3352.095138][T22043] dump_header+0x10f/0xb6c [ 3352.099572][T22043] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 3352.105396][T22043] ? ___ratelimit+0x60/0x595 [ 3352.110006][T22043] ? do_raw_spin_unlock+0x57/0x270 [ 3352.115136][T22043] oom_kill_process.cold+0x10/0x15 [ 3352.120262][T22043] out_of_memory+0x79a/0x1280 [ 3352.124964][T22043] ? oom_killer_disable+0x280/0x280 [ 3352.130167][T22043] ? find_held_lock+0x35/0x130 [ 3352.135412][T22043] mem_cgroup_out_of_memory+0x1ca/0x230 [ 3352.140970][T22043] ? memcg_event_wake+0x230/0x230 [ 3352.146014][T22043] ? do_raw_spin_unlock+0x57/0x270 [ 3352.151128][T22043] ? _raw_spin_unlock+0x2d/0x50 [ 3352.155997][T22043] try_charge+0xa87/0x15c0 [ 3352.160417][T22043] ? find_held_lock+0x35/0x130 [ 3352.165211][T22043] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 3352.170781][T22043] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3352.177036][T22043] ? kasan_check_read+0x11/0x20 [ 3352.181890][T22043] ? get_mem_cgroup_from_mm+0x128/0x2b0 [ 3352.181909][T22043] mem_cgroup_try_charge+0x24d/0x5e0 [ 3352.181932][T22043] mem_cgroup_try_charge_delay+0x1f/0xa0 [ 3352.181962][T22043] wp_page_copy+0x408/0x1740 [ 3352.181976][T22043] ? find_held_lock+0x35/0x130 [ 3352.181997][T22043] ? pmd_pfn+0x1d0/0x1d0 [ 3352.192823][T22043] ? lock_downgrade+0x880/0x880 [ 3352.192838][T22043] ? swp_swapcount+0x540/0x540 [ 3352.192857][T22043] ? kasan_check_read+0x11/0x20 [ 3352.192871][T22043] ? do_raw_spin_unlock+0x57/0x270 [ 3352.192891][T22043] do_wp_page+0x48e/0x1500 [ 3352.192914][T22043] ? finish_mkwrite_fault+0x4f0/0x4f0 [ 3352.192954][T22043] __handle_mm_fault+0x22e8/0x3ec0 [ 3352.192975][T22043] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 3352.192989][T22043] ? find_held_lock+0x35/0x130 [ 3352.193006][T22043] ? handle_mm_fault+0x322/0xb30 [ 3352.193031][T22043] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3352.212223][T22043] ? kasan_check_read+0x11/0x20 [ 3352.221822][T22043] handle_mm_fault+0x43f/0xb30 [ 3352.221843][T22043] __do_page_fault+0x5ef/0xda0 [ 3352.221866][T22043] do_page_fault+0x71/0x581 [ 3352.221885][T22043] page_fault+0x1e/0x30 [ 3352.221900][T22043] RIP: 0010:__put_user_4+0x1c/0x30 [ 3352.221915][T22043] Code: 1f 00 c3 90 66 2e 0f 1f 84 00 00 00 00 00 65 48 8b 1c 25 00 ee 01 00 48 8b 9b 18 14 00 00 48 83 eb 03 48 39 d9 73 3c 0f 1f 00 <89> 01 31 c0 0f 1f 00 c3 66 90 66 2e 0f 1f 84 00 00 00 00 00 65 48 [ 3352.221924][T22043] RSP: 0018:ffff88804c707ed0 EFLAGS: 00010293 [ 3352.221946][T22043] RAX: 0000000000000000 RBX: 00007fffffffeffd RCX: 00007f3680240608 [ 3352.221961][T22043] RDX: 0000000000000000 RSI: ffffffff819ace93 RDI: 0000000000000286 [ 3352.241654][T22043] RBP: ffff88804c707f10 R08: ffff88804c6f8200 R09: 0000000000000001 [ 3352.241663][T22043] R10: ffff88804c6f8a80 R11: ffff88804c6f8200 R12: 0000000000000000 [ 3352.241671][T22043] R13: 00007f3680240608 R14: 0000000000400003 R15: 0000000000000000 [ 3352.241703][T22043] ? __might_fault+0x1a3/0x1e0 [ 3352.241723][T22043] ? __x64_sys_getresgid+0x1aa/0x290 [ 3352.241736][T22043] ? trace_hardirqs_on+0x67/0x230 [ 3352.241765][T22043] do_syscall_64+0x103/0x610 [ 3352.241785][T22043] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3352.241796][T22043] RIP: 0033:0x2000050a [ 3352.241810][T22043] Code: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 98 4a 2a e9 2c b8 b6 4c 0f 05 03 00 40 00 c4 a3 7b f0 c5 3c 41 e2 e9 c4 22 e9 aa bb 3c 00 00 [ 3352.241817][T22043] RSP: 002b:0000000000400003 EFLAGS: 00000217 ORIG_RAX: 0000000000000078 [ 3352.241830][T22043] RAX: ffffffffffffffda RBX: 0000000000000009 RCX: 000000002000050a [ 3352.241839][T22043] RDX: dfaf83e69c634c96 RSI: 0000000000400003 RDI: 00007f3680240608 [ 3352.241848][T22043] RBP: 00000000000000fa R08: 0000000000000005 R09: 0000000000000006 [ 3352.241856][T22043] R10: 0000000000000007 R11: 0000000000000217 R12: 000000000000000b [ 3352.241871][T22043] R13: 000000000000000c R14: 000000000000000d R15: 00000000ffffffff [ 3352.465653][T22043] memory: usage 307200kB, limit 307200kB, failcnt 19285 [ 3352.472957][T22043] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3352.480504][T22043] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3352.487521][T22043] Memory cgroup stats for /syz0: cache:228KB rss:27896KB rss_huge:0KB shmem:200KB [ 3352.487564][T22043] mapped_file:0KB dirty:0KB writeback:132KB swap:0KB inactive_anon:104KB active_anon:27900KB inactive_file:0KB active_file:0KB unevictable:0KB [ 3352.511926][T22043] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=6997,uid=0 [ 3352.512059][T22043] Memory cgroup out of memory: Killed process 6997 (syz-executor.0) total-vm:72844kB, anon-rss:232kB, file-rss:35824kB, shmem-rss:0kB [ 3352.559392][T22042] syz-executor.0 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=0, oom_score_adj=1000 [ 3352.576569][T22042] CPU: 0 PID: 22042 Comm: syz-executor.0 Not tainted 5.1.0-rc7+ #97 [ 3352.584595][T22042] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3352.584603][T22042] Call Trace: [ 3352.584632][T22042] dump_stack+0x172/0x1f0 [ 3352.584654][T22042] dump_header+0x10f/0xb6c [ 3352.584670][T22042] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 3352.584685][T22042] ? ___ratelimit+0x60/0x595 [ 3352.584699][T22042] ? do_raw_spin_unlock+0x57/0x270 [ 3352.584718][T22042] oom_kill_process.cold+0x10/0x15 [ 3352.584738][T22042] out_of_memory+0x79a/0x1280 [ 3352.584761][T22042] ? oom_killer_disable+0x280/0x280 [ 3352.584773][T22042] ? find_held_lock+0x35/0x130 [ 3352.584798][T22042] mem_cgroup_out_of_memory+0x1ca/0x230 [ 3352.584811][T22042] ? memcg_event_wake+0x230/0x230 [ 3352.584833][T22042] ? do_raw_spin_unlock+0x57/0x270 [ 3352.584849][T22042] ? _raw_spin_unlock+0x2d/0x50 [ 3352.584867][T22042] try_charge+0xa87/0x15c0 [ 3352.584879][T22042] ? find_held_lock+0x35/0x130 [ 3352.584904][T22042] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 3352.584918][T22042] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 3352.584932][T22042] ? find_held_lock+0x35/0x130 [ 3352.584958][T22042] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 3352.584985][T22042] __memcg_kmem_charge_memcg+0x7c/0x130 [ 3352.598364][T22042] ? memcg_kmem_put_cache+0xb0/0xb0 [ 3352.598387][T22042] ? get_mem_cgroup_from_mm+0x128/0x2b0 [ 3352.598406][T22042] __memcg_kmem_charge+0x136/0x300 [ 3352.607177][T22042] __alloc_pages_nodemask+0x4bf/0x8d0 [ 3352.607203][T22042] ? __alloc_pages_slowpath+0x28b0/0x28b0 [ 3352.607236][T22042] ? copy_page_range+0x125a/0x1f90 [ 3352.617656][T22042] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 3352.617679][T22042] alloc_pages_current+0x107/0x210 [ 3352.617703][T22042] pte_alloc_one+0x1b/0x1a0 [ 3352.617719][T22042] __pte_alloc+0x20/0x310 [ 3352.617738][T22042] copy_page_range+0x1529/0x1f90 [ 3352.617764][T22042] ? perf_trace_lock+0xeb/0x510 [ 3352.627999][T22042] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3352.628048][T22042] ? pmd_alloc+0x180/0x180 [ 3352.628060][T22042] ? vma_compute_subtree_gap+0x158/0x230 [ 3352.628077][T22042] ? validate_mm_rb+0xa3/0xc0 [ 3352.628096][T22042] ? __vma_link_rb+0x279/0x370 [ 3352.638003][T22042] copy_process.part.0+0x568b/0x7980 [ 3352.638059][T22042] ? __cleanup_sighand+0x60/0x60 [ 3352.638086][T22042] ? check_stack_object+0x114/0x160 [ 3352.638108][T22042] ? __sanitizer_cov_trace_switch+0x49/0x80 [ 3352.648436][T22042] _do_fork+0x257/0xfd0 [ 3352.648463][T22042] ? fork_idle+0x1d0/0x1d0 [ 3352.648481][T22042] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3352.648499][T22042] ? key_get_type_from_user.constprop.0+0xe4/0x110 [ 3352.648519][T22042] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3352.648542][T22042] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3352.658797][T22042] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3352.658815][T22042] ? do_syscall_64+0x26/0x610 [ 3352.658832][T22042] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3352.658846][T22042] ? do_syscall_64+0x26/0x610 [ 3352.658868][T22042] __x64_sys_clone+0xbf/0x150 [ 3352.658890][T22042] do_syscall_64+0x103/0x610 [ 3352.668815][T22042] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3352.668831][T22042] RIP: 0033:0x2000050a [ 3352.668848][T22042] Code: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 98 4a 2a e9 2c b8 b6 4c 0f 05 03 00 40 00 c4 a3 7b f0 c5 3c 41 e2 e9 c4 22 e9 aa bb 3c 00 00 [ 3352.668856][T22042] RSP: 002b:0000000000400003 EFLAGS: 00000212 ORIG_RAX: 0000000000000038 [ 3352.668870][T22042] RAX: ffffffffffffffda RBX: 0000000000000009 RCX: 000000002000050a [ 3352.668878][T22042] RDX: dfaf83e69c634c96 RSI: 0000000000400003 RDI: 00007f3680240608 [ 3352.668887][T22042] RBP: 0000000000000006 R08: 0000000000000005 R09: 0000000000000006 [ 3352.668905][T22042] R10: 0000000000000007 R11: 0000000000000212 R12: 000000000000000b [ 3352.679258][T22042] R13: 000000000000000c R14: 000000000000000d R15: 00000000ffffffff [ 3352.679623][T22042] memory: usage 307200kB, limit 307200kB, failcnt 19320 [ 3352.695497][T22042] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3352.706318][T22042] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3352.706328][T22042] Memory cgroup stats for /syz0: cache:228KB rss:27756KB rss_huge:0KB shmem:200KB mapped_file:0KB dirty:0KB writeback:132KB swap:0KB inactive_anon:104KB active_anon:27736KB inactive_file:0KB active_file:0KB unevictable:0KB [ 3352.706412][T22042] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=15875,uid=0 [ 3352.706532][T22042] Memory cgroup out of memory: Killed process 15875 (syz-executor.0) total-vm:72976kB, anon-rss:208kB, file-rss:35840kB, shmem-rss:0kB [ 3352.735135][T21520] syz-executor.0 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=0, oom_score_adj=1000 [ 3352.780479][T21520] CPU: 0 PID: 21520 Comm: syz-executor.0 Not tainted 5.1.0-rc7+ #97 [ 3352.785884][T21520] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3352.785890][T21520] Call Trace: [ 3352.785911][T21520] dump_stack+0x172/0x1f0 [ 3352.785944][T21520] dump_header+0x10f/0xb6c [ 3352.785964][T21520] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 3352.785982][T21520] ? ___ratelimit+0x60/0x595 [ 3352.785997][T21520] ? do_raw_spin_unlock+0x57/0x270 [ 3352.786017][T21520] oom_kill_process.cold+0x10/0x15 [ 3352.786034][T21520] out_of_memory+0x79a/0x1280 [ 3352.796509][T21520] ? oom_killer_disable+0x280/0x280 [ 3352.796524][T21520] ? find_held_lock+0x35/0x130 [ 3352.796553][T21520] mem_cgroup_out_of_memory+0x1ca/0x230 [ 3352.796568][T21520] ? memcg_event_wake+0x230/0x230 [ 3352.796592][T21520] ? do_raw_spin_unlock+0x57/0x270 [ 3352.796610][T21520] ? _raw_spin_unlock+0x2d/0x50 [ 3352.806766][T21520] try_charge+0xa87/0x15c0 [ 3352.806782][T21520] ? find_held_lock+0x35/0x130 [ 3352.806809][T21520] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 3352.806824][T21520] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 3352.806839][T21520] ? find_held_lock+0x35/0x130 [ 3352.806855][T21520] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 3352.806883][T21520] __memcg_kmem_charge_memcg+0x7c/0x130 [ 3352.816929][T21520] ? memcg_kmem_put_cache+0xb0/0xb0 [ 3352.816960][T21520] ? get_mem_cgroup_from_mm+0x128/0x2b0 [ 3352.816982][T21520] __memcg_kmem_charge+0x136/0x300 [ 3352.817004][T21520] __alloc_pages_nodemask+0x4bf/0x8d0 [ 3352.817025][T21520] ? __alloc_pages_slowpath+0x28b0/0x28b0 [ 3352.827682][T21520] ? copy_page_range+0x125a/0x1f90 [ 3352.827702][T21520] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 3352.827724][T21520] alloc_pages_current+0x107/0x210 [ 3352.827746][T21520] pte_alloc_one+0x1b/0x1a0 [ 3352.827763][T21520] __pte_alloc+0x20/0x310 [ 3352.827790][T21520] copy_page_range+0x1529/0x1f90 [ 3352.840514][T21520] ? perf_trace_lock+0xeb/0x510 [ 3352.840531][T21520] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3352.840579][T21520] ? pmd_alloc+0x180/0x180 [ 3352.840592][T21520] ? vma_compute_subtree_gap+0x158/0x230 [ 3352.840609][T21520] ? validate_mm_rb+0xa3/0xc0 [ 3352.840626][T21520] ? __vma_link_rb+0x279/0x370 [ 3352.856229][T21520] copy_process.part.0+0x568b/0x7980 [ 3352.856288][T21520] ? __cleanup_sighand+0x60/0x60 [ 3352.867028][T21520] ? check_stack_object+0x114/0x160 [ 3352.867047][T21520] ? __sanitizer_cov_trace_switch+0x49/0x80 [ 3352.867072][T21520] _do_fork+0x257/0xfd0 [ 3352.867098][T21520] ? fork_idle+0x1d0/0x1d0 [ 3352.882247][T21520] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3352.882268][T21520] ? key_get_type_from_user.constprop.0+0xe4/0x110 [ 3352.882286][T21520] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3352.882302][T21520] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3352.882317][T21520] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3352.882332][T21520] ? do_syscall_64+0x26/0x610 [ 3352.882348][T21520] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3352.882362][T21520] ? do_syscall_64+0x26/0x610 [ 3352.882383][T21520] __x64_sys_clone+0xbf/0x150 [ 3352.906075][T21520] do_syscall_64+0x103/0x610 [ 3352.906099][T21520] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3352.906111][T21520] RIP: 0033:0x2000050a [ 3352.906126][T21520] Code: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 98 4a 2a e9 2c b8 b6 4c 0f 05 03 00 40 00 c4 a3 7b f0 c5 3c 41 e2 e9 c4 22 e9 aa bb 3c 00 00 [ 3352.906134][T21520] RSP: 002b:0000000000400003 EFLAGS: 00000212 ORIG_RAX: 0000000000000038 [ 3352.906147][T21520] RAX: ffffffffffffffda RBX: 0000000000000009 RCX: 000000002000050a [ 3352.906157][T21520] RDX: dfaf83e69c634c96 RSI: 0000000000400003 RDI: 00007f3680240608 [ 3352.906166][T21520] RBP: 0000000000000006 R08: 0000000000000005 R09: 0000000000000006 [ 3352.906175][T21520] R10: 0000000000000007 R11: 0000000000000212 R12: 000000000000000b [ 3352.906185][T21520] R13: 000000000000000c R14: 000000000000000d R15: 00000000ffffffff [ 3352.908978][T21520] memory: usage 307168kB, limit 307200kB, failcnt 19359 [ 3352.930886][T21520] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3352.930897][T21520] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3352.930906][T21520] Memory cgroup stats for /syz0: cache:228KB rss:27756KB rss_huge:0KB shmem:200KB mapped_file:0KB dirty:0KB writeback:132KB swap:0KB inactive_anon:104KB active_anon:27612KB inactive_file:0KB active_file:0KB unevictable:0KB [ 3352.947299][T21520] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=16658,uid=0 [ 3352.970070][T21520] Memory cgroup out of memory: Killed process 16658 (syz-executor.0) total-vm:73108kB, anon-rss:220kB, file-rss:35812kB, shmem-rss:0kB [ 3353.032748][ T1043] oom_reaper: reaped process 16658 (syz-executor.0), now anon-rss:0kB, file-rss:34852kB, shmem-rss:0kB [ 3353.589230][T22049] syz-executor.0 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 3353.599534][T22049] CPU: 0 PID: 22049 Comm: syz-executor.0 Not tainted 5.1.0-rc7+ #97 [ 3353.599544][T22049] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3353.599556][T22049] Call Trace: [ 3353.617624][T22049] dump_stack+0x172/0x1f0 [ 3353.617649][T22049] dump_header+0x10f/0xb6c [ 3353.617666][T22049] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 3353.617682][T22049] ? ___ratelimit+0x60/0x595 [ 3353.617697][T22049] ? do_raw_spin_unlock+0x57/0x270 [ 3353.617717][T22049] oom_kill_process.cold+0x10/0x15 [ 3353.617736][T22049] out_of_memory+0x79a/0x1280 [ 3353.617754][T22049] ? lock_downgrade+0x880/0x880 [ 3353.617770][T22049] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3353.617788][T22049] ? oom_killer_disable+0x280/0x280 [ 3353.617801][T22049] ? find_held_lock+0x35/0x130 [ 3353.617827][T22049] mem_cgroup_out_of_memory+0x1ca/0x230 [ 3353.617850][T22049] ? memcg_event_wake+0x230/0x230 [ 3353.625475][T22049] ? do_raw_spin_unlock+0x57/0x270 [ 3353.625495][T22049] ? _raw_spin_unlock+0x2d/0x50 [ 3353.625516][T22049] try_charge+0xa87/0x15c0 [ 3353.635729][T22049] ? find_held_lock+0x35/0x130 [ 3353.635759][T22049] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 3353.635777][T22049] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3353.635796][T22049] ? kasan_check_read+0x11/0x20 [ 3353.635815][T22049] ? get_mem_cgroup_from_mm+0x128/0x2b0 [ 3353.635838][T22049] mem_cgroup_try_charge+0x24d/0x5e0 [ 3353.635863][T22049] mem_cgroup_try_charge_delay+0x1f/0xa0 [ 3353.635884][T22049] wp_page_copy+0x408/0x1740 [ 3353.635898][T22049] ? find_held_lock+0x35/0x130 [ 3353.635921][T22049] ? pmd_pfn+0x1d0/0x1d0 [ 3353.645627][T22049] ? lock_downgrade+0x880/0x880 [ 3353.645649][T22049] ? swp_swapcount+0x540/0x540 [ 3353.655439][T22049] ? kasan_check_read+0x11/0x20 [ 3353.655456][T22049] ? do_raw_spin_unlock+0x57/0x270 [ 3353.655475][T22049] do_wp_page+0x48e/0x1500 [ 3353.655498][T22049] ? finish_mkwrite_fault+0x4f0/0x4f0 [ 3353.655528][T22049] __handle_mm_fault+0x22e8/0x3ec0 [ 3353.655553][T22049] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 3353.655567][T22049] ? find_held_lock+0x35/0x130 [ 3353.655584][T22049] ? handle_mm_fault+0x322/0xb30 [ 3353.655610][T22049] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3353.655630][T22049] ? kasan_check_read+0x11/0x20 [ 3353.813688][T22049] handle_mm_fault+0x43f/0xb30 [ 3353.818439][T22049] __do_page_fault+0x5ef/0xda0 [ 3353.823598][T22049] do_page_fault+0x71/0x581 [ 3353.828087][T22049] page_fault+0x1e/0x30 [ 3353.832225][T22049] RIP: 0010:__put_user_4+0x1c/0x30 [ 3353.837320][T22049] Code: 1f 00 c3 90 66 2e 0f 1f 84 00 00 00 00 00 65 48 8b 1c 25 00 ee 01 00 48 8b 9b 18 14 00 00 48 83 eb 03 48 39 d9 73 3c 0f 1f 00 <89> 01 31 c0 0f 1f 00 c3 66 90 66 2e 0f 1f 84 00 00 00 00 00 65 48 [ 3353.857369][T22049] RSP: 0018:ffff888200bffed0 EFLAGS: 00010293 [ 3353.863428][T22049] RAX: 0000000000000000 RBX: 00007fffffffeffd RCX: 00007f3680240608 [ 3353.871390][T22049] RDX: 0000000000000000 RSI: ffffffff819ace93 RDI: 0000000000000286 [ 3353.879366][T22049] RBP: ffff888200bfff10 R08: ffff88804be90400 R09: 0000000000000001 [ 3353.887342][T22049] R10: ffff88804be90c80 R11: ffff88804be90400 R12: 0000000000000000 [ 3353.895337][T22049] R13: 00007f3680240608 R14: 0000000000400003 R15: 0000000000000000 [ 3353.903501][T22049] ? __might_fault+0x1a3/0x1e0 [ 3353.908261][T22049] ? __x64_sys_getresgid+0x1aa/0x290 [ 3353.913527][T22049] ? trace_hardirqs_on+0x67/0x230 [ 3353.918540][T22049] do_syscall_64+0x103/0x610 [ 3353.923116][T22049] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3353.929169][T22049] RIP: 0033:0x2000050a [ 3353.933313][T22049] Code: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 98 4a 2a e9 2c b8 b6 4c 0f 05 03 00 40 00 c4 a3 7b f0 c5 3c 41 e2 e9 c4 22 e9 aa bb 3c 00 00 [ 3353.952918][T22049] RSP: 002b:0000000000400003 EFLAGS: 00000217 ORIG_RAX: 0000000000000078 [ 3353.961329][T22049] RAX: ffffffffffffffda RBX: 0000000000000009 RCX: 000000002000050a [ 3353.969304][T22049] RDX: dfaf83e69c634c96 RSI: 0000000000400003 RDI: 00007f3680240608 [ 3353.977271][T22049] RBP: 00000000000000fa R08: 0000000000000005 R09: 0000000000000006 [ 3353.985238][T22049] R10: 0000000000000007 R11: 0000000000000217 R12: 000000000000000b [ 3353.993203][T22049] R13: 000000000000000c R14: 000000000000000d R15: 00000000ffffffff [ 3354.001478][T22049] memory: usage 307024kB, limit 307200kB, failcnt 20492 [ 3354.008498][T22049] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3354.016692][T22049] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3354.023637][T22049] Memory cgroup stats for /syz0: cache:228KB rss:27608KB rss_huge:0KB shmem:200KB mapped_file:0KB dirty:0KB writeback:132KB swap:0KB inactive_anon:104KB active_anon:27452KB inactive_file:0KB active_file:0KB unevictable:0KB [ 3354.047101][T22049] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=7306,uid=0 [ 3354.047233][T22049] Memory cgroup out of memory: Killed process 7306 (syz-executor.0) total-vm:73108kB, anon-rss:220kB, file-rss:35800kB, shmem-rss:0kB [ 3354.080496][T22054] syz-executor.0 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=0, oom_score_adj=1000 [ 3354.093237][T22054] CPU: 0 PID: 22054 Comm: syz-executor.0 Not tainted 5.1.0-rc7+ #97 [ 3354.101261][T22054] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3354.111335][T22054] Call Trace: [ 3354.114642][T22054] dump_stack+0x172/0x1f0 [ 3354.118977][T22054] dump_header+0x10f/0xb6c [ 3354.123401][T22054] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 3354.129210][T22054] ? ___ratelimit+0x60/0x595 [ 3354.134190][T22054] ? do_raw_spin_unlock+0x57/0x270 [ 3354.139294][T22054] oom_kill_process.cold+0x10/0x15 [ 3354.144397][T22054] out_of_memory+0x79a/0x1280 [ 3354.149066][T22054] ? oom_killer_disable+0x280/0x280 [ 3354.154250][T22054] ? find_held_lock+0x35/0x130 [ 3354.159239][T22054] mem_cgroup_out_of_memory+0x1ca/0x230 [ 3354.165218][T22054] ? memcg_event_wake+0x230/0x230 [ 3354.170236][T22054] ? do_raw_spin_unlock+0x57/0x270 [ 3354.175346][T22054] ? _raw_spin_unlock+0x2d/0x50 [ 3354.180194][T22054] try_charge+0xa87/0x15c0 [ 3354.184617][T22054] ? find_held_lock+0x35/0x130 [ 3354.189381][T22054] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 3354.194910][T22054] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 3354.200444][T22054] ? find_held_lock+0x35/0x130 [ 3354.205191][T22054] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 3354.210731][T22054] __memcg_kmem_charge_memcg+0x7c/0x130 [ 3354.216269][T22054] ? memcg_kmem_put_cache+0xb0/0xb0 [ 3354.221451][T22054] ? get_mem_cgroup_from_mm+0x128/0x2b0 [ 3354.226988][T22054] __memcg_kmem_charge+0x136/0x300 [ 3354.232104][T22054] __alloc_pages_nodemask+0x4bf/0x8d0 [ 3354.237470][T22054] ? __alloc_pages_slowpath+0x28b0/0x28b0 [ 3354.243200][T22054] ? is_dynamic_key+0x1c0/0x1c0 [ 3354.248125][T22054] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 3354.254362][T22054] alloc_pages_current+0x107/0x210 [ 3354.259486][T22054] pte_alloc_one+0x1b/0x1a0 [ 3354.263989][T22054] __handle_mm_fault+0x3491/0x3ec0 [ 3354.269088][T22054] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 3354.274613][T22054] ? find_held_lock+0x35/0x130 [ 3354.279384][T22054] ? handle_mm_fault+0x322/0xb30 [ 3354.284335][T22054] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3354.290586][T22054] ? kasan_check_read+0x11/0x20 [ 3354.295431][T22054] handle_mm_fault+0x43f/0xb30 [ 3354.300182][T22054] __do_page_fault+0x5ef/0xda0 [ 3354.304932][T22054] do_page_fault+0x71/0x581 [ 3354.309427][T22054] page_fault+0x1e/0x30 [ 3354.313588][T22054] RIP: 0010:strncpy_from_user+0x1e1/0x380 [ 3354.319288][T22054] Code: 48 83 eb 08 bf 07 00 00 00 49 83 c4 08 48 89 de e8 54 fb 2d fe 48 83 fb 07 0f 86 17 01 00 00 e8 a5 f9 2d fe 48 8b 45 d0 31 f6 <4e> 8b 3c 20 31 ff 89 75 cc e8 11 fb 2d fe 8b 75 cc 85 f6 0f 84 5a [ 3354.338880][T22054] RSP: 0018:ffff8882137bfcb0 EFLAGS: 00010246 [ 3354.344931][T22054] RAX: 0000000000400003 RBX: 0000000000000fe0 RCX: ffffffff83429272 [ 3354.352914][T22054] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000007 [ 3354.360881][T22054] RBP: ffff8882137bfce8 R08: ffff88804352e1c0 R09: ffff8880aa594dc0 [ 3354.368860][T22054] R10: 000000000000001c R11: ffff88801a8176ff R12: 0000000000000000 [ 3354.376830][T22054] R13: ffff88801a816720 R14: 0000000000000fe0 R15: 00007ffffffff000 [ 3354.384805][T22054] ? strncpy_from_user+0x142/0x380 [ 3354.389912][T22054] getname_flags+0x11b/0x5b0 [ 3354.394497][T22054] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3354.400728][T22054] do_renameat2+0x199/0xc40 [ 3354.405227][T22054] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 3354.410942][T22054] ? user_path_create+0x50/0x50 [ 3354.415778][T22054] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3354.422007][T22054] ? security_capable+0x9b/0xd0 [ 3354.426842][T22054] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3354.433069][T22054] ? ns_capable_common+0x93/0x100 [ 3354.438080][T22054] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3354.443521][T22054] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3354.448968][T22054] ? do_syscall_64+0x26/0x610 [ 3354.453624][T22054] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3354.459672][T22054] ? do_syscall_64+0x26/0x610 [ 3354.464342][T22054] __x64_sys_renameat+0x9a/0x100 [ 3354.469279][T22054] do_syscall_64+0x103/0x610 [ 3354.473857][T22054] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3354.479732][T22054] RIP: 0033:0x2000050a [ 3354.483785][T22054] Code: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 98 4a 2a e9 2c b8 b6 4c 0f 05 03 00 40 00 c4 a3 7b f0 c5 3c 41 e2 e9 c4 22 e9 aa bb 3c 00 00 [ 3354.503387][T22054] RSP: 002b:0000000000400003 EFLAGS: 00000212 ORIG_RAX: 0000000000000108 [ 3354.511804][T22054] RAX: ffffffffffffffda RBX: 0000000000000009 RCX: 000000002000050a [ 3354.519771][T22054] RDX: dfaf83e69c634c96 RSI: 0000000000400003 RDI: 00007f3680240608 [ 3354.527726][T22054] RBP: 0000000000000013 R08: 0000000000000005 R09: 0000000000000006 [ 3354.535704][T22054] R10: 0000000000000007 R11: 0000000000000212 R12: 000000000000000b [ 3354.543659][T22054] R13: 000000000000000c R14: 000000000000000d R15: 00000000ffffffff [ 3354.554339][T22054] memory: usage 307024kB, limit 307200kB, failcnt 20537 [ 3354.561352][T22054] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3354.569198][T22054] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3354.576355][T22054] Memory cgroup stats for /syz0: cache:228KB rss:27452KB rss_huge:0KB shmem:200KB mapped_file:0KB dirty:0KB writeback:132KB swap:0KB inactive_anon:104KB active_anon:27288KB inactive_file:0KB active_file:0KB unevictable:0KB [ 3354.598141][T22054] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=836,uid=0 [ 3354.613744][T22054] Memory cgroup out of memory: Killed process 836 (syz-executor.0) total-vm:72976kB, anon-rss:212kB, file-rss:35792kB, shmem-rss:0kB [ 3354.651503][T22047] syz-executor.0 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=0, oom_score_adj=1000 [ 3354.665095][T22047] CPU: 1 PID: 22047 Comm: syz-executor.0 Not tainted 5.1.0-rc7+ #97 [ 3354.673091][T22047] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3354.683152][T22047] Call Trace: [ 3354.686459][T22047] dump_stack+0x172/0x1f0 [ 3354.690789][T22047] dump_header+0x10f/0xb6c [ 3354.695191][T22047] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 3354.700982][T22047] ? ___ratelimit+0x60/0x595 [ 3354.705565][T22047] ? do_raw_spin_unlock+0x57/0x270 [ 3354.710669][T22047] oom_kill_process.cold+0x10/0x15 [ 3354.715764][T22047] out_of_memory+0x79a/0x1280 [ 3354.720423][T22047] ? oom_killer_disable+0x280/0x280 [ 3354.725607][T22047] ? find_held_lock+0x35/0x130 [ 3354.730372][T22047] mem_cgroup_out_of_memory+0x1ca/0x230 [ 3354.735898][T22047] ? memcg_event_wake+0x230/0x230 [ 3354.740909][T22047] ? do_raw_spin_unlock+0x57/0x270 [ 3354.746014][T22047] ? _raw_spin_unlock+0x2d/0x50 [ 3354.750860][T22047] try_charge+0xa87/0x15c0 [ 3354.755256][T22047] ? find_held_lock+0x35/0x130 [ 3354.760009][T22047] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 3354.765545][T22047] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 3354.771086][T22047] ? find_held_lock+0x35/0x130 [ 3354.775833][T22047] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 3354.781365][T22047] __memcg_kmem_charge_memcg+0x7c/0x130 [ 3354.786904][T22047] ? memcg_kmem_put_cache+0xb0/0xb0 [ 3354.792107][T22047] ? get_mem_cgroup_from_mm+0x128/0x2b0 [ 3354.797634][T22047] __memcg_kmem_charge+0x136/0x300 [ 3354.802750][T22047] __alloc_pages_nodemask+0x4bf/0x8d0 [ 3354.808130][T22047] ? __alloc_pages_slowpath+0x28b0/0x28b0 [ 3354.813850][T22047] ? is_dynamic_key+0x1c0/0x1c0 [ 3354.818683][T22047] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 3354.824920][T22047] alloc_pages_current+0x107/0x210 [ 3354.830036][T22047] pte_alloc_one+0x1b/0x1a0 [ 3354.834524][T22047] __handle_mm_fault+0x3491/0x3ec0 [ 3354.839621][T22047] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 3354.845164][T22047] ? find_held_lock+0x35/0x130 [ 3354.849919][T22047] ? handle_mm_fault+0x322/0xb30 [ 3354.854851][T22047] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3354.861093][T22047] ? kasan_check_read+0x11/0x20 [ 3354.865955][T22047] handle_mm_fault+0x43f/0xb30 [ 3354.870740][T22047] __do_page_fault+0x5ef/0xda0 [ 3354.875501][T22047] do_page_fault+0x71/0x581 [ 3354.879987][T22047] page_fault+0x1e/0x30 [ 3354.884310][T22047] RIP: 0010:strncpy_from_user+0x1e1/0x380 [ 3354.890018][T22047] Code: 48 83 eb 08 bf 07 00 00 00 49 83 c4 08 48 89 de e8 54 fb 2d fe 48 83 fb 07 0f 86 17 01 00 00 e8 a5 f9 2d fe 48 8b 45 d0 31 f6 <4e> 8b 3c 20 31 ff 89 75 cc e8 11 fb 2d fe 8b 75 cc 85 f6 0f 84 5a [ 3354.909612][T22047] RSP: 0018:ffff88804e6e7cb0 EFLAGS: 00010246 [ 3354.915665][T22047] RAX: 0000000000400003 RBX: 0000000000000fe0 RCX: ffffffff83429272 [ 3354.923630][T22047] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000007 [ 3354.931607][T22047] RBP: ffff88804e6e7ce8 R08: ffff88804e6dc5c0 R09: ffff8880aa594dc0 [ 3354.939577][T22047] R10: 000000000000001c R11: ffff88801a8156bf R12: 0000000000000000 [ 3354.947543][T22047] R13: ffff88801a8146e0 R14: 0000000000000fe0 R15: 00007ffffffff000 [ 3354.955528][T22047] ? strncpy_from_user+0x142/0x380 [ 3354.960629][T22047] getname_flags+0x11b/0x5b0 [ 3354.965217][T22047] do_renameat2+0x199/0xc40 [ 3354.969715][T22047] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3354.975943][T22047] ? debug_smp_processor_id+0x3c/0x280 [ 3354.981392][T22047] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 3354.987108][T22047] ? user_path_create+0x50/0x50 [ 3354.991961][T22047] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3354.998198][T22047] ? security_capable+0x9b/0xd0 [ 3355.003464][T22047] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3355.009706][T22047] ? ns_capable_common+0x93/0x100 [ 3355.014730][T22047] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3355.020170][T22047] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3355.025619][T22047] ? do_syscall_64+0x26/0x610 [ 3355.030312][T22047] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3355.036363][T22047] ? do_syscall_64+0x26/0x610 [ 3355.041026][T22047] __x64_sys_renameat+0x9a/0x100 [ 3355.045971][T22047] do_syscall_64+0x103/0x610 [ 3355.050584][T22047] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3355.056468][T22047] RIP: 0033:0x2000050a [ 3355.060521][T22047] Code: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 98 4a 2a e9 2c b8 b6 4c 0f 05 03 00 40 00 c4 a3 7b f0 c5 3c 41 e2 e9 c4 22 e9 aa bb 3c 00 00 [ 3355.080202][T22047] RSP: 002b:0000000000400003 EFLAGS: 00000212 ORIG_RAX: 0000000000000108 [ 3355.088632][T22047] RAX: ffffffffffffffda RBX: 0000000000000009 RCX: 000000002000050a [ 3355.096609][T22047] RDX: dfaf83e69c634c96 RSI: 0000000000400003 RDI: 00007f3680240608 [ 3355.104581][T22047] RBP: 0000000000000013 R08: 0000000000000005 R09: 0000000000000006 [ 3355.112553][T22047] R10: 0000000000000007 R11: 0000000000000212 R12: 000000000000000b [ 3355.120509][T22047] R13: 000000000000000c R14: 000000000000000d R15: 00000000ffffffff [ 3355.134017][T22047] memory: usage 307200kB, limit 307200kB, failcnt 20583 [ 3355.141009][T22047] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3355.148684][T22047] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3355.155678][T22047] Memory cgroup stats for /syz0: cache:228KB rss:27320KB rss_huge:0KB shmem:200KB mapped_file:0KB dirty:0KB writeback:132KB swap:0KB inactive_anon:104KB active_anon:27144KB inactive_file:0KB active_file:0KB unevictable:0KB [ 3355.177393][T22047] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=24859,uid=0 [ 3355.177515][T22047] Memory cgroup out of memory: Killed process 24859 (syz-executor.0) total-vm:72712kB, anon-rss:192kB, file-rss:35804kB, shmem-rss:0kB [ 3355.192557][ T1043] oom_reaper: reaped process 24859 (syz-executor.0), now anon-rss:0kB, file-rss:34844kB, shmem-rss:0kB [ 3355.209403][T22057] syz-executor.0 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=0, oom_score_adj=1000 [ 3355.232653][T22057] CPU: 1 PID: 22057 Comm: syz-executor.0 Not tainted 5.1.0-rc7+ #97 [ 3355.240655][T22057] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3355.250711][T22057] Call Trace: [ 3355.254013][T22057] dump_stack+0x172/0x1f0 [ 3355.254033][T22057] dump_header+0x10f/0xb6c [ 3355.254050][T22057] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 3355.254066][T22057] ? ___ratelimit+0x60/0x595 [ 3355.254080][T22057] ? do_raw_spin_unlock+0x57/0x270 [ 3355.254098][T22057] oom_kill_process.cold+0x10/0x15 [ 3355.254115][T22057] out_of_memory+0x79a/0x1280 [ 3355.254137][T22057] ? oom_killer_disable+0x280/0x280 [ 3355.254149][T22057] ? find_held_lock+0x35/0x130 [ 3355.254175][T22057] mem_cgroup_out_of_memory+0x1ca/0x230 [ 3355.262911][T22057] ? memcg_event_wake+0x230/0x230 [ 3355.273279][T22057] ? do_raw_spin_unlock+0x57/0x270 [ 3355.273297][T22057] ? _raw_spin_unlock+0x2d/0x50 [ 3355.273316][T22057] try_charge+0xa87/0x15c0 [ 3355.273328][T22057] ? find_held_lock+0x35/0x130 [ 3355.273351][T22057] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 3355.273363][T22057] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 3355.273377][T22057] ? find_held_lock+0x35/0x130 [ 3355.273392][T22057] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 3355.273418][T22057] __memcg_kmem_charge_memcg+0x7c/0x130 [ 3355.273431][T22057] ? memcg_kmem_put_cache+0xb0/0xb0 [ 3355.273449][T22057] ? get_mem_cgroup_from_mm+0x128/0x2b0 [ 3355.273468][T22057] __memcg_kmem_charge+0x136/0x300 [ 3355.273493][T22057] __alloc_pages_nodemask+0x4bf/0x8d0 [ 3355.298290][T22057] ? __alloc_pages_slowpath+0x28b0/0x28b0 [ 3355.313944][T22057] ? save_stack+0xa9/0xd0 [ 3355.323182][T22057] ? kmem_cache_alloc+0x11a/0x6f0 [ 3355.323196][T22057] ? anon_vma_fork+0x1ea/0x4a0 [ 3355.323211][T22057] ? copy_process.part.0+0x350f/0x7980 [ 3355.323226][T22057] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3355.323242][T22057] ? debug_smp_processor_id+0x3c/0x280 [ 3355.323255][T22057] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 3355.323273][T22057] alloc_pages_current+0x107/0x210 [ 3355.323294][T22057] get_zeroed_page+0x14/0x50 [ 3355.323309][T22057] __pud_alloc+0x3b/0x250 [ 3355.323328][T22057] pud_alloc+0xde/0x150 [ 3355.323348][T22057] copy_page_range+0x375/0x1f90 [ 3355.323370][T22057] ? find_held_lock+0x35/0x130 [ 3355.339278][T22057] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 3355.349554][T22057] ? vma_compute_subtree_gap+0x158/0x230 [ 3355.365797][T22057] ? vma_gap_callbacks_rotate+0x62/0x80 [ 3355.381963][T22057] ? pmd_alloc+0x180/0x180 [ 3355.381983][T22057] ? validate_mm_rb+0xa3/0xc0 [ 3355.382001][T22057] ? __vma_link_rb+0x279/0x370 [ 3355.382027][T22057] copy_process.part.0+0x568b/0x7980 [ 3355.382076][T22057] ? __cleanup_sighand+0x60/0x60 [ 3355.391405][T22057] ? check_stack_object+0x114/0x160 [ 3355.493088][T22057] ? __sanitizer_cov_trace_switch+0x49/0x80 [ 3355.498983][T22057] _do_fork+0x257/0xfd0 [ 3355.503146][T22057] ? fork_idle+0x1d0/0x1d0 [ 3355.507557][T22057] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3355.513788][T22057] ? key_get_type_from_user.constprop.0+0xe4/0x110 [ 3355.520285][T22057] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3355.526507][T22057] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3355.531969][T22057] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3355.537421][T22057] ? do_syscall_64+0x26/0x610 [ 3355.542098][T22057] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3355.548161][T22057] ? do_syscall_64+0x26/0x610 [ 3355.552848][T22057] __x64_sys_clone+0xbf/0x150 [ 3355.557527][T22057] do_syscall_64+0x103/0x610 [ 3355.562121][T22057] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3355.568022][T22057] RIP: 0033:0x2000050a [ 3355.572088][T22057] Code: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 98 4a 2a e9 2c b8 b6 4c 0f 05 03 00 40 00 c4 a3 7b f0 c5 3c 41 e2 e9 c4 22 e9 aa bb 3c 00 00 [ 3355.591697][T22057] RSP: 002b:0000000000400003 EFLAGS: 00000212 ORIG_RAX: 0000000000000038 [ 3355.600140][T22057] RAX: ffffffffffffffda RBX: 0000000000000009 RCX: 000000002000050a [ 3355.608102][T22057] RDX: dfaf83e69c634c96 RSI: 0000000000400003 RDI: 00007f3680240608 [ 3355.616065][T22057] RBP: 0000000000000006 R08: 0000000000000005 R09: 0000000000000006 [ 3355.624040][T22057] R10: 0000000000000007 R11: 0000000000000212 R12: 000000000000000b [ 3355.632011][T22057] R13: 000000000000000c R14: 000000000000000d R15: 00000000ffffffff [ 3355.647709][T22057] memory: usage 307028kB, limit 307200kB, failcnt 20676 [ 3355.654879][T22057] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3355.662550][T22057] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3355.669475][T22057] Memory cgroup stats for /syz0: cache:228KB rss:27188KB rss_huge:0KB shmem:200KB mapped_file:0KB dirty:0KB writeback:132KB swap:0KB inactive_anon:104KB active_anon:27020KB inactive_file:0KB active_file:0KB unevictable:0KB [ 3355.691290][T22057] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=15810,uid=0 [ 3355.707071][T22057] Memory cgroup out of memory: Killed process 15810 (syz-executor.0) total-vm:72580kB, anon-rss:192kB, file-rss:35808kB, shmem-rss:0kB [ 3355.731388][T22059] syz-executor.0 invoked oom-killer: gfp_mask=0x40cc0(GFP_KERNEL|__GFP_COMP), order=1, oom_score_adj=1000 [ 3355.758830][T22059] CPU: 1 PID: 22059 Comm: syz-executor.0 Not tainted 5.1.0-rc7+ #97 [ 3355.766889][T22059] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3355.776980][T22059] Call Trace: [ 3355.780273][T22059] dump_stack+0x172/0x1f0 [ 3355.784602][T22059] dump_header+0x10f/0xb6c [ 3355.789028][T22059] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 3355.794994][T22059] ? ___ratelimit+0x60/0x595 [ 3355.799565][T22059] ? do_raw_spin_unlock+0x57/0x270 [ 3355.804667][T22059] oom_kill_process.cold+0x10/0x15 [ 3355.809789][T22059] out_of_memory+0x79a/0x1280 [ 3355.814494][T22059] ? oom_killer_disable+0x280/0x280 [ 3355.819695][T22059] ? find_held_lock+0x35/0x130 [ 3355.824455][T22059] mem_cgroup_out_of_memory+0x1ca/0x230 [ 3355.829986][T22059] ? memcg_event_wake+0x230/0x230 [ 3355.835018][T22059] ? do_raw_spin_unlock+0x57/0x270 [ 3355.840130][T22059] ? _raw_spin_unlock+0x2d/0x50 [ 3355.844989][T22059] try_charge+0xa87/0x15c0 [ 3355.849410][T22059] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 3355.854974][T22059] ? rcu_read_lock_sched_held+0x110/0x130 [ 3355.860691][T22059] ? __alloc_pages_nodemask+0x61d/0x8d0 [ 3355.866225][T22059] ? __lockdep_free_key_range+0x120/0x120 [ 3355.871965][T22059] __memcg_kmem_charge_memcg+0x7c/0x130 [ 3355.877514][T22059] ? memcg_kmem_put_cache+0xb0/0xb0 [ 3355.882693][T22059] ? cache_grow_begin+0x594/0x860 [ 3355.887703][T22059] ? lockdep_hardirqs_on+0x418/0x5d0 [ 3355.892990][T22059] ? trace_hardirqs_on+0x67/0x230 [ 3355.898052][T22059] cache_grow_begin+0x5c0/0x860 [ 3355.902897][T22059] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 3355.909129][T22059] ? __cpuset_node_allowed+0x136/0x540 [ 3355.914605][T22059] fallback_alloc+0x1fd/0x2d0 [ 3355.919293][T22059] ____cache_alloc_node+0x1be/0x1e0 [ 3355.924485][T22059] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 3355.930739][T22059] kmem_cache_alloc_node+0xe3/0x710 [ 3355.935934][T22059] ? lockdep_hardirqs_on+0x418/0x5d0 [ 3355.941218][T22059] ? trace_hardirqs_on+0x67/0x230 [ 3355.946233][T22059] copy_process.part.0+0x1d08/0x7980 [ 3355.951499][T22059] ? perf_trace_lock+0xeb/0x510 [ 3355.956344][T22059] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3355.962566][T22059] ? debug_smp_processor_id+0x3c/0x280 [ 3355.968009][T22059] ? __lockdep_free_key_range+0x120/0x120 [ 3355.973715][T22059] ? __might_fault+0x12b/0x1e0 [ 3355.978458][T22059] ? find_held_lock+0x35/0x130 [ 3355.983203][T22059] ? __might_fault+0x12b/0x1e0 [ 3355.987960][T22059] ? __cleanup_sighand+0x60/0x60 [ 3355.992903][T22059] ? check_stack_object+0x114/0x160 [ 3355.998105][T22059] ? __sanitizer_cov_trace_switch+0x49/0x80 [ 3356.003990][T22059] _do_fork+0x257/0xfd0 [ 3356.008131][T22059] ? fork_idle+0x1d0/0x1d0 [ 3356.012800][T22059] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3356.019037][T22059] ? key_get_type_from_user.constprop.0+0xe4/0x110 [ 3356.025520][T22059] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3356.031757][T22059] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3356.037213][T22059] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3356.042651][T22059] ? do_syscall_64+0x26/0x610 [ 3356.047307][T22059] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3356.053354][T22059] ? do_syscall_64+0x26/0x610 [ 3356.059261][T22059] __x64_sys_clone+0xbf/0x150 [ 3356.063924][T22059] do_syscall_64+0x103/0x610 [ 3356.068520][T22059] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3356.074396][T22059] RIP: 0033:0x2000050a [ 3356.078449][T22059] Code: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 98 4a 2a e9 2c b8 b6 4c 0f 05 03 00 40 00 c4 a3 7b f0 c5 3c 41 e2 e9 c4 22 e9 aa bb 3c 00 00 [ 3356.091828][ C0] net_ratelimit: 16 callbacks suppressed [ 3356.091837][ C0] protocol 88fb is buggy, dev hsr_slave_0 [ 3356.098054][T22059] RSP: 002b:0000000000400003 EFLAGS: 00000212 ORIG_RAX: 0000000000000038 [ 3356.103851][ C0] protocol 88fb is buggy, dev hsr_slave_1 [ 3356.109410][T22059] RAX: ffffffffffffffda RBX: 0000000000000009 RCX: 000000002000050a [ 3356.109425][T22059] RDX: dfaf83e69c634c96 RSI: 0000000000400003 RDI: 00007f3680240608 [ 3356.118025][ C0] protocol 88fb is buggy, dev hsr_slave_0 [ 3356.123537][T22059] RBP: 0000000000000006 R08: 0000000000000005 R09: 0000000000000006 [ 3356.123546][T22059] R10: 0000000000000007 R11: 0000000000000212 R12: 000000000000000b [ 3356.123554][T22059] R13: 000000000000000c R14: 000000000000000d R15: 00000000ffffffff [ 3356.139907][T22059] memory: usage 307036kB, limit 307200kB, failcnt 20704 [ 3356.140047][ C0] protocol 88fb is buggy, dev hsr_slave_1 [ 3356.145869][T22059] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3356.190694][T22059] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3356.197741][T22059] Memory cgroup stats for /syz0: cache:228KB rss:27036KB rss_huge:0KB shmem:200KB mapped_file:0KB dirty:0KB writeback:132KB swap:0KB inactive_anon:104KB active_anon:26884KB inactive_file:0KB active_file:0KB unevictable:0KB [ 3356.219895][T22059] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=10338,uid=0 [ 3356.235572][T22059] Memory cgroup out of memory: Killed process 10338 (syz-executor.0) total-vm:72976kB, anon-rss:200kB, file-rss:35792kB, shmem-rss:0kB [ 3356.261494][T21360] syz-executor.0 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 3356.287652][T21360] CPU: 1 PID: 21360 Comm: syz-executor.0 Not tainted 5.1.0-rc7+ #97 [ 3356.295673][T21360] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3356.305728][T21360] Call Trace: [ 3356.309012][T21360] dump_stack+0x172/0x1f0 [ 3356.313351][T21360] dump_header+0x10f/0xb6c [ 3356.317780][T21360] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 3356.323579][T21360] ? ___ratelimit+0x60/0x595 [ 3356.328165][T21360] ? do_raw_spin_unlock+0x57/0x270 [ 3356.333273][T21360] oom_kill_process.cold+0x10/0x15 [ 3356.338389][T21360] out_of_memory+0x79a/0x1280 [ 3356.343069][T21360] ? oom_killer_disable+0x280/0x280 [ 3356.348266][T21360] ? find_held_lock+0x35/0x130 [ 3356.353044][T21360] mem_cgroup_out_of_memory+0x1ca/0x230 [ 3356.358601][T21360] ? memcg_event_wake+0x230/0x230 [ 3356.363631][T21360] ? do_raw_spin_unlock+0x57/0x270 [ 3356.368729][T21360] ? _raw_spin_unlock+0x2d/0x50 [ 3356.373588][T21360] try_charge+0xa87/0x15c0 [ 3356.378012][T21360] ? find_held_lock+0x35/0x130 [ 3356.382787][T21360] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 3356.388335][T21360] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3356.394578][T21360] ? kasan_check_read+0x11/0x20 [ 3356.399444][T21360] ? get_mem_cgroup_from_mm+0x128/0x2b0 [ 3356.404978][T21360] mem_cgroup_try_charge+0x24d/0x5e0 [ 3356.410249][T21360] mem_cgroup_try_charge_delay+0x1f/0xa0 [ 3356.415882][T21360] wp_page_copy+0x408/0x1740 [ 3356.420466][T21360] ? find_held_lock+0x35/0x130 [ 3356.425216][T21360] ? pmd_pfn+0x1d0/0x1d0 [ 3356.429441][T21360] ? lock_downgrade+0x880/0x880 [ 3356.434284][T21360] ? swp_swapcount+0x540/0x540 [ 3356.439049][T21360] ? kasan_check_read+0x11/0x20 [ 3356.443897][T21360] ? do_raw_spin_unlock+0x57/0x270 [ 3356.448999][T21360] do_wp_page+0x48e/0x1500 [ 3356.453420][T21360] ? finish_mkwrite_fault+0x4f0/0x4f0 [ 3356.458797][T21360] __handle_mm_fault+0x22e8/0x3ec0 [ 3356.463900][T21360] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 3356.469430][T21360] ? find_held_lock+0x35/0x130 [ 3356.474191][T21360] ? handle_mm_fault+0x322/0xb30 [ 3356.479129][T21360] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3356.485357][T21360] ? kasan_check_read+0x11/0x20 [ 3356.490193][T21360] handle_mm_fault+0x43f/0xb30 [ 3356.494973][T21360] __do_page_fault+0x5ef/0xda0 [ 3356.499757][T21360] do_page_fault+0x71/0x581 [ 3356.504263][T21360] page_fault+0x1e/0x30 [ 3356.508415][T21360] RIP: 0010:__put_user_4+0x1c/0x30 [ 3356.513518][T21360] Code: 1f 00 c3 90 66 2e 0f 1f 84 00 00 00 00 00 65 48 8b 1c 25 00 ee 01 00 48 8b 9b 18 14 00 00 48 83 eb 03 48 39 d9 73 3c 0f 1f 00 <89> 01 31 c0 0f 1f 00 c3 66 90 66 2e 0f 1f 84 00 00 00 00 00 65 48 [ 3356.533152][T21360] RSP: 0018:ffff88820f9d7ed0 EFLAGS: 00010293 [ 3356.539220][T21360] RAX: 0000000000000000 RBX: 00007fffffffeffd RCX: 00007f3680240608 [ 3356.547204][T21360] RDX: 0000000000000000 RSI: ffffffff819ace93 RDI: 0000000000000286 [ 3356.555174][T21360] RBP: ffff88820f9d7f10 R08: ffff88802bedc580 R09: 0000000000000001 [ 3356.563145][T21360] R10: ffff88802bedce00 R11: ffff88802bedc580 R12: 0000000000000000 [ 3356.571103][T21360] R13: 00007f3680240608 R14: 0000000000400003 R15: 0000000000000000 [ 3356.579102][T21360] ? __might_fault+0x1a3/0x1e0 [ 3356.583867][T21360] ? __x64_sys_getresgid+0x1aa/0x290 [ 3356.589151][T21360] ? trace_hardirqs_on+0x67/0x230 [ 3356.594186][T21360] do_syscall_64+0x103/0x610 [ 3356.598887][T21360] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3356.604766][T21360] RIP: 0033:0x2000050a [ 3356.608816][T21360] Code: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 98 4a 2a e9 2c b8 b6 4c 0f 05 03 00 40 00 c4 a3 7b f0 c5 3c 41 e2 e9 c4 22 e9 aa bb 3c 00 00 [ 3356.628412][T21360] RSP: 002b:0000000000400003 EFLAGS: 00000217 ORIG_RAX: 0000000000000078 [ 3356.636821][T21360] RAX: ffffffffffffffda RBX: 0000000000000009 RCX: 000000002000050a [ 3356.644794][T21360] RDX: dfaf83e69c634c96 RSI: 0000000000400003 RDI: 00007f3680240608 [ 3356.652770][T21360] RBP: 00000000000000fa R08: 0000000000000005 R09: 0000000000000006 [ 3356.660757][T21360] R10: 0000000000000007 R11: 0000000000000217 R12: 000000000000000b [ 3356.668736][T21360] R13: 000000000000000c R14: 000000000000000d R15: 00000000ffffffff [ 3356.681660][T21360] memory: usage 307200kB, limit 307200kB, failcnt 20755 [ 3356.688622][T21360] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3356.701616][T21360] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3356.708495][T21360] Memory cgroup stats for /syz0: cache:228KB rss:26900KB rss_huge:0KB shmem:200KB mapped_file:0KB dirty:0KB writeback:132KB swap:0KB inactive_anon:104KB active_anon:26748KB inactive_file:0KB active_file:0KB unevictable:0KB [ 3356.730182][T21360] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=8492,uid=0 [ 3356.745726][T21360] Memory cgroup out of memory: Killed process 8492 (syz-executor.0) total-vm:72436kB, anon-rss:172kB, file-rss:35820kB, shmem-rss:0kB [ 3356.787027][T21424] syz-executor.0 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=0, oom_score_adj=1000 [ 3356.811352][T21424] CPU: 0 PID: 21424 Comm: syz-executor.0 Not tainted 5.1.0-rc7+ #97 [ 3356.819375][T21424] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3356.829442][T21424] Call Trace: [ 3356.832755][T21424] dump_stack+0x172/0x1f0 [ 3356.837109][T21424] dump_header+0x10f/0xb6c [ 3356.841553][T21424] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 3356.847367][T21424] ? ___ratelimit+0x60/0x595 [ 3356.851973][T21424] ? do_raw_spin_unlock+0x57/0x270 [ 3356.857098][T21424] oom_kill_process.cold+0x10/0x15 [ 3356.862220][T21424] out_of_memory+0x79a/0x1280 [ 3356.866912][T21424] ? oom_killer_disable+0x280/0x280 [ 3356.872123][T21424] ? find_held_lock+0x35/0x130 [ 3356.876905][T21424] mem_cgroup_out_of_memory+0x1ca/0x230 [ 3356.882462][T21424] ? memcg_event_wake+0x230/0x230 [ 3356.887509][T21424] ? do_raw_spin_unlock+0x57/0x270 [ 3356.892630][T21424] ? _raw_spin_unlock+0x2d/0x50 [ 3356.897497][T21424] try_charge+0xa87/0x15c0 [ 3356.901921][T21424] ? find_held_lock+0x35/0x130 [ 3356.906715][T21424] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 3356.912274][T21424] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 3356.917828][T21424] ? find_held_lock+0x35/0x130 [ 3356.922609][T21424] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 3356.928184][T21424] __memcg_kmem_charge_memcg+0x7c/0x130 [ 3356.933742][T21424] ? memcg_kmem_put_cache+0xb0/0xb0 [ 3356.938962][T21424] ? get_mem_cgroup_from_mm+0x128/0x2b0 [ 3356.944527][T21424] __memcg_kmem_charge+0x136/0x300 [ 3356.949655][T21424] __alloc_pages_nodemask+0x4bf/0x8d0 [ 3356.955046][T21424] ? __alloc_pages_slowpath+0x28b0/0x28b0 [ 3356.960794][T21424] ? copy_page_range+0x125a/0x1f90 [ 3356.965924][T21424] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 3356.972183][T21424] alloc_pages_current+0x107/0x210 [ 3356.977396][T21424] pte_alloc_one+0x1b/0x1a0 [ 3356.981909][T21424] __pte_alloc+0x20/0x310 [ 3356.986263][T21424] copy_page_range+0x1529/0x1f90 [ 3356.991205][T21424] ? perf_trace_lock+0xeb/0x510 [ 3356.996073][T21424] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3357.003893][T21424] ? pmd_alloc+0x180/0x180 [ 3357.008324][T21424] ? __rb_insert_augmented+0x231/0xdf0 [ 3357.013791][T21424] ? validate_mm_rb+0xa3/0xc0 [ 3357.019008][T21424] ? __vma_link_rb+0x279/0x370 [ 3357.023794][T21424] copy_process.part.0+0x568b/0x7980 [ 3357.029128][T21424] ? __cleanup_sighand+0x60/0x60 [ 3357.034085][T21424] ? check_stack_object+0x114/0x160 [ 3357.039292][T21424] ? __sanitizer_cov_trace_switch+0x49/0x80 [ 3357.045201][T21424] _do_fork+0x257/0xfd0 [ 3357.049370][T21424] ? fork_idle+0x1d0/0x1d0 [ 3357.053797][T21424] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3357.060047][T21424] ? key_get_type_from_user.constprop.0+0xe4/0x110 [ 3357.066560][T21424] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3357.072811][T21424] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3357.078279][T21424] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3357.083742][T21424] ? do_syscall_64+0x26/0x610 [ 3357.088424][T21424] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3357.094498][T21424] ? do_syscall_64+0x26/0x610 [ 3357.099187][T21424] __x64_sys_clone+0xbf/0x150 [ 3357.103877][T21424] do_syscall_64+0x103/0x610 [ 3357.108478][T21424] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3357.114371][T21424] RIP: 0033:0x2000050a [ 3357.118443][T21424] Code: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 98 4a 2a e9 2c b8 b6 4c 0f 05 03 00 40 00 c4 a3 7b f0 c5 3c 41 e2 e9 c4 22 e9 aa bb 3c 00 00 [ 3357.138055][T21424] RSP: 002b:0000000000400003 EFLAGS: 00000212 ORIG_RAX: 0000000000000038 [ 3357.146479][T21424] RAX: ffffffffffffffda RBX: 0000000000000009 RCX: 000000002000050a [ 3357.154465][T21424] RDX: dfaf83e69c634c96 RSI: 0000000000400003 RDI: 00007f3680240608 [ 3357.162446][T21424] RBP: 0000000000000006 R08: 0000000000000005 R09: 0000000000000006 [ 3357.170421][T21424] R10: 0000000000000007 R11: 0000000000000212 R12: 000000000000000b [ 3357.178404][T21424] R13: 000000000000000c R14: 000000000000000d R15: 00000000ffffffff [ 3357.187032][T21424] memory: usage 307200kB, limit 307200kB, failcnt 20778 [ 3357.194065][T21424] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3357.201530][T21424] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3357.208513][T21424] Memory cgroup stats for /syz0: cache:228KB rss:26752KB rss_huge:0KB shmem:200KB mapped_file:0KB dirty:0KB writeback:132KB swap:0KB inactive_anon:104KB active_anon:26624KB inactive_file:0KB active_file:0KB unevictable:0KB [ 3357.230272][T21424] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=18678,uid=0 [ 3357.231658][ C1] protocol 88fb is buggy, dev hsr_slave_0 [ 3357.245854][T21424] Memory cgroup out of memory: Killed process 18678 (syz-executor.0) total-vm:72580kB, anon-rss:188kB, file-rss:35796kB, shmem-rss:0kB [ 3357.248802][ T1043] oom_reaper: reaped process 18678 (syz-executor.0), now anon-rss:0kB, file-rss:34836kB, shmem-rss:0kB [ 3357.251788][ C1] protocol 88fb is buggy, dev hsr_slave_1 [ 3357.282992][ C1] protocol 88fb is buggy, dev hsr_slave_0 [ 3357.288894][ C1] protocol 88fb is buggy, dev hsr_slave_1 [ 3357.294887][ C1] protocol 88fb is buggy, dev hsr_slave_0 [ 3357.300775][ C1] protocol 88fb is buggy, dev hsr_slave_1 [ 3357.318439][T22058] syz-executor.0 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=0, oom_score_adj=1000 [ 3357.330752][T22058] CPU: 0 PID: 22058 Comm: syz-executor.0 Not tainted 5.1.0-rc7+ #97 [ 3357.338740][T22058] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3357.348800][T22058] Call Trace: [ 3357.352110][T22058] dump_stack+0x172/0x1f0 [ 3357.356455][T22058] dump_header+0x10f/0xb6c [ 3357.360883][T22058] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 3357.366721][T22058] ? ___ratelimit+0x60/0x595 [ 3357.371319][T22058] ? do_raw_spin_unlock+0x57/0x270 [ 3357.376444][T22058] oom_kill_process.cold+0x10/0x15 [ 3357.381569][T22058] out_of_memory+0x79a/0x1280 [ 3357.386268][T22058] ? lock_downgrade+0x880/0x880 [ 3357.391126][T22058] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3357.397379][T22058] ? oom_killer_disable+0x280/0x280 [ 3357.402580][T22058] ? find_held_lock+0x35/0x130 [ 3357.407361][T22058] mem_cgroup_out_of_memory+0x1ca/0x230 [ 3357.412913][T22058] ? memcg_event_wake+0x230/0x230 [ 3357.417968][T22058] ? do_raw_spin_unlock+0x57/0x270 [ 3357.423093][T22058] ? _raw_spin_unlock+0x2d/0x50 [ 3357.427960][T22058] try_charge+0xa87/0x15c0 [ 3357.432381][T22058] ? find_held_lock+0x35/0x130 [ 3357.437161][T22058] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 3357.442709][T22058] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 3357.448262][T22058] ? find_held_lock+0x35/0x130 [ 3357.453033][T22058] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 3357.458603][T22058] __memcg_kmem_charge_memcg+0x7c/0x130 [ 3357.464168][T22058] ? memcg_kmem_put_cache+0xb0/0xb0 [ 3357.469386][T22058] ? get_mem_cgroup_from_mm+0x128/0x2b0 [ 3357.474951][T22058] __memcg_kmem_charge+0x136/0x300 [ 3357.480077][T22058] __alloc_pages_nodemask+0x4bf/0x8d0 [ 3357.485462][T22058] ? __alloc_pages_slowpath+0x28b0/0x28b0 [ 3357.491201][T22058] ? copy_page_range+0x125a/0x1f90 [ 3357.496328][T22058] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 3357.502589][T22058] alloc_pages_current+0x107/0x210 [ 3357.507714][T22058] pte_alloc_one+0x1b/0x1a0 [ 3357.512223][T22058] __pte_alloc+0x20/0x310 [ 3357.516746][T22058] copy_page_range+0x1529/0x1f90 [ 3357.521782][T22058] ? perf_trace_lock+0xeb/0x510 [ 3357.526640][T22058] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3357.532917][T22058] ? pmd_alloc+0x180/0x180 [ 3357.537349][T22058] ? __rb_insert_augmented+0x231/0xdf0 [ 3357.542812][T22058] ? validate_mm_rb+0xa3/0xc0 [ 3357.547493][T22058] ? __vma_link_rb+0x279/0x370 [ 3357.552273][T22058] copy_process.part.0+0x568b/0x7980 [ 3357.557602][T22058] ? __cleanup_sighand+0x60/0x60 [ 3357.562561][T22058] ? check_stack_object+0x114/0x160 [ 3357.567766][T22058] ? __sanitizer_cov_trace_switch+0x49/0x80 [ 3357.573678][T22058] _do_fork+0x257/0xfd0 [ 3357.577845][T22058] ? fork_idle+0x1d0/0x1d0 [ 3357.582267][T22058] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3357.588514][T22058] ? key_get_type_from_user.constprop.0+0xe4/0x110 [ 3357.595027][T22058] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3357.601274][T22058] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3357.606737][T22058] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3357.612197][T22058] ? do_syscall_64+0x26/0x610 [ 3357.616875][T22058] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3357.622954][T22058] ? do_syscall_64+0x26/0x610 [ 3357.627648][T22058] __x64_sys_clone+0xbf/0x150 [ 3357.632338][T22058] do_syscall_64+0x103/0x610 [ 3357.636949][T22058] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3357.642839][T22058] RIP: 0033:0x2000050a [ 3357.646908][T22058] Code: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 98 4a 2a e9 2c b8 b6 4c 0f 05 03 00 40 00 c4 a3 7b f0 c5 3c 41 e2 e9 c4 22 e9 aa bb 3c 00 00 [ 3357.666528][T22058] RSP: 002b:0000000000400003 EFLAGS: 00000212 ORIG_RAX: 0000000000000038 [ 3357.674959][T22058] RAX: ffffffffffffffda RBX: 0000000000000009 RCX: 000000002000050a [ 3357.682949][T22058] RDX: dfaf83e69c634c96 RSI: 0000000000400003 RDI: 00007f3680240608 [ 3357.690928][T22058] RBP: 0000000000000006 R08: 0000000000000005 R09: 0000000000000006 [ 3357.698922][T22058] R10: 0000000000000007 R11: 0000000000000212 R12: 000000000000000b [ 3357.706911][T22058] R13: 000000000000000c R14: 000000000000000d R15: 00000000ffffffff [ 3357.715557][T22058] memory: usage 307028kB, limit 307200kB, failcnt 20844 [ 3357.722660][T22058] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3357.730126][T22058] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3357.737101][T22058] Memory cgroup stats for /syz0: cache:228KB rss:26616KB rss_huge:0KB shmem:200KB mapped_file:0KB dirty:0KB writeback:132KB swap:0KB inactive_anon:104KB active_anon:26492KB inactive_file:0KB active_file:0KB unevictable:0KB [ 3357.758713][T22058] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=11535,uid=0 [ 3357.774234][T22058] Memory cgroup out of memory: Killed process 11535 (syz-executor.0) total-vm:72712kB, anon-rss:188kB, file-rss:35796kB, shmem-rss:0kB [ 3357.799147][T21536] syz-executor.0 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=0, oom_score_adj=1000 [ 3357.824441][T21536] CPU: 