le0\x00', 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000480)={{'fd'}, 0x2c, {'rootmode', 0x3d, 0x4000}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) read$FUSE(0xffffffffffffffff, &(0x7f0000003000), 0x4ea) write$FUSE_INIT(0xffffffffffffffff, &(0x7f0000000600)={0x50, 0x0, 0x2, {0x7, 0x1c, 0x0, 0x0, 0x7ff}}, 0x50) 00:53:43 executing program 5: r0 = add_key$user(&(0x7f0000000040)='user\x00', &(0x7f0000000000)={'syz'}, &(0x7f0000000380)='X', 0x1, 0xfffffffffffffffe) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getsockopt$IP_VS_SO_GET_VERSION(0xffffffffffffffff, 0x0, 0x480, 0x0, 0x0) keyctl$update(0x2, r0, &(0x7f0000000440)="c0ca1cdbaa1aedbbed80dddaa28e15b9449e2e82cca4244c40ffd0fd4e6631c7d3d86e1339de17344340b02dd527f2d8b3ae6c1db3594e657da33c3ec668f143974a65753472df5319a6b83e1e86b8f2666c61a2e700d1c1e0ae1fc52494bd4885a5c64e9007d39fa11313805290dd6342f9775f01a02ec88f6bee22f25a377a9b143abba1264586d2779088006d5f9be82b00f10287031623f73470264cc5897f18f357aad6deb3883da88ae2266664933785a3ce72bb224a441437ea93c21782d4501b9dfbf48a9f3ea14cb792a7876f17297a8c870d7a2d46a36a2cd3e33e21894d91caa64b131dbf5c53066c1ac83ceba29ceab25127e8", 0xf9) r1 = syz_open_dev$swradio(&(0x7f00000000c0)='/dev/swradio#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f0000000340)={0x0, 0x9, 0x1, {0xb, @pix={0x0, 0x1f}}}) mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xfffffffffffffffd, 0x11, r1, 0x0) clone(0x0, &(0x7f0000000080), &(0x7f0000000000), &(0x7f0000915ffc), &(0x7f0000000180)) 00:53:43 executing program 2: r0 = add_key$user(&(0x7f0000000040)='user\x00', &(0x7f0000000000)={'syz'}, &(0x7f0000000380)='X', 0x1, 0xfffffffffffffffe) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getsockopt$IP_VS_SO_GET_VERSION(0xffffffffffffffff, 0x0, 0x480, 0x0, 0x0) keyctl$update(0x2, r0, &(0x7f0000000440)="c0ca1cdbaa1aedbbed80dddaa28e15b9449e2e82cca4244c40ffd0fd4e6631c7d3d86e1339de17344340b02dd527f2d8b3ae6c1db3594e657da33c3ec668f143974a65753472df5319a6b83e1e86b8f2666c61a2e700d1c1e0ae1fc52494bd4885a5c64e9007d39fa11313805290dd6342f9775f01a02ec88f6bee22f25a377a9b143abba1264586d2779088006d5f9be82b00f10287031623f73470264cc5897f18f357aad6deb3883da88ae2266664933785a3ce72bb224a441437ea93c21782d4501b9dfbf48a9f3ea14cb792a7876f17297a8c870d7a2d46a36a2cd3e33e21894d91caa64b131dbf5c53066c1ac83ceba29ceab25127e8", 0xf9) r1 = syz_open_dev$swradio(&(0x7f00000000c0)='/dev/swradio#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f0000000340)={0x0, 0x9, 0x1, {0xb, @pix={0x0, 0x1f}}}) mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xfffffffffffffffd, 0x11, r1, 0x0) clone(0x0, &(0x7f0000000080), &(0x7f0000000000), &(0x7f0000915ffc), &(0x7f0000000180)) ioctl$ASHMEM_GET_SIZE(0xffffffffffffffff, 0x7704, 0x0) add_key$user(&(0x7f0000000240)='user\x00', &(0x7f0000000540)={'syz'}, &(0x7f0000000600)="63bbdf5b932bb04481028798fd5fb1bf7183b30984e21c3eb3094d70650ee8624e2bdce1427bd61c8e222dbd67d402b7ccaf0c5dc50030ee14d419fa9c84b0ffd1019f1b2ae022a0f182301f9942566e6f61eabe384c732d0813a18bb3dc9f3a678d9d44e6293e786ab2e6d28f236c138d63fe4f6ece6f3d04", 0x79, 0xfffffffffffffffd) 00:53:43 executing program 4: r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000280)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000480)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) read$FUSE(r0, &(0x7f0000003000), 0x4ea) write$FUSE_INIT(r0, &(0x7f0000000600)={0x50, 0x0, 0x2, {0x7, 0x1c, 0x0, 0x0, 0x7ff}}, 0x50) 00:53:43 executing program 3: r0 = syz_open_dev$mice(0x0, 0x0, 0x0) r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000400)="2f6a7374617400c65381b47aaedf2af5c8af3423fc41891bd2a3c56d8c88e29bad43f1da906e855ff182de04227edcbbc2b1df8f180e158e8abd442cc049cffda030ff277875ee010000000000000000000000000000000000000000000000f532144d1671a6cdf5069e5bddcf25cd7f23956b4a82df900f5eb5763b4fe8cc7172962d2590b2dca2a1308c382541b053194d9027d83ee7ba2e3280857f8f9f63fc90bae959c6e67078bf97e615bfd9409914958aadcfb37973543c60d83526e5c267f7dfa54bd524cc9671dedd665199322bdadee125a35b40b7be0c07301f439a7edfa26fa98277c8078b02e2076291c33787c58b0eabbc39288fc10509409de108f5ca26a8c8e1afb70b2a9569cf8f4cdb6d4e97eb7fdf241dee160e6071618333cc0b0e8bc6a17a0b7d604550fd149ad078ffe54c6392fba29015a3ae73774cd12c9c0ed251a7cf843d712d", 0x2761, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)=ANY=[], &(0x7f00000001c0)='GPL\x00'}, 0x48) r2 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x2761, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x4030582a, &(0x7f0000000000)) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000840), 0x0, &(0x7f0000000700)}, 0x0) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r1, 0x4030582a, &(0x7f0000000000)) recvmsg(r0, &(0x7f00000006c0)={&(0x7f0000000100)=@ll={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @local}, 0x80, &(0x7f0000000580)=[{&(0x7f0000000300)=""/63, 0x3f}, {&(0x7f0000000340)=""/137, 0x89}], 0x2, &(0x7f00000005c0)=""/211, 0xd3, 0x2}, 0x40002000) r4 = getuid() setsockopt$inet_IP_IPSEC_POLICY(r2, 0x0, 0x10, &(0x7f0000000700)={{{@in=@multicast2, @in6=@mcast2, 0x4e23, 0x0, 0x4e21, 0x0, 0xa, 0x20, 0xa0, 0x7f, r3, r4}, {0x6, 0x401, 0x1000, 0x0, 0x1, 0x7, 0x2, 0x4}, {0x3, 0x8001, 0x4, 0x5}, 0xfffffffffffffffe, 0x6e6bb0, 0x0, 0x0, 0x2, 0x2}, {{@in6=@ipv4={[], [], @broadcast}, 0x4d5, 0x7c}, 0xa, @in6, 0x3506, 0x3, 0x3, 0x0, 0x3, 0x20, 0x6}}, 0xe8) name_to_handle_at(r0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000200)={0xea, 0x7f, "52ac57c4fb47cf6d302a4f670add32629e1082e05464ed75558e334bcf0cd26df0fa90c4db239208dae14118b99885f8161f6aee14ca02f3561b04265b8da6181d1028a55a2bc8b489afa7fd9c776fa0047b356024398859e04af4264c0edd01692108cb633c18a4faa1e0c611d2a99a8d9239c706fec2e395f2f5b9c11166f35bb38b7359ed68c075f03bd571f3855ae16c3619512c128653529622cfef4c3abddb8255e5c947969fc5cf899369b21e8c37dcc268ec82fc11d252947ab4e75be908c7838c9ff4e3333b2d24023865c8c7c0883e3e3b15da5b9018e3beb4a62ba417"}, &(0x7f00000000c0), 0x400) 00:53:43 executing program 4: mkdir(0x0, 0x0) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000280)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000480)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) read$FUSE(r0, &(0x7f0000003000), 0x4ea) write$FUSE_INIT(r0, &(0x7f0000000600)={0x50, 0x0, 0x2, {0x7, 0x1c, 0x0, 0x0, 0x7ff}}, 0x50) [ 689.174874] syz-executor0 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=1000 [ 689.223884] syz-executor0 cpuset=syz0 mems_allowed=0 [ 689.229115] CPU: 1 PID: 19849 Comm: syz-executor0 Not tainted 4.20.0-rc1-next-20181109+ #110 [ 689.237697] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 689.237707] Call Trace: [ 689.249665] dump_stack+0x244/0x39d [ 689.253307] ? dump_stack_print_info.cold.1+0x20/0x20 [ 689.258526] ? mark_held_locks+0x130/0x130 [ 689.262777] dump_header+0x27b/0xf72 [ 689.266501] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 689.271094] ? retint_kernel+0x2d/0x2d [ 689.274994] ? trace_hardirqs_on_caller+0xc0/0x310 [ 689.279938] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 689.285488] ? pagefault_out_of_memory+0x197/0x197 [ 689.290428] ? print_usage_bug+0xc0/0xc0 [ 689.294519] ? debug_smp_processor_id+0x1c/0x20 [ 689.299204] ? perf_trace_lock_acquire+0x15b/0x800 [ 689.304149] ? perf_trace_lock+0x7a0/0x7a0 [ 689.304171] ? retint_kernel+0x2d/0x2d [ 689.312287] ? mark_held_locks+0xc7/0x130 [ 689.316442] ? print_usage_bug+0xc0/0xc0 [ 689.320518] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 689.325288] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 689.329888] ? retint_kernel+0x2d/0x2d [ 689.333791] ? trace_hardirqs_on_caller+0xc0/0x310 [ 689.338734] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 689.343515] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 689.348993] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 689.353790] ? retint_kernel+0x2d/0x2d [ 689.357709] ? _raw_spin_unlock_irqrestore+0xaf/0xd0 [ 689.362999] ? _raw_spin_unlock_irqrestore+0x6d/0xd0 [ 689.368108] ? ___ratelimit+0x3b9/0x672 [ 689.368126] ? idr_get_free+0xf70/0xf70 [ 689.368155] oom_kill_process.cold.27+0x10/0x903 [ 689.380835] ? _raw_spin_unlock_irq+0x56/0x80 [ 689.385348] ? oom_evaluate_task+0x540/0x540 [ 689.389786] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 689.395346] ? cgroup_procs_next+0x70/0x70 [ 689.399600] ? _raw_spin_unlock_irq+0x60/0x80 [ 689.404135] ? oom_badness+0xaa0/0xaa0 [ 689.408042] ? mem_cgroup_scan_tasks+0x1c3/0x1e0 [ 689.412805] ? mem_cgroup_iter_break+0x30/0x30 [ 689.412837] ? mark_held_locks+0xc7/0x130 [ 689.412858] out_of_memory+0xa7f/0x1430 [ 689.412872] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 689.412889] ? kasan_check_read+0x11/0x20 [ 689.412906] ? oom_killer_disable+0x3a0/0x3a0 [ 689.438862] mem_cgroup_out_of_memory+0x15e/0x210 [ 689.443724] ? memory_oom_group_write+0x160/0x160 [ 689.448614] try_charge+0xdcd/0x1720 [ 689.452355] ? kasan_check_read+0x11/0x20 [ 689.456522] ? mem_cgroup_from_task+0x1f0/0x1f0 [ 689.461211] ? get_mem_cgroup_from_mm.part.62+0x221/0x880 [ 689.466760] ? lock_page_memcg+0x350/0x350 [ 689.471012] ? lock_acquire+0x1ed/0x520 [ 689.474999] ? mem_cgroup_oom_control_write+0x100/0x100 [ 689.480373] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 689.485922] ? check_preemption_disabled+0x48/0x280 [ 689.490954] ? kasan_check_read+0x11/0x20 [ 689.495115] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 689.500400] ? rcu_softirq_qs+0x20/0x20 [ 689.504400] mem_cgroup_try_charge+0x627/0xe20 [ 689.508992] ? mark_held_locks+0xc7/0x130 [ 689.513140] ? mem_cgroup_protected+0xa60/0xa60 [ 689.517835] ? retint_kernel+0x2d/0x2d [ 689.521727] ? trace_hardirqs_on_caller+0xc0/0x310 [ 689.526652] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 689.531396] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 689.536844] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 689.541596] ? retint_kernel+0x2d/0x2d [ 689.545486] mem_cgroup_try_charge_delay+0x1d/0xa0 [ 689.550406] wp_page_copy+0x51d/0x24f0 [ 689.554292] ? follow_pfn+0x2e0/0x2e0 [ 689.558087] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 689.563621] ? reuse_swap_page+0x4bd/0x1520 [ 689.567931] ? swp_swapcount+0x530/0x530 [ 689.571988] ? perf_trace_mm_lru_insertion+0x1490/0x1490 [ 689.577431] ? mark_held_locks+0xc7/0x130 [ 689.581565] ? print_usage_bug+0xc0/0xc0 [ 689.585620] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 689.590366] ? mark_held_locks+0xc7/0x130 [ 689.594508] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 689.599080] ? graph_lock+0x270/0x270 [ 689.602890] ? __lock_acquire+0x62f/0x4c20 [ 689.607125] ? find_held_lock+0x36/0x1c0 [ 689.611187] ? do_wp_page+0x518/0x2920 [ 689.615066] ? lock_downgrade+0x900/0x900 [ 689.619200] ? wake_up_page_bit+0x6f0/0x6f0 [ 689.623516] ? kasan_check_read+0x11/0x20 [ 689.627658] ? do_raw_spin_unlock+0xa7/0x330 [ 689.632054] ? do_raw_spin_trylock+0x270/0x270 [ 689.636630] ? __pte_alloc_kernel+0x220/0x220 [ 689.641115] ? print_usage_bug+0xc0/0xc0 [ 689.645178] ? perf_trace_lock_acquire+0x15b/0x800 [ 689.650093] ? print_usage_bug+0xc0/0xc0 [ 689.654147] do_wp_page+0x520/0x2920 [ 689.657872] ? check_preemption_disabled+0x48/0x280 [ 689.662883] ? finish_mkwrite_fault+0x650/0x650 [ 689.667542] ? mark_held_locks+0xc7/0x130 [ 689.671685] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 689.676433] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 689.681007] ? retint_kernel+0x2d/0x2d [ 689.684883] ? trace_hardirqs_on_caller+0xc0/0x310 [ 689.689799] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 689.695331] ? __lock_acquire+0x62f/0x4c20 [ 689.699569] ? mark_held_locks+0x130/0x130 [ 689.703796] ? follow_page_pte+0xdd7/0x1ab0 [ 689.708108] ? lock_downgrade+0x900/0x900 [ 689.712332] ? do_raw_spin_lock+0x164/0x350 [ 689.716646] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 689.722178] ? check_preemption_disabled+0x48/0x280 [ 689.727184] ? print_usage_bug+0xc0/0xc0 [ 689.731236] ? debug_smp_processor_id+0x1c/0x20 [ 689.735893] ? perf_trace_lock_acquire+0x15b/0x800 [ 689.740827] ? follow_page_pte+0x4f9/0x1ab0 [ 689.745139] ? print_usage_bug+0xc0/0xc0 [ 689.749198] ? mark_held_locks+0xc7/0x130 [ 689.753336] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 689.758080] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 689.762649] ? retint_kernel+0x2d/0x2d [ 689.766524] ? trace_hardirqs_on_caller+0xc0/0x310 [ 689.771546] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 689.776290] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 689.781730] ? __lock_acquire+0x62f/0x4c20 [ 689.785962] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 689.790712] ? retint_kernel+0x2d/0x2d [ 689.794605] ? __handle_mm_fault+0x202d/0x5be0 [ 689.799180] __handle_mm_fault+0x3be9/0x5be0 [ 689.803585] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 689.808427] ? mark_held_locks+0xc7/0x130 [ 689.812566] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 689.817320] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 689.821889] ? retint_kernel+0x2d/0x2d [ 689.825767] ? trace_hardirqs_on_caller+0xc0/0x310 [ 689.830696] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 689.835267] ? retint_kernel+0x2d/0x2d [ 689.839147] ? trace_hardirqs_on_caller+0xc0/0x310 [ 689.844068] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 689.848811] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 689.854258] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 689.859006] ? retint_kernel+0x2d/0x2d [ 689.862898] handle_mm_fault+0x54f/0xc70 [ 689.867503] ? __handle_mm_fault+0x5be0/0x5be0 [ 689.872078] ? __get_user_pages+0x148f/0x1ed0 [ 689.876566] __get_user_pages+0xa3d/0x1ed0 [ 689.880815] ? follow_page_mask+0x2160/0x2160 [ 689.885309] ? mark_held_locks+0xc7/0x130 [ 689.889449] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 689.894196] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 689.898768] ? retint_kernel+0x2d/0x2d [ 689.902647] ? trace_hardirqs_on_caller+0xc0/0x310 [ 689.907568] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 689.912319] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 689.917767] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 689.922520] ? retint_kernel+0x2d/0x2d [ 689.926409] ? __get_user_pages+0x744/0x1ed0 [ 689.930817] populate_vma_page_range+0x2db/0x3d0 [ 689.935574] ? follow_page+0x420/0x420 [ 689.939464] ? find_vma+0x34/0x190 [ 689.942995] __mm_populate+0x286/0x4d0 [ 689.946874] ? populate_vma_page_range+0x3d0/0x3d0 [ 689.951808] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 689.957335] ? ns_capable_common+0x13f/0x170 [ 689.961737] __x64_sys_mlockall+0x45b/0x630 [ 689.966047] ? __ia32_sys_munlock+0x160/0x160 [ 689.970529] ? retint_kernel+0x2d/0x2d [ 689.974432] do_syscall_64+0x1b9/0x820 [ 689.978308] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 689.983663] ? syscall_return_slowpath+0x5e0/0x5e0 [ 689.988588] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 689.993425] ? trace_hardirqs_on_caller+0x310/0x310 [ 689.998431] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 690.003439] ? prepare_exit_to_usermode+0x291/0x3b0 [ 690.008450] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 690.013287] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 690.018460] RIP: 0033:0x457569 [ 690.021649] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 690.040536] RSP: 002b:00007f835d885c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097 [ 690.048234] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 0000000000457569 [ 690.055492] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 690.062751] RBP: 000000000072bfa0 R08: 0000000000000000 R09: 0000000000000000 [ 690.070010] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f835d8866d4 [ 690.077271] R13: 00000000004c2b54 R14: 00000000004d4810 R15: 00000000ffffffff [ 690.086473] Task in /syz0 killed as a result of limit of /syz0 [ 690.093735] memory: usage 307200kB, limit 307200kB, failcnt 1155 [ 690.099940] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 690.107761] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 690.116962] Memory cgroup stats for /syz0: cache:144KB rss:296704KB rss_huge:268288KB shmem:28KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:42440KB active_anon:10936KB inactive_file:0KB active_file:0KB unevictable:243412KB [ 690.147929] Memory cgroup out of memory: Kill process 19825 (syz-executor0) score 1219 or sacrifice child [ 690.164384] Killed process 19853 (syz-executor0) total-vm:70468kB, anon-rss:18068kB, file-rss:32768kB, shmem-rss:0kB [ 690.179014] oom_reaper: reaped process 19853 (syz-executor0), now anon-rss:0kB, file-rss:32768kB, shmem-rss:0kB [ 690.324520] syz-executor1 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=1000 [ 690.336353] syz-executor1 cpuset=syz1 mems_allowed=0 [ 690.341738] CPU: 1 PID: 19877 Comm: syz-executor1 Not tainted 4.20.0-rc1-next-20181109+ #110 [ 690.350324] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 690.359684] Call Trace: [ 690.362285] dump_stack+0x244/0x39d [ 690.366063] ? dump_stack_print_info.cold.1+0x20/0x20 [ 690.371288] ? mark_held_locks+0x130/0x130 [ 690.375528] ? mark_held_locks+0x130/0x130 [ 690.379779] dump_header+0x27b/0xf72 [ 690.383532] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 690.389084] ? pagefault_out_of_memory+0x197/0x197 [ 690.394026] ? debug_smp_processor_id+0x1c/0x20 [ 690.398700] ? perf_trace_lock_acquire+0x15b/0x800 [ 690.403648] ? perf_trace_lock+0x7a0/0x7a0 [ 690.407895] ? graph_lock+0x270/0x270 [ 690.411707] ? print_usage_bug+0xc0/0xc0 [ 690.415793] ? find_held_lock+0x36/0x1c0 [ 690.419873] ? mark_held_locks+0xc7/0x130 [ 690.424030] ? _raw_spin_unlock_irqrestore+0x82/0xd0 [ 690.429136] ? _raw_spin_unlock_irqrestore+0x82/0xd0 [ 690.434247] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 690.438839] ? trace_hardirqs_on+0xbd/0x310 [ 690.443167] ? kasan_check_read+0x11/0x20 [ 690.447325] ? ___ratelimit+0x3b4/0x672 [ 690.451313] ? trace_hardirqs_off_caller+0x300/0x300 [ 690.456509] ? trace_hardirqs_on+0x310/0x310 [ 690.460952] ? lock_downgrade+0x900/0x900 [ 690.465118] ? _raw_spin_unlock_irqrestore+0x6d/0xd0 [ 690.470224] ? ___ratelimit+0x3b9/0x672 [ 690.474207] ? idr_get_free+0xf70/0xf70 [ 690.478187] ? _raw_spin_unlock_irq+0x27/0x80 [ 690.482687] ? _raw_spin_unlock_irq+0x27/0x80 [ 690.487194] oom_kill_process.cold.27+0x10/0x903 [ 690.491976] ? _raw_spin_unlock_irq+0x27/0x80 [ 690.496593] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 690.501281] ? oom_evaluate_task+0x540/0x540 [ 690.505694] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 690.511242] ? cgroup_procs_next+0x70/0x70 [ 690.515493] ? _raw_spin_unlock_irq+0x60/0x80 [ 690.519990] ? oom_badness+0xaa0/0xaa0 [ 690.523884] ? mem_cgroup_scan_tasks+0x1c3/0x1e0 [ 690.528646] ? mem_cgroup_iter_break+0x30/0x30 [ 690.533250] ? trace_hardirqs_on_caller+0xc0/0x310 [ 690.538211] out_of_memory+0xa7f/0x1430 [ 690.542195] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 690.546783] ? trace_hardirqs_on_caller+0xc0/0x310 [ 690.551723] ? oom_killer_disable+0x3a0/0x3a0 [ 690.556249] mem_cgroup_out_of_memory+0x15e/0x210 [ 690.561178] ? memory_oom_group_write+0x160/0x160 [ 690.566041] try_charge+0xdcd/0x1720 [ 690.569763] ? kasan_check_read+0x11/0x20 [ 690.573930] ? mem_cgroup_from_task+0x1f0/0x1f0 [ 690.578606] ? get_mem_cgroup_from_mm.part.62+0x221/0x880 [ 690.584169] ? lock_page_memcg+0x350/0x350 [ 690.588411] ? lock_acquire+0x268/0x520 [ 690.592392] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 690.598037] ? check_preemption_disabled+0x48/0x280 [ 690.603066] ? kasan_check_read+0x11/0x20 [ 690.607223] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 690.612504] ? rcu_softirq_qs+0x20/0x20 [ 690.616507] mem_cgroup_try_charge+0x627/0xe20 [ 690.621104] ? munlock_vma_page+0x626/0xbe0 [ 690.625442] ? mem_cgroup_protected+0xa60/0xa60 [ 690.630122] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 690.635667] ? page_mapping+0x5a2/0xa50 [ 690.639671] ? mem_cgroup_uncharge+0x100/0x100 [ 690.644257] ? page_evictable+0x2de/0x540 [ 690.648391] ? lock_downgrade+0x900/0x900 [ 690.652534] ? check_preemption_disabled+0x48/0x280 [ 690.657558] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 690.663091] mem_cgroup_try_charge_delay+0x1d/0xa0 [ 690.668022] wp_page_copy+0x51d/0x24f0 [ 690.671909] ? follow_pfn+0x2e0/0x2e0 [ 690.675693] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 690.681229] ? reuse_swap_page+0x4bd/0x1520 [ 690.685551] ? swp_swapcount+0x530/0x530 [ 690.689606] ? perf_trace_mm_lru_insertion+0x1490/0x1490 [ 690.695042] ? kasan_check_read+0x11/0x20 [ 690.699498] ? print_usage_bug+0xc0/0xc0 [ 690.703566] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 690.708310] ? graph_lock+0x270/0x270 [ 690.712119] ? __lock_acquire+0x62f/0x4c20 [ 690.716335] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 690.721772] ? find_held_lock+0x36/0x1c0 [ 690.725836] ? do_wp_page+0x518/0x2920 [ 690.729715] ? lock_downgrade+0x900/0x900 [ 690.733855] ? wake_up_page_bit+0x6f0/0x6f0 [ 690.738182] ? kasan_check_read+0x11/0x20 [ 690.742330] ? do_raw_spin_unlock+0xa7/0x330 [ 690.746763] ? do_raw_spin_trylock+0x270/0x270 [ 690.751360] ? __pte_alloc_kernel+0x220/0x220 [ 690.755867] ? perf_trace_lock_acquire+0x15b/0x800 [ 690.760811] do_wp_page+0x520/0x2920 [ 690.764543] ? check_preemption_disabled+0x48/0x280 [ 690.769591] ? finish_mkwrite_fault+0x650/0x650 [ 690.774267] ? print_usage_bug+0xc0/0xc0 [ 690.778332] ? __schedule+0x8d7/0x21d0 [ 690.782250] ? perf_trace_lock+0x7a0/0x7a0 [ 690.786496] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 690.792048] ? __lock_acquire+0x62f/0x4c20 [ 690.796295] ? mark_held_locks+0xc7/0x130 [ 690.800463] ? mark_held_locks+0x130/0x130 [ 690.804712] ? follow_page_pte+0xdd7/0x1ab0 [ 690.809042] ? lock_downgrade+0x900/0x900 [ 690.813213] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 690.818758] ? check_preemption_disabled+0x48/0x280 [ 690.823786] ? debug_smp_processor_id+0x1c/0x20 [ 690.828460] ? perf_trace_lock_acquire+0x15b/0x800 [ 690.833396] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 690.838957] ? follow_page_pte+0x4f9/0x1ab0 [ 690.843287] ? print_usage_bug+0xc0/0xc0 [ 690.847363] ? undo_dev_pagemap+0x680/0x680 [ 690.851692] ? __switch_to_asm+0x40/0x70 [ 690.855763] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 690.860539] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 690.865674] ? retint_kernel+0x2d/0x2d [ 690.869580] ? __lock_acquire+0x62f/0x4c20 [ 690.873835] ? lock_acquire+0x1ed/0x520 [ 690.877820] ? __handle_mm_fault+0x1fa9/0x5be0 [ 690.882423] ? kasan_check_write+0x14/0x20 [ 690.886670] ? do_raw_spin_lock+0x14f/0x350 [ 690.891025] ? rwlock_bug.part.2+0x90/0x90 [ 690.895292] __handle_mm_fault+0x3be9/0x5be0 [ 690.899718] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 690.904564] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 690.909161] ? perf_trace_lock+0x7a0/0x7a0 [ 690.913409] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 690.919050] ? pmd_huge+0xf4/0x140 [ 690.922616] ? graph_lock+0x270/0x270 00:53:45 executing program 0: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000000)=0x102, 0x4) bind$inet(r0, &(0x7f0000942000)={0x2, 0x4e20, @multicast1}, 0x10) getsockopt$IP_VS_SO_GET_SERVICE(r0, 0x0, 0x483, &(0x7f0000000300), &(0x7f00000000c0)=0xfe18) r1 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000400)='/dev/vga_arbiter\x00', 0x3fc, 0x0) getsockopt$IP6T_SO_GET_REVISION_MATCH(r1, 0x29, 0x44, &(0x7f0000000180)={'NETMAP\x00'}, &(0x7f00000001c0)=0x1e) mlockall(0x1) clone(0x0, 0x0, 0xfffffffffffffffe, &(0x7f0000000080), 0xffffffffffffffff) r2 = open(&(0x7f0000000140)='./file0\x00', 0x0, 0x99) exit(0x7fffffffbffefffd) r3 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mlockall(0x3) ioctl$VHOST_SET_VRING_CALL(r1, 0x4008af21, &(0x7f0000000500)={0x3, r2}) r4 = getpgid(0xffffffffffffffff) setpriority(0x1, r4, 0x5) r5 = getpgrp(0x0) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000280)={0xffffffffffffffff, r1, 0x0, 0xf, &(0x7f0000000240)='wlan0\\}md5sum#\x00'}, 0x30) setpgid(r5, r6) vmsplice(r3, &(0x7f00000008c0)=[{&(0x7f0000000800)="50e005e6815dc6b00b10002c519c66795de0d52fc076f1eb6a9c58cde88a6eef0093b24a178e84740aa6d1618e2033d38d4aea0fb17cda768820a83864ac14405192e4549c3ad33fca5d187507c5a984d6a0c72683e7af2d4a070000000000000005b6d0dce139e4c627395426a1f6fc0b416f7163eb07000000d9e0203181735ccac1e530c361262a0a5e0a98e9ca3d17f2f2f0c116fa9fbdbe757d93e323d17f29", 0xa2}], 0x1, 0xf) ioctl$EVIOCGEFFECTS(r1, 0x80044584, &(0x7f0000000580)=""/190) mq_notify(r1, &(0x7f0000000540)={0x0, 0x1c, 0x7, @thr={&(0x7f0000000440)="4c272be7ad31b92a7819bd4438656080ec27849a76ffa174b3fe114201140a34e5e6cb4d6a3ab9bcdc80a2717dd8542f33caa13b8c9cb9f5d11d4c66dc81779917000c05979ce491010f7259d0ecdb80fb30d6cba6e2b753ac23635fbb3d879cc2982fb4bbe1afcea02f12d11d43e1337c25411ae04bd8efc06636c455e15689c75b95c24f0dbdd30bdf91f2313a3e39b263ff5196302f1880765440d8b1", 0x0}}) accept4$inet(0xffffffffffffffff, &(0x7f00000000c0), &(0x7f0000000100)=0x10, 0x0) setsockopt$sock_int(r0, 0x1, 0x3c, &(0x7f0000d4effc)=0x1, 0x4) remap_file_pages(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x4, 0xa1, 0x40001) connect$inet(r0, &(0x7f00000002c0)={0x2, 0x4e20, @local}, 0x10) ioctl$FS_IOC_FSSETXATTR(r2, 0x401c5820, &(0x7f0000000200)={0x6d, 0x7fff, 0x400, 0x40, 0x4}) sendmmsg(r0, &(0x7f00000010c0)=[{{&(0x7f0000000bc0)=@in6={0xa, 0x800d002000000000, 0x0, @mcast1}, 0x80, &(0x7f0000000d40), 0x2fb, &(0x7f0000000d80)}}], 0x4000000000001b4, 0x40400d4) 00:53:45 executing program 5: r0 = add_key$user(&(0x7f0000000040)='user\x00', &(0x7f0000000000)={'syz'}, &(0x7f0000000380)='X', 0x1, 0xfffffffffffffffe) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getsockopt$IP_VS_SO_GET_VERSION(0xffffffffffffffff, 0x0, 0x480, 0x0, 0x0) r1 = open(&(0x7f0000000100)='./file0\x00', 0x400, 0x100) setsockopt$inet_int(r1, 0x0, 0x12, &(0x7f0000000140)=0x4, 0x4) prctl$PR_GET_FPEMU(0x9, &(0x7f0000000180)) keyctl$update(0x2, r0, &(0x7f0000000440)="c0ca1cdbaa1aedbbed80dddaa28e15b9449e2e82cca4244c40ffd0fd4e6631c7d3d86e1339de17344340b02dd527f2d8b3ae6c1db3594e657da33c3ec668f143974a65753472df5319a6b83e1e86b8f2666c61a2e700d1c1e0ae1fc52494bd4885a5c64e9007d39fa11313805290dd6342f9775f01a02ec88f6bee22f25a377a9b143abba1264586d2779088006d5f9be82b00f10287031623f73470264cc5897f18f357aad6deb3883da88ae2266664933785a3ce72bb224a441437ea93c21782d4501b9dfbf48a9f3ea14cb792a7876f17297a8c870d7a2d46a36a2cd3e33e21894d91caa64b131dbf5c53066c1ac83ceba29ceab25127e8", 0xf9) ioctl$ASHMEM_GET_SIZE(r1, 0x7704, 0x0) r2 = add_key$user(&(0x7f0000000240)='user\x00', &(0x7f0000000540)={'syz'}, &(0x7f0000000600)="63bbdf5b932bb04481028798fd5fb1bf7183b30984e21c3eb3094d70650ee8624e2bdce1427bd61c8e222dbd67d402b7ccaf0c5dc50030ee14d419fa9c84b0ffd1019f1b2ae022a0f182301f9942566e6f61eabe384c732d0813a18bb3dc9f3a678d9d44e6293e786ab2e6d28f236c138d63fe4f6ece6f3d04", 0x79, 0xfffffffffffffffd) openat$autofs(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/autofs\x00', 0x401, 0x0) ioctl$sock_SIOCGPGRP(0xffffffffffffffff, 0x8904, 0x0) getgid() ioctl$VIDIOC_EXPBUF(0xffffffffffffffff, 0xc0405610, &(0x7f00000002c0)={0x0, 0x2ea, 0x25f8}) keyctl$dh_compute(0x17, &(0x7f0000000080)={r2, r0, r2}, &(0x7f00000009c0)=""/240, 0x4a3, 0x0) 00:53:45 executing program 3: r0 = syz_open_dev$mice(0x0, 0x0, 0x0) r1 = openat$cgroup_ro(r0, &(0x7f0000000280)='rdma.current\x00', 0x2761, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)=ANY=[], &(0x7f00000001c0)='GPL\x00'}, 0x48) r2 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x2761, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x4030582a, &(0x7f0000000000)) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000840), 0x3b2, &(0x7f00000000c0)}, 0xffffffffffffffff) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$sock_inet6_tcp_SIOCINQ(r0, 0x541b, &(0x7f0000000100)) ioctl$EXT4_IOC_GROUP_EXTEND(r1, 0x40086607, &(0x7f00000000c0)=0x7) ioctl$PERF_EVENT_IOC_PERIOD(r1, 0x4030582a, &(0x7f0000000000)) ioctl$sock_SIOCSIFBR(r0, 0x8941, &(0x7f0000000140)=@generic={0x3, 0x8}) 00:53:45 executing program 4: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) r0 = openat$fuse(0xffffffffffffff9c, 0x0, 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000480)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) read$FUSE(r0, &(0x7f0000003000), 0x4ea) write$FUSE_INIT(r0, &(0x7f0000000600)={0x50, 0x0, 0x2, {0x7, 0x1c, 0x0, 0x0, 0x7ff}}, 0x50) 00:53:45 executing program 2: r0 = add_key$user(&(0x7f0000000040)='user\x00', &(0x7f0000000000)={'syz'}, &(0x7f0000000380)='X', 0x1, 0xfffffffffffffffe) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getsockopt$IP_VS_SO_GET_VERSION(0xffffffffffffffff, 0x0, 0x480, 0x0, 0x0) keyctl$update(0x2, r0, &(0x7f0000000440)="c0ca1cdbaa1aedbbed80dddaa28e15b9449e2e82cca4244c40ffd0fd4e6631c7d3d86e1339de17344340b02dd527f2d8b3ae6c1db3594e657da33c3ec668f143974a65753472df5319a6b83e1e86b8f2666c61a2e700d1c1e0ae1fc52494bd4885a5c64e9007d39fa11313805290dd6342f9775f01a02ec88f6bee22f25a377a9b143abba1264586d2779088006d5f9be82b00f10287031623f73470264cc5897f18f357aad6deb3883da88ae2266664933785a3ce72bb224a441437ea93c21782d4501b9dfbf48a9f3ea14cb792a7876f17297a8c870d7a2d46a36a2cd3e33e21894d91caa64b131dbf5c53066c1ac83ceba29ceab25127e8", 0xf9) r1 = syz_open_dev$swradio(&(0x7f00000000c0)='/dev/swradio#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f0000000340)={0x0, 0x9, 0x1, {0xb, @pix={0x0, 0x1f}}}) mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xfffffffffffffffd, 0x11, r1, 0x0) clone(0x0, &(0x7f0000000080), &(0x7f0000000000), &(0x7f0000915ffc), &(0x7f0000000180)) ioctl$ASHMEM_GET_SIZE(0xffffffffffffffff, 0x7704, 0x0) add_key$user(&(0x7f0000000240)='user\x00', &(0x7f0000000540)={'syz'}, &(0x7f0000000600)="63bbdf5b932bb04481028798fd5fb1bf7183b30984e21c3eb3094d70650ee8624e2bdce1427bd61c8e222dbd67d402b7ccaf0c5dc50030ee14d419fa9c84b0ffd1019f1b2ae022a0f182301f9942566e6f61eabe384c732d0813a18bb3dc9f3a678d9d44e6293e786ab2e6d28f236c138d63fe4f6ece6f3d04", 0x79, 0xfffffffffffffffd) [ 690.926544] ? graph_lock+0x270/0x270 [ 690.930381] ? find_held_lock+0x36/0x1c0 [ 690.934462] ? handle_mm_fault+0x42a/0xc70 [ 690.938704] ? lock_downgrade+0x900/0x900 [ 690.942855] ? check_preemption_disabled+0x48/0x280 [ 690.947882] ? kasan_check_read+0x11/0x20 [ 690.952048] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 690.957353] ? rcu_read_unlock_special+0x370/0x370 [ 690.962395] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 690.967947] ? check_preemption_disabled+0x48/0x280 [ 690.972987] handle_mm_fault+0x54f/0xc70 [ 690.977152] ? __handle_mm_fault+0x5be0/0x5be0 [ 690.981745] ? __get_user_pages+0x148f/0x1ed0 [ 690.986388] __get_user_pages+0xa3d/0x1ed0 [ 690.990655] ? follow_page_mask+0x2160/0x2160 [ 690.995165] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 691.000712] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 691.005477] ? retint_kernel+0x2d/0x2d [ 691.009376] ? mark_held_locks+0xc7/0x130 [ 691.013544] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 691.018314] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 691.022906] ? retint_kernel+0x2d/0x2d [ 691.026819] ? trace_hardirqs_on_caller+0xc0/0x310 [ 691.031777] ? __mm_populate+0x31a/0x4d0 [ 691.035846] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 691.040615] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 691.046089] ? lock_release+0xa10/0xa10 [ 691.050082] ? perf_trace_sched_process_exec+0x860/0x860 [ 691.055554] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 691.060422] populate_vma_page_range+0x2db/0x3d0 [ 691.065194] ? follow_page+0x420/0x420 [ 691.069108] __mm_populate+0x286/0x4d0 [ 691.073020] ? populate_vma_page_range+0x3d0/0x3d0 [ 691.077970] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 691.083529] ? ns_capable_common+0x13f/0x170 [ 691.087399] cgroup: fork rejected by pids controller in /syz0 [ 691.087955] __x64_sys_mlockall+0x45b/0x630 [ 691.087977] ? __ia32_sys_munlock+0x160/0x160 [ 691.102666] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 691.108213] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 691.113594] ? trace_hardirqs_off_caller+0x300/0x300 [ 691.118724] do_syscall_64+0x1b9/0x820 [ 691.122629] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 691.128011] ? syscall_return_slowpath+0x5e0/0x5e0 [ 691.132958] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 691.137816] ? trace_hardirqs_on_caller+0x310/0x310 [ 691.142847] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 691.147880] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 691.153432] ? prepare_exit_to_usermode+0x291/0x3b0 [ 691.158471] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 691.163343] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 691.168544] RIP: 0033:0x457569 [ 691.171752] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 691.190658] RSP: 002b:00007fa93c547c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097 [ 691.190672] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 0000000000457569 [ 691.190680] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 691.190689] RBP: 000000000072bfa0 R08: 0000000000000000 R09: 0000000000000000 [ 691.190697] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fa93c5486d4 [ 691.190706] R13: 00000000004c2b54 R14: 00000000004d4810 R15: 00000000ffffffff [ 691.215463] Task in /syz1 killed as a result of limit of /syz1 [ 691.247599] memory: usage 307200kB, limit 307200kB, failcnt 4115 [ 691.256235] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 691.264774] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 691.272199] Memory cgroup stats for /syz1: cache:0KB rss:296620KB rss_huge:268288KB shmem:0KB mapped_file:132KB dirty:0KB writeback:0KB swap:0KB inactive_anon:58876KB active_anon:6732KB inactive_file:0KB active_file:4KB unevictable:231056KB [ 691.321239] Memory cgroup out of memory: Kill process 19847 (syz-executor1) score 1219 or sacrifice child [ 691.340098] Killed process 19879 (syz-executor1) total-vm:70468kB, anon-rss:18068kB, file-rss:32768kB, shmem-rss:0kB 00:53:47 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000000)=0x102, 0x4) bind$inet(r0, &(0x7f0000942000)={0x2, 0x4e20, @multicast1}, 0x10) getsockopt$IP_VS_SO_GET_SERVICE(r0, 0x0, 0x483, &(0x7f0000000300), &(0x7f00000000c0)=0xfe18) r1 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000400)='/dev/vga_arbiter\x00', 0x3fc, 0x0) getsockopt$IP6T_SO_GET_REVISION_MATCH(r1, 0x29, 0x44, &(0x7f0000000180)={'NETMAP\x00'}, &(0x7f00000001c0)=0x1e) mlockall(0x1) clone(0x0, 0x0, 0xfffffffffffffffe, &(0x7f0000000080), 0xffffffffffffffff) r2 = open(&(0x7f0000000140)='./file0\x00', 0x0, 0x99) exit(0x7fffffffbffefffd) r3 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mlockall(0x3) ioctl$VHOST_SET_VRING_CALL(r1, 0x4008af21, &(0x7f0000000500)={0x3, r2}) r4 = getpgid(0xffffffffffffffff) setpriority(0x1, r4, 0x5) r5 = getpgrp(0x0) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000280)={0xffffffffffffffff, r1, 0x0, 0xf, &(0x7f0000000240)='wlan0\\}md5sum#\x00'}, 0x30) setpgid(r5, r6) vmsplice(r3, &(0x7f00000008c0)=[{&(0x7f0000000800)="50e005e6815dc6b00b10002c519c66795de0d52fc076f1eb6a9c58cde88a6eef0093b24a178e84740aa6d1618e2033d38d4aea0fb17cda768820a83864ac14405192e4549c3ad33fca5d187507c5a984d6a0c72683e7af2d4a070000000000000005b6d0dce139e4c627395426a1f6fc0b416f7163eb07000000d9e0203181735ccac1e530c361262a0a5e0a98e9ca3d17f2f2f0c116fa9fbdbe757d93e323d17f29", 0xa2}], 0x1, 0xf) ioctl$EVIOCGEFFECTS(r1, 0x80044584, &(0x7f0000000580)=""/190) mq_notify(r1, &(0x7f0000000540)={0x0, 0x1c, 0x7, @thr={&(0x7f0000000440)="4c272be7ad31b92a7819bd4438656080ec27849a76ffa174b3fe114201140a34e5e6cb4d6a3ab9bcdc80a2717dd8542f33caa13b8c9cb9f5d11d4c66dc81779917000c05979ce491010f7259d0ecdb80fb30d6cba6e2b753ac23635fbb3d879cc2982fb4bbe1afcea02f12d11d43e1337c25411ae04bd8efc06636c455e15689c75b95c24f0dbdd30bdf91f2313a3e39b263ff5196302f1880765440d8b1", 0x0}}) accept4$inet(0xffffffffffffffff, &(0x7f00000000c0), &(0x7f0000000100)=0x10, 0x0) setsockopt$sock_int(r0, 0x1, 0x3c, &(0x7f0000d4effc)=0x1, 0x4) remap_file_pages(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x4, 0xa1, 0x40001) connect$inet(r0, &(0x7f00000002c0)={0x2, 0x4e20, @local}, 0x10) ioctl$FS_IOC_FSSETXATTR(r2, 0x401c5820, &(0x7f0000000200)={0x6d, 0x7fff, 0x400, 0x40, 0x4}) sendmmsg(r0, &(0x7f00000010c0)=[{{&(0x7f0000000bc0)=@in6={0xa, 0x20000d80, 0x0, @mcast1}, 0x80, &(0x7f0000000d40), 0x2fb, &(0x7f0000000d80)}}], 0x4000000000001b4, 0x40400d4) 00:53:47 executing program 4: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000280)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, 0x0, &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000480)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) read$FUSE(r0, &(0x7f0000003000), 0x4ea) write$FUSE_INIT(r0, &(0x7f0000000600)={0x50, 0x0, 0x2, {0x7, 0x1c, 0x0, 0x0, 0x7ff}}, 0x50) 00:53:47 executing program 3: syz_open_dev$mice(0x0, 0x0, 0x8000) r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000400)="2f6a7374617400c65381b47aaedf2af5c8af3423fc41891bd2a3c56d8c88e29bad43f1da906e855ff182de04227edcbbc2b1df8f180e158e8abd442cc049cffda030ff277875ee010000000000000000000000000000000000000000000000f532144d1671a6cdf5069e5bddcf25cd7f23956b4a82df900f5eb5763b4fe8cc7172962d2590b2dca2a1308c382541b053194d9027d83ee7ba2e3280857f8f9f63fc90bae959c6e67078bf97e615bfd9409914958aadcfb37973543c60d83526e5c267f7dfa54bd524cc9671dedd665199322bdadee125a35b40b7be0c07301f439a7edfa26fa98277c8078b02e2076291c33787c58b0eabbc39288fc10509409de108f5ca26a8c8e1afb70b2a9569cf8f4cdb6d4e97eb7fdf241dee160e6071618333cc0b0e8bc6a17a0b7d604550fd149ad078ffe54c6392fba29015a3ae73774cd12c9c0ed251a7cf843d712d", 0x2761, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)=ANY=[], &(0x7f00000001c0)='GPL\x00'}, 0x48) r1 = openat$cgroup_ro(r0, 0x0, 0x2761, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r1, 0x4030582a, &(0x7f0000000000)) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000840), 0x0, &(0x7f0000000700)}, 0x0) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x4030582a, &(0x7f0000000000)) 00:53:47 executing program 0: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000000)=0x102, 0x4) bind$inet(r0, &(0x7f0000942000)={0x2, 0x4e20, @multicast1}, 0x10) getsockopt$IP_VS_SO_GET_SERVICE(r0, 0x0, 0x483, &(0x7f0000000300), &(0x7f00000000c0)=0xfe18) r1 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000400)='/dev/vga_arbiter\x00', 0x3fc, 0x0) getsockopt$IP6T_SO_GET_REVISION_MATCH(r1, 0x29, 0x44, &(0x7f0000000180)={'NETMAP\x00'}, &(0x7f00000001c0)=0x1e) mlockall(0x1) clone(0x0, 0x0, 0xfffffffffffffffe, &(0x7f0000000080), 0xffffffffffffffff) r2 = open(&(0x7f0000000140)='./file0\x00', 0x0, 0x99) exit(0x7fffffffbffefffd) r3 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mlockall(0x3) ioctl$VHOST_SET_VRING_CALL(r1, 0x4008af21, &(0x7f0000000500)={0x3, r2}) r4 = getpgid(0xffffffffffffffff) setpriority(0x1, r4, 0x5) r5 = getpgrp(0x0) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000280)={0xffffffffffffffff, r1, 0x0, 0xf, &(0x7f0000000240)='wlan0\\}md5sum#\x00'}, 0x30) setpgid(r5, r6) vmsplice(r3, &(0x7f00000008c0)=[{&(0x7f0000000800)="50e005e6815dc6b00b10002c519c66795de0d52fc076f1eb6a9c58cde88a6eef0093b24a178e84740aa6d1618e2033d38d4aea0fb17cda768820a83864ac14405192e4549c3ad33fca5d187507c5a984d6a0c72683e7af2d4a070000000000000005b6d0dce139e4c627395426a1f6fc0b416f7163eb07000000d9e0203181735ccac1e530c361262a0a5e0a98e9ca3d17f2f2f0c116fa9fbdbe757d93e323d17f29", 0xa2}], 0x1, 0xf) ioctl$EVIOCGEFFECTS(r1, 0x80044584, &(0x7f0000000580)=""/190) mq_notify(r1, &(0x7f0000000540)={0x0, 0x1c, 0x7, @thr={&(0x7f0000000440)="4c272be7ad31b92a7819bd4438656080ec27849a76ffa174b3fe114201140a34e5e6cb4d6a3ab9bcdc80a2717dd8542f33caa13b8c9cb9f5d11d4c66dc81779917000c05979ce491010f7259d0ecdb80fb30d6cba6e2b753ac23635fbb3d879cc2982fb4bbe1afcea02f12d11d43e1337c25411ae04bd8efc06636c455e15689c75b95c24f0dbdd30bdf91f2313a3e39b263ff5196302f1880765440d8b1", 0x0}}) accept4$inet(0xffffffffffffffff, &(0x7f00000000c0), &(0x7f0000000100)=0x10, 0x0) setsockopt$sock_int(r0, 0x1, 0x3c, &(0x7f0000d4effc)=0x1, 0x4) remap_file_pages(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x4, 0xa1, 0x40001) connect$inet(r0, &(0x7f00000002c0)={0x2, 0x4e20, @local}, 0x10) ioctl$FS_IOC_FSSETXATTR(r2, 0x401c5820, &(0x7f0000000200)={0x6d, 0x7fff, 0x400, 0x40, 0x4}) sendmmsg(r0, &(0x7f00000010c0)=[{{&(0x7f0000000bc0)=@in6={0xa, 0xffffff7f00000000, 0x0, @mcast1}, 0x80, &(0x7f0000000d40), 0x2fb, &(0x7f0000000d80)}}], 0x4000000000001b4, 0x40400d4) 00:53:47 executing program 2: r0 = add_key$user(&(0x7f0000000040)='user\x00', &(0x7f0000000000)={'syz'}, &(0x7f0000000380)='X', 0x1, 0xfffffffffffffffe) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getsockopt$IP_VS_SO_GET_VERSION(0xffffffffffffffff, 0x0, 0x480, 0x0, 0x0) keyctl$update(0x2, r0, &(0x7f0000000440)="c0ca1cdbaa1aedbbed80dddaa28e15b9449e2e82cca4244c40ffd0fd4e6631c7d3d86e1339de17344340b02dd527f2d8b3ae6c1db3594e657da33c3ec668f143974a65753472df5319a6b83e1e86b8f2666c61a2e700d1c1e0ae1fc52494bd4885a5c64e9007d39fa11313805290dd6342f9775f01a02ec88f6bee22f25a377a9b143abba1264586d2779088006d5f9be82b00f10287031623f73470264cc5897f18f357aad6deb3883da88ae2266664933785a3ce72bb224a441437ea93c21782d4501b9dfbf48a9f3ea14cb792a7876f17297a8c870d7a2d46a36a2cd3e33e21894d91caa64b131dbf5c53066c1ac83ceba29ceab25127e8", 0xf9) r1 = syz_open_dev$swradio(&(0x7f00000000c0)='/dev/swradio#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f0000000340)={0x0, 0x9, 0x1, {0xb, @pix={0x0, 0x1f}}}) mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xfffffffffffffffd, 0x11, r1, 0x0) clone(0x0, &(0x7f0000000080), &(0x7f0000000000), &(0x7f0000915ffc), &(0x7f0000000180)) ioctl$ASHMEM_GET_SIZE(0xffffffffffffffff, 0x7704, 0x0) add_key$user(&(0x7f0000000240)='user\x00', &(0x7f0000000540)={'syz'}, &(0x7f0000000600)="63bbdf5b932bb04481028798fd5fb1bf7183b30984e21c3eb3094d70650ee8624e2bdce1427bd61c8e222dbd67d402b7ccaf0c5dc50030ee14d419fa9c84b0ffd1019f1b2ae022a0f182301f9942566e6f61eabe384c732d0813a18bb3dc9f3a678d9d44e6293e786ab2e6d28f236c138d63fe4f6ece6f3d04", 0x79, 0xfffffffffffffffd) openat$autofs(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/autofs\x00', 0x401, 0x0) ioctl$sock_SIOCGPGRP(0xffffffffffffffff, 0x8904, 0x0) 00:53:47 executing program 5: r0 = add_key$user(&(0x7f0000000040)='user\x00', &(0x7f0000000000)={'syz'}, &(0x7f0000000380)='X', 0x1, 0xfffffffffffffffe) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getsockopt$IP_VS_SO_GET_VERSION(0xffffffffffffffff, 0x0, 0x480, 0x0, 0x0) keyctl$update(0x2, r0, &(0x7f0000000440)="c0ca1cdbaa1aedbbed80dddaa28e15b9449e2e82cca4244c40ffd0fd4e6631c7d3d86e1339de17344340b02dd527f2d8b3ae6c1db3594e657da33c3ec668f143974a65753472df5319a6b83e1e86b8f2666c61a2e700d1c1e0ae1fc52494bd4885a5c64e9007d39fa11313805290dd6342f9775f01a02ec88f6bee22f25a377a9b143abba1264586d2779088006d5f9be82b00f10287031623f73470264cc5897f18f357aad6deb3883da88ae2266664933785a3ce72bb224a441437ea93c21782d4501b9dfbf48a9f3ea14cb792a7876f17297a8c870d7a2d46a36a2cd3e33e21894d91caa64b131dbf5c53066c1ac83ceba29ceab25127e8", 0xf9) r1 = syz_open_dev$swradio(&(0x7f00000000c0)='/dev/swradio#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f0000000340)={0x0, 0x9, 0x1, {0xb, @pix={0x0, 0x1f}}}) mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xfffffffffffffffd, 0x11, r1, 0x0) clone(0x0, &(0x7f0000000080), &(0x7f0000000000), &(0x7f0000915ffc), &(0x7f0000000180)) ioctl$ASHMEM_GET_SIZE(0xffffffffffffffff, 0x7704, 0x0) add_key$user(&(0x7f0000000240)='user\x00', &(0x7f0000000540)={'syz'}, &(0x7f0000000600)="63bbdf5b932bb04481028798fd5fb1bf7183b30984e21c3eb3094d70650ee8624e2bdce1427bd61c8e222dbd67d402b7ccaf0c5dc50030ee14d419fa9c84b0ffd1019f1b2ae022a0f182301f9942566e6f61eabe384c732d0813a18bb3dc9f3a678d9d44e6293e786ab2e6d28f236c138d63fe4f6ece6f3d04", 0x79, 0xfffffffffffffffd) 00:53:47 executing program 4: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000280)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', 0x0, 0x0, &(0x7f0000000480)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) read$FUSE(r0, &(0x7f0000003000), 0x4ea) write$FUSE_INIT(r0, &(0x7f0000000600)={0x50, 0x0, 0x2, {0x7, 0x1c, 0x0, 0x0, 0x7ff}}, 0x50) 00:53:47 executing program 4: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000280)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, 0x0) read$FUSE(r0, &(0x7f0000003000), 0x4ea) write$FUSE_INIT(r0, &(0x7f0000000600)={0x50, 0x0, 0x2, {0x7, 0x1c, 0x0, 0x0, 0x7ff}}, 0x50) [ 692.517411] syz-executor0 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=1000 00:53:47 executing program 2: r0 = add_key$user(&(0x7f0000000040)='user\x00', &(0x7f0000000000)={'syz'}, &(0x7f0000000380)='X', 0x1, 0xfffffffffffffffe) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getsockopt$IP_VS_SO_GET_VERSION(0xffffffffffffffff, 0x0, 0x480, 0x0, 0x0) keyctl$update(0x2, r0, &(0x7f0000000440)="c0ca1cdbaa1aedbbed80dddaa28e15b9449e2e82cca4244c40ffd0fd4e6631c7d3d86e1339de17344340b02dd527f2d8b3ae6c1db3594e657da33c3ec668f143974a65753472df5319a6b83e1e86b8f2666c61a2e700d1c1e0ae1fc52494bd4885a5c64e9007d39fa11313805290dd6342f9775f01a02ec88f6bee22f25a377a9b143abba1264586d2779088006d5f9be82b00f10287031623f73470264cc5897f18f357aad6deb3883da88ae2266664933785a3ce72bb224a441437ea93c21782d4501b9dfbf48a9f3ea14cb792a7876f17297a8c870d7a2d46a36a2cd3e33e21894d91caa64b131dbf5c53066c1ac83ceba29ceab25127e8", 0xf9) r1 = syz_open_dev$swradio(&(0x7f00000000c0)='/dev/swradio#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f0000000340)={0x0, 0x9, 0x1, {0xb, @pix={0x0, 0x1f}}}) mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xfffffffffffffffd, 0x11, r1, 0x0) clone(0x0, &(0x7f0000000080), &(0x7f0000000000), &(0x7f0000915ffc), &(0x7f0000000180)) ioctl$ASHMEM_GET_SIZE(0xffffffffffffffff, 0x7704, 0x0) add_key$user(&(0x7f0000000240)='user\x00', &(0x7f0000000540)={'syz'}, &(0x7f0000000600)="63bbdf5b932bb04481028798fd5fb1bf7183b30984e21c3eb3094d70650ee8624e2bdce1427bd61c8e222dbd67d402b7ccaf0c5dc50030ee14d419fa9c84b0ffd1019f1b2ae022a0f182301f9942566e6f61eabe384c732d0813a18bb3dc9f3a678d9d44e6293e786ab2e6d28f236c138d63fe4f6ece6f3d04", 0x79, 0xfffffffffffffffd) openat$autofs(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/autofs\x00', 0x401, 0x0) ioctl$sock_SIOCGPGRP(0xffffffffffffffff, 0x8904, 0x0) [ 692.582917] syz-executor0 cpuset=syz0 mems_allowed=0 [ 692.588213] CPU: 0 PID: 19909 Comm: syz-executor0 Not tainted 4.20.0-rc1-next-20181109+ #110 [ 692.596791] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 692.606254] Call Trace: [ 692.608848] dump_stack+0x244/0x39d [ 692.612491] ? dump_stack_print_info.cold.1+0x20/0x20 [ 692.617702] dump_header+0x27b/0xf72 [ 692.621464] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 692.627034] ? pagefault_out_of_memory+0x197/0x197 [ 692.631975] ? debug_smp_processor_id+0x1c/0x20 [ 692.636653] ? perf_trace_lock_acquire+0x15b/0x800 [ 692.641606] ? perf_trace_lock+0x7a0/0x7a0 [ 692.645861] ? graph_lock+0x270/0x270 [ 692.649678] ? print_usage_bug+0xc0/0xc0 [ 692.653757] ? perf_trace_lock+0x7a0/0x7a0 [ 692.658009] ? find_held_lock+0x36/0x1c0 [ 692.662087] ? mark_held_locks+0xc7/0x130 [ 692.666249] ? _raw_spin_unlock_irqrestore+0x82/0xd0 [ 692.671360] ? _raw_spin_unlock_irqrestore+0x82/0xd0 [ 692.676479] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 692.681069] ? trace_hardirqs_on+0xbd/0x310 [ 692.685404] ? kasan_check_read+0x11/0x20 [ 692.689557] ? ___ratelimit+0x3b4/0x672 [ 692.693546] ? trace_hardirqs_off_caller+0x300/0x300 [ 692.699103] ? trace_hardirqs_on+0x310/0x310 [ 692.703525] ? lock_downgrade+0x900/0x900 [ 692.707697] ? _raw_spin_unlock_irqrestore+0x6d/0xd0 [ 692.712801] ? ___ratelimit+0x3b9/0x672 [ 692.716782] ? idr_get_free+0xf70/0xf70 [ 692.720760] ? _raw_spin_unlock_irq+0x27/0x80 [ 692.725263] ? _raw_spin_unlock_irq+0x27/0x80 [ 692.729780] oom_kill_process.cold.27+0x10/0x903 [ 692.734549] ? _raw_spin_unlock_irq+0x27/0x80 [ 692.739061] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 692.743662] ? oom_evaluate_task+0x540/0x540 [ 692.748095] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 692.753642] ? cgroup_procs_next+0x70/0x70 [ 692.757889] ? _raw_spin_unlock_irq+0x60/0x80 [ 692.762401] ? oom_badness+0xaa0/0xaa0 [ 692.766321] ? mem_cgroup_scan_tasks+0x1c3/0x1e0 [ 692.771089] ? mem_cgroup_iter_break+0x30/0x30 [ 692.775700] ? mark_held_locks+0xc7/0x130 [ 692.779864] out_of_memory+0xa7f/0x1430 [ 692.783850] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 692.788456] ? kasan_check_read+0x11/0x20 [ 692.792617] ? oom_killer_disable+0x3a0/0x3a0 [ 692.797175] mem_cgroup_out_of_memory+0x15e/0x210 [ 692.802042] ? memory_oom_group_write+0x160/0x160 [ 692.806888] ? mem_cgroup_try_charge+0x627/0xe20 [ 692.806914] ? page_counter_try_charge+0x1c1/0x220 [ 692.806935] try_charge+0xdcd/0x1720 [ 692.806951] ? kasan_check_read+0x11/0x20 [ 692.806972] ? mem_cgroup_from_task+0x1f0/0x1f0 [ 692.816635] ? get_mem_cgroup_from_mm.part.62+0x221/0x880 [ 692.816657] ? lock_page_memcg+0x350/0x350 [ 692.816683] ? lock_acquire+0x1ed/0x520 [ 692.842905] ? mem_cgroup_oom_control_write+0x100/0x100 [ 692.848284] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 692.853843] ? check_preemption_disabled+0x48/0x280 [ 692.858878] ? kasan_check_read+0x11/0x20 [ 692.863036] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 692.868331] ? rcu_softirq_qs+0x20/0x20 [ 692.872344] mem_cgroup_try_charge+0x627/0xe20 [ 692.876955] ? undo_dev_pagemap+0x680/0x680 [ 692.881296] ? mem_cgroup_protected+0xa60/0xa60 [ 692.886166] ? __lock_acquire+0x62f/0x4c20 [ 692.890434] ? __handle_mm_fault+0x2da9/0x5be0 [ 692.895040] ? mark_held_locks+0x130/0x130 [ 692.899295] ? do_raw_spin_unlock+0xa7/0x330 [ 692.903756] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 692.909318] mem_cgroup_try_charge_delay+0x1d/0xa0 [ 692.914320] __handle_mm_fault+0x284e/0x5be0 [ 692.918842] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 692.923729] ? __switch_to_asm+0x34/0x70 [ 692.927836] ? perf_trace_lock+0x7a0/0x7a0 [ 692.932117] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 692.937661] ? pmd_huge+0xf4/0x140 [ 692.941230] ? graph_lock+0x270/0x270 [ 692.945041] ? graph_lock+0x270/0x270 [ 692.948861] ? find_held_lock+0x36/0x1c0 [ 692.952943] ? handle_mm_fault+0x42a/0xc70 [ 692.957218] ? lock_downgrade+0x900/0x900 [ 692.961466] ? check_preemption_disabled+0x48/0x280 [ 692.966519] ? kasan_check_read+0x11/0x20 [ 692.970676] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 692.975963] ? rcu_read_unlock_special+0x370/0x370 [ 692.980916] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 692.986463] ? check_preemption_disabled+0x48/0x280 [ 692.991498] handle_mm_fault+0x54f/0xc70 [ 692.995574] ? __handle_mm_fault+0x5be0/0x5be0 [ 693.000168] ? __get_user_pages+0x8f8/0x1ed0 [ 693.004591] __get_user_pages+0xa3d/0x1ed0 [ 693.008873] ? follow_page_mask+0x2160/0x2160 [ 693.013401] ? debug_smp_processor_id+0x1c/0x20 [ 693.018075] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 693.023639] ? graph_lock+0x270/0x270 [ 693.027447] ? rcu_is_watching+0x30/0x30 [ 693.031517] ? graph_lock+0x270/0x270 [ 693.035321] ? kzfree+0x28/0x30 [ 693.038634] ? lock_acquire+0x1ed/0x520 [ 693.042621] ? __mm_populate+0x31a/0x4d0 [ 693.046760] ? lock_release+0xa10/0xa10 [ 693.050798] ? perf_trace_sched_process_exec+0x860/0x860 [ 693.056277] populate_vma_page_range+0x2db/0x3d0 [ 693.061056] ? follow_page+0x420/0x420 [ 693.065045] ? find_vma+0x34/0x190 [ 693.068604] __mm_populate+0x286/0x4d0 [ 693.072511] ? populate_vma_page_range+0x3d0/0x3d0 [ 693.077456] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 693.083008] ? ns_capable_common+0x13f/0x170 [ 693.087438] __x64_sys_mlockall+0x45b/0x630 [ 693.091775] ? __ia32_sys_munlock+0x160/0x160 [ 693.096281] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 693.101836] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 693.107215] ? trace_hardirqs_off_caller+0x300/0x300 [ 693.112348] do_syscall_64+0x1b9/0x820 [ 693.112369] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 693.112396] ? syscall_return_slowpath+0x5e0/0x5e0 [ 693.112412] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 693.112431] ? trace_hardirqs_on_caller+0x310/0x310 [ 693.112449] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 693.121773] ? prepare_exit_to_usermode+0x291/0x3b0 [ 693.121802] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 693.121831] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 693.121845] RIP: 0033:0x457569 [ 693.121861] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00:53:47 executing program 5: r0 = add_key$user(&(0x7f0000000040)='user\x00', &(0x7f0000000000)={'syz'}, &(0x7f0000000380)='X', 0x1, 0xfffffffffffffffe) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getsockopt$IP_VS_SO_GET_VERSION(0xffffffffffffffff, 0x0, 0x480, 0x0, 0x0) keyctl$update(0x2, r0, &(0x7f0000000440)="c0ca1cdbaa1aedbbed80dddaa28e15b9449e2e82cca4244c40ffd0fd4e6631c7d3d86e1339de17344340b02dd527f2d8b3ae6c1db3594e657da33c3ec668f143974a65753472df5319a6b83e1e86b8f2666c61a2e700d1c1e0ae1fc52494bd4885a5c64e9007d39fa11313805290dd6342f9775f01a02ec88f6bee22f25a377a9b143abba1264586d2779088006d5f9be82b00f10287031623f73470264cc5897f18f357aad6deb3883da88ae2266664933785a3ce72bb224a441437ea93c21782d4501b9dfbf48a9f3ea14cb792a7876f17297a8c870d7a2d46a36a2cd3e33e21894d91caa64b131dbf5c53066c1ac83ceba29ceab25127e8", 0xf9) r1 = syz_open_dev$swradio(&(0x7f00000000c0)='/dev/swradio#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f0000000340)={0x0, 0x9, 0x1, {0xb, @pix={0x0, 0x1f}}}) mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xfffffffffffffffd, 0x11, r1, 0x0) clone(0x0, &(0x7f0000000080), &(0x7f0000000000), &(0x7f0000915ffc), &(0x7f0000000180)) ioctl$ASHMEM_GET_SIZE(0xffffffffffffffff, 0x7704, 0x0) add_key$user(&(0x7f0000000240)='user\x00', &(0x7f0000000540)={'syz'}, &(0x7f0000000600)="63bbdf5b932bb04481028798fd5fb1bf7183b30984e21c3eb3094d70650ee8624e2bdce1427bd61c8e222dbd67d402b7ccaf0c5dc50030ee14d419fa9c84b0ffd1019f1b2ae022a0f182301f9942566e6f61eabe384c732d0813a18bb3dc9f3a678d9d44e6293e786ab2e6d28f236c138d63fe4f6ece6f3d04", 0x79, 0xfffffffffffffffd) openat$autofs(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/autofs\x00', 0x401, 0x0) ioctl$sock_SIOCGPGRP(0xffffffffffffffff, 0x8904, 0x0) 00:53:47 executing program 5: r0 = add_key$user(&(0x7f0000000040)='user\x00', &(0x7f0000000000)={'syz'}, &(0x7f0000000380)='X', 0x1, 0xfffffffffffffffe) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getsockopt$IP_VS_SO_GET_VERSION(0xffffffffffffffff, 0x0, 0x480, 0x0, 0x0) keyctl$update(0x2, r0, &(0x7f0000000440)="c0ca1cdbaa1aedbbed80dddaa28e15b9449e2e82cca4244c40ffd0fd4e6631c7d3d86e1339de17344340b02dd527f2d8b3ae6c1db3594e657da33c3ec668f143974a65753472df5319a6b83e1e86b8f2666c61a2e700d1c1e0ae1fc52494bd4885a5c64e9007d39fa11313805290dd6342f9775f01a02ec88f6bee22f25a377a9b143abba1264586d2779088006d5f9be82b00f10287031623f73470264cc5897f18f357aad6deb3883da88ae2266664933785a3ce72bb224a441437ea93c21782d4501b9dfbf48a9f3ea14cb792a7876f17297a8c870d7a2d46a36a2cd3e33e21894d91caa64b131dbf5c53066c1ac83ceba29ceab25127e8", 0xf9) r1 = syz_open_dev$swradio(&(0x7f00000000c0)='/dev/swradio#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f0000000340)={0x0, 0x9, 0x1, {0xb, @pix={0x0, 0x1f}}}) mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xfffffffffffffffd, 0x11, r1, 0x0) clone(0x0, &(0x7f0000000080), &(0x7f0000000000), &(0x7f0000915ffc), &(0x7f0000000180)) ioctl$ASHMEM_GET_SIZE(0xffffffffffffffff, 0x7704, 0x0) add_key$user(&(0x7f0000000240)='user\x00', &(0x7f0000000540)={'syz'}, &(0x7f0000000600)="63bbdf5b932bb04481028798fd5fb1bf7183b30984e21c3eb3094d70650ee8624e2bdce1427bd61c8e222dbd67d402b7ccaf0c5dc50030ee14d419fa9c84b0ffd1019f1b2ae022a0f182301f9942566e6f61eabe384c732d0813a18bb3dc9f3a678d9d44e6293e786ab2e6d28f236c138d63fe4f6ece6f3d04", 0x79, 0xfffffffffffffffd) openat$autofs(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/autofs\x00', 0x401, 0x0) ioctl$sock_SIOCGPGRP(0xffffffffffffffff, 0x8904, 0x0) 00:53:48 executing program 4: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000280)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000480)={{'fd'}, 0x2c, {'rootmode', 0x3d, 0x4000}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) read$FUSE(r0, &(0x7f0000003000), 0x4ea) write$FUSE_INIT(r0, &(0x7f0000000600)={0x50, 0x0, 0x2, {0x7, 0x1c, 0x0, 0x0, 0x7ff}}, 0x50) [ 693.121870] RSP: 002b:00007f835d8a6c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097 [ 693.121886] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 0000000000457569 [ 693.121893] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001 [ 693.121905] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 693.208316] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f835d8a76d4 [ 693.215610] R13: 00000000004c2b54 R14: 00000000004d4810 R15: 00000000ffffffff [ 693.419701] Task in /syz0 killed as a result of limit of /syz0 [ 693.426189] memory: usage 307200kB, limit 307200kB, failcnt 1201 [ 693.433555] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 693.440758] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 693.447554] Memory cgroup stats for /syz0: cache:144KB rss:296704KB rss_huge:266240KB shmem:28KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:51348KB active_anon:15032KB inactive_file:0KB active_file:0KB unevictable:230424KB [ 693.469684] Memory cgroup out of memory: Kill process 12263 (syz-executor0) score 1156 or sacrifice child [ 693.479822] Killed process 12263 (syz-executor0) total-vm:70864kB, anon-rss:18452kB, file-rss:32768kB, shmem-rss:0kB [ 693.500855] oom_reaper: reaped process 12263 (syz-executor0), now anon-rss:0kB, file-rss:32768kB, shmem-rss:0kB [ 693.603049] syz-executor1 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=1000 [ 693.615413] syz-executor1 cpuset=syz1 mems_allowed=0 [ 693.621180] CPU: 1 PID: 19941 Comm: syz-executor1 Not tainted 4.20.0-rc1-next-20181109+ #110 [ 693.629823] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 693.639200] Call Trace: [ 693.641852] dump_stack+0x244/0x39d [ 693.645560] ? dump_stack_print_info.cold.1+0x20/0x20 [ 693.650787] ? mark_held_locks+0x130/0x130 [ 693.655037] dump_header+0x27b/0xf72 [ 693.658768] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 693.664326] ? pagefault_out_of_memory+0x197/0x197 [ 693.669281] ? debug_smp_processor_id+0x1c/0x20 [ 693.673962] ? perf_trace_lock_acquire+0x15b/0x800 [ 693.678885] ? perf_trace_lock+0x7a0/0x7a0 [ 693.683121] ? graph_lock+0x270/0x270 [ 693.686910] ? print_usage_bug+0xc0/0xc0 [ 693.690968] ? find_held_lock+0x36/0x1c0 [ 693.695020] ? mark_held_locks+0xc7/0x130 [ 693.699154] ? _raw_spin_unlock_irqrestore+0x82/0xd0 [ 693.704246] ? _raw_spin_unlock_irqrestore+0x82/0xd0 [ 693.709354] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 693.713938] ? trace_hardirqs_on+0xbd/0x310 [ 693.718256] ? kasan_check_read+0x11/0x20 [ 693.722425] ? ___ratelimit+0x3b4/0x672 [ 693.726411] ? trace_hardirqs_off_caller+0x300/0x300 [ 693.731525] ? trace_hardirqs_on+0x310/0x310 [ 693.735943] ? lock_downgrade+0x900/0x900 [ 693.740111] ? _raw_spin_unlock_irqrestore+0x6d/0xd0 [ 693.745332] ? ___ratelimit+0x3b9/0x672 [ 693.749328] ? idr_get_free+0xf70/0xf70 [ 693.753317] ? _raw_spin_unlock_irq+0x27/0x80 [ 693.757826] ? _raw_spin_unlock_irq+0x27/0x80 [ 693.762449] oom_kill_process.cold.27+0x10/0x903 [ 693.767223] ? _raw_spin_unlock_irq+0x27/0x80 [ 693.771734] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 693.776334] ? oom_evaluate_task+0x540/0x540 [ 693.780776] ? cgroup_procs_next+0x70/0x70 [ 693.785023] ? _raw_spin_unlock_irq+0x60/0x80 [ 693.789526] ? oom_badness+0xaa0/0xaa0 [ 693.793426] ? mem_cgroup_scan_tasks+0x1c3/0x1e0 [ 693.798193] ? mem_cgroup_iter_break+0x30/0x30 [ 693.802805] ? mark_held_locks+0xc7/0x130 [ 693.806997] out_of_memory+0xa7f/0x1430 [ 693.810984] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 693.815575] ? kasan_check_read+0x11/0x20 [ 693.819732] ? oom_killer_disable+0x3a0/0x3a0 [ 693.824261] mem_cgroup_out_of_memory+0x15e/0x210 [ 693.829121] ? retint_kernel+0x2d/0x2d [ 693.833024] ? memory_oom_group_write+0x160/0x160 [ 693.837905] try_charge+0xdcd/0x1720 [ 693.841633] ? kasan_check_read+0x11/0x20 [ 693.845801] ? mem_cgroup_from_task+0x1f0/0x1f0 [ 693.850490] ? get_mem_cgroup_from_mm.part.62+0x221/0x880 [ 693.856046] ? lock_page_memcg+0x350/0x350 [ 693.860320] ? lock_acquire+0x1ed/0x520 [ 693.864315] ? mem_cgroup_oom_control_write+0x100/0x100 [ 693.870208] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 693.875769] ? check_preemption_disabled+0x48/0x280 [ 693.880798] ? kasan_check_read+0x11/0x20 [ 693.884960] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 693.890245] ? rcu_softirq_qs+0x20/0x20 [ 693.894250] mem_cgroup_try_charge+0x627/0xe20 [ 693.898878] ? mem_cgroup_protected+0xa60/0xa60 [ 693.903560] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 693.909107] ? page_mapping+0x5a2/0xa50 [ 693.913140] ? mem_cgroup_uncharge+0x100/0x100 [ 693.917739] ? page_evictable+0x2de/0x540 [ 693.921911] ? lock_downgrade+0x900/0x900 [ 693.926067] ? check_preemption_disabled+0x48/0x280 [ 693.931098] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 693.936656] mem_cgroup_try_charge_delay+0x1d/0xa0 [ 693.941600] wp_page_copy+0x51d/0x24f0 [ 693.945510] ? follow_pfn+0x2e0/0x2e0 [ 693.949343] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 693.954884] ? reuse_swap_page+0x4bd/0x1520 [ 693.959215] ? swp_swapcount+0x530/0x530 [ 693.963294] ? perf_trace_mm_lru_insertion+0x1490/0x1490 [ 693.968784] ? print_usage_bug+0xc0/0xc0 [ 693.972858] ? perf_swevent_start_hrtimer.part.75+0x19a/0x260 [ 693.978752] ? do_raw_spin_unlock+0xa7/0x330 [ 693.983186] ? kvm_sched_clock_read+0x9/0x20 [ 693.987625] ? sched_clock+0x31/0x50 [ 693.991346] ? sched_clock_cpu+0x1b/0x1b0 [ 693.995503] ? graph_lock+0x270/0x270 [ 693.999327] ? __lock_acquire+0x62f/0x4c20 [ 694.003567] ? task_clock_event_start+0x1f0/0x1f0 [ 694.008418] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 694.013962] ? check_preemption_disabled+0x48/0x280 [ 694.018996] ? find_held_lock+0x36/0x1c0 [ 694.023076] ? do_wp_page+0x518/0x2920 [ 694.026973] ? lock_downgrade+0x900/0x900 [ 694.031138] ? wake_up_page_bit+0x6f0/0x6f0 [ 694.035474] ? kasan_check_read+0x11/0x20 [ 694.039893] ? do_raw_spin_unlock+0xa7/0x330 [ 694.044327] ? do_raw_spin_trylock+0x270/0x270 [ 694.048930] ? __pte_alloc_kernel+0x220/0x220 [ 694.053450] ? perf_trace_lock_acquire+0x15b/0x800 [ 694.058463] do_wp_page+0x520/0x2920 [ 694.062189] ? check_preemption_disabled+0x48/0x280 [ 694.067223] ? finish_mkwrite_fault+0x650/0x650 [ 694.071911] ? print_usage_bug+0xc0/0xc0 [ 694.075986] ? perf_trace_lock+0x7a0/0x7a0 [ 694.080236] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 694.085813] ? __lock_acquire+0x62f/0x4c20 [ 694.090070] ? mark_held_locks+0xc7/0x130 [ 694.094235] ? mark_held_locks+0x130/0x130 [ 694.098486] ? follow_page_pte+0xdd7/0x1ab0 [ 694.102821] ? lock_downgrade+0x900/0x900 [ 694.106982] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 694.112532] ? check_preemption_disabled+0x48/0x280 [ 694.117561] ? debug_smp_processor_id+0x1c/0x20 [ 694.122238] ? perf_trace_lock_acquire+0x15b/0x800 [ 694.127279] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 694.132854] ? follow_page_pte+0x4f9/0x1ab0 [ 694.137185] ? print_usage_bug+0xc0/0xc0 [ 694.141273] ? undo_dev_pagemap+0x680/0x680 [ 694.145617] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 694.150381] ? __lock_acquire+0x62f/0x4c20 [ 694.154635] ? lock_acquire+0x1ed/0x520 [ 694.158615] ? __handle_mm_fault+0x1fa9/0x5be0 [ 694.163211] ? kasan_check_write+0x14/0x20 [ 694.167446] ? do_raw_spin_lock+0x14f/0x350 [ 694.171778] ? rwlock_bug.part.2+0x90/0x90 [ 694.176031] ? __switch_to_asm+0x34/0x70 [ 694.180107] __handle_mm_fault+0x3be9/0x5be0 [ 694.184539] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 694.189389] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 694.193987] ? perf_trace_lock+0x7a0/0x7a0 [ 694.198236] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 694.203802] ? pmd_huge+0xf4/0x140 [ 694.207359] ? graph_lock+0x270/0x270 [ 694.211163] ? graph_lock+0x270/0x270 [ 694.214976] ? find_held_lock+0x36/0x1c0 [ 694.219054] ? handle_mm_fault+0x42a/0xc70 [ 694.223301] ? lock_downgrade+0x900/0x900 [ 694.227468] ? check_preemption_disabled+0x48/0x280 [ 694.232486] ? kasan_check_read+0x11/0x20 [ 694.236709] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 694.241971] ? rcu_read_unlock_special+0x370/0x370 [ 694.246888] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 694.252412] ? check_preemption_disabled+0x48/0x280 [ 694.257417] handle_mm_fault+0x54f/0xc70 [ 694.261465] ? __handle_mm_fault+0x5be0/0x5be0 [ 694.266049] ? write_comp_data+0x14/0x70 [ 694.270140] __get_user_pages+0xa3d/0x1ed0 [ 694.274379] ? follow_page_mask+0x2160/0x2160 [ 694.278862] ? debug_smp_processor_id+0x1c/0x20 [ 694.283525] ? mark_held_locks+0xc7/0x130 [ 694.287663] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 694.292408] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 694.297155] ? lock_acquire+0x1ed/0x520 [ 694.301113] ? __mm_populate+0x31a/0x4d0 [ 694.305165] ? lock_release+0xa10/0xa10 [ 694.309135] ? perf_trace_sched_process_exec+0x860/0x860 [ 694.314579] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 694.319334] populate_vma_page_range+0x2db/0x3d0 [ 694.324074] ? follow_page+0x420/0x420 [ 694.327957] ? find_vma+0x34/0x190 [ 694.331484] __mm_populate+0x286/0x4d0 [ 694.335367] ? populate_vma_page_range+0x3d0/0x3d0 [ 694.340303] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 694.345828] ? ns_capable_common+0x13f/0x170 [ 694.350242] __x64_sys_mlockall+0x45b/0x630 [ 694.354549] ? __ia32_sys_munlock+0x160/0x160 [ 694.359029] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 694.364553] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 694.369914] ? trace_hardirqs_off_caller+0x300/0x300 [ 694.375039] do_syscall_64+0x1b9/0x820 [ 694.378914] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 694.384286] ? syscall_return_slowpath+0x5e0/0x5e0 [ 694.389202] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 694.394034] ? trace_hardirqs_on_caller+0x310/0x310 [ 694.399035] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 694.404039] ? prepare_exit_to_usermode+0x291/0x3b0 [ 694.409131] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 694.413965] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 694.419139] RIP: 0033:0x457569 [ 694.422318] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 694.441203] RSP: 002b:00007fa93c547c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097 [ 694.448899] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 0000000000457569 [ 694.456165] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 694.463430] RBP: 000000000072bfa0 R08: 0000000000000000 R09: 0000000000000000 [ 694.470683] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fa93c5486d4 [ 694.477935] R13: 00000000004c2b54 R14: 00000000004d4810 R15: 00000000ffffffff [ 694.488086] Task in /syz1 killed as a result of limit of /syz1 [ 694.495140] memory: usage 307200kB, limit 307200kB, failcnt 4145 [ 694.501923] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 694.508734] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 694.515143] Memory cgroup stats for /syz1: cache:0KB rss:296560KB rss_huge:268288KB shmem:0KB mapped_file:132KB dirty:0KB writeback:0KB swap:0KB inactive_anon:58868KB active_anon:6732KB inactive_file:4KB active_file:0KB unevictable:231056KB [ 694.537675] Memory cgroup out of memory: Kill process 19916 (syz-executor1) score 1219 or sacrifice child [ 694.548130] Killed process 19946 (syz-executor1) total-vm:70468kB, anon-rss:18068kB, file-rss:32896kB, shmem-rss:0kB [ 694.563769] syz-executor0 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=1000 [ 694.580663] syz-executor0 cpuset=syz0 mems_allowed=0 [ 694.589914] CPU: 0 PID: 19954 Comm: syz-executor0 Not tainted 4.20.0-rc1-next-20181109+ #110 [ 694.598503] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 694.607856] Call Trace: [ 694.610453] dump_stack+0x244/0x39d [ 694.614108] ? dump_stack_print_info.cold.1+0x20/0x20 [ 694.619310] ? mark_held_locks+0x130/0x130 [ 694.623566] dump_header+0x27b/0xf72 [ 694.627295] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 694.631885] ? retint_kernel+0x2d/0x2d [ 694.635792] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 694.641340] ? pagefault_out_of_memory+0x197/0x197 [ 694.646281] ? print_usage_bug+0xc0/0xc0 [ 694.650350] ? debug_smp_processor_id+0x1c/0x20 [ 694.655020] ? perf_trace_lock_acquire+0x15b/0x800 [ 694.659963] ? perf_trace_lock+0x7a0/0x7a0 [ 694.664222] ? mark_held_locks+0xc7/0x130 [ 694.668367] ? print_usage_bug+0xc0/0xc0 [ 694.672435] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 694.677224] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 694.681814] ? retint_kernel+0x2d/0x2d [ 694.685708] ? trace_hardirqs_on_caller+0xc0/0x310 [ 694.690643] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 694.695404] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 694.701403] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 694.706174] ? retint_kernel+0x2d/0x2d [ 694.710087] ? _raw_spin_unlock_irqrestore+0xaf/0xd0 [ 694.715228] ? _raw_spin_unlock_irqrestore+0x6d/0xd0 [ 694.720338] ? ___ratelimit+0x3b9/0x672 [ 694.724320] ? idr_get_free+0xf70/0xf70 [ 694.728312] oom_kill_process.cold.27+0x10/0x903 [ 694.733081] ? _raw_spin_unlock_irq+0x56/0x80 [ 694.737587] ? oom_evaluate_task+0x540/0x540 [ 694.742040] ? cgroup_procs_next+0x70/0x70 [ 694.746282] ? _raw_spin_unlock_irq+0x56/0x80 [ 694.750786] ? _raw_spin_unlock_irq+0x60/0x80 [ 694.755294] ? oom_badness+0xaa0/0xaa0 [ 694.759189] ? mem_cgroup_scan_tasks+0x1c3/0x1e0 [ 694.763956] ? mem_cgroup_iter_break+0x30/0x30 [ 694.768566] ? mark_held_locks+0xc7/0x130 [ 694.772725] out_of_memory+0xa7f/0x1430 [ 694.776709] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 694.781297] ? kasan_check_read+0x11/0x20 [ 694.785472] ? oom_killer_disable+0x3a0/0x3a0 [ 694.789997] mem_cgroup_out_of_memory+0x15e/0x210 [ 694.794851] ? memory_oom_group_write+0x160/0x160 [ 694.799692] ? mem_cgroup_try_charge+0x627/0xe20 [ 694.804461] ? page_counter_try_charge+0x1c1/0x220 [ 694.809395] try_charge+0xdcd/0x1720 [ 694.813115] ? kasan_check_read+0x11/0x20 [ 694.817280] ? mem_cgroup_from_task+0x1f0/0x1f0 [ 694.821959] ? get_mem_cgroup_from_mm.part.62+0x221/0x880 [ 694.827502] ? lock_page_memcg+0x350/0x350 [ 694.831746] ? lock_acquire+0x268/0x520 [ 694.835725] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 694.841278] ? check_preemption_disabled+0x48/0x280 [ 694.846304] ? kasan_check_read+0x11/0x20 [ 694.850453] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 694.855752] ? rcu_softirq_qs+0x20/0x20 [ 694.859749] mem_cgroup_try_charge+0x627/0xe20 [ 694.864337] ? trace_hardirqs_on_caller+0xc0/0x310 [ 694.869281] ? mem_cgroup_protected+0xa60/0xa60 [ 694.873956] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 694.879502] ? page_mapping+0x5a2/0xa50 [ 694.883494] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 694.888273] ? retint_kernel+0x2d/0x2d [ 694.892181] ? get_vma_policy.part.43+0x4f/0x60 [ 694.896861] ? __sanitizer_cov_trace_pc+0x8/0x50 [ 694.901622] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 694.907167] mem_cgroup_try_charge_delay+0x1d/0xa0 [ 694.912114] wp_page_copy+0x51d/0x24f0 [ 694.916138] ? follow_pfn+0x2e0/0x2e0 [ 694.919959] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 694.925503] ? reuse_swap_page+0x4bd/0x1520 [ 694.929833] ? swp_swapcount+0x530/0x530 [ 694.933909] ? perf_trace_mm_lru_insertion+0x1490/0x1490 [ 694.939368] ? sched_clock_cpu+0x1b/0x1b0 [ 694.943544] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 694.949109] ? print_usage_bug+0xc0/0xc0 [ 694.953195] ? cpu_clock_event_start+0x12c/0x180 [ 694.957962] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 694.963514] ? check_preemption_disabled+0x48/0x280 [ 694.968549] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 694.974098] ? perf_pmu_enable+0xd9/0x120 [ 694.978261] ? graph_lock+0x270/0x270 [ 694.982080] ? __lock_acquire+0x62f/0x4c20 [ 694.986320] ? __perf_event_period+0x5c0/0x5c0 [ 694.990894] ? find_held_lock+0x36/0x1c0 [ 694.994950] ? do_wp_page+0x518/0x2920 [ 694.998822] ? lock_downgrade+0x900/0x900 [ 695.002967] ? wake_up_page_bit+0x6f0/0x6f0 [ 695.007285] ? kasan_check_read+0x11/0x20 [ 695.011418] ? do_raw_spin_unlock+0xa7/0x330 [ 695.015812] ? do_raw_spin_trylock+0x270/0x270 [ 695.020424] ? __pte_alloc_kernel+0x220/0x220 [ 695.024917] ? perf_trace_lock_acquire+0x15b/0x800 [ 695.029845] do_wp_page+0x520/0x2920 [ 695.033557] ? check_preemption_disabled+0x48/0x280 [ 695.038557] ? graph_lock+0x270/0x270 [ 695.042381] ? finish_mkwrite_fault+0x650/0x650 [ 695.047042] ? mark_held_locks+0xc7/0x130 [ 695.051270] ? perf_trace_lock+0x7a0/0x7a0 [ 695.055501] ? trace_hardirqs_on_caller+0xc0/0x310 [ 695.060419] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 695.065944] ? __lock_acquire+0x62f/0x4c20 [ 695.070172] ? mark_held_locks+0x130/0x130 [ 695.074414] ? follow_page_pte+0xdd7/0x1ab0 [ 695.078719] ? lock_downgrade+0x900/0x900 [ 695.082857] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 695.088391] ? check_preemption_disabled+0x48/0x280 [ 695.093440] ? debug_smp_processor_id+0x1c/0x20 [ 695.098116] ? perf_trace_lock_acquire+0x15b/0x800 [ 695.103047] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 695.108598] ? follow_page_pte+0x4f9/0x1ab0 [ 695.112926] ? print_usage_bug+0xc0/0xc0 [ 695.117003] ? mark_held_locks+0xc7/0x130 [ 695.121161] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 695.125934] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 695.130528] ? retint_kernel+0x2d/0x2d [ 695.134424] ? trace_hardirqs_on_caller+0xc0/0x310 [ 695.139368] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 695.144832] ? lock_acquire+0x1ed/0x520 [ 695.148816] ? __handle_mm_fault+0x1fa9/0x5be0 [ 695.153416] ? kasan_check_write+0x14/0x20 [ 695.157658] ? do_raw_spin_lock+0x14f/0x350 [ 695.161977] ? rwlock_bug.part.2+0x90/0x90 [ 695.166205] __handle_mm_fault+0x3be9/0x5be0 [ 695.170606] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 695.175435] ? perf_trace_lock+0x7a0/0x7a0 [ 695.179653] ? retint_kernel+0x2d/0x2d [ 695.183528] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 695.189143] ? pmd_huge+0xf4/0x140 [ 695.192681] ? graph_lock+0x270/0x270 [ 695.196490] ? graph_lock+0x270/0x270 [ 695.200273] ? find_held_lock+0x36/0x1c0 [ 695.204322] ? handle_mm_fault+0x42a/0xc70 [ 695.208538] ? lock_downgrade+0x900/0x900 [ 695.212670] ? check_preemption_disabled+0x48/0x280 [ 695.217674] ? kasan_check_read+0x11/0x20 [ 695.221805] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 695.227065] ? rcu_read_unlock_special+0x370/0x370 [ 695.231982] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 695.237503] ? check_preemption_disabled+0x48/0x280 [ 695.242505] handle_mm_fault+0x54f/0xc70 [ 695.246592] ? __handle_mm_fault+0x5be0/0x5be0 [ 695.251159] ? __get_user_pages+0x2c4/0x1ed0 [ 695.255561] ? __get_user_pages+0x7b2/0x1ed0 [ 695.259976] __get_user_pages+0xa3d/0x1ed0 [ 695.264234] ? follow_page_mask+0x2160/0x2160 [ 695.268718] ? mark_held_locks+0xc7/0x130 [ 695.272857] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 695.277698] ? retint_kernel+0x2d/0x2d [ 695.281575] ? trace_hardirqs_on_caller+0xc0/0x310 [ 695.286491] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 695.291234] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 695.296715] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 695.301464] ? retint_kernel+0x2d/0x2d [ 695.305341] ? populate_vma_page_range+0x29e/0x3d0 [ 695.310255] populate_vma_page_range+0x2db/0x3d0 [ 695.314998] ? follow_page+0x420/0x420 [ 695.318886] ? find_vma+0x34/0x190 [ 695.322412] __mm_populate+0x286/0x4d0 [ 695.326288] ? populate_vma_page_range+0x3d0/0x3d0 [ 695.331204] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 695.336846] ? ns_capable_common+0x13f/0x170 [ 695.341328] __x64_sys_mlockall+0x45b/0x630 [ 695.345635] ? __ia32_sys_munlock+0x160/0x160 [ 695.350113] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 695.355635] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 695.360985] ? trace_hardirqs_off_caller+0x300/0x300 [ 695.366081] do_syscall_64+0x1b9/0x820 [ 695.369949] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 695.375301] ? syscall_return_slowpath+0x5e0/0x5e0 [ 695.380217] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 695.385065] ? trace_hardirqs_on_caller+0x310/0x310 [ 695.390067] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 695.395072] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 695.400595] ? prepare_exit_to_usermode+0x291/0x3b0 [ 695.405600] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 695.410434] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 695.415609] RIP: 0033:0x457569 [ 695.418788] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 695.437668] RSP: 002b:00007f835d885c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097 [ 695.445360] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 0000000000457569 [ 695.452616] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 00:53:50 executing program 1: r0 = add_key$user(&(0x7f0000000040)='user\x00', &(0x7f0000000000)={'syz'}, &(0x7f0000000380)='X', 0x1, 0xfffffffffffffffe) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getsockopt$IP_VS_SO_GET_VERSION(0xffffffffffffffff, 0x0, 0x480, 0x0, 0x0) keyctl$update(0x2, r0, &(0x7f0000000440)="c0ca1cdbaa1aedbbed80dddaa28e15b9449e2e82cca4244c40ffd0fd4e6631c7d3d86e1339de17344340b02dd527f2d8b3ae6c1db3594e657da33c3ec668f143974a65753472df5319a6b83e1e86b8f2666c61a2e700d1c1e0ae1fc52494bd4885a5c64e9007d39fa11313805290dd6342f9775f01a02ec88f6bee22f25a377a9b143abba1264586d2779088006d5f9be82b00f10287031623f73470264cc5897f18f357aad6deb3883da88ae2266664933785a3ce72bb224a441437ea93c21782d4501b9dfbf48a9f3ea14cb792a7876f17297a8c870d7a2d46a36a2cd3e33e21894d91caa64b131dbf5c53066c1ac83ceba29ceab25127e8", 0xf9) r1 = syz_open_dev$swradio(&(0x7f00000000c0)='/dev/swradio#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f0000000340)={0x0, 0x9, 0x1, {0xb, @pix={0x0, 0x1f}}}) mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xfffffffffffffffd, 0x11, r1, 0x0) clone(0x0, &(0x7f0000000080), &(0x7f0000000000), &(0x7f0000915ffc), &(0x7f0000000180)) ioctl$ASHMEM_GET_SIZE(0xffffffffffffffff, 0x7704, 0x0) add_key$user(&(0x7f0000000240)='user\x00', &(0x7f0000000540)={'syz'}, &(0x7f0000000600)="63bbdf5b932bb04481028798fd5fb1bf7183b30984e21c3eb3094d70650ee8624e2bdce1427bd61c8e222dbd67d402b7ccaf0c5dc50030ee14d419fa9c84b0ffd1019f1b2ae022a0f182301f9942566e6f61eabe384c732d0813a18bb3dc9f3a678d9d44e6293e786ab2e6d28f236c138d63fe4f6ece6f3d04", 0x79, 0xfffffffffffffffd) openat$autofs(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/autofs\x00', 0x401, 0x0) 00:53:50 executing program 2: r0 = add_key$user(&(0x7f0000000040)='user\x00', &(0x7f0000000000)={'syz'}, &(0x7f0000000380)='X', 0x1, 0xfffffffffffffffe) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getsockopt$IP_VS_SO_GET_VERSION(0xffffffffffffffff, 0x0, 0x480, 0x0, 0x0) keyctl$update(0x2, r0, &(0x7f0000000440)="c0ca1cdbaa1aedbbed80dddaa28e15b9449e2e82cca4244c40ffd0fd4e6631c7d3d86e1339de17344340b02dd527f2d8b3ae6c1db3594e657da33c3ec668f143974a65753472df5319a6b83e1e86b8f2666c61a2e700d1c1e0ae1fc52494bd4885a5c64e9007d39fa11313805290dd6342f9775f01a02ec88f6bee22f25a377a9b143abba1264586d2779088006d5f9be82b00f10287031623f73470264cc5897f18f357aad6deb3883da88ae2266664933785a3ce72bb224a441437ea93c21782d4501b9dfbf48a9f3ea14cb792a7876f17297a8c870d7a2d46a36a2cd3e33e21894d91caa64b131dbf5c53066c1ac83ceba29ceab25127e8", 0xf9) r1 = syz_open_dev$swradio(&(0x7f00000000c0)='/dev/swradio#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f0000000340)={0x0, 0x9, 0x1, {0xb, @pix={0x0, 0x1f}}}) mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xfffffffffffffffd, 0x11, r1, 0x0) clone(0x0, &(0x7f0000000080), &(0x7f0000000000), &(0x7f0000915ffc), &(0x7f0000000180)) ioctl$ASHMEM_GET_SIZE(0xffffffffffffffff, 0x7704, 0x0) add_key$user(&(0x7f0000000240)='user\x00', &(0x7f0000000540)={'syz'}, &(0x7f0000000600)="63bbdf5b932bb04481028798fd5fb1bf7183b30984e21c3eb3094d70650ee8624e2bdce1427bd61c8e222dbd67d402b7ccaf0c5dc50030ee14d419fa9c84b0ffd1019f1b2ae022a0f182301f9942566e6f61eabe384c732d0813a18bb3dc9f3a678d9d44e6293e786ab2e6d28f236c138d63fe4f6ece6f3d04", 0x79, 0xfffffffffffffffd) openat$autofs(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/autofs\x00', 0x401, 0x0) 00:53:50 executing program 4: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000280)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000480)={{'fd', 0x3d, r0}, 0x2c, {'rootmode'}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) read$FUSE(r0, &(0x7f0000003000), 0x4ea) write$FUSE_INIT(r0, &(0x7f0000000600)={0x50, 0x0, 0x2, {0x7, 0x1c, 0x0, 0x0, 0x7ff}}, 0x50) [ 695.459880] RBP: 000000000072bfa0 R08: 0000000000000000 R09: 0000000000000000 [ 695.467131] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f835d8866d4 [ 695.474390] R13: 00000000004c2b54 R14: 00000000004d4810 R15: 00000000ffffffff [ 695.498853] Task in /syz0 killed as a result of limit of /syz0 [ 695.542523] memory: usage 300984kB, limit 307200kB, failcnt 1234 [ 695.572415] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 695.579499] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 695.595850] Memory cgroup stats for /syz0: cache:144KB rss:287032KB rss_huge:256000KB shmem:28KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:51328KB active_anon:12976KB inactive_file:0KB active_file:0KB unevictable:222824KB [ 695.681236] Memory cgroup out of memory: Kill process 19908 (syz-executor0) score 1219 or sacrifice child [ 695.727283] Killed process 19954 (syz-executor0) total-vm:70468kB, anon-rss:18068kB, file-rss:52260kB, shmem-rss:0kB [ 695.752834] oom_reaper: reaped process 19954 (syz-executor0), now anon-rss:18068kB, file-rss:52252kB, shmem-rss:0kB 00:53:51 executing program 0: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000000)=0x102, 0x4) bind$inet(r0, &(0x7f0000942000)={0x2, 0x4e20, @multicast1}, 0x10) getsockopt$IP_VS_SO_GET_SERVICE(r0, 0x0, 0x483, &(0x7f0000000300), &(0x7f00000000c0)=0xfe18) r1 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000400)='/dev/vga_arbiter\x00', 0x3fc, 0x0) getsockopt$IP6T_SO_GET_REVISION_MATCH(r1, 0x29, 0x44, &(0x7f0000000180)={'NETMAP\x00'}, &(0x7f00000001c0)=0x1e) mlockall(0x1) clone(0x0, 0x0, 0xfffffffffffffffe, &(0x7f0000000080), 0xffffffffffffffff) r2 = open(&(0x7f0000000140)='./file0\x00', 0x0, 0x99) exit(0x7fffffffbffefffd) r3 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mlockall(0x3) ioctl$VHOST_SET_VRING_CALL(r1, 0x4008af21, &(0x7f0000000500)={0x3, r2}) r4 = getpgid(0xffffffffffffffff) setpriority(0x1, r4, 0x5) r5 = getpgrp(0x0) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000280)={0xffffffffffffffff, r1, 0x0, 0xf, &(0x7f0000000240)='wlan0\\}md5sum#\x00'}, 0x30) setpgid(r5, r6) vmsplice(r3, &(0x7f00000008c0)=[{&(0x7f0000000800)="50e005e6815dc6b00b10002c519c66795de0d52fc076f1eb6a9c58cde88a6eef0093b24a178e84740aa6d1618e2033d38d4aea0fb17cda768820a83864ac14405192e4549c3ad33fca5d187507c5a984d6a0c72683e7af2d4a070000000000000005b6d0dce139e4c627395426a1f6fc0b416f7163eb07000000d9e0203181735ccac1e530c361262a0a5e0a98e9ca3d17f2f2f0c116fa9fbdbe757d93e323d17f29", 0xa2}], 0x1, 0xf) ioctl$EVIOCGEFFECTS(r1, 0x80044584, &(0x7f0000000580)=""/190) mq_notify(r1, &(0x7f0000000540)={0x0, 0x1c, 0x7, @thr={&(0x7f0000000440)="4c272be7ad31b92a7819bd4438656080ec27849a76ffa174b3fe114201140a34e5e6cb4d6a3ab9bcdc80a2717dd8542f33caa13b8c9cb9f5d11d4c66dc81779917000c05979ce491010f7259d0ecdb80fb30d6cba6e2b753ac23635fbb3d879cc2982fb4bbe1afcea02f12d11d43e1337c25411ae04bd8efc06636c455e15689c75b95c24f0dbdd30bdf91f2313a3e39b263ff5196302f1880765440d8b1", 0x0}}) accept4$inet(0xffffffffffffffff, &(0x7f00000000c0), &(0x7f0000000100)=0x10, 0x0) setsockopt$sock_int(r0, 0x1, 0x3c, &(0x7f0000d4effc)=0x1, 0x4) remap_file_pages(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x4, 0xa1, 0x40001) connect$inet(r0, &(0x7f00000002c0)={0x2, 0x4e20, @local}, 0x10) ioctl$FS_IOC_FSSETXATTR(r2, 0x401c5820, &(0x7f0000000200)={0x6d, 0x7fff, 0x400, 0x40, 0x4}) sendmmsg(r0, &(0x7f00000010c0)=[{{&(0x7f0000000bc0)=@in6={0xa, 0xffffffffa0008000, 0x0, @mcast1}, 0x80, &(0x7f0000000d40), 0x2fb, &(0x7f0000000d80)}}], 0x4000000000001b4, 0x40400d4) 00:53:51 executing program 3: r0 = syz_open_dev$mice(0x0, 0x0, 0x0) r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000007c0)="2f6a7374617400c65381b47aae8c88e29bad43f1da906e855ff182de042209000000000000000e158e8abd442cc049cffda030ff277875ee0100000000c50ff5e0524a5594f9cad8045f00000000000000000000000000000000000000f532144d1671a6cdf5069e5bddcf25cd7f23956b4a82df900f5eb5763b4fe8cc7172962d2590b2dca2a1308c382541b053194d9027d83eba552e3280857f8f9f63fc90bae959c6e67078bf97e615bfd9409914958aadcfb37973543c60d83526e5c267f7dfa54bd524cc9671dedd665199322bdadee125a35b40b7be0c07301f439a7edfa26fa98277c8078b02e2076291c33787c58b0eabbc39288fc10509409de108f5ca26a8c8e1afb70b2a9569cf8f4cdb6d4e97eb7fdf241dee160e6071618333cc0b0e8bc6a17a0b7d604550fd149ad078ffe54c6392fba29015a3ae73775300d172d2b93a542f", 0x2761, 0x0) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)=ANY=[], &(0x7f00000001c0)='GPL\x00'}, 0x48) ioctl$FITRIM(r2, 0xc0185879, &(0x7f0000000080)={0x70, 0x3, 0x9}) r3 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x2761, 0x0) stat(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x0}) setsockopt$inet_IP_IPSEC_POLICY(r1, 0x0, 0x10, &(0x7f0000000200)={{{@in, @in=@loopback, 0x4e22, 0x7ff, 0x4e23, 0x40, 0x2, 0xa0, 0xa0, 0x3a, 0x0, r4}, {0xd860, 0xffffffffffffff7f, 0x400, 0x1, 0xdb, 0x6, 0x7, 0x4}, {0x7ff, 0xffff, 0x3d95}, 0xb39, 0x6e6bb6, 0x1, 0x1, 0x1, 0x1}, {{@in6=@dev={0xfe, 0x80, [], 0x1d}, 0x4d2, 0xff}, 0xa, @in6=@ipv4={[], [], @rand_addr=0x8}, 0x3507, 0x3, 0x3, 0x1, 0x81, 0x9, 0x266}}, 0xe8) ioctl$PERF_EVENT_IOC_PERIOD(r3, 0x4030582a, &(0x7f0000000000)) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0xffffffffffffff21, &(0x7f0000000840), 0x0, &(0x7f0000000940)=[{0xa0, 0x0, 0xde2a, "be3e74d2518f11029693e7bc3019ecd0fcd75440ed541151e8c2c5ea3d3c28f7c01e25b74e63ec5bd9ab2f36c5378ee9567d66f0573d62eac8a1cf70211009fb91683297d2468503288597ff5d6a6f8bfe2ff37d5df73eca2ec991d38076afa28f7168f84d85d4d85472fb94b0c3746df5a1b35136d95af7d6125b8480e191253ff39fec8fda3c1de20a"}, {0x98, 0x111, 0xa20, "f32ce53b4cfd6da78c23bda7f3e0dcbcfd72dcf57cc8d9b84af653a9a1eb49b3dde8490238d4151a0a05ba107dd5f2ac2f51f7a0737d405d32d9607e59fe76d28e51df1ce8374130837ed3bf0d8d28789d6823154506a26ef12692d11836c79880a557c6f10dc9c6f946e19824dfb0573da55de3f719397ea63a12043c2f3dff2df24cef227246"}, {0xc0, 0x11f, 0x3, "b877fabd2415fbb1e3495695a8f654c05c7959af0425aabd2f46a5296f50462e454125ef213509544bb002f88c01510f1a9e9a5fceb2bf4e11fdd3230df02775109681576ad81432c3223729779493a88a2e0c8688d78c500dac9609f8ae3bd3d15d9355656f7a97e77a65793410c8fcaaf7a06b39edfa1c7230b97e43b8ff67ffec8f99167a70e3423b0514bd7f35b2828623e9a02fc2969d03b934d5267abc0d475fe600a727c623"}, {0x100, 0x29, 0x64, "adcb74f6ca364fd8df4fb91e16b48497a4bf4d61108a8dfc0e625c4996ba6026cb9929103a1ceda8752225d5ca64daf424d7c6f15690db0d954b44b62ff3578784d1f8f7cb514e5d3d8c3137715899086562c359882cabd6aa23e16096941774efe9eaaed745494d33f05b76cd583cef56047c31658253a981fedb046db913777f3238a0e7336c321178d24de76edf87b3df04a810d6e8105f35e7e894354dd0bb5634eeddf259fc61067ee925f01f63c3ebc154f1dd1cb71a01aacd3b03f5669beb72a31c7e79c2e4a39cc62c9e75fd6378b828e603033af5f35b8ed968e5dd1feb53c5553dd0b6d832ec2a5435d7"}, {0xd0, 0x11d, 0x9, "afac34efc03dc50ad05c0e5d52cda2ba19a2465976a1f75a311734bc7f6c7376c609956153a13229568d5366b55959b0f338a6aad9a982721272f102c37f28dfe54839cda05328bd92c90d1c6bc725a53588f2ce5a1323d714b4888f8ec10a05f67fe6c28102cae76ece334e459b4a7431aecbdf0c6f8e4275c85312132c363c0ff237ed4793a9da155c9b8c272738ee09aae95176ac25848f0aa6b3f9f6ea5a741d1a07f6deb3495628738e6588de9f5f8ef372e6b607183734"}], 0x3c8, 0x4000}, 0x0) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) setsockopt$inet_sctp6_SCTP_AUTH_CHUNK(r3, 0x84, 0x15, &(0x7f0000000300)={0x8f6}, 0x1) ioctl$PERF_EVENT_IOC_PERIOD(r1, 0x4030582a, &(0x7f0000000600)=0x10000000000000) syz_open_dev$binder(&(0x7f00000003c0)='/dev/binder#\x00', 0x0, 0x802) setsockopt$inet6_MRT6_DEL_MFC(r0, 0x29, 0xcd, &(0x7f0000000340)={{0xa, 0x4e22, 0x0, @remote, 0x4000}, {0xa, 0x4e20, 0x3f, @local, 0x7}, 0x4, [0x387863c6, 0x9, 0x8, 0x400000, 0x8001, 0x3, 0xffffffffffffffff, 0x2]}, 0x5c) 00:53:51 executing program 4: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000280)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000480)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) read$FUSE(0xffffffffffffffff, &(0x7f0000003000), 0x4ea) write$FUSE_INIT(r0, &(0x7f0000000600)={0x50, 0x0, 0x2, {0x7, 0x1c, 0x0, 0x0, 0x7ff}}, 0x50) 00:53:51 executing program 5: r0 = add_key$user(&(0x7f0000000040)='user\x00', &(0x7f0000000000)={'syz'}, &(0x7f0000000380)='X', 0x1, 0xfffffffffffffffe) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getsockopt$IP_VS_SO_GET_VERSION(0xffffffffffffffff, 0x0, 0x480, 0x0, 0x0) keyctl$update(0x2, r0, &(0x7f0000000440)="c0ca1cdbaa1aedbbed80dddaa28e15b9449e2e82cca4244c40ffd0fd4e6631c7d3d86e1339de17344340b02dd527f2d8b3ae6c1db3594e657da33c3ec668f143974a65753472df5319a6b83e1e86b8f2666c61a2e700d1c1e0ae1fc52494bd4885a5c64e9007d39fa11313805290dd6342f9775f01a02ec88f6bee22f25a377a9b143abba1264586d2779088006d5f9be82b00f10287031623f73470264cc5897f18f357aad6deb3883da88ae2266664933785a3ce72bb224a441437ea93c21782d4501b9dfbf48a9f3ea14cb792a7876f17297a8c870d7a2d46a36a2cd3e33e21894d91caa64b131dbf5c53066c1ac83ceba29ceab25127e8", 0xf9) r1 = syz_open_dev$swradio(&(0x7f00000000c0)='/dev/swradio#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f0000000340)={0x0, 0x9, 0x1, {0xb, @pix={0x0, 0x1f}}}) mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xfffffffffffffffd, 0x11, r1, 0x0) clone(0x0, &(0x7f0000000080), &(0x7f0000000000), &(0x7f0000915ffc), &(0x7f0000000180)) ioctl$ASHMEM_GET_SIZE(0xffffffffffffffff, 0x7704, 0x0) add_key$user(&(0x7f0000000240)='user\x00', &(0x7f0000000540)={'syz'}, &(0x7f0000000600)="63bbdf5b932bb04481028798fd5fb1bf7183b30984e21c3eb3094d70650ee8624e2bdce1427bd61c8e222dbd67d402b7ccaf0c5dc50030ee14d419fa9c84b0ffd1019f1b2ae022a0f182301f9942566e6f61eabe384c732d0813a18bb3dc9f3a678d9d44e6293e786ab2e6d28f236c138d63fe4f6ece6f3d04", 0x79, 0xfffffffffffffffd) openat$autofs(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/autofs\x00', 0x401, 0x0) ioctl$sock_SIOCGPGRP(0xffffffffffffffff, 0x8904, 0x0) 00:53:51 executing program 2: r0 = add_key$user(&(0x7f0000000040)='user\x00', &(0x7f0000000000)={'syz'}, &(0x7f0000000380)='X', 0x1, 0xfffffffffffffffe) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getsockopt$IP_VS_SO_GET_VERSION(0xffffffffffffffff, 0x0, 0x480, 0x0, 0x0) keyctl$update(0x2, r0, &(0x7f0000000440)="c0ca1cdbaa1aedbbed80dddaa28e15b9449e2e82cca4244c40ffd0fd4e6631c7d3d86e1339de17344340b02dd527f2d8b3ae6c1db3594e657da33c3ec668f143974a65753472df5319a6b83e1e86b8f2666c61a2e700d1c1e0ae1fc52494bd4885a5c64e9007d39fa11313805290dd6342f9775f01a02ec88f6bee22f25a377a9b143abba1264586d2779088006d5f9be82b00f10287031623f73470264cc5897f18f357aad6deb3883da88ae2266664933785a3ce72bb224a441437ea93c21782d4501b9dfbf48a9f3ea14cb792a7876f17297a8c870d7a2d46a36a2cd3e33e21894d91caa64b131dbf5c53066c1ac83ceba29ceab25127e8", 0xf9) r1 = syz_open_dev$swradio(&(0x7f00000000c0)='/dev/swradio#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f0000000340)={0x0, 0x9, 0x1, {0xb, @pix={0x0, 0x1f}}}) mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xfffffffffffffffd, 0x11, r1, 0x0) clone(0x0, &(0x7f0000000080), &(0x7f0000000000), &(0x7f0000915ffc), &(0x7f0000000180)) ioctl$ASHMEM_GET_SIZE(0xffffffffffffffff, 0x7704, 0x0) add_key$user(&(0x7f0000000240)='user\x00', &(0x7f0000000540)={'syz'}, &(0x7f0000000600)="63bbdf5b932bb04481028798fd5fb1bf7183b30984e21c3eb3094d70650ee8624e2bdce1427bd61c8e222dbd67d402b7ccaf0c5dc50030ee14d419fa9c84b0ffd1019f1b2ae022a0f182301f9942566e6f61eabe384c732d0813a18bb3dc9f3a678d9d44e6293e786ab2e6d28f236c138d63fe4f6ece6f3d04", 0x79, 0xfffffffffffffffd) openat$autofs(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/autofs\x00', 0x401, 0x0) ioctl$sock_SIOCGPGRP(0xffffffffffffffff, 0x8904, 0x0) 00:53:51 executing program 1: r0 = add_key$user(&(0x7f0000000040)='user\x00', &(0x7f0000000000)={'syz'}, &(0x7f0000000380)='X', 0x1, 0xfffffffffffffffe) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getsockopt$IP_VS_SO_GET_VERSION(0xffffffffffffffff, 0x0, 0x480, 0x0, 0x0) keyctl$update(0x2, r0, &(0x7f0000000440)="c0ca1cdbaa1aedbbed80dddaa28e15b9449e2e82cca4244c40ffd0fd4e6631c7d3d86e1339de17344340b02dd527f2d8b3ae6c1db3594e657da33c3ec668f143974a65753472df5319a6b83e1e86b8f2666c61a2e700d1c1e0ae1fc52494bd4885a5c64e9007d39fa11313805290dd6342f9775f01a02ec88f6bee22f25a377a9b143abba1264586d2779088006d5f9be82b00f10287031623f73470264cc5897f18f357aad6deb3883da88ae2266664933785a3ce72bb224a441437ea93c21782d4501b9dfbf48a9f3ea14cb792a7876f17297a8c870d7a2d46a36a2cd3e33e21894d91caa64b131dbf5c53066c1ac83ceba29ceab25127e8", 0xf9) r1 = syz_open_dev$swradio(&(0x7f00000000c0)='/dev/swradio#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f0000000340)={0x0, 0x9, 0x1, {0xb, @pix={0x0, 0x1f}}}) mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xfffffffffffffffd, 0x11, r1, 0x0) clone(0x0, &(0x7f0000000080), &(0x7f0000000000), &(0x7f0000915ffc), &(0x7f0000000180)) ioctl$ASHMEM_GET_SIZE(0xffffffffffffffff, 0x7704, 0x0) add_key$user(&(0x7f0000000240)='user\x00', &(0x7f0000000540)={'syz'}, &(0x7f0000000600)="63bbdf5b932bb04481028798fd5fb1bf7183b30984e21c3eb3094d70650ee8624e2bdce1427bd61c8e222dbd67d402b7ccaf0c5dc50030ee14d419fa9c84b0ffd1019f1b2ae022a0f182301f9942566e6f61eabe384c732d0813a18bb3dc9f3a678d9d44e6293e786ab2e6d28f236c138d63fe4f6ece6f3d04", 0x79, 0xfffffffffffffffd) openat$autofs(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/autofs\x00', 0x401, 0x0) ioctl$sock_SIOCGPGRP(0xffffffffffffffff, 0x8904, 0x0) getgid() 00:53:51 executing program 3: r0 = syz_open_dev$mice(0x0, 0x0, 0x0) r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000400)="2f6a7374617400c65381b47aaedf2af5c8af3423fc41891bd2a3c56d8c88e29bad43f1da906e855ff182de04227edcbbc2b1df8f180e158e8abd442cc049cffda030ff277875ee010000000000000000000000000000000000000000000000f532144d1671a6cdf5069e5bddcf25cd7f23956b4a82df900f5eb5763b4fe8cc7172962d2590b2dca2a1308c382541b053194d9027d83ee7ba2e3280857f8f9f63fc90bae959c6e67078bf97e615bfd9409914958aadcfb37973543c60d83526e5c267f7dfa54bd524cc9671dedd665199322bdadee125a35b40b7be0c07301f439a7edfa26fa98277c8078b02e2076291c33787c58b0eabbc39288fc10509409de108f5ca26a8c8e1afb70b2a9569cf8f4cdb6d4e97eb7fdf241dee160e6071618333cc0b0e8bc6a17a0b7d604550fd149ad078ffe54c6392fba29015a3ae73774cd12c9c0ed251a7cf843d712d", 0x2761, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)=ANY=[], &(0x7f00000001c0)='GPL\x00'}, 0x48) openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x2761, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x4030582a, &(0x7f00000000c0)) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000840), 0x0, &(0x7f0000000700)}, 0x0) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r1, 0x4030582a, &(0x7f0000000000)) 00:53:51 executing program 4: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000280)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000480)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) read$FUSE(r0, 0x0, 0x0) write$FUSE_INIT(r0, &(0x7f0000000600)={0x50, 0x0, 0x2, {0x7, 0x1c, 0x0, 0x0, 0x7ff}}, 0x50) 00:53:51 executing program 2: r0 = add_key$user(&(0x7f0000000040)='user\x00', &(0x7f0000000000)={'syz'}, &(0x7f0000000380)='X', 0x1, 0xfffffffffffffffe) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getsockopt$IP_VS_SO_GET_VERSION(0xffffffffffffffff, 0x0, 0x480, 0x0, 0x0) keyctl$update(0x2, r0, &(0x7f0000000440)="c0ca1cdbaa1aedbbed80dddaa28e15b9449e2e82cca4244c40ffd0fd4e6631c7d3d86e1339de17344340b02dd527f2d8b3ae6c1db3594e657da33c3ec668f143974a65753472df5319a6b83e1e86b8f2666c61a2e700d1c1e0ae1fc52494bd4885a5c64e9007d39fa11313805290dd6342f9775f01a02ec88f6bee22f25a377a9b143abba1264586d2779088006d5f9be82b00f10287031623f73470264cc5897f18f357aad6deb3883da88ae2266664933785a3ce72bb224a441437ea93c21782d4501b9dfbf48a9f3ea14cb792a7876f17297a8c870d7a2d46a36a2cd3e33e21894d91caa64b131dbf5c53066c1ac83ceba29ceab25127e8", 0xf9) r1 = syz_open_dev$swradio(&(0x7f00000000c0)='/dev/swradio#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f0000000340)={0x0, 0x9, 0x1, {0xb, @pix={0x0, 0x1f}}}) mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xfffffffffffffffd, 0x11, r1, 0x0) clone(0x0, &(0x7f0000000080), &(0x7f0000000000), &(0x7f0000915ffc), &(0x7f0000000180)) ioctl$ASHMEM_GET_SIZE(0xffffffffffffffff, 0x7704, 0x0) add_key$user(&(0x7f0000000240)='user\x00', &(0x7f0000000540)={'syz'}, &(0x7f0000000600)="63bbdf5b932bb04481028798fd5fb1bf7183b30984e21c3eb3094d70650ee8624e2bdce1427bd61c8e222dbd67d402b7ccaf0c5dc50030ee14d419fa9c84b0ffd1019f1b2ae022a0f182301f9942566e6f61eabe384c732d0813a18bb3dc9f3a678d9d44e6293e786ab2e6d28f236c138d63fe4f6ece6f3d04", 0x79, 0xfffffffffffffffd) openat$autofs(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/autofs\x00', 0x401, 0x0) ioctl$sock_SIOCGPGRP(0xffffffffffffffff, 0x8904, 0x0) 00:53:51 executing program 3: syz_open_dev$mice(0x0, 0x0, 0x0) r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000400)="2f6a7374617400c65381b47aaedf2af5c8af3423fc41891bd2a3c56d8c88e29bad43f1da906e855ff182de04227edcbbc2b1df8f180e158e8abd442cc049cffda030ff277875ee010000000000000000000000000000000000000000000000f532144d1671a6cdf5069e5bddcf25cd7f23956b4a82df900f5eb5763b4fe8cc7172962d2590b2dca2a1308c382541b053194d9027d83ee7ba2e3280857f8f9f63fc90bae959c6e67078bf97e615bfd9409914958aadcfb37973543c60d83526e5c267f7dfa54bd524cc9671dedd665199322bdadee125a35b40b7be0c07301f439a7edfa26fa98277c8078b02e2076291c33787c58b0eabbc39288fc10509409de108f5ca26a8c8e1afb70b2a9569cf8f4cdb6d4e97eb7fdf241dee160e6071618333cc0b0e8bc6a17a0b7d604550fd149ad078ffe54c6392fba29015a3ae73774cd12c9c0ed251a7cf843d712d", 0x2761, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)=ANY=[], &(0x7f00000001c0)='GPL\x00'}, 0x48) r1 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x2761, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r1, 0x4030582a, &(0x7f0000000000)) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000840), 0x0, &(0x7f0000000700)}, 0x0) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000, 0x0, 0xc42, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x4030582a, &(0x7f0000000000)) 00:53:51 executing program 1: r0 = add_key$user(&(0x7f0000000040)='user\x00', &(0x7f0000000000)={'syz'}, &(0x7f0000000380)='X', 0x1, 0xfffffffffffffffe) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getsockopt$IP_VS_SO_GET_VERSION(0xffffffffffffffff, 0x0, 0x480, 0x0, 0x0) keyctl$update(0x2, r0, &(0x7f0000000440)="c0ca1cdbaa1aedbbed80dddaa28e15b9449e2e82cca4244c40ffd0fd4e6631c7d3d86e1339de17344340b02dd527f2d8b3ae6c1db3594e657da33c3ec668f143974a65753472df5319a6b83e1e86b8f2666c61a2e700d1c1e0ae1fc52494bd4885a5c64e9007d39fa11313805290dd6342f9775f01a02ec88f6bee22f25a377a9b143abba1264586d2779088006d5f9be82b00f10287031623f73470264cc5897f18f357aad6deb3883da88ae2266664933785a3ce72bb224a441437ea93c21782d4501b9dfbf48a9f3ea14cb792a7876f17297a8c870d7a2d46a36a2cd3e33e21894d91caa64b131dbf5c53066c1ac83ceba29ceab25127e8", 0xf9) r1 = syz_open_dev$swradio(&(0x7f00000000c0)='/dev/swradio#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f0000000340)={0x0, 0x9, 0x1, {0xb, @pix={0x0, 0x1f}}}) mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xfffffffffffffffd, 0x11, r1, 0x0) clone(0x0, &(0x7f0000000080), &(0x7f0000000000), &(0x7f0000915ffc), &(0x7f0000000180)) ioctl$ASHMEM_GET_SIZE(0xffffffffffffffff, 0x7704, 0x0) add_key$user(&(0x7f0000000240)='user\x00', &(0x7f0000000540)={'syz'}, &(0x7f0000000600)="63bbdf5b932bb04481028798fd5fb1bf7183b30984e21c3eb3094d70650ee8624e2bdce1427bd61c8e222dbd67d402b7ccaf0c5dc50030ee14d419fa9c84b0ffd1019f1b2ae022a0f182301f9942566e6f61eabe384c732d0813a18bb3dc9f3a678d9d44e6293e786ab2e6d28f236c138d63fe4f6ece6f3d04", 0x79, 0xfffffffffffffffd) openat$autofs(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/autofs\x00', 0x401, 0x0) ioctl$sock_SIOCGPGRP(0xffffffffffffffff, 0x8904, 0x0) 00:53:51 executing program 5: r0 = add_key$user(&(0x7f0000000040)='user\x00', &(0x7f0000000000)={'syz'}, &(0x7f0000000380)='X', 0x1, 0xfffffffffffffffe) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getsockopt$IP_VS_SO_GET_VERSION(0xffffffffffffffff, 0x0, 0x480, 0x0, 0x0) keyctl$update(0x2, r0, &(0x7f0000000440)="c0ca1cdbaa1aedbbed80dddaa28e15b9449e2e82cca4244c40ffd0fd4e6631c7d3d86e1339de17344340b02dd527f2d8b3ae6c1db3594e657da33c3ec668f143974a65753472df5319a6b83e1e86b8f2666c61a2e700d1c1e0ae1fc52494bd4885a5c64e9007d39fa11313805290dd6342f9775f01a02ec88f6bee22f25a377a9b143abba1264586d2779088006d5f9be82b00f10287031623f73470264cc5897f18f357aad6deb3883da88ae2266664933785a3ce72bb224a441437ea93c21782d4501b9dfbf48a9f3ea14cb792a7876f17297a8c870d7a2d46a36a2cd3e33e21894d91caa64b131dbf5c53066c1ac83ceba29ceab25127e8", 0xf9) r1 = syz_open_dev$swradio(&(0x7f00000000c0)='/dev/swradio#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f0000000340)={0x0, 0x9, 0x1, {0xb, @pix={0x0, 0x1f}}}) mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xfffffffffffffffd, 0x11, r1, 0x0) clone(0x0, &(0x7f0000000080), &(0x7f0000000000), &(0x7f0000915ffc), &(0x7f0000000180)) ioctl$ASHMEM_GET_SIZE(0xffffffffffffffff, 0x7704, 0x0) add_key$user(&(0x7f0000000240)='user\x00', &(0x7f0000000540)={'syz'}, &(0x7f0000000600)="63bbdf5b932bb04481028798fd5fb1bf7183b30984e21c3eb3094d70650ee8624e2bdce1427bd61c8e222dbd67d402b7ccaf0c5dc50030ee14d419fa9c84b0ffd1019f1b2ae022a0f182301f9942566e6f61eabe384c732d0813a18bb3dc9f3a678d9d44e6293e786ab2e6d28f236c138d63fe4f6ece6f3d04", 0x79, 0xfffffffffffffffd) openat$autofs(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/autofs\x00', 0x401, 0x0) ioctl$sock_SIOCGPGRP(0xffffffffffffffff, 0x8904, 0x0) [ 697.636471] syz-executor0 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=1000 [ 697.648055] syz-executor0 cpuset=syz0 mems_allowed=0 [ 697.653802] CPU: 1 PID: 20007 Comm: syz-executor0 Not tainted 4.20.0-rc1-next-20181109+ #110 [ 697.662379] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 697.671715] Call Trace: [ 697.674306] dump_stack+0x244/0x39d [ 697.677919] ? dump_stack_print_info.cold.1+0x20/0x20 [ 697.683138] ? mark_held_locks+0x130/0x130 [ 697.687376] ? mark_held_locks+0x130/0x130 [ 697.691615] dump_header+0x27b/0xf72 [ 697.695318] ? print_usage_bug+0xc0/0xc0 [ 697.699364] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 697.704886] ? pagefault_out_of_memory+0x197/0x197 [ 697.709805] ? debug_smp_processor_id+0x1c/0x20 [ 697.714456] ? perf_trace_lock_acquire+0x15b/0x800 [ 697.719393] ? perf_trace_lock+0x7a0/0x7a0 [ 697.723612] ? mark_held_locks+0xc7/0x130 [ 697.727743] ? print_usage_bug+0xc0/0xc0 [ 697.731795] ? graph_lock+0x270/0x270 [ 697.735590] ? print_usage_bug+0xc0/0xc0 [ 697.739630] ? mark_held_locks+0xc7/0x130 [ 697.743779] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 697.748529] ? mark_held_locks+0xc7/0x130 [ 697.752665] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 697.757408] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 697.761979] ? retint_kernel+0x2d/0x2d [ 697.765850] ? trace_hardirqs_on_caller+0xc0/0x310 [ 697.770764] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 697.775505] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 697.780979] ? trace_hardirqs_on+0xbd/0x310 [ 697.785296] ? kasan_check_read+0x11/0x20 [ 697.789428] ? ___ratelimit+0x3b4/0x672 [ 697.793387] ? trace_hardirqs_off_caller+0x300/0x300 [ 697.798490] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 697.803231] ? retint_kernel+0x2d/0x2d [ 697.807109] ? oom_kill_process+0x254/0x270 [ 697.811414] oom_kill_process.cold.27+0x10/0x903 [ 697.816161] ? _raw_spin_unlock_irq+0x56/0x80 [ 697.820749] ? oom_evaluate_task+0x540/0x540 [ 697.825164] ? cgroup_procs_next+0x70/0x70 [ 697.829390] ? _raw_spin_unlock_irq+0x60/0x80 [ 697.833872] ? oom_badness+0xaa0/0xaa0 [ 697.837743] ? mem_cgroup_scan_tasks+0x1c3/0x1e0 [ 697.842483] ? mem_cgroup_iter_break+0x30/0x30 [ 697.847049] ? trace_hardirqs_on_caller+0xc0/0x310 [ 697.851998] out_of_memory+0xa7f/0x1430 [ 697.855978] ? retint_kernel+0x2d/0x2d [ 697.859849] ? oom_killer_disable+0x3a0/0x3a0 [ 697.864330] ? _raw_spin_unlock_irqrestore+0xaf/0xd0 [ 697.869808] mem_cgroup_out_of_memory+0x15e/0x210 [ 697.874639] ? memory_oom_group_write+0x160/0x160 [ 697.879462] ? mem_cgroup_try_charge+0x627/0xe20 [ 697.884231] ? page_counter_try_charge+0x1c1/0x220 [ 697.889144] try_charge+0xdcd/0x1720 [ 697.892851] ? kasan_check_read+0x11/0x20 [ 697.896997] ? mem_cgroup_from_task+0x1f0/0x1f0 [ 697.901657] ? get_mem_cgroup_from_mm.part.62+0x221/0x880 [ 697.907179] ? lock_page_memcg+0x350/0x350 [ 697.911407] ? lock_acquire+0x1ed/0x520 [ 697.915367] ? mem_cgroup_oom_control_write+0x100/0x100 [ 697.920715] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 697.926232] ? check_preemption_disabled+0x48/0x280 [ 697.931319] ? kasan_check_read+0x11/0x20 [ 697.935492] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 697.940757] ? rcu_softirq_qs+0x20/0x20 [ 697.944743] mem_cgroup_try_charge+0x627/0xe20 [ 697.949318] ? mem_cgroup_protected+0xa60/0xa60 [ 697.953975] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 697.959511] ? page_mapping+0x5a2/0xa50 [ 697.963517] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 697.968269] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 697.972839] ? retint_kernel+0x2d/0x2d [ 697.976709] ? trace_hardirqs_on_caller+0xc0/0x310 [ 697.981631] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 697.987155] mem_cgroup_try_charge_delay+0x1d/0xa0 [ 697.992183] wp_page_copy+0x51d/0x24f0 [ 697.996062] ? retint_kernel+0x2d/0x2d [ 697.999965] ? follow_pfn+0x2e0/0x2e0 [ 698.003765] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 698.009300] ? reuse_swap_page+0x4bd/0x1520 [ 698.013623] ? swp_swapcount+0x530/0x530 [ 698.017704] ? perf_trace_mm_lru_insertion+0x1490/0x1490 [ 698.023179] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 698.027924] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 698.033476] ? print_usage_bug+0xc0/0xc0 [ 698.037538] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 698.042107] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 698.046849] ? graph_lock+0x270/0x270 [ 698.050635] ? __lock_acquire+0x62f/0x4c20 [ 698.054867] ? mark_page_accessed+0x57c/0x2040 [ 698.059434] ? mark_page_accessed+0x58a/0x2040 [ 698.064012] ? __sanitizer_cov_trace_pc+0x2b/0x50 [ 698.068852] ? find_held_lock+0x36/0x1c0 [ 698.072920] ? do_wp_page+0x518/0x2920 [ 698.076798] ? lock_downgrade+0x900/0x900 [ 698.080930] ? wake_up_page_bit+0x6f0/0x6f0 [ 698.085247] ? kasan_check_read+0x11/0x20 [ 698.089386] ? do_raw_spin_unlock+0xa7/0x330 [ 698.093794] ? do_raw_spin_trylock+0x270/0x270 [ 698.098375] ? __pte_alloc_kernel+0x220/0x220 [ 698.102861] ? perf_trace_lock_acquire+0x15b/0x800 [ 698.107778] do_wp_page+0x520/0x2920 [ 698.111493] ? check_preemption_disabled+0x48/0x280 [ 698.116501] ? finish_mkwrite_fault+0x650/0x650 [ 698.121155] ? mark_held_locks+0xc7/0x130 [ 698.125292] ? perf_trace_lock+0x7a0/0x7a0 [ 698.129515] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 698.135050] ? __lock_acquire+0x62f/0x4c20 [ 698.139269] ? retint_kernel+0x2d/0x2d [ 698.143149] ? trace_hardirqs_on_caller+0xc0/0x310 [ 698.148083] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 698.152831] ? mark_held_locks+0x130/0x130 [ 698.157054] ? follow_page_pte+0xdd7/0x1ab0 [ 698.161359] ? lock_downgrade+0x900/0x900 [ 698.165496] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 698.171018] ? check_preemption_disabled+0x48/0x280 [ 698.176023] ? debug_smp_processor_id+0x1c/0x20 [ 698.180675] ? perf_trace_lock_acquire+0x15b/0x800 [ 698.185590] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 698.191118] ? follow_page_pte+0x4f9/0x1ab0 [ 698.195423] ? print_usage_bug+0xc0/0xc0 [ 698.199476] ? undo_dev_pagemap+0x680/0x680 [ 698.203788] ? print_usage_bug+0xc0/0xc0 [ 698.207832] ? print_usage_bug+0xc0/0xc0 [ 698.211907] ? retint_kernel+0x2d/0x2d [ 698.215803] ? __lock_acquire+0x62f/0x4c20 [ 698.220024] ? lock_acquire+0x1ed/0x520 [ 698.223980] ? __handle_mm_fault+0x1fa9/0x5be0 [ 698.228556] ? kasan_check_write+0x14/0x20 [ 698.232775] ? do_raw_spin_lock+0x14f/0x350 [ 698.237092] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 698.241834] ? rwlock_bug.part.2+0x90/0x90 [ 698.246057] ? retint_kernel+0x2d/0x2d [ 698.249938] ? trace_hardirqs_on_caller+0xc0/0x310 [ 698.254852] ? trace_hardirqs_on_caller+0xc0/0x310 [ 698.259768] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 698.264514] __handle_mm_fault+0x3be9/0x5be0 [ 698.269142] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 698.274059] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 698.278808] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 698.283404] ? retint_kernel+0x2d/0x2d [ 698.287308] ? trace_hardirqs_on_caller+0xc0/0x310 [ 698.292232] ? pmd_huge+0xf4/0x140 [ 698.295760] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 698.300509] ? graph_lock+0x270/0x270 [ 698.304316] ? graph_lock+0x270/0x270 [ 698.308134] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 698.312991] ? find_held_lock+0x36/0x1c0 [ 698.317049] ? handle_mm_fault+0x42a/0xc70 [ 698.321272] ? lock_downgrade+0x900/0x900 [ 698.325423] ? check_preemption_disabled+0x48/0x280 [ 698.330428] ? kasan_check_read+0x11/0x20 [ 698.334567] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 698.339834] ? rcu_read_unlock_special+0x370/0x370 [ 698.345117] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 698.350640] ? check_preemption_disabled+0x48/0x280 [ 698.355646] handle_mm_fault+0x54f/0xc70 [ 698.359695] ? __handle_mm_fault+0x5be0/0x5be0 [ 698.364263] ? write_comp_data+0xd/0x70 [ 698.368242] __get_user_pages+0xa3d/0x1ed0 [ 698.372475] ? follow_page_mask+0x2160/0x2160 [ 698.376958] ? mark_held_locks+0xc7/0x130 [ 698.381097] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 698.385845] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 698.390412] ? retint_kernel+0x2d/0x2d [ 698.394291] ? trace_hardirqs_on_caller+0xc0/0x310 [ 698.399204] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 698.403954] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 698.409391] ? mark_held_locks+0xc7/0x130 [ 698.413529] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 698.418274] ? retint_kernel+0x2d/0x2d [ 698.422157] ? populate_vma_page_range+0x29e/0x3d0 [ 698.427069] ? populate_vma_page_range+0x314/0x3d0 [ 698.431989] populate_vma_page_range+0x2db/0x3d0 [ 698.436732] ? follow_page+0x420/0x420 [ 698.440629] ? __mm_populate+0x2d2/0x4d0 [ 698.444684] __mm_populate+0x286/0x4d0 [ 698.448559] ? populate_vma_page_range+0x3d0/0x3d0 [ 698.453478] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 698.458998] ? ns_capable_common+0x13f/0x170 [ 698.463397] __x64_sys_mlockall+0x45b/0x630 [ 698.467705] ? __ia32_sys_munlock+0x160/0x160 [ 698.472186] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 698.477708] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 698.483058] ? trace_hardirqs_off_caller+0x300/0x300 [ 698.488153] do_syscall_64+0x1b9/0x820 [ 698.492023] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 698.497370] ? syscall_return_slowpath+0x5e0/0x5e0 [ 698.502285] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 698.507112] ? trace_hardirqs_on_caller+0x310/0x310 [ 698.512127] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 698.517127] ? prepare_exit_to_usermode+0x291/0x3b0 [ 698.522132] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 698.526980] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 698.532155] RIP: 0033:0x457569 [ 698.535365] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 698.554460] RSP: 002b:00007f835d885c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097 [ 698.562151] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 0000000000457569 [ 698.569606] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 698.576857] RBP: 000000000072bfa0 R08: 0000000000000000 R09: 0000000000000000 [ 698.584109] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f835d8866d4 [ 698.591364] R13: 00000000004c2b54 R14: 00000000004d4810 R15: 00000000ffffffff [ 698.601949] Task in /syz0 killed as a result of limit of /syz0 [ 698.608365] memory: usage 307200kB, limit 307200kB, failcnt 1257 [ 698.614710] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 698.621613] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 698.628036] Memory cgroup stats for /syz0: cache:144KB rss:296568KB rss_huge:266240KB shmem:28KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:52756KB active_anon:12984KB inactive_file:0KB active_file:0KB unevictable:231040KB [ 698.650024] Memory cgroup out of memory: Kill process 19979 (syz-executor0) score 1219 or sacrifice child [ 698.660371] Killed process 20013 (syz-executor0) total-vm:70468kB, anon-rss:18068kB, file-rss:32768kB, shmem-rss:0kB [ 698.675581] oom_reaper: reaped process 20013 (syz-executor0), now anon-rss:0kB, file-rss:32768kB, shmem-rss:0kB [ 699.339458] syz-executor0 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=1000 [ 699.351133] syz-executor0 cpuset=syz0 mems_allowed=0 [ 699.356448] CPU: 1 PID: 20007 Comm: syz-executor0 Not tainted 4.20.0-rc1-next-20181109+ #110 [ 699.365006] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 699.374579] Call Trace: [ 699.377164] dump_stack+0x244/0x39d [ 699.380821] ? dump_stack_print_info.cold.1+0x20/0x20 [ 699.386030] ? mark_held_locks+0x130/0x130 [ 699.390249] ? mark_held_locks+0x130/0x130 [ 699.394482] dump_header+0x27b/0xf72 [ 699.398189] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 699.403711] ? pagefault_out_of_memory+0x197/0x197 [ 699.408645] ? print_usage_bug+0xc0/0xc0 [ 699.412700] ? debug_smp_processor_id+0x1c/0x20 [ 699.417358] ? perf_trace_lock_acquire+0x15b/0x800 [ 699.422282] ? perf_trace_lock+0x7a0/0x7a0 [ 699.426528] ? mark_held_locks+0xc7/0x130 [ 699.430675] ? print_usage_bug+0xc0/0xc0 [ 699.434722] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 699.439463] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 699.444032] ? retint_kernel+0x2d/0x2d [ 699.447906] ? trace_hardirqs_on_caller+0xc0/0x310 [ 699.452824] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 699.457573] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 699.463029] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 699.467777] ? retint_kernel+0x2d/0x2d [ 699.471660] ? _raw_spin_unlock_irqrestore+0xaf/0xd0 [ 699.476752] ? _raw_spin_unlock_irqrestore+0x6d/0xd0 [ 699.481860] ? ___ratelimit+0x3b9/0x672 [ 699.485817] ? idr_get_free+0xf70/0xf70 [ 699.489781] ? _raw_spin_unlock_irq+0x27/0x80 [ 699.494262] ? _raw_spin_unlock_irq+0x27/0x80 [ 699.498749] oom_kill_process.cold.27+0x10/0x903 [ 699.503497] ? oom_evaluate_task+0x540/0x540 [ 699.507895] ? cgroup_procs_next+0x70/0x70 [ 699.512116] ? _raw_spin_unlock_irq+0x56/0x80 [ 699.516592] ? _raw_spin_unlock_irq+0x60/0x80 [ 699.521068] ? oom_badness+0xaa0/0xaa0 [ 699.524940] ? mem_cgroup_scan_tasks+0x1c3/0x1e0 [ 699.529681] ? mem_cgroup_iter_break+0x30/0x30 [ 699.534253] ? out_of_memory+0xbb6/0x1430 [ 699.538384] ? mem_cgroup_get_max+0x7b/0x240 [ 699.542781] out_of_memory+0xa7f/0x1430 [ 699.546743] ? retint_kernel+0x2d/0x2d [ 699.550613] ? oom_killer_disable+0x3a0/0x3a0 [ 699.555095] ? _raw_spin_unlock_irqrestore+0xaf/0xd0 [ 699.560210] mem_cgroup_out_of_memory+0x15e/0x210 [ 699.565051] ? memory_oom_group_write+0x160/0x160 [ 699.569881] ? mem_cgroup_try_charge+0x627/0xe20 [ 699.574627] ? page_counter_try_charge+0x1c1/0x220 [ 699.579541] try_charge+0xdcd/0x1720 [ 699.583240] ? kasan_check_read+0x11/0x20 [ 699.587467] ? mem_cgroup_from_task+0x1f0/0x1f0 [ 699.592131] ? get_mem_cgroup_from_mm.part.62+0x221/0x880 [ 699.597682] ? lock_page_memcg+0x350/0x350 [ 699.601917] ? lock_acquire+0x1ed/0x520 [ 699.605904] ? mem_cgroup_oom_control_write+0x100/0x100 [ 699.611256] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 699.616799] ? check_preemption_disabled+0x48/0x280 [ 699.621811] ? kasan_check_read+0x11/0x20 [ 699.625951] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 699.631210] ? rcu_softirq_qs+0x20/0x20 [ 699.635177] mem_cgroup_try_charge+0x627/0xe20 [ 699.639745] ? mark_held_locks+0xc7/0x130 [ 699.643880] ? mem_cgroup_protected+0xa60/0xa60 [ 699.648550] ? retint_kernel+0x2d/0x2d [ 699.652431] ? trace_hardirqs_on_caller+0xc0/0x310 [ 699.657364] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 699.662121] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 699.667586] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 699.672332] ? retint_kernel+0x2d/0x2d [ 699.676214] mem_cgroup_try_charge_delay+0x1d/0xa0 [ 699.681128] wp_page_copy+0x51d/0x24f0 [ 699.685033] ? follow_pfn+0x2e0/0x2e0 [ 699.688829] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 699.694350] ? reuse_swap_page+0x4bd/0x1520 [ 699.698767] ? swp_swapcount+0x530/0x530 [ 699.702827] ? perf_trace_mm_lru_insertion+0x1490/0x1490 [ 699.708283] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 699.713027] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 699.718465] ? print_usage_bug+0xc0/0xc0 [ 699.722527] ? retint_kernel+0x2d/0x2d [ 699.726408] ? trace_hardirqs_on_caller+0xc0/0x310 [ 699.731347] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 699.736106] ? graph_lock+0x270/0x270 [ 699.739891] ? __lock_acquire+0x62f/0x4c20 [ 699.744114] ? mark_page_accessed+0xf97/0x2040 [ 699.748685] ? __sanitizer_cov_trace_pc+0x3b/0x50 [ 699.753514] ? find_held_lock+0x36/0x1c0 [ 699.757561] ? do_wp_page+0x518/0x2920 [ 699.761433] ? lock_downgrade+0x900/0x900 [ 699.765574] ? wake_up_page_bit+0x6f0/0x6f0 [ 699.769891] ? kasan_check_read+0x11/0x20 [ 699.774021] ? do_raw_spin_unlock+0xa7/0x330 [ 699.778411] ? do_raw_spin_trylock+0x270/0x270 [ 699.782976] ? __pte_alloc_kernel+0x220/0x220 [ 699.787454] ? perf_trace_lock_acquire+0x15b/0x800 [ 699.792376] do_wp_page+0x520/0x2920 [ 699.796083] ? check_preemption_disabled+0x48/0x280 [ 699.801080] ? print_usage_bug+0xc0/0xc0 [ 699.805148] ? finish_mkwrite_fault+0x650/0x650 [ 699.809810] ? mark_held_locks+0xc7/0x130 [ 699.813948] ? perf_trace_lock+0x7a0/0x7a0 [ 699.818193] ? __lock_acquire+0x62f/0x4c20 [ 699.822433] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 699.827022] ? retint_kernel+0x2d/0x2d [ 699.830919] ? trace_hardirqs_on_caller+0xc0/0x310 [ 699.835840] ? mark_held_locks+0x130/0x130 [ 699.840063] ? follow_page_pte+0xdd7/0x1ab0 [ 699.844371] ? lock_downgrade+0x900/0x900 [ 699.848515] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 699.854035] ? check_preemption_disabled+0x48/0x280 [ 699.859038] ? debug_smp_processor_id+0x1c/0x20 [ 699.863817] ? perf_trace_lock_acquire+0x15b/0x800 [ 699.868748] ? preempt_count_add+0xe6/0x1b0 [ 699.873080] ? follow_page_pte+0x4f9/0x1ab0 [ 699.877392] ? print_usage_bug+0xc0/0xc0 [ 699.881444] ? undo_dev_pagemap+0x680/0x680 [ 699.885752] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 699.890498] ? print_usage_bug+0xc0/0xc0 [ 699.894557] ? print_usage_bug+0xc0/0xc0 [ 699.898607] ? __lock_acquire+0x62f/0x4c20 [ 699.902828] ? lock_acquire+0x1ed/0x520 [ 699.906801] ? __handle_mm_fault+0x1fa9/0x5be0 [ 699.911374] ? kasan_check_write+0x14/0x20 [ 699.915603] ? do_raw_spin_lock+0x14f/0x350 [ 699.919911] ? rwlock_bug.part.2+0x90/0x90 [ 699.924129] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 699.928696] ? retint_kernel+0x2d/0x2d [ 699.932567] ? trace_hardirqs_on_caller+0xc0/0x310 [ 699.937485] __handle_mm_fault+0x3be9/0x5be0 [ 699.941877] ? print_usage_bug+0xc0/0xc0 [ 699.945926] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 699.950782] ? perf_trace_lock+0x7a0/0x7a0 [ 699.955015] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 699.960546] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 699.965117] ? retint_kernel+0x2d/0x2d [ 699.969008] ? trace_hardirqs_on_caller+0xc0/0x310 [ 699.973924] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 699.978664] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 699.984101] ? find_held_lock+0x36/0x1c0 [ 699.988186] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 699.992932] ? retint_kernel+0x2d/0x2d [ 699.996817] ? handle_mm_fault+0x4ce/0xc70 [ 700.001048] handle_mm_fault+0x54f/0xc70 [ 700.005101] ? __handle_mm_fault+0x5be0/0x5be0 [ 700.009672] ? __get_user_pages+0x298/0x1ed0 [ 700.014088] __get_user_pages+0xa3d/0x1ed0 [ 700.018325] ? rwsem_down_read_failed+0x342/0x710 [ 700.023286] ? follow_page_mask+0x2160/0x2160 [ 700.027803] ? mark_held_locks+0xc7/0x130 [ 700.031963] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 700.036737] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 700.041308] ? retint_kernel+0x2d/0x2d [ 700.045180] ? trace_hardirqs_on_caller+0xc0/0x310 [ 700.050093] ? retint_kernel+0x2d/0x2d [ 700.053969] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 700.058710] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 700.064144] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 700.068886] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 700.074328] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 700.079077] ? retint_kernel+0x2d/0x2d [ 700.082959] ? populate_vma_page_range+0x17a/0x3d0 [ 700.087882] populate_vma_page_range+0x2db/0x3d0 [ 700.092628] ? follow_page+0x420/0x420 [ 700.096505] ? find_vma+0x34/0x190 [ 700.100045] __mm_populate+0x286/0x4d0 [ 700.103925] ? populate_vma_page_range+0x3d0/0x3d0 [ 700.108854] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 700.114393] ? ns_capable_common+0x13f/0x170 [ 700.118810] __x64_sys_mlockall+0x45b/0x630 [ 700.123137] ? __ia32_sys_munlock+0x160/0x160 [ 700.127628] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 700.133068] ? trace_hardirqs_off_caller+0x300/0x300 [ 700.138164] do_syscall_64+0x1b9/0x820 [ 700.142045] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 700.147394] ? syscall_return_slowpath+0x5e0/0x5e0 [ 700.152305] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 700.157135] ? trace_hardirqs_on_caller+0x310/0x310 [ 700.162134] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 700.167134] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 700.172652] ? prepare_exit_to_usermode+0x291/0x3b0 [ 700.177652] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 700.182491] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 700.187660] RIP: 0033:0x457569 [ 700.190842] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 700.209727] RSP: 002b:00007f835d885c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097 [ 700.217503] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 0000000000457569 [ 700.224753] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 700.232014] RBP: 000000000072bfa0 R08: 0000000000000000 R09: 0000000000000000 [ 700.239353] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f835d8866d4 [ 700.246603] R13: 00000000004c2b54 R14: 00000000004d4810 R15: 00000000ffffffff [ 700.256461] Task in /syz0 killed as a result of limit of /syz0 [ 700.262745] memory: usage 299376kB, limit 307200kB, failcnt 1315 [ 700.268944] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 700.275878] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 700.282891] Memory cgroup stats for /syz0: cache:144KB rss:289096KB rss_huge:258048KB shmem:28KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:51328KB active_anon:15024KB inactive_file:0KB active_file:0KB unevictable:222804KB [ 700.304885] Memory cgroup out of memory: Kill process 19979 (syz-executor0) score 1220 or sacrifice child [ 700.315060] Killed process 20007 (syz-executor0) total-vm:70864kB, anon-rss:18460kB, file-rss:52260kB, shmem-rss:0kB [ 700.327896] oom_reaper: reaped process 20007 (syz-executor0), now anon-rss:18460kB, file-rss:52252kB, shmem-rss:0kB 00:53:55 executing program 2: r0 = add_key$user(&(0x7f0000000040)='user\x00', &(0x7f0000000000)={'syz'}, &(0x7f0000000380)='X', 0x1, 0xfffffffffffffffe) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getsockopt$IP_VS_SO_GET_VERSION(0xffffffffffffffff, 0x0, 0x480, 0x0, 0x0) keyctl$update(0x2, r0, &(0x7f0000000440)="c0ca1cdbaa1aedbbed80dddaa28e15b9449e2e82cca4244c40ffd0fd4e6631c7d3d86e1339de17344340b02dd527f2d8b3ae6c1db3594e657da33c3ec668f143974a65753472df5319a6b83e1e86b8f2666c61a2e700d1c1e0ae1fc52494bd4885a5c64e9007d39fa11313805290dd6342f9775f01a02ec88f6bee22f25a377a9b143abba1264586d2779088006d5f9be82b00f10287031623f73470264cc5897f18f357aad6deb3883da88ae2266664933785a3ce72bb224a441437ea93c21782d4501b9dfbf48a9f3ea14cb792a7876f17297a8c870d7a2d46a36a2cd3e33e21894d91caa64b131dbf5c53066c1ac83ceba29ceab25127e8", 0xf9) r1 = syz_open_dev$swradio(&(0x7f00000000c0)='/dev/swradio#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f0000000340)={0x0, 0x9, 0x1, {0xb, @pix={0x0, 0x1f}}}) mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xfffffffffffffffd, 0x11, r1, 0x0) clone(0x0, &(0x7f0000000080), &(0x7f0000000000), &(0x7f0000915ffc), &(0x7f0000000180)) ioctl$ASHMEM_GET_SIZE(0xffffffffffffffff, 0x7704, 0x0) add_key$user(&(0x7f0000000240)='user\x00', &(0x7f0000000540)={'syz'}, &(0x7f0000000600)="63bbdf5b932bb04481028798fd5fb1bf7183b30984e21c3eb3094d70650ee8624e2bdce1427bd61c8e222dbd67d402b7ccaf0c5dc50030ee14d419fa9c84b0ffd1019f1b2ae022a0f182301f9942566e6f61eabe384c732d0813a18bb3dc9f3a678d9d44e6293e786ab2e6d28f236c138d63fe4f6ece6f3d04", 0x79, 0xfffffffffffffffd) openat$autofs(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/autofs\x00', 0x401, 0x0) ioctl$sock_SIOCGPGRP(0xffffffffffffffff, 0x8904, 0x0) 00:53:55 executing program 3: r0 = syz_open_dev$mice(0x0, 0x0, 0x0) r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000400)="2f6a7374617400c65381b47aaedf2af5c8af3423fc41891bd2a3c56d8c88e29bad43f1da906e855ff182de04227edcbbc2b1df8f180e158e8abd442cc049cffda030ff277875ee010000000000000000000000000000000000000000000000f532144d1671a6cdf5069e5bddcf25cd7f23956b4a82df900f5eb5763b4fe8cc7172962d2590b2dca2a1308c382541b053194d9027d83ee7ba2e3280857f8f9f63fc90bae959c6e67078bf97e615bfd9409914958aadcfb37973543c60d83526e5c267f7dfa54bd524cc9671dedd665199322bdadee125a35b40b7be0c07301f439a7edfa26fa98277c8078b02e2076291c33787c58b0eabbc39288fc10509409de108f5ca26a8c8e1afb70b2a9569cf8f4cdb6d4e97eb7fdf241dee160e6071618333cc0b0e8bc6a17a0b7d604550fd149ad078ffe54c6392fba29015a3ae73774cd12c9c0ed251a7cf843d712d", 0x2761, 0x0) syz_mount_image$nfs(&(0x7f0000000080)='nfs\x00', &(0x7f0000000100)='./file0\x00', 0x5, 0x7, &(0x7f0000001880)=[{&(0x7f0000000200)="a3acdbc38574655ca111e5ea0cdb36172247d99c3f1f76cba7c6293e3b3527452f3a74c81a4bbc575eff390c66a9288077a099ce0aee0d638c68df47df21b97b168a82ce63db72fbca41b1a1e5e12f92d49679357fc8", 0x56, 0x1f}, {&(0x7f0000000280)="e9e75cc40d85ff6af06930d86cde67e261316e236fa4f0d5dd67e43f2b2d5bb30e267f69ba373b7602ff1db247e875347702e25cd065df5d8081bbf14e2b93339e6df62705a00d74ee40878ae3659da922d87149d34526f2c051897f96839a25444eb124b4cbd6a10fc986461104fda1732a7aa6ea22fb0a4189c84dca54006878c37f4cf3a43d1161f71d81921e75210da99d85d1def22bfef7bae509e1f5eb28", 0xa1, 