97.795610][ T8886] unevictable 0 [ 1997.795610][ T8886] slab_reclaimable 17416 [ 1997.795610][ T8886] slab_unreclaimable 303135984 [ 1997.795610][ T8886] slab 303153400 [ 1997.795610][ T8886] workingset_refault_anon 0 [ 1997.795610][ T8886] workingset_refault_file 15 [ 1997.795610][ T8886] workingset_activate_anon 0 [ 1997.795610][ T8886] workingset_activate_file 0 [ 1997.891272][ T8886] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=8882,uid=0 01:39:48 executing program 4: openat$nvram(0xffffffffffffff9c, &(0x7f0000000240), 0x282, 0x0) 01:39:48 executing program 1: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000001700)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) connect$unix(r1, 0x0, 0x0) sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x80300, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="200000003600000019000000600100000f000000000000000000000004000000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001000008000000d24200001203", 0x66, 0x400}, {&(0x7f0000000440)="0000000000000000000000806856d49a00cc4371bd6a7c893f280045010040", 0x1f, 0x4e0}, {&(0x7f0000010400)="030000000400000005", 0x9, 0x800}, {&(0x7f0000010e00), 0x0, 0x1500}], 0x1000001, &(0x7f0000000700)) [ 1997.906605][ T8886] Memory cgroup out of memory: Killed process 8882 (syz-executor.4) total-vm:46312kB, anon-rss:388kB, file-rss:8192kB, shmem-rss:0kB, UID:0 pgtables:76kB oom_score_adj:1000 01:39:48 executing program 5: r0 = socket$can_raw(0x1d, 0x3, 0x1) getsockopt$CAN_RAW_RECV_OWN_MSGS(r0, 0x65, 0x4, &(0x7f00000000c0), &(0x7f0000000100)=0x4) 01:39:48 executing program 5: openat$null(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000007c0)) 01:39:48 executing program 5: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_UNLABEL_C_STATICREMOVE(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={0x0}}, 0x0) [ 1997.971982][ T8895] syz-executor.4 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 1997.982323][ T8895] CPU: 1 PID: 8895 Comm: syz-executor.4 Not tainted 5.19.0-rc6-syzkaller-00104-g72a8e05d4f66-dirty #0 [ 1997.993303][ T8895] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 1998.003431][ T8895] Call Trace: [ 1998.006721][ T8895] [ 1998.009656][ T8895] dump_stack_lvl+0xd6/0x122 [ 1998.014329][ T8895] dump_stack+0x11/0x12 [ 1998.018537][ T8895] dump_header+0x98/0x410 [ 1998.022874][ T8895] oom_kill_process+0xfe/0x550 [ 1998.027747][ T8895] out_of_memory+0x620/0x880 [ 1998.032357][ T8895] mem_cgroup_oom+0x475/0x4f0 [ 1998.037055][ T8895] try_charge_memcg+0x746/0x960 [ 1998.041891][ T8895] charge_memcg+0x63/0x2c0 [ 1998.046359][ T8895] __mem_cgroup_charge+0x25/0xa0 [ 1998.051279][ T8895] wp_page_copy+0x20f/0x1460 [ 1998.055952][ T8895] do_wp_page+0x76f/0xe10 [ 1998.060276][ T8895] handle_mm_fault+0x5fb/0xa90 [ 1998.065048][ T8895] do_user_addr_fault+0x4cd/0x940 [ 1998.070150][ T8895] exc_page_fault+0x60/0x160 [ 1998.074765][ T8895] asm_exc_page_fault+0x22/0x30 [ 1998.079617][ T8895] RIP: 0033:0x7fe837f7b0d1 [ 1998.084033][ T8895] Code: 11 00 4c 29 e8 4b 8d 0c 2f 48 8b 6c 24 18 48 39 d3 48 89 4b 60 0f 95 c2 48 83 c8 01 0f b6 d2 48 c1 e2 02 4c 09 ea 48 83 ca 01 <49> 89 57 08 48 89 41 08 49 83 c7 10 eb b3 48 8d 3d ca de 09 00 e8 [ 1998.103714][ T8895] RSP: 002b:00007ffd964f76a0 EFLAGS: 00010206 [ 1998.109764][ T8895] RAX: 0000000000020801 RBX: 00007fe8380925e0 RCX: 00005555560a2800 [ 1998.117720][ T8895] RDX: 0000000000000121 RSI: 0000000000000000 RDI: 0000000000000004 [ 1998.125673][ T8895] RBP: 0000000000000110 R08: 0000000000000003 R09: 00007fe838092640 [ 1998.133674][ T8895] R10: 0000000000020022 R11: 0000000000000120 R12: 0000000000000010 [ 1998.141644][ T8895] R13: 0000000000000120 R14: 0000000000000012 R15: 00005555560a26e0 [ 1998.149661][ T8895] [ 1998.152736][ T8895] memory: usage 307192kB, limit 307200kB, failcnt 59480 [ 1998.159689][ T8895] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 1998.166657][ T8895] Memory cgroup stats for /syz4: [ 1998.167663][ T8895] anon 90112 [ 1998.167663][ T8895] file 126976 [ 1998.167663][ T8895] kernel 314347520 [ 1998.167663][ T8895] kernel_stack 16384 [ 1998.167663][ T8895] pagetables 73728 [ 1998.167663][ T8895] percpu 11039616 [ 1998.167663][ T8895] sock 0 [ 1998.167663][ T8895] vmalloc 0 [ 1998.167663][ T8895] shmem 126976 [ 1998.167663][ T8895] file_mapped 126976 [ 1998.167663][ T8895] file_dirty 0 [ 1998.167663][ T8895] file_writeback 0 [ 1998.167663][ T8895] swapcached 0 [ 1998.167663][ T8895] inactive_anon 159744 [ 1998.167663][ T8895] active_anon 57344 [ 1998.167663][ T8895] inactive_file 0 [ 1998.167663][ T8895] active_file 0 [ 1998.167663][ T8895] unevictable 0 [ 1998.167663][ T8895] slab_reclaimable 22120 [ 1998.167663][ T8895] slab_unreclaimable 303142832 [ 1998.167663][ T8895] slab 303164952 [ 1998.167663][ T8895] workingset_refault_anon 0 [ 1998.167663][ T8895] workingset_refault_file 15 [ 1998.167663][ T8895] workingset_activate_anon 0 [ 1998.167663][ T8895] workingset_activate_file 0 [ 1998.264579][ T8895] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=8895,uid=0 [ 1998.279897][ T8895] Memory cgroup out of memory: Killed process 8895 (syz-executor.4) total-vm:46312kB, anon-rss:388kB, file-rss:8192kB, shmem-rss:0kB, UID:0 pgtables:76kB oom_score_adj:1000 01:39:48 executing program 3: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000240)=0x1) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4000000010001fff000000000000000300000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00ed"], 0x40}}, 0x0) 01:39:48 executing program 5: r0 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, 0x0) 01:39:48 executing program 4: openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x101000, 0x0) 01:39:48 executing program 0: getpid() socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, 0x0, 0x0, 0x2, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4000000010001fff0000a8020000000000000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00edd62ea20a1d331785", @ANYBLOB="f6058f6edd13b339a41741df7cc8ce16a184f1c3ce95557b15a6b9d8ed59050d446d58b1b14a601e31bc1f05ac2d5eab491981e7982e0834ddf3bc6592804936196dbce83b114f9265aa8c87654cf456311e4cba3ee22fd0451b75c902767755ccec2eb4ea77c45e8d4d4e77f867648d98797fdd8711d671c5f22669c60eb10bf9570150a2c247bf1e55cd1fb91e41588a73327e20823f2f15ce2255a75e6d8afb40aa37c5ae7af3fb6c770673242110d1e2c33cfd3264e2a156ae5ee38d5abfb2ad4c2a8a"], 0x40}}, 0x0) 01:39:48 executing program 2: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000240)=0x1) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4000000010001fff000003fe0000000000000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00ed"], 0x40}}, 0x0) 01:39:48 executing program 5: socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000007c0)={0xffffffffffffffff, 0xffffffffffffffff}) recvmmsg$unix(r0, 0x0, 0x0, 0x0, 0x0) 01:39:48 executing program 5: socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000007c0)={0xffffffffffffffff, 0xffffffffffffffff}) recvmmsg$unix(r0, &(0x7f0000002d00)=[{{&(0x7f00000000c0), 0x6e, 0x0}}], 0x1, 0x0, 0x0) [ 1998.404245][ T8912] syz-executor.4 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 1998.414530][ T8912] CPU: 1 PID: 8912 Comm: syz-executor.4 Not tainted 5.19.0-rc6-syzkaller-00104-g72a8e05d4f66-dirty #0 [ 1998.427062][ T8912] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 1998.437209][ T8912] Call Trace: [ 1998.440521][ T8912] [ 1998.443461][ T8912] dump_stack_lvl+0xd6/0x122 [ 1998.448099][ T8912] dump_stack+0x11/0x12 [ 1998.452338][ T8912] dump_header+0x98/0x410 [ 1998.456760][ T8912] oom_kill_process+0xfe/0x550 [ 1998.461528][ T8912] out_of_memory+0x620/0x880 [ 1998.466106][ T8912] mem_cgroup_oom+0x475/0x4f0 [ 1998.470791][ T8912] try_charge_memcg+0x746/0x960 [ 1998.475688][ T8912] __memcg_kmem_charge_page+0x2e4/0x480 [ 1998.481224][ T8912] alloc_thread_stack_node+0x101/0x360 [ 1998.486686][ T8912] dup_task_struct+0x96/0x2a0 [ 1998.491438][ T8912] copy_process+0x3cb/0x20b0 [ 1998.496062][ T8912] kernel_clone+0x163/0x5c0 [ 1998.500565][ T8912] __x64_sys_clone+0xc3/0xf0 [ 1998.505159][ T8912] do_syscall_64+0x2b/0x70 [ 1998.509595][ T8912] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 1998.515524][ T8912] RIP: 0033:0x7fe837fad531 [ 1998.520080][ T8912] Code: 48 85 ff 74 3d 48 85 f6 74 38 48 83 ee 10 48 89 4e 08 48 89 3e 48 89 d7 4c 89 c2 4d 89 c8 4c 8b 54 24 08 b8 38 00 00 00 0f 05 <48> 85 c0 7c 13 74 01 c3 31 ed 58 5f ff d0 48 89 c7 b8 3c 00 00 00 [ 1998.539719][ T8912] RSP: 002b:00007ffd964f7748 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 1998.548201][ T8912] RAX: ffffffffffffffda RBX: 00007fe837722700 RCX: 00007fe837fad531 [ 1998.556254][ T8912] RDX: 00007fe8377229d0 RSI: 00007fe8377222f0 RDI: 00000000003d0f00 [ 1998.564352][ T8912] RBP: 00007ffd964f7990 R08: 00007fe837722700 R09: 00007fe837722700 [ 1998.572323][ T8912] R10: 00007fe8377229d0 R11: 0000000000000206 R12: 00007ffd964f77fe [ 1998.580284][ T8912] R13: 00007ffd964f77ff R14: 00007fe837722300 R15: 0000000000022000 [ 1998.588264][ T8912] [ 1998.591307][ T8912] memory: usage 307200kB, limit 307200kB, failcnt 59529 [ 1998.598258][ T8912] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 01:39:50 executing program 1: connect$rds(0xffffffffffffffff, 0x0, 0x0) 01:39:50 executing program 5: r0 = openat$null(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) dup2(r0, r1) 01:39:50 executing program 1: r0 = socket$can_raw(0x1d, 0x3, 0x1) getsockopt$CAN_RAW_FILTER(r0, 0x65, 0x1, &(0x7f0000001a40)=[{}], &(0x7f0000001a80)=0x8) 01:39:50 executing program 5: r0 = socket$igmp(0x2, 0x3, 0x2) setsockopt$MRT_ADD_MFC(r0, 0x0, 0x5, 0x0, 0x0) [ 1998.605186][ T8912] Memory cgroup stats for /syz4: [ 1999.971389][ T8912] anon 94208 [ 1999.971389][ T8912] file 126976 [ 1999.971389][ T8912] kernel 314314752 [ 1999.971389][ T8912] kernel_stack 16384 [ 1999.971389][ T8912] pagetables 73728 [ 1999.971389][ T8912] percpu 11039616 [ 1999.971389][ T8912] sock 0 [ 1999.971389][ T8912] vmalloc 0 [ 1999.971389][ T8912] shmem 126976 [ 1999.971389][ T8912] file_mapped 126976 [ 1999.971389][ T8912] file_dirty 0 [ 1999.971389][ T8912] file_writeback 0 [ 1999.971389][ T8912] swapcached 0 01:39:50 executing program 1: syz_mount_image$msdos(0x0, 0x0, 0x0, 0x1, &(0x7f0000001680)=[{&(0x7f0000000380)="c5b6b58e0a", 0x5}], 0x0, 0x0) [ 1999.971389][ T8912] inactive_anon 163840 [ 1999.971389][ T8912] active_anon 57344 [ 1999.971389][ T8912] inactive_file 0 [ 1999.971389][ T8912] active_file 0 [ 1999.971389][ T8912] unevictable 0 [ 1999.971389][ T8912] slab_reclaimable 15840 [ 1999.971389][ T8912] slab_unreclaimable 303123224 [ 1999.971389][ T8912] slab 303139064 [ 1999.971389][ T8912] workingset_refault_anon 0 [ 1999.971389][ T8912] workingset_refault_file 15 [ 1999.971389][ T8912] workingset_activate_anon 0 [ 1999.971389][ T8912] workingset_activate_file 0 [ 2000.067172][ T8912] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=8912,uid=0 [ 2000.082546][ T8912] Memory cgroup out of memory: Killed process 8912 (syz-executor.4) total-vm:46312kB, anon-rss:388kB, file-rss:8192kB, shmem-rss:0kB, UID:0 pgtables:76kB oom_score_adj:1000 01:39:50 executing program 3: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000240)=0x1) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4000000010001fff000000000000000400000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00ed"], 0x40}}, 0x0) 01:39:50 executing program 5: syz_mount_image$msdos(0x0, &(0x7f0000000340)='./file0\x00', 0x8, 0x5, &(0x7f0000001680)=[{&(0x7f0000000380)="c5b6b58e0ac2163f89a6df1e82ebbdcfe1a2a35ac343c351ef5f57923e3add6fadee6df128aae87a649e2e2ef531c13461b0565f14431fd1fbcd349198cf5c93fd564a9df08ddff180ea289ff77576e4fb581169408409d164d11de3befef95fa5c224c4a7c3315a0c300906bbd4b27339b29b529d", 0x75, 0x4}, {&(0x7f0000000440)="33a324f8b6e4befe2f78c3ea2e06874fd11b2c7fbc4592", 0x17, 0x2}, {&(0x7f0000000480)="6218", 0x2, 0xffff}, {&(0x7f0000000580)="298511bc43c1fcc4b3ec76df991e6ae8c23c7371276014465df270656f527489f94cb0cd2b19de45b8d6fbb05e5a3baf289ddbe1131c105462add315d71d3b6c3661a2b9405ffa5471a7b227ff57674b671282fdbcf95ddb55d420bd6ea1fe5a5243d4ff8d3c0f69cd0bc79a5939899438e2d63767320152569afc0447ecc3989f286050a2980d739073c72996c63ac38a214be84817e51944720f0517d2bf18730e5025dd0a6f49f7fe94f92c405cb1a39903a0da921a684062c9c6d3727c1233ba298817529ea4d618351c1032e3fdd513fe56cc4fd4a9fce5e849aaafa096d4875e9b72946f1e483c72ecea5b9d676300967f8b89eaa378fb38f638dfb2953e7cd83df108a1f1028ce97660dc5aa6a08ce07135606fa761a72c52273dd7d36b9743e5f09b2fea3c8c4326bb58693147153dce00cf3dd6fb9c94f9e0d61e25de2e242ab32f498f11a73fa19c9c6f6043533724714c2df8b78a3d7c0e9f02b1b67ad5328e2ff7f9e72057451b3e57a49bfe3b856e66d00dfd4a3190e6ef87211570190b89f477d70e23fd352dafa1b61eb3a1c1f29fc7beb6133afd57da122de63f8ade0ef57ca744267dca4f9cebe3e5edcfbee470217bf745171865acf32ad97ae319a08d0b253395825593c41f2a15f073a0a254865493adfbd3b9c8203f9308cd0b78ce53bd1122df371e0653cd43560ba5c6f83a7d53ead5750ebf8f8a7c96e900f00a50e9ce10a0b44189de0b0e70341798770dbf59e90b838b011e704facbb3eb8ff6cd4a483b2e57d462c63daf5a097d00512078b0b93e0c5295cc505a3db1ff571ec2cdee8cdb8d7c3a1614c80ce90f255cacd206aa14aa9511b99e5540f7be66e10e0e52d6ad69a7888c5ed29ebfd92a37654ec5886c7988fc750f14ccb679e4cab89e4f9fb8fea229eafbef0512d289948d984e139d553691cd717c16de121ecf43865683a3955bf257a3f693d47d76cd1d27c64e3eb6c4ef73e26baed5dfaf3d9ef86bfdf7151ee412c0cafb14b4ca1df61c0309ac942565cbe5376411638afc816c85ad7929af38bab61dff016235de797302127f60ade1fc7dc937ce9b03541327be7e302b66b7132238037c4930b73914c97d67426bd9b11c638f84b6a371be3d88e061cb56ffff4834d02878d8ca869ba8ccc5d941ddc00eb3990132b3f245a43fef77d3b6391c0c69b2366a9e014642816df06988a58dfde24bebf999446cc5a09e1012703f8bc26c5c545dc55157288127f9113724cf35d310fdc99c28db2e0307e421f01c10f662f1acc36dc23a72579f3db6608477ddde31b055c71295981c383d571c3c95f2b4fe6df2d4ee5abc2a2e548d95770dcf5159ccc77ce65b9f3d3aafe2ac3f3933c623f5bc3cb01d739b74fc660d910579c26bb3a3fc378ee84bd65c779e30c7b72f43734b5006d7e2902572e6cac2072eaecbdff0ca0052bbeadeb7793f5c105b4ac526059d2b13977930049afa9954aac069ad7519e31a627ceed6a3846e8b1023ad89ba0f08bae91d462bfe4d5af92fc51597a55e149b98b99c4eb64e8eb2057f6de560b66bd77441973063dcaed0e57b09b1471fac9e275c9cb218f76966750133c5737a6539fb6668d6c0245734768e1047e44482abaf53bf7fdd83fd627e8fdc8e0e1abc919be7310446b7cc6c6b2414e103e23090190f332ca9f076a94fdab740d5a263f49c4220e2c278d5caeb43bcbcc4d3e2fcad92c7980c1611c5d05e1132e6fed235211799b428ef114e4df08cadea86f54e5d034473ae8ff89cf47ee53e3d4889dfdd0be93b93195bb243ddfd55920aa38d3e7643caced922760dc2733956bde738190a19958c68b34e8bfa2094c5433c138f957045238f0d6a2fa5e51e6783100f1d6c1982fc095043b274451114b680653096866fcb270801071ed677dd83d7979dab390ceca83afc8b4d3e08f8c4d99395f281b2971aefd108e8e742f1fe48b167a4c3df2de2b885d9f485ea68e528a2c2ebc8242db013af7946a68920aedb1e446c2998c1bb440c1607911f41f05060d17b5f14ca7fd3d8c61d6a8f8f05288311870f9ca55f7e749b8bc6b0da2a1f39953a624352f1f4982747a80a72262b0b7dc58bd8cf20e55798e15bdacf0fda0038290bcbb444f017a13fad500bbcb177a5fc310ae42307c67b363f4b055fde21ec15393047cfaf5e67323bf03a70555fb75ccad15045d6e1c7678f3ab64d19866553aa0c31bb91e714afffdcc18550bfbf0491d652b484773c8b59991a9f11f85af3c891113cc10772f5f780711b9e630566097d2a8d3e36bfd2fed741ddd683727c62b23c48c89647406343a613e8711cc5f71cad306f8aa172865c6ce518ab2e568b67638c6dc8a9778e4ff971a011c00907b67188a933748eee4bd7454a63d7d0badfd7406d597b83fd01d5add7d4b278abb2e17950b953cfdea19f2ba35fdfbe3918841eb5f375cf413a2b3f640aa00e013267ba366b16379f8c5f04d1ca5f2d35596ccc8353e7757f59e57ba165e7793d428380a16b4bc620a1324c4cda76e918eafb6adc47a1227714fd69447a741cf80ba91d9a9aa213ef00c42d7d02e27ee4c6f7720bb74fd89a663988724a9e0f17d2fb5309efe7914dea53c6d3bdb3037830664b5178f611c996d1947eff04342f5baa7cef14d5705b899b14a8cce95930d8564d034bf9331c45852905ef9d9c01ef1aff97448067d53886d23768068d1b1aabba9a9f308690fdef7ce4260747d97760b3d0104cee98a2f679e6d0b84668c2ed7999b0525af6bbcfaedce81f10eda788124ce8a6b98ce5c6af416dc7442b42ddd14a59924b12c09fe7ed0b04a39d66fb4c949fe80bb9ba2f53e226e668223ef28b59afb1bcc0b02b2a23163688b60704a0d8995b7884b15a45ec72e1468df7c257697778a645bfb65acf6e517675ce3a79df67d367e3413f0ca2e9b4d6504b0dada5b1d24a2e6136ff28eac87e57b3f7dcc9a4a89ba359761388ba73a9cacc17fb6abb2f94e15997153e79a9e41e5c637e11ccbf256ccee6bfc65b043d74671b49db465711608609f0645029b43a911e3d3ecaa3787dc292aeaf7b4337a833aaace6abf48044a6cde781e66c98637ddf2031d71a8a2fab9d01754f19cfd8fab431cb4316346f09ce84ecec46c1c393502ba0499351224889a6325f5481c329e040a894391a0d22f9bf105e33be60d8733d5bfbdc28a77fb5b8931b51800af0e369054e07764ba32bdf75a22ffe2e93b7abcede2e900897f5759e0af6f1689d47720a441d587a5a6f221a9eeb8cf97f711300bd475747e4eb59baaf1c8a8f09ecf06d552724a21e80930742e7c608c8053408cbf971d67d7608c988180dd7b4807b20a12a17f598d527896023a0fc4e5cc956a67150462395e3efb552c2df09b73fc5b2ff263a5a383b2a3a77fc392d84a5d47d5a362224a376f356df1e7b220329f47ea34deeb74b04e94d7a5b0aa396a49cce3d426a987d91a544f9e4c8c9c920a927f8e420f1400bf08973492b83679346a0b361ce0a1e6751c645779a29d05367a98caf96a7619f95cffb5670de197795390c0e5293f5211726db4ed90c931ddc8c826d1696fc99deaa533b077bb4c389422c9019321d02b02df898b11c1d515c1129255bd846d25dbd1bd498e0af946ab10d9a3e4109a08fd1e316cfc740cb7ca2f85a17e7ccd864bf42a9e18a4681805550e0ded17262c9fdbb09f4fb435ee3ca78ca3201a7992f0010de04ec6559148c29aed94fdeb1aa6aa6b1a8be95b630cf4cb71ffc7e6542312bd89119839697992ad2677956db14ef00c84736cb3a67b6c778a76923dc61cbc526c2730eccce9d1a469764cad3cf5cf74517229ef16fbc632eabf1bdbc1b5f3908312c47daed585d55a317a1166704b6f7a036dd42d99dc223f7d7fa82b77b7a7008b8571f2e1b11fa623956110ad907a39a1b8af02389c950b5107b871783bf3ebca83cc4e4e716a218a39871e8f87a3c25bbad70069f869ba9d7c6f9fef6efbc2c0137bd9aef624b6de57e8931a23edefe8921583893cb0abd37f029feb39043ff4304acb748dbafd9dd905fe3c64f5d9ad4f35bcf97db9c840aa0f804e9ebe9adbc97023d125a71522777359425f1796b5c5e7fad31d494093861f95095f7a03119d1a6638816949bfb5639145ecbbae27e09f0ebcecddcf0e80c6e2dfca519805c7ac3f661289df62d71ed6489d9aceb42ee2f7de8b50fef6c8c5443e30de39363ebe5a7d11ca94241d59d617e120811f86c0d9ddc7e97afdb42db40df00f01534eca1c033d3f4589b5efdd98689f5920bd24b8dc158f0a1bd4e3f5e8524124720c017ce60dc23f922b210dc0168880875c8d5fcdddb47a368af98fb5c3195bf9d4ef420ca015495b84f18c0347e89d60c64af57279f08f2df7504492cf8afad0800c69144a22d9eb2691740da0269409250d13949a5f236c6776efa370146c95f987cadfc37e4dea11d5115fd72acf5bb0df3135637b649a909c4f2bffa9a5a1af0c920aacc12d512d8f1cb33bcc77781d54e596be23e7c68d3caf85708bd4528ff9a564cafacbe734ad66be9069a14c3bb5e8e6f2b5a9f9db690fd7557ee8950abf2bb97978e4fbe2e26cefaa4b6a2392a2cb4f4982c95c0a727ce9d46b311958f03a6b8bee60106b667ba51a74836d06f446887bc8b5d7c77b0b9aebd4c6890d8a0e89817f0657c810d9c45da4b34d6222fd4218f7825a6decd700519a9a45050b63e5a237e6f447f069db253e1cc8cd02881e2edf92c903af6944ab477323d1b82ca7911f13248e08fed40d092cb380824405a95673e1a4980aaf018cf117d5735c85febce95cf385067647326f266dfaf1c3487d1cca59b0c5805b99ebe3d78a8e28591a59bc8223b77318ef9138b73295cfbb5895ad53cd7b55b77ac0a7c2e9c97250bbc0c0cb8b79137b4a3824884cf2221d933a75f6b5fb047c2a446abc5e870e8e08d8216d35ac6eeeec33ae7c04924903ba0c6b1a77ebcb69ad5d073df8da4cb893427fc09bb868a5829212b967ac26485bfce1d64d4645f7b3794b1a455b59125a2a8cf69ec3a934ba89", 