0 PID: 21536 Comm: syz-executor.0 Not tainted 5.1.0-rc7+ #97 [ 3357.832465][T21536] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3357.842522][T21536] Call Trace: [ 3357.845822][T21536] dump_stack+0x172/0x1f0 [ 3357.850166][T21536] dump_header+0x10f/0xb6c [ 3357.854589][T21536] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 3357.860399][T21536] ? ___ratelimit+0x60/0x595 [ 3357.864996][T21536] ? do_raw_spin_unlock+0x57/0x270 [ 3357.870113][T21536] oom_kill_process.cold+0x10/0x15 [ 3357.875241][T21536] out_of_memory+0x79a/0x1280 [ 3357.879948][T21536] ? oom_killer_disable+0x280/0x280 [ 3357.885250][T21536] ? find_held_lock+0x35/0x130 [ 3357.890036][T21536] mem_cgroup_out_of_memory+0x1ca/0x230 [ 3357.895585][T21536] ? memcg_event_wake+0x230/0x230 [ 3357.900623][T21536] ? do_raw_spin_unlock+0x57/0x270 [ 3357.905738][T21536] ? _raw_spin_unlock+0x2d/0x50 [ 3357.910597][T21536] try_charge+0xa87/0x15c0 [ 3357.915018][T21536] ? find_held_lock+0x35/0x130 [ 3357.919798][T21536] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 3357.925353][T21536] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 3357.930912][T21536] ? find_held_lock+0x35/0x130 [ 3357.935690][T21536] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 3357.941288][T21536] __memcg_kmem_charge_memcg+0x7c/0x130 [ 3357.946847][T21536] ? memcg_kmem_put_cache+0xb0/0xb0 [ 3357.952055][T21536] ? get_mem_cgroup_from_mm+0x128/0x2b0 [ 3357.957618][T21536] __memcg_kmem_charge+0x136/0x300 [ 3357.962749][T21536] __alloc_pages_nodemask+0x4bf/0x8d0 [ 3357.968138][T21536] ? __alloc_pages_slowpath+0x28b0/0x28b0 [ 3357.973871][T21536] ? copy_page_range+0x125a/0x1f90 [ 3357.978996][T21536] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 3357.985272][T21536] alloc_pages_current+0x107/0x210 [ 3357.990400][T21536] pte_alloc_one+0x1b/0x1a0 [ 3357.994914][T21536] __pte_alloc+0x20/0x310 [ 3357.999268][T21536] copy_page_range+0x1529/0x1f90 [ 3358.004210][T21536] ? perf_trace_lock+0xeb/0x510 [ 3358.009073][T21536] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3358.015357][T21536] ? pmd_alloc+0x180/0x180 [ 3358.019781][T21536] ? __rb_insert_augmented+0x231/0xdf0 [ 3358.025250][T21536] ? validate_mm_rb+0xa3/0xc0 [ 3358.029933][T21536] ? __vma_link_rb+0x279/0x370 [ 3358.034717][T21536] copy_process.part.0+0x568b/0x7980 [ 3358.040317][T21536] ? __cleanup_sighand+0x60/0x60 [ 3358.045281][T21536] ? check_stack_object+0x114/0x160 [ 3358.050486][T21536] ? __sanitizer_cov_trace_switch+0x49/0x80 [ 3358.057031][T21536] _do_fork+0x257/0xfd0 [ 3358.062568][T21536] ? fork_idle+0x1d0/0x1d0 [ 3358.066992][T21536] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3358.073250][T21536] ? key_get_type_from_user.constprop.0+0xe4/0x110 [ 3358.079773][T21536] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3358.086030][T21536] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3358.091500][T21536] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3358.096975][T21536] ? do_syscall_64+0x26/0x610 [ 3358.101665][T21536] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3358.107746][T21536] ? do_syscall_64+0x26/0x610 [ 3358.112438][T21536] __x64_sys_clone+0xbf/0x150 [ 3358.117127][T21536] do_syscall_64+0x103/0x610 [ 3358.121729][T21536] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3358.127628][T21536] RIP: 0033:0x2000050a [ 3358.131700][T21536] Code: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 98 4a 2a e9 2c b8 b6 4c 0f 05 03 00 40 00 c4 a3 7b f0 c5 3c 41 e2 e9 c4 22 e9 aa bb 3c 00 00 [ 3358.151569][T21536] RSP: 002b:0000000000400003 EFLAGS: 00000212 ORIG_RAX: 0000000000000038 [ 3358.159997][T21536] RAX: ffffffffffffffda RBX: 0000000000000009 RCX: 000000002000050a [ 3358.167977][T21536] RDX: dfaf83e69c634c96 RSI: 0000000000400003 RDI: 00007f3680240608 [ 3358.175968][T21536] RBP: 0000000000000006 R08: 0000000000000005 R09: 0000000000000006 [ 3358.183957][T21536] R10: 0000000000000007 R11: 0000000000000212 R12: 000000000000000b [ 3358.192125][T21536] R13: 000000000000000c R14: 000000000000000d R15: 00000000ffffffff [ 3358.203237][T21536] memory: usage 307032kB, limit 307200kB, failcnt 20870 [ 3358.210212][T21536] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3358.217814][T21536] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3358.224726][T21536] Memory cgroup stats for /syz0: cache:228KB rss:26484KB rss_huge:0KB shmem:200KB mapped_file:0KB dirty:0KB writeback:132KB swap:0KB inactive_anon:104KB active_anon:26368KB inactive_file:0KB active_file:0KB unevictable:0KB [ 3358.246387][T21536] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=7167,uid=0 [ 3358.261968][T21536] Memory cgroup out of memory: Killed process 7167 (syz-executor.0) total-vm:72976kB, anon-rss:200kB, file-rss:35784kB, shmem-rss:0kB [ 3358.291235][T22060] syz-executor.0 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=0, oom_score_adj=1000 [ 3358.327587][T22060] CPU: 0 PID: 22060 Comm: syz-executor.0 Not tainted 5.1.0-rc7+ #97 [ 3358.335696][T22060] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3358.345738][T22060] Call Trace: [ 3358.349024][T22060] dump_stack+0x172/0x1f0 [ 3358.353353][T22060] dump_header+0x10f/0xb6c [ 3358.357762][T22060] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 3358.363639][T22060] ? ___ratelimit+0x60/0x595 [ 3358.368212][T22060] ? do_raw_spin_unlock+0x57/0x270 [ 3358.373316][T22060] oom_kill_process.cold+0x10/0x15 [ 3358.378431][T22060] out_of_memory+0x79a/0x1280 [ 3358.383107][T22060] ? oom_killer_disable+0x280/0x280 [ 3358.388294][T22060] ? find_held_lock+0x35/0x130 [ 3358.393058][T22060] mem_cgroup_out_of_memory+0x1ca/0x230 [ 3358.398619][T22060] ? memcg_event_wake+0x230/0x230 [ 3358.403632][T22060] ? do_raw_spin_unlock+0x57/0x270 [ 3358.408728][T22060] ? _raw_spin_unlock+0x2d/0x50 [ 3358.413570][T22060] try_charge+0xa87/0x15c0 [ 3358.417972][T22060] ? find_held_lock+0x35/0x130 [ 3358.422727][T22060] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 3358.428264][T22060] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 3358.433800][T22060] ? find_held_lock+0x35/0x130 [ 3358.438567][T22060] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 3358.444104][T22060] __memcg_kmem_charge_memcg+0x7c/0x130 [ 3358.449639][T22060] ? memcg_kmem_put_cache+0xb0/0xb0 [ 3358.454829][T22060] ? get_mem_cgroup_from_mm+0x128/0x2b0 [ 3358.460380][T22060] __memcg_kmem_charge+0x136/0x300 [ 3358.465515][T22060] __alloc_pages_nodemask+0x4bf/0x8d0 [ 3358.470879][T22060] ? __alloc_pages_slowpath+0x28b0/0x28b0 [ 3358.476592][T22060] ? save_stack+0xa9/0xd0 [ 3358.480913][T22060] ? kmem_cache_alloc+0x11a/0x6f0 [ 3358.486018][T22060] ? anon_vma_fork+0x1ea/0x4a0 [ 3358.490787][T22060] ? copy_process.part.0+0x350f/0x7980 [ 3358.496232][T22060] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3358.502491][T22060] ? debug_smp_processor_id+0x3c/0x280 [ 3358.507951][T22060] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 3358.514183][T22060] alloc_pages_current+0x107/0x210 [ 3358.519284][T22060] get_zeroed_page+0x14/0x50 [ 3358.523862][T22060] __pud_alloc+0x3b/0x250 [ 3358.528181][T22060] pud_alloc+0xde/0x150 [ 3358.532330][T22060] copy_page_range+0x375/0x1f90 [ 3358.537184][T22060] ? find_held_lock+0x35/0x130 [ 3358.541942][T22060] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 3358.547647][T22060] ? vma_compute_subtree_gap+0x158/0x230 [ 3358.553275][T22060] ? vma_gap_callbacks_rotate+0x62/0x80 [ 3358.558805][T22060] ? pmd_alloc+0x180/0x180 [ 3358.563206][T22060] ? validate_mm_rb+0xa3/0xc0 [ 3358.567867][T22060] ? __vma_link_rb+0x279/0x370 [ 3358.572623][T22060] copy_process.part.0+0x568b/0x7980 [ 3358.577914][T22060] ? __cleanup_sighand+0x60/0x60 [ 3358.582868][T22060] ? check_stack_object+0x114/0x160 [ 3358.588076][T22060] ? __sanitizer_cov_trace_switch+0x49/0x80 [ 3358.593967][T22060] _do_fork+0x257/0xfd0 [ 3358.598113][T22060] ? fork_idle+0x1d0/0x1d0 [ 3358.602513][T22060] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3358.608736][T22060] ? key_get_type_from_user.constprop.0+0xe4/0x110 [ 3358.615231][T22060] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3358.621471][T22060] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3358.626922][T22060] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3358.632385][T22060] ? do_syscall_64+0x26/0x610 [ 3358.637053][T22060] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3358.643103][T22060] ? do_syscall_64+0x26/0x610 [ 3358.647787][T22060] __x64_sys_clone+0xbf/0x150 [ 3358.652475][T22060] do_syscall_64+0x103/0x610 [ 3358.657055][T22060] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3358.662933][T22060] RIP: 0033:0x2000050a [ 3358.666994][T22060] Code: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 98 4a 2a e9 2c b8 b6 4c 0f 05 03 00 40 00 c4 a3 7b f0 c5 3c 41 e2 e9 c4 22 e9 aa bb 3c 00 00 [ 3358.686585][T22060] RSP: 002b:0000000000400003 EFLAGS: 00000212 ORIG_RAX: 0000000000000038 [ 3358.695002][T22060] RAX: ffffffffffffffda RBX: 0000000000000009 RCX: 000000002000050a [ 3358.702969][T22060] RDX: dfaf83e69c634c96 RSI: 0000000000400003 RDI: 00007f3680240608 [ 3358.710954][T22060] RBP: 0000000000000006 R08: 0000000000000005 R09: 0000000000000006 [ 3358.719030][T22060] R10: 0000000000000007 R11: 0000000000000212 R12: 000000000000000b [ 3358.726994][T22060] R13: 000000000000000c R14: 000000000000000d R15: 00000000ffffffff [ 3358.740732][T22060] memory: usage 307200kB, limit 307200kB, failcnt 20928 [ 3358.747778][T22060] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3358.755537][T22060] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3358.762760][T22060] Memory cgroup stats for /syz0: cache:228KB rss:26336KB rss_huge:0KB shmem:200KB mapped_file:0KB dirty:0KB writeback:132KB swap:0KB inactive_anon:104KB active_anon:26240KB inactive_file:0KB active_file:0KB unevictable:0KB [ 3358.784542][T22060] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=7631,uid=0 [ 3358.799982][T22060] Memory cgroup out of memory: Killed process 7631 (syz-executor.0) total-vm:72844kB, anon-rss:192kB, file-rss:35792kB, shmem-rss:0kB [ 3358.839089][T22066] syz-executor.0 invoked oom-killer: gfp_mask=0x40cc0(GFP_KERNEL|__GFP_COMP), order=1, oom_score_adj=1000 [ 3358.854842][T22066] CPU: 0 PID: 22066 Comm: syz-executor.0 Not tainted 5.1.0-rc7+ #97 [ 3358.862847][T22066] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3358.872911][T22066] Call Trace: [ 3358.876227][T22066] dump_stack+0x172/0x1f0 [ 3358.880574][T22066] dump_header+0x10f/0xb6c [ 3358.885003][T22066] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 3358.890823][T22066] ? ___ratelimit+0x60/0x595 [ 3358.895444][T22066] ? do_raw_spin_unlock+0x57/0x270 [ 3358.900573][T22066] oom_kill_process.cold+0x10/0x15 [ 3358.905700][T22066] out_of_memory+0x79a/0x1280 [ 3358.910400][T22066] ? oom_killer_disable+0x280/0x280 [ 3358.915604][T22066] ? find_held_lock+0x35/0x130 [ 3358.920398][T22066] mem_cgroup_out_of_memory+0x1ca/0x230 [ 3358.925995][T22066] ? memcg_event_wake+0x230/0x230 [ 3358.931138][T22066] ? do_raw_spin_unlock+0x57/0x270 [ 3358.936443][T22066] ? _raw_spin_unlock+0x2d/0x50 [ 3358.941299][T22066] try_charge+0xa87/0x15c0 [ 3358.945739][T22066] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 3358.951289][T22066] ? rcu_read_lock_sched_held+0x110/0x130 [ 3358.956996][T22066] ? __alloc_pages_nodemask+0x61d/0x8d0 [ 3358.962555][T22066] ? __lockdep_free_key_range+0x120/0x120 [ 3358.968296][T22066] __memcg_kmem_charge_memcg+0x7c/0x130 [ 3358.973860][T22066] ? memcg_kmem_put_cache+0xb0/0xb0 [ 3358.979044][T22066] ? cache_grow_begin+0x594/0x860 [ 3358.984069][T22066] ? lockdep_hardirqs_on+0x418/0x5d0 [ 3358.989364][T22066] ? trace_hardirqs_on+0x67/0x230 [ 3358.994391][T22066] cache_grow_begin+0x5c0/0x860 [ 3358.999232][T22066] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 3359.005998][T22066] ? __cpuset_node_allowed+0x136/0x540 [ 3359.011465][T22066] fallback_alloc+0x1fd/0x2d0 [ 3359.016133][T22066] ____cache_alloc_node+0x1be/0x1e0 [ 3359.021314][T22066] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 3359.027568][T22066] kmem_cache_alloc_node+0xe3/0x710 [ 3359.032767][T22066] ? lockdep_hardirqs_on+0x418/0x5d0 [ 3359.038042][T22066] ? trace_hardirqs_on+0x67/0x230 [ 3359.043081][T22066] copy_process.part.0+0x1d08/0x7980 [ 3359.048373][T22066] ? perf_trace_lock+0xeb/0x510 [ 3359.053217][T22066] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3359.059451][T22066] ? debug_smp_processor_id+0x3c/0x280 [ 3359.064913][T22066] ? __lockdep_free_key_range+0x120/0x120 [ 3359.070646][T22066] ? __might_fault+0x12b/0x1e0 [ 3359.075408][T22066] ? find_held_lock+0x35/0x130 [ 3359.080164][T22066] ? __might_fault+0x12b/0x1e0 [ 3359.084934][T22066] ? __cleanup_sighand+0x60/0x60 [ 3359.089883][T22066] ? check_stack_object+0x114/0x160 [ 3359.095153][T22066] ? __sanitizer_cov_trace_switch+0x49/0x80 [ 3359.101033][T22066] _do_fork+0x257/0xfd0 [ 3359.105201][T22066] ? fork_idle+0x1d0/0x1d0 [ 3359.109623][T22066] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3359.115854][T22066] ? key_get_type_from_user.constprop.0+0xe4/0x110 [ 3359.122356][T22066] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3359.128609][T22066] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3359.134065][T22066] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3359.139512][T22066] ? do_syscall_64+0x26/0x610 [ 3359.144188][T22066] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3359.150251][T22066] ? do_syscall_64+0x26/0x610 [ 3359.154915][T22066] __x64_sys_clone+0xbf/0x150 [ 3359.159598][T22066] do_syscall_64+0x103/0x610 [ 3359.164184][T22066] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3359.170070][T22066] RIP: 0033:0x2000050a [ 3359.174121][T22066] Code: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 98 4a 2a e9 2c b8 b6 4c 0f 05 03 00 40 00 c4 a3 7b f0 c5 3c 41 e2 e9 c4 22 e9 aa bb 3c 00 00 [ 3359.193710][T22066] RSP: 002b:0000000000400003 EFLAGS: 00000212 ORIG_RAX: 0000000000000038 [ 3359.202119][T22066] RAX: ffffffffffffffda RBX: 0000000000000009 RCX: 000000002000050a [ 3359.210102][T22066] RDX: dfaf83e69c634c96 RSI: 0000000000400003 RDI: 00007f3680240608 [ 3359.218073][T22066] RBP: 0000000000000006 R08: 0000000000000005 R09: 0000000000000006 [ 3359.226028][T22066] R10: 0000000000000007 R11: 0000000000000212 R12: 000000000000000b [ 3359.233980][T22066] R13: 000000000000000c R14: 000000000000000d R15: 00000000ffffffff [ 3359.242518][T22066] memory: usage 307196kB, limit 307200kB, failcnt 20968 [ 3359.249497][T22066] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3359.257077][T22066] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3359.264093][T22066] Memory cgroup stats for /syz0: cache:228KB rss:26200KB rss_huge:0KB shmem:200KB mapped_file:0KB dirty:0KB writeback:132KB swap:0KB inactive_anon:104KB active_anon:26128KB inactive_file:0KB active_file:0KB unevictable:0KB [ 3359.285746][T22066] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=7997,uid=0 [ 3359.301232][T22066] Memory cgroup out of memory: Killed process 7997 (syz-executor.0) total-vm:72976kB, anon-rss:200kB, file-rss:35784kB, shmem-rss:0kB [ 3359.336460][T22066] syz-executor.0 invoked oom-killer: gfp_mask=0x40cc0(GFP_KERNEL|__GFP_COMP), order=0, oom_score_adj=1000 [ 3359.347918][T22066] CPU: 0 PID: 22066 Comm: syz-executor.0 Not tainted 5.1.0-rc7+ #97 [ 3359.355910][T22066] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3359.365974][T22066] Call Trace: [ 3359.369283][T22066] dump_stack+0x172/0x1f0 [ 3359.373624][T22066] dump_header+0x10f/0xb6c [ 3359.378043][T22066] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 3359.383851][T22066] ? ___ratelimit+0x60/0x595 [ 3359.388444][T22066] ? do_raw_spin_unlock+0x57/0x270 [ 3359.393566][T22066] oom_kill_process.cold+0x10/0x15 [ 3359.398691][T22066] out_of_memory+0x79a/0x1280 [ 3359.403371][T22066] ? lock_downgrade+0x880/0x880 [ 3359.408222][T22066] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3359.414467][T22066] ? oom_killer_disable+0x280/0x280 [ 3359.419667][T22066] ? find_held_lock+0x35/0x130 [ 3359.424448][T22066] mem_cgroup_out_of_memory+0x1ca/0x230 [ 3359.429993][T22066] ? memcg_event_wake+0x230/0x230 [ 3359.435112][T22066] ? do_raw_spin_unlock+0x57/0x270 [ 3359.440227][T22066] ? _raw_spin_unlock+0x2d/0x50 [ 3359.445084][T22066] try_charge+0xa87/0x15c0 [ 3359.449498][T22066] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 3359.455738][T22066] ? should_fail+0x1de/0x852 [ 3359.460430][T22066] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 3359.465989][T22066] ? rcu_read_lock_sched_held+0x110/0x130 [ 3359.471710][T22066] ? __alloc_pages_nodemask+0x61d/0x8d0 [ 3359.477259][T22066] ? __lockdep_free_key_range+0x120/0x120 [ 3359.482994][T22066] __memcg_kmem_charge_memcg+0x7c/0x130 [ 3359.488540][T22066] ? memcg_kmem_put_cache+0xb0/0xb0 [ 3359.493738][T22066] ? cache_grow_begin+0x594/0x860 [ 3359.498763][T22066] ? lockdep_hardirqs_on+0x418/0x5d0 [ 3359.504048][T22066] ? trace_hardirqs_on+0x67/0x230 [ 3359.509080][T22066] cache_grow_begin+0x5c0/0x860 [ 3359.513944][T22066] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 3359.520187][T22066] ? __cpuset_node_allowed+0x136/0x540 [ 3359.525650][T22066] fallback_alloc+0x1fd/0x2d0 [ 3359.530335][T22066] ____cache_alloc_node+0x1be/0x1e0 [ 3359.535532][T22066] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 3359.541779][T22066] kmem_cache_alloc+0x1e8/0x6f0 [ 3359.546639][T22066] anon_vma_clone+0x238/0x480 [ 3359.551326][T22066] anon_vma_fork+0x8f/0x4a0 [ 3359.555832][T22066] ? dup_userfaultfd+0x15e/0x6d0 [ 3359.560768][T22066] ? memcpy+0x46/0x50 [ 3359.564760][T22066] copy_process.part.0+0x350f/0x7980 [ 3359.570089][T22066] ? __cleanup_sighand+0x60/0x60 [ 3359.575040][T22066] ? check_stack_object+0x114/0x160 [ 3359.580238][T22066] ? __sanitizer_cov_trace_switch+0x49/0x80 [ 3359.586146][T22066] _do_fork+0x257/0xfd0 [ 3359.590315][T22066] ? fork_idle+0x1d0/0x1d0 [ 3359.594735][T22066] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3359.600980][T22066] ? key_get_type_from_user.constprop.0+0xe4/0x110 [ 3359.607487][T22066] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3359.613733][T22066] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3359.619197][T22066] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3359.624657][T22066] ? do_syscall_64+0x26/0x610 [ 3359.629332][T22066] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3359.635406][T22066] ? do_syscall_64+0x26/0x610 [ 3359.640095][T22066] __x64_sys_clone+0xbf/0x150 [ 3359.644784][T22066] do_syscall_64+0x103/0x610 [ 3359.649383][T22066] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3359.655275][T22066] RIP: 0033:0x2000050a [ 3359.659345][T22066] Code: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 98 4a 2a e9 2c b8 b6 4c 0f 05 03 00 40 00 c4 a3 7b f0 c5 3c 41 e2 e9 c4 22 e9 aa bb 3c 00 00 [ 3359.678965][T22066] RSP: 002b:0000000000400003 EFLAGS: 00000212 ORIG_RAX: 0000000000000038 [ 3359.687412][T22066] RAX: ffffffffffffffda RBX: 0000000000000009 RCX: 000000002000050a [ 3359.695398][T22066] RDX: dfaf83e69c634c96 RSI: 0000000000400003 RDI: 00007f3680240608 [ 3359.703381][T22066] RBP: 0000000000000006 R08: 0000000000000005 R09: 0000000000000006 [ 3359.711362][T22066] R10: 0000000000000007 R11: 0000000000000212 R12: 000000000000000b [ 3359.719346][T22066] R13: 000000000000000c R14: 000000000000000d R15: 00000000ffffffff [ 3359.727903][T22066] memory: usage 307032kB, limit 307200kB, failcnt 20995 [ 3359.735033][T22066] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3359.742615][T22066] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3359.749462][T22066] Memory cgroup stats for /syz0: cache:228KB rss:26064KB rss_huge:0KB shmem:200KB mapped_file:0KB dirty:0KB writeback:132KB swap:0KB inactive_anon:104KB active_anon:25992KB inactive_file:0KB active_file:0KB unevictable:0KB [ 3359.771062][T22066] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=9762,uid=0 [ 3359.786743][T22066] Memory cgroup out of memory: Killed process 9762 (syz-executor.0) total-vm:72844kB, anon-rss:192kB, file-rss:35792kB, shmem-rss:0kB [ 3359.827536][T22067] syz-executor.0 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=0, oom_score_adj=1000 [ 3359.849586][T22067] CPU: 0 PID: 22067 Comm: syz-executor.0 Not tainted 5.1.0-rc7+ #97 [ 3359.857591][T22067] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3359.867658][T22067] Call Trace: [ 3359.870943][T22067] dump_stack+0x172/0x1f0 [ 3359.875264][T22067] dump_header+0x10f/0xb6c [ 3359.879663][T22067] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 3359.885449][T22067] ? ___ratelimit+0x60/0x595 [ 3359.890024][T22067] ? do_raw_spin_unlock+0x57/0x270 [ 3359.895132][T22067] oom_kill_process.cold+0x10/0x15 [ 3359.900229][T22067] out_of_memory+0x79a/0x1280 [ 3359.904894][T22067] ? oom_killer_disable+0x280/0x280 [ 3359.910074][T22067] ? find_held_lock+0x35/0x130 [ 3359.914829][T22067] mem_cgroup_out_of_memory+0x1ca/0x230 [ 3359.920368][T22067] ? memcg_event_wake+0x230/0x230 [ 3359.925392][T22067] ? do_raw_spin_unlock+0x57/0x270 [ 3359.930493][T22067] ? _raw_spin_unlock+0x2d/0x50 [ 3359.935364][T22067] try_charge+0xa87/0x15c0 [ 3359.939781][T22067] ? find_held_lock+0x35/0x130 [ 3359.944534][T22067] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 3359.950057][T22067] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 3359.955586][T22067] ? find_held_lock+0x35/0x130 [ 3359.960342][T22067] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 3359.965891][T22067] __memcg_kmem_charge_memcg+0x7c/0x130 [ 3359.971429][T22067] ? memcg_kmem_put_cache+0xb0/0xb0 [ 3359.976619][T22067] ? get_mem_cgroup_from_mm+0x128/0x2b0 [ 3359.982149][T22067] __memcg_kmem_charge+0x136/0x300 [ 3359.987250][T22067] __alloc_pages_nodemask+0x4bf/0x8d0 [ 3359.992610][T22067] ? __alloc_pages_slowpath+0x28b0/0x28b0 [ 3359.998321][T22067] ? is_dynamic_key+0x1c0/0x1c0 [ 3360.003168][T22067] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 3360.009397][T22067] alloc_pages_current+0x107/0x210 [ 3360.014509][T22067] pte_alloc_one+0x1b/0x1a0 [ 3360.018997][T22067] __handle_mm_fault+0x3491/0x3ec0 [ 3360.024095][T22067] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 3360.029647][T22067] ? find_held_lock+0x35/0x130 [ 3360.034418][T22067] ? handle_mm_fault+0x322/0xb30 [ 3360.039365][T22067] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3360.045607][T22067] ? kasan_check_read+0x11/0x20 [ 3360.050450][T22067] handle_mm_fault+0x43f/0xb30 [ 3360.055218][T22067] __do_page_fault+0x5ef/0xda0 [ 3360.061131][T22067] do_page_fault+0x71/0x581 [ 3360.065634][T22067] page_fault+0x1e/0x30 [ 3360.069772][T22067] RIP: 0010:strncpy_from_user+0x1e1/0x380 [ 3360.075472][T22067] Code: 48 83 eb 08 bf 07 00 00 00 49 83 c4 08 48 89 de e8 54 fb 2d fe 48 83 fb 07 0f 86 17 01 00 00 e8 a5 f9 2d fe 48 8b 45 d0 31 f6 <4e> 8b 3c 20 31 ff 89 75 cc e8 11 fb 2d fe 8b 75 cc 85 f6 0f 84 5a [ 3360.095063][T22067] RSP: 0018:ffff88801a8b7cb0 EFLAGS: 00010246 [ 3360.101131][T22067] RAX: 0000000000400003 RBX: 0000000000000fe0 RCX: ffffffff83429272 [ 3360.109090][T22067] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000007 [ 3360.117066][T22067] RBP: ffff88801a8b7ce8 R08: ffff88801a8a8700 R09: ffff8880aa594dc0 [ 3360.125022][T22067] R10: 000000000000001c R11: ffff88805bde3dbf R12: 0000000000000000 [ 3360.132973][T22067] R13: ffff88805bde2de0 R14: 0000000000000fe0 R15: 00007ffffffff000 [ 3360.141238][T22067] ? strncpy_from_user+0x142/0x380 [ 3360.146378][T22067] getname_flags+0x11b/0x5b0 [ 3360.150969][T22067] do_renameat2+0x199/0xc40 [ 3360.155463][T22067] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3360.161690][T22067] ? debug_smp_processor_id+0x3c/0x280 [ 3360.167145][T22067] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 3360.172847][T22067] ? user_path_create+0x50/0x50 [ 3360.177681][T22067] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3360.183905][T22067] ? security_capable+0x9b/0xd0 [ 3360.188739][T22067] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3360.194972][T22067] ? ns_capable_common+0x93/0x100 [ 3360.199984][T22067] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3360.205431][T22067] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3360.210875][T22067] ? do_syscall_64+0x26/0x610 [ 3360.215553][T22067] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3360.221618][T22067] ? do_syscall_64+0x26/0x610 [ 3360.226287][T22067] __x64_sys_renameat+0x9a/0x100 [ 3360.231211][T22067] do_syscall_64+0x103/0x610 [ 3360.235788][T22067] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3360.241771][T22067] RIP: 0033:0x2000050a [ 3360.245822][T22067] Code: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 98 4a 2a e9 2c b8 b6 4c 0f 05 03 00 40 00 c4 a3 7b f0 c5 3c 41 e2 e9 c4 22 e9 aa bb 3c 00 00 [ 3360.265500][T22067] RSP: 002b:0000000000400003 EFLAGS: 00000212 ORIG_RAX: 0000000000000108 [ 3360.273898][T22067] RAX: ffffffffffffffda RBX: 0000000000000009 RCX: 000000002000050a [ 3360.281860][T22067] RDX: dfaf83e69c634c96 RSI: 0000000000400003 RDI: 00007f3680240608 [ 3360.289820][T22067] RBP: 0000000000000013 R08: 0000000000000005 R09: 0000000000000006 [ 3360.297783][T22067] R10: 0000000000000007 R11: 0000000000000212 R12: 000000000000000b [ 3360.305760][T22067] R13: 000000000000000c R14: 000000000000000d R15: 00000000ffffffff [ 3360.314702][T22067] memory: usage 307200kB, limit 307200kB, failcnt 21065 [ 3360.323001][T22067] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3360.330661][T22067] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3360.337840][T22067] Memory cgroup stats for /syz0: cache:228KB rss:25924KB rss_huge:0KB shmem:200KB mapped_file:0KB dirty:0KB writeback:132KB swap:0KB inactive_anon:104KB active_anon:25864KB inactive_file:0KB active_file:0KB unevictable:0KB [ 3360.359722][T22067] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=710,uid=0 [ 3360.375233][T22067] Memory cgroup out of memory: Killed process 710 (syz-executor.0) total-vm:72976kB, anon-rss:200kB, file-rss:35780kB, shmem-rss:0kB [ 3360.406750][T22065] syz-executor.0 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 3360.417182][T22065] CPU: 0 PID: 22065 Comm: syz-executor.0 Not tainted 5.1.0-rc7+ #97 [ 3360.425178][T22065] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3360.435240][T22065] Call Trace: [ 3360.438555][T22065] dump_stack+0x172/0x1f0 [ 3360.442898][T22065] dump_header+0x10f/0xb6c [ 3360.447323][T22065] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 3360.453133][T22065] ? ___ratelimit+0x60/0x595 [ 3360.457739][T22065] ? do_raw_spin_unlock+0x57/0x270 [ 3360.462867][T22065] oom_kill_process.cold+0x10/0x15 [ 3360.467994][T22065] out_of_memory+0x79a/0x1280 [ 3360.472690][T22065] ? oom_killer_disable+0x280/0x280 [ 3360.477885][T22065] ? find_held_lock+0x35/0x130 [ 3360.483191][T22065] mem_cgroup_out_of_memory+0x1ca/0x230 [ 3360.488740][T22065] ? memcg_event_wake+0x230/0x230 [ 3360.493770][T22065] ? do_raw_spin_unlock+0x57/0x270 [ 3360.498886][T22065] ? _raw_spin_unlock+0x2d/0x50 [ 3360.503744][T22065] try_charge+0xa87/0x15c0 [ 3360.508170][T22065] ? find_held_lock+0x35/0x130 [ 3360.512957][T22065] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 3360.518514][T22065] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3360.524767][T22065] ? kasan_check_read+0x11/0x20 [ 3360.529633][T22065] ? get_mem_cgroup_from_mm+0x128/0x2b0 [ 3360.535196][T22065] mem_cgroup_try_charge+0x24d/0x5e0 [ 3360.540498][T22065] mem_cgroup_try_charge_delay+0x1f/0xa0 [ 3360.546139][T22065] wp_page_copy+0x408/0x1740 [ 3360.550728][T22065] ? find_held_lock+0x35/0x130 [ 3360.555504][T22065] ? pmd_pfn+0x1d0/0x1d0 [ 3360.559751][T22065] ? lock_downgrade+0x880/0x880 [ 3360.564604][T22065] ? swp_swapcount+0x540/0x540 [ 3360.569374][T22065] ? kasan_check_read+0x11/0x20 [ 3360.574228][T22065] ? do_raw_spin_unlock+0x57/0x270 [ 3360.579350][T22065] do_wp_page+0x48e/0x1500 [ 3360.583778][T22065] ? finish_mkwrite_fault+0x4f0/0x4f0 [ 3360.589163][T22065] __handle_mm_fault+0x22e8/0x3ec0 [ 3360.594292][T22065] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 3360.599838][T22065] ? find_held_lock+0x35/0x130 [ 3360.604614][T22065] ? handle_mm_fault+0x322/0xb30 [ 3360.609565][T22065] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3360.615840][T22065] ? kasan_check_read+0x11/0x20 [ 3360.620880][T22065] handle_mm_fault+0x43f/0xb30 [ 3360.625749][T22065] __do_page_fault+0x5ef/0xda0 [ 3360.630523][T22065] do_page_fault+0x71/0x581 [ 3360.635033][T22065] page_fault+0x1e/0x30 [ 3360.639191][T22065] RIP: 0010:__put_user_4+0x1c/0x30 [ 3360.644303][T22065] Code: 1f 00 c3 90 66 2e 0f 1f 84 00 00 00 00 00 65 48 8b 1c 25 00 ee 01 00 48 8b 9b 18 14 00 00 48 83 eb 03 48 39 d9 73 3c 0f 1f 00 <89> 01 31 c0 0f 1f 00 c3 66 90 66 2e 0f 1f 84 00 00 00 00 00 65 48 [ 3360.663915][T22065] RSP: 0018:ffff88801a977ed0 EFLAGS: 00010293 [ 3360.669993][T22065] RAX: 0000000000000000 RBX: 00007fffffffeffd RCX: 00007f3680240608 [ 3360.677971][T22065] RDX: 0000000000000000 RSI: ffffffff819ace93 RDI: 0000000000000286 [ 3360.685949][T22065] RBP: ffff88801a977f10 R08: ffff888050fce100 R09: 0000000000000001 [ 3360.693920][T22065] R10: ffff888050fce980 R11: ffff888050fce100 R12: 0000000000000000 [ 3360.701899][T22065] R13: 00007f3680240608 R14: 0000000000400003 R15: 0000000000000000 [ 3360.709904][T22065] ? __might_fault+0x1a3/0x1e0 [ 3360.714686][T22065] ? __x64_sys_getresgid+0x1aa/0x290 [ 3360.719980][T22065] ? trace_hardirqs_on+0x67/0x230 [ 3360.725017][T22065] do_syscall_64+0x103/0x610 [ 3360.729616][T22065] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3360.735519][T22065] RIP: 0033:0x2000050a [ 3360.739678][T22065] Code: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 98 4a 2a e9 2c b8 b6 4c 0f 05 03 00 40 00 c4 a3 7b f0 c5 3c 41 e2 e9 c4 22 e9 aa bb 3c 00 00 [ 3360.759290][T22065] RSP: 002b:0000000000400003 EFLAGS: 00000217 ORIG_RAX: 0000000000000078 [ 3360.767712][T22065] RAX: ffffffffffffffda RBX: 0000000000000009 RCX: 000000002000050a [ 3360.775690][T22065] RDX: dfaf83e69c634c96 RSI: 0000000000400003 RDI: 00007f3680240608 [ 3360.783747][T22065] RBP: 00000000000000fa R08: 0000000000000005 R09: 0000000000000006 [ 3360.791720][T22065] R10: 0000000000000007 R11: 0000000000000217 R12: 000000000000000b [ 3360.799696][T22065] R13: 000000000000000c R14: 000000000000000d R15: 00000000ffffffff [ 3360.813633][T22065] memory: usage 307200kB, limit 307200kB, failcnt 21098 [ 3360.820728][T22065] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3360.828587][T22065] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3360.835600][T22065] Memory cgroup stats for /syz0: cache:228KB rss:25788KB rss_huge:0KB shmem:200KB mapped_file:0KB dirty:0KB writeback:132KB swap:0KB inactive_anon:104KB active_anon:25728KB inactive_file:0KB active_file:0KB unevictable:0KB [ 3360.857374][T22065] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=6692,uid=0 [ 3360.873032][T22065] Memory cgroup out of memory: Killed process 6692 (syz-executor.0) total-vm:72844kB, anon-rss:192kB, file-rss:35788kB, shmem-rss:0kB [ 3360.897611][T21423] syz-executor.0 invoked oom-killer: gfp_mask=0x40cc0(GFP_KERNEL|__GFP_COMP), order=1, oom_score_adj=1000 [ 3360.911505][T21423] CPU: 0 PID: 21423 Comm: syz-executor.0 Not tainted 5.1.0-rc7+ #97 [ 3360.919517][T21423] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3360.929585][T21423] Call Trace: [ 3360.932893][T21423] dump_stack+0x172/0x1f0 [ 3360.937234][T21423] dump_header+0x10f/0xb6c [ 3360.941661][T21423] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 3360.947467][T21423] ? ___ratelimit+0x60/0x595 [ 3360.952058][T21423] ? do_raw_spin_unlock+0x57/0x270 [ 3360.957177][T21423] oom_kill_process.cold+0x10/0x15 [ 3360.962296][T21423] out_of_memory+0x79a/0x1280 [ 3360.966986][T21423] ? oom_killer_disable+0x280/0x280 [ 3360.972188][T21423] ? find_held_lock+0x35/0x130 [ 3360.976974][T21423] mem_cgroup_out_of_memory+0x1ca/0x230 [ 3360.982527][T21423] ? memcg_event_wake+0x230/0x230 [ 3360.987568][T21423] ? do_raw_spin_unlock+0x57/0x270 [ 3360.992684][T21423] ? _raw_spin_unlock+0x2d/0x50 [ 3360.997543][T21423] try_charge+0xa87/0x15c0 [ 3361.003498][T21423] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 3361.009057][T21423] ? rcu_read_lock_sched_held+0x110/0x130 [ 3361.014778][T21423] ? __alloc_pages_nodemask+0x61d/0x8d0 [ 3361.020322][T21423] ? __lockdep_free_key_range+0x120/0x120 [ 3361.026056][T21423] __memcg_kmem_charge_memcg+0x7c/0x130 [ 3361.031603][T21423] ? memcg_kmem_put_cache+0xb0/0xb0 [ 3361.036812][T21423] ? cache_grow_begin+0x594/0x860 [ 3361.041843][T21423] ? lockdep_hardirqs_on+0x418/0x5d0 [ 3361.047132][T21423] ? trace_hardirqs_on+0x67/0x230 [ 3361.052169][T21423] cache_grow_begin+0x5c0/0x860 [ 3361.057029][T21423] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 3361.063274][T21423] ? __cpuset_node_allowed+0x136/0x540 [ 3361.068743][T21423] fallback_alloc+0x1fd/0x2d0 [ 3361.073436][T21423] ____cache_alloc_node+0x1be/0x1e0 [ 3361.078635][T21423] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 3361.084886][T21423] kmem_cache_alloc_node+0xe3/0x710 [ 3361.090113][T21423] ? lockdep_hardirqs_on+0x418/0x5d0 [ 3361.095412][T21423] ? trace_hardirqs_on+0x67/0x230 [ 3361.100454][T21423] copy_process.part.0+0x1d08/0x7980 [ 3361.105743][T21423] ? perf_trace_lock+0xeb/0x510 [ 3361.110593][T21423] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3361.116841][T21423] ? debug_smp_processor_id+0x3c/0x280 [ 3361.122309][T21423] ? __lockdep_free_key_range+0x120/0x120 [ 3361.128037][T21423] ? __might_fault+0x12b/0x1e0 [ 3361.132804][T21423] ? find_held_lock+0x35/0x130 [ 3361.137568][T21423] ? __might_fault+0x12b/0x1e0 [ 3361.142346][T21423] ? __cleanup_sighand+0x60/0x60 [ 3361.147300][T21423] ? check_stack_object+0x114/0x160 [ 3361.152499][T21423] ? __sanitizer_cov_trace_switch+0x49/0x80 [ 3361.158399][T21423] _do_fork+0x257/0xfd0 [ 3361.162566][T21423] ? fork_idle+0x1d0/0x1d0 [ 3361.166986][T21423] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3361.173317][T21423] ? key_get_type_from_user.constprop.0+0xe4/0x110 [ 3361.179826][T21423] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3361.186067][T21423] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3361.191530][T21423] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3361.196993][T21423] ? do_syscall_64+0x26/0x610 [ 3361.201669][T21423] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3361.207736][T21423] ? do_syscall_64+0x26/0x610 [ 3361.212417][T21423] __x64_sys_clone+0xbf/0x150 [ 3361.217096][T21423] do_syscall_64+0x103/0x610 [ 3361.221696][T21423] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3361.227586][T21423] RIP: 0033:0x2000050a [ 3361.231652][T21423] Code: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 98 4a 2a e9 2c b8 b6 4c 0f 05 03 00 40 00 c4 a3 7b f0 c5 3c 41 e2 e9 c4 22 e9 aa bb 3c 00 00 [ 3361.251277][T21423] RSP: 002b:0000000000400003 EFLAGS: 00000212 ORIG_RAX: 0000000000000038 [ 3361.259688][T21423] RAX: ffffffffffffffda RBX: 0000000000000009 RCX: 000000002000050a [ 3361.267657][T21423] RDX: dfaf83e69c634c96 RSI: 0000000000400003 RDI: 00007f3680240608 [ 3361.275627][T21423] RBP: 0000000000000006 R08: 0000000000000005 R09: 0000000000000006 [ 3361.283595][T21423] R10: 0000000000000007 R11: 0000000000000212 R12: 000000000000000b [ 3361.291562][T21423] R13: 000000000000000c R14: 000000000000000d R15: 00000000ffffffff [ 3361.308603][T21423] memory: usage 307200kB, limit 307200kB, failcnt 21137 [ 3361.315624][T21423] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3361.327284][T21423] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3361.334272][T21423] Memory cgroup stats for /syz0: cache:228KB rss:25656KB rss_huge:0KB shmem:200KB mapped_file:0KB dirty:0KB writeback:132KB swap:0KB inactive_anon:104KB active_anon:25608KB inactive_file:0KB active_file:0KB unevictable:0KB [ 3361.356115][T21423] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=9406,uid=0 [ 3361.371670][ C1] net_ratelimit: 14 callbacks suppressed [ 3361.371678][ C1] protocol 88fb is buggy, dev hsr_slave_0 [ 3361.371859][T21423] Memory cgroup out of memory: Killed process 9406 (syz-executor.0) total-vm:72976kB, anon-rss:200kB, file-rss:35780kB, shmem-rss:0kB [ 3361.377569][ C1] protocol 88fb is buggy, dev hsr_slave_1 [ 3361.420917][T22062] syz-executor.0 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=0, oom_score_adj=1000 [ 3361.434445][T22062] CPU: 1 PID: 22062 Comm: syz-executor.0 Not tainted 5.1.0-rc7+ #97 [ 3361.442440][T22062] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3361.452503][T22062] Call Trace: [ 3361.455790][T22062] dump_stack+0x172/0x1f0 [ 3361.460132][T22062] dump_header+0x10f/0xb6c [ 3361.464543][T22062] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 3361.470341][T22062] ? ___ratelimit+0x60/0x595 [ 3361.474913][T22062] ? do_raw_spin_unlock+0x57/0x270 [ 3361.480021][T22062] oom_kill_process.cold+0x10/0x15 [ 3361.485136][T22062] out_of_memory+0x79a/0x1280 [ 3361.489817][T22062] ? oom_killer_disable+0x280/0x280 [ 3361.494999][T22062] ? find_held_lock+0x35/0x130 [ 3361.499758][T22062] mem_cgroup_out_of_memory+0x1ca/0x230 [ 3361.505307][T22062] ? memcg_event_wake+0x230/0x230 [ 3361.510616][T22062] ? do_raw_spin_unlock+0x57/0x270 [ 3361.515734][T22062] ? _raw_spin_unlock+0x2d/0x50 [ 3361.520578][T22062] try_charge+0xa87/0x15c0 [ 3361.524990][T22062] ? find_held_lock+0x35/0x130 [ 3361.529764][T22062] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 3361.535319][T22062] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 3361.540848][T22062] ? find_held_lock+0x35/0x130 [ 3361.545608][T22062] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 3361.551175][T22062] __memcg_kmem_charge_memcg+0x7c/0x130 [ 3361.556707][T22062] ? memcg_kmem_put_cache+0xb0/0xb0 [ 3361.561906][T22062] ? get_mem_cgroup_from_mm+0x128/0x2b0 [ 3361.567453][T22062] __memcg_kmem_charge+0x136/0x300 [ 3361.572564][T22062] __alloc_pages_nodemask+0x4bf/0x8d0 [ 3361.577933][T22062] ? __alloc_pages_slowpath+0x28b0/0x28b0 [ 3361.583660][T22062] ? copy_page_range+0x125a/0x1f90 [ 3361.588768][T22062] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 3361.594994][T22062] alloc_pages_current+0x107/0x210 [ 3361.600088][T22062] pte_alloc_one+0x1b/0x1a0 [ 3361.604590][T22062] __pte_alloc+0x20/0x310 [ 3361.608914][T22062] copy_page_range+0x1529/0x1f90 [ 3361.613852][T22062] ? perf_trace_lock+0xeb/0x510 [ 3361.618697][T22062] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3361.624967][T22062] ? pmd_alloc+0x180/0x180 [ 3361.629377][T22062] ? __rb_insert_augmented+0x231/0xdf0 [ 3361.634837][T22062] ? validate_mm_rb+0xa3/0xc0 [ 3361.639511][T22062] ? __vma_link_rb+0x279/0x370 [ 3361.644276][T22062] copy_process.part.0+0x568b/0x7980 [ 3361.649571][T22062] ? __cleanup_sighand+0x60/0x60 [ 3361.654495][T22062] ? check_stack_object+0x114/0x160 [ 3361.659673][T22062] ? __sanitizer_cov_trace_switch+0x49/0x80 [ 3361.665563][T22062] _do_fork+0x257/0xfd0 [ 3361.669714][T22062] ? fork_idle+0x1d0/0x1d0 [ 3361.674130][T22062] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3361.680370][T22062] ? key_get_type_from_user.constprop.0+0xe4/0x110 [ 3361.686877][T22062] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3361.693115][T22062] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3361.698563][T22062] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3361.704013][T22062] ? do_syscall_64+0x26/0x610 [ 3361.708685][T22062] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3361.714758][T22062] ? do_syscall_64+0x26/0x610 [ 3361.719419][T22062] __x64_sys_clone+0xbf/0x150 [ 3361.724095][T22062] do_syscall_64+0x103/0x610 [ 3361.728684][T22062] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3361.734558][T22062] RIP: 0033:0x2000050a [ 3361.738605][T22062] Code: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 98 4a 2a e9 2c b8 b6 4c 0f 05 03 00 40 00 c4 a3 7b f0 c5 3c 41 e2 e9 c4 22 e9 aa bb 3c 00 00 [ 3361.758195][T22062] RSP: 002b:0000000000400003 EFLAGS: 00000212 ORIG_RAX: 0000000000000038 [ 3361.766586][T22062] RAX: ffffffffffffffda RBX: 0000000000000009 RCX: 000000002000050a [ 3361.774538][T22062] RDX: dfaf83e69c634c96 RSI: 0000000000400003 RDI: 00007f3680240608 [ 3361.782501][T22062] RBP: 0000000000000006 R08: 0000000000000005 R09: 0000000000000006 [ 3361.790470][T22062] R10: 0000000000000007 R11: 0000000000000212 R12: 000000000000000b [ 3361.798424][T22062] R13: 000000000000000c R14: 000000000000000d R15: 00000000ffffffff [ 3361.810456][ C1] protocol 88fb is buggy, dev hsr_slave_0 [ 3361.816288][ C1] protocol 88fb is buggy, dev hsr_slave_1 [ 3361.822309][ C1] protocol 88fb is buggy, dev hsr_slave_0 [ 3361.828129][ C1] protocol 88fb is buggy, dev hsr_slave_1 [ 3361.835702][T22062] memory: usage 307032kB, limit 307200kB, failcnt 21194 [ 3361.842874][T22062] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3361.850512][T22062] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3361.857798][T22062] Memory cgroup stats for /syz0: cache:228KB rss:25656KB rss_huge:0KB shmem:200KB mapped_file:0KB dirty:0KB writeback:132KB swap:0KB inactive_anon:104KB active_anon:25484KB inactive_file:0KB active_file:0KB unevictable:0KB [ 3361.879487][T22062] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=10091,uid=0 [ 3361.894999][T22062] Memory cgroup out of memory: Killed process 10091 (syz-executor.0) total-vm:72844kB, anon-rss:196kB, file-rss:35784kB, shmem-rss:0kB [ 3361.919112][T21558] syz-executor.0 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 3361.942185][T21558] CPU: 0 PID: 21558 Comm: syz-executor.0 Not tainted 5.1.0-rc7+ #97 [ 3361.950205][T21558] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3361.960265][T21558] Call Trace: [ 3361.963566][T21558] dump_stack+0x172/0x1f0 [ 3361.967909][T21558] dump_header+0x10f/0xb6c [ 3361.972338][T21558] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 3361.978153][T21558] ? ___ratelimit+0x60/0x595 [ 3361.982736][T21558] ? do_raw_spin_unlock+0x57/0x270 [ 3361.987836][T21558] oom_kill_process.cold+0x10/0x15 [ 3361.992933][T21558] out_of_memory+0x79a/0x1280 [ 3361.997604][T21558] ? oom_killer_disable+0x280/0x280 [ 3362.002781][T21558] ? find_held_lock+0x35/0x130 [ 3362.007620][T21558] mem_cgroup_out_of_memory+0x1ca/0x230 [ 3362.013150][T21558] ? memcg_event_wake+0x230/0x230 [ 3362.018160][T21558] ? do_raw_spin_unlock+0x57/0x270 [ 3362.023254][T21558] ? _raw_spin_unlock+0x2d/0x50 [ 3362.033376][T21558] try_charge+0xa87/0x15c0 [ 3362.037773][T21558] ? find_held_lock+0x35/0x130 [ 3362.042522][T21558] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 3362.048053][T21558] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3362.054280][T21558] ? kasan_check_read+0x11/0x20 [ 3362.059116][T21558] ? get_mem_cgroup_from_mm+0x128/0x2b0 [ 3362.064647][T21558] mem_cgroup_try_charge+0x24d/0x5e0 [ 3362.069917][T21558] mem_cgroup_try_charge_delay+0x1f/0xa0 [ 3362.075541][T21558] wp_page_copy+0x408/0x1740 [ 3362.080111][T21558] ? find_held_lock+0x35/0x130 [ 3362.084861][T21558] ? pmd_pfn+0x1d0/0x1d0 [ 3362.089089][T21558] ? lock_downgrade+0x880/0x880 [ 3362.093919][T21558] ? swp_swapcount+0x540/0x540 [ 3362.098671][T21558] ? kasan_check_read+0x11/0x20 [ 3362.103504][T21558] ? do_raw_spin_unlock+0x57/0x270 [ 3362.108599][T21558] do_wp_page+0x48e/0x1500 [ 3362.112999][T21558] ? finish_mkwrite_fault+0x4f0/0x4f0 [ 3362.118480][T21558] __handle_mm_fault+0x22e8/0x3ec0 [ 3362.123580][T21558] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 3362.129121][T21558] ? find_held_lock+0x35/0x130 [ 3362.133866][T21558] ? handle_mm_fault+0x322/0xb30 [ 3362.139049][T21558] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3362.145283][T21558] ? kasan_check_read+0x11/0x20 [ 3362.150123][T21558] handle_mm_fault+0x43f/0xb30 [ 3362.154874][T21558] __do_page_fault+0x5ef/0xda0 [ 3362.159644][T21558] do_page_fault+0x71/0x581 [ 3362.164136][T21558] page_fault+0x1e/0x30 [ 3362.168276][T21558] RIP: 0010:__put_user_4+0x1c/0x30 [ 3362.173374][T21558] Code: 1f 00 c3 90 66 2e 0f 1f 84 00 00 00 00 00 65 48 8b 1c 25 00 ee 01 00 48 8b 9b 18 14 00 00 48 83 eb 03 48 39 d9 73 3c 0f 1f 00 <89> 01 31 c0 0f 1f 00 c3 66 90 66 2e 0f 1f 84 00 00 00 00 00 65 48 [ 3362.192975][T21558] RSP: 0018:ffff888064dc7ed0 EFLAGS: 00010293 [ 3362.199045][T21558] RAX: 0000000000000000 RBX: 00007fffffffeffd RCX: 00007f3680240608 [ 3362.207006][T21558] RDX: 0000000000000000 RSI: ffffffff819ace93 RDI: 0000000000000286 [ 3362.214972][T21558] RBP: ffff888064dc7f10 R08: ffff888045cbe000 R09: 0000000000000001 [ 3362.222945][T21558] R10: ffff888045cbe880 R11: ffff888045cbe000 R12: 0000000000000000 [ 3362.230910][T21558] R13: 00007f3680240608 R14: 0000000000400003 R15: 0000000000000000 [ 3362.238902][T21558] ? __might_fault+0x1a3/0x1e0 [ 3362.243663][T21558] ? __x64_sys_getresgid+0x1aa/0x290 [ 3362.248949][T21558] ? trace_hardirqs_on+0x67/0x230 [ 3362.253992][T21558] do_syscall_64+0x103/0x610 [ 3362.258581][T21558] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3362.264478][T21558] RIP: 0033:0x2000050a [ 3362.268531][T21558] Code: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 98 4a 2a e9 2c b8 b6 4c 0f 05 03 00 40 00 c4 a3 7b f0 c5 3c 41 e2 e9 c4 22 e9 aa bb 3c 00 00 [ 3362.288121][T21558] RSP: 002b:0000000000400003 EFLAGS: 00000217 ORIG_RAX: 0000000000000078 [ 3362.296519][T21558] RAX: ffffffffffffffda RBX: 0000000000000009 RCX: 000000002000050a [ 3362.304478][T21558] RDX: dfaf83e69c634c96 RSI: 0000000000400003 RDI: 00007f3680240608 [ 3362.312435][T21558] RBP: 00000000000000fa R08: 0000000000000005 R09: 0000000000000006 [ 3362.320398][T21558] R10: 0000000000000007 R11: 0000000000000217 R12: 000000000000000b [ 3362.328369][T21558] R13: 000000000000000c R14: 000000000000000d R15: 00000000ffffffff [ 3362.336672][ C0] protocol 88fb is buggy, dev hsr_slave_0 [ 3362.342570][ C0] protocol 88fb is buggy, dev hsr_slave_1 [ 3362.348436][ C0] protocol 88fb is buggy, dev hsr_slave_0 [ 3362.354324][ C0] protocol 88fb is buggy, dev hsr_slave_1 [ 3362.360278][T21558] memory: usage 307200kB, limit 307200kB, failcnt 21252 [ 3362.367525][T21558] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3362.375153][T21558] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3362.382253][T21558] Memory cgroup stats for /syz0: cache:228KB rss:25520KB rss_huge:0KB shmem:200KB mapped_file:0KB dirty:0KB writeback:132KB swap:0KB inactive_anon:104KB active_anon:25348KB inactive_file:0KB active_file:0KB unevictable:0KB [ 3362.404218][T21558] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=10705,uid=0 [ 3362.419967][T21558] Memory cgroup out of memory: Killed process 10705 (syz-executor.0) total-vm:72844kB, anon-rss:192kB, file-rss:35788kB, shmem-rss:0kB [ 3362.444872][T22061] syz-executor.0 invoked oom-killer: gfp_mask=0x40cc0(GFP_KERNEL|__GFP_COMP), order=1, oom_score_adj=1000 [ 3362.466334][T22061] CPU: 0 PID: 22061 Comm: syz-executor.0 Not tainted 5.1.0-rc7+ #97 [ 3362.474354][T22061] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3362.484412][T22061] Call Trace: [ 3362.487711][T22061] dump_stack+0x172/0x1f0 [ 3362.492045][T22061] dump_header+0x10f/0xb6c [ 3362.496466][T22061] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 3362.502283][T22061] ? ___ratelimit+0x60/0x595 [ 3362.506896][T22061] ? do_raw_spin_unlock+0x57/0x270 [ 3362.512015][T22061] oom_kill_process.cold+0x10/0x15 [ 3362.517131][T22061] out_of_memory+0x79a/0x1280 [ 3362.521835][T22061] ? oom_killer_disable+0x280/0x280 [ 3362.527041][T22061] ? find_held_lock+0x35/0x130 [ 3362.531832][T22061] mem_cgroup_out_of_memory+0x1ca/0x230 [ 3362.537478][T22061] ? memcg_event_wake+0x230/0x230 [ 3362.542556][T22061] ? do_raw_spin_unlock+0x57/0x270 [ 3362.547690][T22061] ? _raw_spin_unlock+0x2d/0x50 [ 3362.552561][T22061] try_charge+0xa87/0x15c0 [ 3362.556995][T22061] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 3362.562555][T22061] ? rcu_read_lock_sched_held+0x110/0x130 [ 3362.568283][T22061] ? __alloc_pages_nodemask+0x61d/0x8d0 [ 3362.573831][T22061] ? __lockdep_free_key_range+0x120/0x120 [ 3362.579569][T22061] __memcg_kmem_charge_memcg+0x7c/0x130 [ 3362.585121][T22061] ? memcg_kmem_put_cache+0xb0/0xb0 [ 3362.590321][T22061] ? cache_grow_begin+0x594/0x860 [ 3362.595353][T22061] ? lockdep_hardirqs_on+0x418/0x5d0 [ 3362.600642][T22061] ? trace_hardirqs_on+0x67/0x230 [ 3362.605683][T22061] cache_grow_begin+0x5c0/0x860 [ 3362.610538][T22061] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 3362.616776][T22061] ? __cpuset_node_allowed+0x136/0x540 [ 3362.622259][T22061] fallback_alloc+0x1fd/0x2d0 [ 3362.626979][T22061] ____cache_alloc_node+0x1be/0x1e0 [ 3362.632194][T22061] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 3362.638457][T22061] kmem_cache_alloc_node+0xe3/0x710 [ 3362.643676][T22061] ? lockdep_hardirqs_on+0x418/0x5d0 [ 3362.648988][T22061] ? trace_hardirqs_on+0x67/0x230 [ 3362.654043][T22061] copy_process.part.0+0x1d08/0x7980 [ 3362.659332][T22061] ? perf_trace_lock+0xeb/0x510 [ 3362.664194][T22061] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3362.670439][T22061] ? debug_smp_processor_id+0x3c/0x280 [ 3362.675900][T22061] ? __lockdep_free_key_range+0x120/0x120 [ 3362.681628][T22061] ? __might_fault+0x12b/0x1e0 [ 3362.686396][T22061] ? find_held_lock+0x35/0x130 [ 3362.691165][T22061] ? __might_fault+0x12b/0x1e0 [ 3362.695950][T22061] ? __cleanup_sighand+0x60/0x60 [ 3362.700901][T22061] ? check_stack_object+0x114/0x160 [ 3362.706106][T22061] ? __sanitizer_cov_trace_switch+0x49/0x80 [ 3362.712008][T22061] _do_fork+0x257/0xfd0 [ 3362.716171][T22061] ? fork_idle+0x1d0/0x1d0 [ 3362.720592][T22061] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3362.726839][T22061] ? key_get_type_from_user.constprop.0+0xe4/0x110 [ 3362.733361][T22061] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3362.739621][T22061] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3362.745188][T22061] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3362.750666][T22061] ? do_syscall_64+0x26/0x610 [ 3362.755353][T22061] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3362.761427][T22061] ? do_syscall_64+0x26/0x610 [ 3362.766116][T22061] __x64_sys_clone+0xbf/0x150 [ 3362.770819][T22061] do_syscall_64+0x103/0x610 [ 3362.775421][T22061] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3362.781313][T22061] RIP: 0033:0x2000050a [ 3362.785384][T22061] Code: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 98 4a 2a e9 2c b8 b6 4c 0f 05 03 00 40 00 c4 a3 7b f0 c5 3c 41 e2 e9 c4 22 e9 aa bb 3c 00 00 [ 3362.804998][T22061] RSP: 002b:0000000000400003 EFLAGS: 00000212 ORIG_RAX: 0000000000000038 [ 3362.813421][T22061] RAX: ffffffffffffffda RBX: 0000000000000009 RCX: 000000002000050a [ 3362.821402][T22061] RDX: dfaf83e69c634c96 RSI: 0000000000400003 RDI: 00007f3680240608 [ 3362.829405][T22061] RBP: 0000000000000006 R08: 0000000000000005 R09: 0000000000000006 [ 3362.837393][T22061] R10: 0000000000000007 R11: 0000000000000212 R12: 000000000000000b [ 3362.845381][T22061] R13: 000000000000000c R14: 000000000000000d R15: 00000000ffffffff [ 3362.856454][T22061] memory: usage 307200kB, limit 307200kB, failcnt 21277 [ 3362.863512][T22061] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3362.870971][T22061] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3362.877953][T22061] Memory cgroup stats for /syz0: cache:228KB rss:25388KB rss_huge:0KB shmem:200KB mapped_file:0KB dirty:0KB writeback:132KB swap:0KB inactive_anon:104KB active_anon:25224KB inactive_file:0KB active_file:0KB unevictable:0KB [ 3362.899624][T22061] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=11364,uid=0 [ 3362.915146][T22061] Memory cgroup out of memory: Killed process 11364 (syz-executor.0) total-vm:72976kB, anon-rss:200kB, file-rss:35780kB, shmem-rss:0kB [ 3362.949212][T22061] syz-executor.0 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=0, oom_score_adj=1000 [ 3362.961641][T22061] CPU: 0 PID: 22061 Comm: syz-executor.0 Not tainted 5.1.0-rc7+ #97 [ 3362.969637][T22061] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3362.979710][T22061] Call Trace: [ 3362.982993][T22061] dump_stack+0x172/0x1f0 [ 3362.987314][T22061] dump_header+0x10f/0xb6c [ 3362.991727][T22061] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 3362.997514][T22061] ? ___ratelimit+0x60/0x595 [ 3363.002085][T22061] ? do_raw_spin_unlock+0x57/0x270 [ 3363.007184][T22061] oom_kill_process.cold+0x10/0x15 [ 3363.012285][T22061] out_of_memory+0x79a/0x1280 [ 3363.016954][T22061] ? lock_downgrade+0x880/0x880 [ 3363.021793][T22061] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3363.028030][T22061] ? oom_killer_disable+0x280/0x280 [ 3363.033231][T22061] ? find_held_lock+0x35/0x130 [ 3363.037999][T22061] mem_cgroup_out_of_memory+0x1ca/0x230 [ 3363.043542][T22061] ? memcg_event_wake+0x230/0x230 [ 3363.048569][T22061] ? do_raw_spin_unlock+0x57/0x270 [ 3363.053698][T22061] ? _raw_spin_unlock+0x2d/0x50 [ 3363.058552][T22061] try_charge+0xa87/0x15c0 [ 3363.062963][T22061] ? find_held_lock+0x35/0x130 [ 3363.067719][T22061] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 3363.073258][T22061] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 3363.078789][T22061] ? find_held_lock+0x35/0x130 [ 3363.083543][T22061] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 3363.089088][T22061] __memcg_kmem_charge_memcg+0x7c/0x130 [ 3363.094622][T22061] ? memcg_kmem_put_cache+0xb0/0xb0 [ 3363.099807][T22061] ? get_mem_cgroup_from_mm+0x128/0x2b0 [ 3363.105348][T22061] __memcg_kmem_charge+0x136/0x300 [ 3363.110460][T22061] __alloc_pages_nodemask+0x4bf/0x8d0 [ 3363.115824][T22061] ? __alloc_pages_slowpath+0x28b0/0x28b0 [ 3363.121632][T22061] ? copy_page_range+0x125a/0x1f90 [ 3363.126740][T22061] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 3363.132982][T22061] alloc_pages_current+0x107/0x210 [ 3363.138093][T22061] pte_alloc_one+0x1b/0x1a0 [ 3363.142600][T22061] __pte_alloc+0x20/0x310 [ 3363.146925][T22061] copy_page_range+0x1529/0x1f90 [ 3363.151866][T22061] ? perf_trace_lock+0xeb/0x510 [ 3363.156730][T22061] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3363.162996][T22061] ? pmd_alloc+0x180/0x180 [ 3363.167494][T22061] ? __rb_insert_augmented+0x231/0xdf0 [ 3363.172945][T22061] ? validate_mm_rb+0xa3/0xc0 [ 3363.177606][T22061] ? __vma_link_rb+0x279/0x370 [ 3363.182370][T22061] copy_process.part.0+0x568b/0x7980 [ 3363.187918][T22061] ? __cleanup_sighand+0x60/0x60 [ 3363.192850][T22061] ? check_stack_object+0x114/0x160 [ 3363.198031][T22061] ? __sanitizer_cov_trace_switch+0x49/0x80 [ 3363.203913][T22061] _do_fork+0x257/0xfd0 [ 3363.208062][T22061] ? fork_idle+0x1d0/0x1d0 [ 3363.212457][T22061] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3363.218682][T22061] ? key_get_type_from_user.constprop.0+0xe4/0x110 [ 3363.226354][T22061] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3363.232619][T22061] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3363.238165][T22061] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3363.243622][T22061] ? do_syscall_64+0x26/0x610 [ 3363.248310][T22061] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3363.254396][T22061] ? do_syscall_64+0x26/0x610 [ 3363.259085][T22061] __x64_sys_clone+0xbf/0x150 [ 3363.263766][T22061] do_syscall_64+0x103/0x610 [ 3363.268360][T22061] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3363.274265][T22061] RIP: 0033:0x2000050a [ 3363.278322][T22061] Code: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 98 4a 2a e9 2c b8 b6 4c 0f 05 03 00 40 00 c4 a3 7b f0 c5 3c 41 e2 e9 c4 22 e9 aa bb 3c 00 00 [ 3363.297951][T22061] RSP: 002b:0000000000400003 EFLAGS: 00000212 ORIG_RAX: 0000000000000038 [ 3363.306365][T22061] RAX: ffffffffffffffda RBX: 0000000000000009 RCX: 000000002000050a [ 3363.314327][T22061] RDX: dfaf83e69c634c96 RSI: 0000000000400003 RDI: 00007f3680240608 [ 3363.322319][T22061] RBP: 0000000000000006 R08: 0000000000000005 R09: 0000000000000006 [ 3363.330297][T22061] R10: 0000000000000007 R11: 0000000000000212 R12: 000000000000000b [ 3363.338269][T22061] R13: 000000000000000c R14: 000000000000000d R15: 00000000ffffffff [ 3363.346474][T22061] memory: usage 307032kB, limit 307200kB, failcnt 21293 [ 3363.353492][T22061] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3363.360969][T22061] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3363.367920][T22061] Memory cgroup stats for /syz0: cache:228KB rss:25240KB rss_huge:0KB shmem:200KB mapped_file:0KB dirty:0KB writeback:132KB swap:0KB inactive_anon:104KB active_anon:25104KB inactive_file:0KB active_file:0KB unevictable:0KB [ 3363.389546][T22061] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=15613,uid=0 [ 3363.405052][T22061] Memory cgroup out of memory: Killed process 15613 (syz-executor.0) total-vm:72448kB, anon-rss:176kB, file-rss:35804kB, shmem-rss:0kB [ 3363.429964][T22071] syz-executor.0 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=3, oom_score_adj=1000 [ 3363.443678][T22071] CPU: 1 PID: 22071 Comm: syz-executor.0 Not tainted 5.1.0-rc7+ #97 [ 3363.451688][T22071] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3363.461759][T22071] Call Trace: [ 3363.465067][T22071] dump_stack+0x172/0x1f0 [ 3363.469407][T22071] dump_header+0x10f/0xb6c [ 3363.473827][T22071] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 3363.479642][T22071] ? ___ratelimit+0x60/0x595 [ 3363.484238][T22071] ? do_raw_spin_unlock+0x57/0x270 [ 3363.489357][T22071] oom_kill_process.cold+0x10/0x15 [ 3363.494475][T22071] out_of_memory+0x79a/0x1280 [ 3363.499148][T22071] ? oom_killer_disable+0x280/0x280 [ 3363.504325][T22071] ? find_held_lock+0x35/0x130 [ 3363.509076][T22071] mem_cgroup_out_of_memory+0x1ca/0x230 [ 3363.514614][T22071] ? memcg_event_wake+0x230/0x230 [ 3363.519638][T22071] ? do_raw_spin_unlock+0x57/0x270 [ 3363.524738][T22071] ? _raw_spin_unlock+0x2d/0x50 [ 3363.529587][T22071] try_charge+0xa87/0x15c0 [ 3363.534008][T22071] ? find_held_lock+0x35/0x130 [ 3363.538799][T22071] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 