0x9}, {&(0x7f0000000580)="8e258a6bd10eadda4933c2972f89dbb235137944d21560110e71e5420035e818fe05bc2d75f8ebe15b35ef7839d2eaa7cab4b1cddcc77f4c6ed9ee4191293b0541200cd452bea52b4edc692cb4f8ba68c662809a0a51d919d53cae40fba7923b506535485d18e74adbb687afedcb17c9780dd5f8fd1113f0d52f8b814746b8a55d6df5a54a3024db99d1a78234a2a609a95044b9fdbb1a23ff560e51ea12dba7b09295e8288b3b856b8cb58ad1e0b56a0f7a68afc3d26f4892734f1d6e57d43099744b7f69f0f8b7404c458fd7fe21ff159d2e0f25b1648b94e61031ae025a2f92427c7e13a4b67f099b4deef5e53fd418ed007db2812cd713234442c4903211a304bcef98c046bce96c6994bfc9c05c949e4fa7d43c34079a99e9f6b4467168197d5fe41f4a6ec0cd6fa3348e347a281b7fed0d6793102ee3f5942b4ee656207d0c22cc962a7a3a5bee205ffefbb4279bb9968ca8c522fbcefab82db2295e1709d8476ba6e688f03c1c164a7f1b1d5de2178e7383923f2c79162b50ca39876e287747e15ea739946775c95a8b35541c32c64c3d846ce9a0f1245376e60f14a2d4eb02e69fdeeaadf796cf44d0b3713d1979c7cee92a2c246dc750c20fd04aa6d34052d48d2bb4d07a0096bec25f2db2987db476adc5a307dec0b5ffc7137423fe324f76f89ae5db8e7642e1968d60dbb04e34caaaa7d855ed00c3528e02592d15a077e3e34f2a4eb0856d1887eb82f2622c84527332e68b0a9a911d5f966bcf261be561abd1dea7321540d418af51b2f1e2cb29391fb3e7844dbb96d8cb46db1f3901802cddb41dd8807a66094012551837f22cad8c15a2f2cce71ff8a269424c2624679a56a06b2f9191e8b68ddc942b831c1a8007f79661215f167f67341c639f44046c6f749b62698e6522b5e05223d94424a9def4a86d56b65a83c73b963d3e9a9ffb2a97387c5b50086fa178db0455860c3878f8bfe9a5d6caeb63efc2a34ec125e6d17408dbf4773d8d269ac2b4a93850e5a11b89ff0582dd057a048a1f8e22fea6d1a13dd88542eaa26d1c1d7443ec4c3113bde4319dc82df47235116d46365d56e52d43e1a28a9533446d68a87e4f3ab65298bdc2ffa3db705c1c1b67adabee436bea26d75029681c8195806c552a0b12105d728d4347eed673dfe3f56e60deceef9ebc83d13bb07b17a05ec91fb7b30158b4c7411dc33ff63b51b55ad4278aecf449fe0f5b61a6e9b9fefee19ccef8a4ce5e3a051887462e28f6f6118a683b65efc7c4060555ed4bf990509c51adac977c9e5890f694dc4c79d55e5e45a5db4e23184f978eb5b55638eed64fd3cb43651e26663235890232cdb882b34cc02df2c06934dcfff055e609c0d2d931c145b726feee1e074541771595c23afb8b97f71f3583ffc9600e13599736506ccba76b907193612cfc28f9b60ff10976298c2b1bc0b57b00e199e166af4e8a35142088830a9a0b316499667eea41a9fb53dd666a2312bd59be653b9d0eb4991b2459b3e773c8e68d50f07b90a594b2bccb22a5f8ebece9d025de7c374e8f312a380b85a6448bbc4724cab3d545b6fe41039a032ca7654dae354a2a792eb4e1de279abdd3805499a079c13c54882419c6fe79ca8276915045eca0f67fdae8d9dcb4a15b18d64c12c19c2eb991d5af899dd1d98a4b9a76d90b5d9e1c5eceee955071536864c60b1c7eaeae57bf7a3afd743a659a058955f7c41d40900e62e305d0664134ea57cb553b166fbd1a2624711e352eb42cc26057ac6c67f65767b89c7f1f3475ebc8a3d9b623e4d54eefd475eb0cc7d102c8eeeeb2346bca729214468f83610423dba95b51cbcdfcd028529d4c5bfbf1fd8be58f826ff2c000419feae14b397e81f423184037c3e040282e43bb1acb2a54254b4e2977f25e98ae19d79f09fc3663dd1d89b1fd1950b248bcd568888ef0b2ea262e47dc580f203eed344e7cb9ed9be96a65f08aa5a6469595628dcc6b06a7f957a4c3099542d2d4f57a44d1108a27f503d49734c313d563d0563abb8291f9d55a1e4d71174659ef9ecf4051d3313f13dc939c4a53d96e1328c2bddb5e48b263d5667d25986756be5bd7cb6dde34f83f8e6e7e0a4c688605736e6d0bcc30fcae5dd0ab2961694d6bc2761ecacdab53845257ec89b8e1ccb6c6fe425b6e588e3a5f318f6c7a1cc3253fa7402f71e5f768fb2378b5673982f4466006bc76216d57b8a94ba7b1d7bda301845e911222efeba9ecd4c3e70755c37b9a75794259b405f3ec794e4a1d7777799a0e62855b9ce886784a5271a96e89b790002b3518f619581e6b4bde7fff00d3f2ea881011fa4df55892e142d6fa61e7e8872be22411aea7c32356c643b5fb2eb186e680527970e0e5f4b48425e76687b2456677087513ded3fa75b0fa616595fa8e454129d68592a1431824ed8b0feee0d2db54ffd9a4608ac9e774cd0823f507ea589831c806fc76e03e62ecef7bd722d5453761aa8990d45b1f01cc436ede50230f66e40748c01e6cd9e2f23efdf46047f7551845c95d5eb48aa617afba4c166f96c4d21e9957dedf3dc43997fe23b3e2a6c9766f4d5fbf41b845769b66f916c748f0607939acf4bfbb65ccfee11420ba8c463fe4504356593bba3f6e0e60fbbaaaef2d2157deaa105d23990c4bec65a7d53488238bd639adb51ce33b82d04614623058f4a074a9e93947afa7529d1f4de5790d9de0dc78c884a14317994bc934c0aa631934c6e7fae736066be33ee9cc5111d577c5be095ce6121cd4013e27bb429cdbe5939d90d113c562431d3bfd821d35f414fcb3d97d9b28452b78443c5c8cc9f0e9440951156f8ebb629e8582d3555e402b20abbf7f758135c1e4f51bf4e5cf5f56ae5e27081f32d62f13c5180ca6a060b962670e90841f3ce2ddcc35b11a29942b215dfaa80863152ad87d09f2cede7635f300d40478a51af7f2d5ee21c0dac1b6febbdeca8d21cc7b0fd567219379ec0fd609581d2024b237c15833eb873799c436a72fe0121c87f5340ca25728027d6881886e168a7ae7bf4bf32d9418bb2cf11faf4fee14ef9fd781e2d7028b849eafad4ac0519b100453a9d7fcb0600869f946ccb03caf8cf7069334c14277195e680d2040364504ad7de57e4d4c51adaebdfe3d085cce8f81a68b923f52f05a93f43eb108dbaf93c56316102586932f30410a5446babf7122a61261cb673eb1da9e90072da7dbb243b7904f0c6954a8d8b00c05a073039b689b49963b826bee45733581589cb91a943bc50e545d4dcf76e64b03aa27b571ab4bd0be9e10051a03388cac26e11dd56c3820df67618b00a77d316ae01366659496cf15ab345921854b46d217fdcb59643b5a5ff87788778035d0f57631001363b02c219f2b40a07d6221945cb98629cc41414b7c391bfb2017bf5f68abdac411e5e2ffd5d35e8f2a7950def008338b8a05d197a91ff3ecfdd75ca1097bb6680fe667c99289f69fecb93c9d26ecf6eefa05678eee6b31a53bb547b7319d59df10f96a4a252380dad1399437eabe78b2cb0376d2a7a183494f3369e89b42225f3b1701355d0bffa1cc101d821dcb5c0288bbf2db968c12a2ca0e65780214dee11e27f67a1c5d7b29209e6e16628786206f6ada70527d1f46d4d810c5526c611b5db276c391719341e473992580454ffa9d248f0c1a2bd9f5034741ddc1956fd8370abda3b3bdc0cb2bc728f1e956949b26798cea099104b87833a96dda3630a2897800736b9e17e931e29cdf86fa513cf5417c61d3ba54d4cc9fc01c3d641d9c54a4bf4b3d4a18913013189463e050f4bc04bbd12195ae204528352fa97e29ff0799db39b93d98e0fcd4e0b4bf2a9f69a0d03e9bb41ac1906322616c7d38087de32f1209e6176daf0dbc3eb5cdbb18409e5cec98df3ddeadcbf0e8e326ffad188a4ce64dd4322521f9fc7e2939365327b2e5effee6bd13699b13ddcdbecc5754091cefb31e0da6700bd72fa5ae48188c5f03a543c66e0b29e71edb7772301607c6fbfd19c343d8b23b128a19a102ff267f73c29c4924a1c382eec8e0e040b672a1af865b7458dcb394944f6e859c48b390c75ac90c0865987c37cdc865edf1fd377010c76d747f492badb4010a9350c5dd4e8654d0b96e8ecf7de647073c6cfc88c5ff1b71d9d5580c584be6fd5a3989d4748427adc84abf0f627ef8a8ca45e58b8b1966057ab7336b8cfb4c2c75d88e3a61f9d3b042b41916cdca56e6bf3e0319ccf2dec6f5ba3ff285b7bd250462d5bf257a8e4301128dc6cd1ca661a7802926805cc16c3dcd09261ccfd8eb598a381e5be4906cc81f22f8559e87a5ef9f620d1aaf8188dc5dff22d8b103b9b4ba525970aade1f4fb2e226528f604308272985ca4dca664748dc627b56c635ebe2e20a3dcda4ba478c27e6a4fa255bc4623b3e81a91fa749c66ed3a070e5ab3c433f2d948b1ce886faa6c2f90c5183637e66da8641762788318537eb4d2f4feb0d616812e162448cbb54223c73076d6bafad77531217c564fa520269a2668c5737092018d219464bcfd8a04e360d7c6d337194921838e46d9476873753674f3d666c5e177622f70a322f6715fad5825d1761063bd46572c82be6fcb2ac505137fc3344952dc5981bc986deb3a1f52142a0b77a7f70b8d95b9343a1de628087b29c3c2de1517d571a5e12315c4b7857155991d2f9959dcd05a81bf7d90a5db245583f324bb5649b496cc02283442e3cc2329e816c7a91f58cfec09e64085d1c5b48c58671622c0845f413cc4a5f7cc6e3036c2ef18aa2d7df68852464cd345caeeb14202d7f8fddbbb26182b16e2fb102914d5b1d48a92a8ef7057ef29ebb9a9cefdd697fc908e432b118a41362c06066f2d45c652ba4a61c3ff666ac56140a6d922f213aef5b3b67277d41ca4982a743c9d8b8a673467122ff636cefbdbca9c421c339ef5c25404a0610ae5500b854413b9edc6fdee39777545edd1c160469d322f4b08c8fa51ee057fb63e2fab48dbd3484f943b09f9f6d73d6df2a9a9f4f5bcc742cffa61d81241ba2a51fd70a4bcd9828c7474857f70e4eca9f2ca978ee2fa394f3cbcd46df821ebee8c130f01df148720b25297c5956895f46da4169339f98f2c4fbfbbd92081ac58dba0b6a059c846f46e233ce6ad54e1b309b234bd6511b21c81381f76af60261dbc2ec7223fb11f92fcfaf086c3abad53933b428e46c54ebbe06fb67f9dc701d580e53e2c3c1c575a7b74a304f2d0e1394fbd998ab4349fd112a09e5eb3344269a61d2b1d86ca8d0b0ca5a97a401d5fb1eb1b0f4bfeb82f66d44c35bcd6cc9c25d79414020282bfb497a6584ad72d03dfbfc8550a461a2a3b0bdd2237052cb769b5023846f19809948c2a35509193359640549860bc4c6559ccb5df7eb6e4613241637160d83cc610744378b8b159aa2daf9862647b13af63f3d693f612a3eb6df99022cd50591a9cfc7313f0e0b681a719512812819248c0739ebc29722dd6713e8cf62acd356127134b4d419264cbba3ef3b921ca1d9b25098608ae9c8e880787b147a6030e2ee1a5eb04efc1211fa3be5209fb77c3a4344e5334b51d8fbdd597d62f1eb160bd5573897f1f4f89d0f82616b6f3d0b874ce70ae353754441db5ef378a07bafb078ee9bcce0c554b9688a68952e60c481c9fe30593752576358ac8ce061f75038de14b5eeedeac57148b4fc34dbdc1005957b12834ab65e8a74505ebce6b79736ff08db627840af483223f1642ef20248a2d4381edfbc31977424ad88f0c9d49d7ffb1012cf", 0x1000, 0x6}, {&(0x7f0000001580)="e1db2e460550636978d5912649f8dbb2db67824f16661e2100b7b5891cd2f69d6cfff7fa41365e6c4f206606cbfd6b499f3f5c9e1ed0b8d88a300bf8bc92ad881fbe79488211175235f834c8f1db7bfa8660b4caa0fa99ef5899389287ad21f402a903c4d5b9e7a490d11ad1f9bc6bd63d9000ef46696e618ca1db3841b89ae795908308cfd152f62afa0ebd2bca8dcb700cc27bcd2f1ad84e28c35f7176813e4ef197d0798b709236d7c8b5942b77dbb92971bdb099ae38c5720d2c9c8c61b5c5ce4b3bf6e40f1de7c95be2ca5607def79d", 0xd2, 0x2}, {&(0x7f0000001680)="77c5721f702af668290095472912c14eac84d5e393f6a23d9b9ad2f96c2ed0c3e1922db526d4a248dc4ccb0ac3be6ce03be3ad2f2d4423f209062a9080b5e716eaa6cf22457d2b573d0a2500d438429153822c246cf67b0c8580914204dab3766953c06ad146f2556405b13be92eb0c4f9761f1dd2cac395a38ada4fc649a3de4b93d7a3eb62a141389aab0ade64d95182d8ee7120af4dc9073aad949deb27b39c3935438eceedfe57b58df67f5431f9af7e424b2a88fd9469e6967a0486260f5046ca611b0520e812e575cc668fa4c1161043", 0xd3, 0x9}, {&(0x7f0000001780)="86ebd73cbf8f49e8c3f07a4b17933664b50296ccf98a9e6deb8619ee52a0dbd921932f7c0111e0676a652bc1771b0324ef6cb73019b817b9a0d012e8cb7217da7884e3f5f387a365ed604b292403021c64d12ac665231a44eada4207369999142adfc0b2ac56a5ad2c612b6120ff030f9ba6a204009e75751a20800263e3ee73092edb37b182419cb55015d1246d0fce22657b22ba70a800c8e4185a37bb2a0185ad4bfcfdcaafcb2a2200a5ac9ec4e9902ab22fc2797072ddcf7e9e3d09c487b11229006590070bf4c068bd1c4cc1017ce4f30a", 0xd4, 0x70}, {&(0x7f0000000340)="2c5bf5d35eaf58de6105a83bd5f8b2a8bb0db168a89257bc1f441838a5dc158c809ddc866f6555e73ef9a998f0f9e18da6a243aa3fd37bcc90a91be27f5c5088a79325ab1e70f7599a65d7afa3200084e324e4a8f3e525a6fb209d9235f2f63284de7ef21e87907e417b772a1752", 0x6e, 0x10001}], 0x0, &(0x7f0000000140)='GPL\x00') bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x1, 0x0, &(0x7f0000000180)=ANY=[], &(0x7f00000003c0)='GPL\x00', 0x0, 0xffffffffffffff53, 0x0, 0x0, 0x1, [], 0x0, 0xfffffffffffffffc}, 0x9) r2 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x2761, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x4030582a, &(0x7f0000000000)) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000840), 0x0, &(0x7f0000000700)}, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000001b00)={0x0, 0xa, &(0x7f0000001940)=@framed={{0x18, 0x0, 0x0, 0x0, 0x8c, 0x0, 0x0, 0x0, 0x8}, [@generic={0x5, 0x80000001, 0x100000000, 0x5}, @call={0x85, 0x0, 0x0, 0x3}, @jmp={0x5, 0x7, 0x2, 0xf, 0xf, 0x10, 0x8}, @generic={0x360, 0xfff, 0x3ff, 0x101, 0x8}, @map={0x18, 0x4, 0x1, 0x0, r0}, @generic={0x1, 0x800, 0x95, 0x4e, 0x401}]}, &(0x7f00000019c0)='GPL\x00', 0x9f5, 0xfa, &(0x7f0000001a00)=""/250, 0x41100, 0x1, [], 0x0, 0x6}, 0x48) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r1, 0x4030582a, &(0x7f00000000c0)) 00:53:55 executing program 1: r0 = add_key$user(&(0x7f0000000040)='user\x00', &(0x7f0000000000)={'syz'}, &(0x7f0000000380)='X', 0x1, 0xfffffffffffffffe) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getsockopt$IP_VS_SO_GET_VERSION(0xffffffffffffffff, 0x0, 0x480, 0x0, 0x0) keyctl$update(0x2, r0, &(0x7f0000000440)="c0ca1cdbaa1aedbbed80dddaa28e15b9449e2e82cca4244c40ffd0fd4e6631c7d3d86e1339de17344340b02dd527f2d8b3ae6c1db3594e657da33c3ec668f143974a65753472df5319a6b83e1e86b8f2666c61a2e700d1c1e0ae1fc52494bd4885a5c64e9007d39fa11313805290dd6342f9775f01a02ec88f6bee22f25a377a9b143abba1264586d2779088006d5f9be82b00f10287031623f73470264cc5897f18f357aad6deb3883da88ae2266664933785a3ce72bb224a441437ea93c21782d4501b9dfbf48a9f3ea14cb792a7876f17297a8c870d7a2d46a36a2cd3e33e21894d91caa64b131dbf5c53066c1ac83ceba29ceab25127e8", 0xf9) r1 = syz_open_dev$swradio(&(0x7f00000000c0)='/dev/swradio#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f0000000340)={0x0, 0x9, 0x1, {0xb, @pix={0x0, 0x1f}}}) mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xfffffffffffffffd, 0x11, r1, 0x0) clone(0x0, &(0x7f0000000080), &(0x7f0000000000), &(0x7f0000915ffc), &(0x7f0000000180)) ioctl$ASHMEM_GET_SIZE(0xffffffffffffffff, 0x7704, 0x0) add_key$user(&(0x7f0000000240)='user\x00', &(0x7f0000000540)={'syz'}, &(0x7f0000000600)="63bbdf5b932bb04481028798fd5fb1bf7183b30984e21c3eb3094d70650ee8624e2bdce1427bd61c8e222dbd67d402b7ccaf0c5dc50030ee14d419fa9c84b0ffd1019f1b2ae022a0f182301f9942566e6f61eabe384c732d0813a18bb3dc9f3a678d9d44e6293e786ab2e6d28f236c138d63fe4f6ece6f3d04", 0x79, 0xfffffffffffffffd) openat$autofs(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/autofs\x00', 0x401, 0x0) ioctl$sock_SIOCGPGRP(0xffffffffffffffff, 0x8904, 0x0) getgid() 00:53:55 executing program 0: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000000)=0x102, 0x4) bind$inet(r0, &(0x7f0000942000)={0x2, 0x4e20, @multicast1}, 0x10) getsockopt$IP_VS_SO_GET_SERVICE(r0, 0x0, 0x483, &(0x7f0000000300), &(0x7f00000000c0)=0xfe18) r1 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000400)='/dev/vga_arbiter\x00', 0x3fc, 0x0) getsockopt$IP6T_SO_GET_REVISION_MATCH(r1, 0x29, 0x44, &(0x7f0000000180)={'NETMAP\x00'}, &(0x7f00000001c0)=0x1e) mlockall(0x1) clone(0x0, 0x0, 0xfffffffffffffffe, &(0x7f0000000080), 0xffffffffffffffff) r2 = open(&(0x7f0000000140)='./file0\x00', 0x0, 0x99) exit(0x7fffffffbffefffd) r3 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mlockall(0x3) ioctl$VHOST_SET_VRING_CALL(r1, 0x4008af21, &(0x7f0000000500)={0x3, r2}) r4 = getpgid(0xffffffffffffffff) setpriority(0x1, r4, 0x5) r5 = getpgrp(0x0) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000280)={0xffffffffffffffff, r1, 0x0, 0xf, &(0x7f0000000240)='wlan0\\}md5sum#\x00'}, 0x30) setpgid(r5, r6) vmsplice(r3, &(0x7f00000008c0)=[{&(0x7f0000000800)="50e005e6815dc6b00b10002c519c66795de0d52fc076f1eb6a9c58cde88a6eef0093b24a178e84740aa6d1618e2033d38d4aea0fb17cda768820a83864ac14405192e4549c3ad33fca5d187507c5a984d6a0c72683e7af2d4a070000000000000005b6d0dce139e4c627395426a1f6fc0b416f7163eb07000000d9e0203181735ccac1e530c361262a0a5e0a98e9ca3d17f2f2f0c116fa9fbdbe757d93e323d17f29", 0xa2}], 0x1, 0xf) ioctl$EVIOCGEFFECTS(r1, 0x80044584, &(0x7f0000000580)=""/190) mq_notify(r1, &(0x7f0000000540)={0x0, 0x1c, 0x7, @thr={&(0x7f0000000440)="4c272be7ad31b92a7819bd4438656080ec27849a76ffa174b3fe114201140a34e5e6cb4d6a3ab9bcdc80a2717dd8542f33caa13b8c9cb9f5d11d4c66dc81779917000c05979ce491010f7259d0ecdb80fb30d6cba6e2b753ac23635fbb3d879cc2982fb4bbe1afcea02f12d11d43e1337c25411ae04bd8efc06636c455e15689c75b95c24f0dbdd30bdf91f2313a3e39b263ff5196302f1880765440d8b1", 0x0}}) accept4$inet(0xffffffffffffffff, &(0x7f00000000c0), &(0x7f0000000100)=0x10, 0x0) setsockopt$sock_int(r0, 0x1, 0x3c, &(0x7f0000d4effc)=0x1, 0x4) remap_file_pages(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x4, 0xa1, 0x40001) connect$inet(r0, &(0x7f00000002c0)={0x2, 0x4e20, @local}, 0x10) ioctl$FS_IOC_FSSETXATTR(r2, 0x401c5820, &(0x7f0000000200)={0x6d, 0x7fff, 0x400, 0x40, 0x4}) sendmmsg(r0, &(0x7f00000010c0)=[{{&(0x7f0000000bc0)=@in6={0xa, 0x85ecff7f00000000, 0x0, @mcast1}, 0x80, &(0x7f0000000d40), 0x2fb, &(0x7f0000000d80)}}], 0x4000000000001b4, 0x40400d4) 00:53:55 executing program 5: r0 = add_key$user(&(0x7f0000000040)='user\x00', &(0x7f0000000000)={'syz'}, &(0x7f0000000380)='X', 0x1, 0xfffffffffffffffe) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getsockopt$IP_VS_SO_GET_VERSION(0xffffffffffffffff, 0x0, 0x480, 0x0, 0x0) keyctl$update(0x2, r0, &(0x7f0000000440)="c0ca1cdbaa1aedbbed80dddaa28e15b9449e2e82cca4244c40ffd0fd4e6631c7d3d86e1339de17344340b02dd527f2d8b3ae6c1db3594e657da33c3ec668f143974a65753472df5319a6b83e1e86b8f2666c61a2e700d1c1e0ae1fc52494bd4885a5c64e9007d39fa11313805290dd6342f9775f01a02ec88f6bee22f25a377a9b143abba1264586d2779088006d5f9be82b00f10287031623f73470264cc5897f18f357aad6deb3883da88ae2266664933785a3ce72bb224a441437ea93c21782d4501b9dfbf48a9f3ea14cb792a7876f17297a8c870d7a2d46a36a2cd3e33e21894d91caa64b131dbf5c53066c1ac83ceba29ceab25127e8", 0xf9) r1 = syz_open_dev$swradio(&(0x7f00000000c0)='/dev/swradio#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f0000000340)={0x0, 0x9, 0x1, {0xb, @pix={0x0, 0x1f}}}) mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xfffffffffffffffd, 0x11, r1, 0x0) clone(0x0, &(0x7f0000000080), &(0x7f0000000000), &(0x7f0000915ffc), &(0x7f0000000180)) ioctl$ASHMEM_GET_SIZE(0xffffffffffffffff, 0x7704, 0x0) add_key$user(&(0x7f0000000240)='user\x00', &(0x7f0000000540)={'syz'}, &(0x7f0000000600)="63bbdf5b932bb04481028798fd5fb1bf7183b30984e21c3eb3094d70650ee8624e2bdce1427bd61c8e222dbd67d402b7ccaf0c5dc50030ee14d419fa9c84b0ffd1019f1b2ae022a0f182301f9942566e6f61eabe384c732d0813a18bb3dc9f3a678d9d44e6293e786ab2e6d28f236c138d63fe4f6ece6f3d04", 0x79, 0xfffffffffffffffd) openat$autofs(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/autofs\x00', 0x401, 0x0) ioctl$sock_SIOCGPGRP(0xffffffffffffffff, 0x8904, 0x0) 00:53:55 executing program 4: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000280)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000480)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) read$FUSE(r0, &(0x7f0000003000), 0x4ea) write$FUSE_INIT(0xffffffffffffffff, &(0x7f0000000600)={0x50, 0x0, 0x2, {0x7, 0x1c, 0x0, 0x0, 0x7ff}}, 0x50) 00:53:55 executing program 4: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000280)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000480)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) read$FUSE(r0, &(0x7f0000003000), 0x4ea) write$FUSE_INIT(r0, 0x0, 0x0) 00:53:56 executing program 3: syz_open_dev$mice(0x0, 0x0, 0x0) r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000400)="2f6a7374617400c65381b47aaedf2af5c8af3423fc41891bd2a3c56d8c88e29bad43f1da906e855ff182de04227edcbbc2b1df8f180e158e8abd442cc049cffda030ff277875ee010000000000000000000000000000000000000000000000f532144d1671a6cdf5069e5bddcf25cd7f23956b4a82df900f5eb5763b4fe8cc7172962d2590b2dca2a1308c382541b053194d9027d83ee7ba2e3280857f8f9f63fc90bae959c6e67078bf97e615bfd9409914958aadcfb37973543c60d83526e5c267f7dfa54bd524cc9671dedd665199322bdadee125a35b40b7be0c07301f439a7edfa26fa98277c8078b02e2076291c33787c58b0eabbc39288fc10509409de108f5ca26a8c8e1afb70b2a9569cf8f4cdb6d4e97eb7fdf241dee160e6071618333cc0b0e8bc6a17a0b7d604550fd149ad078ffe54c6392fba29015a3ae73774cd12c9c0ed251a7cf843d712d", 0x2761, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)=ANY=[], &(0x7f00000001c0)='GPL\x00'}, 0x48) r1 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x2761, 0x0) ioctl$BLKTRACESTART(r1, 0x1274, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r1, 0x4030582a, &(0x7f0000000000)) sendmsg$kcm(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080), 0x0, &(0x7f0000000580)=[{0x2c5, 0x29, 0xdc72, "2b40b30575b313497563efba19b32ac163c978ee2a451ccdfa658e97a8de0768398bf1ef7add1deda244e0255de292f57418859eee3104b8a77315ea82675c079d29352529c3f478cb726bbc10dc6cb3f155f96e00e0edaff8f6ef543b2733d6cbfb180e81e5dabd26b987239ac541951c14e138bc223a5f1524b18ce3ed1e1864bdfceed355c7844632db50d96fefb7bfa4781728a463be2630af5c58d4b8ba7cb9892acca30247c6b24c5b0d34d613b45fb4aea57a90eb39c244871a4ccb5b0f6538ceae760ba88376bc936b965d34ca5265"}, {0xe8, 0x114, 0x6, "317ecb835103f6b1547e1b8bd4d9a29f3262f104352c790f7a90dbc2c7927c21f0c2b0ae966a4b3deaaf48f92ff492f93ad0a6a70c43af919592a6c5ec974d3e5e49325b23135302f5c0eefbea71bb8c86fa4d5f31ec0f176f52df99776403dcd4b07c0596c719655b1c0af8aad2f46abb60fc1355007582bd0c51f355b931d0aa693254e1d19f47c164ebf0c2f33a103242c5a9958ec10a5d5d26301344c62382290102ec599ca3b7c5aa8d8f3e7067a7515a014459f5ebd510cbfe419b58bb377d4b0b8a141afe5a5277e1d3c3654edf01263496c2"}, {0x10, 0x0, 0x5}, {0xf8, 0x11, 0x2, "0fb338e3b7bf9b04d452a67bf7f1e1e3a66c5f66405e60bedadef271d20ade2218a589ae778faab706ee0b2ba02adb1a77611ed7d31f1e8ba1615426393ddf94cb9e9759198badc5085696ee5600813458a3508ea4c3d5e3d182fba1d6750d8def06e0f015ccf56e5a89bcd44c2c2cfc24ceec0b90d83b76eb33745a94282ffa161c8ef278bcce57272d5fa8572b19d9b474be58e75f63853de6a1af18cbb388cc336f40ad6e6d5b910d33ab430c17bb15bcca79876ad141796cceb7980f6bdef7ffa2065670265818f74187a0da8aa15c5f38c07811a6cd6e457a8f266e1dea64a18336bb"}, {0x20, 0x19e, 0x52, "eb9824abfc3f4318a8b2e6c51235"}, {0x98, 0x11f, 0x8, "074525d7e9709bacb91d3810a26acb46a967ed9e3bb61ace4f769a836b89fbae41e03ed6390acf63627183a894556ccddd613e146a32e153f49e55c009d4dfb8707f0560dce134d7792118bbcfbd05778ddcdb190d22105a33179bd461e41f81dc9efc509d67bfa226ec260c0ed743de807b405ac0e433776dd9dd37aa860d37a98af1df"}, {0x1010, 0x112, 0x1, "13a3690489fd6dee4d7a599d56e48eaef3c75c481b73f95bd8faaccba5c46957be970e0c7b03b8b4eb43f7583bc7cb00a4a827da31d798196a5a4dfb0895fcd84eba40e6bd6657e2926d7b612e6a58d08f9cf1dbf6b594d8f0ec22222ea17eb41619d2b76c99430b5a701f1ddae95491cd0422050f0cf6257ad309496b94cde72e23063cccefb36627e102540b783a54fc5fb71bba32ebdfd60fd505cdc1a60d80a3fa09945720a9fc6f1d436398b73f562d956c3710285f6c33dd01db92a4666ba2c4c723b7e8179b7d39accbc793b3c09ee81ef93c425a6b82ce35110a0da76bc2419a8228aac72d1177a914f751ad38b25d56e299172edf03be19ce2e0371e766a20347224bf8e131bae515b0c632f694d7c2a8d98b12b1225d2a205186642301554c4ffc630e28cd6907556198b683eb9333db680e488c26bae38cb0216028d3a23df7bfc911d539b17429683e53046793f55a7cbf3f42f6f2b948cf1a719b4325bd0e66f641475d48b42f624dc1c02ed5e7733713cb762cb1988aa8a0eda139e31a05b1134c96a12b2240ad1b6ec2b9c4629b05b02b78ceae7199860761c2194a1bbc3d69a7314ed4442fa0061f9775aba85ddcbd56b8e80841ee5fd7fa57ffe07b324a453644337570ccd7682bc8efaa09ecfba159b3483757e5db6afe7f06474f0b9777f8743ad244d0957696a31a0421d95861b5979173e92cbd8ca71a068fbf94f6044a0f33f85c6f8f37d851a0d72108a8fe2c2db9aadcfed17f83376e21b49ec2e6ad220c5574c6f4b26a83a5def4489f9acbcecaf3562d626f6ff9626b0f733528f37c049393c0c45aa86d607c2c2fd6154d05b2f8cb4c055e51f66e6c1cf2c86a0cb99b93489dd77d0e39f88b413007c2ce3cf429ed7899ba0b58ce3b51ea2becfe0f6e85ed5f55a84595c81415f19ecb7ea7e39c34b73d86692803a082c8f2e74398f330dddbf25697fdb3f440d050155993547003e5ad551d39692c1841a1e817c6d705e22b43f1a5ff7a04f088286fbf094d7de0049abe964ece2c77f99f62c93ab59d42cf1f2f665d37220282f7774e074a40a00676a2f6399d249878f9025e25b4d4d781e4fce3d5af73c7cfbd55717dec34d4ef13f5a27a1567fad9f1c09aaa666576a4928440211f8c1bf0e01c5230f141677fd39c1e2dc53f601cf366c8dd4574084e7f0fa82157b84da88a6307f73a1e62c1c436420f1063c44e7acff67fc0980d7c123755e6ce3114f67eda1c2f16c5b49a233ca10f8f44db3d9415ea9ca5fb7e4e104f3ef7ec0116b9f9747824c951119d81b6d11838050bd4baafa0b75858c69cf5908bd1bcf8fbff87312a398aac79acf664f2db237102a6c6925db7db08a066326e154b0e50a04f546c5e43776f908bcc3093dee29409a29c750661356fbe8d1f0881501330c77caacada97e92637c9d781f280a752df3feb9ea99ddc8e6f410c96396be5468175354fba462df6c33758df54e2b52ba51115f39aa4f35d01ab573ebe92251f54f57b4a73e3e1bd4a510e900447696f98b268d9918c033611fcf56a3f3831e618b97ea9fe59512ea0c6da2729aeb1164d44add5723af0978df2f99c87e2e6316c6c4da7fcaf2a9c97defc956fc30782cfd7dd2cfd28858b8ba94c8ec046ed838d7ad860e3b590fb29e1be8049a062fb744be1edf07db85c12d6f7292431946535e2ea08b453af24a4ccfb4687f93dd9ebc36994ebc5cdd34a502a049eea6764a2096995ce51e0c8803a203ec7e4865f3bcc3b537bccc865cfe53311c65bf2f785a86d1a1ceafd6927fb13893184f196f9ba64ed62cdc7c602291f6e7fa675e82330554531fd0edf741c962acfa398fd87225d4d15914c10220729fedfcee7a5b4cd81d5fde822d3619c6aee8d8dbf9c19f35744852880248c6a8175ee3b6a6bf28f2ab7e1dbcca43c889feba4dd5cca5e11bbdccfb22e28b085c3befcd92179e60a991e535f6fc487a0e79b179c49e10b5d2de7516315a04029633cb78f502372b0f32f5dee6aed0a5f456bbb85854ea080e1a03d29299949a9f166a2a058b0a4ffaee9e42b9b1b1ed60c3a39349559b4afb1e08875ecbda0b704502c552b52cf6a9e86c3018b816d6d8ccc142e2e42a2371f5331744c5f17918a5e36b3e69c183440b477451eda02509c0429ff61fecc40570ed17542c4061c8c9e5aee7dec9580ec8e27ed7a4173f88e124aa218778fe9c2b2fc0d05af46a78bac75ddf4384ddc8fbc918d01dc9bef38bcdcc262f148504387363258e06181a4eb3fa0bd8618c3be32dc6e4eb7ed63ec73f5968e49abde2dd355bd693ce5491ed8578923de3f94607523fda9f260086517a0b204c78afcfe34c346bc7170dedfa62e3cbc9ed786a8a0ca322060f24fb9688421fee8d6db8984bc60247cea00ca85a3ec6b9d071f2adffa8f58ca5f24d01a1553b7a5f451d52124d4c2280d1773931c1f6602c60157ae90b311839b9d4d731334d7fb29ac969baf498c172abafb4d1301b2bbbc7a970309c26f7541d511d3fe98ae5be8fa21313230a231b0fa7ac036be6496e0b6480c618199e7900163149898c768b0ff15d754f4c1c4919efd2dfcb106ba81f87f9103ddd586ea66e65290fc3d2f04882f0b885af2d0c2cf00fe17cfbae899b56a5f72349c7fdc750ad66f3037b7417cb121ffa43451e10dd26b1a6a7eb17900235fd0639dde597b73ed7cef87ab019de17607700dcbf9890644e58758b8940bd1fb1ce51a1d0ddacd6c33edd8d5922fcb2dc94b57adcb73c4a7a3ee8df07700926a608904610489ec6e6300b6c9afc3fbf99229b8085022e2cdf437cc9db08e6f288094994ac9f5b38a3066017160f3e9a811a55352adffda050263574aab1ddcf3891a3697777025b7d29850523c9d1bd52c325bb91f323cb3745748525a97e4065ccd4cc007bd34b3f4cc1718459297d1814e3e3a9e94519069c3ea97d24f85d8d8e0752e311e6a115b2bf3a9f1a04cb105503dec1874c41c0576995563453da750a734f5215ed42afd78cd8628f0c33cd4b4f9a29c681464c4ed1dcc372d0ad80f79e5a8496f1f1c0d32e20e9b3cb3206cd613e385e427e9cb7027d48790597303084ca9ba3145e3064878a008d893082e74c67b9eb2c60c0df074f0995061a79c18024411b7e7ba3d323739cea5d4e728cac5eaaa236243f887dff65e0f381ff73b1b1811b53a827ff8fe5799aec2336e3c060929a89be2c7ed05d8f80893b4db320646a166675e26004b2e2535a29954ae96209841f5c9a33d365771677d166484fdbaddef4d52072bfc3da430b808da1ff65ad87b5151d35acede1a9c40278492d2dad7eb0865c541bf144469ea352265f7a0e92d6b7d120de7b02489a3557375c67ec22948c3b4b4d1825085766fd8f3d8e5ef9c1e0ae9620fae3d71fc25be6e9b89a4007cadfc8b55cecc4d045fccd03d7746469d1cce14ed63061acdb7fe425cfd4a6b37b8e608a02c5db79be2cdf6d90f78bb305db2c03012557337053dcaf4a2f0a888363d44a8b56d4a72614bd069e351e4220124bce3b13af205a44bc5a81f651e11de327f32e0933f86408f040715a118f9200ad7b193626ba9df18885a13e4f614cecf9fc39707c4365cff32dfd1b9650e0b4db4f1c32eb89f0223580f9baa84b058ca5a07e51b6d610f3f1d8c4dddbfbc4189d4c9accb1458389d7469bf4f8b0681b8d4cc2ed1044551cdd8e57fd9b1f00ac81d8c6a32215c744f58fd6f100ee43e166260244d3f5ed088ce2fe5b1ffddbc1afd072c19348bd33d24b3e0a3244f12d7017a5540d4427d74fca93a1ef590e670e723281d5226dd3f42ff6f95b157f848c1bdde0453ccd3073c2f75720e873d2e805e04719a5eec8902ebfb6d4ce62ed68046590219b00cba366c900b050d4c235a10e0e3782282da3179b2537001303407ca7feded12727b5ea92d038d08dc4f5a53ba71edb38948dcadc246e7fbff688378ba6bf674d753df04f9c6ab0321bf44905ce8696bd2750276f088a11f4c3d84edbf69029fc8cde942babe0cc7a8dfa95166f5548d584b5b359d0218423c3a882b635a8d47c775a37e9267eb6dcd6fbdacc53765b82083d31e86e54010170b144bb19fd4bab023e67995b006d8887c4dbad28cca56c35486890dd5fe51e5e8173aab5cd13d66f3337e8b5bf476236da6df95f180fcc61046d68026265a562830fc67910787484337e2e89d012f6a063072e168a8a93f49cdbaf29fbad23cf10002ae89e80a36df61e8db978c57cf90e52e84caff3f6e7b56bf119088b209d87929dd2de8d7ef5218a8bff9f08dcf44216bd19abba411b4d85cf3993a45eee5ef86b1720ccf808022eb267e7744aebf9995ce2da3fbb1a24882f5a14ee1406567fafda75acab7a3dee5c8d5aba24408213627b26ea7eb8d7508a8d9cfebf928128ae4a57b941c5d5370d7b5fc384d14eb1c8ece046c6050cfb763897cb93d6d3254b4896ec2b85363a5d8ecf44c5dccfcd87a6a3fd7dd0933812419615ea3e28432d53fedda95e0e1d367cd9240dbb9b1c306bfb50adada5df3cd1761762ff739d5b09937d1ca9ff5c5b03216302374b49a2e88ee7cd7a140a6f3f7813f45cd6654c021c678310e79b36cf17c77ec3af82c1be314bb475b93418bffe79f2ed00b3a6e590c7cb36b2490dd06216e23f1fba1462f53c5163152883d7151e8d59102ff6f24668eac4de44dce022077746f44f4f74bd0f958836b1d597264a51a2e06f297e7deb0b5e70fd88efaaf9b059b7647dd75c9dca4e81c913839d6dbd64cd3a02315c4e1224937a30b36e1ac3a547ccdfbd25905ddf90a15b6beb1fba0d08ca5878442dcc03f54c87d0e8c9d7981fd8f3c1df54037bac9542e790c4089e2b9bc417c0907a4c64ced4030e00a3e4d33ea282acd4525f0167fd67f10ce7a64e5141e93067c807d59f05bb9842fe5eca4fe0c165258559ebd7cabf1432e3c38bf653a03439f9fbd1ad657f9d00abc928838e08b778acdb89786886a43625f0374a489ed207bae7ad91e9c7f760a0cd4b0a12cee56d38df941a4b60361789653ed63334eb69b084e143a253fa0bcef0503e36718cda5d87a08d6ec89d45d697471f37de05507d8ba6b46b5e5c93436ff5d8bbc96274c2b0ba6206916acb8737ec45374c64db92fbd90dc8a28c6a520f8b7a43adebad595faa62a3c467bd0922ada2d3f08a1d985ffe531942e035fbb3a665bd32b80f37e08c24a6acbefcc03e17cfb3697e7ade3159f9229d91c5149aa18e16eb024f5951acff5c7101cda3251d71890a4beeaa27860ed35d2b75de3658074e3230066cd5034bc79d772c19c174159887ad80aabb84396689f3da0fa39113ad079da21a9d23f3fefb85873ed40c55e78cd650c6aae8bff531aaa1e1b10c77b633ef8fa550c6ea736fef6a50245a9603a63c0207283bef2d7cd3485ec4aed1bec22ca8d3c49f40732a77fe58a555ac3052e90ffb3512d74c76800c19762a18dd6929b9c636bfbf7469c84f8044239cce4c913dab74f9c84268b85d0a96f200a82c88b64ea8245ce4ddc119b3622f827c9a06d67237a47742d5dbef03fd61ed2780f02fa5cf01d3ea3f9d31e8ec22cfe43b1db35da8de150441966f4687a295a71ff748c9500a6d8cbffb5f39d1c4b3cf73391463eccbdda2ba8bc562fae1ed3ebe9a99be3ad8e17ace6ce582d700b08f92500c1a62219b1ca0675ec439aa67e767dbb0fc5750d720f75e0c683b4f652b6d9817fe7f5c07f6fd0c296c0212aee8845138afd802e627e63e9258201"}, {0x364, 0x18f, 0xfffffffffffffff7, "44b6778cbb16be300069e31afc70bdacb0281e2fc16a4b571f4b0002b13b78128e3a4e7cb85eb74bd8b6df0acb5fc50c062b7bf60d4a173c8a9877bca691ccb4e366ba3a9ca1d3f9f4538888031b2397d25458396394b2febc6b0ded9900a13a065f3f964646e12b5034fd01bb2864b0c99cb2ce17dab4c837d2246c2d0a1dec4de8956afe074181ad4b66f1d2da732cce9e20beb9a44a26dd310091a5d5eb55c1851bb10927"}], 0x1458}, 0x0) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x4030582a, &(0x7f0000000080)=0x1) 00:53:56 executing program 4: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000280)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000480)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) read$FUSE(r0, &(0x7f0000003000), 0x4ea) write$FUSE_INIT(r0, &(0x7f0000000600)={0x50, 0x0, 0x0, {0x7, 0x1c, 0x0, 0x0, 0x7ff}}, 0x50) 00:53:56 executing program 2: r0 = add_key$user(&(0x7f0000000040)='user\x00', &(0x7f0000000000)={'syz'}, &(0x7f0000000380)='X', 0x1, 0xfffffffffffffffe) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getsockopt$IP_VS_SO_GET_VERSION(0xffffffffffffffff, 0x0, 0x480, 0x0, 0x0) keyctl$update(0x2, r0, &(0x7f0000000440)="c0ca1cdbaa1aedbbed80dddaa28e15b9449e2e82cca4244c40ffd0fd4e6631c7d3d86e1339de17344340b02dd527f2d8b3ae6c1db3594e657da33c3ec668f143974a65753472df5319a6b83e1e86b8f2666c61a2e700d1c1e0ae1fc52494bd4885a5c64e9007d39fa11313805290dd6342f9775f01a02ec88f6bee22f25a377a9b143abba1264586d2779088006d5f9be82b00f10287031623f73470264cc5897f18f357aad6deb3883da88ae2266664933785a3ce72bb224a441437ea93c21782d4501b9dfbf48a9f3ea14cb792a7876f17297a8c870d7a2d46a36a2cd3e33e21894d91caa64b131dbf5c53066c1ac83ceba29ceab25127e8", 0xf9) r1 = syz_open_dev$swradio(&(0x7f00000000c0)='/dev/swradio#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f0000000340)={0x0, 0x9, 0x1, {0xb, @pix={0x0, 0x1f}}}) mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xfffffffffffffffd, 0x11, r1, 0x0) clone(0x0, &(0x7f0000000080), &(0x7f0000000000), &(0x7f0000915ffc), &(0x7f0000000180)) ioctl$ASHMEM_GET_SIZE(0xffffffffffffffff, 0x7704, 0x0) add_key$user(&(0x7f0000000240)='user\x00', &(0x7f0000000540)={'syz'}, &(0x7f0000000600)="63bbdf5b932bb04481028798fd5fb1bf7183b30984e21c3eb3094d70650ee8624e2bdce1427bd61c8e222dbd67d402b7ccaf0c5dc50030ee14d419fa9c84b0ffd1019f1b2ae022a0f182301f9942566e6f61eabe384c732d0813a18bb3dc9f3a678d9d44e6293e786ab2e6d28f236c138d63fe4f6ece6f3d04", 0x79, 0xfffffffffffffffd) openat$autofs(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/autofs\x00', 0x401, 0x0) ioctl$sock_SIOCGPGRP(0xffffffffffffffff, 0x8904, 0x0) 00:53:56 executing program 5: r0 = add_key$user(&(0x7f0000000040)='user\x00', &(0x7f0000000000)={'syz'}, &(0x7f0000000380)='X', 0x1, 0xfffffffffffffffe) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getsockopt$IP_VS_SO_GET_VERSION(0xffffffffffffffff, 0x0, 0x480, 0x0, 0x0) keyctl$update(0x2, r0, &(0x7f0000000440)="c0ca1cdbaa1aedbbed80dddaa28e15b9449e2e82cca4244c40ffd0fd4e6631c7d3d86e1339de17344340b02dd527f2d8b3ae6c1db3594e657da33c3ec668f143974a65753472df5319a6b83e1e86b8f2666c61a2e700d1c1e0ae1fc52494bd4885a5c64e9007d39fa11313805290dd6342f9775f01a02ec88f6bee22f25a377a9b143abba1264586d2779088006d5f9be82b00f10287031623f73470264cc5897f18f357aad6deb3883da88ae2266664933785a3ce72bb224a441437ea93c21782d4501b9dfbf48a9f3ea14cb792a7876f17297a8c870d7a2d46a36a2cd3e33e21894d91caa64b131dbf5c53066c1ac83ceba29ceab25127e8", 0xf9) r1 = syz_open_dev$swradio(&(0x7f00000000c0)='/dev/swradio#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f0000000340)={0x0, 0x9, 0x1, {0xb, @pix={0x0, 0x1f}}}) mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xfffffffffffffffd, 0x11, r1, 0x0) clone(0x0, &(0x7f0000000080), &(0x7f0000000000), &(0x7f0000915ffc), &(0x7f0000000180)) ioctl$ASHMEM_GET_SIZE(0xffffffffffffffff, 0x7704, 0x0) add_key$user(&(0x7f0000000240)='user\x00', &(0x7f0000000540)={'syz'}, &(0x7f0000000600)="63bbdf5b932bb04481028798fd5fb1bf7183b30984e21c3eb3094d70650ee8624e2bdce1427bd61c8e222dbd67d402b7ccaf0c5dc50030ee14d419fa9c84b0ffd1019f1b2ae022a0f182301f9942566e6f61eabe384c732d0813a18bb3dc9f3a678d9d44e6293e786ab2e6d28f236c138d63fe4f6ece6f3d04", 0x79, 0xfffffffffffffffd) openat$autofs(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/autofs\x00', 0x401, 0x0) ioctl$sock_SIOCGPGRP(0xffffffffffffffff, 0x8904, 0x0) 00:53:56 executing program 1 (fault-call:3 fault-nth:0): r0 = add_key$user(0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe) keyctl$update(0x2, r0, &(0x7f0000000440), 0x0) r1 = syz_open_dev$swradio(&(0x7f00000000c0)='/dev/swradio#\x00', 0xffffffffffffffff, 0x2) mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xfffffffffffffffd, 0x11, r1, 0x0) 00:53:56 executing program 3: r0 = syz_open_dev$mice(0x0, 0x0, 0x0) r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000400)="2f6a7374617400c65381b47aaedf2af5c8af3423fc41891bd2a3c56d8c88e29bad43f1da906e855ff182de04227edcbbc2b1df8f180e158e8abd442cc049cffda030ff277875ee010000000000000000000000000000000000000000000000f532144d1671a6cdf5069e5bddcf25cd7f23956b4a82df900f5eb5763b4fe8cc7172962d2590b2dca2a1308c382541b053194d9027d83ee7ba2e3280857f8f9f63fc90bae959c6e67078bf97e615bfd9409914958aadcfb37973543c60d83526e5c267f7dfa54bd524cc9671dedd665199322bdadee125a35b40b7be0c07301f439a7edfa26fa98277c8078b02e2076291c33787c58b0eabbc39288fc10509409de108f5ca26a8c8e1afb70b2a9569cf8f4cdb6d4e97eb7fdf241dee160e6071618333cc0b0e8bc6a17a0b7d604550fd149ad078ffe54c6392fba29015a3ae73774cd12c9c0ed251a7cf843d712d", 0x2761, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)=ANY=[], &(0x7f00000001c0)='GPL\x00'}, 0x48) openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x2761, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x4030582a, &(0x7f0000000140)) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000840), 0x0, &(0x7f0000000700)}, 0x0) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r1, 0x4030582a, &(0x7f0000000000)) 00:53:56 executing program 4: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000280)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000480)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) read$FUSE(r0, &(0x7f0000003000), 0x4ea) write$FUSE_INIT(r0, &(0x7f0000000600)={0x50, 0x0, 0x2}, 0x50) [ 701.473933] FAULT_INJECTION: forcing a failure. [ 701.473933] name failslab, interval 1, probability 0, space 0, times 0 [ 701.538313] CPU: 0 PID: 20080 Comm: syz-executor1 Not tainted 4.20.0-rc1-next-20181109+ #110 [ 701.546964] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 701.556328] Call Trace: [ 701.558933] dump_stack+0x244/0x39d [ 701.562588] ? dump_stack_print_info.cold.1+0x20/0x20 [ 701.567818] should_fail.cold.4+0xa/0x17 [ 701.571901] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 701.577017] ? print_usage_bug+0xc0/0xc0 [ 701.581099] ? mark_held_locks+0x130/0x130 [ 701.585345] ? graph_lock+0x270/0x270 [ 701.589167] ? find_held_lock+0x36/0x1c0 [ 701.593245] ? __lock_is_held+0xb5/0x140 [ 701.597338] ? perf_trace_sched_process_exec+0x860/0x860 [ 701.602796] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 701.608342] ? check_preemption_disabled+0x48/0x280 [ 701.613366] ? graph_lock+0x270/0x270 [ 701.617184] __should_failslab+0x124/0x180 [ 701.621434] should_failslab+0x9/0x14 [ 701.625248] kmem_cache_alloc+0x2be/0x730 [ 701.629411] ? __lock_acquire+0x62f/0x4c20 [ 701.633670] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 701.639213] ? may_expand_vm+0x1e3/0x810 [ 701.643363] vm_area_dup+0x7a/0x230 [ 701.647001] ? vm_area_alloc+0x1d0/0x1d0 [ 701.651097] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 701.656661] __split_vma+0xae/0x570 [ 701.660304] ? find_vma+0x34/0x190 [ 701.663863] __do_munmap+0x314/0xf80 [ 701.667597] ? check_preemption_disabled+0x48/0x280 [ 701.672635] mmap_region+0x6a7/0x1cd0 [ 701.676468] ? __x64_sys_brk+0x8b0/0x8b0 [ 701.680540] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 701.685830] ? rcu_read_unlock_special+0x370/0x370 [ 701.690858] ? mpx_unmapped_area_check+0xd8/0x108 [ 701.695747] ? arch_get_unmapped_area_topdown+0xc2/0x940 [ 701.701211] ? refcount_dec_if_one+0x180/0x180 [ 701.705821] ? arch_get_unmapped_area+0x750/0x750 [ 701.710689] ? lock_acquire+0x1ed/0x520 [ 701.714692] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 701.719732] ? cap_mmap_addr+0x52/0x130 [ 701.723731] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 701.729284] ? security_mmap_addr+0x80/0xa0 [ 701.733627] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 701.739185] ? get_unmapped_area+0x292/0x3b0 [ 701.743611] do_mmap+0xa22/0x1230 [ 701.747090] ? mmap_region+0x1cd0/0x1cd0 [ 701.751252] ? vm_mmap_pgoff+0x1b5/0x2c0 [ 701.755331] ? down_read_killable+0x150/0x150 [ 701.759843] ? security_mmap_file+0x174/0x1b0 [ 701.764355] vm_mmap_pgoff+0x213/0x2c0 [ 701.768265] ? vma_is_stack_for_current+0xd0/0xd0 [ 701.773123] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 701.778678] ? check_preemption_disabled+0x48/0x280 [ 701.783749] ksys_mmap_pgoff+0x4da/0x660 [ 701.787816] ? do_syscall_64+0x9a/0x820 [ 701.791806] ? find_mergeable_anon_vma+0xd0/0xd0 [ 701.796570] ? trace_hardirqs_on+0xbd/0x310 [ 701.800900] ? __ia32_sys_read+0xb0/0xb0 [ 701.804972] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 701.810347] ? trace_hardirqs_off_caller+0x300/0x300 [ 701.815464] __x64_sys_mmap+0xe9/0x1b0 [ 701.819362] do_syscall_64+0x1b9/0x820 [ 701.823259] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 701.828635] ? syscall_return_slowpath+0x5e0/0x5e0 [ 701.833578] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 701.838435] ? trace_hardirqs_on_caller+0x310/0x310 [ 701.843467] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 701.848489] ? prepare_exit_to_usermode+0x291/0x3b0 [ 701.853519] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 701.858383] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 701.863575] RIP: 0033:0x457569 [ 701.867082] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 701.885988] RSP: 002b:00007fa93c568c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 701.893718] RAX: ffffffffffffffda RBX: 00007fa93c568c90 RCX: 0000000000457569 [ 701.900994] RDX: fffffffffffffffd RSI: 0000000000002000 RDI: 0000000020ffe000 [ 701.908270] RBP: 000000000072bf00 R08: 0000000000000003 R09: 0000000000000000 [ 701.915545] R10: 0000000000000011 R11: 0000000000000246 R12: 00007fa93c5696d4 [ 701.922819] R13: 00000000004c2b5d R14: 00000000004d4828 R15: 0000000000000004 00:53:56 executing program 5 (fault-call:3 fault-nth:0): add_key$user(&(0x7f0000000040)='user\x00', 0x0, &(0x7f0000000380), 0x0, 0xfffffffffffffffe) keyctl$update(0x2, 0x0, 0x0, 0x0) r0 = syz_open_dev$swradio(&(0x7f00000000c0)='/dev/swradio#\x00', 0xffffffffffffffff, 0x2) mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xfffffffffffffffd, 0x11, r0, 0x0) ioctl$ASHMEM_GET_SIZE(0xffffffffffffffff, 0x7704, 0x0) [ 702.098230] syz-executor0 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=1000 [ 702.121897] syz-executor0 cpuset=syz0 mems_allowed=0 [ 702.127128] FAULT_INJECTION: forcing a failure. [ 702.127128] name failslab, interval 1, probability 0, space 0, times 0 [ 702.166272] CPU: 1 PID: 20062 Comm: syz-executor0 Not tainted 4.20.0-rc1-next-20181109+ #110 [ 702.174904] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 702.184266] Call Trace: [ 702.186867] dump_stack+0x244/0x39d [ 702.190511] ? dump_stack_print_info.cold.1+0x20/0x20 [ 702.195725] ? mark_held_locks+0x130/0x130 [ 702.199984] dump_header+0x27b/0xf72 [ 702.203718] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 702.209270] ? pagefault_out_of_memory+0x197/0x197 [ 702.214209] ? debug_smp_processor_id+0x1c/0x20 [ 702.218893] ? perf_trace_lock_acquire+0x15b/0x800 [ 702.223836] ? perf_trace_lock+0x7a0/0x7a0 [ 702.228091] ? graph_lock+0x270/0x270 [ 702.231903] ? print_usage_bug+0xc0/0xc0 [ 702.235983] ? find_held_lock+0x36/0x1c0 [ 702.240072] ? mark_held_locks+0xc7/0x130 [ 702.244236] ? _raw_spin_unlock_irqrestore+0x82/0xd0 [ 702.249348] ? _raw_spin_unlock_irqrestore+0x82/0xd0 [ 702.254457] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 702.259042] ? trace_hardirqs_on+0xbd/0x310 [ 702.263365] ? kasan_check_read+0x11/0x20 [ 702.267515] ? ___ratelimit+0x3b4/0x672 [ 702.271492] ? trace_hardirqs_off_caller+0x300/0x300 [ 702.276616] ? trace_hardirqs_on+0x310/0x310 [ 702.281033] ? lock_downgrade+0x900/0x900 [ 702.285202] ? _raw_spin_unlock_irqrestore+0x6d/0xd0 [ 702.290332] ? ___ratelimit+0x3b9/0x672 [ 702.294313] ? idr_get_free+0xf70/0xf70 [ 702.298304] oom_kill_process.cold.27+0x10/0x903 [ 702.303074] ? _raw_spin_unlock_irq+0x56/0x80 [ 702.307576] ? oom_evaluate_task+0x540/0x540 [ 702.311998] ? cgroup_procs_next+0x70/0x70 [ 702.316235] ? _raw_spin_unlock_irq+0x56/0x80 [ 702.320733] ? _raw_spin_unlock_irq+0x60/0x80 [ 702.325231] ? oom_badness+0xaa0/0xaa0 [ 702.329126] ? mem_cgroup_scan_tasks+0x1c3/0x1e0 [ 702.333906] ? mem_cgroup_iter_break+0x30/0x30 [ 702.338505] ? mark_held_locks+0xc7/0x130 [ 702.342653] out_of_memory+0xa7f/0x1430 [ 702.346636] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 702.351243] ? kasan_check_read+0x11/0x20 [ 702.355399] ? oom_killer_disable+0x3a0/0x3a0 [ 702.359921] mem_cgroup_out_of_memory+0x15e/0x210 [ 702.364766] ? memory_oom_group_write+0x160/0x160 [ 702.369614] ? mem_cgroup_try_charge+0x627/0xe20 [ 702.374379] ? page_counter_try_charge+0x1c1/0x220 [ 702.379319] try_charge+0xdcd/0x1720 [ 702.383147] ? kasan_check_read+0x11/0x20 [ 702.387312] ? mem_cgroup_from_task+0x1f0/0x1f0 [ 702.392009] ? get_mem_cgroup_from_mm.part.62+0x221/0x880 [ 702.397568] ? lock_page_memcg+0x350/0x350 [ 702.401825] ? retint_kernel+0x2d/0x2d [ 702.405726] ? lock_acquire+0x1ed/0x520 [ 702.409722] ? mem_cgroup_oom_control_write+0x100/0x100 [ 702.415095] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 702.420640] ? check_preemption_disabled+0x48/0x280 [ 702.425672] ? kasan_check_read+0x11/0x20 [ 702.429823] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 702.435102] ? rcu_softirq_qs+0x20/0x20 [ 702.435135] mem_cgroup_try_charge+0x627/0xe20 [ 702.435156] ? mark_held_locks+0xc7/0x130 [ 702.435176] ? mem_cgroup_protected+0xa60/0xa60 [ 702.452514] ? retint_kernel+0x2d/0x2d [ 702.456417] ? trace_hardirqs_on_caller+0xc0/0x310 [ 702.461363] ? perf_trace_lock_acquire+0x15b/0x800 [ 702.466303] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 702.471071] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 702.476565] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 702.481352] ? retint_kernel+0x2d/0x2d [ 702.485264] mem_cgroup_try_charge_delay+0x1d/0xa0 [ 702.490216] wp_page_copy+0x51d/0x24f0 [ 702.494109] ? mark_held_locks+0xc7/0x130 [ 702.498266] ? _raw_spin_unlock_irq+0x27/0x80 [ 702.502800] ? follow_pfn+0x2e0/0x2e0 [ 702.506628] ? trace_hardirqs_off_caller+0x300/0x300 [ 702.511829] ? compat_start_thread+0x80/0x80 [ 702.516245] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 702.521792] ? _raw_spin_unlock_irq+0x60/0x80 [ 702.526292] ? finish_task_switch+0x1f4/0x920 [ 702.530791] ? finish_task_switch+0x1b4/0x920 [ 702.535302] ? __switch_to_asm+0x34/0x70 [ 702.539378] ? preempt_notifier_register+0x200/0x200 [ 702.544484] ? __switch_to_asm+0x34/0x70 [ 702.548557] ? __switch_to_asm+0x34/0x70 [ 702.552632] ? __switch_to_asm+0x40/0x70 [ 702.556693] ? __switch_to_asm+0x34/0x70 [ 702.560758] ? __switch_to_asm+0x40/0x70 [ 702.564820] ? __switch_to_asm+0x34/0x70 [ 702.568891] ? __switch_to_asm+0x40/0x70 [ 702.572971] ? __switch_to_asm+0x34/0x70 [ 702.577034] ? __switch_to_asm+0x34/0x70 [ 702.581099] ? __switch_to_asm+0x40/0x70 [ 702.585164] ? __switch_to_asm+0x34/0x70 [ 702.589225] ? __switch_to_asm+0x40/0x70 [ 702.593289] ? __switch_to_asm+0x34/0x70 [ 702.597348] ? __switch_to_asm+0x40/0x70 [ 702.601417] ? __schedule+0x8d7/0x21d0 [ 702.605313] ? __sched_text_start+0x8/0x8 [ 702.609475] ? find_held_lock+0x36/0x1c0 [ 702.613560] ? do_wp_page+0x518/0x2920 [ 702.617474] ? wake_up_page_bit+0x6f0/0x6f0 [ 702.621798] ? preempt_schedule+0x4d/0x60 [ 702.625955] ? preempt_schedule_common+0x1f/0xe0 [ 702.630717] ? preempt_schedule+0x4d/0x60 [ 702.634887] ? ___preempt_schedule+0x16/0x18 [ 702.639310] do_wp_page+0x520/0x2920 [ 702.643027] ? check_preemption_disabled+0x48/0x280 [ 702.648041] ? print_usage_bug+0xc0/0xc0 [ 702.652112] ? finish_mkwrite_fault+0x650/0x650 [ 702.656786] ? print_usage_bug+0xc0/0xc0 [ 702.660858] ? perf_trace_lock+0x7a0/0x7a0 [ 702.665235] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 702.670780] ? __lock_acquire+0x62f/0x4c20 [ 702.675025] ? mark_held_locks+0xc7/0x130 [ 702.679191] ? mark_held_locks+0x130/0x130 [ 702.683436] ? follow_page_pte+0xdd7/0x1ab0 [ 702.687764] ? lock_downgrade+0x900/0x900 [ 702.691924] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 702.698080] ? check_preemption_disabled+0x48/0x280 [ 702.703105] ? debug_smp_processor_id+0x1c/0x20 [ 702.707779] ? perf_trace_lock_acquire+0x15b/0x800 [ 702.712716] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 702.718276] ? follow_page_pte+0x4f9/0x1ab0 [ 702.722611] ? print_usage_bug+0xc0/0xc0 [ 702.726685] ? undo_dev_pagemap+0x680/0x680 [ 702.731017] ? retint_kernel+0x2d/0x2d [ 702.734911] ? __lock_acquire+0x62f/0x4c20 [ 702.739157] ? lock_acquire+0x1ed/0x520 [ 702.743147] ? __handle_mm_fault+0x1fa9/0x5be0 [ 702.747745] ? kasan_check_write+0x14/0x20 [ 702.751978] ? do_raw_spin_lock+0x14f/0x350 [ 702.756304] ? rwlock_bug.part.2+0x90/0x90 [ 702.760556] __handle_mm_fault+0x3be9/0x5be0 [ 702.764982] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 702.769832] ? perf_trace_lock+0x7a0/0x7a0 [ 702.774068] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 702.779600] ? pmd_huge+0xf4/0x140 [ 702.783161] ? graph_lock+0x270/0x270 [ 702.786961] ? graph_lock+0x270/0x270 [ 702.790771] ? find_held_lock+0x36/0x1c0 [ 702.794841] ? handle_mm_fault+0x42a/0xc70 [ 702.799075] ? lock_downgrade+0x900/0x900 [ 702.803226] ? check_preemption_disabled+0x48/0x280 [ 702.808260] ? kasan_check_read+0x11/0x20 [ 702.812429] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 702.817709] ? rcu_read_unlock_special+0x370/0x370 [ 702.822646] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 702.828182] ? check_preemption_disabled+0x48/0x280 [ 702.833297] handle_mm_fault+0x54f/0xc70 [ 702.837361] ? __handle_mm_fault+0x5be0/0x5be0 [ 702.841946] ? __get_user_pages+0x537/0x1ed0 [ 702.846356] ? __get_user_pages+0x250/0x1ed0 [ 702.850770] __get_user_pages+0xa3d/0x1ed0 [ 702.855020] ? follow_page_mask+0x2160/0x2160 [ 702.859517] ? mark_held_locks+0xc7/0x130 [ 702.864160] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 702.868942] ? mark_held_locks+0xc7/0x130 [ 702.873094] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 702.877859] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 702.882460] ? retint_kernel+0x2d/0x2d [ 702.886356] ? trace_hardirqs_on_caller+0xc0/0x310 [ 702.891287] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 702.896047] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 702.901502] ? lock_release+0xa10/0xa10 [ 702.905482] ? perf_trace_sched_process_exec+0x860/0x860 [ 702.910943] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 702.915709] populate_vma_page_range+0x2db/0x3d0 [ 702.920474] ? follow_page+0x420/0x420 [ 702.924369] ? __mm_populate+0x1b8/0x4d0 [ 702.928439] __mm_populate+0x286/0x4d0 [ 702.932339] ? populate_vma_page_range+0x3d0/0x3d0 [ 702.937276] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 702.942819] ? ns_capable_common+0x13f/0x170 [ 702.947235] __x64_sys_mlockall+0x45b/0x630 [ 702.951647] ? __ia32_sys_munlock+0x160/0x160 [ 702.956157] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 702.961702] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 702.967070] ? trace_hardirqs_off_caller+0x300/0x300 [ 702.972300] ? do_syscall_64+0x142/0x820 [ 702.976372] do_syscall_64+0x1b9/0x820 [ 702.980264] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 702.985629] ? syscall_return_slowpath+0x5e0/0x5e0 [ 702.990567] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 702.995416] ? trace_hardirqs_on_caller+0x310/0x310 [ 703.000439] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 703.005459] ? prepare_exit_to_usermode+0x291/0x3b0 [ 703.010484] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 703.015354] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 703.020540] RIP: 0033:0x457569 [ 703.023745] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 703.042647] RSP: 002b:00007f835d885c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097 [ 703.050354] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 0000000000457569 [ 703.057627] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 703.064892] RBP: 000000000072bfa0 R08: 0000000000000000 R09: 0000000000000000 [ 703.072160] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f835d8866d4 [ 703.079425] R13: 00000000004c2b54 R14: 00000000004d4810 R15: 00000000ffffffff [ 703.086725] CPU: 0 PID: 20090 Comm: syz-executor5 Not tainted 4.20.0-rc1-next-20181109+ #110 [ 703.091297] Task in /syz0 killed as a result of limit of /syz0 [ 703.095314] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 703.095321] Call Trace: [ 703.095345] dump_stack+0x244/0x39d [ 703.095369] ? dump_stack_print_info.cold.1+0x20/0x20 [ 703.095398] should_fail.cold.4+0xa/0x17 [ 703.101516] memory: usage 307192kB, limit 307200kB, failcnt 1345 [ 703.110702] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 703.110723] ? print_usage_bug+0xc0/0xc0 [ 703.110750] ? mark_held_locks+0x130/0x130 [ 703.110768] ? graph_lock+0x270/0x270 [ 703.113465] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 703.116962] ? find_held_lock+0x36/0x1c0 [ 703.116987] ? __lock_is_held+0xb5/0x140 [ 703.117020] ? perf_trace_sched_process_exec+0x860/0x860 [ 703.122351] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 703.126238] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 703.126257] ? check_preemption_disabled+0x48/0x280 [ 703.126275] ? graph_lock+0x270/0x270 [ 703.126301] __should_failslab+0x124/0x180 [ 703.132623] Memory cgroup stats for /syz0: cache:144KB rss:296620KB rss_huge:266240KB shmem:28KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:54804KB active_anon:12984KB inactive_file:0KB active_file:0KB unevictable:229028KB [ 703.137531] should_failslab+0x9/0x14 [ 703.137556] kmem_cache_alloc+0x2be/0x730 [ 703.137573] ? __lock_acquire+0x62f/0x4c20 [ 703.137587] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 703.141824] Memory cgroup out of memory: Kill process 20042 (syz-executor0) score 1219 or sacrifice child [ 703.145858] ? may_expand_vm+0x1e3/0x810 [ 703.145881] vm_area_dup+0x7a/0x230 [ 703.145896] ? vm_area_alloc+0x1d0/0x1d0 [ 703.145936] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 703.150229] Killed process 20068 (syz-executor0) total-vm:70468kB, anon-rss:18068kB, file-rss:32768kB, shmem-rss:0kB [ 703.156457] __split_vma+0xae/0x570 [ 703.156475] ? find_vma+0x34/0x190 [ 703.156496] __do_munmap+0x314/0xf80 [ 703.156517] ? check_preemption_disabled+0x48/0x280 [ 703.156550] mmap_region+0x6a7/0x1cd0 [ 703.156580] ? __x64_sys_brk+0x8b0/0x8b0 [ 703.156599] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 703.156618] ? rcu_read_unlock_special+0x370/0x370 [ 703.156660] ? mpx_unmapped_area_check+0xd8/0x108 [ 703.156684] ? arch_get_unmapped_area_topdown+0xc2/0x940 [ 703.156699] ? refcount_dec_if_one+0x180/0x180 [ 703.156720] ? arch_get_unmapped_area+0x750/0x750 [ 703.325282] ? lock_acquire+0x1ed/0x520 [ 703.329274] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 703.334295] ? cap_mmap_addr+0x52/0x130 [ 703.338276] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 703.343824] ? security_mmap_addr+0x80/0xa0 [ 703.348152] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 703.353695] ? get_unmapped_area+0x292/0x3b0 [ 703.358108] do_mmap+0xa22/0x1230 [ 703.361594] ? mmap_region+0x1cd0/0x1cd0 [ 703.365661] ? vm_mmap_pgoff+0x1b5/0x2c0 [ 703.369733] ? down_read_killable+0x150/0x150 [ 703.374233] ? security_mmap_file+0x174/0x1b0 [ 703.378742] vm_mmap_pgoff+0x213/0x2c0 [ 703.382649] ? vma_is_stack_for_current+0xd0/0xd0 [ 703.387501] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 703.393053] ? check_preemption_disabled+0x48/0x280 [ 703.398096] ksys_mmap_pgoff+0x4da/0x660 [ 703.402166] ? do_syscall_64+0x9a/0x820 [ 703.406156] ? find_mergeable_anon_vma+0xd0/0xd0 [ 703.410930] ? trace_hardirqs_on+0xbd/0x310 [ 703.415255] ? __ia32_sys_read+0xb0/0xb0 [ 703.419326] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 703.424700] ? trace_hardirqs_off_caller+0x300/0x300 [ 703.429818] __x64_sys_mmap+0xe9/0x1b0 [ 703.433718] do_syscall_64+0x1b9/0x820 [ 703.437627] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 703.443200] ? syscall_return_slowpath+0x5e0/0x5e0 [ 703.448135] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 703.452986] ? trace_hardirqs_on_caller+0x310/0x310 [ 703.458010] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 703.463035] ? prepare_exit_to_usermode+0x291/0x3b0 [ 703.468064] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 703.472926] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 703.478121] RIP: 0033:0x457569 [ 703.481325] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 703.500242] RSP: 002b:00007f39ecc3dc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 703.507955] RAX: ffffffffffffffda RBX: 00007f39ecc3dc90 RCX: 0000000000457569 [ 703.515225] RDX: fffffffffffffffd RSI: 0000000000002000 RDI: 0000000020ffe000 [ 703.522503] RBP: 000000000072bf00 R08: 0000000000000003 R09: 0000000000000000 [ 703.529786] R10: 0000000000000011 R11: 0000000000000246 R12: 00007f39ecc3e6d4 [ 703.537058] R13: 00000000004c2b5d R14: 00000000004d4828 R15: 0000000000000004 00:53:59 executing program 1 (fault-call:3 fault-nth:1): r0 = add_key$user(0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe) keyctl$update(0x2, r0, &(0x7f0000000440), 0x0) r1 = syz_open_dev$swradio(&(0x7f00000000c0)='/dev/swradio#\x00', 0xffffffffffffffff, 0x2) mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xfffffffffffffffd, 0x11, r1, 0x0) 00:53:59 executing program 3: syz_open_dev$mice(0x0, 0x0, 0x0) r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000400)="2f6a7374617400c65381b47aaedf2af5c8af3423fc41891bd2a3c56d8c88e29bad43f1da906e855ff182de04227edcbbc2b1df8f180e158e8abd442cc049cffda030ff277875ee010000000000000000000000000000000000000000000000f532144d1671a6cdf5069e5bddcf25cd7f23956b4a82df900f5eb5763b4fe8cc7172962d2590b2dca2a1308c382541b053194d9027d83ee7ba2e3280857f8f9f63fc90bae959c6e67078bf97e615bfd9409914958aadcfb37973543c60d83526e5c267f7dfa54bd524cc9671dedd665199322bdadee125a35b40b7be0c07301f439a7edfa26fa98277c8078b02e2076291c33787c58b0eabbc39288fc10509409de108f5ca26a8c8e1afb70b2a9569cf8f4cdb6d4e97eb7fdf241dee160e6071618333cc0b0e8bc6a17a0b7d604550fd149ad078ffe54c6392fba29015a3ae73774cd12c9c0ed251a7cf843d712d", 0x2761, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)=ANY=[], &(0x7f00000001c0)='GPL\x00'}, 0x48) r1 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x2761, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r1, 0x4030582a, &(0x7f0000000000)) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000840), 0x0, &(0x7f0000000700)}, 0x0) perf_event_open(&(0x7f0000000180)={0x1, 0x8e, 0x0, 0x0, 0x0, 0x20000, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080), 0x8}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1) ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x4030582a, &(0x7f0000000000)) 00:53:59 executing program 4: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000280)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000480)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) read$FUSE(r0, &(0x7f0000003000), 0x4ea) write$FUSE_INIT(r0, &(0x7f0000000600)={0x50, 0x0, 0x2}, 0x50) 00:53:59 executing program 2: r0 = add_key$user(&(0x7f0000000040)='user\x00', &(0x7f0000000000)={'syz'}, &(0x7f0000000380)='X', 0x1, 0xfffffffffffffffe) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getsockopt$IP_VS_SO_GET_VERSION(0xffffffffffffffff, 0x0, 0x480, 0x0, 0x0) keyctl$update(0x2, r0, &(0x7f0000000440)="c0ca1cdbaa1aedbbed80dddaa28e15b9449e2e82cca4244c40ffd0fd4e6631c7d3d86e1339de17344340b02dd527f2d8b3ae6c1db3594e657da33c3ec668f143974a65753472df5319a6b83e1e86b8f2666c61a2e700d1c1e0ae1fc52494bd4885a5c64e9007d39fa11313805290dd6342f9775f01a02ec88f6bee22f25a377a9b143abba1264586d2779088006d5f9be82b00f10287031623f73470264cc5897f18f357aad6deb3883da88ae2266664933785a3ce72bb224a441437ea93c21782d4501b9dfbf48a9f3ea14cb792a7876f17297a8c870d7a2d46a36a2cd3e33e21894d91caa64b131dbf5c53066c1ac83ceba29ceab25127e8", 0xf9) r1 = syz_open_dev$swradio(&(0x7f00000000c0)='/dev/swradio#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f0000000340)={0x0, 0x9, 0x1, {0xb, @pix={0x0, 0x1f}}}) mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xfffffffffffffffd, 0x11, r1, 0x0) clone(0x0, &(0x7f0000000080), &(0x7f0000000000), &(0x7f0000915ffc), &(0x7f0000000180)) ioctl$ASHMEM_GET_SIZE(0xffffffffffffffff, 0x7704, 0x0) add_key$user(&(0x7f0000000240)='user\x00', &(0x7f0000000540)={'syz'}, &(0x7f0000000600)="63bbdf5b932bb04481028798fd5fb1bf7183b30984e21c3eb3094d70650ee8624e2bdce1427bd61c8e222dbd67d402b7ccaf0c5dc50030ee14d419fa9c84b0ffd1019f1b2ae022a0f182301f9942566e6f61eabe384c732d0813a18bb3dc9f3a678d9d44e6293e786ab2e6d28f236c138d63fe4f6ece6f3d04", 0x79, 0xfffffffffffffffd) openat$autofs(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/autofs\x00', 0x401, 0x0) 00:53:59 executing program 0: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000000)=0x102, 0x4) bind$inet(r0, &(0x7f0000942000)={0x2, 0x4e20, @multicast1}, 0x10) getsockopt$IP_VS_SO_GET_SERVICE(r0, 0x0, 0x483, &(0x7f0000000300), &(0x7f00000000c0)=0xfe18) r1 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000400)='/dev/vga_arbiter\x00', 0x3fc, 0x0) getsockopt$IP6T_SO_GET_REVISION_MATCH(r1, 0x29, 0x44, &(0x7f0000000180)={'NETMAP\x00'}, &(0x7f00000001c0)=0x1e) mlockall(0x1) clone(0x0, 0x0, 0xfffffffffffffffe, &(0x7f0000000080), 0xffffffffffffffff) r2 = open(&(0x7f0000000140)='./file0\x00', 0x0, 0x99) exit(0x7fffffffbffefffd) r3 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mlockall(0x3) ioctl$VHOST_SET_VRING_CALL(r1, 0x4008af21, &(0x7f0000000500)={0x3, r2}) r4 = getpgid(0xffffffffffffffff) setpriority(0x1, r4, 0x5) r5 = getpgrp(0x0) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000280)={0xffffffffffffffff, r1, 0x0, 0xf, &(0x7f0000000240)='wlan0\\}md5sum#\x00'}, 0x30) setpgid(r5, r6) vmsplice(r3, &(0x7f00000008c0)=[{&(0x7f0000000800)="50e005e6815dc6b00b10002c519c66795de0d52fc076f1eb6a9c58cde88a6eef0093b24a178e84740aa6d1618e2033d38d4aea0fb17cda768820a83864ac14405192e4549c3ad33fca5d187507c5a984d6a0c72683e7af2d4a070000000000000005b6d0dce139e4c627395426a1f6fc0b416f7163eb07000000d9e0203181735ccac1e530c361262a0a5e0a98e9ca3d17f2f2f0c116fa9fbdbe757d93e323d17f29", 0xa2}], 0x1, 0xf) ioctl$EVIOCGEFFECTS(r1, 0x80044584, &(0x7f0000000580)=""/190) mq_notify(r1, &(0x7f0000000540)={0x0, 0x1c, 0x7, @thr={&(0x7f0000000440)="4c272be7ad31b92a7819bd4438656080ec27849a76ffa174b3fe114201140a34e5e6cb4d6a3ab9bcdc80a2717dd8542f33caa13b8c9cb9f5d11d4c66dc81779917000c05979ce491010f7259d0ecdb80fb30d6cba6e2b753ac23635fbb3d879cc2982fb4bbe1afcea02f12d11d43e1337c25411ae04bd8efc06636c455e15689c75b95c24f0dbdd30bdf91f2313a3e39b263ff5196302f1880765440d8b1", 0x0}}) accept4$inet(0xffffffffffffffff, &(0x7f00000000c0), &(0x7f0000000100)=0x10, 0x0) setsockopt$sock_int(r0, 0x1, 0x3c, &(0x7f0000d4effc)=0x1, 0x4) remap_file_pages(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x4, 0xa1, 0x40001) connect$inet(r0, &(0x7f00000002c0)={0x2, 0x4e20, @local}, 0x10) ioctl$FS_IOC_FSSETXATTR(r2, 0x401c5820, &(0x7f0000000200)={0x6d, 0x7fff, 0x400, 0x40, 0x4}) sendmmsg(r0, &(0x7f00000010c0)=[{{&(0x7f0000000bc0)=@in6={0xa, 0x100000000000000, 0x0, @mcast1}, 0x80, &(0x7f0000000d40), 0x2fb, &(0x7f0000000d80)}}], 0x4000000000001b4, 0x40400d4) 00:53:59 executing program 5 (fault-call:3 fault-nth:1): add_key$user(&(0x7f0000000040)='user\x00', 0x0, &(0x7f0000000380), 0x0, 0xfffffffffffffffe) keyctl$update(0x2, 0x0, 0x0, 0x0) r0 = syz_open_dev$swradio(&(0x7f00000000c0)='/dev/swradio#\x00', 0xffffffffffffffff, 0x2) mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xfffffffffffffffd, 0x11, r0, 0x0) ioctl$ASHMEM_GET_SIZE(0xffffffffffffffff, 0x7704, 0x0) [ 704.428505] FAULT_INJECTION: forcing a failure. [ 704.428505] name failslab, interval 1, probability 0, space 0, times 0 [ 704.472239] FAULT_INJECTION: forcing a failure. [ 704.472239] name failslab, interval 1, probability 0, space 0, times 0 [ 704.492730] CPU: 0 PID: 20112 Comm: syz-executor5 Not tainted 4.20.0-rc1-next-20181109+ #110 [ 704.501356] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 704.510720] Call Trace: [ 704.513328] dump_stack+0x244/0x39d [ 704.516974] ? dump_stack_print_info.cold.1+0x20/0x20 [ 704.522248] ? is_bpf_text_address+0xd3/0x170 [ 704.526767] should_fail.cold.4+0xa/0x17 [ 704.530848] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 704.535977] ? save_stack+0xa9/0xd0 [ 704.539622] ? save_stack+0x43/0xd0 [ 704.543279] ? kasan_kmalloc+0xc7/0xe0 [ 704.547172] ? kasan_slab_alloc+0x12/0x20 [ 704.551322] ? kmem_cache_alloc+0x12e/0x730 [ 704.555733] ? vm_area_dup+0x7a/0x230 [ 704.559534] ? __split_vma+0xae/0x570 [ 704.563339] ? __do_munmap+0x314/0xf80 [ 704.567227] ? mmap_region+0x6a7/0x1cd0 [ 704.571202] ? do_mmap+0xa22/0x1230 [ 704.574829] ? vm_mmap_pgoff+0x213/0x2c0 [ 704.578892] ? ksys_mmap_pgoff+0x4da/0x660 [ 704.583130] ? __x64_sys_mmap+0xe9/0x1b0 [ 704.587196] ? do_syscall_64+0x1b9/0x820 [ 704.591265] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 704.596638] ? percpu_ref_put_many+0x11c/0x260 [ 704.601230] ? lock_downgrade+0x900/0x900 [ 704.605381] ? check_preemption_disabled+0x48/0x280 [ 704.610410] ? kasan_check_read+0x11/0x20 [ 704.614572] ? graph_lock+0x270/0x270 [ 704.618372] ? rcu_softirq_qs+0x20/0x20 [ 704.622376] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 704.627916] ? check_preemption_disabled+0x48/0x280 [ 704.632975] __should_failslab+0x124/0x180 [ 704.637212] should_failslab+0x9/0x14 [ 704.641013] kmem_cache_alloc+0x47/0x730 [ 704.645086] ? rcu_read_lock_sched_held+0x14f/0x180 [ 704.650131] anon_vma_clone+0x140/0x710 [ 704.654125] ? unlink_anon_vmas+0xa60/0xa60 [ 704.658464] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 704.664021] __split_vma+0x183/0x570 [ 704.667748] ? find_vma+0x34/0x190 [ 704.671296] __do_munmap+0x314/0xf80 [ 704.675023] ? check_preemption_disabled+0x48/0x280 [ 704.680049] mmap_region+0x6a7/0x1cd0 [ 704.683865] ? __x64_sys_brk+0x8b0/0x8b0 [ 704.687927] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 704.693216] ? rcu_read_unlock_special+0x370/0x370 [ 704.698651] ? mpx_unmapped_area_check+0xd8/0x108 [ 704.703516] ? arch_get_unmapped_area_topdown+0xc2/0x940 [ 704.708975] ? refcount_dec_if_one+0x180/0x180 [ 704.713587] ? arch_get_unmapped_area+0x750/0x750 [ 704.718445] ? lock_acquire+0x1ed/0x520 [ 704.722449] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 704.727512] ? cap_mmap_addr+0x52/0x130 [ 704.731492] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 704.737032] ? security_mmap_addr+0x80/0xa0 [ 704.741354] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 704.746892] ? get_unmapped_area+0x292/0x3b0 [ 704.751319] do_mmap+0xa22/0x1230 [ 704.754785] ? mmap_region+0x1cd0/0x1cd0 [ 704.758854] ? vm_mmap_pgoff+0x1b5/0x2c0 [ 704.762916] ? down_read_killable+0x150/0x150 [ 704.767423] ? security_mmap_file+0x174/0x1b0 [ 704.771927] vm_mmap_pgoff+0x213/0x2c0 [ 704.775828] ? vma_is_stack_for_current+0xd0/0xd0 [ 704.780671] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 704.786231] ? check_preemption_disabled+0x48/0x280 [ 704.791265] ksys_mmap_pgoff+0x4da/0x660 [ 704.795335] ? do_syscall_64+0x9a/0x820 [ 704.799317] ? find_mergeable_anon_vma+0xd0/0xd0 [ 704.804178] ? trace_hardirqs_on+0xbd/0x310 [ 704.808502] ? __ia32_sys_read+0xb0/0xb0 [ 704.812565] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 704.817928] ? trace_hardirqs_off_caller+0x300/0x300 [ 704.823039] __x64_sys_mmap+0xe9/0x1b0 [ 704.826930] do_syscall_64+0x1b9/0x820 [ 704.830818] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 704.836200] ? syscall_return_slowpath+0x5e0/0x5e0 [ 704.841124] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 704.845966] ? trace_hardirqs_on_caller+0x310/0x310 [ 704.850982] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 704.856007] ? prepare_exit_to_usermode+0x291/0x3b0 [ 704.861034] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 704.865891] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 704.871082] RIP: 0033:0x457569 [ 704.874280] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 704.893176] RSP: 002b:00007f39ecc3dc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 704.900882] RAX: ffffffffffffffda RBX: 00007f39ecc3dc90 RCX: 0000000000457569 [ 704.908150] RDX: fffffffffffffffd RSI: 0000000000002000 RDI: 0000000020ffe000 [ 704.915430] RBP: 000000000072bf00 R08: 0000000000000003 R09: 0000000000000000 00:53:59 executing program 4: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000280)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000480)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) read$FUSE(r0, &(0x7f0000003000), 0x4ea) write$FUSE_INIT(r0, &(0x7f0000000600)={0x50, 0x0, 0x2}, 0x50) 00:53:59 executing program 3: syz_open_dev$mice(0x0, 0x0, 0x0) r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000400)="2f6a7374617400c65381b47aaedf2af5c8af3423fc41891bd2a3c56d8c88e29bad43f1da906e855ff182de04227edcbbc2b1df8f180e158e8abd442cc049cffda030ff277875ee010000000000000000000000000000000000000000000000f532144d1671a6cdf5069e5bddcf25cd7f23956b4a82df900f5eb5763b4fe8cc7172962d2590b2dca2a1308c382541b053194d9027d83ee7ba2e3280857f8f9f63fc90bae959c6e67078bf97e615bfd9409914958aadcfb37973543c60d83526e5c267f7dfa54bd524cc9671dedd665199322bdadee125a35b40b7be0c07301f439a7edfa26fa98277c8078b02e2076291c33787c58b0eabbc39288fc10509409de108f5ca26a8c8e1afb70b2a9569cf8f4cdb6d4e97eb7fdf241dee160e6071618333cc0b0e8bc6a17a0b7d604550fd149ad078ffe54c6392fba29015a3ae73774cd12c9c0ed251a7cf843d712d", 0x2761, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)=ANY=[], &(0x7f00000001c0)='GPL\x00'}, 0x48) r1 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x2761, 0x0) ioctl$TUNGETFILTER(r0, 0x801054db, &(0x7f0000000080)=""/61) ioctl$PERF_EVENT_IOC_PERIOD(r1, 0x4030582a, &(0x7f0000000000)) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000840), 0x0, &(0x7f0000000700)}, 0x0) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x4030582a, &(0x7f0000000000)) [ 704.922701] R10: 0000000000000011 R11: 0000000000000246 R12: 00007f39ecc3e6d4 [ 704.929965] R13: 00000000004c2b5d R14: 00000000004d4828 R15: 0000000000000004 [ 704.937261] CPU: 1 PID: 20111 Comm: syz-executor1 Not tainted 4.20.0-rc1-next-20181109+ #110 [ 704.945852] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 704.955214] Call Trace: [ 704.957817] dump_stack+0x244/0x39d [ 704.961458] ? dump_stack_print_info.cold.1+0x20/0x20 [ 704.966661] ? is_bpf_text_address+0xd3/0x170 [ 704.971176] should_fail.cold.4+0xa/0x17 [ 704.975263] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 704.980383] ? save_stack+0xa9/0xd0 [ 704.984027] ? save_stack+0x43/0xd0 [ 704.987678] ? kasan_kmalloc+0xc7/0xe0 [ 704.991575] ? kasan_slab_alloc+0x12/0x20 [ 704.995725] ? kmem_cache_alloc+0x12e/0x730 [ 705.000049] ? vm_area_dup+0x7a/0x230 [ 705.003859] ? __split_vma+0xae/0x570 [ 705.007662] ? __do_munmap+0x314/0xf80 [ 705.011551] ? mmap_region+0x6a7/0x1cd0 [ 705.015529] ? do_mmap+0xa22/0x1230 [ 705.019161] ? vm_mmap_pgoff+0x213/0x2c0 [ 705.023228] ? ksys_mmap_pgoff+0x4da/0x660 [ 705.027472] ? __x64_sys_mmap+0xe9/0x1b0 [ 705.031542] ? do_syscall_64+0x1b9/0x820 [ 705.035611] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 705.040994] ? percpu_ref_put_many+0x11c/0x260 [ 705.045583] ? lock_downgrade+0x900/0x900 [ 705.049757] ? check_preemption_disabled+0x48/0x280 [ 705.054887] ? kasan_check_read+0x11/0x20 [ 705.059045] ? graph_lock+0x270/0x270 [ 705.062851] ? rcu_softirq_qs+0x20/0x20 [ 705.066834] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 00:53:59 executing program 5 (fault-call:3 fault-nth:2): add_key$user(&(0x7f0000000040)='user\x00', 0x0, &(0x7f0000000380), 0x0, 0xfffffffffffffffe) keyctl$update(0x2, 0x0, 0x0, 0x0) r0 = syz_open_dev$swradio(&(0x7f00000000c0)='/dev/swradio#\x00', 0xffffffffffffffff, 0x2) mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xfffffffffffffffd, 0x11, r0, 0x0) ioctl$ASHMEM_GET_SIZE(0xffffffffffffffff, 0x7704, 0x0) [ 705.072367] ? check_preemption_disabled+0x48/0x280 [ 705.072402] __should_failslab+0x124/0x180 [ 705.072423] should_failslab+0x9/0x14 [ 705.072437] kmem_cache_alloc+0x47/0x730 [ 705.072458] ? rcu_read_lock_sched_held+0x14f/0x180 [ 705.094559] anon_vma_clone+0x140/0x710 [ 705.098556] ? unlink_anon_vmas+0xa60/0xa60 [ 705.102913] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 705.108464] __split_vma+0x183/0x570 [ 705.108483] ? find_vma+0x34/0x190 [ 705.108504] __do_munmap+0x314/0xf80 [ 705.108526] ? check_preemption_disabled+0x48/0x280 [ 705.108550] mmap_region+0x6a7/0x1cd0 [ 705.115798] ? __x64_sys_brk+0x8b0/0x8b0 [ 705.115815] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 705.115834] ? rcu_read_unlock_special+0x370/0x370 [ 705.115862] ? mpx_unmapped_area_check+0xd8/0x108 [ 705.115885] ? arch_get_unmapped_area_topdown+0xc2/0x940 [ 705.152981] ? refcount_dec_if_one+0x180/0x180 [ 705.157588] ? arch_get_unmapped_area+0x750/0x750 [ 705.162461] ? lock_acquire+0x1ed/0x520 [ 705.163452] FAULT_INJECTION: forcing a failure. [ 705.163452] name failslab, interval 1, probability 0, space 0, times 0 [ 705.166447] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 705.166464] ? cap_mmap_addr+0x52/0x130 [ 705.166482] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 705.166500] ? security_mmap_addr+0x80/0xa0 [ 705.166518] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 705.166544] ? get_unmapped_area+0x292/0x3b0 [ 705.206466] do_mmap+0xa22/0x1230 [ 705.209950] ? mmap_region+0x1cd0/0x1cd0 [ 705.214020] ? vm_mmap_pgoff+0x1b5/0x2c0 [ 705.218092] ? down_read_killable+0x150/0x150 [ 705.222602] ? security_mmap_file+0x174/0x1b0 [ 705.227115] vm_mmap_pgoff+0x213/0x2c0 [ 705.231025] ? vma_is_stack_for_current+0xd0/0xd0 [ 705.235877] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 705.241532] ? check_preemption_disabled+0x48/0x280 [ 705.246587] ksys_mmap_pgoff+0x4da/0x660 [ 705.250655] ? do_syscall_64+0x9a/0x820 [ 705.254644] ? find_mergeable_anon_vma+0xd0/0xd0 [ 705.259410] ? trace_hardirqs_on+0xbd/0x310 [ 705.263738] ? __ia32_sys_read+0xb0/0xb0 [ 705.267823] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 705.273197] ? trace_hardirqs_off_caller+0x300/0x300 [ 705.278315] __x64_sys_mmap+0xe9/0x1b0 [ 705.282219] do_syscall_64+0x1b9/0x820 [ 705.286135] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 705.291511] ? syscall_return_slowpath+0x5e0/0x5e0 [ 705.296452] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 705.301309] ? trace_hardirqs_on_caller+0x310/0x310 [ 705.306335] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 705.311387] ? prepare_exit_to_usermode+0x291/0x3b0 [ 705.316419] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 705.321282] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 705.326474] RIP: 0033:0x457569 [ 705.329674] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 705.348580] RSP: 002b:00007fa93c568c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 705.356396] RAX: ffffffffffffffda RBX: 00007fa93c568c90 RCX: 0000000000457569 [ 705.363674] RDX: fffffffffffffffd RSI: 0000000000002000 RDI: 0000000020ffe000 [ 705.370946] RBP: 000000000072bf00 R08: 0000000000000003 R09: 0000000000000000 [ 705.378221] R10: 0000000000000011 R11: 0000000000000246 R12: 00007fa93c5696d4 [ 705.385489] R13: 00000000004c2b5d R14: 00000000004d4828 R15: 0000000000000004 [ 705.402835] CPU: 1 PID: 20127 Comm: syz-executor5 Not tainted 4.20.0-rc1-next-20181109+ #110 [ 705.411444] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 705.420806] Call Trace: [ 705.423415] dump_stack+0x244/0x39d [ 705.427063] ? dump_stack_print_info.cold.1+0x20/0x20 [ 705.432277] should_fail.cold.4+0xa/0x17 [ 705.436365] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 705.441495] ? save_stack+0xa9/0xd0 [ 705.445132] ? graph_lock+0x270/0x270 [ 705.448953] ? graph_lock+0x270/0x270 [ 705.452763] ? find_held_lock+0x36/0x1c0 [ 705.456840] ? find_held_lock+0x36/0x1c0 [ 705.460911] ? __lock_is_held+0xb5/0x140 [ 705.460943] ? perf_trace_sched_process_exec+0x860/0x860 [ 705.460961] ? kasan_check_read+0x11/0x20 [ 705.460983] __should_failslab+0x124/0x180 [ 705.478894] should_failslab+0x9/0x14 [ 705.482718] kmem_cache_alloc+0x2be/0x730 [ 705.486884] ? __vma_adjust+0x1810/0x1810 [ 705.491058] vm_area_alloc+0x7a/0x1d0 [ 705.494888] ? arch_release_thread_stack+0x10/0x10 [ 705.499845] mmap_region+0x9d7/0x1cd0 [ 705.503668] ? __x64_sys_brk+0x8b0/0x8b0 [ 705.507743] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 705.513035] ? rcu_read_unlock_special+0x370/0x370 [ 705.517991] ? mpx_unmapped_area_check+0xd8/0x108 [ 705.522871] ? refcount_dec_if_one+0x180/0x180 [ 705.525603] syz-executor0 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=1000 [ 705.527472] ? arch_get_unmapped_area+0x750/0x750 [ 705.527495] ? lock_acquire+0x1ed/0x520 [ 705.527514] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 705.527530] ? cap_mmap_addr+0x52/0x130 [ 705.527549] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 705.527566] ? security_mmap_addr+0x80/0xa0 [ 705.527586] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 705.527604] ? get_unmapped_area+0x292/0x3b0 [ 705.527625] do_mmap+0xa22/0x1230 [ 705.527650] ? mmap_region+0x1cd0/0x1cd0 [ 705.527666] ? vm_mmap_pgoff+0x1b5/0x2c0 [ 705.527686] ? down_read_killable+0x150/0x150 [ 705.527704] ? security_mmap_file+0x174/0x1b0 [ 705.562388] syz-executor0 cpuset=syz0 mems_allowed=0 [ 705.566413] vm_mmap_pgoff+0x213/0x2c0 [ 705.566446] ? vma_is_stack_for_current+0xd0/0xd0 [ 705.566464] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 705.566482] ? check_preemption_disabled+0x48/0x280 [ 705.566520] ksys_mmap_pgoff+0x4da/0x660 00:54:00 executing program 1: r0 = add_key$user(0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe) keyctl$update(0x2, r0, &(0x7f0000000440), 0x0) r1 = syz_open_dev$swradio(&(0x7f00000000c0)='/dev/swradio#\x00', 0xffffffffffffffff, 0x2) mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xfffffffffffffffd, 0x11, r1, 0x0) 00:54:00 executing program 1: r0 = add_key$user(0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe) keyctl$update(0x2, r0, &(0x7f0000000440), 0x0) r1 = syz_open_dev$swradio(&(0x7f00000000c0)='/dev/swradio#\x00', 0xffffffffffffffff, 0x2) mmap(&(0x7f0000ffe000/0x2000)=nil, 0x201e, 0xfffffffffffffffd, 0x11, r1, 0x0) 00:54:00 executing program 2: r0 = add_key$user(&(0x7f0000000040)='user\x00', &(0x7f0000000000)={'syz'}, &(0x7f0000000380)='X', 0x1, 0xfffffffffffffffe) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getsockopt$IP_VS_SO_GET_VERSION(0xffffffffffffffff, 0x0, 0x480, 0x0, 0x0) keyctl$update(0x2, r0, &(0x7f0000000440)="c0ca1cdbaa1aedbbed80dddaa28e15b9449e2e82cca4244c40ffd0fd4e6631c7d3d86e1339de17344340b02dd527f2d8b3ae6c1db3594e657da33c3ec668f143974a65753472df5319a6b83e1e86b8f2666c61a2e700d1c1e0ae1fc52494bd4885a5c64e9007d39fa11313805290dd6342f9775f01a02ec88f6bee22f25a377a9b143abba1264586d2779088006d5f9be82b00f10287031623f73470264cc5897f18f357aad6deb3883da88ae2266664933785a3ce72bb224a441437ea93c21782d4501b9dfbf48a9f3ea14cb792a7876f17297a8c870d7a2d46a36a2cd3e33e21894d91caa64b131dbf5c53066c1ac83ceba29ceab25127e8", 0xf9) r1 = syz_open_dev$swradio(&(0x7f00000000c0)='/dev/swradio#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f0000000340)={0x0, 0x9, 0x1, {0xb, @pix={0x0, 0x1f}}}) mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xfffffffffffffffd, 0x11, r1, 0x0) clone(0x0, &(0x7f0000000080), &(0x7f0000000000), &(0x7f0000915ffc), &(0x7f0000000180)) ioctl$ASHMEM_GET_SIZE(0xffffffffffffffff, 0x7704, 0x0) add_key$user(&(0x7f0000000240)='user\x00', &(0x7f0000000540)={'syz'}, &(0x7f0000000600)="63bbdf5b932bb04481028798fd5fb1bf7183b30984e21c3eb3094d70650ee8624e2bdce1427bd61c8e222dbd67d402b7ccaf0c5dc50030ee14d419fa9c84b0ffd1019f1b2ae022a0f182301f9942566e6f61eabe384c732d0813a18bb3dc9f3a678d9d44e6293e786ab2e6d28f236c138d63fe4f6ece6f3d04", 0x79, 0xfffffffffffffffd) [ 705.566537] ? do_syscall_64+0x9a/0x820 [ 705.566560] ? find_mergeable_anon_vma+0xd0/0xd0 [ 705.566578] ? trace_hardirqs_on+0xbd/0x310 [ 705.566595] ? __ia32_sys_read+0xb0/0xb0 [ 705.566614] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 705.566632] ? trace_hardirqs_off_caller+0x300/0x300 [ 705.566656] __x64_sys_mmap+0xe9/0x1b0 [ 705.566679] do_syscall_64+0x1b9/0x820 [ 705.566696] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 705.566715] ? syscall_return_slowpath+0x5e0/0x5e0 [ 705.566731] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 705.566749] ? trace_hardirqs_on_caller+0x310/0x310 [ 705.566768] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 705.566787] ? prepare_exit_to_usermode+0x291/0x3b0 [ 705.566811] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 705.566840] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 705.566851] RIP: 0033:0x457569 [ 705.566868] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00:54:00 executing program 3: syz_open_dev$mice(0x0, 0x0, 0x0) r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000400)="2f6a7374617400c65381b47aaedf2af5c8af3423fc41891bd2a3c56d8c88e29bad43f1da906e855ff182de04227edcbbc2b1df8f180e158e8abd442cc049cffda030ff277875ee010000000000000000000000000000000000000000000000f532144d1671a6cdf5069e5bddcf25cd7f23956b4a82df900f5eb5763b4fe8cc7172962d2590b2dca2a1308c382541b053194d9027d83ee7ba2e3280857f8f9f63fc90bae959c6e67078bf97e615bfd9409914958aadcfb37973543c60d83526e5c267f7dfa54bd524cc9671dedd665199322bdadee125a35b40b7be0c07301f439a7edfa26fa98277c8078b02e2076291c33787c58b0eabbc39288fc10509409de108f5ca26a8c8e1afb70b2a9569cf8f4cdb6d4e97eb7fdf241dee160e6071618333cc0b0e8bc6a17a0b7d604550fd149ad078ffe54c6392fba29015a3ae73774cd12c9c0ed251a7cf843d712d", 0x2761, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)=ANY=[], &(0x7f00000001c0)='GPL\x00'}, 0x48) r1 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x2761, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r1, 0x4030582a, &(0x7f0000000000)) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000840), 0x0, &(0x7f0000000700)}, 0x0) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x4030582a, &(0x7f0000000000)) ioctl$SG_GET_TIMEOUT(r1, 0x2202, 0x0) 00:54:00 executing program 1: r0 = add_key$user(0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe) keyctl$update(0x2, r0, &(0x7f0000000440), 0x0) r1 = syz_open_dev$swradio(&(0x7f00000000c0)='/dev/swradio#\x00', 0xffffffffffffffff, 0x2) mmap(&(0x7f0000ffe000/0x2000)=nil, 0xffff8000, 0xfffffffffffffffd, 0x11, r1, 0x0) [ 705.634531] RSP: 002b:00007f39ecc3dc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 705.642883] RAX: ffffffffffffffda RBX: 00007f39ecc3dc90 RCX: 0000000000457569 [ 705.642897] RDX: fffffffffffffffd RSI: 0000000000002000 RDI: 0000000020ffe000 [ 705.642916] RBP: 000000000072bf00 R08: 0000000000000003 R09: 0000000000000000 [ 705.642925] R10: 0000000000000011 R11: 0000000000000246 R12: 00007f39ecc3e6d4 [ 705.642934] R13: 00000000004c2b5d R14: 00000000004d4828 R15: 0000000000000004 [ 705.716644] CPU: 1 PID: 20119 Comm: syz-executor0 Not tainted 4.20.0-rc1-next-20181109+ #110 [ 705.753161] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 705.753168] Call Trace: [ 705.753189] dump_stack+0x244/0x39d [ 705.753210] ? dump_stack_print_info.cold.1+0x20/0x20 [ 705.753228] ? mark_held_locks+0x130/0x130 [ 705.753244] ? mark_held_locks+0x130/0x130 [ 705.767852] dump_header+0x27b/0xf72 [ 705.767879] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 705.767903] ? pagefault_out_of_memory+0x197/0x197 [ 705.767923] ? debug_smp_processor_id+0x1c/0x20 00:54:00 executing program 1: r0 = add_key$user(0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe) keyctl$update(0x2, r0, &(0x7f0000000440), 0x0) r1 = syz_open_dev$swradio(&(0x7f00000000c0)='/dev/swradio#\x00', 0xffffffffffffffff, 0x2) mmap(&(0x7f0000ffe000/0x2000)=nil, 0x7fffdf001000, 0xfffffffffffffffd, 0x11, r1, 0x0) [ 705.767940] ? perf_trace_lock_acquire+0x15b/0x800 [ 705.767964] ? perf_trace_lock+0x7a0/0x7a0 [ 705.767985] ? graph_lock+0x270/0x270 [ 705.768003] ? print_usage_bug+0xc0/0xc0 [ 705.785923] ? find_held_lock+0x36/0x1c0 [ 705.785953] ? mark_held_locks+0xc7/0x130 [ 705.785975] ? _raw_spin_unlock_irqrestore+0x82/0xd0 [ 705.785993] ? _raw_spin_unlock_irqrestore+0x82/0xd0 [ 705.786010] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 705.786030] ? trace_hardirqs_on+0xbd/0x310 [ 705.792226] ? kasan_check_read+0x11/0x20 [ 705.792241] ? ___ratelimit+0x3b4/0x672 [ 705.792260] ? trace_hardirqs_off_caller+0x300/0x300 [ 705.792280] ? trace_hardirqs_on+0x310/0x310 [ 705.792298] ? lock_downgrade+0x900/0x900 [ 705.792322] ? _raw_spin_unlock_irqrestore+0x6d/0xd0 [ 705.792345] ? ___ratelimit+0x3b9/0x672 [ 705.792361] ? idr_get_free+0xf70/0xf70 [ 705.792379] ? _raw_spin_unlock_irq+0x27/0x80 [ 705.841819] ? _raw_spin_unlock_irq+0x27/0x80 [ 705.850006] oom_kill_process.cold.27+0x10/0x903 [ 705.918081] ? _raw_spin_unlock_irq+0x27/0x80 [ 705.922597] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 705.927204] ? oom_evaluate_task+0x540/0x540 [ 705.931626] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 705.937182] ? cgroup_procs_next+0x70/0x70 [ 705.941435] ? _raw_spin_unlock_irq+0x60/0x80 [ 705.945937] ? oom_badness+0xaa0/0xaa0 [ 705.949837] ? mem_cgroup_scan_tasks+0x1c3/0x1e0 [ 705.954605] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 705.954773] cgroup: fork rejected by pids controller in /syz1 [ 705.959367] ? mem_cgroup_iter_break+0x30/0x30 [ 705.959405] ? oom_badness+0xaa0/0xaa0 [ 705.959425] out_of_memory+0xa7f/0x1430 [ 705.977723] ? retint_kernel+0x2d/0x2d [ 705.981626] ? oom_killer_disable+0x3a0/0x3a0 [ 705.986140] ? _raw_spin_unlock_irqrestore+0xaf/0xd0 [ 705.991271] mem_cgroup_out_of_memory+0x15e/0x210 [ 705.996134] ? memory_oom_group_write+0x160/0x160 [ 706.000990] ? mem_cgroup_try_charge+0x627/0xe20 [ 706.005766] ? page_counter_try_charge+0x1c1/0x220 [ 706.010718] try_charge+0xdcd/0x1720 [ 706.014458] ? kasan_check_read+0x11/0x20 [ 706.018628] ? mem_cgroup_from_task+0x1f0/0x1f0 [ 706.023330] ? get_mem_cgroup_from_mm.part.62+0x221/0x880 [ 706.028909] ? lock_page_memcg+0x350/0x350 [ 706.033163] ? lock_acquire+0x1ed/0x520 [ 706.037153] ? mem_cgroup_oom_control_write+0x100/0x100 [ 706.042526] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 706.048073] ? check_preemption_disabled+0x48/0x280 [ 706.053107] ? kasan_check_read+0x11/0x20 [ 706.057266] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 706.062551] ? rcu_softirq_qs+0x20/0x20 [ 706.066555] mem_cgroup_try_charge+0x627/0xe20 [ 706.071149] ? mark_held_locks+0xc7/0x130 [ 706.075323] ? mem_cgroup_protected+0xa60/0xa60 00:54:00 executing program 1: r0 = add_key$user(0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe) keyctl$update(0x2, r0, &(0x7f0000000440), 0x0) r1 = syz_open_dev$swradio(&(0x7f00000000c0)='/dev/swradio#\x00', 0xffffffffffffffff, 0x2) mmap(&(0x7f0000ffe000/0x2000)=nil, 0x7ffffffff000, 0xfffffffffffffffd, 0x11, r1, 0x0) [ 706.080011] ? retint_kernel+0x2d/0x2d [ 706.083913] ? trace_hardirqs_on_caller+0xc0/0x310 [ 706.088861] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 706.093633] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 706.099110] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 706.104012] ? retint_kernel+0x2d/0x2d [ 706.107928] mem_cgroup_try_charge_delay+0x1d/0xa0 [ 706.112878] wp_page_copy+0x51d/0x24f0 [ 706.116793] ? follow_pfn+0x2e0/0x2e0 [ 706.120623] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 706.126167] ? reuse_swap_page+0x4bd/0x1520 [ 706.130602] ? swp_swapcount+0x530/0x530 [ 706.134700] ? perf_trace_mm_lru_insertion+0x1490/0x1490 [ 706.140254] ? check_preemption_disabled+0x48/0x280 [ 706.145290] ? print_usage_bug+0xc0/0xc0 [ 706.149367] ? debug_smp_processor_id+0x1c/0x20 [ 706.154050] ? perf_trace_lock_acquire+0x15b/0x800 [ 706.159003] ? perf_trace_lock+0x7a0/0x7a0 [ 706.163252] ? graph_lock+0x270/0x270 [ 706.167066] ? __lock_acquire+0x62f/0x4c20 [ 706.171328] ? find_held_lock+0x36/0x1c0 [ 706.175417] ? do_wp_page+0x518/0x2920 [ 706.179329] ? lock_downgrade+0x900/0x900 [ 706.183507] ? wake_up_page_bit+0x6f0/0x6f0 [ 706.187852] ? kasan_check_read+0x11/0x20 [ 706.192010] ? do_raw_spin_unlock+0xa7/0x330 [ 706.196431] ? do_raw_spin_trylock+0x270/0x270 [ 706.201032] ? __pte_alloc_kernel+0x220/0x220 [ 706.205547] ? perf_trace_lock_acquire+0x15b/0x800 [ 706.210499] do_wp_page+0x520/0x2920 [ 706.214224] ? check_preemption_disabled+0x48/0x280 [ 706.219700] ? finish_mkwrite_fault+0x650/0x650 [ 706.224387] ? print_usage_bug+0xc0/0xc0 [ 706.228474] ? perf_trace_lock+0x7a0/0x7a0 [ 706.232730] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 706.238299] ? __lock_acquire+0x62f/0x4c20 [ 706.242550] ? mark_held_locks+0xc7/0x130 [ 706.246738] ? mark_held_locks+0x130/0x130 [ 706.250987] ? follow_page_pte+0xdd7/0x1ab0 [ 706.255327] ? lock_downgrade+0x900/0x900 [ 706.259497] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 706.265050] ? check_preemption_disabled+0x48/0x280 [ 706.270085] ? debug_smp_processor_id+0x1c/0x20 [ 706.274766] ? perf_trace_lock_acquire+0x15b/0x800 [ 706.279719] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 706.285282] ? follow_page_pte+0x4f9/0x1ab0 [ 706.289625] ? print_usage_bug+0xc0/0xc0 [ 706.293707] ? undo_dev_pagemap+0x680/0x680 [ 706.298042] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 706.302814] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 706.307431] ? retint_kernel+0x2d/0x2d [ 706.311341] ? __lock_acquire+0x62f/0x4c20 [ 706.315592] ? lock_acquire+0x1ed/0x520 [ 706.319574] ? __handle_mm_fault+0x1fa9/0x5be0 [ 706.324174] ? kasan_check_write+0x14/0x20 [ 706.328418] ? do_raw_spin_lock+0x14f/0x350 [ 706.332757] ? rwlock_bug.part.2+0x90/0x90 [ 706.337018] __handle_mm_fault+0x3be9/0x5be0 [ 706.341446] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 706.346308] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 706.350908] ? perf_trace_lock+0x7a0/0x7a0 [ 706.355157] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 706.360708] ? pmd_huge+0xf4/0x140 [ 706.364275] ? graph_lock+0x270/0x270 [ 706.368094] ? graph_lock+0x270/0x270 [ 706.371915] ? find_held_lock+0x36/0x1c0 [ 706.376002] ? handle_mm_fault+0x42a/0xc70 [ 706.380248] ? lock_downgrade+0x900/0x900 [ 706.380267] ? check_preemption_disabled+0x48/0x280 [ 706.380300] ? kasan_check_read+0x11/0x20 [ 706.380316] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 706.380333] ? rcu_read_unlock_special+0x370/0x370 [ 706.393633] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 706.393651] ? check_preemption_disabled+0x48/0x280 [ 706.393678] handle_mm_fault+0x54f/0xc70 [ 706.393700] ? __handle_mm_fault+0x5be0/0x5be0 [ 706.393722] ? __get_user_pages+0x298/0x1ed0 [ 706.393743] __get_user_pages+0xa3d/0x1ed0 [ 706.393774] ? follow_page_mask+0x2160/0x2160 [ 706.431746] ? mark_held_locks+0xc7/0x130 [ 706.431770] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 706.431789] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 706.431806] ? retint_kernel+0x2d/0x2d [ 706.431823] ? trace_hardirqs_on_caller+0xc0/0x310 [ 706.431844] ? trace_hardirqs_on_caller+0xc0/0x310 [ 706.431862] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 706.458807] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 706.458831] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 706.458848] ? graph_lock+0x270/0x270 [ 706.458864] ? mark_held_locks+0xc7/0x130 [ 706.487357] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 706.492141] ? retint_kernel+0x2d/0x2d [ 706.496063] populate_vma_page_range+0x2db/0x3d0 [ 706.500868] ? follow_page+0x420/0x420 [ 706.504774] ? find_vma+0x34/0x190 [ 706.508327] __mm_populate+0x286/0x4d0 [ 706.512231] ? populate_vma_page_range+0x3d0/0x3d0 [ 706.517265] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 706.517292] ? ns_capable_common+0x13f/0x170 [ 706.517313] __x64_sys_mlockall+0x45b/0x630 [ 706.517330] ? __ia32_sys_munlock+0x160/0x160 [ 706.536060] ? retint_kernel+0x2d/0x2d [ 706.539968] ? __ia32_sys_munlock+0x160/0x160 [ 706.544483] ? do_syscall_64+0x179/0x820 [ 706.548570] do_syscall_64+0x1b9/0x820 [ 706.552474] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 706.557855] ? syscall_return_slowpath+0x5e0/0x5e0 [ 706.562795] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 706.567658] ? trace_hardirqs_on_caller+0x310/0x310 [ 706.572689] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 706.577729] ? prepare_exit_to_usermode+0x291/0x3b0 [ 706.582762] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 706.587621] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 706.587635] RIP: 0033:0x457569 [ 706.587653] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 706.614906] RSP: 002b:00007f835d885c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097 [ 706.622630] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 0000000000457569 [ 706.629911] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 706.637189] RBP: 000000000072bfa0 R08: 0000000000000000 R09: 0000000000000000 [ 706.644485] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f835d8866d4 [ 706.651777] R13: 00000000004c2b54 R14: 00000000004d4810 R15: 00000000ffffffff [ 706.668882] Task in /syz0 killed as a result of limit of /syz0 [ 706.679129] memory: usage 307196kB, limit 307200kB, failcnt 1588 [ 706.685433] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 706.692829] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 706.701083] Memory cgroup stats for /syz0: cache:144KB rss:296800KB rss_huge:268288KB shmem:28KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:52748KB active_anon:12984KB inactive_file:0KB active_file:0KB unevictable:231192KB [ 706.740987] Memory cgroup out of memory: Kill process 20108 (syz-executor0) score 1216 or sacrifice child [ 706.768970] Killed process 20122 (syz-executor0) total-vm:70468kB, anon-rss:18068kB, file-rss:32768kB, shmem-rss:0kB [ 706.796757] oom_reaper: reaped process 20122 (syz-executor0), now anon-rss:0kB, file-rss:32768kB, shmem-rss:0kB 00:54:02 executing program 0: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000000)=0x102, 0x4) bind$inet(r0, &(0x7f0000942000)={0x2, 0x4e20, @multicast1}, 0x10) getsockopt$IP_VS_SO_GET_SERVICE(r0, 0x0, 0x483, &(0x7f0000000300), &(0x7f00000000c0)=0xfe18) r1 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000400)='/dev/vga_arbiter\x00', 0x3fc, 0x0) getsockopt$IP6T_SO_GET_REVISION_MATCH(r1, 0x29, 0x44, &(0x7f0000000180)={'NETMAP\x00'}, &(0x7f00000001c0)=0x1e) mlockall(0x1) clone(0x0, 0x0, 0xfffffffffffffffe, &(0x7f0000000080), 0xffffffffffffffff) r2 = open(&(0x7f0000000140)='./file0\x00', 0x0, 0x99) exit(0x7fffffffbffefffd) r3 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mlockall(0x3) ioctl$VHOST_SET_VRING_CALL(r1, 0x4008af21, &(0x7f0000000500)={0x3, r2}) r4 = getpgid(0xffffffffffffffff) setpriority(0x1, r4, 0x5) r5 = getpgrp(0x0) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000280)={0xffffffffffffffff, r1, 0x0, 0xf, &(0x7f0000000240)='wlan0\\}md5sum#\x00'}, 0x30) setpgid(r5, r6) vmsplice(r3, &(0x7f00000008c0)=[{&(0x7f0000000800)="50e005e6815dc6b00b10002c519c66795de0d52fc076f1eb6a9c58cde88a6eef0093b24a178e84740aa6d1618e2033d38d4aea0fb17cda768820a83864ac14405192e4549c3ad33fca5d187507c5a984d6a0c72683e7af2d4a070000000000000005b6d0dce139e4c627395426a1f6fc0b416f7163eb07000000d9e0203181735ccac1e530c361262a0a5e0a98e9ca3d17f2f2f0c116fa9fbdbe757d93e323d17f29", 0xa2}], 0x1, 0xf) ioctl$EVIOCGEFFECTS(r1, 0x80044584, &(0x7f0000000580)=""/190) mq_notify(r1, &(0x7f0000000540)={0x0, 0x1c, 0x7, @thr={&(0x7f0000000440)="4c272be7ad31b92a7819bd4438656080ec27849a76ffa174b3fe114201140a34e5e6cb4d6a3ab9bcdc80a2717dd8542f33caa13b8c9cb9f5d11d4c66dc81779917000c05979ce491010f7259d0ecdb80fb30d6cba6e2b753ac23635fbb3d879cc2982fb4bbe1afcea02f12d11d43e1337c25411ae04bd8efc06636c455e15689c75b95c24f0dbdd30bdf91f2313a3e39b263ff5196302f1880765440d8b1", 0x0}}) accept4$inet(0xffffffffffffffff, &(0x7f00000000c0), &(0x7f0000000100)=0x10, 0x0) setsockopt$sock_int(r0, 0x1, 0x3c, &(0x7f0000d4effc)=0x1, 0x4) remap_file_pages(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x4, 0xa1, 0x40001) connect$inet(r0, &(0x7f00000002c0)={0x2, 0x4e20, @local}, 0x10) ioctl$FS_IOC_FSSETXATTR(r2, 0x401c5820, &(0x7f0000000200)={0x6d, 0x7fff, 0x400, 0x40, 0x4}) sendmmsg(r0, &(0x7f00000010c0)=[{{&(0x7f0000000bc0)=@in6={0xa, 0xf0ff7f00000000, 0x0, @mcast1}, 0x80, &(0x7f0000000d40), 0x2fb, &(0x7f0000000d80)}}], 0x4000000000001b4, 0x40400d4) 00:54:02 executing program 5 (fault-call:3 fault-nth:3): add_key$user(&(0x7f0000000040)='user\x00', 0x0, &(0x7f0000000380), 0x0, 0xfffffffffffffffe) keyctl$update(0x2, 0x0, 0x0, 0x0) r0 = syz_open_dev$swradio(&(0x7f00000000c0)='/dev/swradio#\x00', 0xffffffffffffffff, 0x2) mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xfffffffffffffffd, 0x11, r0, 0x0) ioctl$ASHMEM_GET_SIZE(0xffffffffffffffff, 0x7704, 0x0) 00:54:02 executing program 3: syz_open_dev$mice(0x0, 0x0, 0x0) r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000400)="2f6a7374617400c65381b47aaedf2af5c8af3423fc41891bd2a3c56d8c88e29bad43f1da906e855ff182de04227edcbbc2b1df8f180e158e8abd442cc049cffda030ff277875ee010000000000000000000000000000000000000000000000f532144d1671a6cdf5069e5bddcf25cd7f23956b4a82df900f5eb5763b4fe8cc7172962d2590b2dca2a1308c382541b053194d9027d83ee7ba2e3280857f8f9f63fc90bae959c6e67078bf97e615bfd9409914958aadcfb37973543c60d83526e5c267f7dfa54bd524cc9671dedd665199322bdadee125a35b40b7be0c07301f439a7edfa26fa98277c8078b02e2076291c33787c58b0eabbc39288fc10509409de108f5ca26a8c8e1afb70b2a9569cf8f4cdb6d4e97eb7fdf241dee160e6071618333cc0b0e8bc6a17a0b7d604550fd149ad078ffe54c6392fba29015a3ae73774cd12c9c0ed251a7cf843d712d", 0x2761, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)=ANY=[], &(0x7f00000001c0)='GPL\x00'}, 0x48) r2 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x2761, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x4030582a, &(0x7f0000000000)) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000840), 0x0, &(0x7f0000000700)}, 0x0) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x4030582a, &(0x7f0000000000)) preadv(r1, &(0x7f0000000140)=[{&(0x7f0000000080)=""/141, 0x8d}, {&(0x7f0000000200)=""/105, 0x69}, {&(0x7f0000000280)=""/99, 0x63}], 0x3, 0x0) 00:54:02 executing program 2: r0 = add_key$user(&(0x7f0000000040)='user\x00', &(0x7f0000000000)={'syz'}, &(0x7f0000000380)='X', 0x1, 0xfffffffffffffffe) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getsockopt$IP_VS_SO_GET_VERSION(0xffffffffffffffff, 0x0, 0x480, 0x0, 0x0) keyctl$update(0x2, r0, &(0x7f0000000440)="c0ca1cdbaa1aedbbed80dddaa28e15b9449e2e82cca4244c40ffd0fd4e6631c7d3d86e1339de17344340b02dd527f2d8b3ae6c1db3594e657da33c3ec668f143974a65753472df5319a6b83e1e86b8f2666c61a2e700d1c1e0ae1fc52494bd4885a5c64e9007d39fa11313805290dd6342f9775f01a02ec88f6bee22f25a377a9b143abba1264586d2779088006d5f9be82b00f10287031623f73470264cc5897f18f357aad6deb3883da88ae2266664933785a3ce72bb224a441437ea93c21782d4501b9dfbf48a9f3ea14cb792a7876f17297a8c870d7a2d46a36a2cd3e33e21894d91caa64b131dbf5c53066c1ac83ceba29ceab25127e8", 0xf9) r1 = syz_open_dev$swradio(&(0x7f00000000c0)='/dev/swradio#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f0000000340)={0x0, 0x9, 0x1, {0xb, @pix={0x0, 0x1f}}}) mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xfffffffffffffffd, 0x11, r1, 0x0) clone(0x0, &(0x7f0000000080), &(0x7f0000000000), &(0x7f0000915ffc), &(0x7f0000000180)) ioctl$ASHMEM_GET_SIZE(0xffffffffffffffff, 0x7704, 0x0) add_key$user(&(0x7f0000000240)='user\x00', &(0x7f0000000540)={'syz'}, &(0x7f0000000600)="63bbdf5b932bb04481028798fd5fb1bf7183b30984e21c3eb3094d70650ee8624e2bdce1427bd61c8e222dbd67d402b7ccaf0c5dc50030ee14d419fa9c84b0ffd1019f1b2ae022a0f182301f9942566e6f61eabe384c732d0813a18bb3dc9f3a678d9d44e6293e786ab2e6d28f236c138d63fe4f6ece6f3d04", 0x79, 0xfffffffffffffffd) 00:54:02 executing program 4 (fault-call:4 fault-nth:0): mkdir(&(0x7f0000000000)='./file0\x00', 0x0) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000280)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000480)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) read$FUSE(r0, &(0x7f0000003000), 0x4ea) write$FUSE_INIT(r0, &(0x7f0000000600)={0x50, 0x0, 0x2, {0x7, 0x1c, 0x0, 0x0, 0x7ff}}, 0x50) 00:54:02 executing program 1: r0 = add_key$user(0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe) keyctl$update(0x2, r0, &(0x7f0000000440), 0x0) r1 = syz_open_dev$swradio(&(0x7f00000000c0)='/dev/swradio#\x00', 0xffffffffffffffff, 0x2) mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2002, 0xfffffffffffffffd, 0x11, r1, 0x0) 00:54:02 executing program 4: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000280)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000480)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) read$FUSE(r0, &(0x7f0000003000), 0x4ea) write$FUSE_INIT(r0, &(0x7f0000000600)={0x50, 0x0, 0x2, {0x7, 0x1c, 0x0, 0x0, 0x7ff}}, 0x50) 00:54:03 executing program 5: add_key$user(&(0x7f0000000040)='user\x00', 0x0, &(0x7f0000000380), 0x0, 0xfffffffffffffffe) keyctl$update(0x2, 0x0, 0x0, 0x0) r0 = syz_open_dev$swradio(&(0x7f00000000c0)='/dev/swradio#\x00', 0xffffffffffffffff, 0x2) mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xfffffffffffffffd, 0x11, r0, 0x0) ioctl$ASHMEM_GET_SIZE(0xffffffffffffffff, 0x7704, 0x0) 00:54:03 executing program 4: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000280)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000480)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) read$FUSE(r0, &(0x7f0000003000), 0x4ea) write$FUSE_INIT(r0, &(0x7f0000000600)={0x20000650, 0x0, 0x2, {0x7, 0x1c, 0x0, 0x0, 0x7ff}}, 0x50) 00:54:03 executing program 5: add_key$user(&(0x7f0000000040)='user\x00', 0x0, &(0x7f0000000380), 0x0, 0xfffffffffffffffe) keyctl$update(0x2, 0x0, 0x0, 0x0) r0 = syz_open_dev$swradio(&(0x7f00000000c0)='/dev/swradio#\x00', 0xffffffffffffffff, 0x2) mmap(&(0x7f0000ffe000/0x2000)=nil, 0x7ffffffff000, 0xfffffffffffffffd, 0x11, r0, 0x0) ioctl$ASHMEM_GET_SIZE(0xffffffffffffffff, 0x7704, 0x0) 00:54:03 executing program 3: r0 = syz_open_dev$mice(0x0, 0x0, 0x0) r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000400)="2f6a7374617400c65381b47aaedf2af5c8af3423fc41891bd2a3c56d8c88e29bad43f1da906e855ff182de04227edcbbc2b1df8f180e158e8abd442cc049cffda030ff277875ee010000000000000000000000000000000000000000000000f532144d1671a6cdf5069e5bddcf25cd7f23956b4a82df900f5eb5763b4fe8cc7172962d2590b2dca2a1308c382541b053194d9027d83ee7ba2e3280857f8f9f63fc90bae959c6e67078bf97e615bfd9409914958aadcfb37973543c60d83526e5c267f7dfa54bd524cc9671dedd665199322bdadee125a35b40b7be0c07301f439a7edfa26fa98277c8078b02e2076291c33787c58b0eabbc39288fc10509409de108f5ca26a8c8e1afb70b2a9569cf8f4cdb6d4e97eb7fdf241dee160e6071618333cc0b0e8bc6a17a0b7d604550fd149ad078ffe54c6392fba29015a3ae73774cd12c9c0ed251a7cf843d712d", 0x2761, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000180)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x3, 0xfffffffffffffcd5, 0x0, 0x0, 0x1}, 0x48) r2 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x2761, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x4030582a, &(0x7f0000000000)) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000840), 0x0, &(0x7f0000000700)}, 0x0) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r1, 0x4030582a, &(0x7f0000000000)) ioctl$DRM_IOCTL_GET_MAP(r2, 0xc0286404, &(0x7f0000000080)={&(0x7f0000ffb000/0x2000)=nil, 0x3, 0x4, 0x40, &(0x7f0000ff9000/0x4000)=nil, 0x1}) getsockopt$inet6_IPV6_IPSEC_POLICY(r2, 0x29, 0x22, &(0x7f0000000200)={{{@in=@multicast1, @in=@dev, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@ipv4={[], [], @dev}}, 0x0, @in6=@loopback}}, &(0x7f0000000100)=0xe8) ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000140)={'team0\x00', r3}) 00:54:03 executing program 2: r0 = add_key$user(&(0x7f0000000040)='user\x00', &(0x7f0000000000)={'syz'}, &(0x7f0000000380)='X', 0x1, 0xfffffffffffffffe) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getsockopt$IP_VS_SO_GET_VERSION(0xffffffffffffffff, 0x0, 0x480, 0x0, 0x0) keyctl$update(0x2, r0, &(0x7f0000000440)="c0ca1cdbaa1aedbbed80dddaa28e15b9449e2e82cca4244c40ffd0fd4e6631c7d3d86e1339de17344340b02dd527f2d8b3ae6c1db3594e657da33c3ec668f143974a65753472df5319a6b83e1e86b8f2666c61a2e700d1c1e0ae1fc52494bd4885a5c64e9007d39fa11313805290dd6342f9775f01a02ec88f6bee22f25a377a9b143abba1264586d2779088006d5f9be82b00f10287031623f73470264cc5897f18f357aad6deb3883da88ae2266664933785a3ce72bb224a441437ea93c21782d4501b9dfbf48a9f3ea14cb792a7876f17297a8c870d7a2d46a36a2cd3e33e21894d91caa64b131dbf5c53066c1ac83ceba29ceab25127e8", 0xf9) r1 = syz_open_dev$swradio(&(0x7f00000000c0)='/dev/swradio#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f0000000340)={0x0, 0x9, 0x1, {0xb, @pix={0x0, 0x1f}}}) mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xfffffffffffffffd, 0x11, r1, 0x0) clone(0x0, &(0x7f0000000080), &(0x7f0000000000), &(0x7f0000915ffc), &(0x7f0000000180)) ioctl$ASHMEM_GET_SIZE(0xffffffffffffffff, 0x7704, 0x0) add_key$user(&(0x7f0000000240)='user\x00', &(0x7f0000000540)={'syz'}, &(0x7f0000000600)="63bbdf5b932bb04481028798fd5fb1bf7183b30984e21c3eb3094d70650ee8624e2bdce1427bd61c8e222dbd67d402b7ccaf0c5dc50030ee14d419fa9c84b0ffd1019f1b2ae022a0f182301f9942566e6f61eabe384c732d0813a18bb3dc9f3a678d9d44e6293e786ab2e6d28f236c138d63fe4f6ece6f3d04", 0x79, 0xfffffffffffffffd) [ 708.462181] IPVS: ftp: loaded support on port[0] = 21 [ 708.757206] syz-executor0 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=1000 [ 708.782403] syz-executor0 cpuset=syz0 mems_allowed=0 [ 708.790238] CPU: 0 PID: 20184 Comm: syz-executor0 Not tainted 4.20.0-rc1-next-20181109+ #110 [ 708.798838] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 708.808190] Call Trace: [ 708.810794] dump_stack+0x244/0x39d [ 708.810816] ? dump_stack_print_info.cold.1+0x20/0x20 [ 708.810836] ? mark_held_locks+0x130/0x130 [ 708.810859] dump_header+0x27b/0xf72 [ 708.810876] ? print_usage_bug+0xc0/0xc0 [ 708.810893] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 708.810908] ? pagefault_out_of_memory+0x197/0x197 [ 708.810924] ? print_usage_bug+0xc0/0xc0 [ 708.842153] ? debug_smp_processor_id+0x1c/0x20 [ 708.850870] ? perf_trace_lock_acquire+0x15b/0x800 [ 708.855831] ? perf_trace_lock+0x7a0/0x7a0 [ 708.855850] ? mark_held_locks+0xc7/0x130 [ 708.864242] ? mark_held_locks+0xc7/0x130 [ 708.868392] ? print_usage_bug+0xc0/0xc0 [ 708.868411] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 708.868430] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 708.881811] ? retint_kernel+0x2d/0x2d [ 708.885709] ? trace_hardirqs_on_caller+0xc0/0x310 [ 708.890646] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 708.895407] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 708.895439] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 708.905650] ? retint_kernel+0x2d/0x2d [ 708.909570] ? _raw_spin_unlock_irqrestore+0xaf/0xd0 [ 708.914702] ? _raw_spin_unlock_irqrestore+0x6d/0xd0 [ 708.919816] ? ___ratelimit+0x3b9/0x672 [ 708.919833] ? idr_get_free+0xf70/0xf70 [ 708.919861] oom_kill_process.cold.27+0x10/0x903 [ 708.932636] ? mark_held_locks+0xc7/0x130 [ 708.936792] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 708.936815] ? oom_evaluate_task+0x540/0x540 [ 708.945968] ? trace_hardirqs_on_caller+0xc0/0x310 [ 708.945987] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 708.946006] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 708.955670] ? _raw_spin_unlock_irq+0x56/0x80 [ 708.955687] ? _raw_spin_unlock_irq+0x60/0x80 [ 708.955711] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 708.965641] ? retint_kernel+0x2d/0x2d [ 708.965677] out_of_memory+0xa7f/0x1430 [ 708.974883] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 708.974905] ? kasan_check_read+0x11/0x20 [ 708.974925] ? oom_killer_disable+0x3a0/0x3a0 [ 708.974962] mem_cgroup_out_of_memory+0x15e/0x210 [ 708.974981] ? page_counter_try_charge+0xef/0x220 [ 708.982813] ? memory_oom_group_write+0x160/0x160 [ 708.982841] ? page_counter_try_charge+0x1c1/0x220 [ 708.982863] try_charge+0xdcd/0x1720 [ 708.982882] ? kasan_check_read+0x11/0x20 [ 708.982909] ? mem_cgroup_from_task+0x1f0/0x1f0 [ 708.991730] ? get_mem_cgroup_from_mm.part.62+0x221/0x880 [ 708.991751] ? lock_page_memcg+0x350/0x350 [ 708.991774] ? lock_acquire+0x268/0x520 [ 708.991794] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 709.001109] ? check_preemption_disabled+0x48/0x280 [ 709.001139] ? kasan_check_read+0x11/0x20 [ 709.001156] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 709.001170] ? rcu_softirq_qs+0x20/0x20 [ 709.001201] mem_cgroup_try_charge+0x627/0xe20 [ 709.001222] ? mem_cgroup_protected+0xa60/0xa60 [ 709.010878] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 709.010895] ? page_mapping+0x5a2/0xa50 [ 709.010932] ? page_evictable+0x2de/0x540 [ 709.010949] ? check_preemption_disabled+0x48/0x280 [ 709.010970] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 709.019693] mem_cgroup_try_charge_delay+0x1d/0xa0 [ 709.019717] wp_page_copy+0x51d/0x24f0 [ 709.028518] ? follow_pfn+0x2e0/0x2e0 [ 709.028541] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 709.038285] ? reuse_swap_page+0x4bd/0x1520 [ 709.038306] ? swp_swapcount+0x530/0x530 [ 709.038329] ? perf_trace_mm_lru_insertion+0x1490/0x1490 [ 709.047808] ? cpu_clock_event_start+0x12c/0x180 [ 709.047833] ? print_usage_bug+0xc0/0xc0 [ 709.056969] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 709.056987] ? check_preemption_disabled+0x48/0x280 [ 709.057003] ? commit_creds+0xbd8/0x12e0 [ 709.066235] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 709.066255] ? perf_pmu_enable+0xd9/0x120 [ 709.075483] ? event_sched_in.isra.108+0x6bb/0xe40 [ 709.075509] ? graph_lock+0x270/0x270 [ 709.084995] ? __lock_acquire+0x62f/0x4c20 [ 709.085022] ? check_preemption_disabled+0x48/0x280 [ 709.094162] ? find_held_lock+0x36/0x1c0 [ 709.094189] ? do_wp_page+0x518/0x2920 [ 709.094207] ? lock_downgrade+0x900/0x900 [ 709.094224] ? wake_up_page_bit+0x6f0/0x6f0 [ 709.094243] ? kasan_check_read+0x11/0x20 [ 709.094257] ? do_raw_spin_unlock+0xa7/0x330 [ 709.094274] ? do_raw_spin_trylock+0x270/0x270 [ 709.104712] ? __pte_alloc_kernel+0x220/0x220 [ 709.112370] ? perf_trace_lock_acquire+0x15b/0x800 [ 709.112397] do_wp_page+0x520/0x2920 [ 709.112415] ? check_preemption_disabled+0x48/0x280 [ 709.112439] ? finish_mkwrite_fault+0x650/0x650 [ 709.122264] ? print_usage_bug+0xc0/0xc0 [ 709.122288] ? perf_trace_lock+0x7a0/0x7a0 [ 709.122313] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 709.122334] ? __lock_acquire+0x62f/0x4c20 [ 709.122347] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 709.122367] ? retint_kernel+0x2d/0x2d [ 709.131875] ? trace_hardirqs_on_caller+0xc0/0x310 [ 709.131895] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 709.131926] ? mark_held_locks+0x130/0x130 [ 709.131948] ? follow_page_pte+0xdd7/0x1ab0 [ 709.131964] ? lock_downgrade+0x900/0x900 [ 709.131988] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 709.140782] ? check_preemption_disabled+0x48/0x280 [ 709.140817] ? debug_smp_processor_id+0x1c/0x20 [ 709.140834] ? perf_trace_lock_acquire+0x15b/0x800 [ 709.140851] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 709.140882] ? follow_page_pte+0x4f9/0x1ab0 [ 709.151408] ? print_usage_bug+0xc0/0xc0 [ 709.151435] ? undo_dev_pagemap+0x680/0x680 [ 709.151455] ? retint_kernel+0x2d/0x2d [ 709.151475] ? trace_hardirqs_on_caller+0xc0/0x310 [ 709.161045] ? retint_kernel+0x2d/0x2d [ 709.161075] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 709.161098] ? __lock_acquire+0x62f/0x4c20 [ 709.161124] ? lock_acquire+0x1ed/0x520 [ 709.161143] ? __handle_mm_fault+0x1fa9/0x5be0 [ 709.170217] ? kasan_check_write+0x14/0x20 [ 709.178218] ? do_raw_spin_lock+0x14f/0x350 [ 709.178236] ? rwlock_bug.part.2+0x90/0x90 [ 709.178254] ? do_raw_spin_lock+0x227/0x350 [ 709.187315] __handle_mm_fault+0x3be9/0x5be0 [ 709.187342] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 709.195350] ? perf_trace_lock+0x7a0/0x7a0 [ 709.195368] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 709.195385] ? pmd_huge+0xf4/0x140 [ 709.203841] ? graph_lock+0x270/0x270 [ 709.203855] ? graph_lock+0x270/0x270 [ 709.203878] ? find_held_lock+0x36/0x1c0 [ 709.203906] ? handle_mm_fault+0x42a/0xc70 [ 709.203921] ? lock_downgrade+0x900/0x900 [ 709.203940] ? check_preemption_disabled+0x48/0x280 [ 709.212914] ? kasan_check_read+0x11/0x20 [ 709.212931] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 709.212949] ? rcu_read_unlock_special+0x370/0x370 [ 709.212969] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 709.212987] ? check_preemption_disabled+0x48/0x280 [ 709.222394] handle_mm_fault+0x54f/0xc70 [ 709.222413] ? __handle_mm_fault+0x5be0/0x5be0 [ 709.222432] ? __get_user_pages+0x9c6/0x1ed0 [ 709.222453] __get_user_pages+0xa3d/0x1ed0 [ 709.222480] ? follow_page_mask+0x2160/0x2160 [ 709.222500] ? debug_smp_processor_id+0x1c/0x20 [ 709.231225] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 709.231260] ? mark_held_locks+0xc7/0x130 [ 709.231280] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 709.231299] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 709.240007] ? retint_kernel+0x2d/0x2d [ 709.240025] ? trace_hardirqs_on_caller+0xc0/0x310 [ 709.240044] ? __mm_populate+0x31a/0x4d0 [ 709.249797] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 709.249817] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 709.249839] ? lock_release+0xa10/0xa10 [ 709.258628] ? perf_trace_sched_process_exec+0x860/0x860 [ 709.258651] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 709.258676] populate_vma_page_range+0x2db/0x3d0 [ 709.267462] ? follow_page+0x420/0x420 [ 709.267482] ? __mm_populate+0x2d2/0x4d0 [ 709.538959] __mm_populate+0x286/0x4d0 [ 709.542871] ? populate_vma_page_range+0x3d0/0x3d0 [ 709.547819] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 709.553365] ? ns_capable_common+0x13f/0x170 [ 709.557795] __x64_sys_mlockall+0x45b/0x630 [ 709.562138] ? __ia32_sys_munlock+0x160/0x160 [ 709.566651] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 709.572207] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 709.577587] ? trace_hardirqs_off_caller+0x300/0x300 [ 709.582716] do_syscall_64+0x1b9/0x820 [ 709.586616] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 709.591998] ? syscall_return_slowpath+0x5e0/0x5e0 [ 709.596955] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 709.601818] ? trace_hardirqs_on_caller+0x310/0x310 [ 709.606844] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 709.606862] ? prepare_exit_to_usermode+0x291/0x3b0 [ 709.606883] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 709.616906] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 709.616921] RIP: 0033:0x457569 [ 709.626935] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 709.626945] RSP: 002b:00007f835d885c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097 [ 709.626963] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 0000000000457569 [ 709.649034] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 709.649043] RBP: 000000000072bfa0 R08: 0000000000000000 R09: 0000000000000000 [ 709.649051] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f835d8866d4 [ 709.649059] R13: 00000000004c2b54 R14: 00000000004d4810 R15: 00000000ffffffff [ 709.655861] Task in /syz0 killed as a result of limit of /syz0 [ 709.664607] memory: usage 307132kB, limit 307200kB, failcnt 1600 [ 709.680762] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 709.695404] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 709.707703] Memory cgroup stats for /syz0: cache:144KB rss:296780KB rss_huge:268288KB shmem:28KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:52756KB active_anon:12984KB inactive_file:0KB active_file:0KB unevictable:231176KB [ 709.742251] Memory cgroup out of memory: Kill process 20167 (syz-executor0) score 1219 or sacrifice child [ 709.753185] Killed process 20186 (syz-executor0) total-vm:70468kB, anon-rss:18068kB, file-rss:32896kB, shmem-rss:0kB [ 709.787098] oom_reaper: reaped process 20186 (syz-executor0), now anon-rss:0kB, file-rss:32768kB, shmem-rss:0kB [ 710.145326] bridge0: port 1(bridge_slave_0) entered blocking state [ 710.152178] bridge0: port 1(bridge_slave_0) entered disabled state [ 710.159626] device bridge_slave_0 entered promiscuous mode [ 710.207552] bridge0: port 2(bridge_slave_1) entered blocking state [ 710.214660] bridge0: port 2(bridge_slave_1) entered disabled state [ 710.222554] device bridge_slave_1 entered promiscuous mode [ 710.267406] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 710.312933] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 710.459557] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 710.511970] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 710.727140] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 710.734397] team0: Port device team_slave_0 added [ 710.765119] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 710.772504] team0: Port device team_slave_1 added [ 710.807499] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 710.858394] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 710.906421] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 710.954323] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 710.961817] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 710.978141] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready 00:54:07 executing program 4: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000280)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000480)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) read$FUSE(r0, &(0x7f0000003000), 0x4ea) write$FUSE_INIT(r0, &(0x7f0000000600)={0xf, 0x0, 0x2, {0x7, 0x1c, 0x0, 0x0, 0x7ff}}, 0x50) 00:54:07 executing program 5: add_key$user(&(0x7f0000000040)='user\x00', 0x0, &(0x7f0000000380), 0x0, 0xfffffffffffffffe) keyctl$update(0x2, 0x0, 0x0, 0x0) r0 = syz_open_dev$swradio(&(0x7f00000000c0)='/dev/swradio#\x00', 0xffffffffffffffff, 0x2) mmap(&(0x7f0000ffe000/0x2000)=nil, 0x201e, 0xfffffffffffffffd, 0x11, r0, 0x0) ioctl$ASHMEM_GET_SIZE(0xffffffffffffffff, 0x7704, 0x0) 00:54:07 executing program 3: r0 = syz_open_dev$mice(0x0, 0x0, 0x0) write$P9_RCREATE(r0, &(0x7f0000000080)={0x18, 0x73, 0x2, {{0x5f, 0x0, 0x3}, 0x6}}, 0x18) r1 = openat$cgroup_ro(r0, &(0x7f0000000400)='cpuacct.usage_sys\x00', 0x2761, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)=ANY=[], &(0x7f00000001c0)='GPL\x00'}, 0x48) r2 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x2761, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x4030582a, &(0x7f0000000000)) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000840), 0x0, &(0x7f0000000700)}, 0x0) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r1, 0x4030582a, &(0x7f0000000000)) 00:54:07 executing program 2: r0 = add_key$user(&(0x7f0000000040)='user\x00', &(0x7f0000000000)={'syz'}, &(0x7f0000000380)='X', 0x1, 0xfffffffffffffffe) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getsockopt$IP_VS_SO_GET_VERSION(0xffffffffffffffff, 0x0, 0x480, 0x0, 0x0) keyctl$update(0x2, r0, &(0x7f0000000440)="c0ca1cdbaa1aedbbed80dddaa28e15b9449e2e82cca4244c40ffd0fd4e6631c7d3d86e1339de17344340b02dd527f2d8b3ae6c1db3594e657da33c3ec668f143974a65753472df5319a6b83e1e86b8f2666c61a2e700d1c1e0ae1fc52494bd4885a5c64e9007d39fa11313805290dd6342f9775f01a02ec88f6bee22f25a377a9b143abba1264586d2779088006d5f9be82b00f10287031623f73470264cc5897f18f357aad6deb3883da88ae2266664933785a3ce72bb224a441437ea93c21782d4501b9dfbf48a9f3ea14cb792a7876f17297a8c870d7a2d46a36a2cd3e33e21894d91caa64b131dbf5c53066c1ac83ceba29ceab25127e8", 0xf9) r1 = syz_open_dev$swradio(&(0x7f00000000c0)='/dev/swradio#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f0000000340)={0x0, 0x9, 0x1, {0xb, @pix={0x0, 0x1f}}}) mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xfffffffffffffffd, 0x11, r1, 0x0) clone(0x0, &(0x7f0000000080), &(0x7f0000000000), &(0x7f0000915ffc), &(0x7f0000000180)) ioctl$ASHMEM_GET_SIZE(0xffffffffffffffff, 0x7704, 0x0) openat$autofs(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/autofs\x00', 0x401, 0x0) 00:54:07 executing program 0: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000000)=0x102, 0x4) bind$inet(r0, &(0x7f0000942000)={0x2, 0x4e20, @multicast1}, 0x10) getsockopt$IP_VS_SO_GET_SERVICE(r0, 0x0, 0x483, &(0x7f0000000300), &(0x7f00000000c0)=0xfe18) r1 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000400)='/dev/vga_arbiter\x00', 0x3fc, 0x0) getsockopt$IP6T_SO_GET_REVISION_MATCH(r1, 0x29, 0x44, &(0x7f0000000180)={'NETMAP\x00'}, &(0x7f00000001c0)=0x1e) mlockall(0x1) clone(0x0, 0x0, 0xfffffffffffffffe, &(0x7f0000000080), 0xffffffffffffffff) r2 = open(&(0x7f0000000140)='./file0\x00', 0x0, 0x99) exit(0x7fffffffbffefffd) r3 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mlockall(0x3) ioctl$VHOST_SET_VRING_CALL(r1, 0x4008af21, &(0x7f0000000500)={0x3, r2}) r4 = getpgid(0xffffffffffffffff) setpriority(0x1, r4, 0x5) r5 = getpgrp(0x0) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000280)={0xffffffffffffffff, r1, 0x0, 0xf, &(0x7f0000000240)='wlan0\\}md5sum#\x00'}, 0x30) setpgid(r5, r6) vmsplice(r3, &(0x7f00000008c0)=[{&(0x7f0000000800)="50e005e6815dc6b00b10002c519c66795de0d52fc076f1eb6a9c58cde88a6eef0093b24a178e84740aa6d1618e2033d38d4aea0fb17cda768820a83864ac14405192e4549c3ad33fca5d187507c5a984d6a0c72683e7af2d4a070000000000000005b6d0dce139e4c627395426a1f6fc0b416f7163eb07000000d9e0203181735ccac1e530c361262a0a5e0a98e9ca3d17f2f2f0c116fa9fbdbe757d93e323d17f29", 0xa2}], 0x1, 0xf) ioctl$EVIOCGEFFECTS(r1, 0x80044584, &(0x7f0000000580)=""/190) mq_notify(r1, &(0x7f0000000540)={0x0, 0x1c, 0x7, @thr={&(0x7f0000000440)="4c272be7ad31b92a7819bd4438656080ec27849a76ffa174b3fe114201140a34e5e6cb4d6a3ab9bcdc80a2717dd8542f33caa13b8c9cb9f5d11d4c66dc81779917000c05979ce491010f7259d0ecdb80fb30d6cba6e2b753ac23635fbb3d879cc2982fb4bbe1afcea02f12d11d43e1337c25411ae04bd8efc06636c455e15689c75b95c24f0dbdd30bdf91f2313a3e39b263ff5196302f1880765440d8b1", 0x0}}) accept4$inet(0xffffffffffffffff, &(0x7f00000000c0), &(0x7f0000000100)=0x10, 0x0) setsockopt$sock_int(r0, 0x1, 0x3c, &(0x7f0000d4effc)=0x1, 0x4) remap_file_pages(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x4, 0xa1, 0x40001) connect$inet(r0, &(0x7f00000002c0)={0x2, 0x4e20, @local}, 0x10) ioctl$FS_IOC_FSSETXATTR(r2, 0x401c5820, &(0x7f0000000200)={0x6d, 0x7fff, 0x400, 0x40, 0x4}) sendmmsg(r0, &(0x7f00000010c0)=[{{&(0x7f0000000bc0)=@in6={0xa, 0x2000000, 0x0, @mcast1}, 0x80, &(0x7f0000000d40), 0x2fb, &(0x7f0000000d80)}}], 0x4000000000001b4, 0x40400d4) [ 713.140378] bridge0: port 2(bridge_slave_1) entered blocking state [ 713.146840] bridge0: port 2(bridge_slave_1) entered forwarding state [ 713.153550] bridge0: port 1(bridge_slave_0) entered blocking state [ 713.160011] bridge0: port 1(bridge_slave_0) entered forwarding state [ 713.260796] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 713.285582] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 713.868859] syz-executor0 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=1000 [ 713.881289] syz-executor0 cpuset=syz0 mems_allowed=0 [ 713.886692] CPU: 1 PID: 20327 Comm: syz-executor0 Not tainted 4.20.0-rc1-next-20181109+ #110 [ 713.895290] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 713.904644] Call Trace: [ 713.907254] dump_stack+0x244/0x39d [ 713.910897] ? dump_stack_print_info.cold.1+0x20/0x20 [ 713.916110] ? mark_held_locks+0x130/0x130 [ 713.920374] ? mark_held_locks+0x130/0x130 [ 713.924620] dump_header+0x27b/0xf72 [ 713.928352] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 713.933899] ? pagefault_out_of_memory+0x197/0x197 [ 713.938841] ? debug_smp_processor_id+0x1c/0x20 [ 713.943513] ? perf_trace_lock_acquire+0x15b/0x800 [ 713.948437] ? perf_trace_lock+0x7a0/0x7a0 [ 713.952664] ? graph_lock+0x270/0x270 [ 713.956525] ? print_usage_bug+0xc0/0xc0 [ 713.960589] ? find_held_lock+0x36/0x1c0 [ 713.964645] ? mark_held_locks+0xc7/0x130 [ 713.968791] ? _raw_spin_unlock_irqrestore+0x82/0xd0 [ 713.973882] ? _raw_spin_unlock_irqrestore+0x82/0xd0 [ 713.978975] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 713.983544] ? trace_hardirqs_on+0xbd/0x310 [ 713.987851] ? kasan_check_read+0x11/0x20 [ 713.991989] ? ___ratelimit+0x3b4/0x672 [ 713.995966] ? trace_hardirqs_off_caller+0x300/0x300 [ 714.001066] ? trace_hardirqs_on+0x310/0x310 [ 714.005464] ? lock_downgrade+0x900/0x900 [ 714.009627] ? _raw_spin_unlock_irqrestore+0x6d/0xd0 [ 714.014738] ? ___ratelimit+0x3b9/0x672 [ 714.018706] ? idr_get_free+0xf70/0xf70 [ 714.022667] ? _raw_spin_unlock_irq+0x27/0x80 [ 714.027169] ? _raw_spin_unlock_irq+0x27/0x80 [ 714.031679] oom_kill_process.cold.27+0x10/0x903 [ 714.036423] ? _raw_spin_unlock_irq+0x27/0x80 [ 714.040911] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 714.045488] ? oom_evaluate_task+0x540/0x540 [ 714.049881] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 714.055424] ? cgroup_procs_next+0x70/0x70 [ 714.059651] ? _raw_spin_unlock_irq+0x60/0x80 [ 714.064143] ? oom_badness+0xaa0/0xaa0 [ 714.068027] ? mem_cgroup_scan_tasks+0x1c3/0x1e0 [ 714.072782] ? mem_cgroup_iter_break+0x30/0x30 [ 714.077369] out_of_memory+0xa7f/0x1430 [ 714.081346] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 714.085931] ? trace_hardirqs_on_caller+0xc0/0x310 [ 714.090852] ? oom_killer_disable+0x3a0/0x3a0 [ 714.095358] mem_cgroup_out_of_memory+0x15e/0x210 [ 714.100308] ? memory_oom_group_write+0x160/0x160 [ 714.105171] try_charge+0xdcd/0x1720 [ 714.108886] ? kasan_check_read+0x11/0x20 [ 714.113026] ? mem_cgroup_from_task+0x1f0/0x1f0 [ 714.117882] ? get_mem_cgroup_from_mm.part.62+0x221/0x880 [ 714.123446] ? lock_page_memcg+0x350/0x350 [ 714.127683] ? lock_acquire+0x1ed/0x520 [ 714.131777] ? mem_cgroup_oom_control_write+0x100/0x100 [ 714.137128] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 714.142650] ? check_preemption_disabled+0x48/0x280 [ 714.147694] ? kasan_check_read+0x11/0x20 [ 714.151919] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 714.157197] ? rcu_softirq_qs+0x20/0x20 [ 714.161193] mem_cgroup_try_charge+0x627/0xe20 [ 714.165773] ? mem_cgroup_protected+0xa60/0xa60 [ 714.170431] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 714.175954] ? page_mapping+0x5a2/0xa50 [ 714.179930] ? page_evictable+0x2de/0x540 [ 714.184086] ? check_preemption_disabled+0x48/0x280 [ 714.189101] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 714.194635] mem_cgroup_try_charge_delay+0x1d/0xa0 [ 714.199576] wp_page_copy+0x51d/0x24f0 [ 714.203551] ? follow_pfn+0x2e0/0x2e0 [ 714.207342] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 714.212872] ? reuse_swap_page+0x4bd/0x1520 [ 714.217196] ? swp_swapcount+0x530/0x530 [ 714.221265] ? perf_trace_mm_lru_insertion+0x1490/0x1490 [ 714.226713] ? trace_hardirqs_on_caller+0xc0/0x310 [ 714.231639] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 714.236391] ? print_usage_bug+0xc0/0xc0 [ 714.240446] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 714.245195] ? mark_held_locks+0xc7/0x130 [ 714.249348] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 714.253917] ? graph_lock+0x270/0x270 [ 714.257704] ? __lock_acquire+0x62f/0x4c20 [ 714.261937] ? find_held_lock+0x36/0x1c0 [ 714.265990] ? do_wp_page+0x518/0x2920 [ 714.269886] ? lock_downgrade+0x900/0x900 [ 714.274024] ? wake_up_page_bit+0x6f0/0x6f0 [ 714.278943] ? kasan_check_read+0x11/0x20 [ 714.283090] ? do_raw_spin_unlock+0xa7/0x330 [ 714.287484] ? do_raw_spin_trylock+0x270/0x270 [ 714.292073] ? __pte_alloc_kernel+0x220/0x220 [ 714.296557] ? perf_trace_lock_acquire+0x15b/0x800 [ 714.301482] do_wp_page+0x520/0x2920 [ 714.305189] ? check_preemption_disabled+0x48/0x280 [ 714.310308] ? finish_mkwrite_fault+0x650/0x650 [ 714.314965] ? mark_held_locks+0xc7/0x130 [ 714.319109] ? perf_trace_lock+0x7a0/0x7a0 [ 714.323333] ? trace_hardirqs_on_caller+0xc0/0x310 [ 714.328253] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 714.333783] ? __lock_acquire+0x62f/0x4c20 [ 714.338014] ? mark_held_locks+0x130/0x130 [ 714.342241] ? follow_page_pte+0xdd7/0x1ab0 [ 714.346550] ? lock_downgrade+0x900/0x900 [ 714.350688] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 714.356219] ? check_preemption_disabled+0x48/0x280 [ 714.361233] ? debug_smp_processor_id+0x1c/0x20 [ 714.365888] ? perf_trace_lock_acquire+0x15b/0x800 [ 714.370821] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 714.376354] ? follow_page_pte+0x4f9/0x1ab0 [ 714.380681] ? print_usage_bug+0xc0/0xc0 [ 714.384748] ? undo_dev_pagemap+0x680/0x680 [ 714.389057] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 714.393823] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 714.398406] ? retint_kernel+0x2d/0x2d [ 714.402294] ? print_usage_bug+0xc0/0xc0 [ 714.406345] ? __lock_acquire+0x62f/0x4c20 [ 714.410583] ? lock_acquire+0x1ed/0x520 [ 714.414552] ? __handle_mm_fault+0x1fa9/0x5be0 [ 714.419138] ? kasan_check_write+0x14/0x20 [ 714.423362] ? do_raw_spin_lock+0x14f/0x350 [ 714.427673] ? rwlock_bug.part.2+0x90/0x90 [ 714.431914] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 714.436484] ? retint_kernel+0x2d/0x2d [ 714.440371] __handle_mm_fault+0x3be9/0x5be0 [ 714.444793] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 714.449638] ? perf_trace_lock+0x7a0/0x7a0 [ 714.453867] ? retint_kernel+0x2d/0x2d [ 714.457741] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 714.463368] ? pmd_huge+0xf4/0x140 [ 714.466923] ? graph_lock+0x270/0x270 [ 714.470724] ? graph_lock+0x270/0x270 [ 714.474513] ? find_held_lock+0x36/0x1c0 [ 714.478569] ? handle_mm_fault+0x42a/0xc70 [ 714.482792] ? lock_downgrade+0x900/0x900 [ 714.486929] ? check_preemption_disabled+0x48/0x280 [ 714.491955] ? kasan_check_read+0x11/0x20 [ 714.496095] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 714.501361] ? rcu_read_unlock_special+0x370/0x370 [ 714.506278] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 714.511806] ? check_preemption_disabled+0x48/0x280 [ 714.516819] handle_mm_fault+0x54f/0xc70 [ 714.520870] ? __handle_mm_fault+0x5be0/0x5be0 [ 714.525453] ? __get_user_pages+0xa27/0x1ed0 [ 714.529876] __get_user_pages+0xa3d/0x1ed0 [ 714.534121] ? follow_page_mask+0x2160/0x2160 [ 714.538609] ? debug_smp_processor_id+0x1c/0x20 [ 714.543284] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 714.548834] ? mark_held_locks+0xc7/0x130 [ 714.552974] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 714.557827] ? retint_kernel+0x2d/0x2d [ 714.561714] ? trace_hardirqs_on_caller+0xc0/0x310 [ 714.566639] ? trace_hardirqs_on_caller+0xc0/0x310 [ 714.571556] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 714.576322] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 714.581771] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 714.587213] ? lock_release+0xa10/0xa10 [ 714.591185] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 714.596039] populate_vma_page_range+0x2db/0x3d0 [ 714.600794] ? follow_page+0x420/0x420 [ 714.604697] ? __mm_populate+0x2ad/0x4d0 [ 714.608751] __mm_populate+0x286/0x4d0 [ 714.612731] ? populate_vma_page_range+0x3d0/0x3d0 [ 714.617658] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 714.623191] ? ns_capable_common+0x13f/0x170 [ 714.627594] __x64_sys_mlockall+0x45b/0x630 [ 714.631904] ? __ia32_sys_munlock+0x160/0x160 [ 714.636391] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 714.641918] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 714.647271] ? trace_hardirqs_off_caller+0x300/0x300 [ 714.652370] do_syscall_64+0x1b9/0x820 [ 714.656246] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 714.661600] ? syscall_return_slowpath+0x5e0/0x5e0 [ 714.666521] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 714.671468] ? trace_hardirqs_on_caller+0x310/0x310 [ 714.676483] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 714.681488] ? prepare_exit_to_usermode+0x291/0x3b0 [ 714.686500] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 714.691359] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 714.696547] RIP: 0033:0x457569 [ 714.699728] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 714.719127] RSP: 002b:00007f835d885c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097 [ 714.726845] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 0000000000457569 [ 714.734107] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 714.741365] RBP: 000000000072bfa0 R08: 0000000000000000 R09: 0000000000000000 [ 714.748627] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f835d8866d4 [ 714.755886] R13: 00000000004c2b54 R14: 00000000004d4810 R15: 00000000ffffffff [ 714.769794] Task in /syz0 killed as a result of limit of /syz0 [ 714.776218] memory: usage 307200kB, limit 307200kB, failcnt 1636 [ 714.776229] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 714.776299] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 714.789415] Memory cgroup stats for /syz0: cache:144KB rss:297044KB rss_huge:268288KB shmem:28KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:52756KB active_anon:12984KB inactive_file:0KB active_file:0KB unevictable:231328KB [ 714.817513] Memory cgroup out of memory: Kill process 20313 (syz-executor0) score 1216 or sacrifice child [ 714.828591] Killed process 20329 (syz-executor0) total-vm:70468kB, anon-rss:18068kB, file-rss:32896kB, shmem-rss:0kB [ 714.842508] oom_reaper: reaped process 20329 (syz-executor0), now anon-rss:0kB, file-rss:32768kB, shmem-rss:0kB [ 715.263439] device bridge_slave_1 left promiscuous mode [ 715.268995] bridge0: port 2(bridge_slave_1) entered disabled state [ 715.342190] device bridge_slave_0 left promiscuous mode [ 715.347764] bridge0: port 1(bridge_slave_0) entered disabled state [ 718.072653] team0 (unregistering): Port device team_slave_1 removed [ 718.083514] team0 (unregistering): Port device team_slave_0 removed [ 718.094360] bond0 (unregistering): Releasing backup interface bond_slave_1 [ 718.135222] bond0 (unregistering): Releasing backup interface bond_slave_0 [ 718.222423] bond0 (unregistering): Released all slaves [ 719.623973] 8021q: adding VLAN 0 to HW filter on device bond0 [ 719.732015] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 719.872100] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 719.878382] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 719.887158] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 720.025790] 8021q: adding VLAN 0 to HW filter on device team0 00:54:15 executing program 1: r0 = add_key$user(0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe) keyctl$update(0x2, r0, &(0x7f0000000440), 0x0) r1 = syz_open_dev$swradio(&(0x7f00000000c0)='/dev/swradio#\x00', 0xffffffffffffffff, 0x2) mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x4, 0x11, r1, 0x0) 00:54:15 executing program 5: add_key$user(&(0x7f0000000040)='user\x00', 0x0, &(0x7f0000000380), 0x0, 0xfffffffffffffffe) keyctl$update(0x2, 0x0, 0x0, 0x0) r0 = syz_open_dev$swradio(&(0x7f00000000c0)='/dev/swradio#\x00', 