0xe0a, 0x2}, {0x0}], 0x180000, &(0x7f0000001740)={[{@fat=@fmask={'fmask', 0x3d, 0xfffffffffffffe00}}, {@nodots}], [{@subj_type={'subj_type', 0x3d, '/dev/nvram\x00'}}, {@obj_role={'obj_role', 0x3d, '/dev/nvram\x00'}}, {@fsname={'fsname', 0x3d, '/dev/nvram\x00'}}, {@uid_gt}, {@fsname={'fsname', 0x3d, '/dev/nvram\x00'}}]}) 01:39:50 executing program 1: openat$null(0xffffffffffffff9c, &(0x7f0000000300), 0x201, 0x0) 01:39:50 executing program 4: pipe2$watch_queue(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}, 0x80) connect$rds(r0, 0x0, 0x0) 01:39:50 executing program 2: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000240)=0x1) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4000000010001fff0000fffe0000000000000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00ed"], 0x40}}, 0x0) 01:39:50 executing program 0: getpid() socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, 0x0, 0x0, 0x2, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4000000010001fff0000ce020000000000000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00edd62ea20a1d331785", @ANYBLOB="f6058f6edd13b339a41741df7cc8ce16a184f1c3ce95557b15a6b9d8ed59050d446d58b1b14a601e31bc1f05ac2d5eab491981e7982e0834ddf3bc6592804936196dbce83b114f9265aa8c87654cf456311e4cba3ee22fd0451b75c902767755ccec2eb4ea77c45e8d4d4e77f867648d98797fdd8711d671c5f22669c60eb10bf9570150a2c247bf1e55cd1fb91e41588a73327e20823f2f15ce2255a75e6d8afb40aa37c5ae7af3fb6c770673242110d1e2c33cfd3264e2a156ae5ee38d5abfb2ad4c2a8a"], 0x40}}, 0x0) 01:39:50 executing program 5: syz_mount_image$msdos(0x0, 0x0, 0x0, 0x1, &(0x7f0000001680)=[{&(0x7f0000000480)='b', 0x1, 0xffff}], 0x0, 0x0) 01:39:50 executing program 1: getsockopt$CAN_RAW_FILTER(0xffffffffffffffff, 0x65, 0x1, 0x0, 0x0) 01:39:50 executing program 5: syz_open_dev$vcsa(&(0x7f0000000100), 0x0, 0x1) 01:39:50 executing program 1: syz_clone(0x40201000, 0x0, 0x0, &(0x7f0000000300), 0x0, 0x0) 01:39:50 executing program 5: r0 = openat$full(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) pipe2$9p(&(0x7f0000000040)={0xffffffffffffffff}, 0x0) dup2(r0, r1) [ 2000.381653][ T8944] syz-executor.4 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 2000.391940][ T8944] CPU: 1 PID: 8944 Comm: syz-executor.4 Not tainted 5.19.0-rc6-syzkaller-00104-g72a8e05d4f66-dirty #0 [ 2000.403046][ T8944] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 2000.413112][ T8944] Call Trace: [ 2000.416481][ T8944] [ 2000.419418][ T8944] dump_stack_lvl+0xd6/0x122 [ 2000.424041][ T8944] dump_stack+0x11/0x12 01:39:50 executing program 5: syz_mount_image$msdos(&(0x7f0000000300), &(0x7f0000000340)='./file0\x00', 0x0, 0x3, &(0x7f0000001680)=[{&(0x7f0000000380)="c5", 0x1}, {&(0x7f0000000440)='3', 0x1}, {&(0x7f0000000480)='b', 0x1, 0xffff}], 0x0, &(0x7f0000001740)={[{@fat=@fmask={'fmask', 0x3d, 0xfffffffffffffe00}}, {@nodots}], [{@subj_type={'subj_type', 0x3d, '/dev/nvram\x00'}}, {@obj_role={'obj_role', 0x3d, '/dev/nvram\x00'}}, {@fsname={'fsname', 0x3d, '/dev/nvram\x00'}}, {@uid_gt}, {@fsname={'fsname', 0x3d, '/dev/nvram\x00'}}]}) [ 2000.428213][ T8944] dump_header+0x98/0x410 [ 2000.432672][ T8944] oom_kill_process+0xfe/0x550 [ 2000.437516][ T8944] out_of_memory+0x620/0x880 [ 2000.442195][ T8944] mem_cgroup_oom+0x475/0x4f0 [ 2000.446908][ T8944] try_charge_memcg+0x746/0x960 [ 2000.451854][ T8944] charge_memcg+0x63/0x2c0 [ 2000.456277][ T8944] __mem_cgroup_charge+0x25/0xa0 [ 2000.461254][ T8944] wp_page_copy+0x20f/0x1460 [ 2000.465880][ T8944] ? shrink_zones+0x525/0x5d0 [ 2000.470570][ T8944] do_wp_page+0x76f/0xe10 [ 2000.474996][ T8944] handle_mm_fault+0x5fb/0xa90 [ 2000.479801][ T8944] do_user_addr_fault+0x4cd/0x940 [ 2000.484840][ T8944] exc_page_fault+0x60/0x160 [ 2000.489503][ T8944] asm_exc_page_fault+0x22/0x30 [ 2000.494354][ T8944] RIP: 0033:0x7fe837f5a340 [ 2000.498877][ T8944] Code: fe ff 49 39 dc 75 eb 48 8b 44 24 18 89 28 48 83 c4 28 5b 5d 41 5c 41 5d 41 5e 41 5f c3 0f 1f 44 00 00 41 89 c5 e9 75 fe ff ff <43> 89 2c 84 e9 a3 fe ff ff 0f 1f 80 00 00 00 00 49 39 d4 74 70 48 [ 2000.518514][ T8944] RSP: 002b:00007ffd964f7790 EFLAGS: 00010246 [ 2000.524569][ T8944] RAX: 00000000096f74ff RBX: 00007fe8380beff8 RCX: 0000001b2de20000 [ 2000.532722][ T8944] RDX: 0000000000000000 RSI: 0000001b2de20018 RDI: 0000000008a47bdd [ 2000.540826][ T8944] RBP: 00000000096f74ff R08: 00000000000014ff R09: 00000000096f7503 [ 2000.548827][ T8944] R10: 00007ffd964f7960 R11: 0000000000000246 R12: 00007fe8380b3000 [ 2000.556792][ T8944] R13: 0000000000000001 R14: 000000000000000f R15: ffffffff8124ebed [ 2000.564773][ T8944] ? make_kuid+0x9d/0x2e0 [ 2000.569139][ T8944] [ 2000.572332][ T8944] memory: usage 307196kB, limit 307200kB, failcnt 59575 [ 2000.579360][ T8944] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2000.586257][ T8944] Memory cgroup stats for /syz4: [ 2001.924322][ T8944] anon 122880 [ 2001.924322][ T8944] file 126976 [ 2001.924322][ T8944] kernel 314314752 [ 2001.924322][ T8944] kernel_stack 32768 [ 2001.924322][ T8944] pagetables 69632 [ 2001.924322][ T8944] percpu 11039616 [ 2001.924322][ T8944] sock 0 [ 2001.924322][ T8944] vmalloc 0 [ 2001.924322][ T8944] shmem 126976 [ 2001.924322][ T8944] file_mapped 126976 [ 2001.924322][ T8944] file_dirty 0 [ 2001.924322][ T8944] file_writeback 0 [ 2001.924322][ T8944] swapcached 0 [ 2001.924322][ T8944] inactive_anon 192512 [ 2001.924322][ T8944] active_anon 57344 [ 2001.924322][ T8944] inactive_file 0 [ 2001.924322][ T8944] active_file 0 [ 2001.924322][ T8944] unevictable 0 [ 2001.924322][ T8944] slab_reclaimable 15840 [ 2001.924322][ T8944] slab_unreclaimable 303122520 [ 2001.924322][ T8944] slab 303138360 [ 2001.924322][ T8944] workingset_refault_anon 0 [ 2001.924322][ T8944] workingset_refault_file 15 [ 2001.924322][ T8944] workingset_activate_anon 0 [ 2001.924322][ T8944] workingset_activate_file 0 [ 2002.021548][ T8944] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=8944,uid=0 [ 2002.036828][ T8944] Memory cgroup out of memory: Killed process 8944 (syz-executor.4) total-vm:46312kB, anon-rss:388kB, file-rss:8192kB, shmem-rss:0kB, UID:0 pgtables:72kB oom_score_adj:1000 01:39:52 executing program 3: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000240)=0x1) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4000000010001fff000000000000000500000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00ed"], 0x40}}, 0x0) 01:39:52 executing program 5: openat$cgroup_netprio_ifpriomap(0xffffffffffffffff, &(0x7f0000000100), 0x2, 0x0) 01:39:52 executing program 4: syz_clone(0x44800200, 0x0, 0x0, 0x0, 0x0, 0x0) syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 01:39:52 executing program 1: r0 = socket$rds(0x15, 0x5, 0x0) setsockopt$RDS_RECVERR(r0, 0x114, 0x5, &(0x7f00000003c0), 0x4) 01:39:52 executing program 2: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000240)=0x1) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4000000010001ffffffffffe0000000000000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00ed"], 0x40}}, 0x0) 01:39:52 executing program 0: getpid() socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, 0x0, 0x0, 0x2, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4000000010001fff0000da020000000000000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00edd62ea20a1d331785", @ANYBLOB="f6058f6edd13b339a41741df7cc8ce16a184f1c3ce95557b15a6b9d8ed59050d446d58b1b14a601e31bc1f05ac2d5eab491981e7982e0834ddf3bc6592804936196dbce83b114f9265aa8c87654cf456311e4cba3ee22fd0451b75c902767755ccec2eb4ea77c45e8d4d4e77f867648d98797fdd8711d671c5f22669c60eb10bf9570150a2c247bf1e55cd1fb91e41588a73327e20823f2f15ce2255a75e6d8afb40aa37c5ae7af3fb6c770673242110d1e2c33cfd3264e2a156ae5ee38d5abfb2ad4c2a8a"], 0x40}}, 0x0) 01:39:52 executing program 5: r0 = syz_open_dev$usbmon(&(0x7f0000000400), 0x0, 0x0) read$usbmon(r0, 0x0, 0x36) 01:39:52 executing program 1: openat$nvram(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) 01:39:52 executing program 1: openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000480), 0x2, 0x0) 01:39:52 executing program 1: r0 = socket$igmp(0x2, 0x3, 0x2) setsockopt$MRT_ADD_MFC(r0, 0x0, 0xcc, &(0x7f0000000000)={@broadcast, @local, 0x0, "9499915f2c78b4e0177119013202c572080ca6e7cede0eb288cb59da9b180aa7"}, 0x3c) [ 2002.226253][ T8969] syz-executor.4 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=0, oom_score_adj=1000 [ 2002.238487][ T8969] CPU: 0 PID: 8969 Comm: syz-executor.4 Not tainted 5.19.0-rc6-syzkaller-00104-g72a8e05d4f66-dirty #0 [ 2002.249546][ T8969] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 2002.259629][ T8969] Call Trace: [ 2002.262919][ T8969] [ 2002.265864][ T8969] dump_stack_lvl+0xd6/0x122 [ 2002.270555][ T8969] dump_stack+0x11/0x12 [ 2002.274729][ T8969] dump_header+0x98/0x410 [ 2002.279098][ T8969] oom_kill_process+0xfe/0x550 [ 2002.283933][ T8969] out_of_memory+0x620/0x880 [ 2002.288533][ T8969] mem_cgroup_oom+0x475/0x4f0 [ 2002.293288][ T8969] try_charge_memcg+0x746/0x960 [ 2002.298142][ T8969] ? sysvec_apic_timer_interrupt+0x4a/0xb0 [ 2002.304025][ T8969] __memcg_kmem_charge_page+0x2e4/0x480 [ 2002.309681][ T8969] __alloc_pages+0x1c1/0x340 [ 2002.314282][ T8969] alloc_pages+0x34d/0x450 [ 2002.318710][ T8969] __get_free_pages+0x8/0x30 [ 2002.323350][ T8969] pgd_alloc+0x1d/0x120 [ 2002.327526][ T8969] mm_init+0x2b9/0x450 [ 2002.331601][ T8969] dup_mm+0x68/0x210 [ 2002.335645][ T8969] copy_mm+0xce/0x140 [ 2002.339622][ T8969] copy_process+0xd9b/0x20b0 [ 2002.344238][ T8969] kernel_clone+0x163/0x5c0 [ 2002.348799][ T8969] __x64_sys_clone+0xc3/0xf0 [ 2002.353407][ T8969] do_syscall_64+0x2b/0x70 [ 2002.357819][ T8969] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 2002.363741][ T8969] RIP: 0033:0x7fe837fac109 [ 2002.368194][ T8969] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 2002.387799][ T8969] RSP: 002b:00007fe837722118 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 2002.396211][ T8969] RAX: ffffffffffffffda RBX: 00007fe8380bef60 RCX: 00007fe837fac109 [ 2002.404540][ T8969] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000044800200 [ 2002.412658][ T8969] RBP: 00007fe83800605d R08: 0000000000000000 R09: 0000000000000000 [ 2002.420674][ T8969] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 2002.428631][ T8969] R13: 00007ffd964f77ff R14: 00007fe837722300 R15: 0000000000022000 [ 2002.436593][ T8969] [ 2002.439666][ T8969] memory: usage 307200kB, limit 307200kB, failcnt 59650 [ 2002.446640][ T8969] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2002.453526][ T8969] Memory cgroup stats for /syz4: [ 2002.459295][ T8969] anon 102400 [ 2002.459295][ T8969] file 126976 [ 2002.459295][ T8969] kernel 314343424 [ 2002.459295][ T8969] kernel_stack 49152 [ 2002.459295][ T8969] pagetables 69632 [ 2002.459295][ T8969] percpu 11039616 [ 2002.459295][ T8969] sock 0 [ 2002.459295][ T8969] vmalloc 0 [ 2002.459295][ T8969] shmem 126976 [ 2002.459295][ T8969] file_mapped 126976 [ 2002.459295][ T8969] file_dirty 0 [ 2002.459295][ T8969] file_writeback 0 [ 2002.459295][ T8969] swapcached 0 [ 2002.459295][ T8969] inactive_anon 172032 [ 2002.459295][ T8969] active_anon 57344 [ 2002.459295][ T8969] inactive_file 0 [ 2002.459295][ T8969] active_file 0 [ 2002.459295][ T8969] unevictable 0 [ 2002.459295][ T8969] slab_reclaimable 15840 [ 2002.459295][ T8969] slab_unreclaimable 303134776 [ 2002.459295][ T8969] slab 303150616 [ 2002.459295][ T8969] workingset_refault_anon 0 [ 2002.459295][ T8969] workingset_refault_file 15 [ 2002.459295][ T8969] workingset_activate_anon 0 [ 2002.459295][ T8969] workingset_activate_file 0 [ 2002.556159][ T8969] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=8967,uid=0 01:39:52 executing program 1: r0 = socket$igmp(0x2, 0x3, 0x2) r1 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) dup2(r0, r1) [ 2002.571412][ T8969] Memory cgroup out of memory: Killed process 8967 (syz-executor.4) total-vm:46444kB, anon-rss:388kB, file-rss:8192kB, shmem-rss:0kB, UID:0 pgtables:72kB oom_score_adj:1000 01:39:53 executing program 4: syz_mount_image$msdos(&(0x7f0000000300), &(0x7f0000000340)='./file0\x00', 0x0, 0x3, &(0x7f0000001680)=[{&(0x7f0000000380), 0x0, 0x4}, {&(0x7f0000000440)='3', 0x1}, {&(0x7f0000000480)="6218", 0x2, 0xffff}], 0x180000, &(0x7f0000001740)={[{@fat=@fmask={'fmask', 0x3d, 0xfffffffffffffe00}}, {@nodots}], [{@subj_type={'subj_type', 0x3d, '/dev/nvram\x00'}}, {@fsname={'fsname', 0x3d, '/dev/nvram\x00'}}, {@uid_gt}, {@fsname={'fsname', 0x3d, '/dev/nvram\x00'}}]}) [ 2002.719745][ T8993] syz-executor.4 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 2002.730429][ T8993] CPU: 1 PID: 8993 Comm: syz-executor.4 Not tainted 5.19.0-rc6-syzkaller-00104-g72a8e05d4f66-dirty #0 [ 2002.741392][ T8993] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 2002.751436][ T8993] Call Trace: [ 2002.754788][ T8993] [ 2002.757722][ T8993] dump_stack_lvl+0xd6/0x122 [ 2002.762385][ T8993] dump_stack+0x11/0x12 [ 2002.766558][ T8993] dump_header+0x98/0x410 [ 2002.770905][ T8993] oom_kill_process+0xfe/0x550 [ 2002.775665][ T8993] out_of_memory+0x620/0x880 [ 2002.780409][ T8993] mem_cgroup_oom+0x475/0x4f0 [ 2002.785162][ T8993] try_charge_memcg+0x746/0x960 [ 2002.790041][ T8993] __memcg_kmem_charge_page+0x2e4/0x480 [ 2002.795616][ T8993] alloc_thread_stack_node+0x292/0x360 [ 2002.801063][ T8993] dup_task_struct+0x96/0x2a0 [ 2002.805773][ T8993] copy_process+0x3cb/0x20b0 [ 2002.810407][ T8993] kernel_clone+0x163/0x5c0 [ 2002.814899][ T8993] __x64_sys_clone+0xc3/0xf0 [ 2002.819525][ T8993] do_syscall_64+0x2b/0x70 [ 2002.823935][ T8993] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 2002.829844][ T8993] RIP: 0033:0x7fe837fad531 [ 2002.834256][ T8993] Code: 48 85 ff 74 3d 48 85 f6 74 38 48 83 ee 10 48 89 4e 08 48 89 3e 48 89 d7 4c 89 c2 4d 89 c8 4c 8b 54 24 08 b8 38 00 00 00 0f 05 <48> 85 c0 7c 13 74 01 c3 31 ed 58 5f ff d0 48 89 c7 b8 3c 00 00 00 [ 2002.853947][ T8993] RSP: 002b:00007ffd964f7748 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 2002.862419][ T8993] RAX: ffffffffffffffda RBX: 00007fe837722700 RCX: 00007fe837fad531 [ 2002.870392][ T8993] RDX: 00007fe8377229d0 RSI: 00007fe8377222f0 RDI: 00000000003d0f00 [ 2002.878378][ T8993] RBP: 00007ffd964f7990 R08: 00007fe837722700 R09: 00007fe837722700 [ 2002.886341][ T8993] R10: 00007fe8377229d0 R11: 0000000000000206 R12: 00007ffd964f77fe [ 2002.896354][ T8993] R13: 00007ffd964f77ff R14: 00007fe837722300 R15: 0000000000022000 [ 2002.904351][ T8993] [ 2002.907406][ T8993] memory: usage 307200kB, limit 307200kB, failcnt 59709 [ 2002.914413][ T8993] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2002.921333][ T8993] Memory cgroup stats for /syz4: [ 2002.924973][ T8993] anon 98304 [ 2002.924973][ T8993] file 126976 [ 2002.924973][ T8993] kernel 314347520 [ 2002.924973][ T8993] kernel_stack 16384 [ 2002.924973][ T8993] pagetables 73728 [ 2002.924973][ T8993] percpu 11039616 [ 2002.924973][ T8993] sock 0 [ 2002.924973][ T8993] vmalloc 0 [ 2002.924973][ T8993] shmem 126976 [ 2002.924973][ T8993] file_mapped 126976 [ 2002.924973][ T8993] file_dirty 0 [ 2002.924973][ T8993] file_writeback 0 [ 2002.924973][ T8993] swapcached 0 [ 2002.924973][ T8993] inactive_anon 126976 [ 2002.924973][ T8993] active_anon 57344 [ 2002.924973][ T8993] inactive_file 0 [ 2002.924973][ T8993] active_file 0 [ 2002.924973][ T8993] unevictable 0 [ 2002.924973][ T8993] slab_reclaimable 33320 [ 2002.924973][ T8993] slab_unreclaimable 303139800 [ 2002.924973][ T8993] slab 303173120 [ 2002.924973][ T8993] workingset_refault_anon 0 [ 2002.924973][ T8993] workingset_refault_file 15 [ 2002.924973][ T8993] workingset_activate_anon 0 [ 2002.924973][ T8993] workingset_activate_file 0 [ 2003.020859][ T8993] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=8993,uid=0 [ 2003.036176][ T8993] Memory cgroup out of memory: Killed process 8993 (syz-executor.4) total-vm:46312kB, anon-rss:388kB, file-rss:8192kB, shmem-rss:0kB, UID:0 pgtables:76kB oom_score_adj:1000 01:39:53 executing program 3: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000240)=0x1) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4000000010001fff000000000000000600000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00ed"], 0x40}}, 0x0) 01:39:53 executing program 1: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_UNLABEL_C_STATICREMOVE(r0, &(0x7f00000000c0)={&(0x7f0000000000), 0xc, &(0x7f0000000080)={0x0}}, 0x0) 01:39:53 executing program 5: getresuid(&(0x7f0000000180), &(0x7f00000001c0), 0x0) 01:39:53 executing program 4: syz_mount_image$msdos(&(0x7f0000000300), &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001740)) 01:39:53 executing program 0: getpid() socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, 