3363.544353][T22071] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 3363.549904][T22071] ? find_held_lock+0x35/0x130 [ 3363.554681][T22071] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 3363.560238][T22071] __memcg_kmem_charge_memcg+0x7c/0x130 [ 3363.565778][T22071] ? memcg_kmem_put_cache+0xb0/0xb0 [ 3363.570966][T22071] ? get_mem_cgroup_from_mm+0x128/0x2b0 [ 3363.576518][T22071] __memcg_kmem_charge+0x136/0x300 [ 3363.581644][T22071] __alloc_pages_nodemask+0x4bf/0x8d0 [ 3363.587013][T22071] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3363.593256][T22071] ? __alloc_pages_slowpath+0x28b0/0x28b0 [ 3363.598995][T22071] ? copy_process.part.0+0x1d08/0x7980 [ 3363.604440][T22071] ? lockdep_hardirqs_on+0x418/0x5d0 [ 3363.609727][T22071] ? trace_hardirqs_on+0x67/0x230 [ 3363.614777][T22071] copy_process.part.0+0x3e0/0x7980 [ 3363.619972][T22071] ? perf_trace_lock+0xeb/0x510 [ 3363.624822][T22071] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3363.631299][T22071] ? debug_smp_processor_id+0x3c/0x280 [ 3363.636793][T22071] ? __lockdep_free_key_range+0x120/0x120 [ 3363.642532][T22071] ? __might_fault+0x12b/0x1e0 [ 3363.647297][T22071] ? find_held_lock+0x35/0x130 [ 3363.652071][T22071] ? __might_fault+0x12b/0x1e0 [ 3363.656863][T22071] ? __cleanup_sighand+0x60/0x60 [ 3363.661990][T22071] ? check_stack_object+0x114/0x160 [ 3363.667181][T22071] ? __sanitizer_cov_trace_switch+0x49/0x80 [ 3363.673086][T22071] _do_fork+0x257/0xfd0 [ 3363.677258][T22071] ? fork_idle+0x1d0/0x1d0 [ 3363.681687][T22071] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3363.687918][T22071] ? key_get_type_from_user.constprop.0+0xe4/0x110 [ 3363.694426][T22071] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3363.700662][T22071] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3363.706101][T22071] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3363.711542][T22071] ? do_syscall_64+0x26/0x610 [ 3363.716220][T22071] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3363.722284][T22071] ? do_syscall_64+0x26/0x610 [ 3363.726954][T22071] __x64_sys_clone+0xbf/0x150 [ 3363.731634][T22071] do_syscall_64+0x103/0x610 [ 3363.736247][T22071] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3363.742144][T22071] RIP: 0033:0x2000050a [ 3363.746204][T22071] Code: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 98 4a 2a e9 2c b8 b6 4c 0f 05 03 00 40 00 c4 a3 7b f0 c5 3c 41 e2 e9 c4 22 e9 aa bb 3c 00 00 [ 3363.765816][T22071] RSP: 002b:0000000000400003 EFLAGS: 00000212 ORIG_RAX: 0000000000000038 [ 3363.774226][T22071] RAX: ffffffffffffffda RBX: 0000000000000009 RCX: 000000002000050a [ 3363.782195][T22071] RDX: dfaf83e69c634c96 RSI: 0000000000400003 RDI: 00007f3680240608 [ 3363.790143][T22071] RBP: 0000000000000006 R08: 0000000000000005 R09: 0000000000000006 [ 3363.798129][T22071] R10: 0000000000000007 R11: 0000000000000212 R12: 000000000000000b [ 3363.806103][T22071] R13: 000000000000000c R14: 000000000000000d R15: 00000000ffffffff [ 3363.821092][T22071] memory: usage 307076kB, limit 307200kB, failcnt 21328 [ 3363.828274][T22071] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3363.836011][T22071] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3363.843098][T22071] Memory cgroup stats for /syz0: cache:228KB rss:25240KB rss_huge:0KB shmem:200KB mapped_file:0KB dirty:0KB writeback:132KB swap:0KB inactive_anon:104KB active_anon:24996KB inactive_file:0KB active_file:0KB unevictable:0KB [ 3363.864818][T22071] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=9892,uid=0 [ 3363.880164][T22071] Memory cgroup out of memory: Killed process 9892 (syz-executor.0) total-vm:72448kB, anon-rss:172kB, file-rss:35808kB, shmem-rss:0kB [ 3363.904301][T22072] syz-executor.0 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=0, oom_score_adj=1000 [ 3363.928335][T22072] CPU: 0 PID: 22072 Comm: syz-executor.0 Not tainted 5.1.0-rc7+ #97 [ 3363.936383][T22072] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3363.946522][T22072] Call Trace: [ 3363.949810][T22072] dump_stack+0x172/0x1f0 [ 3363.954139][T22072] dump_header+0x10f/0xb6c [ 3363.958552][T22072] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 3363.964366][T22072] ? ___ratelimit+0x60/0x595 [ 3363.968954][T22072] ? do_raw_spin_unlock+0x57/0x270 [ 3363.974055][T22072] oom_kill_process.cold+0x10/0x15 [ 3363.979162][T22072] out_of_memory+0x79a/0x1280 [ 3363.983836][T22072] ? oom_killer_disable+0x280/0x280 [ 3363.989017][T22072] ? find_held_lock+0x35/0x130 [ 3363.993777][T22072] mem_cgroup_out_of_memory+0x1ca/0x230 [ 3363.999315][T22072] ? memcg_event_wake+0x230/0x230 [ 3364.004356][T22072] ? do_raw_spin_unlock+0x57/0x270 [ 3364.009479][T22072] ? _raw_spin_unlock+0x2d/0x50 [ 3364.014345][T22072] try_charge+0xa87/0x15c0 [ 3364.018761][T22072] ? find_held_lock+0x35/0x130 [ 3364.023523][T22072] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 3364.029063][T22072] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 3364.038104][T22072] ? find_held_lock+0x35/0x130 [ 3364.050318][T22072] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 3364.055889][T22072] __memcg_kmem_charge_memcg+0x7c/0x130 [ 3364.061436][T22072] ? memcg_kmem_put_cache+0xb0/0xb0 [ 3364.066631][T22072] ? get_mem_cgroup_from_mm+0x128/0x2b0 [ 3364.072363][T22072] __memcg_kmem_charge+0x136/0x300 [ 3364.077571][T22072] __alloc_pages_nodemask+0x4bf/0x8d0 [ 3364.082949][T22072] ? __alloc_pages_slowpath+0x28b0/0x28b0 [ 3364.088666][T22072] ? copy_page_range+0x125a/0x1f90 [ 3364.093773][T22072] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 3364.100006][T22072] alloc_pages_current+0x107/0x210 [ 3364.105111][T22072] pte_alloc_one+0x1b/0x1a0 [ 3364.109606][T22072] __pte_alloc+0x20/0x310 [ 3364.113927][T22072] copy_page_range+0x1529/0x1f90 [ 3364.118860][T22072] ? perf_trace_lock+0xeb/0x510 [ 3364.123711][T22072] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3364.129975][T22072] ? pmd_alloc+0x180/0x180 [ 3364.134403][T22072] ? __rb_insert_augmented+0x231/0xdf0 [ 3364.140403][T22072] ? validate_mm_rb+0xa3/0xc0 [ 3364.145083][T22072] ? __vma_link_rb+0x279/0x370 [ 3364.149874][T22072] copy_process.part.0+0x568b/0x7980 [ 3364.155297][T22072] ? __cleanup_sighand+0x60/0x60 [ 3364.160290][T22072] ? check_stack_object+0x114/0x160 [ 3364.165501][T22072] ? __sanitizer_cov_trace_switch+0x49/0x80 [ 3364.171435][T22072] _do_fork+0x257/0xfd0 [ 3364.175598][T22072] ? fork_idle+0x1d0/0x1d0 [ 3364.180006][T22072] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3364.186258][T22072] ? key_get_type_from_user.constprop.0+0xe4/0x110 [ 3364.193021][T22072] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3364.199254][T22072] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3364.204697][T22072] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3364.210138][T22072] ? do_syscall_64+0x26/0x610 [ 3364.214895][T22072] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3364.220953][T22072] ? do_syscall_64+0x26/0x610 [ 3364.225623][T22072] __x64_sys_clone+0xbf/0x150 [ 3364.230455][T22072] do_syscall_64+0x103/0x610 [ 3364.235045][T22072] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3364.240931][T22072] RIP: 0033:0x2000050a [ 3364.244994][T22072] Code: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 98 4a 2a e9 2c b8 b6 4c 0f 05 03 00 40 00 c4 a3 7b f0 c5 3c 41 e2 e9 c4 22 e9 aa bb 3c 00 00 [ 3364.264605][T22072] RSP: 002b:0000000000400003 EFLAGS: 00000212 ORIG_RAX: 0000000000000038 [ 3364.273006][T22072] RAX: ffffffffffffffda RBX: 0000000000000009 RCX: 000000002000050a [ 3364.280971][T22072] RDX: dfaf83e69c634c96 RSI: 0000000000400003 RDI: 00007f3680240608 [ 3364.289034][T22072] RBP: 0000000000000006 R08: 0000000000000005 R09: 0000000000000006 [ 3364.296989][T22072] R10: 0000000000000007 R11: 0000000000000212 R12: 000000000000000b [ 3364.304964][T22072] R13: 000000000000000c R14: 000000000000000d R15: 00000000ffffffff [ 3364.313122][T22072] memory: usage 307200kB, limit 307200kB, failcnt 21364 [ 3364.320068][T22072] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3364.327624][T22072] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3364.334594][T22072] Memory cgroup stats for /syz0: cache:228KB rss:25104KB rss_huge:0KB shmem:200KB mapped_file:0KB dirty:0KB writeback:132KB swap:0KB inactive_anon:104KB active_anon:24924KB inactive_file:0KB active_file:0KB unevictable:0KB [ 3364.356275][T22072] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=11291,uid=0 [ 3364.371754][T22072] Memory cgroup out of memory: Killed process 11291 (syz-executor.0) total-vm:72580kB, anon-rss:180kB, file-rss:35800kB, shmem-rss:0kB [ 3364.397236][T22074] syz-executor.0 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 3364.418888][T22074] CPU: 0 PID: 22074 Comm: syz-executor.0 Not tainted 5.1.0-rc7+ #97 [ 3364.426986][T22074] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3364.437035][T22074] Call Trace: [ 3364.440324][T22074] dump_stack+0x172/0x1f0 [ 3364.444663][T22074] dump_header+0x10f/0xb6c [ 3364.449072][T22074] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 3364.454869][T22074] ? ___ratelimit+0x60/0x595 [ 3364.459458][T22074] ? do_raw_spin_unlock+0x57/0x270 [ 3364.464572][T22074] oom_kill_process.cold+0x10/0x15 [ 3364.469701][T22074] out_of_memory+0x79a/0x1280 [ 3364.474382][T22074] ? oom_killer_disable+0x280/0x280 [ 3364.479568][T22074] ? find_held_lock+0x35/0x130 [ 3364.484331][T22074] mem_cgroup_out_of_memory+0x1ca/0x230 [ 3364.489880][T22074] ? memcg_event_wake+0x230/0x230 [ 3364.494898][T22074] ? do_raw_spin_unlock+0x57/0x270 [ 3364.499997][T22074] ? _raw_spin_unlock+0x2d/0x50 [ 3364.504831][T22074] try_charge+0xa87/0x15c0 [ 3364.509229][T22074] ? find_held_lock+0x35/0x130 [ 3364.513984][T22074] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 3364.519519][T22074] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3364.525761][T22074] ? kasan_check_read+0x11/0x20 [ 3364.530613][T22074] ? get_mem_cgroup_from_mm+0x128/0x2b0 [ 3364.536179][T22074] mem_cgroup_try_charge+0x24d/0x5e0 [ 3364.541477][T22074] mem_cgroup_try_charge_delay+0x1f/0xa0 [ 3364.547113][T22074] wp_page_copy+0x408/0x1740 [ 3364.551699][T22074] ? find_held_lock+0x35/0x130 [ 3364.556463][T22074] ? pmd_pfn+0x1d0/0x1d0 [ 3364.560703][T22074] ? lock_downgrade+0x880/0x880 [ 3364.565572][T22074] ? swp_swapcount+0x540/0x540 [ 3364.570347][T22074] ? kasan_check_read+0x11/0x20 [ 3364.575207][T22074] ? do_raw_spin_unlock+0x57/0x270 [ 3364.580316][T22074] do_wp_page+0x48e/0x1500 [ 3364.584742][T22074] ? finish_mkwrite_fault+0x4f0/0x4f0 [ 3364.590113][T22074] __handle_mm_fault+0x22e8/0x3ec0 [ 3364.595217][T22074] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 3364.600750][T22074] ? find_held_lock+0x35/0x130 [ 3364.605500][T22074] ? handle_mm_fault+0x322/0xb30 [ 3364.610428][T22074] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3364.616654][T22074] ? kasan_check_read+0x11/0x20 [ 3364.621496][T22074] handle_mm_fault+0x43f/0xb30 [ 3364.626264][T22074] __do_page_fault+0x5ef/0xda0 [ 3364.631030][T22074] do_page_fault+0x71/0x581 [ 3364.635531][T22074] page_fault+0x1e/0x30 [ 3364.639700][T22074] RIP: 0010:__put_user_4+0x1c/0x30 [ 3364.644804][T22074] Code: 1f 00 c3 90 66 2e 0f 1f 84 00 00 00 00 00 65 48 8b 1c 25 00 ee 01 00 48 8b 9b 18 14 00 00 48 83 eb 03 48 39 d9 73 3c 0f 1f 00 <89> 01 31 c0 0f 1f 00 c3 66 90 66 2e 0f 1f 84 00 00 00 00 00 65 48 [ 3364.664399][T22074] RSP: 0018:ffff88801cee7ed0 EFLAGS: 00010293 [ 3364.670457][T22074] RAX: 0000000000000000 RBX: 00007fffffffeffd RCX: 00007f3680240608 [ 3364.678417][T22074] RDX: 0000000000000000 RSI: ffffffff819ace93 RDI: 0000000000000286 [ 3364.686383][T22074] RBP: ffff88801cee7f10 R08: ffff88801ced4440 R09: 0000000000000001 [ 3364.694354][T22074] R10: ffff88801ced4cc0 R11: ffff88801ced4440 R12: 0000000000000000 [ 3364.702321][T22074] R13: 00007f3680240608 R14: 0000000000400003 R15: 0000000000000000 [ 3364.710311][T22074] ? __might_fault+0x1a3/0x1e0 [ 3364.715078][T22074] ? __x64_sys_getresgid+0x1aa/0x290 [ 3364.720362][T22074] ? trace_hardirqs_on+0x67/0x230 [ 3364.725396][T22074] do_syscall_64+0x103/0x610 [ 3364.730028][T22074] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3364.735915][T22074] RIP: 0033:0x2000050a [ 3364.740105][T22074] Code: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 98 4a 2a e9 2c b8 b6 4c 0f 05 03 00 40 00 c4 a3 7b f0 c5 3c 41 e2 e9 c4 22 e9 aa bb 3c 00 00 [ 3364.759702][T22074] RSP: 002b:0000000000400003 EFLAGS: 00000217 ORIG_RAX: 0000000000000078 [ 3364.768109][T22074] RAX: ffffffffffffffda RBX: 0000000000000009 RCX: 000000002000050a [ 3364.776072][T22074] RDX: dfaf83e69c634c96 RSI: 0000000000400003 RDI: 00007f3680240608 [ 3364.784035][T22074] RBP: 00000000000000fa R08: 0000000000000005 R09: 0000000000000006 [ 3364.791996][T22074] R10: 0000000000000007 R11: 0000000000000217 R12: 000000000000000b [ 3364.799961][T22074] R13: 000000000000000c R14: 000000000000000d R15: 00000000ffffffff [ 3364.812903][T22074] memory: usage 307036kB, limit 307200kB, failcnt 21381 [ 3364.819950][T22074] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3364.827647][T22074] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3364.837238][T22074] Memory cgroup stats for /syz0: cache:228KB rss:24960KB rss_huge:0KB shmem:200KB mapped_file:0KB dirty:0KB writeback:132KB swap:0KB inactive_anon:104KB active_anon:24788KB inactive_file:0KB active_file:0KB unevictable:0KB [ 3364.859127][T22074] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=1951,uid=0 [ 3364.874753][T22074] Memory cgroup out of memory: Killed process 1951 (syz-executor.0) total-vm:72712kB, anon-rss:184kB, file-rss:35796kB, shmem-rss:0kB [ 3364.899744][T21432] syz-executor.0 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=0, oom_score_adj=1000 [ 3364.919840][T21432] CPU: 1 PID: 21432 Comm: syz-executor.0 Not tainted 5.1.0-rc7+ #97 [ 3364.927953][T21432] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3364.938015][T21432] Call Trace: [ 3364.941306][T21432] dump_stack+0x172/0x1f0 [ 3364.945624][T21432] dump_header+0x10f/0xb6c [ 3364.950039][T21432] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 3364.955838][T21432] ? ___ratelimit+0x60/0x595 [ 3364.960413][T21432] ? do_raw_spin_unlock+0x57/0x270 [ 3364.965510][T21432] oom_kill_process.cold+0x10/0x15 [ 3364.970609][T21432] out_of_memory+0x79a/0x1280 [ 3364.975277][T21432] ? oom_killer_disable+0x280/0x280 [ 3364.980457][T21432] ? find_held_lock+0x35/0x130 [ 3364.985211][T21432] mem_cgroup_out_of_memory+0x1ca/0x230 [ 3364.990741][T21432] ? memcg_event_wake+0x230/0x230 [ 3364.995763][T21432] ? do_raw_spin_unlock+0x57/0x270 [ 3365.000854][T21432] ? _raw_spin_unlock+0x2d/0x50 [ 3365.006163][T21432] try_charge+0xa87/0x15c0 [ 3365.010562][T21432] ? find_held_lock+0x35/0x130 [ 3365.015314][T21432] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 3365.020835][T21432] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 3365.026379][T21432] ? find_held_lock+0x35/0x130 [ 3365.031131][T21432] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 3365.036674][T21432] __memcg_kmem_charge_memcg+0x7c/0x130 [ 3365.042230][T21432] ? memcg_kmem_put_cache+0xb0/0xb0 [ 3365.047432][T21432] ? get_mem_cgroup_from_mm+0x128/0x2b0 [ 3365.053086][T21432] __memcg_kmem_charge+0x136/0x300 [ 3365.058191][T21432] __alloc_pages_nodemask+0x4bf/0x8d0 [ 3365.063564][T21432] ? __alloc_pages_slowpath+0x28b0/0x28b0 [ 3365.069273][T21432] ? copy_page_range+0x125a/0x1f90 [ 3365.074374][T21432] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 3365.080600][T21432] alloc_pages_current+0x107/0x210 [ 3365.085697][T21432] pte_alloc_one+0x1b/0x1a0 [ 3365.090207][T21432] __pte_alloc+0x20/0x310 [ 3365.094532][T21432] copy_page_range+0x1529/0x1f90 [ 3365.099461][T21432] ? perf_trace_lock+0xeb/0x510 [ 3365.104304][T21432] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3365.110547][T21432] ? pmd_alloc+0x180/0x180 [ 3365.114956][T21432] ? vma_compute_subtree_gap+0x158/0x230 [ 3365.120584][T21432] ? validate_mm_rb+0xa3/0xc0 [ 3365.125285][T21432] ? __vma_link_rb+0x279/0x370 [ 3365.130046][T21432] copy_process.part.0+0x568b/0x7980 [ 3365.135573][T21432] ? __cleanup_sighand+0x60/0x60 [ 3365.140513][T21432] ? check_stack_object+0x114/0x160 [ 3365.145714][T21432] ? __sanitizer_cov_trace_switch+0x49/0x80 [ 3365.151616][T21432] _do_fork+0x257/0xfd0 [ 3365.155783][T21432] ? fork_idle+0x1d0/0x1d0 [ 3365.160185][T21432] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3365.166504][T21432] ? key_get_type_from_user.constprop.0+0xe4/0x110 [ 3365.172997][T21432] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3365.179223][T21432] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3365.184675][T21432] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3365.190125][T21432] ? do_syscall_64+0x26/0x610 [ 3365.194792][T21432] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3365.200841][T21432] ? do_syscall_64+0x26/0x610 [ 3365.205509][T21432] __x64_sys_clone+0xbf/0x150 [ 3365.210192][T21432] do_syscall_64+0x103/0x610 [ 3365.214773][T21432] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3365.220647][T21432] RIP: 0033:0x2000050a [ 3365.224718][T21432] Code: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 98 4a 2a e9 2c b8 b6 4c 0f 05 03 00 40 00 c4 a3 7b f0 c5 3c 41 e2 e9 c4 22 e9 aa bb 3c 00 00 [ 3365.244337][T21432] RSP: 002b:0000000000400003 EFLAGS: 00000212 ORIG_RAX: 0000000000000038 [ 3365.252742][T21432] RAX: ffffffffffffffda RBX: 0000000000000009 RCX: 000000002000050a [ 3365.260728][T21432] RDX: dfaf83e69c634c96 RSI: 0000000000400003 RDI: 00007f3680240608 [ 3365.268692][T21432] RBP: 0000000000000006 R08: 0000000000000005 R09: 0000000000000006 [ 3365.276651][T21432] R10: 0000000000000007 R11: 0000000000000212 R12: 000000000000000b [ 3365.284617][T21432] R13: 000000000000000c R14: 000000000000000d R15: 00000000ffffffff [ 3365.297873][T21432] memory: usage 307036kB, limit 307200kB, failcnt 21403 [ 3365.304958][T21432] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3365.312610][T21432] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3365.319532][T21432] Memory cgroup stats for /syz0: cache:228KB rss:24812KB rss_huge:0KB shmem:200KB mapped_file:0KB dirty:0KB writeback:132KB swap:0KB inactive_anon:104KB active_anon:24684KB inactive_file:0KB active_file:0KB unevictable:0KB [ 3365.341400][T21432] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=6498,uid=0 [ 3365.357048][T21432] Memory cgroup out of memory: Killed process 6498 (syz-executor.0) total-vm:72844kB, anon-rss:192kB, file-rss:35784kB, shmem-rss:0kB [ 3365.391968][T22069] syz-executor.0 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 3365.410398][T22069] CPU: 0 PID: 22069 Comm: syz-executor.0 Not tainted 5.1.0-rc7+ #97 [ 3365.418436][T22069] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3365.428483][T22069] Call Trace: [ 3365.431777][T22069] dump_stack+0x172/0x1f0 [ 3365.436113][T22069] dump_header+0x10f/0xb6c [ 3365.440538][T22069] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 3365.446351][T22069] ? ___ratelimit+0x60/0x595 [ 3365.451738][T22069] ? do_raw_spin_unlock+0x57/0x270 [ 3365.456854][T22069] oom_kill_process.cold+0x10/0x15 [ 3365.461987][T22069] out_of_memory+0x79a/0x1280 [ 3365.466744][T22069] ? oom_killer_disable+0x280/0x280 [ 3365.471928][T22069] ? find_held_lock+0x35/0x130 [ 3365.476691][T22069] mem_cgroup_out_of_memory+0x1ca/0x230 [ 3365.482223][T22069] ? memcg_event_wake+0x230/0x230 [ 3365.487251][T22069] ? do_raw_spin_unlock+0x57/0x270 [ 3365.492364][T22069] ? _raw_spin_unlock+0x2d/0x50 [ 3365.497204][T22069] try_charge+0xa87/0x15c0 [ 3365.501692][T22069] ? find_held_lock+0x35/0x130 [ 3365.506443][T22069] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 3365.511973][T22069] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3365.518198][T22069] ? kasan_check_read+0x11/0x20 [ 3365.523060][T22069] ? get_mem_cgroup_from_mm+0x128/0x2b0 [ 3365.528617][T22069] mem_cgroup_try_charge+0x24d/0x5e0 [ 3365.533916][T22069] mem_cgroup_try_charge_delay+0x1f/0xa0 [ 3365.539559][T22069] wp_page_copy+0x408/0x1740 [ 3365.544148][T22069] ? find_held_lock+0x35/0x130 [ 3365.548919][T22069] ? pmd_pfn+0x1d0/0x1d0 [ 3365.553164][T22069] ? lock_downgrade+0x880/0x880 [ 3365.558004][T22069] ? swp_swapcount+0x540/0x540 [ 3365.562847][T22069] ? kasan_check_read+0x11/0x20 [ 3365.567683][T22069] ? do_raw_spin_unlock+0x57/0x270 [ 3365.572783][T22069] do_wp_page+0x48e/0x1500 [ 3365.577186][T22069] ? finish_mkwrite_fault+0x4f0/0x4f0 [ 3365.582547][T22069] __handle_mm_fault+0x22e8/0x3ec0 [ 3365.587663][T22069] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 3365.593192][T22069] ? find_held_lock+0x35/0x130 [ 3365.597949][T22069] ? handle_mm_fault+0x322/0xb30 [ 3365.602892][T22069] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3365.609118][T22069] ? kasan_check_read+0x11/0x20 [ 3365.613981][T22069] handle_mm_fault+0x43f/0xb30 [ 3365.618734][T22069] __do_page_fault+0x5ef/0xda0 [ 3365.623493][T22069] do_page_fault+0x71/0x581 [ 3365.627992][T22069] page_fault+0x1e/0x30 [ 3365.632233][T22069] RIP: 0010:__put_user_4+0x1c/0x30 [ 3365.637360][T22069] Code: 1f 00 c3 90 66 2e 0f 1f 84 00 00 00 00 00 65 48 8b 1c 25 00 ee 01 00 48 8b 9b 18 14 00 00 48 83 eb 03 48 39 d9 73 3c 0f 1f 00 <89> 01 31 c0 0f 1f 00 c3 66 90 66 2e 0f 1f 84 00 00 00 00 00 65 48 [ 3365.656980][T22069] RSP: 0018:ffff888053cdfed0 EFLAGS: 00010293 [ 3365.663035][T22069] RAX: 0000000000000000 RBX: 00007fffffffeffd RCX: 00007f3680240608 [ 3365.670992][T22069] RDX: 0000000000000000 RSI: ffffffff819ace93 RDI: 0000000000000286 [ 3365.678955][T22069] RBP: ffff888053cdff10 R08: ffff888029b32200 R09: 0000000000000001 [ 3365.686917][T22069] R10: ffff888029b32a80 R11: ffff888029b32200 R12: 0000000000000000 [ 3365.694883][T22069] R13: 00007f3680240608 R14: 0000000000400003 R15: 0000000000000000 [ 3365.702856][T22069] ? __might_fault+0x1a3/0x1e0 [ 3365.707612][T22069] ? __x64_sys_getresgid+0x1aa/0x290 [ 3365.712881][T22069] ? trace_hardirqs_on+0x67/0x230 [ 3365.717896][T22069] do_syscall_64+0x103/0x610 [ 3365.722476][T22069] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3365.728363][T22069] RIP: 0033:0x2000050a [ 3365.732419][T22069] Code: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 98 4a 2a e9 2c b8 b6 4c 0f 05 03 00 40 00 c4 a3 7b f0 c5 3c 41 e2 e9 c4 22 e9 aa bb 3c 00 00 [ 3365.752027][T22069] RSP: 002b:0000000000400003 EFLAGS: 00000217 ORIG_RAX: 0000000000000078 [ 3365.760446][T22069] RAX: ffffffffffffffda RBX: 0000000000000009 RCX: 000000002000050a [ 3365.768690][T22069] RDX: dfaf83e69c634c96 RSI: 0000000000400003 RDI: 00007f3680240608 [ 3365.776678][T22069] RBP: 00000000000000fa R08: 0000000000000005 R09: 0000000000000006 [ 3365.784640][T22069] R10: 0000000000000007 R11: 0000000000000217 R12: 000000000000000b [ 3365.792603][T22069] R13: 000000000000000c R14: 000000000000000d R15: 00000000ffffffff [ 3365.801788][T22069] memory: usage 307200kB, limit 307200kB, failcnt 21444 [ 3365.808753][T22069] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3365.816544][T22069] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3365.823507][T22069] Memory cgroup stats for /syz0: cache:228KB rss:24676KB rss_huge:0KB shmem:200KB mapped_file:0KB dirty:0KB writeback:132KB swap:0KB inactive_anon:104KB active_anon:24568KB inactive_file:0KB active_file:0KB unevictable:0KB [ 3365.845297][T22069] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=6565,uid=0 [ 3365.860826][T22069] Memory cgroup out of memory: Killed process 6565 (syz-executor.0) total-vm:72844kB, anon-rss:192kB, file-rss:35784kB, shmem-rss:0kB [ 3365.886276][T22070] syz-executor.0 invoked oom-killer: gfp_mask=0x40cc0(GFP_KERNEL|__GFP_COMP), order=1, oom_score_adj=1000 [ 3365.897879][T22070] CPU: 1 PID: 22070 Comm: syz-executor.0 Not tainted 5.1.0-rc7+ #97 [ 3365.905865][T22070] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3365.915928][T22070] Call Trace: [ 3365.919218][T22070] dump_stack+0x172/0x1f0 [ 3365.923559][T22070] dump_header+0x10f/0xb6c [ 3365.927987][T22070] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 3365.933801][T22070] ? ___ratelimit+0x60/0x595 [ 3365.938381][T22070] ? do_raw_spin_unlock+0x57/0x270 [ 3365.943505][T22070] oom_kill_process.cold+0x10/0x15 [ 3365.948630][T22070] out_of_memory+0x79a/0x1280 [ 3365.953350][T22070] ? oom_killer_disable+0x280/0x280 [ 3365.958533][T22070] ? find_held_lock+0x35/0x130 [ 3365.963307][T22070] mem_cgroup_out_of_memory+0x1ca/0x230 [ 3365.968853][T22070] ? memcg_event_wake+0x230/0x230 [ 3365.973868][T22070] ? do_raw_spin_unlock+0x57/0x270 [ 3365.978975][T22070] ? _raw_spin_unlock+0x2d/0x50 [ 3365.983835][T22070] try_charge+0xa87/0x15c0 [ 3365.988271][T22070] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 3365.993825][T22070] ? rcu_read_lock_sched_held+0x110/0x130 [ 3365.999543][T22070] ? __alloc_pages_nodemask+0x61d/0x8d0 [ 3366.005094][T22070] ? __lockdep_free_key_range+0x120/0x120 [ 3366.010820][T22070] __memcg_kmem_charge_memcg+0x7c/0x130 [ 3366.016360][T22070] ? memcg_kmem_put_cache+0xb0/0xb0 [ 3366.021547][T22070] ? cache_grow_begin+0x594/0x860 [ 3366.026581][T22070] ? lockdep_hardirqs_on+0x418/0x5d0 [ 3366.031864][T22070] ? trace_hardirqs_on+0x67/0x230 [ 3366.036875][T22070] cache_grow_begin+0x5c0/0x860 [ 3366.041721][T22070] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 3366.047981][T22070] ? __cpuset_node_allowed+0x136/0x540 [ 3366.053445][T22070] fallback_alloc+0x1fd/0x2d0 [ 3366.060461][T22070] ____cache_alloc_node+0x1be/0x1e0 [ 3366.065661][T22070] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 3366.071906][T22070] kmem_cache_alloc_node+0xe3/0x710 [ 3366.077094][T22070] ? lockdep_hardirqs_on+0x418/0x5d0 [ 3366.082383][T22070] ? trace_hardirqs_on+0x67/0x230 [ 3366.087428][T22070] copy_process.part.0+0x1d08/0x7980 [ 3366.092711][T22070] ? perf_trace_lock+0xeb/0x510 [ 3366.097546][T22070] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3366.103791][T22070] ? debug_smp_processor_id+0x3c/0x280 [ 3366.109250][T22070] ? __lockdep_free_key_range+0x120/0x120 [ 3366.114984][T22070] ? __might_fault+0x12b/0x1e0 [ 3366.119730][T22070] ? find_held_lock+0x35/0x130 [ 3366.124494][T22070] ? __might_fault+0x12b/0x1e0 [ 3366.129351][T22070] ? __cleanup_sighand+0x60/0x60 [ 3366.134289][T22070] ? check_stack_object+0x114/0x160 [ 3366.139471][T22070] ? __sanitizer_cov_trace_switch+0x49/0x80 [ 3366.145369][T22070] _do_fork+0x257/0xfd0 [ 3366.149522][T22070] ? fork_idle+0x1d0/0x1d0 [ 3366.153921][T22070] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3366.160244][T22070] ? key_get_type_from_user.constprop.0+0xe4/0x110 [ 3366.166749][T22070] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3366.172985][T22070] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3366.178429][T22070] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3366.183980][T22070] ? do_syscall_64+0x26/0x610 [ 3366.188658][T22070] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3366.194733][T22070] ? do_syscall_64+0x26/0x610 [ 3366.199426][T22070] __x64_sys_clone+0xbf/0x150 [ 3366.204105][T22070] do_syscall_64+0x103/0x610 [ 3366.208699][T22070] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3366.214579][T22070] RIP: 0033:0x2000050a [ 3366.218627][T22070] Code: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 98 4a 2a e9 2c b8 b6 4c 0f 05 03 00 40 00 c4 a3 7b f0 c5 3c 41 e2 e9 c4 22 e9 aa bb 3c 00 00 [ 3366.238218][T22070] RSP: 002b:0000000000400003 EFLAGS: 00000212 ORIG_RAX: 0000000000000038 [ 3366.246634][T22070] RAX: ffffffffffffffda RBX: 0000000000000009 RCX: 000000002000050a [ 3366.254604][T22070] RDX: dfaf83e69c634c96 RSI: 0000000000400003 RDI: 00007f3680240608 [ 3366.262573][T22070] RBP: 0000000000000006 R08: 0000000000000005 R09: 0000000000000006 [ 3366.270540][T22070] R10: 0000000000000007 R11: 0000000000000212 R12: 000000000000000b [ 3366.278515][T22070] R13: 000000000000000c R14: 000000000000000d R15: 00000000ffffffff [ 3366.292844][T22070] memory: usage 307032kB, limit 307200kB, failcnt 21452 [ 3366.299870][T22070] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3366.307548][T22070] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3366.314554][T22070] Memory cgroup stats for /syz0: cache:228KB rss:24676KB rss_huge:0KB shmem:200KB mapped_file:0KB dirty:0KB writeback:132KB swap:0KB inactive_anon:104KB active_anon:24444KB inactive_file:0KB active_file:0KB unevictable:0KB [ 3366.336385][T22070] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=6890,uid=0 [ 3366.352090][T22070] Memory cgroup out of memory: Killed process 6890 (syz-executor.0) total-vm:72844kB, anon-rss:192kB, file-rss:35784kB, shmem-rss:0kB [ 3366.377137][T22073] syz-executor.0 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=0, oom_score_adj=1000 [ 3366.389541][T22073] CPU: 1 PID: 22073 Comm: syz-executor.0 Not tainted 5.1.0-rc7+ #97 [ 3366.397532][T22073] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3366.407603][T22073] Call Trace: [ 3366.410914][T22073] dump_stack+0x172/0x1f0 [ 3366.415269][T22073] dump_header+0x10f/0xb6c [ 