0xffffffffffffffff, 0x2) mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2002, 0xfffffffffffffffd, 0x11, r0, 0x0) ioctl$ASHMEM_GET_SIZE(0xffffffffffffffff, 0x7704, 0x0) 00:54:15 executing program 4: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000280)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000480)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) read$FUSE(r0, &(0x7f0000003000), 0x4ea) write$FUSE_INIT(r0, &(0x7f0000000600)={0xfffffffffffffdef, 0x0, 0x2, {0x7, 0x1c, 0x0, 0x0, 0x7ff}}, 0x50) 00:54:15 executing program 2: r0 = add_key$user(&(0x7f0000000040)='user\x00', &(0x7f0000000000)={'syz'}, &(0x7f0000000380)='X', 0x1, 0xfffffffffffffffe) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getsockopt$IP_VS_SO_GET_VERSION(0xffffffffffffffff, 0x0, 0x480, 0x0, 0x0) keyctl$update(0x2, r0, &(0x7f0000000440)="c0ca1cdbaa1aedbbed80dddaa28e15b9449e2e82cca4244c40ffd0fd4e6631c7d3d86e1339de17344340b02dd527f2d8b3ae6c1db3594e657da33c3ec668f143974a65753472df5319a6b83e1e86b8f2666c61a2e700d1c1e0ae1fc52494bd4885a5c64e9007d39fa11313805290dd6342f9775f01a02ec88f6bee22f25a377a9b143abba1264586d2779088006d5f9be82b00f10287031623f73470264cc5897f18f357aad6deb3883da88ae2266664933785a3ce72bb224a441437ea93c21782d4501b9dfbf48a9f3ea14cb792a7876f17297a8c870d7a2d46a36a2cd3e33e21894d91caa64b131dbf5c53066c1ac83ceba29ceab25127e8", 0xf9) r1 = syz_open_dev$swradio(&(0x7f00000000c0)='/dev/swradio#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f0000000340)={0x0, 0x9, 0x1, {0xb, @pix={0x0, 0x1f}}}) mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xfffffffffffffffd, 0x11, r1, 0x0) clone(0x0, &(0x7f0000000080), &(0x7f0000000000), &(0x7f0000915ffc), &(0x7f0000000180)) ioctl$ASHMEM_GET_SIZE(0xffffffffffffffff, 0x7704, 0x0) openat$autofs(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/autofs\x00', 0x401, 0x0) 00:54:15 executing program 3: r0 = syz_open_dev$mice(0x0, 0x0, 0x0) r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000400)="2f6a7374617400c65381b47aaedf2af5c8af3423fc41891bd2a3c56d8c88e29bad43f1da906e855ff182de04227edcbbc2b1df8f180e158e8abd442cc049cffda030ff277875ee010000000000000000000000000000000000000000000000f532144d1671a6cdf5069e5bddcf25cd7f23956b4a82df900f5eb5763b4fe8cc7172962d2590b2dca2a1308c382541b053194d9027d83ee7ba2e3280857f8f9f63fc90bae959c6e67078bf97e615bfd9409914958aadcfb37973543c60d83526e5c267f7dfa54bd524cc9671dedd665199322bdadee125a35b40b7be0c07301f439a7edfa26fa98277c8078b02e2076291c33787c58b0eabbc39288fc10509409de108f5ca26a8c8e1afb70b2a9569cf8f4cdb6d4e97eb7fdf241dee160e6071618333cc0b0e8bc6a17a0b7d604550fd149ad078ffe54c6392fba29015a3ae73774cd12c9c0ed251a7cf843d712d", 0x2761, 0x0) setsockopt$inet6_dccp_int(r0, 0x21, 0x3, &(0x7f0000000900)=0x9, 0x4) bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)=ANY=[], &(0x7f00000001c0)='GPL\x00'}, 0x48) r2 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x2761, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x4030582a, &(0x7f0000000000)) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000840), 0x0, &(0x7f0000000700)}, 0x0) r3 = syz_open_dev$usbmon(&(0x7f0000000080)='/dev/usbmon#\x00', 0x1, 0x181) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendmsg$kcm(r3, &(0x7f00000008c0)={0x0, 0x0, &(0x7f0000000580)=[{&(0x7f0000000200)="c6ef35c0a52df94d1c3e87a43ba6c98fb9aface8957396d425ec6812534f457bc549f54f1a2c8daa8592193f24fccee61d2dcb9c1739d1ee378e12f8fef207f1c5c84c36e4364c88472e4e446fc57e23685d885f9031b9963c9983b7d149363a153a31e72fbd736d4f4a18af4b308d5dda07e4131ce7908aca41d4a2e2fb0218a712ce16fe43bc216ccffa58f2bd57251208fc69ef3d8f2385b93ce8578a2bef4923ecc199a727788f16f076bbf720a270be2267c1953bc5962e35e67cfd3d64dbd70ab80742f43fa2bd62f3da50b3beaa9a64e4806347b1666a7ddc42b5bc", 0xdf}, {&(0x7f00000000c0)="218207753fe847899ce11765dbf14e8f8e80fb7768d4748b85c1e313c001a41258da40052578293911ef4b8699928bbbd7cdfa60bf407dd242e5139edbff50853aaf5e9d7da6a5aeb5157ec9ef19f7903cc94fe75ddc41eb611b068d05efa213d79a8298dacb3ea2cb9d8f0df55f6764438ba7eb3f00126a3b928f9b95084d4fce15e6fa9b2c879ff0099c92", 0x8c}, {&(0x7f0000000300)="be11a8fd4d87eec85e6eab9b18514a6bca6ef6c6db5db4526b207ba9d20f8fecca68c91409d18db7666609f70a5a55e9659202a7906cde8eff00eca7d5f9d4547c6f437acb59cfbd456dce7c8fce0c64ed08b69f12fbe7e83954c5dba70b4f91b7cfed3592697c58cf5feb4dfea8945562c005c1d5d12639868a36e3c4d1d59a66d8e01416064f973b96489ac803c0a08a83859a0254f3bf342a51ffb5", 0x9d}, {&(0x7f00000003c0)="085915b3ce9dbb99371c688162b7e575655fdd391f04fb239036d45c2ee9de8e", 0x20}], 0x4, &(0x7f00000005c0)=[{0x58, 0x10f, 0x0, "06d9b8f5d71cc5304a3c9ec73d90dc6ceed6e0be78bc1ff3fe437603caa796ecbc4f9d24e9b8a1385b3f990e7738582a4fb7f93763887dcec019f0b24358e10da5ec920d2b"}, {0x88, 0x1ff, 0x9, "3766852f98c9954265631e6db0c3d45838004d00619218bc06abd6ce762ec2b371c423346027a87712b7d135de0f0e0f86639e01ed38a819d6f5b9ff09eda8134901249e2f9dc629bddc37c1debfb26260cdcd30f2b3d64c522751a8a424bb9c52ccb04250f856df756ee1c00fb41bf8862871873c8e9666"}, {0xd8, 0x10f, 0x6, "f2441ad5c8eb21f51aa74e3d1a249a2ac16058a70d4078fc2af7b934216180da4adf4181d06a65a16c798918fa796aafc1c946fbb6121114fe70fd4fa593956838f04f859aa4d5c15fab5051dd10012fbbff7de2971c3755664f5040297877266b1e4977e2b52e817f211513577ad5f1a996000624736ece06300c48fa0535295b5c12336738f8e2fda521ad59a0824fd2e81e0a6307380e02f32b630f2b389bc4a8383f61a483f8983a72647f7b118286ab1dcf8daf48681b53641682adcc202e61ec"}, {0x68, 0x102, 0x1, "545872823fc800fce3ef3149388509d06eac7dca29e2d7027f6b3cb25c1f5c03fa0d212f547340ae2f8756df6216b6b9e4089868c9a23ce10b4cdbd4572ee20ec7cf60877a915716bdb02476bbf64e5a8c"}, {0x88, 0x13b, 0x8, "c440df0bb412a70af1efd7503e5bed94e0428fd6e04c4a4e4ea85c98380010461e18edd3f3a4785ad800125e609a14fe195a456fcd1b9d315454bee7b208259eddd704a43e4d7205466555db50fef1e6ba97c26564cb8e9c90c7667ae5514ed4bd2b017721437da3d6c0208e818d9b308141c78e0711"}, {0x10, 0x109, 0x2b81ed62800000}, {0x48, 0x0, 0x101, "7449e50f29eb90a79ffbab733472bb6f3fda4c03ebe3955de2a61c29fbd0c0cc8fd9086e60c99225549567a535cda5c6e57e172943691b"}], 0x300, 0x4}, 0x24000090) socket$nl_generic(0x10, 0x3, 0x10) ioctl$PERF_EVENT_IOC_PERIOD(r1, 0x4030582a, &(0x7f0000000000)) 00:54:15 executing program 0: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000000)=0x102, 0x4) bind$inet(r0, &(0x7f0000942000)={0x2, 0x4e20, @multicast1}, 0x10) getsockopt$IP_VS_SO_GET_SERVICE(r0, 0x0, 0x483, &(0x7f0000000300), &(0x7f00000000c0)=0xfe18) r1 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000400)='/dev/vga_arbiter\x00', 0x3fc, 0x0) getsockopt$IP6T_SO_GET_REVISION_MATCH(r1, 0x29, 0x44, &(0x7f0000000180)={'NETMAP\x00'}, &(0x7f00000001c0)=0x1e) mlockall(0x1) clone(0x0, 0x0, 0xfffffffffffffffe, &(0x7f0000000080), 0xffffffffffffffff) r2 = open(&(0x7f0000000140)='./file0\x00', 0x0, 0x99) exit(0x7fffffffbffefffd) r3 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mlockall(0x3) ioctl$VHOST_SET_VRING_CALL(r1, 0x4008af21, &(0x7f0000000500)={0x3, r2}) r4 = getpgid(0xffffffffffffffff) setpriority(0x1, r4, 0x5) r5 = getpgrp(0x0) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000280)={0xffffffffffffffff, r1, 0x0, 0xf, &(0x7f0000000240)='wlan0\\}md5sum#\x00'}, 0x30) setpgid(r5, r6) vmsplice(r3, &(0x7f00000008c0)=[{&(0x7f0000000800)="50e005e6815dc6b00b10002c519c66795de0d52fc076f1eb6a9c58cde88a6eef0093b24a178e84740aa6d1618e2033d38d4aea0fb17cda768820a83864ac14405192e4549c3ad33fca5d187507c5a984d6a0c72683e7af2d4a070000000000000005b6d0dce139e4c627395426a1f6fc0b416f7163eb07000000d9e0203181735ccac1e530c361262a0a5e0a98e9ca3d17f2f2f0c116fa9fbdbe757d93e323d17f29", 0xa2}], 0x1, 0xf) ioctl$EVIOCGEFFECTS(r1, 0x80044584, &(0x7f0000000580)=""/190) mq_notify(r1, &(0x7f0000000540)={0x0, 0x1c, 0x7, @thr={&(0x7f0000000440)="4c272be7ad31b92a7819bd4438656080ec27849a76ffa174b3fe114201140a34e5e6cb4d6a3ab9bcdc80a2717dd8542f33caa13b8c9cb9f5d11d4c66dc81779917000c05979ce491010f7259d0ecdb80fb30d6cba6e2b753ac23635fbb3d879cc2982fb4bbe1afcea02f12d11d43e1337c25411ae04bd8efc06636c455e15689c75b95c24f0dbdd30bdf91f2313a3e39b263ff5196302f1880765440d8b1", 0x0}}) accept4$inet(0xffffffffffffffff, &(0x7f00000000c0), &(0x7f0000000100)=0x10, 0x0) setsockopt$sock_int(r0, 0x1, 0x3c, &(0x7f0000d4effc)=0x1, 0x4) remap_file_pages(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x4, 0xa1, 0x40001) connect$inet(r0, &(0x7f00000002c0)={0x2, 0x4e20, @local}, 0x10) ioctl$FS_IOC_FSSETXATTR(r2, 0x401c5820, &(0x7f0000000200)={0x6d, 0x7fff, 0x400, 0x40, 0x4}) sendmmsg(r0, &(0x7f00000010c0)=[{{&(0x7f0000000bc0)=@in6={0xa, 0x800d0020, 0x0, @mcast1}, 0x80, &(0x7f0000000d40), 0x2fb, &(0x7f0000000d80)}}], 0x4000000000001b4, 0x40400d4) 00:54:15 executing program 5: add_key$user(&(0x7f0000000040)='user\x00', 0x0, &(0x7f0000000380), 0x0, 0xfffffffffffffffe) keyctl$update(0x2, 0x0, 0x0, 0x0) r0 = syz_open_dev$swradio(&(0x7f00000000c0)='/dev/swradio#\x00', 0xffffffffffffffff, 0x2) mmap(&(0x7f0000ffe000/0x2000)=nil, 0xffff8000, 0xfffffffffffffffd, 0x11, r0, 0x0) ioctl$ASHMEM_GET_SIZE(0xffffffffffffffff, 0x7704, 0x0) 00:54:15 executing program 1: r0 = add_key$user(0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe) keyctl$update(0x2, r0, &(0x7f0000000440), 0x0) r1 = syz_open_dev$swradio(&(0x7f00000000c0)='/dev/swradio#\x00', 0xffffffffffffffff, 0x2) mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xffffffff00000004, 0x11, r1, 0x0) 00:54:15 executing program 3: syz_open_dev$mice(0x0, 0x0, 0x20000000000) r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000400)="2f6a7374617400c65381b47aaedf2af5c8af3423fc41891bd2a3c56d8c88e29bad43f1da906e855ff182de04227edcbbc2b1df8f180e158e8abd442cc049cffda030ff277875ee010000000000000000000000000000000000000000000000f532144d1671a6cdf5069e5bddcf25cd7f23956b4a82df900f5eb5763b4fe8cc7172962d2590b2dca2a1308c382541b053194d9027d83ee7ba2e3280857f8f9f63fc90bae959c6e67078bf97e615bfd9409914958aadcfb37973543c60d83526e5c267f7dfa54bd524cc9671dedd665199322bdadee125a35b40b7be0c07301f439a7edfa26fa98277c8078b02e2076291c33787c58b0eabbc39288fc10509409de108f5ca26a8c8e1afb70b2a9569cf8f4cdb6d4e97eb7fdf241dee160e6071618333cc0b0e8bc6a17a0b7d604550fd149ad078ffe54c6392fba29015a3ae73774cd12c9c0ed251a7cf843d712d", 0x2761, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)=ANY=[], &(0x7f00000001c0)='GPL\x00'}, 0x48) r1 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x2761, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r1, 0x4030582a, &(0x7f0000000000)) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000840), 0x0, &(0x7f0000000700)}, 0x0) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x4030582a, &(0x7f0000000000)) 00:54:15 executing program 4: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000280)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000480)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) read$FUSE(r0, &(0x7f0000003000), 0x4ea) write$FUSE_INIT(r0, &(0x7f0000000600)={0xfffffdef, 0x0, 0x2, {0x7, 0x1c, 0x0, 0x0, 0x7ff}}, 0x50) [ 720.873148] syz-executor0 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=1000 00:54:15 executing program 2: r0 = add_key$user(&(0x7f0000000040)='user\x00', &(0x7f0000000000)={'syz'}, &(0x7f0000000380)='X', 0x1, 0xfffffffffffffffe) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getsockopt$IP_VS_SO_GET_VERSION(0xffffffffffffffff, 0x0, 0x480, 0x0, 0x0) keyctl$update(0x2, r0, &(0x7f0000000440)="c0ca1cdbaa1aedbbed80dddaa28e15b9449e2e82cca4244c40ffd0fd4e6631c7d3d86e1339de17344340b02dd527f2d8b3ae6c1db3594e657da33c3ec668f143974a65753472df5319a6b83e1e86b8f2666c61a2e700d1c1e0ae1fc52494bd4885a5c64e9007d39fa11313805290dd6342f9775f01a02ec88f6bee22f25a377a9b143abba1264586d2779088006d5f9be82b00f10287031623f73470264cc5897f18f357aad6deb3883da88ae2266664933785a3ce72bb224a441437ea93c21782d4501b9dfbf48a9f3ea14cb792a7876f17297a8c870d7a2d46a36a2cd3e33e21894d91caa64b131dbf5c53066c1ac83ceba29ceab25127e8", 0xf9) r1 = syz_open_dev$swradio(&(0x7f00000000c0)='/dev/swradio#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f0000000340)={0x0, 0x9, 0x1, {0xb, @pix={0x0, 0x1f}}}) mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xfffffffffffffffd, 0x11, r1, 0x0) clone(0x0, &(0x7f0000000080), &(0x7f0000000000), &(0x7f0000915ffc), &(0x7f0000000180)) ioctl$ASHMEM_GET_SIZE(0xffffffffffffffff, 0x7704, 0x0) openat$autofs(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/autofs\x00', 0x401, 0x0) 00:54:15 executing program 5: add_key$user(&(0x7f0000000040)='user\x00', 0x0, &(0x7f0000000380), 0x0, 0xfffffffffffffffe) keyctl$update(0x2, 0x0, 0x0, 0x0) r0 = syz_open_dev$swradio(&(0x7f00000000c0)='/dev/swradio#\x00', 0xffffffffffffffff, 0x2) mmap(&(0x7f0000ffe000/0x2000)=nil, 0x7fffdf001000, 0xfffffffffffffffd, 0x11, r0, 0x0) ioctl$ASHMEM_GET_SIZE(0xffffffffffffffff, 0x7704, 0x0) [ 720.982175] syz-executor0 cpuset=syz0 mems_allowed=0 [ 721.020996] CPU: 1 PID: 20508 Comm: syz-executor0 Not tainted 4.20.0-rc1-next-20181109+ #110 [ 721.029721] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 721.039082] Call Trace: [ 721.041704] dump_stack+0x244/0x39d [ 721.045355] ? dump_stack_print_info.cold.1+0x20/0x20 [ 721.050568] dump_header+0x27b/0xf72 [ 721.054325] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 721.059886] ? pagefault_out_of_memory+0x197/0x197 [ 721.064841] ? debug_smp_processor_id+0x1c/0x20 [ 721.069528] ? perf_trace_lock_acquire+0x15b/0x800 [ 721.074482] ? perf_trace_lock+0x7a0/0x7a0 [ 721.078740] ? graph_lock+0x270/0x270 [ 721.082559] ? print_usage_bug+0xc0/0xc0 [ 721.086638] ? perf_trace_lock+0x7a0/0x7a0 [ 721.090898] ? find_held_lock+0x36/0x1c0 [ 721.094976] ? mark_held_locks+0xc7/0x130 [ 721.099158] ? _raw_spin_unlock_irqrestore+0x82/0xd0 [ 721.104298] ? _raw_spin_unlock_irqrestore+0x82/0xd0 [ 721.109416] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 721.114012] ? trace_hardirqs_on+0xbd/0x310 [ 721.118347] ? kasan_check_read+0x11/0x20 [ 721.122502] ? ___ratelimit+0x3b4/0x672 [ 721.126492] ? trace_hardirqs_off_caller+0x300/0x300 [ 721.131609] ? trace_hardirqs_on+0x310/0x310 [ 721.136028] ? lock_downgrade+0x900/0x900 [ 721.140195] ? _raw_spin_unlock_irqrestore+0x6d/0xd0 [ 721.145309] ? ___ratelimit+0x3b9/0x672 [ 721.149298] ? idr_get_free+0xf70/0xf70 [ 721.153286] ? _raw_spin_unlock_irq+0x27/0x80 [ 721.157807] ? _raw_spin_unlock_irq+0x27/0x80 [ 721.162323] oom_kill_process.cold.27+0x10/0x903 [ 721.167090] ? _raw_spin_unlock_irq+0x27/0x80 [ 721.171611] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 721.176210] ? oom_evaluate_task+0x540/0x540 [ 721.180624] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 721.186174] ? cgroup_procs_next+0x70/0x70 [ 721.190428] ? _raw_spin_unlock_irq+0x60/0x80 [ 721.194933] ? oom_badness+0xaa0/0xaa0 [ 721.198850] ? mem_cgroup_scan_tasks+0x1c3/0x1e0 [ 721.203620] ? mem_cgroup_iter_break+0x30/0x30 [ 721.208236] ? mark_held_locks+0xc7/0x130 [ 721.212401] out_of_memory+0xa7f/0x1430 [ 721.216396] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 721.220992] ? kasan_check_read+0x11/0x20 [ 721.225156] ? oom_killer_disable+0x3a0/0x3a0 [ 721.229703] mem_cgroup_out_of_memory+0x15e/0x210 [ 721.234582] ? memory_oom_group_write+0x160/0x160 [ 721.239438] ? mem_cgroup_try_charge+0x627/0xe20 [ 721.244211] ? page_counter_try_charge+0x1c1/0x220 [ 721.249155] try_charge+0xdcd/0x1720 [ 721.252880] ? kasan_check_read+0x11/0x20 [ 721.257046] ? mem_cgroup_from_task+0x1f0/0x1f0 [ 721.261732] ? get_mem_cgroup_from_mm.part.62+0x221/0x880 [ 721.267294] ? lock_page_memcg+0x350/0x350 [ 721.271548] ? lock_acquire+0x1ed/0x520 [ 721.275533] ? mem_cgroup_oom_control_write+0x100/0x100 [ 721.280907] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 721.286465] ? check_preemption_disabled+0x48/0x280 [ 721.291499] ? kasan_check_read+0x11/0x20 [ 721.295658] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 721.300939] ? rcu_softirq_qs+0x20/0x20 [ 721.304949] mem_cgroup_try_charge+0x627/0xe20 [ 721.309543] ? undo_dev_pagemap+0x680/0x680 [ 721.313884] ? mem_cgroup_protected+0xa60/0xa60 00:54:16 executing program 5: add_key$user(&(0x7f0000000040)='user\x00', 0x0, &(0x7f0000000380), 0x0, 0xfffffffffffffffe) keyctl$update(0x2, 0x0, 0x0, 0x0) r0 = syz_open_dev$swradio(&(0x7f00000000c0)='/dev/swradio#\x00', 0xffffffffffffffff, 0x2) mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x4, 0x11, r0, 0x0) ioctl$ASHMEM_GET_SIZE(0xffffffffffffffff, 0x7704, 0x0) 00:54:16 executing program 2: r0 = add_key$user(&(0x7f0000000040)='user\x00', &(0x7f0000000000)={'syz'}, &(0x7f0000000380)='X', 0x1, 0xfffffffffffffffe) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getsockopt$IP_VS_SO_GET_VERSION(0xffffffffffffffff, 0x0, 0x480, 0x0, 0x0) keyctl$update(0x2, r0, &(0x7f0000000440)="c0ca1cdbaa1aedbbed80dddaa28e15b9449e2e82cca4244c40ffd0fd4e6631c7d3d86e1339de17344340b02dd527f2d8b3ae6c1db3594e657da33c3ec668f143974a65753472df5319a6b83e1e86b8f2666c61a2e700d1c1e0ae1fc52494bd4885a5c64e9007d39fa11313805290dd6342f9775f01a02ec88f6bee22f25a377a9b143abba1264586d2779088006d5f9be82b00f10287031623f73470264cc5897f18f357aad6deb3883da88ae2266664933785a3ce72bb224a441437ea93c21782d4501b9dfbf48a9f3ea14cb792a7876f17297a8c870d7a2d46a36a2cd3e33e21894d91caa64b131dbf5c53066c1ac83ceba29ceab25127e8", 0xf9) r1 = syz_open_dev$swradio(&(0x7f00000000c0)='/dev/swradio#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f0000000340)={0x0, 0x9, 0x1, {0xb, @pix={0x0, 0x1f}}}) mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xfffffffffffffffd, 0x11, r1, 0x0) clone(0x0, &(0x7f0000000080), &(0x7f0000000000), &(0x7f0000915ffc), &(0x7f0000000180)) add_key$user(&(0x7f0000000240)='user\x00', &(0x7f0000000540)={'syz'}, &(0x7f0000000600)="63bbdf5b932bb04481028798fd5fb1bf7183b30984e21c3eb3094d70650ee8624e2bdce1427bd61c8e222dbd67d402b7ccaf0c5dc50030ee14d419fa9c84b0ffd1019f1b2ae022a0f182301f9942566e6f61eabe384c732d0813a18bb3dc9f3a678d9d44e6293e786ab2e6d28f236c138d63fe4f6ece6f3d04", 0x79, 0xfffffffffffffffd) openat$autofs(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/autofs\x00', 0x401, 0x0) [ 721.318575] ? __lock_acquire+0x62f/0x4c20 [ 721.322837] ? __handle_mm_fault+0x2da9/0x5be0 [ 721.327441] ? mark_held_locks+0x130/0x130 [ 721.331693] ? do_raw_spin_unlock+0xa7/0x330 [ 721.336143] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 721.341701] mem_cgroup_try_charge_delay+0x1d/0xa0 [ 721.346661] __handle_mm_fault+0x284e/0x5be0 [ 721.351112] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 721.356064] ? perf_trace_lock+0x7a0/0x7a0 [ 721.360327] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 721.365875] ? pmd_huge+0xf4/0x140 00:54:16 executing program 5: add_key$user(&(0x7f0000000040)='user\x00', 0x0, &(0x7f0000000380), 0x0, 0xfffffffffffffffe) keyctl$update(0x2, 0x0, 0x0, 0x0) r0 = syz_open_dev$swradio(&(0x7f00000000c0)='/dev/swradio#\x00', 0xffffffffffffffff, 0x2) mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xffffffff00000004, 0x11, r0, 0x0) ioctl$ASHMEM_GET_SIZE(0xffffffffffffffff, 0x7704, 0x0) [ 721.369446] ? graph_lock+0x270/0x270 [ 721.373258] ? graph_lock+0x270/0x270 [ 721.377079] ? find_held_lock+0x36/0x1c0 [ 721.381177] ? handle_mm_fault+0x42a/0xc70 [ 721.385426] ? lock_downgrade+0x900/0x900 [ 721.389583] ? check_preemption_disabled+0x48/0x280 [ 721.394612] ? kasan_check_read+0x11/0x20 [ 721.398776] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 721.404071] ? rcu_read_unlock_special+0x370/0x370 [ 721.409033] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 721.414615] ? check_preemption_disabled+0x48/0x280 [ 721.419671] handle_mm_fault+0x54f/0xc70 [ 721.423756] ? __handle_mm_fault+0x5be0/0x5be0 [ 721.428352] ? find_vma+0x34/0x190 [ 721.431905] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 721.436941] __get_user_pages+0xa3d/0x1ed0 [ 721.441208] ? follow_page_mask+0x2160/0x2160 [ 721.445723] ? debug_smp_processor_id+0x1c/0x20 [ 721.450405] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 721.455976] ? graph_lock+0x270/0x270 [ 721.459802] ? rcu_is_watching+0x30/0x30 [ 721.463876] ? graph_lock+0x270/0x270 [ 721.467692] ? kzfree+0x28/0x30 00:54:16 executing program 3: r0 = syz_open_dev$mice(0x0, 0x0, 0x0) r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000400)="2f6a7374617400c65381b47aaedf2af5c8af3423fc41891bd2a3c56d8c88e29bad43f1da906e855ff182de04227edcbbc2b1df8f180e158e8abd442cc049cffda030ff277875ee010000000000000000000000000000000000000000000000f532144d1671a6cdf5069e5bddcf25cd7f23956b4a82df900f5eb5763b4fe8cc7172962d2590b2dca2a1308c382541b053194d9027d83ee7ba2e3280857f8f9f63fc90bae959c6e67078bf97e615bfd9409914958aadcfb37973543c60d83526e5c267f7dfa54bd524cc9671dedd665199322bdadee125a35b40b7be0c07301f439a7edfa26fa98277c8078b02e2076291c33787c58b0eabbc39288fc10509409de108f5ca26a8c8e1afb70b2a9569cf8f4cdb6d4e97eb7fdf241dee160e6071618333cc0b0e8bc6a17a0b7d604550fd149ad078ffe54c6392fba29015a3ae73774cd12c9c0ed251a7cf843d712d", 0x2761, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)=ANY=[], &(0x7f00000001c0)='GPL\x00'}, 0x48) r2 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x2761, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x4030582a, &(0x7f0000000000)) getsockopt$inet6_mreq(r0, 0x29, 0x1c, &(0x7f0000000080)={@dev, 0x0}, &(0x7f00000000c0)=0x14) ioctl$sock_inet6_SIOCSIFDSTADDR(r1, 0x8918, &(0x7f0000000100)={@mcast2, 0xe, r3}) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000840), 0x0, &(0x7f0000000700)}, 0x0) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r1, 0x4030582a, &(0x7f0000000000)) [ 721.470994] ? lock_acquire+0x1ed/0x520 [ 721.475104] ? __mm_populate+0x31a/0x4d0 [ 721.479187] ? lock_release+0xa10/0xa10 [ 721.483172] ? perf_trace_sched_process_exec+0x860/0x860 [ 721.488736] populate_vma_page_range+0x2db/0x3d0 [ 721.493510] ? follow_page+0x420/0x420 [ 721.497429] ? find_vma+0x34/0x190 [ 721.501012] __mm_populate+0x286/0x4d0 [ 721.504928] ? populate_vma_page_range+0x3d0/0x3d0 [ 721.509882] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 721.515440] ? ns_capable_common+0x13f/0x170 [ 721.519876] __x64_sys_mlockall+0x45b/0x630 [ 721.524215] ? __ia32_sys_munlock+0x160/0x160 [ 721.528736] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 721.534300] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 721.539694] ? trace_hardirqs_off_caller+0x300/0x300 [ 721.544832] do_syscall_64+0x1b9/0x820 [ 721.548746] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 721.554150] ? syscall_return_slowpath+0x5e0/0x5e0 [ 721.559111] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 721.563976] ? trace_hardirqs_on_caller+0x310/0x310 [ 721.569110] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 721.574144] ? prepare_exit_to_usermode+0x291/0x3b0 [ 721.579194] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 721.584068] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 721.589280] RIP: 0033:0x457569 [ 721.592485] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 721.611410] RSP: 002b:00007f835d8a6c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097 00:54:16 executing program 1: r0 = add_key$user(0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe) keyctl$update(0x2, r0, &(0x7f0000000440), 0x0) r1 = syz_open_dev$swradio(&(0x7f00000000c0)='/dev/swradio#\x00', 0xffffffffffffffff, 0x2) mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xffffffffffff0004, 0x11, r1, 0x0) [ 721.619137] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 0000000000457569 [ 721.626420] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001 [ 721.633716] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 721.641000] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f835d8a76d4 [ 721.648281] R13: 00000000004c2b54 R14: 00000000004d4810 R15: 00000000ffffffff [ 721.821558] Task in /syz0 killed as a result of limit of /syz0 [ 721.828915] memory: usage 307060kB, limit 307200kB, failcnt 1654 [ 721.839078] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 721.861297] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 721.873420] Memory cgroup stats for /syz0: cache:144KB rss:297272KB rss_huge:266240KB shmem:28KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:61868KB active_anon:17080KB inactive_file:0KB active_file:0KB unevictable:218364KB [ 721.908456] Memory cgroup out of memory: Kill process 18916 (syz-executor0) score 1156 or sacrifice child [ 721.918652] Killed process 18916 (syz-executor0) total-vm:70732kB, anon-rss:18452kB, file-rss:32768kB, shmem-rss:0kB [ 721.932763] oom_reaper: reaped process 18916 (syz-executor0), now anon-rss:0kB, file-rss:32768kB, shmem-rss:0kB [ 722.323406] syz-executor0 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=1000 [ 722.335694] syz-executor0 cpuset=syz0 mems_allowed=0 [ 722.341193] CPU: 0 PID: 20574 Comm: syz-executor0 Not tainted 4.20.0-rc1-next-20181109+ #110 [ 722.349794] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 722.359146] Call Trace: [ 722.361726] dump_stack+0x244/0x39d [ 722.365340] ? dump_stack_print_info.cold.1+0x20/0x20 [ 722.370536] ? mark_held_locks+0x130/0x130 [ 722.374755] ? mark_held_locks+0x130/0x130 [ 722.378979] dump_header+0x27b/0xf72 [ 722.382684] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 722.388207] ? pagefault_out_of_memory+0x197/0x197 [ 722.393123] ? debug_smp_processor_id+0x1c/0x20 [ 722.397791] ? perf_trace_lock_acquire+0x15b/0x800 [ 722.402721] ? perf_trace_lock+0x7a0/0x7a0 [ 722.406944] ? graph_lock+0x270/0x270 [ 722.410734] ? print_usage_bug+0xc0/0xc0 [ 722.414779] ? mark_held_locks+0xc7/0x130 [ 722.418916] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 722.423665] ? find_held_lock+0x36/0x1c0 [ 722.427716] ? mark_held_locks+0xc7/0x130 [ 722.431881] ? _raw_spin_unlock_irqrestore+0x82/0xd0 [ 722.436979] ? _raw_spin_unlock_irqrestore+0x82/0xd0 [ 722.442074] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 722.446645] ? trace_hardirqs_on+0xbd/0x310 [ 722.450955] ? kasan_check_read+0x11/0x20 [ 722.455107] ? ___ratelimit+0x3b4/0x672 [ 722.459072] ? trace_hardirqs_off_caller+0x300/0x300 [ 722.464173] ? trace_hardirqs_on+0x310/0x310 [ 722.468576] ? _raw_spin_unlock_irqrestore+0x6d/0xd0 [ 722.473671] ? ___ratelimit+0x3b9/0x672 [ 722.477637] ? idr_get_free+0xf70/0xf70 [ 722.481607] oom_kill_process.cold.27+0x10/0x903 [ 722.486373] ? _raw_spin_unlock_irq+0x56/0x80 [ 722.490875] ? oom_evaluate_task+0x540/0x540 [ 722.495381] ? cgroup_procs_next+0x70/0x70 [ 722.499606] ? _raw_spin_unlock_irq+0x60/0x80 [ 722.504086] ? oom_badness+0xaa0/0xaa0 [ 722.507974] ? mem_cgroup_scan_tasks+0x1c3/0x1e0 [ 722.512717] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 722.517456] ? mem_cgroup_iter_break+0x30/0x30 [ 722.522037] ? out_of_memory+0xc48/0x1430 [ 722.526175] out_of_memory+0xa7f/0x1430 [ 722.530139] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 722.534706] ? retint_kernel+0x2d/0x2d [ 722.538614] ? kasan_check_read+0x11/0x20 [ 722.542760] ? oom_killer_disable+0x3a0/0x3a0 [ 722.547269] mem_cgroup_out_of_memory+0x15e/0x210 [ 722.552096] ? retint_kernel+0x2d/0x2d [ 722.555970] ? memory_oom_group_write+0x160/0x160 [ 722.560806] try_charge+0xdcd/0x1720 [ 722.564520] ? kasan_check_read+0x11/0x20 [ 722.568671] ? mem_cgroup_from_task+0x1f0/0x1f0 [ 722.573339] ? get_mem_cgroup_from_mm.part.62+0x221/0x880 [ 722.578865] ? lock_page_memcg+0x350/0x350 [ 722.583089] ? lock_acquire+0x1ed/0x520 [ 722.587179] ? mem_cgroup_oom_control_write+0x100/0x100 [ 722.592620] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 722.598146] ? check_preemption_disabled+0x48/0x280 [ 722.603275] ? kasan_check_read+0x11/0x20 [ 722.607414] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 722.612678] ? rcu_softirq_qs+0x20/0x20 [ 722.616647] mem_cgroup_try_charge+0x627/0xe20 [ 722.621254] ? mark_held_locks+0xc7/0x130 [ 722.625396] ? mem_cgroup_protected+0xa60/0xa60 [ 722.630059] ? retint_kernel+0x2d/0x2d [ 722.633936] ? trace_hardirqs_on_caller+0xc0/0x310 [ 722.638850] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 722.643592] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 722.649029] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 722.653781] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 722.658527] ? retint_kernel+0x2d/0x2d [ 722.662413] mem_cgroup_try_charge_delay+0x1d/0xa0 [ 722.667536] wp_page_copy+0x51d/0x24f0 [ 722.671440] ? follow_pfn+0x2e0/0x2e0 [ 722.675234] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 722.680754] ? reuse_swap_page+0x4bd/0x1520 [ 722.685065] ? swp_swapcount+0x530/0x530 [ 722.689116] ? perf_trace_mm_lru_insertion+0x1490/0x1490 [ 722.694566] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 722.699320] ? print_usage_bug+0xc0/0xc0 [ 722.703366] ? print_usage_bug+0xc0/0xc0 [ 722.707966] ? retint_kernel+0x2d/0x2d [ 722.711868] ? trace_hardirqs_on_caller+0xc0/0x310 [ 722.716786] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 722.721531] ? graph_lock+0x270/0x270 [ 722.725319] ? __lock_acquire+0x62f/0x4c20 [ 722.729551] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 722.734297] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 722.738866] ? retint_kernel+0x2d/0x2d [ 722.742741] ? find_held_lock+0x36/0x1c0 [ 722.746793] ? do_wp_page+0x518/0x2920 [ 722.750668] ? lock_downgrade+0x900/0x900 [ 722.754902] ? wake_up_page_bit+0x6f0/0x6f0 [ 722.759218] ? kasan_check_read+0x11/0x20 [ 722.763352] ? do_raw_spin_unlock+0xa7/0x330 [ 722.767744] ? do_raw_spin_trylock+0x270/0x270 [ 722.772310] ? __pte_alloc_kernel+0x220/0x220 [ 722.776793] ? perf_trace_lock_acquire+0x15b/0x800 [ 722.781713] do_wp_page+0x520/0x2920 [ 722.785425] ? check_preemption_disabled+0x48/0x280 [ 722.790430] ? finish_mkwrite_fault+0x650/0x650 [ 722.795084] ? mark_held_locks+0xc7/0x130 [ 722.799220] ? perf_trace_lock+0x7a0/0x7a0 [ 722.803445] ? trace_hardirqs_on_caller+0xc0/0x310 [ 722.808362] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 722.814011] ? __lock_acquire+0x62f/0x4c20 [ 722.818245] ? mark_held_locks+0x130/0x130 [ 722.822469] ? follow_page_pte+0xdd7/0x1ab0 [ 722.826782] ? lock_downgrade+0x900/0x900 [ 722.830921] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 722.836445] ? check_preemption_disabled+0x48/0x280 [ 722.841450] ? debug_smp_processor_id+0x1c/0x20 [ 722.846104] ? perf_trace_lock_acquire+0x15b/0x800 [ 722.851039] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 722.856573] ? follow_page_pte+0x4f9/0x1ab0 [ 722.860904] ? print_usage_bug+0xc0/0xc0 [ 722.864970] ? undo_dev_pagemap+0x680/0x680 [ 722.869288] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 722.874049] ? print_usage_bug+0xc0/0xc0 [ 722.878099] ? print_usage_bug+0xc0/0xc0 [ 722.882147] ? __lock_acquire+0x62f/0x4c20 [ 722.886368] ? lock_acquire+0x1ed/0x520 [ 722.890326] ? __handle_mm_fault+0x1fa9/0x5be0 [ 722.894897] ? kasan_check_write+0x14/0x20 [ 722.899116] ? do_raw_spin_lock+0x14f/0x350 [ 722.903420] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 722.908162] ? rwlock_bug.part.2+0x90/0x90 [ 722.912387] ? print_usage_bug+0xc0/0xc0 [ 722.916437] ? retint_kernel+0x2d/0x2d [ 722.920318] __handle_mm_fault+0x3be9/0x5be0 [ 722.924720] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 722.929558] ? mark_held_locks+0xc7/0x130 [ 722.933695] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 722.938529] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 722.943106] ? graph_lock+0x270/0x270 [ 722.946905] ? graph_lock+0x270/0x270 [ 722.950703] ? find_held_lock+0x36/0x1c0 [ 722.954756] ? handle_mm_fault+0x42a/0xc70 [ 722.958984] ? lock_downgrade+0x900/0x900 [ 722.963120] ? check_preemption_disabled+0x48/0x280 [ 722.968121] ? kasan_check_read+0x11/0x20 [ 722.972256] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 722.977536] ? rcu_read_unlock_special+0x370/0x370 [ 722.982452] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 722.987982] ? check_preemption_disabled+0x48/0x280 [ 722.993000] handle_mm_fault+0x54f/0xc70 [ 722.997051] ? __handle_mm_fault+0x5be0/0x5be0 [ 723.001621] ? __get_user_pages+0x1586/0x1ed0 [ 723.006107] __get_user_pages+0xa3d/0x1ed0 [ 723.010335] ? follow_page_mask+0x2160/0x2160 [ 723.014815] ? mark_held_locks+0xc7/0x130 [ 723.018955] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 723.023536] ? retint_kernel+0x2d/0x2d [ 723.027447] ? trace_hardirqs_on_caller+0xc0/0x310 [ 723.032377] ? mark_held_locks+0xc7/0x130 [ 723.036513] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 723.041258] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 723.045836] ? retint_kernel+0x2d/0x2d [ 723.049723] ? trace_hardirqs_on_caller+0xc0/0x310 [ 723.054638] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 723.059394] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 723.064833] ? retint_kernel+0x2d/0x2d [ 723.068729] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 723.073490] populate_vma_page_range+0x2db/0x3d0 [ 723.078248] ? follow_page+0x420/0x420 [ 723.082124] ? __mm_populate+0x1b8/0x4d0 [ 723.086190] __mm_populate+0x286/0x4d0 [ 723.090084] ? populate_vma_page_range+0x3d0/0x3d0 [ 723.095012] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 723.100538] ? ns_capable_common+0x13f/0x170 [ 723.104941] __x64_sys_mlockall+0x45b/0x630 [ 723.109255] ? __ia32_sys_munlock+0x160/0x160 [ 723.113737] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 723.119266] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 723.124622] ? trace_hardirqs_off_caller+0x300/0x300 [ 723.129719] do_syscall_64+0x1b9/0x820 [ 723.133594] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 723.138964] ? syscall_return_slowpath+0x5e0/0x5e0 [ 723.143891] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 723.148735] ? trace_hardirqs_on_caller+0x310/0x310 [ 723.153739] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 723.158742] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 723.164267] ? prepare_exit_to_usermode+0x291/0x3b0 [ 723.169290] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 723.174145] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 723.179321] RIP: 0033:0x457569 [ 723.182502] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 723.201411] RSP: 002b:00007f835d885c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097 [ 723.209110] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 0000000000457569 [ 723.216362] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 723.223624] RBP: 000000000072bfa0 R08: 0000000000000000 R09: 0000000000000000 [ 723.230879] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f835d8866d4 [ 723.238132] R13: 00000000004c2b54 R14: 00000000004d4810 R15: 00000000ffffffff [ 723.252438] Task in /syz0 killed as a result of limit of /syz0 [ 723.258787] memory: usage 307200kB, limit 307200kB, failcnt 1693 [ 723.265173] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 723.272509] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 723.278685] Memory cgroup stats for /syz0: cache:144KB rss:297204KB rss_huge:264192KB shmem:28KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:53036KB active_anon:15032KB inactive_file:0KB active_file:0KB unevictable:229340KB [ 723.301194] Memory cgroup out of memory: Kill process 20501 (syz-executor0) score 1216 or sacrifice child [ 723.311471] Killed process 20575 (syz-executor0) total-vm:70468kB, anon-rss:18068kB, file-rss:32768kB, shmem-rss:0kB [ 723.329461] oom_reaper: reaped process 20575 (syz-executor0), now anon-rss:0kB, file-rss:32768kB, shmem-rss:0kB 00:54:19 executing program 0: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000000)=0x102, 0x4) bind$inet(r0, &(0x7f0000942000)={0x2, 0x4e20, @multicast1}, 0x10) getsockopt$IP_VS_SO_GET_SERVICE(r0, 0x0, 0x483, &(0x7f0000000300), &(0x7f00000000c0)=0xfe18) r1 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000400)='/dev/vga_arbiter\x00', 0x3fc, 0x0) getsockopt$IP6T_SO_GET_REVISION_MATCH(r1, 0x29, 0x44, &(0x7f0000000180)={'NETMAP\x00'}, &(0x7f00000001c0)=0x1e) mlockall(0x1) clone(0x0, 0x0, 0xfffffffffffffffe, &(0x7f0000000080), 0xffffffffffffffff) r2 = open(&(0x7f0000000140)='./file0\x00', 0x0, 0x99) exit(0x7fffffffbffefffd) r3 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mlockall(0x3) ioctl$VHOST_SET_VRING_CALL(r1, 0x4008af21, &(0x7f0000000500)={0x3, r2}) r4 = getpgid(0xffffffffffffffff) setpriority(0x1, r4, 0x5) r5 = getpgrp(0x0) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000280)={0xffffffffffffffff, r1, 0x0, 0xf, &(0x7f0000000240)='wlan0\\}md5sum#\x00'}, 0x30) setpgid(r5, r6) vmsplice(r3, &(0x7f00000008c0)=[{&(0x7f0000000800)="50e005e6815dc6b00b10002c519c66795de0d52fc076f1eb6a9c58cde88a6eef0093b24a178e84740aa6d1618e2033d38d4aea0fb17cda768820a83864ac14405192e4549c3ad33fca5d187507c5a984d6a0c72683e7af2d4a070000000000000005b6d0dce139e4c627395426a1f6fc0b416f7163eb07000000d9e0203181735ccac1e530c361262a0a5e0a98e9ca3d17f2f2f0c116fa9fbdbe757d93e323d17f29", 0xa2}], 0x1, 0xf) ioctl$EVIOCGEFFECTS(r1, 0x80044584, &(0x7f0000000580)=""/190) mq_notify(r1, &(0x7f0000000540)={0x0, 0x1c, 0x7, @thr={&(0x7f0000000440)="4c272be7ad31b92a7819bd4438656080ec27849a76ffa174b3fe114201140a34e5e6cb4d6a3ab9bcdc80a2717dd8542f33caa13b8c9cb9f5d11d4c66dc81779917000c05979ce491010f7259d0ecdb80fb30d6cba6e2b753ac23635fbb3d879cc2982fb4bbe1afcea02f12d11d43e1337c25411ae04bd8efc06636c455e15689c75b95c24f0dbdd30bdf91f2313a3e39b263ff5196302f1880765440d8b1", 0x0}}) accept4$inet(0xffffffffffffffff, &(0x7f00000000c0), &(0x7f0000000100)=0x10, 0x0) setsockopt$sock_int(r0, 0x1, 0x3c, &(0x7f0000d4effc)=0x1, 0x4) remap_file_pages(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x4, 0xa1, 0x40001) connect$inet(r0, &(0x7f00000002c0)={0x2, 0x4e20, @local}, 0x10) ioctl$FS_IOC_FSSETXATTR(r2, 0x401c5820, &(0x7f0000000200)={0x6d, 0x7fff, 0x400, 0x40, 0x4}) sendmmsg(r0, &(0x7f00000010c0)=[{{&(0x7f0000000bc0)=@in6={0xa, 0xf0ffffff7f0000, 0x0, @mcast1}, 0x80, &(0x7f0000000d40), 0x2fb, &(0x7f0000000d80)}}], 0x4000000000001b4, 0x40400d4) 00:54:19 executing program 4: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000280)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000480)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) read$FUSE(r0, &(0x7f0000003000), 0x4ea) write$FUSE_INIT(r0, &(0x7f0000000600)={0xfdef, 0x0, 0x2, {0x7, 0x1c, 0x0, 0x0, 0x7ff}}, 0x50) 00:54:19 executing program 5: add_key$user(&(0x7f0000000040)='user\x00', 0x0, &(0x7f0000000380), 0x0, 0xfffffffffffffffe) keyctl$update(0x2, 0x0, 0x0, 0x0) r0 = syz_open_dev$swradio(&(0x7f00000000c0)='/dev/swradio#\x00', 0xffffffffffffffff, 0x2) mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xffffffffffff0004, 0x11, r0, 0x0) ioctl$ASHMEM_GET_SIZE(0xffffffffffffffff, 0x7704, 0x0) 00:54:19 executing program 2: r0 = add_key$user(&(0x7f0000000040)='user\x00', &(0x7f0000000000)={'syz'}, &(0x7f0000000380)='X', 0x1, 0xfffffffffffffffe) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getsockopt$IP_VS_SO_GET_VERSION(0xffffffffffffffff, 0x0, 0x480, 0x0, 0x0) keyctl$update(0x2, r0, &(0x7f0000000440)="c0ca1cdbaa1aedbbed80dddaa28e15b9449e2e82cca4244c40ffd0fd4e6631c7d3d86e1339de17344340b02dd527f2d8b3ae6c1db3594e657da33c3ec668f143974a65753472df5319a6b83e1e86b8f2666c61a2e700d1c1e0ae1fc52494bd4885a5c64e9007d39fa11313805290dd6342f9775f01a02ec88f6bee22f25a377a9b143abba1264586d2779088006d5f9be82b00f10287031623f73470264cc5897f18f357aad6deb3883da88ae2266664933785a3ce72bb224a441437ea93c21782d4501b9dfbf48a9f3ea14cb792a7876f17297a8c870d7a2d46a36a2cd3e33e21894d91caa64b131dbf5c53066c1ac83ceba29ceab25127e8", 0xf9) r1 = syz_open_dev$swradio(&(0x7f00000000c0)='/dev/swradio#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f0000000340)={0x0, 0x9, 0x1, {0xb, @pix={0x0, 0x1f}}}) mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xfffffffffffffffd, 0x11, r1, 0x0) clone(0x0, &(0x7f0000000080), &(0x7f0000000000), &(0x7f0000915ffc), &(0x7f0000000180)) add_key$user(&(0x7f0000000240)='user\x00', &(0x7f0000000540)={'syz'}, &(0x7f0000000600)="63bbdf5b932bb04481028798fd5fb1bf7183b30984e21c3eb3094d70650ee8624e2bdce1427bd61c8e222dbd67d402b7ccaf0c5dc50030ee14d419fa9c84b0ffd1019f1b2ae022a0f182301f9942566e6f61eabe384c732d0813a18bb3dc9f3a678d9d44e6293e786ab2e6d28f236c138d63fe4f6ece6f3d04", 0x79, 0xfffffffffffffffd) openat$autofs(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/autofs\x00', 0x401, 0x0) 00:54:19 executing program 1: r0 = add_key$user(0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe) keyctl$update(0x2, r0, &(0x7f0000000440), 0x0) r1 = syz_open_dev$swradio(&(0x7f00000000c0)='/dev/swradio#\x00', 0xffffffffffffffff, 0x2) mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xffffffffffffff04, 0x11, r1, 0x0) 00:54:19 executing program 3: r0 = syz_open_dev$mice(0x0, 0x0, 0x0) r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000400)="2f6a7374617400c65381b47aaedf2af5c8af3423fc41891bd2a3c56d8c88e29bad43f1da906e855ff182de04227edcbbc2b1df8f180e158e8abd442cc049cffda030ff277875ee010000000000000000000000000000000000000000000000f532144d1671a6cdf5069e5bddcf25cd7f23956b4a82df900f5eb5763b4fe8cc7172962d2590b2dca2a1308c382541b053194d9027d83ee7ba2e3280857f8f9f63fc90bae959c6e67078bf97e615bfd9409914958aadcfb37973543c60d83526e5c267f7dfa54bd524cc9671dedd665199322bdadee125a35b40b7be0c07301f439a7edfa26fa98277c8078b02e2076291c33787c58b0eabbc39288fc10509409de108f5ca26a8c8e1afb70b2a9569cf8f4cdb6d4e97eb7fdf241dee160e6071618333cc0b0e8bc6a17a0b7d604550fd149ad078ffe54c6392fba29015a3ae73774cd12c9c0ed251a7cf843d712d", 0x2761, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)=ANY=[], &(0x7f00000001c0)='GPL\x00'}, 0x48) r2 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x2761, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x4030582a, &(0x7f0000000000)) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000840), 0x0, &(0x7f0000000700)}, 0x0) ioctl$BLKBSZGET(r1, 0x80081270, &(0x7f0000000140)) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fstat(r2, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0}) getgroups(0x1, &(0x7f0000000100)=[0xffffffffffffffff]) fchown(r0, r3, r4) ioctl$PERF_EVENT_IOC_PERIOD(r1, 0x4030582a, &(0x7f0000000000)) 00:54:19 executing program 1: r0 = add_key$user(0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe) keyctl$update(0x2, r0, &(0x7f0000000440), 0x0) r1 = syz_open_dev$swradio(&(0x7f00000000c0)='/dev/swradio#\x00', 0xffffffffffffffff, 0x2) mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xfffffffffffffffd, 0x11, r1, 0xfdffffffffff0f00) 00:54:19 executing program 4: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000280)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000480)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) read$FUSE(r0, &(0x7f0000003000), 0x4ea) write$FUSE_INIT(r0, &(0x7f0000000600)={0x50, 0x1000000000000000, 0x2, {0x7, 0x1c, 0x0, 0x0, 0x7ff}}, 0x50) 00:54:19 executing program 5: add_key$user(&(0x7f0000000040)='user\x00', 0x0, &(0x7f0000000380), 0x0, 0xfffffffffffffffe) keyctl$update(0x2, 0x0, 0x0, 0x0) r0 = syz_open_dev$swradio(&(0x7f00000000c0)='/dev/swradio#\x00', 0xffffffffffffffff, 0x2) mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xffffffffffffff04, 0x11, r0, 0x0) ioctl$ASHMEM_GET_SIZE(0xffffffffffffffff, 0x7704, 0x0) 00:54:19 executing program 1: r0 = add_key$user(0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe) keyctl$update(0x2, r0, &(0x7f0000000440), 0x0) r1 = syz_open_dev$swradio(&(0x7f00000000c0)='/dev/swradio#\x00', 0xffffffffffffffff, 0x2) mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xfffffffffffffffd, 0x11, r1, 0x200000000000000) 00:54:19 executing program 5: add_key$user(&(0x7f0000000040)='user\x00', 0x0, &(0x7f0000000380), 0x0, 0xfffffffffffffffe) keyctl$update(0x2, 0x0, 0x0, 0x0) r0 = syz_open_dev$swradio(&(0x7f00000000c0)='/dev/swradio#\x00', 0xffffffffffffffff, 0x2) mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xfffffffffffffffd, 0x11, r0, 0x400000) ioctl$ASHMEM_GET_SIZE(0xffffffffffffffff, 0x7704, 0x0) 00:54:19 executing program 4: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000280)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000480)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) read$FUSE(r0, &(0x7f0000003000), 0x4ea) write$FUSE_INIT(r0, &(0x7f0000000600)={0x50, 0x1000000, 0x2, {0x7, 0x1c, 0x0, 0x0, 0x7ff}}, 0x50) [ 724.937280] syz-executor0 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=1000 [ 724.948960] syz-executor0 cpuset=syz0 mems_allowed=0 [ 724.954791] CPU: 1 PID: 20625 Comm: syz-executor0 Not tainted 4.20.0-rc1-next-20181109+ #110 [ 724.963395] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 724.972733] Call Trace: [ 724.975314] dump_stack+0x244/0x39d [ 724.978943] ? dump_stack_print_info.cold.1+0x20/0x20 [ 724.984141] ? mark_held_locks+0x130/0x130 [ 724.988375] ? mark_held_locks+0x130/0x130 [ 724.992599] dump_header+0x27b/0xf72 [ 724.996308] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 725.001838] ? pagefault_out_of_memory+0x197/0x197 [ 725.006768] ? debug_smp_processor_id+0x1c/0x20 [ 725.011443] ? perf_trace_lock_acquire+0x15b/0x800 [ 725.016368] ? perf_trace_lock+0x7a0/0x7a0 [ 725.020592] ? graph_lock+0x270/0x270 [ 725.024382] ? print_usage_bug+0xc0/0xc0 [ 725.028448] ? mark_held_locks+0xc7/0x130 [ 725.032588] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 725.037335] ? find_held_lock+0x36/0x1c0 [ 725.041408] ? mark_held_locks+0xc7/0x130 [ 725.045550] ? _raw_spin_unlock_irqrestore+0x82/0xd0 [ 725.050639] ? _raw_spin_unlock_irqrestore+0x82/0xd0 [ 725.055748] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 725.060328] ? trace_hardirqs_on+0xbd/0x310 [ 725.064657] ? kasan_check_read+0x11/0x20 [ 725.068793] ? ___ratelimit+0x3b4/0x672 [ 725.072762] ? trace_hardirqs_off_caller+0x300/0x300 [ 725.077861] ? trace_hardirqs_on+0x310/0x310 [ 725.082288] ? _raw_spin_unlock_irqrestore+0x6d/0xd0 [ 725.087510] ? ___ratelimit+0x3b9/0x672 [ 725.091493] ? idr_get_free+0xf70/0xf70 [ 725.095474] oom_kill_process.cold.27+0x10/0x903 [ 725.100222] ? _raw_spin_unlock_irq+0x56/0x80 [ 725.104711] ? oom_evaluate_task+0x540/0x540 [ 725.109121] ? cgroup_procs_next+0x70/0x70 [ 725.113353] ? _raw_spin_unlock_irq+0x60/0x80 [ 725.117833] ? oom_badness+0xaa0/0xaa0 [ 725.121710] ? mem_cgroup_scan_tasks+0x1c3/0x1e0 [ 725.126452] ? mem_cgroup_iter_break+0x30/0x30 [ 725.131051] ? mark_held_locks+0xc7/0x130 [ 725.135197] out_of_memory+0xa7f/0x1430 [ 725.139157] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 725.143733] ? kasan_check_read+0x11/0x20 [ 725.147911] ? oom_killer_disable+0x3a0/0x3a0 [ 725.152406] mem_cgroup_out_of_memory+0x15e/0x210 [ 725.157245] ? memory_oom_group_write+0x160/0x160 [ 725.162071] ? mem_cgroup_try_charge+0x627/0xe20 [ 725.166822] ? page_counter_try_charge+0x1c1/0x220 [ 725.171740] try_charge+0xdcd/0x1720 [ 725.175451] ? kasan_check_read+0x11/0x20 [ 725.179601] ? mem_cgroup_from_task+0x1f0/0x1f0 [ 725.184273] ? get_mem_cgroup_from_mm.part.62+0x221/0x880 [ 725.189808] ? lock_page_memcg+0x350/0x350 [ 725.194042] ? lock_acquire+0x268/0x520 [ 725.198009] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 725.203547] ? check_preemption_disabled+0x48/0x280 [ 725.208555] ? kasan_check_read+0x11/0x20 [ 725.212700] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 725.217963] ? rcu_softirq_qs+0x20/0x20 [ 725.221939] mem_cgroup_try_charge+0x627/0xe20 [ 725.226512] ? mem_cgroup_protected+0xa60/0xa60 [ 725.231171] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 725.236707] ? page_mapping+0x5a2/0xa50 [ 725.240694] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 725.245525] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 725.250091] ? retint_kernel+0x2d/0x2d [ 725.253980] ? trace_hardirqs_on_caller+0xc0/0x310 [ 725.258901] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 725.264442] mem_cgroup_try_charge_delay+0x1d/0xa0 [ 725.269361] wp_page_copy+0x51d/0x24f0 [ 725.273233] ? retint_kernel+0x2d/0x2d [ 725.277112] ? follow_pfn+0x2e0/0x2e0 [ 725.280917] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 725.286454] ? reuse_swap_page+0x4bd/0x1520 [ 725.290766] ? swp_swapcount+0x530/0x530 [ 725.294831] ? perf_trace_mm_lru_insertion+0x1490/0x1490 [ 725.300286] ? print_usage_bug+0xc0/0xc0 [ 725.304353] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 725.309108] ? print_usage_bug+0xc0/0xc0 [ 725.313161] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 725.317741] ? graph_lock+0x270/0x270 [ 725.321529] ? __lock_acquire+0x62f/0x4c20 [ 725.325756] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 725.330337] ? retint_kernel+0x2d/0x2d [ 725.334212] ? trace_hardirqs_on_caller+0xc0/0x310 [ 725.339133] ? find_held_lock+0x36/0x1c0 [ 725.343191] ? do_wp_page+0x518/0x2920 [ 725.347078] ? lock_downgrade+0x900/0x900 [ 725.351217] ? wake_up_page_bit+0x6f0/0x6f0 [ 725.355529] ? kasan_check_read+0x11/0x20 [ 725.359664] ? do_raw_spin_unlock+0xa7/0x330 [ 725.364060] ? do_raw_spin_trylock+0x270/0x270 [ 725.368718] ? __pte_alloc_kernel+0x220/0x220 [ 725.373200] ? perf_trace_lock_acquire+0x15b/0x800 [ 725.378116] ? lock_release+0x534/0xa10 [ 725.382079] do_wp_page+0x520/0x2920 [ 725.385789] ? check_preemption_disabled+0x48/0x280 [ 725.390808] ? finish_mkwrite_fault+0x650/0x650 [ 725.395473] ? mark_held_locks+0xc7/0x130 [ 725.399608] ? perf_trace_lock+0x7a0/0x7a0 [ 725.403832] ? trace_hardirqs_on_caller+0xc0/0x310 [ 725.408752] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 725.414299] ? __lock_acquire+0x62f/0x4c20 [ 725.418537] ? mark_held_locks+0x130/0x130 [ 725.422777] ? follow_page_pte+0xdd7/0x1ab0 [ 725.427086] ? lock_downgrade+0x900/0x900 [ 725.431228] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 725.436751] ? check_preemption_disabled+0x48/0x280 [ 725.441760] ? debug_smp_processor_id+0x1c/0x20 [ 725.446431] ? perf_trace_lock_acquire+0x15b/0x800 [ 725.451368] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 725.456910] ? follow_page_pte+0x4f9/0x1ab0 [ 725.461220] ? print_usage_bug+0xc0/0xc0 [ 725.465286] ? undo_dev_pagemap+0x680/0x680 [ 725.469605] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 725.474351] ? print_usage_bug+0xc0/0xc0 [ 725.478396] ? trace_hardirqs_on_caller+0xc0/0x310 [ 725.483314] ? __lock_acquire+0x62f/0x4c20 [ 725.487550] ? lock_acquire+0x1ed/0x520 [ 725.491515] ? __handle_mm_fault+0x1fa9/0x5be0 [ 725.496090] ? kasan_check_write+0x14/0x20 [ 725.500396] ? do_raw_spin_lock+0x14f/0x350 [ 725.504706] ? rwlock_bug.part.2+0x90/0x90 [ 725.508929] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 725.513500] ? retint_kernel+0x2d/0x2d [ 725.517372] ? trace_hardirqs_on_caller+0xc0/0x310 [ 725.522294] __handle_mm_fault+0x3be9/0x5be0 [ 725.526701] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 725.531552] ? perf_trace_lock+0x7a0/0x7a0 [ 725.535795] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 725.541326] ? pmd_huge+0xf4/0x140 [ 725.544960] ? graph_lock+0x270/0x270 [ 725.548746] ? graph_lock+0x270/0x270 [ 725.552543] ? find_held_lock+0x36/0x1c0 [ 725.556597] ? handle_mm_fault+0x42a/0xc70 [ 725.560826] ? lock_downgrade+0x900/0x900 [ 725.564970] ? check_preemption_disabled+0x48/0x280 [ 725.570066] ? kasan_check_read+0x11/0x20 [ 725.574201] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 725.579462] ? rcu_read_unlock_special+0x370/0x370 [ 725.584391] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 725.589925] ? check_preemption_disabled+0x48/0x280 [ 725.594934] handle_mm_fault+0x54f/0xc70 [ 725.598981] ? __handle_mm_fault+0x5be0/0x5be0 [ 725.603552] ? __get_user_pages+0xc1c/0x1ed0 [ 725.607948] ? __get_user_pages+0x7b2/0x1ed0 [ 725.612347] __get_user_pages+0xa3d/0x1ed0 [ 725.616591] ? follow_page_mask+0x2160/0x2160 [ 725.621076] ? mark_held_locks+0xc7/0x130 [ 725.625213] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 725.629786] ? retint_kernel+0x2d/0x2d [ 725.633663] ? trace_hardirqs_on_caller+0xc0/0x310 [ 725.638596] ? mark_held_locks+0xc7/0x130 [ 725.642741] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 725.647489] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 725.652943] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 725.657518] ? retint_kernel+0x2d/0x2d [ 725.661396] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 725.666272] ? retint_kernel+0x2d/0x2d [ 725.670170] populate_vma_page_range+0x2db/0x3d0 [ 725.674917] ? follow_page+0x420/0x420 [ 725.678793] ? populate_vma_page_range+0x305/0x3d0 [ 725.683735] __mm_populate+0x286/0x4d0 [ 725.687617] ? populate_vma_page_range+0x3d0/0x3d0 [ 725.692541] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 725.698066] ? ns_capable_common+0x13f/0x170 [ 725.702469] __x64_sys_mlockall+0x45b/0x630 [ 725.706781] ? __ia32_sys_munlock+0x160/0x160 [ 725.711269] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 725.716799] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 725.722153] ? trace_hardirqs_off_caller+0x300/0x300 [ 725.727253] do_syscall_64+0x1b9/0x820 [ 725.731130] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 725.736480] ? syscall_return_slowpath+0x5e0/0x5e0 [ 725.741394] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 725.746225] ? trace_hardirqs_on_caller+0x310/0x310 [ 725.751232] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 725.756234] ? prepare_exit_to_usermode+0x291/0x3b0 [ 725.761252] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 725.766091] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 725.771265] RIP: 0033:0x457569 [ 725.774448] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 725.793337] RSP: 002b:00007f835d885c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097 [ 725.801035] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 0000000000457569 [ 725.808289] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 725.815549] RBP: 000000000072bfa0 R08: 0000000000000000 R09: 0000000000000000 [ 725.822813] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f835d8866d4 [ 725.830064] R13: 00000000004c2b54 R14: 00000000004d4810 R15: 00000000ffffffff [ 725.847047] Task in /syz0 killed as a result of limit of /syz0 [ 725.853381] memory: usage 307160kB, limit 307200kB, failcnt 1736 [ 725.859575] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 725.867177] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 725.874117] Memory cgroup stats for /syz0: cache:144KB rss:297328KB rss_huge:268288KB shmem:28KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:50988KB active_anon:15032KB inactive_file:0KB active_file:0KB unevictable:231392KB [ 725.896185] Memory cgroup out of memory: Kill process 20588 (syz-executor0) score 1216 or sacrifice child [ 725.906529] Killed process 20626 (syz-executor0) total-vm:70468kB, anon-rss:18068kB, file-rss:32768kB, shmem-rss:0kB [ 725.922506] oom_reaper: reaped process 20626 (syz-executor0), now anon-rss:0kB, file-rss:32768kB, shmem-rss:0kB 00:54:21 executing program 0: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000000)=0x102, 0x4) bind$inet(r0, &(0x7f0000942000)={0x2, 0x4e20, @multicast1}, 0x10) getsockopt$IP_VS_SO_GET_SERVICE(r0, 0x0, 0x483, &(0x7f0000000300), &(0x7f00000000c0)=0xfe18) r1 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000400)='/dev/vga_arbiter\x00', 0x3fc, 0x0) getsockopt$IP6T_SO_GET_REVISION_MATCH(r1, 0x29, 0x44, &(0x7f0000000180)={'NETMAP\x00'}, &(0x7f00000001c0)=0x1e) mlockall(0x1) clone(0x0, 0x0, 0xfffffffffffffffe, &(0x7f0000000080), 0xffffffffffffffff) r2 = open(&(0x7f0000000140)='./file0\x00', 0x0, 0x99) exit(0x7fffffffbffefffd) r3 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mlockall(0x3) ioctl$VHOST_SET_VRING_CALL(r1, 0x4008af21, &(0x7f0000000500)={0x3, r2}) r4 = getpgid(0xffffffffffffffff) setpriority(0x1, r4, 0x5) r5 = getpgrp(0x0) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000280)={0xffffffffffffffff, r1, 0x0, 0xf, &(0x7f0000000240)='wlan0\\}md5sum#\x00'}, 0x30) setpgid(r5, r6) vmsplice(r3, &(0x7f00000008c0)=[{&(0x7f0000000800)="50e005e6815dc6b00b10002c519c66795de0d52fc076f1eb6a9c58cde88a6eef0093b24a178e84740aa6d1618e2033d38d4aea0fb17cda768820a83864ac14405192e4549c3ad33fca5d187507c5a984d6a0c72683e7af2d4a070000000000000005b6d0dce139e4c627395426a1f6fc0b416f7163eb07000000d9e0203181735ccac1e530c361262a0a5e0a98e9ca3d17f2f2f0c116fa9fbdbe757d93e323d17f29", 0xa2}], 0x1, 0xf) ioctl$EVIOCGEFFECTS(r1, 0x80044584, &(0x7f0000000580)=""/190) mq_notify(r1, &(0x7f0000000540)={0x0, 0x1c, 0x7, @thr={&(0x7f0000000440)="4c272be7ad31b92a7819bd4438656080ec27849a76ffa174b3fe114201140a34e5e6cb4d6a3ab9bcdc80a2717dd8542f33caa13b8c9cb9f5d11d4c66dc81779917000c05979ce491010f7259d0ecdb80fb30d6cba6e2b753ac23635fbb3d879cc2982fb4bbe1afcea02f12d11d43e1337c25411ae04bd8efc06636c455e15689c75b95c24f0dbdd30bdf91f2313a3e39b263ff5196302f1880765440d8b1", 0x0}}) accept4$inet(0xffffffffffffffff, &(0x7f00000000c0), &(0x7f0000000100)=0x10, 0x0) setsockopt$sock_int(r0, 0x1, 0x3c, &(0x7f0000d4effc)=0x1, 0x4) remap_file_pages(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x4, 0xa1, 0x40001) connect$inet(r0, &(0x7f00000002c0)={0x2, 0x4e20, @local}, 0x10) ioctl$FS_IOC_FSSETXATTR(r2, 0x401c5820, &(0x7f0000000200)={0x6d, 0x7fff, 0x400, 0x40, 0x4}) sendmmsg(r0, &(0x7f00000010c0)=[{{&(0x7f0000000bc0)=@in6={0xa, 0x0, 0x7ffff000, @mcast1}, 0x80, &(0x7f0000000d40), 0x2fb, &(0x7f0000000d80)}}], 0x4000000000001b4, 0x40400d4) 00:54:21 executing program 2: r0 = add_key$user(&(0x7f0000000040)='user\x00', &(0x7f0000000000)={'syz'}, &(0x7f0000000380)='X', 0x1, 0xfffffffffffffffe) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getsockopt$IP_VS_SO_GET_VERSION(0xffffffffffffffff, 0x0, 0x480, 0x0, 0x0) keyctl$update(0x2, r0, &(0x7f0000000440)="c0ca1cdbaa1aedbbed80dddaa28e15b9449e2e82cca4244c40ffd0fd4e6631c7d3d86e1339de17344340b02dd527f2d8b3ae6c1db3594e657da33c3ec668f143974a65753472df5319a6b83e1e86b8f2666c61a2e700d1c1e0ae1fc52494bd4885a5c64e9007d39fa11313805290dd6342f9775f01a02ec88f6bee22f25a377a9b143abba1264586d2779088006d5f9be82b00f10287031623f73470264cc5897f18f357aad6deb3883da88ae2266664933785a3ce72bb224a441437ea93c21782d4501b9dfbf48a9f3ea14cb792a7876f17297a8c870d7a2d46a36a2cd3e33e21894d91caa64b131dbf5c53066c1ac83ceba29ceab25127e8", 0xf9) r1 = syz_open_dev$swradio(&(0x7f00000000c0)='/dev/swradio#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f0000000340)={0x0, 0x9, 0x1, {0xb, @pix={0x0, 0x1f}}}) mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xfffffffffffffffd, 0x11, r1, 0x0) clone(0x0, &(0x7f0000000080), &(0x7f0000000000), &(0x7f0000915ffc), &(0x7f0000000180)) add_key$user(&(0x7f0000000240)='user\x00', &(0x7f0000000540)={'syz'}, &(0x7f0000000600)="63bbdf5b932bb04481028798fd5fb1bf7183b30984e21c3eb3094d70650ee8624e2bdce1427bd61c8e222dbd67d402b7ccaf0c5dc50030ee14d419fa9c84b0ffd1019f1b2ae022a0f182301f9942566e6f61eabe384c732d0813a18bb3dc9f3a678d9d44e6293e786ab2e6d28f236c138d63fe4f6ece6f3d04", 0x79, 0xfffffffffffffffd) openat$autofs(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/autofs\x00', 0x401, 0x0) 00:54:21 executing program 3: r0 = syz_open_dev$midi(&(0x7f0000000080)='/dev/midi#\x00', 0x1, 0x12b9c2) ioctl$TUNGETIFF(r0, 0x800454d2, &(0x7f00000000c0)) syz_open_dev$mice(0x0, 0x0, 0x0) r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000400)="2f6a7374617400c65381b47aaedf2af5c8af3423fc41891bd2a3c56d8c88e29bad43f1da906e855ff182de04227edcbbc2b1df8f180e158e8abd442cc049cffda030ff277875ee010000000000000000000000000000000000000000000000f532144d1671a6cdf5069e5bddcf25cd7f23956b4a82df900f5eb5763b4fe8cc7172962d2590b2dca2a1308c382541b053194d9027d83ee7ba2e3280857f8f9f63fc90bae959c6e67078bf97e615bfd9409914958aadcfb37973543c60d83526e5c267f7dfa54bd524cc9671dedd665199322bdadee125a35b40b7be0c07301f439a7edfa26fa98277c8078b02e2076291c33787c58b0eabbc39288fc10509409de108f5ca26a8c8e1afb70b2a9569cf8f4cdb6d4e97eb7fdf241dee160e6071618333cc0b0e8bc6a17a0b7d604550fd149ad078ffe54c6392fba29015a3ae73774cd12c9c0ed251a7cf843d712d", 0x2761, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)=ANY=[], &(0x7f00000001c0)='GPL\x00'}, 0x48) r2 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x2761, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x4030582a, &(0x7f0000000000)) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000840), 0x0, &(0x7f0000000700)}, 0x0) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r1, 0x4030582a, &(0x7f0000000000)) 00:54:21 executing program 5: add_key$user(&(0x7f0000000040)='user\x00', 0x0, &(0x7f0000000380), 0x0, 0xfffffffffffffffe) keyctl$update(0x2, 0x0, 0x0, 0x0) r0 = syz_open_dev$swradio(&(0x7f00000000c0)='/dev/swradio#\x00', 0xffffffffffffffff, 0x2) mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xfffffffffffffffd, 0x11, r0, 0x8000000000000000) ioctl$ASHMEM_GET_SIZE(0xffffffffffffffff, 0x7704, 0x0) 00:54:21 executing program 1: r0 = add_key$user(0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe) keyctl$update(0x2, r0, &(0x7f0000000440), 0x0) r1 = syz_open_dev$swradio(&(0x7f00000000c0)='/dev/swradio#\x00', 0xffffffffffffffff, 0x2) mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xfffffffffffffffd, 0x11, r1, 0x400000000000) 00:54:21 executing program 4: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000280)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000480)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) read$FUSE(r0, &(0x7f0000003000), 0x4ea) write$FUSE_INIT(r0, &(0x7f0000000600)={0x50, 0xc00, 0x2, {0x7, 0x1c, 0x0, 0x0, 0x7ff}}, 0x50) 00:54:21 executing program 1: r0 = add_key$user(0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe) keyctl$update(0x2, r0, &(0x7f0000000440), 0x0) r1 = syz_open_dev$swradio(&(0x7f00000000c0)='/dev/swradio#\x00', 0xffffffffffffffff, 0x2) mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xfffffffffffffffd, 0x11, r1, 0xa0008000) 00:54:21 executing program 4: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000280)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000480)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) read$FUSE(r0, &(0x7f0000003000), 0x4ea) write$FUSE_INIT(r0, &(0x7f0000000600)={0x50, 0x8, 0x2, {0x7, 0x1c, 0x0, 0x0, 0x7ff}}, 0x50) 00:54:21 executing program 5: add_key$user(&(0x7f0000000040)='user\x00', 0x0, &(0x7f0000000380), 0x0, 0xfffffffffffffffe) keyctl$update(0x2, 0x0, 0x0, 0x0) r0 = syz_open_dev$swradio(&(0x7f00000000c0)='/dev/swradio#\x00', 0xffffffffffffffff, 0x2) mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xfffffffffffffffd, 0x11, r0, 0x8000a0ffffffff) ioctl$ASHMEM_GET_SIZE(0xffffffffffffffff, 0x7704, 0x0) 00:54:21 executing program 1: r0 = add_key$user(0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe) keyctl$update(0x2, r0, &(0x7f0000000440), 0x0) r1 = syz_open_dev$swradio(&(0x7f00000000c0)='/dev/swradio#\x00', 0xffffffffffffffff, 0x2) mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xfffffffffffffffd, 0x11, r1, 0x8000a0) [ 726.818996] syz-executor0 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=1000 [ 726.845576] syz-executor0 cpuset=syz0 mems_allowed=0 [ 726.876647] CPU: 1 PID: 20645 Comm: syz-executor0 Not tainted 4.20.0-rc1-next-20181109+ #110 [ 726.885294] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 726.894664] Call Trace: [ 726.897266] dump_stack+0x244/0x39d [ 726.900909] ? dump_stack_print_info.cold.1+0x20/0x20 [ 726.906124] dump_header+0x27b/0xf72 [ 726.909855] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 726.915407] ? pagefault_out_of_memory+0x197/0x197 [ 726.920354] ? debug_smp_processor_id+0x1c/0x20 [ 726.925063] ? perf_trace_lock_acquire+0x15b/0x800 [ 726.930018] ? perf_trace_lock+0x7a0/0x7a0 [ 726.934267] ? graph_lock+0x270/0x270 [ 726.938077] ? print_usage_bug+0xc0/0xc0 [ 726.938098] ? perf_trace_lock+0x7a0/0x7a0 [ 726.938119] ? find_held_lock+0x36/0x1c0 [ 726.938141] ? mark_held_locks+0xc7/0x130 [ 726.954868] ? _raw_spin_unlock_irqrestore+0x82/0xd0 [ 726.959974] ? _raw_spin_unlock_irqrestore+0x82/0xd0 [ 726.959997] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 726.969670] ? trace_hardirqs_on+0xbd/0x310 [ 726.974001] ? kasan_check_read+0x11/0x20 [ 726.978159] ? ___ratelimit+0x3b4/0x672 [ 726.982141] ? trace_hardirqs_off_caller+0x300/0x300 [ 726.982158] ? trace_hardirqs_on+0x310/0x310 [ 726.982175] ? lock_downgrade+0x900/0x900 [ 726.982204] ? _raw_spin_unlock_irqrestore+0x6d/0xd0 [ 727.001015] ? ___ratelimit+0x3b9/0x672 [ 727.001034] ? idr_get_free+0xf70/0xf70 [ 727.001049] ? _raw_spin_unlock_irq+0x27/0x80 [ 727.001065] ? _raw_spin_unlock_irq+0x27/0x80 [ 727.001095] oom_kill_process.cold.27+0x10/0x903 [ 727.009028] ? _raw_spin_unlock_irq+0x27/0x80 [ 727.009046] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 727.009070] ? oom_evaluate_task+0x540/0x540 [ 727.027263] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 727.027282] ? cgroup_procs_next+0x70/0x70 [ 727.027304] ? _raw_spin_unlock_irq+0x60/0x80 [ 727.041837] ? oom_badness+0xaa0/0xaa0 [ 727.041858] ? mem_cgroup_scan_tasks+0x1c3/0x1e0 [ 727.041878] ? mem_cgroup_iter_break+0x30/0x30 [ 727.041910] ? mark_held_locks+0xc7/0x130 [ 727.041929] out_of_memory+0xa7f/0x1430 [ 727.041942] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 727.041960] ? kasan_check_read+0x11/0x20 [ 727.041985] ? oom_killer_disable+0x3a0/0x3a0 [ 727.068049] mem_cgroup_out_of_memory+0x15e/0x210 [ 727.080698] ? memory_oom_group_write+0x160/0x160 [ 727.080714] ? mem_cgroup_try_charge+0x627/0xe20 [ 727.080738] ? page_counter_try_charge+0x1c1/0x220 [ 727.080756] try_charge+0xdcd/0x1720 [ 727.108404] ? kasan_check_read+0x11/0x20 [ 727.112585] ? mem_cgroup_from_task+0x1f0/0x1f0 [ 727.117286] ? get_mem_cgroup_from_mm.part.62+0x221/0x880 [ 727.122855] ? lock_page_memcg+0x350/0x350 [ 727.127118] ? lock_acquire+0x1ed/0x520 [ 727.131117] ? mem_cgroup_oom_control_write+0x100/0x100 [ 727.136501] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 727.142061] ? check_preemption_disabled+0x48/0x280 [ 727.147198] ? kasan_check_read+0x11/0x20 [ 727.151352] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 727.151368] ? rcu_softirq_qs+0x20/0x20 [ 727.151404] mem_cgroup_try_charge+0x627/0xe20 [ 727.160647] ? undo_dev_pagemap+0x680/0x680 [ 727.169528] ? mem_cgroup_protected+0xa60/0xa60 [ 727.174247] ? __lock_acquire+0x62f/0x4c20 [ 727.178511] ? __handle_mm_fault+0x2da9/0x5be0 [ 727.183125] ? mark_held_locks+0x130/0x130 [ 727.187382] ? do_raw_spin_unlock+0xa7/0x330 [ 727.191829] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 727.197386] mem_cgroup_try_charge_delay+0x1d/0xa0 [ 727.197413] __handle_mm_fault+0x284e/0x5be0 [ 727.206737] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 727.206763] ? perf_trace_lock+0x7a0/0x7a0 [ 727.215817] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 727.221374] ? pmd_huge+0xf4/0x140 00:54:22 executing program 3: r0 = syz_open_dev$mice(0x0, 0x0, 0x0) r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000400)="2f6a7374617400c65381b47aaedf2af5c8af3423fc41891bd2a3c56d8c88e29bad43f1da906e855ff182de04227edcbbc2b1df8f180e158e8abd442cc049cffda030ff277875ee010000000000000000000000000000000000000000000000f532144d1671a6cdf5069e5bddcf25cd7f23956b4a82df900f5eb5763b4fe8cc7172962d2590b2dca2a1308c382541b053194d9027d83ee7ba2e3280857f8f9f63fc90bae959c6e67078bf97e615bfd9409914958aadcfb37973543c60d83526e5c267f7dfa54bd524cc9671dedd665199322bdadee125a35b40b7be0c07301f439a7edfa26fa98277c8078b02e2076291c33787c58b0eabbc39288fc10509409de108f5ca26a8c8e1afb70b2a9569cf8f4cdb6d4e97eb7fdf241dee160e6071618333cc0b0e8bc6a17a0b7d604550fd149ad078ffe54c6392fba29015a3ae73774cd12c9c0ed251a7cf843d712d", 0x2761, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)=ANY=[], &(0x7f00000001c0)='GPL\x00'}, 0x48) r2 = openat$cgroup_ro(r0, 0x0, 0x2761, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x4030582a, &(0x7f0000000000)) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000840), 0x0, &(0x7f0000000700)}, 0x0) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r1, 0x4030582a, &(0x7f0000000000)) 00:54:22 executing program 1: r0 = add_key$user(0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe) keyctl$update(0x2, r0, &(0x7f0000000440), 0x0) r1 = syz_open_dev$swradio(&(0x7f00000000c0)='/dev/swradio#\x00', 0xffffffffffffffff, 0x2) mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xfffffffffffffffd, 0x11, r1, 0x400000) [ 727.224958] ? graph_lock+0x270/0x270 [ 727.228774] ? graph_lock+0x270/0x270 [ 727.232600] ? find_held_lock+0x36/0x1c0 [ 727.236704] ? handle_mm_fault+0x42a/0xc70 [ 727.240962] ? lock_downgrade+0x900/0x900 [ 727.245134] ? check_preemption_disabled+0x48/0x280 [ 727.250171] ? kasan_check_read+0x11/0x20 [ 727.254354] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 727.259655] ? rcu_read_unlock_special+0x370/0x370 [ 727.264604] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 727.270165] ? check_preemption_disabled+0x48/0x280 [ 727.275217] handle_mm_fault+0x54f/0xc70 [ 727.279296] ? __handle_mm_fault+0x5be0/0x5be0 [ 727.283891] ? find_vma+0x34/0x190 [ 727.287459] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 727.292494] __get_user_pages+0xa3d/0x1ed0 [ 727.296760] ? follow_page_mask+0x2160/0x2160 [ 727.301267] ? trace_hardirqs_on+0x310/0x310 [ 727.305699] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 727.310476] ? retint_kernel+0x2d/0x2d [ 727.314503] ? lock_acquire+0x268/0x520 [ 727.318501] ? lock_release+0xa10/0xa10 [ 727.322483] ? perf_trace_sched_process_exec+0x860/0x860 [ 727.327967] populate_vma_page_range+0x2db/0x3d0 [ 727.332754] ? follow_page+0x420/0x420 [ 727.336671] ? find_vma+0x34/0x190 [ 727.340229] __mm_populate+0x286/0x4d0 [ 727.344139] ? populate_vma_page_range+0x3d0/0x3d0 [ 727.349101] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 727.354661] ? ns_capable_common+0x13f/0x170 [ 727.359093] __x64_sys_mlockall+0x45b/0x630 [ 727.363429] ? __ia32_sys_munlock+0x160/0x160 [ 727.367938] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 727.373512] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 727.378896] ? trace_hardirqs_off_caller+0x300/0x300 [ 727.384032] do_syscall_64+0x1b9/0x820 [ 727.387950] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 727.393331] ? syscall_return_slowpath+0x5e0/0x5e0 [ 727.398272] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 727.403132] ? trace_hardirqs_on_caller+0x310/0x310 [ 727.408182] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 727.413222] ? prepare_exit_to_usermode+0x291/0x3b0 [ 727.418376] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 727.423246] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 727.428439] RIP: 0033:0x457569 [ 727.428474] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 727.428482] RSP: 002b:00007f835d8a6c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097 [ 727.450589] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 0000000000457569 [ 727.450599] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001 [ 727.450615] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 727.450623] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f835d8a76d4 [ 727.450632] R13: 00000000004c2b54 R14: 00000000004d4810 R15: 00000000ffffffff [ 727.462105] Task in /syz0 killed as a result of limit of /syz0 [ 727.481668] memory: usage 307200kB, limit 307200kB, failcnt 1760 [ 727.501184] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 727.521962] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 727.528249] Memory cgroup stats for /syz0: cache:144KB rss:297492KB rss_huge:266240KB shmem:28KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:60156KB active_anon:19140KB inactive_file:0KB active_file:0KB unevictable:218196KB [ 727.551498] Memory cgroup out of memory: Kill process 18984 (syz-executor0) score 1156 or sacrifice child [ 727.561375] Killed process 18984 (syz-executor0) total-vm:70732kB, anon-rss:18452kB, file-rss:32768kB, shmem-rss:0kB [ 727.578333] oom_reaper: reaped process 18984 (syz-executor0), now anon-rss:0kB, file-rss:32768kB, shmem-rss:0kB [ 728.126869] syz-executor0 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=1000 [ 728.138324] syz-executor0 cpuset=syz0 mems_allowed=0 [ 728.143917] CPU: 1 PID: 20682 Comm: syz-executor0 Not tainted 4.20.0-rc1-next-20181109+ #110 [ 728.152501] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 728.161849] Call Trace: [ 728.164430] dump_stack+0x244/0x39d [ 728.168046] ? dump_stack_print_info.cold.1+0x20/0x20 [ 728.173228] ? mark_held_locks+0x130/0x130 [ 728.177448] ? mark_held_locks+0x130/0x130 [ 728.181669] dump_header+0x27b/0xf72 [ 728.185370] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 728.190897] ? pagefault_out_of_memory+0x197/0x197 [ 728.195811] ? debug_smp_processor_id+0x1c/0x20 [ 728.200468] ? perf_trace_lock_acquire+0x15b/0x800 [ 728.205436] ? perf_trace_lock+0x7a0/0x7a0 [ 728.209675] ? graph_lock+0x270/0x270 [ 728.213464] ? print_usage_bug+0xc0/0xc0 [ 728.217521] ? find_held_lock+0x36/0x1c0 [ 728.221599] ? mark_held_locks+0xc7/0x130 [ 728.225738] ? _raw_spin_unlock_irqrestore+0x82/0xd0 [ 728.230839] ? _raw_spin_unlock_irqrestore+0x82/0xd0 [ 728.235931] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 728.240498] ? trace_hardirqs_on+0xbd/0x310 [ 728.244806] ? kasan_check_read+0x11/0x20 [ 728.248945] ? ___ratelimit+0x3b4/0x672 [ 728.252910] ? trace_hardirqs_off_caller+0x300/0x300 [ 728.258001] ? trace_hardirqs_on+0x310/0x310 [ 728.262399] ? lock_downgrade+0x900/0x900 [ 728.266773] ? _raw_spin_unlock_irqrestore+0x6d/0xd0 [ 728.271867] ? ___ratelimit+0x3b9/0x672 [ 728.275838] ? idr_get_free+0xf70/0xf70 [ 728.279798] ? _raw_spin_unlock_irq+0x27/0x80 [ 728.284279] ? _raw_spin_unlock_irq+0x27/0x80 [ 728.288767] oom_kill_process.cold.27+0x10/0x903 [ 728.293514] ? _raw_spin_unlock_irq+0x27/0x80 [ 728.297995] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 728.302575] ? oom_evaluate_task+0x540/0x540 [ 728.306973] ? cgroup_procs_next+0x70/0x70 [ 728.311197] ? _raw_spin_unlock_irq+0x60/0x80 [ 728.315677] ? oom_badness+0xaa0/0xaa0 [ 728.319561] ? mem_cgroup_scan_tasks+0x1c3/0x1e0 [ 728.324315] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 728.329057] ? mem_cgroup_iter_break+0x30/0x30 [ 728.333655] ? out_of_memory+0x1d5/0x1430 [ 728.337800] out_of_memory+0xa7f/0x1430 [ 728.341763] ? retint_kernel+0x2d/0x2d [ 728.345636] ? oom_killer_disable+0x3a0/0x3a0 [ 728.350127] ? _raw_spin_unlock_irqrestore+0xaf/0xd0 [ 728.355344] mem_cgroup_out_of_memory+0x15e/0x210 [ 728.360198] ? memory_oom_group_write+0x160/0x160 [ 728.365047] ? mem_cgroup_try_charge+0x627/0xe20 [ 728.369792] ? page_counter_try_charge+0x1c1/0x220 [ 728.374735] try_charge+0xdcd/0x1720 [ 728.378440] ? kasan_check_read+0x11/0x20 [ 728.382580] ? mem_cgroup_from_task+0x1f0/0x1f0 [ 728.387241] ? get_mem_cgroup_from_mm.part.62+0x221/0x880 [ 728.392780] ? lock_page_memcg+0x350/0x350 [ 728.397099] ? lock_acquire+0x268/0x520 [ 728.401063] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 728.406606] ? check_preemption_disabled+0x48/0x280 [ 728.411614] ? kasan_check_read+0x11/0x20 [ 728.415750] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 728.421010] ? rcu_softirq_qs+0x20/0x20 [ 728.424979] mem_cgroup_try_charge+0x627/0xe20 [ 728.429556] ? mark_held_locks+0xc7/0x130 [ 728.433693] ? mem_cgroup_protected+0xa60/0xa60 [ 728.438351] ? retint_kernel+0x2d/0x2d [ 728.442224] ? trace_hardirqs_on_caller+0xc0/0x310 [ 728.447142] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 728.451892] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 728.457372] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 728.462132] ? retint_kernel+0x2d/0x2d [ 728.466013] mem_cgroup_try_charge_delay+0x1d/0xa0 [ 728.470931] wp_page_copy+0x51d/0x24f0 [ 728.474811] ? follow_pfn+0x2e0/0x2e0 [ 728.478605] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 728.484128] ? reuse_swap_page+0x4bd/0x1520 [ 728.488435] ? swp_swapcount+0x530/0x530 [ 728.492486] ? mark_held_locks+0xc7/0x130 [ 728.496642] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 728.501388] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 728.505963] ? retint_kernel+0x2d/0x2d [ 728.509838] ? trace_hardirqs_on_caller+0xc0/0x310 [ 728.514770] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 728.519521] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 728.524975] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 728.529722] ? retint_kernel+0x2d/0x2d [ 728.533610] ? lock_release+0x4ea/0xa10 [ 728.537579] ? do_wp_page+0x518/0x2920 [ 728.541451] ? lock_downgrade+0x900/0x900 [ 728.545707] ? wake_up_page_bit+0x6f0/0x6f0 [ 728.550029] ? kasan_check_read+0x11/0x20 [ 728.554163] ? do_raw_spin_unlock+0xa7/0x330 [ 728.558569] ? do_raw_spin_trylock+0x270/0x270 [ 728.563139] ? __pte_alloc_kernel+0x220/0x220 [ 728.567621] ? perf_trace_lock_acquire+0x15b/0x800 [ 728.572549] do_wp_page+0x520/0x2920 [ 728.576251] ? check_preemption_disabled+0x48/0x280 [ 728.581254] ? finish_mkwrite_fault+0x650/0x650 [ 728.585909] ? mark_held_locks+0xc7/0x130 [ 728.590045] ? perf_trace_lock+0x7a0/0x7a0 [ 728.594284] ? trace_hardirqs_on_caller+0xc0/0x310 [ 728.599212] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 728.604740] ? __lock_acquire+0x62f/0x4c20 [ 728.608973] ? mark_held_locks+0x130/0x130 [ 728.613197] ? follow_page_pte+0xdd7/0x1ab0 [ 728.617526] ? lock_downgrade+0x900/0x900 [ 728.621670] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 728.627195] ? check_preemption_disabled+0x48/0x280 [ 728.632203] ? debug_smp_processor_id+0x1c/0x20 [ 728.636859] ? perf_trace_lock_acquire+0x15b/0x800 [ 728.641783] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 728.647340] ? follow_page_pte+0x4f9/0x1ab0 [ 728.651664] ? mark_held_locks+0xc7/0x130 [ 728.655804] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 728.660547] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 728.665124] ? retint_kernel+0x2d/0x2d [ 728.669004] ? trace_hardirqs_on_caller+0xc0/0x310 [ 728.673932] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 728.679388] ? __lock_acquire+0x62f/0x4c20 [ 728.683618] ? lock_acquire+0x1ed/0x520 [ 728.687585] ? __handle_mm_fault+0x1fa9/0x5be0 [ 728.692174] ? kasan_check_write+0x14/0x20 [ 728.696397] ? do_raw_spin_lock+0x14f/0x350 [ 728.701040] ? rwlock_bug.part.2+0x90/0x90 [ 728.705268] ? pmd_devmap_trans_unstable+0x98/0x220 [ 728.710272] ? __sanitizer_cov_trace_pc+0x26/0x50 [ 728.715107] __handle_mm_fault+0x3be9/0x5be0 [ 728.719503] ? print_usage_bug+0xc0/0xc0 [ 728.723560] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 728.728397] ? perf_trace_lock+0x7a0/0x7a0 [ 728.732626] ? retint_kernel+0x2d/0x2d [ 728.736517] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 728.742049] ? graph_lock+0x270/0x270 [ 728.745836] ? graph_lock+0x270/0x270 [ 728.749628] ? trace_hardirqs_on_caller+0xc0/0x310 [ 728.754549] ? find_held_lock+0x36/0x1c0 [ 728.758615] ? handle_mm_fault+0x42a/0xc70 [ 728.762837] ? lock_downgrade+0x900/0x900 [ 728.766969] ? check_preemption_disabled+0x48/0x280 [ 728.771976] ? kasan_check_read+0x11/0x20 [ 728.776112] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 728.781385] ? rcu_read_unlock_special+0x370/0x370 [ 728.786304] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 728.791827] ? check_preemption_disabled+0x48/0x280 [ 728.796853] handle_mm_fault+0x54f/0xc70 [ 728.800905] ? __handle_mm_fault+0x5be0/0x5be0 [ 728.805474] ? __get_user_pages+0xc1c/0x1ed0 [ 728.809866] ? __get_user_pages+0x7b2/0x1ed0 [ 728.814265] __get_user_pages+0xa3d/0x1ed0 [ 728.818494] ? follow_page_mask+0x2160/0x2160 [ 728.823005] ? mark_held_locks+0xc7/0x130 [ 728.827148] ? mark_held_locks+0xc7/0x130 [ 728.831287] ? mark_held_locks+0xc7/0x130 [ 728.835442] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 728.840198] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 728.844770] ? retint_kernel+0x2d/0x2d [ 728.848643] ? trace_hardirqs_on_caller+0xc0/0x310 [ 728.853558] ? __mm_populate+0x31a/0x4d0 [ 728.857609] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 728.862355] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 728.867793] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 728.872540] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 728.877289] populate_vma_page_range+0x2db/0x3d0 [ 728.882042] ? follow_page+0x420/0x420 [ 728.885940] ? __mm_populate+0x1b8/0x4d0 [ 728.889992] __mm_populate+0x286/0x4d0 [ 728.893871] ? populate_vma_page_range+0x3d0/0x3d0 [ 728.898793] __x64_sys_mlockall+0x45b/0x630 [ 728.903102] ? __ia32_sys_munlock+0x160/0x160 [ 728.907593] ? retint_kernel+0x2d/0x2d [ 728.911473] ? __ia32_sys_munlock+0x160/0x160 [ 728.915966] ? do_syscall_64+0x179/0x820 [ 728.920017] do_syscall_64+0x1b9/0x820 [ 728.923889] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 728.929236] ? syscall_return_slowpath+0x5e0/0x5e0 [ 728.934147] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 728.938976] ? trace_hardirqs_on_caller+0x310/0x310 [ 728.944072] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 728.949074] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 728.954599] ? prepare_exit_to_usermode+0x291/0x3b0 [ 728.959605] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 728.964439] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 728.969616] RIP: 0033:0x457569 [ 728.972798] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 728.991686] RSP: 002b:00007f835d885c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097 [ 728.999393] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 0000000000457569 [ 729.006752] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 729.014017] RBP: 000000000072bfa0 R08: 0000000000000000 R09: 0000000000000000 [ 729.021292] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f835d8866d4 [ 729.028550] R13: 00000000004c2b54 R14: 00000000004d4810 R15: 00000000ffffffff [ 729.042811] Task in /syz0 killed as a result of limit of /syz0 [ 729.049085] memory: usage 307200kB, limit 307200kB, failcnt 1799 [ 729.055621] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 729.062618] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 729.068877] Memory cgroup stats for /syz0: cache:144KB rss:297280KB rss_huge:262144KB shmem:28KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:65672KB active_anon:17080KB inactive_file:0KB active_file:0KB unevictable:214712KB [ 729.090820] Memory cgroup out of memory: Kill process 20641 (syz-executor0) score 1216 or sacrifice child [ 729.100969] Killed process 20683 (syz-executor0) total-vm:70468kB, anon-rss:18068kB, file-rss:32896kB, shmem-rss:0kB [ 729.114156] oom_reaper: reaped process 20683 (syz-executor0), now anon-rss:0kB, file-rss:32768kB, shmem-rss:0kB [ 730.170553] syz-executor0 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=1000 [ 730.182167] syz-executor0 cpuset=syz0 mems_allowed=0 [ 730.187353] CPU: 1 PID: 20685 Comm: syz-executor0 Not tainted 4.20.0-rc1-next-20181109+ #110 [ 730.195910] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 730.205260] Call Trace: [ 730.207900] dump_stack+0x244/0x39d [ 730.211518] ? dump_stack_print_info.cold.1+0x20/0x20 [ 730.216698] ? mark_held_locks+0x130/0x130 [ 730.221041] dump_header+0x27b/0xf72 [ 730.224745] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 730.229314] ? retint_kernel+0x2d/0x2d [ 730.233190] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 730.238727] ? pagefault_out_of_memory+0x197/0x197 [ 730.243643] ? print_usage_bug+0xc0/0xc0 [ 730.247690] ? debug_smp_processor_id+0x1c/0x20 [ 730.252348] ? perf_trace_lock_acquire+0x15b/0x800 [ 730.257268] ? perf_trace_lock+0x7a0/0x7a0 [ 730.261497] ? mark_held_locks+0xc7/0x130 [ 730.265650] ? print_usage_bug+0xc0/0xc0 [ 730.269719] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 730.274465] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 730.279037] ? retint_kernel+0x2d/0x2d [ 730.283037] ? trace_hardirqs_on_caller+0xc0/0x310 [ 730.287978] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 730.292725] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 730.298183] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 730.303048] ? retint_kernel+0x2d/0x2d [ 730.306943] ? _raw_spin_unlock_irqrestore+0xaf/0xd0 [ 730.312153] ? _raw_spin_unlock_irqrestore+0x6d/0xd0 [ 730.317244] ? ___ratelimit+0x3b9/0x672 [ 730.321222] ? idr_get_free+0xf70/0xf70 [ 730.325183] ? _raw_spin_unlock_irq+0x27/0x80 [ 730.329788] ? _raw_spin_unlock_irq+0x27/0x80 [ 730.334280] oom_kill_process.cold.27+0x10/0x903 [ 730.339026] ? mark_held_locks+0xc7/0x130 [ 730.343166] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 730.347924] ? oom_evaluate_task+0x540/0x540 [ 730.352345] ? trace_hardirqs_on_caller+0xc0/0x310 [ 730.357263] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 730.362050] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 730.367502] ? _raw_spin_unlock_irq+0x60/0x80 [ 730.372007] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 730.376756] ? retint_kernel+0x2d/0x2d [ 730.380640] out_of_memory+0xa7f/0x1430 [ 730.384600] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 730.389168] ? kasan_check_read+0x11/0x20 [ 730.393305] ? oom_killer_disable+0x3a0/0x3a0 [ 730.397800] mem_cgroup_out_of_memory+0x15e/0x210 [ 730.402651] ? memory_oom_group_write+0x160/0x160 [ 730.407491] ? mem_cgroup_try_charge+0x627/0xe20 [ 730.412250] ? page_counter_try_charge+0x1c1/0x220 [ 730.417168] try_charge+0xdcd/0x1720 [ 730.420882] ? kasan_check_read+0x11/0x20 [ 730.425034] ? mem_cgroup_from_task+0x1f0/0x1f0 [ 730.429698] ? get_mem_cgroup_from_mm.part.62+0x221/0x880 [ 730.435233] ? retint_kernel+0x2d/0x2d [ 730.439113] ? trace_hardirqs_on_caller+0xc0/0x310 [ 730.444031] ? lock_page_memcg+0x350/0x350 [ 730.448255] ? lock_acquire+0x1ed/0x520 [ 730.452214] ? mem_cgroup_oom_control_write+0x100/0x100 [ 730.457567] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 730.463093] ? check_preemption_disabled+0x48/0x280 [ 730.468099] ? kasan_check_read+0x11/0x20 [ 730.472233] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 730.477494] ? rcu_softirq_qs+0x20/0x20 [ 730.481463] mem_cgroup_try_charge+0x627/0xe20 [ 730.486029] ? munlock_vma_page+0x626/0xbe0 [ 730.490356] ? mem_cgroup_protected+0xa60/0xa60 [ 730.495043] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 730.500579] ? page_mapping+0x5a2/0xa50 [ 730.504548] ? mem_cgroup_uncharge+0x100/0x100 [ 730.509116] ? page_evictable+0x2de/0x540 [ 730.513253] ? lock_downgrade+0x900/0x900 [ 730.517392] ? check_preemption_disabled+0x48/0x280 [ 730.522402] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 730.527950] mem_cgroup_try_charge_delay+0x1d/0xa0 [ 730.532872] wp_page_copy+0x51d/0x24f0 [ 730.536764] ? follow_pfn+0x2e0/0x2e0 [ 730.540567] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 730.546113] ? reuse_swap_page+0x4bd/0x1520 [ 730.550433] ? swp_swapcount+0x530/0x530 [ 730.554485] ? perf_trace_mm_lru_insertion+0x1490/0x1490 [ 730.559933] ? print_usage_bug+0xc0/0xc0 [ 730.563994] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 730.568742] ? print_usage_bug+0xc0/0xc0 [ 730.572794] ? retint_kernel+0x2d/0x2d [ 730.576668] ? trace_hardirqs_on_caller+0xc0/0x310 [ 730.581588] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 730.586337] ? mark_held_locks+0xc7/0x130 [ 730.590477] ? graph_lock+0x270/0x270 [ 730.594281] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 730.599046] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 730.603638] ? retint_kernel+0x2d/0x2d [ 730.607534] ? trace_hardirqs_on_caller+0xc0/0x310 [ 730.612462] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 730.617057] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 730.621836] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 730.627318] ? find_held_lock+0x36/0x1c0 [ 730.631402] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 730.636151] ? retint_kernel+0x2d/0x2d [ 730.640027] ? kasan_check_read+0x11/0x20 [ 730.644181] ? do_raw_spin_unlock+0xa7/0x330 [ 730.648594] ? do_raw_spin_trylock+0x270/0x270 [ 730.653186] ? do_raw_spin_unlock+0x2a/0x330 [ 730.657616] do_wp_page+0x520/0x2920 [ 730.661519] ? check_preemption_disabled+0x48/0x280 [ 730.666544] ? finish_mkwrite_fault+0x650/0x650 [ 730.671203] ? mark_held_locks+0xc7/0x130 [ 730.675342] ? perf_trace_lock+0x7a0/0x7a0 [ 730.679572] ? trace_hardirqs_on_caller+0xc0/0x310 [ 730.684517] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 730.690070] ? __lock_acquire+0x62f/0x4c20 [ 730.694821] ? mark_held_locks+0x130/0x130 [ 730.699049] ? follow_page_pte+0xdd7/0x1ab0 [ 730.703378] ? lock_downgrade+0x900/0x900 [ 730.707520] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 730.713395] ? check_preemption_disabled+0x48/0x280 [ 730.718406] ? debug_smp_processor_id+0x1c/0x20 [ 730.723064] ? perf_trace_lock_acquire+0x15b/0x800 [ 730.727999] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 730.733534] ? follow_page_pte+0x4f9/0x1ab0 [ 730.737842] ? print_usage_bug+0xc0/0xc0 [ 730.741897] ? undo_dev_pagemap+0x680/0x680 [ 730.746213] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 730.750960] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 730.755533] ? retint_kernel+0x2d/0x2d [ 730.759409] ? trace_hardirqs_on_caller+0xc0/0x310 [ 730.764340] ? __lock_acquire+0x62f/0x4c20 [ 730.768658] ? lock_acquire+0x1ed/0x520 [ 730.772615] ? __handle_mm_fault+0x1fa9/0x5be0 [ 730.777189] ? kasan_check_write+0x14/0x20 [ 730.781408] ? do_raw_spin_lock+0x14f/0x350 [ 730.785713] ? retint_kernel+0x2d/0x2d [ 730.789598] ? rwlock_bug.part.2+0x90/0x90 [ 730.793820] ? __handle_mm_fault+0x1f02/0x5be0 [ 730.798388] __handle_mm_fault+0x3be9/0x5be0 [ 730.802809] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 730.807638] ? perf_trace_lock+0x7a0/0x7a0 [ 730.811880] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 730.817408] ? pmd_huge+0xf4/0x140 [ 730.820953] ? graph_lock+0x270/0x270 [ 730.824747] ? graph_lock+0x270/0x270 [ 730.828535] ? find_held_lock+0x36/0x1c0 [ 730.832588] ? handle_mm_fault+0x42a/0xc70 [ 730.836825] ? lock_downgrade+0x900/0x900 [ 730.840959] ? check_preemption_disabled+0x48/0x280 [ 730.845976] ? kasan_check_read+0x11/0x20 [ 730.850124] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 730.855393] ? rcu_read_unlock_special+0x370/0x370 [ 730.860309] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 730.865828] ? check_preemption_disabled+0x48/0x280 [ 730.870847] handle_mm_fault+0x54f/0xc70 [ 730.874898] ? __handle_mm_fault+0x5be0/0x5be0 [ 730.879474] __get_user_pages+0xa3d/0x1ed0 [ 730.883692] ? rwsem_down_read_failed+0x342/0x710 [ 730.888524] ? follow_page_mask+0x2160/0x2160 [ 730.893021] ? mark_held_locks+0xc7/0x130 [ 730.897155] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 730.901904] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 730.906472] ? retint_kernel+0x2d/0x2d [ 730.910354] ? trace_hardirqs_on_caller+0xc0/0x310 [ 730.915268] ? trace_hardirqs_on_caller+0xc0/0x310 [ 730.920267] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 730.925010] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 730.930441] ? mark_held_locks+0xc7/0x130 [ 730.934578] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 730.939323] ? retint_kernel+0x2d/0x2d [ 730.943209] populate_vma_page_range+0x2db/0x3d0 [ 730.947951] ? follow_page+0x420/0x420 [ 730.951825] ? __mm_populate+0x1b8/0x4d0 [ 730.955873] __mm_populate+0x286/0x4d0 [ 730.959749] ? populate_vma_page_range+0x3d0/0x3d0 [ 730.964700] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 730.970219] ? ns_capable_common+0x13f/0x170 [ 730.974613] __x64_sys_mlockall+0x45b/0x630 [ 730.978918] ? __ia32_sys_munlock+0x160/0x160 [ 730.983486] ? retint_kernel+0x2d/0x2d [ 730.987368] do_syscall_64+0x1b9/0x820 [ 730.991239] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 730.996587] ? syscall_return_slowpath+0x5e0/0x5e0 [ 731.001499] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 731.006326] ? trace_hardirqs_on_caller+0x310/0x310 [ 731.011338] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 731.016426] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 731.021946] ? prepare_exit_to_usermode+0x291/0x3b0 [ 731.026948] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 731.031781] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 731.036952] RIP: 0033:0x457569 [ 731.040127] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 731.059010] RSP: 002b:00007f835d843c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097 [ 731.066703] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 0000000000457569 [ 731.073955] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 731.081206] RBP: 000000000072c0e0 R08: 0000000000000000 R09: 0000000000000000 [ 731.088458] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f835d8446d4 [ 731.095714] R13: 00000000004c2b54 R14: 00000000004d4810 R15: 00000000ffffffff [ 731.107690] Task in /syz0 killed as a result of limit of /syz0 [ 731.113875] memory: usage 295640kB, limit 307200kB, failcnt 1847 [ 731.120082] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 731.126978] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 731.133511] Memory cgroup stats for /syz0: cache:144KB rss:286192KB rss_huge:253952KB shmem:28KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:58100KB active_anon:19124KB inactive_file:0KB active_file:0KB unevictable:208968KB [ 731.155589] Memory cgroup out of memory: Kill process 20641 (syz-executor0) score 1220 or sacrifice child [ 731.165937] Killed process 20685 (syz-executor0) total-vm:70996kB, anon-rss:18468kB, file-rss:52260kB, shmem-rss:0kB [ 731.178670] oom_reaper: reaped process 20685 (syz-executor0), now anon-rss:18468kB, file-rss:52252kB, shmem-rss:0kB 00:54:26 executing program 0: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000000)=0x102, 0x4) bind$inet(r0, &(0x7f0000942000)={0x2, 0x4e20, @multicast1}, 0x10) getsockopt$IP_VS_SO_GET_SERVICE(r0, 0x0, 0x483, &(0x7f0000000300), &(0x7f00000000c0)=0xfe18) r1 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000400)='/dev/vga_arbiter\x00', 0x3fc, 0x0) getsockopt$IP6T_SO_GET_REVISION_MATCH(r1, 0x29, 0x44, &(0x7f0000000180)={'NETMAP\x00'}, &(0x7f00000001c0)=0x1e) mlockall(0x1) clone(0x0, 0x0, 0xfffffffffffffffe, &(0x7f0000000080), 0xffffffffffffffff) r2 = open(&(0x7f0000000140)='./file0\x00', 0x0, 0x99) exit(0x7fffffffbffefffd) r3 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mlockall(0x3) ioctl$VHOST_SET_VRING_CALL(r1, 0x4008af21, &(0x7f0000000500)={0x3, r2}) r4 = getpgid(0xffffffffffffffff) setpriority(0x1, r4, 0x5) r5 = getpgrp(0x0) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000280)={0xffffffffffffffff, r1, 0x0, 0xf, &(0x7f0000000240)='wlan0\\}md5sum#\x00'}, 0x30) setpgid(r5, r6) vmsplice(r3, &(0x7f00000008c0)=[{&(0x7f0000000800)="50e005e6815dc6b00b10002c519c66795de0d52fc076f1eb6a9c58cde88a6eef0093b24a178e84740aa6d1618e2033d38d4aea0fb17cda768820a83864ac14405192e4549c3ad33fca5d187507c5a984d6a0c72683e7af2d4a070000000000000005b6d0dce139e4c627395426a1f6fc0b416f7163eb07000000d9e0203181735ccac1e530c361262a0a5e0a98e9ca3d17f2f2f0c116fa9fbdbe757d93e323d17f29", 0xa2}], 0x1, 0xf) ioctl$EVIOCGEFFECTS(r1, 0x80044584, &(0x7f0000000580)=""/190) mq_notify(r1, &(0x7f0000000540)={0x0, 0x1c, 0x7, @thr={&(0x7f0000000440)="4c272be7ad31b92a7819bd4438656080ec27849a76ffa174b3fe114201140a34e5e6cb4d6a3ab9bcdc80a2717dd8542f33caa13b8c9cb9f5d11d4c66dc81779917000c05979ce491010f7259d0ecdb80fb30d6cba6e2b753ac23635fbb3d879cc2982fb4bbe1afcea02f12d11d43e1337c25411ae04bd8efc06636c455e15689c75b95c24f0dbdd30bdf91f2313a3e39b263ff5196302f1880765440d8b1", 0x0}}) accept4$inet(0xffffffffffffffff, &(0x7f00000000c0), &(0x7f0000000100)=0x10, 0x0) setsockopt$sock_int(r0, 0x1, 0x3c, &(0x7f0000d4effc)=0x1, 0x4) remap_file_pages(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x4, 0xa1, 0x40001) connect$inet(r0, &(0x7f00000002c0)={0x2, 0x4e20, @local}, 0x10) ioctl$FS_IOC_FSSETXATTR(r2, 0x401c5820, &(0x7f0000000200)={0x6d, 0x7fff, 0x400, 0x40, 0x4}) sendmmsg(r0, &(0x7f00000010c0)=[{{&(0x7f0000000bc0)=@in6={0xa, 0x0, 0xf0ff7f00000000, @mcast1}, 0x80, &(0x7f0000000d40), 0x2fb, &(0x7f0000000d80)}}], 0x4000000000001b4, 0x40400d4) 00:54:26 executing program 2: r0 = add_key$user(&(0x7f0000000040)='user\x00', &(0x7f0000000000)={'syz'}, &(0x7f0000000380)='X', 0x1, 0xfffffffffffffffe) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getsockopt$IP_VS_SO_GET_VERSION(0xffffffffffffffff, 0x0, 0x480, 0x0, 0x0) keyctl$update(0x2, r0, &(0x7f0000000440)="c0ca1cdbaa1aedbbed80dddaa28e15b9449e2e82cca4244c40ffd0fd4e6631c7d3d86e1339de17344340b02dd527f2d8b3ae6c1db3594e657da33c3ec668f143974a65753472df5319a6b83e1e86b8f2666c61a2e700d1c1e0ae1fc52494bd4885a5c64e9007d39fa11313805290dd6342f9775f01a02ec88f6bee22f25a377a9b143abba1264586d2779088006d5f9be82b00f10287031623f73470264cc5897f18f357aad6deb3883da88ae2266664933785a3ce72bb224a441437ea93c21782d4501b9dfbf48a9f3ea14cb792a7876f17297a8c870d7a2d46a36a2cd3e33e21894d91caa64b131dbf5c53066c1ac83ceba29ceab25127e8", 0xf9) r1 = syz_open_dev$swradio(&(0x7f00000000c0)='/dev/swradio#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f0000000340)={0x0, 0x9, 0x1, {0xb, @pix={0x0, 0x1f}}}) mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xfffffffffffffffd, 0x11, r1, 0x0) ioctl$ASHMEM_GET_SIZE(0xffffffffffffffff, 0x7704, 0x0) add_key$user(&(0x7f0000000240)='user\x00', &(0x7f0000000540)={'syz'}, &(0x7f0000000600)="63bbdf5b932bb04481028798fd5fb1bf7183b30984e21c3eb3094d70650ee8624e2bdce1427bd61c8e222dbd67d402b7ccaf0c5dc50030ee14d419fa9c84b0ffd1019f1b2ae022a0f182301f9942566e6f61eabe384c732d0813a18bb3dc9f3a678d9d44e6293e786ab2e6d28f236c138d63fe4f6ece6f3d04", 0x79, 0xfffffffffffffffd) openat$autofs(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/autofs\x00', 0x401, 0x0) 00:54:26 executing program 1: r0 = add_key$user(0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe) keyctl$update(0x2, r0, &(0x7f0000000440), 0x0) r1 = syz_open_dev$swradio(&(0x7f00000000c0)='/dev/swradio#\x00', 0xffffffffffffffff, 0x2) mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xfffffffffffffffd, 0x11, r1, 0x1e) 00:54:26 executing program 5: add_key$user(&(0x7f0000000040)='user\x00', 0x0, &(0x7f0000000380), 0x0, 0xfffffffffffffffe) keyctl$update(0x2, 0x0, 0x0, 0x0) r0 = syz_open_dev$swradio(&(0x7f00000000c0)='/dev/swradio#\x00', 0xffffffffffffffff, 0x2) mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xfffffffffffffffd, 0x11, r0, 0x800000) ioctl$ASHMEM_GET_SIZE(0xffffffffffffffff, 0x7704, 0x0) 00:54:26 executing program 3: syz_open_dev$mice(0x0, 0x0, 0x0) r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000400)="2f6a7374617400c65381b47aaedf2af5c8af3423fc41891bd2a3c56d8c88e29bad43f1da906e855ff182de04227edcbbc2b1df8f180e158e8abd442cc049cffda030ff277875ee010000000000000000000000000000000000000000000000f532144d1671a6cdf5069e5bddcf25cd7f23956b4a82df900f5eb5763b4fe8cc7172962d2590b2dca2a1308c382541b053194d9027d83ee7ba2e3280857f8f9f63fc90bae959c6e67078bf97e615bfd9409914958aadcfb37973543c60d83526e5c267f7dfa54bd524cc9671dedd665199322bdadee125a35b40b7be0c07301f439a7edfa26fa98277c8078b02e2076291c33787c58b0eabbc39288fc10509409de108f5ca26a8c8e1afb70b2a9569cf8f4cdb6d4e97eb7fdf241dee160e6071618333cc0b0e8bc6a17a0b7d604550fd149ad078ffe54c6392fba29015a3ae73774cd12c9c0ed251a7cf843d712d", 0x2761, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)=ANY=[], &(0x7f00000001c0)='GPL\x00'}, 0x48) r1 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x2761, 0x0) ioctl$RTC_UIE_ON(r0, 0x7003) ioctl$PERF_EVENT_IOC_PERIOD(r1, 0x4030582a, &(0x7f0000000000)) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000840), 0x0, &(0x7f0000000700)}, 0x0) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x4030582a, &(0x7f0000000000)) 00:54:26 executing program 4: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000280)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000480)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) read$FUSE(r0, &(0x7f0000003000), 0x4ea) write$FUSE_INIT(r0, &(0x7f0000000600)={0x50, 0x100000000000000, 0x2, {0x7, 0x1c, 0x0, 0x0, 0x7ff}}, 0x50) 00:54:26 executing program 1: r0 = add_key$user(0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe) keyctl$update(0x2, r0, &(0x7f0000000440), 0x0) r1 = syz_open_dev$swradio(&(0x7f00000000c0)='/dev/swradio#\x00', 0xffffffffffffffff, 0x2) mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xfffffffffffffffd, 0x11, r1, 0x8000a0ffffffff) 00:54:26 executing program 5: add_key$user(&(0x7f0000000040)='user\x00', 0x0, &(0x7f0000000380), 0x0, 0xfffffffffffffffe) keyctl$update(0x2, 0x0, 0x0, 0x0) r0 = syz_open_dev$swradio(&(0x7f00000000c0)='/dev/swradio#\x00', 0xffffffffffffffff, 0x2) mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xfffffffffffffffd, 0x11, r0, 0x2000000) ioctl$ASHMEM_GET_SIZE(0xffffffffffffffff, 0x7704, 0x0) 00:54:26 executing program 4: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000280)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000480)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) read$FUSE(r0, &(0x7f0000003000), 0x4ea) write$FUSE_INIT(r0, &(0x7f0000000600)={0x50, 0x800000000000000, 0x2, {0x7, 0x1c, 0x0, 0x0, 0x7ff}}, 0x50) 00:54:26 executing program 2: r0 = add_key$user(&(0x7f0000000040)='user\x00', &(0x7f0000000000)={'syz'}, &(0x7f0000000380)='X', 0x1, 0xfffffffffffffffe) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getsockopt$IP_VS_SO_GET_VERSION(0xffffffffffffffff, 0x0, 0x480, 0x0, 0x0) keyctl$update(0x2, r0, &(0x7f0000000440)="c0ca1cdbaa1aedbbed80dddaa28e15b9449e2e82cca4244c40ffd0fd4e6631c7d3d86e1339de17344340b02dd527f2d8b3ae6c1db3594e657da33c3ec668f143974a65753472df5319a6b83e1e86b8f2666c61a2e700d1c1e0ae1fc52494bd4885a5c64e9007d39fa11313805290dd6342f9775f01a02ec88f6bee22f25a377a9b143abba1264586d2779088006d5f9be82b00f10287031623f73470264cc5897f18f357aad6deb3883da88ae2266664933785a3ce72bb224a441437ea93c21782d4501b9dfbf48a9f3ea14cb792a7876f17297a8c870d7a2d46a36a2cd3e33e21894d91caa64b131dbf5c53066c1ac83ceba29ceab25127e8", 0xf9) r1 = syz_open_dev$swradio(&(0x7f00000000c0)='/dev/swradio#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f0000000340)={0x0, 0x9, 0x1, {0xb, @pix={0x0, 0x1f}}}) mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xfffffffffffffffd, 0x11, r1, 0x0) ioctl$ASHMEM_GET_SIZE(0xffffffffffffffff, 0x7704, 0x0) add_key$user(&(0x7f0000000240)='user\x00', &(0x7f0000000540)={'syz'}, &(0x7f0000000600)="63bbdf5b932bb04481028798fd5fb1bf7183b30984e21c3eb3094d70650ee8624e2bdce1427bd61c8e222dbd67d402b7ccaf0c5dc50030ee14d419fa9c84b0ffd1019f1b2ae022a0f182301f9942566e6f61eabe384c732d0813a18bb3dc9f3a678d9d44e6293e786ab2e6d28f236c138d63fe4f6ece6f3d04", 0x79, 0xfffffffffffffffd) openat$autofs(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/autofs\x00', 0x401, 0x0) 00:54:26 executing program 1: r0 = add_key$user(0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe) keyctl$update(0x2, r0, &(0x7f0000000440), 0x0) r1 = syz_open_dev$swradio(&(0x7f00000000c0)='/dev/swradio#\x00', 0xffffffffffffffff, 0x2) mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xfffffffffffffffd, 0x11, r1, 0x1e00000000000000) 00:54:27 executing program 2: r0 = add_key$user(&(0x7f0000000040)='user\x00', &(0x7f0000000000)={'syz'}, &(0x7f0000000380)='X', 0x1, 0xfffffffffffffffe) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getsockopt$IP_VS_SO_GET_VERSION(0xffffffffffffffff, 0x0, 0x480, 0x0, 0x0) keyctl$update(0x2, r0, &(0x7f0000000440)="c0ca1cdbaa1aedbbed80dddaa28e15b9449e2e82cca4244c40ffd0fd4e6631c7d3d86e1339de17344340b02dd527f2d8b3ae6c1db3594e657da33c3ec668f143974a65753472df5319a6b83e1e86b8f2666c61a2e700d1c1e0ae1fc52494bd4885a5c64e9007d39fa11313805290dd6342f9775f01a02ec88f6bee22f25a377a9b143abba1264586d2779088006d5f9be82b00f10287031623f73470264cc5897f18f357aad6deb3883da88ae2266664933785a3ce72bb224a441437ea93c21782d4501b9dfbf48a9f3ea14cb792a7876f17297a8c870d7a2d46a36a2cd3e33e21894d91caa64b131dbf5c53066c1ac83ceba29ceab25127e8", 0xf9) r1 = syz_open_dev$swradio(&(0x7f00000000c0)='/dev/swradio#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f0000000340)={0x0, 0x9, 0x1, {0xb, @pix={0x0, 0x1f}}}) mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xfffffffffffffffd, 0x11, r1, 0x0) ioctl$ASHMEM_GET_SIZE(0xffffffffffffffff, 0x7704, 0x0) add_key$user(&(0x7f0000000240)='user\x00', &(0x7f0000000540)={'syz'}, &(0x7f0000000600)="63bbdf5b932bb04481028798fd5fb1bf7183b30984e21c3eb3094d70650ee8624e2bdce1427bd61c8e222dbd67d402b7ccaf0c5dc50030ee14d419fa9c84b0ffd1019f1b2ae022a0f182301f9942566e6f61eabe384c732d0813a18bb3dc9f3a678d9d44e6293e786ab2e6d28f236c138d63fe4f6ece6f3d04", 0x79, 0xfffffffffffffffd) openat$autofs(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/autofs\x00', 0x401, 0x0) [ 732.525706] syz-executor0 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=1000 [ 732.537688] syz-executor0 cpuset=syz0 mems_allowed=0 [ 732.542973] CPU: 1 PID: 20735 Comm: syz-executor0 Not tainted 4.20.0-rc1-next-20181109+ #110 [ 732.551555] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 732.560895] Call Trace: [ 732.563483] dump_stack+0x244/0x39d [ 732.567100] ? dump_stack_print_info.cold.1+0x20/0x20 [ 732.572291] ? mark_held_locks+0x130/0x130 [ 732.576519] ? mark_held_locks+0x130/0x130 [ 732.580746] dump_header+0x27b/0xf72 [ 732.584470] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 732.590010] ? pagefault_out_of_memory+0x197/0x197 [ 732.594922] ? print_usage_bug+0xc0/0xc0 [ 732.598989] ? debug_smp_processor_id+0x1c/0x20 [ 732.603642] ? perf_trace_lock_acquire+0x15b/0x800 [ 732.608563] ? perf_trace_lock+0x7a0/0x7a0 [ 732.612789] ? mark_held_locks+0xc7/0x130 [ 732.616924] ? print_usage_bug+0xc0/0xc0 [ 732.620980] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 732.625766] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 732.630338] ? retint_kernel+0x2d/0x2d [ 732.634220] ? trace_hardirqs_on_caller+0xc0/0x310 [ 732.639149] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 732.643891] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 732.649368] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 732.654135] ? retint_kernel+0x2d/0x2d [ 732.658024] ? _raw_spin_unlock_irqrestore+0xaf/0xd0 [ 732.663118] ? _raw_spin_unlock_irqrestore+0x6d/0xd0 [ 732.668212] ? ___ratelimit+0x3b9/0x672 [ 732.672175] ? idr_get_free+0xf70/0xf70 [ 732.676151] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 732.680911] oom_kill_process.cold.27+0x10/0x903 [ 732.685658] ? mark_held_locks+0xc7/0x130 [ 732.689794] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 732.694881] ? oom_evaluate_task+0x540/0x540 [ 732.699291] ? trace_hardirqs_on_caller+0xc0/0x310 [ 732.704216] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 732.708971] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 732.714408] ? _raw_spin_unlock_irq+0x56/0x80 [ 732.718888] ? _raw_spin_unlock_irq+0x60/0x80 [ 732.723377] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 732.728135] ? retint_kernel+0x2d/0x2d [ 732.732017] out_of_memory+0xa7f/0x1430 [ 732.735978] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 732.740549] ? kasan_check_read+0x11/0x20 [ 732.744693] ? oom_killer_disable+0x3a0/0x3a0 [ 732.749186] mem_cgroup_out_of_memory+0x15e/0x210 [ 732.754023] ? memory_oom_group_write+0x160/0x160 [ 732.758858] try_charge+0xdcd/0x1720 [ 732.762563] ? kasan_check_read+0x11/0x20 [ 732.766706] ? mem_cgroup_from_task+0x1f0/0x1f0 [ 732.771379] ? get_mem_cgroup_from_mm.part.62+0x221/0x880 [ 732.776903] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 732.781649] ? lock_page_memcg+0x350/0x350 [ 732.785874] ? lock_acquire+0x1ed/0x520 [ 732.789838] ? mem_cgroup_oom_control_write+0x100/0x100 [ 732.795196] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 732.800727] ? check_preemption_disabled+0x48/0x280 [ 732.805757] ? kasan_check_read+0x11/0x20 [ 732.809893] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 732.815156] ? rcu_softirq_qs+0x20/0x20 [ 732.819143] mem_cgroup_try_charge+0x627/0xe20 [ 732.823717] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 732.828465] ? mem_cgroup_protected+0xa60/0xa60 [ 732.833120] ? retint_kernel+0x2d/0x2d [ 732.836997] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 732.842526] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 732.847273] ? retint_kernel+0x2d/0x2d [ 732.851157] ? get_task_policy.part.40+0x29/0xb0 [ 732.855908] ? get_task_policy.part.40+0x71/0xb0 [ 732.860655] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 732.866192] mem_cgroup_try_charge_delay+0x1d/0xa0 [ 732.871112] wp_page_copy+0x51d/0x24f0 [ 732.875010] ? follow_pfn+0x2e0/0x2e0 [ 732.878800] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 732.884320] ? reuse_swap_page+0x4bd/0x1520 [ 732.888649] ? swp_swapcount+0x530/0x530 [ 732.892708] ? perf_trace_mm_lru_insertion+0x1490/0x1490 [ 732.898159] ? trace_hardirqs_on_caller+0xc0/0x310 [ 732.903094] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 732.907835] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 732.913274] ? print_usage_bug+0xc0/0xc0 [ 732.917324] ? mark_held_locks+0xc7/0x130 [ 732.921466] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 732.926037] ? graph_lock+0x270/0x270 [ 732.929827] ? __lock_acquire+0x62f/0x4c20 [ 732.934047] ? print_usage_bug+0xc0/0xc0 [ 732.938098] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 732.942845] ? find_held_lock+0x36/0x1c0 [ 732.946900] ? do_wp_page+0x518/0x2920 [ 732.950795] ? lock_downgrade+0x900/0x900 [ 732.954948] ? wake_up_page_bit+0x6f0/0x6f0 [ 732.959260] ? kasan_check_read+0x11/0x20 [ 732.963407] ? do_raw_spin_unlock+0xa7/0x330 [ 732.967813] ? do_raw_spin_trylock+0x270/0x270 [ 732.972387] ? __pte_alloc_kernel+0x220/0x220 [ 732.976872] ? perf_trace_lock_acquire+0x15b/0x800 [ 732.981796] do_wp_page+0x520/0x2920 [ 732.985501] ? check_preemption_disabled+0x48/0x280 [ 732.990507] ? finish_mkwrite_fault+0x650/0x650 [ 732.995179] ? mark_held_locks+0xc7/0x130 [ 732.999319] ? perf_trace_lock+0x7a0/0x7a0 [ 733.003543] ? trace_hardirqs_on_caller+0xc0/0x310 [ 733.008464] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 733.013989] ? __lock_acquire+0x62f/0x4c20 [ 733.018226] ? mark_held_locks+0x130/0x130 [ 733.022452] ? follow_page_pte+0xdd7/0x1ab0 [ 733.026759] ? lock_downgrade+0x900/0x900 [ 733.030902] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 733.036426] ? check_preemption_disabled+0x48/0x280 [ 733.041430] ? debug_smp_processor_id+0x1c/0x20 [ 733.046087] ? perf_trace_lock_acquire+0x15b/0x800 [ 733.051004] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 733.056535] ? follow_page_pte+0x4f9/0x1ab0 [ 733.060850] ? print_usage_bug+0xc0/0xc0 [ 733.064922] ? undo_dev_pagemap+0x680/0x680 [ 733.069245] ? print_usage_bug+0xc0/0xc0 [ 733.073291] ? retint_kernel+0x2d/0x2d [ 733.077176] ? __lock_acquire+0x62f/0x4c20 [ 733.081402] ? lock_acquire+0x1ed/0x520 [ 733.085366] ? __handle_mm_fault+0x1fa9/0x5be0 [ 733.089945] ? kasan_check_write+0x14/0x20 [ 733.094170] ? do_raw_spin_lock+0x14f/0x350 [ 733.098480] ? rwlock_bug.part.2+0x90/0x90 [ 733.102703] ? print_usage_bug+0xc0/0xc0 [ 733.106753] ? trace_hardirqs_on_caller+0xc0/0x310 [ 733.111675] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 733.116423] __handle_mm_fault+0x3be9/0x5be0 [ 733.120837] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 733.125673] ? mark_held_locks+0xc7/0x130 [ 733.129808] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 733.134554] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 733.139149] ? graph_lock+0x270/0x270 [ 733.142945] ? graph_lock+0x270/0x270 [ 733.146740] ? find_held_lock+0x36/0x1c0 [ 733.150815] ? handle_mm_fault+0x42a/0xc70 [ 733.155047] ? lock_downgrade+0x900/0x900 [ 733.159183] ? check_preemption_disabled+0x48/0x280 [ 733.164194] ? kasan_check_read+0x11/0x20 [ 733.168328] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 733.173609] ? rcu_read_unlock_special+0x370/0x370 [ 733.178526] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 733.184047] ? check_preemption_disabled+0x48/0x280 [ 733.189053] handle_mm_fault+0x54f/0xc70 [ 733.193105] ? __handle_mm_fault+0x5be0/0x5be0 [ 733.197690] __get_user_pages+0xa3d/0x1ed0 [ 733.201926] ? follow_page_mask+0x2160/0x2160 [ 733.206426] ? mark_held_locks+0xc7/0x130 [ 733.210571] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 733.215320] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 733.219888] ? retint_kernel+0x2d/0x2d [ 733.223766] ? trace_hardirqs_on_caller+0xc0/0x310 [ 733.228689] ? mark_held_locks+0xc7/0x130 [ 733.232829] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 733.237586] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 733.242161] ? retint_kernel+0x2d/0x2d [ 733.246038] ? trace_hardirqs_on_caller+0xc0/0x310 [ 733.250954] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 733.255718] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 733.261163] ? retint_kernel+0x2d/0x2d [ 733.265058] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 733.269810] populate_vma_page_range+0x2db/0x3d0 [ 733.274555] ? follow_page+0x420/0x420 [ 733.278428] ? __mm_populate+0x2d2/0x4d0 [ 733.282480] __mm_populate+0x286/0x4d0 [ 733.286361] ? populate_vma_page_range+0x3d0/0x3d0 [ 733.291281] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 733.296808] ? ns_capable_common+0x13f/0x170 [ 733.301209] __x64_sys_mlockall+0x45b/0x630 [ 733.305520] ? __ia32_sys_munlock+0x160/0x160 [ 733.310004] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 733.315530] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 733.320882] ? trace_hardirqs_off_caller+0x300/0x300 [ 733.325979] do_syscall_64+0x1b9/0x820 [ 733.329852] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 733.335208] ? syscall_return_slowpath+0x5e0/0x5e0 [ 733.340136] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 733.344985] ? trace_hardirqs_on_caller+0x310/0x310 [ 733.349986] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 733.354987] ? prepare_exit_to_usermode+0x291/0x3b0 [ 733.360010] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 733.364945] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 733.370156] RIP: 0033:0x457569 [ 733.373338] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 733.392226] RSP: 002b:00007f835d885c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097 [ 733.399950] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 0000000000457569 [ 733.407208] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 733.414465] RBP: 000000000072bfa0 R08: 0000000000000000 R09: 0000000000000000 [ 733.421720] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f835d8866d4 [ 733.428973] R13: 00000000004c2b54 R14: 00000000004d4810 R15: 00000000ffffffff [ 733.442173] Task in /syz0 killed as a result of limit of /syz0 [ 733.448337] memory: usage 307200kB, limit 307200kB, failcnt 1889 [ 733.454604] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 733.461477] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 733.467655] Memory cgroup stats for /syz0: cache:144KB rss:297548KB rss_huge:268288KB shmem:28KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:61576KB active_anon:17080KB inactive_file:0KB active_file:0KB unevictable:218896KB [ 733.489792] Memory cgroup out of memory: Kill process 20700 (syz-executor0) score 1216 or sacrifice child [ 733.500113] Killed process 20736 (syz-executor0) total-vm:70468kB, anon-rss:18068kB, file-rss:32768kB, shmem-rss:0kB [ 733.516016] oom_reaper: reaped process 20736 (syz-executor0), now anon-rss:0kB, file-rss:32768kB, shmem-rss:0kB [ 734.427797] syz-executor0 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=1000 [ 734.439933] syz-executor0 cpuset=syz0 mems_allowed=0 [ 734.445331] CPU: 1 PID: 20738 Comm: syz-executor0 Not tainted 4.20.0-rc1-next-20181109+ #110 [ 734.453904] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 734.463244] Call Trace: [ 734.465825] dump_stack+0x244/0x39d [ 734.469451] ? dump_stack_print_info.cold.1+0x20/0x20 [ 734.474641] ? mark_held_locks+0x130/0x130 [ 734.478865] dump_header+0x27b/0xf72 [ 734.482570] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 734.487137] ? retint_kernel+0x2d/0x2d [ 734.491011] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 734.496538] ? pagefault_out_of_memory+0x197/0x197 [ 734.501451] ? print_usage_bug+0xc0/0xc0 [ 734.505510] ? debug_smp_processor_id+0x1c/0x20 [ 734.510173] ? perf_trace_lock_acquire+0x15b/0x800 [ 734.515097] ? perf_trace_lock+0x7a0/0x7a0 [ 734.519328] ? mark_held_locks+0xc7/0x130 [ 734.523460] ? print_usage_bug+0xc0/0xc0 [ 734.527510] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 734.532264] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 734.536842] ? retint_kernel+0x2d/0x2d [ 734.540718] ? trace_hardirqs_on_caller+0xc0/0x310 [ 734.545635] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 734.550379] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 734.555824] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 734.560570] ? retint_kernel+0x2d/0x2d [ 734.564452] ? _raw_spin_unlock_irqrestore+0xb4/0xd0 [ 734.569546] ? _raw_spin_unlock_irqrestore+0x6d/0xd0 [ 734.574636] ? ___ratelimit+0x3b9/0x672 [ 734.578595] ? idr_get_free+0xf70/0xf70 [ 734.582571] oom_kill_process.cold.27+0x10/0x903 [ 734.587326] ? _raw_spin_unlock_irq+0x56/0x80 [ 734.591809] ? oom_evaluate_task+0x540/0x540 [ 734.596209] ? cgroup_procs_next+0x70/0x70 [ 734.600429] ? _raw_spin_unlock_irq+0x56/0x80 [ 734.605012] ? _raw_spin_unlock_irq+0x60/0x80 [ 734.609493] ? oom_badness+0xaa0/0xaa0 [ 734.613369] ? mem_cgroup_scan_tasks+0x1c3/0x1e0 [ 734.618132] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 734.622873] ? mem_cgroup_iter_break+0x30/0x30 [ 734.627451] ? oom_badness+0xaa0/0xaa0 [ 734.631327] out_of_memory+0xa7f/0x1430 [ 734.635292] ? retint_kernel+0x2d/0x2d [ 734.639292] ? oom_killer_disable+0x3a0/0x3a0 [ 734.643780] ? _raw_spin_unlock_irqrestore+0xaf/0xd0 [ 734.648884] mem_cgroup_out_of_memory+0x15e/0x210 [ 734.653711] ? memory_oom_group_write+0x160/0x160 [ 734.658539] ? mem_cgroup_try_charge+0x627/0xe20 [ 734.663301] ? page_counter_try_charge+0x1c1/0x220 [ 734.668220] try_charge+0xdcd/0x1720 [ 734.672020] ? kasan_check_read+0x11/0x20 [ 734.676166] ? mem_cgroup_from_task+0x1f0/0x1f0 [ 734.680848] ? get_mem_cgroup_from_mm.part.62+0x221/0x880 [ 734.686384] ? lock_page_memcg+0x350/0x350 [ 734.690611] ? lock_acquire+0x1ed/0x520 [ 734.694575] ? mem_cgroup_oom_control_write+0x100/0x100 [ 734.700352] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 734.705878] ? check_preemption_disabled+0x48/0x280 [ 734.710886] ? kasan_check_read+0x11/0x20 [ 734.715023] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 734.720292] ? rcu_softirq_qs+0x20/0x20 [ 734.724265] mem_cgroup_try_charge+0x627/0xe20 [ 734.728840] ? mem_cgroup_protected+0xa60/0xa60 [ 734.733499] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 734.739024] ? page_mapping+0x5a2/0xa50 [ 734.743005] ? page_evictable+0x2de/0x540 [ 734.747141] ? check_preemption_disabled+0x48/0x280 [ 734.752149] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 734.757692] mem_cgroup_try_charge_delay+0x1d/0xa0 [ 734.762616] wp_page_copy+0x51d/0x24f0 [ 734.766499] ? follow_pfn+0x2e0/0x2e0 [ 734.770288] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 734.775812] ? reuse_swap_page+0x4bd/0x1520 [ 734.780124] ? swp_swapcount+0x530/0x530 [ 734.784174] ? perf_trace_mm_lru_insertion+0x1490/0x1490 [ 734.789612] ? trace_hardirqs_on_caller+0xc0/0x310 [ 734.794542] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 734.799297] ? print_usage_bug+0xc0/0xc0 [ 734.803348] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 734.807941] ? graph_lock+0x270/0x270 [ 734.811733] ? __lock_acquire+0x62f/0x4c20 [ 734.815955] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 734.820702] ? find_held_lock+0x36/0x1c0 [ 734.824778] ? do_wp_page+0x518/0x2920 [ 734.828663] ? lock_downgrade+0x900/0x900 [ 734.832799] ? wake_up_page_bit+0x6f0/0x6f0 [ 734.837109] ? kasan_check_read+0x11/0x20 [ 734.841249] ? do_raw_spin_unlock+0xa7/0x330 [ 734.845653] ? do_raw_spin_trylock+0x270/0x270 [ 734.850237] ? __pte_alloc_kernel+0x220/0x220 [ 734.854724] ? perf_trace_lock_acquire+0x15b/0x800 [ 734.859643] do_wp_page+0x520/0x2920 [ 734.863346] ? check_preemption_disabled+0x48/0x280 [ 734.868352] ? finish_mkwrite_fault+0x650/0x650 [ 734.873011] ? mark_held_locks+0xc7/0x130 [ 734.877242] ? perf_trace_lock+0x7a0/0x7a0 [ 734.881469] ? trace_hardirqs_on_caller+0xc0/0x310 [ 734.886387] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 734.891916] ? __lock_acquire+0x62f/0x4c20 [ 734.896149] ? mark_held_locks+0x130/0x130 [ 734.900375] ? follow_page_pte+0xdd7/0x1ab0 [ 734.904686] ? lock_downgrade+0x900/0x900 [ 734.908826] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 734.914349] ? check_preemption_disabled+0x48/0x280 [ 734.919481] ? debug_smp_processor_id+0x1c/0x20 [ 734.924140] ? perf_trace_lock_acquire+0x15b/0x800 [ 734.929075] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 734.934633] ? follow_page_pte+0x4f9/0x1ab0 [ 734.938959] ? print_usage_bug+0xc0/0xc0 [ 734.943013] ? undo_dev_pagemap+0x680/0x680 [ 734.947332] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 734.952081] ? print_usage_bug+0xc0/0xc0 [ 734.956130] ? print_usage_bug+0xc0/0xc0 [ 734.960195] ? __lock_acquire+0x62f/0x4c20 [ 734.964437] ? lock_acquire+0x1ed/0x520 [ 734.968399] ? __handle_mm_fault+0x1fa9/0x5be0 [ 734.973000] ? kasan_check_write+0x14/0x20 [ 734.977256] ? do_raw_spin_lock+0x14f/0x350 [ 734.981572] ? rwlock_bug.part.2+0x90/0x90 [ 734.985808] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 734.990388] ? retint_kernel+0x2d/0x2d [ 734.994266] ? trace_hardirqs_on_caller+0xc0/0x310 [ 734.999190] __handle_mm_fault+0x3be9/0x5be0 [ 735.003612] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 735.008449] ? perf_trace_lock+0x7a0/0x7a0 [ 735.012672] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 735.018194] ? pmd_huge+0xf4/0x140 [ 735.021753] ? graph_lock+0x270/0x270 [ 735.025568] ? graph_lock+0x270/0x270 [ 735.029384] ? find_held_lock+0x36/0x1c0 [ 735.033472] ? handle_mm_fault+0x42a/0xc70 [ 735.037723] ? lock_downgrade+0x900/0x900 [ 735.041874] ? check_preemption_disabled+0x48/0x280 [ 735.046904] ? kasan_check_read+0x11/0x20 [ 735.051040] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 735.056305] ? rcu_read_unlock_special+0x370/0x370 [ 735.061224] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 735.066750] ? check_preemption_disabled+0x48/0x280 [ 735.071759] handle_mm_fault+0x54f/0xc70 [ 735.075808] ? __handle_mm_fault+0x5be0/0x5be0 [ 735.080376] ? __get_user_pages+0x9ae/0x1ed0 [ 735.084782] __get_user_pages+0xa3d/0x1ed0 [ 735.089018] ? follow_page_mask+0x2160/0x2160 [ 735.093502] ? mark_held_locks+0xc7/0x130 [ 735.097657] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 735.102239] ? retint_kernel+0x2d/0x2d [ 735.106116] ? trace_hardirqs_on_caller+0xc0/0x310 [ 735.111035] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 735.115780] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 735.120525] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 735.125967] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 735.130537] ? retint_kernel+0x2d/0x2d [ 735.134431] ? trace_hardirqs_on_caller+0xc0/0x310 [ 735.139356] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 735.144108] ? retint_kernel+0x2d/0x2d [ 735.147987] ? populate_vma_page_range+0x17a/0x3d0 [ 735.152926] populate_vma_page_range+0x2db/0x3d0 [ 735.157686] ? follow_page+0x420/0x420 [ 735.161566] ? find_vma+0x34/0x190 [ 735.165098] __mm_populate+0x286/0x4d0 [ 735.168979] ? populate_vma_page_range+0x3d0/0x3d0 [ 735.173902] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 735.179421] ? ns_capable_common+0x13f/0x170 [ 735.183818] __x64_sys_mlockall+0x45b/0x630 [ 735.188124] ? __ia32_sys_munlock+0x160/0x160 [ 735.192603] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 735.198131] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 735.203483] ? trace_hardirqs_off_caller+0x300/0x300 [ 735.208582] do_syscall_64+0x1b9/0x820 [ 735.212456] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 735.217805] ? syscall_return_slowpath+0x5e0/0x5e0 [ 735.222717] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 735.227542] ? trace_hardirqs_on_caller+0x310/0x310 [ 735.232551] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 735.237558] ? prepare_exit_to_usermode+0x291/0x3b0 [ 735.242567] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 735.247403] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 735.252576] RIP: 0033:0x457569 [ 735.255755] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 735.274640] RSP: 002b:00007f835d843c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097 [ 735.282334] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 0000000000457569 [ 735.289589] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 735.296931] RBP: 000000000072c0e0 R08: 0000000000000000 R09: 0000000000000000 [ 735.304200] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f835d8446d4 [ 735.311455] R13: 00000000004c2b54 R14: 00000000004d4810 R15: 00000000ffffffff [ 735.324807] Task in /syz0 killed as a result of limit of /syz0 [ 735.331186] memory: usage 297328kB, limit 307200kB, failcnt 1905 [ 735.337378] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 735.344428] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 735.351348] Memory cgroup stats for /syz0: cache:144KB rss:287872KB rss_huge:258048KB shmem:28KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:60148KB active_anon:19112KB inactive_file:0KB active_file:0KB unevictable:208648KB [ 735.373436] Memory cgroup out of memory: Kill process 20700 (syz-executor0) score 1220 or sacrifice child [ 735.383615] Killed process 20738 (syz-executor0) total-vm:70732kB, anon-rss:18452kB, file-rss:52260kB, shmem-rss:0kB [ 735.395888] oom_reaper: reaped process 20738 (syz-executor0), now anon-rss:18452kB, file-rss:52252kB, shmem-rss:0kB 00:54:30 executing program 0: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000000)=0x102, 0x4) bind$inet(r0, &(0x7f0000942000)={0x2, 0x4e20, @multicast1}, 0x10) getsockopt$IP_VS_SO_GET_SERVICE(r0, 0x0, 0x483, &(0x7f0000000300), &(0x7f00000000c0)=0xfe18) r1 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000400)='/dev/vga_arbiter\x00', 0x3fc, 0x0) getsockopt$IP6T_SO_GET_REVISION_MATCH(r1, 0x29, 0x44, &(0x7f0000000180)={'NETMAP\x00'}, &(0x7f00000001c0)=0x1e) mlockall(0x1) clone(0x0, 0x0, 0xfffffffffffffffe, &(0x7f0000000080), 0xffffffffffffffff) r2 = open(&(0x7f0000000140)='./file0\x00', 0x0, 0x99) exit(0x7fffffffbffefffd) r3 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mlockall(0x3) ioctl$VHOST_SET_VRING_CALL(r1, 0x4008af21, &(0x7f0000000500)={0x3, r2}) r4 = getpgid(0xffffffffffffffff) setpriority(0x1, r4, 0x5) r5 = getpgrp(0x0) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000280)={0xffffffffffffffff, r1, 0x0, 0xf, &(0x7f0000000240)='wlan0\\}md5sum#\x00'}, 0x30) setpgid(r5, r6) vmsplice(r3, &(0x7f00000008c0)=[{&(0x7f0000000800)="50e005e6815dc6b00b10002c519c66795de0d52fc076f1eb6a9c58cde88a6eef0093b24a178e84740aa6d1618e2033d38d4aea0fb17cda768820a83864ac14405192e4549c3ad33fca5d187507c5a984d6a0c72683e7af2d4a070000000000000005b6d0dce139e4c627395426a1f6fc0b416f7163eb07000000d9e0203181735ccac1e530c361262a0a5e0a98e9ca3d17f2f2f0c116fa9fbdbe757d93e323d17f29", 0xa2}], 0x1, 0xf) ioctl$EVIOCGEFFECTS(r1, 0x80044584, &(0x7f0000000580)=""/190) mq_notify(r1, &(0x7f0000000540)={0x0, 0x1c, 0x7, @thr={&(0x7f0000000440)="4c272be7ad31b92a7819bd4438656080ec27849a76ffa174b3fe114201140a34e5e6cb4d6a3ab9bcdc80a2717dd8542f33caa13b8c9cb9f5d11d4c66dc81779917000c05979ce491010f7259d0ecdb80fb30d6cba6e2b753ac23635fbb3d879cc2982fb4bbe1afcea02f12d11d43e1337c25411ae04bd8efc06636c455e15689c75b95c24f0dbdd30bdf91f2313a3e39b263ff5196302f1880765440d8b1", 0x0}}) accept4$inet(0xffffffffffffffff, &(0x7f00000000c0), &(0x7f0000000100)=0x10, 0x0) setsockopt$sock_int(r0, 0x1, 0x3c, &(0x7f0000d4effc)=0x1, 0x4) remap_file_pages(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x4, 0xa1, 0x40001) connect$inet(r0, &(0x7f00000002c0)={0x2, 0x4e20, @local}, 0x10) ioctl$FS_IOC_FSSETXATTR(r2, 0x401c5820, &(0x7f0000000200)={0x6d, 0x7fff, 0x400, 0x40, 0x4}) sendmmsg(r0, &(0x7f00000010c0)=[{{&(0x7f0000000bc0)=@in6={0xa, 0x0, 0x8000a0, @mcast1}, 0x80, &(0x7f0000000d40), 0x2fb, &(0x7f0000000d80)}}], 0x4000000000001b4, 0x40400d4) 00:54:30 executing program 5: add_key$user(&(0x7f0000000040)='user\x00', 0x0, &(0x7f0000000380), 0x0, 0xfffffffffffffffe) keyctl$update(0x2, 0x0, 0x0, 0x0) r0 = syz_open_dev$swradio(&(0x7f00000000c0)='/dev/swradio#\x00', 0xffffffffffffffff, 0x2) mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xfffffffffffffffd, 0x11, r0, 0x1e000000) ioctl$ASHMEM_GET_SIZE(0xffffffffffffffff, 0x7704, 0x0) 00:54:30 executing program 3: r0 = syz_open_dev$mice(0x0, 0x0, 0x0) r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000400)="2f6a7374617400c65381b47aaedf2af5c8af3423fc41891bd2a3c56d8c88e29bad43f1da906e855ff182de04227edcbbc2b1df8f180e158e8abd442cc049cffda030ff277875ee010000000000000000000000000000000000000000000000f532144d1671a6cdf5069e5bddcf25cd7f23956b4a82df900f5eb5763b4fe8cc7172962d2590b2dca2a1308c382541b053194d9027d83ee7ba2e3280857f8f9f63fc90bae959c6e67078bf97e615bfd9409914958aadcfb37973543c60d83526e5c267f7dfa54bd524cc9671dedd665199322bdadee125a35b40b7be0c07301f439a7edfa26fa98277c8078b02e2076291c33787c58b0eabbc39288fc10509409de108f5ca26a8c8e1afb70b2a9569cf8f4cdb6d4e97eb7fdf241dee160e6071618333cc0b0e8bc6a17a0b7d604550fd149ad078ffe54c6392fba29015a3ae73774cd12c9c0ed251a7cf843d712d", 0x2761, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)=ANY=[], &(0x7f00000001c0)='GPL\x00'}, 0x48) r2 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x2761, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x4030582a, &(0x7f0000000000)) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000840), 0x0, &(0x7f0000000700)}, 0x0) ioctl$KVM_REINJECT_CONTROL(r0, 0xae71, &(0x7f0000000080)={0xd935}) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r1, 0x4030582a, &(0x7f0000000000)) 00:54:30 executing program 4: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000280)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000480)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) read$FUSE(r0, &(0x7f0000003000), 0x4ea) write$FUSE_INIT(r0, &(0x7f0000000600)={0x50, 0x8000a0ffffffff, 0x2, {0x7, 0x1c, 0x0, 0x0, 0x7ff}}, 0x50) 00:54:30 executing program 1: r0 = add_key$user(0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe) keyctl$update(0x2, r0, &(0x7f0000000440), 0x0) r1 = syz_open_dev$swradio(&(0x7f00000000c0)='/dev/swradio#\x00', 0xffffffffffffffff, 0x2) mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xfffffffffffffffd, 0x11, r1, 0x8000000000000000) 00:54:30 executing program 2: r0 = add_key$user(&(0x7f0000000040)='user\x00', &(0x7f0000000000)={'syz'}, &(0x7f0000000380)='X', 0x1, 0xfffffffffffffffe) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getsockopt$IP_VS_SO_GET_VERSION(0xffffffffffffffff, 0x0, 0x480, 0x0, 0x0) keyctl$update(0x2, r0, &(0x7f0000000440)="c0ca1cdbaa1aedbbed80dddaa28e15b9449e2e82cca4244c40ffd0fd4e6631c7d3d86e1339de17344340b02dd527f2d8b3ae6c1db3594e657da33c3ec668f143974a65753472df5319a6b83e1e86b8f2666c61a2e700d1c1e0ae1fc52494bd4885a5c64e9007d39fa11313805290dd6342f9775f01a02ec88f6bee22f25a377a9b143abba1264586d2779088006d5f9be82b00f10287031623f73470264cc5897f18f357aad6deb3883da88ae2266664933785a3ce72bb224a441437ea93c21782d4501b9dfbf48a9f3ea14cb792a7876f17297a8c870d7a2d46a36a2cd3e33e21894d91caa64b131dbf5c53066c1ac83ceba29ceab25127e8", 0xf9) r1 = syz_open_dev$swradio(&(0x7f00000000c0)='/dev/swradio#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f0000000340)={0x0, 0x9, 0x1, {0xb, @pix={0x0, 0x1f}}}) clone(0x0, &(0x7f0000000080), &(0x7f0000000000), &(0x7f0000915ffc), &(0x7f0000000180)) ioctl$ASHMEM_GET_SIZE(0xffffffffffffffff, 0x7704, 0x0) add_key$user(&(0x7f0000000240)='user\x00', &(0x7f0000000540)={'syz'}, &(0x7f0000000600)="63bbdf5b932bb04481028798fd5fb1bf7183b30984e21c3eb3094d70650ee8624e2bdce1427bd61c8e222dbd67d402b7ccaf0c5dc50030ee14d419fa9c84b0ffd1019f1b2ae022a0f182301f9942566e6f61eabe384c732d0813a18bb3dc9f3a678d9d44e6293e786ab2e6d28f236c138d63fe4f6ece6f3d04", 0x79, 0xfffffffffffffffd) openat$autofs(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/autofs\x00', 0x401, 0x0) 00:54:30 executing program 1: r0 = add_key$user(0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe) keyctl$update(0x2, r0, &(0x7f0000000440), 0x0) r1 = syz_open_dev$swradio(&(0x7f00000000c0)='/dev/swradio#\x00', 0xffffffffffffffff, 0x2) mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xfffffffffffffffd, 0x11, r1, 0xffffffffffffd) 00:54:30 executing program 5: add_key$user(&(0x7f0000000040)='user\x00', 0x0, &(0x7f0000000380), 0x0, 0xfffffffffffffffe) keyctl$update(0x2, 0x0, 0x0, 0x0) r0 = syz_open_dev$swradio(&(0x7f00000000c0)='/dev/swradio#\x00', 0xffffffffffffffff, 0x2) mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xfffffffffffffffd, 0x11, r0, 0x2) ioctl$ASHMEM_GET_SIZE(0xffffffffffffffff, 0x7704, 0x0) 00:54:31 executing program 4: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000280)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000480)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) read$FUSE(r0, &(0x7f0000003000), 0x4ea) write$FUSE_INIT(r0, &(0x7f0000000600)={0x50, 0xc00000000000000, 0x2, {0x7, 0x1c, 0x0, 0x0, 0x7ff}}, 0x50) 00:54:31 executing program 5: add_key$user(&(0x7f0000000040)='user\x00', 0x0, &(0x7f0000000380), 0x0, 0xfffffffffffffffe) keyctl$update(0x2, 0x0, 0x0, 0x0) r0 = syz_open_dev$swradio(&(0x7f00000000c0)='/dev/swradio#\x00', 0xffffffffffffffff, 0x2) mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xfffffffffffffffd, 0x11, r0, 0xffffffffa0008000) ioctl$ASHMEM_GET_SIZE(0xffffffffffffffff, 0x7704, 0x0) 00:54:31 executing program 1: r0 = add_key$user(0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe) keyctl$update(0x2, r0, &(0x7f0000000440), 0x0) r1 = syz_open_dev$swradio(&(0x7f00000000c0)='/dev/swradio#\x00', 0xffffffffffffffff, 0x2) mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xfffffffffffffffd, 0x11, r1, 0x2) 00:54:31 executing program 2: r0 = add_key$user(&(0x7f0000000040)='user\x00', &(0x7f0000000000)={'syz'}, &(0x7f0000000380)='X', 0x1, 0xfffffffffffffffe) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getsockopt$IP_VS_SO_GET_VERSION(0xffffffffffffffff, 0x0, 0x480, 0x0, 0x0) keyctl$update(0x2, r0, &(0x7f0000000440)="c0ca1cdbaa1aedbbed80dddaa28e15b9449e2e82cca4244c40ffd0fd4e6631c7d3d86e1339de17344340b02dd527f2d8b3ae6c1db3594e657da33c3ec668f143974a65753472df5319a6b83e1e86b8f2666c61a2e700d1c1e0ae1fc52494bd4885a5c64e9007d39fa11313805290dd6342f9775f01a02ec88f6bee22f25a377a9b143abba1264586d2779088006d5f9be82b00f10287031623f73470264cc5897f18f357aad6deb3883da88ae2266664933785a3ce72bb224a441437ea93c21782d4501b9dfbf48a9f3ea14cb792a7876f17297a8c870d7a2d46a36a2cd3e33e21894d91caa64b131dbf5c53066c1ac83ceba29ceab25127e8", 0xf9) r1 = syz_open_dev$swradio(&(0x7f00000000c0)='/dev/swradio#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f0000000340)={0x0, 0x9, 0x1, {0xb, @pix={0x0, 0x1f}}}) clone(0x0, &(0x7f0000000080), &(0x7f0000000000), &(0x7f0000915ffc), &(0x7f0000000180)) ioctl$ASHMEM_GET_SIZE(0xffffffffffffffff, 0x7704, 0x0) add_key$user(&(0x7f0000000240)='user\x00', &(0x7f0000000540)={'syz'}, &(0x7f0000000600)="63bbdf5b932bb04481028798fd5fb1bf7183b30984e21c3eb3094d70650ee8624e2bdce1427bd61c8e222dbd67d402b7ccaf0c5dc50030ee14d419fa9c84b0ffd1019f1b2ae022a0f182301f9942566e6f61eabe384c732d0813a18bb3dc9f3a678d9d44e6293e786ab2e6d28f236c138d63fe4f6ece6f3d04", 0x79, 0xfffffffffffffffd) openat$autofs(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/autofs\x00', 0x401, 0x0) [ 736.807035] syz-executor0 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=1000 [ 736.818428] syz-executor0 cpuset=syz0 mems_allowed=0 [ 736.824381] CPU: 0 PID: 20785 Comm: syz-executor0 Not tainted 4.20.0-rc1-next-20181109+ #110 [ 736.832962] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 736.842303] Call Trace: [ 736.844889] dump_stack+0x244/0x39d [ 736.848506] ? dump_stack_print_info.cold.1+0x20/0x20 [ 736.853690] ? mark_held_locks+0x130/0x130 [ 736.857915] ? mark_held_locks+0x130/0x130 [ 736.862147] dump_header+0x27b/0xf72 [ 736.865857] ? print_usage_bug+0xc0/0xc0 [ 736.869911] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 736.875441] ? pagefault_out_of_memory+0x197/0x197 [ 736.880354] ? print_usage_bug+0xc0/0xc0 [ 736.884406] ? debug_smp_processor_id+0x1c/0x20 [ 736.889068] ? perf_trace_lock_acquire+0x15b/0x800 [ 736.893995] ? perf_trace_lock+0x7a0/0x7a0 [ 736.898219] ? mark_held_locks+0xc7/0x130 [ 736.902390] ? mark_held_locks+0xc7/0x130 [ 736.906523] ? print_usage_bug+0xc0/0xc0 [ 736.910690] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 736.915437] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 736.920015] ? retint_kernel+0x2d/0x2d [ 736.923890] ? trace_hardirqs_on_caller+0xc0/0x310 [ 736.928807] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 736.933548] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 736.938991] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 736.943746] ? retint_kernel+0x2d/0x2d [ 736.947631] ? _raw_spin_unlock_irqrestore+0xaf/0xd0 [ 736.952725] ? _raw_spin_unlock_irqrestore+0x6d/0xd0 [ 736.957817] ? ___ratelimit+0x3b9/0x672 [ 736.961780] ? idr_get_free+0xf70/0xf70 [ 736.965763] oom_kill_process.cold.27+0x10/0x903 [ 736.970529] ? _raw_spin_unlock_irq+0x56/0x80 [ 736.975012] ? oom_evaluate_task+0x540/0x540 [ 736.979410] ? cgroup_procs_next+0x70/0x70 [ 736.983634] ? _raw_spin_unlock_irq+0x60/0x80 [ 736.988115] ? oom_badness+0xaa0/0xaa0 [ 736.991992] ? mem_cgroup_scan_tasks+0x1c3/0x1e0 [ 736.996835] ? mem_cgroup_iter_break+0x30/0x30 [ 737.001446] ? trace_hardirqs_on_caller+0xc0/0x310 [ 737.006377] out_of_memory+0xa7f/0x1430 [ 737.010341] ? retint_kernel+0x2d/0x2d [ 737.014219] ? oom_killer_disable+0x3a0/0x3a0 [ 737.018715] ? _raw_spin_unlock_irqrestore+0xaf/0xd0 [ 737.023823] mem_cgroup_out_of_memory+0x15e/0x210 [ 737.028663] ? memory_oom_group_write+0x160/0x160 [ 737.033509] ? page_counter_try_charge+0x1c1/0x220 [ 737.038428] try_charge+0xdcd/0x1720 [ 737.042132] ? kasan_check_read+0x11/0x20 [ 737.046274] ? mem_cgroup_from_task+0x1f0/0x1f0 [ 737.050950] ? get_mem_cgroup_from_mm.part.62+0x221/0x880 [ 737.056479] ? lock_page_memcg+0x350/0x350 [ 737.060722] ? lock_acquire+0x1ed/0x520 [ 737.064708] ? mem_cgroup_oom_control_write+0x100/0x100 [ 737.070059] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 737.075583] ? check_preemption_disabled+0x48/0x280 [ 737.080601] ? kasan_check_read+0x11/0x20 [ 737.084746] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 737.090041] ? rcu_softirq_qs+0x20/0x20 [ 737.094010] mem_cgroup_try_charge+0x627/0xe20 [ 737.098592] ? mark_held_locks+0xc7/0x130 [ 737.102736] ? mem_cgroup_protected+0xa60/0xa60 [ 737.107396] ? retint_kernel+0x2d/0x2d [ 737.111273] ? trace_hardirqs_on_caller+0xc0/0x310 [ 737.116220] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 737.120964] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 737.126409] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 737.131155] ? retint_kernel+0x2d/0x2d [ 737.135050] mem_cgroup_try_charge_delay+0x1d/0xa0 [ 737.139972] wp_page_copy+0x51d/0x24f0 [ 737.143871] ? follow_pfn+0x2e0/0x2e0 [ 737.147667] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 737.153201] ? reuse_swap_page+0x4bd/0x1520 [ 737.157511] ? swp_swapcount+0x530/0x530 [ 737.161570] ? perf_trace_mm_lru_insertion+0x1490/0x1490 [ 737.167021] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 737.172470] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 737.177217] ? print_usage_bug+0xc0/0xc0 [ 737.181269] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 737.186030] ? retint_kernel+0x2d/0x2d [ 737.189920] ? graph_lock+0x270/0x270 [ 737.193715] ? __lock_acquire+0x62f/0x4c20 [ 737.197940] ? mark_page_accessed+0xca1/0x2040 [ 737.202531] ? write_comp_data+0x22/0x70 [ 737.206586] ? find_held_lock+0x36/0x1c0 [ 737.210661] ? do_wp_page+0x518/0x2920 [ 737.214561] ? lock_downgrade+0x900/0x900 [ 737.218714] ? wake_up_page_bit+0x6f0/0x6f0 [ 737.223043] ? kasan_check_read+0x11/0x20 [ 737.227186] ? do_raw_spin_unlock+0xa7/0x330 [ 737.231580] ? do_raw_spin_trylock+0x270/0x270 [ 737.236147] ? __pte_alloc_kernel+0x220/0x220 [ 737.240629] ? perf_trace_lock_acquire+0x15b/0x800 [ 737.245541] ? print_usage_bug+0xc0/0xc0 [ 737.249594] do_wp_page+0x520/0x2920 [ 737.253297] ? check_preemption_disabled+0x48/0x280 [ 737.258301] ? finish_mkwrite_fault+0x650/0x650 [ 737.262960] ? mark_held_locks+0xc7/0x130 [ 737.267103] ? perf_trace_lock+0x7a0/0x7a0 [ 737.271326] ? trace_hardirqs_on_caller+0xc0/0x310 [ 737.276239] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 737.281766] ? __lock_acquire+0x62f/0x4c20 [ 737.286008] ? mark_held_locks+0x130/0x130 [ 737.290227] ? print_usage_bug+0xc0/0xc0 [ 737.294279] ? follow_page_pte+0xdd7/0x1ab0 [ 737.298590] ? lock_downgrade+0x900/0x900 [ 737.302729] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 737.308253] ? check_preemption_disabled+0x48/0x280 [ 737.313262] ? mark_held_locks+0xc7/0x130 [ 737.317400] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 737.322146] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 737.326713] ? retint_kernel+0x2d/0x2d [ 737.330603] ? trace_hardirqs_on_caller+0xc0/0x310 [ 737.335521] ? print_usage_bug+0xc0/0xc0 [ 737.339568] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 737.344310] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 737.349769] ? undo_dev_pagemap+0x680/0x680 [ 737.354080] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 737.358853] ? retint_kernel+0x2d/0x2d [ 737.362742] ? do_raw_spin_lock+0x14f/0x350 [ 737.367049] ? check_memory_region+0x14/0x1b0 [ 737.371534] ? kasan_check_write+0x14/0x20 [ 737.375772] ? do_raw_spin_lock+0x14f/0x350 [ 737.380084] ? rwlock_bug.part.2+0x90/0x90 [ 737.384319] __handle_mm_fault+0x3be9/0x5be0 [ 737.388723] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 737.393556] ? perf_trace_lock+0x7a0/0x7a0 [ 737.397780] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 737.403306] ? pmd_huge+0xf4/0x140 [ 737.406848] ? graph_lock+0x270/0x270 [ 737.410633] ? graph_lock+0x270/0x270 [ 737.414424] ? find_held_lock+0x36/0x1c0 [ 737.418490] ? handle_mm_fault+0x42a/0xc70 [ 737.422725] ? lock_downgrade+0x900/0x900 [ 737.426859] ? check_preemption_disabled+0x48/0x280 [ 737.431868] ? kasan_check_read+0x11/0x20 [ 737.436014] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 737.441289] ? rcu_read_unlock_special+0x370/0x370 [ 737.446220] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 737.451742] ? check_preemption_disabled+0x48/0x280 [ 737.456750] handle_mm_fault+0x54f/0xc70 [ 737.460801] ? __handle_mm_fault+0x5be0/0x5be0 [ 737.465392] ? __get_user_pages+0xcf2/0x1ed0 [ 737.469799] __get_user_pages+0xa3d/0x1ed0 [ 737.474031] ? follow_page_mask+0x2160/0x2160 [ 737.478513] ? debug_smp_processor_id+0x1c/0x20 [ 737.483168] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 737.488705] ? mark_held_locks+0xc7/0x130 [ 737.492849] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 737.497593] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 737.502161] ? retint_kernel+0x2d/0x2d [ 737.506048] ? trace_hardirqs_on_caller+0xc0/0x310 [ 737.510964] ? __mm_populate+0x31a/0x4d0 [ 737.515010] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 737.519752] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 737.525189] ? lock_release+0xa10/0xa10 [ 737.529152] ? perf_trace_sched_process_exec+0x860/0x860 [ 737.534591] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 737.539335] populate_vma_page_range+0x2db/0x3d0 [ 737.544078] ? follow_page+0x420/0x420 [ 737.547953] ? __mm_populate+0x2d2/0x4d0 [ 737.552005] __mm_populate+0x286/0x4d0 [ 737.555884] ? populate_vma_page_range+0x3d0/0x3d0 [ 737.560824] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 737.566365] ? ns_capable_common+0x13f/0x170 [ 737.570782] __x64_sys_mlockall+0x45b/0x630 [ 737.575101] ? __ia32_sys_munlock+0x160/0x160 [ 737.579586] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 737.585113] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 737.590463] ? trace_hardirqs_off_caller+0x300/0x300 [ 737.595563] do_syscall_64+0x1b9/0x820 [ 737.599438] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 737.604814] ? syscall_return_slowpath+0x5e0/0x5e0 [ 737.609730] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 737.614586] ? trace_hardirqs_on_caller+0x310/0x310 [ 737.619609] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 737.624622] ? prepare_exit_to_usermode+0x291/0x3b0 [ 737.629627] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 737.634463] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 737.639647] RIP: 0033:0x457569 [ 737.642860] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 737.661748] RSP: 002b:00007f835d885c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097 [ 737.669443] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 0000000000457569 [ 737.676698] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 737.683954] RBP: 000000000072bfa0 R08: 0000000000000000 R09: 0000000000000000 [ 737.691211] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f835d8866d4 [ 737.698466] R13: 00000000004c2b54 R14: 00000000004d4810 R15: 00000000ffffffff [ 737.710082] Task in /syz0 killed as a result of limit of /syz0 [ 737.716461] memory: usage 307172kB, limit 307200kB, failcnt 1937 [ 737.722856] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 737.729904] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 737.736625] Memory cgroup stats for /syz0: cache:144KB rss:297432KB rss_huge:268288KB shmem:28KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:61576KB active_anon:17080KB inactive_file:0KB active_file:0KB unevictable:218912KB [ 737.758542] Memory cgroup out of memory: Kill process 20747 (syz-executor0) score 1216 or sacrifice child [ 737.768900] Killed process 20789 (syz-executor0) total-vm:70468kB, anon-rss:18068kB, file-rss:32768kB, shmem-rss:0kB [ 737.782745] oom_reaper: reaped process 20789 (syz-executor0), now anon-rss:0kB, file-rss:32768kB, shmem-rss:0kB [ 738.701991] syz-executor0 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=1000 [ 738.713257] syz-executor0 cpuset=syz0 mems_allowed=0 [ 738.718551] CPU: 1 PID: 20797 Comm: syz-executor0 Not tainted 4.20.0-rc1-next-20181109+ #110 [ 738.727122] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 738.736460] Call Trace: [ 738.739039] dump_stack+0x244/0x39d [ 738.742656] ? dump_stack_print_info.cold.1+0x20/0x20 [ 738.747832] ? mark_held_locks+0x130/0x130 [ 738.752052] ? mark_held_locks+0x130/0x130 [ 738.756279] dump_header+0x27b/0xf72 [ 738.759989] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 738.765517] ? pagefault_out_of_memory+0x197/0x197 [ 738.770432] ? print_usage_bug+0xc0/0xc0 [ 738.774496] ? debug_smp_processor_id+0x1c/0x20 [ 738.779155] ? perf_trace_lock_acquire+0x15b/0x800 [ 738.784079] ? perf_trace_lock+0x7a0/0x7a0 [ 738.788320] ? mark_held_locks+0xc7/0x130 [ 738.792452] ? print_usage_bug+0xc0/0xc0 [ 738.796519] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 738.801267] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 738.805839] ? retint_kernel+0x2d/0x2d [ 738.809725] ? trace_hardirqs_on_caller+0xc0/0x310 [ 738.814644] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 738.819390] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 738.824837] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 738.829587] ? retint_kernel+0x2d/0x2d [ 738.833473] ? _raw_spin_unlock_irqrestore+0xaf/0xd0 [ 738.838580] ? _raw_spin_unlock_irqrestore+0x6d/0xd0 [ 738.843682] ? ___ratelimit+0x3b9/0x672 [ 738.847648] ? idr_get_free+0xf70/0xf70 [ 738.851615] oom_kill_process.cold.27+0x10/0x903 [ 738.856364] ? __sanitizer_cov_trace_pc+0x1/0x50 [ 738.861107] ? oom_evaluate_task+0x540/0x540 [ 738.865542] ? cgroup_procs_next+0x70/0x70 [ 738.869801] ? _raw_spin_unlock_irq+0x56/0x80 [ 738.874282] ? _raw_spin_unlock_irq+0x60/0x80 [ 738.878768] ? oom_badness+0xaa0/0xaa0 [ 738.882642] ? mem_cgroup_scan_tasks+0x1c3/0x1e0 [ 738.887384] ? mem_cgroup_iter_break+0x30/0x30 [ 738.891960] ? trace_hardirqs_on_caller+0xc0/0x310 [ 738.896892] out_of_memory+0xa7f/0x1430 [ 738.900859] ? retint_kernel+0x2d/0x2d [ 738.904735] ? oom_killer_disable+0x3a0/0x3a0 [ 738.909224] ? _raw_spin_unlock_irqrestore+0xaf/0xd0 [ 738.914324] mem_cgroup_out_of_memory+0x15e/0x210 [ 738.919156] ? memory_oom_group_write+0x160/0x160 [ 738.923985] ? mem_cgroup_try_charge+0x627/0xe20 [ 738.928735] ? page_counter_try_charge+0x1c1/0x220 [ 738.933653] try_charge+0xdcd/0x1720 [ 738.937356] ? kasan_check_read+0x11/0x20 [ 738.941495] ? mem_cgroup_from_task+0x1f0/0x1f0 [ 738.946165] ? get_mem_cgroup_from_mm.part.62+0x221/0x880 [ 738.951691] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 738.957278] ? lock_page_memcg+0x350/0x350 [ 738.961502] ? lock_acquire+0x1ed/0x520 [ 738.965467] ? mem_cgroup_oom_control_write+0x100/0x100 [ 738.970826] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 738.976350] ? check_preemption_disabled+0x48/0x280 [ 738.981354] ? kasan_check_read+0x11/0x20 [ 738.985497] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 738.990772] ? rcu_softirq_qs+0x20/0x20 [ 738.994745] mem_cgroup_try_charge+0x627/0xe20 [ 738.999347] ? mem_cgroup_protected+0xa60/0xa60 [ 739.004025] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 739.009561] ? page_mapping+0x5a2/0xa50 [ 739.013538] ? page_evictable+0x2de/0x540 [ 739.017675] ? check_preemption_disabled+0x48/0x280 [ 739.022686] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 739.028221] mem_cgroup_try_charge_delay+0x1d/0xa0 [ 739.033140] wp_page_copy+0x51d/0x24f0 [ 739.037027] ? follow_pfn+0x2e0/0x2e0 [ 739.040833] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 739.046360] ? reuse_swap_page+0x4bd/0x1520 [ 739.050712] ? swp_swapcount+0x530/0x530 [ 739.054776] ? perf_trace_mm_lru_insertion+0x1490/0x1490 [ 739.060215] ? trace_hardirqs_on_caller+0xc0/0x310 [ 739.065133] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 739.069875] ? print_usage_bug+0xc0/0xc0 [ 739.073946] ? print_usage_bug+0xc0/0xc0 [ 739.077995] ? retint_kernel+0x2d/0x2d [ 739.081869] ? trace_hardirqs_on_caller+0xc0/0x310 [ 739.086808] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 739.091571] ? graph_lock+0x270/0x270 [ 739.095366] ? mark_held_locks+0xc7/0x130 [ 739.099503] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 739.104250] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 739.108821] ? find_held_lock+0x36/0x1c0 [ 739.112889] ? do_wp_page+0x518/0x2920 [ 739.116764] ? lock_downgrade+0x900/0x900 [ 739.120899] ? wake_up_page_bit+0x6f0/0x6f0 [ 739.125213] ? kasan_check_read+0x11/0x20 [ 739.129351] ? do_raw_spin_unlock+0xa7/0x330 [ 739.133749] ? do_raw_spin_trylock+0x270/0x270 [ 739.138328] do_wp_page+0x520/0x2920 [ 739.142028] ? check_preemption_disabled+0x48/0x280 [ 739.147031] ? finish_mkwrite_fault+0x650/0x650 [ 739.151696] ? trace_hardirqs_on_caller+0xc0/0x310 [ 739.156614] ? mark_held_locks+0xc7/0x130 [ 739.160748] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 739.165492] ? perf_trace_lock+0x7a0/0x7a0 [ 739.169717] ? __lock_acquire+0x62f/0x4c20 [ 739.173941] ? retint_kernel+0x2d/0x2d [ 739.177823] ? mark_held_locks+0x130/0x130 [ 739.182047] ? follow_page_pte+0xdd7/0x1ab0 [ 739.186351] ? lock_downgrade+0x900/0x900 [ 739.190485] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 739.196011] ? check_preemption_disabled+0x48/0x280 [ 739.201012] ? debug_smp_processor_id+0x1c/0x20 [ 739.205666] ? perf_trace_lock_acquire+0x15b/0x800 [ 739.210598] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 739.216123] ? follow_page_pte+0x4f9/0x1ab0 [ 739.220432] ? print_usage_bug+0xc0/0xc0 [ 739.224484] ? undo_dev_pagemap+0x680/0x680 [ 739.228797] ? retint_kernel+0x2d/0x2d [ 739.232672] ? __lock_acquire+0x62f/0x4c20 [ 739.236903] ? lock_acquire+0x1ed/0x520 [ 739.240869] ? __handle_mm_fault+0x1fa9/0x5be0 [ 739.245444] ? kasan_check_write+0x14/0x20 [ 739.249660] ? do_raw_spin_lock+0x14f/0x350 [ 739.253986] ? rwlock_bug.part.2+0x90/0x90 [ 739.258219] __handle_mm_fault+0x3be9/0x5be0 [ 739.262624] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 739.267461] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 739.272923] ? perf_trace_lock+0x7a0/0x7a0 [ 739.277168] ? graph_lock+0x270/0x270 [ 739.280961] ? find_held_lock+0x36/0x1c0 [ 739.285010] ? handle_mm_fault+0x42a/0xc70 [ 739.289252] ? lock_downgrade+0x900/0x900 [ 739.293395] ? check_preemption_disabled+0x48/0x280 [ 739.298401] ? kasan_check_read+0x11/0x20 [ 739.302545] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 739.307811] ? rcu_read_unlock_special+0x370/0x370 [ 739.312727] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 739.318250] ? check_preemption_disabled+0x48/0x280 [ 739.323257] handle_mm_fault+0x54f/0xc70 [ 739.327322] ? __handle_mm_fault+0x5be0/0x5be0 [ 739.331919] ? __get_user_pages+0xa53/0x1ed0 [ 739.336338] ? __get_user_pages+0xb4e/0x1ed0 [ 739.340876] __get_user_pages+0xa3d/0x1ed0 [ 739.345144] ? follow_page_mask+0x2160/0x2160 [ 739.349638] ? find_held_lock+0x36/0x1c0 [ 739.353703] ? rwsem_wake+0x2e5/0x460 [ 739.357497] ? _raw_spin_unlock_irqrestore+0x82/0xd0 [ 739.362586] ? trace_hardirqs_on+0xbd/0x310 [ 739.366890] ? kasan_check_read+0x11/0x20 [ 739.371028] ? lock_acquire+0x1ed/0x520 [ 739.374988] ? __mm_populate+0x31a/0x4d0 [ 739.379037] ? lock_release+0xa10/0xa10 [ 739.382995] ? perf_trace_sched_process_exec+0x860/0x860 [ 739.388427] ? rwsem_wake+0x2ed/0x460 [ 739.392214] ? rwsem_downgrade_wake+0x240/0x240 [ 739.396875] populate_vma_page_range+0x2db/0x3d0 [ 739.401620] ? follow_page+0x420/0x420 [ 739.405493] ? find_vma+0x34/0x190 [ 739.409109] __mm_populate+0x286/0x4d0 [ 739.413006] ? populate_vma_page_range+0x3d0/0x3d0 [ 739.417932] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 739.423456] ? ns_capable_common+0x13f/0x170 [ 739.427852] __x64_sys_mlockall+0x45b/0x630 [ 739.432174] ? __ia32_sys_munlock+0x160/0x160 [ 739.436656] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 739.442190] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 739.447566] ? trace_hardirqs_off_caller+0x300/0x300 [ 739.452670] do_syscall_64+0x1b9/0x820 [ 739.456547] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 739.462013] ? syscall_return_slowpath+0x5e0/0x5e0 [ 739.466924] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 739.471752] ? trace_hardirqs_on_caller+0x310/0x310 [ 739.476750] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 739.481753] ? prepare_exit_to_usermode+0x291/0x3b0 [ 739.486757] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 739.491600] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 739.496768] RIP: 0033:0x457569 [ 739.499943] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 739.518824] RSP: 002b:00007f835d843c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097 [ 739.526515] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 0000000000457569 [ 739.533767] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 739.541020] RBP: 000000000072c0e0 R08: 0000000000000000 R09: 0000000000000000 [ 739.548273] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f835d8446d4 [ 739.555625] R13: 00000000004c2b54 R14: 00000000004d4810 R15: 00000000ffffffff [ 739.570023] Task in /syz0 killed as a result of limit of /syz0 [ 739.576551] memory: usage 297328kB, limit 307200kB, failcnt 1957 [ 739.582868] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 739.589680] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 739.596592] Memory cgroup stats for /syz0: cache:144KB rss:287860KB rss_huge:258048KB shmem:28KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:60148KB active_anon:19112KB inactive_file:0KB active_file:0KB unevictable:208664KB [ 739.618910] Memory cgroup out of memory: Kill process 20747 (syz-executor0) score 1220 or sacrifice child [ 739.628911] Killed process 20797 (syz-executor0) total-vm:70732kB, anon-rss:18452kB, file-rss:52260kB, shmem-rss:0kB [ 739.641892] oom_reaper: reaped process 20797 (syz-executor0), now anon-rss:18452kB, file-rss:52252kB, shmem-rss:0kB 00:54:35 executing program 0: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000000)=0x102, 0x4) bind$inet(r0, &(0x7f0000942000)={0x2, 0x4e20, @multicast1}, 0x10) getsockopt$IP_VS_SO_GET_SERVICE(r0, 0x0, 0x483, &(0x7f0000000300), &(0x7f00000000c0)=0xfe18) r1 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000400)='/dev/vga_arbiter\x00', 0x3fc, 0x0) getsockopt$IP6T_SO_GET_REVISION_MATCH(r1, 0x29, 0x44, &(0x7f0000000180)={'NETMAP\x00'}, &(0x7f00000001c0)=0x1e) mlockall(0x1) clone(0x0, 0x0, 0xfffffffffffffffe, &(0x7f0000000080), 0xffffffffffffffff) r2 = open(&(0x7f0000000140)='./file0\x00', 0x0, 0x99) exit(0x7fffffffbffefffd) r3 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mlockall(0x3) ioctl$VHOST_SET_VRING_CALL(r1, 0x4008af21, &(0x7f0000000500)={0x3, r2}) r4 = getpgid(0xffffffffffffffff) setpriority(0x1, r4, 0x5) r5 = getpgrp(0x0) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000280)={0xffffffffffffffff, r1, 0x0, 0xf, &(0x7f0000000240)='wlan0\\}md5sum#\x00'}, 0x30) setpgid(r5, r6) vmsplice(r3, &(0x7f00000008c0)=[{&(0x7f0000000800)="50e005e6815dc6b00b10002c519c66795de0d52fc076f1eb6a9c58cde88a6eef0093b24a178e84740aa6d1618e2033d38d4aea0fb17cda768820a83864ac14405192e4549c3ad33fca5d187507c5a984d6a0c72683e7af2d4a070000000000000005b6d0dce139e4c627395426a1f6fc0b416f7163eb07000000d9e0203181735ccac1e530c361262a0a5e0a98e9ca3d17f2f2f0c116fa9fbdbe757d93e323d17f29", 0xa2}], 0x1, 0xf) ioctl$EVIOCGEFFECTS(r1, 0x80044584, &(0x7f0000000580)=""/190) mq_notify(r1, &(0x7f0000000540)={0x0, 0x1c, 0x7, @thr={&(0x7f0000000440)="4c272be7ad31b92a7819bd4438656080ec27849a76ffa174b3fe114201140a34e5e6cb4d6a3ab9bcdc80a2717dd8542f33caa13b8c9cb9f5d11d4c66dc81779917000c05979ce491010f7259d0ecdb80fb30d6cba6e2b753ac23635fbb3d879cc2982fb4bbe1afcea02f12d11d43e1337c25411ae04bd8efc06636c455e15689c75b95c24f0dbdd30bdf91f2313a3e39b263ff5196302f1880765440d8b1", 0x0}}) accept4$inet(0xffffffffffffffff, &(0x7f00000000c0), &(0x7f0000000100)=0x10, 0x0) setsockopt$sock_int(r0, 0x1, 0x3c, &(0x7f0000d4effc)=0x1, 0x4) remap_file_pages(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x4, 0xa1, 0x40001) connect$inet(r0, &(0x7f00000002c0)={0x2, 0x4e20, @local}, 0x10) ioctl$FS_IOC_FSSETXATTR(r2, 0x401c5820, &(0x7f0000000200)={0x6d, 0x7fff, 0x400, 0x40, 0x4}) sendmmsg(r0, &(0x7f00000010c0)=[{{&(0x7f0000000bc0)=@in6={0xa, 0x0, 0x2000000, @mcast1}, 0x80, &(0x7f0000000d40), 0x2fb, &(0x7f0000000d80)}}], 0x4000000000001b4, 0x40400d4) 00:54:35 executing program 5: add_key$user(&(0x7f0000000040)='user\x00', 0x0, &(0x7f0000000380), 0x0, 0xfffffffffffffffe) keyctl$update(0x2, 0x0, 0x0, 0x0) r0 = syz_open_dev$swradio(&(0x7f00000000c0)='/dev/swradio#\x00', 0xffffffffffffffff, 0x2) mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xfffffffffffffffd, 0x11, r0, 0x1e) ioctl$ASHMEM_GET_SIZE(0xffffffffffffffff, 0x7704, 0x0) 00:54:35 executing program 3: syz_open_dev$mice(0x0, 0x0, 0x0) r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000400)="2f6a7374617400c65381b47aaedf2af5c8af3423fc41891bd2a3c56d8c88e29bad43f1da906e855ff182de04227edcbbc2b1df8f180e158e8abd442cc049cffda030ff277875ee010000000000000000000000000000000000000000000000f532144d1671a6cdf5069e5bddcf25cd7f23956b4a82df900f5eb5763b4fe8cc7172962d2590b2dca2a1308c382541b053194d9027d83ee7ba2e3280857f8f9f63fc90bae959c6e67078bf97e615bfd9409914958aadcfb37973543c60d83526e5c267f7dfa54bd524cc9671dedd665199322bdadee125a35b40b7be0c07301f439a7edfa26fa98277c8078b02e2076291c33787c58b0eabbc39288fc10509409de108f5ca26a8c8e1afb70b2a9569cf8f4cdb6d4e97eb7fdf241dee160e6071618333cc0b0e8bc6a17a0b7d604550fd149ad078ffe54c6392fba29015a3ae73774cd12c9c0ed251a7cf843d712d", 0x2761, 0x0) ioctl$PIO_FONTX(r0, 0x4b6c, &(0x7f00000000c0)="f6f34d5f6fcccc7385f383e4f0c937806b50060c0013aa28a4c23be7256fc204454b30a3dbb698434d7b1f1615ba5be80ab69bba28968869e7b26e5fc048d6e8c95938cbcf5d306859b70365c68a76a7ca38a3964bbc85f208a008d15fcf7866a482bcad3feb1159c5a724e8a6d9992732cecd18796c4d1a37890b56af3a668444de8f128566ac62f68b37c29c62a9fc4cdbb5bf87bd05c81832454f8aba54f6acf8a118a7125df74b13c0d7799118c254980a99") openat$dlm_control(0xffffffffffffff9c, &(0x7f0000000580)='/dev/dlm-control\x00', 0x9413ff91e4eb031e, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)=ANY=[], &(0x7f00000001c0)='GPL\x00'}, 0x48) r1 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x2761, 0x0) write$UHID_CREATE2(r0, &(0x7f0000000200)=ANY=[@ANYBLOB="0b00000073797a300000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000090000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073797a3000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073797a31000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000bc000800050000000700000000000000fbffffff5df3536c7692aea5625fa88c27295d582aac14a4e30e2fa686b84d42bb8aba35940e4b6811d42314558694e98fc16a449b550b8c34bf66e177875244fb0f4ee4aaf1f91ebbbe842e2eddab1b72d51684a1b51f666db4110ae9f6bb28269b1841d1ae5e3b406aee15f642dae54a2fe657346b58cd19aac87e041d3be1df599e25524155aa682c490d277063dad203fc2ac910f47516c0537895cc0bf45db7f7a4ac0d600fd08194bacc3d320f516e6e89d8ba1d66316e2f77980484d6"], 0x1d4) syz_open_dev$sndtimer(&(0x7f0000000080)='/dev/snd/timer\x00', 0x0, 0x200) ioctl$PERF_EVENT_IOC_PERIOD(r1, 0x4030582a, &(0x7f0000000000)) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000840), 0x0, &(0x7f0000000700)}, 0x0) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x4030582a, &(0x7f0000000000)) 00:54:35 executing program 4: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000280)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000480)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) read$FUSE(r0, &(0x7f0000003000), 0x4ea) write$FUSE_INIT(r0, &(0x7f0000000600)={0x50, 0xa0008000, 0x2, {0x7, 0x1c, 0x0, 0x0, 0x7ff}}, 0x50) 00:54:35 executing program 1: r0 = add_key$user(0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe) keyctl$update(0x2, r0, &(0x7f0000000440), 0x0) r1 = syz_open_dev$swradio(&(0x7f00000000c0)='/dev/swradio#\x00', 0xffffffffffffffff, 0x2) mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xfffffffffffffffd, 0x11, r1, 0xffffffffa0008000) 00:54:35 executing program 2: r0 = add_key$user(&(0x7f0000000040)='user\x00', &(0x7f0000000000)={'syz'}, &(0x7f0000000380)='X', 0x1, 0xfffffffffffffffe) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getsockopt$IP_VS_SO_GET_VERSION(0xffffffffffffffff, 0x0, 0x480, 0x0, 0x0) keyctl$update(0x2, r0, &(0x7f0000000440)="c0ca1cdbaa1aedbbed80dddaa28e15b9449e2e82cca4244c40ffd0fd4e6631c7d3d86e1339de17344340b02dd527f2d8b3ae6c1db3594e657da33c3ec668f143974a65753472df5319a6b83e1e86b8f2666c61a2e700d1c1e0ae1fc52494bd4885a5c64e9007d39fa11313805290dd6342f9775f01a02ec88f6bee22f25a377a9b143abba1264586d2779088006d5f9be82b00f10287031623f73470264cc5897f18f357aad6deb3883da88ae2266664933785a3ce72bb224a441437ea93c21782d4501b9dfbf48a9f3ea14cb792a7876f17297a8c870d7a2d46a36a2cd3e33e21894d91caa64b131dbf5c53066c1ac83ceba29ceab25127e8", 0xf9) r1 = syz_open_dev$swradio(&(0x7f00000000c0)='/dev/swradio#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f0000000340)={0x0, 0x9, 0x1, {0xb, @pix={0x0, 0x1f}}}) clone(0x0, &(0x7f0000000080), &(0x7f0000000000), &(0x7f0000915ffc), &(0x7f0000000180)) ioctl$ASHMEM_GET_SIZE(0xffffffffffffffff, 0x7704, 0x0) add_key$user(&(0x7f0000000240)='user\x00', &(0x7f0000000540)={'syz'}, &(0x7f0000000600)="63bbdf5b932bb04481028798fd5fb1bf7183b30984e21c3eb3094d70650ee8624e2bdce1427bd61c8e222dbd67d402b7ccaf0c5dc50030ee14d419fa9c84b0ffd1019f1b2ae022a0f182301f9942566e6f61eabe384c732d0813a18bb3dc9f3a678d9d44e6293e786ab2e6d28f236c138d63fe4f6ece6f3d04", 0x79, 0xfffffffffffffffd) openat$autofs(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/autofs\x00', 0x401, 0x0) 00:54:35 executing program 1: r0 = add_key$user(0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe) keyctl$update(0x2, r0, &(0x7f0000000440), 0x0) r1 = syz_open_dev$swradio(&(0x7f00000000c0)='/dev/swradio#\x00', 0xffffffffffffffff, 0x2) mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xfffffffffffffffd, 0x11, r1, 0x80000000000000) 00:54:35 executing program 5: add_key$user(&(0x7f0000000040)='user\x00', 0x0, &(0x7f0000000380), 0x0, 0xfffffffffffffffe) keyctl$update(0x2, 0x0, 0x0, 0x0) r0 = syz_open_dev$swradio(&(0x7f00000000c0)='/dev/swradio#\x00', 0xffffffffffffffff, 0x2) mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xfffffffffffffffd, 0x11, r0, 0x1f00000000000000) ioctl$ASHMEM_GET_SIZE(0xffffffffffffffff, 0x7704, 0x0) 00:54:35 executing program 4: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000280)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000480)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) read$FUSE(r0, &(0x7f0000003000), 0x4ea) write$FUSE_INIT(r0, &(0x7f0000000600)={0x50, 0xc000000, 0x2, {0x7, 0x1c, 0x0, 0x0, 0x7ff}}, 0x50) 00:54:35 executing program 2: r0 = add_key$user(&(0x7f0000000040)='user\x00', &(0x7f0000000000)={'syz'}, &(0x7f0000000380)='X', 0x1, 0xfffffffffffffffe) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getsockopt$IP_VS_SO_GET_VERSION(0xffffffffffffffff, 0x0, 0x480, 0x0, 0x0) keyctl$update(0x2, r0, &(0x7f0000000440)="c0ca1cdbaa1aedbbed80dddaa28e15b9449e2e82cca4244c40ffd0fd4e6631c7d3d86e1339de17344340b02dd527f2d8b3ae6c1db3594e657da33c3ec668f143974a65753472df5319a6b83e1e86b8f2666c61a2e700d1c1e0ae1fc52494bd4885a5c64e9007d39fa11313805290dd6342f9775f01a02ec88f6bee22f25a377a9b143abba1264586d2779088006d5f9be82b00f10287031623f73470264cc5897f18f357aad6deb3883da88ae2266664933785a3ce72bb224a441437ea93c21782d4501b9dfbf48a9f3ea14cb792a7876f17297a8c870d7a2d46a36a2cd3e33e21894d91caa64b131dbf5c53066c1ac83ceba29ceab25127e8", 0xf9) ioctl$VIDIOC_CREATE_BUFS(0xffffffffffffffff, 0xc100565c, &(0x7f0000000340)={0x0, 0x9, 0x1, {0xb, @pix={0x0, 0x1f}}}) mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xfffffffffffffffd, 0x11, 0xffffffffffffffff, 0x0) clone(0x0, &(0x7f0000000080), &(0x7f0000000000), &(0x7f0000915ffc), &(0x7f0000000180)) ioctl$ASHMEM_GET_SIZE(0xffffffffffffffff, 0x7704, 0x0) add_key$user(&(0x7f0000000240)='user\x00', &(0x7f0000000540)={'syz'}, &(0x7f0000000600)="63bbdf5b932bb04481028798fd5fb1bf7183b30984e21c3eb3094d70650ee8624e2bdce1427bd61c8e222dbd67d402b7ccaf0c5dc50030ee14d419fa9c84b0ffd1019f1b2ae022a0f182301f9942566e6f61eabe384c732d0813a18bb3dc9f3a678d9d44e6293e786ab2e6d28f236c138d63fe4f6ece6f3d04", 0x79, 0xfffffffffffffffd) openat$autofs(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/autofs\x00', 0x401, 0x0) 00:54:35 executing program 1: r0 = add_key$user(0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe) keyctl$update(0x2, r0, &(0x7f0000000440), 0x0) r1 = syz_open_dev$swradio(&(0x7f00000000c0)='/dev/swradio#\x00', 0xffffffffffffffff, 0x2) mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xfffffffffffffffd, 0x11, r1, 0x1e00) 00:54:35 executing program 3: r0 = syz_open_dev$mice(0x0, 0x0, 0x0) ioctl$SG_SET_KEEP_ORPHAN(r0, 0x2287, &(0x7f0000000100)=0x4) r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000400)="2f6a7374617400c65381b47aaedf2af5c8af3423fc41891bd2a3c56d8c88e29bad43f1da906e855ff182de04227edcbbc2b1df8f180e158e8abd442cc049cffda030ff277875ee010000000000000000000000000000000000000000000000f532144d1671a6cdf5069e5bddcf25cd7f23956b4a82df900f5eb5763b4fe8cc7172962d2590b2dca2a1308c382541b053194d9027d83ee7ba2e3280857f8f9f63fc90bae959c6e67078bf97e615bfd9409914958aadcfb37973543c60d83526e5c267f7dfa54bd524cc9671dedd665199322bdadee125a35b40b7be0c07301f439a7edfa26fa98277c8078b02e2076291c33787c58b0eabbc39288fc10509409de108f5ca26a8c8e1afb70b2a9569cf8f4cdb6d4e97eb7fdf241dee160e6071618333cc0b0e8bc6a17a0b7d604550fd149ad078ffe54c6392fba29015a3ae73774cd12c9c0ed251a7cf843d712d", 0x2761, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x0, 0xb6, &(0x7f0000000200)=ANY=[@ANYRES32=r1, @ANYRESHEX=r1, @ANYRESHEX=r0, @ANYRESOCT=r1, @ANYRES32=r1, @ANYBLOB="5e0324faf46b457022cf8afe3512765b", @ANYRESHEX=r0, @ANYRES16=r1], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1}, 0x48) r2 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x2761, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x4030582a, &(0x7f0000000000)) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000840), 0x0, &(0x7f0000000700), 0x0, 0x4}, 0x48015) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mq_notify(r1, &(0x7f00000000c0)={0x0, 0x33, 0x7, @thr={&(0x7f0000000080)="e530c429616864c068359136eac63abf", &(0x7f0000000580)="b71a9beacd6708e428bfa1b0cc769afffc2b08bae7805cc672e4c5005b804da5bef79bf27609398409a6b3a1ab7618c48b3f4f4771fe8f2c2954017fd06a4a2e22c8748604d88cdfa9ce01182ff5adb659ff3cafc741832e2e27e4c0af4b46694903a6dc16f384f1722df3d38c53e3616fb1078d0a7c813b77d4ffc052d268d15ed52365cad00cf69f3b298536e131c409491d4c81bb7a812069a80bc216df0c4437846cf7df6d5b21569686ad8060b50f53d8393821709df1955a6e66bac76361a0ff28261313f7220cce5acb9b22ca9128cbe2800757262b926d2f56d18da0c34a8ec7bd8ea8a66ea3c66ff3ea6bf549e0862a4b5ad3bf84dc438921088addd18a7039e6552302cf68fa18a92eb3cf72d480cc58fcdfa1e8ac957382ec631d43afd0f2aaad5d7ed87dedca35781b60fd61ab92e6c368a851d51938952f5a098ec2c0bb98780b903fd37ca5410b52709ee5cdbad2347c679641114e934f0bc371b5e7476662fcabc4b690cc721eaa06b120ec70354fbf534fa2964c8b8fb9aaece558d1c6ae12cdf8fdc608615ba4c8a1d73bc8e7867d4be1b194ef2d5bcad79ea2714f1b4ed3f3ee6d84df94ce6c8f46aabbc94b86f1f3c1cdb88d12e442fd18b94f2514ede1f75af75d72a1ab0a521eb597ac20c72cba0a7f04196e8b739c5ba9ea207b8aa06e8a3c45352ab724ca067483ea07ead35321827c2f4b07449f6715649690ff55adf1cba7e60fb3bacca1b9469637e73556ebdf04afe23f5483cd3baac0a57a0a362d37a9c8dad06e5802a23f158e28ac9c69756cdb0b61b1067012ebb2ed107c39f87c40291ec5f3846af7278024ce09417b060e3ccf37c3098a3acf9a21db18a42737f2ddc52d4f08ee796fcec7c3296f8f8ab6eb4dc0c369fd4d1363796fd4c8f9024441c2a35445e93b2dcad055da3b21f97c9673ab8ac691165e3fa17366261ae3c9c4e5db1123d6db5239919e7d021bd32d332ada37b693ed87d2bccf786320b4a144e1f646b2af1f475aa1952958cb5ab8b044097d6827421a617c2dbdcbf633053bfa9f507ce678f66cdbf60cc0d83248074c0ac468018be07ac97445f4a9b80829afabbd54f23f4f9cb8009c47424b3a0da1d7171c6da1e26caa4bde5863b93ad04a050ae5ab991e2ac7fda036c99b670099677132a29169fda436ce1a402fe460c57657fbe7f73d360cc1cf01153c066131a9a3c40fdb300ed647d0d8a9751eb76b820635dd0a072897017c0151bcaa75ca284b92b7be6c1a7c244102ec7d54ec646821c1caa8dff926e218259e123bd9701dade208aaf6c642dbe61a0f9e9ebda1c61b29ac5ed130741ddbfc682b315d14f09e82d8be22b89b8d4941b8ab9fa051d5e1e9d6805dbd217c22c806b7012cd49aa0329807f10d08b36221569163190be8d21f3f620a02e8fa799f7c8b233397c476ef1e57c811bbafeafa2e5c11ddd6b8990b13bd542b01bb6707c262451b0ef2a9d50d4264638a9af7f73f9fbedbb8ac2935d1044d0333d605e9d867d3a85cbda1668e96b99ab4676b2a730ed091b8bd3278a6267b70e7778af09cbc5f2f680a16be114b8ecd36626fc0cdbc221515ec75447e557268f60b9ebbb8ae2501f7bf06d47188caaca3a237aa39fb85854539804d34f7d4fa4229c1aa7759585f4e166f92d3b65bcd09a31b10a2df3c599e64a217da2f2a1a944c1c61201edb6ef565cfa5637cf9f30c8dc102335b09f68a63f98dfc488dea7bc5fdd9cc6f97ec61143fde36e9e3d62df5441bca4af8c4d028df8a6dc5d2c263e2ef841ad228d6c596af64369ea2ab764e219382464f080fa9e84dca70905ab038b105cd5c8f3cb70d6e2df89b8f11fa791f88bc64a7271154a558f5549c06f9b3f2c252f75002e436145177eb66ca30f1a1fc1cdda3ce48ad3a87df85029590c028445cbb161c9b7c26340387a044e52d6c34a9a5e60fdb255e08fe60e746cdd3aab10c07cac4ed2c08e3e561c11cb3d5640175f37e700602a4b26e8fb292a944d90145a0fb1eecb76b23df9ef47831114302da5cb91ed6a511568910ed678fd9a4314da8416e024128b2f30a3e01626525c6d73ed646f0fc9aadb06aa490f4898e13bfded0d31fd6f6b14b69620a0ebdc7e957205bfc5582d60a8716e20ab8461ae32e052369e27d0ae834648b149d49fdfe23b990ca9de0bf5bc207ce17c8514a8abfb4a364f9ad2bc00ced292ce8f97a69b06cfde11299f744ad5659b18d1d41253fbd907bc1b2863d60e762a4b95cd44854b6115cebb75654b381ee4ec4a9911e8740113a93bf9c58dfa897be447abb57a06e98ecd535873af158b3a1004d342e97efc0f40284fb6c4b63c471e1c4cae951cae282701762dae83264f5f2b8be3c69489cdb2ea8683348272967fa156e4c0f1532b3dc1e2f12495a0fdcefbc01e0bf398c2128ec6423a117dd23cafe9a72ee6fbe565b7886a7076673350d0020de74fc3fcd05f6d00b357b1748322c33c80e4464160c9f242ba82063a533d0673e42b07fa912c414a9c0e2e3ebadd456bdc26b5fc2cd8595e4185f7e2061baab1d1cfe27852f6c8622d7bbfadba58a537ee5c8ab2ec7f23a28099ad7a5f1e5d346d848595ef652772d2e902d86a6d2390c6f388261a3a13df40332a9c587a9e0ef1b7c8dd6f29b1b8cf2562d649ce63d1464d74820e37b0c67c9700347f7f57f88b330ab50fa446280d5806aae1b1fd5f0923e16d249a7ddf1c0e769bd25d3871de0a2cdc7b98568d9c64efd94e794b5db1a0c17e488683048b84bbdb927225acb082632ce3002533399ea9ff5095cf0aa86a549674787f56383895eabf674b0a679b834ab83645b6b08c882260a710296d1f36d46cfa9a93e9be80ec18c0c2d78680a6350cd78c203c99d9895b677d2429bfbce564f241b9dbaae4973c55205a46503da6204f63789ef5661e1858680825bf2451882c91a378d7c4cef64349e135cb69cca04bea486916ba4e662b8ce2a673444aee1cc5cfe44109ae6ccc1b6671293a165dfae8972588f47460f84a704a9ab462ab7b1f6de94c16ef6b5e670fdc8073b41cd0f3c1955f39ceb41715e30f5b011bee9f1880fd62e32f8cb5d4515ae23b9d884d0e43dd8238c2319fa1cdbd3f1feb97e0fd91c5bb49cc13e78b23c1b2b47aaa325c110f050090133e279fa3aa0130704b73d448b4c8c9f423e8a8899479a4bec43f340c648fb3f70c15d02715b3ba5c3e53e449e6cbe75dfc8ad6bdf6dce9bee38ddf166c44f08d7fb583d8d9bbd3f6ffd8a0c5ed97a8851b758917c271df742b347bdb598d114715fc4f413235a35da8a9e3eef628b6ee1a664f47f9bc04a0f52d550b3a5c47f1b97fcac57c1cca86929e94ca6f510d8b6caf710dae7dd5772f6761de028fc48ba237f79d372556fea7593a2d2d6afa801baa1c402d13175973ed4ce998f9c1381096456c573350334083845b32c988ed114b837784e0f0810611fb7a004b4d8cb046ab54d31855d79c2c4e77082e813ccfaea385760c8f0549a9ccc72891838a87c8d1613634b2a25b08c8b80f39700f6b36b2d2be6f00d4b663812c5f5faa7bf182e1dc6af1ae3f2ca34b42730052113f7de3ea43e22f52a2bbf04929b01a50994a4c777f65256031f80963d247e772b31c66063c069ed42c23024f6fdce83e44262df37c58e657f3717cb461343c88822053eac48cfdd9a36f6a607728996dfe43d35e7ece190f4b8917038c167518b490f64b6ba119a202c2db2ea3f8ac64f890c920ca93d2d7b8d9430cb2a9bc19ac0c7e47dadd45a6622fe83f833b8352e813cfdb748eab43fb175614be67e01471f1cc10c623d3ac1d88fc9b15812fa469f3f1f6bbdfcf0d46d6063c73aea819a816c7c48ef96640b03341c76b7c9f79874fe93e39e8a7fa24b78318ee07fcd1f1879551e4fa5193a61c9e17e1cdfd87255e360dd3da5daffd4760f41f7eec605042edd4080889fb4d7070dd7b3531e1b2fd2b230a2f8a10404471ab82e5d3f1ebcd0bff2bfa0f57bc52f71e64725b25aa52c010177c86ea57f07bb71829c11c16fcafb26d1117ba87277dd134253b489e6247699e8ed92c3d97b9413c5e7685e8c4f1ca3b587d0c9d1aaf83488c93f4ce4869d0074fa8197ab398b8c64c7dc7ea81a88ba2aa17fe1c24a49c99d3f0d205fb4db08d7e3afe40460eee684a19adb9376bc987892f9071402290710659a9843cc7482d90aa764aa2536bfc130c9c43eb0190749146fe64a8b418cc483a4a419fb3fef9e5f80da9ea606f32660cab23a380164151321bd761a12c02af401d7846e3fc95453d92272a77d0e17abb0ed2b8d5caeed45b53b1e8b1613f6d0b9ca6fb97c0ec6dd026178bf7890c0c7201805672a12f8934c3ba1d0baa3d16705bbabd2e4233eeac6a60850af657d481c65c5d257e8f28413d4dd92ccb16b2a5c2af08c91ab41b50345dd279f0e186466ab6825c9b5bcdd17be82dd0d30146bf0fc0354c713f60c8bf04a67e71cb3fff5701344ea5e6a623c44c7cf30885be8ac1ee087524e498f20b7f88e915d0d65c82f269d6123d7b57de6daab68606f1a807e18c95da87a0887b298843aea6e61f1e3a8a8832f94742bd4915d0f754a888052d1d1bdc344768ffc7a7b566b27861d656cfe78edc3f8c5a2d9219e39ab5b8f4bee38f0494fc953d333d865f83f2c3b20f4457ba1078f14b1b13c58d62112f1502c4bf81aaadd1a239c825351fd776b3a36ec026ba52ae9069594362f59b8609416994bc89d783598b4d25f9b239f861e3501f134c857242870eacfcc4555ba724926b0958dcc84e84becd3c49f322f6058cecd1133e069db4debfe5362377f967d1a556cad5ee21c069c963c8e5489accdc24786b4eb88511fbb4d2e4265599a9d15456226d808bc4b8340b3256caa1be9dcae245fc438932fd6a1d4b0c1efae549d3749116a7957616fbe2e47d7790dcd356d13304bd1585c91b9c2b4adaed56a46a8f829160cd70d1cea743d2607296d5a8be764c4585247c444f4ab34a77d1a470650d173ddc903c70823da453722c2aad068db48d067d55ddf765ed9c57fed68c855acaff3bfd6e8fc1a07ead730014652412e19c464aedd0e18d4a21c853676dba0cb260587ac9b875c90236a9bcd18fe61dcbe36abb2c692898f24760a8d74ca4587a27997cfedf8e778f543e5ffa5d49dda4308a2746200c99458fc9f1ad4dd93ef3541e29ac67bbe1b824f85fea82d4efffa9a83edc04068a39310347fb2e685707a9191a1cf21cb765ecb1f6cf5fd37e639ade64e1834acdd81969aa87a88efda630a15bacee4ba38166c58d41d53f4272828fb346f9fd39938d37c6194486320bb3b1bc044ae6cc2a91ec11a55a4125a665ad3a73da4455cea45e7b0bfa8d476847c50e0d921515a7364cd1b7c6bde064f5ab7746c28773d5ac34fec1f534b7162fb69ec10474ed84fbd6d2870975dc9d883841de65e46a3873ca801be0996b8be163fdf0548369ef2088883ae649f9991c9dea94ad433b71f6f59d3be614d2b2f916a8418bed1b6cb456a500815d2d49c532bd428c41af969466f30f7bf7f7bf466a425c8b3fe410093338b1c4082bed83bd676d0f5d5767b16661e4a70cac735924e564c5c630729b2453570e6aedd95a2017b719c662131d014451c8a8a046a22f8d322ddd4de0de1ee69758cbcd0443e5801b82246f1b8acea722a89005209452e98cbab2d2723e5a13fa91bfc4fa80c5bd70e73f1d21b43bbd660b7caeb6322a657e7f0c9b106052ec45fe30799ae17ab2782ae"}}) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) write$binfmt_aout(r3, &(0x7f00000024c0)=ANY=[@ANYPTR=&(0x7f0000002440)=ANY=[]], 0x8) setsockopt$sock_int(r4, 0x1, 0x2a, &(0x7f0000000000)=0x2020000, 0x4) recvmsg(r4, &(0x7f0000005f40)={&(0x7f0000005d00)=@can, 0x80, &(0x7f0000005e40), 0x0, &(0x7f0000005e80)=""/138, 0x8a}, 0x2) recvmmsg(r4, &(0x7f0000002100)=[{{&(0x7f00000000c0)=@pppol2tp={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @dev}}}, 0x80, &(0x7f0000001400)=[{&(0x7f0000000040)=""/46, 0x2e}], 0x1, &(0x7f0000001480)=""/241, 0xf1}}], 0x1, 0x0, &(0x7f00000021c0)={0x77359400}) shutdown(r3, 0x1) ioctl$PERF_EVENT_IOC_PERIOD(r1, 0x4030582a, &(0x7f0000000000)) [ 740.980694] syz-executor0 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=1000 [ 740.992322] syz-executor0 cpuset=syz0 mems_allowed=0 [ 740.997590] CPU: 1 PID: 20836 Comm: syz-executor0 Not tainted 4.20.0-rc1-next-20181109+ #110 [ 741.006156] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 741.015496] Call Trace: [ 741.018076] dump_stack+0x244/0x39d [ 741.021693] ? dump_stack_print_info.cold.1+0x20/0x20 [ 741.026868] ? mark_held_locks+0x130/0x130 [ 741.031103] ? mark_held_locks+0x130/0x130 [ 741.035337] dump_header+0x27b/0xf72 [ 741.039043] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 741.044567] ? pagefault_out_of_memory+0x197/0x197 [ 741.049482] ? print_usage_bug+0xc0/0xc0 [ 741.053541] ? debug_smp_processor_id+0x1c/0x20 [ 741.058197] ? perf_trace_lock_acquire+0x15b/0x800 [ 741.063123] ? perf_trace_lock+0x7a0/0x7a0 [ 741.067342] ? print_usage_bug+0xc0/0xc0 [ 741.071393] ? mark_held_locks+0xc7/0x130 [ 741.075546] ? print_usage_bug+0xc0/0xc0 [ 741.079595] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 741.084347] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 741.088916] ? retint_kernel+0x2d/0x2d [ 741.092790] ? trace_hardirqs_on_caller+0xc0/0x310 [ 741.097712] ? mark_held_locks+0xc7/0x130 [ 741.101874] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 741.106621] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 741.111206] ? retint_kernel+0x2d/0x2d [ 741.115107] ? trace_hardirqs_on_caller+0xc0/0x310 [ 741.120031] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 741.124791] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 741.130230] ? retint_kernel+0x2d/0x2d [ 741.134112] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 741.138857] ? retint_kernel+0x2d/0x2d [ 741.142743] ? oom_kill_process+0x254/0x270 [ 741.147050] ? write_comp_data+0xd/0x70 [ 741.151023] oom_kill_process.cold.27+0x10/0x903 [ 741.155763] ? _raw_spin_unlock_irq+0x27/0x80 [ 741.160246] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 741.164817] ? oom_evaluate_task+0x540/0x540 [ 741.169222] ? cgroup_procs_next+0x70/0x70 [ 741.173459] ? _raw_spin_unlock_irq+0x60/0x80 [ 741.177938] ? oom_badness+0xaa0/0xaa0 [ 741.181814] ? mem_cgroup_scan_tasks+0x1c3/0x1e0 [ 741.186558] ? mem_cgroup_iter_break+0x30/0x30 [ 741.191156] ? out_of_memory+0x195/0x1430 [ 741.195315] out_of_memory+0xa7f/0x1430 [ 741.199277] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 741.203861] ? kasan_check_read+0x11/0x20 [ 741.208012] ? oom_killer_disable+0x3a0/0x3a0 [ 741.212503] mem_cgroup_out_of_memory+0x15e/0x210 [ 741.217340] ? memory_oom_group_write+0x160/0x160 [ 741.222181] ? mem_cgroup_try_charge+0x627/0xe20 [ 741.226949] ? page_counter_try_charge+0x1c1/0x220 [ 741.231863] try_charge+0xdcd/0x1720 [ 741.235563] ? kasan_check_read+0x11/0x20 [ 741.239704] ? mem_cgroup_from_task+0x1f0/0x1f0 [ 741.244390] ? get_mem_cgroup_from_mm.part.62+0x221/0x880 [ 741.249914] ? lock_page_memcg+0x350/0x350 [ 741.254137] ? lock_acquire+0x1ed/0x520 [ 741.258101] ? mem_cgroup_oom_control_write+0x100/0x100 [ 741.263450] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 741.268973] ? check_preemption_disabled+0x48/0x280 [ 741.273980] ? kasan_check_read+0x11/0x20 [ 741.278127] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 741.283390] ? rcu_softirq_qs+0x20/0x20 [ 741.287357] mem_cgroup_try_charge+0x627/0xe20 [ 741.291929] ? mark_held_locks+0xc7/0x130 [ 741.296072] ? mem_cgroup_protected+0xa60/0xa60 [ 741.300734] ? retint_kernel+0x2d/0x2d [ 741.304607] ? trace_hardirqs_on_caller+0xc0/0x310 [ 741.309530] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 741.314271] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 741.319730] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 741.324491] ? retint_kernel+0x2d/0x2d [ 741.328380] mem_cgroup_try_charge_delay+0x1d/0xa0 [ 741.333301] wp_page_copy+0x51d/0x24f0 [ 741.337183] ? follow_pfn+0x2e0/0x2e0 [ 741.340972] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 741.346640] ? reuse_swap_page+0x4bd/0x1520 [ 741.350958] ? swp_swapcount+0x530/0x530 [ 741.355027] ? perf_trace_mm_lru_insertion+0x1490/0x1490 [ 741.360463] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 741.365205] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 741.370641] ? print_usage_bug+0xc0/0xc0 [ 741.374690] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 741.379437] ? graph_lock+0x270/0x270 [ 741.383227] ? __lock_acquire+0x62f/0x4c20 [ 741.387462] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 741.392218] ? find_held_lock+0x36/0x1c0 [ 741.396287] ? do_wp_page+0x518/0x2920 [ 741.400168] ? lock_downgrade+0x900/0x900 [ 741.404302] ? wake_up_page_bit+0x6f0/0x6f0 [ 741.408615] ? kasan_check_read+0x11/0x20 [ 741.412753] ? do_raw_spin_unlock+0xa7/0x330 [ 741.417164] ? do_raw_spin_trylock+0x270/0x270 [ 741.421751] ? __pte_alloc_kernel+0x220/0x220 [ 741.426232] ? perf_trace_lock_acquire+0x15b/0x800 [ 741.431150] do_wp_page+0x520/0x2920 [ 741.434850] ? check_preemption_disabled+0x48/0x280 [ 741.439855] ? finish_mkwrite_fault+0x650/0x650 [ 741.444520] ? mark_held_locks+0xc7/0x130 [ 741.448656] ? perf_trace_lock+0x7a0/0x7a0 [ 741.452879] ? trace_hardirqs_on_caller+0xc0/0x310 [ 741.457809] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 741.463347] ? __lock_acquire+0x62f/0x4c20 [ 741.467582] ? mark_held_locks+0x130/0x130 [ 741.471806] ? follow_page_pte+0xdd7/0x1ab0 [ 741.476115] ? lock_downgrade+0x900/0x900 [ 741.480264] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 741.485814] ? check_preemption_disabled+0x48/0x280 [ 741.491095] ? debug_smp_processor_id+0x1c/0x20 [ 741.495768] ? perf_trace_lock_acquire+0x15b/0x800 [ 741.500710] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 741.506243] ? follow_page_pte+0x4f9/0x1ab0 [ 741.510556] ? print_usage_bug+0xc0/0xc0 [ 741.514611] ? undo_dev_pagemap+0x680/0x680 [ 741.518921] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 741.523674] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 741.528258] ? retint_kernel+0x2d/0x2d [ 741.532139] ? trace_hardirqs_on_caller+0xc0/0x310 [ 741.537078] ? __lock_acquire+0x62f/0x4c20 [ 741.541316] ? lock_acquire+0x1ed/0x520 [ 741.545279] ? __handle_mm_fault+0x1fa9/0x5be0 [ 741.549855] ? kasan_check_write+0x14/0x20 [ 741.554075] ? do_raw_spin_lock+0x14f/0x350 [ 741.558379] ? retint_kernel+0x2d/0x2d [ 741.562251] ? rwlock_bug.part.2+0x90/0x90 [ 741.566472] ? __handle_mm_fault+0x826/0x5be0 [ 741.570965] __handle_mm_fault+0x3be9/0x5be0 [ 741.575401] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 741.580323] ? perf_trace_lock+0x7a0/0x7a0 [ 741.584554] ? retint_kernel+0x2d/0x2d [ 741.588437] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 741.593960] ? pmd_huge+0xf4/0x140 [ 741.597505] ? graph_lock+0x270/0x270 [ 741.601290] ? graph_lock+0x270/0x270 [ 741.605085] ? find_held_lock+0x36/0x1c0 [ 741.609142] ? handle_mm_fault+0x42a/0xc70 [ 741.613364] ? lock_downgrade+0x900/0x900 [ 741.617506] ? check_preemption_disabled+0x48/0x280 [ 741.622517] ? kasan_check_read+0x11/0x20 [ 741.626651] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 741.631916] ? rcu_read_unlock_special+0x370/0x370 [ 741.636835] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 741.642359] ? check_preemption_disabled+0x48/0x280 [ 741.647366] handle_mm_fault+0x54f/0xc70 [ 741.651416] ? __handle_mm_fault+0x5be0/0x5be0 [ 741.655989] ? __get_user_pages+0x9c6/0x1ed0 [ 741.660396] __get_user_pages+0xa3d/0x1ed0 [ 741.664717] ? follow_page_mask+0x2160/0x2160 [ 741.669558] ? mark_held_locks+0xc7/0x130 [ 741.673709] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 741.678457] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 741.683038] ? retint_kernel+0x2d/0x2d [ 741.686911] ? trace_hardirqs_on_caller+0xc0/0x310 [ 741.691831] ? mark_held_locks+0xc7/0x130 [ 741.695968] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 741.700714] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 741.705287] ? retint_kernel+0x2d/0x2d [ 741.709161] ? trace_hardirqs_on_caller+0xc0/0x310 [ 741.714077] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 741.718826] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 741.724275] ? retint_kernel+0x2d/0x2d [ 741.728157] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 741.732906] populate_vma_page_range+0x2db/0x3d0 [ 741.737655] ? follow_page+0x420/0x420 [ 741.741537] __mm_populate+0x286/0x4d0 [ 741.745427] ? populate_vma_page_range+0x3d0/0x3d0 [ 741.750369] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 741.755895] ? ns_capable_common+0x13f/0x170 [ 741.760299] __x64_sys_mlockall+0x45b/0x630 [ 741.764607] ? __ia32_sys_munlock+0x160/0x160 [ 741.769087] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 741.774619] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 741.779977] ? trace_hardirqs_off_caller+0x300/0x300 [ 741.785079] do_syscall_64+0x1b9/0x820 [ 741.788958] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 741.794311] ? syscall_return_slowpath+0x5e0/0x5e0 [ 741.799224] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 741.804054] ? trace_hardirqs_on_caller+0x310/0x310 [ 741.809074] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 741.814081] ? prepare_exit_to_usermode+0x291/0x3b0 [ 741.819086] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 741.823925] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 741.829099] RIP: 0033:0x457569 [ 741.832278] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 741.851163] RSP: 002b:00007f835d885c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097 [ 741.858856] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 0000000000457569 [ 741.866112] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 741.873366] RBP: 000000000072bfa0 R08: 0000000000000000 R09: 0000000000000000 [ 741.880625] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f835d8866d4 [ 741.887877] R13: 00000000004c2b54 R14: 00000000004d4810 R15: 00000000ffffffff [ 741.907092] Task in /syz0 killed as a result of limit of /syz0 [ 741.914003] memory: usage 307188kB, limit 307200kB, failcnt 1985 [ 741.920183] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 741.927118] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 741.933354] Memory cgroup stats for /syz0: cache:144KB rss:297440KB rss_huge:268288KB shmem:28KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:61576KB active_anon:17080KB inactive_file:0KB active_file:0KB unevictable:218932KB [ 741.955682] Memory cgroup out of memory: Kill process 20805 (syz-executor0) score 1216 or sacrifice child [ 741.966320] Killed process 20837 (syz-executor0) total-vm:70468kB, anon-rss:18068kB, file-rss:32896kB, shmem-rss:0kB [ 741.982760] oom_reaper: reaped process 20837 (syz-executor0), now anon-rss:0kB, file-rss:32768kB, shmem-rss:0kB [ 742.969507] syz-executor0 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=1000 [ 742.980906] syz-executor0 cpuset=syz0 mems_allowed=0 [ 742.986146] CPU: 0 PID: 20853 Comm: syz-executor0 Not tainted 4.20.0-rc1-next-20181109+ #110 [ 742.994709] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 743.004058] Call Trace: [ 743.006640] dump_stack+0x244/0x39d [ 743.010257] ? dump_stack_print_info.cold.1+0x20/0x20 [ 743.015560] ? mark_held_locks+0x130/0x130 [ 743.019824] ? mark_held_locks+0x130/0x130 [ 743.024064] dump_header+0x27b/0xf72 [ 743.027781] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 743.033358] ? pagefault_out_of_memory+0x197/0x197 [ 743.038283] ? debug_smp_processor_id+0x1c/0x20 [ 743.042953] ? perf_trace_lock_acquire+0x15b/0x800 [ 743.047882] ? perf_trace_lock+0x7a0/0x7a0 [ 743.052115] ? mark_held_locks+0xc7/0x130 [ 743.056252] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 743.060999] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 743.065687] ? retint_kernel+0x2d/0x2d [ 743.069562] ? trace_hardirqs_on_caller+0xc0/0x310 [ 743.074478] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 743.079220] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 743.084658] ? find_held_lock+0x36/0x1c0 [ 743.088715] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 743.093466] ? retint_kernel+0x2d/0x2d [ 743.097350] ? preempt_count_sub+0xcf/0x150 [ 743.101701] ? _raw_spin_unlock_irqrestore+0x6d/0xd0 [ 743.106834] ? ___ratelimit+0x3b9/0x672 [ 743.110805] ? idr_get_free+0xf70/0xf70 [ 743.114886] ? _raw_spin_unlock_irq+0x27/0x80 [ 743.119374] ? _raw_spin_unlock_irq+0x27/0x80 [ 743.123865] oom_kill_process.cold.27+0x10/0x903 [ 743.128613] ? mark_held_locks+0xc7/0x130 [ 743.132770] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 743.137517] ? oom_evaluate_task+0x540/0x540 [ 743.141914] ? trace_hardirqs_on_caller+0xc0/0x310 [ 743.146833] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 743.151578] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 743.157018] ? _raw_spin_unlock_irq+0x60/0x80 [ 743.161507] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 743.166253] ? retint_kernel+0x2d/0x2d [ 743.170134] out_of_memory+0xa7f/0x1430 [ 743.174094] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 743.178690] ? kasan_check_read+0x11/0x20 [ 743.182824] ? oom_killer_disable+0x3a0/0x3a0 [ 743.187322] mem_cgroup_out_of_memory+0x15e/0x210 [ 743.192154] ? memory_oom_group_write+0x160/0x160 [ 743.197083] ? mem_cgroup_try_charge+0x627/0xe20 [ 743.201830] ? page_counter_try_charge+0x1c1/0x220 [ 743.206746] try_charge+0xdcd/0x1720 [ 743.210445] ? kasan_check_read+0x11/0x20 [ 743.214595] ? mem_cgroup_from_task+0x1f0/0x1f0 [ 743.219263] ? get_mem_cgroup_from_mm.part.62+0x221/0x880 [ 743.224788] ? lock_page_memcg+0x350/0x350 [ 743.229020] ? lock_acquire+0x1ed/0x520 [ 743.232985] ? mem_cgroup_oom_control_write+0x100/0x100 [ 743.238334] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 743.243865] ? check_preemption_disabled+0x48/0x280 [ 743.248976] ? kasan_check_read+0x11/0x20 [ 743.253112] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 743.258379] ? rcu_softirq_qs+0x20/0x20 [ 743.262351] mem_cgroup_try_charge+0x627/0xe20 [ 743.266927] ? mark_held_locks+0xc7/0x130 [ 743.271067] ? mem_cgroup_protected+0xa60/0xa60 [ 743.275728] ? retint_kernel+0x2d/0x2d [ 743.279605] ? trace_hardirqs_on_caller+0xc0/0x310 [ 743.284526] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 743.289278] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 743.294737] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 743.299499] ? retint_kernel+0x2d/0x2d [ 743.303389] mem_cgroup_try_charge_delay+0x1d/0xa0 [ 743.308310] wp_page_copy+0x51d/0x24f0 [ 743.312195] ? follow_pfn+0x2e0/0x2e0 [ 743.315984] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 743.321509] ? reuse_swap_page+0x4bd/0x1520 [ 743.325818] ? swp_swapcount+0x530/0x530 [ 743.329872] ? perf_trace_mm_lru_insertion+0x1490/0x1490 [ 743.335312] ? mark_held_locks+0xc7/0x130 [ 743.339450] ? print_usage_bug+0xc0/0xc0 [ 743.343497] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 743.348066] ? trace_hardirqs_on_caller+0xc0/0x310 [ 743.352982] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 743.357743] ? graph_lock+0x270/0x270 [ 743.361551] ? __lock_acquire+0x62f/0x4c20 [ 743.365787] ? retint_kernel+0x2d/0x2d [ 743.369662] ? find_held_lock+0x36/0x1c0 [ 743.373712] ? do_wp_page+0x518/0x2920 [ 743.377584] ? lock_downgrade+0x900/0x900 [ 743.381732] ? wake_up_page_bit+0x6f0/0x6f0 [ 743.386288] ? kasan_check_read+0x11/0x20 [ 743.390424] ? do_raw_spin_unlock+0xa7/0x330 [ 743.394820] ? do_raw_spin_trylock+0x270/0x270 [ 743.399405] ? __pte_alloc_kernel+0x220/0x220 [ 743.403913] ? perf_trace_lock_acquire+0x15b/0x800 [ 743.408825] ? wp_page_copy+0x137b/0x24f0 [ 743.412966] do_wp_page+0x520/0x2920 [ 743.416672] ? check_preemption_disabled+0x48/0x280 [ 743.421678] ? finish_mkwrite_fault+0x650/0x650 [ 743.426339] ? mark_held_locks+0xc7/0x130 [ 743.430487] ? perf_trace_lock+0x7a0/0x7a0 [ 743.434720] ? trace_hardirqs_on_caller+0xc0/0x310 [ 743.439645] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 743.445187] ? __lock_acquire+0x62f/0x4c20 [ 743.449413] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 743.454175] ? print_usage_bug+0xc0/0xc0 [ 743.458221] ? mark_held_locks+0x130/0x130 [ 743.462457] ? follow_page_pte+0xdd7/0x1ab0 [ 743.466766] ? lock_downgrade+0x900/0x900 [ 743.470937] ? mark_held_locks+0xc7/0x130 [ 743.475074] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 743.479826] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 743.484409] ? retint_kernel+0x2d/0x2d [ 743.488307] ? trace_hardirqs_on_caller+0xc0/0x310 [ 743.493260] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 743.498027] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 743.503510] ? print_usage_bug+0xc0/0xc0 [ 743.507598] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 743.512362] ? retint_kernel+0x2d/0x2d [ 743.516246] ? lock_acquire+0x268/0x520 [ 743.520323] ? kasan_check_write+0x14/0x20 [ 743.524573] ? do_raw_spin_lock+0x14f/0x350 [ 743.528884] ? rwlock_bug.part.2+0x90/0x90 [ 743.533110] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 743.537698] __handle_mm_fault+0x3be9/0x5be0 [ 743.542107] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 743.546939] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 743.552384] ? perf_trace_lock+0x7a0/0x7a0 [ 743.556632] ? graph_lock+0x270/0x270 [ 743.560420] ? find_held_lock+0x36/0x1c0 [ 743.564473] ? handle_mm_fault+0x42a/0xc70 [ 743.568706] ? lock_downgrade+0x900/0x900 [ 743.572846] ? check_preemption_disabled+0x48/0x280 [ 743.577858] ? kasan_check_read+0x11/0x20 [ 743.581992] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 743.587258] ? rcu_read_unlock_special+0x370/0x370 [ 743.592189] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 743.597710] ? check_preemption_disabled+0x48/0x280 [ 743.602731] handle_mm_fault+0x54f/0xc70 [ 743.606782] ? __handle_mm_fault+0x5be0/0x5be0 [ 743.611354] ? __get_user_pages+0x9bd/0x1ed0 [ 743.615761] __get_user_pages+0xa3d/0x1ed0 [ 743.619982] ? rwsem_down_read_failed+0x342/0x710 [ 743.624817] ? follow_page_mask+0x2160/0x2160 [ 743.629298] ? mark_held_locks+0xc7/0x130 [ 743.633446] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 743.638013] ? retint_kernel+0x2d/0x2d [ 743.641885] ? trace_hardirqs_on_caller+0xc0/0x310 [ 743.646799] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 743.651624] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 743.657074] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 743.661643] ? retint_kernel+0x2d/0x2d [ 743.665515] ? trace_hardirqs_on_caller+0xc0/0x310 [ 743.670435] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 743.675179] ? retint_kernel+0x2d/0x2d [ 743.679080] populate_vma_page_range+0x2db/0x3d0 [ 743.683822] ? follow_page+0x420/0x420 [ 743.687695] ? find_vma+0x34/0x190 [ 743.691233] __mm_populate+0x286/0x4d0 [ 743.695121] ? populate_vma_page_range+0x3d0/0x3d0 [ 743.700125] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 743.705649] ? ns_capable_common+0x13f/0x170 [ 743.710046] __x64_sys_mlockall+0x45b/0x630 [ 743.714352] ? __ia32_sys_munlock+0x160/0x160 [ 743.718835] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 743.724359] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 743.729713] ? trace_hardirqs_off_caller+0x300/0x300 [ 743.734808] do_syscall_64+0x1b9/0x820 [ 743.738680] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 743.744029] ? syscall_return_slowpath+0x5e0/0x5e0 [ 743.748943] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 743.753775] ? trace_hardirqs_on_caller+0x310/0x310 [ 743.758776] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 743.763797] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 743.769327] ? prepare_exit_to_usermode+0x291/0x3b0 [ 743.774337] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 743.779169] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 743.784345] RIP: 0033:0x457569 [ 743.787527] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 743.806424] RSP: 002b:00007f835d843c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097 [ 743.814114] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 0000000000457569 [ 743.821370] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 743.828636] RBP: 000000000072c0e0 R08: 0000000000000000 R09: 0000000000000000 [ 743.835889] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f835d8446d4 [ 743.843141] R13: 00000000004c2b54 R14: 00000000004d4810 R15: 00000000ffffffff [ 743.854523] Task in /syz0 killed as a result of limit of /syz0 [ 743.860765] memory: usage 297280kB, limit 307200kB, failcnt 2035 [ 743.867369] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 743.874640] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 743.882471] Memory cgroup stats for /syz0: cache:144KB rss:287832KB rss_huge:258048KB shmem:28KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:60148KB active_anon:19116KB inactive_file:0KB active_file:0KB unevictable:208644KB [ 743.906335] Memory cgroup out of memory: Kill process 20805 (syz-executor0) score 1220 or sacrifice child [ 743.916954] Killed process 20853 (syz-executor0) total-vm:70996kB, anon-rss:18592kB, file-rss:52260kB, shmem-rss:0kB [ 743.929768] oom_reaper: reaped process 20853 (syz-executor0), now anon-rss:18592kB, file-rss:52252kB, shmem-rss:0kB 00:54:39 executing program 0: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000000)=0x102, 0x4) bind$inet(r0, &(0x7f0000942000)={0x2, 0x4e20, @multicast1}, 0x10) getsockopt$IP_VS_SO_GET_SERVICE(r0, 0x0, 0x483, &(0x7f0000000300), &(0x7f00000000c0)=0xfe18) r1 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000400)='/dev/vga_arbiter\x00', 0x3fc, 0x0) getsockopt$IP6T_SO_GET_REVISION_MATCH(r1, 0x29, 0x44, &(0x7f0000000180)={'NETMAP\x00'}, &(0x7f00000001c0)=0x1e) mlockall(0x1) clone(0x0, 0x0, 0xfffffffffffffffe, &(0x7f0000000080), 0xffffffffffffffff) r2 = open(&(0x7f0000000140)='./file0\x00', 0x0, 0x99) exit(0x7fffffffbffefffd) r3 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mlockall(0x3) ioctl$VHOST_SET_VRING_CALL(r1, 0x4008af21, &(0x7f0000000500)={0x3, r2}) r4 = getpgid(0xffffffffffffffff) setpriority(0x1, r4, 0x5) r5 = getpgrp(0x0) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000280)={0xffffffffffffffff, r1, 0x0, 0xf, &(0x7f0000000240)='wlan0\\}md5sum#\x00'}, 0x30) setpgid(r5, r6) vmsplice(r3, &(0x7f00000008c0)=[{&(0x7f0000000800)="50e005e6815dc6b00b10002c519c66795de0d52fc076f1eb6a9c58cde88a6eef0093b24a178e84740aa6d1618e2033d38d4aea0fb17cda768820a83864ac14405192e4549c3ad33fca5d187507c5a984d6a0c72683e7af2d4a070000000000000005b6d0dce139e4c627395426a1f6fc0b416f7163eb07000000d9e0203181735ccac1e530c361262a0a5e0a98e9ca3d17f2f2f0c116fa9fbdbe757d93e323d17f29", 0xa2}], 0x1, 0xf) ioctl$EVIOCGEFFECTS(r1, 0x80044584, &(0x7f0000000580)=""/190) mq_notify(r1, &(0x7f0000000540)={0x0, 0x1c, 0x7, @thr={&(0x7f0000000440)="4c272be7ad31b92a7819bd4438656080ec27849a76ffa174b3fe114201140a34e5e6cb4d6a3ab9bcdc80a2717dd8542f33caa13b8c9cb9f5d11d4c66dc81779917000c05979ce491010f7259d0ecdb80fb30d6cba6e2b753ac23635fbb3d879cc2982fb4bbe1afcea02f12d11d43e1337c25411ae04bd8efc06636c455e15689c75b95c24f0dbdd30bdf91f2313a3e39b263ff5196302f1880765440d8b1", 0x0}}) accept4$inet(0xffffffffffffffff, &(0x7f00000000c0), &(0x7f0000000100)=0x10, 0x0) setsockopt$sock_int(r0, 0x1, 0x3c, &(0x7f0000d4effc)=0x1, 0x4) remap_file_pages(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x4, 0xa1, 0x40001) connect$inet(r0, &(0x7f00000002c0)={0x2, 0x4e20, @local}, 0x10) ioctl$FS_IOC_FSSETXATTR(r2, 0x401c5820, &(0x7f0000000200)={0x6d, 0x7fff, 0x400, 0x40, 0x4}) sendmmsg(r0, &(0x7f00000010c0)=[{{&(0x7f0000000bc0)=@in6={0xa, 0x0, 0xb301, @mcast1}, 0x80, &(0x7f0000000d40), 0x2fb, &(0x7f0000000d80)}}], 0x4000000000001b4, 0x40400d4) 00:54:39 executing program 5: add_key$user(&(0x7f0000000040)='user\x00', 0x0, &(0x7f0000000380), 0x0, 0xfffffffffffffffe) keyctl$update(0x2, 0x0, 0x0, 0x0) r0 = syz_open_dev$swradio(&(0x7f00000000c0)='/dev/swradio#\x00', 0xffffffffffffffff, 0x2) mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xfffffffffffffffd, 0x11, r0, 0x1e00000000000000) ioctl$ASHMEM_GET_SIZE(0xffffffffffffffff, 0x7704, 0x0) 00:54:39 executing program 4: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000280)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000480)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) read$FUSE(r0, &(0x7f0000003000), 0x4ea) write$FUSE_INIT(r0, &(0x7f0000000600)={0x50, 0xc, 0x2, {0x7, 0x1c, 0x0, 0x0, 0x7ff}}, 0x50) 00:54:39 executing program 1: r0 = add_key$user(0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe) keyctl$update(0x2, r0, &(0x7f0000000440), 0x0) r1 = syz_open_dev$swradio(&(0x7f00000000c0)='/dev/swradio#\x00', 0xffffffffffffffff, 0x2) mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xfffffffffffffffd, 0x11, r1, 0x2000000) 00:54:39 executing program 3: syz_open_dev$mice(0x0, 0x0, 0x0) r0 = openat$dlm_control(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dlm-control\x00', 0x900, 0x0) r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000400)="2f6a7374617400c65381b47aaedf2af5c8af3423fc41891bd2a3c56d8c88e29bad43f1da906e855ff182de04227edcbbc2b1df8f180e158e8abd442cc049cffda030ff277875ee010000000000000000000000000000000000000000000000f532144d1671a6cdf5069e5bddcf25cd7f23956b4a82df900f5eb5763b4fe8cc7172962d2590b2dca2a1308c382541b053194d9027d83ee7ba2e3280857f8f9f63fc90bae959c6e67078bf97e615bfd9409914958aadcfb37973543c60d83526e5c267f7dfa54bd524cc9671dedd665199322bdadee125a35b40b7be0c07301f439a7edfa26fa98277c8078b02e2076291c33787c58b0eabbc39288fc10509409de108f5ca26a8c8e1afb70b2a9569cf8f4cdb6d4e97eb7fdf241dee160e6071618333cc0b0e8bc6a17a0b7d604550fd149ad078ffe54c6392fba29015a3ae73774cd12c9c0ed251a7cf843d712d", 0x2761, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)=ANY=[], &(0x7f00000001c0)='GPL\x00'}, 0x48) write$binfmt_elf32(r1, &(0x7f0000000580)=ANY=[@ANYBLOB="7f454c4602000100080000000000000003003e00080000002601000038000000db00000000000000fd042000020034d5080009000000000057e5746437000000000000000100000005000000ff030000c39b00000600000005000000c9cf0000800000000600000008000000090000000100000008000000f6d6be47eda5707adb2bc50634a82234ca25cdbc533fd25e7c9caa1295a61a483f7d58e3c327cea956cf454db886b1926269ab611bf2d762f13824755467cf138b9f3a6804846d2dcf38ce28ab0a3b3e2d5157ef97a0916683770fb2676c68e872a36b77279a064c7a117116e55241799c05bf19f2acaf7f391aca6a7f7aa9e608770e06569c72a109324732e4a5683aeaa2e06ad77c1a67655dd3bb8cb7cee8854800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000"], 0xb1a) r2 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x2761, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x4030582a, &(0x7f0000000000)) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0xffffffffffffff15, &(0x7f0000000840), 0x0, &(0x7f0000000700), 0x0, 0xfffffffffffffffe}, 0x0) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r1, 0x4030582a, &(0x7f0000000000)) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r2, 0x40042409, 0x400000000000000) getsockopt$inet_mreqn(r0, 0x0, 0x20, &(0x7f0000001100)={@empty, @local, 0x0}, &(0x7f0000001140)=0xc) ioctl$sock_inet6_SIOCSIFADDR(r2, 0x8916, &(0x7f0000001180)={@mcast1, 0x40, r3}) 00:54:39 executing program 2: add_key$user(&(0x7f0000000040)='user\x00', &(0x7f0000000000)={'syz'}, &(0x7f0000000380)='X', 0x1, 0xfffffffffffffffe) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getsockopt$IP_VS_SO_GET_VERSION(0xffffffffffffffff, 0x0, 0x480, 0x0, 0x0) r0 = syz_open_dev$swradio(&(0x7f00000000c0)='/dev/swradio#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000340)={0x0, 0x9, 0x1, {0xb, @pix={0x0, 0x1f}}}) mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xfffffffffffffffd, 0x11, r0, 0x0) clone(0x0, &(0x7f0000000080), &(0x7f0000000000), &(0x7f0000915ffc), &(0x7f0000000180)) ioctl$ASHMEM_GET_SIZE(0xffffffffffffffff, 0x7704, 0x0) add_key$user(&(0x7f0000000240)='user\x00', &(0x7f0000000540)={'syz'}, &(0x7f0000000600)="63bbdf5b932bb04481028798fd5fb1bf7183b30984e21c3eb3094d70650ee8624e2bdce1427bd61c8e222dbd67d402b7ccaf0c5dc50030ee14d419fa9c84b0ffd1019f1b2ae022a0f182301f9942566e6f61eabe384c732d0813a18bb3dc9f3a678d9d44e6293e786ab2e6d28f236c138d63fe4f6ece6f3d04", 0x79, 0xfffffffffffffffd) openat$autofs(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/autofs\x00', 0x401, 0x0) 00:54:39 executing program 5: add_key$user(&(0x7f0000000040)='user\x00', 0x0, &(0x7f0000000380), 0x0, 0xfffffffffffffffe) keyctl$update(0x2, 0x0, 0x0, 0x0) r0 = syz_open_dev$swradio(&(0x7f00000000c0)='/dev/swradio#\x00', 0xffffffffffffffff, 0x2) mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xfffffffffffffffd, 0x11, r0, 0x4000) ioctl$ASHMEM_GET_SIZE(0xffffffffffffffff, 0x7704, 0x0) 00:54:39 executing program 1: r0 = add_key$user(0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe) keyctl$update(0x2, r0, &(0x7f0000000440), 0x0) r1 = syz_open_dev$swradio(&(0x7f00000000c0)='/dev/swradio#\x00', 0xffffffffffffffff, 0x2) mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xfffffffffffffffd, 0x11, r1, 0x1f000000) 00:54:39 executing program 4: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000280)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000480)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) read$FUSE(r0, &(0x7f0000003000), 0x4ea) write$FUSE_INIT(r0, &(0x7f0000000600)={0x50, 0x10, 0x2, {0x7, 0x1c, 0x0, 0x0, 0x7ff}}, 0x50) 00:54:39 executing program 1: r0 = add_key$user(0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe) keyctl$update(0x2, r0, &(0x7f0000000440), 0x0) r1 = syz_open_dev$swradio(&(0x7f00000000c0)='/dev/swradio#\x00', 0xffffffffffffffff, 0x2) mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xfffffffffffffffd, 0x11, r1, 0x1f00) 00:54:39 executing program 5: add_key$user(&(0x7f0000000040)='user\x00', 0x0, &(0x7f0000000380), 0x0, 0xfffffffffffffffe) keyctl$update(0x2, 0x0, 0x0, 0x0) r0 = syz_open_dev$swradio(&(0x7f00000000c0)='/dev/swradio#\x00', 0xffffffffffffffff, 0x2) mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xfffffffffffffffd, 0x11, r0, 0xffffffffffffd) ioctl$ASHMEM_GET_SIZE(0xffffffffffffffff, 0x7704, 0x0) 00:54:39 executing program 4: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000280)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000480)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) read$FUSE(r0, &(0x7f0000003000), 0x4ea) write$FUSE_INIT(r0, &(0x7f0000000600)={0x50, 0xffffffffa0008000, 0x2, {0x7, 0x1c, 0x0, 0x0, 0x7ff}}, 0x50) [ 745.255482] syz-executor0 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=1000 [ 745.266914] syz-executor0 cpuset=syz0 mems_allowed=0 [ 745.272630] CPU: 0 PID: 20899 Comm: syz-executor0 Not tainted 4.20.0-rc1-next-20181109+ #110 [ 745.281209] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 745.290546] Call Trace: [ 745.293125] dump_stack+0x244/0x39d [ 745.296741] ? dump_stack_print_info.cold.1+0x20/0x20 [ 745.301929] dump_header+0x27b/0xf72 [ 745.305636] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 745.311184] ? pagefault_out_of_memory+0x197/0x197 [ 745.316115] ? debug_smp_processor_id+0x1c/0x20 [ 745.320769] ? perf_trace_lock_acquire+0x15b/0x800 [ 745.325692] ? perf_trace_lock+0x7a0/0x7a0 [ 745.329930] ? graph_lock+0x270/0x270 [ 745.333720] ? print_usage_bug+0xc0/0xc0 [ 745.337768] ? mark_held_locks+0xc7/0x130 [ 745.341907] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 745.346653] ? find_held_lock+0x36/0x1c0 [ 745.350705] ? mark_held_locks+0xc7/0x130 [ 745.354861] ? _raw_spin_unlock_irqrestore+0x82/0xd0 [ 745.359949] ? _raw_spin_unlock_irqrestore+0x82/0xd0 [ 745.365038] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 745.369609] ? trace_hardirqs_on+0xbd/0x310 [ 745.373919] ? kasan_check_read+0x11/0x20 [ 745.378052] ? ___ratelimit+0x3b4/0x672 [ 745.382013] ? trace_hardirqs_off_caller+0x300/0x300 [ 745.387103] ? trace_hardirqs_on+0x310/0x310 [ 745.391503] ? _raw_spin_unlock_irqrestore+0x6d/0xd0 [ 745.396590] ? ___ratelimit+0x3b9/0x672 [ 745.400560] ? idr_get_free+0xf70/0xf70 [ 745.404529] ? _raw_spin_unlock_irq+0x27/0x80 [ 745.409012] ? _raw_spin_unlock_irq+0x27/0x80 [ 745.413497] oom_kill_process.cold.27+0x10/0x903 [ 745.418271] ? oom_evaluate_task+0x540/0x540 [ 745.422686] ? cgroup_procs_next+0x70/0x70 [ 745.426905] ? _raw_spin_unlock_irq+0x56/0x80 [ 745.431385] ? _raw_spin_unlock_irq+0x60/0x80 [ 745.435873] ? oom_badness+0xaa0/0xaa0 [ 745.439763] ? mem_cgroup_scan_tasks+0x1c3/0x1e0 [ 745.444514] ? mem_cgroup_iter_break+0x30/0x30 [ 745.449116] ? out_of_memory+0xc48/0x1430 [ 745.453370] out_of_memory+0xa7f/0x1430 [ 745.457332] ? oom_killer_disable+0x3a0/0x3a0 [ 745.461829] ? retint_kernel+0x2d/0x2d [ 745.465741] mem_cgroup_out_of_memory+0x15e/0x210 [ 745.470568] ? memory_oom_group_write+0x160/0x160 [ 745.475399] ? try_charge+0x4e3/0x1720 [ 745.479283] try_charge+0xdcd/0x1720 [ 745.482981] ? kasan_check_read+0x11/0x20 [ 745.487116] ? mem_cgroup_from_task+0x1f0/0x1f0 [ 745.491771] ? get_mem_cgroup_from_mm.part.62+0x221/0x880 [ 745.497296] ? lock_page_memcg+0x350/0x350 [ 745.501542] ? lock_acquire+0x1ed/0x520 [ 745.505513] ? mem_cgroup_oom_control_write+0x100/0x100 [ 745.510867] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 745.516388] ? check_preemption_disabled+0x48/0x280 [ 745.521391] ? kasan_check_read+0x11/0x20 [ 745.525525] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 745.530786] ? rcu_softirq_qs+0x20/0x20 [ 745.534764] mem_cgroup_try_charge+0x627/0xe20 [ 745.539331] ? mem_cgroup_protected+0xa60/0xa60 [ 745.543984] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 745.549503] ? page_mapping+0x5a2/0xa50 [ 745.553474] ? page_evictable+0x2de/0x540 [ 745.557610] ? check_preemption_disabled+0x48/0x280 [ 745.562614] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 745.568139] mem_cgroup_try_charge_delay+0x1d/0xa0 [ 745.573057] wp_page_copy+0x51d/0x24f0 [ 745.576937] ? follow_pfn+0x2e0/0x2e0 [ 745.580722] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 745.586242] ? reuse_swap_page+0x4bd/0x1520 [ 745.590546] ? swp_swapcount+0x530/0x530 [ 745.594591] ? mark_held_locks+0xc7/0x130 [ 745.598723] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 745.603464] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 745.608030] ? retint_kernel+0x2d/0x2d [ 745.611903] ? trace_hardirqs_on_caller+0xc0/0x310 [ 745.616815] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 745.621572] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 745.627024] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 745.631771] ? retint_kernel+0x2d/0x2d [ 745.635665] ? lock_release+0x4ea/0xa10 [ 745.639644] ? do_wp_page+0x518/0x2920 [ 745.643626] ? lock_downgrade+0x900/0x900 [ 745.647776] ? wake_up_page_bit+0x6f0/0x6f0 [ 745.652092] ? kasan_check_read+0x11/0x20 [ 745.656227] ? do_raw_spin_unlock+0xa7/0x330 [ 745.660619] ? do_raw_spin_trylock+0x270/0x270 [ 745.665193] ? __pte_alloc_kernel+0x220/0x220 [ 745.669673] ? perf_trace_lock_acquire+0x15b/0x800 [ 745.674594] do_wp_page+0x520/0x2920 [ 745.678296] ? check_preemption_disabled+0x48/0x280 [ 745.683306] ? finish_mkwrite_fault+0x650/0x650 [ 745.687961] ? mark_held_locks+0xc7/0x130 [ 745.692116] ? perf_trace_lock+0x7a0/0x7a0 [ 745.696336] ? trace_hardirqs_on_caller+0xc0/0x310 [ 745.701254] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 745.706782] ? __lock_acquire+0x62f/0x4c20 [ 745.711010] ? print_usage_bug+0xc0/0xc0 [ 745.715054] ? mark_held_locks+0x130/0x130 [ 745.719273] ? follow_page_pte+0xdd7/0x1ab0 [ 745.723582] ? lock_downgrade+0x900/0x900 [ 745.727722] ? mark_held_locks+0xc7/0x130 [ 745.731866] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 745.736611] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 745.741187] ? retint_kernel+0x2d/0x2d [ 745.745072] ? trace_hardirqs_on_caller+0xc0/0x310 [ 745.749998] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 745.754741] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 745.760187] ? print_usage_bug+0xc0/0xc0 [ 745.764242] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 745.768986] ? retint_kernel+0x2d/0x2d [ 745.772868] ? lock_acquire+0x268/0x520 [ 745.776842] ? kasan_check_write+0x14/0x20 [ 745.781058] ? do_raw_spin_lock+0x14f/0x350 [ 745.785362] ? rwlock_bug.part.2+0x90/0x90 [ 745.789584] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 745.794153] ? retint_kernel+0x2d/0x2d [ 745.798051] ? trace_hardirqs_on_caller+0xc0/0x310 [ 745.802985] __handle_mm_fault+0x3be9/0x5be0 [ 745.807384] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 745.812230] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 745.816795] ? retint_kernel+0x2d/0x2d [ 745.820669] ? trace_hardirqs_on_caller+0xc0/0x310 [ 745.825589] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 745.830333] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 745.835771] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 745.841291] ? pmd_huge+0xf4/0x140 [ 745.844823] ? graph_lock+0x270/0x270 [ 745.848607] ? graph_lock+0x270/0x270 [ 745.852395] ? find_held_lock+0x36/0x1c0 [ 745.856444] ? handle_mm_fault+0x42a/0xc70 [ 745.860665] ? lock_downgrade+0x900/0x900 [ 745.865089] ? check_preemption_disabled+0x48/0x280 [ 745.870096] ? kasan_check_read+0x11/0x20 [ 745.874228] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 745.879490] ? rcu_read_unlock_special+0x370/0x370 [ 745.884417] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 745.889939] ? check_preemption_disabled+0x48/0x280 [ 745.894947] handle_mm_fault+0x54f/0xc70 [ 745.898995] ? __handle_mm_fault+0x5be0/0x5be0 [ 745.903559] ? __get_user_pages+0x526/0x1ed0 [ 745.907957] __get_user_pages+0xa3d/0x1ed0 [ 745.912189] ? follow_page_mask+0x2160/0x2160 [ 745.916685] ? debug_smp_processor_id+0x1c/0x20 [ 745.921341] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 745.926873] ? mark_held_locks+0xc7/0x130 [ 745.931009] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 745.935770] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 745.940349] ? retint_kernel+0x2d/0x2d [ 745.944225] ? trace_hardirqs_on_caller+0xc0/0x310 [ 745.949137] ? __mm_populate+0x31a/0x4d0 [ 745.953189] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 745.957935] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 745.963372] ? lock_release+0xa10/0xa10 [ 745.967353] ? perf_trace_sched_process_exec+0x860/0x860 [ 745.972793] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 745.977539] populate_vma_page_range+0x2db/0x3d0 [ 745.982295] ? follow_page+0x420/0x420 [ 745.986173] ? __mm_populate+0x1b8/0x4d0 [ 745.990233] __mm_populate+0x286/0x4d0 [ 745.994110] ? populate_vma_page_range+0x3d0/0x3d0 [ 745.999041] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 746.004583] ? ns_capable_common+0x13f/0x170 [ 746.009002] __x64_sys_mlockall+0x45b/0x630 [ 746.013314] ? __ia32_sys_munlock+0x160/0x160 [ 746.017807] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 746.023354] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 746.028718] ? trace_hardirqs_off_caller+0x300/0x300 [ 746.033813] do_syscall_64+0x1b9/0x820 [ 746.037701] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 746.043061] ? syscall_return_slowpath+0x5e0/0x5e0 [ 746.047974] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 746.052822] ? trace_hardirqs_on_caller+0x310/0x310 [ 746.057840] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 746.062862] ? prepare_exit_to_usermode+0x291/0x3b0 [ 746.067867] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 746.072700] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 746.077872] RIP: 0033:0x457569 [ 746.081051] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 746.099935] RSP: 002b:00007f835d885c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097 [ 746.107627] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 0000000000457569 [ 746.114882] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 746.122143] RBP: 000000000072bfa0 R08: 0000000000000000 R09: 0000000000000000 [ 746.129402] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f835d8866d4 [ 746.136666] R13: 00000000004c2b54 R14: 00000000004d4810 R15: 00000000ffffffff [ 746.150536] Task in /syz0 killed as a result of limit of /syz0 [ 746.160240] memory: usage 307200kB, limit 307200kB, failcnt 2071 [ 746.166566] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 746.173424] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 746.179669] Memory cgroup stats for /syz0: cache:144KB rss:297504KB rss_huge:268288KB shmem:28KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:61576KB active_anon:17080KB inactive_file:0KB active_file:0KB unevictable:218960KB [ 746.201726] Memory cgroup out of memory: Kill process 20859 (syz-executor0) score 1216 or sacrifice child [ 746.211899] Killed process 20903 (syz-executor0) total-vm:70468kB, anon-rss:18068kB, file-rss:32896kB, shmem-rss:0kB [ 746.227502] oom_reaper: reaped process 20903 (syz-executor0), now anon-rss:0kB, file-rss:32768kB, shmem-rss:0kB [ 747.088462] syz-executor0 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=1000 [ 747.099963] syz-executor0 cpuset=syz0 mems_allowed=0 [ 747.105817] CPU: 0 PID: 20912 Comm: syz-executor0 Not tainted 4.20.0-rc1-next-20181109+ #110 [ 747.114406] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 747.123744] Call Trace: [ 747.126324] dump_stack+0x244/0x39d [ 747.129940] ? dump_stack_print_info.cold.1+0x20/0x20 [ 747.135126] ? mark_held_locks+0x130/0x130 [ 747.139348] dump_header+0x27b/0xf72 [ 747.143076] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 747.148624] ? pagefault_out_of_memory+0x197/0x197 [ 747.153546] ? print_usage_bug+0xc0/0xc0 [ 747.157603] ? debug_smp_processor_id+0x1c/0x20 [ 747.162280] ? perf_trace_lock_acquire+0x15b/0x800 [ 747.167199] ? perf_trace_lock+0x7a0/0x7a0 [ 747.171423] ? mark_held_locks+0xc7/0x130 [ 747.175555] ? print_usage_bug+0xc0/0xc0 [ 747.179607] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 747.184364] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 747.188936] ? retint_kernel+0x2d/0x2d [ 747.192808] ? trace_hardirqs_on_caller+0xc0/0x310 [ 747.197722] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 747.202463] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 747.207903] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 747.212662] ? retint_kernel+0x2d/0x2d [ 747.216554] ? _raw_spin_unlock_irqrestore+0xaf/0xd0 [ 747.221645] ? _raw_spin_unlock_irqrestore+0x6d/0xd0 [ 747.226732] ? ___ratelimit+0x3b9/0x672 [ 747.230691] ? idr_get_free+0xf70/0xf70 [ 747.234673] oom_kill_process.cold.27+0x10/0x903 [ 747.239428] ? _raw_spin_unlock_irq+0x56/0x80 [ 747.243911] ? oom_evaluate_task+0x540/0x540 [ 747.248307] ? cgroup_procs_next+0x70/0x70 [ 747.252544] ? _raw_spin_unlock_irq+0x60/0x80 [ 747.257034] ? oom_badness+0xaa0/0xaa0 [ 747.260913] ? mem_cgroup_scan_tasks+0x1c3/0x1e0 [ 747.265653] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 747.270407] ? mem_cgroup_iter_break+0x30/0x30 [ 747.274980] ? out_of_memory+0xbdc/0x1430 [ 747.279115] out_of_memory+0xa7f/0x1430 [ 747.283077] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 747.287647] ? kasan_check_read+0x11/0x20 [ 747.291782] ? oom_killer_disable+0x3a0/0x3a0 [ 747.296275] mem_cgroup_out_of_memory+0x15e/0x210 [ 747.301125] ? memory_oom_group_write+0x160/0x160 [ 747.305959] ? page_counter_try_charge+0x1c1/0x220 [ 747.310875] try_charge+0xdcd/0x1720 [ 747.314574] ? kasan_check_read+0x11/0x20 [ 747.318834] ? mem_cgroup_from_task+0x1f0/0x1f0 [ 747.323489] ? get_mem_cgroup_from_mm.part.62+0x221/0x880 [ 747.329011] ? lock_page_memcg+0x350/0x350 [ 747.333243] ? lock_acquire+0x1ed/0x520 [ 747.337199] ? mem_cgroup_oom_control_write+0x100/0x100 [ 747.342547] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 747.348076] ? check_preemption_disabled+0x48/0x280 [ 747.353114] ? kasan_check_read+0x11/0x20 [ 747.357250] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 747.362509] ? rcu_softirq_qs+0x20/0x20 [ 747.366508] mem_cgroup_try_charge+0x627/0xe20 [ 747.371077] ? mark_held_locks+0xc7/0x130 [ 747.375219] ? mem_cgroup_protected+0xa60/0xa60 [ 747.379883] ? retint_kernel+0x2d/0x2d [ 747.383764] ? trace_hardirqs_on_caller+0xc0/0x310 [ 747.388682] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 747.393439] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 747.398898] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 747.403655] ? retint_kernel+0x2d/0x2d [ 747.407533] mem_cgroup_try_charge_delay+0x1d/0xa0 [ 747.412451] wp_page_copy+0x51d/0x24f0 [ 747.416333] ? follow_pfn+0x2e0/0x2e0 [ 747.420135] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 747.425669] ? reuse_swap_page+0x4bd/0x1520 [ 747.430018] ? swp_swapcount+0x530/0x530 [ 747.434082] ? perf_trace_mm_lru_insertion+0x1490/0x1490 [ 747.439523] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 747.444960] ? print_usage_bug+0xc0/0xc0 [ 747.449008] ? retint_kernel+0x2d/0x2d [ 747.452905] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 747.457654] ? retint_kernel+0x2d/0x2d [ 747.461527] ? graph_lock+0x270/0x270 [ 747.465317] ? __lock_acquire+0x62f/0x4c20 [ 747.469538] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 747.474281] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 747.478848] ? find_held_lock+0x36/0x1c0 [ 747.482902] ? do_wp_page+0x518/0x2920 [ 747.486777] ? lock_downgrade+0x900/0x900 [ 747.490926] ? wake_up_page_bit+0x6f0/0x6f0 [ 747.495247] ? kasan_check_read+0x11/0x20 [ 747.499378] ? do_raw_spin_unlock+0xa7/0x330 [ 747.503782] ? do_raw_spin_trylock+0x270/0x270 [ 747.508350] ? __pte_alloc_kernel+0x220/0x220 [ 747.512830] ? perf_trace_lock_acquire+0x15b/0x800 [ 747.517770] do_wp_page+0x520/0x2920 [ 747.521472] ? check_preemption_disabled+0x48/0x280 [ 747.526470] ? print_usage_bug+0xc0/0xc0 [ 747.530519] ? finish_mkwrite_fault+0x650/0x650 [ 747.535314] ? mark_held_locks+0xc7/0x130 [ 747.539464] ? perf_trace_lock+0x7a0/0x7a0 [ 747.543705] ? trace_hardirqs_on_caller+0xc0/0x310 [ 747.548620] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 747.554143] ? __lock_acquire+0x62f/0x4c20 [ 747.558388] ? mark_held_locks+0x130/0x130 [ 747.562610] ? follow_page_pte+0xdd7/0x1ab0 [ 747.566928] ? lock_downgrade+0x900/0x900 [ 747.571073] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 747.576621] ? check_preemption_disabled+0x48/0x280 [ 747.581637] ? debug_smp_processor_id+0x1c/0x20 [ 747.586292] ? perf_trace_lock_acquire+0x15b/0x800 [ 747.591218] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 747.596764] ? follow_page_pte+0x4f9/0x1ab0 [ 747.601082] ? print_usage_bug+0xc0/0xc0 [ 747.605154] ? undo_dev_pagemap+0x680/0x680 [ 747.609462] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 747.614205] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 747.618774] ? print_usage_bug+0xc0/0xc0 [ 747.622838] ? __lock_acquire+0x62f/0x4c20 [ 747.627058] ? lock_acquire+0x1ed/0x520 [ 747.631029] ? __handle_mm_fault+0x1fa9/0x5be0 [ 747.635599] ? kasan_check_write+0x14/0x20 [ 747.639818] ? do_raw_spin_lock+0x14f/0x350 [ 747.644127] ? retint_kernel+0x2d/0x2d [ 747.648020] ? rwlock_bug.part.2+0x90/0x90 [ 747.652339] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 747.657054] ? retint_kernel+0x2d/0x2d [ 747.660941] __handle_mm_fault+0x3be9/0x5be0 [ 747.665342] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 747.670172] ? perf_trace_lock+0x7a0/0x7a0 [ 747.674406] ? retint_kernel+0x2d/0x2d [ 747.678283] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 747.683822] ? pmd_huge+0xf4/0x140 [ 747.687363] ? graph_lock+0x270/0x270 [ 747.691163] ? graph_lock+0x270/0x270 [ 747.694967] ? find_held_lock+0x36/0x1c0 [ 747.699038] ? handle_mm_fault+0x42a/0xc70 [ 747.703282] ? lock_downgrade+0x900/0x900 [ 747.707433] ? check_preemption_disabled+0x48/0x280 [ 747.712466] ? kasan_check_read+0x11/0x20 [ 747.716626] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 747.721922] ? rcu_read_unlock_special+0x370/0x370 [ 747.726942] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 747.732466] ? check_preemption_disabled+0x48/0x280 [ 747.737474] handle_mm_fault+0x54f/0xc70 [ 747.741526] ? __handle_mm_fault+0x5be0/0x5be0 [ 747.746094] ? __get_user_pages+0x250/0x1ed0 [ 747.750489] __get_user_pages+0xa3d/0x1ed0 [ 747.754708] ? rwsem_down_read_failed+0x342/0x710 [ 747.759545] ? follow_page_mask+0x2160/0x2160 [ 747.764042] ? mark_held_locks+0xc7/0x130 [ 747.768190] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 747.772756] ? retint_kernel+0x2d/0x2d [ 747.776630] ? trace_hardirqs_on_caller+0xc0/0x310 [ 747.781548] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 747.786293] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 747.791740] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 747.796349] ? retint_kernel+0x2d/0x2d [ 747.800222] ? trace_hardirqs_on_caller+0xc0/0x310 [ 747.805142] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 747.809884] ? retint_kernel+0x2d/0x2d [ 747.813769] populate_vma_page_range+0x2db/0x3d0 [ 747.818530] ? follow_page+0x420/0x420 [ 747.822413] ? find_vma+0x34/0x190 [ 747.825940] __mm_populate+0x286/0x4d0 [ 747.829815] ? populate_vma_page_range+0x3d0/0x3d0 [ 747.834732] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 747.840272] ? ns_capable_common+0x13f/0x170 [ 747.844673] __x64_sys_mlockall+0x45b/0x630 [ 747.848980] ? __ia32_sys_munlock+0x160/0x160 [ 747.853466] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 747.858987] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 747.864670] ? trace_hardirqs_off_caller+0x300/0x300 [ 747.869764] ? do_futex+0x26d0/0x26d0 [ 747.873562] do_syscall_64+0x1b9/0x820 [ 747.877434] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 747.882783] ? syscall_return_slowpath+0x5e0/0x5e0 [ 747.887709] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 747.892540] ? trace_hardirqs_on_caller+0x310/0x310 [ 747.897548] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 747.903068] ? prepare_exit_to_usermode+0x291/0x3b0 [ 747.908079] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 747.912918] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 747.918095] RIP: 0033:0x457569 [ 747.921276] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 747.940176] RSP: 002b:00007f835d843c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097 [ 747.947867] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 0000000000457569 [ 747.955121] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 747.962371] RBP: 000000000072c0e0 R08: 0000000000000000 R09: 0000000000000000 [ 747.969620] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f835d8446d4 [ 747.976871] R13: 00000000004c2b54 R14: 00000000004d4810 R15: 00000000ffffffff [ 747.987362] Task in /syz0 killed as a result of limit of /syz0 [ 747.993543] memory: usage 297304kB, limit 307200kB, failcnt 2116 [ 747.999715] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 748.006718] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 748.013433] Memory cgroup stats for /syz0: cache:144KB rss:287900KB rss_huge:258048KB shmem:28KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:60148KB active_anon:19124KB inactive_file:0KB active_file:0KB unevictable:208652KB [ 748.035349] Memory cgroup out of memory: Kill process 20859 (syz-executor0) score 1220 or sacrifice child [ 748.045499] Killed process 20912 (syz-executor0) total-vm:70996kB, anon-rss:18468kB, file-rss:52260kB, shmem-rss:0kB [ 748.057632] oom_reaper: reaped process 20912 (syz-executor0), now anon-rss:18468kB, file-rss:52252kB, shmem-rss:0kB 00:54:43 executing program 5: add_key$user(&(0x7f0000000040)='user\x00', 0x0, &(0x7f0000000380), 0x0, 0xfffffffffffffffe) keyctl$update(0x2, 0x0, 0x0, 0x0) r0 = syz_open_dev$swradio(&(0x7f00000000c0)='/dev/swradio#\x00', 0xffffffffffffffff, 0x2) mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xfffffffffffffffd, 0x11, r0, 0x200000000000000) ioctl$ASHMEM_GET_SIZE(0xffffffffffffffff, 0x7704, 0x0) 00:54:43 executing program 3: syz_open_dev$mice(0x0, 0x0, 0x0) r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000400)="2f6a7374617400c65381b47aaedf2af5c8af3423fc41891bd2a3c56d8c88e29bad43f1da906e855ff182de04227edcbbc2b1df8f180e158e8abd442cc049cffda030ff277875ee010000000000000000000000000000000000000000000000f532144d1671a6cdf5069e5bddcf25cd7f23956b4a82df900f5eb5763b4fe8cc7172962d2590b2dca2a1308c382541b053194d9027d83ee7ba2e3280857f8f9f63fc90bae959c6e67078bf97e615bfd9409914958aadcfb37973543c60d83526e5c267f7dfa54bd524cc9671dedd665199322bdadee125a35b40b7be0c07301f439a7edfa26fa98277c8078b02e2076291c33787c58b0eabbc39288fc10509409de108f5ca26a8c8e1afb70b2a9569cf8f4cdb6d4e97eb7fdf241dee160e6071618333cc0b0e8bc6a17a0b7d604550fd149ad078ffe54c6392fba29015a3ae73774cd12c9c0ed251a7cf843d712d", 0x2761, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)=ANY=[], &(0x7f00000001c0)='GPL\x00'}, 0x48) r1 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x2761, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r1, 0x4030582a, &(0x7f0000000000)) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000840), 0x0, &(0x7f0000000700)}, 0x0) ioctl$VIDIOC_S_FREQUENCY(r0, 0x402c5639, &(0x7f0000000080)={0x2, 0x7, 0xecfe}) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x4030582a, &(0x7f0000000000)) 00:54:43 executing program 1: r0 = add_key$user(0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe) keyctl$update(0x2, r0, &(0x7f0000000440), 0x0) r1 = syz_open_dev$swradio(&(0x7f00000000c0)='/dev/swradio#\x00', 0xffffffffffffffff, 0x2) mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xfffffffffffffffd, 0x11, r1, 0xffffffff00000000) 00:54:43 executing program 2: add_key$user(&(0x7f0000000040)='user\x00', &(0x7f0000000000)={'syz'}, &(0x7f0000000380)='X', 0x1, 0xfffffffffffffffe) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getsockopt$IP_VS_SO_GET_VERSION(0xffffffffffffffff, 0x0, 0x480, 0x0, 0x0) r0 = syz_open_dev$swradio(&(0x7f00000000c0)='/dev/swradio#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000340)={0x0, 0x9, 0x1, {0xb, @pix={0x0, 0x1f}}}) mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xfffffffffffffffd, 0x11, r0, 0x0) clone(0x0, &(0x7f0000000080), &(0x7f0000000000), &(0x7f0000915ffc), &(0x7f0000000180)) ioctl$ASHMEM_GET_SIZE(0xffffffffffffffff, 0x7704, 0x0) add_key$user(&(0x7f0000000240)='user\x00', &(0x7f0000000540)={'syz'}, &(0x7f0000000600)="63bbdf5b932bb04481028798fd5fb1bf7183b30984e21c3eb3094d70650ee8624e2bdce1427bd61c8e222dbd67d402b7ccaf0c5dc50030ee14d419fa9c84b0ffd1019f1b2ae022a0f182301f9942566e6f61eabe384c732d0813a18bb3dc9f3a678d9d44e6293e786ab2e6d28f236c138d63fe4f6ece6f3d04", 0x79, 0xfffffffffffffffd) openat$autofs(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/autofs\x00', 0x401, 0x0) 00:54:43 executing program 0: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000000)=0x102, 0x4) bind$inet(r0, &(0x7f0000942000)={0x2, 0x4e20, @multicast1}, 0x10) getsockopt$IP_VS_SO_GET_SERVICE(r0, 0x0, 0x483, &(0x7f0000000300), &(0x7f00000000c0)=0xfe18) r1 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000400)='/dev/vga_arbiter\x00', 0x3fc, 0x0) getsockopt$IP6T_SO_GET_REVISION_MATCH(r1, 0x29, 0x44, &(0x7f0000000180)={'NETMAP\x00'}, &(0x7f00000001c0)=0x1e) mlockall(0x1) clone(0x0, 0x0, 0xfffffffffffffffe, &(0x7f0000000080), 0xffffffffffffffff) r2 = open(&(0x7f0000000140)='./file0\x00', 0x0, 0x99) exit(0x7fffffffbffefffd) r3 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mlockall(0x3) ioctl$VHOST_SET_VRING_CALL(r1, 0x4008af21, &(0x7f0000000500)={0x3, r2}) r4 = getpgid(0xffffffffffffffff) setpriority(0x1, r4, 0x5) r5 = getpgrp(0x0) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000280)={0xffffffffffffffff, r1, 0x0, 0xf, &(0x7f0000000240)='wlan0\\}md5sum#\x00'}, 0x30) setpgid(r5, r6) vmsplice(r3, &(0x7f00000008c0)=[{&(0x7f0000000800)="50e005e6815dc6b00b10002c519c66795de0d52fc076f1eb6a9c58cde88a6eef0093b24a178e84740aa6d1618e2033d38d4aea0fb17cda768820a83864ac14405192e4549c3ad33fca5d187507c5a984d6a0c72683e7af2d4a070000000000000005b6d0dce139e4c627395426a1f6fc0b416f7163eb07000000d9e0203181735ccac1e530c361262a0a5e0a98e9ca3d17f2f2f0c116fa9fbdbe757d93e323d17f29", 0xa2}], 0x1, 0xf) ioctl$EVIOCGEFFECTS(r1, 0x80044584, &(0x7f0000000580)=""/190) mq_notify(r1, &(0x7f0000000540)={0x0, 0x1c, 0x7, @thr={&(0x7f0000000440)="4c272be7ad31b92a7819bd4438656080ec27849a76ffa174b3fe114201140a34e5e6cb4d6a3ab9bcdc80a2717dd8542f33caa13b8c9cb9f5d11d4c66dc81779917000c05979ce491010f7259d0ecdb80fb30d6cba6e2b753ac23635fbb3d879cc2982fb4bbe1afcea02f12d11d43e1337c25411ae04bd8efc06636c455e15689c75b95c24f0dbdd30bdf91f2313a3e39b263ff5196302f1880765440d8b1", 0x0}}) accept4$inet(0xffffffffffffffff, &(0x7f00000000c0), &(0x7f0000000100)=0x10, 0x0) setsockopt$sock_int(r0, 0x1, 0x3c, &(0x7f0000d4effc)=0x1, 0x4) remap_file_pages(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x4, 0xa1, 0x40001) connect$inet(r0, &(0x7f00000002c0)={0x2, 0x4e20, @local}, 0x10) ioctl$FS_IOC_FSSETXATTR(r2, 0x401c5820, &(0x7f0000000200)={0x6d, 0x7fff, 0x400, 0x40, 0x4}) sendmmsg(r0, &(0x7f00000010c0)=[{{&(0x7f0000000bc0)=@in6={0xa, 0x0, 0x20000d80, @mcast1}, 0x80, &(0x7f0000000d40), 0x2fb, &(0x7f0000000d80)}}], 0x4000000000001b4, 0x40400d4) 00:54:43 executing program 4: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000280)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000480)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) read$FUSE(r0, &(0x7f0000003000), 0x4ea) write$FUSE_INIT(r0, &(0x7f0000000600)={0x50, 0x8000000, 0x2, {0x7, 0x1c, 0x0, 0x0, 0x7ff}}, 0x50) 00:54:43 executing program 1: r0 = add_key$user(0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe) keyctl$update(0x2, r0, &(0x7f0000000440), 0x0) r1 = syz_open_dev$swradio(&(0x7f00000000c0)='/dev/swradio#\x00', 0xffffffffffffffff, 0x2) mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xfffffffffffffffd, 0x11, r1, 0x1f00000000000000) 00:54:43 executing program 5: add_key$user(&(0x7f0000000040)='user\x00', 0x0, &(0x7f0000000380), 0x0, 0xfffffffffffffffe) keyctl$update(0x2, 0x0, 0x0, 0x0) r0 = syz_open_dev$swradio(&(0x7f00000000c0)='/dev/swradio#\x00', 0xffffffffffffffff, 0x2) mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xfffffffffffffffd, 0x11, r0, 0x1e00) ioctl$ASHMEM_GET_SIZE(0xffffffffffffffff, 0x7704, 0x0) 00:54:43 executing program 4: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000280)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000480)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) read$FUSE(r0, &(0x7f0000003000), 0x4ea) write$FUSE_INIT(r0, &(0x7f0000000600)={0x50, 0x10000000, 0x2, {0x7, 0x1c, 0x0, 0x0, 0x7ff}}, 0x50) 00:54:43 executing program 2: add_key$user(&(0x7f0000000040)='user\x00', &(0x7f0000000000)={'syz'}, &(0x7f0000000380)='X', 0x1, 0xfffffffffffffffe) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getsockopt$IP_VS_SO_GET_VERSION(0xffffffffffffffff, 0x0, 0x480, 0x0, 0x0) r0 = syz_open_dev$swradio(&(0x7f00000000c0)='/dev/swradio#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000340)={0x0, 0x9, 0x1, {0xb, @pix={0x0, 0x1f}}}) mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xfffffffffffffffd, 0x11, r0, 0x0) clone(0x0, &(0x7f0000000080), &(0x7f0000000000), &(0x7f0000915ffc), &(0x7f0000000180)) ioctl$ASHMEM_GET_SIZE(0xffffffffffffffff, 0x7704, 0x0) add_key$user(&(0x7f0000000240)='user\x00', &(0x7f0000000540)={'syz'}, &(0x7f0000000600)="63bbdf5b932bb04481028798fd5fb1bf7183b30984e21c3eb3094d70650ee8624e2bdce1427bd61c8e222dbd67d402b7ccaf0c5dc50030ee14d419fa9c84b0ffd1019f1b2ae022a0f182301f9942566e6f61eabe384c732d0813a18bb3dc9f3a678d9d44e6293e786ab2e6d28f236c138d63fe4f6ece6f3d04", 0x79, 0xfffffffffffffffd) openat$autofs(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/autofs\x00', 0x401, 0x0) 00:54:43 executing program 3: r0 = socket$can_bcm(0x1d, 0x2, 0x2) ioctl$sock_inet_SIOCGIFADDR(r0, 0x8915, &(0x7f0000000680)={'ip6gre0\x00', {0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x1a}}}) r1 = syz_open_dev$mice(0x0, 0x0, 0x0) r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000400)="2f6a7374617400c65381b47aaedf2af5c8af3423fc41891bd2a3c56d8c88e29bad43f1da906e855ff182de04227edcbbc2b1df8f180e158e8abd442cc049cffda030ff277875ee010000000000000000000000000000000000000000000000f532144d1671a6cdf5069e5bddcf25cd7f23956b4a82df900f5eb5763b4fe8cc7172962d2590b2dca2a1308c382541b053194d9027d83ee7ba2e3280857f8f9f63fc90bae959c6e67078bf97e615bfd9409914958aadcfb37973543c60d83526e5c267f7dfa54bd524cc9671dedd665199322bdadee125a35b40b7be0c07301f439a7edfa26fa98277c8078b02e2076291c33787c58b0eabbc39288fc10509409de108f5ca26a8c8e1afb70b2a9569cf8f4cdb6d4e97eb7fdf241dee160e6071618333cc0b0e8bc6a17a0b7d604550fd149ad078ffe54c6392fba29015a3ae73774cd12c9c0ed251a7cf843d712d", 0x2761, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)=ANY=[], &(0x7f00000001c0)='GPL\x00'}, 0x48) ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000280)={'vcan0\x00', 0x0}) bind$can_raw(r2, &(0x7f00000002c0)={0x1d, r3}, 0x10) r4 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x2761, 0x0) ioctl$RTC_WKALM_SET(r1, 0x4028700f, &(0x7f0000000080)={0x1, 0x1, {0x19, 0x10, 0x13, 0x15, 0x0, 0x0, 0x1, 0x116, 0x1}}) getsockopt$IP_VS_SO_GET_SERVICE(r1, 0x0, 0x483, &(0x7f0000000200), &(0x7f0000000140)=0x68) ioctl$PERF_EVENT_IOC_PERIOD(r4, 0x4030582a, &(0x7f0000000000)) r5 = openat$cgroup_ro(r2, &(0x7f0000000100)='cpuset.effective_cpus\x00', 0x0, 0x0) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000840), 0x0, &(0x7f0000000700)}, 0x0) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r4, 0x4030582a, &(0x7f00000000c0)) ioctl$SNDRV_TIMER_IOCTL_SELECT(r5, 0x40345410, &(0x7f0000000300)={{0x2, 0x0, 0x8000, 0x3, 0x10000}}) 00:54:43 executing program 5: add_key$user(&(0x7f0000000040)='user\x00', 0x0, &(0x7f0000000380), 0x0, 0xfffffffffffffffe) keyctl$update(0x2, 0x0, 0x0, 0x0) r0 = syz_open_dev$swradio(&(0x7f00000000c0)='/dev/swradio#\x00', 0xffffffffffffffff, 0x2) mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xfffffffffffffffd, 0x11, r0, 0x8000a0) ioctl$ASHMEM_GET_SIZE(0xffffffffffffffff, 0x7704, 0x0) 00:54:43 executing program 1: r0 = add_key$user(0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe) keyctl$update(0x2, r0, &(0x7f0000000440), 0x0) r1 = syz_open_dev$swradio(&(0x7f00000000c0)='/dev/swradio#\x00', 0xffffffffffffffff, 0x2) mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xfffffffffffffffd, 0x11, r1, 0x4000) 00:54:43 executing program 4: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000280)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000480)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) read$FUSE(r0, &(0x7f0000003000), 0x4ea) write$FUSE_INIT(r0, &(0x7f0000000600)={0x50, 0x8000a0, 0x2, {0x7, 0x1c, 0x0, 0x0, 0x7ff}}, 0x50) 00:54:44 executing program 5: add_key$user(&(0x7f0000000040)='user\x00', 0x0, &(0x7f0000000380), 0x0, 0xfffffffffffffffe) keyctl$update(0x2, 0x0, 0x0, 0x0) r0 = syz_open_dev$swradio(&(0x7f00000000c0)='/dev/swradio#\x00', 0xffffffffffffffff, 0x2) mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xfffffffffffffffd, 0x11, r0, 0x1f00) ioctl$ASHMEM_GET_SIZE(0xffffffffffffffff, 0x7704, 0x0) 00:54:44 executing program 3: r0 = syz_open_dev$mice(0x0, 0x0, 0x0) r1 = openat$cgroup_ro(r0, &(0x7f0000000400)="2f6a7374617400c65381b47aaedf2af5c8af3423fc41891bd2a3c56d8c88e29bad43f1da906e855ff182de04227edcbbc2b1df8f180e158e8abd442cc049cffda030ff277875ee010000000000000000000000000000000000000000000000f532144d1671a6cdf5069e5bddcf25cd7f23956b4a82df900f5eb5763b4fe8cc7172962d2590b2dca2a1308c382541b053194d9027d83ee7ba2e3280857f8f9f63fc90bae959c6e67078bf97e615bfd9409914958aadcfb37973543c60d83526e5c267f7dfa54bd524cc9671dedd665199322bdadee125a35b40b7be0c07301f439a7edfa26fa98277c8078b02e2076291c33787c58b0eabbc35288fc10509409de108f5ca26a8c8e1afb60b2a9569cf8f4cdb6d4e97eb7fdf241dee160e6071618333cc0b0e8bc6a17a0b7d604550fd149ad078ffe54c6392fba29015a3ae73774cd12c9c0ed251a7cf843d712d", 0x2761, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)=ANY=[], &(0x7f00000001c0)='GPL\x00'}, 0x48) r2 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x2761, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x4030582a, &(0x7f0000000000)) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000840), 0x0, &(0x7f0000000700)}, 0x0) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r1, 0x4030582a, &(0x7f0000000000)) [ 749.589941] syz-executor0 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=1000 [ 749.602085] syz-executor0 cpuset=syz0 mems_allowed=0 [ 749.607390] CPU: 0 PID: 20947 Comm: syz-executor0 Not tainted 4.20.0-rc1-next-20181109+ #110 [ 749.615952] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 749.625293] Call Trace: [ 749.627876] dump_stack+0x244/0x39d [ 749.631508] ? dump_stack_print_info.cold.1+0x20/0x20 [ 749.636693] ? mark_held_locks+0x130/0x130 [ 749.640922] ? mark_held_locks+0x130/0x130 [ 749.645145] dump_header+0x27b/0xf72 [ 749.648978] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 749.654500] ? pagefault_out_of_memory+0x197/0x197 [ 749.659412] ? print_usage_bug+0xc0/0xc0 [ 749.663460] ? debug_smp_processor_id+0x1c/0x20 [ 749.668115] ? perf_trace_lock_acquire+0x15b/0x800 [ 749.673034] ? perf_trace_lock+0x7a0/0x7a0 [ 749.677258] ? mark_held_locks+0xc7/0x130 [ 749.681386] ? print_usage_bug+0xc0/0xc0 [ 749.685455] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 749.690200] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 749.694765] ? retint_kernel+0x2d/0x2d [ 749.698687] ? trace_hardirqs_on_caller+0xc0/0x310 [ 749.703619] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 749.708361] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 749.713808] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 749.718556] ? retint_kernel+0x2d/0x2d [ 749.722451] ? _raw_spin_unlock_irqrestore+0xaf/0xd0 [ 749.727541] ? _raw_spin_unlock_irqrestore+0x6d/0xd0 [ 749.732640] ? ___ratelimit+0x3b9/0x672 [ 749.736598] ? idr_get_free+0xf70/0xf70 [ 749.740556] ? _raw_spin_unlock_irq+0x27/0x80 [ 749.745037] ? _raw_spin_unlock_irq+0x27/0x80 [ 749.749521] oom_kill_process.cold.27+0x10/0x903 [ 749.754266] ? _raw_spin_unlock_irq+0x27/0x80 [ 749.758789] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 749.763366] ? oom_evaluate_task+0x540/0x540 [ 749.767886] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 749.773419] ? cgroup_procs_next+0x70/0x70 [ 749.777655] ? _raw_spin_unlock_irq+0x60/0x80 [ 749.782222] ? oom_badness+0xaa0/0xaa0 [ 749.786095] ? mem_cgroup_scan_tasks+0x1c3/0x1e0 [ 749.790847] ? mark_held_locks+0xc7/0x130 [ 749.794980] ? mem_cgroup_iter_break+0x30/0x30 [ 749.799659] ? mark_held_locks+0xc7/0x130 [ 749.803814] out_of_memory+0xa7f/0x1430 [ 749.807780] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 749.812630] ? oom_killer_disable+0x3a0/0x3a0 [ 749.817112] ? retint_kernel+0x2d/0x2d [ 749.820997] mem_cgroup_out_of_memory+0x15e/0x210 [ 749.825825] ? memory_oom_group_write+0x160/0x160 [ 749.830659] ? mem_cgroup_try_charge+0x627/0xe20 [ 749.835660] ? page_counter_try_charge+0x1c1/0x220 [ 749.840591] try_charge+0xdcd/0x1720 [ 749.844294] ? kasan_check_read+0x11/0x20 [ 749.848430] ? mem_cgroup_from_task+0x1f0/0x1f0 [ 749.853088] ? get_mem_cgroup_from_mm.part.62+0x221/0x880 [ 749.858699] ? lock_page_memcg+0x350/0x350 [ 749.863244] ? lock_acquire+0x1ed/0x520 [ 749.867214] ? mem_cgroup_oom_control_write+0x100/0x100 [ 749.872562] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 749.878105] ? check_preemption_disabled+0x48/0x280 [ 749.883109] ? kasan_check_read+0x11/0x20 [ 749.887249] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 749.892507] ? rcu_softirq_qs+0x20/0x20 [ 749.896473] mem_cgroup_try_charge+0x627/0xe20 [ 749.901041] ? mem_cgroup_protected+0xa60/0xa60 [ 749.905694] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 749.911217] ? page_mapping+0x5a2/0xa50 [ 749.915189] ? page_evictable+0x2de/0x540 [ 749.919322] ? check_preemption_disabled+0x48/0x280 [ 749.924327] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 749.929861] mem_cgroup_try_charge_delay+0x1d/0xa0 [ 749.934783] wp_page_copy+0x51d/0x24f0 [ 749.938661] ? follow_pfn+0x2e0/0x2e0 [ 749.942451] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 749.947971] ? reuse_swap_page+0x4bd/0x1520 [ 749.952280] ? swp_swapcount+0x530/0x530 [ 749.956334] ? perf_trace_mm_lru_insertion+0x1490/0x1490 [ 749.961789] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 749.966568] ? print_usage_bug+0xc0/0xc0 [ 749.970633] ? retint_kernel+0x2d/0x2d [ 749.974549] ? trace_hardirqs_on_caller+0xc0/0x310 [ 749.979469] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 749.984905] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 749.989651] ? graph_lock+0x270/0x270 [ 749.993437] ? __lock_acquire+0x62f/0x4c20 [ 749.997673] ? retint_kernel+0x2d/0x2d [ 750.001553] ? find_held_lock+0x36/0x1c0 [ 750.005606] ? do_wp_page+0x518/0x2920 [ 750.009500] ? lock_downgrade+0x900/0x900 [ 750.013637] ? wake_up_page_bit+0x6f0/0x6f0 [ 750.017950] ? kasan_check_read+0x11/0x20 [ 750.022103] ? do_raw_spin_unlock+0xa7/0x330 [ 750.026504] ? do_raw_spin_trylock+0x270/0x270 [ 750.031081] ? __pte_alloc_kernel+0x220/0x220 [ 750.035565] ? perf_trace_lock_acquire+0x15b/0x800 [ 750.040483] do_wp_page+0x520/0x2920 [ 750.044185] ? check_preemption_disabled+0x48/0x280 [ 750.049190] ? finish_mkwrite_fault+0x650/0x650 [ 750.053859] ? print_usage_bug+0xc0/0xc0 [ 750.057930] ? perf_trace_lock+0x7a0/0x7a0 [ 750.062151] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 750.067675] ? __lock_acquire+0x62f/0x4c20 [ 750.071913] ? mark_held_locks+0xc7/0x130 [ 750.076078] ? mark_held_locks+0x130/0x130 [ 750.080299] ? follow_page_pte+0xdd7/0x1ab0 [ 750.084607] ? lock_downgrade+0x900/0x900 [ 750.088746] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 750.094273] ? check_preemption_disabled+0x48/0x280 [ 750.099297] ? debug_smp_processor_id+0x1c/0x20 [ 750.103965] ? perf_trace_lock_acquire+0x15b/0x800 [ 750.108894] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 750.114446] ? follow_page_pte+0x4f9/0x1ab0 [ 750.118755] ? print_usage_bug+0xc0/0xc0 [ 750.122837] ? undo_dev_pagemap+0x680/0x680 [ 750.127166] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 750.131738] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 750.136503] ? __lock_acquire+0x62f/0x4c20 [ 750.140730] ? lock_acquire+0x1ed/0x520 [ 750.144691] ? __handle_mm_fault+0x1fa9/0x5be0 [ 750.149264] ? kasan_check_write+0x14/0x20 [ 750.153482] ? do_raw_spin_lock+0x14f/0x350 [ 750.157788] ? rwlock_bug.part.2+0x90/0x90 [ 750.162023] __handle_mm_fault+0x3be9/0x5be0 [ 750.166421] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 750.171252] ? mark_held_locks+0xc7/0x130 [ 750.175402] ? perf_trace_lock+0x7a0/0x7a0 [ 750.179622] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 750.185143] ? pmd_huge+0xf4/0x140 [ 750.188677] ? graph_lock+0x270/0x270 [ 750.192476] ? graph_lock+0x270/0x270 [ 750.196268] ? find_held_lock+0x36/0x1c0 [ 750.200321] ? handle_mm_fault+0x42a/0xc70 [ 750.204558] ? lock_downgrade+0x900/0x900 [ 750.208695] ? check_preemption_disabled+0x48/0x280 [ 750.213701] ? kasan_check_read+0x11/0x20 [ 750.217835] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 750.223101] ? rcu_read_unlock_special+0x370/0x370 [ 750.228015] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 750.233552] ? check_preemption_disabled+0x48/0x280 [ 750.238570] handle_mm_fault+0x54f/0xc70 [ 750.242619] ? __handle_mm_fault+0x5be0/0x5be0 [ 750.247192] __get_user_pages+0xa3d/0x1ed0 [ 750.251442] ? follow_page_mask+0x2160/0x2160 [ 750.255924] ? mark_held_locks+0xc7/0x130 [ 750.260078] ? mark_held_locks+0xc7/0x130 [ 750.264217] ? mark_held_locks+0xc7/0x130 [ 750.268370] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 750.273227] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 750.277793] ? retint_kernel+0x2d/0x2d [ 750.281674] ? trace_hardirqs_on_caller+0xc0/0x310 [ 750.286586] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 750.291325] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 750.296065] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 750.301503] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 750.306264] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 750.311014] populate_vma_page_range+0x2db/0x3d0 [ 750.315757] ? follow_page+0x420/0x420 [ 750.319630] ? __mm_populate+0x1b8/0x4d0 [ 750.323697] __mm_populate+0x286/0x4d0 [ 750.327577] ? populate_vma_page_range+0x3d0/0x3d0 [ 750.332507] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 750.338030] ? ns_capable_common+0x13f/0x170 [ 750.342441] __x64_sys_mlockall+0x45b/0x630 [ 750.346761] ? __ia32_sys_munlock+0x160/0x160 [ 750.351260] ? retint_kernel+0x2d/0x2d [ 750.355173] ? __ia32_sys_munlock+0x160/0x160 [ 750.359659] do_syscall_64+0x1b9/0x820 [ 750.363542] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 750.368892] ? syscall_return_slowpath+0x5e0/0x5e0 [ 750.373811] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 750.378654] ? trace_hardirqs_on_caller+0x310/0x310 [ 750.383660] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 750.388664] ? prepare_exit_to_usermode+0x291/0x3b0 [ 750.393667] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 750.398502] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 750.403676] RIP: 0033:0x457569 [ 750.406867] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 750.425752] RSP: 002b:00007f835d885c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097 [ 750.433443] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 0000000000457569 [ 750.440697] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 750.447951] RBP: 000000000072bfa0 R08: 0000000000000000 R09: 0000000000000000 [ 750.455205] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f835d8866d4 [ 750.462462] R13: 00000000004c2b54 R14: 00000000004d4810 R15: 00000000ffffffff [ 750.472365] Task in /syz0 killed as a result of limit of /syz0 [ 750.478453] memory: usage 307200kB, limit 307200kB, failcnt 2143 [ 750.486406] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 750.493652] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 750.499908] Memory cgroup stats for /syz0: cache:144KB rss:297420KB rss_huge:268288KB shmem:28KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:61576KB active_anon:17080KB inactive_file:0KB active_file:0KB unevictable:218964KB [ 750.521913] Memory cgroup out of memory: Kill process 20926 (syz-executor0) score 1216 or sacrifice child [ 750.532162] Killed process 20952 (syz-executor0) total-vm:70468kB, anon-rss:18068kB, file-rss:32768kB, shmem-rss:0kB [ 750.545608] oom_reaper: reaped process 20952 (syz-executor0), now anon-rss:0kB, file-rss:32768kB, shmem-rss:0kB 00:54:46 executing program 0: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000000)=0x102, 0x4) bind$inet(r0, &(0x7f0000942000)={0x2, 0x4e20, @multicast1}, 0x10) getsockopt$IP_VS_SO_GET_SERVICE(r0, 0x0, 0x483, &(0x7f0000000300), &(0x7f00000000c0)=0xfe18) r1 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000400)='/dev/vga_arbiter\x00', 0x3fc, 0x0) getsockopt$IP6T_SO_GET_REVISION_MATCH(r1, 0x29, 0x44, &(0x7f0000000180)={'NETMAP\x00'}, &(0x7f00000001c0)=0x1e) mlockall(0x1) clone(0x0, 0x0, 0xfffffffffffffffe, &(0x7f0000000080), 0xffffffffffffffff) r2 = open(&(0x7f0000000140)='./file0\x00', 0x0, 0x99) exit(0x7fffffffbffefffd) r3 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mlockall(0x3) ioctl$VHOST_SET_VRING_CALL(r1, 0x4008af21, &(0x7f0000000500)={0x3, r2}) r4 = getpgid(0xffffffffffffffff) setpriority(0x1, r4, 0x5) r5 = getpgrp(0x0) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000280)={0xffffffffffffffff, r1, 0x0, 0xf, &(0x7f0000000240)='wlan0\\}md5sum#\x00'}, 0x30) setpgid(r5, r6) vmsplice(r3, &(0x7f00000008c0)=[{&(0x7f0000000800)="50e005e6815dc6b00b10002c519c66795de0d52fc076f1eb6a9c58cde88a6eef0093b24a178e84740aa6d1618e2033d38d4aea0fb17cda768820a83864ac14405192e4549c3ad33fca5d187507c5a984d6a0c72683e7af2d4a070000000000000005b6d0dce139e4c627395426a1f6fc0b416f7163eb07000000d9e0203181735ccac1e530c361262a0a5e0a98e9ca3d17f2f2f0c116fa9fbdbe757d93e323d17f29", 0xa2}], 0x1, 0xf) ioctl$EVIOCGEFFECTS(r1, 0x80044584, &(0x7f0000000580)=""/190) mq_notify(r1, &(0x7f0000000540)={0x0, 0x1c, 0x7, @thr={&(0x7f0000000440)="4c272be7ad31b92a7819bd4438656080ec27849a76ffa174b3fe114201140a34e5e6cb4d6a3ab9bcdc80a2717dd8542f33caa13b8c9cb9f5d11d4c66dc81779917000c05979ce491010f7259d0ecdb80fb30d6cba6e2b753ac23635fbb3d879cc2982fb4bbe1afcea02f12d11d43e1337c25411ae04bd8efc06636c455e15689c75b95c24f0dbdd30bdf91f2313a3e39b263ff5196302f1880765440d8b1", 0x0}}) accept4$inet(0xffffffffffffffff, &(0x7f00000000c0), &(0x7f0000000100)=0x10, 0x0) setsockopt$sock_int(r0, 0x1, 0x3c, &(0x7f0000d4effc)=0x1, 0x4) remap_file_pages(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x4, 0xa1, 0x40001) connect$inet(r0, &(0x7f00000002c0)={0x2, 0x4e20, @local}, 0x10) ioctl$FS_IOC_FSSETXATTR(r2, 0x401c5820, &(0x7f0000000200)={0x6d, 0x7fff, 0x400, 0x40, 0x4}) sendmmsg(r0, &(0x7f00000010c0)=[{{&(0x7f0000000bc0)=@in6={0xa, 0x0, 0x7fffec85, @mcast1}, 0x80, &(0x7f0000000d40), 0x2fb, &(0x7f0000000d80)}}], 0x4000000000001b4, 0x40400d4) 00:54:46 executing program 1: r0 = add_key$user(0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe) keyctl$update(0x2, r0, &(0x7f0000000440), 0x0) r1 = syz_open_dev$swradio(&(0x7f00000000c0)='/dev/swradio#\x00', 0xffffffffffffffff, 0x2) mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xfffffffffffffffd, 0x11, r1, 0x1e000000) 00:54:46 executing program 4: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000280)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000480)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) read$FUSE(r0, &(0x7f0000003000), 0x4ea) write$FUSE_INIT(r0, &(0x7f0000000600)={0x50, 0x0, 0x2, {0x7, 0x10, 0x0, 0x0, 0x7ff}}, 0x50) 00:54:46 executing program 5: add_key$user(&(0x7f0000000040)='user\x00', 0x0, &(0x7f0000000380), 0x0, 0xfffffffffffffffe) keyctl$update(0x2, 0x0, 0x0, 0x0) r0 = syz_open_dev$swradio(&(0x7f00000000c0)='/dev/swradio#\x00', 0xffffffffffffffff, 0x2) mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xfffffffffffffffd, 0x11, r0, 0xffffffff00000000) ioctl$ASHMEM_GET_SIZE(0xffffffffffffffff, 0x7704, 0x0) 00:54:46 executing program 2: add_key$user(&(0x7f0000000040)='user\x00', &(0x7f0000000000)={'syz'}, &(0x7f0000000380)='X', 0x1, 0xfffffffffffffffe) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_open_dev$swradio(&(0x7f00000000c0)='/dev/swradio#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000340)={0x0, 0x9, 0x1, {0xb, @pix={0x0, 0x1f}}}) mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xfffffffffffffffd, 0x11, r0, 0x0) clone(0x0, &(0x7f0000000080), &(0x7f0000000000), &(0x7f0000915ffc), &(0x7f0000000180)) ioctl$ASHMEM_GET_SIZE(0xffffffffffffffff, 0x7704, 0x0) add_key$user(&(0x7f0000000240)='user\x00', &(0x7f0000000540)={'syz'}, &(0x7f0000000600)="63bbdf5b932bb04481028798fd5fb1bf7183b30984e21c3eb3094d70650ee8624e2bdce1427bd61c8e222dbd67d402b7ccaf0c5dc50030ee14d419fa9c84b0ffd1019f1b2ae022a0f182301f9942566e6f61eabe384c732d0813a18bb3dc9f3a678d9d44e6293e786ab2e6d28f236c138d63fe4f6ece6f3d04", 0x79, 0xfffffffffffffffd) openat$autofs(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/autofs\x00', 0x401, 0x0) 00:54:46 executing program 3: r0 = syz_open_dev$mice(0x0, 0x0, 0x0) r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)="2f6a7374617400c65381b47aaedf2af5c8af3423fc41891bd2a3c56d8c88e29bad43f1da906e855ff182de04227edcbbc2b1df8f180e158e8abd442cc049cffda030ff277875ee010000000000000000000000000000000000000000000000f532144d1671a6cdf5069e5bddcf25cd7f23956b4a82df900f5eb5763b4fe8cc7172962d2590b2dca2a1308c382541b053194d9027d83ee7ba2e3280857f8f9f63fc90bae959c6e67078bf97e615bfd9409914958aadcfb37973543c60d83526e5c267f7dfa54bd524cc9671dedd665199322bdadee125a35b40b7be0c07301f439a7edfa26fa98277c8078b02e2076291c33787c58b0eabbc39288fc10509409de108f5ca26a8c8e1afb70b2a9569cf8f4cdb6d4e97eb7fdf241dee160e6071618333cc0b0e8bc6a17a0b7d604550fd149ad078ffe54c6392fba29015a3ae73774cd12c9c0ed251a7cf843d712d", 0x2761, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)=ANY=[], &(0x7f00000001c0)='GPL\x00'}, 0x48) openat$snapshot(0xffffffffffffff9c, &(0x7f0000000080)='/dev/snapshot\x00', 0x200000, 0x0) r2 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x2761, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x4030582a, &(0x7f0000000000)) getsockopt$inet_sctp6_SCTP_AUTOCLOSE(r2, 0x84, 0x4, &(0x7f0000000240), &(0x7f0000000200)=0x4) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000840), 0x0, &(0x7f0000000700)}, 0x0) r3 = perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fsetxattr$trusted_overlay_nlink(r3, &(0x7f00000000c0)='trusted.overlay.nlink\x00', &(0x7f0000000100)={'U+', 0x101}, 0x28, 0x2) epoll_ctl$EPOLL_CTL_DEL(r1, 0x2, r0) ioctl$PERF_EVENT_IOC_PERIOD(r1, 0x4030582a, &(0x7f0000000000)) 00:54:46 executing program 5: add_key$user(&(0x7f0000000040)='user\x00', 0x0, &(0x7f0000000380), 0x0, 0xfffffffffffffffe) keyctl$update(0x2, 0x0, 0x0, 0x0) r0 = syz_open_dev$swradio(&(0x7f00000000c0)='/dev/swradio#\x00', 0xffffffffffffffff, 0x2) mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xfffffffffffffffd, 0x11, r0, 0x400000000000) ioctl$ASHMEM_GET_SIZE(0xffffffffffffffff, 0x7704, 0x0) 00:54:46 executing program 4: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000280)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000480)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) read$FUSE(r0, &(0x7f0000003000), 0x4ea) write$FUSE_INIT(r0, &(0x7f0000000600)={0x50, 0x0, 0x2, {0x7, 0x4, 0x0, 0x0, 0x7ff}}, 0x50) 00:54:46 executing program 1: r0 = add_key$user(0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe) keyctl$update(0x2, r0, &(0x7f0000000440), 0x0) r1 = syz_open_dev$swradio(&(0x7f00000000c0)='/dev/swradio#\x00', 0xffffffffffffffff, 0x2) mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xfffffffffffffffd, 0x11, r1, 0x800000) [ 752.170673] syz-executor0 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=1000 00:54:47 executing program 5: add_key$user(&(0x7f0000000040)='user\x00', 0x0, &(0x7f0000000380), 0x0, 0xfffffffffffffffe) keyctl$update(0x2, 0x0, 0x0, 0x0) r0 = syz_open_dev$swradio(&(0x7f00000000c0)='/dev/swradio#\x00', 0xffffffffffffffff, 0x2) mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xfffffffffffffffd, 0x11, r0, 0x80000000000000) ioctl$ASHMEM_GET_SIZE(0xffffffffffffffff, 0x7704, 0x0) 00:54:47 executing program 1: r0 = add_key$user(0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe) keyctl$update(0x2, r0, &(0x7f0000000440), 0x0) ioctl$VIDIOC_EXPBUF(0xffffffffffffff9c, 0xc0405610, &(0x7f00000003c0)={0x7, 0x8, 0xfffffffffffffff7, 0x4000, 0xffffffffffffffff}) preadv(r1, &(0x7f0000000980)=[{&(0x7f0000000400)=""/168, 0xa8}, {&(0x7f00000004c0)=""/208, 0xd0}, {&(0x7f00000005c0)=""/158, 0x9e}, {&(0x7f0000000680)=""/166, 0xa6}, {&(0x7f0000000740)=""/143, 0x8f}, {&(0x7f0000000800)=""/110, 0x6e}, {&(0x7f0000000880)=""/252, 0xfc}], 0x7, 0x0) r2 = add_key$keyring(&(0x7f0000000240)='keyring\x00', &(0x7f0000000280)={'syz', 0x1}, 0x0, 0x0, 0x0) r3 = mq_open(&(0x7f0000000040)='\x00', 0x1, 0x8, &(0x7f0000000300)={0x0, 0x3, 0xfff, 0xff, 0xffffffff, 0xd5bd, 0x9, 0x3}) fsetxattr$trusted_overlay_nlink(r3, &(0x7f0000000340)='trusted.overlay.nlink\x00', &(0x7f0000000380)={'U+', 0x401}, 0x28, 0x2) r4 = add_key$keyring(&(0x7f0000000080)='keyring\x00', &(0x7f0000000200)={'syz', 0x3}, 0x0, 0x0, r2) r5 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000a00)='/dev/ppp\x00', 0x446882, 0x0) ioctl$VIDIOC_DQEVENT(r5, 0x80885659, &(0x7f0000000a40)={0x0, @data}) write$cgroup_subtree(r5, &(0x7f0000000b00)={[{0x2d, 'pids'}, {0x2d, 'rdma'}, {0x50b5e66bd5d1f7e1, 'pids'}, {0x2b, 'memory'}, {0x2b, 'memory'}, {0x2b, 'pids'}, {0x2d, 'io'}]}, 0x2c) add_key$user(&(0x7f0000000000)='user\x00', &(0x7f00000002c0)={'syz', 0x3}, &(0x7f0000000100)="ef2baf926322ec92daaa660806efd81c870493bb315239d4e8bb58be4a4eac6363981c9717ad20a7eca80e88bb4b5dd71fd7303f9b031792207d5ddc7be74e543b183ee4dae80e887f8e666ce1881e51843038c8f5b248f02bf805b83129ac8f8efe892f1b4edb11a1994676425f0b24aa7e26b29c67c7060580ab4992cb0abe8fa40b8ec4cbed913f2364f6be74d2789cac2a8def597b419539e51c1809cc6061485664944002996517a8dee301b29fb4b6a929f125f62eda2c8481d2c17187a996751a385e", 0xc6, r4) r6 = syz_open_dev$swradio(&(0x7f00000000c0)='/dev/swradio#\x00', 0xffffffffffffffff, 0x2) mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xfffffffffffffffd, 0x11, r6, 0x0) ioctl$VIDIOC_G_PARM(r6, 0xc0cc5615, &(0x7f0000000b40)={0x0, @capture={0x1000, 0x1, {0x8, 0x7}, 0x8}}) [ 752.216378] syz-executor0 cpuset=syz0 mems_allowed=0 [ 752.249280] CPU: 1 PID: 21004 Comm: syz-executor0 Not tainted 4.20.0-rc1-next-20181109+ #110 [ 752.257926] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 752.257932] Call Trace: [ 752.257953] dump_stack+0x244/0x39d [ 752.257973] ? dump_stack_print_info.cold.1+0x20/0x20 [ 752.258013] dump_header+0x27b/0xf72 [ 752.258037] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 752.258054] ? pagefault_out_of_memory+0x197/0x197 [ 752.258087] ? debug_smp_processor_id+0x1c/0x20 [ 752.258108] ? perf_trace_lock_acquire+0x15b/0x800 [ 752.302607] ? perf_trace_lock+0x7a0/0x7a0 [ 752.306883] ? graph_lock+0x270/0x270 [ 752.310716] ? print_usage_bug+0xc0/0xc0 [ 752.314788] ? perf_trace_lock+0x7a0/0x7a0 [ 752.319043] ? find_held_lock+0x36/0x1c0 [ 752.323125] ? mark_held_locks+0xc7/0x130 [ 752.327300] ? _raw_spin_unlock_irqrestore+0x82/0xd0 [ 752.332434] ? _raw_spin_unlock_irqrestore+0x82/0xd0 [ 752.337548] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 752.342146] ? trace_hardirqs_on+0xbd/0x310 [ 752.346478] ? kasan_check_read+0x11/0x20 [ 752.346494] ? ___ratelimit+0x3b4/0x672 [ 752.346514] ? trace_hardirqs_off_caller+0x300/0x300 [ 752.346536] ? trace_hardirqs_on+0x310/0x310 [ 752.364137] ? lock_downgrade+0x900/0x900 [ 752.368304] ? _raw_spin_unlock_irqrestore+0x6d/0xd0 [ 752.373405] ? ___ratelimit+0x3b9/0x672 [ 752.373423] ? idr_get_free+0xf70/0xf70 [ 752.373439] ? _raw_spin_unlock_irq+0x27/0x80 [ 752.373457] ? _raw_spin_unlock_irq+0x27/0x80 [ 752.373486] oom_kill_process.cold.27+0x10/0x903 [ 752.373505] ? _raw_spin_unlock_irq+0x27/0x80 [ 752.373526] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 752.395177] ? oom_evaluate_task+0x540/0x540 [ 752.395197] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 752.395217] ? cgroup_procs_next+0x70/0x70 [ 752.404271] ? _raw_spin_unlock_irq+0x60/0x80 [ 752.404288] ? oom_badness+0xaa0/0xaa0 [ 752.404307] ? mem_cgroup_scan_tasks+0x1c3/0x1e0 [ 752.426843] ? mem_cgroup_iter_break+0x30/0x30 [ 752.436287] ? mark_held_locks+0xc7/0x130 [ 752.440455] out_of_memory+0xa7f/0x1430 [ 752.444436] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 752.444460] ? kasan_check_read+0x11/0x20 [ 752.444481] ? oom_killer_disable+0x3a0/0x3a0 [ 752.453216] mem_cgroup_out_of_memory+0x15e/0x210 [ 752.453237] ? memory_oom_group_write+0x160/0x160 [ 752.453253] ? mem_cgroup_try_charge+0x627/0xe20 [ 752.453277] ? page_counter_try_charge+0x1c1/0x220 [ 752.453294] try_charge+0xdcd/0x1720 [ 752.453311] ? kasan_check_read+0x11/0x20 [ 752.453334] ? mem_cgroup_from_task+0x1f0/0x1f0 [ 752.453357] ? get_mem_cgroup_from_mm.part.62+0x221/0x880 [ 752.453376] ? lock_page_memcg+0x350/0x350 [ 752.467523] ? lock_acquire+0x1ed/0x520 [ 752.467543] ? mem_cgroup_oom_control_write+0x100/0x100 [ 752.467559] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 752.467578] ? check_preemption_disabled+0x48/0x280 [ 752.503459] ? kasan_check_read+0x11/0x20 [ 752.503476] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 752.503491] ? rcu_softirq_qs+0x20/0x20 [ 752.503527] mem_cgroup_try_charge+0x627/0xe20 [ 752.503543] ? undo_dev_pagemap+0x680/0x680 [ 752.503562] ? mem_cgroup_protected+0xa60/0xa60 [ 752.537406] ? __lock_acquire+0x62f/0x4c20 [ 752.537436] ? __handle_mm_fault+0x2da9/0x5be0 [ 752.550656] ? mark_held_locks+0x130/0x130 [ 752.550674] ? do_raw_spin_unlock+0xa7/0x330 [ 752.550696] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 752.569422] mem_cgroup_try_charge_delay+0x1d/0xa0 [ 752.574378] __handle_mm_fault+0x284e/0x5be0 [ 752.578809] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 752.583685] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 752.588286] ? perf_trace_lock+0x7a0/0x7a0 [ 752.592542] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 00:54:47 executing program 5: add_key$user(&(0x7f0000000040)='user\x00', 0x0, &(0x7f0000000380), 0x0, 0xfffffffffffffffe) keyctl$update(0x2, 0x0, 0x0, 0x0) r0 = syz_open_dev$swradio(&(0x7f00000000c0)='/dev/swradio#\x00', 0xffffffffffffffff, 0x2) mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xfffffffffffffffd, 0x11, r0, 0xfdffffffffff0f00) ioctl$ASHMEM_GET_SIZE(0xffffffffffffffff, 0x7704, 0x0) [ 752.598092] ? pmd_huge+0xf4/0x140 [ 752.601666] ? graph_lock+0x270/0x270 [ 752.605483] ? graph_lock+0x270/0x270 [ 752.609291] ? find_held_lock+0x36/0x1c0 [ 752.613377] ? handle_mm_fault+0x42a/0xc70 [ 752.617637] ? lock_downgrade+0x900/0x900 [ 752.621799] ? check_preemption_disabled+0x48/0x280 [ 752.626854] ? kasan_check_read+0x11/0x20 [ 752.631015] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 752.636300] ? rcu_read_unlock_special+0x370/0x370 [ 752.641240] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 752.646801] ? check_preemption_disabled+0x48/0x280 [ 752.651839] handle_mm_fault+0x54f/0xc70 [ 752.655922] ? __handle_mm_fault+0x5be0/0x5be0 [ 752.660537] ? find_vma+0x34/0x190 [ 752.664093] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 752.669123] __get_user_pages+0xa3d/0x1ed0 [ 752.673390] ? follow_page_mask+0x2160/0x2160 [ 752.677899] ? debug_smp_processor_id+0x1c/0x20 [ 752.677920] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 752.677949] ? graph_lock+0x270/0x270 [ 752.688131] ? rcu_is_watching+0x30/0x30 [ 752.688151] ? graph_lock+0x270/0x270 [ 752.688170] ? kzfree+0x28/0x30 [ 752.688194] ? lock_acquire+0x1ed/0x520 [ 752.707452] ? __mm_populate+0x31a/0x4d0 [ 752.711542] ? lock_release+0xa10/0xa10 [ 752.715523] ? perf_trace_sched_process_exec+0x860/0x860 [ 752.721001] populate_vma_page_range+0x2db/0x3d0 [ 752.725749] ? follow_page+0x420/0x420 [ 752.729660] ? find_vma+0x34/0x190 [ 752.733199] __mm_populate+0x286/0x4d0 [ 752.737079] ? populate_vma_page_range+0x3d0/0x3d0 [ 752.741999] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 752.747524] ? ns_capable_common+0x13f/0x170 [ 752.751939] __x64_sys_mlockall+0x45b/0x630 [ 752.756311] ? __ia32_sys_munlock+0x160/0x160 [ 752.760801] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 752.766343] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 752.771699] ? trace_hardirqs_off_caller+0x300/0x300 [ 752.776798] do_syscall_64+0x1b9/0x820 [ 752.780674] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 752.786045] ? syscall_return_slowpath+0x5e0/0x5e0 [ 752.790969] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 752.795805] ? trace_hardirqs_on_caller+0x310/0x310 [ 752.800815] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 752.805827] ? prepare_exit_to_usermode+0x291/0x3b0 [ 752.810848] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 752.815688] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 752.820866] RIP: 0033:0x457569 [ 752.824044] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 752.842944] RSP: 002b:00007f835d8a6c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097 [ 752.850636] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 0000000000457569 [ 752.857894] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001 [ 752.865236] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 752.872504] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f835d8a76d4 [ 752.879760] R13: 00000000004c2b54 R14: 00000000004d4810 R15: 00000000ffffffff [ 752.888324] Task in /syz0 killed as a result of limit of /syz0 [ 752.896473] memory: usage 307200kB, limit 307200kB, failcnt 2158 [ 752.903276] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 752.910087] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 752.916734] Memory cgroup stats for /syz0: cache:144KB rss:297524KB rss_huge:266240KB shmem:28KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:70736KB active_anon:21180KB inactive_file:0KB active_file:0KB unevictable:205724KB [ 752.942265] Memory cgroup out of memory: Kill process 20990 (syz-executor0) score 1157 or sacrifice child [ 752.952164] Killed process 20990 (syz-executor0) total-vm:70864kB, anon-rss:18580kB, file-rss:32768kB, shmem-rss:0kB [ 752.972118] oom_reaper: reaped process 20990 (syz-executor0), now anon-rss:0kB, file-rss:32768kB, shmem-rss:0kB [ 753.385643] syz-executor0 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=1000 [ 753.397100] syz-executor0 cpuset=syz0 mems_allowed=0 [ 753.402734] CPU: 0 PID: 21044 Comm: syz-executor0 Not tainted 4.20.0-rc1-next-20181109+ #110 [ 753.411395] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 753.420742] Call Trace: [ 753.423318] dump_stack+0x244/0x39d [ 753.426939] ? dump_stack_print_info.cold.1+0x20/0x20 [ 753.432121] ? mark_held_locks+0x130/0x130 [ 753.436343] ? mark_held_locks+0x130/0x130 [ 753.440573] dump_header+0x27b/0xf72 [ 753.444281] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 753.449803] ? pagefault_out_of_memory+0x197/0x197 [ 753.454717] ? print_usage_bug+0xc0/0xc0 [ 753.458764] ? debug_smp_processor_id+0x1c/0x20 [ 753.463417] ? perf_trace_lock_acquire+0x15b/0x800 [ 753.468337] ? perf_trace_lock+0x7a0/0x7a0 [ 753.472577] ? mark_held_locks+0xc7/0x130 [ 753.476713] ? print_usage_bug+0xc0/0xc0 [ 753.480760] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 753.485500] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 753.490068] ? retint_kernel+0x2d/0x2d [ 753.493939] ? trace_hardirqs_on_caller+0xc0/0x310 [ 753.498855] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 753.503603] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 753.509050] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 753.513794] ? retint_kernel+0x2d/0x2d [ 753.517677] ? _raw_spin_unlock_irqrestore+0xaf/0xd0 [ 753.522782] ? _raw_spin_unlock_irqrestore+0x6d/0xd0 [ 753.527870] ? ___ratelimit+0x3b9/0x672 [ 753.531831] ? idr_get_free+0xf70/0xf70 [ 753.535796] oom_kill_process.cold.27+0x10/0x903 [ 753.540564] ? _raw_spin_unlock_irq+0x56/0x80 [ 753.545054] ? oom_evaluate_task+0x540/0x540 [ 753.549477] ? cgroup_procs_next+0x70/0x70 [ 753.553698] ? _raw_spin_unlock_irq+0x56/0x80 [ 753.558183] ? _raw_spin_unlock_irq+0x60/0x80 [ 753.562667] ? oom_badness+0xaa0/0xaa0 [ 753.566546] ? mem_cgroup_scan_tasks+0x1c3/0x1e0 [ 753.571287] ? mem_cgroup_iter_break+0x30/0x30 [ 753.575862] ? mark_held_locks+0xc7/0x130 [ 753.579999] out_of_memory+0xa7f/0x1430 [ 753.583955] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 753.588625] ? kasan_check_read+0x11/0x20 [ 753.592758] ? oom_killer_disable+0x3a0/0x3a0 [ 753.597253] mem_cgroup_out_of_memory+0x15e/0x210 [ 753.602088] ? memory_oom_group_write+0x160/0x160 [ 753.606922] ? page_counter_try_charge+0x1c1/0x220 [ 753.611835] try_charge+0xdcd/0x1720 [ 753.615533] ? kasan_check_read+0x11/0x20 [ 753.619674] ? mem_cgroup_from_task+0x1f0/0x1f0 [ 753.624339] ? get_mem_cgroup_from_mm.part.62+0x221/0x880 [ 753.629867] ? lock_page_memcg+0x350/0x350 [ 753.634096] ? lock_acquire+0x1ed/0x520 [ 753.638062] ? mem_cgroup_oom_control_write+0x100/0x100 [ 753.643409] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 753.648931] ? check_preemption_disabled+0x48/0x280 [ 753.653934] ? kasan_check_read+0x11/0x20 [ 753.658068] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 753.663327] ? rcu_softirq_qs+0x20/0x20 [ 753.667306] mem_cgroup_try_charge+0x627/0xe20 [ 753.671872] ? mark_held_locks+0xc7/0x130 [ 753.676005] ? mem_cgroup_protected+0xa60/0xa60 [ 753.680659] ? retint_kernel+0x2d/0x2d [ 753.684552] ? trace_hardirqs_on_caller+0xc0/0x310 [ 753.689495] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 753.694240] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 753.699683] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 753.704427] ? retint_kernel+0x2d/0x2d [ 753.708307] mem_cgroup_try_charge_delay+0x1d/0xa0 [ 753.713233] wp_page_copy+0x51d/0x24f0 [ 753.717107] ? retint_kernel+0x2d/0x2d [ 753.720990] ? follow_pfn+0x2e0/0x2e0 [ 753.724781] ? reuse_swap_page+0x4db/0x1520 [ 753.729090] ? reuse_swap_page+0x4bd/0x1520 [ 753.733408] ? swp_swapcount+0x530/0x530 [ 753.737468] ? perf_trace_mm_lru_insertion+0x1490/0x1490 [ 753.742916] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 753.747660] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 753.753097] ? print_usage_bug+0xc0/0xc0 [ 753.757153] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 753.761925] ? graph_lock+0x270/0x270 [ 753.765728] ? __lock_acquire+0x62f/0x4c20 [ 753.769947] ? mark_page_accessed+0xea8/0x2040 [ 753.774521] ? __sanitizer_cov_trace_const_cmp8+0x13/0x20 [ 753.780054] ? find_held_lock+0x36/0x1c0 [ 753.784102] ? do_wp_page+0x518/0x2920 [ 753.787971] ? lock_downgrade+0x900/0x900 [ 753.792104] ? wake_up_page_bit+0x6f0/0x6f0 [ 753.796414] ? kasan_check_read+0x11/0x20 [ 753.800555] ? do_raw_spin_unlock+0xa7/0x330 [ 753.804955] ? do_raw_spin_trylock+0x270/0x270 [ 753.809531] ? __pte_alloc_kernel+0x220/0x220 [ 753.814013] ? perf_trace_lock_acquire+0x15b/0x800 [ 753.818927] ? print_usage_bug+0xc0/0xc0 [ 753.822977] do_wp_page+0x520/0x2920 [ 753.826677] ? check_preemption_disabled+0x48/0x280 [ 753.831681] ? finish_mkwrite_fault+0x650/0x650 [ 753.836332] ? mark_held_locks+0xc7/0x130 [ 753.840467] ? perf_trace_lock+0x7a0/0x7a0 [ 753.844700] ? trace_hardirqs_on_caller+0xc0/0x310 [ 753.849622] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 753.855158] ? __lock_acquire+0x62f/0x4c20 [ 753.859434] ? print_usage_bug+0xc0/0xc0 [ 753.863496] ? mark_held_locks+0x130/0x130 [ 753.867729] ? follow_page_pte+0xdd7/0x1ab0 [ 753.872035] ? lock_downgrade+0x900/0x900 [ 753.876172] ? mark_held_locks+0xc7/0x130 [ 753.880677] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 753.885422] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 753.889987] ? retint_kernel+0x2d/0x2d [ 753.893870] ? trace_hardirqs_on_caller+0xc0/0x310 [ 753.898786] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 753.903536] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 753.909003] ? print_usage_bug+0xc0/0xc0 [ 753.913059] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 753.917892] ? retint_kernel+0x2d/0x2d [ 753.921776] ? lock_acquire+0x268/0x520 [ 753.925741] ? kasan_check_write+0x14/0x20 [ 753.929967] ? do_raw_spin_lock+0x14f/0x350 [ 753.934278] ? rwlock_bug.part.2+0x90/0x90 [ 753.938500] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 753.943080] ? retint_kernel+0x2d/0x2d [ 753.946956] ? trace_hardirqs_on_caller+0xc0/0x310 [ 753.951892] __handle_mm_fault+0x3be9/0x5be0 [ 753.956307] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 753.961140] ? perf_trace_lock+0x7a0/0x7a0 [ 753.965361] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 753.970884] ? pmd_huge+0xf4/0x140 [ 753.974444] ? graph_lock+0x270/0x270 [ 753.978242] ? graph_lock+0x270/0x270 [ 753.982033] ? find_held_lock+0x36/0x1c0 [ 753.986103] ? handle_mm_fault+0x42a/0xc70 [ 753.990330] ? lock_downgrade+0x900/0x900 [ 753.994461] ? check_preemption_disabled+0x48/0x280 [ 753.999464] ? kasan_check_read+0x11/0x20 [ 754.003595] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 754.008858] ? rcu_read_unlock_special+0x370/0x370 [ 754.013788] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 754.019312] ? check_preemption_disabled+0x48/0x280 [ 754.024320] handle_mm_fault+0x54f/0xc70 [ 754.028367] ? __handle_mm_fault+0x5be0/0x5be0 [ 754.032940] ? __get_user_pages+0xbe7/0x1ed0 [ 754.037338] __get_user_pages+0xa3d/0x1ed0 [ 754.041574] ? follow_page_mask+0x2160/0x2160 [ 754.046063] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 754.051596] ? mark_held_locks+0xc7/0x130 [ 754.055730] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 754.060469] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 754.065038] ? retint_kernel+0x2d/0x2d [ 754.068915] ? trace_hardirqs_on_caller+0xc0/0x310 [ 754.073827] ? __mm_populate+0x31a/0x4d0 [ 754.077872] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 754.082613] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 754.088051] ? lock_release+0xa10/0xa10 [ 754.092013] ? perf_trace_sched_process_exec+0x860/0x860 [ 754.097489] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 754.102255] populate_vma_page_range+0x2db/0x3d0 [ 754.106996] ? follow_page+0x420/0x420 [ 754.110872] ? __mm_populate+0x1b8/0x4d0 [ 754.114919] __mm_populate+0x286/0x4d0 [ 754.118793] ? populate_vma_page_range+0x3d0/0x3d0 [ 754.123704] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 754.129251] ? ns_capable_common+0x13f/0x170 [ 754.133650] __x64_sys_mlockall+0x45b/0x630 [ 754.137969] ? __ia32_sys_munlock+0x160/0x160 [ 754.142449] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 754.147970] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 754.153321] ? trace_hardirqs_off_caller+0x300/0x300 [ 754.158418] do_syscall_64+0x1b9/0x820 [ 754.162293] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 754.167640] ? syscall_return_slowpath+0x5e0/0x5e0 [ 754.172560] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 754.177415] ? trace_hardirqs_on_caller+0x310/0x310 [ 754.182422] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 754.187424] ? prepare_exit_to_usermode+0x291/0x3b0 [ 754.192427] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 754.197264] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 754.202437] RIP: 0033:0x457569 [ 754.205618] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 754.224509] RSP: 002b:00007f835d885c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097 [ 754.232209] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 0000000000457569 [ 754.239464] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 754.246723] RBP: 000000000072bfa0 R08: 0000000000000000 R09: 0000000000000000 [ 754.253978] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f835d8866d4 [ 754.261233] R13: 00000000004c2b54 R14: 00000000004d4810 R15: 00000000ffffffff [ 754.270763] Task in /syz0 killed as a result of limit of /syz0 [ 754.280590] memory: usage 307200kB, limit 307200kB, failcnt 2197 [ 754.286947] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 754.294182] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 754.300403] Memory cgroup stats for /syz0: cache:144KB rss:297512KB rss_huge:264192KB shmem:28KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:63624KB active_anon:17080KB inactive_file:0KB active_file:0KB unevictable:216888KB [ 754.322578] Memory cgroup out of memory: Kill process 21001 (syz-executor0) score 1216 or sacrifice child [ 754.333011] Killed process 21045 (syz-executor0) total-vm:70468kB, anon-rss:18068kB, file-rss:32896kB, shmem-rss:0kB [ 754.350774] oom_reaper: reaped process 21045 (syz-executor0), now anon-rss:0kB, file-rss:32768kB, shmem-rss:0kB [ 755.280886] syz-executor0 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=1000 [ 755.292392] syz-executor0 cpuset=syz0 mems_allowed=0 [ 755.297567] CPU: 0 PID: 21047 Comm: syz-executor0 Not tainted 4.20.0-rc1-next-20181109+ #110 [ 755.306127] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 755.315475] Call Trace: [ 755.318066] dump_stack+0x244/0x39d [ 755.321697] ? dump_stack_print_info.cold.1+0x20/0x20 [ 755.326877] ? mark_held_locks+0x130/0x130 [ 755.331108] ? mark_held_locks+0x130/0x130 [ 755.335343] dump_header+0x27b/0xf72 [ 755.339189] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 755.344711] ? pagefault_out_of_memory+0x197/0x197 [ 755.349630] ? debug_smp_processor_id+0x1c/0x20 [ 755.354284] ? perf_trace_lock_acquire+0x15b/0x800 [ 755.359223] ? perf_trace_lock+0x7a0/0x7a0 [ 755.363450] ? graph_lock+0x270/0x270 [ 755.367261] ? print_usage_bug+0xc0/0xc0 [ 755.371313] ? find_held_lock+0x36/0x1c0 [ 755.375368] ? mark_held_locks+0xc7/0x130 [ 755.379506] ? _raw_spin_unlock_irqrestore+0x82/0xd0 [ 755.384695] ? _raw_spin_unlock_irqrestore+0x82/0xd0 [ 755.389784] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 755.394350] ? trace_hardirqs_on+0xbd/0x310 [ 755.398651] ? kasan_check_read+0x11/0x20 [ 755.402782] ? ___ratelimit+0x3b4/0x672 [ 755.406741] ? trace_hardirqs_off_caller+0x300/0x300 [ 755.411833] ? trace_hardirqs_on+0x310/0x310 [ 755.416256] ? lock_downgrade+0x900/0x900 [ 755.420410] ? _raw_spin_unlock_irqrestore+0x6d/0xd0 [ 755.425497] ? ___ratelimit+0x3b9/0x672 [ 755.429461] ? idr_get_free+0xf70/0xf70 [ 755.433423] ? _raw_spin_unlock_irq+0x27/0x80 [ 755.437907] ? _raw_spin_unlock_irq+0x27/0x80 [ 755.442403] oom_kill_process.cold.27+0x10/0x903 [ 755.447146] ? _raw_spin_unlock_irq+0x27/0x80 [ 755.451628] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 755.456206] ? oom_evaluate_task+0x540/0x540 [ 755.460603] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 755.466127] ? cgroup_procs_next+0x70/0x70 [ 755.470348] ? _raw_spin_unlock_irq+0x60/0x80 [ 755.474835] ? oom_badness+0xaa0/0xaa0 [ 755.478712] ? mem_cgroup_scan_tasks+0x1c3/0x1e0 [ 755.483463] ? mem_cgroup_iter_break+0x30/0x30 [ 755.488037] ? mark_held_locks+0xc7/0x130 [ 755.492183] out_of_memory+0xa7f/0x1430 [ 755.496156] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 755.500731] ? kasan_check_read+0x11/0x20 [ 755.504863] ? oom_killer_disable+0x3a0/0x3a0 [ 755.509358] mem_cgroup_out_of_memory+0x15e/0x210 [ 755.514241] ? memory_oom_group_write+0x160/0x160 [ 755.519069] ? mem_cgroup_try_charge+0x627/0xe20 [ 755.523902] ? page_counter_try_charge+0x1c1/0x220 [ 755.528821] try_charge+0xdcd/0x1720 [ 755.532534] ? kasan_check_read+0x11/0x20 [ 755.536690] ? mem_cgroup_from_task+0x1f0/0x1f0 [ 755.541355] ? get_mem_cgroup_from_mm.part.62+0x221/0x880 [ 755.546887] ? lock_page_memcg+0x350/0x350 [ 755.551119] ? lock_acquire+0x268/0x520 [ 755.555083] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 755.560608] ? check_preemption_disabled+0x48/0x280 [ 755.565633] ? kasan_check_read+0x11/0x20 [ 755.569769] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 755.575036] ? rcu_softirq_qs+0x20/0x20 [ 755.579009] mem_cgroup_try_charge+0x627/0xe20 [ 755.583578] ? mark_held_locks+0xc7/0x130 [ 755.587713] ? mem_cgroup_protected+0xa60/0xa60 [ 755.592372] ? retint_kernel+0x2d/0x2d [ 755.596257] ? trace_hardirqs_on_caller+0xc0/0x310 [ 755.601172] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 755.605926] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 755.610674] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 755.616123] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 755.620874] ? retint_kernel+0x2d/0x2d [ 755.624759] mem_cgroup_try_charge_delay+0x1d/0xa0 [ 755.629678] wp_page_copy+0x51d/0x24f0 [ 755.633563] ? follow_pfn+0x2e0/0x2e0 [ 755.637355] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 755.642887] ? reuse_swap_page+0x4bd/0x1520 [ 755.647197] ? swp_swapcount+0x530/0x530 [ 755.651255] ? perf_trace_mm_lru_insertion+0x1490/0x1490 [ 755.656698] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 755.661446] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 755.666889] ? print_usage_bug+0xc0/0xc0 [ 755.670942] ? retint_kernel+0x2d/0x2d [ 755.674820] ? trace_hardirqs_on_caller+0xc0/0x310 [ 755.679745] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 755.684498] ? graph_lock+0x270/0x270 [ 755.688304] ? __lock_acquire+0x62f/0x4c20 [ 755.692527] ? mark_page_accessed+0x65c/0x2040 [ 755.697095] ? mark_page_accessed+0x66b/0x2040 [ 755.701669] ? __sanitizer_cov_trace_pc+0x8/0x50 [ 755.706419] ? find_held_lock+0x36/0x1c0 [ 755.710501] ? do_wp_page+0x518/0x2920 [ 755.714384] ? lock_downgrade+0x900/0x900 [ 755.718520] ? wake_up_page_bit+0x6f0/0x6f0 [ 755.722837] ? kasan_check_read+0x11/0x20 [ 755.726982] ? do_raw_spin_unlock+0xa7/0x330 [ 755.731385] ? do_raw_spin_trylock+0x270/0x270 [ 755.735955] ? __pte_alloc_kernel+0x220/0x220 [ 755.740440] ? perf_trace_lock_acquire+0x15b/0x800 [ 755.745375] do_wp_page+0x520/0x2920 [ 755.749081] ? check_preemption_disabled+0x48/0x280 [ 755.754090] ? finish_mkwrite_fault+0x650/0x650 [ 755.758762] ? mark_held_locks+0xc7/0x130 [ 755.762903] ? perf_trace_lock+0x7a0/0x7a0 [ 755.767128] ? trace_hardirqs_on_caller+0xc0/0x310 [ 755.772051] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 755.777590] ? __lock_acquire+0x62f/0x4c20 [ 755.781828] ? mark_held_locks+0x130/0x130 [ 755.786051] ? follow_page_pte+0xdd7/0x1ab0 [ 755.790370] ? lock_downgrade+0x900/0x900 [ 755.794520] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 755.800046] ? check_preemption_disabled+0x48/0x280 [ 755.805056] ? print_usage_bug+0xc0/0xc0 [ 755.809111] ? debug_smp_processor_id+0x1c/0x20 [ 755.813768] ? perf_trace_lock_acquire+0x15b/0x800 [ 755.818682] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 755.824216] ? follow_page_pte+0x4f9/0x1ab0 [ 755.828527] ? print_usage_bug+0xc0/0xc0 [ 755.832581] ? mark_held_locks+0xc7/0x130 [ 755.836719] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 755.841477] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 755.846394] ? retint_kernel+0x2d/0x2d [ 755.850272] ? trace_hardirqs_on_caller+0xc0/0x310 [ 755.855189] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 755.860177] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 755.865617] ? __lock_acquire+0x62f/0x4c20 [ 755.869852] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 755.874601] ? retint_kernel+0x2d/0x2d [ 755.878484] ? __handle_mm_fault+0x201f/0x5be0 [ 755.883063] __handle_mm_fault+0x3be9/0x5be0 [ 755.887464] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 755.892297] ? perf_trace_lock+0x7a0/0x7a0 [ 755.896519] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 755.902044] ? pmd_huge+0xf4/0x140 [ 755.905581] ? graph_lock+0x270/0x270 [ 755.909375] ? graph_lock+0x270/0x270 [ 755.913166] ? find_held_lock+0x36/0x1c0 [ 755.917222] ? handle_mm_fault+0x42a/0xc70 [ 755.921446] ? lock_downgrade+0x900/0x900 [ 755.925580] ? check_preemption_disabled+0x48/0x280 [ 755.930585] ? kasan_check_read+0x11/0x20 [ 755.934719] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 755.939987] ? rcu_read_unlock_special+0x370/0x370 [ 755.944908] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 755.950434] ? check_preemption_disabled+0x48/0x280 [ 755.955442] handle_mm_fault+0x54f/0xc70 [ 755.959492] ? __handle_mm_fault+0x5be0/0x5be0 [ 755.964078] ? __get_user_pages+0xa53/0x1ed0 [ 755.968503] __get_user_pages+0xa3d/0x1ed0 [ 755.972739] ? follow_page_mask+0x2160/0x2160 [ 755.977225] ? mark_held_locks+0xc7/0x130 [ 755.981407] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 755.985976] ? retint_kernel+0x2d/0x2d [ 755.989853] ? trace_hardirqs_on_caller+0xc0/0x310 [ 755.994771] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 755.999516] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 756.004264] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 756.009701] ? mark_held_locks+0xc7/0x130 [ 756.013847] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 756.018598] ? retint_kernel+0x2d/0x2d [ 756.022489] populate_vma_page_range+0x2db/0x3d0 [ 756.027238] ? follow_page+0x420/0x420 [ 756.031116] ? __mm_populate+0x1b8/0x4d0 [ 756.035170] __mm_populate+0x286/0x4d0 [ 756.039053] ? populate_vma_page_range+0x3d0/0x3d0 [ 756.043976] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 756.049499] ? ns_capable_common+0x13f/0x170 [ 756.053904] __x64_sys_mlockall+0x45b/0x630 [ 756.058216] ? __ia32_sys_munlock+0x160/0x160 [ 756.062701] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 756.068230] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 756.073581] ? trace_hardirqs_off_caller+0x300/0x300 [ 756.078685] do_syscall_64+0x1b9/0x820 [ 756.082564] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 756.087919] ? syscall_return_slowpath+0x5e0/0x5e0 [ 756.092837] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 756.097671] ? trace_hardirqs_on_caller+0x310/0x310 [ 756.102690] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 756.107694] ? prepare_exit_to_usermode+0x291/0x3b0 [ 756.112704] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 756.117540] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 756.122715] RIP: 0033:0x457569 [ 756.125899] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 756.144897] RSP: 002b:00007f835d843c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097 [ 756.152591] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 0000000000457569 [ 756.159847] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 756.167121] RBP: 000000000072c0e0 R08: 0000000000000000 R09: 0000000000000000 [ 756.174377] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f835d8446d4 [ 756.181634] R13: 00000000004c2b54 R14: 00000000004d4810 R15: 00000000ffffffff [ 756.195796] Task in /syz0 killed as a result of limit of /syz0 [ 756.202180] memory: usage 307080kB, limit 307200kB, failcnt 2237 [ 756.208441] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 756.215979] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 756.223080] Memory cgroup stats for /syz0: cache:144KB rss:287904KB rss_huge:256000KB shmem:28KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:60148KB active_anon:19116KB inactive_file:0KB active_file:0KB unevictable:208660KB [ 756.245656] Memory cgroup out of memory: Kill process 21001 (syz-executor0) score 1220 or sacrifice child [ 756.256281] Killed process 21047 (syz-executor0) total-vm:70864kB, anon-rss:18460kB, file-rss:52260kB, shmem-rss:0kB [ 756.268455] oom_reaper: reaped process 21047 (syz-executor0), now anon-rss:18460kB, file-rss:52252kB, shmem-rss:0kB 00:54:51 executing program 0: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000000)=0x102, 0x4) bind$inet(r0, &(0x7f0000942000)={0x2, 0x4e20, @multicast1}, 0x10) getsockopt$IP_VS_SO_GET_SERVICE(r0, 0x0, 0x483, &(0x7f0000000300), &(0x7f00000000c0)=0xfe18) r1 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000400)='/dev/vga_arbiter\x00', 0x3fc, 0x0) getsockopt$IP6T_SO_GET_REVISION_MATCH(r1, 0x29, 0x44, &(0x7f0000000180)={'NETMAP\x00'}, &(0x7f00000001c0)=0x1e) mlockall(0x1) clone(0x0, 0x0, 0xfffffffffffffffe, &(0x7f0000000080), 0xffffffffffffffff) r2 = open(&(0x7f0000000140)='./file0\x00', 0x0, 0x99) exit(0x7fffffffbffefffd) r3 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mlockall(0x3) ioctl$VHOST_SET_VRING_CALL(r1, 0x4008af21, &(0x7f0000000500)={0x3, r2}) r4 = getpgid(0xffffffffffffffff) setpriority(0x1, r4, 0x5) r5 = getpgrp(0x0) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000280)={0xffffffffffffffff, r1, 0x0, 0xf, &(0x7f0000000240)='wlan0\\}md5sum#\x00'}, 0x30) setpgid(r5, r6) vmsplice(r3, &(0x7f00000008c0)=[{&(0x7f0000000800)="50e005e6815dc6b00b10002c519c66795de0d52fc076f1eb6a9c58cde88a6eef0093b24a178e84740aa6d1618e2033d38d4aea0fb17cda768820a83864ac14405192e4549c3ad33fca5d187507c5a984d6a0c72683e7af2d4a070000000000000005b6d0dce139e4c627395426a1f6fc0b416f7163eb07000000d9e0203181735ccac1e530c361262a0a5e0a98e9ca3d17f2f2f0c116fa9fbdbe757d93e323d17f29", 0xa2}], 0x1, 0xf) ioctl$EVIOCGEFFECTS(r1, 0x80044584, &(0x7f0000000580)=""/190) mq_notify(r1, &(0x7f0000000540)={0x0, 0x1c, 0x7, @thr={&(0x7f0000000440)="4c272be7ad31b92a7819bd4438656080ec27849a76ffa174b3fe114201140a34e5e6cb4d6a3ab9bcdc80a2717dd8542f33caa13b8c9cb9f5d11d4c66dc81779917000c05979ce491010f7259d0ecdb80fb30d6cba6e2b753ac23635fbb3d879cc2982fb4bbe1afcea02f12d11d43e1337c25411ae04bd8efc06636c455e15689c75b95c24f0dbdd30bdf91f2313a3e39b263ff5196302f1880765440d8b1", 0x0}}) accept4$inet(0xffffffffffffffff, &(0x7f00000000c0), &(0x7f0000000100)=0x10, 0x0) setsockopt$sock_int(r0, 0x1, 0x3c, &(0x7f0000d4effc)=0x1, 0x4) remap_file_pages(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x4, 0xa1, 0x40001) connect$inet(r0, &(0x7f00000002c0)={0x2, 0x4e20, @local}, 0x10) ioctl$FS_IOC_FSSETXATTR(r2, 0x401c5820, &(0x7f0000000200)={0x6d, 0x7fff, 0x400, 0x40, 0x4}) sendmmsg(r0, &(0x7f00000010c0)=[{{&(0x7f0000000bc0)=@in6={0xa, 0x0, 0xf0ff7f, @mcast1}, 0x80, &(0x7f0000000d40), 0x2fb, &(0x7f0000000d80)}}], 0x4000000000001b4, 0x40400d4) 00:54:51 executing program 1: r0 = add_key$user(0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe) keyctl$update(0x2, r0, &(0x7f0000000440), 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff}) r2 = openat$null(0xffffffffffffff9c, &(0x7f0000000200)='/dev/null\x00', 0x80000, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r1, 0x2405, r2) r3 = syz_open_dev$swradio(&(0x7f00000000c0)='/dev/swradio#\x00', 0xffffffffffffffff, 0x2) open_by_handle_at(r2, &(0x7f0000000240)={0x1008, 0x9, "3c4b416233982f5b15fa3d47fefa97ee0e1005d5b2d42cbb81fd883f67f056e512c79d48903ebabc0ffc0cd3718cbb62f6e1ad486c596c1a28a5d2992641678154809e9f879468d3abf901152d379fbbc275d8d7fd29ef6f90054d14a2b73f932361fdb3c8be17d24c72a4043c6250c040eeae8434934668c1d16ae6acf1492abb66a36c828ad8b91fe8fb8eda5c1ffc70fce63a244d7e2805c14df57a1b356c5b3c858ed8a61ee28ef08fe749dc0de028d091a545e989e08e3cff9243181c1ab513f40c6698d1525588c7f83a3302976a8f8e1cd335d154b4d1f419b51ba0ccccdbc556f018f59ed207932628158b981a96d1362e75b3339c30ace19a3061b17485933e1325d5ca5be02fe7cde4e05804fccc08891e88233c767a34e32f2b2406b1b1fb838554f41c37655e648018278d43a52914bbe063b541cc35c110607209d9ab3c9925c8b2fc25f20e0c3b5d3564da394e818e6e4ad20f1e149e94c6215a2b4624e56626bcbf07778b21979e0e2bb2c012c1f6401555f0c8e3e48db898261217a8e529116e14a85b43862740491c115b6dcb97a72eafa752674003df7270513a9b561a41d74a8c74abb8cca95d83f2ec3ad94a9148302e98b1356fb6e3e7ce2123390ef6a4a14bf8cce43ef9553aa0c4bd73980f24d8c92ac52804e9994e94812a140cafc713011586a087d0ea2bbc71f6fb54801f975207a12c9e3d744cea3e0793e765969530a2b7a24b9aee94d09fd7cf920bb85f5a6b879267fe9c9e8a9145224fcf6741cd6a5e4e6bf3375b835c59e009755cc111a8fe86c16d29b48e33ce038c4ae5a5cb0ab40bce561fd2bd45301748b656d00f61d94e96e39a80a63c6ce6b1e984450f571d0e3583d5325f01f8f81121a8ba4847df7b777db0d6c9fa50517bb2501162c4396f9ff0af7ad45b840252443a14e6428284eda994c9bbb1e302336b5328b1bc809edfbea1e7492938c4468ad1dd97a11662f85fccbf81a5b4f8f01dddbad533d5148530f7d2955355b78076b7760b32a4be2d69b4bcde0d47484c522f0dd358042148005a9535cfa5789334b48861f690a1d6f42c26b14b4a9c19360f102639507d397f6645dd8f84f11cc7f3d395c2e5d0bf66500289dc0570a1e461402753a6ba95ff692b2ca6647af3a3833935e61f79ef37c01320d94d71d5a748635438d013125988c085c46243b7c0e71651aca5e46d7fcba565fc5955ec121236fff62fbe2eefe8964daec68a6ed425fabf443a4c395a8986e35a847e4d053edf1fa6ab5f949f0af37bf20f0b31df6891de97854ad012f9882510f4aaca04416006f54fbde2220e6e02093271707e3e6246c55b15650118cd2e6d0e9eeb024ad95422c3ae01068a7f7f9367aa380572ce82b81863cc1d5709e93e387fc9ee8b60d14fb8cbfe7785c6174bd8dfef7b01d75f3b980701ba71acd0d025c0b96b7e41fd0caf5c4a34771e13eb24942d62663ea9d86ec0341d66346601c993e7c1693ecb61a724c915a0f1c646509e80c5bc2a6bed7caaa42e4efdad57ba702abbb7854fbb86a74ad9627c8417d4a1f2f53f9a6af5646f5186a572ff8c5849a84d5517b8084ef07f5c149c443ccbeb61a5726ca2868997bdca8d722892d1155ad616f2651d93a64071b50de33c3b8df3a9c64f871d2c6ccdbd53992749f69c551784339b92a354a1efe4b7ce55283c6020d550c2e043e6a17da3b4ab6ff0e45af4c44eb963d491983a3378ce266620c093bc9220349e3b2bb1dc537ad0e5e25d8817d593bc28b8537b972b646e408ac4040271a353d3a67593414177fb4d0c4a42a3b393e0d978c6a3a2bad508956c4b8b4815e2136fa7bb17f3f9c4c8e314b20a1c3b727fecf4f02beffc87bcb8490a9f3775706f1fd58d7ed17eff0e8f9df0b0d390826f0fc4abfec483cd53d04ea5de44187cdf5d5d9b760014c8ceb3eed7020666d4bb739deeb7cc8302837d75109c21eada9ed90d57cf5e9d784aac6dcfc2e69ac048411f9726f6ba188c0dc5b9dd0f4cd9849782dd0084d6e731ae10353b0d1b8858313ec6567ed95e898dad5c3d2dd5df407710d46d9449b427ab154f7357d446f19e71d58a13f06371fa5fb880ef8392f4b00eeb22c117d353a4b425ff72db38cb9432da36a4584689dc17c2c61af56c1807f8ca4d04bd3c59180b8f05640866f311b6c98301434baa6cbe8b88a5e979eff53e79df71d028e4a7806e95649d38a5c170ae4696738c2b721b1a25d89ff48ae2b8124735d93ac03c8137950009c4293b1e4c1344e8c9d8ed7e18f28733cc1b77107f1caa9454f31389b9232041252b3ca891139513ffec63e0503e40af3e437ba7bb55ec3284cb1765367adaec4c81c2a222f7c125e4c9e82d328ced51873cf3e64de524a311d3fd378170625f07602be15c407d09edbbd2a10674d67811ecc782c56bc87d66b6d236fbb154e5de2e31f66ce809d98680120dbac1e0fa5ad0895c3c62fc3b8334865435ce7354a1269af07fa12fa5530ee1985eec4efaf9643861f02dcfcba23c25322e46fab588106da8e7af05d3136496792b645526e9aad9b3336c37acb33b8ec7b34fd65f4c4d818d79ad5740f78f0468132b2784d1d6e1ed228b9a1043710ed0a432fa6b5c1c423634aa739a477b4a00853a06a45c98cfb0b18d54bce417e438c1bba61b13a5933eb422d7809de95f5e150139035594d3f7c0840c5adbe20115eb6d7ab22e2a386bd3aa5173ef3c1521056def4b5c6b575021f375c0337466d9dd061d70c196019fe51269f1f6e121a316c589de3f65bdc7575c5445d8a0aaaaa30cdaab33848ab53991efcb01e32be3d21c9c2e84b73c89c6cb86812333ede2d0a05ba0439cef2082321c15c890fa4032451a4cd939a978f1047716d6021f16d46b07d6522aa3feb76e062e552fe9816f5b1cd9f6ff2041157cf9b9fabe7ae5ec83389c18881bae3d475d9a1ead9b4748a3d36953fd5b6cb03ac42a939c432a6786065f506509bb23c6e3e0991f88d097be27678463140d843967aff36086da06ea436d976e4e9834b3d19f6751d670c066a41f0a09e40d1d25f3ff65446acdf3799e72a91705823e56f799854efe1c3ac30d6e3d11e34ab309848c342cbe4db60576b475978aa36366dc3f9820f27fcb6439e98c38a781bb90a6bee40a6bdbc63606ae0a7b0e4edbed6f54323c81fbe9e4bc18efae2c450a25c473971849615dad08e8b0475a5f8087f06b4b0c60206fbef1e3dd36823d06a7d62ee8c6c77bb194a422ac051a05b96f0e65d2a9a3258baae418c319ac686a80eb6de52766e533c341fa0828f58d291e557f390dcc34a6cc7d936ca1e457103983e0cfa502d016bbf87590eeeddb0ddfdf18387434a116b68000c489c7f9e9f392851dbf51b6179174af77f10bfcbc890c7b1489d9b23f5b102c17702281056c6084dbf6188abf97c6f16d8b965dba7465ea8f69ac7ef81bfe70488a04270dd8673b0b941fa24e352f698a7f4718f527a3cc077f2d4487bdaad34c44483c31b723c1577d58b43a71804c8f20765ba3921044a7446880dd003a5c43de73ced3e7474a3734516c686396ea43271a00f05c99b3b0ac3a4ecf4df9645407977b53f64824dfb2e53d268d2eb27aded5684f6f98cc100a69de413a73e38869cc72610eb4e6067c5447326556179d4dcfe6fa594bec51100a3901cff2c5b244b1bb58b0a078b326f09cd5026dc1305cc2678a2d4f4c70cae534163107d1ae3967dfe085f6b61a588b080d1e8cd32a68877e67f021e7b50740c012336b6bae97322178b643073a8f6fc63578f828b4331e5fc962077e32763d612e930119eec9f847987e9ff886d3941405ff7b4ed6524528eef1b9015a9365b661769cb4cc9f8dcc515cd6972c8e59332eca2b41419add7def02578a122eed191bdf918a55742d93809692758812115cfa7b72e3734960b125cb81cc9935508c3075d2d3fb2672ce0975e8cee06ff9f05445016efcdeabfae23035e145d231b0a25f77bbeb216091f8f62d7dd77be6301548e97e5f96b8a75fd162e72387783d2bee7e46c6c993d90cbecde2059a7267e709b7a20c0ca33243491cec8413475f5ac7e54af7b399c80e605b3712384696c9bb53b4d6c93f204eeeeac85fbe7d16b3f13750ecd7d0f2ff535d060f1bec7384532e7394a4255c3fcd357c1406c31692b30b65ca998b2f994c42d7233447541c26089208dca406267896d76dbb75abca85ff3fd79d4b2e1b8176d6c0ab4a7c47d52513a6d89b4a555ed7eb200540988e3ff743b1631ce2e9508733812bb8adb1e1d1fe16ecd2e808e68122df35900a77f8ecbb6d77716e8a8d068c61b8d89fc160df5c53433e67f5ac41f04d0db381aefe184db3451bdcb205f18d5e9e876c2222ac07db627d0324093ad5c13ffcc3314fa42d5dd2658b8fa61c991b74f4e1a1c2d8c26de0c98436a6727d8f3fe941b5e06e0baaa388f6288b6efb9e6a516ded897a5f29cd1be838a72d6c427c1687d13d9edc1da33ca02e03d5f045b306b07c0a09d59ebbbecb4c4a3fae171954ed437618e0b8455f7e0de045e8a304a39918ff743cc18d00155ce898b3a109695d8524f7b7cb6fbc858b1c2eb12ff9c482c957582aa75f1bb21f3d692cdd016c5db0b340d4abd9f913009865117a90cc76118768ab76d0c3e545f0cebaa9bf8ce741b3fbc0c70f336a67a7df08f5734a950af247c20db39f5f5f448e6020c66e39155d14abfbe10f90c4cc436d7ea740e24cd9405ae891c20bde0a9003bb4cb8a24cb3ad017b09f6fe99b77ec3e7d39cf63fa4321776be848a561073b5cf6c0124577396d4e9e0afd3f91e7452ed892f3e87b64f6bea559e6b275e6cb3ced01af4cc64446581895f13de662404e828ad2ccfbabbfe73d64a9c7290eaf878bdf1329efb50cf9e3295ca89192d44488a813bf7fa1925ed5c78a3c829cccafcea64fd60fe4a6cef5b560e76b820abece89f3218d9d8ce810b8f0a7475e58d70ad10777401a7450178521a057c447847c974f0b0de26d478d03638e0361579183ea65e2a1dec324401ff5c3287c7f2eef113a80d4a45039d6c155ae2fd7f4cc36a1f141b0a321f5f59e1bbe1d61a4e0c6b43b60f3b71bb83972c65ee9cb76473bf40cf21431cf2be0573ac5b663d112e74fa6a841eb2c4ee4df1fee41ad95ef878de14ef2b5f9f8fe72c0e185c9cd56da70bc38536d0ea182847a47f3a0ec15fa00bde3d9f0402b10531517018ebcb52553c3d17786b20c8ff8c841c193ce644e4ebde7b74e718d0d861da438e2a066d6c9e92f477bdbeb068b6cb71fc97bd8332cc361c6606c3c97653a02f36256a344e585187da5d743a0b448fb5a4256228036f706fb7b5f671beacbe0d4a662a41765d8c827dd64600bf439e65452a5b919cb7b866c9bfdf1ad84f4319261fb97ebbd8bf5e9e59adc044175c45ca3b69fb584e98cc0501117359f1a17711afaf4687ede96b7434da7f7b0c01f84a02f85078c8f3694f0f1c947caa2cfe54ae32f53f35515689ee93c281ebb99d2a20e7d0ba5b3b1d7fde7ad422b858a6c322cfd2420ee80636ed6d522f478c52a6bdbd9cdce121219ae1cccb28b80b71c3a88c68a08257b77dfaed937310105b001ba7180af889f1c47ae729befe263b9bdc24bae0db2a82ad8c5ed65463b8eab643f9736f91f5058b4ca69e5f3bb0e9e54e8447b37053ed6cd1f01868e17afe9ceaf33a4f4225b6cc40dffd9a1f23f5daa80d8bd52f3f2b2bb528ccbc5a1e4ff842dee833a8fc88d24d7578968acdb8938a"}, 0x0) mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xfffffffffffffffd, 0x11, r3, 0x0) getsockopt$inet_sctp_SCTP_DELAYED_SACK(r3, 0x84, 0x10, &(0x7f0000000000)=@sack_info={0x0, 0x1, 0x80000000}, &(0x7f0000000040)=0xc) getsockopt$inet_sctp6_SCTP_GET_PEER_ADDR_INFO(r3, 0x84, 0xf, &(0x7f0000000100)={r4, @in6={{0xa, 0x4e24, 0x7, @dev={0xfe, 0x80, [], 0xf}, 0x39}}, 0x9, 0x8, 0x2b, 0x1c, 0xfff}, &(0x7f0000000080)=0x98) 00:54:51 executing program 2: add_key$user(&(0x7f0000000040)='user\x00', &(0x7f0000000000)={'syz'}, &(0x7f0000000380)='X', 0x1, 0xfffffffffffffffe) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_open_dev$swradio(&(0x7f00000000c0)='/dev/swradio#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000340)={0x0, 0x9, 0x1, {0xb, @pix={0x0, 0x1f}}}) mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xfffffffffffffffd, 0x11, r0, 0x0) clone(0x0, &(0x7f0000000080), &(0x7f0000000000), &(0x7f0000915ffc), &(0x7f0000000180)) ioctl$ASHMEM_GET_SIZE(0xffffffffffffffff, 0x7704, 0x0) add_key$user(&(0x7f0000000240)='user\x00', &(0x7f0000000540)={'syz'}, &(0x7f0000000600)="63bbdf5b932bb04481028798fd5fb1bf7183b30984e21c3eb3094d70650ee8624e2bdce1427bd61c8e222dbd67d402b7ccaf0c5dc50030ee14d419fa9c84b0ffd1019f1b2ae022a0f182301f9942566e6f61eabe384c732d0813a18bb3dc9f3a678d9d44e6293e786ab2e6d28f236c138d63fe4f6ece6f3d04", 0x79, 0xfffffffffffffffd) openat$autofs(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/autofs\x00', 0x401, 0x0) 00:54:51 executing program 5: add_key$user(&(0x7f0000000040)='user\x00', 0x0, &(0x7f0000000380), 0x0, 0xfffffffffffffffe) keyctl$update(0x2, 0x0, 0x0, 0x0) r0 = syz_open_dev$swradio(&(0x7f00000000c0)='/dev/swradio#\x00', 0xffffffffffffffff, 0x2) mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xfffffffffffffffd, 0x11, r0, 0xa0008000) ioctl$ASHMEM_GET_SIZE(0xffffffffffffffff, 0x7704, 0x0) 00:54:51 executing program 4: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000280)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000480)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) read$FUSE(r0, &(0x7f0000003000), 0x4ea) write$FUSE_INIT(r0, &(0x7f0000000600)={0x50, 0x0, 0x2, {0x7, 0x5, 0x0, 0x0, 0x7ff}}, 0x50) 00:54:51 executing program 3: ioctl$VIDIOC_SUBDEV_ENUM_FRAME_SIZE(0xffffffffffffffff, 0xc040564a, &(0x7f00000000c0)={0x7fffffff, 0x6, 0x3012, 0x3f, 0xc912, 0x3, 0x1, 0x1}) syz_open_dev$mice(0x0, 0x0, 0x0) r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000400)="2f6a7374617400c65381b47aaedf2af5c8af3423fc41891bd2a3c56d8c88e29bad43f1da906e855ff182de04227edcbbc2b1df8f180e158e8abd442cc049cffda030ff277875ee010000000000000000000000000000000000000000000000f532144d1671a6cdf5069e5bddcf25cd7f23956b4a82df900f5eb5763b4fe8cc7172962d2590b2dca2a1308c382541b053194d9027d83ee7ba2e3280857f8f9f63fc90bae959c6e67078bf97e615bfd9409914958aadcfb37973543c60d83526e5c267f7dfa54bd524cc9671dedd665199322bdadee125a35b40b7be0c07301f439a7edfa26fa98277c8078b02e2076291c33787c58b0eabbc39288fc10509409de108f5ca26a8c8e1afb70b2a9569cf8f4cdb6d4e97eb7fdf241dee160e6071618333cc0b0e8bc6a17a0b7d604550fd149ad078ffe54c6392fba29015a3ae73774cd12c9c0ed251a7cf843d712d", 0x2761, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)=ANY=[], &(0x7f00000001c0)='GPL\x00'}, 0x48) r1 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x2761, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r1, 0x4030582a, &(0x7f0000000000)) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000840), 0x0, &(0x7f0000000700)}, 0x0) ioctl$TCSETAW(r1, 0x5407, &(0x7f0000000100)={0x8, 0xa6, 0x5, 0x7fff, 0x20, 0xfffffffffffffff7, 0x4b, 0x7, 0x81, 0xff}) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x4030582a, &(0x7f0000000000)) 00:54:51 executing program 5: add_key$user(&(0x7f0000000040)='user\x00', 0x0, &(0x7f0000000380), 0x0, 0xfffffffffffffffe) keyctl$update(0x2, 0x0, 0x0, 0x0) r0 = syz_open_dev$swradio(&(0x7f00000000c0)='/dev/swradio#\x00', 0xffffffffffffffff, 0x2) mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xfffffffffffffffd, 0x11, r0, 0x1f000000) ioctl$ASHMEM_GET_SIZE(0xffffffffffffffff, 0x7704, 0x0) 00:54:51 executing program 1: r0 = add_key$user(0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe) r1 = syz_open_dev$sndpcmp(&(0x7f0000000000)='/dev/snd/pcmC#D#p\x00', 0xecf, 0x40000) ioctl$VIDIOC_S_PARM(r1, 0xc0cc5616, &(0x7f0000000100)={0xf, @output={0x1000, 0x0, {0x9, 0x7fff}, 0x5, 0x5}}) keyctl$update(0x2, r0, &(0x7f0000000440), 0x0) r2 = syz_open_dev$swradio(&(0x7f00000000c0)='/dev/swradio#\x00', 0xffffffffffffffff, 0x2) mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xfffffffffffffffd, 0x11, r2, 0x0) 00:54:51 executing program 4: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000280)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000480)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) read$FUSE(r0, &(0x7f0000003000), 0x4ea) write$FUSE_INIT(r0, &(0x7f0000000600)={0x50, 0x0, 0x2, {0x7, 0x8, 0x0, 0x0, 0x7ff}}, 0x50) 00:54:51 executing program 5: add_key$user(&(0x7f0000000040)='user\x00', 0x0, &(0x7f0000000380), 0x0, 0xfffffffffffffffe) keyctl$update(0x2, 0x0, 0x0, 0x0) r0 = syz_open_dev$swradio(&(0x7f00000000c0)='/dev/swradio#\x00', 0xffffffffffffffff, 0x2) mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xfffffffffffffffd, 0x11, r0, 0x0) getsockopt$inet_sctp_SCTP_AUTO_ASCONF(r0, 0x84, 0x1e, &(0x7f0000000000), &(0x7f0000000080)=0x4) ioctl$ASHMEM_GET_SIZE(0xffffffffffffffff, 0x7704, 0x0) 00:54:52 executing program 3: syz_open_dev$mice(0x0, 0x0, 0x0) r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000400)="2f6a7374617400c65381b47aaedf2af5c8af3423fc41891bd2a3c56d8c88e29bad43f1da906e855ff182de04227edcbbc2b1df8f180e158e8abd442cc049cffda030ff277875ee010000000000000000000000000000000000000000000000f532144d1671a6cdf5069e5bddcf25cd7f23956b4a82df900f5eb5763b4fe8cc7172962d2590b2dca2a1308c382541b053194d9027d83ee7ba2e3280857f8f9f63fc90bae959c6e67078bf97e615bfd9409914958aadcfb37973543c60d83526e5c267f7dfa54bd524cc9671dedd665199322bdadee125a35b40b7be0c07301f439a7edfa26fa98277c8078b02e2076291c33787c58b0eabbc39288fc10509409de108f5ca26a8c8e1afb70b2a9569cf8f4cdb6d4e97eb7fdf241dee160e6071618333cc0b0e8bc6a17a0b7d604550fd149ad078ffe54c6392fba29015a3ae73774cd12c9c0ed251a7cf843d712d", 0x2761, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)=ANY=[], &(0x7f00000001c0)='GPL\x00'}, 0x48) r1 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x2761, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r1, 0x4030582a, &(0x7f0000000000)) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000840), 0x0, &(0x7f0000000580)=[{0x1010, 0x118, 0x3, "cb4b565bb073b3d59b7170043b197b9cbe43492941ef608db8b05301cb75f38b644e156b52d5be18de997659f8d3f0774b78bda785fce82692780bbdf7a323747ae999798e264e47482f24e44bde8ed3cd1c14eee9f0935dd1a197b6681c9a7a1e04044bee7347bd46ba516430b0aa8fb15e91343677d7175f150d8c7cbb3e756202c9e1bf63be3db2d34e1016461b1333f111edce4bdb1ac953fb93113ae6a11694fb48be48fda503ee65807df30ce37bcedf7b96f3af7abc8870a6623648b6996873014b49b06d0a3aa7b646cd634ffd8650c29e0d6974a453ff9a3b0c60de9cc79091a47b36284aa6163f5d65596435b2b69b16445a9e1c39adf7252005cb84d2fa7b6448308c94792204cdfef80468d4523ef547b0a566df4b8a5d74f102a8fa23fbf378c06e82e080a7bb72155abd3373a9a0753b133f696095a65e82371e1ee1e34c5e7353178df3d443f16b9a8b5f369a5fa03a3addc68fe27686748811486f72bdd9663885e76fc21207ff7b8206c6d61f8a2836062baf6746259e0e8e821ea350a777d8df0440b970a879871731bd0895c91e2444964b191dba4a4b37bbd2ff806f7ed7202b6aaf5ef6880e27cf5f56a6f2c3b68e35aa61e1d93d2add3d7a60c9f4b4ef78d67a77cf7cfc74e52f5806fc6283e36c28134efe0934ff29259ceeea814931c51301ecf50af97bfe2a26a69ddbe59eec9e7af38d55f1a83523f9212295afb75dc86abbbdc0766b656baf67edd69ed14a90396c4a8e0fa52f750db0b4525360d8c02e21f1e3e254994e1bb39793cf30b19bd77645ea1af482ff0156cab5ee63b519eff1be744ea564bc7ae9927ab6c723bf39f3c7f33f36e6e1bae60d1276d6ac4dcbcbfcf22233cc5b72b1611d671ee9d8e83b38069363ca987119abdea306d07c85a73a379ce9874b2aa4a038ce0a51ebc2375c931cf470b0aa4c2ee3106753697a97f7ac8e18684ca9bbf014cd4f79b8e2d3ccf971a7122b1b4dc9eeaf0a70df9adb128c69ee896f71b1d7a00b14058562f6320df15f76af10186abaa036b7ba3929941a1c68f03a126a3ac69b1385c0a71326dbac0f10f972e5ee9b81e98c521ef8e69a396d77159f8f15d10f6b3fce6eccf106770fd3d86dfbb19d44a80cf1467f39aede0d2c8037abbe1ec6f8b3d75a6a2d51c27f1b29e0bf2fcebb1ad7c8da34db9e4e50a6399b179b24530a9c63111411c440d3775e37df32c3064b4146c307f1c0f7a70b3820b02ebeb8dcb5f7d8283fedf4ca2def57652a228beaff697fa4ad4d6151963d41118fe7f2e36f30122b06bd6eba07692e7603138be59845bf0628c82ea753a64a09ec691eee2de34bf11d6c35a060d7be6695564c5237e97bf4dacc74f4add9013ad8f124b6351f46e000b09bf770a712c1594f79eb18453ed39eac94089033b8a5e288dee4cc03d357e4de665424c33a92dab89ebc3eef70050aaeead3de6f4f19d7b1510f1f37b400d223c417aaf2756883c9c08742b9453d49ee7a5c3e2cde695d3481b0d11f3f45896dad0832c86e222c074f8c0bb5c34f7526cdc0a942cf7e9b146da7b851bb688acd478474a05bbdad4adbb1d2061eced5872fa53f27c525b5d09450db7ab20e950165261c18e9d503821e909ce418c90c22428d1948a3eff8f9523d85d6dfc48ec842e35097940bc67d4aa7fc5f22d1a05462d2778252c1f0badbafa4d23887f968fe14890e8d581c623fcb3bf9ae48e3409f01fbd3892084fd75352b2024b3fa6e2f3f8c1ff2ad197bf8f532bbc781179c9922429b4cb3f92759cad6db7d9b66bba004b93a7fe789f3ef314e479acb0373f7cea0cd7f2aa6a808177420c33dfe7c55fcfef9bd190787bbc1eeb912c68c3b114d861ba44c088fddc50da4b0774b3a4ef00c4f444824fd6a396b0a49d35fa6d69e424533a9e9c81ad44db2c9ea2b2136ddba1c28bd191cfefafad64aa202c43abe99132f708ebdb61a7f41d210d54c97027dac2276c2fa79a04122f9ebbc730e91a754c3a7f3ca7ad268f74f461bcea25db7fa08d2bdb41429055f0bbb63dd18e81debaf2f301a87e60a0e743495e127d930af628584f6051cf568d92a47f10f0a4daabebb16d53ef5c31421ee35d70acdf15339b44210e7749eabc4d2005bbfc57ccd3081940b5e682645e7cd3e8557a18b701150c6850df20f95e1a6639463f3ab04446c50a7e11d159a38b837381357a65e341581f3fb3f01ef149e09737003d50034950a2c3df1e1359a1377273382f599dcfd9c817af60b4b774f23df43de24c4f426d002e2373c3f612eb2c5fafa617dd70e61878458c4beb8d39815f4154d0a35ff6f6b2b1e31aed61cc5c6dbe4b00e7cb23a4f45f8d4c57e1cff4fa9d52e5c1680ab44aa4ac0816783596a7b415a1677f0af425685882c47c46de98f4ba08779a4e72b5ccc7bc1c89688aa618d8978a95d7a0bcc5aec29dc49bbc4876700f6d418551947e196a8766e2cad182b22367fc23d3565dbdadcdd2e1177652316944231ad944d6c4b7e70539a433f0f5d10d9f7ffdeb35bc748168822a058ce24de32020aa134b2c4471ddb0e62a9ec02385c60cf90731d16c4e21cf8d73a0f2b2f7fb812f629266025a30f0c39b2fc22c8ad4e11022170ada9b6b2af104a761d424cd525f54c50d289e7de0ac4e4fd18a4ab7e19c034307fd70b65a1a9939ac8e1a77eb6699ef97987fcb650ee12f30f0a233d872b2d1ad844746358d71461ff545b85421815529d853cc9564d40b52573a43b7e157d16550955c6293009be868dbf60b8c917a438511673e6a4c74968c84593c0e62556a2c564ca5ac368faa0b8e9371a31264c9bbf3ab19553c70414236d9712cfb98903909433e23b3fbf80e6de738cb808ced22922f9fdb3d51c1e1e6700e6c1bd53cc5739d330b32c5dfb0d3f0a1287c4be693b7cac694a7a887e8663b6f910be2a1a9d7264cc1d6cf697c1f473350e86363138b217f403a42b6264e3c1c9f96bc8d125f8a46bcbfe2fca534a415a706b47b59476f53807b2d5e72f92135a32e85be6b42f4a736db890015d10fc26fbdd4acbb890429eb50139f9fcf62872b1a99fe98e25062ac0f1e7f343a02d69c41d0e507357eb8a8c5a09fbdc52f707bc0f219e15d460a99a2b647a199a753e604dba55b638078c232a6b3b5e9b20e73d22dc63f025ae89dab914539ec8b4feec04560479e22a9135a719091c6b24875f29fb111adb39013f29f6612aa318dbbd197a0a6a13ed9e5e7c99d5f7d68db6e33e90fa19ed90e28cfe76a497c24f2b428e391594edc27d9140b5d6a46aba15dee1b1e846843870f0b17b7f529eb9cf40f254d2910c9e12e4498e2d178332a89be960120f66c38f5927bac0a59691561666b646417892e7abdb5c3fa44b49200dcc3290cc1c989590d5d7b419329db58fe4ada2038f3eac1c59bac95ebee08d9918f40eadd4891ad8c42d6978b5081f9bd80ac58c9d313fddbd13b0a092b2308a35cab8062507fcd502774b48b277ed530de1aa85f4de248d9744092697b4357291cc92601bd9b11fbef24ce3dd528a86369b635fa7769d9bcdc81f76db4fe02b07dd9b79dc3b01a597a76d65a2ad3c9db1c7804ee4328641f44e6a0566212e59d36e845f313d1da71d032794578f57cd8776e2108dd335a9d6673ee92a8335509931fe795f4786e68ce16dbfdc85eb3c2a7d7122f81a8b38f5c59eede9b08889c9f5e566c4efda51a4ca750b8a0feab06abb8935086376657645d928a57d53136a320e8015a8461308d6697fae5dd0e4cc366e0c7886e21019545d17cf2bae73b9fe4a15685c5b1913f17bbdd1f4ee13d0492cc0c5c88cbe0427914d397e028a64a92fbd3009fd3e0c8767fae2ec239bd2ea5f2efc5d0eafaae9a7de5b0da9d6aef395d9d0674bdc1e98a11922bdaf13bd5c8422a3ba8eb359b7ef430c5003342620298965d2368e83c00cc0a44414fd3a5750f36567c75baf9384bf5da9694bbe50dd54ae8dccb2a66f68047ba4827c142925bc67bd6048125961c3b53fcc79a9eb6708bf16aeeebe2a05069d286f3aa79eaae0a3f07d2eff96fed8e364e415383c984d5bfa5ab42e56f04206c56da204d460f854624d56eb79c14b9940f2294165d577c6ebf075db1add9c77d1c0e14c7fc7fb43933a86c8de7bd439c43cb296b47df345e977948b99a6fcd09f6ca0c78b9057b47b41a5a84008fff07a8fd774e25893845522b479c4cc28de8f956941aaeba85017b4d89a4b2bb24302faefce63b67cc791eee4865f03d97b109c8d8351f725177d83a597e7f75ffaaf57c708cb0a59acbd9253e0c32fa54c2cebdc3eebacc7baa5aff3a233619f73d5cf49c7f25e75fb623ccad3fbdb36364bfc762d68d6d133d31b64f6af95ffb9b1171448a789419619dd1f3b5f3d3f1540c503150d4a0f7e5cb17cb7dea1e0567d5477174317871ca59615d56dfca085200196dcb88a7c7fe13b4f03985c5663341f411188349136720a6b5a130e19daf00e7aa02475624bfb95c6dc1a03081fac2159124bf92643c979c767359e57592401672f07d6750dd1216c592a8690ad59293695adf254478ecce56f1d4c920edb2bfa93fd1861f7fbba98fa52ec71a532a3ff9c4f2b0150962bbdae04cada0f14e7c6263c6f2e02aaa10738e476d2052a84558cce6660827396969612a5c853e8c32711358bcf21397c967a711068234eb64f866ea9ddd0b8e3bb7b092d438b9671a23327205ad30a11e7b47ada3643e021aa6ac342a6387eaf39fd98c9b8bd69c4d471cdca2dfb25cc37d62ba24a8f1974eb233e96b0e1b5eb353dc49f45246a7b8ece67367defe30146a8592d5949ef6cbfe7ba0d390a4c93e2be6b9dd7fae6b0346a36449b4e97ba1cc4bbd6c358a76ab865072d3578faea53f0e221a1308fe7c9f7bd2c9c17c0f7795e650e82bc3e3939a3c854326f67864fc3496c8c551bfb2d0bf5a546b795e4b85f3168e5d301046c5f6975de4ce77096b3d7ef64426514f07f634b6e948b1df39b2ad9049f4cc67d7ba32fb518793e2da0dfe1477271ca4ce11c261adbc3183ed79e119542e3c0370a6ac8102543edf55b4799eff8b9b8f8fa7216faf585907e07a7bc714685864005eaa3e8ecc2ef9846b7545647df6da4fc61e85a24bc244621f4f8c3671530cc9f7b2676ea8e78acfa05d0ee767bf5b3d7d006515690a98d689e63131bf4b343802cdd31df2cadd542839063a546659a28bd8b400c25b08a91536b578812faf9dbf478dbb42cb6f67b01fbec041daa7fc6b016ab922a76a13291c2771f8506fe0c0f454842aed5cde75a0694a2bdd516f22e44d414abb689e81fa0d0c1755c0cb53f87dcb8c2003ecb6d4a43d6e27ca491d5ccc1dae1ae4db1b7df0e1164be263b788a8e370e5384293a823228a0b3f68552183d8639e69857276f8ea19ba860f9d3716da8a8a9885b233120716ede543522cbc00be0dce84848b93f219bb854482573679020423f82d282cc852d4cad7c7419a6928ec9287cbd895980cb35f97362c26bcdbb53ba59c6bc4bac2b3c42022b4b48af6724f31d0a6ef43c2dcb7b2181aed709394c249796e2efaa8d96e76aa187b13bf11461501cbad343c6f0d05d6b64c4bfbc5fad225b0b29c04de66bc6a521730080638c211d4c8a067809cebe5c61f8617d5fb366d2d7e7e29a13d466438d342b43f47d2714b44f830f7dbcd000674e20a88d75f486f79bb672a9c743fadbd67373dec5faa231a2ea409ae1acbe0a45bcc4359f2fd259109df82eb6e46815a24e2f88b2ea37"}, {0xb8, 0x198, 0x6, "0c88a9e2c4b3c5aa9cc8b3569f1928028d6009b9c409052176db3dbdab0118a77b7690bf37acfba4358c38b7939408f3ad14de695bd621184caac750ac2a3120d1bb6a075d05fcca4b171616997d9e2ee6fa2a596b5cff2f6c6246acca3b708c9d5c7f3ab7f966adf425c5ee377ba35c9ab753cc5407287430cd9bd20e8973732a895b18a47201b2b16bec3246c58980e30380a11a1f733ef11a85e6ed1b0c02782d5d92f1"}, {0xc0, 0x11, 0x2, "b7890a0bc852cae5f3db95de930143746c61d9183601b7785996e9a9a6795c417474d0321fc85fdd80adb06b84bbbcd5900229695ac7f68e35c094c06192c36a9d6f32666830f2497895a4f73ac629b0575024fc6f0cf1cb5ffb4678cc8403ae98345c9571c98294753a07a97ef2dd7bd2ea02cc2c760307dfe79d1b6c12896ddbf956c927489f46bd60635cc7b04221cc1646323d18eb8efec1cb43301969e9b06a0669139277eca69773ab10ea"}, {0xd8, 0x113, 0x6e0, "9869788a46506885a5c8f3f71b0266496deb619f0cc49fd93a254e208d56c0dd4a10ecb41c013d520618a2fdf3cde8abdf4ff4b19344d49e5c465e66cb9e7a331cb13235cb73266c4b6800e548efd1784d624d9cb8f0d52fa35e34b98f81727d483588f4b05e753b6853bb8abb2086b90611de200030d47e557bd4889dce931b3229dc30d61166b68b78138094aeca637ebef3bbcb1acfe6cc3a08da2b13a9795d7d535edc9a45a22383c1414f6e790349cdec52cf40c2d18af7c01d4ae7e4ceed"}, {0xb8, 0x13a, 0x4, "f120827fc72a1dcf29a02ff5f9f9a1b0e4b68e19402fc5e470fb9ff81d75d52900609c22020a9ef18ebdf3af4bd8463c96435f2601af04b008b3a7e1281a5790ad43484b7e436a9032c2c7f945dd74ef9b508e9e00007f6992bad97d4396fb6f38da00882ef63a1dd4eebca85a631e9ec83ee4fec178cc92e07a3ffff7c8a35d963801c1e0e7eca2c168d0a6a7036167933d15966685def1f952a829fbf7665d2ec04f0d5056"}], 0x1318}, 0x0) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x4030582a, &(0x7f0000000000)) 00:54:52 executing program 1: r0 = add_key$user(0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe) keyctl$update(0x2, r0, &(0x7f0000000280)="93f05c92556563f88da7a729281c4ba86fa49ad46fb8f3ea1f6c7699124a1b13747cfad59c98f4ca56e24d1b4503637b15878bb1a17f32162cd67564cee504bbebf8a7ae255291adf3f26e82f64ab95192ea673c490bfa1f279b4441c8c171b0778d599d22ed08de8a1e3b3c31c1edf177b4aab4134486012e969dac79fe510ea5b249f407000010000000000005000000000000000000000000000000", 0x1000000b7) r1 = syz_open_dev$swradio(&(0x7f00000000c0)='/dev/swradio#\x00', 0xffffffffffffffff, 0x2) ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_TEMPO(r1, 0xc02c5341, &(0x7f0000000000)) mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xfffffffffffffffd, 0x11, r1, 0x0) [ 757.574713] syz-executor0 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=1000 [ 757.586082] syz-executor0 cpuset=syz0 mems_allowed=0 [ 757.591786] CPU: 1 PID: 21099 Comm: syz-executor0 Not tainted 4.20.0-rc1-next-20181109+ #110 [ 757.600368] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 757.609804] Call Trace: [ 757.612393] dump_stack+0x244/0x39d [ 757.616012] ? dump_stack_print_info.cold.1+0x20/0x20 [ 757.621195] ? mark_held_locks+0x130/0x130 [ 757.625420] ? mark_held_locks+0x130/0x130 [ 757.629638] dump_header+0x27b/0xf72 [ 757.633336] ? print_usage_bug+0xc0/0xc0 [ 757.637377] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 757.642901] ? pagefault_out_of_memory+0x197/0x197 [ 757.647809] ? print_usage_bug+0xc0/0xc0 [ 757.651857] ? debug_smp_processor_id+0x1c/0x20 [ 757.656523] ? perf_trace_lock_acquire+0x15b/0x800 [ 757.661443] ? perf_trace_lock+0x7a0/0x7a0 [ 757.665661] ? mark_held_locks+0xc7/0x130 [ 757.669797] ? mark_held_locks+0xc7/0x130 [ 757.673928] ? print_usage_bug+0xc0/0xc0 [ 757.677971] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 757.682710] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 757.687294] ? retint_kernel+0x2d/0x2d [ 757.691166] ? trace_hardirqs_on_caller+0xc0/0x310 [ 757.696093] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 757.700842] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 757.706292] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 757.711038] ? retint_kernel+0x2d/0x2d [ 757.714918] ? _raw_spin_unlock_irqrestore+0xaf/0xd0 [ 757.720041] ? _raw_spin_unlock_irqrestore+0x6d/0xd0 [ 757.725127] ? ___ratelimit+0x3b9/0x672 [ 757.729081] ? idr_get_free+0xf70/0xf70 [ 757.733044] oom_kill_process.cold.27+0x10/0x903 [ 757.737787] ? _raw_spin_unlock_irq+0x56/0x80 [ 757.742269] ? oom_evaluate_task+0x540/0x540 [ 757.746663] ? cgroup_procs_next+0x70/0x70 [ 757.750884] ? _raw_spin_unlock_irq+0x60/0x80 [ 757.755376] ? oom_badness+0xaa0/0xaa0 [ 757.759251] ? mem_cgroup_scan_tasks+0x1c3/0x1e0 [ 757.763989] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 757.768730] ? mem_cgroup_iter_break+0x30/0x30 [ 757.773302] ? oom_badness+0xaa0/0xaa0 [ 757.777171] out_of_memory+0xa7f/0x1430 [ 757.781125] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 757.785688] ? retint_kernel+0x2d/0x2d [ 757.789557] ? kasan_check_read+0x11/0x20 [ 757.793687] ? oom_killer_disable+0x3a0/0x3a0 [ 757.798173] mem_cgroup_out_of_memory+0x15e/0x210 [ 757.802994] ? retint_kernel+0x2d/0x2d [ 757.806862] ? memory_oom_group_write+0x160/0x160 [ 757.811692] try_charge+0xdcd/0x1720 [ 757.815389] ? kasan_check_read+0x11/0x20 [ 757.819520] ? mem_cgroup_from_task+0x1f0/0x1f0 [ 757.824171] ? get_mem_cgroup_from_mm.part.62+0x221/0x880 [ 757.829687] ? trace_hardirqs_on_caller+0xc0/0x310 [ 757.834595] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 757.839329] ? lock_page_memcg+0x350/0x350 [ 757.843551] ? lock_acquire+0x1ed/0x520 [ 757.847539] ? mem_cgroup_oom_control_write+0x100/0x100 [ 757.852887] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 757.858408] ? check_preemption_disabled+0x48/0x280 [ 757.863724] ? kasan_check_read+0x11/0x20 [ 757.867858] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 757.873113] ? rcu_softirq_qs+0x20/0x20 [ 757.877076] mem_cgroup_try_charge+0x627/0xe20 [ 757.881660] ? mark_held_locks+0xc7/0x130 [ 757.885793] ? mem_cgroup_protected+0xa60/0xa60 [ 757.890456] ? retint_kernel+0x2d/0x2d [ 757.894329] ? trace_hardirqs_on_caller+0xc0/0x310 [ 757.899244] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 757.903991] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 757.909443] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 757.914187] ? retint_kernel+0x2d/0x2d [ 757.918066] mem_cgroup_try_charge_delay+0x1d/0xa0 [ 757.922999] wp_page_copy+0x51d/0x24f0 [ 757.926879] ? follow_pfn+0x2e0/0x2e0 [ 757.930791] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 757.936309] ? reuse_swap_page+0x4bd/0x1520 [ 757.940614] ? swp_swapcount+0x530/0x530 [ 757.944665] ? perf_trace_mm_lru_insertion+0x1490/0x1490 [ 757.950099] ? trace_hardirqs_on_caller+0xc0/0x310 [ 757.955013] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 757.959754] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 757.964590] ? print_usage_bug+0xc0/0xc0 [ 757.968636] ? retint_kernel+0x2d/0x2d [ 757.972509] ? trace_hardirqs_on_caller+0xc0/0x310 [ 757.977435] ? graph_lock+0x270/0x270 [ 757.981223] ? __lock_acquire+0x62f/0x4c20 [ 757.985455] ? mark_page_accessed+0x58a/0x2040 [ 757.990027] ? find_held_lock+0x36/0x1c0 [ 757.994079] ? do_wp_page+0x518/0x2920 [ 757.997947] ? lock_downgrade+0x900/0x900 [ 758.002079] ? wake_up_page_bit+0x6f0/0x6f0 [ 758.006392] ? kasan_check_read+0x11/0x20 [ 758.010531] ? do_raw_spin_unlock+0xa7/0x330 [ 758.015072] ? do_raw_spin_trylock+0x270/0x270 [ 758.019636] ? __pte_alloc_kernel+0x220/0x220 [ 758.024118] ? perf_trace_lock_acquire+0x15b/0x800 [ 758.029036] do_wp_page+0x520/0x2920 [ 758.032737] ? check_preemption_disabled+0x48/0x280 [ 758.037746] ? finish_mkwrite_fault+0x650/0x650 [ 758.042402] ? trace_hardirqs_on_caller+0xc0/0x310 [ 758.047317] ? mark_held_locks+0xc7/0x130 [ 758.051538] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 758.056293] ? perf_trace_lock+0x7a0/0x7a0 [ 758.060517] ? __lock_acquire+0x62f/0x4c20 [ 758.064743] ? retint_kernel+0x2d/0x2d [ 758.068634] ? mark_held_locks+0x130/0x130 [ 758.072853] ? follow_page_pte+0xdd7/0x1ab0 [ 758.077156] ? lock_downgrade+0x900/0x900 [ 758.081295] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 758.086812] ? check_preemption_disabled+0x48/0x280 [ 758.091811] ? debug_smp_processor_id+0x1c/0x20 [ 758.096465] ? perf_trace_lock_acquire+0x15b/0x800 [ 758.101377] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 758.106904] ? follow_page_pte+0x4f9/0x1ab0 [ 758.111209] ? print_usage_bug+0xc0/0xc0 [ 758.115259] ? undo_dev_pagemap+0x680/0x680 [ 758.119563] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 758.124128] ? retint_kernel+0x2d/0x2d [ 758.127995] ? trace_hardirqs_on_caller+0xc0/0x310 [ 758.132904] ? print_usage_bug+0xc0/0xc0 [ 758.136944] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 758.141689] ? __lock_acquire+0x62f/0x4c20 [ 758.145908] ? lock_acquire+0x1ed/0x520 [ 758.149866] ? __handle_mm_fault+0x1fa9/0x5be0 [ 758.154436] ? kasan_check_write+0x14/0x20 [ 758.158676] ? do_raw_spin_lock+0x14f/0x350 [ 758.162985] ? rwlock_bug.part.2+0x90/0x90 [ 758.167207] ? print_usage_bug+0xc0/0xc0 [ 758.171259] __handle_mm_fault+0x3be9/0x5be0 [ 758.175656] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 758.180490] ? mark_held_locks+0xc7/0x130 [ 758.184632] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 758.189383] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 758.193954] ? graph_lock+0x270/0x270 [ 758.197738] ? graph_lock+0x270/0x270 [ 758.201526] ? find_held_lock+0x36/0x1c0 [ 758.205575] ? handle_mm_fault+0x42a/0xc70 [ 758.209791] ? lock_downgrade+0x900/0x900 [ 758.213921] ? check_preemption_disabled+0x48/0x280 [ 758.218920] ? kasan_check_read+0x11/0x20 [ 758.223055] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 758.228312] ? rcu_read_unlock_special+0x370/0x370 [ 758.233225] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 758.238744] ? check_preemption_disabled+0x48/0x280 [ 758.243749] handle_mm_fault+0x54f/0xc70 [ 758.247794] ? __handle_mm_fault+0x5be0/0x5be0 [ 758.252358] ? __get_user_pages+0xbc4/0x1ed0 [ 758.256754] __get_user_pages+0xa3d/0x1ed0 [ 758.260985] ? follow_page_mask+0x2160/0x2160 [ 758.265467] ? mark_held_locks+0xc7/0x130 [ 758.269597] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 758.274335] ? mark_held_locks+0xc7/0x130 [ 758.278462] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 758.283202] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 758.287940] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 758.292503] ? retint_kernel+0x2d/0x2d [ 758.296375] ? trace_hardirqs_on_caller+0xc0/0x310 [ 758.301289] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 758.306042] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 758.311480] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 758.316219] populate_vma_page_range+0x2db/0x3d0 [ 758.320966] ? follow_page+0x420/0x420 [ 758.324840] ? __get_user_pages+0x744/0x1ed0 [ 758.329232] __mm_populate+0x286/0x4d0 [ 758.333103] ? populate_vma_page_range+0x3d0/0x3d0 [ 758.338015] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 758.343532] ? ns_capable_common+0x13f/0x170 [ 758.347928] __x64_sys_mlockall+0x45b/0x630 [ 758.352235] ? __ia32_sys_munlock+0x160/0x160 [ 758.356734] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 758.362259] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 758.367610] ? trace_hardirqs_off_caller+0x300/0x300 [ 758.372718] do_syscall_64+0x1b9/0x820 [ 758.376585] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 758.381935] ? syscall_return_slowpath+0x5e0/0x5e0 [ 758.386867] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 758.391690] ? trace_hardirqs_on_caller+0x310/0x310 [ 758.396688] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 758.401694] ? prepare_exit_to_usermode+0x291/0x3b0 [ 758.406696] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 758.411630] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 758.416799] RIP: 0033:0x457569 [ 758.419983] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 758.438867] RSP: 002b:00007f835d885c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097 [ 758.446557] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 0000000000457569 [ 758.453820] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 758.461069] RBP: 000000000072bfa0 R08: 0000000000000000 R09: 0000000000000000 [ 758.468318] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f835d8866d4 [ 758.475569] R13: 00000000004c2b54 R14: 00000000004d4810 R15: 00000000ffffffff [ 758.485070] Task in /syz0 killed as a result of limit of /syz0 [ 758.492750] memory: usage 307200kB, limit 307200kB, failcnt 2261 [ 758.498935] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 758.505867] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 758.512169] Memory cgroup stats for /syz0: cache:144KB rss:297548KB rss_huge:268288KB shmem:28KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:61576KB active_anon:17080KB inactive_file:0KB active_file:0KB unevictable:218980KB [ 758.534183] Memory cgroup out of memory: Kill process 21064 (syz-executor0) score 1216 or sacrifice child [ 758.544326] Killed process 21100 (syz-executor0) total-vm:70468kB, anon-rss:18068kB, file-rss:32768kB, shmem-rss:0kB [ 758.560054] oom_reaper: reaped process 21100 (syz-executor0), now anon-rss:0kB, file-rss:32768kB, shmem-rss:0kB 00:54:54 executing program 0: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000000)=0x102, 0x4) bind$inet(r0, &(0x7f0000942000)={0x2, 0x4e20, @multicast1}, 0x10) getsockopt$IP_VS_SO_GET_SERVICE(r0, 0x0, 0x483, &(0x7f0000000300), &(0x7f00000000c0)=0xfe18) r1 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000400)='/dev/vga_arbiter\x00', 0x3fc, 0x0) getsockopt$IP6T_SO_GET_REVISION_MATCH(r1, 0x29, 0x44, &(0x7f0000000180)={'NETMAP\x00'}, &(0x7f00000001c0)=0x1e) mlockall(0x1) clone(0x0, 0x0, 0xfffffffffffffffe, &(0x7f0000000080), 0xffffffffffffffff) r2 = open(&(0x7f0000000140)='./file0\x00', 0x0, 0x99) exit(0x7fffffffbffefffd) r3 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mlockall(0x3) ioctl$VHOST_SET_VRING_CALL(r1, 0x4008af21, &(0x7f0000000500)={0x3, r2}) r4 = getpgid(0xffffffffffffffff) setpriority(0x1, r4, 0x5) r5 = getpgrp(0x0) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000280)={0xffffffffffffffff, r1, 0x0, 0xf, &(0x7f0000000240)='wlan0\\}md5sum#\x00'}, 0x30) setpgid(r5, r6) vmsplice(r3, &(0x7f00000008c0)=[{&(0x7f0000000800)="50e005e6815dc6b00b10002c519c66795de0d52fc076f1eb6a9c58cde88a6eef0093b24a178e84740aa6d1618e2033d38d4aea0fb17cda768820a83864ac14405192e4549c3ad33fca5d187507c5a984d6a0c72683e7af2d4a070000000000000005b6d0dce139e4c627395426a1f6fc0b416f7163eb07000000d9e0203181735ccac1e530c361262a0a5e0a98e9ca3d17f2f2f0c116fa9fbdbe757d93e323d17f29", 0xa2}], 0x1, 0xf) ioctl$EVIOCGEFFECTS(r1, 0x80044584, &(0x7f0000000580)=""/190) mq_notify(r1, &(0x7f0000000540)={0x0, 0x1c, 0x7, @thr={&(0x7f0000000440)="4c272be7ad31b92a7819bd4438656080ec27849a76ffa174b3fe114201140a34e5e6cb4d6a3ab9bcdc80a2717dd8542f33caa13b8c9cb9f5d11d4c66dc81779917000c05979ce491010f7259d0ecdb80fb30d6cba6e2b753ac23635fbb3d879cc2982fb4bbe1afcea02f12d11d43e1337c25411ae04bd8efc06636c455e15689c75b95c24f0dbdd30bdf91f2313a3e39b263ff5196302f1880765440d8b1", 0x0}}) accept4$inet(0xffffffffffffffff, &(0x7f00000000c0), &(0x7f0000000100)=0x10, 0x0) setsockopt$sock_int(r0, 0x1, 0x3c, &(0x7f0000d4effc)=0x1, 0x4) remap_file_pages(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x4, 0xa1, 0x40001) connect$inet(r0, &(0x7f00000002c0)={0x2, 0x4e20, @local}, 0x10) ioctl$FS_IOC_FSSETXATTR(r2, 0x401c5820, &(0x7f0000000200)={0x6d, 0x7fff, 0x400, 0x40, 0x4}) sendmmsg(r0, &(0x7f00000010c0)=[{{&(0x7f0000000bc0)=@in6={0xa, 0x0, 0xffffff7f, @mcast1}, 0x80, &(0x7f0000000d40), 0x2fb, &(0x7f0000000d80)}}], 0x4000000000001b4, 0x40400d4) 00:54:54 executing program 2: add_key$user(&(0x7f0000000040)='user\x00', &(0x7f0000000000)={'syz'}, &(0x7f0000000380)='X', 0x1, 0xfffffffffffffffe) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_open_dev$swradio(&(0x7f00000000c0)='/dev/swradio#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000340)={0x0, 0x9, 0x1, {0xb, @pix={0x0, 0x1f}}}) mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xfffffffffffffffd, 0x11, r0, 0x0) clone(0x0, &(0x7f0000000080), &(0x7f0000000000), &(0x7f0000915ffc), &(0x7f0000000180)) ioctl$ASHMEM_GET_SIZE(0xffffffffffffffff, 0x7704, 0x0) add_key$user(&(0x7f0000000240)='user\x00', &(0x7f0000000540)={'syz'}, &(0x7f0000000600)="63bbdf5b932bb04481028798fd5fb1bf7183b30984e21c3eb3094d70650ee8624e2bdce1427bd61c8e222dbd67d402b7ccaf0c5dc50030ee14d419fa9c84b0ffd1019f1b2ae022a0f182301f9942566e6f61eabe384c732d0813a18bb3dc9f3a678d9d44e6293e786ab2e6d28f236c138d63fe4f6ece6f3d04", 0x79, 0xfffffffffffffffd) openat$autofs(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/autofs\x00', 0x401, 0x0) 00:54:54 executing program 4: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000280)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000480)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) read$FUSE(r0, &(0x7f0000003000), 0x4ea) write$FUSE_INIT(r0, &(0x7f0000000600)={0x50, 0x0, 0x2, {0x7, 0xc, 0x0, 0x0, 0x7ff}}, 0x50) 00:54:54 executing program 5: add_key$user(&(0x7f0000000040)='user\x00', 0x0, &(0x7f0000000380), 0x0, 0xfffffffffffffffe) keyctl$update(0x2, 0x0, 0x0, 0x0) syz_open_dev$usbmon(&(0x7f0000000000)='/dev/usbmon#\x00', 0x1, 0x101100) r0 = syz_open_dev$swradio(&(0x7f00000000c0)='/dev/swradio#\x00', 0xffffffffffffffff, 0x2) mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xfffffffffffffffd, 0x11, r0, 0x0) ioctl$ASHMEM_GET_SIZE(0xffffffffffffffff, 0x7704, 0x0) 00:54:54 executing program 1: r0 = fcntl$dupfd(0xffffffffffffff9c, 0x406, 0xffffffffffffffff) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000100)={0x0, 0x7, [], @raw_data=[0x8000, 0x5, 0x54, 0x7b, 0xffff, 0xc000000000000000, 0x200, 0x4, 0x1, 0x9, 0x4, 0x1, 0xeb7, 0x4, 0x401, 0xfffffffffffffffe, 0x2, 0x0, 0xffffffff, 0x9, 0xfffffffffffff20b, 0x3, 0x80000000, 0x6, 0x1, 0x1, 0x7ff, 0x7, 0x87f8, 0x16ff2f08, 0xfff, 0x5]}) r1 = add_key$user(0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe) ioctl$SIOCGIFHWADDR(r0, 0x8927, &(0x7f00000001c0)) keyctl$update(0x2, r1, &(0x7f0000000440), 0x0) openat$uinput(0xffffffffffffff9c, &(0x7f0000000200)='/dev/uinput\x00', 0x2, 0x0) r2 = syz_open_dev$swradio(&(0x7f00000000c0)='/dev/swradio#\x00', 0xffffffffffffffff, 0x2) mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xfffffffffffffffd, 0x11, r2, 0x0) ioctl$VIDIOC_S_MODULATOR(r2, 0x40445637, &(0x7f0000000000)={0x56c49ba7, "8bf4ac06d5566e27dac29e2714d4c8d235e27365664542f0d3fd406caeeae20e", 0x0, 0x5, 0x9, 0x10, 0x2}) ioctl$KDGKBLED(r2, 0x4b64, &(0x7f0000000080)) madvise(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x2) munmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000) 00:54:54 executing program 3: syz_open_dev$mice(0x0, 0x0, 0x0) r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000400)="2f6a7374617400c65381b47aaedf2af5c8af3423fc41891bd2a3c56d8c88e29bad43f1da906e855ff182de04227edcbbc2b1df8f180e158e8abd442cc049cffda030ff277875ee010000000000000000000000000000000000000000000000f532144d1671a6cdf5069e5bddcf25cd7f23956b4a82df900f5eb5763b4fe8cc7172962d2590b2dca2a1308c382541b053194d9027d83ee7ba2e3280857f8f9f63fc90bae959c6e67078bf97e615bfd9409914958aadcfb37973543c60d83526e5c267f7dfa54bd524cc9671dedd665199322bdadee125a35b40b7be0c07301f439a7edfa26fa98277c8078b02e2076291c33787c58b0eabbc39288fc10509409de108f5ca26a8c8e1afb70b2a9569cf8f4cdb6d4e97eb7fdf241dee160e6071618333cc0b0e8bc6a17a0b7d604550fd149ad078ffe54c6392fba29015a3ae73774cd12c9c0ed251a7cf843d712d", 0x2761, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)=ANY=[], &(0x7f00000001c0)='GPL\x00'}, 0x48) r1 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x2761, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r1, 0x4030582a, &(0x7f0000000000)) sendmsg$kcm(r1, &(0x7f0000003f00)={&(0x7f0000000380)=@nl=@proc={0x10, 0x0, 0x25dfdbff, 0x200000}, 0x80, &(0x7f0000001a80)=[{&(0x7f0000000580)="fe6aac7582909b7dd765e641c205ca3455105c58bb892c4962cdc55808280e50df249c1a06c9f66c50ae7d283f3a720395a21e35f11bcf5e65b73b5ef11e315bc60f919a1ec85d6e72720f5d17869266d9246e1cce3b9ca23ef18c31ea5fa1064661d50e41d3d22ec66f2dee010a4633c9bcb77a371c92c65090a39f4a223694578877e8bcdd5c39ebb7a35b6cdb56e692191c64d346a200d31457f9ca26df7bd7d9e6b97d85e9e29507e8de18ee85152792471fd10b8c6b58255bcd27203b40896fa87c8aa4a8800de6089561eba5ecf887a5819a12b0a51300b413ef78dd95", 0xe0}, {&(0x7f0000000680)="ba233353e28a95cdf89887840231b7a58f166e794ab950ceb477cc905859dfcab94d88510795d3f76e24d9e38f73dfe4eb747a583edb6d9de803a2ecb7d717792cff628c8eb1f50bdaef6eadec41d877454301c15cca7e6fcc358f9031fffd7d05064528951ba225c8d1dd6c08c367f3c5ef3e38f7b63901f77719a6d74f0c73ade017b82077c58266ddeca30eb18b37fba6796af12b7c301e2b7cab39f389726af6daf78ee227c9bbbfc7c844f41e28eacb56c6317bb5b2f6c3f584a5444731cc896204ffde3a9b38dcddb175361635ed51a4712cfcda9095a8f85866325c273f2ed61ace9f7e6c3436ce26f577af5afbe1037215", 0xf5}, {&(0x7f0000000780)="f5737ac9d0c393932455f33ed2dc8a4b13c84d808edc732d81aa65187615db947b4ee7cba64db18f92a6ad9d9e45eb54ece519637143e2ba228a8759a1cccb0ee1640d2163814c98ce81c2fdacafa61197822efb5feaca4168a26dfd860b1bef925d7136d2d7f771a228924bd8507e6e0d6653cb9c0cfba2abf3ef3c324fa5c83d3394bd", 0x84}, {&(0x7f0000000840)="dd76558bbc0f5d9d7ac4fd424efbe8ab642e360c601bee3d1d8b8eec3c83324da53dc59ce6baa0a9a570599d7f41db12be6386c5395c461d85badaf0228e5385b947b328c539a48a13ca7c565c5ec9b3640008250442f16a6c85977ee3f8d60b2576c023d3389c29c992a0ee2c2222", 0x6f}, {&(0x7f00000008c0)="5bc19d6a5f431eb6576c627e7dee9817d83e3d5dccdfdff0d0ca615beae0f8666bf8f311e73384163aa8c95868c32dab069347ad7efdb9ac69d4fcf33994d1619d3218f6c3a1b87b0d215aede0ec5e45c632076787d46170cc0af91aea26ce", 0x5f}, {&(0x7f0000000940)="6710ad64ba010f60c3e404e085659cf550881bd814871ae27367897c868811a1dd05291e32e5d9f7ac257bd7b5ef3344f6", 0x31}, {&(0x7f0000000980)="14ec171724314a575b52f1aec9977dfb867d66e9f9251262d76491c39a1111f9170cfa3cd87e5ca992e83f86f8b1390f75dbffeacf7e3f5917c4a9ae5b54ff6be6579846f9e6", 0x46}, {&(0x7f0000000a00)="a885ec207c72a5828be3232eab6b3d604417c0467c0774d14a723a8c94830e07cbf02a15feb4cd48f50e4c2720ab9454cd39524f7f9128fedd7d1fb1579ca6d9636e9f70b8137fd5a3e6", 0x4a}, {&(0x7f0000000a80)="a31cad81c86ff7d24c826b60f3eb1dff6f9db07f4f78c044880f9362a5c23b2f5061d3ff37b701b87430d6ef4a3317d19c3ae83f48394844eb0bcad5eb96dbbdae7e4b23261e04439bf977834e90eea05732612fcab56b6563b053636fe588c119190f2c35af4022f07d0a18ff3d68ef0735f93f778de5c29e142878f9397aa67de325dc14ee5a793e8f9208ab6249e4f054ca79d18f49a52d008b757e300fb075cd4cbb7b8b5f482fa71cdc2ecb86db7ae2040bb4e6e1abf9c8a819ec56b16c55d3bda03341fc7d1aed697fcd311f1756d06c965078db34b925ff6036afbdbfe2284bcc67d7e4b6a75a3da1938e8e03326af8db9372af959d17e3d8cea0ae04dd55ed8c8c33d91442274952f942b43958071cb5a7cdb1e93db80703dfd6e3f40b941470a223b05c6d52a13350d1e45d1827c02fc0d52160fb92e62d5cadb294c03551c17e86971523cbfc9ba04cf1c59da6e4b61b1a30eb771f0fb12b17e8566384de68c31262ea631d5cbd386cd8c256ea7aac5f4da504c4a9f9183a5a2a48dc657ac0727ff46d97ff85f483f35365cd4b16060e7cff08ddf890a1696f464dc476b9666e2218657d4188a557f198992dfc555e5d58908867618df6d3dbf001b330d2384faab8e7f20eb4c0311087fcc4b026af4ffdd97978a06ad068c75732792d34fd59ea8aec2dd031f99c0e2d196975118b5360881ec51d353d8b620dcd5c4a2ea289efc7af00846e7b1fc786a44c28fe7378acb04bbac4b22d7528ed1f76b84b3476ed49b95d0f027a3d6b6b6702125f059ab8216529b547b08078f290f26df4fa811055b388fa70644d0d044f3b9999c061ee3faa95f96fe2f10ff195e24a28ad2613ec7c6ee380039d491757f413032de08356ebf9f67f017f739b292329eab26461061a349a98434b512bc783c4a5c3f9bbc3e07961d5708a5eb001e3186f3c2412c09b01557cdf3157109d7f25a6831bda887b15d1a4f78be0b3b1b23c298a0d9d7b8106727a8d333ccaf737ac7049c5356d56fc1a87adf9acb604dfea8d3b9daa7617080aa91633b1ab488644a7068da38fb7edb946b02aacbfa3e7b5308c17b3a9b8c5e2fa6408113d88af6155e2886b9ac177a99d5ad1d033dc7709c931b47429ca382344805f953f43efe24f9cac522202de5d6f3829fb2a4e904edfc7dc7f6ec8bf6657da3f0e7c24faeb48886c30a6f3cb6bd23e04fb11e2a5292625f33a0282d2de4b6924a649499dfe00cf7bd7fc293475e65fda813d22ec0884a65191dfc33d9b2ad0d364d0b450e459ab8886c102ac1ac7f4f1fee6ebfdd585234a90d0e6ab75fd75bc7c234ea8c8cf8a5654fe38ba1106a7f71aae73225d8d69957ec5ec99728fdc6364a2099b2de888d8b2a13f2aff8ab4e75e85a75db26ce3c8b9a30556810e0aa14d118350f5f09bb79db2531099ac128679ff6fbe3faa1528a5080df9755f9ea1c245ec9f3c148de5a73b101a53d8ce3ff813f0b88199a58d41538ccf2b6acf6b58ccf88c9db8182f8eeea26ba3f4ad47b6c7b87124e0a986373f4fd310570c47571593c3a1d93327659e34e6f4a3e33c4cdbd96f298dd27734dfa77739e7f1068b9f5d0aa39c9fd2a485bc47850cc19111c6c002e93376bcc4915a3937f024ca46e83f344b0d1f5f72f60979854baa49c5f4c32145dedabbdd394afc1d7e1501f54d21859695e6118a3b65df1b58ee85ad110599d076f59d43d16d1b3b15a4f10e72a287258b6eecec6abee219740f50ff8dc63385e04ce9dfccd5d9c343d6061225096b0376669e8b991d662bf19968524ff59cbf3214ae7839b3a88c79de6996177e9564c3c6f0b1211edf9e6dea7e5474f828c8c7212b6029428294e00c0a0af04a9d29cb5fdbfb984fa656d9637b225dabe21ad956c2a5a6f7ac14ba275ff2fe4dfc182a6e4c15ee2c0919c081b807fafc49f42ef0e6d11e6316e058acf47ad58b3ac50c163e11f557511594b8c23a671767d3d55114fb6fbee08b056b56d054b5a25185e0c8dec670b7a870191ff594788e1412ea9fcd3bb66fd15f8ab8c5eaefae6acd4b0b61d105b5cf5b831013d8f24babbc8920140c0d442b847c94cef7af04999ff1cd9a6d05e3019aef252f315eab0bccdcffccafa8590de9477321b3ddaa8c3068d2abe179f0a1b734d4ecfe23dff027c0f76e72459364a0ad158ca0f7be6c4a8869adb0f3c5af3470f9180a39dc23cd5945b59dbb906e7ad14e215d0f251151a0d4cc9f53420d49c76b8fb14efd0a0c93187e00eed0b5617ab08da6aea1d2b590f474f9b690592740a15e62bd8da72e53145523e8a268b76244fef39a395d82139822e138b6efae97a5086b8e0dd46a9a57919ec582bbe400118f32f4b520ec04df029eda61d5384c221e89c6da83fa0b17072e99810fb4b8703488581a67473a503d0121ab13b49bd7949e5a183c3d447feb08493f9dc0620fb071e395e74b8e2ea6d0549250ed158e5a8ef99838105cb65ff4a63dd32565360d6f65aab92b2b4ef6d5292da5b8330d68e4d5228866ec460cf5dd966fb6b92a210e83b974d7394a32d35260eb52255b27923ac73561e8cb3a1acb2fda54257f6bba915f6791ba45af7480d4047ecbd0dbe79195065e3b7fa0a2781685e34fda91991c527371aa1fb29c671ac24ec9ccff82426ed3e663092d28a2430a3891d7b8ddf721516e1e04357303860f5336b7b8f61c63017ead73c16464cc97fcb8a1955208b7d8334595f0e1441b5c1e60226f3b140e8e77aeaa85f94aef1cfd973f216b86de04f14721053438b342916dbf6a31d24d48582d0b6ea1180204c0a816ac20d91f24537b567542595ed355839c77c8d9b66b385f8a9d65b1df98bc44e6e310314a1d18d93b7ccfac4eadec455bcb85fd7abda3caf98aad45fa8c2f70f9f8579340efd3724d1812abacf2f2c7cd0214592f76fef74d5740187de468e7f352d697d467272f823840fdcdc9ca7955b0ca669c2b449186f557cd8dbe4cf1ec84b9911dc66e31e6611a9219cebab73bd8b4780d7933681891f72fcbba6f63566df741aeb85c5010b921ed52787a31a9e1f1b91befabb3d4a1f1047100e0a15715c81c2db4a1527a1215a671165e674853e44f13c36c4bc496deb2fa7cd6cfedc81ddce6c41f6c23a33c8aa4175c9ef5a1def92e0c57069c45edd6a06ba4d56bb2046b2fd05cf04feda65808b09c65b1813b2ead89beab0df43ac41443d46712ce6b7df9a36f18612878c78618e4df6270a9eab545282fe06a1650bc03655c7ae4239f64c1f7f407fbac5859ae28070597526fd07d34525d566151486d5402783ee5a9407b042c9e1eabd3686bfaf641824b6ecfe4c4dd8e77de7dd0f32f0087c416741fc85793885b1f847245f2595ad059dc1984b2b53edc3eb101cf88e5d94a5c6eede4b27e9bece3581b1edfca8ae8a8bf7610a1278a2b8550c8a69efa9d64725020aca9f1624822c609efcbb17d3ea65d228bf021f31d8b2c2c556539f9e26f36c3846e8bfe61fdf8744846a3ce6f0b8bb0cd2728994b467f94dca83456d299004a9c2b5c3b104874e5f4a15c8e62cf676cae7dd0b2b45273ef04693efb048af206e0cf549bef39562133a3f6d64de27a0c7151199e5b7368e383af2300cef787efa78c4a3514a2ca924d7024c7acb671e8bcef0363a913ae5c19573eb42571719423f98bc79fb0bf249ef1f17940179c1579da8fca03cf8a6b25b0e1d952b3968be7bd005a5d242d2bbd388acb0dc19031c392501d36a01911a2b6eb52b1649acbedf600cd5087eba4f49755e8eda38ce4ebdb00d6dc04613d8305d31d60807c269d3f2360cb28521a931ff3aa67ca0f7c653e30e7b915af8455e1b83537d0c32391bcd7820dafa4fbe70da112ad5a7cb0f7ed861df690c9b3e3ac9c11c5b1ba440c1e38e2bb3998f80f0d5115478cb4eff64ffffd2d15b974c696f871567efc1c0e01f8e2c85bc48a4e6cb291df539eb6732c94ea7aa133d3f70290bff32ac93e2bdd74bddae6187f4022a5c5dec7259446ad298f23ea43353723dcd7cc17e64144ad3ef009011b5ef97e08c0ef531efb53ce077f0264c502f90503bfe5be114084913cb743ca56a350041252833d68dcb4179e6a70aee0309119b36fefac265229b89a4bc98ff9c839a9bb83a4213418003f53572ea1cf59f8f70f93ce97e407e818791f81af6dcd3879475668cf4f61eb7bce9b3f48f9454993a6b7c1dbead7d3f8c78b063e88f576af3b888f13e948d546fbb3c1bfb17483cce7eb6e1b476063758873004eabe793ae3685b98427cae534a963670b013e9609aab68798ad6199e7b2471ff31ea94077133618b4a1880c30f5156df48719ef8766940016172224ff2af5e873157c199bd100ca7fda97665477c0035a7bf4277478785edf12c2c0a2e83ad797d037d693b13fa6348395bf1460f3437df120c837790c4be15affcba769f6b95885f9a6efdb51a25fca83919e2f972babadda527404e0490a2c1069fe4cb30d3b402ea1b6e15f256095e3412c1b435f77eb1320785de1f416b557118b07f207edc66d4aea704fab6bac5de278e37def0c1b927d1a53990aff5a371febd52cc06c74b67ed45fb479520dad6a2415fd2c204f2bab6201edec2adfd73ed6134b3aad63a60bd8b4d48ffb00333c634b6478628b2fed67cb970536abc50a0995748cb926945e89b412819715129fc9ce6c5dcf78738bf9ad4b07dcd73245e3b302c512f06e27919914ee7cc60e0fab1c2086b126f928b6ad96b185c3e7b59e3633f99c528b027989c00412ce0812bfa0164f910c96cdcf0508bea3519296b7f7284e07073f8d7ac85860e997ce2b5f91e398ed2b7dfb36afcf7b6c9ef661065c0a7e432bedfcf839e3a86f9f73bd928d6f9e507078517e8dae760ca2da907f1d25457ad6e59129394d3512120925190b0956cdf0bf734ea9550dbdab31ef1e30264745af6b978f6cd6d673db0e4ebe5646daa09d05cf31444f609fa43665046fde8c26e889d467e5a60e2042df17912d41ec0a075c9d1a6c826c7303e84cb682cd14e52fc4a834bd346655979741d8a4d4bd85ff7028054075ee6b6fe90a6755d4aae6c4ef23c7813d5ef024ad78409774c17786733b0e7d083036dd2984981e1d6f3299b9a85f3b671bd94fa91b5e029d3ffadbe894ad301159b27367f0c407c0096d3b4d0ee1061ebd5f2c5ec28bcd651dd621f7c7f30fc86f780cbccd56557957ae694418cc377a4e5503044bd9c66064f9385361747198c2bb325f16a5cc65076e88470b03bd34e2faa161eff07360a2369b9e1c0a35842e9011ddb08f10c461dbc697ae4e9f4cb5d8413cd01fb55bd2f51f02df9c70b6e10283440d9b7163811bce3fbbb19069b0f682e5628148ce56783908023249d9bdc478536a1f83342fb27851460e6918ed19d0e5612f3371d92f78addefccdc833c18db78216046441313b7d4588b9bac7fb19d90d1f6581f4f911705125b46e673dc862838c8bd222251d914cf0e30c04306a198dd0fc977ffb61862174f7419dc79f5ab2b0d28e57658f397149bfb1a86ec41331be30659082e1c646bb2c0dfa95927142758e92770d4548886007fe4535861c67e977db2b7da792fbc663e8ff123cb8a3810cbffcb7843acdeb3576aa91c3441fb6bc1cf613055616110c7bd8348c3718e719c268aa752919e463966ec65e3d3d4273a8b28d58c2ce5e1d1ab853cfa2422d29339ffde21cfa197f1926817640d79a0b0fb4f29320be495f077552d0136580a68d492c5dcb323b7f7eeccfcd", 0x1000}], 0x9, &(0x7f0000001b40)=[{0xa8, 0x103, 0x882, "4ac00391557ab7889b0f3d4ad3a43b0ecfdb75d85cdf05df360baf89d71a596c317fdd7cfef2a8dd83e6d736cbc38fa91ddff4b0cd77dc2981bbacb9734f7f0719b6cf109d107cafbf09badea85e97355ee0325784901356d5b83fb2bfad1d1757ce7b8693db4b5471048dc7f98bfe1f420ab1d9ea5009fe81805606693835235f0ab48606e60dc43750f2372d7fc24fbb5817a51f4bbad7"}, {0x20, 0x111, 0x9, "2677c689316013371d"}, {0x60, 0x88, 0x7, "369889a13c1d29add20e7a832b9392bcca561cd2718f05d86c70bb571a7b098d8e2dd75144916cb142d458e08ce6a3ff127e3c399f237c7e420117b3c004d8e149c3e5cb7ad568c0ae0ffead"}, {0x50, 0x116, 0x1, "3b184f17d51bdfb9ed2870d78a7aabae01b4a7be53dc77e63cdefad41ef2bc3ff28711dc519400264b546be2e685192110898807fd88fe77e5fd2a557bc7c9"}, {0x1010, 0x29, 0x2, "827640f55c9d0688a6dc1f24ece0f637bcc6c14fd41a40f86d87a837f064eee10887d55dc5c329423660c9c681c6973dab0c752790cd703a126e689f3ceddab11d86e16e4a58c4e978cb4661a96e08ea3477b049111163a6afa5fdec322a723a8c07486af7a6cf642a2a5e6d76d4c45278c443ddd12a9d2527f3089596ea150b6ee748feafcd38f3edd77ead74fb9c87c88a45b1111e2fc6e25cd4989d0042a2c0f625839250b02ff756768d4ecca71d9a49f3390ee55f39fe2e756d3beac0a026ed180f8c857e5859f46c1eb9184808ed8c2652f385942bc727361dff2a7782f6f0d08ef4dd3b1c4668dae2f0b615a7b39581c9ad18c099a0fc5956a46afe2752e81e9b411ab72d8da7f9b310f00b3b7d39ffdb059ae8d92ce2ebefff62b95316c1a5f85a83a41813c6f3dab6cee1ecd3b06558449df9f506c509e6a6757765b58835f6e23c86e489927681550cfd78c29a36a17805376d470f00a541dcc58d7a48cd860250c42254ccbd54bbaeb00515d85cb96f856ec8f02849a17828adaea281c3c55e2830075d5c17689f4b711bf17cac7f4fa1046573b0273a058ba1bbd38362e5cbf91b2c550b7acd4ca627ba6849278696ca6ee0f9d35b08dc12b2f45432d295762c0e0c0c0da8f899cf7d7c6a7c0aea801b8a56c4c9afc4393421d6971a64779785f1456e9c7f16a9e5ce7794742c092d1859b95e477f8da2f48ef6f0777a4d4383808047affa07d4d1e839b208b2d5bc7b59f245ddbfcfcef0aaf863ed118a56b148e98ed3a03ecc7748f5311095c4ea17c3979f24a3446fb7f42d413e934bdd5dbe0a7f8ecc076ea4ed5d62dfddb0beac525844f2e263fb3a0f7fef0390933e7f8dde496734ed86381381533c97a2a1424931aafd03aeb9a98fb98ceb35217d99c8a428b9efcb680f6559bb18a95392cf624376c5fb53557afd8fa2d3ebf7d8138a7d30b911d0a80d75d53284cc73f72ea0cad152f7adf8bee1b3c1b0b41f2c652f980a5740d1dca1642ab99810a4c01451360015a23fe3aedaec64b27bb9b7b80f782e437623bfd5bcea60dccc7595c64cd4a142341c17ec878e6db9f7bf5ade485110d5d5ce594a12293fe3b08933a2bd7fafbc1d36f195720e27ca173e5b3ad3b3e6b2fc78e817f8978589400510eadc0f10c4f09f6843f93fe5019e8aa1263309ff7a0693fb855ea8c3c20740639ef65e06d8e471726dcc4045807b1fcb75d9dfff3ea6f35407768db9eede952d2659bac03556344f3f8b2943f934f125455a5cf89dd7ba7c9b956269f2437abe768ece6a32a09541df741be1f10f8b8f19b3ecd5ec47516052f2bf29d97464fc1081d28d315f53ac6e9bf01e000acfc4bc50f4978ea7b25ca9c3f78b1e6a24a59b2e1fc153f9b8f98a4f07ac7c5d6fcdf01cae93177d428b54cacc691032ca5abc1e8229557d7caf60918f6dc3c2976fb1f2a1df1c1081c33ea6f0d8953f8e8ac8be41246bdeb2e00c3e665c127927b542afc98c58b5b6056f12dc8b31b4985ae691987d967635ad09ed90b2e901d78a02304bac8fdb9a8537bb8db3120bcca3fbdf92517f07a8888a7b4e1f3d104bc4e41f3e0e01dfb9435aa77e49f756379a25681fbcbf0e75e3fe00da7bca793546750fe78e617322ab9834bd3ad9bd1f08e8dcfa809be2477171c9d6a1fd3d21d77c810d5c373a0f3a2e3dd7fabfa1cd37e171f8deb850428c6fd2e2c2b96cb3e48aeecb3ac11ee58cbfefef2cb5a3ac110deefaf19a3c615ceb6250e2c13fe7bd6d4056d8b11e61c85fe30b1f55cfef3e2f3492748f6bd2bd88e36c9f54070bdee5394f3c3b26268a2536c4133a36bac60f7cc4f4d7ca083fa4f268a18db46cf4b961c999653cbb534536f7fe6db6393b0678afde2f979864e05c768f06ea6b51695fbfdbf4ba350a6af44e6d7e5f969ed6d6d28de1acf2860dc52947abd266aaeb4cef67274e61f29ab3bb32cfc744ee8163cefb2b37d14eb568ce486036b2716ed94fd1b837f68cdc968564bccf891f238520ac7e01dc66a4d71abed9635f453cf2dc74872fddccd0198c99a93da1bfcedb87e641a9ac7c066f835876de6d4310c0713784aba44a02fd8bd0a14f99d93d44af0090f56e2418e932e861a6c8f26b6ae798c955b9fdf14ecc42253cfd5e4b3baa8978465f413d7ac5fc2fe15e09f21c097ebbe0cb25b0470c4514b9041b60b7c6809b8ed294251654c51e09fb76170413529c8a26b1039b7d860cb1590822d8231d931e3645a24ce3745cdc842a57b50cc75c7123ec2eacc587c2d145286feb8815597069969cf961112f16ce479178b6ee9e6270302cfd9dbe873a5d2f692d705b46d92f6d310110cdabf67d869d4bf027b0e23c416192f4fffcf99099030656e547eee5007a6c486e65935a8c506e31b08718871322328b2dcaa5065a25ce435c7b30b767481f39caaaf40285df0dea88c6faec062384b87bafad7993ab2f7d3045f98fa34add78564ad6950fe924d21174b3a00659d5240ba680afb1ce66eb827b11c62ac7c8efc98047137adf5997e2c387818e7e1475849efd18407aeafbc1cefe6c3bf7920ac6b2c79d8e0a2bf1889f801b928314420a68cb1a086512f6ae8ffee61114537d3fc5f46ec74879b1d43cf5e69529ae6c38434c1bb45ee9299b322f2fabcf9b4c1a8fcdaf2a61bf27c33b7ffa8fcd600d9c48e9dcdec4556c8db9a6a11523959f2a73f42e169033c7d697012c74a429ff7d84e43283ff4d2a1fbf48471c9dd722faea684bf9f8c3e14aa07df94ff4c8d9c7cdfb32316222fc135c7a9f94d94b7a37ff3050f2a615366aaadd23511b03510992eee383e9ae0815bf9849a26ff1cd19b1611fe76cfa0136683c866b3ad0413425d4f6b9950ad05113501a45de7494fe6f06c6eba3abda72b258de9744546299072107e2566740d88b6f0487fd026ceb630b402901eb22806d73486f388363ac154ca1dad2ba2c827e0da4347cb6fda4b130bd86734caac00349fcd760e096a37bc352ba02f302291b9c36230feeaa9b19a2550dd06767e57bfe55dff3dce160d393e80fe2283fc3520e1320a522252ca64360f3e3d7a80917df58a5b1a01babdbccfc51efb4505af4cd46cfc1879d5c59090f89390b158691e23476c9625fe4cc2f90bbe581d83bba0a13954956da09dd9c43c3a918109a75cdabcb92760901715d5fba1f17707c43da4b54522bd1fd000f7480cfdad5b8f8fcd9aa3563f1c91241fb22eec2e048244d3c00d8823ea6c880604628c7ba586a9a643c7869a15ea37660ebbae70756a269c026b67d1e0c8d09a7e6ef40f006d37876270cb67d1c99dc9feb597e1c687afc16924cb1d9ad82ab5b8bffa5cba0361f14fe09a0c2a42560e18bec5ecf26d1ca74c3a04faa16ea8f3e32149ad5c6b19d2bb5388472489832e3cff8cb2936e3e73a4c71fda393287021f23bd4b1df436da09635e82c8df8c14cc605d9863807fdf16cf82fe0e19f4a9444caa0888c4fdb626f7d2dc0e1a875bd6d7363a647b6c18d0411157ceeb17b5af27a0d4414bab599e1f557f323f3ba7b071916a6ca4117e2ce6131a17cf6a073f0ede7ee077d704fef7e52a956e1329373cef9fa94003f197682575edc325d3bf3e6d00d80c51d9d31c9b1490ca2fab1c26825da16d2092f3d88f2a1a18ff4680701f052b233c5bbdc2a0787b0fa708d9195f756b09e1d1ae519d9cf2e7eb8c30be55ab484a4006751628de6ff817865f195cff7dff15164f2729e9e31aaeb4c8537c7d0817faf61b81702e9b138f172949a54736035b52429b7a56fd554d85be4bb1a4b96a92b5672d0d4aab9e0ca4bf4ac68572fece8a11c4d328cddbeb547bf12b0998a8103d5514d8fd25ca5f2059638cdcaa42986fe725d27c8d984fd828dd4db4821460ba080e1f3765081998b3c1bbad09722cdd53f031b84996654ae5edfc11fbda999bc936e7cdd7d49f2f162a43e41e2d5c43f10771baf025ff0bccc7ee37f8b7635b5e3d9e13b2a0cc3182074bf0bc88ad9b2e688a4bb27a9e6be5adb79c04fe47dd5c1b491f413feefaf881f716d968d7f1a0e08fb0487bf6ff15c6b6ab04eac78c750490ba3e17079dbb2cec5a3d8d1e1013fd3a134ae7fe1bf8db84f28617a568edc5c14fd42a70ad7066c3e1d73ea3fd61736350f77bbdfd862d58a5b46d9acdd31df35c108b2f3c3b562d782c592c0bea324a9812c653c554a9978088d4e01e7abbd0fd6b13ea041341de1d66b54f5c776a1f7a5bdece32519300d937b41543b36f6d06f610c67cd7b59fe112b098058117e84879ec0a28cc710cc991405c3640b272fa97c5ab31ab33866f927bb9b06b5c24f5e7cc7dd37bc032dcb91bd3834bc3d37fd57771c5e2f2f252a364d0439c7f855d0eca666b5932db9d3c57d23baa83e7cc7aee124eed77082430167c64b36f2550eeab372df9d6f0d79eb06dc6f9861b152e6b952e3bf5565ffb18ec6ee4aa7a8e8d53fab6cc182db4568f66e13cbf11daed7a930a428b29266fa6ba99316cffdb68c371012d8f7bef15139a61c001fbde60ae849716d5a2b3afa63f492f60aae633fc176ffa910175b27c6fa1121300aa803a5ca2deb1a9058fadeb3f3594a5c40819d8a2678fcee62551ab5aede788aa8ddae5e78bf6ea36ec931667df3dc66a6c43a674b8896a594ba5660f328e5283d67680c97382f67fb86fca7e0b13db30d6831a2722c64d1f07b2b91ed534495ac036fcc737089cdd1f417bcaa92e306118254faaa330a78467141ed841aba6fa5518632a3d04dfe51f6925362bdc3c2152e028f83cd989040ed9b245abab3cfd257dda5d584dbb1f04eaf45ece6b410b4b1d7751f62a2d5f176e644a9c72ce3d3f49958cbe1808da4d042a8559c6fac4557bd678b80a273e24a77406a48a7c311b47be698324a65557ed154b424fb2344a679d9a5dcd80a7ae7722b44db02ad90d3b89d28ce6fb3f02d08c739e5c365b927e46458e53a42f2d2516d90506e479fe88c749192b71a624d95f0cde414870164bd87c04d4acaea47750e975c289d6f58b8fd1dae5f196b277b150317d16755a3a3be5731b138f54a87e3539ec014654b0973d7900d3b3d4470f2078e4aea5298e694e6a47d1d49134853f3a16253681de9217603311ca350f199fe039f420d66f412f9b39ce71256b9f75e8aed6d3e70e11c43bb3492b7fb88a1d91d0a124c9a351562d8b1a742ae87e4012a1eb2672bce35a54f87cd0c3e7a200ba21dfcd0795b4eecf89b545221f3fc519318375b267cab3ffc02e5744a11c3775d9db6aec5275b840840c3505b5a40ed15d54d0afef95d99fb42d7bb08ae6175ec84ea83cf7e255faaaab51ce69b1c932b02713c6258898d0b78a13d5d7be5835f4d24d3d6f89e4d8951a96b9bf3b2f1eca2fb91e9ad2ef41a7884c54e3c0705a20a8cdc31ceb7a72dc5bb4031218c3634227a6afa6dd0a971c10933d4fd7b3d9dfa019502d62febd37e709158fa1ed08019f3c801f75f535548ece77a79c646cf080917a28535aa0ca9c6d7fab0e4c2e42bdda976728b4b281b986d0efe9aa89c3efad570125348a88d240de28d75f51eb2b615bb67a985eca6839b5a6a3276e5313034bc267869afc7ce3f4d2bff3bc611c24d56abfe1f39f7ec4ae57556ba15562e655db60079d88c42d3106e6b7d2b2c700d8b6afcdf5fba301200a04727a12589ffe17418bf3cd1334ea14c5829a1cf57df1c284a06df374e855e8ff1b802d847c9facae3092f7e5becb59ee52d2a235fd84fbd91d197eea6273df0a8d6ec10e7a1"}, {0x48, 0x0, 0x0, "7980e3084f9a5f95cef78516e1b5e849f95b71fa99dba14f5fc6b6e4b4b4dc84418dcbabe499e9217667c2a3ede0be2749c703e5081b57"}, {0x70, 0x105, 0x7, "8911226f6c7861cfa0a3e40a2514ed520fb3fc934c80804c35cabcfd6011e2f5f2513869b1a345dee3e9e356e3ca697ed595043f09044ffc4f4e4d0309ef97e4ad5dd3d938994e1ede9c7c9acc6a1e30e72a02da081f294269a5b2bc"}, {0x1010, 0x117, 0x39, "467afabbad6a443e5cb24888873d790a43a0cdd59007fcde99e4a27246548db5cd171968470add72c8c258fb469ea0d13a6b1443a2348a6f795ae085d03a336e46a509df0b14f3a5fd781542cbe0d12400aa4199115a3f02827dddbeac3a1ae59a685d4e4da4e0fb1a99ef6d68f2d36adeba2da130cbfd9c84658c86746bd63dfad8ecd12f86f1115769c4ed19d0b870e2c0c4f1144c597cb2d93ab4a5e09a0504b47cd32522e48070648eb32dfb49a9308747d0a9c566450edf46e71e0db77bee1dde3b7e0793e5e07030ee326a47a51b0ecfbd62c77522639ca6151e32d106465ba3a395eff06a10aaf42cdce24f3bd35488a92560a365ce15a90f2eb8b2959cceb5cdce548e17419e85701fa25805b09ac3a248d27827cbd2a7673b3e523472ec25b97b14a25648cb5b87a3768949dc4680c92f15492a9ec7fd1e0c09ecf77c388a4e3a8f7e70e5cf15f5dbfe9f9125461fe16c4ee8031469f6416f3bee5c8ffc89a153416c3fa2caa47fe3363afc5ab328991f81f2824873c2913cbfd2f09228c10dd97e505b2b751d8f5fbc35d008dee21b4f8a72a7b03d96ef1078a8082e73915cdfbb74966c5ab027c48d82a6c957c049f8188e1cfaf1489603c75bde77270d5eb15fadaf3e69514080f9af06dab4d4c3f033e317276d3bdbd3cc54681c83d072aa42859c6b2ba08b1e3a8a568efe0741c2c8244df321cd639954441fdc773892cf394df57481113c5bae38feca668bb22edf37830a92d6ee21c2e837e99a7d1a86133bf6fc61d7e670408d4f84c03a29c36bab8704a69f34bf3dc4a72779c31b959a347a12c9cad7272c332e6021eb466f43d3834cb9b1bd78709ce50c1f01cd4cb08c44b55df27e7ee84632fd5cd11aa950200624453cebd371ec0714731b6fa3fdf4bb44a06e092fdd900c5ba76b644164eec9b60bfbeec9922b7b7611beed3042307020c68061d0e19ca8b2700da2b61fbdf71349185d61de731d0f26a60dedd913a9b6e95eb089d6323999a5c83d29affb3215cbf0c5ac5637aadfc6860349e2443a81eb5b54ab8b3d3629e174e4bf04bf3876a6df466cb83f8f0b0bd12c64a74895b282d5fa5fe3fe74a62347e258357f5cd4bb69304a1229271ca9a20ab9c1c517f43a81095968680345b958e0e1fb369e93a276f5194146d3aa2864d019b3d6bc32f8d37c170f7998fcb023e97c38ff038fbbd8f890d9c2cffd16efb99bfd5b1422d129d05fd0764d7fcfc14a9fc4d758175cc42dbcd11db91e23154d2f4ba768d17fcce0615cbac94e953d4b85ed28938341bf7a121bd40d45e6f5a5f3c0d4d399cb01d6ec682450c196f32a3c184645da1607f09dbf3e2ba53c1261e4235e60c1b8c8fc939bdbcdd037bfc68fe05b5c1c787b9b705bc6c4615ab2a2bb7a0a27a8325a4f82e1273f88c1e1d68ebc89f57818db6bcd54946baabb3d549f339a2b9226cda3d3ee5e08e7cb55ca44f3c44286fa19d8c1bac1769bb482f94205e5bec526fce929fa1904dcf06d923d9dd9ec84301654d6aed18587162b02236798a2ca332e952fa498d5d2b26a27983d01cadeff5b6cd05b2f550f3542f222c92e7484a1f834a7c8d88c3688c81d98d28165a7f9c04b9347085fe8fde9485edabbd4baee43346d4a20a279594cd8b8dad3ab0f71b48c1d2604e24211b0d2e5b9673a5c4d19e6a6454a352f302c64e8c644218c4a887947894e306fc3633fdbc95dfba2cd9586d8e4f13b887657bbb1042a83a5fea49c6e80a3ef41eca763c3849ba0fc8a82ab780168226ccdbff406aa44c032a32023e1ae5d9d5146af1119bf2da9bbf87aac4d69fd47dbb75ef4745c2aae75ab832e82460b6d2f8dd942a3589d7a2ce5aba3aff4f35b1b64f1aba83e38fa89b5eca84061a4f8ca62f3b77482d85bd8e085c2e013e5fb66fcfaea06e29f0e48aa799a4d6f33a3e0a4dfcecee1d2b34db3f9ba50cfd0d67957179a27a2260330eed14346d0f0f436d89282df5ee976a028021ab4fb4b4d1840decb4494794e7631e45d75b41dcbcadd2a658c8f9705a4e2edcb9b96bf019265fa2c0be5bcf7f53445a9c06815474b1eeac86243db66f2b61be849bdd7ceff310e0303b322745866fa5257f69d105e9dc48706596dfb0272de05f92849f1847e372c51eb171ee2bc0594c64c0fad086172b2b5db7dde8c337a0d8c06fe1f334471eb2a5f0507c0c2e8176b8b95a384ed184217d2bdeb673ea817ca5d14dca5ee546923ffb5b9f2a8811cff76b855b6ce07ad26b365e02ce4046e8968a02cb9ac388273fe775073b34c5217747e8fb6a3519a1ea10e3234154e4d88ac781a6f356e24c2922459ae668cbb7512456c8afb515aa00c60eb292cd8fb3d60d5cce5a46acf20b94a6ea6b67dd9c88580d36444430132dc364482a4c613010d89f07e3504c2a38e597504004fbd26cbebce36d5581df6395a4199ee68ec7299f54bd0143c839ae4a9835fb302ae2f521dbfcce97a6cdebf87dc639c9b689c78981669aa767d61da057c6cb7fefb2cfd0b8c0335501de6b925736bfba3acda11823ede35c65b79f9fc0a2915adc196db366ee297834cb4885ba7d45648c1fb5cc61d1adba8ca46415662ea0bda16976e4d55c84c5217edbe9fb2447453f91d6798252275c30e576b7498844d08e61ce705f17368be5141a1a83249ed5f99bc14bb5a461497c5f7485083deb844d093931aa7a84878127d5f0c513f5a0a3baf686d60d07ca6fa98d806eaa115d4185ce1589f2ed95bdf51f814234e2c785decad81e7cf5e2f4ae3d2eb7eeefc3e148335b169945d03d3a47642a628febb9f8cf6a164264e707fbf1c3d8a2f6b31afbd628e2c2462961be1835a49ab62cdb6aa7b9f36ffaab4be00570efe0d47fa101db94463f49410030cf8dfa95f59829a91ebfe9df2fe625c03a3b11ba8b1a56315f058cd5dc8fd289f555feec145fdf77e6da936a0f19a8700d6fcb40ecfa8a0b7986d25bbde62af23b43d59d4c811d33fe160d1d30078a30305dc816e4a091a462d15a186952878e9d54900ccfe5a94ed1b063936e454e8b046a868f53105cb2551b73f475e57af98b434b7c186cf0e2ea770bf96fcb19b123219fff9c07609b268be232fd82acdadfeb933cea6845e80fd0e124c675bcfddc84887d79a7e8fd16b3c378a21f94eebf10420933c49c7c0fb50209f0381c666c8cff10db4b930b1d2622b5f77a8108c200866b608676f0f922e73d08f32b7d52cf10100283b963c2b4e037b43abe79b369c90a3d35bfc1ea6a9c298f956b392666ee4aaaf17a9657dba35724a1b58965de44a0a119e18fc0b3c29e19a4b970c48d8bfa2c3f32d499c2c75201a5d784787b36050a938441850afd7d0325bc4892931aa10d3c43dd14a6e6307241e5f5c2978487d11f7e42bc86bf3d64cf1a171e5df731579bff06f248ae8d0b93108700cee7dbf3ef30128ec6fd21bf0299ef1ee171ec39b9d677d7bfd380ce9139f5ab1e45e744cba94714a8de198f2e6813821963d80d68ca14586ef817b0ab89d7085fb927537343ba48dc5834c21e6f1963b75e2d8d80cdd5bdba3f8691815fe2573190f4b18f069981f3333a8067241e9930aa97c8b20c35068325d4c2c6e83afe94f402d78862743bd121d62aa8d8fb987b58a8ce2e7de31d0103e1f9ccdfa29d40d96e2654fa4a006e2e083e2cadb75d3e814b63cc05b7b8b38608b78b62c1b669284216f799ea8e9d22c20d5d95dd05586c0a74bba55fe5cb4a46be13568bd69d39104926d5629cfe86061698021020e4421f923750dd48496c9bbd37590f7d1d4a0b813703e5e195a2ad96a4131df6dc0fc4d67deab9a95112ab07e9f4d522e47ebe7d46fdd48dd4dd039858c17a4363352a87e6701c186ec1476c06bcf578222623bdb6b79bc4bbf2566cff369e419eef0c47b025a8c5ccc0de2a3d17fa5cbf33669a8e73b84cb9a39f51bb427313e7313cfc221a2d15742620cd2d4203fa3c7d94f00eaa1c05f7a7fc5a8fb4c4cf87127dbab08579380f49c3e5cf87981bda749c6d6a9a8da82f0af41a16233c3f9c51a4b9c950176033242582cf357fc7e3a9f1c1dabd0eeaafe09efbd2f8b590d6792ad5c05b5c9f6ed4d6fcbbc75946ce629940247d8fca81e4c9ec294c8ce2b4d7d401c3cd2d3e3055bab7dc2177fe7584f32973b721811ad7764076b81d9cf907664ac40b9da8b8e7b4537e288b992cd11a686acf7fc4a6de25c0c42297683d858beab124028b64055f557e4e9401d7eb064a06392c92d79c2606762ddb437f638dbfbccdb9d46348fdf97d86476d297ad2eb77d2b46fb2ee8fd0b41c26ebceab6d2070f64b78204a62209ba0ed9159ce7608a5792ed5f38db55f2540d41d5e148b0dca12f28afe1f5897e456bd1488ae75e10e7ade5580340be254d8fb5f6a08021d3b304837d7a5ac8579f88a6dd0811323c052e20a937db48cb6dddea0728b62a3de1fc3821074b355e41de74a84d950b33844972dc144ff8fd5b75fc4af6730b7ce179a90ce63ee96bbdbe9cdbc230e290c0ddd9b6c4883e765938ea67fc0f8bf2f3b6fd517139ef1a3386e86b54b1e6dd4ae8a2acb8af501e95b2dd3f53755c60dcaa54b0eed8c3927400924a14ddeb2c013b101017a2be7578e6f8853e78d4d9ad38175ff73596d6f859ae88d7ae4b4b392af4f8710efa20c9b7d236cfe4150d6317c15826df669d5894f1b5a8d18a41e5574104523d2baf205f440c684566c78b1818d973ae9cc0c2ab8f64371c231b565e7be8d547c47de82985c0394e62616a7409b166e5e490a5f35aa82d0a28080f38d01eb76f757c7fd0c61af1d8d354ded785630c43ad1debac80b2e078b614dfa25bb2a0ccf330aa8ed6e6cf2941138b17c9677952acf076dc33a393bd49b425bbfb9abc28df4c9e80b762f60ecc789137e00cf81db432cd55b62506182c36c3e260fc5a61f61ea58c9350fd010eec9214de8ff9287a0c932a1ec468e777a439d85373fd8c9b575a422be0c755f927ffd51f156cc220808df8ce50d4700f0f4bc649c4d75b3c0158d1293eff3b5a8b0513b58374b645dda9824a9f48756bc1055f612e3a82eba9c7ce17c90e677d9d810d0e825947941099607cc3bdcce6c95a5546929cd416fe9d76e2859c1318eff6f4a5b078b4df9de25efc1c6d6806e08cb06f389a64f0255213b0455e0011376cc6bad4c5da78308a59e6630251632ae7cc36bd3e6136022a2d8261fa9055584408523ca82a4b399c7bd661cd2e3928c07070cda83778fa802bd3d423b590fcb9a93976f4847f7fd4455ec073294ad2a6b1e117e741e8220fb85cdfdb31560e32fb0368478fbf38fd1a35e1e50835923505f0f2dff125d6828f7415377363581ee2e439b1e6f75816f61eee10aae5b904d98be49daa3879b9775fca605f6303c64918bbfec6757087413c7df0e519a573a8bf6d32c4d5da8f87c19d14a5d6476c590f5007fe145fa95a182ca7f9947fd9921e252518bd0df791e5bb3b92a6940171b53ec732aa0e584cffba34e75f511aeaed16be72d5a855b494cb01837569f74d099617000249b943c95817e942f68faecb0c11f18a998fcf664ea96819ee43ffa6a96cda22f8aeba91ba7e1eababb6c0f027846da83363223c0fb0308fa49cca22d7b38cc81deddbd300df4bbd9f3489c7f0e66901ff509b604f99467d29a92b15ed5b955ed3cf906a3c57924636b08eaea4353bc06ac7d401050a271cc0aaff6c69458ce29bb2b63308d280288814197ca062913296d9cd5914fcdd2276f1e5e5830152"}, {0xf8, 0x114, 0x1000, "2745721cf5e51bfc1a913a7ffed1acb95237b996add16905ae4b2a848c49101fbfcc0cdda2566fa1d53ae082a0209355f8a78ae845994a05c5e2b92b4ba1f25a4b368c99033302df828bfef68f726465d06e61cd044f7e2b9f54dd416c457ac9597b431802a9c918d10dd7c09487c4049d302554a60124f90c93231b903273448a92427d83d9c06e913f2dcd960da2a05b7068db630a8a915f3eaa77b6101c540c02bc3ba3b21a309d203201f0832a66ee5e8dcb5f9a8c5836ff62a0fc7165f5dfe9534f9197880051f165cdadea8b3e02ca56cf80755de69d35ce34444fdc311bcd14a1be"}, {0x50, 0x13f, 0x3, "46afc828d2fccdc4e974ecbe2b4f7897399bc822e98f8d02dc2de23632fb7742b49107b1aa4517abbb8354f979c3829de8e567f204f97df3d5fa6c65bf"}], 0x2398, 0x10}, 0x20000004) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000840), 0x0, &(0x7f0000000700)}, 0x0) getsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r1, 0x84, 0x9, &(0x7f0000000080)={0x0, @in={{0x2, 0x4e21, @broadcast}}, 0x4, 0x5, 0x40, 0x1, 0x8}, &(0x7f0000004040)=0x98) fcntl$notify(0xffffffffffffff9c, 0x402, 0x20) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r1, 0x84, 0x76, &(0x7f0000000200)={r2, 0x200}, &(0x7f0000000240)=0x8) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$DRM_IOCTL_SET_UNIQUE(r1, 0x40106410, &(0x7f0000000340)={0xa0, &(0x7f0000000280)="73e29ae9d441cafb536889a94e5db518b0248ebd5ddd6786e0e3128a95ba3e5b069726ec43194588adc9e06ae01d3494f80e050f41342546d968a705b93626eb536579ce6cbb779dedde18de2bd69b0b7fd4582c2237774b5eb45e08b0468a888bef41e4233250fead564f43224b80d8ed17962e25fa31041e31a297e0eb88da58d03ad14fc4363be9f5e8487ff2d9b9e9954d835370cba4f99a2a587233f32a"}) ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x4030582a, &(0x7f0000000000)) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r0, 0xc0a85320, &(0x7f0000003f40)={{0x0, 0x1000}, 'port0\x00', 0x8, 0x10000, 0x1, 0x8, 0xfff, 0xa7d, 0x7, 0x0, 0x1, 0x1}) 00:54:54 executing program 5: add_key$user(&(0x7f0000000040)='user\x00', 0x0, &(0x7f0000000380), 0x0, 0xfffffffffffffffe) keyctl$update(0x2, 0x0, 0x0, 0x0) r0 = syz_open_dev$swradio(&(0x7f00000000c0)='/dev/swradio#\x00', 0xffffffffffffffff, 0x2) mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xfffffffffffffffd, 0x11, r0, 0x0) ioctl$ASHMEM_GET_SIZE(0xffffffffffffffff, 0x7704, 0x0) recvmsg(r0, &(0x7f0000000080)={&(0x7f0000000100)=@llc={0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, @local}, 0x80, &(0x7f0000000380)=[{&(0x7f0000000000)=""/50, 0x32}, {&(0x7f0000000180)=""/125, 0x7d}, {&(0x7f0000000200)=""/71, 0x47}, {&(0x7f0000000280)=""/105, 0x69}, {&(0x7f0000000300)=""/110, 0x6e}], 0x5, &(0x7f0000000400)=""/247, 0xf7, 0x2}, 0x40) 00:54:54 executing program 4: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000280)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000480)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) read$FUSE(r0, &(0x7f0000003000), 0x4ea) write$FUSE_INIT(r0, &(0x7f0000000600)={0x50, 0x0, 0x2, {0x7, 0x1c, 0xc000000, 0x0, 0x7ff}}, 0x50) 00:54:54 executing program 1: r0 = add_key$user(0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe) keyctl$update(0x2, r0, &(0x7f0000000440), 0x0) r1 = syz_open_dev$swradio(&(0x7f0000000000)='/dev/swradio#\x00', 0xffffffffffffffff, 0x2) r2 = accept4$llc(r1, &(0x7f0000000040)={0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, @remote}, &(0x7f0000000080)=0x10, 0x80800) mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x1000000, 0x24010, r2, 0x0) 00:54:54 executing program 5: r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000100)='/dev/hwrng\x00', 0x40000, 0x0) setsockopt$bt_BT_VOICE(r0, 0x112, 0xb, &(0x7f0000000080)=0x8, 0x2) add_key$user(&(0x7f0000000040)='user\x00', 0x0, &(0x7f0000000380), 0x0, 0xfffffffffffffffe) socket$nl_netfilter(0x10, 0x3, 0xc) getsockopt$inet_sctp6_SCTP_PR_SUPPORTED(r0, 0x84, 0x71, &(0x7f0000000000)={0x0}, &(0x7f0000000140)=0x8) setsockopt$inet_sctp6_SCTP_DEFAULT_SNDINFO(r0, 0x84, 0x22, &(0x7f0000000180)={0xf1, 0xa, 0x60000, 0x9, r1}, 0x10) keyctl$update(0x2, 0x0, 0x0, 0x0) r2 = syz_open_dev$swradio(&(0x7f0000000240)='/dev/swradio#\x00', 0x1, 0x2) openat$cgroup_ro(r0, &(0x7f00000000c0)='memory.events\x00', 0x0, 0x0) mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xfffffffffffffffd, 0x11, r2, 0x0) ioctl$ASHMEM_GET_SIZE(0xffffffffffffffff, 0x7704, 0x0) [ 759.427340] syz-executor0 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=1000 00:54:54 executing program 4: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000280)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000480)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) read$FUSE(r0, &(0x7f0000003000), 0x4ea) write$FUSE_INIT(r0, &(0x7f0000000600)={0x50, 0x0, 0x2, {0x7, 0x1c, 0xffffffffa0008000, 0x0, 0x7ff}}, 0x50) [ 759.514317] syz-executor0 cpuset=syz0 mems_allowed=0 [ 759.546732] CPU: 1 PID: 21122 Comm: syz-executor0 Not tainted 4.20.0-rc1-next-20181109+ #110 [ 759.555372] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 759.564727] Call Trace: [ 759.567330] dump_stack+0x244/0x39d [ 759.570971] ? dump_stack_print_info.cold.1+0x20/0x20 [ 759.571000] dump_header+0x27b/0xf72 [ 759.571024] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 759.579907] ? pagefault_out_of_memory+0x197/0x197 [ 759.590348] ? debug_smp_processor_id+0x1c/0x20 00:54:54 executing program 3: r0 = syz_open_dev$mice(0x0, 0x0, 0x0) r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000400)="2f6a7374617400c65381b47aaedf2af5c8af3423fc41891bd2a3c56d8c88e29bad43f1da906e855ff182de04227edcbbc2b1df8f180e158e8abd442cc049cffda030ff277875ee010000000000000000000000000000000000000000000000f532144d1671a6cdf5069e5bddcf25cd7f23956b4a82df900f5eb5763b4fe8cc7172962d2590b2dca2a1308c382541b053194d9027d83ee7ba2e3280857f8f9f63fc90bae959c6e67078bf97e615bfd9409914958aadcfb37973543c60d83526e5c267f7dfa54bd524cc9671dedd665199322bdadee125a35b40b7be0c07301f439a7edfa26fa98277c8078b02e2076291c33787c58b0eabbc39288fc10509409de108f5ca26a8c8e1afb70b2a9569cf8f4cdb6d4e97eb7fdf241dee160e6071618333cc0b0e8bc6a17a0b7d604550fd149ad078ffe54c6392fba29015a3ae73774cd12c9c0ed251a7cf843d712d", 0x2761, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)=ANY=[], &(0x7f00000001c0)='GPL\x00'}, 0x48) r2 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x2761, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x4030582a, &(0x7f0000000000)) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000840), 0x0, &(0x7f0000000700)}, 0x0) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r3 = getpgrp(0xffffffffffffffff) sched_getattr(r3, &(0x7f00000000c0), 0x30, 0x0) ioctl$VIDIOC_S_CROP(r0, 0x4014563c, &(0x7f0000000080)={0x2, {0x6, 0xf5, 0x1, 0x1f}}) ioctl$PERF_EVENT_IOC_PERIOD(r1, 0x4030582a, &(0x7f0000000000)) [ 759.595029] ? perf_trace_lock_acquire+0x15b/0x800 [ 759.599984] ? perf_trace_lock+0x7a0/0x7a0 [ 759.604234] ? graph_lock+0x270/0x270 [ 759.608046] ? print_usage_bug+0xc0/0xc0 [ 759.612124] ? perf_trace_lock+0x7a0/0x7a0 [ 759.616381] ? find_held_lock+0x36/0x1c0 [ 759.620467] ? mark_held_locks+0xc7/0x130 [ 759.624639] ? _raw_spin_unlock_irqrestore+0x82/0xd0 [ 759.629751] ? _raw_spin_unlock_irqrestore+0x82/0xd0 [ 759.634871] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 759.639468] ? trace_hardirqs_on+0xbd/0x310 [ 759.643787] ? kasan_check_read+0x11/0x20 [ 759.643803] ? ___ratelimit+0x3b4/0x672 [ 759.651905] ? trace_hardirqs_off_caller+0x300/0x300 [ 759.651923] ? trace_hardirqs_on+0x310/0x310 [ 759.651940] ? lock_downgrade+0x900/0x900 [ 759.651962] ? _raw_spin_unlock_irqrestore+0x6d/0xd0 [ 759.651978] ? ___ratelimit+0x3b9/0x672 [ 759.674657] ? idr_get_free+0xf70/0xf70 [ 759.678644] ? _raw_spin_unlock_irq+0x27/0x80 [ 759.683148] ? _raw_spin_unlock_irq+0x27/0x80 [ 759.687662] oom_kill_process.cold.27+0x10/0x903 [ 759.692429] ? _raw_spin_unlock_irq+0x27/0x80 [ 759.696934] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 759.701542] ? oom_evaluate_task+0x540/0x540 [ 759.705963] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 759.711518] ? cgroup_procs_next+0x70/0x70 [ 759.715770] ? _raw_spin_unlock_irq+0x60/0x80 [ 759.720275] ? oom_badness+0xaa0/0xaa0 [ 759.724187] ? mem_cgroup_scan_tasks+0x1c3/0x1e0 [ 759.728960] ? mem_cgroup_iter_break+0x30/0x30 [ 759.733586] ? mark_held_locks+0xc7/0x130 [ 759.737755] out_of_memory+0xa7f/0x1430 [ 759.741740] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 759.746347] ? kasan_check_read+0x11/0x20 [ 759.750507] ? oom_killer_disable+0x3a0/0x3a0 [ 759.755034] mem_cgroup_out_of_memory+0x15e/0x210 [ 759.759898] ? memory_oom_group_write+0x160/0x160 [ 759.764751] ? mem_cgroup_try_charge+0x627/0xe20 [ 759.769525] ? page_counter_try_charge+0x1c1/0x220 [ 759.774472] try_charge+0xdcd/0x1720 [ 759.778291] ? kasan_check_read+0x11/0x20 [ 759.782459] ? mem_cgroup_from_task+0x1f0/0x1f0 [ 759.787148] ? get_mem_cgroup_from_mm.part.62+0x221/0x880 [ 759.792695] ? lock_page_memcg+0x350/0x350 [ 759.796945] ? lock_acquire+0x1ed/0x520 [ 759.800926] ? mem_cgroup_oom_control_write+0x100/0x100 [ 759.806298] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 759.811847] ? check_preemption_disabled+0x48/0x280 [ 759.816878] ? kasan_check_read+0x11/0x20 [ 759.821035] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 759.826327] ? rcu_softirq_qs+0x20/0x20 [ 759.830330] mem_cgroup_try_charge+0x627/0xe20 [ 759.834936] ? undo_dev_pagemap+0x680/0x680 [ 759.839279] ? mem_cgroup_protected+0xa60/0xa60 [ 759.843973] ? __lock_acquire+0x62f/0x4c20 [ 759.848589] ? __handle_mm_fault+0x2da9/0x5be0 [ 759.853309] ? mark_held_locks+0x130/0x130 [ 759.857551] ? do_raw_spin_unlock+0xa7/0x330 [ 759.862453] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 759.862479] mem_cgroup_try_charge_delay+0x1d/0xa0 [ 759.862499] __handle_mm_fault+0x284e/0x5be0 [ 759.862523] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 759.882210] ? perf_trace_lock+0x7a0/0x7a0 [ 759.886460] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 759.892016] ? pmd_huge+0xf4/0x140 [ 759.895598] ? graph_lock+0x270/0x270 [ 759.899403] ? graph_lock+0x270/0x270 [ 759.903195] ? find_held_lock+0x36/0x1c0 [ 759.907308] ? handle_mm_fault+0x42a/0xc70 [ 759.911534] ? lock_downgrade+0x900/0x900 [ 759.915667] ? check_preemption_disabled+0x48/0x280 [ 759.920672] ? kasan_check_read+0x11/0x20 [ 759.924808] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 759.930075] ? rcu_read_unlock_special+0x370/0x370 [ 759.934994] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 759.940518] ? check_preemption_disabled+0x48/0x280 [ 759.945526] handle_mm_fault+0x54f/0xc70 [ 759.949578] ? __handle_mm_fault+0x5be0/0x5be0 [ 759.954147] ? find_vma+0x34/0x190 [ 759.957675] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 759.962680] __get_user_pages+0xa3d/0x1ed0 [ 759.966907] ? follow_page_mask+0x2160/0x2160 [ 759.971390] ? debug_smp_processor_id+0x1c/0x20 [ 759.976051] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 759.981603] ? graph_lock+0x270/0x270 [ 759.985398] ? rcu_is_watching+0x30/0x30 [ 759.989456] ? graph_lock+0x270/0x270 [ 759.993239] ? kzfree+0x28/0x30 [ 759.996507] ? lock_acquire+0x1ed/0x520 [ 760.000463] ? __mm_populate+0x31a/0x4d0 [ 760.004511] ? lock_release+0xa10/0xa10 [ 760.008468] ? perf_trace_sched_process_exec+0x860/0x860 [ 760.013910] populate_vma_page_range+0x2db/0x3d0 [ 760.018656] ? follow_page+0x420/0x420 [ 760.022534] ? find_vma+0x34/0x190 [ 760.026062] __mm_populate+0x286/0x4d0 [ 760.029950] ? populate_vma_page_range+0x3d0/0x3d0 [ 760.034866] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 760.040387] ? ns_capable_common+0x13f/0x170 [ 760.044787] __x64_sys_mlockall+0x45b/0x630 [ 760.049096] ? __ia32_sys_munlock+0x160/0x160 [ 760.053575] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 760.059103] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 760.064454] ? trace_hardirqs_off_caller+0x300/0x300 [ 760.069552] do_syscall_64+0x1b9/0x820 [ 760.073423] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 760.078775] ? syscall_return_slowpath+0x5e0/0x5e0 [ 760.083691] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 760.088525] ? trace_hardirqs_on_caller+0x310/0x310 [ 760.093528] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 760.098529] ? prepare_exit_to_usermode+0x291/0x3b0 [ 760.103533] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 760.108365] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 760.113541] RIP: 0033:0x457569 [ 760.116721] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 760.135607] RSP: 002b:00007f835d8a6c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097 [ 760.143300] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 0000000000457569 [ 760.150552] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001 [ 760.157808] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 760.165061] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f835d8a76d4 [ 760.172341] R13: 00000000004c2b54 R14: 00000000004d4810 R15: 00000000ffffffff [ 760.196956] Task in /syz0 killed as a result of limit of /syz0 [ 760.211662] memory: usage 307200kB, limit 307200kB, failcnt 2291 [ 760.224976] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 760.234564] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 760.241186] Memory cgroup stats for /syz0: cache:144KB rss:297584KB rss_huge:266240KB shmem:28KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:70620KB active_anon:21188KB inactive_file:0KB active_file:0KB unevictable:205884KB [ 760.263634] Memory cgroup out of memory: Kill process 19884 (syz-executor0) score 1156 or sacrifice child [ 760.274104] Killed process 19884 (syz-executor0) total-vm:70732kB, anon-rss:18452kB, file-rss:32768kB, shmem-rss:0kB [ 760.295383] oom_reaper: reaped process 19884 (syz-executor0), now anon-rss:0kB, file-rss:32768kB, shmem-rss:0kB [ 760.822200] syz-executor0 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=1000 [ 760.833467] syz-executor0 cpuset=syz0 mems_allowed=0 [ 760.838622] CPU: 0 PID: 21157 Comm: syz-executor0 Not tainted 4.20.0-rc1-next-20181109+ #110 [ 760.847177] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 760.856511] Call Trace: [ 760.859089] dump_stack+0x244/0x39d [ 760.862704] ? dump_stack_print_info.cold.1+0x20/0x20 [ 760.867882] ? mark_held_locks+0x130/0x130 [ 760.872099] ? mark_held_locks+0x130/0x130 [ 760.876348] dump_header+0x27b/0xf72 [ 760.880055] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 760.885595] ? pagefault_out_of_memory+0x197/0x197 [ 760.890509] ? print_usage_bug+0xc0/0xc0 [ 760.894555] ? debug_smp_processor_id+0x1c/0x20 [ 760.899204] ? perf_trace_lock_acquire+0x15b/0x800 [ 760.904134] ? perf_trace_lock+0x7a0/0x7a0 [ 760.908371] ? mark_held_locks+0xc7/0x130 [ 760.912502] ? print_usage_bug+0xc0/0xc0 [ 760.916550] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 760.921393] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 760.925972] ? retint_kernel+0x2d/0x2d [ 760.929843] ? trace_hardirqs_on_caller+0xc0/0x310 [ 760.934754] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 760.939504] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 760.944953] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 760.949711] ? retint_kernel+0x2d/0x2d [ 760.953595] ? _raw_spin_unlock_irqrestore+0xaf/0xd0 [ 760.958684] ? _raw_spin_unlock_irqrestore+0x6d/0xd0 [ 760.963780] ? ___ratelimit+0x3b9/0x672 [ 760.967743] ? idr_get_free+0xf70/0xf70 [ 760.971703] ? retint_kernel+0x2d/0x2d [ 760.975577] ? trace_hardirqs_on_caller+0xc0/0x310 [ 760.980496] oom_kill_process.cold.27+0x10/0x903 [ 760.985243] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 760.989993] ? oom_evaluate_task+0x540/0x540 [ 760.994387] ? oom_badness+0xaa0/0xaa0 [ 760.998267] ? mem_cgroup_scan_tasks+0x152/0x1e0 [ 761.003009] ? mem_cgroup_scan_tasks+0x1c3/0x1e0 [ 761.007745] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 761.012492] ? mem_cgroup_iter_break+0x30/0x30 [ 761.017065] ? oom_badness+0xaa0/0xaa0 [ 761.020938] out_of_memory+0xa7f/0x1430 [ 761.024901] ? retint_kernel+0x2d/0x2d [ 761.028782] ? oom_killer_disable+0x3a0/0x3a0 [ 761.033279] ? _raw_spin_unlock_irqrestore+0xaf/0xd0 [ 761.038368] mem_cgroup_out_of_memory+0x15e/0x210 [ 761.043194] ? memory_oom_group_write+0x160/0x160 [ 761.048021] ? mem_cgroup_try_charge+0x627/0xe20 [ 761.052764] ? page_counter_try_charge+0x1c1/0x220 [ 761.057679] try_charge+0xdcd/0x1720 [ 761.061380] ? kasan_check_read+0x11/0x20 [ 761.065516] ? mem_cgroup_from_task+0x1f0/0x1f0 [ 761.070173] ? get_mem_cgroup_from_mm.part.62+0x221/0x880 [ 761.075695] ? lock_page_memcg+0x350/0x350 [ 761.079920] ? lock_acquire+0x1ed/0x520 [ 761.083898] ? mem_cgroup_oom_control_write+0x100/0x100 [ 761.089254] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 761.094770] ? check_preemption_disabled+0x48/0x280 [ 761.099769] ? kasan_check_read+0x11/0x20 [ 761.103897] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 761.109155] ? rcu_softirq_qs+0x20/0x20 [ 761.113125] mem_cgroup_try_charge+0x627/0xe20 [ 761.117693] ? mark_held_locks+0xc7/0x130 [ 761.121827] ? mem_cgroup_protected+0xa60/0xa60 [ 761.126487] ? retint_kernel+0x2d/0x2d [ 761.130358] ? trace_hardirqs_on_caller+0xc0/0x310 [ 761.135271] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 761.140011] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 761.145453] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 761.150192] ? retint_kernel+0x2d/0x2d [ 761.154068] mem_cgroup_try_charge_delay+0x1d/0xa0 [ 761.158982] wp_page_copy+0x51d/0x24f0 [ 761.162875] ? follow_pfn+0x2e0/0x2e0 [ 761.166660] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 761.172177] ? reuse_swap_page+0x4bd/0x1520 [ 761.176492] ? swp_swapcount+0x530/0x530 [ 761.180545] ? perf_trace_mm_lru_insertion+0x1490/0x1490 [ 761.185979] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 761.191414] ? print_usage_bug+0xc0/0xc0 [ 761.195454] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 761.200194] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 761.205022] ? retint_kernel+0x2d/0x2d [ 761.208892] ? graph_lock+0x270/0x270 [ 761.212675] ? __lock_acquire+0x62f/0x4c20 [ 761.216897] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 761.221669] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 761.226246] ? find_held_lock+0x36/0x1c0 [ 761.230297] ? do_wp_page+0x518/0x2920 [ 761.234168] ? lock_downgrade+0x900/0x900 [ 761.238320] ? wake_up_page_bit+0x6f0/0x6f0 [ 761.242664] ? kasan_check_read+0x11/0x20 [ 761.246815] ? do_raw_spin_unlock+0xa7/0x330 [ 761.251207] ? do_raw_spin_trylock+0x270/0x270 [ 761.255770] ? __pte_alloc_kernel+0x220/0x220 [ 761.260257] ? perf_trace_lock_acquire+0x15b/0x800 [ 761.265278] do_wp_page+0x520/0x2920 [ 761.268978] ? check_preemption_disabled+0x48/0x280 [ 761.273988] ? finish_mkwrite_fault+0x650/0x650 [ 761.278638] ? print_usage_bug+0xc0/0xc0 [ 761.282700] ? perf_trace_lock+0x7a0/0x7a0 [ 761.286921] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 761.292451] ? __lock_acquire+0x62f/0x4c20 [ 761.296684] ? mark_held_locks+0xc7/0x130 [ 761.300919] ? mark_held_locks+0x130/0x130 [ 761.305233] ? follow_page_pte+0xdd7/0x1ab0 [ 761.309540] ? lock_downgrade+0x900/0x900 [ 761.313678] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 761.319200] ? check_preemption_disabled+0x48/0x280 [ 761.324216] ? debug_smp_processor_id+0x1c/0x20 [ 761.328876] ? perf_trace_lock_acquire+0x15b/0x800 [ 761.333791] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 761.339312] ? follow_page_pte+0x4f9/0x1ab0 [ 761.343615] ? print_usage_bug+0xc0/0xc0 [ 761.347661] ? undo_dev_pagemap+0x680/0x680 [ 761.351974] ? retint_kernel+0x2d/0x2d [ 761.355849] ? __lock_acquire+0x62f/0x4c20 [ 761.360070] ? lock_acquire+0x1ed/0x520 [ 761.364027] ? __handle_mm_fault+0x1fa9/0x5be0 [ 761.368597] ? kasan_check_write+0x14/0x20 [ 761.372820] ? do_raw_spin_lock+0x14f/0x350 [ 761.377134] ? retint_kernel+0x2d/0x2d [ 761.381006] ? rwlock_bug.part.2+0x90/0x90 [ 761.385234] __handle_mm_fault+0x3be9/0x5be0 [ 761.389632] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 761.394466] ? perf_trace_lock+0x7a0/0x7a0 [ 761.398698] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 761.404215] ? pmd_huge+0xf4/0x140 [ 761.407745] ? graph_lock+0x270/0x270 [ 761.411526] ? graph_lock+0x270/0x270 [ 761.415315] ? find_held_lock+0x36/0x1c0 [ 761.419366] ? handle_mm_fault+0x42a/0xc70 [ 761.423585] ? lock_downgrade+0x900/0x900 [ 761.427717] ? check_preemption_disabled+0x48/0x280 [ 761.432737] ? kasan_check_read+0x11/0x20 [ 761.436967] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 761.442234] ? rcu_read_unlock_special+0x370/0x370 [ 761.447146] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 761.452665] ? check_preemption_disabled+0x48/0x280 [ 761.457667] handle_mm_fault+0x54f/0xc70 [ 761.461712] ? __handle_mm_fault+0x5be0/0x5be0 [ 761.466276] ? __get_user_pages+0x180a/0x1ed0 [ 761.470773] __get_user_pages+0xa3d/0x1ed0 [ 761.475009] ? follow_page_mask+0x2160/0x2160 [ 761.479489] ? mark_held_locks+0xc7/0x130 [ 761.483621] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 761.488373] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 761.492949] ? retint_kernel+0x2d/0x2d [ 761.496821] ? trace_hardirqs_on_caller+0xc0/0x310 [ 761.501732] ? mark_held_locks+0xc7/0x130 [ 761.505861] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 761.510599] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 761.516029] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 761.520770] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 761.525339] ? retint_kernel+0x2d/0x2d [ 761.529214] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 761.533958] ? retint_kernel+0x2d/0x2d [ 761.537845] ? __get_user_pages+0x744/0x1ed0 [ 761.542250] populate_vma_page_range+0x2db/0x3d0 [ 761.546994] ? follow_page+0x420/0x420 [ 761.550869] ? find_vma+0x34/0x190 [ 761.554417] __mm_populate+0x286/0x4d0 [ 761.558292] ? populate_vma_page_range+0x3d0/0x3d0 [ 761.563207] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 761.568727] ? ns_capable_common+0x13f/0x170 [ 761.573123] __x64_sys_mlockall+0x45b/0x630 [ 761.577426] ? __ia32_sys_munlock+0x160/0x160 [ 761.581903] ? retint_kernel+0x2d/0x2d [ 761.585792] do_syscall_64+0x1b9/0x820 [ 761.589672] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 761.595082] ? syscall_return_slowpath+0x5e0/0x5e0 [ 761.600011] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 761.604843] ? trace_hardirqs_on_caller+0x310/0x310 [ 761.609842] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 761.614843] ? prepare_exit_to_usermode+0x291/0x3b0 [ 761.619848] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 761.624680] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 761.629852] RIP: 0033:0x457569 [ 761.633028] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 761.651925] RSP: 002b:00007f835d885c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097 [ 761.659622] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 0000000000457569 [ 761.666884] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 761.674142] RBP: 000000000072bfa0 R08: 0000000000000000 R09: 0000000000000000 [ 761.681399] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f835d8866d4 [ 761.688651] R13: 00000000004c2b54 R14: 00000000004d4810 R15: 00000000ffffffff [ 761.698628] Task in /syz0 killed as a result of limit of /syz0 [ 761.706879] memory: usage 307200kB, limit 307200kB, failcnt 2333 [ 761.713225] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 761.720072] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 761.726326] Memory cgroup stats for /syz0: cache:144KB rss:297428KB rss_huge:262144KB shmem:28KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:65808KB active_anon:17092KB inactive_file:0KB active_file:0KB unevictable:214744KB [ 761.748413] Memory cgroup out of memory: Kill process 21121 (syz-executor0) score 1216 or sacrifice child [ 761.758749] Killed process 21158 (syz-executor0) total-vm:70468kB, anon-rss:18068kB, file-rss:32768kB, shmem-rss:0kB [ 761.775957] oom_reaper: reaped process 21158 (syz-executor0), now anon-rss:0kB, file-rss:32768kB, shmem-rss:0kB [ 762.630746] syz-executor0 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=1000 [ 762.642286] syz-executor0 cpuset=syz0 mems_allowed=0 [ 762.647537] CPU: 0 PID: 21161 Comm: syz-executor0 Not tainted 4.20.0-rc1-next-20181109+ #110 [ 762.656109] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 762.665455] Call Trace: [ 762.668028] dump_stack+0x244/0x39d [ 762.671641] ? dump_stack_print_info.cold.1+0x20/0x20 [ 762.676825] ? mark_held_locks+0x130/0x130 [ 762.681148] ? mark_held_locks+0x130/0x130 [ 762.685382] dump_header+0x27b/0xf72 [ 762.689085] ? print_usage_bug+0xc0/0xc0 [ 762.693131] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 762.698762] ? pagefault_out_of_memory+0x197/0x197 [ 762.703711] ? print_usage_bug+0xc0/0xc0 [ 762.707759] ? debug_smp_processor_id+0x1c/0x20 [ 762.712413] ? perf_trace_lock_acquire+0x15b/0x800 [ 762.717329] ? perf_trace_lock+0x7a0/0x7a0 [ 762.721548] ? mark_held_locks+0xc7/0x130 [ 762.725686] ? mark_held_locks+0xc7/0x130 [ 762.729826] ? print_usage_bug+0xc0/0xc0 [ 762.733882] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 762.738625] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 762.743190] ? retint_kernel+0x2d/0x2d [ 762.747060] ? trace_hardirqs_on_caller+0xc0/0x310 [ 762.751976] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 762.756717] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 762.762247] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 