0x0, 0x0, 0x2, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4000000010001fff0000f2020000000000000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00edd62ea20a1d331785", @ANYBLOB="f6058f6edd13b339a41741df7cc8ce16a184f1c3ce95557b15a6b9d8ed59050d446d58b1b14a601e31bc1f05ac2d5eab491981e7982e0834ddf3bc6592804936196dbce83b114f9265aa8c87654cf456311e4cba3ee22fd0451b75c902767755ccec2eb4ea77c45e8d4d4e77f867648d98797fdd8711d671c5f22669c60eb10bf9570150a2c247bf1e55cd1fb91e41588a73327e20823f2f15ce2255a75e6d8afb40aa37c5ae7af3fb6c770673242110d1e2c33cfd3264e2a156ae5ee38d5abfb2ad4c2a8a"], 0x40}}, 0x0) 01:39:53 executing program 2: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000240)=0x1) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4000000010001fff00000fff0000000000000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00ed"], 0x40}}, 0x0) 01:39:53 executing program 1: syz_mount_image$msdos(0x0, &(0x7f0000000340)='./file0\x00', 0x0, 0x2, &(0x7f0000001680)=[{0x0}, {0x0, 0x0, 0xffff}], 0x0, &(0x7f0000001740)={[{@nodots}], [{@fsname={'fsname', 0x3d, '/dev/nvram\x00'}}]}) 01:39:53 executing program 5: clock_gettime(0x0, &(0x7f00000031c0)={0x0, 0x0}) recvmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000003200)={0x0, r0+60000000}) 01:39:53 executing program 1: syz_mount_image$msdos(&(0x7f0000000300), &(0x7f0000000340)='./file0\x00', 0x0, 0x3, &(0x7f0000001680)=[{&(0x7f0000000380)="c5", 0x1}, {&(0x7f0000000440)='3', 0x1}, {&(0x7f0000000480)="6218", 0x2, 0xffff}], 0x180000, &(0x7f0000001740)={[], [{@subj_type={'subj_type', 0x3d, '/dev/nvram\x00'}}]}) 01:39:53 executing program 5: r0 = openat$null(0xffffffffffffff9c, &(0x7f00000000c0), 0x100001, 0x0) write$P9_RFSYNC(r0, &(0x7f0000000240)={0x7}, 0x7) [ 2003.251785][ T8999] syz-executor.4 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=0, oom_score_adj=1000 [ 2003.264758][ T8999] CPU: 0 PID: 8999 Comm: syz-executor.4 Not tainted 5.19.0-rc6-syzkaller-00104-g72a8e05d4f66-dirty #0 [ 2003.275705][ T8999] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 2003.287104][ T8999] Call Trace: [ 2003.290456][ T8999] [ 2003.293394][ T8999] dump_stack_lvl+0xd6/0x122 [ 2003.297999][ T8999] dump_stack+0x11/0x12 [ 2003.302240][ T8999] dump_header+0x98/0x410 [ 2003.306589][ T8999] oom_kill_process+0xfe/0x550 [ 2003.311438][ T8999] out_of_memory+0x620/0x880 [ 2003.316092][ T8999] mem_cgroup_oom+0x475/0x4f0 [ 2003.320779][ T8999] try_charge_memcg+0x746/0x960 [ 2003.325634][ T8999] ? shrink_node+0x1075/0x10f0 [ 2003.330410][ T8999] __memcg_kmem_charge_page+0x2e4/0x480 [ 2003.335963][ T8999] __alloc_pages+0x1c1/0x340 [ 2003.340577][ T8999] alloc_pages+0x34d/0x450 [ 2003.345105][ T8999] pte_alloc_one+0x29/0xb0 [ 2003.349536][ T8999] ? shrink_zones+0x525/0x5d0 [ 2003.354223][ T8999] __pte_alloc+0x2f/0x1f0 [ 2003.358631][ T8999] do_anonymous_page+0x799/0xa20 [ 2003.363685][ T8999] handle_mm_fault+0x8a0/0xa90 [ 2003.368462][ T8999] do_user_addr_fault+0x4cd/0x940 [ 2003.373495][ T8999] exc_page_fault+0x60/0x160 [ 2003.378142][ T8999] asm_exc_page_fault+0x22/0x30 [ 2003.383003][ T8999] RIP: 0033:0x7fe837f57d0d [ 2003.387423][ T8999] Code: e0 04 8b 44 02 08 85 c0 0f 85 d0 0a 00 00 31 c0 b9 40 42 0f 00 ba 81 00 00 00 c7 06 01 00 00 00 bf ca 00 00 00 e8 e3 43 05 00 <83> 05 ec b2 56 00 01 80 bc 24 d8 00 00 00 00 0f b6 05 6f 06 0a 01 [ 2003.407039][ T8999] RSP: 002b:00007ffd964f7880 EFLAGS: 00010217 [ 2003.413108][ T8999] RAX: 0000000000000000 RBX: 00007fe8380bef6c RCX: 00007fe837fac109 [ 2003.421086][ T8999] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007fe8380bef68 [ 2003.429059][ T8999] RBP: 00007fe8380bef60 R08: 00007fe837722700 R09: 0000000000000000 [ 2003.437033][ T8999] R10: 00007fe837722700 R11: 0000000000000246 R12: 00007fe8380bef6c [ 2003.445002][ T8999] R13: 00007fe8380c3138 R14: 00007fe8380bef60 R15: 0000000000000000 [ 2003.453012][ T8999] [ 2003.456344][ T8999] memory: usage 307200kB, limit 307200kB, failcnt 59777 [ 2003.463455][ T8999] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2003.470332][ T8999] Memory cgroup stats for /syz4: [ 2003.673222][ T8999] anon 98304 [ 2003.673222][ T8999] file 126976 [ 2003.673222][ T8999] kernel 314347520 [ 2003.673222][ T8999] kernel_stack 32768 [ 2003.673222][ T8999] pagetables 73728 [ 2003.673222][ T8999] percpu 11039616 [ 2003.673222][ T8999] sock 0 [ 2003.673222][ T8999] vmalloc 0 [ 2003.673222][ T8999] shmem 126976 [ 2003.673222][ T8999] file_mapped 126976 [ 2003.673222][ T8999] file_dirty 0 [ 2003.673222][ T8999] file_writeback 0 [ 2003.673222][ T8999] swapcached 0 [ 2003.673222][ T8999] inactive_anon 167936 [ 2003.673222][ T8999] active_anon 57344 [ 2003.673222][ T8999] inactive_file 0 [ 2003.673222][ T8999] active_file 0 [ 2003.673222][ T8999] unevictable 0 [ 2003.673222][ T8999] slab_reclaimable 21344 [ 2003.673222][ T8999] slab_unreclaimable 303136144 [ 2003.673222][ T8999] slab 303157488 [ 2003.673222][ T8999] workingset_refault_anon 0 [ 2003.673222][ T8999] workingset_refault_file 15 [ 2003.673222][ T8999] workingset_activate_anon 0 [ 2003.673222][ T8999] workingset_activate_file 0 01:39:54 executing program 5: socketpair(0x1e, 0x0, 0x0, &(0x7f0000000300)) [ 2003.769035][ T8999] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=8999,uid=0 [ 2003.784263][ T8999] Memory cgroup out of memory: Killed process 8999 (syz-executor.4) total-vm:46312kB, anon-rss:388kB, file-rss:8192kB, shmem-rss:0kB, UID:0 pgtables:76kB oom_score_adj:1000 01:39:54 executing program 4: r0 = openat$null(0xffffffffffffff9c, &(0x7f0000000000), 0x280841, 0x0) sendmsg$RDMA_NLDEV_CMD_RES_GET(r0, 0x0, 0x0) [ 2003.884186][ T9025] syz-executor.4 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 2003.894415][ T9025] CPU: 0 PID: 9025 Comm: syz-executor.4 Not tainted 5.19.0-rc6-syzkaller-00104-g72a8e05d4f66-dirty #0 [ 2003.905356][ T9025] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 2003.915489][ T9025] Call Trace: [ 2003.918758][ T9025] [ 2003.921743][ T9025] dump_stack_lvl+0xd6/0x122 [ 2003.926335][ T9025] dump_stack+0x11/0x12 [ 2003.930563][ T9025] dump_header+0x98/0x410 [ 2003.934894][ T9025] oom_kill_process+0xfe/0x550 [ 2003.939711][ T9025] out_of_memory+0x620/0x880 [ 2003.944304][ T9025] mem_cgroup_oom+0x475/0x4f0 [ 2003.948984][ T9025] try_charge_memcg+0x746/0x960 [ 2003.953835][ T9025] charge_memcg+0x63/0x2c0 [ 2003.958304][ T9025] __mem_cgroup_charge+0x25/0xa0 [ 2003.963234][ T9025] wp_page_copy+0x20f/0x1460 [ 2003.967818][ T9025] ? shrink_zones+0x525/0x5d0 [ 2003.972504][ T9025] do_wp_page+0x76f/0xe10 [ 2003.976863][ T9025] handle_mm_fault+0x5fb/0xa90 [ 2003.981661][ T9025] do_user_addr_fault+0x4cd/0x940 [ 2003.986686][ T9025] exc_page_fault+0x60/0x160 [ 2003.991274][ T9025] asm_exc_page_fault+0x22/0x30 [ 2003.996133][ T9025] RIP: 0033:0x7fe837f5c6e2 [ 2004.000592][ T9025] Code: 49 89 85 98 06 00 00 48 8b 85 70 ff ff ff 49 89 85 a0 06 00 00 49 8d 85 10 03 00 00 49 89 85 10 05 00 00 48 8b 05 46 bd 09 01 00 01 00 00 00 41 c7 85 1c 06 00 00 ff ff ff ff c7 05 43 fd 09 [ 2004.020229][ T9025] RSP: 002b:00007ffd964f77a0 EFLAGS: 00010246 [ 2004.026412][ T9025] RAX: 00007fe838ffd358 RBX: 0000000000021000 RCX: 00007fe837fac217 [ 2004.034379][ T9025] RDX: 0000000000000003 RSI: 0000000000020000 RDI: 00007fe837722700 [ 2004.042361][ T9025] RBP: 00007ffd964f7870 R08: 00000000ffffffff R09: 00007fe837722700 [ 2004.050328][ T9025] R10: 0000000000020022 R11: 0000000000000206 R12: 00007ffd964f7990 [ 2004.058341][ T9025] R13: 00007fe837722700 R14: 0000000000000000 R15: 0000000000022000 [ 2004.066345][ T9025] [ 2004.069449][ T9025] memory: usage 307200kB, limit 307200kB, failcnt 59837 [ 2004.076418][ T9025] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2004.083257][ T9025] Memory cgroup stats for /syz4: [ 2004.087919][ T9025] anon 86016 [ 2004.087919][ T9025] file 126976 [ 2004.087919][ T9025] kernel 314339328 [ 2004.087919][ T9025] kernel_stack 16384 [ 2004.087919][ T9025] pagetables 73728 [ 2004.087919][ T9025] percpu 11039616 [ 2004.087919][ T9025] sock 0 [ 2004.087919][ T9025] vmalloc 0 [ 2004.087919][ T9025] shmem 126976 [ 2004.087919][ T9025] file_mapped 126976 [ 2004.087919][ T9025] file_dirty 0 [ 2004.087919][ T9025] file_writeback 0 [ 2004.087919][ T9025] swapcached 0 [ 2004.087919][ T9025] inactive_anon 122880 [ 2004.087919][ T9025] active_anon 57344 [ 2004.087919][ T9025] inactive_file 0 [ 2004.087919][ T9025] active_file 0 [ 2004.087919][ T9025] unevictable 0 [ 2004.087919][ T9025] slab_reclaimable 22120 [ 2004.087919][ T9025] slab_unreclaimable 303140120 [ 2004.087919][ T9025] slab 303162240 [ 2004.087919][ T9025] workingset_refault_anon 0 [ 2004.087919][ T9025] workingset_refault_file 15 [ 2004.087919][ T9025] workingset_activate_anon 0 [ 2004.087919][ T9025] workingset_activate_file 0 [ 2004.184904][ T9025] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=9025,uid=0 [ 2004.200171][ T9025] Memory cgroup out of memory: Killed process 9025 (syz-executor.4) total-vm:46312kB, anon-rss:388kB, file-rss:8192kB, shmem-rss:0kB, UID:0 pgtables:76kB oom_score_adj:1000 01:39:54 executing program 3: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000240)=0x1) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4000000010001fff000000000000000700000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00ed"], 0x40}}, 0x0) 01:39:54 executing program 5: io_setup(0x8, &(0x7f0000000000)=0x0) io_destroy(r0) io_setup(0x6e5, &(0x7f00000000c0)=0x0) io_destroy(r1) 01:39:54 executing program 1: syz_mount_image$msdos(0x0, 0x0, 0x0, 0x4, &(0x7f0000001680)=[{&(0x7f0000000380)="c5", 0x1, 0x4}, {&(0x7f0000000480)='b', 0x1, 0xffff}, {&(0x7f0000000580)=')', 0x1}, {0x0}], 0x0, 0x0) 01:39:54 executing program 4: syz_mount_image$msdos(0x0, 0x0, 0x0, 0x2, &(0x7f0000001680)=[{&(0x7f0000000380)="c5", 0x1, 0x4}, {0x0}], 0x0, 0x0) 01:39:54 executing program 0: getpid() socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, 0x0, 0x0, 0x2, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4000000010001fff0000f6020000000000000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00edd62ea20a1d331785", @ANYBLOB="f6058f6edd13b339a41741df7cc8ce16a184f1c3ce95557b15a6b9d8ed59050d446d58b1b14a601e31bc1f05ac2d5eab491981e7982e0834ddf3bc6592804936196dbce83b114f9265aa8c87654cf456311e4cba3ee22fd0451b75c902767755ccec2eb4ea77c45e8d4d4e77f867648d98797fdd8711d671c5f22669c60eb10bf9570150a2c247bf1e55cd1fb91e41588a73327e20823f2f15ce2255a75e6d8afb40aa37c5ae7af3fb6c770673242110d1e2c33cfd3264e2a156ae5ee38d5abfb2ad4c2a8a"], 0x40}}, 0x0) 01:39:54 executing program 2: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000240)=0x1) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4000000010001fff00007fff0000000000000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00ed"], 0x40}}, 0x0) 01:39:54 executing program 1: r0 = socket$rds(0x15, 0x5, 0x0) setsockopt$RDS_FREE_MR(r0, 0x114, 0x3, &(0x7f0000000380)={{0x0, 0x8001}}, 0x10) 01:39:54 executing program 1: pipe2$watch_queue(&(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x80) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000300)='/dev/ubi_ctrl\x00', &(0x7f0000000340)='/dev/ubi_ctrl\x00', 0x0) 01:39:54 executing program 1: r0 = openat$full(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) r1 = socket$isdn_base(0x22, 0x3, 0x0) dup2(r0, r1) 01:39:54 executing program 1: r0 = socket$inet_sctp(0x2, 0x1, 0x84) sendmsg$inet_sctp(r0, &(0x7f0000000240)={&(0x7f00000002c0)=@in6={0x1c, 0x1c, 0x2}, 0x1c, 0x0}, 0x0) setsockopt$inet_sctp_SCTP_AUTH_ACTIVE_KEY(r0, 0x84, 0x15, &(0x7f0000000180)={0x0, 0x40}, 0x8) [ 2004.329785][ T9031] syz-executor.4 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 2004.340091][ T9031] CPU: 0 PID: 9031 Comm: syz-executor.4 Not tainted 5.19.0-rc6-syzkaller-00104-g72a8e05d4f66-dirty #0 [ 2004.351037][ T9031] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 2004.361085][ T9031] Call Trace: [ 2004.361093][ T9031] [ 2004.367336][ T9031] dump_stack_lvl+0xd6/0x122 [ 2004.371988][ T9031] dump_stack+0x11/0x12 01:39:54 executing program 1: syz_mount_image$msdos(&(0x7f0000000300), &(0x7f0000000340)='./file0\x00', 0x0, 0x1, &(0x7f0000001680)=[{0x0, 0x0, 0xffff}], 0x0, &(0x7f0000001740)={[{@fat=@fmask}], [{@fsname={'fsname', 0x3d, '/dev/nvram\x00'}}, {@uid_gt}]}) 01:39:54 executing program 1: syz_mount_image$msdos(0x0, 0x0, 0x0, 0x3, &(0x7f0000001680)=[{&(0x7f0000000380)="c5", 0x1, 0x4}, {&(0x7f0000000580)="298511bc43c1fcc4b3ec76df991e6ae8c23c7371276014465df270656f527489f94cb0cd2b19de45b8d6fbb05e5a3baf289ddbe1131c105462add315d71d3b6c3661a2b9405ffa5471a7b227ff57674b671282fdbcf95ddb55d420bd6ea1fe5a5243d4ff8d3c0f69cd0bc79a5939899438e2d63767320152569afc0447ecc3989f286050a2980d739073c72996c63ac38a214be84817e51944720f0517d2bf18730e5025dd0a6f49f7fe94f92c405cb1a39903a0da921a684062c9c6d3727c1233ba298817529ea4d618351c1032e3fdd513fe56cc4fd4a9fce5e849aaafa096d4875e9b72946f1e483c72ecea5b9d676300967f8b89eaa378fb38f638dfb2953e7cd83df108a1f1028ce97660dc5aa6a08ce07135606fa761a72c52273dd7d36b9743e5f09b2fea3c8c4326bb58693147153dce00cf3dd6fb9c94f9e0d61e25de2e242ab32f498f11a73fa19c9c6f6043533724714c2df8b78a3d7c0e9f02b1b67ad5328e2ff7f9e72057451b3e57a49bfe3b856e66d00dfd4a3190e6ef87211570190b89f477d70e23fd352dafa1b61eb3a1c1f29fc7beb6133afd57da122de63f8ade0ef57ca744267dca4f9cebe3e5edcfbee470217bf745171865acf32ad97ae319a08d0b253395825593c41f2a15f073a0a254865493adfbd3b9c8203f9308cd0b78ce53bd1122df371e0653cd43560ba5c6f83a7d53ead5750ebf8f8a7c96e900f00a50e9ce10a0b44189de0b0e70341798770dbf59e90b838b011e704facbb3eb8ff6cd4a483b2e57d462c63daf5a097d00512078b0b93e0c5295cc505a3db1ff571ec2cdee8cdb8d7c3a1614c80ce90f255cacd206aa14aa9511b99e5540f7be66e10e0e52d6ad69a7888c5ed29ebfd92a37654ec5886c7988fc750f14ccb679e4cab89e4f9fb8fea229eafbef0512d289948d984e139d553691cd717c16de121ecf43865683a3955bf257a3f693d47d76cd1d27c64e3eb6c4ef73e26baed5dfaf3d9ef86bfdf7151ee412c0cafb14b4ca1df61c0309ac942565cbe5376411638afc816c85ad7929af38bab61dff016235de797302127f60ade1fc7dc937ce9b03541327be7e302b66b7132238037c4930b73914c97d67426bd9b11c638f84b6a371be3d88e061cb56ffff4834d02878d8ca869ba8ccc5d941ddc00eb3990132b3f245a43fef77d3b6391c0c69b2366a9e014642816df06988a58dfde24bebf999446cc5a09e1012703f8bc26c5c545dc55157288127f9113724cf35d310fdc99c28db2e0307e421f01c10f662f1acc36dc23a72579f3db6608477ddde31b055c71295981c383d571c3c95f2b4fe6df2d4ee5abc2a2e548d95770dcf5159ccc77ce65b9f3d3aafe2ac3f3933c623f5bc3cb01d739b74fc660d910579c26bb3a3fc378ee84bd65c779e30c7b72f43734b5006d7e2902572e6cac2072eaecbdff0ca0052bbeadeb7793f5c105b4ac526059d2b13977930049afa9954aac069ad7519e31a627ceed6a3846e8b1023ad89ba0f08bae91d462bfe4d5af92fc51597a55e149b98b99c4eb64e8eb2057f6de560b66bd77441973063dcaed0e57b09b1471fac9e275c9cb218f76966750133c5737a6539fb6668d6c0245734768e1047e44482abaf53bf7fdd83fd627e8fdc8e0e1abc919be7310446b7cc6c6b2414e103e23090190f332ca9f076a94fdab740d5a263f49c4220e2c278d5caeb43bcbcc4d3e2fcad92c7980c1611c5d05e1132e6fed235211799b428ef114e4df08cadea86f54e5d034473ae8ff89cf47ee53e3d4889dfdd0be93b93195bb243ddfd55920aa38d3e7643caced922760dc2733956bde738190a19958c68b34e8bfa2094c5433c138f957045238f0d6a2fa5e51e6783100f1d6c1982fc095043b274451114b680653096866fcb270801071ed677dd83d7979dab390ceca83afc8b4d3e08f8c4d99395f281b2971aefd108e8e742f1fe48b167a4c3df2de2b885d9f485ea68e528a2c2ebc8242db013af7946a68920aedb1e446c2998c1bb440c1607911f41f05060d17b5f14ca7fd3d8c61d6a8f8f05288311870f9ca55f7e749b8bc6b0da2a1f39953a624352f1f4982747a80a72262b0b7dc58bd8cf20e55798e15bdacf0fda0038290bcbb444f017a13fad500bbcb177a5fc310ae42307c67b363f4b055fde21ec15393047cfaf5e67323bf03a70555fb75ccad15045d6e1c7678f3ab64d19866553aa0c31bb91e714afffdcc18550bfbf0491d652b484773c8b59991a9f11f85af3c891113cc10772f5f780711b9e630566097d2a8d3e36bfd2fed741ddd683727c62b23c48c89647406343a613e8711cc5f71cad306f8aa172865c6ce518ab2e568b67638c6dc8a9778e4ff971a011c00907b67188a933748eee4bd7454a63d7d0badfd7406d597b83fd01d5add7d4b278abb2e17950b953cfdea19f2ba35fdfbe3918841eb5f375cf413a2b3f640aa00e013267ba366b16379f8c5f04d1ca5f2d35596ccc8353e7757f59e57ba165e7793d428380a16b4bc620a1324c4cda76e918eafb6adc47a1227714fd69447a741cf80ba91d9a9aa213ef00c42d7d02e27ee4c6f7720bb74fd89a663988724a9e0f17d2fb5309efe7914dea53c6d3bdb3037830664b5178f611c996d1947eff04342f5baa7cef14d5705b899b14a8cce95930d8564d034bf9331c45852905ef9d9c01ef1aff97448067d53886d23768068d1b1aabba9a9f308690fdef7ce4260747d97760b3d0104cee98a2f679e6d0b84668c2ed7999b0525af6bbcfaedce81f10eda788124ce8a6b98ce5c6af416dc7442b42ddd14a59924b12c09fe7ed0b04a39d66fb4c949fe80bb9ba2f53e226e668223ef28b59afb1bcc0b02b2a23163688b60704a0d8995b7884b15a45ec72e1468df7c257697778a645bfb65acf6e517675ce3a79df67d367e3413f0ca2e9b4d6504b0dada5b1d24a2e6136ff28eac87e57b3f7dcc9a4a89ba359761388ba73a9cacc17fb6abb2f94e15997153e79a9e41e5c637e11ccbf256ccee6bfc65b043d74671b49db465711608609f0645029b43a911e3d3ecaa3787dc292aeaf7b4337a833aaace6abf48044a6cde781e66c98637ddf2031d71a8a2fab9d01754f19cfd8fab431cb4316346f09ce84ecec46c1c393502ba0499351224889a6325f5481c329e040a894391a0d22f9bf105e33be60d8733d5bfbdc28a77fb5b8931b51800af0e369054e07764ba32bdf75a22ffe2e93b7abcede2e900897f5759e0af6f1689d47720a441d587a5a6f221a9eeb8cf97f711300bd475747e4eb59baaf1c8a8f09ecf06d552724a21e80930742e7c608c8053408cbf971d67d7608c988180dd7b4807b20a12a17f598d527896023a0fc4e5cc956a67150462395e3efb552c2df09b73fc5b2ff263a5a383b2a3a77fc392d84a5d47d5a362224a376f356df1e7b220329f47ea34deeb74b04e94d7a5b0aa396a49cce3d426a987d91a544f9e4c8c9c920a927f8e420f1400bf08973492b83679346a0b361ce0a1e6751c645779a29d05367a98caf96a7619f95cffb5670de197795390c0e5293f5211726db4ed90c931ddc8c826d1696fc99deaa533b077bb4c389422c9019321d02b02df898b11c1d515c1129255bd846d25dbd1bd498e0af946ab10d9a3e4109a08fd1e316cfc740cb7ca2f85a17e7ccd864bf42a9e18a4681805550e0ded17262c9fdbb09f4fb435ee3ca78ca3201a7992f0010de04ec6559148c29aed94fdeb1aa6aa6b1a8be95b630cf4cb71ffc7e6542312bd89119839697992ad", 0xa81}, {0x0}], 0x0, 0x0) [ 2004.376159][ T9031] dump_header+0x98/0x410 [ 2004.380550][ T9031] oom_kill_process+0xfe/0x550 [ 