3366.419703][T22073] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 3366.425526][T22073] ? ___ratelimit+0x60/0x595 [ 3366.430127][T22073] ? do_raw_spin_unlock+0x57/0x270 [ 3366.435256][T22073] oom_kill_process.cold+0x10/0x15 [ 3366.440381][T22073] out_of_memory+0x79a/0x1280 [ 3366.445071][T22073] ? oom_killer_disable+0x280/0x280 [ 3366.450269][T22073] ? find_held_lock+0x35/0x130 [ 3366.455056][T22073] mem_cgroup_out_of_memory+0x1ca/0x230 [ 3366.460614][T22073] ? memcg_event_wake+0x230/0x230 [ 3366.465631][T22073] ? do_raw_spin_unlock+0x57/0x270 [ 3366.470726][T22073] ? _raw_spin_unlock+0x2d/0x50 [ 3366.475579][T22073] try_charge+0xa87/0x15c0 [ 3366.479988][T22073] ? find_held_lock+0x35/0x130 [ 3366.484742][T22073] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 3366.490283][T22073] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 3366.491745][ C0] net_ratelimit: 16 callbacks suppressed [ 3366.491754][ C0] protocol 88fb is buggy, dev hsr_slave_0 [ 3366.495846][T22073] ? find_held_lock+0x35/0x130 [ 3366.501708][ C0] protocol 88fb is buggy, dev hsr_slave_1 [ 3366.507289][T22073] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 3366.512220][ C0] protocol 88fb is buggy, dev hsr_slave_0 [ 3366.517768][T22073] __memcg_kmem_charge_memcg+0x7c/0x130 [ 3366.523395][ C0] protocol 88fb is buggy, dev hsr_slave_1 [ 3366.528999][T22073] ? memcg_kmem_put_cache+0xb0/0xb0 [ 3366.545440][T22073] ? get_mem_cgroup_from_mm+0x128/0x2b0 [ 3366.550982][T22073] __memcg_kmem_charge+0x136/0x300 [ 3366.556108][T22073] __alloc_pages_nodemask+0x4bf/0x8d0 [ 3366.561483][T22073] ? __alloc_pages_slowpath+0x28b0/0x28b0 [ 3366.567192][T22073] ? copy_page_range+0x125a/0x1f90 [ 3366.572314][T22073] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 3366.578557][T22073] alloc_pages_current+0x107/0x210 [ 3366.583676][T22073] pte_alloc_one+0x1b/0x1a0 [ 3366.588189][T22073] __pte_alloc+0x20/0x310 [ 3366.592524][T22073] copy_page_range+0x1529/0x1f90 [ 3366.597458][T22073] ? perf_trace_lock+0xeb/0x510 [ 3366.602303][T22073] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3366.608561][T22073] ? pmd_alloc+0x180/0x180 [ 3366.613105][T22073] ? __rb_insert_augmented+0x231/0xdf0 [ 3366.618588][T22073] ? validate_mm_rb+0xa3/0xc0 [ 3366.623271][T22073] ? __vma_link_rb+0x279/0x370 [ 3366.628042][T22073] copy_process.part.0+0x568b/0x7980 [ 3366.633365][T22073] ? __cleanup_sighand+0x60/0x60 [ 3366.638310][T22073] ? check_stack_object+0x114/0x160 [ 3366.643509][T22073] ? __sanitizer_cov_trace_switch+0x49/0x80 [ 3366.649405][T22073] _do_fork+0x257/0xfd0 [ 3366.653568][T22073] ? fork_idle+0x1d0/0x1d0 [ 3366.657979][T22073] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3366.664227][T22073] ? key_get_type_from_user.constprop.0+0xe4/0x110 [ 3366.670730][T22073] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3366.676981][T22073] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3366.682445][T22073] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3366.687901][T22073] ? do_syscall_64+0x26/0x610 [ 3366.692573][T22073] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3366.698637][T22073] ? do_syscall_64+0x26/0x610 [ 3366.703318][T22073] __x64_sys_clone+0xbf/0x150 [ 3366.707996][T22073] do_syscall_64+0x103/0x610 [ 3366.712589][T22073] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3366.718494][T22073] RIP: 0033:0x2000050a [ 3366.722557][T22073] Code: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 98 4a 2a e9 2c b8 b6 4c 0f 05 03 00 40 00 c4 a3 7b f0 c5 3c 41 e2 e9 c4 22 e9 aa bb 3c 00 00 [ 3366.742169][T22073] RSP: 002b:0000000000400003 EFLAGS: 00000212 ORIG_RAX: 0000000000000038 [ 3366.750696][T22073] RAX: ffffffffffffffda RBX: 0000000000000009 RCX: 000000002000050a [ 3366.758656][T22073] RDX: dfaf83e69c634c96 RSI: 0000000000400003 RDI: 00007f3680240608 [ 3366.766618][T22073] RBP: 0000000000000006 R08: 0000000000000005 R09: 0000000000000006 [ 3366.774585][T22073] R10: 0000000000000007 R11: 0000000000000212 R12: 000000000000000b [ 3366.782561][T22073] R13: 000000000000000c R14: 000000000000000d R15: 00000000ffffffff [ 3366.798726][T22073] memory: usage 307200kB, limit 307200kB, failcnt 21494 [ 3366.805835][T22073] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3366.813509][T22073] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3366.820471][T22073] Memory cgroup stats for /syz0: cache:228KB rss:24540KB rss_huge:0KB shmem:200KB mapped_file:0KB dirty:0KB writeback:132KB swap:0KB inactive_anon:104KB active_anon:24316KB inactive_file:0KB active_file:0KB unevictable:0KB [ 3366.842363][T22073] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=7023,uid=0 [ 3366.857915][T22073] Memory cgroup out of memory: Killed process 7023 (syz-executor.0) total-vm:72844kB, anon-rss:192kB, file-rss:35784kB, shmem-rss:0kB [ 3366.890870][T21483] syz-executor.0 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=0, oom_score_adj=1000 [ 3366.909805][T21483] CPU: 0 PID: 21483 Comm: syz-executor.0 Not tainted 5.1.0-rc7+ #97 [ 3366.917835][T21483] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3366.927911][T21483] Call Trace: [ 3366.931241][T21483] dump_stack+0x172/0x1f0 [ 3366.935604][T21483] dump_header+0x10f/0xb6c [ 3366.940037][T21483] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 3366.945858][T21483] ? ___ratelimit+0x60/0x595 [ 3366.950461][T21483] ? do_raw_spin_unlock+0x57/0x270 [ 3366.955594][T21483] oom_kill_process.cold+0x10/0x15 [ 3366.960718][T21483] out_of_memory+0x79a/0x1280 [ 3366.965417][T21483] ? oom_killer_disable+0x280/0x280 [ 3366.970620][T21483] ? find_held_lock+0x35/0x130 [ 3366.975414][T21483] mem_cgroup_out_of_memory+0x1ca/0x230 [ 3366.980982][T21483] ? memcg_event_wake+0x230/0x230 [ 3366.986023][T21483] ? do_raw_spin_unlock+0x57/0x270 [ 3366.991142][T21483] ? _raw_spin_unlock+0x2d/0x50 [ 3366.996001][T21483] try_charge+0xa87/0x15c0 [ 3367.000420][T21483] ? find_held_lock+0x35/0x130 [ 3367.005720][T21483] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 3367.011275][T21483] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 3367.016826][T21483] ? find_held_lock+0x35/0x130 [ 3367.021594][T21483] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 3367.027157][T21483] __memcg_kmem_charge_memcg+0x7c/0x130 [ 3367.032712][T21483] ? memcg_kmem_put_cache+0xb0/0xb0 [ 3367.037922][T21483] ? get_mem_cgroup_from_mm+0x128/0x2b0 [ 3367.043496][T21483] __memcg_kmem_charge+0x136/0x300 [ 3367.048630][T21483] __alloc_pages_nodemask+0x4bf/0x8d0 [ 3367.054023][T21483] ? __alloc_pages_slowpath+0x28b0/0x28b0 [ 3367.059761][T21483] ? _raw_spin_unlock_irqrestore+0x6b/0xe0 [ 3367.065578][T21483] ? lockdep_hardirqs_on+0x418/0x5d0 [ 3367.070873][T21483] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 3367.077123][T21483] alloc_pages_current+0x107/0x210 [ 3367.082336][T21483] get_zeroed_page+0x14/0x50 [ 3367.086953][T21483] __pud_alloc+0x3b/0x250 [ 3367.091296][T21483] pud_alloc+0xde/0x150 [ 3367.095459][T21483] copy_page_range+0x375/0x1f90 [ 3367.100318][T21483] ? wake_up_q+0xa5/0xf0 [ 3367.104615][T21483] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 3367.110429][T21483] ? vma_compute_subtree_gap+0x158/0x230 [ 3367.116070][T21483] ? vma_gap_callbacks_rotate+0x62/0x80 [ 3367.121628][T21483] ? pmd_alloc+0x180/0x180 [ 3367.126051][T21483] ? validate_mm_rb+0xa3/0xc0 [ 3367.130736][T21483] ? __vma_link_rb+0x279/0x370 [ 3367.135520][T21483] copy_process.part.0+0x568b/0x7980 [ 3367.140854][T21483] ? __cleanup_sighand+0x60/0x60 [ 3367.145814][T21483] ? check_stack_object+0x114/0x160 [ 3367.151020][T21483] ? __sanitizer_cov_trace_switch+0x49/0x80 [ 3367.156925][T21483] _do_fork+0x257/0xfd0 [ 3367.161103][T21483] ? fork_idle+0x1d0/0x1d0 [ 3367.165522][T21483] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3367.171770][T21483] ? key_get_type_from_user.constprop.0+0xe4/0x110 [ 3367.178293][T21483] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3367.184562][T21483] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3367.190030][T21483] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3367.195494][T21483] ? do_syscall_64+0x26/0x610 [ 3367.200176][T21483] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3367.206243][T21483] ? do_syscall_64+0x26/0x610 [ 3367.210951][T21483] __x64_sys_clone+0xbf/0x150 [ 3367.215654][T21483] do_syscall_64+0x103/0x610 [ 3367.220289][T21483] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3367.226190][T21483] RIP: 0033:0x2000050a [ 3367.230278][T21483] Code: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 98 4a 2a e9 2c b8 b6 4c 0f 05 03 00 40 00 c4 a3 7b f0 c5 3c 41 e2 e9 c4 22 e9 aa bb 3c 00 00 [ 3367.249985][T21483] RSP: 002b:0000000000400003 EFLAGS: 00000212 ORIG_RAX: 0000000000000038 [ 3367.258411][T21483] RAX: ffffffffffffffda RBX: 0000000000000009 RCX: 000000002000050a [ 3367.266394][T21483] RDX: dfaf83e69c634c96 RSI: 0000000000400003 RDI: 00007f3680240608 [ 3367.274376][T21483] RBP: 0000000000000006 R08: 0000000000000005 R09: 0000000000000006 [ 3367.282357][T21483] R10: 0000000000000007 R11: 0000000000000212 R12: 000000000000000b [ 3367.290421][T21483] R13: 000000000000000c R14: 000000000000000d R15: 00000000ffffffff [ 3367.299756][T21483] memory: usage 307200kB, limit 307200kB, failcnt 21527 [ 3367.306769][T21483] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3367.314338][T21483] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3367.321186][T21483] Memory cgroup stats for /syz0: cache:228KB rss:24400KB rss_huge:0KB shmem:200KB mapped_file:0KB dirty:0KB writeback:132KB swap:0KB inactive_anon:104KB active_anon:24188KB inactive_file:0KB active_file:0KB unevictable:0KB [ 3367.342786][T21483] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=7297,uid=0 [ 3367.358173][T21483] Memory cgroup out of memory: Killed process 7297 (syz-executor.0) total-vm:72844kB, anon-rss:192kB, file-rss:35784kB, shmem-rss:0kB [ 3367.383966][T21631] syz-executor.0 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=0, oom_score_adj=1000 [ 3367.396442][T21631] CPU: 1 PID: 21631 Comm: syz-executor.0 Not tainted 5.1.0-rc7+ #97 [ 3367.404437][T21631] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3367.414504][T21631] Call Trace: [ 3367.417814][T21631] dump_stack+0x172/0x1f0 [ 3367.422154][T21631] dump_header+0x10f/0xb6c [ 3367.426569][T21631] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 3367.432373][T21631] ? ___ratelimit+0x60/0x595 [ 3367.436997][T21631] ? do_raw_spin_unlock+0x57/0x270 [ 3367.442113][T21631] oom_kill_process.cold+0x10/0x15 [ 3367.447239][T21631] out_of_memory+0x79a/0x1280 [ 3367.451926][T21631] ? oom_killer_disable+0x280/0x280 [ 3367.457141][T21631] ? find_held_lock+0x35/0x130 [ 3367.461925][T21631] mem_cgroup_out_of_memory+0x1ca/0x230 [ 3367.467492][T21631] ? memcg_event_wake+0x230/0x230 [ 3367.472523][T21631] ? do_raw_spin_unlock+0x57/0x270 [ 3367.477633][T21631] ? _raw_spin_unlock+0x2d/0x50 [ 3367.482577][T21631] try_charge+0xa87/0x15c0 [ 3367.486989][T21631] ? find_held_lock+0x35/0x130 [ 3367.491771][T21631] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 3367.497314][T21631] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 3367.502854][T21631] ? find_held_lock+0x35/0x130 [ 3367.507617][T21631] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 3367.513172][T21631] __memcg_kmem_charge_memcg+0x7c/0x130 [ 3367.518713][T21631] ? memcg_kmem_put_cache+0xb0/0xb0 [ 3367.523911][T21631] ? get_mem_cgroup_from_mm+0x128/0x2b0 [ 3367.529461][T21631] __memcg_kmem_charge+0x136/0x300 [ 3367.534576][T21631] __alloc_pages_nodemask+0x4bf/0x8d0 [ 3367.539952][T21631] ? __alloc_pages_slowpath+0x28b0/0x28b0 [ 3367.545660][T21631] ? copy_page_range+0x125a/0x1f90 [ 3367.550764][T21631] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 3367.557083][T21631] alloc_pages_current+0x107/0x210 [ 3367.562196][T21631] pte_alloc_one+0x1b/0x1a0 [ 3367.566696][T21631] __pte_alloc+0x20/0x310 [ 3367.571012][T21631] copy_page_range+0x1529/0x1f90 [ 3367.576035][T21631] ? perf_trace_lock+0xeb/0x510 [ 3367.580879][T21631] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3367.587226][T21631] ? pmd_alloc+0x180/0x180 [ 3367.591642][T21631] ? __rb_insert_augmented+0x231/0xdf0 [ 3367.597103][T21631] ? validate_mm_rb+0xa3/0xc0 [ 3367.601788][T21631] ? __vma_link_rb+0x279/0x370 [ 3367.606560][T21631] copy_process.part.0+0x568b/0x7980 [ 3367.611885][T21631] ? __cleanup_sighand+0x60/0x60 [ 3367.616823][T21631] ? check_stack_object+0x114/0x160 [ 3367.622016][T21631] ? __sanitizer_cov_trace_switch+0x49/0x80 [ 3367.627932][T21631] _do_fork+0x257/0xfd0 [ 3367.632104][T21631] ? fork_idle+0x1d0/0x1d0 [ 3367.636513][T21631] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3367.642764][T21631] ? key_get_type_from_user.constprop.0+0xe4/0x110 [ 3367.649267][T21631] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3367.655500][T21631] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3367.660960][T21631] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3367.666404][T21631] ? do_syscall_64+0x26/0x610 [ 3367.671073][T21631] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3367.677127][T21631] ? do_syscall_64+0x26/0x610 [ 3367.681805][T21631] __x64_sys_clone+0xbf/0x150 [ 3367.686478][T21631] do_syscall_64+0x103/0x610 [ 3367.691051][T21631] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3367.696926][T21631] RIP: 0033:0x2000050a [ 3367.701008][T21631] Code: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 98 4a 2a e9 2c b8 b6 4c 0f 05 03 00 40 00 c4 a3 7b f0 c5 3c 41 e2 e9 c4 22 e9 aa bb 3c 00 00 [ 3367.720604][T21631] RSP: 002b:0000000000400003 EFLAGS: 00000212 ORIG_RAX: 0000000000000038 [ 3367.729004][T21631] RAX: ffffffffffffffda RBX: 0000000000000009 RCX: 000000002000050a [ 3367.736973][T21631] RDX: dfaf83e69c634c96 RSI: 0000000000400003 RDI: 00007f3680240608 [ 3367.744931][T21631] RBP: 0000000000000006 R08: 0000000000000005 R09: 0000000000000006 [ 3367.752910][T21631] R10: 0000000000000007 R11: 0000000000000212 R12: 000000000000000b [ 3367.760894][T21631] R13: 000000000000000c R14: 000000000000000d R15: 00000000ffffffff [ 3367.775846][T21631] memory: usage 307200kB, limit 307200kB, failcnt 21574 [ 3367.783057][T21631] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3367.790605][T21631] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3367.797614][T21631] Memory cgroup stats for /syz0: cache:228KB rss:24244KB rss_huge:0KB shmem:200KB mapped_file:0KB dirty:0KB writeback:132KB swap:0KB inactive_anon:104KB active_anon:24076KB inactive_file:0KB active_file:0KB unevictable:0KB [ 3367.819359][T21631] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=7405,uid=0 [ 3367.834968][T21631] Memory cgroup out of memory: Killed process 7405 (syz-executor.0) total-vm:72844kB, anon-rss:192kB, file-rss:35784kB, shmem-rss:0kB [ 3367.860333][T22068] syz-executor.0 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=0, oom_score_adj=1000 [ 3367.873618][T22068] CPU: 0 PID: 22068 Comm: syz-executor.0 Not tainted 5.1.0-rc7+ #97 [ 3367.881618][T22068] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3367.891681][T22068] Call Trace: [ 3367.894987][T22068] dump_stack+0x172/0x1f0 [ 3367.899331][T22068] dump_header+0x10f/0xb6c [ 3367.903761][T22068] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 3367.909590][T22068] ? ___ratelimit+0x60/0x595 [ 3367.914187][T22068] ? do_raw_spin_unlock+0x57/0x270 [ 3367.919313][T22068] oom_kill_process.cold+0x10/0x15 [ 3367.924439][T22068] out_of_memory+0x79a/0x1280 [ 3367.929132][T22068] ? oom_killer_disable+0x280/0x280 [ 3367.934335][T22068] ? find_held_lock+0x35/0x130 [ 3367.939129][T22068] mem_cgroup_out_of_memory+0x1ca/0x230 [ 3367.944771][T22068] ? memcg_event_wake+0x230/0x230 [ 3367.949813][T22068] ? do_raw_spin_unlock+0x57/0x270 [ 3367.954950][T22068] ? _raw_spin_unlock+0x2d/0x50 [ 3367.959819][T22068] try_charge+0xa87/0x15c0 [ 3367.964240][T22068] ? find_held_lock+0x35/0x130 [ 3367.969029][T22068] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 3367.974581][T22068] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 3367.980130][T22068] ? find_held_lock+0x35/0x130 [ 3367.984899][T22068] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 3367.990471][T22068] __memcg_kmem_charge_memcg+0x7c/0x130 [ 3367.996034][T22068] ? memcg_kmem_put_cache+0xb0/0xb0 [ 3368.001250][T22068] ? get_mem_cgroup_from_mm+0x128/0x2b0 [ 3368.006901][T22068] __memcg_kmem_charge+0x136/0x300 [ 3368.012036][T22068] __alloc_pages_nodemask+0x4bf/0x8d0 [ 3368.017428][T22068] ? __alloc_pages_slowpath+0x28b0/0x28b0 [ 3368.023160][T22068] ? save_stack+0xa9/0xd0 [ 3368.027496][T22068] ? kmem_cache_alloc+0x11a/0x6f0 [ 3368.032610][T22068] ? anon_vma_fork+0x1ea/0x4a0 [ 3368.037381][T22068] ? copy_process.part.0+0x350f/0x7980 [ 3368.042850][T22068] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3368.049102][T22068] ? debug_smp_processor_id+0x3c/0x280 [ 3368.054574][T22068] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 3368.060827][T22068] alloc_pages_current+0x107/0x210 [ 3368.065958][T22068] get_zeroed_page+0x14/0x50 [ 3368.070552][T22068] __pud_alloc+0x3b/0x250 [ 3368.074884][T22068] pud_alloc+0xde/0x150 [ 3368.079044][T22068] copy_page_range+0x375/0x1f90 [ 3368.083908][T22068] ? find_held_lock+0x35/0x130 [ 3368.088687][T22068] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 3368.094410][T22068] ? vma_compute_subtree_gap+0x158/0x230 [ 3368.100053][T22068] ? vma_gap_callbacks_rotate+0x62/0x80 [ 3368.105607][T22068] ? pmd_alloc+0x180/0x180 [ 3368.110023][T22068] ? validate_mm_rb+0xa3/0xc0 [ 3368.114705][T22068] ? __vma_link_rb+0x279/0x370 [ 3368.119479][T22068] copy_process.part.0+0x568b/0x7980 [ 3368.124808][T22068] ? __cleanup_sighand+0x60/0x60 [ 3368.129760][T22068] ? check_stack_object+0x114/0x160 [ 3368.135284][T22068] ? __sanitizer_cov_trace_switch+0x49/0x80 [ 3368.141190][T22068] _do_fork+0x257/0xfd0 [ 3368.145357][T22068] ? fork_idle+0x1d0/0x1d0 [ 3368.149774][T22068] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3368.156114][T22068] ? key_get_type_from_user.constprop.0+0xe4/0x110 [ 3368.162630][T22068] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3368.168879][T22068] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3368.174345][T22068] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3368.179812][T22068] ? do_syscall_64+0x26/0x610 [ 3368.184494][T22068] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3368.190559][T22068] ? do_syscall_64+0x26/0x610 [ 3368.195242][T22068] __x64_sys_clone+0xbf/0x150 [ 3368.199933][T22068] do_syscall_64+0x103/0x610 [ 3368.204540][T22068] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3368.210429][T22068] RIP: 0033:0x2000050a [ 3368.214880][T22068] Code: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 98 4a 2a e9 2c b8 b6 4c 0f 05 03 00 40 00 c4 a3 7b f0 c5 3c 41 e2 e9 c4 22 e9 aa bb 3c 00 00 [ 3368.234487][T22068] RSP: 002b:0000000000400003 EFLAGS: 00000212 ORIG_RAX: 0000000000000038 [ 3368.242906][T22068] RAX: ffffffffffffffda RBX: 0000000000000009 RCX: 000000002000050a [ 3368.250891][T22068] RDX: dfaf83e69c634c96 RSI: 0000000000400003 RDI: 00007f3680240608 [ 3368.258868][T22068] RBP: 0000000000000006 R08: 0000000000000005 R09: 0000000000000006 [ 3368.266871][T22068] R10: 0000000000000007 R11: 0000000000000212 R12: 000000000000000b [ 3368.274849][T22068] R13: 000000000000000c R14: 000000000000000d R15: 00000000ffffffff [ 3368.286002][T22068] memory: usage 307200kB, limit 307200kB, failcnt 21617 [ 3368.291828][ C1] protocol 88fb is buggy, dev hsr_slave_0 [ 3368.293024][T22068] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3368.298876][ C1] protocol 88fb is buggy, dev hsr_slave_1 [ 3368.306813][T22068] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3368.319073][T22068] Memory cgroup stats for /syz0: cache:228KB rss:24108KB rss_huge:0KB shmem:200KB mapped_file:0KB dirty:0KB writeback:132KB swap:0KB inactive_anon:104KB active_anon:23948KB inactive_file:0KB active_file:0KB unevictable:0KB [ 3368.340725][T22068] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=8059,uid=0 [ 3368.341668][ C1] protocol 88fb is buggy, dev hsr_slave_0 [ 3368.356194][T22068] Memory cgroup out of memory: Killed process 8059 (syz-executor.0) total-vm:72844kB, anon-rss:192kB, file-rss:35784kB, shmem-rss:0kB [ 3368.362106][ C1] protocol 88fb is buggy, dev hsr_slave_1 [ 3368.378715][ T1043] oom_reaper: reaped process 8059 (syz-executor.0), now anon-rss:0kB, file-rss:34824kB, shmem-rss:0kB [ 3368.381855][ C1] protocol 88fb is buggy, dev hsr_slave_0 [ 3368.398680][ C1] protocol 88fb is buggy, dev hsr_slave_1 [ 3368.412908][T22068] syz-executor.0 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=0, oom_score_adj=1000 [ 3368.425088][T22068] CPU: 0 PID: 22068 Comm: syz-executor.0 Not tainted 5.1.0-rc7+ #97 [ 3368.433063][T22068] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3368.443119][T22068] Call Trace: [ 3368.446422][T22068] dump_stack+0x172/0x1f0 [ 3368.450765][T22068] dump_header+0x10f/0xb6c [ 3368.455186][T22068] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 3368.460994][T22068] ? ___ratelimit+0x60/0x595 [ 3368.465582][T22068] ? do_raw_spin_unlock+0x57/0x270 [ 3368.470704][T22068] oom_kill_process.cold+0x10/0x15 [ 3368.475997][T22068] out_of_memory+0x79a/0x1280 [ 3368.480677][T22068] ? lock_downgrade+0x880/0x880 [ 3368.485528][T22068] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3368.491769][T22068] ? oom_killer_disable+0x280/0x280 [ 3368.496977][T22068] ? find_held_lock+0x35/0x130 [ 3368.501756][T22068] mem_cgroup_out_of_memory+0x1ca/0x230 [ 3368.507301][T22068] ? memcg_event_wake+0x230/0x230 [ 3368.512336][T22068] ? do_raw_spin_unlock+0x57/0x270 [ 3368.517449][T22068] ? _raw_spin_unlock+0x2d/0x50 [ 3368.522303][T22068] try_charge+0xa87/0x15c0 [ 3368.526717][T22068] ? find_held_lock+0x35/0x130 [ 3368.531489][T22068] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 3368.537034][T22068] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 3368.542577][T22068] ? find_held_lock+0x35/0x130 [ 3368.547340][T22068] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 3368.552907][T22068] __memcg_kmem_charge_memcg+0x7c/0x130 [ 3368.558461][T22068] ? memcg_kmem_put_cache+0xb0/0xb0 [ 3368.563668][T22068] ? get_mem_cgroup_from_mm+0x128/0x2b0 [ 3368.569217][T22068] __memcg_kmem_charge+0x136/0x300 [ 3368.574346][T22068] __alloc_pages_nodemask+0x4bf/0x8d0 [ 3368.579731][T22068] ? __alloc_pages_slowpath+0x28b0/0x28b0 [ 3368.585464][T22068] ? copy_page_range+0x125a/0x1f90 [ 3368.590581][T22068] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 3368.596828][T22068] alloc_pages_current+0x107/0x210 [ 3368.601961][T22068] pte_alloc_one+0x1b/0x1a0 [ 3368.606490][T22068] __pte_alloc+0x20/0x310 [ 3368.610826][T22068] copy_page_range+0x1529/0x1f90 [ 3368.615770][T22068] ? perf_trace_lock+0xeb/0x510 [ 3368.620621][T22068] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3368.626892][T22068] ? pmd_alloc+0x180/0x180 [ 3368.631308][T22068] ? __rb_insert_augmented+0x231/0xdf0 [ 3368.636764][T22068] ? validate_mm_rb+0xa3/0xc0 [ 3368.641443][T22068] ? __vma_link_rb+0x279/0x370 [ 3368.646227][T22068] copy_process.part.0+0x568b/0x7980 [ 3368.651554][T22068] ? __cleanup_sighand+0x60/0x60 [ 3368.656504][T22068] ? check_stack_object+0x114/0x160 [ 3368.661705][T22068] ? __sanitizer_cov_trace_switch+0x49/0x80 [ 3368.667604][T22068] _do_fork+0x257/0xfd0 [ 3368.671764][T22068] ? fork_idle+0x1d0/0x1d0 [ 3368.676183][T22068] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3368.682516][T22068] ? key_get_type_from_user.constprop.0+0xe4/0x110 [ 3368.689107][T22068] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3368.695350][T22068] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3368.700814][T22068] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3368.706273][T22068] ? do_syscall_64+0x26/0x610 [ 3368.710958][T22068] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3368.717031][T22068] ? do_syscall_64+0x26/0x610 [ 3368.721714][T22068] __x64_sys_clone+0xbf/0x150 [ 3368.726396][T22068] do_syscall_64+0x103/0x610 [ 3368.730993][T22068] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3368.736883][T22068] RIP: 0033:0x2000050a [ 3368.741004][T22068] Code: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 98 4a 2a e9 2c b8 b6 4c 0f 05 03 00 40 00 c4 a3 7b f0 c5 3c 41 e2 e9 c4 22 e9 aa bb 3c 00 00 [ 3368.760698][T22068] RSP: 002b:0000000000400003 EFLAGS: 00000212 ORIG_RAX: 0000000000000038 [ 3368.769115][T22068] RAX: ffffffffffffffda RBX: 0000000000000009 RCX: 000000002000050a [ 3368.777092][T22068] RDX: dfaf83e69c634c96 RSI: 0000000000400003 RDI: 00007f3680240608 [ 3368.785158][T22068] RBP: 0000000000000006 R08: 0000000000000005 R09: 0000000000000006 [ 3368.793163][T22068] R10: 0000000000000007 R11: 0000000000000212 R12: 000000000000000b [ 3368.801137][T22068] R13: 000000000000000c R14: 000000000000000d R15: 00000000ffffffff [ 3368.812455][T22068] memory: usage 307200kB, limit 307200kB, failcnt 21661 [ 3368.819417][T22068] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3368.827521][T22068] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3368.834834][T22068] Memory cgroup stats for /syz0: cache:228KB rss:23968KB rss_huge:0KB shmem:200KB mapped_file:0KB dirty:0KB writeback:132KB swap:0KB inactive_anon:104KB active_anon:23828KB inactive_file:0KB active_file:0KB unevictable:0KB [ 3368.856496][T22068] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=8254,uid=0 [ 3368.871885][T22068] Memory cgroup out of memory: Killed process 8254 (syz-executor.0) total-vm:72844kB, anon-rss:192kB, file-rss:35784kB, shmem-rss:0kB [ 3368.896688][T22078] Memory cgroup out of memory: Killed process 8321 (syz-executor.0) total-vm:72844kB, anon-rss:192kB, file-rss:35784kB, shmem-rss:0kB [ 3368.939723][T22085] oom_kill_process: 1 callbacks suppressed [ 3368.939741][T22085] syz-executor.0 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 3368.961812][T22085] CPU: 1 PID: 22085 Comm: syz-executor.0 Not tainted 5.1.0-rc7+ #97 [ 3368.969826][T22085] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3368.980146][T22085] Call Trace: [ 3368.983448][T22085] dump_stack+0x172/0x1f0 [ 3368.987777][T22085] dump_header+0x10f/0xb6c [ 3368.992195][T22085] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 3368.997994][T22085] ? ___ratelimit+0x60/0x595 [ 3369.003158][T22085] oom_kill_process.cold+0x10/0x15 [ 3369.008253][T22085] out_of_memory+0x79a/0x1280 [ 3369.012935][T22085] ? oom_killer_disable+0x280/0x280 [ 3369.018137][T22085] ? find_held_lock+0x35/0x130 [ 3369.022908][T22085] mem_cgroup_out_of_memory+0x1ca/0x230 [ 3369.028455][T22085] ? memcg_event_wake+0x230/0x230 [ 3369.033482][T22085] ? do_raw_spin_unlock+0x57/0x270 [ 3369.038587][T22085] ? _raw_spin_unlock+0x2d/0x50 [ 3369.043432][T22085] try_charge+0xa87/0x15c0 [ 3369.047841][T22085] ? find_held_lock+0x35/0x130 [ 3369.052606][T22085] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 3369.058146][T22085] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3369.064380][T22085] ? kasan_check_read+0x11/0x20 [ 3369.069227][T22085] ? get_mem_cgroup_from_mm+0x128/0x2b0 [ 3369.074767][T22085] mem_cgroup_try_charge+0x24d/0x5e0 [ 3369.080039][T22085] mem_cgroup_try_charge_delay+0x1f/0xa0 [ 3369.085671][T22085] wp_page_copy+0x408/0x1740 [ 3369.090254][T22085] ? find_held_lock+0x35/0x130 [ 3369.095007][T22085] ? pmd_pfn+0x1d0/0x1d0 [ 3369.099228][T22085] ? lock_downgrade+0x880/0x880 [ 3369.104071][T22085] ? swp_swapcount+0x540/0x540 [ 3369.108831][T22085] ? kasan_check_read+0x11/0x20 [ 3369.113689][T22085] ? do_raw_spin_unlock+0x57/0x270 [ 3369.118797][T22085] do_wp_page+0x48e/0x1500 [ 3369.123217][T22085] ? finish_mkwrite_fault+0x4f0/0x4f0 [ 3369.128588][T22085] __handle_mm_fault+0x22e8/0x3ec0 [ 3369.133704][T22085] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 3369.139243][T22085] ? find_held_lock+0x35/0x130 [ 3369.144005][T22085] ? handle_mm_fault+0x322/0xb30 [ 3369.148944][T22085] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3369.155171][T22085] ? kasan_check_read+0x11/0x20 [ 3369.160007][T22085] handle_mm_fault+0x43f/0xb30 [ 3369.164772][T22085] __do_page_fault+0x5ef/0xda0 [ 3369.169534][T22085] do_page_fault+0x71/0x581 [ 3369.174042][T22085] page_fault+0x1e/0x30 [ 3369.178192][T22085] RIP: 0010:__put_user_4+0x1c/0x30 [ 3369.183295][T22085] Code: 1f 00 c3 90 66 2e 0f 1f 84 00 00 00 00 00 65 48 8b 1c 25 00 ee 01 00 48 8b 9b 18 14 00 00 48 83 eb 03 48 39 d9 73 3c 0f 1f 00 <89> 01 31 c0 0f 1f 00 c3 66 90 66 2e 0f 1f 84 00 00 00 00 00 65 48 [ 3369.202910][T22085] RSP: 0018:ffff88801d377ed0 EFLAGS: 00010293 [ 3369.208985][T22085] RAX: 0000000000000000 RBX: 00007fffffffeffd RCX: 00007f3680240608 [ 3369.216964][T22085] RDX: 0000000000000000 RSI: ffffffff819ace93 RDI: 0000000000000286 [ 3369.224930][T22085] RBP: ffff88801d377f10 R08: ffff88801d36c080 R09: 0000000000000001 [ 3369.232918][T22085] R10: ffff88801d36c900 R11: ffff88801d36c080 R12: 0000000000000000 [ 3369.240899][T22085] R13: 00007f3680240608 R14: 0000000000400003 R15: 