762.767104] ? retint_kernel+0x2d/0x2d [ 762.770985] ? _raw_spin_unlock_irqrestore+0xaf/0xd0 [ 762.776073] ? _raw_spin_unlock_irqrestore+0x6d/0xd0 [ 762.781161] ? ___ratelimit+0x3b9/0x672 [ 762.785119] ? idr_get_free+0xf70/0xf70 [ 762.789086] oom_kill_process.cold.27+0x10/0x903 [ 762.793835] ? _raw_spin_unlock_irq+0x56/0x80 [ 762.798314] ? oom_evaluate_task+0x540/0x540 [ 762.802724] ? cgroup_procs_next+0x70/0x70 [ 762.806943] ? _raw_spin_unlock_irq+0x56/0x80 [ 762.811422] ? _raw_spin_unlock_irq+0x60/0x80 [ 762.815899] ? oom_badness+0xaa0/0xaa0 [ 762.819773] ? mem_cgroup_scan_tasks+0x1c3/0x1e0 [ 762.824511] ? mem_cgroup_iter_break+0x30/0x30 [ 762.829082] ? out_of_memory+0xc48/0x1430 [ 762.833228] out_of_memory+0xa7f/0x1430 [ 762.837209] ? retint_kernel+0x2d/0x2d [ 762.841078] ? oom_killer_disable+0x3a0/0x3a0 [ 762.845560] ? _raw_spin_unlock_irqrestore+0xaf/0xd0 [ 762.850655] mem_cgroup_out_of_memory+0x15e/0x210 [ 762.855500] ? memory_oom_group_write+0x160/0x160 [ 762.860334] try_charge+0xdcd/0x1720 [ 762.864032] ? kasan_check_read+0x11/0x20 [ 762.868168] ? mem_cgroup_from_task+0x1f0/0x1f0 [ 762.872832] ? get_mem_cgroup_from_mm.part.62+0x221/0x880 [ 762.878359] ? lock_page_memcg+0x350/0x350 [ 762.882580] ? lock_acquire+0x268/0x520 [ 762.886579] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 762.892100] ? check_preemption_disabled+0x48/0x280 [ 762.897105] ? kasan_check_read+0x11/0x20 [ 762.901235] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 762.906494] ? rcu_softirq_qs+0x20/0x20 [ 762.910458] mem_cgroup_try_charge+0x627/0xe20 [ 762.915022] ? mark_held_locks+0xc7/0x130 [ 762.919168] ? mem_cgroup_protected+0xa60/0xa60 [ 762.923824] ? retint_kernel+0x2d/0x2d [ 762.927696] ? trace_hardirqs_on_caller+0xc0/0x310 [ 762.932614] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 762.937356] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 762.942806] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 762.947552] ? retint_kernel+0x2d/0x2d [ 762.951433] mem_cgroup_try_charge_delay+0x1d/0xa0 [ 762.956348] wp_page_copy+0x51d/0x24f0 [ 762.960233] ? follow_pfn+0x2e0/0x2e0 [ 762.964023] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 762.969543] ? reuse_swap_page+0x4bd/0x1520 [ 762.973856] ? swp_swapcount+0x530/0x530 [ 762.977903] ? perf_trace_mm_lru_insertion+0x1490/0x1490 [ 762.983340] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 762.988084] ? print_usage_bug+0xc0/0xc0 [ 762.992132] ? print_usage_bug+0xc0/0xc0 [ 762.996177] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 763.000919] ? mark_held_locks+0xc7/0x130 [ 763.005054] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 763.009621] ? retint_kernel+0x2d/0x2d [ 763.013490] ? graph_lock+0x270/0x270 [ 763.017277] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 763.022017] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 763.027452] ? __lock_acquire+0x62f/0x4c20 [ 763.031670] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 763.036416] ? find_held_lock+0x36/0x1c0 [ 763.040464] ? do_wp_page+0x518/0x2920 [ 763.044337] ? lock_downgrade+0x900/0x900 [ 763.048576] ? wake_up_page_bit+0x6f0/0x6f0 [ 763.052888] ? kasan_check_read+0x11/0x20 [ 763.057021] ? do_raw_spin_unlock+0xa7/0x330 [ 763.061414] ? do_raw_spin_trylock+0x270/0x270 [ 763.065999] ? __pte_alloc_kernel+0x220/0x220 [ 763.070482] ? perf_trace_lock_acquire+0x15b/0x800 [ 763.075402] do_wp_page+0x520/0x2920 [ 763.079099] ? check_preemption_disabled+0x48/0x280 [ 763.084130] ? finish_mkwrite_fault+0x650/0x650 [ 763.088795] ? mark_held_locks+0xc7/0x130 [ 763.092950] ? perf_trace_lock+0x7a0/0x7a0 [ 763.097176] ? trace_hardirqs_on_caller+0xc0/0x310 [ 763.102092] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 763.107619] ? __lock_acquire+0x62f/0x4c20 [ 763.111863] ? mark_held_locks+0x130/0x130 [ 763.116085] ? follow_page_pte+0xdd7/0x1ab0 [ 763.120389] ? lock_downgrade+0x900/0x900 [ 763.124529] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 763.130051] ? check_preemption_disabled+0x48/0x280 [ 763.135149] ? debug_smp_processor_id+0x1c/0x20 [ 763.139809] ? perf_trace_lock_acquire+0x15b/0x800 [ 763.144725] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 763.150254] ? follow_page_pte+0x4f9/0x1ab0 [ 763.154563] ? print_usage_bug+0xc0/0xc0 [ 763.158612] ? undo_dev_pagemap+0x680/0x680 [ 763.162928] ? print_usage_bug+0xc0/0xc0 [ 763.166971] ? retint_kernel+0x2d/0x2d [ 763.170861] ? __lock_acquire+0x62f/0x4c20 [ 763.175095] ? lock_acquire+0x1ed/0x520 [ 763.179055] ? __handle_mm_fault+0x1fa9/0x5be0 [ 763.183627] ? kasan_check_write+0x14/0x20 [ 763.187854] ? do_raw_spin_lock+0x14f/0x350 [ 763.192165] ? rwlock_bug.part.2+0x90/0x90 [ 763.196382] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 763.200945] ? retint_kernel+0x2d/0x2d [ 763.204825] ? trace_hardirqs_on_caller+0xc0/0x310 [ 763.209747] __handle_mm_fault+0x3be9/0x5be0 [ 763.214144] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 763.219003] ? perf_trace_lock+0x7a0/0x7a0 [ 763.223221] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 763.228738] ? pmd_huge+0xf4/0x140 [ 763.232286] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 763.236855] ? retint_kernel+0x2d/0x2d [ 763.240727] ? trace_hardirqs_on_caller+0xc0/0x310 [ 763.245638] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 763.250394] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 763.255842] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 763.260587] ? retint_kernel+0x2d/0x2d [ 763.264468] handle_mm_fault+0x54f/0xc70 [ 763.268512] ? __handle_mm_fault+0x5be0/0x5be0 [ 763.273083] ? follow_page_mask+0x18e/0x2160 [ 763.277474] __get_user_pages+0xa3d/0x1ed0 [ 763.281690] ? rwsem_down_read_failed+0x342/0x710 [ 763.286520] ? follow_page_mask+0x2160/0x2160 [ 763.291002] ? mark_held_locks+0xc7/0x130 [ 763.295138] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 763.299702] ? retint_kernel+0x2d/0x2d [ 763.303575] ? trace_hardirqs_on_caller+0xc0/0x310 [ 763.308486] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 763.313229] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 763.318670] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 763.323416] ? retint_kernel+0x2d/0x2d [ 763.327306] populate_vma_page_range+0x2db/0x3d0 [ 763.332051] ? follow_page+0x420/0x420 [ 763.335929] ? find_vma+0x34/0x190 [ 763.339461] __mm_populate+0x286/0x4d0 [ 763.343349] ? populate_vma_page_range+0x3d0/0x3d0 [ 763.348264] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 763.353800] ? ns_capable_common+0x13f/0x170 [ 763.358203] __x64_sys_mlockall+0x45b/0x630 [ 763.362506] ? __ia32_sys_munlock+0x160/0x160 [ 763.366980] ? retint_kernel+0x2d/0x2d [ 763.370864] ? __ia32_sys_munlock+0x160/0x160 [ 763.375365] do_syscall_64+0x1b9/0x820 [ 763.379249] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 763.384607] ? syscall_return_slowpath+0x5e0/0x5e0 [ 763.389517] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 763.394341] ? trace_hardirqs_on_caller+0x310/0x310 [ 763.399344] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 763.404344] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 763.409873] ? prepare_exit_to_usermode+0x291/0x3b0 [ 763.414878] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 763.419717] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 763.424894] RIP: 0033:0x457569 [ 763.428182] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 763.447065] RSP: 002b:00007f835d843c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097 [ 763.454761] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 0000000000457569 [ 763.462026] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 763.469280] RBP: 000000000072c0e0 R08: 0000000000000000 R09: 0000000000000000 [ 763.476534] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f835d8446d4 [ 763.483789] R13: 00000000004c2b54 R14: 00000000004d4810 R15: 00000000ffffffff [ 763.496411] Task in /syz0 killed as a result of limit of /syz0 [ 763.503058] memory: usage 307148kB, limit 307200kB, failcnt 2358 [ 763.509443] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 763.516613] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 763.523215] Memory cgroup stats for /syz0: cache:144KB rss:286476KB rss_huge:253952KB shmem:28KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:58236KB active_anon:19124KB inactive_file:0KB active_file:0KB unevictable:209136KB [ 763.546363] Memory cgroup out of memory: Kill process 21121 (syz-executor0) score 1220 or sacrifice child [ 763.556464] Killed process 21161 (syz-executor0) total-vm:70864kB, anon-rss:18584kB, file-rss:52260kB, shmem-rss:0kB [ 763.568515] oom_reaper: reaped process 21161 (syz-executor0), now anon-rss:18584kB, file-rss:52252kB, shmem-rss:0kB 00:54:58 executing program 0: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000000)=0x102, 0x4) bind$inet(r0, &(0x7f0000942000)={0x2, 0x4e20, @multicast1}, 0x10) getsockopt$IP_VS_SO_GET_SERVICE(r0, 0x0, 0x483, &(0x7f0000000300), &(0x7f00000000c0)=0xfe18) r1 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000400)='/dev/vga_arbiter\x00', 0x3fc, 0x0) getsockopt$IP6T_SO_GET_REVISION_MATCH(r1, 0x29, 0x44, &(0x7f0000000180)={'NETMAP\x00'}, &(0x7f00000001c0)=0x1e) mlockall(0x1) clone(0x0, 0x0, 0xfffffffffffffffe, &(0x7f0000000080), 0xffffffffffffffff) r2 = open(&(0x7f0000000140)='./file0\x00', 0x0, 0x99) exit(0x7fffffffbffefffd) r3 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mlockall(0x3) ioctl$VHOST_SET_VRING_CALL(r1, 0x4008af21, &(0x7f0000000500)={0x3, r2}) r4 = getpgid(0xffffffffffffffff) setpriority(0x1, r4, 0x5) r5 = getpgrp(0x0) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000280)={0xffffffffffffffff, r1, 0x0, 0xf, &(0x7f0000000240)='wlan0\\}md5sum#\x00'}, 0x30) setpgid(r5, r6) vmsplice(r3, &(0x7f00000008c0)=[{&(0x7f0000000800)="50e005e6815dc6b00b10002c519c66795de0d52fc076f1eb6a9c58cde88a6eef0093b24a178e84740aa6d1618e2033d38d4aea0fb17cda768820a83864ac14405192e4549c3ad33fca5d187507c5a984d6a0c72683e7af2d4a070000000000000005b6d0dce139e4c627395426a1f6fc0b416f7163eb07000000d9e0203181735ccac1e530c361262a0a5e0a98e9ca3d17f2f2f0c116fa9fbdbe757d93e323d17f29", 0xa2}], 0x1, 0xf) ioctl$EVIOCGEFFECTS(r1, 0x80044584, &(0x7f0000000580)=""/190) mq_notify(r1, &(0x7f0000000540)={0x0, 0x1c, 0x7, @thr={&(0x7f0000000440)="4c272be7ad31b92a7819bd4438656080ec27849a76ffa174b3fe114201140a34e5e6cb4d6a3ab9bcdc80a2717dd8542f33caa13b8c9cb9f5d11d4c66dc81779917000c05979ce491010f7259d0ecdb80fb30d6cba6e2b753ac23635fbb3d879cc2982fb4bbe1afcea02f12d11d43e1337c25411ae04bd8efc06636c455e15689c75b95c24f0dbdd30bdf91f2313a3e39b263ff5196302f1880765440d8b1", 0x0}}) accept4$inet(0xffffffffffffffff, &(0x7f00000000c0), &(0x7f0000000100)=0x10, 0x0) setsockopt$sock_int(r0, 0x1, 0x3c, &(0x7f0000d4effc)=0x1, 0x4) remap_file_pages(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x4, 0xa1, 0x40001) connect$inet(r0, &(0x7f00000002c0)={0x2, 0x4e20, @local}, 0x10) ioctl$FS_IOC_FSSETXATTR(r2, 0x401c5820, &(0x7f0000000200)={0x6d, 0x7fff, 0x400, 0x40, 0x4}) sendmmsg(r0, &(0x7f00000010c0)=[{{&(0x7f0000000bc0)=@in6={0xa, 0x0, 0x7ffffffff000, @mcast1}, 0x80, &(0x7f0000000d40), 0x2fb, &(0x7f0000000d80)}}], 0x4000000000001b4, 0x40400d4) 00:54:58 executing program 2: add_key$user(&(0x7f0000000040)='user\x00', &(0x7f0000000000)={'syz'}, &(0x7f0000000380)='X', 0x1, 0xfffffffffffffffe) getsockopt$IP_VS_SO_GET_VERSION(0xffffffffffffffff, 0x0, 0x480, 0x0, 0x0) r0 = syz_open_dev$swradio(&(0x7f00000000c0)='/dev/swradio#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000340)={0x0, 0x9, 0x1, {0xb, @pix={0x0, 0x1f}}}) mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xfffffffffffffffd, 0x11, r0, 0x0) clone(0x0, &(0x7f0000000080), &(0x7f0000000000), &(0x7f0000915ffc), &(0x7f0000000180)) ioctl$ASHMEM_GET_SIZE(0xffffffffffffffff, 0x7704, 0x0) add_key$user(&(0x7f0000000240)='user\x00', &(0x7f0000000540)={'syz'}, &(0x7f0000000600)="63bbdf5b932bb04481028798fd5fb1bf7183b30984e21c3eb3094d70650ee8624e2bdce1427bd61c8e222dbd67d402b7ccaf0c5dc50030ee14d419fa9c84b0ffd1019f1b2ae022a0f182301f9942566e6f61eabe384c732d0813a18bb3dc9f3a678d9d44e6293e786ab2e6d28f236c138d63fe4f6ece6f3d04", 0x79, 0xfffffffffffffffd) openat$autofs(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/autofs\x00', 0x401, 0x0) 00:54:58 executing program 3: r0 = syz_open_dev$mice(0x0, 0x0, 0x701200) r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000400)="2f6a7374617400c65381b47aaedf2af5c8af3423fc41891bd2a3c56d8c88e29bad43f1da906e855ff182de04227edcbbc2b1df8f180e158e8abd442cc049cffda030ff277875ee010000000000000000000000000000000000000000000000f532144d1671a6cdf5069e5bddcf25cd7f23956b4a82df900f5eb5763b4fe8cc7172962d2590b2dca2a1308c382541b053194d9027d83ee7ba2e3280857f8f9f63fc90bae959c6e67078bf97e615bfd9409914958aadcfb37973543c60d83526e5c267f7dfa54bd524cc9671dedd665199322bdadee125a35b40b7be0c07301f439a7edfa26fa98277c8078b02e2076291c33787c58b0eabbc39288fc10509409de108f5ca26a8c8e1afb70b2a9569cf8f4cdb6d4e97eb7fdf241dee160e6071618333cc0b0e8bc6a17a0b7d604550fd149ad078ffe54c6392fba29015a3ae73774cd12c9c0ed251a7cf843d712d", 0x2761, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)=ANY=[], &(0x7f00000001c0)='GPL\x00'}, 0x48) r2 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x2761, 0x0) socket$vsock_dgram(0x28, 0x2, 0x0) getsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r1, 0x84, 0x72, &(0x7f0000000080)={0x0, 0x8, 0x30}, &(0x7f00000000c0)=0xc) getsockopt$inet_sctp_SCTP_DEFAULT_PRINFO(r2, 0x84, 0x72, &(0x7f0000000240)={0x0, 0x1ff, 0x20}, &(0x7f0000000280)=0xc) getsockopt$inet_sctp6_SCTP_STATUS(r1, 0x84, 0xe, &(0x7f00000002c0)={r3, 0xe57c, 0x100000001, 0xffffffff00000000, 0xa000000000, 0x9, 0xfff, 0x8, {r4, @in6={{0xa, 0x4e24, 0x101, @ipv4={[], [], @multicast1}, 0x9}}, 0x6, 0x6, 0x9, 0x0, 0x10000000}}, &(0x7f0000000380)=0xb0) ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x4030582a, &(0x7f0000000200)=0x100) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000840), 0x0, &(0x7f0000000080)}, 0x40000) openat$cgroup_ro(r2, &(0x7f0000000140)='rdma.current\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r1, 0x4030582a, &(0x7f0000000000)) 00:54:58 executing program 5: r0 = add_key$user(&(0x7f0000000040)='user\x00', 0x0, &(0x7f0000000380), 0x0, 0xfffffffffffffffe) keyctl$update(0x2, 0x0, 0x0, 0x0) r1 = syz_open_dev$swradio(&(0x7f00000000c0)='/dev/swradio#\x00', 0xffffffffffffffff, 0x2) mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xfffffffffffffffd, 0x11, r1, 0x0) ioctl$ASHMEM_GET_SIZE(0xffffffffffffffff, 0x7704, 0x0) ioctl$PIO_FONT(r1, 0x4b61, &(0x7f0000000100)="8c6afca7424c7da8ae51e99c7eabac5ec2626547672edc9f1de4f022f74a8bc3ef421fa01aefa48bde2e1ff620d0b526488a22711f7e93628f709ac64707ed27199f24eb563a00d11f30fd0e2f0bf5a47c9f7d792218bf4f0289e96ecaa51edeb25530d9163cf21a4446c857a240b0de1cf64418935154194502248dc8b4178b042644b712934fbe92c4a5f2d0ffdaf763efaba52d56c2bb5b536ea62bdc25ec99") keyctl$describe(0x6, r0, &(0x7f0000000000)=""/52, 0x34) 00:54:58 executing program 1: keyctl$update(0x2, 0x0, &(0x7f0000000440), 0x0) r0 = syz_open_dev$swradio(&(0x7f00000000c0)='/dev/swradio#\x00', 0xffffffffffffffff, 0x2) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000000)="f26ed2edf213c297f719a55bb61e3de0fc09dfa214f052f2a9a19d24bb1462d5cb4388c7f9eb53c4f928cf68a0a6da569b1caf75cf020205bf0dfa5dd9a5feafaccda4c839cb2804b54a695b51969738938a67a3a7f7d9dd2bb1e52a1500b27b2e77e1efc131b1b43ce993e9623a0588a10e04c9076f647c9633c350654639d46d6f51fccee1beecae1670854c5abaaaef20d92cbdee90f069872f1353fe155b3c5bb88b97a2877aaa37fda455d7c4664c0a6d169e1613f6e02ff86634a8143b", 0xc0) mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xfffffffffffffffd, 0x11, r0, 0x0) 00:54:58 executing program 4: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000280)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000480)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) read$FUSE(r0, &(0x7f0000003000), 0x4ea) write$FUSE_INIT(r0, &(0x7f0000000600)={0x50, 0x0, 0x2, {0x7, 0x1c, 0x100000000000000, 0x0, 0x7ff}}, 0x50) 00:54:59 executing program 5: add_key$user(&(0x7f0000000040)='user\x00', 0x0, &(0x7f0000000380), 0x0, 0xfffffffffffffffe) keyctl$update(0x2, 0x0, 0x0, 0x0) r0 = syz_open_dev$swradio(&(0x7f00000000c0)='/dev/swradio#\x00', 0xffffffffffffffff, 0x2) mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xfffffffffffffffd, 0x11, r0, 0x0) ioctl$ASHMEM_GET_SIZE(0xffffffffffffffff, 0x7704, 0x0) fadvise64(r0, 0xb, 0xc7, 0x5) 00:54:59 executing program 4: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000280)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000480)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) read$FUSE(r0, &(0x7f0000003000), 0x4ea) write$FUSE_INIT(r0, &(0x7f0000000600)={0x50, 0x0, 0x2, {0x7, 0x1c, 0x1000000, 0x0, 0x7ff}}, 0x50) 00:54:59 executing program 1: r0 = add_key$user(0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe) keyctl$update(0x2, r0, &(0x7f0000000100)="9b492a5ae90a172858895dde5ddb1fb46994f056135ea62aeffac40b5bb38479cc84cce0b2ccd409672f47fc24e24db93040040e2ba6e76756529f059d94be983b6a44a543adf302cf4e08309791a6a2b743dfb14305d7545fc89916a2949cefe708d25fa700efa949ae2fbb10048123d8161124b6565886c4231f96076d5f5bf5bb8435b57e188c84fdd9c38374a405eb9e148830e0fe5d474c7ab1d738e7152393ef0a674338cfda948f3fb3914f89eb2dde31d8b6d4b849b7a57028e2f5118366d886e841ca13e27c4940fda6fc4596be0064d3633deb1e7637f357cab7cadb76a976322b411befa8e046da992b9deb40f1f900e349", 0x32b) r1 = syz_open_dev$swradio(&(0x7f00000000c0)='/dev/swradio#\x00', 0xffffffffffffffff, 0x2) mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xfffffffffffffffd, 0x11, r1, 0x0) 00:54:59 executing program 1: r0 = request_key(&(0x7f0000000000)='encrypted\x00', &(0x7f0000000040)={'syz', 0x0}, &(0x7f0000000080)='/dev/swradio#\x00', 0xfffffffffffffff8) r1 = request_key(&(0x7f0000000100)='logon\x00', &(0x7f0000000140)={'syz', 0x1}, &(0x7f0000000180)='/dev/swradio#\x00', 0xfffffffffffffffa) keyctl$negate(0xd, r0, 0x5, r1) add_key$keyring(&(0x7f00000000c0)='keyring\x00', &(0x7f0000000240)={'syz', 0x0}, 0x0, 0x0, r1) r2 = add_key$user(0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe) keyctl$update(0x2, r2, &(0x7f0000000440), 0x0) socketpair$inet_tcp(0x2, 0x1, 0x0, &(0x7f00000001c0)) r3 = syz_open_dev$swradio(&(0x7f0000000200)='/dev/swradio#\x00', 0xffffffffffffffff, 0x2) mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xfffffffffffffffd, 0x11, r3, 0x0) 00:54:59 executing program 2: add_key$user(&(0x7f0000000040)='user\x00', &(0x7f0000000000)={'syz'}, &(0x7f0000000380)='X', 0x1, 0xfffffffffffffffe) getsockopt$IP_VS_SO_GET_VERSION(0xffffffffffffffff, 0x0, 0x480, 0x0, 0x0) r0 = syz_open_dev$swradio(&(0x7f00000000c0)='/dev/swradio#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000340)={0x0, 0x9, 0x1, {0xb, @pix={0x0, 0x1f}}}) mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xfffffffffffffffd, 0x11, r0, 0x0) clone(0x0, &(0x7f0000000080), &(0x7f0000000000), &(0x7f0000915ffc), &(0x7f0000000180)) ioctl$ASHMEM_GET_SIZE(0xffffffffffffffff, 0x7704, 0x0) add_key$user(&(0x7f0000000240)='user\x00', &(0x7f0000000540)={'syz'}, &(0x7f0000000600)="63bbdf5b932bb04481028798fd5fb1bf7183b30984e21c3eb3094d70650ee8624e2bdce1427bd61c8e222dbd67d402b7ccaf0c5dc50030ee14d419fa9c84b0ffd1019f1b2ae022a0f182301f9942566e6f61eabe384c732d0813a18bb3dc9f3a678d9d44e6293e786ab2e6d28f236c138d63fe4f6ece6f3d04", 0x79, 0xfffffffffffffffd) openat$autofs(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/autofs\x00', 0x401, 0x0) 00:54:59 executing program 5: add_key$user(&(0x7f0000000040)='user\x00', 0x0, &(0x7f0000000380), 0x0, 0xfffffffffffffffe) epoll_create1(0x0) r0 = syz_open_dev$swradio(&(0x7f00000000c0)='/dev/swradio#\x00', 0xffffffffffffffff, 0x2) ioctl$TIOCGPGRP(r0, 0x540f, &(0x7f0000000000)=0x0) syz_open_procfs(r1, &(0x7f0000000080)='net/sctp\x00') mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xfffffffffffffffd, 0x11, r0, 0x0) ioctl$ASHMEM_GET_SIZE(0xffffffffffffffff, 0x7704, 0x0) [ 764.951155] syz-executor0 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=1000 [ 764.962583] syz-executor0 cpuset=syz0 mems_allowed=0 [ 764.967789] CPU: 0 PID: 21212 Comm: syz-executor0 Not tainted 4.20.0-rc1-next-20181109+ #110 [ 764.976389] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 764.985732] Call Trace: [ 764.988314] dump_stack+0x244/0x39d [ 764.991942] ? dump_stack_print_info.cold.1+0x20/0x20 [ 764.997133] ? mark_held_locks+0x130/0x130 [ 765.001354] ? mark_held_locks+0x130/0x130 [ 765.005580] dump_header+0x27b/0xf72 [ 765.009332] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 765.014860] ? pagefault_out_of_memory+0x197/0x197 [ 765.019777] ? print_usage_bug+0xc0/0xc0 [ 765.023825] ? debug_smp_processor_id+0x1c/0x20 [ 765.028477] ? perf_trace_lock_acquire+0x15b/0x800 [ 765.033395] ? perf_trace_lock+0x7a0/0x7a0 [ 765.037620] ? mark_held_locks+0xc7/0x130 [ 765.041779] ? print_usage_bug+0xc0/0xc0 [ 765.045829] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 765.050591] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 765.055160] ? retint_kernel+0x2d/0x2d [ 765.059037] ? trace_hardirqs_on_caller+0xc0/0x310 [ 765.063952] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 765.068724] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 765.074203] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 765.078959] ? retint_kernel+0x2d/0x2d [ 765.082843] ? _raw_spin_unlock_irqrestore+0xaf/0xd0 [ 765.087934] ? _raw_spin_unlock_irqrestore+0x6d/0xd0 [ 765.093023] ? ___ratelimit+0x3b9/0x672 [ 765.096981] ? idr_get_free+0xf70/0xf70 [ 765.100954] ? preempt_count_sub+0x5a/0x150 [ 765.105269] oom_kill_process.cold.27+0x10/0x903 [ 765.110016] ? mark_held_locks+0xc7/0x130 [ 765.114161] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 765.118907] ? oom_evaluate_task+0x540/0x540 [ 765.123302] ? trace_hardirqs_on_caller+0xc0/0x310 [ 765.128219] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 765.132967] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 765.138415] ? _raw_spin_unlock_irq+0x56/0x80 [ 765.142913] ? _raw_spin_unlock_irq+0x60/0x80 [ 765.147422] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 765.152171] ? retint_kernel+0x2d/0x2d [ 765.156058] out_of_memory+0xa7f/0x1430 [ 765.160019] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 765.164592] ? kasan_check_read+0x11/0x20 [ 765.168728] ? oom_killer_disable+0x3a0/0x3a0 [ 765.173396] mem_cgroup_out_of_memory+0x15e/0x210 [ 765.178228] ? memory_oom_group_write+0x160/0x160 [ 765.183052] ? mem_cgroup_try_charge+0x627/0xe20 [ 765.187798] ? page_counter_try_charge+0x1c1/0x220 [ 765.192714] try_charge+0xdcd/0x1720 [ 765.196415] ? kasan_check_read+0x11/0x20 [ 765.200556] ? mem_cgroup_from_task+0x1f0/0x1f0 [ 765.205221] ? get_mem_cgroup_from_mm.part.62+0x221/0x880 [ 765.210763] ? lock_page_memcg+0x350/0x350 [ 765.215001] ? lock_acquire+0x1ed/0x520 [ 765.218963] ? mem_cgroup_oom_control_write+0x100/0x100 [ 765.224315] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 765.229849] ? check_preemption_disabled+0x48/0x280 [ 765.234854] ? kasan_check_read+0x11/0x20 [ 765.238989] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 765.244250] ? rcu_softirq_qs+0x20/0x20 [ 765.248264] mem_cgroup_try_charge+0x627/0xe20 [ 765.252833] ? mark_held_locks+0xc7/0x130 [ 765.256974] ? mem_cgroup_protected+0xa60/0xa60 [ 765.261655] ? retint_kernel+0x2d/0x2d [ 765.265555] ? trace_hardirqs_on_caller+0xc0/0x310 [ 765.270469] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 765.275213] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 765.280676] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 765.285424] ? retint_kernel+0x2d/0x2d [ 765.289305] mem_cgroup_try_charge_delay+0x1d/0xa0 [ 765.294237] wp_page_copy+0x51d/0x24f0 [ 765.298116] ? retint_kernel+0x2d/0x2d [ 765.302014] ? follow_pfn+0x2e0/0x2e0 [ 765.305815] ? reuse_swap_page+0x4db/0x1520 [ 765.310124] ? reuse_swap_page+0x4bd/0x1520 [ 765.314435] ? swp_swapcount+0x530/0x530 [ 765.318485] ? perf_trace_mm_lru_insertion+0x1490/0x1490 [ 765.323924] ? mark_held_locks+0xc7/0x130 [ 765.328060] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 765.332801] ? print_usage_bug+0xc0/0xc0 [ 765.336850] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 765.341418] ? trace_hardirqs_on_caller+0xc0/0x310 [ 765.346334] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 765.351082] ? graph_lock+0x270/0x270 [ 765.354871] ? __lock_acquire+0x62f/0x4c20 [ 765.359094] ? retint_kernel+0x2d/0x2d [ 765.362967] ? find_held_lock+0x36/0x1c0 [ 765.367016] ? do_wp_page+0x518/0x2920 [ 765.370885] ? lock_downgrade+0x900/0x900 [ 765.375022] ? wake_up_page_bit+0x6f0/0x6f0 [ 765.379332] ? kasan_check_read+0x11/0x20 [ 765.383465] ? do_raw_spin_unlock+0xa7/0x330 [ 765.387857] ? do_raw_spin_trylock+0x270/0x270 [ 765.392427] ? __pte_alloc_kernel+0x220/0x220 [ 765.396906] ? perf_trace_lock_acquire+0x15b/0x800 [ 765.401829] ? print_usage_bug+0xc0/0xc0 [ 765.405888] do_wp_page+0x520/0x2920 [ 765.409587] ? check_preemption_disabled+0x48/0x280 [ 765.414612] ? finish_mkwrite_fault+0x650/0x650 [ 765.419269] ? mark_held_locks+0xc7/0x130 [ 765.423496] ? perf_trace_lock+0x7a0/0x7a0 [ 765.427722] ? trace_hardirqs_on_caller+0xc0/0x310 [ 765.432638] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 765.438191] ? __lock_acquire+0x62f/0x4c20 [ 765.442423] ? mark_held_locks+0x130/0x130 [ 765.446666] ? follow_page_pte+0xdd7/0x1ab0 [ 765.450987] ? lock_downgrade+0x900/0x900 [ 765.455126] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 765.460648] ? check_preemption_disabled+0x48/0x280 [ 765.465676] ? debug_smp_processor_id+0x1c/0x20 [ 765.470329] ? perf_trace_lock_acquire+0x15b/0x800 [ 765.475243] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 765.480773] ? follow_page_pte+0x4f9/0x1ab0 [ 765.485085] ? print_usage_bug+0xc0/0xc0 [ 765.489139] ? undo_dev_pagemap+0x680/0x680 [ 765.493467] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 765.498209] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 765.502881] ? retint_kernel+0x2d/0x2d [ 765.506754] ? trace_hardirqs_on_caller+0xc0/0x310 [ 765.511676] ? __lock_acquire+0x62f/0x4c20 [ 765.515897] ? lock_acquire+0x1ed/0x520 [ 765.519860] ? __handle_mm_fault+0x1fa9/0x5be0 [ 765.524433] ? kasan_check_write+0x14/0x20 [ 765.528667] ? do_raw_spin_lock+0x14f/0x350 [ 765.532996] ? retint_kernel+0x2d/0x2d [ 765.536873] ? rwlock_bug.part.2+0x90/0x90 [ 765.541098] ? __handle_mm_fault+0x206e/0x5be0 [ 765.545674] __handle_mm_fault+0x3be9/0x5be0 [ 765.550089] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 765.554921] ? perf_trace_lock+0x7a0/0x7a0 [ 765.559140] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 765.564667] ? pmd_huge+0xf4/0x140 [ 765.568200] ? graph_lock+0x270/0x270 [ 765.571984] ? graph_lock+0x270/0x270 [ 765.575770] ? find_held_lock+0x36/0x1c0 [ 765.579819] ? handle_mm_fault+0x42a/0xc70 [ 765.584039] ? lock_downgrade+0x900/0x900 [ 765.588178] ? check_preemption_disabled+0x48/0x280 [ 765.593192] ? kasan_check_read+0x11/0x20 [ 765.597326] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 765.602594] ? rcu_read_unlock_special+0x370/0x370 [ 765.607513] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 765.613053] ? check_preemption_disabled+0x48/0x280 [ 765.618062] handle_mm_fault+0x54f/0xc70 [ 765.622115] ? __handle_mm_fault+0x5be0/0x5be0 [ 765.626686] ? __get_user_pages+0x7b2/0x1ed0 [ 765.631080] __get_user_pages+0xa3d/0x1ed0 [ 765.635321] ? follow_page_mask+0x2160/0x2160 [ 765.639828] ? mark_held_locks+0xc7/0x130 [ 765.643970] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 765.648734] ? mark_held_locks+0xc7/0x130 [ 765.652876] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 765.657630] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 765.662208] ? retint_kernel+0x2d/0x2d [ 765.666080] ? trace_hardirqs_on_caller+0xc0/0x310 [ 765.670996] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 765.675740] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 765.681181] ? lock_release+0xa10/0xa10 [ 765.685141] ? perf_trace_sched_process_exec+0x860/0x860 [ 765.690602] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 765.695346] populate_vma_page_range+0x2db/0x3d0 [ 765.700103] ? follow_page+0x420/0x420 [ 765.703976] ? __mm_populate+0x1ef/0x4d0 [ 765.708025] __mm_populate+0x286/0x4d0 [ 765.711900] ? populate_vma_page_range+0x3d0/0x3d0 [ 765.716816] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 765.722339] ? ns_capable_common+0x13f/0x170 [ 765.726736] __x64_sys_mlockall+0x45b/0x630 [ 765.731050] ? __ia32_sys_munlock+0x160/0x160 [ 765.735544] ? retint_kernel+0x2d/0x2d [ 765.739419] ? __ia32_sys_munlock+0x160/0x160 [ 765.743898] ? do_syscall_64+0x179/0x820 [ 765.747948] do_syscall_64+0x1b9/0x820 [ 765.751832] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 765.757185] ? syscall_return_slowpath+0x5e0/0x5e0 [ 765.762104] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 765.766936] ? trace_hardirqs_on_caller+0x310/0x310 [ 765.771938] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 765.776942] ? prepare_exit_to_usermode+0x291/0x3b0 [ 765.781949] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 765.786790] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 765.791964] RIP: 0033:0x457569 [ 765.795147] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 765.814035] RSP: 002b:00007f835d885c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097 [ 765.821730] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 0000000000457569 [ 765.829000] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 765.836260] RBP: 000000000072bfa0 R08: 0000000000000000 R09: 0000000000000000 [ 765.843615] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f835d8866d4 [ 765.850882] R13: 00000000004c2b54 R14: 00000000004d4810 R15: 00000000ffffffff [ 765.860386] Task in /syz0 killed as a result of limit of /syz0 [ 765.866887] memory: usage 307200kB, limit 307200kB, failcnt 2425 [ 765.873117] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 765.879997] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 765.886387] Memory cgroup stats for /syz0: cache:144KB rss:297476KB rss_huge:266240KB shmem:28KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:63760KB active_anon:17092KB inactive_file:0KB active_file:0KB unevictable:216836KB [ 765.908628] Memory cgroup out of memory: Kill process 21170 (syz-executor0) score 1216 or sacrifice child [ 765.918963] Killed process 21213 (syz-executor0) total-vm:70468kB, anon-rss:18068kB, file-rss:32896kB, shmem-rss:0kB [ 765.933398] oom_reaper: reaped process 21213 (syz-executor0), now anon-rss:0kB, file-rss:32768kB, shmem-rss:0kB [ 766.835342] syz-executor0 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=1000 [ 766.846940] syz-executor0 cpuset=syz0 mems_allowed=0 [ 766.852718] CPU: 0 PID: 21216 Comm: syz-executor0 Not tainted 4.20.0-rc1-next-20181109+ #110 [ 766.861292] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 766.870632] Call Trace: [ 766.873210] dump_stack+0x244/0x39d [ 766.876827] ? dump_stack_print_info.cold.1+0x20/0x20 [ 766.882009] ? mark_held_locks+0x130/0x130 [ 766.886230] ? mark_held_locks+0x130/0x130 [ 766.890455] dump_header+0x27b/0xf72 [ 766.894163] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 766.899685] ? pagefault_out_of_memory+0x197/0x197 [ 766.904602] ? print_usage_bug+0xc0/0xc0 [ 766.908665] ? debug_smp_processor_id+0x1c/0x20 [ 766.913321] ? perf_trace_lock_acquire+0x15b/0x800 [ 766.918247] ? perf_trace_lock+0x7a0/0x7a0 [ 766.922476] ? mark_held_locks+0xc7/0x130 [ 766.926623] ? print_usage_bug+0xc0/0xc0 [ 766.930681] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 766.935423] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 766.940002] ? retint_kernel+0x2d/0x2d [ 766.943878] ? trace_hardirqs_on_caller+0xc0/0x310 [ 766.948795] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 766.953543] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 766.958988] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 766.963735] ? retint_kernel+0x2d/0x2d [ 766.967616] ? _raw_spin_unlock_irqrestore+0xaf/0xd0 [ 766.972709] ? _raw_spin_unlock_irqrestore+0x6d/0xd0 [ 766.977798] ? ___ratelimit+0x3b9/0x672 [ 766.981760] ? idr_get_free+0xf70/0xf70 [ 766.985721] ? task_will_free_mem+0x239/0xb30 [ 766.990324] ? task_will_free_mem+0x270/0xb30 [ 766.994810] oom_kill_process.cold.27+0x10/0x903 [ 766.999566] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 767.004311] ? oom_evaluate_task+0x540/0x540 [ 767.008705] ? oom_badness+0xaa0/0xaa0 [ 767.012585] ? mem_cgroup_scan_tasks+0x177/0x1e0 [ 767.017414] ? mem_cgroup_scan_tasks+0x1c3/0x1e0 [ 767.022152] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 767.026895] ? mem_cgroup_iter_break+0x30/0x30 [ 767.031493] ? oom_badness+0xaa0/0xaa0 [ 767.035383] out_of_memory+0xa7f/0x1430 [ 767.039347] ? retint_kernel+0x2d/0x2d [ 767.043222] ? oom_killer_disable+0x3a0/0x3a0 [ 767.047711] ? _raw_spin_unlock_irqrestore+0xaf/0xd0 [ 767.052806] mem_cgroup_out_of_memory+0x15e/0x210 [ 767.057639] ? memory_oom_group_write+0x160/0x160 [ 767.062485] ? mem_cgroup_try_charge+0x627/0xe20 [ 767.067239] ? page_counter_try_charge+0x1c1/0x220 [ 767.072284] try_charge+0xdcd/0x1720 [ 767.075999] ? kasan_check_read+0x11/0x20 [ 767.080151] ? mem_cgroup_from_task+0x1f0/0x1f0 [ 767.084816] ? get_mem_cgroup_from_mm.part.62+0x221/0x880 [ 767.090340] ? lock_page_memcg+0x350/0x350 [ 767.094574] ? lock_acquire+0x1ed/0x520 [ 767.098537] ? mem_cgroup_oom_control_write+0x100/0x100 [ 767.103892] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 767.109415] ? check_preemption_disabled+0x48/0x280 [ 767.114425] ? kasan_check_read+0x11/0x20 [ 767.118557] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 767.123819] ? rcu_softirq_qs+0x20/0x20 [ 767.127799] mem_cgroup_try_charge+0x627/0xe20 [ 767.132364] ? mark_held_locks+0xc7/0x130 [ 767.136504] ? mem_cgroup_protected+0xa60/0xa60 [ 767.141165] ? retint_kernel+0x2d/0x2d [ 767.145046] ? trace_hardirqs_on_caller+0xc0/0x310 [ 767.149960] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 767.154699] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 767.159440] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 767.165005] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 767.170389] ? retint_kernel+0x2d/0x2d [ 767.174269] mem_cgroup_try_charge_delay+0x1d/0xa0 [ 767.179187] wp_page_copy+0x51d/0x24f0 [ 767.183067] ? follow_pfn+0x2e0/0x2e0 [ 767.186857] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 767.192378] ? reuse_swap_page+0x4bd/0x1520 [ 767.196694] ? swp_swapcount+0x530/0x530 [ 767.200845] ? perf_trace_mm_lru_insertion+0x1490/0x1490 [ 767.206284] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 767.211720] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 767.217159] ? print_usage_bug+0xc0/0xc0 [ 767.221209] ? retint_kernel+0x2d/0x2d [ 767.225087] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 767.229834] ? retint_kernel+0x2d/0x2d [ 767.233711] ? graph_lock+0x270/0x270 [ 767.237504] ? mark_held_locks+0xc7/0x130 [ 767.241655] ? mark_page_accessed+0xf3f/0x2040 [ 767.246221] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 767.250967] ? find_held_lock+0x36/0x1c0 [ 767.255019] ? do_wp_page+0x518/0x2920 [ 767.258894] ? lock_downgrade+0x900/0x900 [ 767.263029] ? wake_up_page_bit+0x6f0/0x6f0 [ 767.267338] ? kasan_check_read+0x11/0x20 [ 767.271494] ? do_raw_spin_unlock+0xa7/0x330 [ 767.275906] ? do_raw_spin_trylock+0x270/0x270 [ 767.280491] do_wp_page+0x520/0x2920 [ 767.284203] ? check_preemption_disabled+0x48/0x280 [ 767.289205] ? finish_mkwrite_fault+0x650/0x650 [ 767.293858] ? mark_held_locks+0xc7/0x130 [ 767.297997] ? perf_trace_lock+0x7a0/0x7a0 [ 767.302239] ? trace_hardirqs_on_caller+0xc0/0x310 [ 767.307176] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 767.312704] ? __lock_acquire+0x62f/0x4c20 [ 767.316937] ? mark_held_locks+0x130/0x130 [ 767.321159] ? follow_page_pte+0xdd7/0x1ab0 [ 767.325479] ? lock_downgrade+0x900/0x900 [ 767.329631] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 767.335154] ? check_preemption_disabled+0x48/0x280 [ 767.340159] ? debug_smp_processor_id+0x1c/0x20 [ 767.344816] ? perf_trace_lock_acquire+0x15b/0x800 [ 767.349739] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 767.355280] ? follow_page_pte+0x4f9/0x1ab0 [ 767.359591] ? print_usage_bug+0xc0/0xc0 [ 767.363643] ? undo_dev_pagemap+0x680/0x680 [ 767.367954] ? retint_kernel+0x2d/0x2d [ 767.371836] ? trace_hardirqs_on_caller+0xc0/0x310 [ 767.376754] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 767.381501] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 767.386943] ? __lock_acquire+0x62f/0x4c20 [ 767.391164] ? lock_acquire+0x1ed/0x520 [ 767.395124] ? __handle_mm_fault+0x1fa9/0x5be0 [ 767.399696] ? kasan_check_write+0x14/0x20 [ 767.403919] ? do_raw_spin_lock+0x14f/0x350 [ 767.408236] ? rwlock_bug.part.2+0x90/0x90 [ 767.412471] ? pmd_devmap_trans_unstable+0x177/0x220 [ 767.417569] ? __sanitizer_cov_trace_pc+0x3f/0x50 [ 767.422401] __handle_mm_fault+0x3be9/0x5be0 [ 767.426801] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 767.431737] ? perf_trace_lock+0x7a0/0x7a0 [ 767.435965] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 767.441520] ? pmd_huge+0xf4/0x140 [ 767.445057] ? graph_lock+0x270/0x270 [ 767.448842] ? graph_lock+0x270/0x270 [ 767.452635] ? find_held_lock+0x36/0x1c0 [ 767.456690] ? handle_mm_fault+0x42a/0xc70 [ 767.460913] ? lock_downgrade+0x900/0x900 [ 767.465062] ? check_preemption_disabled+0x48/0x280 [ 767.470094] ? kasan_check_read+0x11/0x20 [ 767.474249] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 767.479531] ? rcu_read_unlock_special+0x370/0x370 [ 767.484471] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 767.490014] ? check_preemption_disabled+0x48/0x280 [ 767.495041] handle_mm_fault+0x54f/0xc70 [ 767.499110] ? __handle_mm_fault+0x5be0/0x5be0 [ 767.503703] ? __get_user_pages+0xb5d/0x1ed0 [ 767.508122] __get_user_pages+0xa3d/0x1ed0 [ 767.512376] ? follow_page_mask+0x2160/0x2160 [ 767.516879] ? mark_held_locks+0xc7/0x130 [ 767.521031] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 767.525798] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 767.530384] ? retint_kernel+0x2d/0x2d [ 767.534279] ? trace_hardirqs_on_caller+0xc0/0x310 [ 767.539215] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 767.544667] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 767.549426] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 767.554901] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 767.559671] ? retint_kernel+0x2d/0x2d [ 767.563567] ? populate_vma_page_range+0xbd/0x3d0 [ 767.568418] populate_vma_page_range+0x2db/0x3d0 [ 767.573196] ? follow_page+0x420/0x420 [ 767.577092] ? find_vma+0x34/0x190 [ 767.580641] __mm_populate+0x286/0x4d0 [ 767.584540] ? populate_vma_page_range+0x3d0/0x3d0 [ 767.589478] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 767.595020] ? ns_capable_common+0x13f/0x170 [ 767.599444] __x64_sys_mlockall+0x45b/0x630 [ 767.603780] ? __ia32_sys_munlock+0x160/0x160 [ 767.608280] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 767.613820] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 767.619188] ? trace_hardirqs_off_caller+0x300/0x300 [ 767.624298] ? do_futex+0x26d0/0x26d0 [ 767.628115] do_syscall_64+0x1b9/0x820 [ 767.632011] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 767.637382] ? syscall_return_slowpath+0x5e0/0x5e0 [ 767.642316] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 767.647164] ? trace_hardirqs_on_caller+0x310/0x310 [ 767.652184] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 767.657207] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 767.662752] ? prepare_exit_to_usermode+0x291/0x3b0 [ 767.667781] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 767.672639] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 767.677828] RIP: 0033:0x457569 [ 767.681024] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 767.699931] RSP: 002b:00007f835d843c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097 [ 767.707639] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 0000000000457569 [ 767.714911] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 767.722184] RBP: 000000000072c0e0 R08: 0000000000000000 R09: 0000000000000000 [ 767.729455] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f835d8446d4 [ 767.736731] R13: 00000000004c2b54 R14: 00000000004d4810 R15: 00000000ffffffff [ 767.750684] Task in /syz0 killed as a result of limit of /syz0 [ 767.757833] memory: usage 307140kB, limit 307200kB, failcnt 2480 [ 767.764439] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 767.771511] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 767.777933] Memory cgroup stats for /syz0: cache:144KB rss:287520KB rss_huge:256000KB shmem:28KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:59368KB active_anon:19124KB inactive_file:0KB active_file:0KB unevictable:209044KB [ 767.801053] Memory cgroup out of memory: Kill process 21170 (syz-executor0) score 1220 or sacrifice child [ 767.811271] Killed process 21216 (syz-executor0) total-vm:70864kB, anon-rss:18456kB, file-rss:52260kB, shmem-rss:0kB [ 767.823620] oom_reaper: reaped process 21216 (syz-executor0), now anon-rss:18456kB, file-rss:52252kB, shmem-rss:0kB 00:55:03 executing program 0: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000000)=0x102, 0x4) bind$inet(r0, &(0x7f0000942000)={0x2, 0x4e20, @multicast1}, 0x10) getsockopt$IP_VS_SO_GET_SERVICE(r0, 0x0, 0x483, &(0x7f0000000300), &(0x7f00000000c0)=0xfe18) r1 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000400)='/dev/vga_arbiter\x00', 0x3fc, 0x0) getsockopt$IP6T_SO_GET_REVISION_MATCH(r1, 0x29, 0x44, &(0x7f0000000180)={'NETMAP\x00'}, &(0x7f00000001c0)=0x1e) mlockall(0x1) clone(0x0, 0x0, 0xfffffffffffffffe, &(0x7f0000000080), 0xffffffffffffffff) r2 = open(&(0x7f0000000140)='./file0\x00', 0x0, 0x99) exit(0x7fffffffbffefffd) r3 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mlockall(0x3) ioctl$VHOST_SET_VRING_CALL(r1, 0x4008af21, &(0x7f0000000500)={0x3, r2}) r4 = getpgid(0xffffffffffffffff) setpriority(0x1, r4, 0x5) r5 = getpgrp(0x0) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000280)={0xffffffffffffffff, r1, 0x0, 0xf, &(0x7f0000000240)='wlan0\\}md5sum#\x00'}, 0x30) setpgid(r5, r6) vmsplice(r3, &(0x7f00000008c0)=[{&(0x7f0000000800)="50e005e6815dc6b00b10002c519c66795de0d52fc076f1eb6a9c58cde88a6eef0093b24a178e84740aa6d1618e2033d38d4aea0fb17cda768820a83864ac14405192e4549c3ad33fca5d187507c5a984d6a0c72683e7af2d4a070000000000000005b6d0dce139e4c627395426a1f6fc0b416f7163eb07000000d9e0203181735ccac1e530c361262a0a5e0a98e9ca3d17f2f2f0c116fa9fbdbe757d93e323d17f29", 0xa2}], 0x1, 0xf) ioctl$EVIOCGEFFECTS(r1, 0x80044584, &(0x7f0000000580)=""/190) mq_notify(r1, &(0x7f0000000540)={0x0, 0x1c, 0x7, @thr={&(0x7f0000000440)="4c272be7ad31b92a7819bd4438656080ec27849a76ffa174b3fe114201140a34e5e6cb4d6a3ab9bcdc80a2717dd8542f33caa13b8c9cb9f5d11d4c66dc81779917000c05979ce491010f7259d0ecdb80fb30d6cba6e2b753ac23635fbb3d879cc2982fb4bbe1afcea02f12d11d43e1337c25411ae04bd8efc06636c455e15689c75b95c24f0dbdd30bdf91f2313a3e39b263ff5196302f1880765440d8b1", 0x0}}) accept4$inet(0xffffffffffffffff, &(0x7f00000000c0), &(0x7f0000000100)=0x10, 0x0) setsockopt$sock_int(r0, 0x1, 0x3c, &(0x7f0000d4effc)=0x1, 0x4) remap_file_pages(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x4, 0xa1, 0x40001) connect$inet(r0, &(0x7f00000002c0)={0x2, 0x4e20, @local}, 0x10) ioctl$FS_IOC_FSSETXATTR(r2, 0x401c5820, &(0x7f0000000200)={0x6d, 0x7fff, 0x400, 0x40, 0x4}) sendmmsg(r0, &(0x7f00000010c0)=[{{&(0x7f0000000bc0)=@in6={0xa, 0x0, 0x8000a0ffffffff, @mcast1}, 0x80, &(0x7f0000000d40), 0x2fb, &(0x7f0000000d80)}}], 0x4000000000001b4, 0x40400d4) 00:55:03 executing program 3: syz_open_dev$mice(0x0, 0x0, 0x0) r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000400)="2f6a7374617400c65381b47aaedf2af5c8af3423fc41891bd2a3c56d8c88e29bad43f1da906e855ff182de04227edcbbc2b1df8f180e158e8abd442cc049cffda030ff277875ee010000000000000000000000000000000000000000000000f532144d1671a6cdf5069e5bddcf25cd7f23956b4a82df900f5eb5763b4fe8cc7172962d2590b2dca2a1308c382541b053194d9027d83ee7ba2e3280857f8f9f63fc90bae959c6e67078bf97e615bfd9409914958aadcfb37973543c60d83526e5c267f7dfa54bd524cc9671dedd665199322bdadee125a35b40b7be0c07301f439a7edfa26fa98277c8078b02e2076291c33787c58b0eabbc39288fc10509409de108f5ca26a8c8e1afb70b2a9569cf8f4cdb6d4e97eb7fdf241dee160e6071618333cc0b0e8bc6a17a0b7d604550fd149ad078ffe54c6392fba29015a3ae73774cd12c9c0ed251a7cf843d712d", 0x2761, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)=ANY=[], &(0x7f00000001c0)='GPL\x00'}, 0x48) r1 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x2761, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r1, 0x4030582a, &(0x7f0000000000)) fcntl$F_SET_RW_HINT(r1, 0x40c, &(0x7f0000000080)=0x4) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000840), 0x0, &(0x7f0000000700)}, 0x0) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x20000000000000, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x4030582a, &(0x7f0000000000)) 00:55:03 executing program 4: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000280)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000480)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) read$FUSE(r0, &(0x7f0000003000), 0x4ea) write$FUSE_INIT(r0, &(0x7f0000000600)={0x50, 0x0, 0x2, {0x7, 0x1c, 0x10, 0x0, 0x7ff}}, 0x50) 00:55:03 executing program 5: r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl(r0, 0x8, &(0x7f0000000100)="1d76ab2aff0fc21d55a89aca7c9f93056982068b0fb09a1d5b195bbc372aafd14361513d8229e5172b6a20ed074b415d38aa90e05ab5ed28756b2f2bbdfbb82741fc2e1b8bd707251168ad739a6f839db443d4306e5268b503ab2f7413dff3530ec09444c9fb09472394db87e56deb08741a36dcb097380e11122b965b7d86aee5287cfa19ef5baa54e982d2e8efb7ce0d3d129a19b7272df660cf672c1ff1b867ac18082ded82872cf978d2f36d23866d0b8a4cd0") add_key$user(&(0x7f0000000040)='user\x00', 0x0, &(0x7f0000000380), 0x0, 0xfffffffffffffffe) keyctl$update(0x2, 0x0, 0x0, 0x0) r1 = syz_open_dev$swradio(&(0x7f00000000c0)='/dev/swradio#\x00', 0xffffffffffffffff, 0x2) mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xfffffffffffffffd, 0x11, r1, 0x0) setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_REM(r1, 0x84, 0x65, &(0x7f0000000080)=[@in6={0xa, 0x4e20, 0x7, @dev={0xfe, 0x80, [], 0x19}, 0xc}, @in={0x2, 0x4e23, @local}], 0x2c) ioctl$ASHMEM_GET_SIZE(0xffffffffffffffff, 0x7704, 0x0) setsockopt$bt_BT_DEFER_SETUP(r1, 0x112, 0x7, &(0x7f0000000000)=0x8, 0x4) 00:55:03 executing program 1: request_key(&(0x7f0000000000)='rxrpc\x00', &(0x7f0000000040)={'syz', 0x0}, &(0x7f0000000080)='/dev/swradio#\x00', 0xfffffffffffffffa) r0 = request_key(&(0x7f0000000100)='syzkaller\x00', &(0x7f0000000140)={'syz', 0x2}, &(0x7f0000000180)='/dev/swradio#\x00', 0x0) r1 = add_key$user(0x0, 0x0, 0x0, 0xfffffea1, r0) openat$userio(0xffffffffffffff9c, &(0x7f0000000240)='/dev/userio\x00', 0x56c7a5ea92ffc905, 0x0) keyctl$update(0x2, r1, &(0x7f00000001c0), 0x0) r2 = syz_open_dev$swradio(&(0x7f00000000c0)='/dev/swradio#\x00', 0xffffffffffffffff, 0x2) ioctl$PPPIOCSFLAGS(r2, 0x40047459, &(0x7f0000000200)) mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x4012, r2, 0x0) ioctl$TUNSETLINK(r2, 0x400454cd, 0x10f) ioctl$KVM_DEASSIGN_PCI_DEVICE(r2, 0x4040ae72, &(0x7f00000001c0)={0xfdb, 0x1ff, 0x7fff, 0x7, 0x1}) mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0xfe00000000000000, 0x11, r2, 0x0) 00:55:03 executing program 2: add_key$user(&(0x7f0000000040)='user\x00', &(0x7f0000000000)={'syz'}, &(0x7f0000000380)='X', 0x1, 0xfffffffffffffffe) getsockopt$IP_VS_SO_GET_VERSION(0xffffffffffffffff, 0x0, 0x480, 0x0, 0x0) r0 = syz_open_dev$swradio(&(0x7f00000000c0)='/dev/swradio#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000340)={0x0, 0x9, 0x1, {0xb, @pix={0x0, 0x1f}}}) mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xfffffffffffffffd, 0x11, r0, 0x0) clone(0x0, &(0x7f0000000080), &(0x7f0000000000), &(0x7f0000915ffc), &(0x7f0000000180)) ioctl$ASHMEM_GET_SIZE(0xffffffffffffffff, 0x7704, 0x0) add_key$user(&(0x7f0000000240)='user\x00', &(0x7f0000000540)={'syz'}, &(0x7f0000000600)="63bbdf5b932bb04481028798fd5fb1bf7183b30984e21c3eb3094d70650ee8624e2bdce1427bd61c8e222dbd67d402b7ccaf0c5dc50030ee14d419fa9c84b0ffd1019f1b2ae022a0f182301f9942566e6f61eabe384c732d0813a18bb3dc9f3a678d9d44e6293e786ab2e6d28f236c138d63fe4f6ece6f3d04", 0x79, 0xfffffffffffffffd) openat$autofs(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/autofs\x00', 0x401, 0x0) 00:55:03 executing program 2: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getsockopt$IP_VS_SO_GET_VERSION(0xffffffffffffffff, 0x0, 0x480, 0x0, 0x0) r0 = syz_open_dev$swradio(&(0x7f00000000c0)='/dev/swradio#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000340)={0x0, 0x9, 0x1, {0xb, @pix={0x0, 0x1f}}}) mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xfffffffffffffffd, 0x11, r0, 0x0) clone(0x0, &(0x7f0000000080), &(0x7f0000000000), &(0x7f0000915ffc), &(0x7f0000000180)) ioctl$ASHMEM_GET_SIZE(0xffffffffffffffff, 0x7704, 0x0) add_key$user(&(0x7f0000000240)='user\x00', &(0x7f0000000540)={'syz'}, &(0x7f0000000600)="63bbdf5b932bb04481028798fd5fb1bf7183b30984e21c3eb3094d70650ee8624e2bdce1427bd61c8e222dbd67d402b7ccaf0c5dc50030ee14d419fa9c84b0ffd1019f1b2ae022a0f182301f9942566e6f61eabe384c732d0813a18bb3dc9f3a678d9d44e6293e786ab2e6d28f236c138d63fe4f6ece6f3d04", 0x79, 0xfffffffffffffffd) openat$autofs(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/autofs\x00', 0x401, 0x0) 00:55:03 executing program 5: r0 = add_key(&(0x7f0000000080)='.request_key_auth\x00', &(0x7f0000000280)={'syz', 0x2}, &(0x7f00000002c0)="03ff6d7f1fa7b810c1e0eda916a0024a1dccd0d63f0c882708edc4be13d24d487a22086c77d3195eac18938b94d7c1d001070f67e172144055f7d1f88c8f46bf62e73ea043f8102fc2f5918bdf31f3fbe616afa0e6f3ea1529d28671b9584058601977909b03ab96aae7c3a886094dc17d2abba24e5d51d1c20d4335d289f1ea744aecac1303068f9e7111a5ad1164cc9b48113b1f24b42043f3a7945ce8ffd2aba6c5ee3abeccf8e7cec226e4708a65a327c18d48041c877c80430268ce9031fcf1c6be5790c6354d07fac4c7a8e438ad66ce8bad786f", 0xd7, 0xfffffffffffffffc) add_key$user(&(0x7f0000000000)='user\x00', 0x0, &(0x7f00000001c0)="71ff2f91358785c08ab6710d7a1483d62753c5192ea8c93d22ae1c9b49b89afe65cb41a2d0bccb33bbf4fc8c1131cd58f6cdb44e624999ab30c2fcbaaa7f0df4f73504c624e2df8311315875ac2f46cab9dbbe217e91deaee37e352ea5212fa2ef59630da7663102c388beff51d6bddd9bb3b94d2e1a36baa48c9eb6521f0e1338824c9785c5be9e8662052e7c8274aaa727cff28d020b125ec21e2e37c5af65014631b7", 0xa4, r0) keyctl$update(0x2, 0x0, 0x0, 0x0) r1 = syz_open_dev$video(&(0x7f0000000040)='/dev/video#\x00', 0x1, 0x0) ioctl$VIDIOC_S_FREQUENCY(r1, 0x402c5639, &(0x7f0000000100)={0x5, 0x2, 0x100}) r2 = syz_open_dev$swradio(&(0x7f00000000c0)='/dev/swradio#\x00', 0xffffffffffffffff, 0x2) mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xfffffffffffffffd, 0x11, r2, 0x0) ioctl$ASHMEM_GET_SIZE(0xffffffffffffffff, 0x7704, 0x0) 00:55:03 executing program 3: syz_open_dev$mice(0x0, 0x0, 0x0) r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000400)="2f6a7374617400c65381b47aaedf2af5c8af3423fc41891bd2a3c56d8c88e29bad43f1da906e855ff182de04227edcbbc2b1df8f180e158e8abd442cc049cffda030ff277875ee010000000000000000000000000000000000000000000000f532144d1671a6cdf5069e5bddcf25cd7f23956b4a82df900f5eb5763b4fe8cc7172962d2590b2dca2a1308c382541b053194d9027d83ee7ba2e3280857f8f9f63fc90bae959c6e67078bf97e615bfd9409914958aadcfb37973543c60d83526e5c267f7dfa54bd524cc9671dedd665199322bdadee125a35b40b7be0c07301f439a7edfa26fa98277c8078b02e2076291c33787c58b0eabbc39288fc10509409de108f5ca26a8c8e1afb70b2a9569cf8f4cdb6d4e97eb7fdf241dee160e6071618333cc0b0e8bc6a17a0b7d604550fd149ad078ffe54c6392fba29015a3ae73774cd12c9c0ed251a7cf843d712d", 0x2761, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)=ANY=[], &(0x7f00000001c0)='GPL\x00'}, 0x48) r1 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x2761, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r1, 0x4030582a, &(0x7f0000000000)) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000840), 0x0, &(0x7f0000000700)}, 0x0) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x4030582a, &(0x7f0000000000)) ioctl$EVIOCSKEYCODE(r1, 0x40084504, &(0x7f0000000080)=[0x100000000, 0x2]) r2 = syz_genetlink_get_family_id$nbd(&(0x7f0000000100)='nbd\x00') sendmsg$NBD_CMD_DISCONNECT(r1, &(0x7f0000000280)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0xa0}, 0xc, &(0x7f0000000140)={&(0x7f0000000200)={0x58, r2, 0x800, 0x70bd26, 0x25dfdbfb, {}, [@NBD_ATTR_DEAD_CONN_TIMEOUT={0xc, 0x8, 0x7fff}, @NBD_ATTR_DEAD_CONN_TIMEOUT={0xc, 0x8, 0x3}, @NBD_ATTR_CLIENT_FLAGS={0xc, 0x6, 0x1}, @NBD_ATTR_INDEX={0x8, 0x1, 0x0}, @NBD_ATTR_TIMEOUT={0xc, 0x4, 0x3ff}, @NBD_ATTR_SIZE_BYTES={0xc, 0x2, 0x8}]}, 0x58}, 0x1, 0x0, 0x0, 0x8000}, 0x0) 00:55:03 executing program 1: r0 = add_key$user(0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe) keyctl$update(0x2, r0, &(0x7f0000000440), 0x0) r1 = syz_open_dev$swradio(&(0x7f00000000c0)='/dev/swradio#\x00', 0xffffffffffffffff, 0x2) mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xfffffffffffffffd, 0x11, r1, 0x0) openat$null(0xffffffffffffff9c, &(0x7f0000000000)='/dev/null\x00', 0x121400, 0x0) fanotify_init(0x0, 0xc8000) 00:55:03 executing program 4: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000280)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000480)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) read$FUSE(r0, &(0x7f0000003000), 0x4ea) write$FUSE_INIT(r0, &(0x7f0000000600)={0x50, 0x0, 0x2, {0x7, 0x1c, 0xc00000000000000, 0x0, 0x7ff}}, 0x50) 00:55:03 executing program 5: add_key$user(&(0x7f0000000040)='user\x00', 0x0, &(0x7f0000000380), 0x0, 0xfffffffffffffffe) keyctl$update(0x2, 0x0, 0x0, 0x0) r0 = getpgid(0x0) r1 = syz_open_dev$mouse(&(0x7f0000000080)='/dev/input/mouse#\x00', 0x8, 0x10000) ioctl$DRM_IOCTL_GET_UNIQUE(r1, 0xc0106401, &(0x7f0000000200)={0x80, &(0x7f0000000180)=""/128}) perf_event_open(&(0x7f0000000100)={0x3, 0x70, 0x9, 0xc7, 0x5, 0x3, 0x0, 0x0, 0xadd7f3808fab863c, 0x0, 0x200, 0x8, 0x80, 0x200, 0x800, 0x5, 0x8000, 0x8000, 0x7fff, 0x3, 0xfff, 0x8, 0xffffffff, 0x7, 0x8, 0x6, 0x20, 0x8, 0x1, 0x1000, 0x2, 0x4, 0x3, 0x4, 0xf549, 0x1, 0x7fff, 0x3, 0x0, 0x0, 0x1, @perf_bp={&(0x7f0000000000), 0x2}, 0x204, 0x6c, 0x1f, 0x0, 0x10000, 0xfffffffffffffff9, 0x7}, r0, 0x8, r1, 0x1) ioctl$ASHMEM_PURGE_ALL_CACHES(r1, 0x770a, 0x0) r2 = syz_open_dev$swradio(&(0x7f00000000c0)='/dev/swradio#\x00', 0xffffffffffffffff, 0x2) mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x8b0678577013f953, 0x11, r2, 0x0) ioctl$ASHMEM_GET_SIZE(r1, 0x7704, 0x0) [ 769.369219] syz-executor0 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=1000 [ 769.380590] syz-executor0 cpuset=syz0 mems_allowed=0 [ 769.385862] CPU: 1 PID: 21268 Comm: syz-executor0 Not tainted 4.20.0-rc1-next-20181109+ #110 [ 769.394443] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 769.403779] Call Trace: [ 769.406365] dump_stack+0x244/0x39d [ 769.409993] ? dump_stack_print_info.cold.1+0x20/0x20 [ 769.415173] ? mark_held_locks+0x130/0x130 [ 769.419399] ? mark_held_locks+0x130/0x130 [ 769.423622] dump_header+0x27b/0xf72 [ 769.427331] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 769.432859] ? pagefault_out_of_memory+0x197/0x197 [ 769.437799] ? debug_smp_processor_id+0x1c/0x20 [ 769.442498] ? perf_trace_lock_acquire+0x15b/0x800 [ 769.447420] ? perf_trace_lock+0x7a0/0x7a0 [ 769.451644] ? graph_lock+0x270/0x270 [ 769.455435] ? print_usage_bug+0xc0/0xc0 [ 769.459493] ? find_held_lock+0x36/0x1c0 [ 769.463560] ? mark_held_locks+0xc7/0x130 [ 769.467716] ? _raw_spin_unlock_irqrestore+0x82/0xd0 [ 769.472806] ? _raw_spin_unlock_irqrestore+0x82/0xd0 [ 769.477897] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 769.482469] ? trace_hardirqs_on+0xbd/0x310 [ 769.486780] ? kasan_check_read+0x11/0x20 [ 769.490914] ? ___ratelimit+0x3b4/0x672 [ 769.494872] ? trace_hardirqs_off_caller+0x300/0x300 [ 769.499960] ? trace_hardirqs_on+0x310/0x310 [ 769.504357] ? lock_downgrade+0x900/0x900 [ 769.508520] ? _raw_spin_unlock_irqrestore+0x6d/0xd0 [ 769.513621] ? ___ratelimit+0x3b9/0x672 [ 769.517583] ? idr_get_free+0xf70/0xf70 [ 769.521550] oom_kill_process.cold.27+0x10/0x903 [ 769.526302] ? _raw_spin_unlock_irq+0x56/0x80 [ 769.530787] ? oom_evaluate_task+0x540/0x540 [ 769.535191] ? cgroup_procs_next+0x70/0x70 [ 769.539413] ? _raw_spin_unlock_irq+0x60/0x80 [ 769.543898] ? oom_badness+0xaa0/0xaa0 [ 769.547785] ? mem_cgroup_scan_tasks+0x1c3/0x1e0 [ 769.552533] ? mem_cgroup_iter_break+0x30/0x30 [ 769.557112] ? mark_held_locks+0xc7/0x130 [ 769.561250] out_of_memory+0xa7f/0x1430 [ 769.565217] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 769.569788] ? kasan_check_read+0x11/0x20 [ 769.573934] ? oom_killer_disable+0x3a0/0x3a0 [ 769.578432] mem_cgroup_out_of_memory+0x15e/0x210 [ 769.583268] ? memory_oom_group_write+0x160/0x160 [ 769.588103] ? mem_cgroup_try_charge+0x627/0xe20 [ 769.592850] ? page_counter_try_charge+0x1c1/0x220 [ 769.597770] try_charge+0xdcd/0x1720 [ 769.601472] ? kasan_check_read+0x11/0x20 [ 769.605623] ? mem_cgroup_from_task+0x1f0/0x1f0 [ 769.610288] ? get_mem_cgroup_from_mm.part.62+0x221/0x880 [ 769.615812] ? lock_page_memcg+0x350/0x350 [ 769.620058] ? lock_acquire+0x1ed/0x520 [ 769.624034] ? mem_cgroup_oom_control_write+0x100/0x100 [ 769.629394] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 769.634940] ? check_preemption_disabled+0x48/0x280 [ 769.639944] ? kasan_check_read+0x11/0x20 [ 769.644079] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 769.649340] ? rcu_softirq_qs+0x20/0x20 [ 769.653326] mem_cgroup_try_charge+0x627/0xe20 [ 769.657899] ? mem_cgroup_protected+0xa60/0xa60 [ 769.662558] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 769.668082] ? page_mapping+0x5a2/0xa50 [ 769.672057] ? page_evictable+0x2de/0x540 [ 769.676193] ? check_preemption_disabled+0x48/0x280 [ 769.681203] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 769.686734] mem_cgroup_try_charge_delay+0x1d/0xa0 [ 769.691654] wp_page_copy+0x51d/0x24f0 [ 769.695535] ? follow_pfn+0x2e0/0x2e0 [ 769.699334] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 769.704856] ? reuse_swap_page+0x4bd/0x1520 [ 769.709166] ? swp_swapcount+0x530/0x530 [ 769.713243] ? perf_trace_mm_lru_insertion+0x1490/0x1490 [ 769.718698] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 769.723448] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 769.728899] ? print_usage_bug+0xc0/0xc0 [ 769.732964] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 769.737714] ? graph_lock+0x270/0x270 [ 769.741504] ? print_usage_bug+0xc0/0xc0 [ 769.745555] ? mark_page_accessed+0xf88/0x2040 [ 769.750143] ? mark_page_accessed+0xf97/0x2040 [ 769.754725] ? __sanitizer_cov_trace_pc+0x8/0x50 [ 769.759475] ? find_held_lock+0x36/0x1c0 [ 769.763528] ? do_wp_page+0x518/0x2920 [ 769.767402] ? lock_downgrade+0x900/0x900 [ 769.771537] ? wake_up_page_bit+0x6f0/0x6f0 [ 769.775852] ? kasan_check_read+0x11/0x20 [ 769.779983] ? do_raw_spin_unlock+0xa7/0x330 [ 769.784377] ? do_raw_spin_trylock+0x270/0x270 [ 769.788944] ? __pte_alloc_kernel+0x220/0x220 [ 769.793424] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 769.798859] ? perf_trace_lock_acquire+0x15b/0x800 [ 769.803777] do_wp_page+0x520/0x2920 [ 769.807481] ? check_preemption_disabled+0x48/0x280 [ 769.812489] ? finish_mkwrite_fault+0x650/0x650 [ 769.817151] ? perf_trace_lock+0x7a0/0x7a0 [ 769.821375] ? __sanitizer_cov_trace_const_cmp2+0x20/0x20 [ 769.826900] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 769.832430] ? __lock_acquire+0x62f/0x4c20 [ 769.836672] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 769.841437] ? mark_held_locks+0x130/0x130 [ 769.845660] ? follow_page_pte+0xdd7/0x1ab0 [ 769.849971] ? lock_downgrade+0x900/0x900 [ 769.854110] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 769.859635] ? check_preemption_disabled+0x48/0x280 [ 769.864637] ? debug_smp_processor_id+0x1c/0x20 [ 769.869304] ? perf_trace_lock_acquire+0x15b/0x800 [ 769.874240] ? follow_page_pte+0x4f9/0x1ab0 [ 769.878554] ? print_usage_bug+0xc0/0xc0 [ 769.882606] ? undo_dev_pagemap+0x680/0x680 [ 769.886941] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 769.891623] ? retint_kernel+0x2d/0x2d [ 769.895501] ? trace_hardirqs_on_caller+0xc0/0x310 [ 769.900517] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 769.905272] ? __lock_acquire+0x62f/0x4c20 [ 769.909495] ? lock_acquire+0x1ed/0x520 [ 769.913471] ? __handle_mm_fault+0x1fa9/0x5be0 [ 769.918051] ? kasan_check_write+0x14/0x20 [ 769.922285] ? do_raw_spin_lock+0x14f/0x350 [ 769.926602] ? rwlock_bug.part.2+0x90/0x90 [ 769.930836] ? pmd_devmap_trans_unstable+0x134/0x220 [ 769.935934] __handle_mm_fault+0x3be9/0x5be0 [ 769.940332] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 769.945165] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 769.949743] ? retint_kernel+0x2d/0x2d [ 769.953617] ? trace_hardirqs_on_caller+0xc0/0x310 [ 769.958533] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 769.963293] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 769.968732] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 769.974273] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 769.978843] ? retint_kernel+0x2d/0x2d [ 769.982726] ? trace_hardirqs_on_caller+0xc0/0x310 [ 769.987640] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 769.992379] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 769.997131] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 770.002576] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 770.007325] ? retint_kernel+0x2d/0x2d [ 770.011222] handle_mm_fault+0x54f/0xc70 [ 770.015280] ? __handle_mm_fault+0x5be0/0x5be0 [ 770.019851] ? __get_user_pages+0x964/0x1ed0 [ 770.024259] __get_user_pages+0xa3d/0x1ed0 [ 770.028519] ? follow_page_mask+0x2160/0x2160 [ 770.033000] ? mark_held_locks+0xc7/0x130 [ 770.037141] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 770.041894] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 770.046465] ? retint_kernel+0x2d/0x2d [ 770.050340] ? trace_hardirqs_on_caller+0xc0/0x310 [ 770.055265] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 770.059839] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 770.064584] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 770.070021] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 770.075456] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 770.080202] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 770.084947] ? retint_kernel+0x2d/0x2d [ 770.088835] populate_vma_page_range+0x2db/0x3d0 [ 770.093595] ? follow_page+0x420/0x420 [ 770.097471] ? find_vma+0x34/0x190 [ 770.101002] __mm_populate+0x286/0x4d0 [ 770.104883] ? populate_vma_page_range+0x3d0/0x3d0 [ 770.109804] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 770.115348] ? ns_capable_common+0x13f/0x170 [ 770.119745] __x64_sys_mlockall+0x45b/0x630 [ 770.124065] ? __ia32_sys_munlock+0x160/0x160 [ 770.128545] ? retint_kernel+0x2d/0x2d [ 770.132422] ? __ia32_sys_munlock+0x160/0x160 [ 770.136904] do_syscall_64+0x1b9/0x820 [ 770.140778] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 770.146140] ? syscall_return_slowpath+0x5e0/0x5e0 [ 770.151097] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 770.155928] ? trace_hardirqs_on_caller+0x310/0x310 [ 770.160944] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 770.165958] ? prepare_exit_to_usermode+0x291/0x3b0 [ 770.170965] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 770.175804] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 770.180976] RIP: 0033:0x457569 [ 770.184165] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 770.203052] RSP: 002b:00007f835d885c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097 [ 770.210855] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 0000000000457569 [ 770.218108] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 770.225363] RBP: 000000000072bfa0 R08: 0000000000000000 R09: 0000000000000000 [ 770.232617] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f835d8866d4 [ 770.239870] R13: 00000000004c2b54 R14: 00000000004d4810 R15: 00000000ffffffff [ 770.253671] Task in /syz0 killed as a result of limit of /syz0 [ 770.259953] memory: usage 307200kB, limit 307200kB, failcnt 2530 [ 770.266355] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 770.273265] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 770.279519] Memory cgroup stats for /syz0: cache:144KB rss:297592KB rss_huge:266240KB shmem:28KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:63760KB active_anon:17092KB inactive_file:0KB active_file:0KB unevictable:216832KB [ 770.301388] Memory cgroup out of memory: Kill process 21222 (syz-executor0) score 1216 or sacrifice child [ 770.311843] Killed process 21270 (syz-executor0) total-vm:70468kB, anon-rss:18068kB, file-rss:32768kB, shmem-rss:0kB [ 770.328111] oom_reaper: reaped process 21270 (syz-executor0), now anon-rss:0kB, file-rss:32768kB, shmem-rss:0kB 00:55:06 executing program 0: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000000)=0x102, 0x4) bind$inet(r0, &(0x7f0000942000)={0x2, 0x4e20, @multicast1}, 0x10) getsockopt$IP_VS_SO_GET_SERVICE(r0, 0x0, 0x483, &(0x7f0000000300), &(0x7f00000000c0)=0xfe18) r1 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000400)='/dev/vga_arbiter\x00', 0x3fc, 0x0) getsockopt$IP6T_SO_GET_REVISION_MATCH(r1, 0x29, 0x44, &(0x7f0000000180)={'NETMAP\x00'}, &(0x7f00000001c0)=0x1e) mlockall(0x1) clone(0x0, 0x0, 0xfffffffffffffffe, &(0x7f0000000080), 0xffffffffffffffff) r2 = open(&(0x7f0000000140)='./file0\x00', 0x0, 0x99) exit(0x7fffffffbffefffd) r3 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mlockall(0x3) ioctl$VHOST_SET_VRING_CALL(r1, 0x4008af21, &(0x7f0000000500)={0x3, r2}) r4 = getpgid(0xffffffffffffffff) setpriority(0x1, r4, 0x5) r5 = getpgrp(0x0) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000280)={0xffffffffffffffff, r1, 0x0, 0xf, &(0x7f0000000240)='wlan0\\}md5sum#\x00'}, 0x30) setpgid(r5, r6) vmsplice(r3, &(0x7f00000008c0)=[{&(0x7f0000000800)="50e005e6815dc6b00b10002c519c66795de0d52fc076f1eb6a9c58cde88a6eef0093b24a178e84740aa6d1618e2033d38d4aea0fb17cda768820a83864ac14405192e4549c3ad33fca5d187507c5a984d6a0c72683e7af2d4a070000000000000005b6d0dce139e4c627395426a1f6fc0b416f7163eb07000000d9e0203181735ccac1e530c361262a0a5e0a98e9ca3d17f2f2f0c116fa9fbdbe757d93e323d17f29", 0xa2}], 0x1, 0xf) ioctl$EVIOCGEFFECTS(r1, 0x80044584, &(0x7f0000000580)=""/190) mq_notify(r1, &(0x7f0000000540)={0x0, 0x1c, 0x7, @thr={&(0x7f0000000440)="4c272be7ad31b92a7819bd4438656080ec27849a76ffa174b3fe114201140a34e5e6cb4d6a3ab9bcdc80a2717dd8542f33caa13b8c9cb9f5d11d4c66dc81779917000c05979ce491010f7259d0ecdb80fb30d6cba6e2b753ac23635fbb3d879cc2982fb4bbe1afcea02f12d11d43e1337c25411ae04bd8efc06636c455e15689c75b95c24f0dbdd30bdf91f2313a3e39b263ff5196302f1880765440d8b1", 0x0}}) accept4$inet(0xffffffffffffffff, &(0x7f00000000c0), &(0x7f0000000100)=0x10, 0x0) setsockopt$sock_int(r0, 0x1, 0x3c, &(0x7f0000d4effc)=0x1, 0x4) remap_file_pages(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x4, 0xa1, 0x40001) connect$inet(r0, &(0x7f00000002c0)={0x2, 0x4e20, @local}, 0x10) ioctl$FS_IOC_FSSETXATTR(r2, 0x401c5820, &(0x7f0000000200)={0x6d, 0x7fff, 0x400, 0x40, 0x4}) sendmmsg(r0, &(0x7f00000010c0)=[{{&(0x7f0000000bc0)=@in6={0xa, 0x0, 0xffffff7f00000000, @mcast1}, 0x80, &(0x7f0000000d40), 0x2fb, &(0x7f0000000d80)}}], 0x4000000000001b4, 0x40400d4) 00:55:06 executing program 1: r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000240)='/dev/audio\x00', 0x101000, 0x0) setsockopt$netlink_NETLINK_RX_RING(r0, 0x10e, 0x6, &(0x7f0000000040)={0xed52, 0x6, 0x3, 0x7}, 0x10) r1 = add_key$user(0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe) getsockopt$inet_sctp6_SCTP_GET_PEER_ADDR_INFO(r0, 0x84, 0xf, &(0x7f0000000100)={0x0, @in6={{0xa, 0x4e20, 0x7fffffff, @mcast2, 0x7}}, 0x8, 0x3, 0x1, 0x2, 0x9d6}, &(0x7f0000000080)=0x98) setsockopt$inet_sctp_SCTP_STREAM_SCHEDULER(r0, 0x84, 0x7b, &(0x7f00000001c0)={r2, 0x100000000}, 0x8) keyctl$update(0x2, r1, &(0x7f0000000440), 0xffffffd9) ioctl$sock_inet_SIOCRTMSG(r0, 0x890d, &(0x7f0000000280)={0xc4, {0x2, 0x4e21}, {0x2, 0x4e22, @loopback}, {0x2, 0x4e23}, 0x111, 0x5, 0x10001, 0x7fff, 0x8, &(0x7f0000000000)='ip_vti0\x00', 0xfff, 0xbe4, 0x5b38}) r3 = syz_open_dev$swradio(&(0x7f00000000c0)='/dev/swradio#\x00', 0xffffffffffffffff, 0x2) ioctl$DRM_IOCTL_SET_MASTER(r3, 0x641e) write$nbd(r0, &(0x7f0000000300)={0x67446698, 0x0, 0x4, 0x3, 0x3, "93646c3964e9818459aeae9bede9e039e129800253ded5e06b1ed854503f6f0a5db8929a393e202022e6cb2dc017663c7841e0475862a3845d08bf122a1b81355a"}, 0x51) mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xfffffffffffffffd, 0x11, r3, 0x0) 00:55:06 executing program 4: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000280)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000480)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) read$FUSE(r0, &(0x7f0000003000), 0x4ea) write$FUSE_INIT(r0, &(0x7f0000000600)={0x50, 0x0, 0x2, {0x7, 0x1c, 0x800000000000000, 0x0, 0x7ff}}, 0x50) 00:55:06 executing program 5: add_key$user(&(0x7f0000000040)='user\x00', 0x0, &(0x7f0000000080), 0x0, 0xfffffffffffffffc) keyctl$update(0x2, 0x0, 0x0, 0x0) socketpair$packet(0x11, 0x3, 0x300, &(0x7f0000000000)={0xffffffffffffffff}) write$binfmt_aout(r0, &(0x7f0000000100)={{0x0, 0x20, 0x5, 0x3dd, 0x348, 0x8, 0x160, 0x5d}, "2df0250cae00e339962f077345531bcaade811a9a29c652b88dd076318b4db910a3cced9d4f2b3d714e5ec8ae3e419e4a24fb7f243f4"}, 0x56) r1 = syz_open_dev$swradio(&(0x7f00000000c0)='/dev/swradio#\x00', 0xffffffffffffffff, 0x2) mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xfffffffffffffffd, 0x11, r1, 0x0) ioctl$ASHMEM_GET_SIZE(0xffffffffffffffff, 0x7704, 0x0) 00:55:06 executing program 2: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getsockopt$IP_VS_SO_GET_VERSION(0xffffffffffffffff, 0x0, 0x480, 0x0, 0x0) r0 = syz_open_dev$swradio(&(0x7f00000000c0)='/dev/swradio#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000340)={0x0, 0x9, 0x1, {0xb, @pix={0x0, 0x1f}}}) mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xfffffffffffffffd, 0x11, r0, 0x0) clone(0x0, &(0x7f0000000080), &(0x7f0000000000), &(0x7f0000915ffc), &(0x7f0000000180)) ioctl$ASHMEM_GET_SIZE(0xffffffffffffffff, 0x7704, 0x0) add_key$user(&(0x7f0000000240)='user\x00', &(0x7f0000000540)={'syz'}, &(0x7f0000000600)="63bbdf5b932bb04481028798fd5fb1bf7183b30984e21c3eb3094d70650ee8624e2bdce1427bd61c8e222dbd67d402b7ccaf0c5dc50030ee14d419fa9c84b0ffd1019f1b2ae022a0f182301f9942566e6f61eabe384c732d0813a18bb3dc9f3a678d9d44e6293e786ab2e6d28f236c138d63fe4f6ece6f3d04", 0x79, 0xfffffffffffffffd) openat$autofs(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/autofs\x00', 0x401, 0x0) 00:55:06 executing program 3: syz_open_dev$mice(0x0, 0x0, 0x0) r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000400)="2f6a7374617400c65381b47aaedf2af5c8af3423fc41891bd2a3c56d8c88e29bad43f1da906e855ff182de04227edcbbc2b1df8f180e158e8abd442cc049cffda030ff277875ee010000000000000000000000000000000000000000000000f532144d1671a6cdf5069e5bddcf25cd7f23956b4a82df900f5eb5763b4fe8cc7172962d2590b2dca2a1308c382541b053194d9027d83ee7ba2e3280857f8f9f63fc90bae959c6e67078bf97e615bfd9409914958aadcfb37973543c60d83526e5c267f7dfa54bd524cc9671dedd665199322bdadee125a35b40b7be0c07301f439a7edfa26fa98277c8078b02e2076291c33787c58b0eabbc39288fc10509409de108f5ca26a8c8e1afb70b2a9569cf8f4cdb6d4e97eb7fdf241dee160e6071618333cc0b0e8bc6a17a0b7d604550fd149ad078ffe54c6392fba29015a3ae73774cd12c9c0ed251a7cf843d712d", 0x2761, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)=ANY=[], &(0x7f00000001c0)='GPL\x00'}, 0x48) r1 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x2761, 0x0) write$P9_RSYMLINK(r1, &(0x7f0000000080)={0x14, 0x11, 0x2, {0x2, 0x1, 0x1}}, 0x14) ioctl$PERF_EVENT_IOC_PERIOD(r1, 0x4030582a, &(0x7f0000000000)) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000840), 0x0, &(0x7f0000000700)}, 0x0) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x4030582a, &(0x7f0000000000)) 00:55:06 executing program 4: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000280)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000480)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) read$FUSE(r0, &(0x7f0000003000), 0x4ea) write$FUSE_INIT(r0, &(0x7f0000000600)={0x50, 0x0, 0x2, {0x7, 0x1c, 0x8000a0ffffffff, 0x0, 0x7ff}}, 0x50) 00:55:06 executing program 1: r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000200)='/dev/sequencer\x00', 0x0, 0x0) ioctl$KVM_GET_FPU(r0, 0x81a0ae8c, &(0x7f0000000240)) r1 = syz_open_dev$media(&(0x7f0000000000)='/dev/media#\x00', 0x0, 0x424080) r2 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000080)='IPVS\x00') getrandom(&(0x7f00000001c0)=""/58, 0x3a, 0x1) sendmsg$IPVS_CMD_SET_CONFIG(r1, &(0x7f0000000180)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x4000400}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x28, r2, 0x318, 0x70bd27, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x7b3}, @IPVS_CMD_ATTR_SERVICE={0xc, 0x1, [@IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}]}]}, 0x28}, 0x1, 0x0, 0x0, 0x840}, 0x10) r3 = add_key$user(0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe) keyctl$update(0x2, r3, &(0x7f0000000440), 0x0) r4 = syz_open_dev$swradio(&(0x7f00000000c0)='/dev/swradio#\x00', 0xffffffffffffffff, 0x2) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0xfffffffffffffffd, 0x11, r4, 0x0) ioctl$sock_bt_bnep_BNEPCONNDEL(r0, 0x400442c9, &(0x7f0000000400)={0x5, @local}) 00:55:06 executing program 5: add_key$user(&(0x7f0000000040)='user\x00', 0x0, &(0x7f0000000380), 0x0, 0xfffffffffffffffe) keyctl$update(0x2, 0x0, 0x0, 0x0) r0 = syz_open_dev$swradio(&(0x7f00000000c0)='/dev/swradio#\x00', 0xffffffffffffffff, 0x2) mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xfffffffffffffffd, 0x11, r0, 0x0) setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000000)='dctcp\x00', 0x6) ioctl$ASHMEM_GET_SIZE(r0, 0x7704, 0x0) ioctl$UI_SET_MSCBIT(r0, 0x40045568, 0x1f) 00:55:06 executing program 4: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000280)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000480)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) read$FUSE(r0, &(0x7f0000003000), 0x4ea) write$FUSE_INIT(r0, &(0x7f0000000600)={0x50, 0x0, 0x2, {0x7, 0x1c, 0xc, 0x0, 0x7ff}}, 0x50) [ 771.648020] syz-executor0 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=1000 00:55:06 executing program 1: r0 = add_key$user(0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe) keyctl$update(0x2, r0, &(0x7f0000000440), 0x0) r1 = syz_open_dev$sndpcmp(&(0x7f0000000000)='/dev/snd/pcmC#D#p\x00', 0x1, 0x0) ioctl$VT_RESIZE(r1, 0x5609, &(0x7f0000000040)={0xfffffffffffffffc, 0x8, 0x3}) r2 = syz_open_dev$swradio(&(0x7f00000000c0)='/dev/swradio#\x00', 0xffffffffffffffff, 0x2) mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xfffffffffffffffd, 0x11, r2, 0x0) 00:55:06 executing program 5: r0 = add_key$user(&(0x7f0000000040)='user\x00', 0x0, &(0x7f0000000380), 0x0, 0xfffffffffffffffe) r1 = add_key(&(0x7f0000000100)='cifs.spnego\x00', &(0x7f0000000140)={'syz', 0x2}, &(0x7f0000000180)="14465d6f11ff7178bcc4ec7d4abbebed8e06f9a617980c99804f62adf3568aaa72975901f7c3e77f9c581176a9581e49072d86375154387b673203e919f7e9792d316dc1fd3cd8be73474fb628cd1328d29a8e067958346e0ec948fa98966b086030115653aa3bfc9a31df4d1a93d56fbf909ba7cf6e0d64cba69c6f727f6eed6d640e04dc7559d905ee069082dcfb484c3bbfcfb2c9ad210a5a6bf474", 0x9d, 0xffffffffffffffff) keyctl$search(0xa, r0, &(0x7f0000000000)='encrypted\x00', &(0x7f0000000080)={'syz', 0x1}, r1) keyctl$update(0x2, 0x0, 0x0, 0x0) syz_open_dev$swradio(&(0x7f00000000c0)='/dev/swradio#\x00', 0xffffffffffffffff, 0x2) ioctl$ASHMEM_GET_SIZE(0xffffffffffffffff, 0x7704, 0x0) [ 771.691504] syz-executor0 cpuset=syz0 mems_allowed=0 [ 771.696763] CPU: 0 PID: 21286 Comm: syz-executor0 Not tainted 4.20.0-rc1-next-20181109+ #110 [ 771.705342] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 771.714699] Call Trace: [ 771.717302] dump_stack+0x244/0x39d [ 771.720951] ? dump_stack_print_info.cold.1+0x20/0x20 [ 771.726178] dump_header+0x27b/0xf72 [ 771.729916] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 771.735480] ? pagefault_out_of_memory+0x197/0x197 [ 771.740418] ? debug_smp_processor_id+0x1c/0x20 [ 771.745108] ? perf_trace_lock_acquire+0x15b/0x800 [ 771.750064] ? perf_trace_lock+0x7a0/0x7a0 [ 771.754331] ? graph_lock+0x270/0x270 [ 771.758149] ? print_usage_bug+0xc0/0xc0 [ 771.762237] ? perf_trace_lock+0x7a0/0x7a0 [ 771.766491] ? find_held_lock+0x36/0x1c0 [ 771.770573] ? mark_held_locks+0xc7/0x130 [ 771.774732] ? _raw_spin_unlock_irqrestore+0x82/0xd0 [ 771.779846] ? _raw_spin_unlock_irqrestore+0x82/0xd0 [ 771.784964] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 771.789554] ? trace_hardirqs_on+0xbd/0x310 [ 771.793871] ? kasan_check_read+0x11/0x20 [ 771.793886] ? ___ratelimit+0x3b4/0x672 [ 771.793904] ? trace_hardirqs_off_caller+0x300/0x300 [ 771.793921] ? trace_hardirqs_on+0x310/0x310 [ 771.793943] ? lock_downgrade+0x900/0x900 [ 771.802060] ? _raw_spin_unlock_irqrestore+0x6d/0xd0 [ 771.802075] ? ___ratelimit+0x3b9/0x672 [ 771.802092] ? idr_get_free+0xf70/0xf70 [ 771.811575] ? _raw_spin_unlock_irq+0x27/0x80 [ 771.811593] ? _raw_spin_unlock_irq+0x27/0x80 [ 771.811619] oom_kill_process.cold.27+0x10/0x903 [ 771.811638] ? _raw_spin_unlock_irq+0x27/0x80 [ 771.820869] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 771.820896] ? oom_evaluate_task+0x540/0x540 [ 771.820911] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 771.820930] ? cgroup_procs_next+0x70/0x70 [ 771.828848] ? _raw_spin_unlock_irq+0x60/0x80 [ 771.837799] ? oom_badness+0xaa0/0xaa0 [ 771.837819] ? mem_cgroup_scan_tasks+0x1c3/0x1e0 [ 771.837838] ? mem_cgroup_iter_break+0x30/0x30 [ 771.847068] ? mark_held_locks+0xc7/0x130 [ 771.847089] out_of_memory+0xa7f/0x1430 [ 771.856048] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 771.856070] ? kasan_check_read+0x11/0x20 [ 771.856097] ? oom_killer_disable+0x3a0/0x3a0 [ 771.866365] mem_cgroup_out_of_memory+0x15e/0x210 [ 771.866386] ? memory_oom_group_write+0x160/0x160 [ 771.915048] ? mem_cgroup_try_charge+0x627/0xe20 [ 771.919843] ? page_counter_try_charge+0x1c1/0x220 [ 771.924795] try_charge+0xdcd/0x1720 [ 771.928524] ? kasan_check_read+0x11/0x20 [ 771.932786] ? mem_cgroup_from_task+0x1f0/0x1f0 [ 771.937483] ? get_mem_cgroup_from_mm.part.62+0x221/0x880 [ 771.943043] ? lock_page_memcg+0x350/0x350 [ 771.947302] ? lock_acquire+0x1ed/0x520 [ 771.951297] ? mem_cgroup_oom_control_write+0x100/0x100 [ 771.956676] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 771.962234] ? check_preemption_disabled+0x48/0x280 [ 771.967274] ? kasan_check_read+0x11/0x20 [ 771.971441] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 771.976723] ? rcu_softirq_qs+0x20/0x20 [ 771.980723] mem_cgroup_try_charge+0x627/0xe20 [ 771.985314] ? undo_dev_pagemap+0x680/0x680 [ 771.989653] ? mem_cgroup_protected+0xa60/0xa60 [ 771.994332] ? __lock_acquire+0x62f/0x4c20 [ 771.994358] ? __handle_mm_fault+0x2da9/0x5be0 [ 771.994381] ? mark_held_locks+0x130/0x130 [ 771.994397] ? do_raw_spin_unlock+0xa7/0x330 [ 772.011829] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 772.017393] mem_cgroup_try_charge_delay+0x1d/0xa0 [ 772.022345] __handle_mm_fault+0x284e/0x5be0 [ 772.026778] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 772.031633] ? __switch_to_asm+0x34/0x70 [ 772.035702] ? perf_trace_lock+0x7a0/0x7a0 [ 772.039937] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 772.045466] ? pmd_huge+0xf4/0x140 [ 772.049001] ? graph_lock+0x270/0x270 [ 772.052785] ? graph_lock+0x270/0x270 [ 772.056590] ? find_held_lock+0x36/0x1c0 [ 772.060643] ? handle_mm_fault+0x42a/0xc70 [ 772.064864] ? lock_downgrade+0x900/0x900 [ 772.068998] ? check_preemption_disabled+0x48/0x280 [ 772.074003] ? kasan_check_read+0x11/0x20 [ 772.078136] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 772.083412] ? rcu_read_unlock_special+0x370/0x370 [ 772.088328] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 772.093848] ? check_preemption_disabled+0x48/0x280 [ 772.098853] handle_mm_fault+0x54f/0xc70 [ 772.102903] ? __handle_mm_fault+0x5be0/0x5be0 [ 772.107470] ? __get_user_pages+0xb6e/0x1ed0 [ 772.111860] ? __get_user_pages+0xcf2/0x1ed0 [ 772.116256] __get_user_pages+0xa3d/0x1ed0 [ 772.120483] ? follow_page_mask+0x2160/0x2160 [ 772.124966] ? debug_smp_processor_id+0x1c/0x20 [ 772.129619] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 772.135152] ? graph_lock+0x270/0x270 [ 772.138932] ? rcu_is_watching+0x30/0x30 [ 772.142978] ? graph_lock+0x270/0x270 [ 772.146765] ? kzfree+0x28/0x30 [ 772.150031] ? lock_acquire+0x1ed/0x520 [ 772.153992] ? __mm_populate+0x31a/0x4d0 [ 772.158042] ? lock_release+0xa10/0xa10 [ 772.162001] ? perf_trace_sched_process_exec+0x860/0x860 [ 772.167551] populate_vma_page_range+0x2db/0x3d0 [ 772.172290] ? follow_page+0x420/0x420 [ 772.176175] ? find_vma+0x34/0x190 [ 772.179706] __mm_populate+0x286/0x4d0 [ 772.183587] ? populate_vma_page_range+0x3d0/0x3d0 [ 772.188519] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 772.194037] ? ns_capable_common+0x13f/0x170 [ 772.198433] __x64_sys_mlockall+0x45b/0x630 [ 772.202741] ? __ia32_sys_munlock+0x160/0x160 [ 772.207222] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 772.212833] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 772.218179] ? trace_hardirqs_off_caller+0x300/0x300 [ 772.223275] do_syscall_64+0x1b9/0x820 [ 772.227150] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 772.232642] ? syscall_return_slowpath+0x5e0/0x5e0 [ 772.237554] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 772.242382] ? trace_hardirqs_on_caller+0x310/0x310 [ 772.247379] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 772.252393] ? prepare_exit_to_usermode+0x291/0x3b0 [ 772.257399] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 772.262231] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 772.267403] RIP: 0033:0x457569 [ 772.270579] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 772.289503] RSP: 002b:00007f835d8a6c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097 [ 772.297191] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 0000000000457569 [ 772.304530] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001 [ 772.311793] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 772.319050] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f835d8a76d4 [ 772.326315] R13: 00000000004c2b54 R14: 00000000004d4810 R15: 00000000ffffffff [ 772.334307] Task in /syz0 killed as a result of limit of /syz0 [ 772.340363] memory: usage 307200kB, limit 307200kB, failcnt 2562 [ 772.346957] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 772.353782] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 772.353790] Memory cgroup stats for /syz0: cache:144KB rss:297708KB rss_huge:264192KB shmem:28KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:70784KB active_anon:21196KB inactive_file:0KB active_file:0KB unevictable:205760KB [ 772.353885] Memory cgroup out of memory: Kill process 21274 (syz-executor0) score 1157 or sacrifice child [ 772.353954] Killed process 21274 (syz-executor0) total-vm:70864kB, anon-rss:18580kB, file-rss:32768kB, shmem-rss:0kB [ 772.436539] oom_reaper: reaped process 21274 (syz-executor0), now anon-rss:0kB, file-rss:32768kB, shmem-rss:0kB [ 772.989592] syz-executor0 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=1000 [ 773.001074] syz-executor0 cpuset=syz0 mems_allowed=0 [ 773.006297] CPU: 1 PID: 21326 Comm: syz-executor0 Not tainted 4.20.0-rc1-next-20181109+ #110 [ 773.014857] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 773.024194] Call Trace: [ 773.026776] dump_stack+0x244/0x39d [ 773.030509] ? dump_stack_print_info.cold.1+0x20/0x20 [ 773.035688] ? mark_held_locks+0x130/0x130 [ 773.039913] ? mark_held_locks+0x130/0x130 [ 773.044153] dump_header+0x27b/0xf72 [ 773.047858] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 773.053380] ? pagefault_out_of_memory+0x197/0x197 [ 773.058297] ? debug_smp_processor_id+0x1c/0x20 [ 773.062953] ? perf_trace_lock_acquire+0x15b/0x800 [ 773.067870] ? perf_trace_lock+0x7a0/0x7a0 [ 773.072088] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 773.076831] ? graph_lock+0x270/0x270 [ 773.080618] ? trace_hardirqs_on_caller+0xc0/0x310 [ 773.085555] ? print_usage_bug+0xc0/0xc0 [ 773.089615] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 773.095073] ? find_held_lock+0x36/0x1c0 [ 773.099127] ? mark_held_locks+0xc7/0x130 [ 773.103263] ? _raw_spin_unlock_irqrestore+0x82/0xd0 [ 773.108356] ? _raw_spin_unlock_irqrestore+0x82/0xd0 [ 773.113450] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 773.118025] ? trace_hardirqs_on+0xbd/0x310 [ 773.122331] ? kasan_check_read+0x11/0x20 [ 773.126460] ? ___ratelimit+0x3b4/0x672 [ 773.130418] ? trace_hardirqs_off_caller+0x300/0x300 [ 773.135506] ? trace_hardirqs_on+0x310/0x310 [ 773.139898] ? lock_downgrade+0x900/0x900 [ 773.144034] ? _raw_spin_unlock_irqrestore+0x6d/0xd0 [ 773.149133] ? ___ratelimit+0x3b9/0x672 [ 773.153093] ? idr_get_free+0xf70/0xf70 [ 773.157049] ? oom_kill_process+0xbf/0x270 [ 773.161285] oom_kill_process.cold.27+0x10/0x903 [ 773.166031] ? css_task_iter_end+0x277/0x490 [ 773.170428] ? css_task_iter_end+0x2c9/0x490 [ 773.174819] ? oom_evaluate_task+0x540/0x540 [ 773.179230] ? cgroup_procs_next+0x70/0x70 [ 773.183451] ? _raw_spin_unlock_irq+0x56/0x80 [ 773.187933] ? _raw_spin_unlock_irq+0x60/0x80 [ 773.192415] ? oom_badness+0xaa0/0xaa0 [ 773.196285] ? mem_cgroup_scan_tasks+0x1c3/0x1e0 [ 773.201038] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 773.205782] ? mem_cgroup_iter_break+0x30/0x30 [ 773.210360] ? out_of_memory+0xbdc/0x1430 [ 773.214497] out_of_memory+0xa7f/0x1430 [ 773.218571] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 773.223141] ? kasan_check_read+0x11/0x20 [ 773.227275] ? oom_killer_disable+0x3a0/0x3a0 [ 773.231767] mem_cgroup_out_of_memory+0x15e/0x210 [ 773.236699] ? memory_oom_group_write+0x160/0x160 [ 773.241530] ? try_charge+0x4e3/0x1720 [ 773.245516] try_charge+0xdcd/0x1720 [ 773.249218] ? kasan_check_read+0x11/0x20 [ 773.253360] ? mem_cgroup_from_task+0x1f0/0x1f0 [ 773.258020] ? get_mem_cgroup_from_mm.part.62+0x221/0x880 [ 773.263561] ? lock_page_memcg+0x350/0x350 [ 773.267783] ? lock_acquire+0x1ed/0x520 [ 773.271744] ? mem_cgroup_oom_control_write+0x100/0x100 [ 773.277100] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 773.282751] ? check_preemption_disabled+0x48/0x280 [ 773.287755] ? kasan_check_read+0x11/0x20 [ 773.291889] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 773.297148] ? rcu_softirq_qs+0x20/0x20 [ 773.301136] mem_cgroup_try_charge+0x627/0xe20 [ 773.305709] ? mark_held_locks+0xc7/0x130 [ 773.309952] ? mem_cgroup_protected+0xa60/0xa60 [ 773.314625] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 773.319203] ? retint_kernel+0x2d/0x2d [ 773.323085] ? trace_hardirqs_on_caller+0xc0/0x310 [ 773.328003] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 773.332742] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 773.338184] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 773.342940] ? retint_kernel+0x2d/0x2d [ 773.346821] mem_cgroup_try_charge_delay+0x1d/0xa0 [ 773.351737] wp_page_copy+0x51d/0x24f0 [ 773.355641] ? retint_kernel+0x2d/0x2d [ 773.359557] ? follow_pfn+0x2e0/0x2e0 [ 773.363354] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 773.368873] ? reuse_swap_page+0x4bd/0x1520 [ 773.373180] ? swp_swapcount+0x530/0x530 [ 773.377225] ? perf_trace_mm_lru_insertion+0x1490/0x1490 [ 773.382659] ? trace_hardirqs_on_caller+0xc0/0x310 [ 773.387576] ? print_usage_bug+0xc0/0xc0 [ 773.391623] ? print_usage_bug+0xc0/0xc0 [ 773.395664] ? retint_kernel+0x2d/0x2d [ 773.399547] ? graph_lock+0x270/0x270 [ 773.403349] ? __lock_acquire+0x62f/0x4c20 [ 773.407570] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 773.412314] ? retint_kernel+0x2d/0x2d [ 773.416204] ? find_held_lock+0x36/0x1c0 [ 773.420261] ? do_wp_page+0x518/0x2920 [ 773.424139] ? lock_downgrade+0x900/0x900 [ 773.428285] ? wake_up_page_bit+0x6f0/0x6f0 [ 773.432605] ? kasan_check_read+0x11/0x20 [ 773.436736] ? do_raw_spin_unlock+0xa7/0x330 [ 773.441128] ? do_raw_spin_trylock+0x270/0x270 [ 773.445694] ? __pte_alloc_kernel+0x220/0x220 [ 773.450186] ? perf_trace_lock_acquire+0x15b/0x800 [ 773.455104] do_wp_page+0x520/0x2920 [ 773.458802] ? check_preemption_disabled+0x48/0x280 [ 773.463818] ? finish_mkwrite_fault+0x650/0x650 [ 773.468474] ? mark_held_locks+0xc7/0x130 [ 773.472607] ? perf_trace_lock+0x7a0/0x7a0 [ 773.476838] ? trace_hardirqs_on_caller+0xc0/0x310 [ 773.481760] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 773.487285] ? __lock_acquire+0x62f/0x4c20 [ 773.491510] ? print_usage_bug+0xc0/0xc0 [ 773.495570] ? mark_held_locks+0x130/0x130 [ 773.499828] ? follow_page_pte+0xdd7/0x1ab0 [ 773.504134] ? lock_downgrade+0x900/0x900 [ 773.508272] ? mark_held_locks+0xc7/0x130 [ 773.512409] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 773.517151] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 773.521717] ? retint_kernel+0x2d/0x2d [ 773.525588] ? trace_hardirqs_on_caller+0xc0/0x310 [ 773.530611] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 773.535362] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 773.540922] ? print_usage_bug+0xc0/0xc0 [ 773.544977] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 773.549737] ? retint_kernel+0x2d/0x2d [ 773.553634] ? lock_acquire+0x268/0x520 [ 773.557596] ? kasan_check_write+0x14/0x20 [ 773.561814] ? do_raw_spin_lock+0x14f/0x350 [ 773.566129] ? rwlock_bug.part.2+0x90/0x90 [ 773.570351] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 773.574917] ? retint_kernel+0x2d/0x2d [ 773.578789] ? trace_hardirqs_on_caller+0xc0/0x310 [ 773.583703] ? __handle_mm_fault+0xe9e/0x5be0 [ 773.588188] __handle_mm_fault+0x3be9/0x5be0 [ 773.592582] ? print_usage_bug+0xc0/0xc0 [ 773.596633] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 773.601466] ? perf_trace_lock+0x7a0/0x7a0 [ 773.605687] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 773.611214] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 773.615780] ? retint_kernel+0x2d/0x2d [ 773.619651] ? trace_hardirqs_on_caller+0xc0/0x310 [ 773.624569] ? find_held_lock+0x36/0x1c0 [ 773.628618] ? handle_mm_fault+0x42a/0xc70 [ 773.632850] ? lock_downgrade+0x900/0x900 [ 773.636989] ? check_preemption_disabled+0x48/0x280 [ 773.641998] ? kasan_check_read+0x11/0x20 [ 773.646136] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 773.651401] ? rcu_read_unlock_special+0x370/0x370 [ 773.656316] ? handle_mm_fault+0x3f4/0xc70 [ 773.660540] handle_mm_fault+0x54f/0xc70 [ 773.664593] ? __handle_mm_fault+0x5be0/0x5be0 [ 773.669166] __get_user_pages+0xa3d/0x1ed0 [ 773.673410] ? follow_page_mask+0x2160/0x2160 [ 773.677923] ? mark_held_locks+0xc7/0x130 [ 773.682067] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 773.686813] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 773.691379] ? retint_kernel+0x2d/0x2d [ 773.695252] ? trace_hardirqs_on_caller+0xc0/0x310 [ 773.700180] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 773.704925] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 773.710367] ? mark_held_locks+0xc7/0x130 [ 773.714507] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 773.719248] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 773.724011] ? retint_kernel+0x2d/0x2d [ 773.727891] ? populate_vma_page_range+0xbd/0x3d0 [ 773.732720] populate_vma_page_range+0x2db/0x3d0 [ 773.737485] ? follow_page+0x420/0x420 [ 773.741375] ? __mm_populate+0x1b8/0x4d0 [ 773.745426] __mm_populate+0x286/0x4d0 [ 773.749320] ? populate_vma_page_range+0x3d0/0x3d0 [ 773.754237] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 773.759757] ? ns_capable_common+0x13f/0x170 [ 773.764154] __x64_sys_mlockall+0x45b/0x630 [ 773.768458] ? __ia32_sys_munlock+0x160/0x160 [ 773.772936] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 773.778462] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 773.783814] ? trace_hardirqs_off_caller+0x300/0x300 [ 773.788908] do_syscall_64+0x1b9/0x820 [ 773.792777] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 773.798137] ? syscall_return_slowpath+0x5e0/0x5e0 [ 773.803053] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 773.807882] ? trace_hardirqs_on_caller+0x310/0x310 [ 773.812902] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 773.817976] ? prepare_exit_to_usermode+0x291/0x3b0 [ 773.823005] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 773.827867] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 773.833063] RIP: 0033:0x457569 [ 773.836244] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 773.855129] RSP: 002b:00007f835d885c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097 [ 773.862819] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 0000000000457569 [ 773.870073] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 773.877337] RBP: 000000000072bfa0 R08: 0000000000000000 R09: 0000000000000000 [ 773.884592] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f835d8866d4 [ 773.891854] R13: 00000000004c2b54 R14: 00000000004d4810 R15: 00000000ffffffff [ 773.903130] Task in /syz0 killed as a result of limit of /syz0 [ 773.909905] memory: usage 307200kB, limit 307200kB, failcnt 2607 [ 773.916212] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 773.923056] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 773.929325] Memory cgroup stats for /syz0: cache:144KB rss:297560KB rss_huge:260096KB shmem:28KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:63888KB active_anon:17092KB inactive_file:0KB active_file:0KB unevictable:216716KB [ 773.951775] Memory cgroup out of memory: Kill process 21277 (syz-executor0) score 1216 or sacrifice child [ 773.962298] Killed process 21327 (syz-executor0) total-vm:70468kB, anon-rss:18068kB, file-rss:32896kB, shmem-rss:0kB [ 773.978722] oom_reaper: reaped process 21327 (syz-executor0), now anon-rss:0kB, file-rss:32768kB, shmem-rss:0kB [ 774.820211] syz-executor0 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=1000 [ 774.832000] syz-executor0 cpuset=syz0 mems_allowed=0 [ 774.837184] CPU: 0 PID: 21330 Comm: syz-executor0 Not tainted 4.20.0-rc1-next-20181109+ #110 [ 774.845741] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 774.855080] Call Trace: [ 774.857666] dump_stack+0x244/0x39d [ 774.861282] ? dump_stack_print_info.cold.1+0x20/0x20 [ 774.866477] ? mark_held_locks+0x130/0x130 [ 774.870711] ? mark_held_locks+0x130/0x130 [ 774.874931] dump_header+0x27b/0xf72 [ 774.878638] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 774.884159] ? pagefault_out_of_memory+0x197/0x197 [ 774.889084] ? print_usage_bug+0xc0/0xc0 [ 774.893146] ? debug_smp_processor_id+0x1c/0x20 [ 774.897802] ? perf_trace_lock_acquire+0x15b/0x800 [ 774.902722] ? perf_trace_lock+0x7a0/0x7a0 [ 774.906941] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 774.911684] ? mark_held_locks+0xc7/0x130 [ 774.915830] ? print_usage_bug+0xc0/0xc0 [ 774.919892] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 774.924645] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 774.929216] ? retint_kernel+0x2d/0x2d [ 774.933090] ? trace_hardirqs_on_caller+0xc0/0x310 [ 774.938008] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 774.942752] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 774.948193] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 774.952937] ? retint_kernel+0x2d/0x2d [ 774.956925] ? _raw_spin_unlock_irqrestore+0xaf/0xd0 [ 774.962014] ? _raw_spin_unlock_irqrestore+0x6d/0xd0 [ 774.967102] ? ___ratelimit+0x3b9/0x672 [ 774.971071] ? idr_get_free+0xf70/0xf70 [ 774.975052] oom_kill_process.cold.27+0x10/0x903 [ 774.979809] ? _raw_spin_unlock_irq+0x56/0x80 [ 774.984318] ? oom_evaluate_task+0x540/0x540 [ 774.988736] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 774.994285] ? cgroup_procs_next+0x70/0x70 [ 774.998511] ? _raw_spin_unlock_irq+0x60/0x80 [ 775.002989] ? oom_badness+0xaa0/0xaa0 [ 775.006871] ? mem_cgroup_scan_tasks+0x1c3/0x1e0 [ 775.011612] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 775.016364] ? mem_cgroup_iter_break+0x30/0x30 [ 775.020945] ? out_of_memory+0x100/0x1430 [ 775.025078] out_of_memory+0xa7f/0x1430 [ 775.029048] ? retint_kernel+0x2d/0x2d [ 775.032934] ? oom_killer_disable+0x3a0/0x3a0 [ 775.037425] ? _raw_spin_unlock_irqrestore+0xaf/0xd0 [ 775.042531] mem_cgroup_out_of_memory+0x15e/0x210 [ 775.047361] ? memory_oom_group_write+0x160/0x160 [ 775.052196] ? page_counter_try_charge+0x1c1/0x220 [ 775.057116] try_charge+0xdcd/0x1720 [ 775.060831] ? kasan_check_read+0x11/0x20 [ 775.064975] ? mem_cgroup_from_task+0x1f0/0x1f0 [ 775.069632] ? get_mem_cgroup_from_mm.part.62+0x221/0x880 [ 775.075159] ? lock_page_memcg+0x350/0x350 [ 775.079380] ? lock_acquire+0x1ed/0x520 [ 775.083340] ? mem_cgroup_oom_control_write+0x100/0x100 [ 775.088691] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 775.094230] ? check_preemption_disabled+0x48/0x280 [ 775.099235] ? kasan_check_read+0x11/0x20 [ 775.103372] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 775.108652] ? rcu_softirq_qs+0x20/0x20 [ 775.112621] mem_cgroup_try_charge+0x627/0xe20 [ 775.117192] ? mem_cgroup_protected+0xa60/0xa60 [ 775.121854] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 775.127380] ? page_mapping+0x5a2/0xa50 [ 775.131348] ? mem_cgroup_uncharge+0x100/0x100 [ 775.135913] ? page_evictable+0x2de/0x540 [ 775.140046] ? lock_downgrade+0x900/0x900 [ 775.144179] ? check_preemption_disabled+0x48/0x280 [ 775.149185] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 775.154713] mem_cgroup_try_charge_delay+0x1d/0xa0 [ 775.159628] wp_page_copy+0x51d/0x24f0 [ 775.163508] ? follow_pfn+0x2e0/0x2e0 [ 775.167296] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 775.172816] ? reuse_swap_page+0x4bd/0x1520 [ 775.177128] ? swp_swapcount+0x530/0x530 [ 775.181180] ? perf_trace_mm_lru_insertion+0x1490/0x1490 [ 775.186615] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 775.191377] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 775.196813] ? print_usage_bug+0xc0/0xc0 [ 775.200868] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 775.205643] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 775.210426] ? graph_lock+0x270/0x270 [ 775.214217] ? __lock_acquire+0x62f/0x4c20 [ 775.218438] ? mark_page_accessed+0x2d4/0x2040 [ 775.223097] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 775.228621] ? find_held_lock+0x36/0x1c0 [ 775.232675] ? do_wp_page+0x518/0x2920 [ 775.236564] ? lock_downgrade+0x900/0x900 [ 775.240697] ? wake_up_page_bit+0x6f0/0x6f0 [ 775.245023] ? kasan_check_read+0x11/0x20 [ 775.249160] ? do_raw_spin_unlock+0xa7/0x330 [ 775.253565] ? do_raw_spin_trylock+0x270/0x270 [ 775.258132] ? __pte_alloc_kernel+0x220/0x220 [ 775.262617] ? perf_trace_lock_acquire+0x15b/0x800 [ 775.267536] do_wp_page+0x520/0x2920 [ 775.271266] ? check_preemption_disabled+0x48/0x280 [ 775.276269] ? print_usage_bug+0xc0/0xc0 [ 775.280315] ? finish_mkwrite_fault+0x650/0x650 [ 775.284969] ? mark_held_locks+0xc7/0x130 [ 775.289106] ? perf_trace_lock+0x7a0/0x7a0 [ 775.293338] ? trace_hardirqs_on_caller+0xc0/0x310 [ 775.298269] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 775.303796] ? __lock_acquire+0x62f/0x4c20 [ 775.308059] ? mark_held_locks+0x130/0x130 [ 775.312281] ? follow_page_pte+0xdd7/0x1ab0 [ 775.316589] ? lock_downgrade+0x900/0x900 [ 775.320728] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 775.326254] ? check_preemption_disabled+0x48/0x280 [ 775.331259] ? debug_smp_processor_id+0x1c/0x20 [ 775.335912] ? perf_trace_lock_acquire+0x15b/0x800 [ 775.340850] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 775.346382] ? follow_page_pte+0x4f9/0x1ab0 [ 775.350697] ? print_usage_bug+0xc0/0xc0 [ 775.354750] ? mark_held_locks+0xc7/0x130 [ 775.358886] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 775.363645] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 775.368215] ? retint_kernel+0x2d/0x2d [ 775.372087] ? trace_hardirqs_on_caller+0xc0/0x310 [ 775.377000] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 775.381757] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 775.387212] ? __lock_acquire+0x62f/0x4c20 [ 775.391453] ? lock_acquire+0x1ed/0x520 [ 775.395522] ? __handle_mm_fault+0x1fa9/0x5be0 [ 775.400111] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 775.404878] ? kasan_check_write+0x14/0x20 [ 775.409111] ? do_raw_spin_lock+0x14f/0x350 [ 775.413434] ? retint_kernel+0x2d/0x2d [ 775.417325] ? rwlock_bug.part.2+0x90/0x90 [ 775.421583] __handle_mm_fault+0x3be9/0x5be0 [ 775.426006] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 775.430847] ? retint_kernel+0x2d/0x2d [ 775.434734] ? perf_trace_lock+0x7a0/0x7a0 [ 775.438975] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 775.444517] ? pmd_huge+0xf4/0x140 [ 775.448078] ? graph_lock+0x270/0x270 [ 775.451879] ? graph_lock+0x270/0x270 [ 775.455687] ? find_held_lock+0x36/0x1c0 [ 775.459759] ? handle_mm_fault+0x42a/0xc70 [ 775.463997] ? lock_downgrade+0x900/0x900 [ 775.468145] ? check_preemption_disabled+0x48/0x280 [ 775.473187] ? kasan_check_read+0x11/0x20 [ 775.477335] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 775.482701] ? rcu_read_unlock_special+0x370/0x370 [ 775.487636] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 775.493176] ? check_preemption_disabled+0x48/0x280 [ 775.498203] handle_mm_fault+0x54f/0xc70 [ 775.502271] ? __handle_mm_fault+0x5be0/0x5be0 [ 775.506860] ? __get_user_pages+0x810/0x1ed0 [ 775.511277] __get_user_pages+0xa3d/0x1ed0 [ 775.515531] ? follow_page_mask+0x2160/0x2160 [ 775.520035] ? mark_held_locks+0xc7/0x130 [ 775.524192] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 775.528952] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 775.533544] ? retint_kernel+0x2d/0x2d [ 775.537440] ? trace_hardirqs_on_caller+0xc0/0x310 [ 775.542373] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 775.547135] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 775.552588] ? retint_kernel+0x2d/0x2d [ 775.556488] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 775.561258] ? retint_kernel+0x2d/0x2d [ 775.565156] ? populate_vma_page_range+0x29e/0x3d0 [ 775.570086] ? populate_vma_page_range+0x314/0x3d0 [ 775.575034] populate_vma_page_range+0x2db/0x3d0 [ 775.579806] ? follow_page+0x420/0x420 [ 775.583706] ? find_vma+0x34/0x190 [ 775.587254] __mm_populate+0x286/0x4d0 [ 775.591155] ? populate_vma_page_range+0x3d0/0x3d0 [ 775.596102] __x64_sys_mlockall+0x45b/0x630 [ 775.600425] ? __ia32_sys_munlock+0x160/0x160 [ 775.604938] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 775.610482] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 775.615853] ? trace_hardirqs_off_caller+0x300/0x300 [ 775.620974] do_syscall_64+0x1b9/0x820 [ 775.624867] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 775.630238] ? syscall_return_slowpath+0x5e0/0x5e0 [ 775.635174] ? trace_hardirqs_on_caller+0x310/0x310 [ 775.640196] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 775.645287] ? post_copy_siginfo_from_user.isra.25.part.26+0x250/0x250 [ 775.651961] ? __switch_to_asm+0x40/0x70 [ 775.656025] ? __switch_to_asm+0x34/0x70 [ 775.660097] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 775.664971] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 775.670163] RIP: 0033:0x457569 [ 775.673359] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 775.692356] RSP: 002b:00007f835d843c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097 [ 775.700062] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 0000000000457569 [ 775.707331] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 775.714601] RBP: 000000000072c0e0 R08: 0000000000000000 R09: 0000000000000000 [ 775.721870] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f835d8446d4 [ 775.729136] R13: 00000000004c2b54 R14: 00000000004d4810 R15: 00000000ffffffff [ 775.751510] Task in /syz0 killed as a result of limit of /syz0 [ 775.758248] memory: usage 307120kB, limit 307200kB, failcnt 2650 [ 775.765757] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 775.773736] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 775.779990] Memory cgroup stats for /syz0: cache:144KB rss:286272KB rss_huge:251904KB shmem:28KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:58236KB active_anon:17080KB inactive_file:0KB active_file:0KB unevictable:210964KB [ 775.802161] Memory cgroup out of memory: Kill process 21277 (syz-executor0) score 1220 or sacrifice child [ 775.813169] Killed process 21330 (syz-executor0) total-vm:70864kB, anon-rss:18456kB, file-rss:52260kB, shmem-rss:0kB [ 775.825580] oom_reaper: reaped process 21330 (syz-executor0), now anon-rss:18456kB, file-rss:52252kB, shmem-rss:0kB 00:55:11 executing program 0: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000000)=0x102, 0x4) bind$inet(r0, &(0x7f0000942000)={0x2, 0x4e20, @multicast1}, 0x10) getsockopt$IP_VS_SO_GET_SERVICE(r0, 0x0, 0x483, &(0x7f0000000300), &(0x7f00000000c0)=0xfe18) r1 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000400)='/dev/vga_arbiter\x00', 0x3fc, 0x0) getsockopt$IP6T_SO_GET_REVISION_MATCH(r1, 0x29, 0x44, &(0x7f0000000180)={'NETMAP\x00'}, &(0x7f00000001c0)=0x1e) mlockall(0x1) clone(0x0, 0x0, 0xfffffffffffffffe, &(0x7f0000000080), 0xffffffffffffffff) r2 = open(&(0x7f0000000140)='./file0\x00', 0x0, 0x99) exit(0x7fffffffbffefffd) r3 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mlockall(0x3) ioctl$VHOST_SET_VRING_CALL(r1, 0x4008af21, &(0x7f0000000500)={0x3, r2}) r4 = getpgid(0xffffffffffffffff) setpriority(0x1, r4, 0x5) r5 = getpgrp(0x0) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000280)={0xffffffffffffffff, r1, 0x0, 0xf, &(0x7f0000000240)='wlan0\\}md5sum#\x00'}, 0x30) setpgid(r5, r6) vmsplice(r3, &(0x7f00000008c0)=[{&(0x7f0000000800)="50e005e6815dc6b00b10002c519c66795de0d52fc076f1eb6a9c58cde88a6eef0093b24a178e84740aa6d1618e2033d38d4aea0fb17cda768820a83864ac14405192e4549c3ad33fca5d187507c5a984d6a0c72683e7af2d4a070000000000000005b6d0dce139e4c627395426a1f6fc0b416f7163eb07000000d9e0203181735ccac1e530c361262a0a5e0a98e9ca3d17f2f2f0c116fa9fbdbe757d93e323d17f29", 0xa2}], 0x1, 0xf) ioctl$EVIOCGEFFECTS(r1, 0x80044584, &(0x7f0000000580)=""/190) mq_notify(r1, &(0x7f0000000540)={0x0, 0x1c, 0x7, @thr={&(0x7f0000000440)="4c272be7ad31b92a7819bd4438656080ec27849a76ffa174b3fe114201140a34e5e6cb4d6a3ab9bcdc80a2717dd8542f33caa13b8c9cb9f5d11d4c66dc81779917000c05979ce491010f7259d0ecdb80fb30d6cba6e2b753ac23635fbb3d879cc2982fb4bbe1afcea02f12d11d43e1337c25411ae04bd8efc06636c455e15689c75b95c24f0dbdd30bdf91f2313a3e39b263ff5196302f1880765440d8b1", 0x0}}) accept4$inet(0xffffffffffffffff, &(0x7f00000000c0), &(0x7f0000000100)=0x10, 0x0) setsockopt$sock_int(r0, 0x1, 0x3c, &(0x7f0000d4effc)=0x1, 0x4) remap_file_pages(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x4, 0xa1, 0x40001) connect$inet(r0, &(0x7f00000002c0)={0x2, 0x4e20, @local}, 0x10) ioctl$FS_IOC_FSSETXATTR(r2, 0x401c5820, &(0x7f0000000200)={0x6d, 0x7fff, 0x400, 0x40, 0x4}) sendmmsg(r0, &(0x7f00000010c0)=[{{&(0x7f0000000bc0)=@in6={0xa, 0x0, 0x800d002000000000, @mcast1}, 0x80, &(0x7f0000000d40), 0x2fb, &(0x7f0000000d80)}}], 0x4000000000001b4, 0x40400d4) 00:55:11 executing program 3: r0 = syz_open_dev$mice(0x0, 0x0, 0x0) r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000400)="2f6a7374617400c65381b47aaedf2af5c8af3423fc41891bd2a3c56d8c88e29bad43f1da906e855ff182de04227edcbbc2b1df8f180e158e8abd442cc049cffda030ff277875ee010000000000000000000000000000000000000000000000f532144d1671a6cdf5069e5bddcf25cd7f23956b4a82df900f5eb5763b4fe8cc7172962d2590b2dca2a1308c382541b053194d9027d83ee7ba2e3280857f8f9f63fc90bae959c6e67078bf97e615bfd9409914958aadcfb37973543c60d83526e5c267f7dfa54bd524cc9671dedd665199322bdadee125a35b40b7be0c07301f439a7edfa26fa98277c8078b02e2076291c33787c58b0eabbc39288fc10509409de108f5ca26a8c8e1afb70b2a9569cf8f4cdb6d4e97eb7fdf241dee160e6071618333cc0b0e8bc6a17a0b7d604550fd149ad078ffe54c6392fba29015a3ae73774cd12c9c0ed251a7cf843d712d", 0x2761, 0x0) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)=ANY=[], &(0x7f00000001c0)='GPL\x00'}, 0x48) r3 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x2761, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r3, 0x4030582a, &(0x7f0000000000)) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000840), 0x0, &(0x7f0000000700)}, 0x0) r4 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000600)='IPVS\x00') write$binfmt_script(r2, &(0x7f0000000800)=ANY=[@ANYBLOB="2321202e2f66696c6530202a20776c616e31657468306d643573756dac28293a73797374656d296c6f74727573746564766d6e657430637075736574766d6e65743070726f63206d643573756d7365637572697479776c616e3026255e205e204950565300208c656d31297070703021207365637572697479766d6e65743149202f6a7374617400c65381b47aaedf2af5c8af3423fc41891bd2a3c56d8c88e29bad43f1da906e855ff182de04227edcbbc2b1df8f180e158e8abd442cc049cffda030ff277875ee010000000000000000000000000000000000000000000000f532144d1671a6cdf5069e5bddcf25cd7f23956b4a82df900f5eb5763b4fe8cc7172962d2590b2dca2a1308c382541b053194d9027d83ee7ba2e3280857f8f9f63fc90bae959c6e67078bf97e615bfd9409914958aadcfb37973543c60d83526e5c267f7dfa54bd524cc9671dedd665199322bdadee125a35b40b7be0c07301f439a7edfa26fa98277c8078b02e2076291c33787c58b0eabbc39288fc10509409de108f5cac8596f1601f42b94822726a8c8e1afb70b2a9569cf8f4cdb6d4e97eb7fdf241dee160e6071618333cc0b0e8bc6a17a0b7d604550fd149ad078ffe54c6392fba29015a3ae73774cd12c9c0ed251a7cf843d712d0a560dd8aacb07efd1092b15cb73dfbf9f4623da34519e9abf6051280906c3edb51fe15622be1bc66a48034c2b10fe064ca9b1adbed01927c7d8dbe6f5dba0fd574c6d18d811b9707fbfa7d32e00e40d927e6899c57ebf243ddc9abc57f454ea58f2a9ce84c70dfffa81f0ae7f8743ce34e3a723a74892929da1ec5294dfa186a51b7341b005cf358189dc7f61c96ca4eb25b832c834b0e940889331a71a1d"], 0x26d) perf_event_open$cgroup(&(0x7f0000000340)={0x1, 0x70, 0x7f, 0x1983, 0x0, 0x3, 0x0, 0xffffffffffff8001, 0x0, 0x4, 0xfffffffffffffffa, 0x8, 0x4, 0x401, 0x2, 0x5, 0x1, 0x3, 0x5, 0x1c89000000000000, 0x3, 0x10000, 0x7, 0x7, 0x3, 0x0, 0x8, 0x2, 0x400, 0x400, 0x5, 0xe79d, 0x1, 0x6, 0x0, 0x7, 0xffff, 0x6, 0x0, 0x40, 0x7, @perf_bp={&(0x7f0000000300), 0x5}, 0x0, 0x1, 0x200, 0x1, 0x200, 0x0, 0x9}, r0, 0x0, r1, 0x1) sendmsg$IPVS_CMD_DEL_SERVICE(r0, &(0x7f00000005c0)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000580)={&(0x7f0000000640)={0xe4, r4, 0x200, 0x70bd2d, 0x25dfdbff, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x93d4}, @IPVS_CMD_ATTR_DAEMON={0x5c, 0x3, [@IPVS_DAEMON_ATTR_MCAST_PORT={0x8, 0x7, 0x4e20}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x8, 0x8, 0x8}, @IPVS_DAEMON_ATTR_MCAST_GROUP={0x8, 0x5, @multicast2}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x8, 0x8, 0x100000000}, @IPVS_DAEMON_ATTR_MCAST_IFN={0x14, 0x2, 'ipddp0\x00'}, @IPVS_DAEMON_ATTR_MCAST_GROUP={0x8}, @IPVS_DAEMON_ATTR_MCAST_PORT={0x8, 0x7, 0x4e23}, @IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @remote}]}, @IPVS_CMD_ATTR_DAEMON={0x38, 0x3, [@IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x2}, @IPVS_DAEMON_ATTR_STATE={0x8}, @IPVS_DAEMON_ATTR_SYNC_ID={0x8, 0x3, 0x1}, @IPVS_DAEMON_ATTR_MCAST_GROUP={0x8, 0x5, @multicast2}, @IPVS_DAEMON_ATTR_MCAST_IFN={0x14, 0x2, 'team_slave_1\x00'}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x2}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x9}, @IPVS_CMD_ATTR_DAEMON={0x1c, 0x3, [@IPVS_DAEMON_ATTR_MCAST_GROUP={0x8, 0x5, @multicast1}, @IPVS_DAEMON_ATTR_SYNC_ID={0x8, 0x3, 0x3}, @IPVS_DAEMON_ATTR_MCAST_PORT={0x8, 0x7, 0x4e22}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x9}]}, 0xe4}, 0x1, 0x0, 0x0, 0x804}, 0x4000010) sendmsg$IPVS_CMD_DEL_DEST(r3, &(0x7f0000000200)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x2c, r4, 0x0, 0x70bd2a, 0x25dfdbfb, {}, [@IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x3c2}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x4}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x400}]}, 0x2c}, 0x1, 0x0, 0x0, 0x4000000}, 0x4000) ioctl$sock_inet_SIOCSIFNETMASK(r3, 0x891c, &(0x7f00000000c0)={'gretap0\x00', {0x2, 0x4e22, @dev={0xac, 0x14, 0x14, 0x14}}}) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r1, 0x4030582a, &(0x7f0000000000)) perf_event_open$cgroup(&(0x7f0000000280)={0x6, 0x70, 0x2, 0x3, 0x1, 0x0, 0x0, 0x584, 0x1000, 0x0, 0x3, 0x6, 0x6, 0x9, 0x70e75872, 0x3, 0xfff8000000000000, 0x1, 0x6, 0x1ff, 0x400, 0x3ff, 0x8, 0x9, 0x2, 0x80000000, 0x80, 0x6, 0x0, 0x21b, 0xf0, 0xfb, 0x0, 0x10000, 0x4, 0x8, 0x401, 0xffffffff00000001, 0x0, 0x5, 0x0, @perf_bp={&(0x7f0000000240), 0x5}, 0x10000, 0x1, 0x4, 0x7, 0x0, 0x0, 0x200}, r3, 0x4, r3, 0x8) 00:55:11 executing program 5: add_key$user(&(0x7f0000000040)='user\x00', 0x0, &(0x7f0000000380), 0x0, 0xfffffffffffffffe) keyctl$update(0x2, 0x0, 0x0, 0x0) r0 = syz_open_dev$swradio(&(0x7f00000000c0)='/dev/swradio#\x00', 0xffffffffffffffff, 0x2) ioctl$SNDRV_TIMER_IOCTL_STOP(r0, 0x54a1) mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xfffffffffffffffd, 0x11, r0, 0x0) ioctl$ASHMEM_GET_SIZE(0xffffffffffffffff, 0x7704, 0x0) 00:55:11 executing program 2: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getsockopt$IP_VS_SO_GET_VERSION(0xffffffffffffffff, 0x0, 0x480, 0x0, 0x0) r0 = syz_open_dev$swradio(&(0x7f00000000c0)='/dev/swradio#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000340)={0x0, 0x9, 0x1, {0xb, @pix={0x0, 0x1f}}}) mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xfffffffffffffffd, 0x11, r0, 0x0) clone(0x0, &(0x7f0000000080), &(0x7f0000000000), &(0x7f0000915ffc), &(0x7f0000000180)) ioctl$ASHMEM_GET_SIZE(0xffffffffffffffff, 0x7704, 0x0) add_key$user(&(0x7f0000000240)='user\x00', &(0x7f0000000540)={'syz'}, &(0x7f0000000600)="63bbdf5b932bb04481028798fd5fb1bf7183b30984e21c3eb3094d70650ee8624e2bdce1427bd61c8e222dbd67d402b7ccaf0c5dc50030ee14d419fa9c84b0ffd1019f1b2ae022a0f182301f9942566e6f61eabe384c732d0813a18bb3dc9f3a678d9d44e6293e786ab2e6d28f236c138d63fe4f6ece6f3d04", 0x79, 0xfffffffffffffffd) openat$autofs(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/autofs\x00', 0x401, 0x0) 00:55:11 executing program 1: r0 = add_key$keyring(&(0x7f00000001c0)='keyring\x00', &(0x7f0000000200)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffc) r1 = add_key$user(0x0, 0x0, 0x0, 0x10191, r0) pipe2(&(0x7f0000000000)={0xffffffffffffffff}, 0x98f1028d6cae7f90) sched_setaffinity(0x0, 0x8, &(0x7f0000000240)=0x40000000000009) ioctl$EVIOCREVOKE(r2, 0x40044591, &(0x7f00000002c0)=0x8) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x100, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r3 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r3, &(0x7f00000001c0)={0xa, 0x0, 0x0, @dev, 0x6}, 0x1c) connect$inet6(r3, &(0x7f0000000180)={0xa, 0x4e22, 0x0, @ipv4={[], [], @multicast1}}, 0x1c) ioctl$BLKREPORTZONE(0xffffffffffffffff, 0xc0101282, &(0x7f0000001640)=ANY=[@ANYBLOB="fa9308000000000043"]) r4 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/bnep\x00') ioctl$KVM_GET_CLOCK(r4, 0x8030ae7c, &(0x7f0000000100)) sendmmsg(r3, &(0x7f00000002c0), 0x400000000000174, 0x0) getsockopt$inet_sctp_SCTP_GET_PEER_ADDR_INFO(0xffffffffffffff9c, 0x84, 0xf, &(0x7f0000000100)={0x0, @in={{0x2, 0x4e23, @local}}, 0x2, 0x7, 0x2, 0x8, 0xfcf}, &(0x7f0000000040)=0x98) setsockopt$inet_sctp6_SCTP_RESET_ASSOC(r2, 0x84, 0x78, &(0x7f0000000080)=r5, 0x4) keyctl$update(0x2, r1, &(0x7f0000000440), 0x0) ioctl$EVIOCREVOKE(r2, 0x40044591, &(0x7f0000000280)=0xfffffffffffffff9) r6 = syz_open_dev$swradio(&(0x7f00000000c0)='/dev/swradio#\x00', 0xffffffffffffffff, 0x2) mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xfffffffffffffffd, 0x11, r6, 0x0) 00:55:11 executing program 4: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000280)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000480)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) read$FUSE(r0, &(0x7f0000003000), 0x4ea) write$FUSE_INIT(r0, &(0x7f0000000600)={0x50, 0x0, 0x2, {0x7, 0x1c, 0x8, 0x0, 0x7ff}}, 0x50) 00:55:11 executing program 5: add_key$user(&(0x7f0000000040)='user\x00', 0x0, &(0x7f0000000380), 0x0, 0xfffffffffffffffe) keyctl$update(0x2, 0x0, 0x0, 0x0) r0 = syz_open_dev$amidi(&(0x7f0000000000)='/dev/amidi#\x00', 0xbf, 0x2000) setsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000000080)=[@in={0x2, 0x4e20}, @in={0x2, 0x4e20, @multicast2}], 0x20) r1 = syz_open_dev$swradio(&(0x7f00000000c0)='/dev/swradio#\x00', 0xffffffffffffffff, 0x2) mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xfffffffffffffffd, 0x11, r1, 0x0) ioctl$ASHMEM_GET_SIZE(0xffffffffffffffff, 0x7704, 0x0) 00:55:11 executing program 4: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000280)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000480)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) read$FUSE(r0, &(0x7f0000003000), 0x4ea) write$FUSE_INIT(r0, &(0x7f0000000600)={0x50, 0x0, 0x2, {0x7, 0x1c, 0x8000000, 0x0, 0x7ff}}, 0x50) 00:55:11 executing program 2: add_key$user(0x0, &(0x7f0000000000)={'syz'}, &(0x7f0000000380)='X', 0x1, 0xfffffffffffffffe) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getsockopt$IP_VS_SO_GET_VERSION(0xffffffffffffffff, 0x0, 0x480, 0x0, 0x0) r0 = syz_open_dev$swradio(&(0x7f00000000c0)='/dev/swradio#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000340)={0x0, 0x9, 0x1, {0xb, @pix={0x0, 0x1f}}}) mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xfffffffffffffffd, 0x11, r0, 0x0) clone(0x0, &(0x7f0000000080), &(0x7f0000000000), &(0x7f0000915ffc), &(0x7f0000000180)) ioctl$ASHMEM_GET_SIZE(0xffffffffffffffff, 0x7704, 0x0) add_key$user(&(0x7f0000000240)='user\x00', &(0x7f0000000540)={'syz'}, &(0x7f0000000600)="63bbdf5b932bb04481028798fd5fb1bf7183b30984e21c3eb3094d70650ee8624e2bdce1427bd61c8e222dbd67d402b7ccaf0c5dc50030ee14d419fa9c84b0ffd1019f1b2ae022a0f182301f9942566e6f61eabe384c732d0813a18bb3dc9f3a678d9d44e6293e786ab2e6d28f236c138d63fe4f6ece6f3d04", 0x79, 0xfffffffffffffffd) openat$autofs(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/autofs\x00', 0x401, 0x0) 00:55:11 executing program 5: add_key$user(&(0x7f0000000040)='user\x00', 0x0, &(0x7f0000000080), 0x0, 0xfffffffffffffffe) keyctl$update(0x2, 0x0, 0x0, 0x0) r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ppp\x00', 0x4080, 0x0) r1 = openat$dlm_monitor(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/dlm-monitor\x00', 0x2a80, 0x0) epoll_ctl$EPOLL_CTL_DEL(r0, 0x2, r1) r2 = syz_open_dev$swradio(&(0x7f00000000c0)='/dev/swradio#\x00', 0xffffffffffffffff, 0x2) ioctl$sock_bt_hidp_HIDPGETCONNLIST(r2, 0x800448d2, &(0x7f0000000000)={0x3, &(0x7f0000000100)=[{}, {}, {}]}) mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xfffffffffffffffd, 0x11, r2, 0x0) ioctl$ASHMEM_GET_SIZE(0xffffffffffffffff, 0x7704, 0x0) 00:55:11 executing program 3: r0 = syz_open_dev$mice(0x0, 0x0, 0x0) r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000400)="2f6a7374617400c65381b47aaedf2af5c8af3423fc41891bd2a3c56d8c88e29bad43f1da906e855ff182de04227edcbbc2b1df8f180e158e8abd442cc049cffda030ff277875ee010000000000000000000000000000000000000000000000f532144d1671a6cdf5069e5bddcf25cd7f23956b4a82df900f5eb5763b4fe8cc7172962d2590b2dca2a1308c382541b053194d9027d83ee7ba2e3280857f8f9f63fc90bae959c6e67078bf97e615bfd9409914958aadcfb37973543c60d83526e5c267f7dfa54bd524cc9671dedd665199322bdadee125a35b40b7be0c07301f439a7edfa26fa98277c8078b02e2076291c33787c58b0eabbc39288fc10509409de108f5ca26a8c8e1afb70b2a9569cf8f4cdb6d4e97eb7fdf241dee160e6071618333cc0b0e8bc6a17a0b7d604550fd149ad078ffe54c6392fba29015a3ae73774cd12c9c0ed251a7cf843d712d", 0x2761, 0x0) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)=ANY=[], &(0x7f00000001c0)='GPL\x00'}, 0x48) ioctl$EXT4_IOC_ALLOC_DA_BLKS(r2, 0x660c) r3 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x2761, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r3, 0x4030582a, &(0x7f0000000000)) ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x1) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000840), 0x0, &(0x7f0000000700)}, 0x0) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0xa79, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r3, 0x4030582a, &(0x7f0000000080)=0x1) ioctl$SNDRV_SEQ_IOCTL_DELETE_QUEUE(r1, 0x408c5333, &(0x7f00000000c0)={0x8, 0x80000000, 0x8, 'queue0\x00', 0x4}) 00:55:11 executing program 4: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000280)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000480)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) read$FUSE(r0, &(0x7f0000003000), 0x4ea) write$FUSE_INIT(r0, &(0x7f0000000600)={0x50, 0x0, 0x2, {0x7, 0x1c, 0x10000000, 0x0, 0x7ff}}, 0x50) [ 777.274246] syz-executor0 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=1000 [ 777.285918] syz-executor0 cpuset=syz0 mems_allowed=0 [ 777.291401] CPU: 0 PID: 21372 Comm: syz-executor0 Not tainted 4.20.0-rc1-next-20181109+ #110 [ 777.299984] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 777.309325] Call Trace: [ 777.311909] dump_stack+0x244/0x39d [ 777.315527] ? dump_stack_print_info.cold.1+0x20/0x20 [ 777.320706] ? mark_held_locks+0x130/0x130 [ 777.324940] ? mark_held_locks+0x130/0x130 [ 777.329167] dump_header+0x27b/0xf72 [ 777.332872] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 777.338397] ? pagefault_out_of_memory+0x197/0x197 [ 777.343312] ? print_usage_bug+0xc0/0xc0 [ 777.347361] ? debug_smp_processor_id+0x1c/0x20 [ 777.352017] ? perf_trace_lock_acquire+0x15b/0x800 [ 777.356957] ? perf_trace_lock+0x7a0/0x7a0 [ 777.361192] ? mark_held_locks+0xc7/0x130 [ 777.365326] ? print_usage_bug+0xc0/0xc0 [ 777.369374] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 777.374115] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 777.378691] ? retint_kernel+0x2d/0x2d [ 777.382580] ? trace_hardirqs_on_caller+0xc0/0x310 [ 777.387498] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 777.392261] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 777.397719] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 777.402465] ? retint_kernel+0x2d/0x2d [ 777.406350] ? _raw_spin_unlock_irqrestore+0xaf/0xd0 [ 777.411441] ? _raw_spin_unlock_irqrestore+0x6d/0xd0 [ 777.416531] ? ___ratelimit+0x3b9/0x672 [ 777.420499] ? idr_get_free+0xf70/0xf70 [ 777.424460] ? _raw_spin_unlock_irq+0x27/0x80 [ 777.428938] ? _raw_spin_unlock_irq+0x27/0x80 [ 777.433424] oom_kill_process.cold.27+0x10/0x903 [ 777.438177] ? oom_evaluate_task+0x540/0x540 [ 777.442586] ? cgroup_procs_next+0x70/0x70 [ 777.446811] ? _raw_spin_unlock_irq+0x56/0x80 [ 777.451291] ? _raw_spin_unlock_irq+0x60/0x80 [ 777.455767] ? oom_badness+0xaa0/0xaa0 [ 777.459659] ? mem_cgroup_scan_tasks+0x1c3/0x1e0 [ 777.464407] ? mark_held_locks+0xc7/0x130 [ 777.468549] ? mem_cgroup_iter_break+0x30/0x30 [ 777.473136] out_of_memory+0xa7f/0x1430 [ 777.477096] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 777.481853] ? oom_killer_disable+0x3a0/0x3a0 [ 777.486331] ? retint_kernel+0x2d/0x2d [ 777.490221] mem_cgroup_out_of_memory+0x15e/0x210 [ 777.495052] ? memory_oom_group_write+0x160/0x160 [ 777.499891] ? mem_cgroup_try_charge+0x627/0xe20 [ 777.504650] ? page_counter_try_charge+0x1c1/0x220 [ 777.509579] try_charge+0xdcd/0x1720 [ 777.513371] ? kasan_check_read+0x11/0x20 [ 777.517520] ? mem_cgroup_from_task+0x1f0/0x1f0 [ 777.522181] ? get_mem_cgroup_from_mm.part.62+0x221/0x880 [ 777.527711] ? retint_kernel+0x2d/0x2d [ 777.531584] ? trace_hardirqs_on_caller+0xc0/0x310 [ 777.536509] ? lock_page_memcg+0x350/0x350 [ 777.540994] ? lock_acquire+0x1ed/0x520 [ 777.544958] ? mem_cgroup_oom_control_write+0x100/0x100 [ 777.550311] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 777.555837] ? check_preemption_disabled+0x48/0x280 [ 777.560862] ? kasan_check_read+0x11/0x20 [ 777.564998] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 777.570262] ? rcu_softirq_qs+0x20/0x20 [ 777.574233] mem_cgroup_try_charge+0x627/0xe20 [ 777.578803] ? mem_cgroup_protected+0xa60/0xa60 [ 777.583462] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 777.588986] ? page_mapping+0x5a2/0xa50 [ 777.592963] ? page_evictable+0x2de/0x540 [ 777.597101] ? check_preemption_disabled+0x48/0x280 [ 777.602119] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 777.607675] mem_cgroup_try_charge_delay+0x1d/0xa0 [ 777.612599] wp_page_copy+0x51d/0x24f0 [ 777.616499] ? follow_pfn+0x2e0/0x2e0 [ 777.620307] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 777.625841] ? reuse_swap_page+0x4bd/0x1520 [ 777.630153] ? swp_swapcount+0x530/0x530 [ 777.634206] ? perf_trace_mm_lru_insertion+0x1490/0x1490 [ 777.639663] ? trace_hardirqs_on_caller+0xc0/0x310 [ 777.644583] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 777.649325] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 777.654071] ? print_usage_bug+0xc0/0xc0 [ 777.658134] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 777.662731] ? graph_lock+0x270/0x270 [ 777.666518] ? mark_held_locks+0xc7/0x130 [ 777.670660] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 777.675410] ? find_held_lock+0x36/0x1c0 [ 777.679521] ? do_wp_page+0x518/0x2920 [ 777.683416] ? lock_downgrade+0x900/0x900 [ 777.687562] ? wake_up_page_bit+0x6f0/0x6f0 [ 777.691875] ? kasan_check_read+0x11/0x20 [ 777.696010] ? do_raw_spin_unlock+0xa7/0x330 [ 777.700423] ? do_raw_spin_trylock+0x270/0x270 [ 777.705013] ? __pte_alloc_kernel+0x220/0x220 [ 777.709500] do_wp_page+0x520/0x2920 [ 777.713202] ? check_preemption_disabled+0x48/0x280 [ 777.718209] ? finish_mkwrite_fault+0x650/0x650 [ 777.722862] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 777.727430] ? retint_kernel+0x2d/0x2d [ 777.731318] ? perf_trace_lock+0x7a0/0x7a0 [ 777.735553] ? trace_hardirqs_on_caller+0xc0/0x310 [ 777.740468] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 777.745993] ? __lock_acquire+0x62f/0x4c20 [ 777.750226] ? mark_held_locks+0x130/0x130 [ 777.754451] ? follow_page_pte+0xdd7/0x1ab0 [ 777.758759] ? lock_downgrade+0x900/0x900 [ 777.762898] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 777.768426] ? check_preemption_disabled+0x48/0x280 [ 777.773434] ? debug_smp_processor_id+0x1c/0x20 [ 777.778091] ? perf_trace_lock_acquire+0x15b/0x800 [ 777.783005] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 777.788533] ? follow_page_pte+0x4f9/0x1ab0 [ 777.792842] ? print_usage_bug+0xc0/0xc0 [ 777.796890] ? undo_dev_pagemap+0x680/0x680 [ 777.801199] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 777.805946] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 777.810531] ? retint_kernel+0x2d/0x2d [ 777.814405] ? trace_hardirqs_on_caller+0xc0/0x310 [ 777.819326] ? __lock_acquire+0x62f/0x4c20 [ 777.823561] ? lock_acquire+0x1ed/0x520 [ 777.827528] ? __handle_mm_fault+0x1fa9/0x5be0 [ 777.832100] ? kasan_check_write+0x14/0x20 [ 777.836333] ? do_raw_spin_lock+0x14f/0x350 [ 777.840757] ? retint_kernel+0x2d/0x2d [ 777.844716] ? rwlock_bug.part.2+0x90/0x90 [ 777.848946] __handle_mm_fault+0x3be9/0x5be0 [ 777.853345] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 777.858180] ? perf_trace_lock+0x7a0/0x7a0 [ 777.862819] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 777.868343] ? pmd_huge+0xf4/0x140 [ 777.871879] ? graph_lock+0x270/0x270 [ 777.875670] ? graph_lock+0x270/0x270 [ 777.879458] ? retint_kernel+0x2d/0x2d [ 777.883332] ? find_held_lock+0x36/0x1c0 [ 777.887388] ? handle_mm_fault+0x42a/0xc70 [ 777.891610] ? lock_downgrade+0x900/0x900 [ 777.895754] ? check_preemption_disabled+0x48/0x280 [ 777.900759] ? kasan_check_read+0x11/0x20 [ 777.904895] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 777.910158] ? rcu_read_unlock_special+0x370/0x370 [ 777.915076] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 777.920598] ? check_preemption_disabled+0x48/0x280 [ 777.925619] handle_mm_fault+0x54f/0xc70 [ 777.929678] ? __handle_mm_fault+0x5be0/0x5be0 [ 777.934249] ? write_comp_data+0x6c/0x70 [ 777.938301] __get_user_pages+0xa3d/0x1ed0 [ 777.942528] ? follow_page_mask+0x2160/0x2160 [ 777.947010] ? debug_smp_processor_id+0x1c/0x20 [ 777.951673] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 777.957205] ? mark_held_locks+0xc7/0x130 [ 777.961344] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 777.966084] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 777.970668] ? retint_kernel+0x2d/0x2d [ 777.974541] ? trace_hardirqs_on_caller+0xc0/0x310 [ 777.979453] ? __mm_populate+0x31a/0x4d0 [ 777.983499] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 777.988260] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 777.993697] ? lock_release+0xa10/0xa10 [ 777.997693] ? perf_trace_sched_process_exec+0x860/0x860 [ 778.003133] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 778.007877] populate_vma_page_range+0x2db/0x3d0 [ 778.012641] ? follow_page+0x420/0x420 [ 778.016527] ? __mm_populate+0x1b8/0x4d0 [ 778.020576] __mm_populate+0x286/0x4d0 [ 778.024478] ? populate_vma_page_range+0x3d0/0x3d0 [ 778.029393] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 778.034918] ? ns_capable_common+0x13f/0x170 [ 778.039325] __x64_sys_mlockall+0x45b/0x630 [ 778.043634] ? __ia32_sys_munlock+0x160/0x160 [ 778.048119] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 778.053642] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 778.058995] ? trace_hardirqs_off_caller+0x300/0x300 [ 778.064086] ? do_syscall_64+0x179/0x820 [ 778.068155] do_syscall_64+0x1b9/0x820 [ 778.072028] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 778.077377] ? syscall_return_slowpath+0x5e0/0x5e0 [ 778.082293] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 778.087124] ? trace_hardirqs_on_caller+0x310/0x310 [ 778.092129] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 778.097133] ? prepare_exit_to_usermode+0x291/0x3b0 [ 778.102138] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 778.106973] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 778.112161] RIP: 0033:0x457569 [ 778.115344] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 778.134243] RSP: 002b:00007f835d885c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097 [ 778.141935] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 0000000000457569 [ 778.149207] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 778.156461] RBP: 000000000072bfa0 R08: 0000000000000000 R09: 0000000000000000 [ 778.163713] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f835d8866d4 [ 778.170965] R13: 00000000004c2b54 R14: 00000000004d4810 R15: 00000000ffffffff [ 778.185199] Task in /syz0 killed as a result of limit of /syz0 [ 778.191696] memory: usage 307200kB, limit 307200kB, failcnt 2685 [ 778.197948] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 778.205301] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 778.211667] Memory cgroup stats for /syz0: cache:144KB rss:297564KB rss_huge:268288KB shmem:28KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:61712KB active_anon:17092KB inactive_file:0KB active_file:0KB unevictable:218864KB [ 778.233677] Memory cgroup out of memory: Kill process 21338 (syz-executor0) score 1216 or sacrifice child [ 778.243685] Killed process 21375 (syz-executor0) total-vm:70468kB, anon-rss:18068kB, file-rss:32768kB, shmem-rss:0kB [ 778.256636] oom_reaper: reaped process 21375 (syz-executor0), now anon-rss:0kB, file-rss:32768kB, shmem-rss:0kB [ 779.089321] syz-executor0 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=1000 [ 779.100937] syz-executor0 cpuset=syz0 mems_allowed=0 [ 779.106224] CPU: 0 PID: 21389 Comm: syz-executor0 Not tainted 4.20.0-rc1-next-20181109+ #110 [ 779.114923] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 779.124259] Call Trace: [ 779.126838] dump_stack+0x244/0x39d [ 779.130465] ? dump_stack_print_info.cold.1+0x20/0x20 [ 779.135653] ? mark_held_locks+0x130/0x130 [ 779.139877] ? mark_held_locks+0x130/0x130 [ 779.144105] dump_header+0x27b/0xf72 [ 779.147810] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 779.153333] ? pagefault_out_of_memory+0x197/0x197 [ 779.158248] ? debug_smp_processor_id+0x1c/0x20 [ 779.162907] ? perf_trace_lock_acquire+0x15b/0x800 [ 779.167826] ? perf_trace_lock+0x7a0/0x7a0 [ 779.172047] ? graph_lock+0x270/0x270 [ 779.175855] ? print_usage_bug+0xc0/0xc0 [ 779.179907] ? find_held_lock+0x36/0x1c0 [ 779.183958] ? mark_held_locks+0xc7/0x130 [ 779.188095] ? _raw_spin_unlock_irqrestore+0x82/0xd0 [ 779.193182] ? _raw_spin_unlock_irqrestore+0x82/0xd0 [ 779.198271] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 779.202838] ? trace_hardirqs_on+0xbd/0x310 [ 779.207159] ? kasan_check_read+0x11/0x20 [ 779.211291] ? ___ratelimit+0x3b4/0x672 [ 779.215251] ? trace_hardirqs_off_caller+0x300/0x300 [ 779.220340] ? trace_hardirqs_on+0x310/0x310 [ 779.224737] ? lock_downgrade+0x900/0x900 [ 779.228888] ? _raw_spin_unlock_irqrestore+0x6d/0xd0 [ 779.233975] ? ___ratelimit+0x3b9/0x672 [ 779.237935] ? idr_get_free+0xf70/0xf70 [ 779.241897] oom_kill_process.cold.27+0x10/0x903 [ 779.246687] ? _raw_spin_unlock_irq+0x56/0x80 [ 779.251169] ? oom_evaluate_task+0x540/0x540 [ 779.255586] ? cgroup_procs_next+0x70/0x70 [ 779.259807] ? _raw_spin_unlock_irq+0x60/0x80 [ 779.264285] ? oom_badness+0xaa0/0xaa0 [ 779.268160] ? mem_cgroup_scan_tasks+0x1c3/0x1e0 [ 779.272929] ? mem_cgroup_iter_break+0x30/0x30 [ 779.277517] ? out_of_memory+0xbb6/0x1430 [ 779.281657] out_of_memory+0xa7f/0x1430 [ 779.285622] ? retint_kernel+0x2d/0x2d [ 779.289514] ? oom_killer_disable+0x3a0/0x3a0 [ 779.294000] ? _raw_spin_unlock_irqrestore+0xaf/0xd0 [ 779.299101] mem_cgroup_out_of_memory+0x15e/0x210 [ 779.303964] ? memory_oom_group_write+0x160/0x160 [ 779.308800] ? mem_cgroup_try_charge+0x627/0xe20 [ 779.313544] ? page_counter_try_charge+0x1c1/0x220 [ 779.318463] try_charge+0xdcd/0x1720 [ 779.322162] ? kasan_check_read+0x11/0x20 [ 779.326301] ? mem_cgroup_from_task+0x1f0/0x1f0 [ 779.330973] ? get_mem_cgroup_from_mm.part.62+0x221/0x880 [ 779.336508] ? lock_page_memcg+0x350/0x350 [ 779.340733] ? lock_acquire+0x268/0x520 [ 779.344699] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 779.350220] ? check_preemption_disabled+0x48/0x280 [ 779.355228] ? kasan_check_read+0x11/0x20 [ 779.359360] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 779.364619] ? rcu_softirq_qs+0x20/0x20 [ 779.368595] mem_cgroup_try_charge+0x627/0xe20 [ 779.373158] ? mark_held_locks+0xc7/0x130 [ 779.377292] ? mem_cgroup_protected+0xa60/0xa60 [ 779.381953] ? retint_kernel+0x2d/0x2d [ 779.385826] ? trace_hardirqs_on_caller+0xc0/0x310 [ 779.390740] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 779.395511] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 779.400967] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 779.405711] ? retint_kernel+0x2d/0x2d [ 779.409677] mem_cgroup_try_charge_delay+0x1d/0xa0 [ 779.414617] wp_page_copy+0x51d/0x24f0 [ 779.418516] ? follow_pfn+0x2e0/0x2e0 [ 779.422341] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 779.427865] ? reuse_swap_page+0x4bd/0x1520 [ 779.432173] ? swp_swapcount+0x530/0x530 [ 779.436253] ? perf_trace_mm_lru_insertion+0x1490/0x1490 [ 779.441706] ? trace_hardirqs_on_caller+0xc0/0x310 [ 779.446623] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 779.451367] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 779.456804] ? print_usage_bug+0xc0/0xc0 [ 779.460849] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 779.465613] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 779.470358] ? graph_lock+0x270/0x270 [ 779.474144] ? __lock_acquire+0x62f/0x4c20 [ 779.478375] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 779.483124] ? find_held_lock+0x36/0x1c0 [ 779.487193] ? do_wp_page+0x518/0x2920 [ 779.491075] ? lock_downgrade+0x900/0x900 [ 779.495209] ? wake_up_page_bit+0x6f0/0x6f0 [ 779.499523] ? kasan_check_read+0x11/0x20 [ 779.503764] ? do_raw_spin_unlock+0xa7/0x330 [ 779.508175] ? do_raw_spin_trylock+0x270/0x270 [ 779.512746] ? __pte_alloc_kernel+0x220/0x220 [ 779.517228] ? perf_trace_lock_acquire+0x15b/0x800 [ 779.522150] do_wp_page+0x520/0x2920 [ 779.525857] ? check_preemption_disabled+0x48/0x280 [ 779.530861] ? finish_mkwrite_fault+0x650/0x650 [ 779.535518] ? mark_held_locks+0xc7/0x130 [ 779.539662] ? perf_trace_lock+0x7a0/0x7a0 [ 779.543898] ? trace_hardirqs_on_caller+0xc0/0x310 [ 779.548814] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 779.554339] ? __lock_acquire+0x62f/0x4c20 [ 779.558570] ? mark_held_locks+0x130/0x130 [ 779.562791] ? follow_page_pte+0xdd7/0x1ab0 [ 779.567096] ? lock_downgrade+0x900/0x900 [ 779.571234] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 779.576753] ? check_preemption_disabled+0x48/0x280 [ 779.581758] ? debug_smp_processor_id+0x1c/0x20 [ 779.586412] ? perf_trace_lock_acquire+0x15b/0x800 [ 779.591326] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 779.596850] ? follow_page_pte+0x4f9/0x1ab0 [ 779.601159] ? print_usage_bug+0xc0/0xc0 [ 779.605211] ? undo_dev_pagemap+0x680/0x680 [ 779.609525] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 779.614294] ? print_usage_bug+0xc0/0xc0 [ 779.618345] ? print_usage_bug+0xc0/0xc0 [ 779.622395] ? retint_kernel+0x2d/0x2d [ 779.626285] ? __lock_acquire+0x62f/0x4c20 [ 779.630519] ? lock_acquire+0x1ed/0x520 [ 779.634490] ? __handle_mm_fault+0x1fa9/0x5be0 [ 779.639154] ? kasan_check_write+0x14/0x20 [ 779.643375] ? do_raw_spin_lock+0x14f/0x350 [ 779.647680] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 779.652422] ? rwlock_bug.part.2+0x90/0x90 [ 779.656640] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 779.661207] ? retint_kernel+0x2d/0x2d [ 779.665080] ? trace_hardirqs_on_caller+0xc0/0x310 [ 779.669993] ? trace_hardirqs_on_caller+0xc0/0x310 [ 779.674905] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 779.679652] __handle_mm_fault+0x3be9/0x5be0 [ 779.684052] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 779.688886] ? perf_trace_lock+0x7a0/0x7a0 [ 779.693107] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 779.698627] ? pmd_huge+0xf4/0x140 [ 779.702161] ? graph_lock+0x270/0x270 [ 779.705946] ? graph_lock+0x270/0x270 [ 779.709739] ? find_held_lock+0x36/0x1c0 [ 779.713792] ? handle_mm_fault+0x42a/0xc70 [ 779.718011] ? lock_downgrade+0x900/0x900 [ 779.722149] ? check_preemption_disabled+0x48/0x280 [ 779.727158] ? kasan_check_read+0x11/0x20 [ 779.731306] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 779.736595] ? rcu_read_unlock_special+0x370/0x370 [ 779.741542] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 779.747110] ? check_preemption_disabled+0x48/0x280 [ 779.752134] handle_mm_fault+0x54f/0xc70 [ 779.756182] ? __handle_mm_fault+0x5be0/0x5be0 [ 779.760751] ? follow_page_mask+0x22/0x2160 [ 779.765062] __get_user_pages+0xa3d/0x1ed0 [ 779.769295] ? follow_page_mask+0x2160/0x2160 [ 779.773778] ? mark_held_locks+0xc7/0x130 [ 779.777916] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 779.782677] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 779.787251] ? retint_kernel+0x2d/0x2d [ 779.791252] ? trace_hardirqs_on_caller+0xc0/0x310 [ 779.796184] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 779.800932] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 779.806367] ? mark_held_locks+0xc7/0x130 [ 779.810522] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 779.815283] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 779.820033] ? retint_kernel+0x2d/0x2d [ 779.823920] populate_vma_page_range+0x2db/0x3d0 [ 779.828667] ? follow_page+0x420/0x420 [ 779.832554] ? __mm_populate+0x2d2/0x4d0 [ 779.836606] ? __mm_populate+0x132/0x4d0 [ 779.840756] __mm_populate+0x286/0x4d0 [ 779.844646] ? populate_vma_page_range+0x3d0/0x3d0 [ 779.849574] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 779.855102] ? ns_capable_common+0x13f/0x170 [ 779.859771] __x64_sys_mlockall+0x45b/0x630 [ 779.864079] ? __ia32_sys_munlock+0x160/0x160 [ 779.868558] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 779.874080] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 779.879429] ? trace_hardirqs_off_caller+0x300/0x300 [ 779.884530] do_syscall_64+0x1b9/0x820 [ 779.888402] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 779.893844] ? syscall_return_slowpath+0x5e0/0x5e0 [ 779.898767] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 779.903591] ? trace_hardirqs_on_caller+0x310/0x310 [ 779.908588] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 779.913590] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 779.919110] ? prepare_exit_to_usermode+0x291/0x3b0 [ 779.924128] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 779.928961] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 779.934131] RIP: 0033:0x457569 [ 779.937313] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 779.956196] RSP: 002b:00007f835d843c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097 [ 779.963887] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 0000000000457569 [ 779.971135] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 779.978386] RBP: 000000000072c0e0 R08: 0000000000000000 R09: 0000000000000000 [ 779.985640] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f835d8446d4 [ 779.992894] R13: 00000000004c2b54 R14: 00000000004d4810 R15: 00000000ffffffff [ 780.005128] Task in /syz0 killed as a result of limit of /syz0 [ 780.012039] memory: usage 297288kB, limit 307200kB, failcnt 2720 [ 780.018256] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 780.026158] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 780.032419] Memory cgroup stats for /syz0: cache:144KB rss:287944KB rss_huge:258048KB shmem:28KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:60284KB active_anon:19132KB inactive_file:0KB active_file:0KB unevictable:208548KB [ 780.054400] Memory cgroup out of memory: Kill process 21338 (syz-executor0) score 1220 or sacrifice child [ 780.064343] Killed process 21389 (syz-executor0) total-vm:70864kB, anon-rss:18460kB, file-rss:52260kB, shmem-rss:0kB [ 780.076709] oom_reaper: reaped process 21389 (syz-executor0), now anon-rss:18460kB, file-rss:52252kB, shmem-rss:0kB 00:55:15 executing program 0: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000000)=0x102, 0x4) bind$inet(r0, &(0x7f0000942000)={0x2, 0x4e20, @multicast1}, 0x10) getsockopt$IP_VS_SO_GET_SERVICE(r0, 0x0, 0x483, &(0x7f0000000300), &(0x7f00000000c0)=0xfe18) r1 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000400)='/dev/vga_arbiter\x00', 0x3fc, 0x0) getsockopt$IP6T_SO_GET_REVISION_MATCH(r1, 0x29, 0x44, &(0x7f0000000180)={'NETMAP\x00'}, &(0x7f00000001c0)=0x1e) mlockall(0x1) clone(0x0, 0x0, 0xfffffffffffffffe, &(0x7f0000000080), 0xffffffffffffffff) r2 = open(&(0x7f0000000140)='./file0\x00', 0x0, 0x99) exit(0x7fffffffbffefffd) r3 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mlockall(0x3) ioctl$VHOST_SET_VRING_CALL(r1, 0x4008af21, &(0x7f0000000500)={0x3, r2}) r4 = getpgid(0xffffffffffffffff) setpriority(0x1, r4, 0x5) r5 = getpgrp(0x0) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000280)={0xffffffffffffffff, r1, 0x0, 0xf, &(0x7f0000000240)='wlan0\\}md5sum#\x00'}, 0x30) setpgid(r5, r6) vmsplice(r3, &(0x7f00000008c0)=[{&(0x7f0000000800)="50e005e6815dc6b00b10002c519c66795de0d52fc076f1eb6a9c58cde88a6eef0093b24a178e84740aa6d1618e2033d38d4aea0fb17cda768820a83864ac14405192e4549c3ad33fca5d187507c5a984d6a0c72683e7af2d4a070000000000000005b6d0dce139e4c627395426a1f6fc0b416f7163eb07000000d9e0203181735ccac1e530c361262a0a5e0a98e9ca3d17f2f2f0c116fa9fbdbe757d93e323d17f29", 0xa2}], 0x1, 0xf) ioctl$EVIOCGEFFECTS(r1, 0x80044584, &(0x7f0000000580)=""/190) mq_notify(r1, &(0x7f0000000540)={0x0, 0x1c, 0x7, @thr={&(0x7f0000000440)="4c272be7ad31b92a7819bd4438656080ec27849a76ffa174b3fe114201140a34e5e6cb4d6a3ab9bcdc80a2717dd8542f33caa13b8c9cb9f5d11d4c66dc81779917000c05979ce491010f7259d0ecdb80fb30d6cba6e2b753ac23635fbb3d879cc2982fb4bbe1afcea02f12d11d43e1337c25411ae04bd8efc06636c455e15689c75b95c24f0dbdd30bdf91f2313a3e39b263ff5196302f1880765440d8b1", 0x0}}) accept4$inet(0xffffffffffffffff, &(0x7f00000000c0), &(0x7f0000000100)=0x10, 0x0) setsockopt$sock_int(r0, 0x1, 0x3c, &(0x7f0000d4effc)=0x1, 0x4) remap_file_pages(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x4, 0xa1, 0x40001) connect$inet(r0, &(0x7f00000002c0)={0x2, 0x4e20, @local}, 0x10) ioctl$FS_IOC_FSSETXATTR(r2, 0x401c5820, &(0x7f0000000200)={0x6d, 0x7fff, 0x400, 0x40, 0x4}) sendmmsg(r0, &(0x7f00000010c0)=[{{&(0x7f0000000bc0)=@in6={0xa, 0x0, 0x85ecff7f00000000, @mcast1}, 0x80, &(0x7f0000000d40), 0x2fb, &(0x7f0000000d80)}}], 0x4000000000001b4, 0x40400d4) 00:55:15 executing program 1: r0 = add_key$user(0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe) keyctl$update(0x2, r0, &(0x7f0000000440), 0x0) r1 = syz_open_dev$swradio(&(0x7f00000000c0)='/dev/swradio#\x00', 0xffffffffffffffff, 0x2) r2 = request_key(&(0x7f0000000080)='blacklist\x00', &(0x7f00000001c0)={'syz', 0x3}, &(0x7f0000000200)='\x00', 0xffffffffffffffff) r3 = add_key$user(&(0x7f0000000000)='user\x00', &(0x7f0000000040)={'syz', 0x0}, &(0x7f0000000100)="01bdd9fdfa5bc9fad1529b2414787066555b0b44cdfa6e7935d411f16ac899a0bfde66c76db744c7db801b6d1b7ddb15f8d8320e26517c79e1465f662aa8e13f9bafc4f6bcc3a838a8af9efe1ffa49cbc97abe72041e7af994cc9a36a93d3bff08a10e7ff68ce71cce07aff3f66d8940489dc775a89f511ecbec8d5734ede900f0ca908db734f9e357a7f70c93a835216c7e803607baed60893c90cdfb8cd637131dc3aa81b80e3526750864ed50ed7407d725db3b4a35b99b", 0xb9, r2) mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xfffffffffffffffd, 0x11, r1, 0x0) keyctl$reject(0x13, r3, 0x8ac, 0x6, r2) ioctl$KVM_ASSIGN_SET_MSIX_NR(r1, 0x4008ae73, &(0x7f00000002c0)={0x43, 0xff}) add_key$keyring(&(0x7f0000000240)='keyring\x00', &(0x7f0000000280)={'syz', 0x0}, 0x0, 0x0, 0xfffffffffffffffd) 00:55:15 executing program 5: add_key$user(&(0x7f0000000040)='user\x00', 0x0, &(0x7f0000000380), 0x0, 0xfffffffffffffffe) keyctl$update(0x2, 0x0, 0x0, 0x0) r0 = syz_open_dev$swradio(&(0x7f00000000c0)='/dev/swradio#\x00', 0xffffffffffffffff, 0x2) mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xfffffffffffffffd, 0x11, r0, 0x0) ioctl$ASHMEM_GET_SIZE(r0, 0x7704, 0x0) 00:55:15 executing program 3: syz_open_dev$mice(0x0, 0x0, 0x0) r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000200)="2f6a7374617400c65381b47aaedf2af5c8af3423fc41891bd2a3c56d8c88e29bad43f1da906e855ff182de04227edcbbc2b1df8f180e158e8abd442cc049cffda030ff277875ee010000000000000000000000000000000000000000000000f532144d1671a6cdf5069e5bddcf25cd7f23956b4a82df900f5eb5763b4fe8cc7172962d2590b2dca2a1308c382541b053194d9027d83ee7ba2e3280857f8f9f63fc90bae959c6e67078bf97e615bfd9409914958aadcfb37973543c60d83526e5c267f7dfa54bd524cc9671dedd665199322bdadee125a35b40b7be0c07301f439a7edfa26fa98277c8078b02e2076291c33787c58b0eabbc39288fc10509409de108f5ca26a8c8e1afb70b2a9569cf8f4cdb6d4e97eb7fdf241dee160e6071618333cc0b0e8bc6a17a0b7d604550fd149ad078ffe54c6392fba29015a3ae73774cd12d9c0ed251a7cf843d712d", 0x2761, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)=ANY=[], &(0x7f00000001c0)='GPL\x00'}, 0x48) r1 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x2761, 0x0) perf_event_open(&(0x7f0000000080)={0x7, 0x70, 0x6, 0x971, 0x100000001, 0x2, 0x0, 0x8, 0x1, 0x8, 0x4, 0x6, 0x1000, 0x9, 0x100, 0x5, 0x9, 0x3ff, 0x6, 0x1ff, 0x7, 0x7, 0xfffffffffffffff7, 0x6, 0x53f, 0x6, 0x8, 0x1cf, 0xef6, 0x5, 0x0, 0x6, 0x1, 0x48000, 0x2, 0x0, 0x1ff, 0x2, 0x0, 0xd95, 0x2, @perf_config_ext={0xffffffffffff0001, 0x49fa}, 0x80, 0x80, 0x2, 0x2, 0x80, 0x8, 0x4}, 0xffffffffffffffff, 0x9, r0, 0xa) ioctl$PERF_EVENT_IOC_PERIOD(r1, 0x4030582a, &(0x7f0000000000)) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000840), 0x0, &(0x7f0000000700)}, 0x0) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x4030582a, &(0x7f0000000000)) 00:55:15 executing program 4: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000280)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000480)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) read$FUSE(r0, &(0x7f0000003000), 0x4ea) write$FUSE_INIT(r0, &(0x7f0000000600)={0x50, 0x0, 0x2, {0x7, 0x1c, 0x8000a0, 0x0, 0x7ff}}, 0x50) 00:55:15 executing program 2: add_key$user(0x0, 0x0, &(0x7f0000000380)='X', 0x1, 0xfffffffffffffffe) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getsockopt$IP_VS_SO_GET_VERSION(0xffffffffffffffff, 0x0, 0x480, 0x0, 0x0) r0 = syz_open_dev$swradio(&(0x7f00000000c0)='/dev/swradio#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000340)={0x0, 0x9, 0x1, {0xb, @pix={0x0, 0x1f}}}) mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xfffffffffffffffd, 0x11, r0, 0x0) clone(0x0, &(0x7f0000000080), &(0x7f0000000000), &(0x7f0000915ffc), &(0x7f0000000180)) ioctl$ASHMEM_GET_SIZE(0xffffffffffffffff, 0x7704, 0x0) add_key$user(&(0x7f0000000240)='user\x00', &(0x7f0000000540)={'syz'}, &(0x7f0000000600)="63bbdf5b932bb04481028798fd5fb1bf7183b30984e21c3eb3094d70650ee8624e2bdce1427bd61c8e222dbd67d402b7ccaf0c5dc50030ee14d419fa9c84b0ffd1019f1b2ae022a0f182301f9942566e6f61eabe384c732d0813a18bb3dc9f3a678d9d44e6293e786ab2e6d28f236c138d63fe4f6ece6f3d04", 0x79, 0xfffffffffffffffd) openat$autofs(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/autofs\x00', 0x401, 0x0) 00:55:15 executing program 1: r0 = add_key$user(0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe) keyctl$update(0x2, r0, &(0x7f0000000440), 0x0) r1 = syz_open_dev$swradio(&(0x7f00000000c0)='/dev/swradio#\x00', 0xffffffffffffffff, 0x2) mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xfffffffffffffffd, 0x11, r1, 0x0) ioctl$VHOST_GET_FEATURES(r1, 0x8008af00, &(0x7f0000000000)) 00:55:15 executing program 5: add_key$user(&(0x7f0000000040)='user\x00', 0x0, &(0x7f0000000380), 0x0, 0xfffffffffffffffe) keyctl$update(0x2, 0x0, 0x0, 0x0) r0 = syz_open_dev$swradio(&(0x7f00000000c0)='/dev/swradio#\x00', 0xffffffffffffffff, 0x2) mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xffffffffffff7ffd, 0x11, r0, 0x0) ioctl$ASHMEM_GET_SIZE(0xffffffffffffffff, 0x7704, 0x0) 00:55:15 executing program 4: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000280)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000480)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) read$FUSE(r0, &(0x7f0000003000), 0x4ea) write$FUSE_INIT(r0, &(0x7f0000000600)={0x50, 0x0, 0x2, {0x7, 0x1c, 0xc00, 0x0, 0x7ff}}, 0x50) 00:55:15 executing program 5: add_key$user(&(0x7f0000000040)='user\x00', 0x0, &(0x7f0000000380), 0xef, 0xfffffffffffffffe) keyctl$update(0x2, 0x0, 0x0, 0x0) r0 = syz_open_dev$swradio(&(0x7f00000000c0)='/dev/swradio#\x00', 0xffffffffffffffff, 0x2) mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xfffffffffffffffd, 0x11, r0, 0x0) ioctl$TIOCCBRK(r0, 0x5428) ioctl$ASHMEM_GET_SIZE(r0, 0x7704, 0x0) 00:55:15 executing program 1: r0 = add_key$user(0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe) keyctl$update(0x2, r0, &(0x7f0000000440), 0x0) r1 = add_key(&(0x7f0000000080)='keyring\x00', &(0x7f0000000100)={'syz', 0x0}, &(0x7f0000000140)="e55b95446570359f", 0x8, 0xfffffffffffffffa) add_key$keyring(&(0x7f0000000000)='keyring\x00', &(0x7f0000000040)={'syz', 0x3}, 0x0, 0x0, r1) r2 = syz_open_dev$swradio(&(0x7f00000000c0)='/dev/swradio#\x00', 0xffffffffffffffff, 0x2) mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xfffffffffffffffd, 0x11, r2, 0x0) 00:55:15 executing program 2: add_key$user(0x0, 0x0, &(0x7f0000000380)='X', 0x1, 0xfffffffffffffffe) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getsockopt$IP_VS_SO_GET_VERSION(0xffffffffffffffff, 0x0, 0x480, 0x0, 0x0) r0 = syz_open_dev$swradio(&(0x7f00000000c0)='/dev/swradio#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000340)={0x0, 0x9, 0x1, {0xb, @pix={0x0, 0x1f}}}) mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xfffffffffffffffd, 0x11, r0, 0x0) clone(0x0, &(0x7f0000000080), &(0x7f0000000000), &(0x7f0000915ffc), &(0x7f0000000180)) ioctl$ASHMEM_GET_SIZE(0xffffffffffffffff, 0x7704, 0x0) add_key$user(&(0x7f0000000240)='user\x00', &(0x7f0000000540)={'syz'}, &(0x7f0000000600)="63bbdf5b932bb04481028798fd5fb1bf7183b30984e21c3eb3094d70650ee8624e2bdce1427bd61c8e222dbd67d402b7ccaf0c5dc50030ee14d419fa9c84b0ffd1019f1b2ae022a0f182301f9942566e6f61eabe384c732d0813a18bb3dc9f3a678d9d44e6293e786ab2e6d28f236c138d63fe4f6ece6f3d04", 0x79, 0xfffffffffffffffd) openat$autofs(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/autofs\x00', 0x401, 0x0) [ 781.614780] syz-executor0 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=1000 [ 781.626182] syz-executor0 cpuset=syz0 mems_allowed=0 [ 781.631827] CPU: 0 PID: 21441 Comm: syz-executor0 Not tainted 4.20.0-rc1-next-20181109+ #110 [ 781.640405] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 781.649756] Call Trace: [ 781.652341] dump_stack+0x244/0x39d [ 781.655969] ? dump_stack_print_info.cold.1+0x20/0x20 [ 781.661155] ? mark_held_locks+0x130/0x130 [ 781.665462] ? mark_held_locks+0x130/0x130 [ 781.669686] dump_header+0x27b/0xf72 [ 781.673393] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 781.678926] ? pagefault_out_of_memory+0x197/0x197 [ 781.683841] ? debug_smp_processor_id+0x1c/0x20 [ 781.688503] ? perf_trace_lock_acquire+0x15b/0x800 [ 781.693435] ? perf_trace_lock+0x7a0/0x7a0 [ 781.697661] ? graph_lock+0x270/0x270 [ 781.701447] ? print_usage_bug+0xc0/0xc0 [ 781.705508] ? find_held_lock+0x36/0x1c0 [ 781.709576] ? mark_held_locks+0xc7/0x130 [ 781.713726] ? _raw_spin_unlock_irqrestore+0x82/0xd0 [ 781.718815] ? _raw_spin_unlock_irqrestore+0x82/0xd0 [ 781.723905] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 781.728472] ? trace_hardirqs_on+0xbd/0x310 [ 781.732793] ? kasan_check_read+0x11/0x20 [ 781.736925] ? ___ratelimit+0x3b4/0x672 [ 781.740902] ? trace_hardirqs_off_caller+0x300/0x300 [ 781.746001] ? trace_hardirqs_on+0x310/0x310 [ 781.750397] ? lock_downgrade+0x900/0x900 [ 781.754537] ? _raw_spin_unlock_irqrestore+0x6d/0xd0 [ 781.759626] ? ___ratelimit+0x3b9/0x672 [ 781.763586] ? idr_get_free+0xf70/0xf70 [ 781.767555] oom_kill_process.cold.27+0x10/0x903 [ 781.772303] ? _raw_spin_unlock_irq+0x56/0x80 [ 781.776816] ? oom_evaluate_task+0x540/0x540 [ 781.781216] ? cgroup_procs_next+0x70/0x70 [ 781.785434] ? _raw_spin_unlock_irq+0x56/0x80 [ 781.789911] ? _raw_spin_unlock_irq+0x60/0x80 [ 781.794392] ? oom_badness+0xaa0/0xaa0 [ 781.798265] ? mem_cgroup_scan_tasks+0x1c3/0x1e0 [ 781.803105] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 781.807858] ? mem_cgroup_iter_break+0x30/0x30 [ 781.812449] ? out_of_memory+0x100/0x1430 [ 781.816585] out_of_memory+0xa7f/0x1430 [ 781.820546] ? retint_kernel+0x2d/0x2d [ 781.824419] ? oom_killer_disable+0x3a0/0x3a0 [ 781.829019] ? _raw_spin_unlock_irqrestore+0xaf/0xd0 [ 781.834115] mem_cgroup_out_of_memory+0x15e/0x210 [ 781.838947] ? memory_oom_group_write+0x160/0x160 [ 781.843773] ? mem_cgroup_try_charge+0x627/0xe20 [ 781.848519] ? page_counter_try_charge+0x1c1/0x220 [ 781.853502] try_charge+0xdcd/0x1720 [ 781.857207] ? kasan_check_read+0x11/0x20 [ 781.861344] ? mem_cgroup_from_task+0x1f0/0x1f0 [ 781.866007] ? get_mem_cgroup_from_mm.part.62+0x221/0x880 [ 781.871535] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 781.877328] ? lock_page_memcg+0x350/0x350 [ 781.881574] ? retint_kernel+0x2d/0x2d [ 781.885454] ? get_mem_cgroup_from_mm.part.62+0x1b/0x880 [ 781.890893] mem_cgroup_try_charge+0x627/0xe20 [ 781.895463] ? mark_held_locks+0xc7/0x130 [ 781.899600] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 781.904362] ? mem_cgroup_protected+0xa60/0xa60 [ 781.909109] ? retint_kernel+0x2d/0x2d [ 781.912982] ? trace_hardirqs_on_caller+0xc0/0x310 [ 781.917899] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 781.922643] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 781.928087] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 781.932843] ? retint_kernel+0x2d/0x2d [ 781.936728] mem_cgroup_try_charge_delay+0x1d/0xa0 [ 781.941647] wp_page_copy+0x51d/0x24f0 [ 781.945529] ? follow_pfn+0x2e0/0x2e0 [ 781.949325] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 781.954851] ? reuse_swap_page+0x4bd/0x1520 [ 781.959161] ? swp_swapcount+0x530/0x530 [ 781.963225] ? perf_trace_mm_lru_insertion+0x1490/0x1490 [ 781.968661] ? trace_hardirqs_on_caller+0xc0/0x310 [ 781.973573] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 781.978320] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 781.983761] ? print_usage_bug+0xc0/0xc0 [ 781.987816] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 781.992564] ? graph_lock+0x270/0x270 [ 781.996355] ? __lock_acquire+0x62f/0x4c20 [ 782.000577] ? print_usage_bug+0xc0/0xc0 [ 782.004621] ? mark_page_accessed+0xf3f/0x2040 [ 782.009198] ? mark_page_accessed+0xf5b/0x2040 [ 782.013766] ? __sanitizer_cov_trace_pc+0x26/0x50 [ 782.018597] ? find_held_lock+0x36/0x1c0 [ 782.022649] ? do_wp_page+0x518/0x2920 [ 782.026524] ? lock_downgrade+0x900/0x900 [ 782.030656] ? wake_up_page_bit+0x6f0/0x6f0 [ 782.034967] ? kasan_check_read+0x11/0x20 [ 782.039103] ? do_raw_spin_unlock+0xa7/0x330 [ 782.043512] ? do_raw_spin_trylock+0x270/0x270 [ 782.048080] ? __pte_alloc_kernel+0x220/0x220 [ 782.052563] ? perf_trace_lock_acquire+0x15b/0x800 [ 782.057483] do_wp_page+0x520/0x2920 [ 782.061185] ? check_preemption_disabled+0x48/0x280 [ 782.066184] ? print_usage_bug+0xc0/0xc0 [ 782.070230] ? finish_mkwrite_fault+0x650/0x650 [ 782.074881] ? print_usage_bug+0xc0/0xc0 [ 782.078926] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 782.083694] ? perf_trace_lock+0x7a0/0x7a0 [ 782.087926] ? __lock_acquire+0x62f/0x4c20 [ 782.092150] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 782.096720] ? retint_kernel+0x2d/0x2d [ 782.100595] ? trace_hardirqs_on_caller+0xc0/0x310 [ 782.105520] ? mark_held_locks+0x130/0x130 [ 782.109759] ? follow_page_pte+0xdd7/0x1ab0 [ 782.114069] ? lock_downgrade+0x900/0x900 [ 782.118211] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 782.123738] ? check_preemption_disabled+0x48/0x280 [ 782.128738] ? debug_smp_processor_id+0x1c/0x20 [ 782.133390] ? perf_trace_lock_acquire+0x15b/0x800 [ 782.138339] ? in_lock_functions+0x2/0x20 [ 782.142484] ? follow_page_pte+0x4f9/0x1ab0 [ 782.146892] ? print_usage_bug+0xc0/0xc0 [ 782.150939] ? mark_held_locks+0xc7/0x130 [ 782.155072] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 782.159815] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 782.164386] ? retint_kernel+0x2d/0x2d [ 782.168259] ? trace_hardirqs_on_caller+0xc0/0x310 [ 782.173179] ? retint_kernel+0x2d/0x2d [ 782.177054] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 782.181795] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 782.187231] ? __lock_acquire+0x62f/0x4c20 [ 782.191451] ? lock_acquire+0x1ed/0x520 [ 782.195409] ? __handle_mm_fault+0x1fa9/0x5be0 [ 782.199984] ? kasan_check_write+0x14/0x20 [ 782.204205] ? do_raw_spin_lock+0x14f/0x350 [ 782.208514] ? rwlock_bug.part.2+0x90/0x90 [ 782.212744] __handle_mm_fault+0x3be9/0x5be0 [ 782.217143] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 782.221977] ? perf_trace_lock+0x7a0/0x7a0 [ 782.226204] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 782.231728] ? pmd_huge+0xf4/0x140 [ 782.235274] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 782.239845] ? retint_kernel+0x2d/0x2d [ 782.243722] ? trace_hardirqs_on_caller+0xc0/0x310 [ 782.248646] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 782.253390] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 782.258831] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 782.263579] ? retint_kernel+0x2d/0x2d [ 782.267464] handle_mm_fault+0x54f/0xc70 [ 782.271513] ? __handle_mm_fault+0x5be0/0x5be0 [ 782.276108] ? write_comp_data+0x6c/0x70 [ 782.280157] __get_user_pages+0xa3d/0x1ed0 [ 782.284384] ? follow_page_mask+0x2160/0x2160 [ 782.288865] ? mark_held_locks+0xc7/0x130 [ 782.293012] ? mark_held_locks+0xc7/0x130 [ 782.297159] ? mark_held_locks+0xc7/0x130 [ 782.301296] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 782.306045] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 782.310616] ? retint_kernel+0x2d/0x2d [ 782.314487] ? trace_hardirqs_on_caller+0xc0/0x310 [ 782.319404] ? __mm_populate+0x31a/0x4d0 [ 782.323449] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 782.328195] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 782.333631] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 782.338377] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 782.343135] populate_vma_page_range+0x2db/0x3d0 [ 782.347888] ? follow_page+0x420/0x420 [ 782.351762] ? __get_user_pages+0x744/0x1ed0 [ 782.356169] __mm_populate+0x286/0x4d0 [ 782.360043] ? populate_vma_page_range+0x3d0/0x3d0 [ 782.364962] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 782.370484] ? ns_capable_common+0x13f/0x170 [ 782.374889] __x64_sys_mlockall+0x45b/0x630 [ 782.379221] ? __ia32_sys_munlock+0x160/0x160 [ 782.383741] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 782.389277] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 782.394630] ? trace_hardirqs_off_caller+0x300/0x300 [ 782.399738] ? __ia32_sys_clock_settime+0x290/0x290 [ 782.404739] ? do_syscall_64+0x179/0x820 [ 782.408791] do_syscall_64+0x1b9/0x820 [ 782.412697] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 782.418069] ? syscall_return_slowpath+0x5e0/0x5e0 [ 782.422986] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 782.427825] ? trace_hardirqs_on_caller+0x310/0x310 [ 782.432836] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 782.437836] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 782.443358] ? prepare_exit_to_usermode+0x291/0x3b0 [ 782.448365] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 782.453220] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 782.458409] RIP: 0033:0x457569 [ 782.461609] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 782.480507] RSP: 002b:00007f835d885c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097 [ 782.488201] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 0000000000457569 [ 782.495468] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 782.502724] RBP: 000000000072bfa0 R08: 0000000000000000 R09: 0000000000000000 [ 782.509982] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f835d8866d4 [ 782.517244] R13: 00000000004c2b54 R14: 00000000004d4810 R15: 00000000ffffffff [ 782.526960] Task in /syz0 killed as a result of limit of /syz0 [ 782.534945] memory: usage 307200kB, limit 307200kB, failcnt 2774 [ 782.541211] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 782.548022] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 782.554394] Memory cgroup stats for /syz0: cache:144KB rss:297440KB rss_huge:266240KB shmem:28KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:63760KB active_anon:17092KB inactive_file:0KB active_file:0KB unevictable:216832KB [ 782.576571] Memory cgroup out of memory: Kill process 21400 (syz-executor0) score 1216 or sacrifice child [ 782.586902] Killed process 21442 (syz-executor0) total-vm:70468kB, anon-rss:18068kB, file-rss:32896kB, shmem-rss:0kB [ 782.603061] oom_reaper: reaped process 21442 (syz-executor0), now anon-rss:0kB, file-rss:32768kB, shmem-rss:0kB 00:55:18 executing program 0: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000000)=0x102, 0x4) bind$inet(r0, &(0x7f0000942000)={0x2, 0x4e20, @multicast1}, 0x10) getsockopt$IP_VS_SO_GET_SERVICE(r0, 0x0, 0x483, &(0x7f0000000300), &(0x7f00000000c0)=0xfe18) r1 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000400)='/dev/vga_arbiter\x00', 0x3fc, 0x0) getsockopt$IP6T_SO_GET_REVISION_MATCH(r1, 0x29, 0x44, &(0x7f0000000180)={'NETMAP\x00'}, &(0x7f00000001c0)=0x1e) mlockall(0x1) clone(0x0, 0x0, 0xfffffffffffffffe, &(0x7f0000000080), 0xffffffffffffffff) r2 = open(&(0x7f0000000140)='./file0\x00', 0x0, 0x99) exit(0x7fffffffbffefffd) r3 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mlockall(0x3) ioctl$VHOST_SET_VRING_CALL(r1, 0x4008af21, &(0x7f0000000500)={0x3, r2}) r4 = getpgid(0xffffffffffffffff) setpriority(0x1, r4, 0x5) r5 = getpgrp(0x0) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000280)={0xffffffffffffffff, r1, 0x0, 0xf, &(0x7f0000000240)='wlan0\\}md5sum#\x00'}, 0x30) setpgid(r5, r6) vmsplice(r3, &(0x7f00000008c0)=[{&(0x7f0000000800)="50e005e6815dc6b00b10002c519c66795de0d52fc076f1eb6a9c58cde88a6eef0093b24a178e84740aa6d1618e2033d38d4aea0fb17cda768820a83864ac14405192e4549c3ad33fca5d187507c5a984d6a0c72683e7af2d4a070000000000000005b6d0dce139e4c627395426a1f6fc0b416f7163eb07000000d9e0203181735ccac1e530c361262a0a5e0a98e9ca3d17f2f2f0c116fa9fbdbe757d93e323d17f29", 0xa2}], 0x1, 0xf) ioctl$EVIOCGEFFECTS(r1, 0x80044584, &(0x7f0000000580)=""/190) mq_notify(r1, &(0x7f0000000540)={0x0, 0x1c, 0x7, @thr={&(0x7f0000000440)="4c272be7ad31b92a7819bd4438656080ec27849a76ffa174b3fe114201140a34e5e6cb4d6a3ab9bcdc80a2717dd8542f33caa13b8c9cb9f5d11d4c66dc81779917000c05979ce491010f7259d0ecdb80fb30d6cba6e2b753ac23635fbb3d879cc2982fb4bbe1afcea02f12d11d43e1337c25411ae04bd8efc06636c455e15689c75b95c24f0dbdd30bdf91f2313a3e39b263ff5196302f1880765440d8b1", 0x0}}) accept4$inet(0xffffffffffffffff, &(0x7f00000000c0), &(0x7f0000000100)=0x10, 0x0) setsockopt$sock_int(r0, 0x1, 0x3c, &(0x7f0000d4effc)=0x1, 0x4) remap_file_pages(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x4, 0xa1, 0x40001) connect$inet(r0, &(0x7f00000002c0)={0x2, 0x4e20, @local}, 0x10) ioctl$FS_IOC_FSSETXATTR(r2, 0x401c5820, &(0x7f0000000200)={0x6d, 0x7fff, 0x400, 0x40, 0x4}) sendmmsg(r0, &(0x7f00000010c0)=[{{&(0x7f0000000bc0)=@in6={0xa, 0x0, 0xa0008000, @mcast1}, 0x80, &(0x7f0000000d40), 0x2fb, &(0x7f0000000d80)}}], 0x4000000000001b4, 0x40400d4) 00:55:18 executing program 4: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000280)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000480)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) read$FUSE(r0, &(0x7f0000003000), 0x4ea) write$FUSE_INIT(r0, &(0x7f0000000600)={0x50, 0x0, 0x2, {0x7, 0x1c, 0x1000000000000000, 0x0, 0x7ff}}, 0x50) 00:55:18 executing program 1: keyctl$update(0x2, 0x0, &(0x7f0000000440), 0x0) r0 = syz_open_dev$swradio(&(0x7f0000000000)='/dev/swradio#\x00', 0x1, 0x2) mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xfffffffffffffffd, 0x11, r0, 0x0) 00:55:18 executing program 5: add_key$user(&(0x7f0000000040)='user\x00', 0x0, &(0x7f0000000380), 0x0, 0xfffffffffffffffe) keyctl$update(0x2, 0x0, 0x0, 0x0) r0 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vcs\x00', 0x0, 0x0) connect$pppoe(r0, &(0x7f0000000080)={0x18, 0x0, {0x2, @empty, 'ip6tnl0\x00'}}, 0x1e) r1 = syz_open_dev$swradio(&(0x7f0000000100)='/dev/swradio#\x00', 0x1, 0x2) mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xfffffffffffffffd, 0x11, r1, 0x0) ioctl$ASHMEM_GET_SIZE(0xffffffffffffffff, 0x7704, 0x0) msgget$private(0x0, 0x200) 00:55:18 executing program 3: r0 = syz_open_dev$mice(0x0, 0x0, 0x0) r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000400)="2f6a7374617400c65381b47aaedf2af5c8af3423fc41891bd2a3c56d8c88e29bad43f1da906e855ff182de04227edcbbc2b1df8f180e158e8abd442cc049cffda030ff277875ee010000000000000000000000000000000000000000000000f532144d1671a6cdf5069e5bddcf25cd7f23956b4a82df900f5eb5763b4fe8cc7172962d2590b2dca2a1308c382541b053194d9027d83ee7ba2e3280857f8f9f63fc90bae959c6e67078bf97e615bfd9409914958aadcfb37973543c60d83526e5c267f7dfa54bd524cc9671dedd665199322bdadee125a35b40b7be0c07301f439a7edfa26fa98277c8078b02e2076291c33787c58b0eabbc39288fc10509409de108f5ca26a8c8e1afb70b2a9569cf8f4cdb6d4e97eb7fdf241dee160e6071618333cc0b0e8bc6a17a0b7d604550fd149ad078ffe54c6392fba29015a3ae73774cd12c9c0ed251a7cf843d712d", 0x2761, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)=ANY=[], &(0x7f00000001c0)='GPL\x00'}, 0x48) r2 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x2761, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x4030582a, &(0x7f0000000000)) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000840), 0x0, &(0x7f0000000700)}, 0x0) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getsockopt$inet_IP_XFRM_POLICY(r0, 0x0, 0x11, &(0x7f0000000200)={{{@in=@local, @in=@multicast2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@ipv4={[], [], @multicast1}}, 0x0, @in6=@dev}}, &(0x7f0000000100)=0xe8) ioctl$sock_inet6_SIOCADDRT(r1, 0x890b, &(0x7f0000000300)={@loopback, @ipv4={[], [], @remote}, @dev={0xfe, 0x80, [], 0x1e}, 0x179, 0xffff, 0x1, 0x100, 0x80, 0x82000000, r3}) accept4$llc(r0, &(0x7f0000000080), &(0x7f00000000c0)=0x10, 0x800) ioctl$PERF_EVENT_IOC_PERIOD(r1, 0x4030582a, &(0x7f0000000000)) 00:55:18 executing program 2: add_key$user(0x0, 0x0, &(0x7f0000000380)='X', 0x1, 0xfffffffffffffffe) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getsockopt$IP_VS_SO_GET_VERSION(0xffffffffffffffff, 0x0, 0x480, 0x0, 0x0) r0 = syz_open_dev$swradio(&(0x7f00000000c0)='/dev/swradio#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000340)={0x0, 0x9, 0x1, {0xb, @pix={0x0, 0x1f}}}) mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xfffffffffffffffd, 0x11, r0, 0x0) clone(0x0, &(0x7f0000000080), &(0x7f0000000000), &(0x7f0000915ffc), &(0x7f0000000180)) ioctl$ASHMEM_GET_SIZE(0xffffffffffffffff, 0x7704, 0x0) add_key$user(&(0x7f0000000240)='user\x00', &(0x7f0000000540)={'syz'}, &(0x7f0000000600)="63bbdf5b932bb04481028798fd5fb1bf7183b30984e21c3eb3094d70650ee8624e2bdce1427bd61c8e222dbd67d402b7ccaf0c5dc50030ee14d419fa9c84b0ffd1019f1b2ae022a0f182301f9942566e6f61eabe384c732d0813a18bb3dc9f3a678d9d44e6293e786ab2e6d28f236c138d63fe4f6ece6f3d04", 0x79, 0xfffffffffffffffd) openat$autofs(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/autofs\x00', 0x401, 0x0) 00:55:18 executing program 1: r0 = add_key$user(0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe) keyctl$update(0x2, r0, &(0x7f0000000440), 0x0) r1 = syz_open_dev$swradio(&(0x7f00000000c0)='/dev/swradio#\x00', 0xffffffffffffffff, 0x2) ioctl$DRM_IOCTL_SET_CLIENT_CAP(r1, 0x4010640d, &(0x7f0000000000)={0x1, 0x800}) mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xfffffffffffffffd, 0x11, r1, 0x0) 00:55:18 executing program 5: select(0x40, &(0x7f0000001140)={0x1, 0x5, 0x7, 0x7, 0x0, 0x400, 0x8, 0xde4}, &(0x7f0000001180)={0x40, 0xab, 0x5, 0x8000, 0x80, 0x3ff, 0x3ddf, 0x5}, &(0x7f00000011c0)={0x7, 0x5, 0x7fff, 0x7, 0x7, 0xffffffffffff0000, 0x6f9, 0x800}, &(0x7f0000001200)={0x77359400}) r0 = add_key(&(0x7f0000000000)='cifs.idmap\x00', &(0x7f0000000080)={'syz', 0x1}, &(0x7f0000000100)="dc98be9328d23d0820f82fc1ce6f893dddc386310e92b659f52d6e9253bb32a4c81018e8a2273e97c77276bcddd12892def9c154de572fefbcd10a80b0df6b7318e116e01a8686e921bc6a0b0379b6d14c0e86c77a0d857356dab601f1be435a7fab7839ea105d31675393a2fb0cf99a766a5d4f823f16d95b526eb31c6b71f8ee7ca4e0159f7d9c05fce319f305d1adbd223243f50130a384fff054a1e13306197a7044ac886b404e930cc26356184b3d1c1c339e34f06bb4c1c0b3e75a315e74355c697d39dfe57e4fd93e714198931b4130b03a265cf4b204b26a475a917fecb6dcd3cceb63862acd7e1b19d3ec5a12dbdd4093318001f44473d5e2d73fb2d7699f0e3efb6076c7ae2e7baf86dfbd596c33666297e0a2d3c6959e334ddd77aa41d28b0e83ec8f5ee333fe152fb77af004d0e79a6cd45fa221dd6a302a3b7c927bc507db80097137b84b7b5112cbe1825c7c11a490e4a2a98b8c91f9548098c9b2e6eb8daef603e105f4da038d120f1f4c83f28e6f2f2e0abe05dcec8687daa7efb7aa42a32113f1292c3939a3f96f2ab5b2881746cff6127e4434fc6328afb6f02c7ab95a4a32bc8399d97fffd09fbee90af5c5ff1745296de12e6d34756f267eec38a9c1da3e7830984045e9165473ab5393f5f60af050b572d61e5e8c96500c6baccbb79914cb64a6c25db05fc592c15165cd957e31a56ee719487782027d9f6279246566f25ffa38787c96d9ddb43fef1605a4dd573e907616f5fa9af366d355068adae1b15154f4f947390c62e6bc108116d53a72bec3d439d74770f8c82b1eaa332d53508b7d6b1e3fdaa0730a4a66162c56ad86c1654d3d859fada77941f0a4e4e198049bd94c5b0182915d5b50e4f57d4307eb314f9748963531db2037352619cd07f6a0807ae3ae151966d4684496027292dee5fca9dc19a41612514096cc0f9d30f1b37c8947adb23474be3cb8a7873ecda10d73848a97c25a504a3722f40622307e99bd0fdd3b67ceebda84ce6f77bf9b3690e7e4b4acb6e205d0178b6832739210ec34ce66dbf00c49b8835060adfc5a1d14bcb847a390b779400306feed39d6ccc5b2304b6f61c3bf1e99d200ad15d11ab41fad1fd2aef54d1310a86c4fe58a5ca617cee7588e8db63496838f2ce6cf94b503be3c54d8b9f819c28fdc6d795b65403ddeed0dc4a182d4a66bb2dcb42f4794ff534ef57f8c78dcaa58a4118ccd7535efe0fdc4645c0614ada7523bc4846bcb317880a8dff93c9f2ddbf2796ad266ce644dac784daf22dff01ecf92ee2da9187eebab0ee991abe2996f20160be4ca963177fbefe485996fcd513a5cf340d97c3f0e829c2d4afd27a42745557d42aea6024d8817aad2799cce2ab16435503b3c9f99fc64c34175db922f101299d38d5fbc211d57a5260cba83a0a2af0169a58e3168cac9049fc239e5fd09baf82f17a1ad953746733076624bf8cbfd047eff3aa7e09e7fe5d0ea3d0ad17cc288534a4b4c60f309e80268f966a49d625ad5da1118eded45e424dec3a0424f46c6fb9af85bc51cedb39e4bb96b275c72ebab01d4285627658fc61e21361f8f1842a78e41cd77cfe4cf5d41b7cbc05e48eee30b05ab06d6f75f57c3d969b3312d1d75d5c0bf2abfb9b441dff8afaff2c7b4dd9129a39e25f4e846784dfd9a52fde53eb826849d2a86af5c9bf548b09c76c492a52fe46ffd9b9c8cffda5f71351cf4f7dcb2c89b0f042d8ba64d0b9aa5895d6973fe3e4ae3bd4985f2b0d2f4437e6b2cf1bcb78347117d2916dd20283183a577b88909993ac16eb7774d514faf40dff31c211779157dfd795dfef28c854888993c8a25372dfaa0c47bad8540ffee2e8318bc4a841c054dd1ab6f0b7a493b5ebfe4312f000caaebedd37f84cfd711f56ac20fdf7fc9de512ddd611301f04ca1e30f56b0a369ada42cdf4ebf6a159548b871b30573c688294ee5b8f437cca5e95c5baeeeed497ed91d70525f381043d24b8923d4935e6485158c595df9e018fcb12bd97efc7e9773ac5ba2878b1d6c221a1dce0791abea956a1a1eb9b076072c2dd3b779d292aa122739454eedc1294339c8950fe13361f8a3a0ac81b1adf9a060c30d2a4843effe692ad429fe130f5bc337d84beac3316d6c65e3cfa18732ab144570a7639131a2290cb04d413e3d676f0eea0105881e470727449e8baca281b96f5c309a1543c8faa0022638e2038a37403fd8ad4fd8cc1a6149d837a4343f69bfb75647e9df47c2ac3d9e1c8ce30eeb1fa1524c58b2d0f8a8561f267fd87a9af8f477aa48cd7d1467c25f1dbce87bb984bdece8eadcde1b8f2a478b68191448f31894a4f2ab59148bf08a70fa54f834a7a70ee1f632804216d7f6fd9b6a19ad5ca211c2d8438964d92d9cad40a61497a9879f9be93236bf66c7cae3fe091824ee45242ff73ab1b48c513d49c8b8aebb6ea02e49b7610754de0405ac36b00c4f3e749be6d992b9bb7d0a60b3dfca6f76208338e902f831dd61d9841bc5c7ededecdb7671deab77e6b9637e229f6c71643bc90dd2e9408d3e1f5560eab703d00d9ff259fea025aa47e186b6d4a7a19a5e6b37f7409f42ce6f48ac9dccc13f6cfe357e8abc6b995ebfcb333e1cb610613125773a9e5867095da0cd66d09f325bc774283a8c0ec66a4745f9a5cf675fcb97bc106d8d274646db135a4fe5654481b843aaf519e28ba159c9156a4679969c2c043d9db0a9407c0483976ad3ac5814dd65d6a81b8be22053c29aa7cd0e90d5dbbc3b21daa02a7066c6ed2e8cf9e28a24ee5a2b08488d5f150d2631df7946c189d7f4b9ebb72089966c81890aeeb2150a695d8e77c7907e78a63e3d15ef09fb96731307fa4a5ea84514da0441ccdb7c9b509f7fb68175a58c80e865a187e8e10abbf46c215b741691047213f52acc9a441bb59ca07cfc68c7836d422213fb3c98a2afd48c5f99c84bf4633863ce48015d6b96803b2f9dacf94371abb0dc1d03a4d681694dedd805c3a39bd5c54e6225a6a1cddacbcffb91160dee0ea40d07a169b1752ec3ab56cd918ce4855271e8183bf4ecaa82d1f041e7de399232e8f07bc1f81c5744f1afa502a3a14d0f7bb8005ce35b848790f103294222b3f7b7ba43337eb82300cd5cdac9a9e1c127a6892acecf34e56aa71d3ed829250aea74759c0fe1da4215e526a8ef4055b199f98e8eb4a26c98ab9611351486f6f1835fe7e6bcb2783f84aa48d3954f9d3bd88008b6583984d5e03dd3c38273b08845e7e0722622f03a68e8b8340b544acc63aba00dd050e024635c0c29a3e342bbdcadd98809e549fe5301845046cb891979d3204b7b0c3e95ad1f195445555417172e3ebf22e0a4808233607b0dd2c78d7078c90aef7f4df248f864bebf2621bd7532bfc66070aea0c40c5c3ab06b6ed8c6a8dd15405b0b73cfe8569daf1742b82cf30c468472eb2c4ac5a05f89937b06537154eeb04082d8c2de4f6e7035e1bd031fdce926d41ef9ddee9a4fa3f6a8f252291282b85bb94531c737a31fc24fb128867221e7de3dc10db0edf95232790b702ff62ee0b9d6f325a087807104ab9c2a3096bb93f2401c42eb1216b9abf1ca9ddb73c44c935a94cb66ca9b952ff76b4a6855e473935b5f750bae3a896fa13c8227710460804df983f548ce4231862946aa6c29e4c509cbdc84e5a396246c4caa8ec2e3f26673c1c6e480fcf784099f0882cfb7be8e1438df0cc85f68205995e3f3aad90fc15f5a02f8d9edfbf6386915595ad4c5e4eb6f4ebc0ff6c3323916e841cc04e1160c4f1dc07423be1dae90ecc2e476b8ef3098d368b1a1911350a58775f46ab21af2275be77199a3fb3e2be27175f8c532a9cfc59be313110b0ba70b6545828af4afeac8d97fb05d92054d005acb7c332d8a7cf08894c92f0348a123119fad15d389bf93fdf1d4d78bc5abf360abb826fc111be5d44689241252ba17e231f29fee77c7ad33ee3c59db5fe881581fa64304b65b612740934577f01e12d39323b3a779c506934a8763af798cb1f7c380e53bc363deaa9e370e98e22023d53821cc505db562edb9fa2a8c15efac91757f966ba6f86c0fb7154c94c0e120113927f04364f476b3cf4ad219a99e7dc466d1fcfffcc743ba2de54146c39c14b5662a24a6084fcb5be6b2d905ee16c4c1cad5ea2a155f51a110bbef473727640c0e6082f685ddb7edbcf7f6e62b67d4c534164a569b755bbb637f6c6b88afa4ab7b65781224f1c82a59a23933c980d9cb2ba6f2399473f72513301bcb6bccf5dd6f0cd73fa15965472544e172bc74942f5723200000d384335c7b685291191d484f5cf8a9d4d4f93543b6bf05cf55daf4cc57c7bde754b64783923201ceb21194dad702fc4ae82299cb6056952819a585f47a02f1698676f48c9cbaddbaeabba726a43abc2ee804652b103cb9340d50b990cc130c6da0a0740472a61b57b3cb1f56c112f0ff725e36ab4c4543000a4975f5acbb4ca2d9ff25ed59b973562bc6efc9c6514af880bd8b886f16c7700a4681df4bef2e71e4d3b1fe7cd6455298a587a5bc3c5eecdb44d19e0840f8e740a933c3ccef972f64e97f4c2517507b0f5a7f9e44d8aab19d6d34a95f76a5d49d09fe7f4149648273aed7201dd57349b2c2a5d00dbcff89b1346b49d24eca5c578fda5327fb08d775c217e8b658311843e989990a3e13285bbbf6cdff76a77e748a9240148ea2789a6fdc4854c2caaddbbb1f77574b76a7b02e35f8e025384fce0cdc100e058c793b70b763fb649e374b2a44330a4e8cb0fc8368c964277f88ad4a67604da04bd713bc4aef4f228e734cf081ac2fba8bd41bd48fb05d4e0504d90ceac599c6c94c61999fcaf0c3366212dedd99a9543411a96d4aac5108330007238a6fae0215add72a5cc29608f9e893df7ea3ab9c4de3d3d28dac2909ec35fe2a1a063b27e25658eafbe7ea9c00da0751e35ab310538ba618b9c91e3ec1eff9d3c0509b44d472f4579a19eaa53a41e9537028a4e752b34dce9489fa23c3890d738c7bba38d15fda534527391985f1c0639d3ad61e81e58e627f0edf9c8399ec091ea0e461d98883171f76396bff57221f05f7b927b39341c5c97f82888c4b86a7e7c66a91e0ea9ed5426514ac900545ac7ce8e84da6e6df8295fb446e2013cc7b8268530a4e603530e0e432b6b998a5f699c359f6751fd048ff01ae55f2e44e40bcd973eca2df8a625722e35f1db7156de6c2c79511b16efb65ff2186eb500798d2579c9abeba889dfae6662ec31dbcaf492ea96b30fdb13d556cfe503d06384c704bb7b70aed8448d6005244609f001d80dc192c2755b58f95482d2e9d0a237d479015ffb22d8bcb0613839294ecb6e89c87a2e53d543080e00a30b21544876b32bb18d2583787ffcd10603f755c2e941949b71824ada3acf14d673201c69bf3266a296e4de5cf0eaea4262f1892f36ba862788f1276f5b7c07eecdf3f9d60209f47401da9264219e5e655f5d13f0d2c77f482691a911f0a1f14b4de08e7941f00a3e4f0241ba9f66a4c54768664fd55148da66732aa1b2cfde05bd9352e223737ae51fb6f0f8ead9154c47902ce9f6eb71324ea94520ebf5b38471caeecc4f27df5c7540f4c22255e6163c0bd377b4bcbdca6284bbb3ef1675e0ee5b77167230f96cef54244bafc2ca58f8dc489f7baf89f05428b25c114f9334e584839abebe31aa3e27888ee545a860b6490b0e80016f0e44a115b9ad578571bb6929c0f40574b89b793147f8c4377122a9aa924060edd5765b62c0914abf61a4c75", 0x1000, 0xfffffffffffffffc) r1 = syz_open_dev$sndpcmp(0x0, 0x101, 0x408300) ioctl$SG_GET_RESERVED_SIZE(r1, 0x2272, &(0x7f0000001100)) r2 = openat$ppp(0xffffffffffffff9c, &(0x7f0000001240)='/dev/ppp\x00', 0x2001, 0x0) add_key$user(&(0x7f0000000040)='user\x00', 0x0, &(0x7f0000000380), 0x0, r0) bind$netlink(r2, &(0x7f0000001280)={0x10, 0x0, 0x25dfdbfd, 0x188004}, 0xc) keyctl$update(0x2, 0x0, 0x0, 0x0) r3 = syz_open_dev$swradio(&(0x7f00000000c0)='/dev/swradio#\x00', 0xffffffffffffffff, 0x2) mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xfffffffffffffffd, 0x11, r3, 0x0) ioctl$ASHMEM_GET_SIZE(0xffffffffffffffff, 0x7704, 0x0) 00:55:18 executing program 4: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000280)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000480)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) read$FUSE(r0, &(0x7f0000003000), 0x4ea) write$FUSE_INIT(r0, &(0x7f0000000600)={0x50, 0x0, 0x2, {0x7, 0x1c, 0xa0008000, 0x0, 0x7ff}}, 0x50) [ 783.602595] syz-executor0 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=1000 00:55:18 executing program 5: add_key$user(&(0x7f0000000040)='user\x00', 0x0, &(0x7f0000000380), 0x0, 0xfffffffffffffffe) keyctl$update(0x2, 0x0, 0x0, 0x0) r0 = syz_open_dev$swradio(&(0x7f00000000c0)='/dev/swradio#\x00', 0xffffffffffffffff, 0x2) mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xfffffffffffffffd, 0x11, r0, 0x0) ioctl$ASHMEM_GET_SIZE(0xffffffffffffffff, 0x7704, 0x0) socket$vsock_dgram(0x28, 0x2, 0x0) 00:55:18 executing program 1: r0 = add_key$user(0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe) keyctl$update(0x2, r0, &(0x7f0000000040)="56e5a2bf960bad845c014cb21d62cd16def688a6c51e49b680eb674c5e07bb00000000000000003c1346b43ec023de3dfb2273e569a69e8d456f17907d17634bfce0ec3ae705f754c3cb069ebb7c", 0x4e) r1 = syz_open_dev$swradio(&(0x7f00000000c0)='/dev/swradio#\x00', 0xffffffffffffffff, 0x2) mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xfffffffffffffffd, 0x11, r1, 0x0) [ 783.645060] syz-executor0 cpuset=syz0 mems_allowed=0 [ 783.669873] CPU: 1 PID: 21465 Comm: syz-executor0 Not tainted 4.20.0-rc1-next-20181109+ #110 [ 783.678501] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 783.687856] Call Trace: [ 783.687881] dump_stack+0x244/0x39d [ 783.687901] ? dump_stack_print_info.cold.1+0x20/0x20 [ 783.687928] dump_header+0x27b/0xf72 [ 783.687954] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 783.687971] ? pagefault_out_of_memory+0x197/0x197 [ 783.713535] ? debug_smp_processor_id+0x1c/0x20 [ 783.718216] ? perf_trace_lock_acquire+0x15b/0x800 [ 783.723178] ? perf_trace_lock+0x7a0/0x7a0 [ 783.727452] ? graph_lock+0x270/0x270 [ 783.731273] ? print_usage_bug+0xc0/0xc0 [ 783.735357] ? perf_trace_lock+0x7a0/0x7a0 [ 783.739609] ? find_held_lock+0x36/0x1c0 [ 783.743686] ? mark_held_locks+0xc7/0x130 [ 783.747861] ? _raw_spin_unlock_irqrestore+0x82/0xd0 [ 783.752985] ? _raw_spin_unlock_irqrestore+0x82/0xd0 [ 783.758103] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 783.762699] ? trace_hardirqs_on+0xbd/0x310 [ 783.767038] ? kasan_check_read+0x11/0x20 [ 783.771195] ? ___ratelimit+0x3b4/0x672 [ 783.775191] ? trace_hardirqs_off_caller+0x300/0x300 [ 783.780306] ? trace_hardirqs_on+0x310/0x310 [ 783.784743] ? lock_downgrade+0x900/0x900 [ 783.788908] ? _raw_spin_unlock_irqrestore+0x6d/0xd0 [ 783.794024] ? ___ratelimit+0x3b9/0x672 [ 783.798009] ? idr_get_free+0xf70/0xf70 [ 783.801991] ? _raw_spin_unlock_irq+0x27/0x80 [ 783.806503] ? _raw_spin_unlock_irq+0x27/0x80 [ 783.811035] oom_kill_process.cold.27+0x10/0x903 [ 783.815804] ? _raw_spin_unlock_irq+0x27/0x80 [ 783.820311] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 783.824914] ? oom_evaluate_task+0x540/0x540 [ 783.829332] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 783.834909] ? cgroup_procs_next+0x70/0x70 [ 783.839175] ? _raw_spin_unlock_irq+0x60/0x80 [ 783.843683] ? oom_badness+0xaa0/0xaa0 [ 783.847589] ? mem_cgroup_scan_tasks+0x1c3/0x1e0 [ 783.852364] ? mem_cgroup_iter_break+0x30/0x30 [ 783.856969] ? mark_held_locks+0xc7/0x130 [ 783.861606] out_of_memory+0xa7f/0x1430 [ 783.865589] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 783.870183] ? kasan_check_read+0x11/0x20 [ 783.874340] ? oom_killer_disable+0x3a0/0x3a0 [ 783.878873] mem_cgroup_out_of_memory+0x15e/0x210 [ 783.883730] ? memory_oom_group_write+0x160/0x160 [ 783.888588] ? mem_cgroup_try_charge+0x627/0xe20 [ 783.893360] ? page_counter_try_charge+0x1c1/0x220 [ 783.898300] try_charge+0xdcd/0x1720 [ 783.902026] ? kasan_check_read+0x11/0x20 [ 783.906205] ? mem_cgroup_from_task+0x1f0/0x1f0 [ 783.911016] ? get_mem_cgroup_from_mm.part.62+0x221/0x880 [ 783.916583] ? lock_page_memcg+0x350/0x350 [ 783.920838] ? lock_acquire+0x1ed/0x520 [ 783.924820] ? mem_cgroup_oom_control_write+0x100/0x100 [ 783.930189] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 783.935745] ? check_preemption_disabled+0x48/0x280 [ 783.940776] ? kasan_check_read+0x11/0x20 [ 783.944934] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 783.950241] ? rcu_softirq_qs+0x20/0x20 [ 783.954242] mem_cgroup_try_charge+0x627/0xe20 [ 783.958833] ? undo_dev_pagemap+0x680/0x680 [ 783.963179] ? mem_cgroup_protected+0xa60/0xa60 [ 783.967865] ? __lock_acquire+0x62f/0x4c20 [ 783.972116] ? __handle_mm_fault+0x2da9/0x5be0 [ 783.976725] ? mark_held_locks+0x130/0x130 [ 783.980968] ? do_raw_spin_unlock+0xa7/0x330 [ 783.985473] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 783.991024] mem_cgroup_try_charge_delay+0x1d/0xa0 [ 783.995964] __handle_mm_fault+0x284e/0x5be0 [ 784.000389] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 784.005248] ? perf_trace_lock+0x7a0/0x7a0 [ 784.009493] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 784.015046] ? pmd_huge+0xf4/0x140 [ 784.018601] ? graph_lock+0x270/0x270 [ 784.022406] ? graph_lock+0x270/0x270 [ 784.026221] ? find_held_lock+0x36/0x1c0 [ 784.030319] ? handle_mm_fault+0x42a/0xc70 [ 784.034575] ? lock_downgrade+0x900/0x900 [ 784.038735] ? check_preemption_disabled+0x48/0x280 [ 784.043767] ? kasan_check_read+0x11/0x20 [ 784.047946] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 784.053233] ? rcu_read_unlock_special+0x370/0x370 [ 784.058196] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 784.063744] ? check_preemption_disabled+0x48/0x280 [ 784.068782] handle_mm_fault+0x54f/0xc70 [ 784.072869] ? __handle_mm_fault+0x5be0/0x5be0 [ 784.077455] ? find_vma+0x34/0x190 [ 784.081005] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 784.086031] __get_user_pages+0xa3d/0x1ed0 [ 784.090296] ? follow_page_mask+0x2160/0x2160 [ 784.094800] ? debug_smp_processor_id+0x1c/0x20 [ 784.099475] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 784.105034] ? graph_lock+0x270/0x270 [ 784.108838] ? rcu_is_watching+0x30/0x30 [ 784.112906] ? graph_lock+0x270/0x270 [ 784.116714] ? kzfree+0x28/0x30 [ 784.120012] ? lock_acquire+0x1ed/0x520 [ 784.123992] ? __mm_populate+0x31a/0x4d0 [ 784.128085] ? lock_release+0xa10/0xa10 [ 784.132076] ? perf_trace_sched_process_exec+0x860/0x860 [ 784.137562] populate_vma_page_range+0x2db/0x3d0 [ 784.142334] ? follow_page+0x420/0x420 [ 784.146324] ? find_vma+0x34/0x190 [ 784.149874] __mm_populate+0x286/0x4d0 [ 784.153783] ? populate_vma_page_range+0x3d0/0x3d0 [ 784.158722] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 784.164261] ? ns_capable_common+0x13f/0x170 [ 784.168688] __x64_sys_mlockall+0x45b/0x630 [ 784.173017] ? __ia32_sys_munlock+0x160/0x160 [ 784.177521] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 784.183210] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 784.188603] ? trace_hardirqs_off_caller+0x300/0x300 [ 784.193729] do_syscall_64+0x1b9/0x820 [ 784.197633] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 784.203011] ? syscall_return_slowpath+0x5e0/0x5e0 [ 784.207947] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 784.212803] ? trace_hardirqs_on_caller+0x310/0x310 [ 784.217834] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 784.222859] ? prepare_exit_to_usermode+0x291/0x3b0 [ 784.227888] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 784.232765] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 784.237964] RIP: 0033:0x457569 [ 784.241159] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 784.260086] RSP: 002b:00007f835d8a6c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097 00:55:18 executing program 5: add_key$user(&(0x7f0000000040)='user\x00', 0x0, &(0x7f0000000380), 0x0, 0xfffffffffffffffe) keyctl$update(0x2, 0x0, 0x0, 0x0) r0 = syz_open_dev$swradio(&(0x7f00000000c0)='/dev/swradio#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_SUBDEV_G_SELECTION(r0, 0xc040563d, &(0x7f0000000000)={0x1, 0x823, 0x103, 0x0, {0x7, 0xff, 0x5, 0x1}}) mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xfffffffffffffffd, 0x11, r0, 0x0) ioctl$ASHMEM_GET_SIZE(r0, 0x7704, 0x0) [ 784.267808] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 0000000000457569 [ 784.275123] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001 [ 784.282514] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 784.289791] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f835d8a76d4 [ 784.297080] R13: 00000000004c2b54 R14: 00000000004d4810 R15: 00000000ffffffff [ 784.444032] Task in /syz0 killed as a result of limit of /syz0 [ 784.450258] memory: usage 307200kB, limit 307200kB, failcnt 2803 [ 784.464403] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 784.471330] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 784.477473] Memory cgroup stats for /syz0: cache:144KB rss:297516KB rss_huge:264192KB shmem:28KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:70668KB active_anon:21192KB inactive_file:0KB active_file:0KB unevictable:205804KB [ 784.499892] Memory cgroup out of memory: Kill process 21448 (syz-executor0) score 1156 or sacrifice child [ 784.509755] Killed process 21448 (syz-executor0) total-vm:70864kB, anon-rss:18456kB, file-rss:32768kB, shmem-rss:0kB [ 784.532169] oom_reaper: reaped process 21448 (syz-executor0), now anon-rss:0kB, file-rss:32768kB, shmem-rss:0kB [ 785.043495] syz-executor0 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=1000 [ 785.054917] syz-executor0 cpuset=syz0 mems_allowed=0 [ 785.060123] CPU: 1 PID: 21498 Comm: syz-executor0 Not tainted 4.20.0-rc1-next-20181109+ #110 [ 785.068685] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 785.078019] Call Trace: [ 785.080619] dump_stack+0x244/0x39d [ 785.084240] ? dump_stack_print_info.cold.1+0x20/0x20 [ 785.089429] ? mark_held_locks+0x130/0x130 [ 785.093662] ? mark_held_locks+0x130/0x130 [ 785.098007] dump_header+0x27b/0xf72 [ 785.101712] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 785.107255] ? pagefault_out_of_memory+0x197/0x197 [ 785.112169] ? debug_smp_processor_id+0x1c/0x20 [ 785.116822] ? perf_trace_lock_acquire+0x15b/0x800 [ 785.121739] ? perf_trace_lock+0x7a0/0x7a0 [ 785.125963] ? graph_lock+0x270/0x270 [ 785.129746] ? print_usage_bug+0xc0/0xc0 [ 785.133814] ? find_held_lock+0x36/0x1c0 [ 785.137866] ? mark_held_locks+0xc7/0x130 [ 785.142000] ? _raw_spin_unlock_irqrestore+0x82/0xd0 [ 785.147088] ? _raw_spin_unlock_irqrestore+0x82/0xd0 [ 785.152178] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 785.156772] ? trace_hardirqs_on+0xbd/0x310 [ 785.161087] ? kasan_check_read+0x11/0x20 [ 785.165223] ? ___ratelimit+0x3b4/0x672 [ 785.169181] ? trace_hardirqs_off_caller+0x300/0x300 [ 785.174269] ? trace_hardirqs_on+0x310/0x310 [ 785.178663] ? lock_downgrade+0x900/0x900 [ 785.182801] ? _raw_spin_unlock_irqrestore+0x6d/0xd0 [ 785.187904] ? ___ratelimit+0x3b9/0x672 [ 785.191863] ? idr_get_free+0xf70/0xf70 [ 785.195821] ? _raw_spin_unlock_irq+0x27/0x80 [ 785.200301] ? _raw_spin_unlock_irq+0x27/0x80 [ 785.204789] oom_kill_process.cold.27+0x10/0x903 [ 785.209534] ? _raw_spin_unlock_irq+0x27/0x80 [ 785.214019] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 785.218618] ? oom_evaluate_task+0x540/0x540 [ 785.223024] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 785.228605] ? cgroup_procs_next+0x70/0x70 [ 785.232838] ? _raw_spin_unlock_irq+0x60/0x80 [ 785.237333] ? oom_badness+0xaa0/0xaa0 [ 785.241208] ? mem_cgroup_scan_tasks+0x1c3/0x1e0 [ 785.245949] ? mem_cgroup_iter_break+0x30/0x30 [ 785.250527] ? mark_held_locks+0xc7/0x130 [ 785.254665] out_of_memory+0xa7f/0x1430 [ 785.258636] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 785.263209] ? kasan_check_read+0x11/0x20 [ 785.267354] ? oom_killer_disable+0x3a0/0x3a0 [ 785.271845] mem_cgroup_out_of_memory+0x15e/0x210 [ 785.276676] ? memory_oom_group_write+0x160/0x160 [ 785.281515] ? mem_cgroup_try_charge+0x627/0xe20 [ 785.286277] ? page_counter_try_charge+0x1c1/0x220 [ 785.291205] try_charge+0xdcd/0x1720 [ 785.294924] ? kasan_check_read+0x11/0x20 [ 785.299074] ? mem_cgroup_from_task+0x1f0/0x1f0 [ 785.303748] ? get_mem_cgroup_from_mm.part.62+0x221/0x880 [ 785.309298] ? retint_kernel+0x2d/0x2d [ 785.313183] ? trace_hardirqs_on_caller+0xc0/0x310 [ 785.318100] ? lock_page_memcg+0x350/0x350 [ 785.322325] ? lock_acquire+0x1ed/0x520 [ 785.326285] ? mem_cgroup_oom_control_write+0x100/0x100 [ 785.331633] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 785.337172] ? check_preemption_disabled+0x48/0x280 [ 785.342177] ? kasan_check_read+0x11/0x20 [ 785.346310] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 785.351572] ? rcu_softirq_qs+0x20/0x20 [ 785.355544] mem_cgroup_try_charge+0x627/0xe20 [ 785.360125] ? mem_cgroup_protected+0xa60/0xa60 [ 785.364789] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 785.369357] ? retint_kernel+0x2d/0x2d [ 785.373231] ? trace_hardirqs_on_caller+0xc0/0x310 [ 785.378146] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 785.382890] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 785.388331] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 785.393081] ? retint_kernel+0x2d/0x2d [ 785.396955] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 785.402482] mem_cgroup_try_charge_delay+0x1d/0xa0 [ 785.407400] wp_page_copy+0x51d/0x24f0 [ 785.411286] ? follow_pfn+0x2e0/0x2e0 [ 785.415075] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 785.420596] ? reuse_swap_page+0x4bd/0x1520 [ 785.424903] ? swp_swapcount+0x530/0x530 [ 785.428953] ? perf_trace_mm_lru_insertion+0x1490/0x1490 [ 785.434388] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 785.439131] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 785.444588] ? print_usage_bug+0xc0/0xc0 [ 785.448633] ? retint_kernel+0x2d/0x2d [ 785.452507] ? trace_hardirqs_on_caller+0xc0/0x310 [ 785.457423] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 785.462169] ? graph_lock+0x270/0x270 [ 785.465953] ? __lock_acquire+0x62f/0x4c20 [ 785.470171] ? mark_page_accessed+0xca1/0x2040 [ 785.474739] ? mark_page_accessed+0xcaf/0x2040 [ 785.479431] ? __sanitizer_cov_trace_pc+0x26/0x50 [ 785.484268] ? find_held_lock+0x36/0x1c0 [ 785.488328] ? do_wp_page+0x518/0x2920 [ 785.492200] ? lock_downgrade+0x900/0x900 [ 785.496336] ? wake_up_page_bit+0x6f0/0x6f0 [ 785.500649] ? kasan_check_read+0x11/0x20 [ 785.504806] ? do_raw_spin_unlock+0xa7/0x330 [ 785.509232] ? do_raw_spin_trylock+0x270/0x270 [ 785.513812] ? __pte_alloc_kernel+0x220/0x220 [ 785.518293] ? perf_trace_lock_acquire+0x15b/0x800 [ 785.523214] do_wp_page+0x520/0x2920 [ 785.526926] ? check_preemption_disabled+0x48/0x280 [ 785.531938] ? finish_mkwrite_fault+0x650/0x650 [ 785.536594] ? mark_held_locks+0xc7/0x130 [ 785.540731] ? perf_trace_lock+0x7a0/0x7a0 [ 785.544952] ? trace_hardirqs_on_caller+0xc0/0x310 [ 785.549869] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 785.555394] ? __lock_acquire+0x62f/0x4c20 [ 785.559627] ? mark_held_locks+0x130/0x130 [ 785.563864] ? follow_page_pte+0xdd7/0x1ab0 [ 785.568188] ? lock_downgrade+0x900/0x900 [ 785.572326] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 785.577849] ? check_preemption_disabled+0x48/0x280 [ 785.582851] ? print_usage_bug+0xc0/0xc0 [ 785.586900] ? perf_trace_lock_acquire+0x15b/0x800 [ 785.591813] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 785.597342] ? follow_page_pte+0x4f9/0x1ab0 [ 785.601648] ? print_usage_bug+0xc0/0xc0 [ 785.605698] ? mark_held_locks+0xc7/0x130 [ 785.609836] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 785.614584] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 785.619151] ? retint_kernel+0x2d/0x2d [ 785.623037] ? trace_hardirqs_on_caller+0xc0/0x310 [ 785.627950] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 785.632689] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 785.638131] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 785.642893] ? retint_kernel+0x2d/0x2d [ 785.646770] ? __handle_mm_fault+0x206e/0x5be0 [ 785.651357] __handle_mm_fault+0x3be9/0x5be0 [ 785.655843] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 785.660774] ? perf_trace_lock+0x7a0/0x7a0 [ 785.665007] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 785.670534] ? pmd_huge+0xf4/0x140 [ 785.674075] ? graph_lock+0x270/0x270 [ 785.677859] ? graph_lock+0x270/0x270 [ 785.681647] ? find_held_lock+0x36/0x1c0 [ 785.685697] ? handle_mm_fault+0x42a/0xc70 [ 785.689935] ? lock_downgrade+0x900/0x900 [ 785.694069] ? check_preemption_disabled+0x48/0x280 [ 785.699076] ? kasan_check_read+0x11/0x20 [ 785.703206] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 785.708464] ? rcu_read_unlock_special+0x370/0x370 [ 785.713377] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 785.718900] ? check_preemption_disabled+0x48/0x280 [ 785.723916] handle_mm_fault+0x54f/0xc70 [ 785.727968] ? __handle_mm_fault+0x5be0/0x5be0 [ 785.732541] ? __get_user_pages+0x9d7/0x1ed0 [ 785.736940] ? __get_user_pages+0x9ea/0x1ed0 [ 785.741352] __get_user_pages+0xa3d/0x1ed0 [ 785.745613] ? follow_page_mask+0x2160/0x2160 [ 785.750108] ? mark_held_locks+0xc7/0x130 [ 785.754263] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 785.758850] ? retint_kernel+0x2d/0x2d [ 785.762736] ? trace_hardirqs_on_caller+0xc0/0x310 [ 785.767659] ? mark_held_locks+0xc7/0x130 [ 785.771794] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 785.776544] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 785.781137] ? retint_kernel+0x2d/0x2d [ 785.785015] ? trace_hardirqs_on_caller+0xc0/0x310 [ 785.789930] ? __mm_populate+0x31a/0x4d0 [ 785.793972] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 785.798722] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 785.804175] ? lock_release+0xa10/0xa10 [ 785.808143] ? perf_trace_sched_process_exec+0x860/0x860 [ 785.813582] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 785.818347] populate_vma_page_range+0x2db/0x3d0 [ 785.823327] ? follow_page+0x420/0x420 [ 785.827216] ? __mm_populate+0x1b8/0x4d0 [ 785.831261] __mm_populate+0x286/0x4d0 [ 785.835149] ? populate_vma_page_range+0x3d0/0x3d0 [ 785.840087] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 785.845611] ? ns_capable_common+0x13f/0x170 [ 785.850012] __x64_sys_mlockall+0x45b/0x630 [ 785.854318] ? __ia32_sys_munlock+0x160/0x160 [ 785.858799] ? retint_kernel+0x2d/0x2d [ 785.862685] do_syscall_64+0x1b9/0x820 [ 785.866567] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 785.872052] ? syscall_return_slowpath+0x5e0/0x5e0 [ 785.876967] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 785.881802] ? trace_hardirqs_on_caller+0x310/0x310 [ 785.886802] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 785.891806] ? prepare_exit_to_usermode+0x291/0x3b0 [ 785.896811] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 785.901650] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 785.906825] RIP: 0033:0x457569 [ 785.910008] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 785.928895] RSP: 002b:00007f835d885c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097 [ 785.936588] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 0000000000457569 [ 785.943841] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 785.951121] RBP: 000000000072bfa0 R08: 0000000000000000 R09: 0000000000000000 [ 785.958392] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f835d8866d4 [ 785.965661] R13: 00000000004c2b54 R14: 00000000004d4810 R15: 00000000ffffffff [ 785.975302] Task in /syz0 killed as a result of limit of /syz0 [ 785.981488] memory: usage 307200kB, limit 307200kB, failcnt 2863 [ 785.987873] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 785.994726] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 786.000997] Memory cgroup stats for /syz0: cache:144KB rss:297492KB rss_huge:260096KB shmem:28KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:63788KB active_anon:17092KB inactive_file:0KB active_file:0KB unevictable:216716KB [ 786.022881] Memory cgroup out of memory: Kill process 21463 (syz-executor0) score 1216 or sacrifice child [ 786.032935] Killed process 21499 (syz-executor0) total-vm:70468kB, anon-rss:18068kB, file-rss:32768kB, shmem-rss:0kB [ 786.051502] oom_reaper: reaped process 21499 (syz-executor0), now anon-rss:0kB, file-rss:32768kB, shmem-rss:0kB 00:55:21 executing program 0: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000000)=0x102, 0x4) bind$inet(r0, &(0x7f0000942000)={0x2, 0x4e20, @multicast1}, 0x10) getsockopt$IP_VS_SO_GET_SERVICE(r0, 0x0, 0x483, &(0x7f0000000300), &(0x7f00000000c0)=0xfe18) r1 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000400)='/dev/vga_arbiter\x00', 0x3fc, 0x0) getsockopt$IP6T_SO_GET_REVISION_MATCH(r1, 0x29, 0x44, &(0x7f0000000180)={'NETMAP\x00'}, &(0x7f00000001c0)=0x1e) mlockall(0x1) clone(0x0, 0x0, 0xfffffffffffffffe, &(0x7f0000000080), 0xffffffffffffffff) r2 = open(&(0x7f0000000140)='./file0\x00', 0x0, 0x99) exit(0x7fffffffbffefffd) r3 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mlockall(0x3) ioctl$VHOST_SET_VRING_CALL(r1, 0x4008af21, &(0x7f0000000500)={0x3, r2}) r4 = getpgid(0xffffffffffffffff) setpriority(0x1, r4, 0x5) r5 = getpgrp(0x0) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000280)={0xffffffffffffffff, r1, 0x0, 0xf, &(0x7f0000000240)='wlan0\\}md5sum#\x00'}, 0x30) setpgid(r5, r6) vmsplice(r3, &(0x7f00000008c0)=[{&(0x7f0000000800)="50e005e6815dc6b00b10002c519c66795de0d52fc076f1eb6a9c58cde88a6eef0093b24a178e84740aa6d1618e2033d38d4aea0fb17cda768820a83864ac14405192e4549c3ad33fca5d187507c5a984d6a0c72683e7af2d4a070000000000000005b6d0dce139e4c627395426a1f6fc0b416f7163eb07000000d9e0203181735ccac1e530c361262a0a5e0a98e9ca3d17f2f2f0c116fa9fbdbe757d93e323d17f29", 0xa2}], 0x1, 0xf) ioctl$EVIOCGEFFECTS(r1, 0x80044584, &(0x7f0000000580)=""/190) mq_notify(r1, &(0x7f0000000540)={0x0, 0x1c, 0x7, @thr={&(0x7f0000000440)="4c272be7ad31b92a7819bd4438656080ec27849a76ffa174b3fe114201140a34e5e6cb4d6a3ab9bcdc80a2717dd8542f33caa13b8c9cb9f5d11d4c66dc81779917000c05979ce491010f7259d0ecdb80fb30d6cba6e2b753ac23635fbb3d879cc2982fb4bbe1afcea02f12d11d43e1337c25411ae04bd8efc06636c455e15689c75b95c24f0dbdd30bdf91f2313a3e39b263ff5196302f1880765440d8b1", 0x0}}) accept4$inet(0xffffffffffffffff, &(0x7f00000000c0), &(0x7f0000000100)=0x10, 0x0) setsockopt$sock_int(r0, 0x1, 0x3c, &(0x7f0000d4effc)=0x1, 0x4) remap_file_pages(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x4, 0xa1, 0x40001) connect$inet(r0, &(0x7f00000002c0)={0x2, 0x4e20, @local}, 0x10) ioctl$FS_IOC_FSSETXATTR(r2, 0x401c5820, &(0x7f0000000200)={0x6d, 0x7fff, 0x400, 0x40, 0x4}) sendmmsg(r0, &(0x7f00000010c0)=[{{&(0x7f0000000bc0)=@in6={0xa, 0x0, 0x800d0020, @mcast1}, 0x80, &(0x7f0000000d40), 0x2fb, &(0x7f0000000d80)}}], 0x4000000000001b4, 0x40400d4) 00:55:21 executing program 1: socket$unix(0x1, 0x2, 0x0) r0 = add_key$user(0x0, 0x0, 0x0, 0xffffffffffffff8a, 0xfffffffffffffffe) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x2000, 0x41) sendmsg$nl_crypto(r1, &(0x7f00000003c0)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x11}, 0xc, &(0x7f0000000380)={&(0x7f0000000540)=ANY=[@ANYBLOB="180100001000240527bd7000fbdbdf256372637431306469662d67656e657269630000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000b32a243ced1f00a73f7cc9b60000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040000002000000000000000000000080001000900000008000100220e000008000100000800000800010001000000080001000100010008000100020000000800010004000000cfa239bf94363f2b2a36da3a74d5b62660"], 0x118}, 0x1, 0x0, 0x0, 0x44}, 0x20000040) ioctl$DRM_IOCTL_MAP_BUFS(r1, 0xc0186419, &(0x7f0000001b00)={0x9, &(0x7f0000000400)=""/207, &(0x7f0000001a00)=[{0x1, 0xb0, 0x80000000, &(0x7f0000000680)=""/176}, {0x5d, 0x43, 0x3, &(0x7f0000000740)=""/67}, {0x3f, 0x1000, 0x57, &(0x7f00000007c0)=""/4096}, {0xff7, 0x7f, 0x6, &(0x7f00000017c0)=""/127}, {0x0, 0x49, 0x4, &(0x7f0000001840)=""/73}, {0x7f, 0x1c, 0x100000001, &(0x7f0000000240)=""/28}, {0x5, 0x1c, 0x1f, &(0x7f0000000500)=""/28}, {0x1000, 0x30, 0x100000001, &(0x7f00000018c0)=""/48}, {0x7, 0xff, 0x0, &(0x7f0000001900)=""/255}]}) keyctl$update(0x2, r0, &(0x7f0000000440), 0x0) ioctl$SCSI_IOCTL_PROBE_HOST(r1, 0x5385, &(0x7f00000002c0)={0xb2, ""/178}) ioctl$VT_RESIZE(r1, 0x5609, &(0x7f0000000080)={0x3, 0x8, 0x4}) r2 = accept(r1, 0x0, &(0x7f0000000280)=0xd95bc3d1f27ab0ce) sendmsg$key(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)={0x2, 0xb, 0x7fff, 0x8, 0xe, 0x0, 0x70bd29, 0x25dfdbfb, [@sadb_x_nat_t_type={0x1, 0x14, 0x3}, @sadb_x_policy={0x8, 0x12, 0x0, 0x0, 0x0, 0x6e6bb7, 0x1, {0x6, 0x3c, 0x7a, 0xc, 0x0, 0x62, 0x0, @in=@multicast1, @in6=@local}}, @sadb_x_nat_t_type={0x1, 0x14, 0x7cc}, @sadb_sa={0x2, 0x1, 0x4d5, 0xffffffffffff1b36, 0x81, 0xaf, 0x4, 0x80000000}]}, 0x70}}, 0x40050) r3 = syz_open_dev$swradio(&(0x7f0000000040)='/dev/swradio#\x00', 0xffffffffffffffff, 0x2) mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xfffffffffffffffd, 0x11, r3, 0x0) poll(&(0x7f00000001c0)=[{r3, 0x2548}, {r3, 0x121}, {r2, 0x8002}, {r3, 0x4000}, {r3, 0x2}, {r2, 0xc200}, {r3, 0x44200}], 0x7, 0x2ab800) 00:55:21 executing program 5: r0 = add_key$user(&(0x7f0000000040)='user\x00', 0x0, &(0x7f0000000380), 0x0, 0xfffffffffffffffe) keyctl$update(0x2, r0, 0x0, 0x0) r1 = syz_open_dev$swradio(&(0x7f00000000c0)='/dev/swradio#\x00', 0xffffffffffffffff, 0x2) mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xfffffffffffffffd, 0x1f, r1, 0x0) setsockopt$inet_tcp_int(r1, 0x6, 0x7, &(0x7f0000000000)=0x10001, 0x4) ioctl$ASHMEM_GET_SIZE(0xffffffffffffffff, 0x7704, 0x0) 00:55:21 executing program 2: add_key$user(0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getsockopt$IP_VS_SO_GET_VERSION(0xffffffffffffffff, 0x0, 0x480, 0x0, 0x0) r0 = syz_open_dev$swradio(&(0x7f00000000c0)='/dev/swradio#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000340)={0x0, 0x9, 0x1, {0xb, @pix={0x0, 0x1f}}}) mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xfffffffffffffffd, 0x11, r0, 0x0) clone(0x0, &(0x7f0000000080), &(0x7f0000000000), &(0x7f0000915ffc), &(0x7f0000000180)) ioctl$ASHMEM_GET_SIZE(0xffffffffffffffff, 0x7704, 0x0) add_key$user(&(0x7f0000000240)='user\x00', &(0x7f0000000540)={'syz'}, &(0x7f0000000600)="63bbdf5b932bb04481028798fd5fb1bf7183b30984e21c3eb3094d70650ee8624e2bdce1427bd61c8e222dbd67d402b7ccaf0c5dc50030ee14d419fa9c84b0ffd1019f1b2ae022a0f182301f9942566e6f61eabe384c732d0813a18bb3dc9f3a678d9d44e6293e786ab2e6d28f236c138d63fe4f6ece6f3d04", 0x79, 0xfffffffffffffffd) openat$autofs(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/autofs\x00', 0x401, 0x0) 00:55:21 executing program 3: r0 = openat$null(0xffffffffffffff9c, &(0x7f0000000080)='/dev/null\x00', 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffff9c, &(0x7f0000000100)={0x0, 0x18, 0xfa00, {0x0, &(0x7f00000000c0)={0xffffffffffffffff}, 0x0, 0xd}}, 0x20) write$RDMA_USER_CM_CMD_DISCONNECT(r0, &(0x7f0000000140)={0xa, 0x4, 0xfa00, {r1}}, 0xc) syz_open_dev$mice(0x0, 0x0, 0x0) r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000400)="2f6a7374617400c65381b47aaedf2af5c8af3423fc41891bd2a3c56d8c88e29bad43f1da906e855ff182de04227edcbbc2b1df8f180e158e8abd442cc049cffda030ff277875ee010000000000000000000000000000000000000000000000f532144d1671a6cdf5069e5bddcf25cd7f23956b4a82df900f5eb5763b4fe8cc7172962d2590b2dca2a1308c382541b053194d9027d83ee7ba2e3280857f8f9f63fc90bae959c6e67078bf97e615bfd9409914958aadcfb37973543c60d83526e5c267f7dfa54bd524cc9671dedd665199322bdadee125a35b40b7be0c07301f439a7edfa26fa98277c8078b02e2076291c33787c58b0eabbc39288fc10509409de108f5ca26a8c8e1afb70b2a9569cf8f4cdb6d4e97eb7fdf241dee160e6071618333cc0b0e8bc6a17a0b7d604550fd149ad078ffe54c6392fba29015a3ae73774cd12c9c0ed251a7cf843d712d", 0x2761, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)=ANY=[], &(0x7f00000001c0)='GPL\x00'}, 0x48) r3 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x2761, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r3, 0x4030582a, &(0x7f0000000000)) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000840), 0x0, &(0x7f0000000700)}, 0x0) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x4030582a, &(0x7f0000000000)) 00:55:21 executing program 4: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000280)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000480)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) read$FUSE(r0, &(0x7f0000003000), 0x4ea) write$FUSE_INIT(r0, &(0x7f0000000600)={0x50, 0x0, 0x2, {0x7, 0x1c, 0x0, 0x800000000000000, 0x7ff}}, 0x50) 00:55:21 executing program 5: add_key$user(&(0x7f0000000040)='user\x00', 0x0, &(0x7f0000000380), 0x0, 0xfffffffffffffffe) keyctl$update(0x2, 0x0, 0x0, 0x0) r0 = syz_open_dev$swradio(&(0x7f00000000c0)='/dev/swradio#\x00', 0xffffffffffffffff, 0x2) ioctl$KVM_ASSIGN_SET_MSIX_ENTRY(r0, 0x4010ae74, &(0x7f0000000000)={0x20000000000, 0x6, 0xffff}) mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xfffffffffffffffd, 0x11, r0, 0x0) ioctl$ASHMEM_GET_SIZE(0xffffffffffffffff, 0x7704, 0x0) 00:55:21 executing program 1: r0 = add_key$user(0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe) keyctl$update(0x2, r0, &(0x7f0000000440), 0x0) r1 = syz_open_dev$usbmon(&(0x7f0000000000)='/dev/usbmon#\x00', 0x100, 0x4000) ioctl$SG_SET_TIMEOUT(r1, 0x2201, &(0x7f0000000040)=0x3) r2 = syz_open_dev$swradio(&(0x7f00000000c0)='/dev/swradio#\x00', 0xffffffffffffffff, 0x2) mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xfffffffffffffffd, 0x11, r2, 0x0) 00:55:21 executing program 4: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000280)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000480)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) read$FUSE(r0, &(0x7f0000003000), 0x4ea) write$FUSE_INIT(r0, &(0x7f0000000600)={0x50, 0x0, 0x2, {0x7, 0x1c, 0x0, 0x1000000, 0x7ff}}, 0x50) 00:55:22 executing program 3: r0 = syz_open_dev$radio(&(0x7f0000000100)='/dev/radio#\x00', 0x0, 0x2) setsockopt$inet_sctp6_SCTP_RECVRCVINFO(r0, 0x84, 0x20, &(0x7f0000000140)=0x3c4d800000, 0x4) r1 = syz_open_dev$mice(0x0, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)=ANY=[], &(0x7f00000001c0)='GPL\x00'}, 0x48) r2 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x2761, 0x0) ioctl$SNDRV_CTL_IOCTL_CARD_INFO(r0, 0x81785501, &(0x7f0000000480)=""/83) ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x4030582a, &(0x7f0000000000)) sendmsg$kcm(r2, &(0x7f0000000000)={0x0, 0xffffffffffffff75, &(0x7f0000000840), 0x0, &(0x7f0000000700), 0x3e, 0x1}, 0x20000000) getsockopt$inet_sctp_SCTP_AUTH_ACTIVE_KEY(r2, 0x84, 0x18, &(0x7f0000000880)={0x0, 0x3f}, &(0x7f00000008c0)=0x8) getsockopt$inet_sctp_SCTP_STREAM_SCHEDULER_VALUE(r1, 0x84, 0x7c, &(0x7f0000000900)={0x0, 0xff, 0x81}, &(0x7f0000000940)=0x8) getsockopt$inet_sctp_SCTP_LOCAL_AUTH_CHUNKS(r1, 0x84, 0x1b, &(0x7f0000000400)=ANY=[@ANYRES32=0x0, @ANYBLOB="130000008a77e12ae9dddcd70ce4fe0100738ddefe77497c83ca25e5"], &(0x7f00000009c0)=0x1b) sendmsg$inet_sctp(0xffffffffffffffff, &(0x7f0000000b00)={&(0x7f00000000c0)=@in={0x2, 0x4e23, @multicast1}, 0x10, &(0x7f00000007c0)=[{&(0x7f0000000200)="7d6ba9414f94ce9ffc201dacaa5fd2e75b221b0b7f7073fdb32642fc69014ca7ac61eea65fac188772da177e7153f68afb35b06029f6a975f9bacfde60bcaf550751b28a39fb8d3394448aa341cb907bb2a4468488a5b272d42c4f63c8e3d4afcf130aad3342b29b178ec75e6988888c5e8452a7b6562366225f422e6990941d8fde23dc16468ef7a58289e5f38557420376be0e76c6e24ebfbe8e8619340004a5c95e7f", 0xa4}, {&(0x7f0000000100)}, {&(0x7f00000002c0)="f338375873cd75d44565c353826ed5768434906c894db8ed50a7fa0de12deaf686b468d9bb7a9d302108e2bfbe313341bc0c395250bbbea36f67f04658a67599afa4a58ddfaeb88c93c1b0e5b8f206fb6fe617494cf26e568fd5ccc964ec2e073a6eb48fca44778e1643de0190f658d45722c9874b8afc219af39d7789d8a2c14bbbf2c827eddcf5cdf4f328b4e11a558f2c2fa7afc7c839f2dc8b4268dd7216aa463f27aa3312d1241d608ce51986759ec3e5941adc7c7306179c0cbad302cb79d087d22803188833f64ea67eb59f5c719c8051c0c3aba1e7ae975dfa482db7fb0587954f3aa5e2209da43dfdbd6e9a85225109387489960e468362", 0xfc}, {&(0x7f0000000140)}, {&(0x7f0000000580)="0c5059915c848429c33347a89bec962b03d4c7efb8fc8c95c6a2f65affc2550b9caac5020fbff66610fcb236caef1a191a749d3b9508c9c004741a93129d1627e395dd47f3ab0d967b0abf2132d4f08e29eba625741615441de39bb1f5a38e83791bb493aa752c7d631a36fc641fbead13d0e1073b49284978570640a4a12e4c26a23801b7bdb1b18fc4f3cef23310a8259f40d0ec9ffd1578f6ca711504f5dcb1d5449267d0f255b2", 0xa9}, {&(0x7f00000003c0)="24627ab351f3cb279ebc1274b22f2be239a3214922b87b76fe977f85", 0x1c}, {&(0x7f0000000640)="6efa44c8e3d1d47ad4", 0x9}, {&(0x7f0000000680)="92a2662df08fb6dbe2ef77dbbbf85c0211a440d3f403fd965cc137ea568b586c599831709202f83ec7eee284eb18cf", 0x2f}, {&(0x7f00000006c0)="36d434785aef408de1ff29a56632b86c75ce5f36624bffb48b6026740aa343ece90818ba41f1bf9b30c855e1339b0dac9ef457b954d40e9f71b7a1b253174086e7c2da52a0242f5be39a8210522b45d5b96a1c1e250d27e69cb91cf9ba7bd997a052712879d71ef003686c80fb1c268a454821f3ebd32786ce4a7e385d520a083789398160ae689e765df7a52725a2f8e86b6868a1d7b635044ef85d7f60adfa30e8d06d85ea0d25fdc7b3e8f6a6bf1e174458235ed02e421c3743b6b5fff175422684b791c5ebd06d427898998b1cfd10e8ac304500baacf8c157c932fb22bb574748461ee30a8a9f3ea3", 0xeb}], 0x9, &(0x7f0000000a00)=ANY=[@ANYBLOB="3000000000000000840000000100000008001f0008800000ffff00008f000000030000004f020000c9000000", @ANYRES32=r3, @ANYBLOB="18000000000000009a000000070000000000004b8e89491ee06b05000000001800000000000000000000180000000000000084000000000000000080ff03ffff81002000000000000000840000000200000009000a009d60000000000000000000000000", @ANYRES32=r4, @ANYBLOB="18000000000000008400000006000000ff0300000000000018000000000000008400000005000000300000000000000020000000000000008400000002000000090001007400000003000000", @ANYRES32=r5], 0xe8, 0x40}, 0x8000) socketpair$inet_udplite(0x2, 0x2, 0x88, &(0x7f0000000440)) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(0xffffffffffffffff, 0x4030582a, &(0x7f0000000000)) ioctl$TCSBRK(r1, 0x5409, 0x5) socketpair$packet(0x11, 0x3, 0x300, &(0x7f0000000080)) 00:55:22 executing program 5: add_key$user(&(0x7f0000000040)='user\x00', 0x0, &(0x7f0000000380), 0x0, 0xfffffffffffffffe) keyctl$update(0x2, 0x0, 0x0, 0x0) r0 = syz_open_dev$swradio(&(0x7f0000000000)='/dev/swradio#\x00', 0xffffffffffffffff, 0x2) mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xfffffffffffffffd, 0x11, r0, 0x0) ioctl$ASHMEM_GET_SIZE(0xffffffffffffffff, 0x7704, 0x0) getsockopt$sock_linger(r0, 0x1, 0xd, &(0x7f0000000080), &(0x7f00000000c0)=0x8) 00:55:22 executing program 4: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000280)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000480)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) read$FUSE(r0, &(0x7f0000003000), 0x4ea) write$FUSE_INIT(r0, &(0x7f0000000600)={0x50, 0x0, 0x2, {0x7, 0x1c, 0x0, 0x100000000000000, 0x7ff}}, 0x50) [ 787.711126] syz-executor0 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=1000 [ 787.723031] syz-executor0 cpuset=syz0 mems_allowed=0 [ 787.728233] CPU: 0 PID: 21543 Comm: syz-executor0 Not tainted 4.20.0-rc1-next-20181109+ #110 [ 787.736795] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 787.746130] Call Trace: [ 787.748706] dump_stack+0x244/0x39d [ 787.752486] ? dump_stack_print_info.cold.1+0x20/0x20 [ 787.757665] ? mark_held_locks+0x130/0x130 [ 787.761893] dump_header+0x27b/0xf72 [ 787.765597] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 787.770278] ? retint_kernel+0x2d/0x2d [ 787.774154] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 787.779679] ? pagefault_out_of_memory+0x197/0x197 [ 787.784597] ? print_usage_bug+0xc0/0xc0 [ 787.788643] ? debug_smp_processor_id+0x1c/0x20 [ 787.793296] ? perf_trace_lock_acquire+0x15b/0x800 [ 787.798227] ? perf_trace_lock+0x7a0/0x7a0 [ 787.802450] ? mark_held_locks+0xc7/0x130 [ 787.806581] ? print_usage_bug+0xc0/0xc0 [ 787.810630] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 787.815370] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 787.819944] ? retint_kernel+0x2d/0x2d [ 787.823817] ? trace_hardirqs_on_caller+0xc0/0x310 [ 787.828736] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 787.833476] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 787.838928] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 787.843669] ? retint_kernel+0x2d/0x2d [ 787.847564] ? _raw_spin_unlock_irqrestore+0xaf/0xd0 [ 787.852657] ? _raw_spin_unlock_irqrestore+0x6d/0xd0 [ 787.857746] ? ___ratelimit+0x3b9/0x672 [ 787.861703] ? idr_get_free+0xf70/0xf70 [ 787.865687] ? _raw_spin_unlock_irq+0x27/0x80 [ 787.870368] ? _raw_spin_unlock_irq+0x27/0x80 [ 787.874859] oom_kill_process.cold.27+0x10/0x903 [ 787.879604] ? _raw_spin_unlock_irq+0x27/0x80 [ 787.884087] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 787.888669] ? oom_evaluate_task+0x540/0x540 [ 787.893063] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 787.898590] ? cgroup_procs_next+0x70/0x70 [ 787.902812] ? _raw_spin_unlock_irq+0x60/0x80 [ 787.907410] ? oom_badness+0xaa0/0xaa0 [ 787.911283] ? mem_cgroup_scan_tasks+0x1c3/0x1e0 [ 787.916023] ? mem_cgroup_iter_break+0x30/0x30 [ 787.920635] ? mark_held_locks+0xc7/0x130 [ 787.924775] out_of_memory+0xa7f/0x1430 [ 787.928749] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 787.933326] ? kasan_check_read+0x11/0x20 [ 787.937475] ? oom_killer_disable+0x3a0/0x3a0 [ 787.941977] mem_cgroup_out_of_memory+0x15e/0x210 [ 787.946808] ? memory_oom_group_write+0x160/0x160 [ 787.951649] ? page_counter_try_charge+0x1c1/0x220 [ 787.956564] try_charge+0xdcd/0x1720 [ 787.960264] ? kasan_check_read+0x11/0x20 [ 787.964411] ? mem_cgroup_from_task+0x1f0/0x1f0 [ 787.969068] ? get_mem_cgroup_from_mm.part.62+0x221/0x880 [ 787.974592] ? lock_page_memcg+0x350/0x350 [ 787.978824] ? lock_acquire+0x1ed/0x520 [ 787.982793] ? mem_cgroup_oom_control_write+0x100/0x100 [ 787.988149] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 787.993674] ? check_preemption_disabled+0x48/0x280 [ 787.998680] ? kasan_check_read+0x11/0x20 [ 788.002824] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 788.008088] ? rcu_softirq_qs+0x20/0x20 [ 788.012068] mem_cgroup_try_charge+0x627/0xe20 [ 788.016723] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 788.021307] ? mem_cgroup_protected+0xa60/0xa60 [ 788.025963] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 788.031483] ? page_mapping+0x5a2/0xa50 [ 788.035458] ? retint_kernel+0x2d/0x2d [ 788.039336] ? alloc_pages_vma+0xe0/0x4a0 [ 788.043565] mem_cgroup_try_charge_delay+0x1d/0xa0 [ 788.048488] wp_page_copy+0x51d/0x24f0 [ 788.052396] ? follow_pfn+0x2e0/0x2e0 [ 788.056189] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 788.061710] ? reuse_swap_page+0x4bd/0x1520 [ 788.066019] ? swp_swapcount+0x530/0x530 [ 788.070067] ? perf_trace_mm_lru_insertion+0x1490/0x1490 [ 788.075517] ? mark_held_locks+0xc7/0x130 [ 788.079660] ? print_usage_bug+0xc0/0xc0 [ 788.083708] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 788.088279] ? trace_hardirqs_on_caller+0xc0/0x310 [ 788.093206] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 788.097953] ? graph_lock+0x270/0x270 [ 788.101741] ? __lock_acquire+0x62f/0x4c20 [ 788.105962] ? retint_kernel+0x2d/0x2d [ 788.109840] ? find_held_lock+0x36/0x1c0 [ 788.113896] ? do_wp_page+0x518/0x2920 [ 788.117772] ? lock_downgrade+0x900/0x900 [ 788.121926] ? wake_up_page_bit+0x6f0/0x6f0 [ 788.126246] ? kasan_check_read+0x11/0x20 [ 788.130381] ? do_raw_spin_unlock+0xa7/0x330 [ 788.134774] ? do_raw_spin_trylock+0x270/0x270 [ 788.139356] ? __pte_alloc_kernel+0x220/0x220 [ 788.143866] ? perf_trace_lock_acquire+0x15b/0x800 [ 788.148786] do_wp_page+0x520/0x2920 [ 788.152503] ? check_preemption_disabled+0x48/0x280 [ 788.157502] ? print_usage_bug+0xc0/0xc0 [ 788.161566] ? finish_mkwrite_fault+0x650/0x650 [ 788.166221] ? mark_held_locks+0xc7/0x130 [ 788.170360] ? perf_trace_lock+0x7a0/0x7a0 [ 788.174926] ? trace_hardirqs_on_caller+0xc0/0x310 [ 788.179859] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 788.185402] ? __lock_acquire+0x62f/0x4c20 [ 788.189633] ? mark_held_locks+0x130/0x130 [ 788.193862] ? follow_page_pte+0xdd7/0x1ab0 [ 788.198190] ? lock_downgrade+0x900/0x900 [ 788.202333] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 788.207875] ? check_preemption_disabled+0x48/0x280 [ 788.212894] ? debug_smp_processor_id+0x1c/0x20 [ 788.217547] ? perf_trace_lock_acquire+0x15b/0x800 [ 788.222472] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 788.228017] ? follow_page_pte+0x4f9/0x1ab0 [ 788.232327] ? print_usage_bug+0xc0/0xc0 [ 788.236517] ? undo_dev_pagemap+0x680/0x680 [ 788.240841] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 788.245587] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 788.250332] ? print_usage_bug+0xc0/0xc0 [ 788.254381] ? retint_kernel+0x2d/0x2d [ 788.258256] ? __lock_acquire+0x62f/0x4c20 [ 788.262480] ? lock_acquire+0x1ed/0x520 [ 788.266439] ? __handle_mm_fault+0x1fa9/0x5be0 [ 788.271010] ? kasan_check_write+0x14/0x20 [ 788.275226] ? do_raw_spin_lock+0x14f/0x350 [ 788.279543] ? rwlock_bug.part.2+0x90/0x90 [ 788.283784] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 788.288362] ? retint_kernel+0x2d/0x2d [ 788.292235] ? trace_hardirqs_on_caller+0xc0/0x310 [ 788.297168] __handle_mm_fault+0x3be9/0x5be0 [ 788.301569] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 788.306523] ? perf_trace_lock+0x7a0/0x7a0 [ 788.310746] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 788.316362] ? pmd_huge+0xf4/0x140 [ 788.319908] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 788.324489] ? retint_kernel+0x2d/0x2d [ 788.328364] ? find_held_lock+0x36/0x1c0 [ 788.332415] ? handle_mm_fault+0x42a/0xc70 [ 788.336645] ? lock_downgrade+0x900/0x900 [ 788.340777] ? check_preemption_disabled+0x48/0x280 [ 788.345801] ? kasan_check_read+0x11/0x20 [ 788.349937] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 788.355198] ? rcu_read_unlock_special+0x370/0x370 [ 788.360117] handle_mm_fault+0x54f/0xc70 [ 788.364166] ? __handle_mm_fault+0x5be0/0x5be0 [ 788.368738] ? __get_user_pages+0x9c6/0x1ed0 [ 788.373138] __get_user_pages+0xa3d/0x1ed0 [ 788.377359] ? print_usage_bug+0xc0/0xc0 [ 788.381437] ? follow_page_mask+0x2160/0x2160 [ 788.385927] ? mark_held_locks+0xc7/0x130 [ 788.390068] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 788.394916] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 788.399502] ? retint_kernel+0x2d/0x2d [ 788.403385] ? trace_hardirqs_on_caller+0xc0/0x310 [ 788.408303] ? mark_held_locks+0xc7/0x130 [ 788.412439] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 788.417182] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 788.421746] ? retint_kernel+0x2d/0x2d [ 788.425627] ? trace_hardirqs_on_caller+0xc0/0x310 [ 788.430565] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 788.435324] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 788.440763] ? retint_kernel+0x2d/0x2d [ 788.444654] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 788.449402] populate_vma_page_range+0x2db/0x3d0 [ 788.454147] ? follow_page+0x420/0x420 [ 788.458022] ? __get_user_pages+0x744/0x1ed0 [ 788.462435] __mm_populate+0x286/0x4d0 [ 788.466312] ? populate_vma_page_range+0x3d0/0x3d0 [ 788.471231] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 788.476755] ? ns_capable_common+0x13f/0x170 [ 788.481159] __x64_sys_mlockall+0x45b/0x630 [ 788.485465] ? __ia32_sys_munlock+0x160/0x160 [ 788.489944] ? retint_kernel+0x2d/0x2d [ 788.493823] ? __ia32_sys_munlock+0x160/0x160 [ 788.498310] ? do_syscall_64+0x179/0x820 [ 788.502373] do_syscall_64+0x1b9/0x820 [ 788.506260] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 788.511622] ? syscall_return_slowpath+0x5e0/0x5e0 [ 788.516536] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 788.521366] ? trace_hardirqs_on_caller+0x310/0x310 [ 788.526366] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 788.531370] ? prepare_exit_to_usermode+0x291/0x3b0 [ 788.536373] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 788.541207] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 788.546384] RIP: 0033:0x457569 [ 788.549561] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 788.568446] RSP: 002b:00007f835d885c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097 [ 788.576138] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 0000000000457569 [ 788.583388] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 788.590643] RBP: 000000000072bfa0 R08: 0000000000000000 R09: 0000000000000000 [ 788.597897] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f835d8866d4 [ 788.605163] R13: 00000000004c2b54 R14: 00000000004d4810 R15: 00000000ffffffff [ 788.626686] Task in /syz0 killed as a result of limit of /syz0 [ 788.632870] memory: usage 307200kB, limit 307200kB, failcnt 2921 [ 788.639085] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 788.646584] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 788.653115] Memory cgroup stats for /syz0: cache:144KB rss:297448KB rss_huge:266240KB shmem:28KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:63760KB active_anon:17092KB inactive_file:0KB active_file:0KB unevictable:216736KB [ 788.676417] Memory cgroup out of memory: Kill process 21506 (syz-executor0) score 1216 or sacrifice child [ 788.686681] Killed process 21544 (syz-executor0) total-vm:70468kB, anon-rss:18068kB, file-rss:32768kB, shmem-rss:0kB [ 788.703559] oom_reaper: reaped process 21544 (syz-executor0), now anon-rss:0kB, file-rss:32768kB, shmem-rss:0kB [ 789.488641] syz-executor0 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=1000 [ 789.500200] syz-executor0 cpuset=syz0 mems_allowed=0 [ 789.505781] CPU: 1 PID: 21552 Comm: syz-executor0 Not tainted 4.20.0-rc1-next-20181109+ #110 [ 789.514364] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 789.523707] Call Trace: [ 789.526285] dump_stack+0x244/0x39d [ 789.529991] ? dump_stack_print_info.cold.1+0x20/0x20 [ 789.535177] ? mark_held_locks+0x130/0x130 [ 789.539404] ? mark_held_locks+0x130/0x130 [ 789.543639] dump_header+0x27b/0xf72 [ 789.547340] ? print_usage_bug+0xc0/0xc0 [ 789.551387] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 789.556909] ? pagefault_out_of_memory+0x197/0x197 [ 789.561824] ? debug_smp_processor_id+0x1c/0x20 [ 789.566476] ? perf_trace_lock_acquire+0x15b/0x800 [ 789.571394] ? perf_trace_lock+0x7a0/0x7a0 [ 789.575634] ? mark_held_locks+0xc7/0x130 [ 789.579768] ? print_usage_bug+0xc0/0xc0 [ 789.583815] ? graph_lock+0x270/0x270 [ 789.587602] ? print_usage_bug+0xc0/0xc0 [ 789.591734] ? retint_kernel+0x2d/0x2d [ 789.595610] ? trace_hardirqs_on_caller+0xc0/0x310 [ 789.600534] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 789.605329] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 789.610776] ? mark_held_locks+0xc7/0x130 [ 789.614918] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 789.619668] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 789.624248] ? retint_kernel+0x2d/0x2d [ 789.628120] ? trace_hardirqs_on_caller+0xc0/0x310 [ 789.633034] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 789.637776] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 789.643208] ? trace_hardirqs_on+0xbd/0x310 [ 789.647514] ? kasan_check_read+0x11/0x20 [ 789.651656] ? ___ratelimit+0x3b4/0x672 [ 789.655629] ? trace_hardirqs_off_caller+0x300/0x300 [ 789.660724] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 789.665470] ? retint_kernel+0x2d/0x2d [ 789.669374] oom_kill_process.cold.27+0x10/0x903 [ 789.674130] ? _raw_spin_unlock_irq+0x56/0x80 [ 789.678614] ? oom_evaluate_task+0x540/0x540 [ 789.683013] ? cgroup_procs_next+0x70/0x70 [ 789.687252] ? _raw_spin_unlock_irq+0x60/0x80 [ 789.691742] ? oom_badness+0xaa0/0xaa0 [ 789.695615] ? mem_cgroup_scan_tasks+0x1c3/0x1e0 [ 789.700360] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 789.705103] ? mem_cgroup_iter_break+0x30/0x30 [ 789.709720] ? out_of_memory+0x4f6/0x1430 [ 789.713868] out_of_memory+0xa7f/0x1430 [ 789.717841] ? retint_kernel+0x2d/0x2d [ 789.721730] ? oom_killer_disable+0x3a0/0x3a0 [ 789.726237] ? _raw_spin_unlock_irqrestore+0xaf/0xd0 [ 789.731451] mem_cgroup_out_of_memory+0x15e/0x210 [ 789.736302] ? memory_oom_group_write+0x160/0x160 [ 789.741137] try_charge+0xdcd/0x1720 [ 789.744840] ? kasan_check_read+0x11/0x20 [ 789.748981] ? mem_cgroup_from_task+0x1f0/0x1f0 [ 789.753641] ? get_mem_cgroup_from_mm.part.62+0x221/0x880 [ 789.759164] ? retint_kernel+0x2d/0x2d [ 789.763038] ? trace_hardirqs_on_caller+0xc0/0x310 [ 789.767953] ? lock_page_memcg+0x350/0x350 [ 789.772178] ? lock_acquire+0x1ed/0x520 [ 789.776147] ? mem_cgroup_oom_control_write+0x100/0x100 [ 789.781511] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 789.787035] ? check_preemption_disabled+0x48/0x280 [ 789.792039] ? kasan_check_read+0x11/0x20 [ 789.796179] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 789.801450] ? rcu_softirq_qs+0x20/0x20 [ 789.805422] mem_cgroup_try_charge+0x627/0xe20 [ 789.809993] ? munlock_vma_page+0x626/0xbe0 [ 789.814303] ? mem_cgroup_protected+0xa60/0xa60 [ 789.818980] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 789.824501] ? page_mapping+0x5a2/0xa50 [ 789.828486] ? mem_cgroup_uncharge+0x100/0x100 [ 789.833057] ? page_evictable+0x2de/0x540 [ 789.837201] ? lock_downgrade+0x900/0x900 [ 789.841445] ? check_preemption_disabled+0x48/0x280 [ 789.846455] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 789.851999] mem_cgroup_try_charge_delay+0x1d/0xa0 [ 789.856959] wp_page_copy+0x51d/0x24f0 [ 789.860842] ? follow_pfn+0x2e0/0x2e0 [ 789.864631] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 789.870183] ? reuse_swap_page+0x4bd/0x1520 [ 789.874494] ? swp_swapcount+0x530/0x530 [ 789.878560] ? perf_trace_mm_lru_insertion+0x1490/0x1490 [ 789.884142] ? print_usage_bug+0xc0/0xc0 [ 789.888193] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 789.893632] ? print_usage_bug+0xc0/0xc0 [ 789.897683] ? retint_kernel+0x2d/0x2d [ 789.901557] ? trace_hardirqs_on_caller+0xc0/0x310 [ 789.906477] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 789.911247] ? graph_lock+0x270/0x270 [ 789.915036] ? __lock_acquire+0x62f/0x4c20 [ 789.919261] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 789.923881] ? trace_hardirqs_on_caller+0xc0/0x310 [ 789.928812] ? find_held_lock+0x36/0x1c0 [ 789.932865] ? do_wp_page+0x518/0x2920 [ 789.936740] ? lock_downgrade+0x900/0x900 [ 789.940884] ? wake_up_page_bit+0x6f0/0x6f0 [ 789.945199] ? kasan_check_read+0x11/0x20 [ 789.949358] ? do_raw_spin_unlock+0xa7/0x330 [ 789.953774] ? do_raw_spin_trylock+0x270/0x270 [ 789.958459] ? __pte_alloc_kernel+0x220/0x220 [ 789.962941] ? perf_trace_lock_acquire+0x15b/0x800 [ 789.967860] ? check_memory_region+0x21/0x1b0 [ 789.972349] do_wp_page+0x520/0x2920 [ 789.976053] ? check_preemption_disabled+0x48/0x280 [ 789.981062] ? finish_mkwrite_fault+0x650/0x650 [ 789.985721] ? mark_held_locks+0xc7/0x130 [ 789.989869] ? perf_trace_lock+0x7a0/0x7a0 [ 789.994096] ? trace_hardirqs_on_caller+0xc0/0x310 [ 789.999012] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 790.004537] ? __lock_acquire+0x62f/0x4c20 [ 790.008787] ? mark_held_locks+0x130/0x130 [ 790.013014] ? follow_page_pte+0xdd7/0x1ab0 [ 790.017323] ? lock_downgrade+0x900/0x900 [ 790.021463] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 790.026987] ? check_preemption_disabled+0x48/0x280 [ 790.031991] ? debug_smp_processor_id+0x1c/0x20 [ 790.036645] ? perf_trace_lock_acquire+0x15b/0x800 [ 790.041569] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 790.047096] ? follow_page_pte+0x4f9/0x1ab0 [ 790.051403] ? print_usage_bug+0xc0/0xc0 [ 790.055467] ? undo_dev_pagemap+0x680/0x680 [ 790.059802] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 790.064552] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 790.069134] ? print_usage_bug+0xc0/0xc0 [ 790.073189] ? __lock_acquire+0x62f/0x4c20 [ 790.077415] ? lock_acquire+0x1ed/0x520 [ 790.081465] ? __handle_mm_fault+0x1fa9/0x5be0 [ 790.086039] ? kasan_check_write+0x14/0x20 [ 790.090256] ? do_raw_spin_lock+0x14f/0x350 [ 790.094580] ? retint_kernel+0x2d/0x2d [ 790.098453] ? rwlock_bug.part.2+0x90/0x90 [ 790.102679] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 790.107250] ? retint_kernel+0x2d/0x2d [ 790.111150] __handle_mm_fault+0x3be9/0x5be0 [ 790.115572] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 790.120414] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 790.125853] ? perf_trace_lock+0x7a0/0x7a0 [ 790.130084] ? retint_kernel+0x2d/0x2d [ 790.133989] ? lock_release+0x4ea/0xa10 [ 790.137955] ? handle_mm_fault+0x42a/0xc70 [ 790.142180] ? lock_downgrade+0x900/0x900 [ 790.146324] ? check_preemption_disabled+0x48/0x280 [ 790.151329] ? kasan_check_read+0x11/0x20 [ 790.155465] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 790.160734] ? rcu_read_unlock_special+0x370/0x370 [ 790.165669] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 790.171224] ? check_preemption_disabled+0x48/0x280 [ 790.176347] handle_mm_fault+0x54f/0xc70 [ 790.180414] ? __handle_mm_fault+0x5be0/0x5be0 [ 790.185017] __get_user_pages+0xa3d/0x1ed0 [ 790.189277] ? follow_page_mask+0x2160/0x2160 [ 790.193761] ? debug_smp_processor_id+0x1c/0x20 [ 790.198413] ? perf_trace_lock_acquire+0x15b/0x800 [ 790.203351] ? graph_lock+0x270/0x270 [ 790.207138] ? graph_lock+0x270/0x270 [ 790.210936] ? lock_acquire+0x1ed/0x520 [ 790.214909] ? __mm_populate+0x31a/0x4d0 [ 790.218958] ? lock_release+0xa10/0xa10 [ 790.222917] ? perf_trace_sched_process_exec+0x860/0x860 [ 790.228447] populate_vma_page_range+0x2db/0x3d0 [ 790.233213] ? follow_page+0x420/0x420 [ 790.237088] ? find_vma+0x34/0x190 [ 790.240613] __mm_populate+0x286/0x4d0 [ 790.244494] ? populate_vma_page_range+0x3d0/0x3d0 [ 790.249409] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 790.254930] ? ns_capable_common+0x13f/0x170 [ 790.259326] __x64_sys_mlockall+0x45b/0x630 [ 790.263639] ? __ia32_sys_munlock+0x160/0x160 [ 790.268222] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 790.273744] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 790.279098] ? trace_hardirqs_off_caller+0x300/0x300 [ 790.284285] do_syscall_64+0x1b9/0x820 [ 790.288160] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 790.293517] ? syscall_return_slowpath+0x5e0/0x5e0 [ 790.298434] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 790.303390] ? trace_hardirqs_on_caller+0x310/0x310 [ 790.308390] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 790.313390] ? prepare_exit_to_usermode+0x291/0x3b0 [ 790.318403] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 790.323233] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 790.328402] RIP: 0033:0x457569 [ 790.331583] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 790.350467] RSP: 002b:00007f835d843c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097 [ 790.358166] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 0000000000457569 [ 790.365429] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 790.372685] RBP: 000000000072c0e0 R08: 0000000000000000 R09: 0000000000000000 [ 790.379935] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f835d8446d4 [ 790.387189] R13: 00000000004c2b54 R14: 00000000004d4810 R15: 00000000ffffffff [ 790.398335] Task in /syz0 killed as a result of limit of /syz0 [ 790.404508] memory: usage 295712kB, limit 307200kB, failcnt 2984 [ 790.410709] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 790.417661] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 790.424347] Memory cgroup stats for /syz0: cache:144KB rss:286288KB rss_huge:256000KB shmem:28KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:58236KB active_anon:19124KB inactive_file:0KB active_file:0KB unevictable:208940KB [ 790.446537] Memory cgroup out of memory: Kill process 21506 (syz-executor0) score 1220 or sacrifice child [ 790.457253] Killed process 21552 (syz-executor0) total-vm:70732kB, anon-rss:18452kB, file-rss:52260kB, shmem-rss:0kB [ 790.469538] oom_reaper: reaped process 21552 (syz-executor0), now anon-rss:18452kB, file-rss:52252kB, shmem-rss:0kB 00:55:25 executing program 0: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000000)=0x102, 0x4) bind$inet(r0, &(0x7f0000942000)={0x2, 0x4e20, @multicast1}, 0x10) getsockopt$IP_VS_SO_GET_SERVICE(r0, 0x0, 0x483, &(0x7f0000000300), &(0x7f00000000c0)=0xfe18) r1 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000400)='/dev/vga_arbiter\x00', 0x3fc, 0x0) getsockopt$IP6T_SO_GET_REVISION_MATCH(r1, 0x29, 0x44, &(0x7f0000000180)={'NETMAP\x00'}, &(0x7f00000001c0)=0x1e) mlockall(0x1) clone(0x0, 0x0, 0xfffffffffffffffe, &(0x7f0000000080), 0xffffffffffffffff) r2 = open(&(0x7f0000000140)='./file0\x00', 0x0, 0x99) exit(0x7fffffffbffefffd) r3 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mlockall(0x3) ioctl$VHOST_SET_VRING_CALL(r1, 0x4008af21, &(0x7f0000000500)={0x3, r2}) r4 = getpgid(0xffffffffffffffff) setpriority(0x1, r4, 0x5) r5 = getpgrp(0x0) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000280)={0xffffffffffffffff, r1, 0x0, 0xf, &(0x7f0000000240)='wlan0\\}md5sum#\x00'}, 0x30) setpgid(r5, r6) vmsplice(r3, &(0x7f00000008c0)=[{&(0x7f0000000800)="50e005e6815dc6b00b10002c519c66795de0d52fc076f1eb6a9c58cde88a6eef0093b24a178e84740aa6d1618e2033d38d4aea0fb17cda768820a83864ac14405192e4549c3ad33fca5d187507c5a984d6a0c72683e7af2d4a070000000000000005b6d0dce139e4c627395426a1f6fc0b416f7163eb07000000d9e0203181735ccac1e530c361262a0a5e0a98e9ca3d17f2f2f0c116fa9fbdbe757d93e323d17f29", 0xa2}], 0x1, 0xf) ioctl$EVIOCGEFFECTS(r1, 0x80044584, &(0x7f0000000580)=""/190) mq_notify(r1, &(0x7f0000000540)={0x0, 0x1c, 0x7, @thr={&(0x7f0000000440)="4c272be7ad31b92a7819bd4438656080ec27849a76ffa174b3fe114201140a34e5e6cb4d6a3ab9bcdc80a2717dd8542f33caa13b8c9cb9f5d11d4c66dc81779917000c05979ce491010f7259d0ecdb80fb30d6cba6e2b753ac23635fbb3d879cc2982fb4bbe1afcea02f12d11d43e1337c25411ae04bd8efc06636c455e15689c75b95c24f0dbdd30bdf91f2313a3e39b263ff5196302f1880765440d8b1", 0x0}}) accept4$inet(0xffffffffffffffff, &(0x7f00000000c0), &(0x7f0000000100)=0x10, 0x0) setsockopt$sock_int(r0, 0x1, 0x3c, &(0x7f0000d4effc)=0x1, 0x4) remap_file_pages(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x4, 0xa1, 0x40001) connect$inet(r0, &(0x7f00000002c0)={0x2, 0x4e20, @local}, 0x10) ioctl$FS_IOC_FSSETXATTR(r2, 0x401c5820, &(0x7f0000000200)={0x6d, 0x7fff, 0x400, 0x40, 0x4}) sendmmsg(r0, &(0x7f00000010c0)=[{{&(0x7f0000000bc0)=@in6={0xa, 0x0, 0xffffffffa0008000, @mcast1}, 0x80, &(0x7f0000000d40), 0x2fb, &(0x7f0000000d80)}}], 0x4000000000001b4, 0x40400d4) 00:55:25 executing program 1: r0 = add_key$user(0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe) keyctl$update(0x2, r0, &(0x7f0000000440), 0x0) r1 = syz_open_dev$sndpcmc(&(0x7f0000000040)='/dev/snd/pcmC#D#c\x00', 0xc9f4, 0x80000) r2 = syz_open_dev$swradio(&(0x7f00000001c0)='/dev/swradio#\x00', 0x0, 0x2) fallocate(r1, 0xfb05c40566a5cf22, 0x1000, 0x4) syz_open_dev$usbmon(&(0x7f0000000000)='/dev/usbmon#\x00', 0xdefa, 0x100) mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xfffffffffffffffd, 0x11, r2, 0x0) 00:55:25 executing program 2: add_key$user(0x0, 0x0, &(0x7f0000000380), 0x0, 0xfffffffffffffffe) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getsockopt$IP_VS_SO_GET_VERSION(0xffffffffffffffff, 0x0, 0x480, 0x0, 0x0) r0 = syz_open_dev$swradio(&(0x7f00000000c0)='/dev/swradio#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000340)={0x0, 0x9, 0x1, {0xb, @pix={0x0, 0x1f}}}) mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xfffffffffffffffd, 0x11, r0, 0x0) clone(0x0, &(0x7f0000000080), &(0x7f0000000000), &(0x7f0000915ffc), &(0x7f0000000180)) ioctl$ASHMEM_GET_SIZE(0xffffffffffffffff, 0x7704, 0x0) add_key$user(&(0x7f0000000240)='user\x00', &(0x7f0000000540)={'syz'}, &(0x7f0000000600)="63bbdf5b932bb04481028798fd5fb1bf7183b30984e21c3eb3094d70650ee8624e2bdce1427bd61c8e222dbd67d402b7ccaf0c5dc50030ee14d419fa9c84b0ffd1019f1b2ae022a0f182301f9942566e6f61eabe384c732d0813a18bb3dc9f3a678d9d44e6293e786ab2e6d28f236c138d63fe4f6ece6f3d04", 0x79, 0xfffffffffffffffd) openat$autofs(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/autofs\x00', 0x401, 0x0) 00:55:25 executing program 4: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000280)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000480)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) read$FUSE(r0, &(0x7f0000003000), 0x4ea) write$FUSE_INIT(r0, &(0x7f0000000600)={0x50, 0x0, 0x2, {0x7, 0x1c, 0x0, 0x8, 0x7ff}}, 0x50) 00:55:25 executing program 5: add_key$user(&(0x7f0000000040)='user\x00', 0x0, &(0x7f0000000380), 0x0, 0xfffffffffffffffe) keyctl$update(0x2, 0x0, 0x0, 0x0) r0 = ioctl$KVM_CREATE_VM(0xffffffffffffff9c, 0xae01, 0x0) ioctl$KVM_DEASSIGN_DEV_IRQ(r0, 0x4040ae75, &(0x7f0000000000)={0x40, 0xd1b7, 0x3, 0x1}) r1 = syz_open_dev$swradio(&(0x7f00000000c0)='/dev/swradio#\x00', 0x1, 0x2) mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xfffffffffffffffd, 0x11, r1, 0x0) ioctl$ASHMEM_GET_SIZE(0xffffffffffffffff, 0x7704, 0x0) 00:55:25 executing program 3: syz_open_dev$mice(0x0, 0x0, 0x0) r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000400)="2f6a7374617400c65381b47aaedf2af5c8af3423fc41891bd2a3c56d8c88e29bad43f1da906e855ff182de04227edcbbc2b1df8f180e158e8abd442cc049cffda030ff277875ee010000000000000000000000000000000000000000000000f532144d1671a6cdf5069e5bddcf25cd7f23956b4a82df900f5eb5763b4fe8cc7172962d2590b2dca2a1308c382541b053194d9027d83ee7ba2e3280857f8f9f63fc90bae959c6e67078bf97e615bfd9409914958aadcfb37973543c60d83526e5c267f7dfa54bd524cc9671dedd665199322bdadee125a35b40b7be0c07301f439a7edfa26fa98277c8078b02e2076291c33787c58b0eabbc39288fc10509409de108f5ca26a8c8e1afb70b2a9569cf8f4cdb6d4e97eb7fdf241dee160e6071618333cc0b0e8bc6a17a0b7d604550fd149ad078ffe54c6392fba29015a3ae73774cd12c9c0ed251a7cf843d712d", 0x2761, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)=ANY=[], &(0x7f00000001c0)='GPL\x00'}, 0x48) r1 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x2761, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r1, 0x4030582a, &(0x7f0000000000)) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000840), 0x0, &(0x7f0000000700)}, 0x0) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x4030582a, &(0x7f0000000000)) ioctl$KVM_GET_EMULATED_CPUID(r1, 0xc008ae09, &(0x7f0000000080)=""/57) 00:55:26 executing program 5: socket$rds(0x15, 0x5, 0x0) socketpair$inet6_udplite(0xa, 0x2, 0x88, &(0x7f00000000c0)) add_key$user(&(0x7f0000000040)='user\x00', 0x0, &(0x7f0000000380), 0x0, 0xfffffffffffffffe) r0 = eventfd2(0x3, 0x80000) readahead(r0, 0x9, 0xf73) keyctl$update(0x2, 0x0, 0x0, 0x0) r1 = syz_open_dev$swradio(&(0x7f0000000000)='/dev/swradio#\x00', 0x0, 0x2) mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xfffffffffffffffd, 0x11, r1, 0x0) ioctl$ASHMEM_GET_SIZE(0xffffffffffffffff, 0x7704, 0x0) 00:55:26 executing program 4: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000280)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000480)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) read$FUSE(r0, &(0x7f0000003000), 0x4ea) write$FUSE_INIT(r0, &(0x7f0000000600)={0x50, 0x0, 0x2, {0x7, 0x1c, 0x0, 0xa0008000, 0x7ff}}, 0x50) 00:55:26 executing program 1: r0 = add_key$user(0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe) r1 = syz_init_net_socket$nfc_llcp(0x27, 0x3, 0x1) getsockopt$IP_VS_SO_GET_TIMEOUT(r1, 0x0, 0x486, &(0x7f0000000040), &(0x7f0000000080)=0xc) keyctl$update(0x2, r0, &(0x7f0000000440), 0x0) r2 = syz_open_dev$swradio(&(0x7f00000000c0)='/dev/swradio#\x00', 0xffffffffffffffff, 0x2) ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) r3 = getpid() syz_open_procfs(r3, &(0x7f0000000000)='net/ip_vs_stats\x00') mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xfffffffffffffffd, 0x11, r2, 0x0) 00:55:26 executing program 1: add_key(&(0x7f0000000000)='encrypted\x00', &(0x7f0000000040)={'syz', 0x0}, &(0x7f0000000100)="e1bf06431b8a1163a33c5ee1f5ada2d63ea03cbd3da0e72f87642949dc2a9b5b122a308f5c6428882a4b625a3b8436ea6f50d294e43da802f66c8429de6d221f2904a2de0ff1e9", 0x47, 0xfffffffffffffff9) r0 = add_key$user(0x0, 0x0, 0x0, 0xfffffcd0, 0xfffffffffffffff9) keyctl$update(0x2, r0, &(0x7f0000000440), 0x0) r1 = syz_open_dev$swradio(&(0x7f00000000c0)='/dev/swradio#\x00', 0xffffffffffffffff, 0x2) mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xfffffffffffffffd, 0x11, r1, 0x0) 00:55:26 executing program 2: add_key$user(0x0, 0x0, &(0x7f0000000380), 0x0, 0xfffffffffffffffe) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getsockopt$IP_VS_SO_GET_VERSION(0xffffffffffffffff, 0x0, 0x480, 0x0, 0x0) r0 = syz_open_dev$swradio(&(0x7f00000000c0)='/dev/swradio#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000340)={0x0, 0x9, 0x1, {0xb, @pix={0x0, 0x1f}}}) mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xfffffffffffffffd, 0x11, r0, 0x0) clone(0x0, &(0x7f0000000080), &(0x7f0000000000), &(0x7f0000915ffc), &(0x7f0000000180)) ioctl$ASHMEM_GET_SIZE(0xffffffffffffffff, 0x7704, 0x0) add_key$user(&(0x7f0000000240)='user\x00', &(0x7f0000000540)={'syz'}, &(0x7f0000000600)="63bbdf5b932bb04481028798fd5fb1bf7183b30984e21c3eb3094d70650ee8624e2bdce1427bd61c8e222dbd67d402b7ccaf0c5dc50030ee14d419fa9c84b0ffd1019f1b2ae022a0f182301f9942566e6f61eabe384c732d0813a18bb3dc9f3a678d9d44e6293e786ab2e6d28f236c138d63fe4f6ece6f3d04", 0x79, 0xfffffffffffffffd) openat$autofs(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/autofs\x00', 0x401, 0x0) 00:55:26 executing program 5: r0 = openat$dlm_monitor(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dlm-monitor\x00', 0x0, 0x0) ioctl$EVIOCGRAB(r0, 0x40044590, &(0x7f0000000100)=0x7) add_key$user(&(0x7f0000000040)='user\x00', 0x0, &(0x7f0000000380), 0x0, 0xfffffffffffffffe) keyctl$update(0x2, 0x0, 0x0, 0x0) r1 = syz_open_dev$swradio(&(0x7f00000000c0)='/dev/swradio#\x00', 0xffffffffffffffff, 0x2) write$P9_RFLUSH(r1, &(0x7f0000000000)={0x7, 0x6d, 0x1}, 0x7) mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xfffffffffffffffd, 0x11, r1, 0x0) ioctl$ASHMEM_GET_SIZE(r1, 0x7704, 0x0) [ 791.950555] syz-executor0 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=1000 [ 791.962048] syz-executor0 cpuset=syz0 mems_allowed=0 [ 791.967275] CPU: 0 PID: 21585 Comm: syz-executor0 Not tainted 4.20.0-rc1-next-20181109+ #110 [ 791.975834] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 791.985177] Call Trace: [ 791.987755] dump_stack+0x244/0x39d [ 791.991370] ? dump_stack_print_info.cold.1+0x20/0x20 [ 791.996570] ? mark_held_locks+0x130/0x130 [ 792.000787] ? mark_held_locks+0x130/0x130 [ 792.005031] dump_header+0x27b/0xf72 [ 792.008749] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 792.014274] ? pagefault_out_of_memory+0x197/0x197 [ 792.019192] ? debug_smp_processor_id+0x1c/0x20 [ 792.023860] ? perf_trace_lock_acquire+0x15b/0x800 [ 792.028784] ? perf_trace_lock+0x7a0/0x7a0 [ 792.033007] ? print_usage_bug+0xc0/0xc0 [ 792.037062] ? graph_lock+0x270/0x270 [ 792.040854] ? print_usage_bug+0xc0/0xc0 [ 792.044898] ? mark_held_locks+0xc7/0x130 [ 792.049036] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 792.053801] ? mark_held_locks+0xc7/0x130 [ 792.057935] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 792.062678] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 792.067245] ? retint_kernel+0x2d/0x2d [ 792.071122] ? trace_hardirqs_on_caller+0xc0/0x310 [ 792.076035] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 792.080781] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 792.086220] ? trace_hardirqs_on+0xbd/0x310 [ 792.090528] ? kasan_check_read+0x11/0x20 [ 792.094662] ? ___ratelimit+0x3b4/0x672 [ 792.098619] ? trace_hardirqs_off_caller+0x300/0x300 [ 792.103711] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 792.108458] ? retint_kernel+0x2d/0x2d [ 792.112345] oom_kill_process.cold.27+0x10/0x903 [ 792.117097] ? _raw_spin_unlock_irq+0x56/0x80 [ 792.121579] ? oom_evaluate_task+0x540/0x540 [ 792.125978] ? cgroup_procs_next+0x70/0x70 [ 792.130202] ? _raw_spin_unlock_irq+0x60/0x80 [ 792.134684] ? oom_badness+0xaa0/0xaa0 [ 792.138578] ? mem_cgroup_scan_tasks+0x1c3/0x1e0 [ 792.143333] ? mem_cgroup_iter_break+0x30/0x30 [ 792.147919] ? mark_held_locks+0xc7/0x130 [ 792.152057] out_of_memory+0xa7f/0x1430 [ 792.156019] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 792.160587] ? kasan_check_read+0x11/0x20 [ 792.164720] ? oom_killer_disable+0x3a0/0x3a0 [ 792.169209] mem_cgroup_out_of_memory+0x15e/0x210 [ 792.174038] ? memory_oom_group_write+0x160/0x160 [ 792.178864] ? page_counter_try_charge+0xef/0x220 [ 792.183692] ? page_counter_try_charge+0x1c1/0x220 [ 792.188611] try_charge+0xdcd/0x1720 [ 792.192330] ? kasan_check_read+0x11/0x20 [ 792.196476] ? mem_cgroup_from_task+0x1f0/0x1f0 [ 792.201164] ? get_mem_cgroup_from_mm.part.62+0x221/0x880 [ 792.206703] ? lock_page_memcg+0x350/0x350 [ 792.210928] ? lock_acquire+0x268/0x520 [ 792.214893] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 792.220430] ? check_preemption_disabled+0x48/0x280 [ 792.225436] ? kasan_check_read+0x11/0x20 [ 792.229570] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 792.234832] ? rcu_softirq_qs+0x20/0x20 [ 792.238799] mem_cgroup_try_charge+0x627/0xe20 [ 792.243370] ? mem_cgroup_protected+0xa60/0xa60 [ 792.248028] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 792.253553] ? page_mapping+0x5a2/0xa50 [ 792.257534] ? page_evictable+0x2de/0x540 [ 792.261777] ? check_preemption_disabled+0x48/0x280 [ 792.266784] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 792.272351] mem_cgroup_try_charge_delay+0x1d/0xa0 [ 792.277268] wp_page_copy+0x51d/0x24f0 [ 792.281150] ? follow_pfn+0x2e0/0x2e0 [ 792.284937] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 792.290460] ? reuse_swap_page+0x4bd/0x1520 [ 792.294785] ? swp_swapcount+0x530/0x530 [ 792.298838] ? perf_trace_mm_lru_insertion+0x1490/0x1490 [ 792.304395] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 792.309141] ? print_usage_bug+0xc0/0xc0 [ 792.313189] ? retint_kernel+0x2d/0x2d [ 792.317061] ? trace_hardirqs_on_caller+0xc0/0x310 [ 792.321983] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 792.327426] ? graph_lock+0x270/0x270 [ 792.331220] ? __lock_acquire+0x62f/0x4c20 [ 792.335440] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 792.340184] ? find_held_lock+0x36/0x1c0 [ 792.344237] ? do_wp_page+0x518/0x2920 [ 792.348112] ? lock_downgrade+0x900/0x900 [ 792.352248] ? wake_up_page_bit+0x6f0/0x6f0 [ 792.356555] ? kasan_check_read+0x11/0x20 [ 792.360698] ? do_raw_spin_unlock+0xa7/0x330 [ 792.365111] ? do_raw_spin_trylock+0x270/0x270 [ 792.369688] ? __pte_alloc_kernel+0x220/0x220 [ 792.374170] ? perf_trace_lock_acquire+0x15b/0x800 [ 792.379086] do_wp_page+0x520/0x2920 [ 792.382801] ? check_preemption_disabled+0x48/0x280 [ 792.387821] ? finish_mkwrite_fault+0x650/0x650 [ 792.392504] ? print_usage_bug+0xc0/0xc0 [ 792.396560] ? perf_trace_lock+0x7a0/0x7a0 [ 792.400785] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 792.406321] ? __lock_acquire+0x62f/0x4c20 [ 792.410546] ? mark_held_locks+0xc7/0x130 [ 792.414687] ? mark_held_locks+0x130/0x130 [ 792.418913] ? follow_page_pte+0xdd7/0x1ab0 [ 792.423223] ? lock_downgrade+0x900/0x900 [ 792.427360] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 792.432884] ? check_preemption_disabled+0x48/0x280 [ 792.437888] ? debug_smp_processor_id+0x1c/0x20 [ 792.442544] ? perf_trace_lock_acquire+0x15b/0x800 [ 792.447476] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 792.453092] ? follow_page_pte+0x4f9/0x1ab0 [ 792.457404] ? print_usage_bug+0xc0/0xc0 [ 792.461456] ? undo_dev_pagemap+0x680/0x680 [ 792.465772] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 792.470517] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 792.475085] ? retint_kernel+0x2d/0x2d [ 792.478959] ? trace_hardirqs_on_caller+0xc0/0x310 [ 792.483876] ? retint_kernel+0x2d/0x2d [ 792.487749] ? __lock_acquire+0x62f/0x4c20 [ 792.491970] ? lock_acquire+0x1ed/0x520 [ 792.495934] ? __handle_mm_fault+0x1fa9/0x5be0 [ 792.500513] ? kasan_check_write+0x14/0x20 [ 792.504731] ? do_raw_spin_lock+0x14f/0x350 [ 792.509039] ? rwlock_bug.part.2+0x90/0x90 [ 792.513386] __handle_mm_fault+0x3be9/0x5be0 [ 792.517785] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 792.522613] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 792.527185] ? perf_trace_lock+0x7a0/0x7a0 [ 792.531408] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 792.536932] ? pmd_huge+0xf4/0x140 [ 792.540473] ? graph_lock+0x270/0x270 [ 792.544257] ? graph_lock+0x270/0x270 [ 792.548045] ? find_held_lock+0x36/0x1c0 [ 792.552123] ? handle_mm_fault+0x42a/0xc70 [ 792.556355] ? lock_downgrade+0x900/0x900 [ 792.560498] ? check_preemption_disabled+0x48/0x280 [ 792.565529] ? kasan_check_read+0x11/0x20 [ 792.569660] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 792.574923] ? rcu_read_unlock_special+0x370/0x370 [ 792.579841] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 792.585365] ? check_preemption_disabled+0x48/0x280 [ 792.590375] handle_mm_fault+0x54f/0xc70 [ 792.594422] ? __handle_mm_fault+0x5be0/0x5be0 [ 792.598995] ? __get_user_pages+0x526/0x1ed0 [ 792.603392] __get_user_pages+0xa3d/0x1ed0 [ 792.607632] ? follow_page_mask+0x2160/0x2160 [ 792.612116] ? mark_held_locks+0xc7/0x130 [ 792.616251] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 792.620996] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 792.625570] ? retint_kernel+0x2d/0x2d [ 792.629463] ? trace_hardirqs_on_caller+0xc0/0x310 [ 792.634392] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 792.639142] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 792.644576] ? mark_held_locks+0xc7/0x130 [ 792.648717] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 792.653470] ? retint_kernel+0x2d/0x2d [ 792.657357] ? populate_vma_page_range+0x26d/0x3d0 [ 792.662278] populate_vma_page_range+0x2db/0x3d0 [ 792.667023] ? follow_page+0x420/0x420 [ 792.670905] ? __mm_populate+0x2d2/0x4d0 [ 792.674969] __mm_populate+0x286/0x4d0 [ 792.678846] ? populate_vma_page_range+0x3d0/0x3d0 [ 792.683764] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 792.689285] ? ns_capable_common+0x13f/0x170 [ 792.693682] __x64_sys_mlockall+0x45b/0x630 [ 792.697992] ? __ia32_sys_munlock+0x160/0x160 [ 792.702649] ? retint_kernel+0x2d/0x2d [ 792.706530] ? __ia32_sys_munlock+0x160/0x160 [ 792.711018] do_syscall_64+0x1b9/0x820 [ 792.714893] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 792.720247] ? syscall_return_slowpath+0x5e0/0x5e0 [ 792.725165] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 792.729999] ? trace_hardirqs_on_caller+0x310/0x310 [ 792.735014] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 792.740538] ? prepare_exit_to_usermode+0x291/0x3b0 [ 792.745541] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 792.750502] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 792.755677] RIP: 0033:0x457569 [ 792.758857] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 792.777746] RSP: 002b:00007f835d885c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097 [ 792.785460] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 0000000000457569 [ 792.792723] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 792.799978] RBP: 000000000072bfa0 R08: 0000000000000000 R09: 0000000000000000 [ 792.807233] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f835d8866d4 [ 792.814497] R13: 00000000004c2b54 R14: 00000000004d4810 R15: 00000000ffffffff [ 792.823905] Task in /syz0 killed as a result of limit of /syz0 [ 792.830041] memory: usage 307200kB, limit 307200kB, failcnt 3041 [ 792.840049] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 792.847223] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 792.853818] Memory cgroup stats for /syz0: cache:144KB rss:297496KB rss_huge:266240KB shmem:28KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:61712KB active_anon:17092KB inactive_file:0KB active_file:0KB unevictable:218760KB [ 792.876122] Memory cgroup out of memory: Kill process 21565 (syz-executor0) score 1216 or sacrifice child [ 792.886930] Killed process 21586 (syz-executor0) total-vm:70468kB, anon-rss:18068kB, file-rss:32768kB, shmem-rss:0kB [ 792.900684] oom_reaper: reaped process 21586 (syz-executor0), now anon-rss:0kB, file-rss:32768kB, shmem-rss:0kB 00:55:29 executing program 0: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000000)=0x102, 0x4) bind$inet(r0, &(0x7f0000942000)={0x2, 0x4e20, @multicast1}, 0x10) getsockopt$IP_VS_SO_GET_SERVICE(r0, 0x0, 0x483, &(0x7f0000000300), &(0x7f00000000c0)=0xfe18) r1 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000400)='/dev/vga_arbiter\x00', 0x3fc, 0x0) getsockopt$IP6T_SO_GET_REVISION_MATCH(r1, 0x29, 0x44, &(0x7f0000000180)={'NETMAP\x00'}, &(0x7f00000001c0)=0x1e) mlockall(0x1) clone(0x0, 0x0, 0xfffffffffffffffe, &(0x7f0000000080), 0xffffffffffffffff) r2 = open(&(0x7f0000000140)='./file0\x00', 0x0, 0x99) exit(0x7fffffffbffefffd) r3 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mlockall(0x3) ioctl$VHOST_SET_VRING_CALL(r1, 0x4008af21, &(0x7f0000000500)={0x3, r2}) r4 = getpgid(0xffffffffffffffff) setpriority(0x1, r4, 0x5) r5 = getpgrp(0x0) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000280)={0xffffffffffffffff, r1, 0x0, 0xf, &(0x7f0000000240)='wlan0\\}md5sum#\x00'}, 0x30) setpgid(r5, r6) vmsplice(r3, &(0x7f00000008c0)=[{&(0x7f0000000800)="50e005e6815dc6b00b10002c519c66795de0d52fc076f1eb6a9c58cde88a6eef0093b24a178e84740aa6d1618e2033d38d4aea0fb17cda768820a83864ac14405192e4549c3ad33fca5d187507c5a984d6a0c72683e7af2d4a070000000000000005b6d0dce139e4c627395426a1f6fc0b416f7163eb07000000d9e0203181735ccac1e530c361262a0a5e0a98e9ca3d17f2f2f0c116fa9fbdbe757d93e323d17f29", 0xa2}], 0x1, 0xf) ioctl$EVIOCGEFFECTS(r1, 0x80044584, &(0x7f0000000580)=""/190) mq_notify(r1, &(0x7f0000000540)={0x0, 0x1c, 0x7, @thr={&(0x7f0000000440)="4c272be7ad31b92a7819bd4438656080ec27849a76ffa174b3fe114201140a34e5e6cb4d6a3ab9bcdc80a2717dd8542f33caa13b8c9cb9f5d11d4c66dc81779917000c05979ce491010f7259d0ecdb80fb30d6cba6e2b753ac23635fbb3d879cc2982fb4bbe1afcea02f12d11d43e1337c25411ae04bd8efc06636c455e15689c75b95c24f0dbdd30bdf91f2313a3e39b263ff5196302f1880765440d8b1", 0x0}}) accept4$inet(0xffffffffffffffff, &(0x7f00000000c0), &(0x7f0000000100)=0x10, 0x0) setsockopt$sock_int(r0, 0x1, 0x3c, &(0x7f0000d4effc)=0x1, 0x4) remap_file_pages(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x4, 0xa1, 0x40001) connect$inet(r0, &(0x7f00000002c0)={0x2, 0x4e20, @local}, 0x10) ioctl$FS_IOC_FSSETXATTR(r2, 0x401c5820, &(0x7f0000000200)={0x6d, 0x7fff, 0x400, 0x40, 0x4}) sendmmsg(r0, &(0x7f00000010c0)=[{{&(0x7f0000000bc0)=@in6={0xa, 0x0, 0x2, @mcast1}, 0x80, &(0x7f0000000d40), 0x2fb, &(0x7f0000000d80)}}], 0x4000000000001b4, 0x40400d4) 00:55:29 executing program 3: syz_open_dev$mice(0x0, 0x0, 0xc002) r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000400)="2f6a7374617400c65381b47aaedf2af5c8af3423fc41891bd2a3c56d8c88e29bad43f1da906e855ff182de04227edcbbc2b1df8f180e158e8abd442cc049cffda030ff277875ee010000000000000000000000000000000000000000000000f532144d1671a6cdf5069e5bddcf25cd7f23956b4a82df900f5eb5763b4fe8cc7172962d2590b2dca2a1308c382541b053194d9027d83ee7ba2e3280857f8f9f63fc90bae959c6e67078bf97e615bfd9409914958aadcfb37973543c60d83526e5c267f7dfa54bd524cc9671dedd665199322bdadee125a35b40b7be0c07301f439a7edfa26fa98277c8078b02e2076291c33787c58b0eabbc39288fc10509409de108f5ca26a8c8e1afb70b2a9569cf8f4cdb6d4e97eb7fdf241dee160e6071618333cc0b0e8bc6a17a0b7d604550fd149ad078ffe54c6392fba29015a3ae73774cd12c9c0ed251a7cf843d712d", 0x2761, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)=ANY=[], &(0x7f00000001c0)='GPL\x00'}, 0x48) r1 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x2761, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r1, 0x4030582a, &(0x7f0000000000)) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000840), 0x0, &(0x7f0000000700)}, 0x0) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x4030582a, &(0x7f0000000000)) 00:55:29 executing program 4: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000280)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000480)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) read$FUSE(r0, &(0x7f0000003000), 0x4ea) write$FUSE_INIT(r0, &(0x7f0000000600)={0x50, 0x0, 0x2, {0x7, 0x1c, 0x0, 0x8000000, 0x7ff}}, 0x50) 00:55:29 executing program 5: add_key$user(&(0x7f0000000040)='user\x00', 0x0, &(0x7f0000000380), 0x0, 0xfffffffffffffffe) keyctl$update(0x2, 0x0, 0x0, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x10000, 0x0) ioctl$KVM_CHECK_EXTENSION(r0, 0xae03, 0xfffffffffffffffc) r1 = syz_open_dev$swradio(&(0x7f00000000c0)='/dev/swradio#\x00', 0xffffffffffffffff, 0x2) mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xfffffffffffffffd, 0x11, r1, 0x0) ioctl$ASHMEM_GET_SIZE(r1, 0x7704, 0x0) ioctl$VIDIOC_ENUM_FMT(r1, 0xc0405602, &(0x7f0000000000)={0x5, 0xf, 0x1, "c7cdb4d46ca1b9014f94f4fbf7102154fab9ce990b34b49b02963818ea0b4b16", 0x3331755b}) 00:55:29 executing program 1: r0 = add_key$user(0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe) keyctl$update(0x2, r0, &(0x7f0000000440), 0x0) r1 = syz_open_dev$swradio(&(0x7f0000000000)='/dev/swradio#\x00', 0xffffffffffffffff, 0x2) mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xfffffffffffffffd, 0x11, r1, 0x0) 00:55:29 executing program 2: add_key$user(0x0, 