2004.385336][ T9031] out_of_memory+0x620/0x880 [ 2004.389987][ T9031] mem_cgroup_oom+0x475/0x4f0 [ 2004.394772][ T9031] try_charge_memcg+0x746/0x960 [ 2004.399690][ T9031] __memcg_kmem_charge_page+0x2e4/0x480 [ 2004.405318][ T9031] alloc_thread_stack_node+0x292/0x360 [ 2004.410805][ T9031] dup_task_struct+0x96/0x2a0 [ 2004.415574][ T9031] copy_process+0x3cb/0x20b0 [ 2004.420225][ T9031] kernel_clone+0x163/0x5c0 [ 2004.424756][ T9031] __x64_sys_clone+0xc3/0xf0 [ 2004.429402][ T9031] do_syscall_64+0x2b/0x70 [ 2004.433807][ T9031] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 2004.439686][ T9031] RIP: 0033:0x7fe837fad531 [ 2004.444158][ T9031] Code: 48 85 ff 74 3d 48 85 f6 74 38 48 83 ee 10 48 89 4e 08 48 89 3e 48 89 d7 4c 89 c2 4d 89 c8 4c 8b 54 24 08 b8 38 00 00 00 0f 05 <48> 85 c0 7c 13 74 01 c3 31 ed 58 5f ff d0 48 89 c7 b8 3c 00 00 00 [ 2004.464475][ T9031] RSP: 002b:00007ffd964f7748 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 2004.472881][ T9031] RAX: ffffffffffffffda RBX: 00007fe837722700 RCX: 00007fe837fad531 [ 2004.480863][ T9031] RDX: 00007fe8377229d0 RSI: 00007fe8377222f0 RDI: 00000000003d0f00 [ 2004.488841][ T9031] RBP: 00007ffd964f7990 R08: 00007fe837722700 R09: 00007fe837722700 [ 2004.496807][ T9031] R10: 00007fe8377229d0 R11: 0000000000000206 R12: 00007ffd964f77fe [ 2004.504781][ T9031] R13: 00007ffd964f77ff R14: 00007fe837722300 R15: 0000000000022000 [ 2004.512814][ T9031] [ 2004.515867][ T9031] memory: usage 307200kB, limit 307200kB, failcnt 59879 [ 2004.522869][ T9031] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2004.529931][ T9031] Memory cgroup stats for /syz4: [ 2005.962938][ T9031] anon 98304 [ 2005.962938][ T9031] file 126976 [ 2005.962938][ T9031] kernel 314318848 [ 2005.962938][ T9031] kernel_stack 16384 [ 2005.962938][ T9031] pagetables 73728 [ 2005.962938][ T9031] percpu 11039616 [ 2005.962938][ T9031] sock 0 [ 2005.962938][ T9031] vmalloc 0 [ 2005.962938][ T9031] shmem 126976 [ 2005.962938][ T9031] file_mapped 126976 [ 2005.962938][ T9031] file_dirty 0 [ 2005.962938][ T9031] file_writeback 0 [ 2005.962938][ T9031] swapcached 0 [ 2005.962938][ T9031] inactive_anon 167936 [ 2005.962938][ T9031] active_anon 57344 [ 2005.962938][ T9031] inactive_file 0 [ 2005.962938][ T9031] active_file 0 [ 2005.962938][ T9031] unevictable 0 [ 2005.962938][ T9031] slab_reclaimable 21744 [ 2005.962938][ T9031] slab_unreclaimable 303123488 [ 2005.962938][ T9031] slab 303145232 [ 2005.962938][ T9031] workingset_refault_anon 0 [ 2005.962938][ T9031] workingset_refault_file 15 [ 2005.962938][ T9031] workingset_activate_anon 0 [ 2005.962938][ T9031] workingset_activate_file 0 [ 2006.058905][ T9031] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=9031,uid=0 [ 2006.074371][ T9031] Memory cgroup out of memory: Killed process 9031 (syz-executor.4) total-vm:46312kB, anon-rss:388kB, file-rss:8192kB, shmem-rss:0kB, UID:0 pgtables:76kB oom_score_adj:1000 01:39:56 executing program 3: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000240)=0x1) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4000000010001fff000000000000000800000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00ed"], 0x40}}, 0x0) 01:39:56 executing program 1: syz_mount_image$msdos(0x0, 0x0, 0x0, 0x1, &(0x7f0000001680)=[{0x0}], 0x180000, 0x0) 01:39:56 executing program 4: syz_mount_image$msdos(&(0x7f0000000300), &(0x7f0000000340)='./file0\x00', 0x0, 0x2, &(0x7f0000001680)=[{0x0}, {0x0, 0x0, 0xffff}], 0x0, &(0x7f0000001740)={[{@nodots}], [{@subj_type={'subj_type', 0x3d, '/dev/nvram\x00'}}]}) 01:39:56 executing program 5: pipe2$watch_queue(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x80) fsmount(r0, 0x0, 0x0) 01:39:56 executing program 0: getpid() socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, 0x0, 0x0, 0x2, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4000000010001fff000000030000000000000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00edd62ea20a1d331785", @ANYBLOB="f6058f6edd13b339a41741df7cc8ce16a184f1c3ce95557b15a6b9d8ed59050d446d58b1b14a601e31bc1f05ac2d5eab491981e7982e0834ddf3bc6592804936196dbce83b114f9265aa8c87654cf456311e4cba3ee22fd0451b75c902767755ccec2eb4ea77c45e8d4d4e77f867648d98797fdd8711d671c5f22669c60eb10bf9570150a2c247bf1e55cd1fb91e41588a73327e20823f2f15ce2255a75e6d8afb40aa37c5ae7af3fb6c770673242110d1e2c33cfd3264e2a156ae5ee38d5abfb2ad4c2a8a"], 0x40}}, 0x0) 01:39:56 executing program 2: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000240)=0x1) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4000000010001fff0003ffff0000000000000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00ed"], 0x40}}, 0x0) 01:39:56 executing program 1: keyctl$update(0x2, 0x0, &(0x7f0000001a00)="94", 0x1) 01:39:56 executing program 5: syz_genetlink_get_family_id$ethtool(&(0x7f0000000080), 0xffffffffffffffff) openat$null(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000007c0)) syz_clone(0x8000, 0x0, 0x0, 0x0, 0x0, 0x0) 01:39:56 executing program 5: syz_mount_image$msdos(&(0x7f0000000300), &(0x7f0000000340)='./file0\x00', 0x0, 0x0, &(0x7f0000001680), 0x0, &(0x7f0000001740)={[], [{@fsname={'fsname', 0x3d, '/dev/nvram\x00'}}]}) 01:39:56 executing program 1: syz_open_dev$vcsa(&(0x7f0000000100), 0x0, 0x0) socketpair(0x21, 0x0, 0x0, &(0x7f0000000280)) [ 2006.500640][ T9064] loop4: detected capacity change from 0 to 255 [ 2006.522378][ T9064] FAT-fs (loop4): Unrecognized mount option "subj_type=/dev/nvram" or missing value 01:39:57 executing program 1: socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000007c0)={0xffffffffffffffff, 0xffffffffffffffff}) recvmmsg$unix(r0, &(0x7f0000002d00)=[{{&(0x7f00000000c0), 0x6e, &(0x7f00000006c0)=[{0x0}, {0x0}], 0x2}}], 0x1, 0x0, 0x0) [ 2007.291368][ T9061] syz-executor.4 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 2007.301867][ T9061] CPU: 1 PID: 9061 Comm: syz-executor.4 Not tainted 5.19.0-rc6-syzkaller-00104-g72a8e05d4f66-dirty #0 [ 2007.312872][ T9061] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 2007.323054][ T9061] Call Trace: [ 2007.326343][ T9061] [ 2007.329279][ T9061] dump_stack_lvl+0xd6/0x122 [ 2007.333954][ T9061] dump_stack+0x11/0x12 [ 2007.338148][ T9061] dump_header+0x98/0x410 [ 2007.342490][ T9061] oom_kill_process+0xfe/0x550 [ 2007.347304][ T9061] out_of_memory+0x620/0x880 [ 2007.351911][ T9061] mem_cgroup_oom+0x475/0x4f0 [ 2007.356670][ T9061] try_charge_memcg+0x746/0x960 [ 2007.361527][ T9061] charge_memcg+0x63/0x2c0 [ 2007.366016][ T9061] __mem_cgroup_charge+0x25/0xa0 [ 2007.370958][ T9061] wp_page_copy+0x20f/0x1460 [ 2007.375557][ T9061] ? shrink_zones+0x525/0x5d0 [ 2007.380236][ T9061] do_wp_page+0x76f/0xe10 [ 2007.384629][ T9061] handle_mm_fault+0x5fb/0xa90 01:39:57 executing program 5: r0 = openat$null(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) openat$cgroup_netprio_ifpriomap(r0, &(0x7f0000000100), 0x2, 0x0) [ 2007.389524][ T9061] do_user_addr_fault+0x4cd/0x940 [ 2007.394564][ T9061] exc_page_fault+0x60/0x160 [ 2007.399297][ T9061] asm_exc_page_fault+0x22/0x30 [ 2007.404218][ T9061] RIP: 0033:0x7fe837f5a340 [ 2007.408699][ T9061] Code: fe ff 49 39 dc 75 eb 48 8b 44 24 18 89 28 48 83 c4 28 5b 5d 41 5c 41 5d 41 5e 41 5f c3 0f 1f 44 00 00 41 89 c5 e9 75 fe ff ff <43> 89 2c 84 e9 a3 fe ff ff 0f 1f 80 00 00 00 00 49 39 d4 74 70 48 [ 2007.428466][ T9061] RSP: 002b:00007ffd964f7790 EFLAGS: 00010246 [ 2007.439312][ T9061] RAX: 00000000140cd49d RBX: 00007fe8380beff8 RCX: 0000001b2de20000 [ 2007.447282][ T9061] RDX: 0000000000000000 RSI: 0000001b2de20018 RDI: 0000000008c19a4f [ 2007.455247][ T9061] RBP: 00000000140cd49d R08: 000000000000149d R09: 00000000140cd4a1 [ 2007.463212][ T9061] R10: 0000000000000000 R11: 0000000000000000 R12: 00007fe8380b3000 [ 2007.471176][ T9061] R13: 0000000000000001 R14: 0000000000000002 R15: ffffffff81436af0 [ 2007.479134][ T9061] ? strndup_user+0x10/0xa0 [ 2007.483643][ T9061] [ 2007.486696][ T9061] memory: usage 307200kB, limit 307200kB, failcnt 59931 [ 2007.493646][ T9061] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2007.500496][ T9061] Memory cgroup stats for /syz4: [ 2007.500805][ T9061] anon 118784 [ 2007.500805][ T9061] file 126976 [ 2007.500805][ T9061] kernel 314327040 [ 2007.500805][ T9061] kernel_stack 32768 [ 2007.500805][ T9061] pagetables 77824 [ 2007.500805][ T9061] percpu 11039616 [ 2007.500805][ T9061] sock 0 [ 2007.500805][ T9061] vmalloc 0 [ 2007.500805][ T9061] shmem 126976 [ 2007.500805][ T9061] file_mapped 126976 [ 2007.500805][ T9061] file_dirty 0 [ 2007.500805][ T9061] file_writeback 0 [ 2007.500805][ T9061] swapcached 0 [ 2007.500805][ T9061] inactive_anon 188416 [ 2007.500805][ T9061] active_anon 57344 [ 2007.500805][ T9061] inactive_file 0 [ 2007.500805][ T9061] active_file 0 [ 2007.500805][ T9061] unevictable 0 [ 2007.500805][ T9061] slab_reclaimable 17216 [ 2007.500805][ T9061] slab_unreclaimable 303123968 [ 2007.500805][ T9061] slab 303141184 [ 2007.500805][ T9061] workingset_refault_anon 0 [ 2007.500805][ T9061] workingset_refault_file 15 [ 2007.500805][ T9061] workingset_activate_anon 0 01:39:58 executing program 3: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000240)=0x1) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4000000010001fff000000000000000900000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00ed"], 0x40}}, 0x0) 01:39:58 executing program 5: syz_mount_image$msdos(&(0x7f0000000300), &(0x7f0000000340)='./file0\x00', 0x0, 0x1, &(0x7f0000001680)=[{0x0, 0x0, 0xffff}], 0x0, &(0x7f0000001740)={[{@nodots}]}) 01:39:58 executing program 4: syz_open_dev$vcsa(&(0x7f0000000040), 0x0, 0x40) 01:39:58 executing program 0: getpid() socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, 0x0, 0x0, 0x2, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4000000010001fff00001a030000000000000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00edd62ea20a1d331785", @ANYBLOB="f6058f6edd13b339a41741df7cc8ce16a184f1c3ce95557b15a6b9d8ed59050d446d58b1b14a601e31bc1f05ac2d5eab491981e7982e0834ddf3bc6592804936196dbce83b114f9265aa8c87654cf456311e4cba3ee22fd0451b75c902767755ccec2eb4ea77c45e8d4d4e77f867648d98797fdd8711d671c5f22669c60eb10bf9570150a2c247bf1e55cd1fb91e41588a73327e20823f2f15ce2255a75e6d8afb40aa37c5ae7af3fb6c770673242110d1e2c33cfd3264e2a156ae5ee38d5abfb2ad4c2a8a"], 0x40}}, 0x0) 01:39:58 executing program 5: socketpair(0x10, 0x3, 0x9, &(0x7f00000004c0)) [ 2007.500805][ T9061] workingset_activate_file 0 [ 2007.596826][ T9061] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=9061,uid=0 [ 2007.612064][ T9061] Memory cgroup out of memory: Killed process 9061 (syz-executor.4) total-vm:46312kB, anon-rss:388kB, file-rss:8192kB, shmem-rss:0kB, UID:0 pgtables:80kB oom_score_adj:1000 [ 2007.676425][ T9093] syz-executor.4 invoked oom-killer: gfp_mask=0xdc0(GFP_KERNEL|__GFP_ZERO), order=0, oom_score_adj=1000 [ 2007.687675][ T9093] CPU: 1 PID: 9093 Comm: syz-executor.4 Not tainted 5.19.0-rc6-syzkaller-00104-g72a8e05d4f66-dirty #0 [ 2007.698711][ T9093] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 2007.708791][ T9093] Call Trace: [ 2007.712094][ T9093] [ 2007.715075][ T9093] dump_stack_lvl+0xd6/0x122 [ 2007.719718][ T9093] dump_stack+0x11/0x12 [ 2007.723865][ T9093] dump_header+0x98/0x410 [ 2007.728289][ T9093] oom_kill_process+0xfe/0x550 [ 2007.733097][ T9093] out_of_memory+0x620/0x880 [ 2007.737674][ T9093] mem_cgroup_oom+0x475/0x4f0 [ 2007.742378][ T9093] try_charge_memcg+0x746/0x960 [ 2007.747276][ T9093] ? mem_cgroup_iter+0x267/0x340 [ 2007.752290][ T9093] ? shrink_node_memcgs+0x3ed/0x400 [ 2007.757565][ T9093] obj_cgroup_charge+0x171/0x2b0 [ 2007.762497][ T9093] kmem_cache_alloc+0x92/0x300 [ 2007.767355][ T9093] ? __alloc_file+0x2e/0x150 [ 2007.771998][ T9093] __alloc_file+0x2e/0x150 [ 2007.776406][ T9093] alloc_empty_file+0xcd/0x1c0 [ 2007.781157][ T9093] path_openat+0x65/0x1b30 [ 2007.785568][ T9093] ? shrink_zones+0x525/0x5d0 [ 2007.790229][ T9093] do_filp_open+0x105/0x220 [ 2007.794788][ T9093] do_sys_openat2+0xb5/0x2a0 [ 2007.799416][ T9093] __x64_sys_openat+0xef/0x110 [ 2007.804164][ T9093] do_syscall_64+0x2b/0x70 [ 2007.808566][ T9093] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 2007.814457][ T9093] RIP: 0033:0x7fe837f5f024 [ 2007.818857][ T9093] Code: 84 00 00 00 00 00 44 89 54 24 0c e8 96 f9 ff ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 c8 f9 ff ff 8b 44 [ 2007.838448][ T9093] RSP: 002b:00007fe837721ca0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 2007.846896][ T9093] RAX: ffffffffffffffda RBX: 6666666666666667 RCX: 00007fe837f5f024 [ 2007.854882][ T9093] RDX: 0000000000000040 RSI: 00007fe837721d40 RDI: 00000000ffffff9c [ 2007.862836][ T9093] RBP: 00007fe837721d40 R08: 0000000000000000 R09: 0000000000000000 01:39:58 executing program 2: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000240)=0x1) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4000000010001fff88a8ffff0000000000000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00ed"], 0x40}}, 0x0) 01:39:58 executing program 5: r0 = socket$igmp(0x2, 0x3, 0x2) setsockopt$MRT_ADD_MFC_PROXY(r0, 0x0, 0xd2, &(0x7f0000000080)={@loopback, @remote, 0x0, "bbe12df7d3adf402813e9b1722220b487e4958387c6cc1a92e8419668a25a112"}, 0x3c) [ 2007.870795][ T9093] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000040 [ 2007.878827][ T9093] R13: 00007ffd964f77ff R14: 00007fe837722300 R15: 0000000000022000 [ 2007.886800][ T9093] [ 2007.889881][ T9093] memory: usage 307200kB, limit 307200kB, failcnt 59957 [ 2007.896903][ T9093] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2007.903767][ T9093] Memory cgroup stats for /syz4: [ 2007.951350][ T9093] anon 106496 [ 2007.951350][ T9093] file 126976 [ 2007.951350][ T9093] kernel 314339328 [ 2007.951350][ T9093] kernel_stack 32768 [ 2007.951350][ T9093] pagetables 77824 [ 2007.951350][ T9093] percpu 11039616 [ 2007.951350][ T9093] sock 0 [ 2007.951350][ T9093] vmalloc 0 [ 2007.951350][ T9093] shmem 126976 [ 2007.951350][ T9093] file_mapped 126976 [ 2007.951350][ T9093] file_dirty 0 [ 2007.951350][ T9093] file_writeback 0 [ 2007.951350][ T9093] swapcached 0 [ 2007.951350][ T9093] inactive_anon 176128 [ 2007.951350][ T9093] active_anon 57344 [ 2007.951350][ T9093] inactive_file 0 [ 2007.951350][ T9093] active_file 0 [ 2007.951350][ T9093] unevictable 0 [ 2007.951350][ T9093] slab_reclaimable 21744 [ 2007.951350][ T9093] slab_unreclaimable 303129544 [ 2007.951350][ T9093] slab 303151288 [ 2007.951350][ T9093] workingset_refault_anon 0 [ 2007.951350][ T9093] workingset_refault_file 15 [ 2007.951350][ T9093] workingset_activate_anon 0 [ 2007.951350][ T9093] workingset_activate_file 0 01:39:58 executing program 4: recvmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) r0 = syz_clone(0x0, &(0x7f00000032c0), 0x0, 0x0, 0x0, &(0x7f00000033c0)="d80e6a0e931b4aba967c4cc700c69033f3e60b47b40055ce0ea8c7b6fbbc99e4bdc4d4a2fdbcaff607df176ce7df22ab94e59641941fdba648b73043e0d0511cf36f18be34db") sched_rr_get_interval(r0, &(0x7f0000003440)) connect$unix(0xffffffffffffffff, 0x0, 0x0) [ 2008.047477][ T9093] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=9092,uid=0 [ 2008.062777][ T9093] Memory cgroup out of memory: Killed process 9092 (syz-executor.4) total-vm:46312kB, anon-rss:388kB, file-rss:8192kB, shmem-rss:0kB, UID:0 pgtables:80kB oom_score_adj:1000 01:39:58 executing program 5: r0 = socket$rds(0x15, 0x5, 0x0) setsockopt$RDS_FREE_MR(r0, 0x114, 0x3, &(0x7f0000000380), 0x10) 01:39:58 executing program 5: socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000007c0)={0xffffffffffffffff, 0xffffffffffffffff}) recvmmsg$unix(r0, 0x0, 0x0, 0x0, &(0x7f0000002d80)) [ 2008.207267][ T9111] syz-executor.4 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 2008.217551][ T9111] CPU: 1 PID: 9111 Comm: syz-executor.4 Not tainted 5.19.0-rc6-syzkaller-00104-g72a8e05d4f66-dirty #0 [ 2008.228507][ T9111] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 2008.238568][ T9111] Call Trace: [ 2008.241841][ T9111] [ 2008.244764][ T9111] dump_stack_lvl+0xd6/0x122 [ 2008.249440][ T9111] dump_stack+0x11/0x12 [ 2008.253590][ T9111] dump_header+0x98/0x410 [ 2008.258003][ T9111] oom_kill_process+0xfe/0x550 [ 2008.262797][ T9111] out_of_memory+0x620/0x880 [ 2008.267587][ T9111] mem_cgroup_oom+0x475/0x4f0 [ 2008.272262][ T9111] try_charge_memcg+0x746/0x960 [ 2008.277155][ T9111] charge_memcg+0x63/0x2c0 [ 2008.281566][ T9111] __mem_cgroup_charge+0x25/0xa0 [ 2008.286575][ T9111] wp_page_copy+0x20f/0x1460 [ 2008.291184][ T9111] do_wp_page+0x76f/0xe10 [ 2008.295556][ T9111] handle_mm_fault+0x5fb/0xa90 [ 2008.300341][ T9111] do_user_addr_fault+0x4cd/0x940 [ 2008.305366][ T9111] exc_page_fault+0x60/0x160 [ 2008.309958][ T9111] asm_exc_page_fault+0x22/0x30 [ 2008.314805][ T9111] RIP: 0033:0x7fe837f52edc [ 2008.319246][ T9111] Code: 2a 59 ff ff 41 39 5c 24 2c 7f d3 31 c0 48 8d 3d c5 20 0b 00 e8 15 59 ff ff 48 8b 44 24 08 c7 44 24 1c ff ff ff ff 44 8b 60 78 80 c8 00 00 00 00 45 85 e4 0f 8e 83 00 00 00 48 8b 44 24 08 8b [ 2008.338928][ T9111] RSP: 002b:00007fe837722190 EFLAGS: 00010202 [ 2008.344996][ T9111] RAX: 00007fe8380bef60 RBX: 0000000000000005 RCX: 00007fe838010c23 01:39:58 executing program 1: socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000007c0)={0xffffffffffffffff, 0xffffffffffffffff}) dup2(0xffffffffffffffff, r0) 01:39:58 executing program 5: socketpair(0x0, 0x0, 0x7fff, &(0x7f0000000280)) [ 2008.352992][ T9111] RDX: 00000000001d9937 RSI: 0000000000000000 RDI: 00007fe838004f8b [ 2008.360988][ T9111] RBP: 00007fe83800605d R08: 00007ffd96573080 R09: 0000000000000010 [ 2008.368973][ T9111] R10: 00007ffd965730b8 R11: 000000000005adc2 R12: 0000000000000000 [ 2008.376939][ T9111] R13: 00007ffd964f77ff R14: 00007fe837722300 R15: 0000000000022000 [ 2008.384907][ T9111] [ 2008.388175][ T9111] memory: usage 307180kB, limit 307200kB, failcnt 60000 [ 2008.395231][ T9111] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2008.402086][ T9111] Memory cgroup stats for /syz4: [ 2008.414618][ T9111] anon 102400 [ 2008.414618][ T9111] file 126976 [ 2008.414618][ T9111] kernel 314335232 [ 2008.414618][ T9111] kernel_stack 32768 [ 2008.414618][ T9111] pagetables 77824 [ 2008.414618][ T9111] percpu 11039616 [ 2008.414618][ T9111] sock 0 [ 2008.414618][ T9111] vmalloc 0 [ 2008.414618][ T9111] shmem 126976 [ 2008.414618][ T9111] file_mapped 126976 [ 2008.414618][ T9111] file_dirty 0 [ 2008.414618][ T9111] file_writeback 0 [ 2008.414618][ T9111] swapcached 0 [ 2008.414618][ T9111] inactive_anon 172032 [ 2008.414618][ T9111] active_anon 57344 [ 2008.414618][ T9111] inactive_file 0 [ 2008.414618][ T9111] active_file 0 [ 2008.414618][ T9111] unevictable 0 [ 2008.414618][ T9111] slab_reclaimable 15840 [ 2008.414618][ T9111] slab_unreclaimable 303129280 [ 2008.414618][ T9111] slab 303145120 [ 2008.414618][ T9111] workingset_refault_anon 0 [ 2008.414618][ T9111] workingset_refault_file 15 [ 2008.414618][ T9111] workingset_activate_anon 0 [ 2008.414618][ T9111] workingset_activate_file 0 [ 2008.510366][ T9111] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=9105,uid=0 [ 2008.525756][ T9111] Memory cgroup out of memory: Killed process 9105 (syz-executor.4) total-vm:46312kB, anon-rss:388kB, file-rss:8192kB, shmem-rss:0kB, UID:0 pgtables:80kB oom_score_adj:1000 01:39:58 executing program 3: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000240)=0x1) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4000000010001fff000000000000000a00000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00ed"], 0x40}}, 0x0) 01:39:58 executing program 1: recvmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000003200)) 01:39:58 executing program 4: getsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff) 01:39:58 executing program 0: getpid() socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, 0x0, 0x0, 0x2, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4000000010001fff00001e030000000000000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00edd62ea20a1d331785", @ANYBLOB="f6058f6edd13b339a41741df7cc8ce16a184f1c3ce95557b15a6b9d8ed59050d446d58b1b14a601e31bc1f05ac2d5eab491981e7982e0834ddf3bc6592804936196dbce83b114f9265aa8c87654cf456311e4cba3ee22fd0451b75c902767755ccec2eb4ea77c45e8d4d4e77f867648d98797fdd8711d671c5f22669c60eb10bf9570150a2c247bf1e55cd1fb91e41588a73327e20823f2f15ce2255a75e6d8afb40aa37c5ae7af3fb6c770673242110d1e2c33cfd3264e2a156ae5ee38d5abfb2ad4c2a8a"], 0x40}}, 0x0) 01:39:58 executing program 5: r0 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0) getsockname$packet(r0, 0x0, 0x0) [ 2008.660958][ T9120] syz-executor.4 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 2008.671340][ T9120] CPU: 1 PID: 9120 Comm: syz-executor.4 Not tainted 5.19.0-rc6-syzkaller-00104-g72a8e05d4f66-dirty #0 [ 2008.683410][ T9120] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 2008.693474][ T9120] Call Trace: [ 2008.696753][ T9120] [ 2008.699712][ T9120] dump_stack_lvl+0xd6/0x122 [ 2008.704389][ T9120] dump_stack+0x11/0x12 [ 2008.708580][ T9120] dump_header+0x98/0x410 [ 2008.712916][ T9120] oom_kill_process+0xfe/0x550 [ 2008.717688][ T9120] out_of_memory+0x620/0x880 [ 2008.722290][ T9120] mem_cgroup_oom+0x475/0x4f0 [ 2008.727055][ T9120] try_charge_memcg+0x746/0x960 [ 2008.731908][ T9120] charge_memcg+0x63/0x2c0 [ 2008.736477][ T9120] __mem_cgroup_charge+0x25/0xa0 [ 2008.741415][ T9120] wp_page_copy+0x20f/0x1460 [ 2008.746019][ T9120] ? shrink_zones+0x525/0x5d0 [ 2008.750761][ T9120] do_wp_page+0x76f/0xe10 [ 2008.755096][ T9120] handle_mm_fault+0x5fb/0xa90 [ 2008.759937][ T9120] do_user_addr_fault+0x4cd/0x940 [ 2008.765013][ T9120] exc_page_fault+0x60/0x160 [ 2008.769774][ T9120] asm_exc_page_fault+0x22/0x30 [ 2008.774649][ T9120] RIP: 0033:0x7fe837f5a340 [ 2008.779066][ T9120] Code: fe ff 49 39 dc 75 eb 48 8b 44 24 18 89 28 48 83 c4 28 5b 5d 41 5c 41 5d 41 5e 41 5f c3 0f 1f 44 00 00 41 89 c5 e9 75 fe ff ff <43> 89 2c 84 e9 a3 fe ff ff 0f 1f 80 00 00 00 00 49 39 d4 74 70 48 [ 2008.798838][ T9120] RSP: 002b:00007ffd964f7790 EFLAGS: 00010246 [ 2008.804933][ T9120] RAX: 00000000920f6702 RBX: 00007fe8380beff8 RCX: 0000001b2de20000 [ 2008.812909][ T9120] RDX: 0000000000000000 RSI: 0000001b2de20018 RDI: 000000000a0b08d3 [ 2008.820886][ T9120] RBP: 00000000920f6702 R08: 0000000000000702 R09: 00000000920f6706 [ 2008.828864][ T9120] R10: 00007ffd964f7960 R11: 0000000000000246 R12: 00007fe8380b3000 [ 2008.836843][ T9120] R13: 0000000000000001 R14: 0000000000000002 R15: ffffffff8157eadd [ 2008.844843][ T9120] ? __fdget+0xd/0x120 [ 2008.848916][ T9120] [ 2008.851957][ T9120] memory: usage 307200kB, limit 307200kB, failcnt 60045 [ 2008.858910][ T9120] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2008.865811][ T9120] Memory cgroup stats for /syz4: [ 2009.180547][ T9120] anon 102400 [ 2009.180547][ T9120] file 126976 [ 2009.180547][ T9120] kernel 314335232 [ 2009.180547][ T9120] kernel_stack 32768 [ 2009.180547][ T9120] pagetables 69632 [ 2009.180547][ T9120] percpu 11039616 [ 2009.180547][ T9120] sock 0 [ 2009.180547][ T9120] vmalloc 0 [ 2009.180547][ T9120] shmem 126976 [ 2009.180547][ T9120] file_mapped 126976 [ 2009.180547][ T9120] file_dirty 0 [ 2009.180547][ T9120] file_writeback 0 [ 2009.180547][ T9120] swapcached 0 [ 2009.180547][ T9120] inactive_anon 172032 [ 2009.180547][ T9120] active_anon 57344 [ 2009.180547][ T9120] inactive_file 0 [ 2009.180547][ T9120] active_file 0 [ 2009.180547][ T9120] unevictable 0 [ 2009.180547][ T9120] slab_reclaimable 15840 [ 2009.180547][ T9120] slab_unreclaimable 303135720 [ 2009.180547][ T9120] slab 303151560 [ 2009.180547][ T9120] workingset_refault_anon 0 [ 2009.180547][ T9120] workingset_refault_file 15 [ 2009.180547][ T9120] workingset_activate_anon 0 [ 2009.180547][ T9120] workingset_activate_file 0 01:39:59 executing program 1: r0 = socket$pppl2tp(0x18, 0x1, 0x1) ioctl$ifreq_SIOCGIFINDEX_wireguard(r0, 0x8933, &(0x7f0000000040)={'wg0\x00'}) 01:39:59 executing program 5: syz_clone(0x10800400, 0x0, 0x0, 0x0, 0x0, 0x0) 01:39:59 executing program 4: clock_gettime(0x0, &(0x7f0000000540)) 01:39:59 executing program 2: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000240)=0x1) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4000000010001fff7fffffff0000000000000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00ed"], 0x40}}, 0x0) [ 2009.276406][ T9120] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=9120,uid=0 [ 2009.291632][ T9120] Memory cgroup out of memory: Killed process 9120 (syz-executor.4) total-vm:46312kB, anon-rss:388kB, file-rss:8192kB, shmem-rss:0kB, UID:0 pgtables:72kB oom_score_adj:1000 01:39:59 executing program 1: syz_read_part_table(0x0, 0x1, &(0x7f0000000440)=[{&(0x7f0000000100)='W', 0x1}]) 01:39:59 executing program 0: getpid() socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, 0x0, 0x0, 0x2, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4000000010001fff000024030000000000000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00edd62ea20a1d331785", @ANYBLOB="f6058f6edd13b339a41741df7cc8ce16a184f1c3ce95557b15a6b9d8ed59050d446d58b1b14a601e31bc1f05ac2d5eab491981e7982e0834ddf3bc6592804936196dbce83b114f9265aa8c87654cf456311e4cba3ee22fd0451b75c902767755ccec2eb4ea77c45e8d4d4e77f867648d98797fdd8711d671c5f22669c60eb10bf9570150a2c247bf1e55cd1fb91e41588a73327e20823f2f15ce2255a75e6d8afb40aa37c5ae7af3fb6c770673242110d1e2c33cfd3264e2a156ae5ee38d5abfb2ad4c2a8a"], 0x40}}, 0x0) 01:39:59 executing program 5: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_UNLABEL_C_STATICREMOVE(r0, &(0x7f00000000c0)={&(0x7f0000000000), 0xc, &(0x7f0000000080)={0x0}}, 0x8001) [ 2009.410212][ T9138] syz-executor.4 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 2009.420535][ T9138] CPU: 1 PID: 9138 Comm: syz-executor.4 Not tainted 5.19.0-rc6-syzkaller-00104-g72a8e05d4f66-dirty #0 [ 2009.431534][ T9138] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 2009.442383][ T9138] Call Trace: [ 2009.445668][ T9138] [ 2009.448610][ T9138] dump_stack_lvl+0xd6/0x122 [ 2009.453429][ T9138] dump_stack+0x11/0x12 [ 2009.457591][ T9138] dump_header+0x98/0x410 [ 2009.462012][ T9138] oom_kill_process+0xfe/0x550 [ 2009.466805][ T9138] out_of_memory+0x620/0x880 [ 2009.471402][ T9138] mem_cgroup_oom+0x475/0x4f0 [ 2009.476080][ T9138] try_charge_memcg+0x746/0x960 [ 2009.480956][ T9138] charge_memcg+0x63/0x2c0 [ 2009.485456][ T9138] __mem_cgroup_charge+0x25/0xa0 [ 2009.490395][ T9138] do_anonymous_page+0x1d6/0xa20 [ 2009.495343][ T9138] handle_mm_fault+0x8a0/0xa90 [ 2009.500207][ T9138] do_user_addr_fault+0x4cd/0x940 [ 2009.505241][ T9138] exc_page_fault+0x60/0x160 [ 2009.509920][ T9138] asm_exc_page_fault+0x22/0x30 [ 2009.514899][ T9138] RIP: 0033:0x7fe837f57d0d [ 2009.519312][ T9138] Code: e0 04 8b 44 02 08 85 c0 0f 85 d0 0a 00 00 31 c0 b9 40 42 0f 00 ba 81 00 00 00 c7 06 01 00 00 00 bf ca 00 00 00 e8 e3 43 05 00 <83> 05 ec b2 56 00 01 80 bc 24 d8 00 00 00 00 0f b6 05 6f 06 0a 01 [ 2009.539062][ T9138] RSP: 002b:00007ffd964f7880 EFLAGS: 00010217 [ 2009.545139][ T9138] RAX: 0000000000000000 RBX: 00007fe8380bef6c RCX: 00007fe837fac109 [ 2009.553114][ T9138] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007fe8380bef68 [ 2009.561084][ T9138] RBP: 00007fe8380bef60 R08: 00007fe837722700 R09: 0000000000000000 [ 2009.569143][ T9138] R10: 00007fe837722700 R11: 0000000000000246 R12: 00007fe8380bef6c [ 2009.577113][ T9138] R13: 00007fe8380c3048 R14: 00007fe8380bef60 R15: 0000000000000000 [ 2009.585095][ T9138] [ 2009.588150][ T9138] memory: usage 307200kB, limit 307200kB, failcnt 60125 [ 2009.595166][ T9138] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 01:40:00 executing program 3: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000240)=0x1) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4000000010001fff000000000000010a00000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00ed"], 0x40}}, 0x0) 01:40:00 executing program 1: r0 = socket$phonet(0x23, 0x2, 0x1) sendto$phonet(r0, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x23, 0x0, 0x18}, 0x10) 01:40:00 executing program 5: syz_clone(0x10800400, &(0x7f0000000000), 0x0, 0x0, 0x0, 0x0) 01:40:00 executing program 5: syz_clone(0x8281000, 0x0, 0x0, 0x0, 0x0, 0x0) [ 2009.602011][ T9138] Memory cgroup stats for /syz4: [ 2009.672545][ T24] audit: type=1400 audit(1657676400.031:565): avc: denied { write } for pid=9153 comm="syz-executor.1" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1 [ 2009.693160][ T9138] anon 94208 [ 2009.693160][ T9138] file 126976 [ 2009.693160][ T9138] kernel 314347520 [ 2009.693160][ T9138] kernel_stack 32768 [ 2009.693160][ T9138] pagetables 69632 [ 2009.693160][ T9138] percpu 11039616 [ 2009.693160][ T9138] sock 0 [ 2009.693160][ T9138] vmalloc 0 [ 2009.693160][ T9138] shmem 126976 [ 2009.693160][ T9138] file_mapped 126976 [ 2009.693160][ T9138] file_dirty 0 [ 2009.693160][ T9138] file_writeback 0 [ 2009.693160][ T9138] swapcached 0 [ 2009.693160][ T9138] inactive_anon 163840 [ 2009.693160][ T9138] active_anon 57344 [ 2009.693160][ T9138] inactive_file 0 [ 2009.693160][ T9138] active_file 0 [ 2009.693160][ T9138] unevictable 0 [ 2009.693160][ T9138] slab_reclaimable 15840 [ 2009.693160][ T9138] slab_unreclaimable 303142320 [ 2009.693160][ T9138] slab 303158160 01:40:00 executing program 1: r0 = add_key$keyring(&(0x7f0000000100), &(0x7f0000000140)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffe) keyctl$get_persistent(0x16, 0xffffffffffffffff, r0) [ 2009.693160][ T9138] workingset_refault_anon 0 [ 2009.693160][ T9138] workingset_refault_file 15 [ 2009.693160][ T9138] workingset_activate_anon 0 [ 2009.693160][ T9138] workingset_activate_file 0 [ 2009.789065][ T9138] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=9138,uid=0 [ 2009.804415][ T9138] Memory cgroup out of memory: Killed process 9138 (syz-executor.4) total-vm:46312kB, anon-rss:388kB, file-rss:8192kB, shmem-rss:0kB, UID:0 pgtables:76kB oom_score_adj:1000 01:40:00 executing program 4: r0 = add_key$keyring(&(0x7f0000000100), &(0x7f0000000140)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffe) r1 = add_key$fscrypt_v1(&(0x7f0000000180), &(0x7f00000001c0)={'fscrypt:', @desc4}, &(0x7f0000000200)={0x0, "c56c37e1ba0ee86f9a7409870f5e7667dabcb375cc52dfa5d65039700d4916dad2cb3bbb71442bc2d21a9c1e167b69a65ee4cf20f173c3fa41648ccd78ba3520"}, 0x48, r0) keyctl$KEYCTL_MOVE(0x1e, r1, r0, r0, 0x0) 01:40:00 executing program 5: r0 = syz_open_dev$usbmon(&(0x7f0000000400), 0x0, 0x0) read$usbmon(r0, 0x0, 0x36) syz_usbip_server_init(0x1) 01:40:00 executing program 1: r0 = add_key$keyring(&(0x7f0000000100), &(0x7f0000000140)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffe) keyctl$get_persistent(0x16, 0xffffffffffffffff, r0) [ 2009.999978][ T9167] syz-executor.4 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 2010.010310][ T9167] CPU: 1 PID: 9167 Comm: syz-executor.4 Not tainted 5.19.0-rc6-syzkaller-00104-g72a8e05d4f66-dirty #0 [ 2010.021346][ T9167] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 2010.031440][ T9167] Call Trace: [ 2010.034718][ T9167] [ 2010.037649][ T9167] dump_stack_lvl+0xd6/0x122 [ 2010.042245][ T9167] dump_stack+0x11/0x12 [ 2010.046406][ T9167] dump_header+0x98/0x410 [ 2010.050770][ T9167] oom_kill_process+0xfe/0x550 [ 2010.055565][ T9167] out_of_memory+0x620/0x880 [ 2010.060214][ T9167] mem_cgroup_oom+0x475/0x4f0 [ 2010.064895][ T9167] try_charge_memcg+0x746/0x960 [ 2010.069822][ T9167] ? __alloc_pages+0x1f7/0x340 [ 2010.074639][ T9167] charge_memcg+0x63/0x2c0 [ 2010.079134][ T9167] __mem_cgroup_charge+0x25/0xa0 [ 2010.084077][ T9167] wp_page_copy+0x20f/0x1460 [ 2010.088670][ T9167] ? shrink_zones+0x525/0x5d0 [ 2010.093409][ T9167] do_wp_page+0x76f/0xe10 [ 2010.097765][ T9167] handle_mm_fault+0x5fb/0xa90 [ 2010.102545][ T9167] do_user_addr_fault+0x4cd/0x940 [ 2010.107672][ T9167] exc_page_fault+0x60/0x160 [ 2010.112276][ T9167] asm_exc_page_fault+0x22/0x30 [ 2010.117134][ T9167] RIP: 0033:0x7fe837f5c6e2 [ 2010.121529][ T9167] Code: 49 89 85 98 06 00 00 48 8b 85 70 ff ff ff 49 89 85 a0 06 00 00 49 8d 85 10 03 00 00 49 89 85 10 05 00 00 48 8b 05 46 bd 09 01 00 01 00 00 00 41 c7 85 1c 06 00 00 ff ff ff ff c7 05 43 fd 09 [ 2010.141193][ T9167] RSP: 002b:00007ffd964f77a0 EFLAGS: 00010246 [ 2010.147275][ T9167] RAX: 00007fe838ffd358 RBX: 0000000000021000 RCX: 00007fe837fac217 [ 2010.149644][ T9173] vhci_hcd vhci_hcd.0: pdev(5) rhport(0) sockfd(4) [ 2010.155225][ T9167] RDX: 0000000000000003 RSI: 0000000000020000 RDI: 00007fe837722700 [ 2010.161718][ T9173] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 2010.169662][ T9167] RBP: 00007ffd964f7870 R08: 00000000ffffffff R09: 00007fe837722700 [ 2010.169684][ T9167] R10: 0000000000020022 R11: 0000000000000206 R12: 00007ffd964f7990 [ 2010.169696][ T9167] R13: 00007fe837722700 R14: 0000000000000000 R15: 0000000000022000 [ 2010.177260][ T9173] vhci_hcd vhci_hcd.0: Device attached [ 2010.185093][ T9167] [ 2010.185214][ T9167] memory: usage 307184kB, limit 307200kB, failcnt 60180 [ 2010.197791][ T9174] vhci_hcd: connection closed [ 2010.201601][ T9167] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2010.213691][ T970] vhci_hcd: stop threads [ 2010.217307][ T9167] Memory cgroup stats for [ 2010.221946][ T970] vhci_hcd: release socket [ 2010.228796][ T9167] /syz4: [ 2010.234030][ T9167] anon 86016 [ 2010.234030][ T9167] file 126976 [ 2010.234030][ T9167] kernel 314343424 [ 2010.234030][ T9167] kernel_stack 16384 [ 2010.234030][ T9167] pagetables 73728 [ 2010.234030][ T9167] percpu 11039616 [ 2010.234030][ T9167] sock 0 [ 2010.234030][ T9167] vmalloc 0 [ 2010.234030][ T9167] shmem 126976 [ 2010.234030][ T9167] file_mapped 126976 [ 2010.234030][ T9167] file_dirty 0 [ 2010.234030][ T9167] file_writeback 0 [ 2010.234030][ T9167] swapcached 0 [ 2010.234030][ T9167] inactive_anon 118784 [ 2010.234030][ T9167] active_anon 57344 [ 2010.234030][ T9167] inactive_file 0 [ 2010.234030][ T9167] active_file 0 [ 2010.234030][ T9167] unevictable 0 [ 2010.234030][ T9167] slab_reclaimable 33320 [ 2010.234030][ T9167] slab_unreclaimable 303138304 [ 2010.234030][ T9167] slab 303171624 [ 2010.234030][ T9167] workingset_refault_anon 0 [ 2010.234030][ T9167] workingset_refault_file 15 [ 2010.234030][ T9167] workingset_activate_anon 0 [ 2010.234030][ T9167] workingset_activate_file 0 [ 2010.237569][ T970] vhci_hcd: disconnect device [ 2010.241971][ T9167] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=9167,uid=0 [ 2010.355560][ T9167] Memory cgroup out of memory: Killed process 9167 (syz-executor.4) total-vm:46312kB, anon-rss:388kB, file-rss:8192kB, shmem-rss:0kB, UID:0 pgtables:76kB oom_score_adj:1000 01:40:00 executing program 2: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000240)=0x1) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4000000010001fff81ffffff0000000000000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00ed"], 0x40}}, 0x0) 01:40:00 executing program 1: io_uring_register$IORING_REGISTER_EVENTFD_ASYNC(0xffffffffffffffff, 0x7, 0x0, 0x1) 01:40:00 executing program 4: r0 = io_uring_setup(0x49c1, &(0x7f0000000000)) mmap$IORING_OFF_SQES(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x11, r0, 0x10000000) 01:40:00 executing program 0: getpid() socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, 0x0, 0x0, 0x2, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4000000010001fff00002a030000000000000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00edd62ea20a1d331785", @ANYBLOB="f6058f6edd13b339a41741df7cc8ce16a184f1c3ce95557b15a6b9d8ed59050d446d58b1b14a601e31bc1f05ac2d5eab491981e7982e0834ddf3bc6592804936196dbce83b114f9265aa8c87654cf456311e4cba3ee22fd0451b75c902767755ccec2eb4ea77c45e8d4d4e77f867648d98797fdd8711d671c5f22669c60eb10bf9570150a2c247bf1e55cd1fb91e41588a73327e20823f2f15ce2255a75e6d8afb40aa37c5ae7af3fb6c770673242110d1e2c33cfd3264e2a156ae5ee38d5abfb2ad4c2a8a"], 0x40}}, 0x0) [ 