0000000000000000 [ 3369.248874][T22085] ? __might_fault+0x1a3/0x1e0 [ 3369.253640][T22085] ? __x64_sys_getresgid+0x1aa/0x290 [ 3369.258917][T22085] ? trace_hardirqs_on+0x67/0x230 [ 3369.263973][T22085] do_syscall_64+0x103/0x610 [ 3369.268568][T22085] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3369.274443][T22085] RIP: 0033:0x2000050a [ 3369.278491][T22085] Code: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 98 4a 2a e9 2c b8 b6 4c 0f 05 03 00 40 00 c4 a3 7b f0 c5 3c 41 e2 e9 c4 22 e9 aa bb 3c 00 00 [ 3369.298194][T22085] RSP: 002b:0000000000400003 EFLAGS: 00000217 ORIG_RAX: 0000000000000078 [ 3369.306596][T22085] RAX: ffffffffffffffda RBX: 0000000000000009 RCX: 000000002000050a [ 3369.314560][T22085] RDX: dfaf83e69c634c96 RSI: 0000000000400003 RDI: 00007f3680240608 [ 3369.322707][T22085] RBP: 00000000000000fa R08: 0000000000000005 R09: 0000000000000006 [ 3369.330691][T22085] R10: 0000000000000007 R11: 0000000000000217 R12: 000000000000000b [ 3369.338768][T22085] R13: 000000000000000c R14: 000000000000000d R15: 00000000ffffffff [ 3369.352139][T22085] memory: usage 307200kB, limit 307200kB, failcnt 21726 [ 3369.359451][T22085] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3369.367094][T22085] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3369.374128][T22085] Memory cgroup stats for /syz0: cache:228KB rss:23696KB rss_huge:0KB shmem:200KB mapped_file:0KB dirty:0KB writeback:132KB swap:0KB inactive_anon:104KB active_anon:23584KB inactive_file:0KB active_file:0KB unevictable:0KB [ 3369.396006][T22085] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=8453,uid=0 [ 3369.411642][T22085] Memory cgroup out of memory: Killed process 8453 (syz-executor.0) total-vm:72844kB, anon-rss:192kB, file-rss:35784kB, shmem-rss:0kB [ 3369.441117][T22086] syz-executor.0 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=0, oom_score_adj=1000 [ 3369.454509][T22086] CPU: 1 PID: 22086 Comm: syz-executor.0 Not tainted 5.1.0-rc7+ #97 [ 3369.462509][T22086] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3369.472569][T22086] Call Trace: [ 3369.475859][T22086] dump_stack+0x172/0x1f0 [ 3369.480176][T22086] dump_header+0x10f/0xb6c [ 3369.484598][T22086] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 3369.490404][T22086] ? ___ratelimit+0x60/0x595 [ 3369.494980][T22086] ? do_raw_spin_unlock+0x57/0x270 [ 3369.500080][T22086] oom_kill_process.cold+0x10/0x15 [ 3369.505192][T22086] out_of_memory+0x79a/0x1280 [ 3369.509872][T22086] ? oom_killer_disable+0x280/0x280 [ 3369.515057][T22086] ? find_held_lock+0x35/0x130 [ 3369.519830][T22086] mem_cgroup_out_of_memory+0x1ca/0x230 [ 3369.525381][T22086] ? memcg_event_wake+0x230/0x230 [ 3369.530406][T22086] ? do_raw_spin_unlock+0x57/0x270 [ 3369.535521][T22086] ? _raw_spin_unlock+0x2d/0x50 [ 3369.540357][T22086] try_charge+0xa87/0x15c0 [ 3369.544770][T22086] ? find_held_lock+0x35/0x130 [ 3369.549532][T22086] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 3369.555067][T22086] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 3369.560609][T22086] ? find_held_lock+0x35/0x130 [ 3369.565370][T22086] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 3369.570920][T22086] __memcg_kmem_charge_memcg+0x7c/0x130 [ 3369.576460][T22086] ? memcg_kmem_put_cache+0xb0/0xb0 [ 3369.581656][T22086] ? get_mem_cgroup_from_mm+0x128/0x2b0 [ 3369.587218][T22086] __memcg_kmem_charge+0x136/0x300 [ 3369.592333][T22086] __alloc_pages_nodemask+0x4bf/0x8d0 [ 3369.597695][T22086] ? __alloc_pages_slowpath+0x28b0/0x28b0 [ 3369.603424][T22086] ? is_dynamic_key+0x1c0/0x1c0 [ 3369.608276][T22086] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 3369.614513][T22086] alloc_pages_current+0x107/0x210 [ 3369.619609][T22086] pte_alloc_one+0x1b/0x1a0 [ 3369.624110][T22086] __handle_mm_fault+0x3491/0x3ec0 [ 3369.629237][T22086] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 3369.634771][T22086] ? find_held_lock+0x35/0x130 [ 3369.639525][T22086] ? handle_mm_fault+0x322/0xb30 [ 3369.644483][T22086] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3369.650759][T22086] ? kasan_check_read+0x11/0x20 [ 3369.655613][T22086] handle_mm_fault+0x43f/0xb30 [ 3369.660365][T22086] __do_page_fault+0x5ef/0xda0 [ 3369.665137][T22086] do_page_fault+0x71/0x581 [ 3369.669639][T22086] page_fault+0x1e/0x30 [ 3369.673779][T22086] RIP: 0010:strncpy_from_user+0x1e1/0x380 [ 3369.679478][T22086] Code: 48 83 eb 08 bf 07 00 00 00 49 83 c4 08 48 89 de e8 54 fb 2d fe 48 83 fb 07 0f 86 17 01 00 00 e8 a5 f9 2d fe 48 8b 45 d0 31 f6 <4e> 8b 3c 20 31 ff 89 75 cc e8 11 fb 2d fe 8b 75 cc 85 f6 0f 84 5a [ 3369.699093][T22086] RSP: 0018:ffff88801d3c7cb0 EFLAGS: 00010246 [ 3369.705162][T22086] RAX: 0000000000400003 RBX: 0000000000000fe0 RCX: ffffffff83429272 [ 3369.713162][T22086] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000007 [ 3369.721295][T22086] RBP: ffff88801d3c7ce8 R08: ffff88801d3bc0c0 R09: ffff8880aa594dc0 [ 3369.729257][T22086] R10: 000000000000001c R11: ffff88801d3e18ff R12: 0000000000000000 [ 3369.737219][T22086] R13: ffff88801d3e0920 R14: 0000000000000fe0 R15: 00007ffffffff000 [ 3369.745216][T22086] ? strncpy_from_user+0x142/0x380 [ 3369.750348][T22086] getname_flags+0x11b/0x5b0 [ 3369.754926][T22086] do_renameat2+0x199/0xc40 [ 3369.759421][T22086] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3369.765661][T22086] ? debug_smp_processor_id+0x3c/0x280 [ 3369.771124][T22086] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 3369.776856][T22086] ? user_path_create+0x50/0x50 [ 3369.781718][T22086] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3369.787979][T22086] ? security_capable+0x9b/0xd0 [ 3369.792831][T22086] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3369.799058][T22086] ? ns_capable_common+0x93/0x100 [ 3369.804091][T22086] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3369.809545][T22086] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3369.814989][T22086] ? do_syscall_64+0x26/0x610 [ 3369.819744][T22086] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3369.825824][T22086] ? do_syscall_64+0x26/0x610 [ 3369.830498][T22086] __x64_sys_renameat+0x9a/0x100 [ 3369.835426][T22086] do_syscall_64+0x103/0x610 [ 3369.840004][T22086] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3369.845893][T22086] RIP: 0033:0x2000050a [ 3369.849966][T22086] Code: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 98 4a 2a e9 2c b8 b6 4c 0f 05 03 00 40 00 c4 a3 7b f0 c5 3c 41 e2 e9 c4 22 e9 aa bb 3c 00 00 [ 3369.869563][T22086] RSP: 002b:0000000000400003 EFLAGS: 00000212 ORIG_RAX: 0000000000000108 [ 3369.877973][T22086] RAX: ffffffffffffffda RBX: 0000000000000009 RCX: 000000002000050a [ 3369.885972][T22086] RDX: dfaf83e69c634c96 RSI: 0000000000400003 RDI: 00007f3680240608 [ 3369.893953][T22086] RBP: 0000000000000013 R08: 0000000000000005 R09: 0000000000000006 [ 3369.901926][T22086] R10: 0000000000000007 R11: 0000000000000212 R12: 000000000000000b [ 3369.909907][T22086] R13: 000000000000000c R14: 000000000000000d R15: 00000000ffffffff [ 3369.925937][T22086] memory: usage 307032kB, limit 307200kB, failcnt 21741 [ 3369.933448][T22086] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3369.941010][T22086] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3369.948098][T22086] Memory cgroup stats for /syz0: cache:228KB rss:23564KB rss_huge:0KB shmem:200KB mapped_file:0KB dirty:0KB writeback:132KB swap:0KB inactive_anon:104KB active_anon:23468KB inactive_file:0KB active_file:0KB unevictable:0KB [ 3369.969874][T22086] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=8573,uid=0 [ 3369.985670][T22086] Memory cgroup out of memory: Killed process 8573 (syz-executor.0) total-vm:72844kB, anon-rss:192kB, file-rss:35784kB, shmem-rss:0kB [ 3370.018034][T21636] syz-executor.0 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 3370.038188][T21636] CPU: 0 PID: 21636 Comm: syz-executor.0 Not tainted 5.1.0-rc7+ #97 [ 3370.046209][T21636] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3370.056298][T21636] Call Trace: [ 3370.061523][T21636] dump_stack+0x172/0x1f0 [ 3370.065871][T21636] dump_header+0x10f/0xb6c [ 3370.070305][T21636] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 3370.076122][T21636] ? ___ratelimit+0x60/0x595 [ 3370.080713][T21636] ? do_raw_spin_unlock+0x57/0x270 [ 3370.085829][T21636] oom_kill_process.cold+0x10/0x15 [ 3370.090958][T21636] out_of_memory+0x79a/0x1280 [ 3370.095652][T21636] ? oom_killer_disable+0x280/0x280 [ 3370.100855][T21636] ? find_held_lock+0x35/0x130 [ 3370.105642][T21636] mem_cgroup_out_of_memory+0x1ca/0x230 [ 3370.111195][T21636] ? memcg_event_wake+0x230/0x230 [ 3370.116232][T21636] ? do_raw_spin_unlock+0x57/0x270 [ 3370.121369][T21636] ? _raw_spin_unlock+0x2d/0x50 [ 3370.126233][T21636] try_charge+0xa87/0x15c0 [ 3370.130657][T21636] ? find_held_lock+0x35/0x130 [ 3370.135751][T21636] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 3370.141307][T21636] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3370.147554][T21636] ? kasan_check_read+0x11/0x20 [ 3370.152413][T21636] ? get_mem_cgroup_from_mm+0x128/0x2b0 [ 3370.157973][T21636] mem_cgroup_try_charge+0x24d/0x5e0 [ 3370.163278][T21636] mem_cgroup_try_charge_delay+0x1f/0xa0 [ 3370.168918][T21636] wp_page_copy+0x408/0x1740 [ 3370.173517][T21636] ? find_held_lock+0x35/0x130 [ 3370.178295][T21636] ? pmd_pfn+0x1d0/0x1d0 [ 3370.182544][T21636] ? lock_downgrade+0x880/0x880 [ 3370.187395][T21636] ? swp_swapcount+0x540/0x540 [ 3370.192166][T21636] ? kasan_check_read+0x11/0x20 [ 3370.197020][T21636] ? do_raw_spin_unlock+0x57/0x270 [ 3370.202140][T21636] do_wp_page+0x48e/0x1500 [ 3370.206566][T21636] ? finish_mkwrite_fault+0x4f0/0x4f0 [ 3370.211962][T21636] __handle_mm_fault+0x22e8/0x3ec0 [ 3370.217086][T21636] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 3370.222635][T21636] ? find_held_lock+0x35/0x130 [ 3370.227403][T21636] ? handle_mm_fault+0x322/0xb30 [ 3370.232444][T21636] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3370.238695][T21636] ? kasan_check_read+0x11/0x20 [ 3370.243555][T21636] handle_mm_fault+0x43f/0xb30 [ 3370.248330][T21636] __do_page_fault+0x5ef/0xda0 [ 3370.253111][T21636] do_page_fault+0x71/0x581 [ 3370.257625][T21636] page_fault+0x1e/0x30 [ 3370.261786][T21636] RIP: 0010:__put_user_4+0x1c/0x30 [ 3370.266899][T21636] Code: 1f 00 c3 90 66 2e 0f 1f 84 00 00 00 00 00 65 48 8b 1c 25 00 ee 01 00 48 8b 9b 18 14 00 00 48 83 eb 03 48 39 d9 73 3c 0f 1f 00 <89> 01 31 c0 0f 1f 00 c3 66 90 66 2e 0f 1f 84 00 00 00 00 00 65 48 [ 3370.286525][T21636] RSP: 0018:ffff8882070cfed0 EFLAGS: 00010293 [ 3370.292605][T21636] RAX: 0000000000000000 RBX: 00007fffffffeffd RCX: 00007f3680240608 [ 3370.300584][T21636] RDX: 0000000000000000 RSI: ffffffff819ace93 RDI: 0000000000000286 [ 3370.308564][T21636] RBP: ffff8882070cff10 R08: ffff888065816500 R09: 0000000000000001 [ 3370.316561][T21636] R10: ffff888065816d80 R11: ffff888065816500 R12: 0000000000000000 [ 3370.324570][T21636] R13: 00007f3680240608 R14: 0000000000400003 R15: 0000000000000000 [ 3370.332579][T21636] ? __might_fault+0x1a3/0x1e0 [ 3370.337360][T21636] ? __x64_sys_getresgid+0x1aa/0x290 [ 3370.342646][T21636] ? trace_hardirqs_on+0x67/0x230 [ 3370.347682][T21636] do_syscall_64+0x103/0x610 [ 3370.352284][T21636] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3370.358179][T21636] RIP: 0033:0x2000050a [ 3370.362256][T21636] Code: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 98 4a 2a e9 2c b8 b6 4c 0f 05 03 00 40 00 c4 a3 7b f0 c5 3c 41 e2 e9 c4 22 e9 aa bb 3c 00 00 [ 3370.381868][T21636] RSP: 002b:0000000000400003 EFLAGS: 00000217 ORIG_RAX: 0000000000000078 [ 3370.390287][T21636] RAX: ffffffffffffffda RBX: 0000000000000009 RCX: 000000002000050a [ 3370.398269][T21636] RDX: dfaf83e69c634c96 RSI: 0000000000400003 RDI: 00007f3680240608 [ 3370.406253][T21636] RBP: 00000000000000fa R08: 0000000000000005 R09: 0000000000000006 [ 3370.414235][T21636] R10: 0000000000000007 R11: 0000000000000217 R12: 000000000000000b [ 3370.422223][T21636] R13: 000000000000000c R14: 000000000000000d R15: 00000000ffffffff [ 3370.433218][T21636] memory: usage 307200kB, limit 307200kB, failcnt 21784 [ 3370.440182][T21636] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3370.447771][T21636] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3370.454657][T21636] Memory cgroup stats for /syz0: cache:228KB rss:23416KB rss_huge:0KB shmem:200KB mapped_file:0KB dirty:0KB writeback:132KB swap:0KB inactive_anon:104KB active_anon:23340KB inactive_file:0KB active_file:0KB unevictable:0KB [ 3370.476500][T21636] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=8683,uid=0 [ 3370.491959][T21636] Memory cgroup out of memory: Killed process 8683 (syz-executor.0) total-vm:72844kB, anon-rss:192kB, file-rss:35784kB, shmem-rss:0kB [ 3370.526137][T21636] syz-executor.0 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=0, oom_score_adj=1000 [ 3370.538546][T21636] CPU: 0 PID: 21636 Comm: syz-executor.0 Not tainted 5.1.0-rc7+ #97 [ 3370.546540][T21636] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3370.556591][T21636] Call Trace: [ 3370.559870][T21636] dump_stack+0x172/0x1f0 [ 3370.564190][T21636] dump_header+0x10f/0xb6c [ 3370.568591][T21636] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 3370.574390][T21636] ? ___ratelimit+0x60/0x595 [ 3370.578970][T21636] ? do_raw_spin_unlock+0x57/0x270 [ 3370.584070][T21636] oom_kill_process.cold+0x10/0x15 [ 3370.589171][T21636] out_of_memory+0x79a/0x1280 [ 3370.593833][T21636] ? lock_downgrade+0x880/0x880 [ 3370.598665][T21636] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3370.604891][T21636] ? oom_killer_disable+0x280/0x280 [ 3370.610075][T21636] ? find_held_lock+0x35/0x130 [ 3370.614839][T21636] mem_cgroup_out_of_memory+0x1ca/0x230 [ 3370.620379][T21636] ? memcg_event_wake+0x230/0x230 [ 3370.625398][T21636] ? do_raw_spin_unlock+0x57/0x270 [ 3370.630498][T21636] ? _raw_spin_unlock+0x2d/0x50 [ 3370.635341][T21636] try_charge+0xa87/0x15c0 [ 3370.639763][T21636] ? find_held_lock+0x35/0x130 [ 3370.644756][T21636] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 3370.650299][T21636] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 3370.655832][T21636] ? find_held_lock+0x35/0x130 [ 3370.660581][T21636] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 3370.666117][T21636] __memcg_kmem_charge_memcg+0x7c/0x130 [ 3370.671651][T21636] ? memcg_kmem_put_cache+0xb0/0xb0 [ 3370.676847][T21636] ? get_mem_cgroup_from_mm+0x128/0x2b0 [ 3370.682388][T21636] __memcg_kmem_charge+0x136/0x300 [ 3370.687488][T21636] __alloc_pages_nodemask+0x4bf/0x8d0 [ 3370.692846][T21636] ? __alloc_pages_slowpath+0x28b0/0x28b0 [ 3370.698552][T21636] ? copy_page_range+0x125a/0x1f90 [ 3370.703647][T21636] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 3370.709873][T21636] alloc_pages_current+0x107/0x210 [ 3370.714974][T21636] pte_alloc_one+0x1b/0x1a0 [ 3370.719480][T21636] __pte_alloc+0x20/0x310 [ 3370.723794][T21636] copy_page_range+0x1529/0x1f90 [ 3370.728711][T21636] ? perf_trace_lock+0xeb/0x510 [ 3370.733544][T21636] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3370.739780][T21636] ? pmd_alloc+0x180/0x180 [ 3370.744177][T21636] ? __rb_insert_augmented+0x231/0xdf0 [ 3370.749620][T21636] ? validate_mm_rb+0xa3/0xc0 [ 3370.754282][T21636] ? __vma_link_rb+0x279/0x370 [ 3370.759035][T21636] copy_process.part.0+0x568b/0x7980 [ 3370.764325][T21636] ? __cleanup_sighand+0x60/0x60 [ 3370.770934][T21636] ? check_stack_object+0x114/0x160 [ 3370.776127][T21636] ? __sanitizer_cov_trace_switch+0x49/0x80 [ 3370.782012][T21636] _do_fork+0x257/0xfd0 [ 3370.786156][T21636] ? fork_idle+0x1d0/0x1d0 [ 3370.790552][T21636] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3370.796777][T21636] ? key_get_type_from_user.constprop.0+0xe4/0x110 [ 3370.803288][T21636] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3370.809511][T21636] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3370.814970][T21636] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3370.820408][T21636] ? do_syscall_64+0x26/0x610 [ 3370.825068][T21636] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3370.831119][T21636] ? do_syscall_64+0x26/0x610 [ 3370.835785][T21636] __x64_sys_clone+0xbf/0x150 [ 3370.840447][T21636] do_syscall_64+0x103/0x610 [ 3370.845034][T21636] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3370.850910][T21636] RIP: 0033:0x2000050a [ 3370.854970][T21636] Code: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 98 4a 2a e9 2c b8 b6 4c 0f 05 03 00 40 00 c4 a3 7b f0 c5 3c 41 e2 e9 c4 22 e9 aa bb 3c 00 00 [ 3370.874561][T21636] RSP: 002b:0000000000400003 EFLAGS: 00000212 ORIG_RAX: 0000000000000038 [ 3370.882979][T21636] RAX: ffffffffffffffda RBX: 0000000000000009 RCX: 000000002000050a [ 3370.891200][T21636] RDX: dfaf83e69c634c96 RSI: 0000000000400003 RDI: 00007f3680240608 [ 3370.899161][T21636] RBP: 0000000000000006 R08: 0000000000000005 R09: 0000000000000006 [ 3370.907121][T21636] R10: 0000000000000007 R11: 0000000000000212 R12: 000000000000000b [ 3370.915098][T21636] R13: 000000000000000c R14: 000000000000000d R15: 00000000ffffffff [ 3370.924035][T21636] memory: usage 307032kB, limit 307200kB, failcnt 21800 [ 3370.930986][T21636] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3370.938551][T21636] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3370.945481][T21636] Memory cgroup stats for /syz0: cache:228KB rss:23276KB rss_huge:0KB shmem:200KB mapped_file:0KB dirty:0KB writeback:132KB swap:0KB inactive_anon:104KB active_anon:23208KB inactive_file:0KB active_file:0KB unevictable:0KB [ 3370.967181][T21636] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=8912,uid=0 [ 3370.982703][T21636] Memory cgroup out of memory: Killed process 8912 (syz-executor.0) total-vm:72844kB, anon-rss:192kB, file-rss:35784kB, shmem-rss:0kB [ 3371.020185][T22077] syz-executor.0 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 3371.035864][T22077] CPU: 0 PID: 22077 Comm: syz-executor.0 Not tainted 5.1.0-rc7+ #97 [ 3371.043872][T22077] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3371.053935][T22077] Call Trace: [ 3371.057256][T22077] dump_stack+0x172/0x1f0 [ 3371.061598][T22077] dump_header+0x10f/0xb6c [ 3371.066039][T22077] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 3371.071844][T22077] ? ___ratelimit+0x60/0x595 [ 3371.076423][T22077] ? do_raw_spin_unlock+0x57/0x270 [ 3371.081523][T22077] oom_kill_process.cold+0x10/0x15 [ 3371.086624][T22077] out_of_memory+0x79a/0x1280 [ 3371.091288][T22077] ? oom_killer_disable+0x280/0x280 [ 3371.096467][T22077] ? find_held_lock+0x35/0x130 [ 3371.101253][T22077] mem_cgroup_out_of_memory+0x1ca/0x230 [ 3371.106790][T22077] ? memcg_event_wake+0x230/0x230 [ 3371.111806][T22077] ? do_raw_spin_unlock+0x57/0x270 [ 3371.116910][T22077] ? _raw_spin_unlock+0x2d/0x50 [ 3371.121778][T22077] try_charge+0xa87/0x15c0 [ 3371.126183][T22077] ? find_held_lock+0x35/0x130 [ 3371.130936][T22077] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 3371.136481][T22077] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3371.142715][T22077] ? kasan_check_read+0x11/0x20 [ 3371.147574][T22077] ? get_mem_cgroup_from_mm+0x128/0x2b0 [ 3371.153113][T22077] mem_cgroup_try_charge+0x24d/0x5e0 [ 3371.158395][T22077] mem_cgroup_try_charge_delay+0x1f/0xa0 [ 3371.164019][T22077] wp_page_copy+0x408/0x1740 [ 3371.168596][T22077] ? find_held_lock+0x35/0x130 [ 3371.173363][T22077] ? pmd_pfn+0x1d0/0x1d0 [ 3371.177594][T22077] ? lock_downgrade+0x880/0x880 [ 3371.182426][T22077] ? swp_swapcount+0x540/0x540 [ 3371.187174][T22077] ? kasan_check_read+0x11/0x20 [ 3371.192021][T22077] ? do_raw_spin_unlock+0x57/0x270 [ 3371.197122][T22077] do_wp_page+0x48e/0x1500 [ 3371.201533][T22077] ? finish_mkwrite_fault+0x4f0/0x4f0 [ 3371.206899][T22077] __handle_mm_fault+0x22e8/0x3ec0 [ 3371.211996][T22077] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 3371.217525][T22077] ? find_held_lock+0x35/0x130 [ 3371.222275][T22077] ? handle_mm_fault+0x322/0xb30 [ 3371.227201][T22077] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3371.233442][T22077] ? kasan_check_read+0x11/0x20 [ 3371.238280][T22077] handle_mm_fault+0x43f/0xb30 [ 3371.243031][T22077] __do_page_fault+0x5ef/0xda0 [ 3371.247797][T22077] do_page_fault+0x71/0x581 [ 3371.252290][T22077] page_fault+0x1e/0x30 [ 3371.256426][T22077] RIP: 0010:__put_user_4+0x1c/0x30 [ 3371.261514][T22077] Code: 1f 00 c3 90 66 2e 0f 1f 84 00 00 00 00 00 65 48 8b 1c 25 00 ee 01 00 48 8b 9b 18 14 00 00 48 83 eb 03 48 39 d9 73 3c 0f 1f 00 <89> 01 31 c0 0f 1f 00 c3 66 90 66 2e 0f 1f 84 00 00 00 00 00 65 48 [ 3371.281106][T22077] RSP: 0018:ffff88801d237ed0 EFLAGS: 00010293 [ 3371.287159][T22077] RAX: 0000000000000000 RBX: 00007fffffffeffd RCX: 00007f3680240608 [ 3371.295117][T22077] RDX: 0000000000000000 RSI: ffffffff819ace93 RDI: 0000000000000286 [ 3371.303074][T22077] RBP: ffff88801d237f10 R08: ffff88801d22a600 R09: 0000000000000001 [ 3371.311035][T22077] R10: ffff88801d22ae80 R11: ffff88801d22a600 R12: 0000000000000000 [ 3371.318996][T22077] R13: 00007f3680240608 R14: 0000000000400003 R15: 0000000000000000 [ 3371.326977][T22077] ? __might_fault+0x1a3/0x1e0 [ 3371.331735][T22077] ? __x64_sys_getresgid+0x1aa/0x290 [ 3371.337005][T22077] ? trace_hardirqs_on+0x67/0x230 [ 3371.342021][T22077] do_syscall_64+0x103/0x610 [ 3371.346602][T22077] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3371.352482][T22077] RIP: 0033:0x2000050a [ 3371.356538][T22077] Code: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 98 4a 2a e9 2c b8 b6 4c 0f 05 03 00 40 00 c4 a3 7b f0 c5 3c 41 e2 e9 c4 22 e9 aa bb 3c 00 00 [ 3371.376148][T22077] RSP: 002b:0000000000400003 EFLAGS: 00000217 ORIG_RAX: 0000000000000078 [ 3371.384567][T22077] RAX: ffffffffffffffda RBX: 0000000000000009 RCX: 000000002000050a [ 3371.392526][T22077] RDX: dfaf83e69c634c96 RSI: 0000000000400003 RDI: 00007f3680240608 [ 3371.400485][T22077] RBP: 00000000000000fa R08: 0000000000000005 R09: 0000000000000006 [ 3371.408447][T22077] R10: 0000000000000007 R11: 0000000000000217 R12: 000000000000000b [ 3371.416406][T22077] R13: 000000000000000c R14: 000000000000000d R15: 00000000ffffffff [ 3371.424635][T22077] memory: usage 307200kB, limit 307200kB, failcnt 21861 [ 3371.431644][T22077] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3371.439115][T22077] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3371.446096][T22077] Memory cgroup stats for /syz0: cache:228KB rss:23276KB rss_huge:0KB shmem:200KB mapped_file:0KB dirty:0KB writeback:132KB swap:0KB inactive_anon:104KB active_anon:23092KB inactive_file:0KB active_file:0KB unevictable:0KB [ 3371.468496][T22077] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=8994,uid=0 [ 3371.483954][T22077] Memory cgroup out of memory: Killed process 8994 (syz-executor.0) total-vm:72844kB, anon-rss:192kB, file-rss:35784kB, shmem-rss:0kB [ 3371.508966][T22076] syz-executor.0 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=0, oom_score_adj=1000 [ 3371.529067][T22076] CPU: 0 PID: 22076 Comm: syz-executor.0 Not tainted 5.1.0-rc7+ #97 [ 3371.537082][T22076] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3371.547138][T22076] Call Trace: [ 3371.550424][T22076] dump_stack+0x172/0x1f0 [ 3371.554755][T22076] dump_header+0x10f/0xb6c [ 3371.559159][T22076] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 3371.564959][T22076] ? ___ratelimit+0x60/0x595 [ 3371.569546][T22076] ? do_raw_spin_unlock+0x57/0x270 [ 3371.574646][T22076] oom_kill_process.cold+0x10/0x15 [ 3371.579742][T22076] out_of_memory+0x79a/0x1280 [ 3371.584414][T22076] ? oom_killer_disable+0x280/0x280 [ 3371.589612][T22076] ? find_held_lock+0x35/0x130 [ 3371.594379][T22076] mem_cgroup_out_of_memory+0x1ca/0x230 [ 3371.599914][T22076] ? memcg_event_wake+0x230/0x230 [ 3371.604933][T22076] ? do_raw_spin_unlock+0x57/0x270 [ 3371.610130][T22076] ? _raw_spin_unlock+0x2d/0x50 [ 3371.614975][T22076] try_charge+0xa87/0x15c0 [ 3371.619387][T22076] ? find_held_lock+0x35/0x130 [ 3371.624152][T22076] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 3371.629677][T22076] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 3371.635224][T22076] ? find_held_lock+0x35/0x130 [ 3371.639991][T22076] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 3371.645545][T22076] __memcg_kmem_charge_memcg+0x7c/0x130 [ 3371.651074][T22076] ? memcg_kmem_put_cache+0xb0/0xb0 [ 3371.656288][T22076] ? get_mem_cgroup_from_mm+0x128/0x2b0 [ 3371.661825][T22076] __memcg_kmem_charge+0x136/0x300 [ 3371.666920][T22076] __alloc_pages_nodemask+0x4bf/0x8d0 [ 3371.672287][T22076] ? __alloc_pages_slowpath+0x28b0/0x28b0 [ 3371.678014][T22076] ? is_dynamic_key+0x1c0/0x1c0 [ 3371.682851][T22076] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 3371.689075][T22076] alloc_pages_current+0x107/0x210 [ 3371.694172][T22076] pte_alloc_one+0x1b/0x1a0 [ 3371.698663][T22076] __handle_mm_fault+0x3491/0x3ec0 [ 3371.703783][T22076] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 3371.709331][T22076] ? find_held_lock+0x35/0x130 [ 3371.714091][T22076] ? handle_mm_fault+0x322/0xb30 [ 3371.719017][T22076] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3371.725267][T22076] ? kasan_check_read+0x11/0x20 [ 3371.730108][T22076] handle_mm_fault+0x43f/0xb30 [ 3371.734858][T22076] __do_page_fault+0x5ef/0xda0 [ 3371.739611][T22076] do_page_fault+0x71/0x581 [ 3371.744102][T22076] page_fault+0x1e/0x30 [ 3371.748250][T22076] RIP: 0010:strncpy_from_user+0x1e1/0x380 [ 3371.753962][T22076] Code: 48 83 eb 08 bf 07 00 00 00 49 83 c4 08 48 89 de e8 54 fb 2d fe 48 83 fb 07 0f 86 17 01 00 00 e8 a5 f9 2d fe 48 8b 45 d0 31 f6 <4e> 8b 3c 20 31 ff 89 75 cc e8 11 fb 2d fe 8b 75 cc 85 f6 0f 84 5a [ 3371.773553][T22076] RSP: 0018:ffff88801d227cb0 EFLAGS: 00010246 [ 3371.779601][T22076] RAX: 0000000000400003 RBX: 0000000000000fe0 RCX: ffffffff83429272 [ 3371.787557][T22076] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000007 [ 3371.795515][T22076] RBP: ffff88801d227ce8 R08: ffff88802804a5c0 R09: ffff8880aa594dc0 [ 3371.803473][T22076] R10: 000000000000001c R11: ffff88801d3eba3f R12: 0000000000000000 [ 3371.811436][T22076] R13: ffff88801d3eaa60 R14: 0000000000000fe0 R15: 00007ffffffff000 [ 3371.819440][T22076] ? strncpy_from_user+0x142/0x380 [ 3371.824552][T22076] getname_flags+0x11b/0x5b0 [ 3371.829130][T22076] do_renameat2+0x199/0xc40 [ 3371.833616][T22076] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3371.839840][T22076] ? debug_smp_processor_id+0x3c/0x280 [ 3371.845300][T22076] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 3371.851005][T22076] ? user_path_create+0x50/0x50 [ 3371.855844][T22076] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3371.862069][T22076] ? security_capable+0x9b/0xd0 [ 3371.866929][T22076] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3371.873158][T22076] ? ns_capable_common+0x93/0x100 [ 3371.878187][T22076] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3371.883629][T22076] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3371.889082][T22076] ? do_syscall_64+0x26/0x610 [ 3371.893744][T22076] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3371.899797][T22076] ? do_syscall_64+0x26/0x610 [ 3371.904463][T22076] __x64_sys_renameat+0x9a/0x100 [ 3371.909389][T22076] do_syscall_64+0x103/0x610 [ 3371.913977][T22076] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3371.919868][T22076] RIP: 0033:0x2000050a [ 3371.923922][T22076] Code: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 98 4a 2a e9 2c b8 b6 4c 0f 05 03 00 40 00 c4 a3 7b f0 c5 3c 41 e2 e9 c4 22 e9 aa bb 3c 00 00 [ 3371.943525][T22076] RSP: 002b:0000000000400003 EFLAGS: 00000212 ORIG_RAX: 0000000000000108 [ 3371.951924][T22076] RAX: ffffffffffffffda RBX: 0000000000000009 RCX: 000000002000050a [ 3371.959895][T22076] RDX: dfaf83e69c634c96 RSI: 0000000000400003 RDI: 00007f3680240608 [ 3371.967856][T22076] RBP: 0000000000000013 R08: 0000000000000005 R09: 0000000000000006 [ 3371.975815][T22076] R10: 0000000000000007 R11: 0000000000000212 R12: 000000000000000b [ 3371.983797][T22076] R13: 000000000000000c R14: 000000000000000d R15: 00000000ffffffff [ 3371.994686][T22076] memory: usage 307032kB, limit 307200kB, failcnt 21869 [ 3372.002844][T22076] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3372.010342][T22076] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3372.017443][T22076] Memory cgroup stats for /syz0: cache:228KB rss:23144KB rss_huge:0KB shmem:200KB mapped_file:0KB dirty:0KB writeback:132KB swap:0KB inactive_anon:104KB active_anon:22960KB inactive_file:0KB active_file:0KB unevictable:0KB [ 3372.043725][T22076] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=9512,uid=0 [ 3372.059114][T22076] Memory cgroup out of memory: Killed process 9512 (syz-executor.0) total-vm:72844kB, anon-rss:192kB, file-rss:35784kB, shmem-rss:0kB [ 3372.094222][T22075] syz-executor.0 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=0, oom_score_adj=1000 [ 3372.112429][T22075] CPU: 1 PID: 22075 Comm: syz-executor.0 Not tainted 5.1.0-rc7+ #97 [ 3372.120707][T22075] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3372.130881][T22075] Call