0x0, &(0x7f0000000380), 0x0, 0xfffffffffffffffe) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getsockopt$IP_VS_SO_GET_VERSION(0xffffffffffffffff, 0x0, 0x480, 0x0, 0x0) r0 = syz_open_dev$swradio(&(0x7f00000000c0)='/dev/swradio#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000340)={0x0, 0x9, 0x1, {0xb, @pix={0x0, 0x1f}}}) mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xfffffffffffffffd, 0x11, r0, 0x0) clone(0x0, &(0x7f0000000080), &(0x7f0000000000), &(0x7f0000915ffc), &(0x7f0000000180)) ioctl$ASHMEM_GET_SIZE(0xffffffffffffffff, 0x7704, 0x0) add_key$user(&(0x7f0000000240)='user\x00', &(0x7f0000000540)={'syz'}, &(0x7f0000000600)="63bbdf5b932bb04481028798fd5fb1bf7183b30984e21c3eb3094d70650ee8624e2bdce1427bd61c8e222dbd67d402b7ccaf0c5dc50030ee14d419fa9c84b0ffd1019f1b2ae022a0f182301f9942566e6f61eabe384c732d0813a18bb3dc9f3a678d9d44e6293e786ab2e6d28f236c138d63fe4f6ece6f3d04", 0x79, 0xfffffffffffffffd) openat$autofs(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/autofs\x00', 0x401, 0x0) 00:55:29 executing program 5: add_key$user(&(0x7f0000000040)='user\x00', 0x0, &(0x7f0000000380), 0x0, 0xfffffffffffffffe) keyctl$update(0x2, 0x0, 0x0, 0x0) r0 = openat$dlm_control(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/dlm-control\x00', 0x1, 0x0) fcntl$F_GET_RW_HINT(r0, 0x40b, &(0x7f0000000200)) r1 = syz_open_dev$swradio(&(0x7f00000000c0)='/dev/swradio#\x00', 0xffffffffffffffff, 0x2) mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xfffffffffffffffd, 0x11, r1, 0x0) accept$inet(r1, &(0x7f0000000000)={0x2, 0x0, @rand_addr}, &(0x7f0000000080)=0x10) ioctl$EVIOCGPHYS(r1, 0x80404507, &(0x7f0000000100)=""/131) ioctl$ASHMEM_GET_SIZE(0xffffffffffffffff, 0x7704, 0x0) 00:55:29 executing program 1: r0 = add_key(&(0x7f0000000140)='syzkaller\x00', &(0x7f0000000180)={'syz', 0x2}, &(0x7f00000001c0)="2ac425f8ff6664ae364be7558bde14f3602877176be69d60bedbb76c089e45244fc9bd3643a814fb7036ca34a7becf3c4297782342e6c0a94c864b9fdb7b2b15714fada5ceb6fa3335b2ca16c0e6421c33005b21cc4ef392fcd4538e158820fbdc3f057d5ab8a56c6a60559cd7822c98bccec322dc396f4a4ffafde02feaf0ef00169eae3f05cfe814de2fd050bdcb127f737d2eb689b817f32f1d419fa3777535744912696eba5ee3731537266ce069", 0xb0, 0xfffffffffffffffb) r1 = add_key$user(0x0, 0x0, 0x0, 0x140, r0) keyctl$update(0x2, r1, &(0x7f0000000440), 0x0) r2 = syz_open_dev$swradio(&(0x7f00000000c0)='/dev/swradio#\x00', 0xffffffffffffffff, 0x2) fsetxattr$security_smack_entry(r2, &(0x7f0000000000)='security.SMACK64MMAP\x00', &(0x7f0000000040)='/dev/swradio#\x00', 0xe, 0x1) mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xfffffffffffffffd, 0x11, r2, 0x0) openat$full(0xffffffffffffff9c, &(0x7f0000000080)='/dev/full\x00', 0x80441, 0x0) ioctl$KVM_DIRTY_TLB(r2, 0x4010aeaa, &(0x7f0000000100)={0x1, 0x7}) 00:55:29 executing program 4: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000280)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000480)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) read$FUSE(r0, &(0x7f0000003000), 0x4ea) write$FUSE_INIT(r0, &(0x7f0000000600)={0x50, 0x0, 0x2, {0x7, 0x1c, 0x0, 0x8000a0, 0x7ff}}, 0x50) [ 794.526523] syz-executor0 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=1000 [ 794.582113] syz-executor0 cpuset=syz0 mems_allowed=0 [ 794.587306] CPU: 1 PID: 21629 Comm: syz-executor0 Not tainted 4.20.0-rc1-next-20181109+ #110 [ 794.595889] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 794.605253] Call Trace: [ 794.607868] dump_stack+0x244/0x39d [ 794.611512] ? dump_stack_print_info.cold.1+0x20/0x20 [ 794.616729] dump_header+0x27b/0xf72 [ 794.620461] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 794.626010] ? pagefault_out_of_memory+0x197/0x197 [ 794.630955] ? debug_smp_processor_id+0x1c/0x20 [ 794.635656] ? perf_trace_lock_acquire+0x15b/0x800 [ 794.640612] ? perf_trace_lock+0x7a0/0x7a0 [ 794.644867] ? graph_lock+0x270/0x270 [ 794.648681] ? print_usage_bug+0xc0/0xc0 [ 794.648704] ? perf_trace_lock+0x7a0/0x7a0 [ 794.648728] ? find_held_lock+0x36/0x1c0 [ 794.648752] ? mark_held_locks+0xc7/0x130 [ 794.661072] ? _raw_spin_unlock_irqrestore+0x82/0xd0 [ 794.661091] ? _raw_spin_unlock_irqrestore+0x82/0xd0 [ 794.661109] ? lockdep_hardirqs_on+0x3bb/0x5b0 00:55:29 executing program 5: add_key$user(&(0x7f0000000040)='user\x00', 0x0, &(0x7f0000000380), 0x0, 0xfffffffffffffffe) keyctl$update(0x2, 0x0, 0x0, 0x0) r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/net/tun\x00', 0x200800, 0x0) fcntl$F_SET_RW_HINT(r0, 0x40c, &(0x7f0000000200)) r1 = syz_open_dev$swradio(&(0x7f00000000c0)='/dev/swradio#\x00', 0xffffffffffffffff, 0x2) lsetxattr$trusted_overlay_nlink(&(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='trusted.overlay.nlink\x00', &(0x7f0000000100)={'L+', 0x7ff}, 0x28, 0x1) mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xfffffffffffffffd, 0x11, r1, 0x0) ioctl$ASHMEM_GET_SIZE(0xffffffffffffffff, 0x7704, 0x0) getpeername$inet(r1, &(0x7f0000000140), &(0x7f0000000180)=0x10) [ 794.661128] ? trace_hardirqs_on+0xbd/0x310 [ 794.661144] ? kasan_check_read+0x11/0x20 [ 794.661157] ? ___ratelimit+0x3b4/0x672 [ 794.661173] ? trace_hardirqs_off_caller+0x300/0x300 [ 794.661191] ? trace_hardirqs_on+0x310/0x310 [ 794.670415] ? lock_downgrade+0x900/0x900 [ 794.670443] ? _raw_spin_unlock_irqrestore+0x6d/0xd0 [ 794.670460] ? ___ratelimit+0x3b9/0x672 [ 794.670478] ? idr_get_free+0xf70/0xf70 [ 794.684450] ? _raw_spin_unlock_irq+0x27/0x80 [ 794.684469] ? _raw_spin_unlock_irq+0x27/0x80 [ 794.692881] oom_kill_process.cold.27+0x10/0x903 [ 794.692902] ? _raw_spin_unlock_irq+0x27/0x80 [ 794.692922] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 794.692947] ? oom_evaluate_task+0x540/0x540 [ 794.692964] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 794.692988] ? cgroup_procs_next+0x70/0x70 [ 794.702482] ? _raw_spin_unlock_irq+0x60/0x80 [ 794.702500] ? oom_badness+0xaa0/0xaa0 [ 794.702520] ? mem_cgroup_scan_tasks+0x1c3/0x1e0 [ 794.702539] ? mem_cgroup_iter_break+0x30/0x30 [ 794.702572] ? mark_held_locks+0xc7/0x130 [ 794.702591] out_of_memory+0xa7f/0x1430 00:55:29 executing program 5: r0 = add_key$user(&(0x7f0000000040)='user\x00', 0x0, &(0x7f0000000380), 0x0, 0xfffffffffffffffe) keyctl$update(0x2, r0, 0x0, 0xca) r1 = syz_open_dev$swradio(&(0x7f00000000c0)='/dev/swradio#\x00', 0xffffffffffffffff, 0x2) mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xfffffffffffffffd, 0x11, r1, 0x0) ioctl$ASHMEM_GET_SIZE(0xffffffffffffffff, 0x7704, 0x0) [ 794.724237] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 794.724258] ? kasan_check_read+0x11/0x20 [ 794.724276] ? oom_killer_disable+0x3a0/0x3a0 [ 794.738027] mem_cgroup_out_of_memory+0x15e/0x210 [ 794.738049] ? memory_oom_group_write+0x160/0x160 [ 794.738062] ? mem_cgroup_try_charge+0x627/0xe20 [ 794.738084] ? page_counter_try_charge+0x1c1/0x220 [ 794.800639] try_charge+0xdcd/0x1720 [ 794.810212] ? kasan_check_read+0x11/0x20 [ 794.810240] ? mem_cgroup_from_task+0x1f0/0x1f0 [ 794.810266] ? get_mem_cgroup_from_mm.part.62+0x221/0x880 00:55:29 executing program 5: add_key$user(&(0x7f0000000040)='user\x00', 0x0, &(0x7f0000000380), 0x0, 0xfffffffffffffffe) keyctl$update(0x2, 0x0, 0x0, 0x0) r0 = syz_open_dev$swradio(&(0x7f00000000c0)='/dev/swradio#\x00', 0xffffffffffffffff, 0x2) getsockopt$IP_VS_SO_GET_TIMEOUT(r0, 0x0, 0x486, &(0x7f0000000000), &(0x7f0000000080)=0xc) mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xfffffffffffffffd, 0x11, r0, 0x0) ioctl$ASHMEM_GET_SIZE(0xffffffffffffffff, 0x7704, 0x0) [ 794.810295] ? lock_page_memcg+0x350/0x350 [ 794.837478] ? lock_acquire+0x1ed/0x520 [ 794.841476] ? mem_cgroup_oom_control_write+0x100/0x100 [ 794.846859] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 794.852416] ? check_preemption_disabled+0x48/0x280 [ 794.857453] ? kasan_check_read+0x11/0x20 [ 794.861610] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 794.866901] ? rcu_softirq_qs+0x20/0x20 [ 794.870903] mem_cgroup_try_charge+0x627/0xe20 [ 794.875494] ? undo_dev_pagemap+0x680/0x680 [ 794.879834] ? mem_cgroup_protected+0xa60/0xa60 [ 794.884530] ? __lock_acquire+0x62f/0x4c20 [ 794.888782] ? __handle_mm_fault+0x2da9/0x5be0 [ 794.893373] ? mark_held_locks+0x130/0x130 [ 794.893390] ? do_raw_spin_unlock+0xa7/0x330 [ 794.893407] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 794.893430] mem_cgroup_try_charge_delay+0x1d/0xa0 [ 794.912533] __handle_mm_fault+0x284e/0x5be0 [ 794.916968] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 794.921835] ? perf_trace_lock+0x7a0/0x7a0 [ 794.926085] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 794.931630] ? pmd_huge+0xf4/0x140 [ 794.935207] ? graph_lock+0x270/0x270 [ 794.939020] ? graph_lock+0x270/0x270 [ 794.942848] ? find_held_lock+0x36/0x1c0 [ 794.946940] ? handle_mm_fault+0x42a/0xc70 [ 794.951190] ? lock_downgrade+0x900/0x900 [ 794.955345] ? check_preemption_disabled+0x48/0x280 [ 794.960382] ? kasan_check_read+0x11/0x20 [ 794.964534] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 794.969815] ? rcu_read_unlock_special+0x370/0x370 [ 794.974762] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 794.980310] ? check_preemption_disabled+0x48/0x280 [ 794.985350] handle_mm_fault+0x54f/0xc70 [ 794.989424] ? __handle_mm_fault+0x5be0/0x5be0 [ 794.989440] ? find_vma+0x34/0x190 [ 794.989463] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 794.989484] __get_user_pages+0xa3d/0x1ed0 [ 794.989514] ? follow_page_mask+0x2160/0x2160 [ 795.006940] ? debug_smp_processor_id+0x1c/0x20 [ 795.006960] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 795.006991] ? graph_lock+0x270/0x270 [ 795.007002] ? rcu_is_watching+0x30/0x30 [ 795.007019] ? graph_lock+0x270/0x270 [ 795.033337] ? kzfree+0x28/0x30 [ 795.036651] ? lock_acquire+0x1ed/0x520 [ 795.040639] ? __mm_populate+0x31a/0x4d0 [ 795.044727] ? lock_release+0xa10/0xa10 [ 795.048728] ? perf_trace_sched_process_exec+0x860/0x860 [ 795.054208] populate_vma_page_range+0x2db/0x3d0 [ 795.058981] ? follow_page+0x420/0x420 [ 795.062888] ? find_vma+0x34/0x190 [ 795.066439] __mm_populate+0x286/0x4d0 [ 795.070348] ? populate_vma_page_range+0x3d0/0x3d0 [ 795.075300] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 795.080850] ? ns_capable_common+0x13f/0x170 [ 795.085285] __x64_sys_mlockall+0x45b/0x630 [ 795.089623] ? __ia32_sys_munlock+0x160/0x160 [ 795.094134] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 795.099689] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 795.105061] ? trace_hardirqs_off_caller+0x300/0x300 [ 795.110177] do_syscall_64+0x1b9/0x820 [ 795.114073] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 795.119453] ? syscall_return_slowpath+0x5e0/0x5e0 [ 795.124394] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 795.129262] ? trace_hardirqs_on_caller+0x310/0x310 [ 795.134299] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 795.139327] ? prepare_exit_to_usermode+0x291/0x3b0 [ 795.144364] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 795.149230] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 795.154429] RIP: 0033:0x457569 [ 795.157617] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 795.176523] RSP: 002b:00007f835d8a6c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097 [ 795.184256] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 0000000000457569 [ 795.191537] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001 [ 795.198818] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 795.206170] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f835d8a76d4 [ 795.213444] R13: 00000000004c2b54 R14: 00000000004d4810 R15: 00000000ffffffff [ 795.221707] Task in /syz0 killed as a result of limit of /syz0 [ 795.227850] memory: usage 307200kB, limit 307200kB, failcnt 3053 [ 795.234588] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 795.241609] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 795.247833] Memory cgroup stats for /syz0: cache:144KB rss:297480KB rss_huge:264192KB shmem:28KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:72712KB active_anon:19148KB inactive_file:0KB active_file:0KB unevictable:205676KB [ 795.273200] Memory cgroup out of memory: Kill process 21613 (syz-executor0) score 1157 or sacrifice child [ 795.283110] Killed process 21613 (syz-executor0) total-vm:70864kB, anon-rss:18580kB, file-rss:32768kB, shmem-rss:0kB [ 795.303907] oom_reaper: reaped process 21613 (syz-executor0), now anon-rss:0kB, file-rss:32768kB, shmem-rss:0kB [ 795.854625] syz-executor0 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=1000 [ 795.866232] syz-executor0 cpuset=syz0 mems_allowed=0 [ 795.871949] CPU: 1 PID: 21664 Comm: syz-executor0 Not tainted 4.20.0-rc1-next-20181109+ #110 [ 795.880515] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 795.889850] Call Trace: [ 795.892428] dump_stack+0x244/0x39d [ 795.896044] ? dump_stack_print_info.cold.1+0x20/0x20 [ 795.901226] ? mark_held_locks+0x130/0x130 [ 795.905459] ? mark_held_locks+0x130/0x130 [ 795.909697] dump_header+0x27b/0xf72 [ 795.913413] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 795.918937] ? pagefault_out_of_memory+0x197/0x197 [ 795.923858] ? print_usage_bug+0xc0/0xc0 [ 795.927914] ? debug_smp_processor_id+0x1c/0x20 [ 795.932572] ? perf_trace_lock_acquire+0x15b/0x800 [ 795.937495] ? perf_trace_lock+0x7a0/0x7a0 [ 795.941766] ? mark_held_locks+0xc7/0x130 [ 795.945904] ? print_usage_bug+0xc0/0xc0 [ 795.949955] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 795.954697] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 795.959267] ? retint_kernel+0x2d/0x2d [ 795.963141] ? trace_hardirqs_on_caller+0xc0/0x310 [ 795.968080] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 795.972882] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 795.978332] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 795.983088] ? retint_kernel+0x2d/0x2d [ 795.986973] ? _raw_spin_unlock_irqrestore+0xaf/0xd0 [ 795.992073] ? _raw_spin_unlock_irqrestore+0x6d/0xd0 [ 795.997165] ? ___ratelimit+0x3b9/0x672 [ 796.001135] ? idr_get_free+0xf70/0xf70 [ 796.005119] oom_kill_process.cold.27+0x10/0x903 [ 796.009871] ? _raw_spin_unlock_irq+0x56/0x80 [ 796.014353] ? oom_evaluate_task+0x540/0x540 [ 796.018773] ? cgroup_procs_next+0x70/0x70 [ 796.023007] ? _raw_spin_unlock_irq+0x56/0x80 [ 796.027489] ? _raw_spin_unlock_irq+0x60/0x80 [ 796.031970] ? oom_badness+0xaa0/0xaa0 [ 796.035848] ? mem_cgroup_scan_tasks+0x1c3/0x1e0 [ 796.040622] ? mem_cgroup_iter_break+0x30/0x30 [ 796.045216] ? mark_held_locks+0xc7/0x130 [ 796.049356] out_of_memory+0xa7f/0x1430 [ 796.053316] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 796.057887] ? kasan_check_read+0x11/0x20 [ 796.062024] ? oom_killer_disable+0x3a0/0x3a0 [ 796.066730] mem_cgroup_out_of_memory+0x15e/0x210 [ 796.071560] ? memory_oom_group_write+0x160/0x160 [ 796.076388] ? mem_cgroup_try_charge+0x627/0xe20 [ 796.081134] ? page_counter_try_charge+0x1c1/0x220 [ 796.086168] try_charge+0xdcd/0x1720 [ 796.089888] ? kasan_check_read+0x11/0x20 [ 796.094031] ? mem_cgroup_from_task+0x1f0/0x1f0 [ 796.098693] ? get_mem_cgroup_from_mm.part.62+0x221/0x880 [ 796.104221] ? lock_page_memcg+0x350/0x350 [ 796.108453] ? lock_acquire+0x1ed/0x520 [ 796.112413] ? mem_cgroup_oom_control_write+0x100/0x100 [ 796.117766] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 796.123294] ? check_preemption_disabled+0x48/0x280 [ 796.128300] ? kasan_check_read+0x11/0x20 [ 796.132438] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 796.137700] ? rcu_softirq_qs+0x20/0x20 [ 796.141692] mem_cgroup_try_charge+0x627/0xe20 [ 796.146282] ? mark_held_locks+0xc7/0x130 [ 796.150428] ? mem_cgroup_protected+0xa60/0xa60 [ 796.155096] ? retint_kernel+0x2d/0x2d [ 796.158986] ? trace_hardirqs_on_caller+0xc0/0x310 [ 796.163918] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 796.168674] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 796.174110] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 796.178881] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 796.183646] ? retint_kernel+0x2d/0x2d [ 796.187528] mem_cgroup_try_charge_delay+0x1d/0xa0 [ 796.192444] wp_page_copy+0x51d/0x24f0 [ 796.196326] ? follow_pfn+0x2e0/0x2e0 [ 796.200118] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 796.205642] ? reuse_swap_page+0x4bd/0x1520 [ 796.209951] ? swp_swapcount+0x530/0x530 [ 796.214016] ? perf_trace_mm_lru_insertion+0x1490/0x1490 [ 796.219464] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 796.224991] ? event_sched_in.isra.108+0x6bb/0xe40 [ 796.229909] ? print_usage_bug+0xc0/0xc0 [ 796.233961] ? mark_held_locks+0xc7/0x130 [ 796.238107] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 796.242676] ? graph_lock+0x270/0x270 [ 796.246467] ? __lock_acquire+0x62f/0x4c20 [ 796.250688] ? print_usage_bug+0xc0/0xc0 [ 796.254740] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 796.260279] ? find_held_lock+0x36/0x1c0 [ 796.264334] ? do_wp_page+0x518/0x2920 [ 796.268206] ? lock_downgrade+0x900/0x900 [ 796.272348] ? wake_up_page_bit+0x6f0/0x6f0 [ 796.276657] ? kasan_check_read+0x11/0x20 [ 796.280788] ? do_raw_spin_unlock+0xa7/0x330 [ 796.285192] ? do_raw_spin_trylock+0x270/0x270 [ 796.289778] ? __pte_alloc_kernel+0x220/0x220 [ 796.294263] ? perf_trace_lock_acquire+0x15b/0x800 [ 796.299179] ? mark_held_locks+0x130/0x130 [ 796.303399] ? __lock_is_held+0xb5/0x140 [ 796.307451] do_wp_page+0x520/0x2920 [ 796.311175] ? check_preemption_disabled+0x48/0x280 [ 796.316205] ? finish_mkwrite_fault+0x650/0x650 [ 796.320894] ? mark_held_locks+0xc7/0x130 [ 796.325056] ? perf_trace_lock+0x7a0/0x7a0 [ 796.329289] ? trace_hardirqs_on_caller+0xc0/0x310 [ 796.334211] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 796.339740] ? __lock_acquire+0x62f/0x4c20 [ 796.343994] ? mark_held_locks+0x130/0x130 [ 796.348227] ? follow_page_pte+0xdd7/0x1ab0 [ 796.352537] ? lock_downgrade+0x900/0x900 [ 796.356682] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 796.362209] ? check_preemption_disabled+0x48/0x280 [ 796.367216] ? debug_smp_processor_id+0x1c/0x20 [ 796.371876] ? perf_trace_lock_acquire+0x15b/0x800 [ 796.376789] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 796.382316] ? follow_page_pte+0x4f9/0x1ab0 [ 796.386625] ? print_usage_bug+0xc0/0xc0 [ 796.390693] ? undo_dev_pagemap+0x680/0x680 [ 796.395020] ? print_usage_bug+0xc0/0xc0 [ 796.399072] ? __lock_acquire+0x62f/0x4c20 [ 796.403302] ? lock_acquire+0x1ed/0x520 [ 796.407261] ? __handle_mm_fault+0x1fa9/0x5be0 [ 796.411847] ? kasan_check_write+0x14/0x20 [ 796.416075] ? do_raw_spin_lock+0x14f/0x350 [ 796.420395] ? rwlock_bug.part.2+0x90/0x90 [ 796.424619] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 796.429189] ? retint_kernel+0x2d/0x2d [ 796.433071] __handle_mm_fault+0x3be9/0x5be0 [ 796.437467] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 796.442299] ? perf_trace_lock+0x7a0/0x7a0 [ 796.446533] ? retint_kernel+0x2d/0x2d [ 796.450419] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 796.455942] ? pmd_huge+0xf4/0x140 [ 796.459474] ? graph_lock+0x270/0x270 [ 796.463260] ? graph_lock+0x270/0x270 [ 796.467049] ? find_held_lock+0x36/0x1c0 [ 796.471105] ? handle_mm_fault+0x42a/0xc70 [ 796.475329] ? lock_downgrade+0x900/0x900 [ 796.479461] ? check_preemption_disabled+0x48/0x280 [ 796.484467] ? kasan_check_read+0x11/0x20 [ 796.488599] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 796.493876] ? rcu_read_unlock_special+0x370/0x370 [ 796.498792] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 796.504318] ? check_preemption_disabled+0x48/0x280 [ 796.509338] handle_mm_fault+0x54f/0xc70 [ 796.513390] ? __handle_mm_fault+0x5be0/0x5be0 [ 796.517960] ? __get_user_pages+0x1542/0x1ed0 [ 796.522444] __get_user_pages+0xa3d/0x1ed0 [ 796.526693] ? follow_page_mask+0x2160/0x2160 [ 796.531178] ? mark_held_locks+0xc7/0x130 [ 796.535341] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 796.539913] ? retint_kernel+0x2d/0x2d [ 796.543787] ? trace_hardirqs_on_caller+0xc0/0x310 [ 796.548709] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 796.553452] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 796.558889] ? mark_held_locks+0xc7/0x130 [ 796.563036] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 796.567779] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 796.572527] ? retint_kernel+0x2d/0x2d [ 796.576411] populate_vma_page_range+0x2db/0x3d0 [ 796.581165] ? follow_page+0x420/0x420 [ 796.585065] __mm_populate+0x286/0x4d0 [ 796.588953] ? populate_vma_page_range+0x3d0/0x3d0 [ 796.593874] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 796.599397] ? ns_capable_common+0x13f/0x170 [ 796.603794] __x64_sys_mlockall+0x45b/0x630 [ 796.608102] ? __ia32_sys_munlock+0x160/0x160 [ 796.612586] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 796.618112] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 796.623471] ? trace_hardirqs_off_caller+0x300/0x300 [ 796.628572] do_syscall_64+0x1b9/0x820 [ 796.632449] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 796.637802] ? syscall_return_slowpath+0x5e0/0x5e0 [ 796.642715] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 796.647544] ? trace_hardirqs_on_caller+0x310/0x310 [ 796.652544] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 796.657547] ? prepare_exit_to_usermode+0x291/0x3b0 [ 796.662554] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 796.667399] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 796.672576] RIP: 0033:0x457569 [ 796.675757] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 796.695048] RSP: 002b:00007f835d885c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097 [ 796.702757] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 0000000000457569 [ 796.710018] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 796.717298] RBP: 000000000072bfa0 R08: 0000000000000000 R09: 0000000000000000 [ 796.724552] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f835d8866d4 [ 796.731806] R13: 00000000004c2b54 R14: 00000000004d4810 R15: 00000000ffffffff [ 796.743564] Task in /syz0 killed as a result of limit of /syz0 [ 796.749608] memory: usage 307200kB, limit 307200kB, failcnt 3118 [ 796.755870] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 796.762722] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 796.769005] Memory cgroup stats for /syz0: cache:144KB rss:297296KB rss_huge:262144KB shmem:28KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:63760KB active_anon:17092KB inactive_file:0KB active_file:0KB unevictable:216624KB [ 796.790949] Memory cgroup out of memory: Kill process 21628 (syz-executor0) score 1216 or sacrifice child [ 796.801048] Killed process 21665 (syz-executor0) total-vm:70468kB, anon-rss:18068kB, file-rss:32768kB, shmem-rss:0kB [ 796.814429] oom_reaper: reaped process 21665 (syz-executor0), now anon-rss:0kB, file-rss:32768kB, shmem-rss:0kB 00:55:32 executing program 0: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000000)=0x102, 0x4) bind$inet(r0, &(0x7f0000942000)={0x2, 0x4e20, @multicast1}, 0x10) getsockopt$IP_VS_SO_GET_SERVICE(r0, 0x0, 0x483, &(0x7f0000000300), &(0x7f00000000c0)=0xfe18) r1 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000400)='/dev/vga_arbiter\x00', 0x3fc, 0x0) getsockopt$IP6T_SO_GET_REVISION_MATCH(r1, 0x29, 0x44, &(0x7f0000000180)={'NETMAP\x00'}, &(0x7f00000001c0)=0x1e) mlockall(0x1) clone(0x0, 0x0, 0xfffffffffffffffe, &(0x7f0000000080), 0xffffffffffffffff) r2 = open(&(0x7f0000000140)='./file0\x00', 0x0, 0x99) exit(0x7fffffffbffefffd) r3 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mlockall(0x3) ioctl$VHOST_SET_VRING_CALL(r1, 0x4008af21, &(0x7f0000000500)={0x3, r2}) r4 = getpgid(0xffffffffffffffff) setpriority(0x1, r4, 0x5) r5 = getpgrp(0x0) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000280)={0xffffffffffffffff, r1, 0x0, 0xf, &(0x7f0000000240)='wlan0\\}md5sum#\x00'}, 0x30) setpgid(r5, r6) vmsplice(r3, &(0x7f00000008c0)=[{&(0x7f0000000800)="50e005e6815dc6b00b10002c519c66795de0d52fc076f1eb6a9c58cde88a6eef0093b24a178e84740aa6d1618e2033d38d4aea0fb17cda768820a83864ac14405192e4549c3ad33fca5d187507c5a984d6a0c72683e7af2d4a070000000000000005b6d0dce139e4c627395426a1f6fc0b416f7163eb07000000d9e0203181735ccac1e530c361262a0a5e0a98e9ca3d17f2f2f0c116fa9fbdbe757d93e323d17f29", 0xa2}], 0x1, 0xf) ioctl$EVIOCGEFFECTS(r1, 0x80044584, &(0x7f0000000580)=""/190) mq_notify(r1, &(0x7f0000000540)={0x0, 0x1c, 0x7, @thr={&(0x7f0000000440)="4c272be7ad31b92a7819bd4438656080ec27849a76ffa174b3fe114201140a34e5e6cb4d6a3ab9bcdc80a2717dd8542f33caa13b8c9cb9f5d11d4c66dc81779917000c05979ce491010f7259d0ecdb80fb30d6cba6e2b753ac23635fbb3d879cc2982fb4bbe1afcea02f12d11d43e1337c25411ae04bd8efc06636c455e15689c75b95c24f0dbdd30bdf91f2313a3e39b263ff5196302f1880765440d8b1", 0x0}}) accept4$inet(0xffffffffffffffff, &(0x7f00000000c0), &(0x7f0000000100)=0x10, 0x0) setsockopt$sock_int(r0, 0x1, 0x3c, &(0x7f0000d4effc)=0x1, 0x4) remap_file_pages(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x4, 0xa1, 0x40001) connect$inet(r0, &(0x7f00000002c0)={0x2, 0x4e20, @local}, 0x10) ioctl$FS_IOC_FSSETXATTR(r2, 0x401c5820, &(0x7f0000000200)={0x6d, 0x7fff, 0x400, 0x40, 0x4}) sendmmsg(r0, &(0x7f00000010c0)=[{{&(0x7f0000000bc0)=@in6={0xa, 0x0, 0x200000000000000, @mcast1}, 0x80, &(0x7f0000000d40), 0x2fb, &(0x7f0000000d80)}}], 0x4000000000001b4, 0x40400d4) 00:55:32 executing program 1: r0 = add_key$user(0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe) keyctl$update(0x2, r0, &(0x7f0000000440), 0x0) socketpair$inet_dccp(0x2, 0x6, 0x0, &(0x7f0000000040)={0xffffffffffffffff}) getsockopt$IPT_SO_GET_ENTRIES(r1, 0x0, 0x41, &(0x7f0000000080)={'mangle\x00', 0x74, "ce71c2d541bf8a5466a344cf3c72e89c35ae185e2cb0ccf7b2bf6f4f6eacaefac9e6903c2382dcef6a5dc3c4847258517add9c282becedbbfc39385070336d0f15b21e24471afd7002d12f4ac16f96e247fd8c6955561141f1e676168f53590f4f0caeccc5514171849e281faf661b6a84f96320"}, &(0x7f0000000140)=0x98) r2 = syz_open_dev$swradio(&(0x7f00000001c0)='/dev/swradio#\x00', 0xffffffffffffffff, 0x2) mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xfffffffffffffffd, 0x11, r2, 0x0) 00:55:32 executing program 5: add_key$user(&(0x7f0000000040)='user\x00', 0x0, &(0x7f0000000380), 0x0, 0xfffffffffffffffe) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000080)={0xffffffffffffff9c, 0x50, &(0x7f0000000100)={0x0, 0x0}}, 0x10) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000180)=r0, 0x4) keyctl$update(0x2, 0x0, 0x0, 0x0) r1 = syz_open_dev$swradio(&(0x7f00000000c0)='/dev/swradio#\x00', 0xffffffffffffffff, 0x2) mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xfffffffffffffffd, 0x11, r1, 0x0) poll(&(0x7f0000000000)=[{r1}, {r1, 0x2000}], 0x2, 0x8000) ioctl$ASHMEM_GET_SIZE(0xffffffffffffffff, 0x7704, 0x0) 00:55:32 executing program 3: r0 = syz_open_dev$mice(0x0, 0x0, 0x80) ioctl$FS_IOC_FIEMAP(r0, 0xc020660b, &(0x7f0000000580)=ANY=[@ANYBLOB="000000000000000084b323060000000004000000010000800500000000000000c0ffffffffffffff0700000000000000ffffff7f0000000000000000000000000000000000000000050900000000000000000000000000000400000000000000030000000000000038000000000000000000000000000000000000000000000000040000000000000000000000000000fbffffffffffffff0000000000000000ff0100000000000000000000000000000000000000000000000400000000000000000000000000000800000000000000000000000000000000000000000000020000000820000000200000000000000000000080ffffffffffffffa009000000000000ed97000000000000000000000000000000000000000000000c0000000000000000000000000000003a95741a3d69a73c7240e6bcb145ff1654616ec79d221df70afa2cdb4e1a9e52cd1e8df7968ff3bbb9add38eb437416720057aeb699b5c36f76a225dba756bdb9e910c10ff43e77b07ceb8287a8573dd0b337b4594fd7dcd38e4"]) openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000400)="2f6a7374617400c65381b47aaedf2af5c8af3423fc41891bd2a3c56d8c88e29bad43f1da906e855ff182de04227edcbbc2b1df8f180e158e8abd442cc049cffda030ff277875ee010000000000000000000000000000000000000000000000f532144d1671a6cdf5069e5bddcf25cd7f23956b4a82df900f5eb5763b4fe8cc7172962d2590b2dca2a1308c382541b053194d9027d83ee7ba2e3280857f8f9f63fc90bae959c6e67078bf97e615bfd9409914958aadcfb37973543c60d83526e5c267f7dfa54bd524cc9671dedd665199322bdadee125a35b40b7be0c07301f439a7edfa26fa98277c8078b02e2076291c33787c58b0eabbc39288fc10509409de108f5ca26a8c8e1afb70b2a9569cf8f4cdb6d4e97eb7fdf241dee160e6071618333cc0b0e8bc6a17a0b7d604550fd149ad078ffe54c6392fba29015a3ae73774cd12c9c0ed251a7cf843d712d", 0x2761, 0x0) r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000080)='/dev/hwrng\x00', 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)=ANY=[], &(0x7f00000001c0)='GPL\x00'}, 0x48) r2 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x2761, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x4030582a, &(0x7f0000000000)) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000840), 0x0, &(0x7f0000000700)}, 0x0) r3 = perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getpeername$netlink(r1, &(0x7f00000000c0), &(0x7f0000000100)=0xc) ioctl$PERF_EVENT_IOC_PERIOD(r3, 0x4030582a, &(0x7f0000000140)=0x2000) 00:55:32 executing program 2: add_key$user(0x0, 0x0, &(0x7f0000000380)='X', 0x1, 0xfffffffffffffffe) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getsockopt$IP_VS_SO_GET_VERSION(0xffffffffffffffff, 0x0, 0x480, 0x0, 0x0) r0 = syz_open_dev$swradio(&(0x7f00000000c0)='/dev/swradio#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000340)={0x0, 0x9, 0x1, {0xb, @pix={0x0, 0x1f}}}) mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xfffffffffffffffd, 0x11, r0, 0x0) clone(0x0, &(0x7f0000000080), &(0x7f0000000000), &(0x7f0000915ffc), &(0x7f0000000180)) ioctl$ASHMEM_GET_SIZE(0xffffffffffffffff, 0x7704, 0x0) add_key$user(&(0x7f0000000240)='user\x00', &(0x7f0000000540)={'syz'}, &(0x7f0000000600)="63bbdf5b932bb04481028798fd5fb1bf7183b30984e21c3eb3094d70650ee8624e2bdce1427bd61c8e222dbd67d402b7ccaf0c5dc50030ee14d419fa9c84b0ffd1019f1b2ae022a0f182301f9942566e6f61eabe384c732d0813a18bb3dc9f3a678d9d44e6293e786ab2e6d28f236c138d63fe4f6ece6f3d04", 0x79, 0xfffffffffffffffd) openat$autofs(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/autofs\x00', 0x401, 0x0) 00:55:32 executing program 4: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000280)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000480)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) read$FUSE(r0, &(0x7f0000003000), 0x4ea) write$FUSE_INIT(r0, &(0x7f0000000600)={0x50, 0x0, 0x2, {0x7, 0x1c, 0x0, 0xc00, 0x7ff}}, 0x50) 00:55:32 executing program 1: r0 = add_key$user(0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe) keyctl$update(0x2, r0, &(0x7f0000000440), 0x0) r1 = dup(0xffffffffffffffff) setsockopt$RDS_FREE_MR(r1, 0x114, 0x3, &(0x7f0000000000)={{0x0, 0x8}, 0x68}, 0x10) r2 = syz_open_dev$swradio(&(0x7f00000000c0)='/dev/swradio#\x00', 0xffffffffffffffff, 0x2) mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xfffffffffffffffd, 0x11, r2, 0x0) 00:55:32 executing program 4: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000280)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000480)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) read$FUSE(r0, &(0x7f0000003000), 0x4ea) write$FUSE_INIT(r0, &(0x7f0000000600)={0x50, 0x0, 0x2, {0x7, 0x1c, 0x0, 0xc, 0x7ff}}, 0x50) 00:55:32 executing program 2: add_key$user(0x0, 0x0, &(0x7f0000000380)='X', 0x1, 0xfffffffffffffffe) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getsockopt$IP_VS_SO_GET_VERSION(0xffffffffffffffff, 0x0, 0x480, 0x0, 0x0) r0 = syz_open_dev$swradio(&(0x7f00000000c0)='/dev/swradio#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000340)={0x0, 0x9, 0x1, {0xb, @pix={0x0, 0x1f}}}) mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xfffffffffffffffd, 0x11, r0, 0x0) clone(0x0, &(0x7f0000000080), &(0x7f0000000000), &(0x7f0000915ffc), &(0x7f0000000180)) ioctl$ASHMEM_GET_SIZE(0xffffffffffffffff, 0x7704, 0x0) add_key$user(&(0x7f0000000240)='user\x00', &(0x7f0000000540)={'syz'}, &(0x7f0000000600)="63bbdf5b932bb04481028798fd5fb1bf7183b30984e21c3eb3094d70650ee8624e2bdce1427bd61c8e222dbd67d402b7ccaf0c5dc50030ee14d419fa9c84b0ffd1019f1b2ae022a0f182301f9942566e6f61eabe384c732d0813a18bb3dc9f3a678d9d44e6293e786ab2e6d28f236c138d63fe4f6ece6f3d04", 0x79, 0xfffffffffffffffd) openat$autofs(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/autofs\x00', 0x401, 0x0) 00:55:32 executing program 3: syz_open_dev$mice(0x0, 0x0, 0x0) rt_sigreturn() r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000400)="2f6a7374617400c65381b47aaedf2af5c8af3423fc41891bd2a3c56d8c88e29bad43f1da906e855ff182de04227edcbbc2b1df8f180e158e8abd442cc049cffda030ff277875ee010000000000000000000000000000000000000000000000f532144d1671a6cdf5069e5bddcf25cd7f23956b4a82df900f5eb5763b4fe8cc7172962d2590b2dca2a1308c382541b053194d9027d83ee7ba2e3280857f8f9f63fc90bae959c6e67078bf97e615bfd9409914958aadcfb37973543c60d83526e5c267f7dfa54bd524cc9671dedd665199322bdadee125a35b40b7be0c07301f439a7edfa26fa98277c8078b02e2076291c33787c58b0eabbc39288fc10509409de108f5ca26a8c8e1afb70b2a9569cf8f4cdb6d4e97eb7fdf241dee160e6071618333cc0b0e8bc6a17a0b7d604550fd149ad078ffe54c6392fba29015a3ae73774cd12c9c0ed251a7cf843d712d", 0x2761, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)=ANY=[], &(0x7f00000001c0)='GPL\x00'}, 0x48) r1 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x2761, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r1, 0x4030582a, &(0x7f0000000080)=0xd77) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000019c0)={'ipddp0\x00', 0x0}) setsockopt$packet_drop_memb(r1, 0x107, 0x2, &(0x7f0000001a00)={r2, 0x1, 0x6, @remote}, 0x10) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000840), 0x0, &(0x7f0000000700)}, 0x0) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x4030582a, &(0x7f0000000000)) [ 797.911364] syz-executor0 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=1000 [ 797.929967] syz-executor0 cpuset=syz0 mems_allowed=0 00:55:32 executing program 1: r0 = add_key(&(0x7f0000000000)='id_legacy\x00', &(0x7f0000000040)={'syz', 0x2}, &(0x7f0000000100)="74ea55100a5f794d53289fc9f9a25f0a6d4bc89f202251af502875749a3bb39685164e4745428286671ff99ade3c8cd8c12fb2676cc4b78a14926c03c9a8075c89e158a7b85f191e6f8c0a", 0x4b, 0xfffffffffffffff9) r1 = add_key$user(0x0, 0x0, 0x0, 0x0, r0) keyctl$update(0x2, r1, &(0x7f0000000440), 0x0) r2 = syz_open_dev$swradio(&(0x7f00000000c0)='/dev/swradio#\x00', 0xffffffffffffffff, 0x2) mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xfffffffffffffffd, 0x11, r2, 0x0) [ 797.972792] CPU: 1 PID: 21686 Comm: syz-executor0 Not tainted 4.20.0-rc1-next-20181109+ #110 [ 797.981421] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 797.990773] Call Trace: [ 797.990796] dump_stack+0x244/0x39d [ 797.990819] ? dump_stack_print_info.cold.1+0x20/0x20 [ 797.990848] dump_header+0x27b/0xf72 [ 797.990874] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 797.990892] ? pagefault_out_of_memory+0x197/0x197 [ 797.997089] ? debug_smp_processor_id+0x1c/0x20 [ 797.997108] ? perf_trace_lock_acquire+0x15b/0x800 [ 797.997136] ? perf_trace_lock+0x7a0/0x7a0 [ 797.997159] ? graph_lock+0x270/0x270 [ 798.011581] ? print_usage_bug+0xc0/0xc0 [ 798.011606] ? perf_trace_lock+0x7a0/0x7a0 [ 798.011631] ? find_held_lock+0x36/0x1c0 [ 798.011659] ? mark_held_locks+0xc7/0x130 [ 798.030400] ? _raw_spin_unlock_irqrestore+0x82/0xd0 [ 798.030419] ? _raw_spin_unlock_irqrestore+0x82/0xd0 [ 798.030439] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 798.030458] ? trace_hardirqs_on+0xbd/0x310 [ 798.055821] ? kasan_check_read+0x11/0x20 [ 798.055839] ? ___ratelimit+0x3b4/0x672 [ 798.055859] ? trace_hardirqs_off_caller+0x300/0x300 [ 798.055877] ? trace_hardirqs_on+0x310/0x310 [ 798.087458] ? lock_downgrade+0x900/0x900 [ 798.087487] ? _raw_spin_unlock_irqrestore+0x6d/0xd0 [ 798.087501] ? ___ratelimit+0x3b9/0x672 [ 798.087518] ? idr_get_free+0xf70/0xf70 [ 798.104695] ? _raw_spin_unlock_irq+0x27/0x80 [ 798.104732] ? _raw_spin_unlock_irq+0x27/0x80 [ 798.104760] oom_kill_process.cold.27+0x10/0x903 [ 798.104779] ? _raw_spin_unlock_irq+0x27/0x80 00:55:33 executing program 1: r0 = request_key(&(0x7f0000000000)='dns_resolver\x00', &(0x7f0000000040)={'syz', 0x2}, &(0x7f0000000080)='\x00', 0xfffffffffffffffa) request_key(&(0x7f0000000100)='id_resolver\x00', &(0x7f0000000140)={'syz', 0x0}, &(0x7f00000003c0)='\x00', r0) add_key(&(0x7f00000001c0)='pkcs7_test\x00', &(0x7f0000000200)={'syz', 0x1}, &(0x7f0000000240)="947242ba544efdb099ca3422a07a19ee97b5b9c5e605b22f53c2d9c3822cbf3048", 0x21, 0xffffffffffffffff) r1 = add_key(&(0x7f0000000280)='dns_resolver\x00', &(0x7f00000002c0)={'syz', 0x1}, &(0x7f0000000300)="4735eb78fc828e518c7eff96e607d5f2c1e2f47f43bf0aabe638f4157b298df0c13bdafc23d380dad684c0279087db697689d4aa0ebdc224d2923f1b044324e651ceb40ad1e540de520c508101b1c7413148afd0d2c08a308c3675eb9c01ce6d80f4d695bd38628986623f85afab4a42c38dcdaf6bd8a563d0663e5ec66c9c535284a9f73816cc8ae9985d7459d7b4", 0x8f, 0xfffffffffffffffc) r2 = add_key$user(0x0, 0x0, 0x0, 0x5d, r1) keyctl$update(0x2, r2, &(0x7f0000000440), 0x0) r3 = syz_open_dev$swradio(&(0x7f00000000c0)='/dev/swradio#\x00', 0xffffffffffffffff, 0x2) mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xfffffffffffffffd, 0x11, r3, 0x0) [ 798.113750] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 798.113779] ? oom_evaluate_task+0x540/0x540 [ 798.113798] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 798.113817] ? cgroup_procs_next+0x70/0x70 [ 798.113839] ? _raw_spin_unlock_irq+0x60/0x80 [ 798.113853] ? oom_badness+0xaa0/0xaa0 [ 798.113872] ? mem_cgroup_scan_tasks+0x1c3/0x1e0 [ 798.123104] ? mem_cgroup_iter_break+0x30/0x30 [ 798.132089] ? mark_held_locks+0xc7/0x130 [ 798.132111] out_of_memory+0xa7f/0x1430 [ 798.167670] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 798.172272] ? kasan_check_read+0x11/0x20 [ 798.176440] ? oom_killer_disable+0x3a0/0x3a0 [ 798.180970] mem_cgroup_out_of_memory+0x15e/0x210 [ 798.185833] ? memory_oom_group_write+0x160/0x160 [ 798.190709] ? mem_cgroup_try_charge+0x627/0xe20 [ 798.195485] ? page_counter_try_charge+0x1c1/0x220 [ 798.200425] try_charge+0xdcd/0x1720 [ 798.204167] ? kasan_check_read+0x11/0x20 [ 798.208332] ? mem_cgroup_from_task+0x1f0/0x1f0 [ 798.213026] ? get_mem_cgroup_from_mm.part.62+0x221/0x880 [ 798.218587] ? lock_page_memcg+0x350/0x350 [ 798.222852] ? lock_acquire+0x1ed/0x520 [ 798.226831] ? mem_cgroup_oom_control_write+0x100/0x100 [ 798.226852] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 798.226870] ? check_preemption_disabled+0x48/0x280 [ 798.226892] ? kasan_check_read+0x11/0x20 [ 798.226910] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 798.242803] ? rcu_softirq_qs+0x20/0x20 [ 798.242840] mem_cgroup_try_charge+0x627/0xe20 [ 798.242859] ? undo_dev_pagemap+0x680/0x680 [ 798.242879] ? mem_cgroup_protected+0xa60/0xa60 [ 798.242905] ? __lock_acquire+0x62f/0x4c20 [ 798.242927] ? __handle_mm_fault+0x2da9/0x5be0 [ 798.278650] ? mark_held_locks+0x130/0x130 [ 798.282902] ? do_raw_spin_unlock+0xa7/0x330 [ 798.287330] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 798.292896] mem_cgroup_try_charge_delay+0x1d/0xa0 [ 798.297838] __handle_mm_fault+0x284e/0x5be0 [ 798.297867] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 798.297892] ? perf_trace_lock+0x7a0/0x7a0 [ 798.297914] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 798.316888] ? pmd_huge+0xf4/0x140 [ 798.316922] ? graph_lock+0x270/0x270 [ 798.316938] ? graph_lock+0x270/0x270 [ 798.316958] ? find_held_lock+0x36/0x1c0 [ 798.316985] ? handle_mm_fault+0x42a/0xc70 [ 798.336391] ? lock_downgrade+0x900/0x900 [ 798.340599] ? check_preemption_disabled+0x48/0x280 [ 798.345637] ? kasan_check_read+0x11/0x20 [ 798.349799] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 798.355097] ? rcu_read_unlock_special+0x370/0x370 [ 798.360037] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 798.365576] ? check_preemption_disabled+0x48/0x280 [ 798.370605] handle_mm_fault+0x54f/0xc70 [ 798.374664] ? __handle_mm_fault+0x5be0/0x5be0 [ 798.379244] ? find_vma+0x34/0x190 [ 798.382788] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 798.387804] __get_user_pages+0xa3d/0x1ed0 [ 798.392037] ? follow_page_mask+0x2160/0x2160 [ 798.396529] ? debug_smp_processor_id+0x1c/0x20 [ 798.401197] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 798.406740] ? graph_lock+0x270/0x270 [ 798.410523] ? rcu_is_watching+0x30/0x30 [ 798.414641] ? graph_lock+0x270/0x270 [ 798.418430] ? kzfree+0x28/0x30 [ 798.421717] ? lock_acquire+0x1ed/0x520 [ 798.425692] ? __mm_populate+0x31a/0x4d0 [ 798.429765] ? lock_release+0xa10/0xa10 [ 798.433736] ? perf_trace_sched_process_exec+0x860/0x860 [ 798.439207] populate_vma_page_range+0x2db/0x3d0 [ 798.443951] ? follow_page+0x420/0x420 [ 798.447827] ? find_vma+0x34/0x190 [ 798.451354] __mm_populate+0x286/0x4d0 [ 798.455258] ? populate_vma_page_range+0x3d0/0x3d0 [ 798.460195] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 798.465742] ? ns_capable_common+0x13f/0x170 [ 798.470148] __x64_sys_mlockall+0x45b/0x630 [ 798.474484] ? __ia32_sys_munlock+0x160/0x160 [ 798.479013] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 798.484565] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 798.489940] ? trace_hardirqs_off_caller+0x300/0x300 [ 798.495042] do_syscall_64+0x1b9/0x820 [ 798.499020] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 798.504385] ? syscall_return_slowpath+0x5e0/0x5e0 [ 798.509302] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 798.514145] ? trace_hardirqs_on_caller+0x310/0x310 [ 798.519158] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 798.524161] ? prepare_exit_to_usermode+0x291/0x3b0 [ 798.529165] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 798.534037] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 798.539214] RIP: 0033:0x457569 [ 798.542396] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 798.561289] RSP: 002b:00007f835d8a6c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097 [ 798.568989] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 0000000000457569 [ 798.576257] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001 [ 798.583551] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 798.590817] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f835d8a76d4 [ 798.598101] R13: 00000000004c2b54 R14: 00000000004d4810 R15: 00000000ffffffff [ 798.607658] Task in /syz0 [ 798.607676] killed as a result of limit of /syz0 [ 798.615601] memory: usage 307200kB, limit 307200kB, failcnt 3152 [ 798.615611] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 798.615621] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 798.615629] Memory cgroup stats for /syz0: cache:144KB rss:297324KB rss_huge:262144KB shmem:28KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:72620KB active_anon:21196KB inactive_file:0KB active_file:0KB unevictable:203624KB [ 798.615718] Memory cgroup out of memory: Kill process 21669 (syz-executor0) score 1157 or sacrifice child [ 798.615789] Killed process 21669 (syz-executor0) total-vm:70864kB, anon-rss:18576kB, file-rss:32768kB, shmem-rss:0kB [ 799.213454] syz-executor0 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=1000 [ 799.225011] syz-executor0 cpuset=syz0 mems_allowed=0 [ 799.230274] CPU: 1 PID: 21722 Comm: syz-executor0 Not tainted 4.20.0-rc1-next-20181109+ #110 [ 799.238947] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 799.248284] Call Trace: [ 799.250879] dump_stack+0x244/0x39d [ 799.254500] ? dump_stack_print_info.cold.1+0x20/0x20 [ 799.259677] ? mark_held_locks+0x130/0x130 [ 799.263900] dump_header+0x27b/0xf72 [ 799.267607] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 799.272176] ? retint_kernel+0x2d/0x2d [ 799.276049] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 799.281571] ? pagefault_out_of_memory+0x197/0x197 [ 799.286507] ? print_usage_bug+0xc0/0xc0 [ 799.290566] ? debug_smp_processor_id+0x1c/0x20 [ 799.295221] ? perf_trace_lock_acquire+0x15b/0x800 [ 799.300141] ? perf_trace_lock+0x7a0/0x7a0 [ 799.304385] ? mark_held_locks+0xc7/0x130 [ 799.308527] ? print_usage_bug+0xc0/0xc0 [ 799.312588] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 799.317373] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 799.321963] ? retint_kernel+0x2d/0x2d [ 799.325843] ? trace_hardirqs_on_caller+0xc0/0x310 [ 799.330760] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 799.335512] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 799.340963] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 799.345718] ? retint_kernel+0x2d/0x2d [ 799.349598] ? _raw_spin_unlock_irqrestore+0xaf/0xd0 [ 799.354689] ? _raw_spin_unlock_irqrestore+0x6d/0xd0 [ 799.359789] ? ___ratelimit+0x3b9/0x672 [ 799.363747] ? idr_get_free+0xf70/0xf70 [ 799.367733] oom_kill_process.cold.27+0x10/0x903 [ 799.372481] ? _raw_spin_unlock_irq+0x56/0x80 [ 799.376964] ? oom_evaluate_task+0x540/0x540 [ 799.381361] ? cgroup_procs_next+0x70/0x70 [ 799.385580] ? _raw_spin_unlock_irq+0x56/0x80 [ 799.390060] ? _raw_spin_unlock_irq+0x60/0x80 [ 799.394543] ? oom_badness+0xaa0/0xaa0 [ 799.398427] ? mem_cgroup_scan_tasks+0x1c3/0x1e0 [ 799.403184] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 799.407930] ? mem_cgroup_iter_break+0x30/0x30 [ 799.412508] ? out_of_memory+0xbdc/0x1430 [ 799.416660] out_of_memory+0xa7f/0x1430 [ 799.420623] ? retint_kernel+0x2d/0x2d [ 799.424497] ? oom_killer_disable+0x3a0/0x3a0 [ 799.429000] ? _raw_spin_unlock_irqrestore+0xaf/0xd0 [ 799.434109] mem_cgroup_out_of_memory+0x15e/0x210 [ 799.438939] ? memory_oom_group_write+0x160/0x160 [ 799.443766] ? mem_cgroup_try_charge+0x627/0xe20 [ 799.448508] ? page_counter_try_charge+0x1c1/0x220 [ 799.453422] try_charge+0xdcd/0x1720 [ 799.457124] ? kasan_check_read+0x11/0x20 [ 799.461258] ? mem_cgroup_from_task+0x1f0/0x1f0 [ 799.465938] ? get_mem_cgroup_from_mm.part.62+0x221/0x880 [ 799.471472] ? retint_kernel+0x2d/0x2d [ 799.475355] ? lock_page_memcg+0x350/0x350 [ 799.479598] ? lock_acquire+0x1ed/0x520 [ 799.483556] ? mem_cgroup_oom_control_write+0x100/0x100 [ 799.488914] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 799.494436] ? check_preemption_disabled+0x48/0x280 [ 799.499442] ? kasan_check_read+0x11/0x20 [ 799.503578] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 799.508870] ? rcu_softirq_qs+0x20/0x20 [ 799.512858] mem_cgroup_try_charge+0x627/0xe20 [ 799.517425] ? mark_held_locks+0xc7/0x130 [ 799.521565] ? mem_cgroup_protected+0xa60/0xa60 [ 799.526236] ? retint_kernel+0x2d/0x2d [ 799.530138] ? trace_hardirqs_on_caller+0xc0/0x310 [ 799.535056] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 799.539801] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 799.545245] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 799.549991] ? retint_kernel+0x2d/0x2d [ 799.553871] mem_cgroup_try_charge_delay+0x1d/0xa0 [ 799.558802] wp_page_copy+0x51d/0x24f0 [ 799.562685] ? follow_pfn+0x2e0/0x2e0 [ 799.566491] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 799.572013] ? reuse_swap_page+0x4bd/0x1520 [ 799.576324] ? swp_swapcount+0x530/0x530 [ 799.580384] ? perf_trace_mm_lru_insertion+0x1490/0x1490 [ 799.585820] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 799.590557] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 799.595999] ? print_usage_bug+0xc0/0xc0 [ 799.600048] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 799.604617] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 799.609361] ? graph_lock+0x270/0x270 [ 799.613150] ? __lock_acquire+0x62f/0x4c20 [ 799.617374] ? mark_page_accessed+0x73f/0x2040 [ 799.621942] ? mark_page_accessed+0xcf3/0x2040 [ 799.626516] ? __sanitizer_cov_trace_pc+0x20/0x50 [ 799.631347] ? find_held_lock+0x36/0x1c0 [ 799.635397] ? do_wp_page+0x518/0x2920 [ 799.639286] ? lock_downgrade+0x900/0x900 [ 799.643421] ? wake_up_page_bit+0x6f0/0x6f0 [ 799.647734] ? kasan_check_read+0x11/0x20 [ 799.651868] ? do_raw_spin_unlock+0xa7/0x330 [ 799.656268] ? do_raw_spin_trylock+0x270/0x270 [ 799.660836] ? __pte_alloc_kernel+0x220/0x220 [ 799.665316] ? perf_trace_lock_acquire+0x15b/0x800 [ 799.670230] ? do_wp_page+0x353/0x2920 [ 799.674107] do_wp_page+0x520/0x2920 [ 799.677837] ? finish_mkwrite_fault+0x650/0x650 [ 799.682506] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 799.687085] ? retint_kernel+0x2d/0x2d [ 799.690959] ? trace_hardirqs_on_caller+0xc0/0x310 [ 799.695874] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 799.700620] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 799.706087] ? trace_hardirqs_on_caller+0xc0/0x310 [ 799.711001] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 799.716525] ? __lock_acquire+0x62f/0x4c20 [ 799.720744] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 799.725495] ? mark_held_locks+0x130/0x130 [ 799.729719] ? follow_page_pte+0xdd7/0x1ab0 [ 799.734025] ? lock_downgrade+0x900/0x900 [ 799.738159] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 799.743682] ? check_preemption_disabled+0x48/0x280 [ 799.748685] ? debug_smp_processor_id+0x1c/0x20 [ 799.753335] ? perf_trace_lock_acquire+0x15b/0x800 [ 799.758251] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 799.763885] ? follow_page_pte+0x4f9/0x1ab0 [ 799.768217] ? print_usage_bug+0xc0/0xc0 [ 799.772267] ? undo_dev_pagemap+0x680/0x680 [ 799.776584] ? retint_kernel+0x2d/0x2d [ 799.780462] ? __lock_acquire+0x62f/0x4c20 [ 799.784686] ? lock_acquire+0x1ed/0x520 [ 799.788647] ? __handle_mm_fault+0x1fa9/0x5be0 [ 799.793309] ? kasan_check_write+0x14/0x20 [ 799.797549] ? do_raw_spin_lock+0x14f/0x350 [ 799.801869] ? rwlock_bug.part.2+0x90/0x90 [ 799.806111] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 799.810684] ? retint_kernel+0x2d/0x2d [ 799.814567] ? trace_hardirqs_on_caller+0xc0/0x310 [ 799.819491] __handle_mm_fault+0x3be9/0x5be0 [ 799.824013] ? print_usage_bug+0xc0/0xc0 [ 799.828078] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 799.832942] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 799.837521] ? perf_trace_lock+0x7a0/0x7a0 [ 799.841744] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 799.847276] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 799.851842] ? retint_kernel+0x2d/0x2d [ 799.855718] ? trace_hardirqs_on_caller+0xc0/0x310 [ 799.860635] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 799.865380] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 799.870823] ? find_held_lock+0x36/0x1c0 [ 799.874901] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 799.879649] ? retint_kernel+0x2d/0x2d [ 799.883532] ? handle_mm_fault+0x6e7/0xc70 [ 799.887758] handle_mm_fault+0x54f/0xc70 [ 799.891805] ? __handle_mm_fault+0x5be0/0x5be0 [ 799.896376] ? __get_user_pages+0xcf2/0x1ed0 [ 799.900770] __get_user_pages+0xa3d/0x1ed0 [ 799.905000] ? follow_page_mask+0x2160/0x2160 [ 799.909478] ? mark_held_locks+0xc7/0x130 [ 799.913610] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 799.918364] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 799.922930] ? retint_kernel+0x2d/0x2d [ 799.926800] ? trace_hardirqs_on_caller+0xc0/0x310 [ 799.931734] ? mark_held_locks+0xc7/0x130 [ 799.935891] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 799.940631] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 799.945372] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 799.949966] ? retint_kernel+0x2d/0x2d [ 799.953840] ? trace_hardirqs_on_caller+0xc0/0x310 [ 799.958761] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 799.963504] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 799.968947] ? retint_kernel+0x2d/0x2d [ 799.972832] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 799.977577] populate_vma_page_range+0x2db/0x3d0 [ 799.982319] ? follow_page+0x420/0x420 [ 799.986201] ? __mm_populate+0x1b8/0x4d0 [ 799.990262] __mm_populate+0x286/0x4d0 [ 799.994138] ? populate_vma_page_range+0x3d0/0x3d0 [ 799.999054] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 800.004574] ? ns_capable_common+0x13f/0x170 [ 800.008970] __x64_sys_mlockall+0x45b/0x630 [ 800.013278] ? __ia32_sys_munlock+0x160/0x160 [ 800.017756] ? retint_kernel+0x2d/0x2d [ 800.021633] ? __ia32_sys_munlock+0x160/0x160 [ 800.026113] ? do_syscall_64+0x179/0x820 [ 800.030159] do_syscall_64+0x1b9/0x820 [ 800.034031] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 800.039378] ? syscall_return_slowpath+0x5e0/0x5e0 [ 800.044288] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 800.049126] ? trace_hardirqs_on_caller+0x310/0x310 [ 800.054150] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 800.059162] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 800.064684] ? prepare_exit_to_usermode+0x291/0x3b0 [ 800.069689] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 800.074521] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 800.079692] RIP: 0033:0x457569 [ 800.082877] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 800.101758] RSP: 002b:00007f835d885c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097 [ 800.109448] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 0000000000457569 [ 800.116703] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 800.123958] RBP: 000000000072bfa0 R08: 0000000000000000 R09: 0000000000000000 [ 800.131214] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f835d8866d4 [ 800.138488] R13: 00000000004c2b54 R14: 00000000004d4810 R15: 00000000ffffffff [ 800.150726] Task in /syz0 killed as a result of limit of /syz0 [ 800.157037] memory: usage 307200kB, limit 307200kB, failcnt 3163 [ 800.163379] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 800.170285] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 800.176584] Memory cgroup stats for /syz0: cache:144KB rss:297268KB rss_huge:262144KB shmem:28KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:63760KB active_anon:17092KB inactive_file:0KB active_file:0KB unevictable:216520KB [ 800.198700] Memory cgroup out of memory: Kill process 21677 (syz-executor0) score 1216 or sacrifice child [ 800.209242] Killed process 21723 (syz-executor0) total-vm:70468kB, anon-rss:18068kB, file-rss:32896kB, shmem-rss:0kB [ 800.226696] oom_reaper: reaped process 21723 (syz-executor0), now anon-rss:0kB, file-rss:32768kB, shmem-rss:0kB [ 801.073145] syz-executor0 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=1000 [ 801.084452] syz-executor0 cpuset=syz0 mems_allowed=0 [ 801.089709] CPU: 1 PID: 21726 Comm: syz-executor0 Not tainted 4.20.0-rc1-next-20181109+ #110 [ 801.098267] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 801.107604] Call Trace: [ 801.110178] dump_stack+0x244/0x39d [ 801.113799] ? dump_stack_print_info.cold.1+0x20/0x20 [ 801.118982] ? mark_held_locks+0x130/0x130 [ 801.123204] ? mark_held_locks+0x130/0x130 [ 801.127426] dump_header+0x27b/0xf72 [ 801.131177] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 801.136720] ? pagefault_out_of_memory+0x197/0x197 [ 801.141649] ? debug_smp_processor_id+0x1c/0x20 [ 801.146302] ? perf_trace_lock_acquire+0x15b/0x800 [ 801.151243] ? perf_trace_lock+0x7a0/0x7a0 [ 801.155475] ? graph_lock+0x270/0x270 [ 801.159261] ? print_usage_bug+0xc0/0xc0 [ 801.163308] ? mark_held_locks+0xc7/0x130 [ 801.167449] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 801.172281] ? find_held_lock+0x36/0x1c0 [ 801.176334] ? mark_held_locks+0xc7/0x130 [ 801.180466] ? _raw_spin_unlock_irqrestore+0x82/0xd0 [ 801.185554] ? _raw_spin_unlock_irqrestore+0x82/0xd0 [ 801.190645] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 801.195231] ? trace_hardirqs_on+0xbd/0x310 [ 801.199536] ? kasan_check_read+0x11/0x20 [ 801.203676] ? ___ratelimit+0x3b4/0x672 [ 801.207669] ? trace_hardirqs_off_caller+0x300/0x300 [ 801.212757] ? trace_hardirqs_on+0x310/0x310 [ 801.217166] ? _raw_spin_unlock_irqrestore+0x6d/0xd0 [ 801.222268] ? ___ratelimit+0x3b9/0x672 [ 801.226238] ? idr_get_free+0xf70/0xf70 [ 801.230205] oom_kill_process.cold.27+0x10/0x903 [ 801.234950] ? _raw_spin_unlock_irq+0x56/0x80 [ 801.239435] ? oom_evaluate_task+0x540/0x540 [ 801.243832] ? cgroup_procs_next+0x70/0x70 [ 801.248054] ? _raw_spin_unlock_irq+0x60/0x80 [ 801.252532] ? oom_badness+0xaa0/0xaa0 [ 801.256405] ? mem_cgroup_scan_tasks+0x1c3/0x1e0 [ 801.261173] ? mem_cgroup_iter_break+0x30/0x30 [ 801.265785] ? mark_held_locks+0xc7/0x130 [ 801.269921] out_of_memory+0xa7f/0x1430 [ 801.273880] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 801.278466] ? kasan_check_read+0x11/0x20 [ 801.282601] ? oom_killer_disable+0x3a0/0x3a0 [ 801.287096] mem_cgroup_out_of_memory+0x15e/0x210 [ 801.291925] ? memory_oom_group_write+0x160/0x160 [ 801.296764] ? mem_cgroup_try_charge+0x627/0xe20 [ 801.301512] ? page_counter_try_charge+0x1c1/0x220 [ 801.306428] try_charge+0xdcd/0x1720 [ 801.310132] ? kasan_check_read+0x11/0x20 [ 801.314278] ? mem_cgroup_from_task+0x1f0/0x1f0 [ 801.318952] ? get_mem_cgroup_from_mm.part.62+0x221/0x880 [ 801.324497] ? retint_kernel+0x2d/0x2d [ 801.328385] ? trace_hardirqs_on_caller+0xc0/0x310 [ 801.333299] ? lock_page_memcg+0x350/0x350 [ 801.337522] ? lock_acquire+0x1ed/0x520 [ 801.341480] ? mem_cgroup_oom_control_write+0x100/0x100 [ 801.346837] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 801.352384] ? check_preemption_disabled+0x48/0x280 [ 801.357399] ? kasan_check_read+0x11/0x20 [ 801.361533] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 801.366800] ? rcu_softirq_qs+0x20/0x20 [ 801.370780] mem_cgroup_try_charge+0x627/0xe20 [ 801.375372] ? mark_held_locks+0xc7/0x130 [ 801.379508] ? mem_cgroup_protected+0xa60/0xa60 [ 801.384165] ? retint_kernel+0x2d/0x2d [ 801.388066] ? trace_hardirqs_on_caller+0xc0/0x310 [ 801.392981] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 801.397717] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 801.403158] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 801.407917] ? retint_kernel+0x2d/0x2d [ 801.411822] mem_cgroup_try_charge_delay+0x1d/0xa0 [ 801.416761] wp_page_copy+0x51d/0x24f0 [ 801.420643] ? follow_pfn+0x2e0/0x2e0 [ 801.424437] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 801.429970] ? reuse_swap_page+0x4bd/0x1520 [ 801.434276] ? swp_swapcount+0x530/0x530 [ 801.438338] ? perf_trace_mm_lru_insertion+0x1490/0x1490 [ 801.443779] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 801.448519] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 801.453957] ? print_usage_bug+0xc0/0xc0 [ 801.458022] ? retint_kernel+0x2d/0x2d [ 801.461913] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 801.466661] ? graph_lock+0x270/0x270 [ 801.470454] ? __lock_acquire+0x62f/0x4c20 [ 801.474672] ? retint_kernel+0x2d/0x2d [ 801.478545] ? trace_hardirqs_on_caller+0xc0/0x310 [ 801.483475] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 801.488232] ? find_held_lock+0x36/0x1c0 [ 801.492386] ? do_wp_page+0x518/0x2920 [ 801.496258] ? lock_downgrade+0x900/0x900 [ 801.500388] ? wake_up_page_bit+0x6f0/0x6f0 [ 801.504696] ? kasan_check_read+0x11/0x20 [ 801.508828] ? do_raw_spin_unlock+0xa7/0x330 [ 801.513222] ? do_raw_spin_trylock+0x270/0x270 [ 801.517789] ? __pte_alloc_kernel+0x220/0x220 [ 801.522285] ? perf_trace_lock_acquire+0x15b/0x800 [ 801.527222] do_wp_page+0x520/0x2920 [ 801.530932] ? check_preemption_disabled+0x48/0x280 [ 801.535951] ? finish_mkwrite_fault+0x650/0x650 [ 801.540625] ? mark_held_locks+0xc7/0x130 [ 801.544768] ? perf_trace_lock+0x7a0/0x7a0 [ 801.548992] ? trace_hardirqs_on_caller+0xc0/0x310 [ 801.553910] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 801.559434] ? __lock_acquire+0x62f/0x4c20 [ 801.563676] ? mark_held_locks+0x130/0x130 [ 801.567904] ? follow_page_pte+0xdd7/0x1ab0 [ 801.572224] ? lock_downgrade+0x900/0x900 [ 801.576376] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 801.581900] ? check_preemption_disabled+0x48/0x280 [ 801.586906] ? debug_smp_processor_id+0x1c/0x20 [ 801.591561] ? perf_trace_lock_acquire+0x15b/0x800 [ 801.596476] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 801.602005] ? follow_page_pte+0x4f9/0x1ab0 [ 801.606312] ? print_usage_bug+0xc0/0xc0 [ 801.610364] ? undo_dev_pagemap+0x680/0x680 [ 801.614671] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 801.619450] ? __lock_acquire+0x62f/0x4c20 [ 801.623705] ? lock_acquire+0x1ed/0x520 [ 801.627694] ? __handle_mm_fault+0x1fa9/0x5be0 [ 801.632300] ? kasan_check_write+0x14/0x20 [ 801.636537] ? do_raw_spin_lock+0x14f/0x350 [ 801.640866] ? rwlock_bug.part.2+0x90/0x90 [ 801.645173] ? pmd_devmap_trans_unstable+0x1b0/0x220 [ 801.650276] __handle_mm_fault+0x3be9/0x5be0 [ 801.654691] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 801.659544] ? perf_trace_lock+0x7a0/0x7a0 [ 801.663764] ? retint_kernel+0x2d/0x2d [ 801.667641] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 801.673163] ? pmd_huge+0xf4/0x140 [ 801.676697] ? graph_lock+0x270/0x270 [ 801.680484] ? graph_lock+0x270/0x270 [ 801.684274] ? find_held_lock+0x36/0x1c0 [ 801.688328] ? handle_mm_fault+0x42a/0xc70 [ 801.692550] ? lock_downgrade+0x900/0x900 [ 801.696810] ? check_preemption_disabled+0x48/0x280 [ 801.701817] ? kasan_check_read+0x11/0x20 [ 801.705948] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 801.711220] ? rcu_read_unlock_special+0x370/0x370 [ 801.716139] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 801.721663] ? check_preemption_disabled+0x48/0x280 [ 801.726681] handle_mm_fault+0x54f/0xc70 [ 801.730740] ? __handle_mm_fault+0x5be0/0x5be0 [ 801.735313] ? __get_user_pages+0xa53/0x1ed0 [ 801.739712] __get_user_pages+0xa3d/0x1ed0 [ 801.743957] ? follow_page_mask+0x2160/0x2160 [ 801.748437] ? mark_held_locks+0xc7/0x130 [ 801.752580] ? mark_held_locks+0xc7/0x130 [ 801.756714] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 801.761461] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 801.766029] ? trace_hardirqs_on_caller+0xc0/0x310 [ 801.770941] ? trace_hardirqs_on_caller+0xc0/0x310 [ 801.775850] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 801.780592] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 801.786026] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 801.791468] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 801.796214] populate_vma_page_range+0x2db/0x3d0 [ 801.800956] ? follow_page+0x420/0x420 [ 801.804826] ? write_comp_data+0x1b/0x70 [ 801.808872] __mm_populate+0x286/0x4d0 [ 801.812751] ? populate_vma_page_range+0x3d0/0x3d0 [ 801.817669] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 801.823198] ? ns_capable_common+0x13f/0x170 [ 801.827591] __x64_sys_mlockall+0x45b/0x630 [ 801.831896] ? __ia32_sys_munlock+0x160/0x160 [ 801.836376] ? retint_kernel+0x2d/0x2d [ 801.840254] do_syscall_64+0x1b9/0x820 [ 801.844147] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 801.849513] ? syscall_return_slowpath+0x5e0/0x5e0 [ 801.854427] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 801.859516] ? trace_hardirqs_on_caller+0x310/0x310 [ 801.864521] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 801.869524] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 801.875044] ? prepare_exit_to_usermode+0x291/0x3b0 [ 801.880047] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 801.884883] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 801.890056] RIP: 0033:0x457569 [ 801.893232] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 801.912114] RSP: 002b:00007f835d843c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097 [ 801.919804] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 0000000000457569 [ 801.927054] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 801.934320] RBP: 000000000072c0e0 R08: 0000000000000000 R09: 0000000000000000 [ 801.941658] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f835d8446d4 [ 801.948910] R13: 00000000004c2b54 R14: 00000000004d4810 R15: 00000000ffffffff [ 801.959217] Task in /syz0 killed as a result of limit of /syz0 [ 801.965318] memory: usage 299376kB, limit 307200kB, failcnt 3209 [ 801.971778] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 801.978644] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 801.985188] Memory cgroup stats for /syz0: cache:144KB rss:289696KB rss_huge:256000KB shmem:28KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:60284KB active_anon:19124KB inactive_file:0KB active_file:0KB unevictable:210340KB [ 802.007094] Memory cgroup out of memory: Kill process 21677 (syz-executor0) score 1220 or sacrifice child [ 802.017184] Killed process 21726 (syz-executor0) total-vm:70732kB, anon-rss:18452kB, file-rss:52260kB, shmem-rss:0kB [ 802.029526] oom_reaper: reaped process 21726 (syz-executor0), now anon-rss:18452kB, file-rss:52252kB, shmem-rss:0kB 00:55:37 executing program 2: add_key$user(0x0, 0x0, &(0x7f0000000380)='X', 0x1, 0xfffffffffffffffe) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getsockopt$IP_VS_SO_GET_VERSION(0xffffffffffffffff, 0x0, 0x480, 0x0, 0x0) r0 = syz_open_dev$swradio(&(0x7f00000000c0)='/dev/swradio#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000340)={0x0, 0x9, 0x1, {0xb, @pix={0x0, 0x1f}}}) mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xfffffffffffffffd, 0x11, r0, 0x0) clone(0x0, &(0x7f0000000080), &(0x7f0000000000), &(0x7f0000915ffc), &(0x7f0000000180)) ioctl$ASHMEM_GET_SIZE(0xffffffffffffffff, 0x7704, 0x0) add_key$user(&(0x7f0000000240)='user\x00', &(0x7f0000000540)={'syz'}, &(0x7f0000000600)="63bbdf5b932bb04481028798fd5fb1bf7183b30984e21c3eb3094d70650ee8624e2bdce1427bd61c8e222dbd67d402b7ccaf0c5dc50030ee14d419fa9c84b0ffd1019f1b2ae022a0f182301f9942566e6f61eabe384c732d0813a18bb3dc9f3a678d9d44e6293e786ab2e6d28f236c138d63fe4f6ece6f3d04", 0x79, 0xfffffffffffffffd) openat$autofs(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/autofs\x00', 0x401, 0x0) 00:55:37 executing program 3: r0 = syz_open_dev$mice(0x0, 0x0, 0x0) flock(r0, 0x8) openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000400)="2f6a7374617400c65381b47aaedf2af5c8af3423fc41891bd2a3c56d8c88e29bad43f1da906e855ff182de04227edcbbc2b1df8f180e158e8abd442cc049cffda030ff277875ee010000000000000000000000000000000000000000000000f532144d1671a6cdf5069e5bddcf25cd7f23956b4a82df900f5eb5763b4fe8cc7172962d2590b2dca2a1308c382541b053194d9027d83ee7ba2e3280857f8f9f63fc90bae959c6e67078bf97e615bfd9409914958aadcfb37973543c60d83526e5c267f7dfa54bd524cc9671dedd665199322bdadee125a35b40b7be0c07301f439a7edfa26fa98277c8078b02e2076291c33787c58b0eabbc39288fc10509409de108f5ca26a8c8e1afb70b2a9569cf8f4cdb6d4e97eb7fdf241dee160e6071618333cc0b0e8bc6a17a0b7d604550fd149ad078ffe54c6392fba29015a3ae73774cd12c9c0ed251a7cf843d712d", 0x2761, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)=ANY=[], &(0x7f00000001c0)='GPL\x00'}, 0x48) r1 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x2761, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r1, 0x4030582a, &(0x7f0000000000)) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000840), 0x0, &(0x7f0000000700)}, 0x0) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x4030582a, &(0x7f0000000080)) 00:55:37 executing program 1: r0 = add_key$user(0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe) keyctl$update(0x2, r0, &(0x7f0000000440), 0x0) r1 = syz_open_dev$swradio(&(0x7f00000000c0)='/dev/swradio#\x00', 0xffffffffffffffff, 0x2) mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xfffffffffffffffd, 0x11, r1, 0x0) ioctl$KVM_GET_TSC_KHZ(r1, 0xaea3) 00:55:37 executing program 5: add_key$user(&(0x7f0000000000)='user\x00', 0x0, &(0x7f0000000380), 0x0, 0xfffffffffffffffe) keyctl$update(0x2, 0x0, 0x0, 0x0) r0 = syz_open_dev$swradio(&(0x7f00000000c0)='/dev/swradio#\x00', 0xffffffffffffffff, 0x2) mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xfffffffffffffffd, 0x11, r0, 0x0) ioctl$ASHMEM_GET_SIZE(0xffffffffffffffff, 0x7704, 0x0) r1 = getpid() r2 = getpgid(0xffffffffffffffff) kcmp$KCMP_EPOLL_TFD(r1, r2, 0x7, r0, &(0x7f0000000040)={r0, r0, 0xfffffffffffffffd}) 00:55:37 executing program 0: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000000)=0x102, 0x4) bind$inet(r0, &(0x7f0000942000)={0x2, 0x4e20, @multicast1}, 0x10) getsockopt$IP_VS_SO_GET_SERVICE(r0, 0x0, 0x483, &(0x7f0000000300), &(0x7f00000000c0)=0xfe18) r1 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000400)='/dev/vga_arbiter\x00', 0x3fc, 0x0) getsockopt$IP6T_SO_GET_REVISION_MATCH(r1, 0x29, 0x44, &(0x7f0000000180)={'NETMAP\x00'}, &(0x7f00000001c0)=0x1e) mlockall(0x1) clone(0x0, 0x0, 0xfffffffffffffffe, &(0x7f0000000080), 0xffffffffffffffff) r2 = open(&(0x7f0000000140)='./file0\x00', 0x0, 0x99) exit(0x7fffffffbffefffd) r3 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mlockall(0x3) ioctl$VHOST_SET_VRING_CALL(r1, 0x4008af21, &(0x7f0000000500)={0x3, r2}) r4 = getpgid(0xffffffffffffffff) setpriority(0x1, r4, 0x5) r5 = getpgrp(0x0) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000280)={0xffffffffffffffff, r1, 0x0, 0xf, &(0x7f0000000240)='wlan0\\}md5sum#\x00'}, 0x30) setpgid(r5, r6) vmsplice(r3, &(0x7f00000008c0)=[{&(0x7f0000000800)="50e005e6815dc6b00b10002c519c66795de0d52fc076f1eb6a9c58cde88a6eef0093b24a178e84740aa6d1618e2033d38d4aea0fb17cda768820a83864ac14405192e4549c3ad33fca5d187507c5a984d6a0c72683e7af2d4a070000000000000005b6d0dce139e4c627395426a1f6fc0b416f7163eb07000000d9e0203181735ccac1e530c361262a0a5e0a98e9ca3d17f2f2f0c116fa9fbdbe757d93e323d17f29", 0xa2}], 0x1, 0xf) ioctl$EVIOCGEFFECTS(r1, 0x80044584, &(0x7f0000000580)=""/190) mq_notify(r1, &(0x7f0000000540)={0x0, 0x1c, 0x7, @thr={&(0x7f0000000440)="4c272be7ad31b92a7819bd4438656080ec27849a76ffa174b3fe114201140a34e5e6cb4d6a3ab9bcdc80a2717dd8542f33caa13b8c9cb9f5d11d4c66dc81779917000c05979ce491010f7259d0ecdb80fb30d6cba6e2b753ac23635fbb3d879cc2982fb4bbe1afcea02f12d11d43e1337c25411ae04bd8efc06636c455e15689c75b95c24f0dbdd30bdf91f2313a3e39b263ff5196302f1880765440d8b1", 0x0}}) accept4$inet(0xffffffffffffffff, &(0x7f00000000c0), &(0x7f0000000100)=0x10, 0x0) setsockopt$sock_int(r0, 0x1, 0x3c, &(0x7f0000d4effc)=0x1, 0x4) remap_file_pages(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x4, 0xa1, 0x40001) connect$inet(r0, &(0x7f00000002c0)={0x2, 0x4e20, @local}, 0x10) ioctl$FS_IOC_FSSETXATTR(r2, 0x401c5820, &(0x7f0000000200)={0x6d, 0x7fff, 0x400, 0x40, 0x4}) sendmmsg(r0, &(0x7f00000010c0)=[{{&(0x7f0000000bc0)=@in6={0xa, 0x0, 0xb301000000000000, @mcast1}, 0x80, &(0x7f0000000d40), 0x2fb, &(0x7f0000000d80)}}], 0x4000000000001b4, 0x40400d4) 00:55:37 executing program 4: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000280)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000480)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) read$FUSE(r0, &(0x7f0000003000), 0x4ea) write$FUSE_INIT(r0, &(0x7f0000000600)={0x50, 0x0, 0x2, {0x7, 0x1c, 0x0, 0x1000000000000000, 0x7ff}}, 0x50) 00:55:37 executing program 1: r0 = add_key$user(0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe) keyctl$update(0x2, r0, &(0x7f0000000440), 0x0) r1 = syz_open_dev$dmmidi(&(0x7f0000000080)='/dev/dmmidi#\x00', 0x0, 0x80000) setsockopt$inet6_tcp_TCP_REPAIR(r1, 0x6, 0x13, &(0x7f0000000100)=0xffffffffffffffff, 0x4) r2 = syz_open_dev$swradio(&(0x7f00000000c0)='/dev/swradio#\x00', 0xffffffffffffffff, 0x2) mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xfffffffffffffffd, 0x11, r2, 0x4) ioctl$DRM_IOCTL_ADD_CTX(r2, 0xc0086420, &(0x7f0000000000)={0x0}) ioctl$DRM_IOCTL_RM_CTX(r2, 0xc0086421, &(0x7f0000000040)={r3, 0x2}) getsockopt$inet_sctp_SCTP_PRIMARY_ADDR(0xffffffffffffff9c, 0x84, 0x6, &(0x7f0000000140)={0x0, @in6={{0xa, 0x4e24, 0x6, @empty, 0x6}}}, &(0x7f0000000200)=0x84) setsockopt$inet_sctp_SCTP_PR_SUPPORTED(r1, 0x84, 0x71, &(0x7f0000000240)={r4, 0x7}, 0x8) 00:55:37 executing program 5: add_key$user(&(0x7f0000000040)='user\x00', 0x0, &(0x7f0000000380), 0x0, 0xfffffffffffffffe) keyctl$update(0x2, 0x0, 0x0, 0x0) r0 = syz_open_dev$swradio(&(0x7f00000000c0)='/dev/swradio#\x00', 0xffffffffffffffff, 0x2) ioctl$UI_SET_PROPBIT(r0, 0x4004556e, 0x6) mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xfffffffffffffffd, 0x11, r0, 0x0) ioctl$ASHMEM_GET_SIZE(r0, 0x7704, 0x0) 00:55:37 executing program 3: r0 = syz_open_dev$mice(0x0, 0x0, 0x0) r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000140)='cgroup.events\x00', 0x2761, 0x0) getsockopt$inet_IP_IPSEC_POLICY(r1, 0x0, 0x10, &(0x7f0000000200)={{{@in6=@dev, @in=@loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@ipv4={[], [], @multicast1}}, 0x0, @in6=@dev}}, &(0x7f0000000100)=0xe8) bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], r2, 0x1}, 0x48) r3 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x2761, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r3, 0x4030582a, &(0x7f0000000000)) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000840), 0x0, &(0x7f0000000700)}, 0x0) ioctl$DRM_IOCTL_MAP_BUFS(r1, 0xc0186419, &(0x7f0000000340)={0x2, &(0x7f00000003c0)=""/4096, &(0x7f0000000300)=[{0x9, 0xfa, 0x80000000, &(0x7f00000013c0)=""/250}, {0x51, 0x87, 0x0, &(0x7f00000014c0)=""/135}]}) ioctl$KVM_SET_CPUID(r0, 0x4008ae8a, &(0x7f0000001580)={0x1, 0x0, [{0x8000001b, 0x80000001, 0x7, 0x0, 0x401}]}) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_MODIFY_ATTRIBUTES(r1, 0x4008240b, &(0x7f0000000080)={0x7, 0x70, 0x6, 0x3ff, 0xec9, 0xac5, 0x0, 0x0, 0x4000, 0x4, 0x9, 0x6, 0x100000000, 0x20, 0xfffffffffffff648, 0x9, 0xcac, 0x2, 0x0, 0xfffffffffffffffd, 0xffffffffffffffee, 0x9, 0x80, 0x80000001, 0x2, 0x1ff, 0x4, 0xcb5, 0xaba8, 0x6, 0x1, 0x200, 0x101, 0x7, 0x5, 0xc32, 0x4, 0x1, 0x0, 0x80000001, 0x4, @perf_config_ext={0x1, 0x1}, 0x4002, 0x1ff, 0x1, 0xb, 0x5, 0x80000001, 0x7}) ioctl$PERF_EVENT_IOC_PERIOD(r1, 0x4030582a, &(0x7f0000000380)) 00:55:37 executing program 4: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000280)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000480)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) read$FUSE(r0, &(0x7f0000003000), 0x4ea) write$FUSE_INIT(r0, &(0x7f0000000600)={0x50, 0x0, 0x2, {0x7, 0x1c, 0x0, 0xc00000000000000, 0x7ff}}, 0x50) 00:55:37 executing program 2: add_key$user(0x0, 0x0, &(0x7f0000000380)='X', 0x1, 0xfffffffffffffffe) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getsockopt$IP_VS_SO_GET_VERSION(0xffffffffffffffff, 0x0, 0x480, 0x0, 0x0) r0 = syz_open_dev$swradio(&(0x7f00000000c0)='/dev/swradio#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000340)={0x0, 0x9, 0x1, {0xb, @pix={0x0, 0x1f}}}) mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xfffffffffffffffd, 0x11, r0, 0x0) clone(0x0, &(0x7f0000000080), &(0x7f0000000000), &(0x7f0000915ffc), &(0x7f0000000180)) ioctl$ASHMEM_GET_SIZE(0xffffffffffffffff, 0x7704, 0x0) add_key$user(&(0x7f0000000240)='user\x00', &(0x7f0000000540)={'syz'}, &(0x7f0000000600)="63bbdf5b932bb04481028798fd5fb1bf7183b30984e21c3eb3094d70650ee8624e2bdce1427bd61c8e222dbd67d402b7ccaf0c5dc50030ee14d419fa9c84b0ffd1019f1b2ae022a0f182301f9942566e6f61eabe384c732d0813a18bb3dc9f3a678d9d44e6293e786ab2e6d28f236c138d63fe4f6ece6f3d04", 0x79, 0xfffffffffffffffd) openat$autofs(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/autofs\x00', 0x401, 0x0) [ 802.749764] kasan: CONFIG_KASAN_INLINE enabled [ 802.780937] kasan: GPF could be caused by NULL-ptr deref or user memory access [ 802.794195] general protection fault: 0000 [#1] PREEMPT SMP KASAN [ 802.800475] CPU: 0 PID: 21756 Comm: syz-executor5 Not tainted 4.20.0-rc1-next-20181109+ #110 [ 802.807029] kobject: 'loop1' (00000000ea6a2ad9): kobject_uevent_env [ 802.809049] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 802.809156] RIP: 0010:vb2_mmap+0x23c/0x6f0 00:55:37 executing program 1: r0 = add_key$keyring(&(0x7f0000000000)='keyring\x00', &(0x7f0000000040)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffff8) add_key$user(0x0, 0x0, 0x0, 0x33f, r0) r1 = syz_open_dev$swradio(&(0x7f00000000c0)='/dev/swradio#\x00', 0x1, 0x2) getsockopt$inet_udp_int(r1, 0x11, 0xb, &(0x7f0000000080), &(0x7f0000000100)=0x4) mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xfffffffffffffffd, 0x11, r1, 0x0) getsockopt$inet_IP_IPSEC_POLICY(r1, 0x0, 0x10, &(0x7f0000000140)={{{@in6=@ipv4={[], [], @multicast2}, @in6=@mcast2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@rand_addr}, 0x0, @in=@remote}}, &(0x7f0000000240)=0xe8) ioprio_set$uid(0x3, r2, 0x5d97) 00:55:37 executing program 1: r0 = add_key$user(0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe) keyctl$update(0x2, r0, &(0x7f0000000440), 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vga_arbiter\x00', 0x0, 0x0) ioctl$ASHMEM_GET_NAME(r1, 0x81007702, &(0x7f0000000200)=""/155) ioctl$KDDELIO(r1, 0x4b35, 0x3f) r2 = syz_open_dev$swradio(&(0x7f00000000c0)='/dev/swradio#\x00', 0xffffffffffffffff, 0x2) ioctl$EXT4_IOC_GROUP_ADD(r2, 0x40286608, &(0x7f0000000000)={0x80000000000000, 0x3ff, 0x3ff, 0x0, 0x1f, 0x87e}) mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xfffffffffffffffd, 0x11, r2, 0x0) ioctl$VIDIOC_SUBDEV_S_EDID(r2, 0xc0285629, &(0x7f00000001c0)={0xfffffffffffffffb, 0xf654, 0x1, [], &(0x7f0000000080)=0x3}) [ 802.809176] Code: 80 3c 10 00 0f 85 1b 04 00 00 48 b9 00 00 00 00 00 fc ff df 48 8b 45 b8 48 8b 00 48 8d 78 14 48 89 45 d0 48 89 f8 48 c1 e8 03 <0f> b6 14 08 48 89 f8 83 e0 07 83 c0 03 38 d0 7c 08 84 d2 0f 85 fa [ 802.821378] kobject: 'loop1' (00000000ea6a2ad9): fill_kobj_path: path = '/devices/virtual/block/loop1' [ 802.824921] RSP: 0018:ffff88017a5bf7d0 EFLAGS: 00010203 [ 802.824935] RAX: 0000000000000002 RBX: 0000000000000009 RCX: dffffc0000000000 [ 802.824950] RDX: dffffc0000000000 RSI: ffffffff854c01c0 RDI: 0000000000000014 [ 802.877548] RBP: ffff88017a5bf820 R08: ffff88017ba0a140 R09: ffffed00397fb356 [ 802.884832] R10: ffffed00397fb356 R11: ffff8801cbfd9ab7 R12: 0000000000000000 [ 802.886287] kobject: '0:44' (0000000037e65f99): kobject_uevent_env [ 802.892096] R13: 0000000000000001 R14: 0000000000000000 R15: ffff8801cb7e7268 [ 802.892108] FS: 00007f39ecc1d700(0000) GS:ffff8801dae00000(0000) knlGS:0000000000000000 [ 802.892118] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 802.892126] CR2: 0000000001cfde80 CR3: 00000001ceb96000 CR4: 00000000001426f0 [ 802.892141] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 802.900881] kobject: '0:44' (0000000037e65f99): fill_kobj_path: path = '/devices/virtual/bdi/0:44' [ 802.905703] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 802.905709] Call Trace: [ 802.905739] ? vb2_poll+0x1d0/0x1d0 [ 802.930679] kobject: '0:44' (0000000037e65f99): kobject_cleanup, parent (null) [ 802.934510] vb2_fop_mmap+0x4b/0x70 [ 802.934604] v4l2_mmap+0x153/0x200 [ 802.934622] mmap_region+0xe85/0x1cd0 [ 802.958394] kobject: '0:44' (0000000037e65f99): calling ktype release [ 802.965389] ? __x64_sys_brk+0x8b0/0x8b0 [ 802.965404] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 802.965419] ? rcu_read_unlock_special+0x370/0x370 [ 802.965445] ? mpx_unmapped_area_check+0xd8/0x108 [ 802.970785] kobject: '0:44': free name [ 802.972592] ? refcount_dec_if_one+0x180/0x180 [ 802.972617] ? arch_get_unmapped_area+0x750/0x750 [ 802.978390] kobject: 'loop4' (00000000e44ef701): kobject_uevent_env [ 802.982973] ? lock_acquire+0x1ed/0x520 [ 802.982990] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 802.983004] ? cap_mmap_addr+0x52/0x130 [ 802.983020] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 802.983038] ? security_mmap_addr+0x80/0xa0 [ 802.987458] kobject: 'loop4' (00000000e44ef701): fill_kobj_path: path = '/devices/virtual/block/loop4' [ 802.992343] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 802.992360] ? get_unmapped_area+0x292/0x3b0 [ 802.992377] do_mmap+0xa22/0x1230 [ 802.992395] ? mmap_region+0x1cd0/0x1cd0 [ 802.992407] ? vm_mmap_pgoff+0x1b5/0x2c0 [ 802.992426] ? down_read_killable+0x150/0x150 [ 803.031426] kobject: '0:44' (0000000042340679): kobject_add_internal: parent: 'bdi', set: 'devices' [ 803.034832] ? security_mmap_file+0x174/0x1b0 [ 803.034853] vm_mmap_pgoff+0x213/0x2c0 [ 803.034875] ? vma_is_stack_for_current+0xd0/0xd0 [ 803.044096] kobject: '0:44' (0000000042340679): kobject_uevent_env [ 803.044714] ? _copy_to_user+0xc8/0x110 [ 803.063986] kobject: '0:44' (0000000042340679): fill_kobj_path: path = '/devices/virtual/bdi/0:44' [ 803.064075] ksys_mmap_pgoff+0x4da/0x660 00:55:38 executing program 1: r0 = add_key$user(0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe) keyctl$update(0x2, r0, &(0x7f0000000440), 0x0) r1 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vga_arbiter\x00', 0x14000, 0x0) r2 = getpid() getsockopt$inet6_IPV6_XFRM_POLICY(r1, 0x29, 0x23, &(0x7f0000001a80)={{{@in, @in6=@ipv4={[], [], @multicast1}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@multicast2}, 0x0, @in6=@dev}}, &(0x7f0000001b80)=0xe8) ioctl$sock_SIOCGPGRP(r1, 0x8904, &(0x7f0000003140)=0x0) getsockopt$inet6_IPV6_IPSEC_POLICY(r1, 0x29, 0x22, &(0x7f0000003180)={{{@in6=@loopback, @in=@remote, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@multicast1}, 0x0, @in=@dev}}, &(0x7f0000003280)=0xe8) lstat(&(0x7f00000032c0)='./file0\x00', &(0x7f0000003300)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r7 = getpgid(0xffffffffffffffff) stat(&(0x7f0000003380)='./file0\x00', &(0x7f00000033c0)={0x0, 0x0, 0x0, 0x0, 0x0}) getgroups(0x3, &(0x7f0000003440)=[0x0, 0xffffffffffffffff, 0xffffffffffffffff]) ioctl$sock_SIOCGPGRP(r1, 0x8904, &(0x7f0000003480)=0x0) r11 = getuid() r12 = getpid() getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f00000034c0)={0x0, 0x0}, &(0x7f0000003500)=0xc) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000003540)={0x0, 0x0, 0x0}, &(0x7f0000003580)=0xc) sendmmsg$unix(r1, &(0x7f0000004980)=[{&(0x7f0000000480)=@abs={0x1, 0x0, 0x4e21}, 0x6e, &(0x7f0000001a00)=[{&(0x7f0000000500)="c616f45c32f31043669510c10a13b56a4f1d216d5c2a3055c023d62755b255926c3b457bf5dcdd29c0680a837711e6762977142ae13dec48b8a5388f24d1356a78e00259d6b0d9519bf1d6781f01b5dc9df5844eddfa3fdd06659922b9af95244a6b7c8955c66462fd662d6b8db1dfeec491455ad32f873a9a36154fea1aa8eab17bd721a9ade5a9dd66d915894a6b39b79ead77406dbd24d18dd93d3b657e16fb38fb95ef6fa4cbbe9497ff637268ed3f32498f7e6ceca21f8f467874d0335edb473f8c60b8518423e43874fb401226784bf971f5241ebec83d2d9c31565d24c8d0af249072cbef22778209acc87dec0339b22d4e", 0xf5}, {&(0x7f0000000600)="75f8dd30497654228ecc2bd788dae0a0f8fdac27fb4f0c8bd3f38fed49e8c4c8744c7a6daf706b610bb0ae90718d424d85a93784083fbb8c76a51c676a9de3ba4d07109e62d862928a64c6eaec245e12420b1d8a4a381b6c301c7fc52b012020bb295b7a859c1f9552dfe41a8fc30296f57bc06f46d06356aea43b0c5000a5ea21b60d35", 0x84}, {&(0x7f00000006c0)="04afbb82ef9f222c9c2845395e30836e2ee943d200ec86d1", 0x18}, {&(0x7f0000000700)="f87e26cca295fc457077e4c727596fab994d9ba90028bf7f05b506d3d06933ddb833894549da6e9696ce0d1ade202056223ee410c12acebb4555a5228ac1bcf799abaa48fe9b41e58d34f60ea14fd1f14cbcfd6b7d323e913f8e6a32700157344c7083c1a784c6e0a6967ed045f3ab361afaa52ac7f4d4c4f3a4612445447372f6c9bb2b1b4aded6b83a876c72a9ca31e3ccc01626fe79028563fdc16a79cc24dbf44dc7e7e67c83ceb160d377a029fd44b99dd9a5e9dde6dbd7c7af115d311991a20fc52ee1832578b1b93b4487b5ccea658d3a", 0xd4}, {&(0x7f0000000800)="744c4044bf18c2b9cba216229c62cf92f32031e82d2a66522c398447c352417bc3e6632c8b6be44261d55d2f65ede60eeb9ca9b0c6d86ddade4c177fdba93f8a81944e7224a52ebe08ce52fd31ce4a943b095a7c6a36cdcf614945e468340d6bb4f06afe9454785636a60d588dfb73a6a6ddee028bcc6727960c23f61582b53aef5ccda2b43373dcab2f87227b82796a3a262efe0ffe2e95ee34b0e3ebaee6b7106f24026a726483f1ae8fcbd988a23b135053", 0xb3}, {&(0x7f00000008c0)="6928ace6f10ace519495d747ad5fa62b3ae6f8cd14231d3befcf282615d5c8b18df04f2d87bccab4ea1f2eb11d99fe57ec98062d8d30f2fc33b509be63b2a74f0a5bde418cf21b5101d41213c19a7d04b9d32f399ad6f99c121e6104bdcd860c9e6cf14fab56dd28d975ae5b8bcfcce8776e62cb9b5da956dca642aed2888b9eadf05feb1f964ad21e028db1c7aad1e693963558d2b49e71fb1e6e9b241174bb9aa97f7714236087", 0xa8}, {&(0x7f0000000980)="485a5b21545783dc962622fd6de3c9eda3908c2a317cbe9094d690c6bbe4b678a6ca75d474d33c1f1432ef98aa7efbaa664195ca0da21e75f8cb3122a441f970f02d02ce78320c4d21bdf52cc51d7c4ddf7d3ee18a92bba53093a08c04575e8068f676e7736560c257913a086a9379220c3ebc01f5fc2c33b4cb80a15079810eb7914745ca08c23dbfb148644f7acbc5c42feedff20222b301d3b7f8e6d0f8a9ae1f87f7ecc37c51a7fdb70d652fd88d4d9b2e0d26cfeab6fcfab1fdf81515a3c5027f38ffd9c247e69d733dc3a45c4360bb5e466c1175b21c6974039333c3811975819ae9cfc78102fae5c42c55447b3f6a03ee589c5f819ae60dbb0c246f6baedfe32a3774664c9599b0862f1a70100230878687a784bc61dee9753ee8a7b051d01cf70f74dd93eec43c7eadcad0522157904d424eb18937930e98d835008ff8d9663af8ccaaecc8f5fcff6d397d02cb6c97389c489356930626293a31d16db7dd12925ae1c961b388219b00aafd3c6f6b81424f9afb6ce54ea7bcbea482d6f0aef3ef74d2a75bbad646021abbb4a73db5a145745ff6f6eda29df64b078b3beac799604475f4d143ccad409a22e348fc0bd23060156f6343b2cb09a1fb071f3bad4159470dc7b8ca1f17ececc73e3bb99acb31c5f028f0cea2682728e2d30d61fabab6330518a23f4d5b7037493d81e5cb1dd1a444ad080ef51636c60168573dd9e708a72bcb991c71dfaace2b8674287c66f0c8a366b5f7ec76d95fa4c8cc9cd2fd70fef6094f58be884051e42a5582da5cbaa5ffd4c9b3850f0e9db057811acc2877e0d8830a5cec318093f7a49bb40a4d21d5a24c2201eb56847c5d0ac55c278eec9020242a7cb603930d041e75fe4408430f18725d37434fdd80b623a406e43ff5168bba0f9fd4e7523bb94fe918857800929348a027ecf9eb44132ca4d53f84197780ad18b4e3cf6213c8546ab828a924f3ff1b2465e359b198f8a34c3e73f34695c0d7c7f47dba369d1b1d135ef7ae375674407b834ac168666dd6f5cd00e09539872de7a11707b7a2f3a8983c4fd9adb955b81976f74542402ff2eba16dc3099421965505c6027b659e8eb5f26be60ed792e2c893cd6ed8c0e3ce4b76a8b466c98bea4c526b29397ebbe82887fb18698173a826b9ccc11b73156644cb0474458a6c81d6c398493b63e12b96eb1eba8113405a1ef069a73ea40362537b973484963beee2bbb271869eed6e0cf6e4ae169314dd8508662b417cb5b470461a3b17b8edac602274c2fda7500945fb97328143c815f2a2ae6cbf873b4948c27ec071cd3c80109623ec6724c115f8116d7721610bd6411edb0d0a94e5360c48cabb0306bc60cead877e595b963413b8c0b543e1912dbd159b3a79db20f10ec251e72309fed0fb52ca4ddb241a1514ab6e4654f4307e1a8a3f0d52be2d2e9260d6b01d23ad27fce52338df642478eef7749e231e0484d907d1cfa4766cbec96333c52e1b9e4aade8abb95b9ffe1f88e641d97956f17bb9efbb92521c52c94a2342b14c6e9916e873143df964b0974c10e8d6198938748fccd9ce103dcb386970d32762acdfda768fd01476692a778bcfe288fd27fdf1e6ce328cd12b67b90adef354ac0c9d64354490a67d26a60b374aa2d4e0178cb65fe531825fadffd22411240f125ac6d271ded42e00b72bd7fd52109f9514195f82fceca768c52f87721fa0590841863553f7226e1b0eb35b3450500eca1b781a9812fd64fe107e3a3bf8f7b5cccf9ba0cd92fced76332a0a09943b5279b6519ef7e74cb591ee50bfea533088bed5a14933fe5aa1211a1398e7bb09faa31d3fd28ddf3fd4d1d80771b762ebba34e4f6cb7957c2076dbf94801cc1126a1ba25c1acdf7a91320c976f4ec88c6d6130183d91dd0f6723446c4ea069afcf06aa227b38ce0b8567d28569c38bad3f16a3a1f8d7955ce5533aecb812ad456e1fff48fa76d44fea8d4593875ee348348518812494452f86c0b8c148f4105f75dd620b4c31d0206ab1a928debd63cbfe75e4d98637af72f6ce540d995be42cba52253b5e5c3db8612d304197f5295879536d103fb1a346d724655333b7e56cdb6ed1c1f0c3db92264ead0c323a14e8c68c7b8c7d83c0cd5fa0c4f1ac435d22a79f994e48e437cffbc75b17d73cc8754ad1fb63762341ad3b3da530448d158cb51e9c9ace2680e0b643607511fe0b2760c01607e0e80145e9930670d1a2977172e9bc512b3e015913be38db0a2426ea835741972576d984584383bde8a9f5bcf1bca44809e645cde49316274574bdc4a1a1418c92399b01998baa2a04594ad58f6106ebff9954a2572cca06c95e45e9985fd9d3e3c9018fd5948d278c05b2f0dfd9f4304cc39ffe44a885d565eb383b643cb70369d37323fff10cb29d9fbbe12d87196c1272f53c53faab079420591692e52022d2c7493effc7bfd7ba54e341d84bd33c2eac94cc13f9ead0e3d1a72ab7ac28a815551ce5f9f8b91dbfa6e43236d7f536e27be6d8f34a80b213ed559e23cd4bf67566d17aaff73a1887ac6dd27eac13915b95e20c23c7809db766871b1d39370ffffd98a7c2673e963857030c04128797a17217e795daaafa14812212ce4fd3766df45dd03076f0d97ba367ec022ecc6b76a3fb94dd67388fac9decfe38df16c8db39cbefe006445fa5c1254d7ee3753eb5603d885ea70c21357a77f678cda073a39515752923261218857f6c9b42859b80c34392c1e22bec76549220621ff221d229c2f7219904d485cf9af7421e6f323c37def88bd2866676293ceb07c1290243b7dfea9f9ed7632a4175c726822e1aa9b70723cc355b4736ad9d27d6f0dcf7c063cc1b9cdcbb23d4f4312cf819a774e9e57577a7a31187db2362d2b82ba18b6e81eedda747582a1df81a1ff05908aa52a31f32a7e038d20db104d725dbbc43430eecc930892ac4559cd36279ff0b27c3cb8fcee67f7360c04d3fc9987f9ef52b724f67885acc473d61b3c9b2578e2c5a95b449978b9ec8164418b2be0d82328ec84136d272a77d1cc21a921cd579d4ff5c1a7233408b565da0e8860d84eb5616c6b6172b5517ddd3dcebfad0352edbb1b4ee293351fe20363f6ff2c3ece9bb125a479be6459014866c0183ed1657fc1817f7a79a37b05a4933843ca883aaf17bc7496874360c8abfb0fecc4c1ebd28ab986a271769a590b1603b0e27006611d3ab46ecc8496ce74cf99e7cf1cb3119bb605210c412b2111f0d3fa569bf2d11485d097578a455bf2787048059c187c3fe63ce42d8425efc4a771ebcf5107beb619be21f0a67b7f336e102ed12f907daefe7db00b31b5a0e95fcc78b0ea2a7107cd0b189b79f9d2317b48f76918db67171024b32a2191ce034930fd796fe5e03833c106440d1a426747416975ec19eedd860c474fe53005ed3a3dd37db43d569c297f3ece961e6b3ad50bcfc98851c9cc82eae4bf1c65f2c6ef5ffba3ab3ab8cc00f851ea0243b69d3ae2b72219048605f0dff25031ed54cb2636a4a62f3df2335d3f7e7bdde97661b6e70f3201db26061a95f980f8057420537b77799fc8260bdb11d834a3d7bbe2630dcc650bc9bf6d5274e08cee435d33bdf1a008cf3fd03438e6773a9d8f737d0aa0481b3c8f1595927559557ff0adbd864621c5182d3db7bce4e5de1afa5793db04e354f133b259268cfae5465aefea0c418d9edfff0d84eabf367dd7e4f2f02c729cfa4b6278105f258592cd91768468a873792330925035feff27a0a333ae84ea30030af98b0b6a27ec84489a3a1d7794b3c631b04d1ecb53a04fe191755fbb7065726e67ba9355256ea6c5cd2a700ed1a457c378a480f07963696ce1d9c9e22cfa211c8d0062284592caa4efc41bdec60d97fb3d2d728a034c1a7aa9bf20edd05872fdcc8ce8f40563b383924e50703e48e881b73d92717c07afd276e3b1ee12297acb8c83415abea40e5386db1fd9623a0b34a67ae512cb3345e5ef8bc4f4d530716e4f0052b3b35f1bb6a23307b64e6ad056eca6d20929fd9cb5489ca9cd720be3b1ebb7f63e5e555b7974066e968ce7535b5251ed0d94587e7c14cebe84f411aa52f19ac38a0bcc78a8f9f5e2c426c938ec1c77fee0f77c10d82884eff5b0ad10929f70798c1a2b834c8f68db1f70b9820ac8b0a4c98c179200c8cda92ea666e356af5f4b9b7b5ed205827bd52b33214f9ce06f879e6dc1e79f97ffa5b8053bbc322b8fb4a5a3a384fb3be522fae0a66a07fcc633232f8a9fe4e6560c5c473cf9b0e91ab37fd153324a7f97fa5dc04e0cb05469b66833d3fad1eecd235b3f08d1394a84c07c553c2414c43dd210eab5d4b48359843aaca9a7520a2316019085530fbaab6ac4051b65333abbb2fb997b5faf60825d92312e3d042c04e9efc6806cac7cf2c16703aaf6a22a68ef2444ebababd7f693081693f9333457697b63f2f21d1ac0a361ee2046c1d9488cb024fce0e92225d2a9014669071b77ff830d4205c702b209743a4dfc0185e60a351776c63dcf572d5d72f8467ea42344df03c4abb5bc22d631c3715decefb2daeabc4445e264334a0bd2f835b6f873a848c82e6db115f0cfac24008e79161c674e2c7f5eedc57bc5b3a4cb44282fe96a0c2ae3b0649207305a0fb3d23a1f04cea0100e6daafe08e6071f2034c4c0df526bc233bd736ae7bedbd6d998c7fc5edcf50096cc4addcb7539e0bfa806ed8e1fff0b0cd162b5e581cacd764d97162502dc0e2780903c2c366e111f960ef35aa883530b792c3c497762f5e4b1d0537d742837ae0223ea0f643e6fb27c6c85dc57014dbfb7382f185151ad25e67f0e5430ccb56e269897ffd36e953406364d9e3c62e0956a2fe974d986081dfc0b3a232d4deddd99f26ed4bb3372d703449e2eb47c41fa27b1f5c6958bb3ce71bb8412bad0c7571ffe07aa2f6b8942ed71bbae36cefb6696377d27bd56d84aa12eabdb38cf11001b8a2814d1c62935d8b7fe051217fc3c11fe5d3e08dfdf2818d4900a09dac6adee791437d0bc71a2b49b07c9327407f4651c0949a46265f226b73f960a858c12d09de2f2862b9cbe7930c6a117e230bcc9f7d9927119dd65bae3eb0f88ffa57513ce28e809b0546c5b34ed22824a1808d869abf0ab07c1436a15a5eeb869d260bccd95f2b1aa36efb6a09d76d8b33109e84ca7aa8bb97a93c741aa58ec41b722733b92b453fdfb5477f1a22456c051097ee04402c4d88afa6840f10099d6dd4044cbb147070bb4462229102412f3ce598a15e4303cbfdd68792dad8d53f968eda6fea888ceac1fac01a612ee8e1ec3b97539bfaa0b1e8cd004c7ba475e5acbdc4fb95c4fd0bf9c4151bca5ab5e451217c81d3c32880b1425365e9d083b2a8ec279e0558a9c7bd826a6bcf7d5ea0c9e7163aa9bea68942ecf8ea34de2b3efb84dd6c9505455765a9ba81e2ae8ded2b4fac3e58db19eab2c2b388f4d2ef044618faa8e739f4615e4228de9cd551cb3e356d9a6d55943196427a67b38bbc3925886b2d67291f7cb28f6082af4f7597a9c8fd426b453cd8784ceb7b2fe796cd94afd53c6181de46c79239ab5cfc957f84d88842821147e207448ec8e16a40165e8d299bb0d7a71d6f720095c9b9a83ede2576c811428aafcf0661675a6844c49a2d07c7424496eab715ad5ff09048fa1b81f26d617f9da7bd1052c10fb43bb448dea520d399219a15292075265f7aa3ff0360b382e36d5d9dc994d8be0d3f94b23ab0937f2f865fae2176ad48c52857d24b5746ea7eb164f494ae12bcfb1a6b164", 0x1000}, {&(0x7f0000001980)="54cb56f2d71c414a5284b0af554f8453f00daa2dc0fcca54f963b7f0d3cf84ecf95e78c8e005e236945f46ec80728d08cd7b7f253dfcf61ef4d62fe260d1d0eddda615b5bb18c2ae446b30cb86bda2bc1f16f35dbd4ead48c1ff7de68d6c2cb7193b7f6a45fdff7e5416", 0x6a}], 0x8, &(0x7f0000001c00)=[@rights={0x28, 0x1, 0x1, [r1, r1, r1, r1, r1]}, @rights={0x20, 0x1, 0x1, [r1, r1, r1]}, @rights={0x20, 0x1, 0x1, [r1, r1, r1]}, @rights={0x28, 0x1, 0x1, [r1, r1, r1, r1, r1]}, @rights={0x20, 0x1, 0x1, [r1, r1, r1]}, @cred={0x20, 0x1, 0x2, r2, r3}], 0xd0, 0x800}, {&(0x7f0000001d00)=@file={0x1, './file0\x00'}, 0x6e, &(0x7f00000030c0)=[{&(0x7f0000001d80)="2fb743635c451762df4bed6acbb41cf7759735fc4bf0f4195ecf696ad9f82f1560e9e2c3dbe3fb92b0df7c8ba409e0a3c1cd476f12b970ff57a8c9079cedc01f826a8cee1763803ed089d4affa53e39369f7574be3b9edf4dee3ce54c37c6bd8463b44844abc10", 0x67}, {&(0x7f0000001e00)="e8185d86f310758c4ef8656cd830a0d231e05152ba68b7e6ab957e8c4cac445abd2c40a368cc9e9f1ae35f1dd3dbe10bad5446072c06544329fa344bb595742b47a02096aed6a384aa28228c2ba6a3ce9fe522c5d955414d57ae", 0x5a}, {&(0x7f0000001e80)="2d5958837c", 0x5}, {&(0x7f0000001ec0)="42031d7b0cd9ee6a48afee94d048557ccc098b6b1dbcd70d7336b6ecdee7c6d81181d463c5a4166e93d6ecafdfedb617e62a3131f036", 0x36}, {&(0x7f0000001f00)="fd3c69982122e537d6db289d385b4e1cf281030d90a1cb16d1f1693b295ceb37d4a25d53bce631c22e013c74ca2e49f23cf0d0b297dd3717799baae0bc9e9943f8a2cc7410d3dfb8857d4da458ecf0d2c44dae892369facfa9b941a22d0f899f9a8f478cc52dd1372e381260c6940e9441a8b0389cb07701bba34d4ac3b9653be790a601643d4b19e180c7b177b421acf230db30ba4870e44cc4dc17d97e12aa0ac46b7e2434e5d31c09fe42bce39021c540b20443ddb6c4ca0141f8d66a4e2b24895b0c11d9de14d5ab9354ad20ac1b89f5ee9771d4a9bf78c5efaf135fb3c212ad", 0xe2}, {&(0x7f0000002000)="f566a692dd183b9a9588a5625023ac1a2c729193b4eec5fb5361c1962c3a4e03ef29ddb90a1dd7f6ea61e71a7b8ff3b646429639bf1b6138b7b3456239443068492c360da7c1b332f8913d3be1f0681f53f6302ed39df748c48149c0c47005b4545d6c5803bba9a3194e8b0bc0477a35fe3b0f70c8e0a9e9704ed01db2b7793d3f607067dfb58c932128e86f03fa2084f443312010fcee44c127bf73be3354417d5338ce02125f0333b9bde4b19842ee255dce836e6ede14f7f3f136c6dfd5839edbd9dba410c0d1c772f08dd9192ffa900c2b0e608e48ffcd74887cae580f8b36ee2c5119faa764ae9aeffd566aac5ecc4296fb814011e1facdf07646222e3bdaa1485f93a84ecde73a95cdbf02a2fd53fcbbeabbd74c86502bfdd1a9f04443c80316153ddc115227fa048f36115c13dd456a2a11b9c030fc17ba3f9ef83544ec8845b3b5ccf550a3006333f6098d85e41636c278c57d8a3f6bc7f327c0d72ff76577059298420eb65857356fa35ebccb3a889e8af4f11e0bfb4bc77458699d1b3511ea99661805388d415121bf481b09553261d01bdfe97f59fd8acc57b707b6b772335c85c71c8eb463b04470ca327894cdd478e2cefd9d77b15fb026a815cedee24bd013c6ca04cab73ee44f023f7e6d85921c463dcf5b670c7fd465de5dcbc73a6420c154dd0e61b5302ce6f4c00237a9cf9e63bd60cae9827fa457ceeaaae52316c232b8c603a6bf215176dc77abbeed0c3baa82cddf914559393e27d6e22618c5e8fe942f1771f03d83ad3321fa8dcd175736b37ba0521e8eea422335f1f21a16be6666e1dc18a1b02e36690aedac010aa265df54036613118fec3083eb8ba813dab35f1313e5cd1717d4db04a289f92bf45794966f78ef8470bda74de6a9f492bc61eadb80f316c756680fafdfb16fd105fa9fd0b87df07a95512892483f63d923834dd77abc95df7b35760bfde7e545d154cd8b9dd774282149251e90e5ecd08f2185e84b288272a72b5ba751dd4eab2c7afc3719d4e869f65e8d42a0efd46548a9d95ff843d7107af5ead3a0fde84b610f061604cdd57464812871143b05ace1fd67f01a87ce3417e645f44778689284a147b0baf5dd850126fa7a52859a911cfc7c4a40d01e1e726838b7e20e34795331fe61a4a0ee9e969339690f26dee711fe9b61158f5075f897a1ef7788ed9c57d04861aecd8ee8d25c7144ab350b94b3f133c68e9833d21332ea847fa77564eb273ab03e11b676085b18a407b89e370805aabb9073072596cdd1849351d4054b7c92e7f33b33b5bf8cacfb382564249dfa4b42d01cb1e78423d60da87e01db9ea00e8d4242afbd9f52646e7075ec77dd146284e3f50de4cb7f06f159188476c4814091e497eff7ca10c876dc62c7e712457f35c45a2609293f7a9698d251a581279358b8f5cea46831fca18a123145d1282c95cb687e19e42eb3a105e1107e8fb0fb0468cbe77f5ac0fc13d22ac439a54b6b4b7a7133c1d5046679e7d818b7d759ccd7b14d50f38451c6047f1d73553aa80e0cc35ad01a858a533ca1b9f67c4bce5f654b980ff4ccc7814bd49b9eb0ce0f964b076defdf5eafd31c039841473f36be1258d4f26d113a08cdaa976c5e63805752212f4f3a243b7d1331d5cff56dbb804a0eaf02f268b903c377ad67926bb25e6eff94ec61eb299699a83930068a7d4f4ea8e42d41d3b4a6c2985092dc8ffeb42273105ac7917a5706f769a0e1cf71aad1fcd2797ea273ccec9a4daa41d8af5dc085fb5e4660dabfa8284c34cce2b11538b2b5d5bb5b51d1c2d6fbac7428cefe0d144ed449d9df3cf988705703999eb3ca6c3f909f630a4d4387f2b2a09f1599462deb3d8eaab6674df020d6f0b4a283852062db2a2063470668bb3e6061b0b9c41b885ecae86f2466026869d46441bf13da98ce359badfc6878a665d87ab2bf79ed19cc27da12bbc9c33d2e235215bf5040e4f3f006592926a19d295e44bb80ffe376f364d649f2ebdbdf11c08f61e1fbf20fcde5ce5da58d390fbce1f3081d96da5e25fb8909a97a4b644abe62b3130c3c8d7dbebe5c6d41cfb3cde4f8bd44dee7dcb74073bd3925690eb57d04caaef33329866223aa1e5ebf96a1a9e6792d3b4504f80f4b74f75f3d6e52f6be6b9750fcb8b01dd20dd5f8ce8c71d1c72df4e654649c59df315f7a40d8d74b14375c4150c40b749c3e4dad6e75e83517fb2397bf7a245c1e69fca65c0b697721e0a67dde1ce3089e732d44b0b808e83534d748df466c046a9bf9dfd9b961bf88f40872bae92cc6fce510af7933ad3afd90d68a7b58b2b3644f4e01498824f48975b72844d49926e7d7268ef38877d46ebe613ac274a6c8f46cd311ffb95501b71093324c336a78b59c4e72084f344b699e6da555c32a5270219a4646308c07b0536e692fea52f2c20b557e16e91519cef9ff1b7a2b6cdc6e917970da10fb0d1ab7d09cb2d949c87b7b8ae3bdd56c18fd5b1cd0228364ab9ea0bd50348f8b0e6567c43beb47f660c94e376e0da501bea81cd996e5e81a9b4669a77d31fe93fb4f167c9dca81a56f0e85f4f8cbd2b46749c959cf51aa8b9ceff34545170f56b8a7c2cc1f6a39f8c7cfeb5697f4074d42277ea12c793c6343e25e1c5590e485ea994b6c8afdb402c7563c5dd0db852d898e87021dc08f3306a638de9820d13746d9b15a43ca0cf716bdb193d5f4fc28c40922bce513826243dd4f2417aec9782b76f143829d9e9fc72c3b723bcd3d1ab7b171d5aebbaafe52e7da0250da7224998d28b2473e24f8c5006c8a12edab0806ba70cc5b83fb122d047ed418bc440d672f8e4a3f006d1b733597b81b0e036e3fc99ab6b313a53d1f126d6666c3ce96fc79df570fe0ef683209432df75ff0707f1783fe9f991042806a73c982d358636472bc28162362a7d8f8b4ab7631ffe28bb893f4637982c2182d47ab5d068050b832f8bc8df9d70caf470e5204dbb8b83d31d5fd12236249443bc74a930547fd0badbecf9de5295a3550b856eae201b64c188e31c0ee990de1f9b6b69ea8b3d042c1eac852e1cb03cf44f4e64d0e08064e42fc481abdee68157fb958efe15d734aa5b0a09a01f68b01b70a93d4cfb7b2ae5f4e3a22c809a20962251b4bf52efca3abbae38f98e871fa37f7897c8487ac212a63b22d9ff0d75c144f6ed39b12a0917c7298112f1c22fa052a0cc7a133187b2690c80db4a73610df08a8b7d56304264f5ccc03e77d1df3bc60e06fb6f81aff9be785add20a42d854a38a7327ecf821d285ec2d8aec02058bbff1e06ce971325d71d8a341903e156a712485872c0dfc438830a63cc34a3d94b82b693373994e144fc8df105d83aa4f055e869467c61ea5f610e9591ac31393723658390705a6278754b586ffc5a19ff83688e875fc0563942bfc4294091c67edae81715d1a1a0c1aba19fd6d68f3c38939fd5d64c1ae100f1bb353b6b53700d6514df62f9f9ac946dc19d665396e60d35f24b954a14cf9ccd937d7cbd0f945c0f6f6d023b78a2aaed8a31fcbee18321690a94dbbce86d385a77c3a9707940ea82562cfc3d7a9b43957ab949260ff492a41bb91195f8f6d691265ab536f624c514475f4ef1ab697240b87aee5d005cebfb1bae1db92a8274d2fc3d1cad04245deb6771f30f3b3919fe06f289c1a07835fd8ad257951a0c0a8b1d8115d0374ad228c3289f66bd697f93c434c7ae35cabfa1fee38c970122d6c5ea8cf79908cee7dfcbe7705e7dea1a395aafa9c9a2e865df509b09d6b7862509d78182dd8bd554a6e6788cb01b59957f7a57e04ac3763124bb502c1164d12c9a8b3f1091caf01158e15b516a2f2830e213f159dfbf0ff4b695694f33a4d5898e4c142319a8a26b6bd41256fa1bada2b8dc8d1e5accaaffc5e9eaaa1667975f201b96e239b330c18649fb2540910821b9f656ba2ac864e679706c0430e7c5954d359a21f941709ddff117243c8bfdea78cdb6f4e5dd188679d39a3f192c6717bb4a46f20df08fd573b35428efdbc0bda7bcfb4a826e591b3b2518abfc26f2529b0108c4b961f32902779e13ef5773188b56680476ee37d55da61968e1cbb3364fc23c16a6e9fbd8b6ad6e652c90bfab31930b31152e43078f124aa7026ba638dd11f97fca226ed783d61f322cfc9e93af3df095742422f79cff59496c8443dc9fe3469c84141ef8f7b7e289b0f2a9cdaa8b81174b46cb45f9c227d7c3447e993f77b59d9b08e6335a4a35e9a9a61d4ad4e6ac108d239825d3fa6b72274044e0527cf5cda0114b75e7dcffbc5bb72942f0bfe27d6165ebc4616c10373021a209ecff31c21daad5c9fb48d3560ddd7c3366daabedc8df4eb6901b8651490c18bb7df63a64047a2927e5e6e5d5b7bbd74491ed36f5e38121f8e0188f01015d041b356b566bb3d358db7158215616976a87dd544a3ec4adf4a734bb89341cd63e144ee61b9efaaba34c1cbcf51b044b4e03fecaa08926f3c5e6e454cb178fbf0592976eafb835497c3e6f010559d23b75944fdfabcb2042685c62662db45c28f719b13043d0dccf065bbac58eb006c5f3e7a0d4aae4c25ed3c0f7db34898ae3d96fb837732a101a2e9b11d1427645ad5eb7f3ef118f40736eb583f5540c912fcb17126679799c52784f1c5c871b9d70e5b46aba6d409116526021380911112ce3b3ce3fd08448617744b5ccbd7a666852941dde4901711d9f9c6f6488170ad3670a7f7b0db5966b4aba8ab262706ce6aec197fb049530af79ef01d080fc3d4f0af76038cf60b91452b832db3dcfa2197ece118c25813428c9c24bdd6c523dec3ca7cd77763370453bc4985bdfc5b00ab0b6d1f5eaf16c13322d2fb6fc0e477b52f94e35bcae79b6c939aa388dbae3507cad5f82a922268e64a75387ad0170d49e109558a4552d136b6ac4007a0d0bcf3182701934cabf04946401d42e708bb9fc33a9dcfb51cece278a6e5640611a4a8f0af2c36888486311bdad5c8844d1ebe63bd9fd5eeba1af5af29ba32770f92fc37a5512fbedadcf5a153e6595e39fe15d85a7a146f164a01f4a2813b1ba03cafa9e3f5f472bcb13b76116dd9470bed501920bd37be41a6750e9d6954e21bd181e4be11b9b8ae93e912ea4f62489c0b1d7014e8dc8b4b68c1551cbf19cecb366920bb742a630c694e8c41453027df154236bbd534e332c09f2b50b2f336a3faa1fa38279553f12befbdbd01ead18c1d8c63ead1c69ef6b953b2804059cb3ba1ecfe4e6853ba02fabafa95229498f07e77ba218b5ee6d057f59d60f84ddc3a8eb6c6b64ef87690321baa0165d3486e349d370688bb82f765250b110f6ff22bbd9cdfafe5a56224584b50bef397dd0102fed1679a27badd1c49180beb2b65a805780261b75b87f2e0a0bbd58c9577399e04974baa8e3d8aca42b04dacd259cb993c8fe5a52961940386117256c9d4c9ded3aa2c5b2796735f9aec9425953ea2e1d9cf5812d52bc57792cd4ef2aa1ef41883f30a25a9527ed517dad7b3c01c20aa66631bbbbde59cb08ec4689c512be09a71a503b87c6fe924de99e80c1cd78e643e8313a0654bf50cb96522993464e3da6a48f1e802efbaa6d69868e428f1a0f709a5e39b1a1aa8ee5843cf89501ca02c506201db5f5e4b48253e2749ff8eba886a58d2e4e371285cf31a5b36bd70bafd59329d2db2307be4ef642fbf622f491a3f0b576437d2432b87f70681cf536ae1ed30c20baf8dfd90ece6f446ce451308cdd3ca912d4922c467bf5086bc4273f1e68157ebfdad5929974dfbdd2c", 0x1000}, {&(0x7f0000003000)="b62c99def7392dd41082ce8f93db156a5d772cb55a464e777c2df6d75ddb7872cf83d663e4ac1ca57a75c25caa", 0x2d}, {&(0x7f0000003040)="45966e2d019046ba27bb888069b9b1f05029443ae4832f73766bc13012fa1b3582c1de302ad3309ea53145a3b8f1678f43559af72a3920249aef06c25428c5de7e5f414b5ea6f26a1b57cf777b503564be2959aba1b182a4b8c1e7cb2dc4fcbd", 0x60}], 0x8, &(0x7f00000035c0)=[@cred={0x20, 0x1, 0x2, r4, r5, r6}, @cred={0x20, 0x1, 0x2, r7, r8, r9}, @rights={0x18, 0x1, 0x1, [r1, r1]}, @cred={0x20, 0x1, 0x2, r10, r11, 0xffffffffffffffff}, @rights={0x20, 0x1, 0x1, [r1, r1, r1]}, @cred={0x20, 0x1, 0x2, r12, r13, r14}], 0xb8}, {&(0x7f0000003680)=@abs={0x1, 0x0, 0x4e22}, 0x6e, &(0x7f00000048c0)=[{&(0x7f0000003700)="d563a74ec9b5f470e775fc471ef8a358b5889cd3d2776f4e7124c418948add9457c468660791bfd6b7af18880f7882d03b3a70b1c28e9e98bb112e159c00f7099eadd6711677231e8438694a7a967069b958c94f02fd20869a7f8f74a8e74d6f632182d94ba5c216112eab11541437b6c5ae50c4539c2890a732bc73a02ffe43e280d2c69352bc22ec2daadd01b3503bd5a4e97a5c233c4a320309918e0b31e6567a61c4f738ab1ce4daad91887cec3746b9e117f87511fbadf6b2ca08169a472fe395d3429aa05a9533bdff750e1ef42a5c56ca8280dd71cfda025815fe6fb5d9ddbc22ec27a51a264ae5a36191eca086e20c190c60140e8b80bc81efd3c868ab4a0dc84b48408531250d0d1c303544cf56bb924c770f1d083471d974852dd10fe2217bcb0ba5435ef4f353ac709f47f1cff11dc04ddf3653e4a6f0e5eaf0f49fbe10d4956eaa431331d38ac07f5d584f351b0473a6bedd4540c0e9b4334761b9e29c0433862d94fd0640c087a30282f12400b2031ed660bc43734fca467cc7fa1b4948ef8cbd4d2a96397ec8c8f4ddc241c11e243a45263d43fd225951e9b5fafffe951c0da6e003f3ebd4be5308ef4e750821ea5dbb156059de96e9a5cff58452900e55643eabcf14790a3be7ba970655119c9a58cd68e2d9000c6cd67a7aebbcb6894c26dc48127c401de9054b453303bada251bb33cf72f8245ef6c864380c27b23dfbfe8cc990d894460af98532b9aa9364049e959e7f9ddab7013015efc6c270bf5d95784f0a1e740000f20ff36cd9676dcbaaaf823818630d56c095091ff2cc3353fec79fe8d0634a644c86737d6dc0ef1573810009992c14c136832bbf684e5b96717a5534288dee2578cfdea56b66e7ca3d49eb8c11ed54a64375a465a8a0844c3f58d10d5cb82c74c17b7016bcc0bd68d25795e59acd57fc0d2938a98b3d8954759ca5fa68d77b8cabaa20dc44e01933c94405f926894bb0bc26b11d14e54c7ad73cd440c6b32aa215c94a4d417e4aa7ef4e5de8b87193a3a2a9c18d91ba5ef577ab9958db701c0bc124f1fd53712ad88710e4c1b0dcf281beca1bf95c8b113d1389816a4c10bc2dba4ccfc62d97498f1ba96c24cd8915bfbf7c737c16debd1e1a37e8ca4f852ba8f072cbb5237a98cd24a265ff3f9fd3f6fc5f9ddf2ef839e82d4d1420924e7c1c20c8f329e1839244a4e78faba0ef5076fad73b1459e275632dc69360ea7aff1825737897689d05cc8841fd9c51cfd630f289bdf0bd1817a21e73393ab15cb45e9ac292938784b5624f94872b6c5b16db840b676123f617a80d139aa32e46c55dc1821c8a69d267e53259f0a1f9041ab002c7485a9c98288c0d09247a053ef38be8eb490118352729d0e3010b85b367926e856afed1d067167cb1f7b170a50e22e17ecded9f73fe0357eb7fd93b01152a9710d4e1d6a53205369740238f0cc22310b3a16c8b6b30fcfe798f2f43aaab091d1281e8d702fd8d69c8aaa3c5614781692fd1c495e08439e4985588cb164293409f3e871dc84cf681b5da39f10e2038ab4f8fd98cd159f51becc00c54e145347058d52aec1f8f80d16e78683ff6fa5a0c2d80d5a7cdf70408bc46213ba17c2f2e054a4b0827ea9b34d75c0c1051c0d830f5f697682ad3c251a0ab419dcea374e3a3d2856fbad8a429ef8d678ea6bf6351f788d532031b8b291d1d23cf3317fbd0fd3184c8b568d96f879e293fe729937fe16ca3b1845255c5f895366759d537018d50e1b19c815682b1e05dc3b238290deeac17cf8f39496e02a7928ed8a10b4c1a18591b28c873affdd5d8b0b68dc0d4b7ed19d1ffd8fb494c8076bcdabd7e59d1c0b651c7d60829d2ba45e27e4cb0d2675fd35711aadcdbb7a163256904ea3b3aad737ef4d5fbd57df13108e71203c8428c91f83890c40776879b06f39feef2c748ec54ae1e6d7ead470c1d011f0f81402ef2b225ae9b3a3d9335e145b6b9c67fa9a7b464dc014bf17685b6675a6ca1e9ba6dc5a0e51f4daac69b9bf458bd27ded5258fa203010f65c13d9009ead44de6cdc418f20f7d8bb98b3e56ef2daa3a9d1be2b7a7763951bc7e07aece4b3d7f59949a11ce71f12b5d23efe906182c2d3dd229bbd92670c90f2356931bb860099420d87676fec0fb09dd4cb8da8dbc34754fc00dd737365cf8b5c5d94426728d68a4722b731e0adda09fceecdb6690882d0279a1fa7be6046db695a5b056a669a2d2d8fb78f1b6fb2ade30094a00bb463d6631a3ce28279ed3792208239bf65909184ce77d082dd755472c322e01a9249d3463372a4dd76b579a1697c926b0929433d447859b1cd70dcc9ab6c81a3c1213290605bfb30863d4d168a728d71fe9a8443f88389eb099917a31abf90aab0bd070d836029776c527d4c7a9cc2d040cb7b851f6e9972eeddf72162ed54e6b2d1301b9d39882d0ec0411bb25514929d7bb62c3a0bebb7ee597edb9b92aed7942b9949cc1fc69b6d877693441a9de592213c54a449f9b78117450b1154690ac03dc2980934f1b28a078716bf3683defb3cd4a71d3296250537a2c7508e140076fceed7d27945c7d826bc9cfa6066ee671f4c0c40e044031de99a42dff7af75823ba9494657cdf7468eb88a1f231630e99f25525c0ed07963a4665f80ab93ed81071522375bfe0a81bad3e07d2cfeee66101b7065310258723ebce56e155478082535a85ac2d9dc4ef9143af190388ec9371e68017a09c8ec00537f6d1bc13124a871bb3346e34743e9ac28318be0cc2ed98626900d6d6aeed5cb2ebcb49bb2fdb55941cf0154705cc34db9f274dd4cfab5c15c3df7233bd0e8f4a0300ec0b0f99815327287cb007606c2d941113878f530d275a3da70bb761af1305389a66f637f73954fc57a0aaede2b1e0caf01ade82d1a0427292cca6d22bb6c84b1112687cdfa002295952b41cc181cb43442ebf50f458ff4ba98577daa64ba2d5ce329c24541e8c9d24851940f1e03739a7eaf0fc54830b0b643dca8e3638318c7ffda783e9c2630cf813649ee01c3f4c212bcc40b4e37da683babe58bb7c1ad349507703738b68f0cef629f4ea71640747fba123653c460e9dd498ffcdd14ce919becf2a09a39a4e4fd82b524937402a6da26c1b62d403303c9c1bc985b6f4a12a67316021fba9934eae31f687635aa4e1fa4dc40f39eb929b322e0388cf82574179f6d2d4521b73928a9791efe7f13bd7fbe4b7edb0eb6fc73d5998eaadc99d1bbe936fc3d55d6cd52dd0df3676bcd155ae73bde059303e83868e7a6008e0c6195b37f1948b83daf563a8aaf3d6ec19843afa23dfa350b0e4d8485bfa7b4af620bd6168f5912afba5506dff33ea9d5ca42754afe9ae632c38aca69d91b3057dda53fedd15d5164a268cee42ffa22ba9ba5fa164ce6ba58c6f5876decb6515209c388b8b2e221b11f2f14d2a128b1221322fd27bd447896d4100d4b3990870eefea02f5bb7f9a1c2ee123d74786fc38e5c2858c17f2f747755e60271c84131f96945b2dd6d9659b320e4a7b8f78d99b49010c84317284ec9b8d5d22dc4de54affc627ca11e94d609305011bf5737e885d02e1d78c95479cc00115aacd9e6c9ad4efa467bd390f549943b6be46b7dc687a9ee9c2bc23ce62433840b3d922231f68c7579c941fd5955859942b355ff202eaae9069417586b060eb27227f506e7c81493d47b8706dbdd70ec48a4899e9c5e7db0106e904fded2076cb20d02491337b3aa5f5be94e9acaccd39a894f827df588a8d6d07d6857a906cd6f19f9c7fd4ccc22cc8114d094feef2365385096a8694f4b898fe42d6db4976adbf375c550e053ce44268a60d4bdf26a41d6a3d03218c9ef9c73eeb2f50600a8a073aca9ec338bf3ac4283e23c6c9aba74e28df79d6315258677c0eb3cdd7def3d63350250e31517244bce80291dcfe2cabc9f28e5acabad95e1dd64a373ddc94fdf80a410f244af58171c63a2b9943b7393d41a11375fab05b95fe6d121d5b004e1ab602ef0eedb4ece177bc034d2658a92a0ecd723e0da4988f32d9fe487a3acdb82e85661a891cbdae622dbfd80a644521fe632cfb4095bb23c6266930aca853342533ba80d111fe443edbcb3ffd83bf883bf1a78d627583fa5197d2e415b5dfa8230589750c0aa7b5bf1334d1cbf7862f0d5d18187b656ac24659189c7277f6fb39b8cd926b0b47f110f191315055a1fde0311f507b87e3dd4fd9d0d6a98f7e389a95e0c6cc8ccb258f50d1b92eefb9015d853a6933d587aae296e9bc501894057a328299ba0a0b4a9dbfd2fdebb094fee57339312e782f88357fd6a2e949663b51007d44cdaf94ddb7f2781961b4db84f54327d2aad70c74690eaf8afa6ad4be516137a7d1288734fa999f2068d68fc7f4524cf01b71e65e66635890aa4834f60f59cc3866d7b581dd936d0349952f4036b7e269fb61a852f5ffedc1eeb431e38e99371ba0a753f5321ac0ade76bef0a108dad586a93ce2112a11e037fb05ce1ab5b5a6fe5ff0aa3cfe7ef2b7840ea3f9b26ef3705754b1c3c6f7420f8ee76d69d89df6156c31eda2f04302761fcbf90e4fea0a99472f44ceefd1107fc7126c58f13ac59f5714577c6fb869e105124776079ee6b543993a1aa0ae13e901f8e56803151fd96fbe6d5b43284dbf3a49e9d6f01c7765252084d21790949aaaae7f054f378761671e1d696815efd4606b4a43f728d1c3d95ed800d085283a368efa623b97be60d6eff4b9730d75a314993b3372892890038a495e7c8707d133e09e0ec02839d625f2ece61f83f56bd561226846a248611c4f58bcc15d04998478e3a8246db2d5e7dd36f8c2198317927f17384a10e32cbfb3d516344381bad3685a50cff9b9b0d567545de15ef455b28da6aae1d9a67137d8e3c7cce2f6a6546f918c402407953c224ae49fb487f843e107539c98520f712e6e4019935ddcfb431e4c39e7f71ba92b63327ba3c0f8bbcf962b737a10fcf796b970f98df9b53effa487ce9effb75fbee52b5dedbad35164e9cb39849cd6200bd2d2ecccff753e9a0d8553c9332829944183fb2aa5a9f4ba8c7227444f4fdf94e30af6757078cc53f4e3a203959a808ba7dd1dfc280735d694c2c5d22aebc9519e2e281ec2873c64e0ee6b9c14d940b824255bac55c2ea83dee532533b21692e8644e389a29a02491632702aef136a6a2ad7d442e31fe73cc837da91885046bf23c7d3cab939c4de543d4bc49df5b522f37ea0265a0f23cfd79f858f0b60cf3b5dca936a69a8e901feac37b56013fc9ff6cd0e9d27900958730d0a76b3cdafc1419ad37bd3633b6229e0e71e425c74a0819ffc2461c48bfbe417270f7e90589b4c8d446bdbcc0e79ea4bd11a6860ed91d3b7effc458dc3d2f956e6b21f470c1182bc22afed49baceceb2693fa9f9180dbed315ef330f3127a84d7f6e527a476e5331651baa7cbc51137dbcfce3a654371152b35056759b03c9fc8288b8e923caa6487b21d52a001b3ea7e7d5bb8a9a26acd14675cdfcd1263bd0fad2f139f9c59a3bc5e037006159891e2cc9c4923f7687fe6ac35e13054c9d0d6b51feb862427afb6d0c8d19aed1aef3cf89026f404b68a6c5597dddc2f011d6b67454917ffe817ff5b8078defc1de97c7cf653163bc216d5e88d64f0a1b7a454e70268c53555cb81a0336ac18fd00a76acd5cabaad6ba13b4568375e252aa7401ca3af21059b6b5e37def353ce65ca410d0b04407bcf93dec48b19e49a524dc25779ba049d169a0aae692a9ed656f497afe474b7946f6227", 0x1000}, {&(0x7f0000004700)="13ac2226b5abb3f1b17765dd86663cc3e424f73d235667a0ba5aa90ded52614664c427c86e7cde9db3d1da81ae0ad0595753f9b889b7230189818f5f4363605368ef9e6783c84bbdb867d09899e45eafc96deab9faa3e0b1ade3b5995666b8a2bcaeddbb0626c19943722817e63eb4c1a66fa203f0100ec8f441a1f88e78503b2e033a", 0x83}, {&(0x7f00000047c0)="a74cbb0de6980b587e0aa32a3ee7d62cb5da559a423dd1c5b7ae201ceb710fb02e0ce5ffa0104e6f122d888104dea702d9380f67e2d310afd232de8d124db38f31d936ace9e9dde6d804844468ff6389fcfe02513c866ec3d8d13050485d23", 0x5f}, {&(0x7f0000004840)="f7f55878c9845e1aa9048516c81958b9830309e684dc276a", 0x18}, {&(0x7f0000004880)="269b03ecbf70", 0x6}], 0x5, &(0x7f0000004940), 0x0, 0x4000000}], 0x3, 0x4000010) ioctl$EVIOCGSND(r1, 0x8040451a, &(0x7f0000000340)=""/154) r15 = syz_open_dev$swradio(&(0x7f00000000c0)='/dev/swradio#\x00', 0x0, 0x2) ioctl$TIOCGSID(0xffffffffffffff9c, 0x5429, &(0x7f00000002c0)) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000280)={r15, &(0x7f00000001c0)="e439e022eea807dd2347a794df6050ab133b4fd5c1422126f9527751ba144937c6a49ec3d22a6f46698d69a30d7c1de07541ee9540e507", &(0x7f0000000200)="5bd52317b3c08a5ad090c7abde85beb8a608704f6624c1f7f0a9444efc15eeaa0348e0985485fe915728cbdc24035df792a410425729c28ed2ca6d87b99b4ada0b735e6e9aaaa984cdba71e360c4681f249c89e1d772815663857e9b71347e3793f76c9bf0f770e0fd1518c1d17037d3b573364d", 0x2}, 0x20) ioctl$KVM_PPC_ALLOCATE_HTAB(r1, 0xc004aea7, &(0x7f0000000400)=0x7ff) socketpair$inet6_udp(0xa, 0x2, 0x0, &(0x7f0000000100)) mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xfffffffffffffffd, 0x11, r15, 0x0) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r15, 0x84, 0x1d, &(0x7f0000000140)=ANY=[@ANYBLOB="02153300", @ANYRES32=0x0, @ANYRES32=0x0], &(0x7f0000000180)=0xc) openat$dsp(0xffffffffffffff9c, &(0x7f0000000440)='/dev/dsp\x00', 0x0, 0x0) getpeername(r15, &(0x7f0000000000)=@ll, &(0x7f0000000080)=0x80) [ 803.078625] kobject: '0:45' (0000000017017fa3): kobject_add_internal: parent: 'bdi', set: 'devices' [ 803.080099] ? do_syscall_64+0x9a/0x820 [ 803.080125] ? find_mergeable_anon_vma+0xd0/0xd0 [ 803.080139] ? trace_hardirqs_on+0xbd/0x310 [ 803.080158] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 803.090041] kobject: '0:45' (0000000017017fa3): kobject_uevent_env [ 803.093820] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 803.093838] ? trace_hardirqs_off_caller+0x300/0x300 [ 803.093858] __x64_sys_mmap+0xe9/0x1b0 [ 803.093878] do_syscall_64+0x1b9/0x820 00:55:38 executing program 2: add_key$user(0x0, 0x0, &(0x7f0000000380)='X', 0x1, 0xfffffffffffffffe) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getsockopt$IP_VS_SO_GET_VERSION(0xffffffffffffffff, 0x0, 0x480, 0x0, 0x0) r0 = syz_open_dev$swradio(&(0x7f00000000c0)='/dev/swradio#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000340)={0x0, 0x9, 0x1, {0xb, @pix={0x0, 0x1f}}}) mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xfffffffffffffffd, 0x11, r0, 0x0) clone(0x0, &(0x7f0000000080), &(0x7f0000000000), &(0x7f0000915ffc), &(0x7f0000000180)) ioctl$ASHMEM_GET_SIZE(0xffffffffffffffff, 0x7704, 0x0) add_key$user(&(0x7f0000000240)='user\x00', &(0x7f0000000540)={'syz'}, &(0x7f0000000600)="63bbdf5b932bb04481028798fd5fb1bf7183b30984e21c3eb3094d70650ee8624e2bdce1427bd61c8e222dbd67d402b7ccaf0c5dc50030ee14d419fa9c84b0ffd1019f1b2ae022a0f182301f9942566e6f61eabe384c732d0813a18bb3dc9f3a678d9d44e6293e786ab2e6d28f236c138d63fe4f6ece6f3d04", 0x79, 0xfffffffffffffffd) openat$autofs(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/autofs\x00', 0x401, 0x0) [ 803.093890] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 803.093903] ? syscall_return_slowpath+0x5e0/0x5e0 [ 803.093917] ? trace_hardirqs_on_caller+0x310/0x310 [ 803.093935] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 803.098994] kobject: '0:45' (0000000017017fa3): fill_kobj_path: path = '/devices/virtual/bdi/0:45' [ 803.102653] ? post_copy_siginfo_from_user.isra.25.part.26+0x250/0x250 [ 803.102678] ? __switch_to_asm+0x40/0x70 [ 803.102692] ? __switch_to_asm+0x34/0x70 [ 803.102711] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 803.102736] entry_SYSCALL_64_after_hwframe+0x49/0xbe 00:55:38 executing program 3: r0 = syz_open_dev$mice(0x0, 0x0, 0x0) r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000400)="2f6a7374617400c65381b47aaedf2af5c8af3423fc41891bd2a3c56d8c88e29bad43f1da906e855ff182de04227edcbbc2b1df8f180e158e8abd442cc049cffda030ff277875ee010000000000000000000000000000000000000000000000f532144d1671a6cdf5069e5bddcf25cd7f23956b4a82df900f5eb5763b4fe8cc7172962d2590b2dca2a1308c382541b053194d9027d83ee7ba2e3280857f8f9f63fc90bae959c6e67078bf97e615bfd9409914958aadcfb37973543c60d83526e5c267f7dfa54bd524cc9671dedd665199322bdadee125a35b40b7be0c07301f439a7edfa26fa98277c8078b02e2076291c33787c58b0eabbc39288fc10509409de108f5ca26a8c8e1afb70b2a9569cf8f4cdb6d4e97eb7fdf241dee160e6071618333cc0b0e8bc6a17a0b7d604550fd149ad078ffe54c6392fba29015a3ae73774cd12c9c0ed251a7cf843d712d", 0x2761, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)=ANY=[], &(0x7f00000001c0)='GPL\x00'}, 0x48) r2 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x2761, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x4030582a, &(0x7f0000000000)) bind$vsock_dgram(r1, &(0x7f0000000200)={0x28, 0x0, 0xffffffff, @host}, 0x10) write$P9_RSTAT(r2, &(0x7f0000000580)={0x1a0, 0x7d, 0x2, {0x0, 0x199, 0x80000, 0xfffffffffffffffb, {0x13, 0x0, 0x7}, 0x100000, 0xc5, 0xd713, 0x5, 0x4, 'GPL\x00', 0x14d, "2f6a7374617400c65381b47aaedf2af5c8af3423fc41891bd2a3c56d8c88e29bad43f1da906e855ff182de04227edcbbc2b1df8f180e158e8abd442cc049cffda030ff277875ee010000000000000000000000000000000000000000000000f532144d1671a6cdf5069e5bddcf25cd7f23956b4a82df900f5eb5763b4fe8cc7172962d2590b2dca2a1308c382541b053194d9027d83ee7ba2e3280857f8f9f63fc90bae959c6e67078bf97e615bfd9409914958aadcfb37973543c60d83526e5c267f7dfa54bd524cc9671dedd665199322bdadee125a35b40b7be0c07301f439a7edfa26fa98277c8078b02e2076291c33787c58b0eabbc39288fc10509409de108f5ca26a8c8e1afb70b2a9569cf8f4cdb6d4e97eb7fdf241dee160e6071618333cc0b0e8bc6a17a0b7d604550fd149ad078ffe54c6392fba29015a3ae73774cd12c9c0ed251a7cf843d712d", 0x4, 'em1/', 0x11, '/dev/dlm-control\x00'}}, 0x1a0) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000300), 0x69f, &(0x7f0000000280), 0x0, 0x8000}, 0xfffffffffffffffc) openat$dlm_control(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dlm-control\x00', 0x400, 0x0) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r3 = syz_open_dev$vbi(&(0x7f0000000240)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) renameat2(r3, &(0x7f00000000c0)='./file0\x00', r0, &(0x7f0000000100)='./file0\x00', 0x0) ioctl$VIDIOC_QUERYBUF(r3, 0xc0585609, &(0x7f0000000140)={0x0, 0x2, 0x4, 0x0, {0x0, 0x7530}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "7e799faa"}, 0x0, 0x0, @userptr, 0x4}) ioctl$PERF_EVENT_IOC_PERIOD(r1, 0x4030582a, &(0x7f0000000000)) [ 803.168246] kobject: 'loop1' (00000000ea6a2ad9): kobject_uevent_env [ 803.170787] RIP: 0033:0x457569 [ 803.170803] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 803.170811] RSP: 002b:00007f39ecc1cc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 803.170824] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 0000000000457569 [ 803.170837] RDX: fffffffffffffffd RSI: 0000000000002000 RDI: 0000000020ffe000 [ 803.174742] kobject: 'loop1' (00000000ea6a2ad9): fill_kobj_path: path = '/devices/virtual/block/loop1' [ 803.178589] RBP: 000000000072bfa0 R08: 0000000000000004 R09: 0000000000000000 [ 803.178598] R10: 0000000000000011 R11: 0000000000000246 R12: 00007f39ecc1d6d4 [ 803.178618] R13: 00000000004c2b5d R14: 00000000004d4828 R15: 00000000ffffffff [ 803.212459] kobject: 'loop2' (00000000b8477e9b): kobject_uevent_env [ 803.214722] Modules linked in: [ 803.241458] ---[ end trace f6e6afdc1a52bdd8 ]--- [ 803.246200] kobject: '0:45' (0000000017017fa3): kobject_uevent_env [ 803.309540] RIP: 0010:vb2_mmap+0x23c/0x6f0 [ 803.335135] kobject: 'loop2' (00000000b8477e9b): fill_kobj_path: path = '/devices/virtual/block/loop2' [ 803.389999] Code: 80 3c 10 00 0f 85 1b 04 00 00 48 b9 00 00 00 00 00 fc ff df 48 8b 45 b8 48 8b 00 48 8d 78 14 48 89 45 d0 48 89 f8 48 c1 e8 03 <0f> b6 14 08 48 89 f8 83 e0 07 83 c0 03 38 d0 7c 08 84 d2 0f 85 fa [ 803.400625] kobject: 'loop3' (000000006d0ad9a1): kobject_uevent_env [ 803.415376] RSP: 0018:ffff88017a5bf7d0 EFLAGS: 00010203 [ 803.419579] syz-executor0 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=1000 [ 803.420904] RAX: 0000000000000002 RBX: 0000000000000009 RCX: dffffc0000000000 [ 803.441435] kobject: 'loop3' (000000006d0ad9a1): fill_kobj_path: path = '/devices/virtual/block/loop3' [ 803.446217] RDX: dffffc0000000000 RSI: ffffffff854c01c0 RDI: 0000000000000014 [ 803.453494] syz-executor0 cpuset=syz0 mems_allowed=0 [ 803.460070] RBP: ffff88017a5bf820 R08: ffff88017ba0a140 R09: ffffed00397fb356 [ 803.464818] kobject: 'loop3' (000000006d0ad9a1): kobject_uevent_env [ 803.470868] R10: ffffed00397fb356 R11: ffff8801cbfd9ab7 R12: 0000000000000000 [ 803.477436] CPU: 1 PID: 21779 Comm: syz-executor0 Tainted: G D 4.20.0-rc1-next-20181109+ #110 [ 803.487771] R13: 0000000000000001 R14: 0000000000000000 R15: ffff8801cb7e7268 [ 803.494297] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 803.494302] Call Trace: [ 803.494323] dump_stack+0x244/0x39d [ 803.494340] ? dump_stack_print_info.cold.1+0x20/0x20 [ 803.494359] ? vprintk_func+0x85/0x181 [ 803.494378] dump_header+0x27b/0xf72 [ 803.494400] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 803.494416] ? pagefault_out_of_memory+0x197/0x197 [ 803.494432] ? debug_smp_processor_id+0x1c/0x20 [ 803.494450] ? perf_trace_lock_acquire+0x15b/0x800 [ 803.501794] FS: 00007f39ecc1d700(0000) GS:ffff8801dae00000(0000) knlGS:0000000000000000 [ 803.511048] ? perf_trace_lock_acquire+0x15b/0x800 [ 803.511069] ? perf_trace_lock+0x7a0/0x7a0 [ 803.511086] ? perf_trace_lock+0x7a0/0x7a0 [ 803.513676] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 803.517265] ? debug_smp_processor_id+0x1c/0x20 [ 803.517282] ? perf_trace_lock_acquire+0x15b/0x800 [ 803.522486] CR2: 00007fb0f92aa518 CR3: 00000001ceb96000 CR4: 00000000001426f0 [ 803.526323] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 803.526342] ? perf_trace_lock+0x7a0/0x7a0 [ 803.530052] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 803.535564] ? task_will_free_mem+0x239/0xb30 [ 803.535602] ? ___ratelimit+0x3b4/0x672 [ 803.540527] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 803.545160] ? lock_downgrade+0x900/0x900 [ 803.545179] ? trace_hardirqs_on+0xbd/0x310 [ 803.545197] ? kasan_check_read+0x11/0x20 [ 803.550114] Kernel panic - not syncing: Fatal exception [ 803.558305] ? ___ratelimit+0x3b4/0x672 [ 803.648811] ? trace_hardirqs_off_caller+0x300/0x300 [ 803.653905] ? trace_hardirqs_on+0x310/0x310 [ 803.658306] ? lock_downgrade+0x900/0x900 [ 803.662447] ? _raw_spin_unlock_irqrestore+0x6d/0xd0 [ 803.667542] ? ___ratelimit+0x3b9/0x672 [ 803.671511] ? idr_get_free+0xf70/0xf70 [ 803.675487] oom_kill_process.cold.27+0x10/0x903 [ 803.680247] ? oom_evaluate_task+0x540/0x540 [ 803.684748] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 803.690279] ? cgroup_procs_next+0x70/0x70 [ 803.694513] ? _raw_spin_unlock_irq+0x60/0x80 [ 803.698998] ? oom_badness+0xaa0/0xaa0 [ 803.702882] ? mem_cgroup_scan_tasks+0x1c3/0x1e0 [ 803.707656] ? _raw_spin_unlock_irq+0x60/0x80 [ 803.712151] ? mem_cgroup_iter_break+0x30/0x30 [ 803.716737] ? cgroup_file_notify+0x226/0x2f0 [ 803.721230] out_of_memory+0xa7f/0x1430 [ 803.725199] ? kasan_check_read+0x11/0x20 [ 803.729339] ? oom_killer_disable+0x3a0/0x3a0 [ 803.733841] mem_cgroup_out_of_memory+0x15e/0x210 [ 803.738681] ? memory_oom_group_write+0x160/0x160 [ 803.743514] ? mem_cgroup_try_charge+0x627/0xe20 [ 803.748265] ? page_counter_try_charge+0x1c1/0x220 [ 803.753189] try_charge+0xdcd/0x1720 [ 803.756898] ? lock_release+0xa10/0xa10 [ 803.760867] ? mem_cgroup_from_task+0x1f0/0x1f0 [ 803.765531] ? get_mem_cgroup_from_mm.part.62+0x221/0x880 [ 803.771061] ? mark_held_locks+0x130/0x130 [ 803.775285] ? lock_page_memcg+0x350/0x350 [ 803.779511] ? PageHuge+0x183/0x2b0 [ 803.783139] ? lock_acquire+0x1ed/0x520 [ 803.787107] ? mem_cgroup_oom_control_write+0x100/0x100 [ 803.792476] ? lock_downgrade+0x900/0x900 [ 803.796621] ? lock_release+0xa10/0xa10 [ 803.800596] ? perf_trace_sched_process_exec+0x860/0x860 [ 803.806044] ? kasan_check_read+0x11/0x20 [ 803.810183] ? page_trans_huge_map_swapcount+0xbae/0x1270 [ 803.815721] mem_cgroup_try_charge+0x627/0xe20 [ 803.820297] ? mem_cgroup_protected+0xa60/0xa60 [ 803.824959] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 803.830487] ? page_mapping+0x5a2/0xa50 [ 803.834454] ? __page_mapcount+0x580/0x580 [ 803.838695] ? mem_cgroup_uncharge_swap+0x370/0x370 [ 803.843709] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 803.849254] ? page_evictable+0x2de/0x540 [ 803.853399] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 803.859415] mem_cgroup_try_charge_delay+0x1d/0xa0 [ 803.864341] wp_page_copy+0x51d/0x24f0 [ 803.868227] ? follow_pfn+0x2e0/0x2e0 [ 803.872021] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 803.877546] ? reuse_swap_page+0x4bd/0x1520 [ 803.881871] ? swp_swapcount+0x530/0x530 [ 803.885926] ? perf_trace_mm_lru_insertion+0x1490/0x1490 [ 803.891371] ? preempt_notifier_register+0x200/0x200 [ 803.896464] ? __switch_to_asm+0x34/0x70 [ 803.900520] ? __switch_to_asm+0x34/0x70 [ 803.904576] ? __switch_to_asm+0x40/0x70 [ 803.908647] ? __switch_to_asm+0x34/0x70 [ 803.912698] ? __switch_to_asm+0x40/0x70 [ 803.916749] ? __switch_to_asm+0x34/0x70 [ 803.920806] ? __switch_to_asm+0x34/0x70 [ 803.924856] ? __switch_to_asm+0x40/0x70 [ 803.928907] ? __switch_to_asm+0x34/0x70 [ 803.932963] ? __switch_to_asm+0x40/0x70 [ 803.937020] ? __schedule+0x8d7/0x21d0 [ 803.940902] ? check_preemption_disabled+0x48/0x280 [ 803.945914] ? check_preemption_disabled+0x48/0x280 [ 803.950927] ? __sched_text_start+0x8/0x8 [ 803.955076] ? mark_page_accessed+0x65c/0x2040 [ 803.959656] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 803.965188] ? mark_page_accessed+0xcaf/0x2040 [ 803.969769] ? mark_held_locks+0x130/0x130 [ 803.973998] ? finish_task_switch+0x1f4/0x920 [ 803.978486] ? do_wp_page+0x518/0x2920 [ 803.982368] ? lock_downgrade+0x900/0x900 [ 803.986511] ? wake_up_page_bit+0x6f0/0x6f0 [ 803.990831] ? kasan_check_read+0x11/0x20 [ 803.994973] ? do_raw_spin_unlock+0xa7/0x330 [ 803.999376] ? do_raw_spin_trylock+0x270/0x270 [ 804.003950] ? __pte_alloc_kernel+0x220/0x220 [ 804.008524] ? perf_trace_lock_acquire+0x15b/0x800 [ 804.013595] do_wp_page+0x520/0x2920 [ 804.017305] ? check_preemption_disabled+0x48/0x280 [ 804.022315] ? finish_mkwrite_fault+0x650/0x650 [ 804.026978] ? __switch_to_asm+0x40/0x70 [ 804.031030] ? __switch_to_asm+0x34/0x70 [ 804.035086] ? __switch_to_asm+0x40/0x70 [ 804.039144] ? perf_trace_lock+0x7a0/0x7a0 [ 804.043368] ? __schedule+0x8d7/0x21d0 [ 804.047248] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 804.052778] ? mlock_vma_page+0x5fd/0xc90 [ 804.056919] ? clear_page_mlock+0x9d0/0x9d0 [ 804.061237] ? pagevec_lru_move_fn+0x259/0x350 [ 804.065829] ? mark_held_locks+0x130/0x130 [ 804.070061] ? follow_page_pte+0xdd7/0x1ab0 [ 804.074379] ? lock_downgrade+0x900/0x900 [ 804.078523] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 804.084065] ? check_preemption_disabled+0x48/0x280 [ 804.089078] ? debug_smp_processor_id+0x1c/0x20 [ 804.093832] ? perf_trace_lock_acquire+0x15b/0x800 [ 804.098752] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 804.104286] ? perf_trace_lock+0x7a0/0x7a0 [ 804.108516] ? follow_page_pte+0x4f9/0x1ab0 [ 804.112846] ? undo_dev_pagemap+0x680/0x680 [ 804.117159] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 804.122693] ? check_preemption_disabled+0x48/0x280 [ 804.127707] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 804.133242] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 804.138781] ? lock_acquire+0x1ed/0x520 [ 804.142751] ? __handle_mm_fault+0x1fa9/0x5be0 [ 804.147330] ? kasan_check_write+0x14/0x20 [ 804.151565] ? do_raw_spin_lock+0x14f/0x350 [ 804.155879] ? rwlock_bug.part.2+0x90/0x90 [ 804.160115] __handle_mm_fault+0x3be9/0x5be0 [ 804.164521] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 804.169360] ? perf_trace_lock+0x7a0/0x7a0 [ 804.173600] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 804.179128] ? pmd_huge+0xf4/0x140 [ 804.182661] ? rbt_memtype_check_insert.cold.8+0x20a/0x20a [ 804.188281] ? follow_page_mask+0x18e/0x2160 [ 804.192684] ? gup_pgd_range+0x3ab0/0x3ab0 [ 804.196924] ? mark_held_locks+0x130/0x130 [ 804.201166] ? handle_mm_fault+0x42a/0xc70 [ 804.205404] ? lock_downgrade+0x900/0x900 [ 804.209556] ? trace_hardirqs_on+0xbd/0x310 [ 804.213869] ? __get_user_pages+0xa3d/0x1ed0 [ 804.218266] ? rcu_read_unlock_special+0x370/0x370 [ 804.223191] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 804.228722] ? check_preemption_disabled+0x48/0x280 [ 804.233728] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 804.239261] handle_mm_fault+0x54f/0xc70 [ 804.243314] ? __handle_mm_fault+0x5be0/0x5be0 [ 804.247890] ? find_vma+0x34/0x190 [ 804.251425] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 804.256440] __get_user_pages+0xa3d/0x1ed0 [ 804.260678] ? follow_page_mask+0x2160/0x2160 [ 804.265166] ? debug_smp_processor_id+0x1c/0x20 [ 804.269825] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 804.275360] ? rcu_read_unlock_special+0x370/0x370 [ 804.280286] ? lock_acquire+0x1ed/0x520 [ 804.284251] ? __mm_populate+0x31a/0x4d0 [ 804.288317] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 804.293849] ? lock_release+0xa10/0xa10 [ 804.297815] ? perf_trace_sched_process_exec+0x860/0x860 [ 804.303263] ? __vma_adjust+0x1810/0x1810 [ 804.307413] populate_vma_page_range+0x2db/0x3d0 [ 804.312162] ? follow_page+0x420/0x420 [ 804.316043] ? find_vma+0x34/0x190 [ 804.319583] __mm_populate+0x286/0x4d0 [ 804.323469] ? populate_vma_page_range+0x3d0/0x3d0 [ 804.328392] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 804.333921] ? ns_capable_common+0x13f/0x170 [ 804.338326] __x64_sys_mlockall+0x45b/0x630 [ 804.342641] ? __ia32_sys_munlock+0x160/0x160 [ 804.347124] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 804.352654] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 804.358009] ? trace_hardirqs_off_caller+0x300/0x300 [ 804.363123] do_syscall_64+0x1b9/0x820 [ 804.367016] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 804.372376] ? syscall_return_slowpath+0x5e0/0x5e0 [ 804.377297] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 804.382133] ? trace_hardirqs_on_caller+0x310/0x310 [ 804.387144] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 804.392159] ? prepare_exit_to_usermode+0x291/0x3b0 [ 804.397167] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 804.402004] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 804.407183] RIP: 0033:0x457569 [ 804.410367] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 804.429267] RSP: 002b:00007f835d843c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097 [ 804.436976] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 0000000000457569 [ 804.444236] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 804.451496] RBP: 000000000072c0e0 R08: 0000000000000000 R09: 0000000000000000 [ 804.458765] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f835d8446d4 [ 804.466028] R13: 00000000004c2b54 R14: 00000000004d4810 R15: 00000000ffffffff [ 804.474646] Kernel Offset: disabled [ 804.478276] Rebooting in 86400 seconds..