2010.518859][ T9177] syz-executor.4 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 2010.529076][ T9177] CPU: 0 PID: 9177 Comm: syz-executor.4 Not tainted 5.19.0-rc6-syzkaller-00104-g72a8e05d4f66-dirty #0 [ 2010.540016][ T9177] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 2010.550142][ T9177] Call Trace: [ 2010.553407][ T9177] [ 2010.556362][ T9177] dump_stack_lvl+0xd6/0x122 [ 2010.560956][ T9177] dump_stack+0x11/0x12 [ 2010.565183][ T9177] dump_header+0x98/0x410 [ 2010.570483][ T9177] oom_kill_process+0xfe/0x550 [ 2010.575264][ T9177] out_of_memory+0x620/0x880 [ 2010.579937][ T9177] mem_cgroup_oom+0x475/0x4f0 [ 2010.584620][ T9177] try_charge_memcg+0x746/0x960 [ 2010.589477][ T9177] __memcg_kmem_charge_page+0x2e4/0x480 [ 2010.595125][ T9177] alloc_thread_stack_node+0x292/0x360 [ 2010.600605][ T9177] dup_task_struct+0x96/0x2a0 [ 2010.605287][ T9177] copy_process+0x3cb/0x20b0 [ 2010.609883][ T9177] kernel_clone+0x163/0x5c0 [ 2010.614504][ T9177] __x64_sys_clone+0xc3/0xf0 [ 2010.619190][ T9177] do_syscall_64+0x2b/0x70 [ 2010.623647][ T9177] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 2010.629543][ T9177] RIP: 0033:0x7fe837fad531 [ 2010.633963][ T9177] Code: 48 85 ff 74 3d 48 85 f6 74 38 48 83 ee 10 48 89 4e 08 48 89 3e 48 89 d7 4c 89 c2 4d 89 c8 4c 8b 54 24 08 b8 38 00 00 00 0f 05 <48> 85 c0 7c 13 74 01 c3 31 ed 58 5f ff d0 48 89 c7 b8 3c 00 00 00 [ 2010.653961][ T9177] RSP: 002b:00007ffd964f7748 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 01:40:01 executing program 3: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000240)=0x1) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4000000010001fff000000000000000b00000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00ed"], 0x40}}, 0x0) 01:40:01 executing program 1: syz_open_dev$usbmon(&(0x7f0000000380), 0x3, 0x48801) [ 2010.662510][ T9177] RAX: ffffffffffffffda RBX: 00007fe837722700 RCX: 00007fe837fad531 [ 2010.670488][ T9177] RDX: 00007fe8377229d0 RSI: 00007fe8377222f0 RDI: 00000000003d0f00 [ 2010.678489][ T9177] RBP: 00007ffd964f7990 R08: 00007fe837722700 R09: 00007fe837722700 [ 2010.686462][ T9177] R10: 00007fe8377229d0 R11: 0000000000000206 R12: 00007ffd964f77fe [ 2010.694479][ T9177] R13: 00007ffd964f77ff R14: 00007fe837722300 R15: 0000000000022000 [ 2010.702453][ T9177] [ 2010.705637][ T9177] memory: usage 307196kB, limit 307200kB, failcnt 60222 [ 2010.712659][ T9177] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2010.719577][ T9177] Memory cgroup stats for /syz4: [ 2010.782170][ T9177] anon 94208 [ 2010.782170][ T9177] file 126976 [ 2010.782170][ T9177] kernel 314335232 [ 2010.782170][ T9177] kernel_stack 16384 [ 2010.782170][ T9177] pagetables 73728 [ 2010.782170][ T9177] percpu 11039616 [ 2010.782170][ T9177] sock 0 [ 2010.782170][ T9177] vmalloc 0 [ 2010.782170][ T9177] shmem 126976 [ 2010.782170][ T9177] file_mapped 126976 [ 2010.782170][ T9177] file_dirty 0 [ 2010.782170][ T9177] file_writeback 0 [ 2010.782170][ T9177] swapcached 0 [ 2010.782170][ T9177] inactive_anon 163840 [ 2010.782170][ T9177] active_anon 57344 [ 2010.782170][ T9177] inactive_file 0 [ 2010.782170][ T9177] active_file 0 [ 2010.782170][ T9177] unevictable 0 [ 2010.782170][ T9177] slab_reclaimable 15840 [ 2010.782170][ T9177] slab_unreclaimable 303135704 [ 2010.782170][ T9177] slab 303151544 [ 2010.782170][ T9177] workingset_refault_anon 0 [ 2010.782170][ T9177] workingset_refault_file 15 [ 2010.782170][ T9177] workingset_activate_anon 0 [ 2010.782170][ T9177] workingset_activate_file 0 [ 2010.878415][ T9177] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=9177,uid=0 [ 2010.893740][ T9177] Memory cgroup out of memory: Killed process 9177 (syz-executor.4) total-vm:46312kB, anon-rss:388kB, file-rss:8192kB, shmem-rss:0kB, UID:0 pgtables:76kB oom_score_adj:1000 01:40:01 executing program 4: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$gtp(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$GTP_CMD_DELPDP(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000005c0)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010000000000000000000100000008000100", @ANYRES32=0x0, @ANYBLOB="060070"], 0x24}}, 0x0) 01:40:01 executing program 1: syz_clone(0x20900, 0x0, 0x0, 0x0, 0x0, 0x0) 01:40:01 executing program 5: r0 = syz_open_dev$usbmon(&(0x7f0000000400), 0x0, 0x0) read$usbmon(r0, 0x0, 0x36) syz_usbip_server_init(0x1) [ 2011.073083][ T9199] syz-executor.4 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 2011.083365][ T9199] CPU: 1 PID: 9199 Comm: syz-executor.4 Not tainted 5.19.0-rc6-syzkaller-00104-g72a8e05d4f66-dirty #0 [ 2011.094372][ T9199] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 2011.104448][ T9199] Call Trace: [ 2011.107731][ T9199] [ 2011.110664][ T9199] dump_stack_lvl+0xd6/0x122 [ 2011.115267][ T9199] dump_stack+0x11/0x12 [ 2011.119594][ T9199] dump_header+0x98/0x410 [ 2011.124014][ T9199] oom_kill_process+0xfe/0x550 [ 2011.128795][ T9199] out_of_memory+0x620/0x880 [ 2011.133430][ T9199] mem_cgroup_oom+0x475/0x4f0 [ 2011.138115][ T9199] try_charge_memcg+0x746/0x960 [ 2011.142980][ T9199] charge_memcg+0x63/0x2c0 [ 2011.147405][ T9199] __mem_cgroup_charge+0x25/0xa0 [ 2011.152385][ T9199] wp_page_copy+0x20f/0x1460 [ 2011.157008][ T9199] do_wp_page+0x76f/0xe10 [ 2011.161347][ T9199] handle_mm_fault+0x5fb/0xa90 [ 2011.166150][ T9199] do_user_addr_fault+0x4cd/0x940 [ 2011.170772][ T9200] vhci_hcd vhci_hcd.0: pdev(5) rhport(0) sockfd(4) [ 2011.171182][ T9199] exc_page_fault+0x60/0x160 [ 2011.177667][ T9200] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 2011.182230][ T9199] asm_exc_page_fault+0x22/0x30 [ 2011.182258][ T9199] RIP: 0033:0x7fe837f52edc [ 2011.182292][ T9199] Code: 2a 59 ff ff 41 39 5c 24 2c 7f d3 31 c0 48 8d 3d c5 20 0b 00 e8 15 59 ff ff 48 8b 44 24 08 c7 44 24 1c ff ff ff ff 44 8b 60 78 80 c8 00 00 00 00 45 85 e4 0f 8e 83 00 00 00 48 8b 44 24 08 8b 01:40:01 executing program 1: syz_genetlink_get_family_id$fou(&(0x7f0000000440), 0xffffffffffffffff) [ 2011.182311][ T9199] RSP: 002b:00007fe837722190 EFLAGS: 00010202 [ 2011.189859][ T9200] vhci_hcd vhci_hcd.0: Device attached [ 2011.194565][ T9199] [ 2011.194571][ T9199] RAX: 00007fe8380bef60 RBX: 0000000000000003 RCX: 00007fe838013b5c [ 2011.221210][ T9202] vhci_hcd: connection closed [ 2011.224851][ T9199] RDX: 00000000001da463 RSI: 0000000000000010 RDI: 00007fe838004f8b [ 2011.224870][ T9199] RBP: 00007fe83800605d R08: 00007ffd96573080 R09: 0000000000000010 [ 2011.224883][ T9199] R10: 00007ffd965730b8 R11: 000000000005afa0 R12: 0000000000000000 [ 2011.235289][ T5083] vhci_hcd: stop threads 01:40:01 executing program 1: setuid(0xffffffffffffffff) socket$unix(0x1, 0x2, 0x0) 01:40:01 executing program 1: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL802154_CMD_SET_WPAN_PHY_NETNS(r0, &(0x7f0000000240)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000200)={&(0x7f00000001c0)={0x14}, 0x14}}, 0x0) [ 2011.240661][ T9199] R13: 00007ffd964f77ff R14: 00007fe837722300 R15: 0000000000022000 [ 2011.240684][ T9199] [ 2011.240836][ T9199] memory: usage 307200kB, limit 307200kB, failcnt 60265 [ 2011.245390][ T5083] vhci_hcd: release socket [ 2011.253313][ T9199] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2011.261286][ T5083] vhci_hcd: disconnect device [ 2011.269238][ T9199] Memory cgroup stats for /syz4: [ 2011.293670][ T9199] anon 94208 [ 2011.293670][ T9199] file 126976 [ 2011.293670][ T9199] kernel 314351616 [ 2011.293670][ T9199] kernel_stack 32768 [ 2011.293670][ T9199] pagetables 69632 [ 2011.293670][ T9199] percpu 11039616 [ 2011.293670][ T9199] sock 0 [ 2011.293670][ T9199] vmalloc 0 [ 2011.293670][ T9199] shmem 126976 [ 2011.293670][ T9199] file_mapped 126976 [ 2011.293670][ T9199] file_dirty 0 [ 2011.293670][ T9199] file_writeback 0 [ 2011.293670][ T9199] swapcached 0 [ 2011.293670][ T9199] inactive_anon 139264 [ 2011.293670][ T9199] active_anon 57344 [ 2011.293670][ T9199] inactive_file 0 [ 2011.293670][ T9199] active_file 0 [ 2011.293670][ T9199] unevictable 0 [ 2011.293670][ T9199] slab_reclaimable 21344 [ 2011.293670][ T9199] slab_unreclaimable 303142584 [ 2011.293670][ T9199] slab 303163928 [ 2011.293670][ T9199] workingset_refault_anon 0 [ 2011.293670][ T9199] workingset_refault_file 15 [ 2011.293670][ T9199] workingset_activate_anon 0 [ 2011.293670][ T9199] workingset_activate_file 0 [ 2011.403297][ T9199] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=9195,uid=0 [ 2011.418545][ T9199] Memory cgroup out of memory: Killed process 9195 (syz-executor.4) total-vm:46312kB, anon-rss:388kB, file-rss:8192kB, shmem-rss:0kB, UID:0 pgtables:72kB oom_score_adj:1000 01:40:01 executing program 2: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000240)=0x1) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4000000010001fff9effffff0000000000000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00ed"], 0x40}}, 0x0) 01:40:01 executing program 1: io_uring_setup(0x23cf, &(0x7f0000000200)={0x0, 0x0, 0x2}) 01:40:01 executing program 4: syz_open_dev$vcsn(&(0x7f0000000040), 0x60000000, 0x0) 01:40:01 executing program 0: getpid() socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, 0x0, 0x0, 0x2, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4000000010001fff000030030000000000000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00edd62ea20a1d331785", @ANYBLOB="f6058f6edd13b339a41741df7cc8ce16a184f1c3ce95557b15a6b9d8ed59050d446d58b1b14a601e31bc1f05ac2d5eab491981e7982e0834ddf3bc6592804936196dbce83b114f9265aa8c87654cf456311e4cba3ee22fd0451b75c902767755ccec2eb4ea77c45e8d4d4e77f867648d98797fdd8711d671c5f22669c60eb10bf9570150a2c247bf1e55cd1fb91e41588a73327e20823f2f15ce2255a75e6d8afb40aa37c5ae7af3fb6c770673242110d1e2c33cfd3264e2a156ae5ee38d5abfb2ad4c2a8a"], 0x40}}, 0x0) [ 2011.520382][ T9217] syz-executor.4 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 2011.530642][ T9217] CPU: 1 PID: 9217 Comm: syz-executor.4 Not tainted 5.19.0-rc6-syzkaller-00104-g72a8e05d4f66-dirty #0 [ 2011.541622][ T9217] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 2011.551675][ T9217] Call Trace: [ 2011.554957][ T9217] [ 2011.557894][ T9217] dump_stack_lvl+0xd6/0x122 [ 2011.562529][ T9217] dump_stack+0x11/0x12 [ 2011.566752][ T9217] dump_header+0x98/0x410 [ 2011.571177][ T9217] oom_kill_process+0xfe/0x550 [ 2011.576000][ T9217] out_of_memory+0x620/0x880 [ 2011.580610][ T9217] mem_cgroup_oom+0x475/0x4f0 [ 2011.585291][ T9217] try_charge_memcg+0x746/0x960 [ 2011.590183][ T9217] ? debug_smp_processor_id+0x13/0x20 [ 2011.595619][ T9217] ? delay_tsc+0xc1/0xe0 [ 2011.599917][ T9217] __memcg_kmem_charge_page+0x2e4/0x480 [ 2011.605520][ T9217] alloc_thread_stack_node+0x101/0x360 [ 2011.610988][ T9217] dup_task_struct+0x96/0x2a0 [ 2011.615683][ T9217] copy_process+0x3cb/0x20b0 [ 2011.620279][ T9217] kernel_clone+0x163/0x5c0 [ 2011.624865][ T9217] __x64_sys_clone+0xc3/0xf0 [ 2011.629483][ T9217] do_syscall_64+0x2b/0x70 [ 2011.633919][ T9217] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 2011.639879][ T9217] RIP: 0033:0x7fe837fad531 [ 2011.644302][ T9217] Code: 48 85 ff 74 3d 48 85 f6 74 38 48 83 ee 10 48 89 4e 08 48 89 3e 48 89 d7 4c 89 c2 4d 89 c8 4c 8b 54 24 08 b8 38 00 00 00 0f 05 <48> 85 c0 7c 13 74 01 c3 31 ed 58 5f ff d0 48 89 c7 b8 3c 00 00 00 [ 2011.663941][ T9217] RSP: 002b:00007ffd964f7748 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 2011.672416][ T9217] RAX: ffffffffffffffda RBX: 00007fe837722700 RCX: 00007fe837fad531 [ 2011.680478][ T9217] RDX: 00007fe8377229d0 RSI: 00007fe8377222f0 RDI: 00000000003d0f00 [ 2011.688449][ T9217] RBP: 00007ffd964f7990 R08: 00007fe837722700 R09: 00007fe837722700 [ 2011.696423][ T9217] R10: 00007fe8377229d0 R11: 0000000000000206 R12: 00007ffd964f77fe [ 2011.704396][ T9217] R13: 00007ffd964f77ff R14: 00007fe837722300 R15: 0000000000022000 [ 2011.712414][ T9217] [ 2011.715651][ T9217] memory: usage 307200kB, limit 307200kB, failcnt 60359 [ 2011.722640][ T9217] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2011.729564][ T9217] Memory cgroup stats for /syz4: [ 2011.749736][ T9217] anon 94208 [ 2011.749736][ T9217] file 126976 [ 2011.749736][ T9217] kernel 314351616 [ 2011.749736][ T9217] kernel_stack 16384 [ 2011.749736][ T9217] pagetables 73728 [ 2011.749736][ T9217] percpu 11039616 [ 2011.749736][ T9217] sock 0 [ 2011.749736][ T9217] vmalloc 0 [ 2011.749736][ T9217] shmem 126976 [ 2011.749736][ T9217] file_mapped 126976 [ 2011.749736][ T9217] file_dirty 0 [ 2011.749736][ T9217] file_writeback 0 [ 2011.749736][ T9217] swapcached 0 [ 2011.749736][ T9217] inactive_anon 163840 [ 2011.749736][ T9217] active_anon 57344 [ 2011.749736][ T9217] inactive_file 0 [ 2011.749736][ T9217] active_file 0 [ 2011.749736][ T9217] unevictable 0 [ 2011.749736][ T9217] slab_reclaimable 21344 01:40:02 executing program 3: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000240)=0x1) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4000000010001fff000000000000000c00000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00ed"], 0x40}}, 0x0) 01:40:02 executing program 1: r0 = socket$phonet(0x23, 0x2, 0x1) sendto$phonet(r0, 0x0, 0x0, 0x20000000, 0x0, 0x0) [ 2011.749736][ T9217] slab_unreclaimable 303142568 [ 2011.749736][ T9217] slab 303163912 [ 2011.749736][ T9217] workingset_refault_anon 0 [ 2011.749736][ T9217] workingset_refault_file 15 [ 2011.749736][ T9217] workingset_activate_anon 0 [ 2011.749736][ T9217] workingset_activate_file 0 [ 2011.845485][ T9217] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=9217,uid=0 01:40:02 executing program 4: r0 = socket$isdn_base(0x22, 0x3, 0x0) bind$isdn_base(r0, &(0x7f00000000c0), 0x6) 01:40:02 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$gtp(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$GTP_CMD_DELPDP(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010000000100", @ANYRES32=0x0, @ANYBLOB="06"], 0x24}}, 0x0) [ 2011.860772][ T9217] Memory cgroup out of memory: Killed process 9217 (syz-executor.4) total-vm:46312kB, anon-rss:388kB, file-rss:8192kB, shmem-rss:0kB, UID:0 pgtables:76kB oom_score_adj:1000 01:40:02 executing program 5: r0 = syz_open_dev$usbmon(&(0x7f0000000400), 0x0, 0x0) read$usbmon(r0, 0x0, 0x36) syz_usbip_server_init(0x1) 01:40:02 executing program 1: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_CALIPSO_C_ADD(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)={0x14}, 0x14}}, 0x0) syz_genetlink_get_family_id$nl802154(&(0x7f0000000140), r0) 01:40:02 executing program 0: getpid() socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, 0x0, 0x0, 0x2, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4000000010001fff000032030000000000000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00edd62ea20a1d331785", @ANYBLOB="f6058f6edd13b339a41741df7cc8ce16a184f1c3ce95557b15a6b9d8ed59050d446d58b1b14a601e31bc1f05ac2d5eab491981e7982e0834ddf3bc6592804936196dbce83b114f9265aa8c87654cf456311e4cba3ee22fd0451b75c902767755ccec2eb4ea77c45e8d4d4e77f867648d98797fdd8711d671c5f22669c60eb10bf9570150a2c247bf1e55cd1fb91e41588a73327e20823f2f15ce2255a75e6d8afb40aa37c5ae7af3fb6c770673242110d1e2c33cfd3264e2a156ae5ee38d5abfb2ad4c2a8a"], 0x40}}, 0x0) [ 2012.125715][ T9236] vhci_hcd vhci_hcd.0: pdev(5) rhport(0) sockfd(4) [ 2012.132267][ T9236] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 2012.139808][ T9236] vhci_hcd vhci_hcd.0: Device attached 01:40:02 executing program 1: add_key$keyring(&(0x7f00000003c0), &(0x7f0000000400)={'syz', 0x0}, 0x0, 0x0, 0xfffffffffffffffd) [ 2012.178038][ T9228] syz-executor.4 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=0, oom_score_adj=1000 [ 2012.190228][ T9228] CPU: 1 PID: 9228 Comm: syz-executor.4 Not tainted 5.19.0-rc6-syzkaller-00104-g72a8e05d4f66-dirty #0 [ 2012.201305][ T9228] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 2012.202524][ T9237] vhci_hcd: connection closed [ 2012.211434][ T9228] Call Trace: [ 2012.211445][ T9228] [ 2012.211451][ T9228] dump_stack_lvl+0xd6/0x122 [ 2012.211485][ T9228] dump_stack+0x11/0x12 [ 2012.211502][ T9228] dump_header+0x98/0x410 [ 2012.220335][ T970] vhci_hcd: stop threads [ 2012.222380][ T9228] oom_kill_process+0xfe/0x550 [ 2012.227029][ T970] vhci_hcd: release socket [ 2012.231102][ T9228] out_of_memory+0x620/0x880 [ 2012.235432][ T970] vhci_hcd: disconnect device [ 2012.239650][ T9228] mem_cgroup_oom+0x475/0x4f0 [ 2012.262858][ T9228] try_charge_memcg+0x746/0x960 [ 2012.267756][ T9228] ? __perf_event_task_sched_out+0xed6/0xf00 [ 2012.273735][ T9228] ? __this_cpu_preempt_check+0xf/0x10 [ 2012.279229][ T9228] __memcg_kmem_charge_page+0x2e4/0x480 [ 2012.284814][ T9228] __alloc_pages+0x1c1/0x340 [ 2012.289445][ T9228] alloc_pages+0x34d/0x450 [ 2012.293891][ T9228] __pmd_alloc+0x47/0x300 [ 2012.298296][ T9228] handle_mm_fault+0xa0d/0xa90 [ 2012.303404][ T9228] ? _raw_spin_unlock+0x2d/0x50 [ 2012.308332][ T9228] do_user_addr_fault+0x4cd/0x940 [ 2012.313397][ T9228] exc_page_fault+0x60/0x160 [ 2012.318010][ T9228] asm_exc_page_fault+0x22/0x30 [ 2012.322846][ T9228] RIP: 0033:0x7fe837f4d08b [ 2012.327245][ T9228] Code: 48 85 c0 74 1b 48 83 f8 01 0f 85 5a 03 00 00 0f b7 44 24 18 66 c1 c0 08 0f b7 c0 48 89 44 24 18 48 8b 44 24 10 0f b7 54 24 18 <66> 89 10 e9 70 fe ff ff 48 83 7c 24 08 08 0f 85 09 03 00 00 48 8b [ 2012.346968][ T9228] RSP: 002b:00007ffd964f7840 EFLAGS: 00010246 [ 2012.353043][ T9228] RAX: 00000000200000c0 RBX: 0000000000000000 RCX: 0000000000000000 [ 2012.361102][ T9228] RDX: 0000000000000022 RSI: 0000000000000000 RDI: 00005555560a12e8 [ 2012.369082][ T9228] RBP: 00007ffd964f7938 R08: 0000000000000000 R09: 0000000000000000 [ 2012.377062][ T9228] R10: 00007ffd965730b8 R11: 000000000005b058 R12: 00000000001eb397 [ 2012.385058][ T9228] R13: 00007ffd964f7960 R14: 00007ffd964f7980 R15: 0000000000000032 [ 2012.393182][ T9228] [ 2012.396416][ T9228] memory: usage 307200kB, limit 307200kB, failcnt 60438 [ 2012.403353][ T9228] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2012.410265][ T9228] Memory cgroup stats for /syz4: [ 2012.414560][ T9228] anon 94208 [ 2012.414560][ T9228] file 126976 01:40:02 executing program 2: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000240)=0x1) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4000000010001fffc3ffffff0000000000000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00ed"], 0x40}}, 0x0) 01:40:02 executing program 1: socket$packet(0x11, 0x2, 0x300) syz_genetlink_get_family_id$nl802154(&(0x7f0000001200), 0xffffffffffffffff) [ 2012.414560][ T9228] kernel 314351616 [ 2012.414560][ T9228] kernel_stack 32768 [ 2012.414560][ T9228] pagetables 69632 [ 2012.414560][ T9228] percpu 11039616 [ 2012.414560][ T9228] sock 0 [ 2012.414560][ T9228] vmalloc 0 [ 2012.414560][ T9228] shmem 126976 [ 2012.414560][ T9228] file_mapped 126976 [ 2012.414560][ T9228] file_dirty 0 [ 2012.414560][ T9228] file_writeback 0 [ 2012.414560][ T9228] swapcached 0 [ 2012.414560][ T9228] inactive_anon 163840 [ 2012.414560][ T9228] active_anon 57344 [ 2012.414560][ T9228] inactive_file 0 [ 2012.414560][ T9228] active_file 0 [ 2012.414560][ T9228] unevictable 0 [ 2012.414560][ T9228] slab_reclaimable 15840 [ 2012.414560][ T9228] slab_unreclaimable 303142320 [ 2012.414560][ T9228] slab 303158160 [ 2012.414560][ T9228] workingset_refault_anon 0 [ 2012.414560][ T9228] workingset_refault_file 15 [ 2012.414560][ T9228] workingset_activate_anon 0 [ 2012.414560][ T9228] workingset_activate_file 0 [ 2012.510514][ T9228] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=9228,uid=0 [ 2012.525756][ T9228] Memory cgroup out of memory: Killed process 9228 (syz-executor.4) total-vm:46312kB, anon-rss:388kB, file-rss:8192kB, shmem-rss:0kB, UID:0 pgtables:72kB oom_score_adj:1000 01:40:03 executing program 1: r0 = socket(0x2a, 0x2, 0x0) getsockopt$bt_l2cap_L2CAP_OPTIONS(r0, 0x6, 0x1, 0x0, 0x0) [ 2012.775676][ T9256] syz-executor.4 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 2012.785937][ T9256] CPU: 0 PID: 9256 Comm: syz-executor.4 Not tainted 5.19.0-rc6-syzkaller-00104-g72a8e05d4f66-dirty #0 [ 2012.796878][ T9256] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 2012.806933][ T9256] Call Trace: [ 2012.810211][ T9256] [ 2012.813141][ T9256] dump_stack_lvl+0xd6/0x122 [ 2012.817741][ T9256] dump_stack+0x11/0x12 01:40:03 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$GTP_CMD_DELPDP(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)={0x14, 0x0, 0x1}, 0x14}}, 0x0) 01:40:03 executing program 3: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000240)=0x1) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4000000010001fff000000000000000d00000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00ed"], 0x40}}, 0x0) 01:40:03 executing program 4: socketpair$unix(0x1, 0x0, 0x0, &(0x7f00000007c0)) [ 2012.822094][ T9256] dump_header+0x98/0x410 [ 2012.825832][ T24] audit: type=1400 audit(1657676403.081:566): avc: denied { getopt } for pid=9253 comm="syz-executor.1" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1 [ 2012.826426][ T9256] oom_kill_process+0xfe/0x550 [ 2012.851230][ T9256] out_of_memory+0x620/0x880 [ 2012.855865][ T9256] mem_cgroup_oom+0x475/0x4f0 [ 2012.860550][ T9256] try_charge_memcg+0x746/0x960 [ 2012.865537][ T9256] charge_memcg+0x63/0x2c0 [ 2012.870021][ T9256] __mem_cgroup_charge+0x25/0xa0 01:40:03 executing program 1: r0 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0) accept4$packet(r0, 0x0, 0x0, 0x400) 01:40:03 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$gtp(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$GTP_CMD_DELPDP(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)={0x24, r1, 0x1, 0x0, 0x0, {}, [@GTPA_LINK={0x8}, @GTPA_FLOW={0x6}]}, 0x24}}, 0x0) [ 2012.874973][ T9256] do_anonymous_page+0x1d6/0xa20 [ 2012.879990][ T9256] handle_mm_fault+0x8a0/0xa90 [ 2012.884779][ T9256] do_user_addr_fault+0x4cd/0x940 [ 2012.889934][ T9256] exc_page_fault+0x60/0x160 [ 2012.894541][ T9256] asm_exc_page_fault+0x22/0x30 [ 2012.899419][ T9256] RIP: 0033:0x7fe837f57d0d [ 2012.903838][ T9256] Code: e0 04 8b 44 02 08 85 c0 0f 85 d0 0a 00 00 31 c0 b9 40 42 0f 00 ba 81 00 00 00 c7 06 01 00 00 00 bf ca 00 00 00 e8 e3 43 05 00 <83> 05 ec b2 56 00 01 80 bc 24 d8 00 00 00 00 0f b6 05 6f 06 0a 01 [ 2012.923531][ T9256] RSP: 002b:00007ffd964f7880 EFLAGS: 00010217 [ 2012.929657][ T9256] RAX: 0000000000000000 RBX: 00007fe8380bef6c RCX: 00007fe837fac109 [ 2012.937626][ T9256] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007fe8380bef68 [ 2012.945690][ T9256] RBP: 00007fe8380bef60 R08: 00007fe837722700 R09: 0000000000000000 [ 2012.953758][ T9256] R10: 00007fe837722700 R11: 0000000000000246 R12: 00007fe8380bef6c [ 2012.961737][ T9256] R13: 00007fe8380c3078 R14: 00007fe8380bef60 R15: 0000000000000000 [ 2012.969717][ T9256] [ 2012.972977][ T9256] memory: usage 307200kB, limit 307200kB, failcnt 60519 [ 2012.979941][ T9256] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2012.986857][ T9256] Memory cgroup stats for /syz4: [ 2012.998975][ T9256] anon 90112 [ 2012.998975][ T9256] file 126976 [ 2012.998975][ T9256] kernel 314347520 [ 2012.998975][ T9256] kernel_stack 32768 [ 2012.998975][ T9256] pagetables 69632 [ 2012.998975][ T9256] percpu 11039616 [ 2012.998975][ T9256] sock 0 [ 2012.998975][ T9256] vmalloc 0 [ 2012.998975][ T9256] shmem 126976 [ 2012.998975][ T9256] file_mapped 126976 [ 2012.998975][ T9256] file_dirty 0 [ 2012.998975][ T9256] file_writeback 0 [ 2012.998975][ T9256] swapcached 0 [ 2012.998975][ T9256] inactive_anon 159744 [ 2012.998975][ T9256] active_anon 57344 [ 2012.998975][ T9256] inactive_file 0 [ 2012.998975][ T9256] active_file 0 [ 2012.998975][ T9256] unevictable 0 [ 2012.998975][ T9256] slab_reclaimable 21744 [ 2012.998975][ T9256] slab_unreclaimable 303137256 [ 2012.998975][ T9256] slab 303159000 01:40:03 executing program 5: r0 = syz_open_dev$usbmon(&(0x7f0000000400), 0x0, 0x0) read$usbmon(r0, 0x0, 0x36) syz_usbip_server_init(0x1) 01:40:03 executing program 1: select(0x0, 0x0, 0x0, 0x0, &(0x7f0000000440)={0x0, 0xea60}) [ 2012.998975][ T9256] workingset_refault_anon 0 [ 2012.998975][ T9256] workingset_refault_file 15 [ 2012.998975][ T9256] workingset_activate_anon 0 [ 2012.998975][ T9256] workingset_activate_file 0 [ 2013.094700][ T9256] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=9256,uid=0 [ 2013.110029][ T9256] Memory cgroup out of memory: Killed process 9256 (syz-executor.4) total-vm:46312kB, anon-rss:388kB, file-rss:8192kB, shmem-rss:0kB, UID:0 pgtables:72kB oom_score_adj:1000 01:40:03 executing program 0: getpid() socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, 0x0, 0x0, 0x2, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4000000010001fff000042030000000000000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00edd62ea20a1d331785", @ANYBLOB="f6058f6edd13b339a41741df7cc8ce16a184f1c3ce95557b15a6b9d8ed59050d446d58b1b14a601e31bc1f05ac2d5eab491981e7982e0834ddf3bc6592804936196dbce83b114f9265aa8c87654cf456311e4cba3ee22fd0451b75c902767755ccec2eb4ea77c45e8d4d4e77f867648d98797fdd8711d671c5f22669c60eb10bf9570150a2c247bf1e55cd1fb91e41588a73327e20823f2f15ce2255a75e6d8afb40aa37c5ae7af3fb6c770673242110d1e2c33cfd3264e2a156ae5ee38d5abfb2ad4c2a8a"], 0x40}}, 0x0) 01:40:03 executing program 4: r0 = io_uring_setup(0x6e86, &(0x7f00000001c0)) io_uring_register$IORING_REGISTER_FILES_UPDATE(r0, 0x6, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)=[0xffffffffffffffff]}, 0x1) [ 2013.258234][ T9272] vhci_hcd vhci_hcd.0: pdev(5) rhport(0) sockfd(4) [ 2013.264838][ T9272] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 2013.272404][ T9272] vhci_hcd vhci_hcd.0: Device attached [ 2013.282373][ T9273] vhci_hcd: connection closed [ 2013.282455][ T970] vhci_hcd: stop threads [ 2013.291545][ T970] vhci_hcd: release socket [ 2013.295977][ T970] vhci_hcd: disconnect device [ 2013.343510][ T9275] syz-executor.4 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 2013.353857][ T9275] CPU: 1 PID: 9275 Comm: syz-executor.4 Not tainted 5.19.0-rc6-syzkaller-00104-g72a8e05d4f66-dirty #0 [ 2013.365748][ T9275] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 2013.375836][ T9275] Call Trace: [ 2013.379113][ T9275] [ 2013.382113][ T9275] dump_stack_lvl+0xd6/0x122 [ 2013.386696][ T9275] dump_stack+0x11/0x12 [ 2013.390833][ T9275] dump_header+0x98/0x410 [ 2013.395217][ T9275] oom_kill_process+0xfe/0x550 [ 2013.401746][ T9275] out_of_memory+0x620/0x880 [ 2013.406393][ T9275] mem_cgroup_oom+0x475/0x4f0 [ 2013.411067][ T9275] try_charge_memcg+0x746/0x960 [ 2013.415933][ T9275] __memcg_kmem_charge_page+0x2e4/0x480 [ 2013.421498][ T9275] alloc_thread_stack_node+0x292/0x360 [ 2013.427021][ T9275] dup_task_struct+0x96/0x2a0 [ 2013.431729][ T9275] copy_process+0x3cb/0x20b0 [ 2013.436330][ T9275] kernel_clone+0x163/0x5c0 [ 2013.440840][ T9275] __x64_sys_clone+0xc3/0xf0 [ 2013.445595][ T9275] do_syscall_64+0x2b/0x70 [ 2013.450074][ T9275] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 2013.455999][ T9275] RIP: 0033:0x7fe837fad531 [ 2013.460572][ T9275] Code: 48 85 ff 74 3d 48 85 f6 74 38 48 83 ee 10 48 89 4e 08 48 89 3e 48 89 d7 4c 89 c2 4d 89 c8 4c 8b 54 24 08 b8 38 00 00 00 0f 05 <48> 85 c0 7c 13 74 01 c3 31 ed 58 5f ff d0 48 89 c7 b8 3c 00 00 00 [ 2013.480168][ T9275] RSP: 002b:00007ffd964f7748 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 2013.488599][ T9275] RAX: ffffffffffffffda RBX: 00007fe837722700 RCX: 00007fe837fad531 [ 2013.496589][ T9275] RDX: 00007fe8377229d0 RSI: 00007fe8377222f0 RDI: 00000000003d0f00 [ 2013.504558][ T9275] RBP: 00007ffd964f7990 R08: 00007fe837722700 R09: 00007fe837722700 [ 2013.512524][ T9275] R10: 00007fe8377229d0 R11: 0000000000000206 R12: 00007ffd964f77fe [ 2013.520590][ T9275] R13: 00007ffd964f77ff R14: 00007fe837722300 R15: 0000000000022000 [ 2013.528548][ T9275] [ 2013.531696][ T9275] memory: usage 307200kB, limit 307200kB, failcnt 60553 01:40:03 executing program 2: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000240)=0x1) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4000000010001fffeaffffff0000000000000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00ed"], 0x40}}, 0x0) 01:40:03 executing program 1: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000000000)=[@in6={0xa, 0x4e24, 0x0, @private0}, @in={0x2, 0x4e24, @initdev={0xac, 0x1e, 0x0, 0x0}}, @in6={0xa, 0x0, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}], 0x48) 01:40:03 executing program 1: r0 = io_uring_setup(0x6e86, &(0x7f00000001c0)) io_uring_register$IORING_REGISTER_FILES_UPDATE(r0, 0x6, 0x0, 0x0) 01:40:03 executing program 1: openat$pfkey(0xffffffffffffff9c, &(0x7f0000000500), 0x24000, 0x0) [ 2013.538653][ T9275] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2013.545527][ T9275] Memory cgroup stats for /syz4: [ 2013.553612][ T9275] anon 94208 [ 2013.553612][ T9275] file 126976 [ 2013.553612][ T9275] kernel 314335232 [ 2013.553612][ T9275] kernel_stack 16384 [ 2013.553612][ T9275] pagetables 73728 [ 2013.553612][ T9275] percpu 11039616 [ 2013.553612][ T9275] sock 0 [ 2013.553612][ T9275] vmalloc 0 [ 2013.553612][ T9275] shmem 126976 [ 2013.553612][ T9275] file_mapped 126976 [ 2013.553612][ T9275] file_dirty 0 [ 2013.553612][ T9275] file_writeback 0 [ 2013.553612][ T9275] swapcached 0 [ 2013.553612][ T9275] inactive_anon 163840 [ 2013.553612][ T9275] active_anon 57344 [ 2013.553612][ T9275] inactive_file 0 [ 2013.553612][ T9275] active_file 0 [ 2013.553612][ T9275] unevictable 0 [ 2013.553612][ T9275] slab_reclaimable 18592 [ 2013.553612][ T9275] slab_unreclaimable 303136208 [ 2013.553612][ T9275] slab 303154800 [ 2013.553612][ T9275] workingset_refault_anon 0 [ 2013.553612][ T9275] workingset_refault_file 15 [ 2013.553612][ T9275] workingset_activate_anon 0 [ 2013.553612][ T9275] workingset_activate_file 0 [ 2013.650732][ T9275] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=9275,uid=0 [ 2013.665888][ T9275] Memory cgroup out of memory: Killed process 9275 (syz-executor.4) total-vm:46312kB, anon-rss:388kB, file-rss:8192kB, shmem-rss:0kB, UID:0 pgtables:76kB oom_score_adj:1000 01:40:04 executing program 3: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000240)=0x1) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4000000010001fff000000000000000e00000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00ed"], 0x40}}, 0x0) 01:40:04 executing program 1: r0 = socket(0x2a, 0x2, 0x0) sendmsg$GTP_CMD_DELPDP(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={0x0, 0x28}}, 0x1) 01:40:04 executing program 4: r0 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$gtp(&(0x7f0000000200), r0) syz_genetlink_get_family_id$gtp(&(0x7f0000000080), 0xffffffffffffffff) [ 2013.753297][ T9293] syz-executor.4 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 2013.763579][ T9293] CPU: 0 PID: 9293 Comm: syz-executor.4 Not tainted 5.19.0-rc6-syzkaller-00104-g72a8e05d4f66-dirty #0 [ 2013.774519][ T9293] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 2013.784626][ T9293] Call Trace: [ 2013.787934][ T9293] [ 2013.790864][ T9293] dump_stack_lvl+0xd6/0x122 [ 2013.795464][ T9293] dump_stack+0x11/0x12 [ 2013.799633][ T9293] dump_header+0x98/0x410 [ 2013.803979][ T9293] oom_kill_process+0xfe/0x550 [ 2013.808801][ T9293] out_of_memory+0x620/0x880 [ 2013.813518][ T9293] mem_cgroup_oom+0x475/0x4f0 [ 2013.818205][ T9293] try_charge_memcg+0x746/0x960 [ 2013.823070][ T9293] charge_memcg+0x63/0x2c0 [ 2013.827493][ T9293] __mem_cgroup_charge+0x25/0xa0 [ 2013.832433][ T9293] wp_page_copy+0x20f/0x1460 [ 2013.837032][ T9293] ? __this_cpu_preempt_check+0xf/0x10 [ 2013.842501][ T9293] do_wp_page+0x76f/0xe10 [ 2013.846861][ T9293] handle_mm_fault+0x5fb/0xa90 [ 2013.851720][ T9293] do_user_addr_fault+0x4cd/0x940 [ 2013.856756][ T9293] exc_page_fault+0x60/0x160 [ 2013.861444][ T9293] asm_exc_page_fault+0x22/0x30 [ 2013.866304][ T9293] RIP: 0033:0x7fe837f52edc [ 2013.870735][ T9293] Code: 2a 59 ff ff 41 39 5c 24 2c 7f d3 31 c0 48 8d 3d c5 20 0b 00 e8 15 59 ff ff 48 8b 44 24 08 c7 44 24 1c ff ff ff ff 44 8b 60 78 80 c8 00 00 00 00 45 85 e4 0f 8e 83 00 00 00 48 8b 44 24 08 8b [ 2013.890443][ T9293] RSP: 002b:00007fe837722190 EFLAGS: 00010202 [ 2013.896512][ T9293] RAX: 00007fe8380bef60 RBX: 0000000000000003 RCX: 00007fe838013b5c [ 2013.904496][ T9293] RDX: 00000000001daede RSI: 0000000000000010 RDI: 00007fe838004f8b [ 2013.912497][ T9293] RBP: 00007fe83800605d R08: 00007ffd96573080 R09: 0000000000000010 [ 2013.920523][ T9293] R10: 00007ffd965730b8 R11: 000000000005b16c R12: 0000000000000000 [ 2013.928511][ T9293] R13: 00007ffd964f77ff R14: 00007fe837722300 R15: 0000000000022000 [ 2013.936495][ T9293] [ 2013.939781][ T9293] memory: usage 307200kB, limit 307200kB, failcnt 60598 [ 2013.946803][ T9293] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2013.953716][ T9293] Memory cgroup stats for /syz4: [ 2014.026016][ T9293] anon 94208 [ 2014.026016][ T9293] file 126976 [ 2014.026016][ T9293] kernel 314347520 [ 2014.026016][ T9293] kernel_stack 32768 [ 2014.026016][ T9293] pagetables 69632 [ 2014.026016][ T9293] percpu 11039616 [ 2014.026016][ T9293] sock 0 [ 2014.026016][ T9293] vmalloc 0 [ 2014.026016][ T9293] shmem 126976 [ 2014.026016][ T9293] file_mapped 126976 [ 2014.026016][ T9293] file_dirty 0 [ 2014.026016][ T9293] file_writeback 0 [ 2014.026016][ T9293] swapcached 0 [ 2014.026016][ T9293] inactive_anon 163840 [ 2014.026016][ T9293] active_anon 57344 [ 2014.026016][ T9293] inactive_file 0 [ 2014.026016][ T9293] active_file 0 [ 2014.026016][ T9293] unevictable 0 [ 2014.026016][ T9293] slab_reclaimable 21744 [ 2014.026016][ T9293] slab_unreclaimable 303137256 [ 2014.026016][ T9293] slab 303159000 [ 2014.026016][ T9293] workingset_refault_anon 0 [ 2014.026016][ T9293] workingset_refault_file 15 [ 2014.026016][ T9293] workingset_activate_anon 0 [ 2014.026016][ T9293] workingset_activate_file 0 01:40:04 executing program 1: r0 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0) mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x200000a, 0x12, r0, 0x8000000) [ 2014.123776][ T9293] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=9288,uid=0 [ 2014.139008][ T9293] Memory cgroup out of memory: Killed process 9288 (syz-executor.4) total-vm:46312kB, anon-rss:388kB, file-rss:8192kB, shmem-rss:0kB, UID:0 pgtables:72kB oom_score_adj:1000 01:40:04 executing program 5: r0 = syz_open_dev$usbmon(&(0x7f0000000400), 0x0, 0x0) read$usbmon(r0, 0x0, 0x36) 01:40:04 executing program 0: getpid() socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, 0x0, 0x0, 0x2, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4000000010001fff000056030000000000000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00edd62ea20a1d331785", @ANYBLOB="f6058f6edd13b339a41741df7cc8ce16a184f1c3ce95557b15a6b9d8ed59050d446d58b1b14a601e31bc1f05ac2d5eab491981e7982e0834ddf3bc6592804936196dbce83b114f9265aa8c87654cf456311e4cba3ee22fd0451b75c902767755ccec2eb4ea77c45e8d4d4e77f867648d98797fdd8711d671c5f22669c60eb10bf9570150a2c247bf1e55cd1fb91e41588a73327e20823f2f15ce2255a75e6d8afb40aa37c5ae7af3fb6c770673242110d1e2c33cfd3264e2a156ae5ee38d5abfb2ad4c2a8a"], 0x40}}, 0x0) 01:40:04 executing program 4: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$gtp(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$GTP_CMD_DELPDP(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000005c0)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="1fff"], 0x24}}, 0x0) 01:40:04 executing program 1: pselect6(0x40, &(0x7f0000000000), &(0x7f00000001c0), &(0x7f00000000c0)={0x3ff}, &(0x7f0000000100)={0x77359400}, &(0x7f0000000180)={&(0x7f0000000140)={[0x3]}, 0x8}) [ 2014.287624][ T9302] syz-executor.4 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 2014.297985][ T9302] CPU: 0 PID: 9302 Comm: syz-executor.4 Not tainted 5.19.0-rc6-syzkaller-00104-g72a8e05d4f66-dirty #0 [ 2014.308957][ T9302] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 