Trace: [ 3372.134199][T22075] dump_stack+0x172/0x1f0 [ 3372.138554][T22075] dump_header+0x10f/0xb6c [ 3372.143235][T22075] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 3372.149037][T22075] ? ___ratelimit+0x60/0x595 [ 3372.153629][T22075] ? do_raw_spin_unlock+0x57/0x270 [ 3372.159366][T22075] oom_kill_process.cold+0x10/0x15 [ 3372.164483][T22075] out_of_memory+0x79a/0x1280 [ 3372.169153][T22075] ? oom_killer_disable+0x280/0x280 [ 3372.174345][T22075] ? find_held_lock+0x35/0x130 [ 3372.179112][T22075] mem_cgroup_out_of_memory+0x1ca/0x230 [ 3372.184634][T22075] ? memcg_event_wake+0x230/0x230 [ 3372.189647][T22075] ? do_raw_spin_unlock+0x57/0x270 [ 3372.194768][T22075] ? _raw_spin_unlock+0x2d/0x50 [ 3372.199666][T22075] try_charge+0xa87/0x15c0 [ 3372.204083][T22075] ? find_held_lock+0x35/0x130 [ 3372.208854][T22075] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 3372.214585][T22075] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 3372.220137][T22075] ? find_held_lock+0x35/0x130 [ 3372.224887][T22075] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 3372.230419][T22075] __memcg_kmem_charge_memcg+0x7c/0x130 [ 3372.235977][T22075] ? memcg_kmem_put_cache+0xb0/0xb0 [ 3372.241173][T22075] ? get_mem_cgroup_from_mm+0x128/0x2b0 [ 3372.246702][T22075] __memcg_kmem_charge+0x136/0x300 [ 3372.251812][T22075] __alloc_pages_nodemask+0x4bf/0x8d0 [ 3372.257199][T22075] ? __alloc_pages_slowpath+0x28b0/0x28b0 [ 3372.262928][T22075] ? copy_page_range+0x125a/0x1f90 [ 3372.268036][T22075] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 3372.274288][T22075] alloc_pages_current+0x107/0x210 [ 3372.279405][T22075] pte_alloc_one+0x1b/0x1a0 [ 3372.283913][T22075] __pte_alloc+0x20/0x310 [ 3372.288236][T22075] copy_page_range+0x1529/0x1f90 [ 3372.293175][T22075] ? perf_trace_lock+0xeb/0x510 [ 3372.298029][T22075] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3372.304281][T22075] ? pmd_alloc+0x180/0x180 [ 3372.308679][T22075] ? __rb_insert_augmented+0x231/0xdf0 [ 3372.314127][T22075] ? validate_mm_rb+0xa3/0xc0 [ 3372.318808][T22075] ? __vma_link_rb+0x279/0x370 [ 3372.323563][T22075] copy_process.part.0+0x568b/0x7980 [ 3372.328866][T22075] ? __cleanup_sighand+0x60/0x60 [ 3372.333814][T22075] ? check_stack_object+0x114/0x160 [ 3372.339007][T22075] ? __sanitizer_cov_trace_switch+0x49/0x80 [ 3372.344901][T22075] _do_fork+0x257/0xfd0 [ 3372.349043][T22075] ? fork_idle+0x1d0/0x1d0 [ 3372.353459][T22075] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3372.359699][T22075] ? key_get_type_from_user.constprop.0+0xe4/0x110 [ 3372.366193][T22075] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3372.372437][T22075] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3372.377904][T22075] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3372.383367][T22075] ? do_syscall_64+0x26/0x610 [ 3372.388030][T22075] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3372.394113][T22075] ? do_syscall_64+0x26/0x610 [ 3372.398796][T22075] __x64_sys_clone+0xbf/0x150 [ 3372.403469][T22075] do_syscall_64+0x103/0x610 [ 3372.408044][T22075] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3372.413926][T22075] RIP: 0033:0x2000050a [ 3372.418026][T22075] Code: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 98 4a 2a e9 2c b8 b6 4c 0f 05 03 00 40 00 c4 a3 7b f0 c5 3c 41 e2 e9 c4 22 e9 aa bb 3c 00 00 [ 3372.437814][T22075] RSP: 002b:0000000000400003 EFLAGS: 00000212 ORIG_RAX: 0000000000000038 [ 3372.446228][T22075] RAX: ffffffffffffffda RBX: 0000000000000009 RCX: 000000002000050a [ 3372.454202][T22075] RDX: dfaf83e69c634c96 RSI: 0000000000400003 RDI: 00007f3680240608 [ 3372.462174][T22075] RBP: 0000000000000006 R08: 0000000000000005 R09: 0000000000000006 [ 3372.470135][T22075] R10: 0000000000000007 R11: 0000000000000212 R12: 000000000000000b [ 3372.478108][T22075] R13: 000000000000000c R14: 000000000000000d R15: 00000000ffffffff [ 3372.490953][T22075] memory: usage 307200kB, limit 307200kB, failcnt 21904 [ 3372.498140][ C1] net_ratelimit: 14 callbacks suppressed [ 3372.498149][ C1] protocol 88fb is buggy, dev hsr_slave_0 [ 3372.498217][ C1] protocol 88fb is buggy, dev hsr_slave_1 [ 3372.498394][ C1] protocol 88fb is buggy, dev hsr_slave_0 [ 3372.498451][ C1] protocol 88fb is buggy, dev hsr_slave_1 [ 3372.498622][ C1] protocol 88fb is buggy, dev hsr_slave_0 [ 3372.498674][ C1] protocol 88fb is buggy, dev hsr_slave_1 [ 3372.539631][T22075] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3372.547267][T22075] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3372.554227][T22075] Memory cgroup stats for /syz0: cache:228KB rss:23008KB rss_huge:0KB shmem:200KB mapped_file:0KB dirty:0KB writeback:132KB swap:0KB inactive_anon:104KB active_anon:22848KB inactive_file:0KB active_file:0KB unevictable:0KB [ 3372.576077][T22075] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=9596,uid=0 [ 3372.591897][T22075] Memory cgroup out of memory: Killed process 9596 (syz-executor.0) total-vm:72844kB, anon-rss:192kB, file-rss:35784kB, shmem-rss:0kB [ 3372.617605][T21445] syz-executor.0 invoked oom-killer: gfp_mask=0x40cc0(GFP_KERNEL|__GFP_COMP), order=1, oom_score_adj=1000 [ 3372.629215][T21445] CPU: 1 PID: 21445 Comm: syz-executor.0 Not tainted 5.1.0-rc7+ #97 [ 3372.637211][T21445] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3372.647285][T21445] Call Trace: [ 3372.650596][T21445] dump_stack+0x172/0x1f0 [ 3372.654954][T21445] dump_header+0x10f/0xb6c [ 3372.659475][T21445] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 3372.665292][T21445] ? ___ratelimit+0x60/0x595 [ 3372.669887][T21445] ? do_raw_spin_unlock+0x57/0x270 [ 3372.675047][T21445] oom_kill_process.cold+0x10/0x15 [ 3372.680175][T21445] out_of_memory+0x79a/0x1280 [ 3372.684859][T21445] ? oom_killer_disable+0x280/0x280 [ 3372.690334][T21445] ? find_held_lock+0x35/0x130 [ 3372.695093][T21445] mem_cgroup_out_of_memory+0x1ca/0x230 [ 3372.700638][T21445] ? memcg_event_wake+0x230/0x230 [ 3372.705654][T21445] ? do_raw_spin_unlock+0x57/0x270 [ 3372.710758][T21445] ? _raw_spin_unlock+0x2d/0x50 [ 3372.715598][T21445] try_charge+0xa87/0x15c0 [ 3372.720003][T21445] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 3372.725553][T21445] ? rcu_read_lock_sched_held+0x110/0x130 [ 3372.731262][T21445] ? __alloc_pages_nodemask+0x61d/0x8d0 [ 3372.736797][T21445] ? __lockdep_free_key_range+0x120/0x120 [ 3372.742774][T21445] __memcg_kmem_charge_memcg+0x7c/0x130 [ 3372.748306][T21445] ? memcg_kmem_put_cache+0xb0/0xb0 [ 3372.753573][T21445] ? cache_grow_begin+0x594/0x860 [ 3372.758585][T21445] ? lockdep_hardirqs_on+0x418/0x5d0 [ 3372.763856][T21445] ? trace_hardirqs_on+0x67/0x230 [ 3372.768866][T21445] cache_grow_begin+0x5c0/0x860 [ 3372.773702][T21445] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 3372.779927][T21445] ? __cpuset_node_allowed+0x136/0x540 [ 3372.785381][T21445] fallback_alloc+0x1fd/0x2d0 [ 3372.790049][T21445] ____cache_alloc_node+0x1be/0x1e0 [ 3372.795231][T21445] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 3372.801459][T21445] kmem_cache_alloc_node+0xe3/0x710 [ 3372.806657][T21445] ? lockdep_hardirqs_on+0x418/0x5d0 [ 3372.811928][T21445] ? trace_hardirqs_on+0x67/0x230 [ 3372.816951][T21445] copy_process.part.0+0x1d08/0x7980 [ 3372.822224][T21445] ? perf_trace_lock+0xeb/0x510 [ 3372.827058][T21445] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3372.833373][T21445] ? debug_smp_processor_id+0x3c/0x280 [ 3372.838815][T21445] ? __lockdep_free_key_range+0x120/0x120 [ 3372.844522][T21445] ? __might_fault+0x12b/0x1e0 [ 3372.849277][T21445] ? find_held_lock+0x35/0x130 [ 3372.854025][T21445] ? __might_fault+0x12b/0x1e0 [ 3372.858781][T21445] ? __cleanup_sighand+0x60/0x60 [ 3372.863711][T21445] ? check_stack_object+0x114/0x160 [ 3372.868978][T21445] ? __sanitizer_cov_trace_switch+0x49/0x80 [ 3372.874860][T21445] _do_fork+0x257/0xfd0 [ 3372.879004][T21445] ? fork_idle+0x1d0/0x1d0 [ 3372.883431][T21445] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3372.889659][T21445] ? key_get_type_from_user.constprop.0+0xe4/0x110 [ 3372.896148][T21445] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3372.902386][T21445] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3372.907826][T21445] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3372.913275][T21445] ? do_syscall_64+0x26/0x610 [ 3372.917935][T21445] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3372.923992][T21445] ? do_syscall_64+0x26/0x610 [ 3372.928658][T21445] __x64_sys_clone+0xbf/0x150 [ 3372.933329][T21445] do_syscall_64+0x103/0x610 [ 3372.937910][T21445] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3372.943791][T21445] RIP: 0033:0x2000050a [ 3372.947841][T21445] Code: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 98 4a 2a e9 2c b8 b6 4c 0f 05 03 00 40 00 c4 a3 7b f0 c5 3c 41 e2 e9 c4 22 e9 aa bb 3c 00 00 [ 3372.967430][T21445] RSP: 002b:0000000000400003 EFLAGS: 00000212 ORIG_RAX: 0000000000000038 [ 3372.975830][T21445] RAX: ffffffffffffffda RBX: 0000000000000009 RCX: 000000002000050a [ 3372.983805][T21445] RDX: dfaf83e69c634c96 RSI: 0000000000400003 RDI: 00007f3680240608 [ 3372.991769][T21445] RBP: 0000000000000006 R08: 0000000000000005 R09: 0000000000000006 [ 3372.999727][T21445] R10: 0000000000000007 R11: 0000000000000212 R12: 000000000000000b [ 3373.007951][T21445] R13: 000000000000000c R14: 000000000000000d R15: 00000000ffffffff [ 3373.021445][T21445] memory: usage 307200kB, limit 307200kB, failcnt 21940 [ 3373.021896][ C0] protocol 88fb is buggy, dev hsr_slave_0 [ 3373.028622][T21445] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3373.034362][ C0] protocol 88fb is buggy, dev hsr_slave_1 [ 3373.034484][ C0] protocol 88fb is buggy, dev hsr_slave_0 [ 3373.042070][T21445] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3373.047726][ C0] protocol 88fb is buggy, dev hsr_slave_1 [ 3373.066732][T21445] Memory cgroup stats for /syz0: cache:228KB rss:22856KB rss_huge:0KB shmem:200KB mapped_file:0KB dirty:0KB writeback:132KB swap:0KB inactive_anon:104KB active_anon:22720KB inactive_file:0KB active_file:0KB unevictable:0KB [ 3373.088868][T21445] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=9867,uid=0 [ 3373.104493][T21445] Memory cgroup out of memory: Killed process 9867 (syz-executor.0) total-vm:72844kB, anon-rss:192kB, file-rss:35784kB, shmem-rss:0kB [ 3373.136979][T22079] syz-executor.0 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=0, oom_score_adj=1000 [ 3373.150498][T22079] CPU: 1 PID: 22079 Comm: syz-executor.0 Not tainted 5.1.0-rc7+ #97 [ 3373.158484][T22079] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3373.168542][T22079] Call Trace: [ 3373.171827][T22079] dump_stack+0x172/0x1f0 [ 3373.176166][T22079] dump_header+0x10f/0xb6c [ 3373.180573][T22079] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 3373.186364][T22079] ? ___ratelimit+0x60/0x595 [ 3373.190936][T22079] ? do_raw_spin_unlock+0x57/0x270 [ 3373.196138][T22079] oom_kill_process.cold+0x10/0x15 [ 3373.201246][T22079] out_of_memory+0x79a/0x1280 [ 3373.205937][T22079] ? oom_killer_disable+0x280/0x280 [ 3373.211143][T22079] ? find_held_lock+0x35/0x130 [ 3373.215910][T22079] mem_cgroup_out_of_memory+0x1ca/0x230 [ 3373.221442][T22079] ? memcg_event_wake+0x230/0x230 [ 3373.226468][T22079] ? do_raw_spin_unlock+0x57/0x270 [ 3373.231655][T22079] ? _raw_spin_unlock+0x2d/0x50 [ 3373.236495][T22079] try_charge+0xa87/0x15c0 [ 3373.240906][T22079] ? find_held_lock+0x35/0x130 [ 3373.245678][T22079] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 3373.251223][T22079] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 3373.256772][T22079] ? find_held_lock+0x35/0x130 [ 3373.261532][T22079] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 3373.267172][T22079] __memcg_kmem_charge_memcg+0x7c/0x130 [ 3373.272706][T22079] ? memcg_kmem_put_cache+0xb0/0xb0 [ 3373.277895][T22079] ? get_mem_cgroup_from_mm+0x128/0x2b0 [ 3373.283440][T22079] __memcg_kmem_charge+0x136/0x300 [ 3373.288559][T22079] __alloc_pages_nodemask+0x4bf/0x8d0 [ 3373.293929][T22079] ? __alloc_pages_slowpath+0x28b0/0x28b0 [ 3373.299655][T22079] ? is_dynamic_key+0x1c0/0x1c0 [ 3373.304761][T22079] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 3373.310998][T22079] alloc_pages_current+0x107/0x210 [ 3373.316101][T22079] pte_alloc_one+0x1b/0x1a0 [ 3373.320597][T22079] __handle_mm_fault+0x3491/0x3ec0 [ 3373.325724][T22079] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 3373.331264][T22079] ? find_held_lock+0x35/0x130 [ 3373.336020][T22079] ? handle_mm_fault+0x322/0xb30 [ 3373.340953][T22079] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3373.347204][T22079] ? kasan_check_read+0x11/0x20 [ 3373.352039][T22079] handle_mm_fault+0x43f/0xb30 [ 3373.356804][T22079] __do_page_fault+0x5ef/0xda0 [ 3373.361573][T22079] do_page_fault+0x71/0x581 [ 3373.366103][T22079] page_fault+0x1e/0x30 [ 3373.370248][T22079] RIP: 0010:strncpy_from_user+0x1e1/0x380 [ 3373.375980][T22079] Code: 48 83 eb 08 bf 07 00 00 00 49 83 c4 08 48 89 de e8 54 fb 2d fe 48 83 fb 07 0f 86 17 01 00 00 e8 a5 f9 2d fe 48 8b 45 d0 31 f6 <4e> 8b 3c 20 31 ff 89 75 cc e8 11 fb 2d fe 8b 75 cc 85 f6 0f 84 5a [ 3373.395573][T22079] RSP: 0018:ffff88801d2b7cb0 EFLAGS: 00010246 [ 3373.401636][T22079] RAX: 0000000000400003 RBX: 0000000000000fe0 RCX: ffffffff83429272 [ 3373.409602][T22079] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000007 [ 3373.417585][T22079] RBP: ffff88801d2b7ce8 R08: ffff88801d2aa6c0 R09: ffff8880aa594dc0 [ 3373.425549][T22079] R10: 000000000000001c R11: ffff88801d3f1abf R12: 0000000000000000 [ 3373.433512][T22079] R13: ffff88801d3f0ae0 R14: 0000000000000fe0 R15: 00007ffffffff000 [ 3373.441500][T22079] ? strncpy_from_user+0x142/0x380 [ 3373.446608][T22079] getname_flags+0x11b/0x5b0 [ 3373.451186][T22079] do_renameat2+0x199/0xc40 [ 3373.455673][T22079] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3373.461895][T22079] ? debug_smp_processor_id+0x3c/0x280 [ 3373.467341][T22079] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 3373.473048][T22079] ? user_path_create+0x50/0x50 [ 3373.477906][T22079] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3373.484143][T22079] ? security_capable+0x9b/0xd0 [ 3373.488988][T22079] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3373.495223][T22079] ? ns_capable_common+0x93/0x100 [ 3373.500244][T22079] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3373.505694][T22079] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3373.511138][T22079] ? do_syscall_64+0x26/0x610 [ 3373.515805][T22079] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3373.521860][T22079] ? do_syscall_64+0x26/0x610 [ 3373.526527][T22079] __x64_sys_renameat+0x9a/0x100 [ 3373.531452][T22079] do_syscall_64+0x103/0x610 [ 3373.536034][T22079] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3373.541911][T22079] RIP: 0033:0x2000050a [ 3373.545978][T22079] Code: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 98 4a 2a e9 2c b8 b6 4c 0f 05 03 00 40 00 c4 a3 7b f0 c5 3c 41 e2 e9 c4 22 e9 aa bb 3c 00 00 [ 3373.565570][T22079] RSP: 002b:0000000000400003 EFLAGS: 00000212 ORIG_RAX: 0000000000000108 [ 3373.573971][T22079] RAX: ffffffffffffffda RBX: 0000000000000009 RCX: 000000002000050a [ 3373.581932][T22079] RDX: dfaf83e69c634c96 RSI: 0000000000400003 RDI: 00007f3680240608 [ 3373.589898][T22079] RBP: 0000000000000013 R08: 0000000000000005 R09: 0000000000000006 [ 3373.597870][T22079] R10: 0000000000000007 R11: 0000000000000212 R12: 000000000000000b [ 3373.605835][T22079] R13: 000000000000000c R14: 000000000000000d R15: 00000000ffffffff [ 3373.628579][T22079] memory: usage 307028kB, limit 307200kB, failcnt 21954 [ 3373.635660][T22079] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3373.643320][T22079] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3373.650177][T22079] Memory cgroup stats for /syz0: cache:228KB rss:22720KB rss_huge:0KB shmem:200KB mapped_file:0KB dirty:0KB writeback:132KB swap:0KB inactive_anon:104KB active_anon:22600KB inactive_file:0KB active_file:0KB unevictable:0KB [ 3373.672297][T22079] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=9938,uid=0 [ 3373.687803][T22079] Memory cgroup out of memory: Killed process 9938 (syz-executor.0) total-vm:72844kB, anon-rss:192kB, file-rss:35784kB, shmem-rss:0kB [ 3373.718900][T22080] syz-executor.0 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=0, oom_score_adj=1000 [ 3373.733035][T22080] CPU: 1 PID: 22080 Comm: syz-executor.0 Not tainted 5.1.0-rc7+ #97 [ 3373.741040][T22080] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3373.751105][T22080] Call Trace: [ 3373.754412][T22080] dump_stack+0x172/0x1f0 [ 3373.758783][T22080] dump_header+0x10f/0xb6c [ 3373.763214][T22080] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 3373.769037][T22080] ? ___ratelimit+0x60/0x595 [ 3373.773720][T22080] ? do_raw_spin_unlock+0x57/0x270 [ 3373.778851][T22080] oom_kill_process.cold+0x10/0x15 [ 3373.783980][T22080] out_of_memory+0x79a/0x1280 [ 3373.788667][T22080] ? oom_killer_disable+0x280/0x280 [ 3373.793858][T22080] ? find_held_lock+0x35/0x130 [ 3373.798639][T22080] mem_cgroup_out_of_memory+0x1ca/0x230 [ 3373.804188][T22080] ? memcg_event_wake+0x230/0x230 [ 3373.809199][T22080] ? do_raw_spin_unlock+0x57/0x270 [ 3373.814294][T22080] ? _raw_spin_unlock+0x2d/0x50 [ 3373.819134][T22080] try_charge+0xa87/0x15c0 [ 3373.823533][T22080] ? find_held_lock+0x35/0x130 [ 3373.828287][T22080] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 3373.833840][T22080] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 3373.839371][T22080] ? find_held_lock+0x35/0x130 [ 3373.844122][T22080] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 3373.849657][T22080] __memcg_kmem_charge_memcg+0x7c/0x130 [ 3373.855204][T22080] ? memcg_kmem_put_cache+0xb0/0xb0 [ 3373.860386][T22080] ? get_mem_cgroup_from_mm+0x128/0x2b0 [ 3373.865926][T22080] __memcg_kmem_charge+0x136/0x300 [ 3373.871041][T22080] __alloc_pages_nodemask+0x4bf/0x8d0 [ 3373.876412][T22080] ? __alloc_pages_slowpath+0x28b0/0x28b0 [ 3373.882122][T22080] ? is_dynamic_key+0x1c0/0x1c0 [ 3373.886963][T22080] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 3373.893193][T22080] alloc_pages_current+0x107/0x210 [ 3373.898293][T22080] pte_alloc_one+0x1b/0x1a0 [ 3373.902781][T22080] __handle_mm_fault+0x3491/0x3ec0 [ 3373.907884][T22080] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 3373.913423][T22080] ? find_held_lock+0x35/0x130 [ 3373.918201][T22080] ? handle_mm_fault+0x322/0xb30 [ 3373.923167][T22080] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3373.929426][T22080] ? kasan_check_read+0x11/0x20 [ 3373.934388][T22080] handle_mm_fault+0x43f/0xb30 [ 3373.939179][T22080] __do_page_fault+0x5ef/0xda0 [ 3373.943975][T22080] do_page_fault+0x71/0x581 [ 3373.948490][T22080] page_fault+0x1e/0x30 [ 3373.952655][T22080] RIP: 0010:strncpy_from_user+0x1e1/0x380 [ 3373.958374][T22080] Code: 48 83 eb 08 bf 07 00 00 00 49 83 c4 08 48 89 de e8 54 fb 2d fe 48 83 fb 07 0f 86 17 01 00 00 e8 a5 f9 2d fe 48 8b 45 d0 31 f6 <4e> 8b 3c 20 31 ff 89 75 cc e8 11 fb 2d fe 8b 75 cc 85 f6 0f 84 5a [ 3373.977994][T22080] RSP: 0018:ffff88801d25fcb0 EFLAGS: 00010246 [ 3373.984070][T22080] RAX: 0000000000400003 RBX: 0000000000000fe0 RCX: ffffffff83429272 [ 3373.992078][T22080] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000007 [ 3374.000063][T22080] RBP: ffff88801d25fce8 R08: ffff88801d252680 R09: ffff8880aa594dc0 [ 3374.008048][T22080] R10: 000000000000001c R11: ffff88801d3f3aff R12: 0000000000000000 [ 3374.016022][T22080] R13: ffff88801d3f2b20 R14: 0000000000000fe0 R15: 00007ffffffff000 [ 3374.024019][T22080] ? strncpy_from_user+0x142/0x380 [ 3374.029157][T22080] getname_flags+0x11b/0x5b0 [ 3374.035496][T22080] do_renameat2+0x199/0xc40 [ 3374.040003][T22080] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3374.046253][T22080] ? debug_smp_processor_id+0x3c/0x280 [ 3374.051729][T22080] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 3374.057470][T22080] ? user_path_create+0x50/0x50 [ 3374.062333][T22080] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3374.068583][T22080] ? security_capable+0x9b/0xd0 [ 3374.073452][T22080] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3374.079694][T22080] ? ns_capable_common+0x93/0x100 [ 3374.084725][T22080] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3374.090203][T22080] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 3374.095675][T22080] ? do_syscall_64+0x26/0x610 [ 3374.100356][T22080] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3374.106427][T22080] ? do_syscall_64+0x26/0x610 [ 3374.111122][T22080] __x64_sys_renameat+0x9a/0x100 [ 3374.116078][T22080] do_syscall_64+0x103/0x610 [ 3374.120773][T22080] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 3374.126677][T22080] RIP: 0033:0x2000050a [ 3374.130766][T22080] Code: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 98 4a 2a e9 2c b8 b6 4c 0f 05 03 00 40 00 c4 a3 7b f0 c5 3c 41 e2 e9 c4 22 e9 aa bb 3c 00 00 [ 3374.150840][T22080] RSP: 002b:0000000000400003 EFLAGS: 00000212 ORIG_RAX: 0000000000000108 [ 3374.159290][T22080] RAX: ffffffffffffffda RBX: 0000000000000009 RCX: 000000002000050a [ 3374.168661][T22080] RDX: dfaf83e69c634c96 RSI: 0000000000400003 RDI: 00007f3680240608 [ 3374.176642][T22080] RBP: 0000000000000013 R08: 0000000000000005 R09: 0000000000000006 [ 3374.184616][T22080] R10: 0000000000000007 R11: 0000000000000212 R12: 000000000000000b [ 3374.192593][T22080] R13: 000000000000000c R14: 000000000000000d R15: 00000000ffffffff [ 3378.731667][ C1] net_ratelimit: 20 callbacks suppressed [ 3378.731677][ C1] protocol 88fb is buggy, dev hsr_slave_0 [ 3378.743417][ C1] protocol 88fb is buggy, dev hsr_slave_1 [ 3378.749457][ C1] protocol 88fb is buggy, dev hsr_slave_0 [ 3378.755377][ C1] protocol 88fb is buggy, dev hsr_slave_1 [ 3378.761307][ C1] protocol 88fb is buggy, dev hsr_slave_0 [ 3378.767212][ C1] protocol 88fb is buggy, dev hsr_slave_1 [ 3379.211674][ C0] protocol 88fb is buggy, dev hsr_slave_0 [ 3379.217512][ C0] protocol 88fb is buggy, dev hsr_slave_1 [ 3379.223419][ C0] protocol 88fb is buggy, dev hsr_slave_0 [ 3379.229191][ C0] protocol 88fb is buggy, dev hsr_slave_1 [ 3382.127812][T22080] memory: usage 270080kB, limit 307200kB, failcnt 23848 [ 3382.135514][T22080] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3382.859019][T22080] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 3383.044984][T22080] Memory cgroup stats for /syz0: cache:228KB rss:6536KB rss_huge:0KB shmem:200KB mapped_file:0KB dirty:0KB writeback:132KB swap:0KB inactive_anon:104KB active_anon:6420KB inactive_file:0KB active_file:0KB unevictable:0KB [ 3383.481904][T22080] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=10475,uid=0 [ 3384.971667][ C1] net_ratelimit: 20 callbacks suppressed [ 3384.971676][ C1] protocol 88fb is buggy, dev hsr_slave_0 [ 3384.983570][ C1] protocol 88fb is buggy, dev hsr_slave_1 [ 3384.989639][ C1] protocol 88fb is buggy, dev hsr_slave_0 [ 3384.995552][ C1] protocol 88fb is buggy, dev hsr_slave_1 [ 3385.001613][ C1] protocol 88fb is buggy, dev hsr_slave_0 [ 3385.007924][ C1] protocol 88fb is buggy, dev hsr_slave_1 [ 3385.205476][ T1553] page:ffffea0000528000 count:512 mapcount:0 mapping:ffff8880a372ba39 index:0x20000 compound_mapcount: -1 [ 3385.218022][ T1553] anon [ 3385.218031][ T1553] flags: 0x1fffc000009000d(locked|uptodate|dirty|head|swapbacked) [ 3385.228804][ T1553] raw: 01fffc000009000d dead000000000100 dead000000000200 ffff8880a372ba39 [ 3385.237523][ T1553] raw: 0000000000020000 0000000000000000 0000020000000000 ffff8880a8a16300 [ 3385.246303][ T1553] page dumped because: VM_BUG_ON_PAGE(compound_mapcount(head)) [ 3385.254054][ T1553] page->mem_cgroup:ffff8880a8a16300 [ 3385.259416][ T1553] ------------[ cut here ]------------ [ 3385.264862][ T1553] kernel BUG at mm/huge_memory.c:2716! [ 3385.270590][ T1553] invalid opcode: 0000 [#1] PREEMPT SMP KASAN [ 3385.276658][ T1553] CPU: 1 PID: 1553 Comm: kswapd0 Not tainted 5.1.0-rc7+ #97 [ 3385.283915][ T1553] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3385.294162][ T1553] RIP: 0010:split_huge_page_to_list+0x20cc/0x2de0 [ 3385.300576][ T1553] Code: e8 a9 32 c5 ff 48 c7 c6 40 2d 74 87 4c 89 e7 e8 1a a2 ee ff 0f 0b e8 93 32 c5 ff 48 c7 c6 80 2d 74 87 4c 89 e7 e8 04 a2 ee ff <0f> 0b e8 7d 32 c5 ff 4d 8d 77 ff e9 e6 e7 ff ff 41 be 02 00 00 00 [ 3385.320168][ T1553] RSP: 0018:ffff8880a63e7630 EFLAGS: 00010293 [ 3385.326219][ T1553] RAX: ffff8880a63fc440 RBX: ffffea0000528080 RCX: 0000000000000000 [ 3385.334170][ T1553] RDX: 0000000000000000 RSI: ffffffff819a0cb2 RDI: ffffed1014c7ceaa [ 3385.342140][ T1553] RBP: ffff8880a63e77a0 R08: 0000000000000021 R09: ffffed1015d23ef1 [ 3385.350089][ T1553] R10: ffffed1015d23ef0 R11: ffff8880ae91f787 R12: ffffea0000528000 [ 3385.358045][ T1553] R13: 01fffc000009000d R14: 00000000fffffffe R15: ffffea0000528054 [ 3385.366000][ T1553] FS: 0000000000000000(0000) GS:ffff8880ae900000(0000) knlGS:0000000000000000 [ 3385.374914][ T1553] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 3385.381485][ T1553] CR2: 00007f8cd27d0000 CR3: 000000008d69b000 CR4: 00000000001426e0 [ 3385.389443][ T1553] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 3385.397405][ T1553] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 3385.405361][ T1553] Call Trace: [ 3385.408643][ T1553] ? trace_hardirqs_on+0x67/0x230 [ 3385.413666][ T1553] ? kasan_check_read+0x11/0x20 [ 3385.418497][ T1553] ? mark_held_locks+0xa4/0xf0 [ 3385.423248][ T1553] ? can_split_huge_page+0x490/0x490 [ 3385.428521][ T1553] ? __put_page+0x92/0xd0 [ 3385.432832][ T1553] deferred_split_scan+0x64b/0xa60 [ 3385.437928][ T1553] ? split_huge_page_to_list+0x2de0/0x2de0 [ 3385.446784][ T1553] do_shrink_slab+0x400/0xa80 [ 3385.451445][ T1553] shrink_slab+0x4be/0x5e0 [ 3385.455846][ T1553] ? unregister_memcg_shrinker.isra.0+0x50/0x50 [ 3385.462076][ T1553] ? __lock_acquire+0x548/0x3fb0 [ 3385.466993][ T1553] ? perf_trace_lock+0xeb/0x510 [ 3385.471825][ T1553] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 3385.478049][ T1553] shrink_node+0x552/0x1570 [ 3385.482540][ T1553] ? shrink_node_memcg+0x1430/0x1430 [ 3385.487805][ T1553] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 3385.494025][ T1553] ? pgdat_balanced+0x13a/0x180 [ 3385.498858][ T1553] balance_pgdat+0x56c/0xe80 [ 3385.503430][ T1553] ? lockdep_hardirqs_on+0x418/0x5d0 [ 3385.508695][ T1553] ? kasan_check_read+0x11/0x20 [ 3385.513527][ T1553] ? mem_cgroup_shrink_node+0x6e0/0x6e0 [ 3385.519057][ T1553] ? finish_task_switch+0x1f0/0x780 [ 3385.524237][ T1553] ? __switch_to_asm+0x34/0x70 [ 3385.528995][ T1553] kswapd+0x5f4/0xfd0 [ 3385.532967][ T1553] ? balance_pgdat+0xe80/0xe80 [ 3385.537715][ T1553] ? lockdep_hardirqs_on+0x418/0x5d0 [ 3385.542979][ T1553] ? trace_hardirqs_on+0x67/0x230 [ 3385.548034][ T1553] ? finish_wait+0x260/0x260 [ 3385.552613][ T1553] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 3385.558483][ T1553] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 3385.564704][ T1553] ? __kthread_parkme+0xfb/0x1b0 [ 3385.569647][ T1553] kthread+0x357/0x430 [ 3385.573701][ T1553] ? balance_pgdat+0xe80/0xe80 [ 3385.578443][ T1553] ? kthread_cancel_delayed_work_sync+0x20/0x20 [ 3385.584661][ T1553] ret_from_fork+0x3a/0x50 [ 3385.589155][ T1553] Modules linked in: [ 3385.597041][ T1553] ---[ end trace 5f7f9f24e084dd16 ]--- [ 3385.602748][ C0] protocol 88fb is buggy, dev hsr_slave_0 [ 3385.602793][ C0] protocol 88fb is buggy, dev hsr_slave_1 [ 3385.602862][ C0] protocol 88fb is buggy, dev hsr_slave_0 [ 3385.602895][ C0] protocol 88fb is buggy, dev hsr_slave_1 [ 3385.627336][ T1553] RIP: 0010:split_huge_page_to_list+0x20cc/0x2de0 [ 3385.634100][ T1553] Code: e8 a9 32 c5 ff 48 c7 c6 40 2d 74 87 4c 89 e7 e8 1a a2 ee ff 0f 0b e8 93 32 c5 ff 48 c7 c6 80 2d 74 87 4c 89 e7 e8 04 a2 ee ff <0f> 0b e8 7d 32 c5 ff 4d 8d 77 ff e9 e6 e7 ff ff 41 be 02 00 00 00 [ 3385.656269][ T1553] RSP: 0018:ffff8880a63e7630 EFLAGS: 00010293 [ 3385.662454][ T1553] RAX: ffff8880a63fc440 RBX: ffffea0000528080 RCX: 0000000000000000 [ 3385.670507][ T1553] RDX: 0000000000000000 RSI: ffffffff819a0cb2 RDI: ffffed1014c7ceaa [ 3385.680960][ T1553] RBP: ffff8880a63e77a0 R08: 0000000000000021 R09: ffffed1015d23ef1 [ 3385.689056][ T1553] R10: ffffed1015d23ef0 R11: ffff8880ae91f787 R12: ffffea0000528000 [ 3385.697171][ T1553] R13: 01fffc000009000d R14: 00000000fffffffe R15: ffffea0000528054 [ 3385.705266][ T1553] FS: 0000000000000000(0000) GS:ffff8880ae900000(0000) knlGS:0000000000000000 [ 3385.714445][ T1553] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 3385.721061][ T1553] CR2: 00007f8cd27d0000 CR3: 000000008d69b000 CR4: 00000000001426e0 [ 3385.729601][ T1553] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 3385.737715][ T1553] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 3385.745798][ T1553] Kernel panic - not syncing: Fatal exception [ 3385.753011][ T1553] Kernel Offset: disabled [ 3385.757339][ T1553] Rebooting in 86400 seconds..