2014.319021][ T9302] Call Trace: [ 2014.322300][ T9302] [ 2014.325230][ T9302] dump_stack_lvl+0xd6/0x122 [ 2014.329816][ T9302] dump_stack+0x11/0x12 [ 2014.333964][ T9302] dump_header+0x98/0x410 [ 2014.338345][ T9302] oom_kill_process+0xfe/0x550 [ 2014.343096][ T9302] out_of_memory+0x620/0x880 [ 2014.347672][ T9302] mem_cgroup_oom+0x475/0x4f0 [ 2014.352391][ T9302] try_charge_memcg+0x746/0x960 [ 2014.357318][ T9302] __memcg_kmem_charge_page+0x2e4/0x480 [ 2014.362900][ T9302] alloc_thread_stack_node+0x292/0x360 [ 2014.368372][ T9302] dup_task_struct+0x96/0x2a0 [ 2014.373082][ T9302] copy_process+0x3cb/0x20b0 [ 2014.377665][ T9302] kernel_clone+0x163/0x5c0 [ 2014.382153][ T9302] __x64_sys_clone+0xc3/0xf0 [ 2014.386800][ T9302] do_syscall_64+0x2b/0x70 [ 2014.391348][ T9302] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 2014.397292][ T9302] RIP: 0033:0x7fe837fad531 [ 2014.401724][ T9302] Code: 48 85 ff 74 3d 48 85 f6 74 38 48 83 ee 10 48 89 4e 08 48 89 3e 48 89 d7 4c 89 c2 4d 89 c8 4c 8b 54 24 08 b8 38 00 00 00 0f 05 <48> 85 c0 7c 13 74 01 c3 31 ed 58 5f ff d0 48 89 c7 b8 3c 00 00 00 [ 2014.421325][ T9302] RSP: 002b:00007ffd964f7748 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 2014.429816][ T9302] RAX: ffffffffffffffda RBX: 00007fe837722700 RCX: 00007fe837fad531 [ 2014.437867][ T9302] RDX: 00007fe8377229d0 RSI: 00007fe8377222f0 RDI: 00000000003d0f00 [ 2014.445959][ T9302] RBP: 00007ffd964f7990 R08: 00007fe837722700 R09: 00007fe837722700 [ 2014.453924][ T9302] R10: 00007fe8377229d0 R11: 0000000000000206 R12: 00007ffd964f77fe [ 2014.461900][ T9302] R13: 00007ffd964f77ff R14: 00007fe837722300 R15: 0000000000022000 [ 2014.469859][ T9302] [ 2014.473033][ T9302] memory: usage 307200kB, limit 307200kB, failcnt 60629 [ 2014.480121][ T9302] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2014.486981][ T9302] Memory cgroup stats for /syz4: [ 2014.488467][ T9302] anon 90112 [ 2014.488467][ T9302] file 126976 [ 2014.488467][ T9302] kernel 314351616 [ 2014.488467][ T9302] kernel_stack 16384 [ 2014.488467][ T9302] pagetables 65536 [ 2014.488467][ T9302] percpu 11039616 [ 2014.488467][ T9302] sock 0 [ 2014.488467][ T9302] vmalloc 0 [ 2014.488467][ T9302] shmem 126976 [ 2014.488467][ T9302] file_mapped 126976 [ 2014.488467][ T9302] file_dirty 0 [ 2014.488467][ T9302] file_writeback 0 [ 2014.488467][ T9302] swapcached 0 [ 2014.488467][ T9302] inactive_anon 139264 [ 2014.488467][ T9302] active_anon 57344 [ 2014.488467][ T9302] inactive_file 0 [ 2014.488467][ T9302] active_file 0 [ 2014.488467][ T9302] unevictable 0 [ 2014.488467][ T9302] slab_reclaimable 33320 [ 2014.488467][ T9302] slab_unreclaimable 303143992 [ 2014.488467][ T9302] slab 303177312 [ 2014.488467][ T9302] workingset_refault_anon 0 [ 2014.488467][ T9302] workingset_refault_file 15 [ 2014.488467][ T9302] workingset_activate_anon 0 [ 2014.488467][ T9302] workingset_activate_file 0 01:40:05 executing program 2: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000240)=0x1) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4000000010001fffefffffff0000000000000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00ed"], 0x40}}, 0x0) 01:40:05 executing program 1: add_key$fscrypt_v1(&(0x7f0000000040), 0x0, 0x0, 0x0, 0xfffffffffffffff8) 01:40:05 executing program 4: add_key$fscrypt_v1(&(0x7f0000000000), &(0x7f0000000040)={'fscrypt:', @desc1}, &(0x7f0000000080)={0x0, "23e340d0dbbf8424586c263e727bb1a4f1580806956ca38bc6bf11045f91a26c81c936dc9ae8331bfaff3f7d48690dee2ce676e9340d4c6838ff5127b3045fc9"}, 0x48, 0xfffffffffffffffc) [ 2014.585139][ T9302] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=9302,uid=0 [ 2014.600913][ T9302] Memory cgroup out of memory: Killed process 9302 (syz-executor.4) total-vm:46312kB, anon-rss:388kB, file-rss:8192kB, shmem-rss:0kB, UID:0 pgtables:68kB oom_score_adj:1000 01:40:05 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$IPVS_CMD_NEW_DAEMON(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000200)=ANY=[], 0x1c}}, 0x0) 01:40:05 executing program 3: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000240)=0x1) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4000000010001fff000000000000010e00000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00ed"], 0x40}}, 0x0) 01:40:05 executing program 1: r0 = socket$packet(0x11, 0x3, 0x300) connect$packet(r0, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, 0x14) [ 2014.690508][ T9314] syz-executor.4 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 2014.700824][ T9314] CPU: 1 PID: 9314 Comm: syz-executor.4 Not tainted 5.19.0-rc6-syzkaller-00104-g72a8e05d4f66-dirty #0 [ 2014.711891][ T9314] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 2014.722061][ T9314] Call Trace: [ 2014.725415][ T9314] [ 2014.728415][ T9314] dump_stack_lvl+0xd6/0x122 [ 2014.733052][ T9314] dump_stack+0x11/0x12 [ 2014.737248][ T9314] dump_header+0x98/0x410 [ 2014.741610][ T9314] oom_kill_process+0xfe/0x550 [ 2014.746466][ T9314] out_of_memory+0x620/0x880 [ 2014.751064][ T9314] mem_cgroup_oom+0x475/0x4f0 [ 2014.755751][ T9314] try_charge_memcg+0x746/0x960 [ 2014.760649][ T9314] __memcg_kmem_charge_page+0x2e4/0x480 [ 2014.766278][ T9314] alloc_thread_stack_node+0x292/0x360 [ 2014.771842][ T9314] dup_task_struct+0x96/0x2a0 [ 2014.776535][ T9314] copy_process+0x3cb/0x20b0 [ 2014.781153][ T9314] kernel_clone+0x163/0x5c0 [ 2014.785703][ T9314] __x64_sys_clone+0xc3/0xf0 [ 2014.790304][ T9314] do_syscall_64+0x2b/0x70 [ 2014.794721][ T9314] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 2014.800650][ T9314] RIP: 0033:0x7fe837fad531 [ 2014.805137][ T9314] Code: 48 85 ff 74 3d 48 85 f6 74 38 48 83 ee 10 48 89 4e 08 48 89 3e 48 89 d7 4c 89 c2 4d 89 c8 4c 8b 54 24 08 b8 38 00 00 00 0f 05 <48> 85 c0 7c 13 74 01 c3 31 ed 58 5f ff d0 48 89 c7 b8 3c 00 00 00 [ 2014.824766][ T9314] RSP: 002b:00007ffd964f7748 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 2014.833179][ T9314] RAX: ffffffffffffffda RBX: 00007fe837722700 RCX: 00007fe837fad531 [ 2014.841143][ T9314] RDX: 00007fe8377229d0 RSI: 00007fe8377222f0 RDI: 00000000003d0f00 [ 2014.849114][ T9314] RBP: 00007ffd964f7990 R08: 00007fe837722700 R09: 00007fe837722700 [ 2014.857088][ T9314] R10: 00007fe8377229d0 R11: 0000000000000206 R12: 00007ffd964f77fe [ 2014.865064][ T9314] R13: 00007ffd964f77ff R14: 00007fe837722300 R15: 0000000000022000 [ 2014.873150][ T9314] [ 2014.876267][ T9314] memory: usage 307200kB, limit 307200kB, failcnt 60682 [ 2014.883255][ T9314] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2014.890106][ T9314] Memory cgroup stats for /syz4: [ 2014.900646][ T9314] anon 94208 [ 2014.900646][ T9314] file 126976 [ 2014.900646][ T9314] kernel 314343424 [ 2014.900646][ T9314] kernel_stack 16384 [ 2014.900646][ T9314] pagetables 73728 [ 2014.900646][ T9314] percpu 11039616 [ 2014.900646][ T9314] sock 0 [ 2014.900646][ T9314] vmalloc 0 [ 2014.900646][ T9314] shmem 126976 [ 2014.900646][ T9314] file_mapped 126976 [ 2014.900646][ T9314] file_dirty 0 [ 2014.900646][ T9314] file_writeback 0 [ 2014.900646][ T9314] swapcached 0 [ 2014.900646][ T9314] inactive_anon 163840 [ 2014.900646][ T9314] active_anon 57344 [ 2014.900646][ T9314] inactive_file 0 [ 2014.900646][ T9314] active_file 0 [ 2014.900646][ T9314] unevictable 0 [ 2014.900646][ T9314] slab_reclaimable 15840 [ 2014.900646][ T9314] slab_unreclaimable 303142304 [ 2014.900646][ T9314] slab 303158144 [ 2014.900646][ T9314] workingset_refault_anon 0 [ 2014.900646][ T9314] workingset_refault_file 15 [ 2014.900646][ T9314] workingset_activate_anon 0 [ 2014.900646][ T9314] workingset_activate_file 0 01:40:05 executing program 1: r0 = io_uring_setup(0x3bf5, &(0x7f0000000000)) io_uring_register$IORING_REGISTER_EVENTFD(r0, 0x4, 0x0, 0x1) [ 2014.996582][ T9314] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=9314,uid=0 [ 2015.011930][ T9314] Memory cgroup out of memory: Killed process 9314 (syz-executor.4) total-vm:46312kB, anon-rss:388kB, file-rss:8192kB, shmem-rss:0kB, UID:0 pgtables:76kB oom_score_adj:1000 01:40:05 executing program 4: r0 = socket$phonet(0x23, 0x2, 0x1) bind$phonet(r0, &(0x7f0000000600)={0x23, 0x0, 0x3}, 0x10) 01:40:05 executing program 5: r0 = syz_open_dev$usbmon(&(0x7f0000000400), 0x0, 0x0) read$usbmon(r0, 0x0, 0x36) 01:40:05 executing program 0: getpid() socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, 0x0, 0x0, 0x2, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4000000010001fff00007e030000000000000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00edd62ea20a1d331785", @ANYBLOB="f6058f6edd13b339a41741df7cc8ce16a184f1c3ce95557b15a6b9d8ed59050d446d58b1b14a601e31bc1f05ac2d5eab491981e7982e0834ddf3bc6592804936196dbce83b114f9265aa8c87654cf456311e4cba3ee22fd0451b75c902767755ccec2eb4ea77c45e8d4d4e77f867648d98797fdd8711d671c5f22669c60eb10bf9570150a2c247bf1e55cd1fb91e41588a73327e20823f2f15ce2255a75e6d8afb40aa37c5ae7af3fb6c770673242110d1e2c33cfd3264e2a156ae5ee38d5abfb2ad4c2a8a"], 0x40}}, 0x0) 01:40:05 executing program 1: r0 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0) connect$pptp(r0, 0x0, 0x0) 01:40:05 executing program 1: r0 = add_key$keyring(&(0x7f0000000100), &(0x7f0000000140)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffe) add_key$fscrypt_v1(&(0x7f0000000180), &(0x7f00000001c0)={'fscrypt:', @desc4}, &(0x7f0000000200)={0x0, "c56c37e1ba0ee86f9a7409870f5e7667dabcb375cc52dfa5d65039700d4916dad2cb3bbb71442bc2d21a9c1e167b69a65ee4cf20f173c3fa41648ccd78ba3520"}, 0x48, r0) [ 2015.341797][ T9332] syz-executor.4 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 2015.352075][ T9332] CPU: 1 PID: 9332 Comm: syz-executor.4 Not tainted 5.19.0-rc6-syzkaller-00104-g72a8e05d4f66-dirty #0 [ 2015.363016][ T9332] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 2015.373074][ T9332] Call Trace: [ 2015.376351][ T9332] [ 2015.379295][ T9332] dump_stack_lvl+0xd6/0x122 [ 2015.383886][ T9332] dump_stack+0x11/0x12 [ 2015.388043][ T9332] dump_header+0x98/0x410 [ 2015.392371][ T9332] oom_kill_process+0xfe/0x550 [ 2015.397176][ T9332] out_of_memory+0x620/0x880 [ 2015.403450][ T9332] mem_cgroup_oom+0x475/0x4f0 [ 2015.408132][ T9332] try_charge_memcg+0x746/0x960 [ 2015.413035][ T9332] charge_memcg+0x63/0x2c0 [ 2015.417469][ T9332] __mem_cgroup_charge+0x25/0xa0 [ 2015.422401][ T9332] wp_page_copy+0x20f/0x1460 [ 2015.427079][ T9332] do_wp_page+0x76f/0xe10 [ 2015.431401][ T9332] handle_mm_fault+0x5fb/0xa90 [ 2015.436183][ T9332] do_user_addr_fault+0x4cd/0x940 [ 2015.441211][ T9332] exc_page_fault+0x60/0x160 [ 2015.445829][ T9332] asm_exc_page_fault+0x22/0x30 [ 2015.450744][ T9332] RIP: 0033:0x7fe837f52edc [ 2015.455171][ T9332] Code: 2a 59 ff ff 41 39 5c 24 2c 7f d3 31 c0 48 8d 3d c5 20 0b 00 e8 15 59 ff ff 48 8b 44 24 08 c7 44 24 1c ff ff ff ff 44 8b 60 78 80 c8 00 00 00 00 45 85 e4 0f 8e 83 00 00 00 48 8b 44 24 08 8b [ 2015.474787][ T9332] RSP: 002b:00007fe837722190 EFLAGS: 00010202 [ 2015.480863][ T9332] RAX: 00007fe8380bef60 RBX: 0000000000000003 RCX: 00007fe838013bc3 [ 2015.488850][ T9332] RDX: 00000000001db4d9 RSI: 0000000000000001 RDI: 00007fe838004f8b [ 2015.496814][ T9332] RBP: 00007fe83800605d R08: 00007ffd96573080 R09: 0000000000000010 [ 2015.504789][ T9332] R10: 00007ffd965730b8 R11: 000000000005b264 R12: 0000000000000000 [ 2015.512895][ T9332] R13: 00007ffd964f77ff R14: 00007fe837722300 R15: 0000000000022000 [ 2015.520910][ T9332] [ 2015.524036][ T9332] memory: usage 307200kB, limit 307200kB, failcnt 60793 [ 2015.531323][ T9332] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2015.538239][ T9332] Memory cgroup stats for /syz4: [ 2015.538508][ T9332] anon 94208 [ 2015.538508][ T9332] file 126976 [ 2015.538508][ T9332] kernel 314351616 [ 2015.538508][ T9332] kernel_stack 32768 [ 2015.538508][ T9332] pagetables 69632 [ 2015.538508][ T9332] percpu 11039616 [ 2015.538508][ T9332] sock 0 [ 2015.538508][ T9332] vmalloc 0 [ 2015.538508][ T9332] shmem 126976 [ 2015.538508][ T9332] file_mapped 126976 [ 2015.538508][ T9332] file_dirty 0 [ 2015.538508][ T9332] file_writeback 0 [ 2015.538508][ T9332] swapcached 0 [ 2015.538508][ T9332] inactive_anon 159744 [ 2015.538508][ T9332] active_anon 57344 [ 2015.538508][ T9332] inactive_file 0 [ 2015.538508][ T9332] active_file 0 [ 2015.538508][ T9332] unevictable 0 [ 2015.538508][ T9332] slab_reclaimable 15840 [ 2015.538508][ T9332] slab_unreclaimable 303142320 [ 2015.538508][ T9332] slab 303158160 [ 2015.538508][ T9332] workingset_refault_anon 0 [ 2015.538508][ T9332] workingset_refault_file 15 [ 2015.538508][ T9332] workingset_activate_anon 0 [ 2015.538508][ T9332] workingset_activate_file 0 01:40:06 executing program 2: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000240)=0x1) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4000000010001ffff0ffffff0000000000000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00ed"], 0x40}}, 0x0) 01:40:06 executing program 1: r0 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0) read$ptp(r0, 0x0, 0x0) 01:40:06 executing program 4: r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/block/loop0', 0x0, 0x0) ioctl$SIOCGETMIFCNT_IN6(r0, 0x40305828, 0x0) 01:40:06 executing program 1: r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0) connect$bt_l2cap(r0, &(0x7f00000005c0)={0x1f, 0x401, @none}, 0xe) [ 2015.634189][ T9332] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=9328,uid=0 [ 2015.649531][ T9332] Memory cgroup out of memory: Killed process 9328 (syz-executor.4) total-vm:46312kB, anon-rss:388kB, file-rss:8192kB, shmem-rss:0kB, UID:0 pgtables:72kB oom_score_adj:1000 [ 2015.707003][ T9345] syz-executor.4 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 2015.717245][ T9345] CPU: 0 PID: 9345 Comm: syz-executor.4 Not tainted 5.19.0-rc6-syzkaller-00104-g72a8e05d4f66-dirty #0 [ 2015.728162][ T9345] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 2015.738310][ T9345] Call Trace: [ 2015.741591][ T9345] [ 2015.744622][ T9345] dump_stack_lvl+0xd6/0x122 [ 2015.749228][ T9345] dump_stack+0x11/0x12 [ 2015.753447][ T9345] dump_header+0x98/0x410 [ 2015.757868][ T9345] oom_kill_process+0xfe/0x550 [ 2015.762700][ T9345] out_of_memory+0x620/0x880 [ 2015.767404][ T9345] mem_cgroup_oom+0x475/0x4f0 [ 2015.772088][ T9345] try_charge_memcg+0x746/0x960 [ 2015.777082][ T9345] obj_cgroup_charge+0x171/0x2b0 [ 2015.782045][ T9345] kmem_cache_alloc+0x92/0x300 [ 2015.786868][ T9345] ? vm_area_alloc+0x28/0xa0 [ 2015.791533][ T9345] vm_area_alloc+0x28/0xa0 [ 2015.795955][ T9345] mmap_region+0x743/0xff0 [ 2015.800434][ T9345] ? get_unmapped_area+0x247/0x270 [ 2015.805555][ T9345] do_mmap+0x67a/0xb20 [ 2015.809654][ T9345] vm_mmap_pgoff+0x117/0x1f0 [ 2015.814287][ T9345] ksys_mmap_pgoff+0xc2/0x320 [ 2015.819052][ T9345] ? fpregs_assert_state_consistent+0x7e/0x90 [ 2015.825149][ T9345] do_syscall_64+0x2b/0x70 [ 2015.829635][ T9345] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 2015.835611][ T9345] RIP: 0033:0x7fe837fac152 [ 2015.840170][ T9345] Code: 00 00 00 00 00 0f 1f 00 41 f7 c1 ff 0f 00 00 75 27 55 48 89 fd 53 89 cb 48 85 ff 74 3b 41 89 da 48 89 ef b8 09 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 66 5b 5d c3 0f 1f 00 48 c7 c0 b8 ff ff ff 64 [ 2015.859811][ T9345] RSP: 002b:00007ffd964f7788 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 2015.868236][ T9345] RAX: ffffffffffffffda RBX: 0000000000020022 RCX: 00007fe837fac152 [ 2015.876485][ T9345] RDX: 0000000000000000 RSI: 0000000000021000 RDI: 0000000000000000 [ 2015.884473][ T9345] RBP: 0000000000000000 R08: 00000000ffffffff R09: 0000000000000000 [ 2015.892465][ T9345] R10: 0000000000020022 R11: 0000000000000246 R12: 00007ffd964f7990 [ 2015.900456][ T9345] R13: 0000000000000006 R14: 0000000000000000 R15: 0000000000022000 [ 2015.908433][ T9345] [ 2015.911522][ T9345] memory: usage 307192kB, limit 307200kB, failcnt 60864 [ 2015.918549][ T9345] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 01:40:06 executing program 1: syz_clone(0x1148200, 0x0, 0x0, 0x0, 0x0, 0x0) 01:40:06 executing program 3: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000240)=0x1) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4000000010001fff000000000000000f00000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00ed"], 0x40}}, 0x0) 01:40:06 executing program 1: syz_open_dev$vcsn(&(0x7f0000000000), 0x4, 0x200) 01:40:06 executing program 1: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000000000)=[@in6={0xa, 0x0, 0x0, @private0}, @in={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}], 0x2c) [ 2015.925409][ T9345] Memory cgroup stats for /syz4: [ 2015.995943][ T9345] anon 81920 [ 2015.995943][ T9345] file 126976 [ 2015.995943][ T9345] kernel 314331136 [ 2015.995943][ T9345] kernel_stack 16384 [ 2015.995943][ T9345] pagetables 73728 [ 2015.995943][ T9345] percpu 11039616 [ 2015.995943][ T9345] sock 0 [ 2015.995943][ T9345] vmalloc 0 [ 2015.995943][ T9345] shmem 126976 [ 2015.995943][ T9345] file_mapped 126976 [ 2015.995943][ T9345] file_dirty 0 [ 2015.995943][ T9345] file_writeback 0 [ 2015.995943][ T9345] swapcached 0 [ 2015.995943][ T9345] inactive_anon 151552 [ 2015.995943][ T9345] active_anon 57344 [ 2015.995943][ T9345] inactive_file 0 [ 2015.995943][ T9345] active_file 0 [ 2015.995943][ T9345] unevictable 0 [ 2015.995943][ T9345] slab_reclaimable 15840 [ 2015.995943][ T9345] slab_unreclaimable 303137576 [ 2015.995943][ T9345] slab 303153416 [ 2015.995943][ T9345] workingset_refault_anon 0 [ 2015.995943][ T9345] workingset_refault_file 15 [ 2015.995943][ T9345] workingset_activate_anon 0 [ 2015.995943][ T9345] workingset_activate_file 0 [ 2016.092035][ T9345] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=9345,uid=0 [ 2016.107263][ T9345] Memory cgroup out of memory: Killed process 9345 (syz-executor.4) total-vm:46180kB, anon-rss:388kB, file-rss:8192kB, shmem-rss:0kB, UID:0 pgtables:76kB oom_score_adj:1000 01:40:06 executing program 4: syz_open_dev$vcsn(0x0, 0x0, 0x0) [ 2016.237262][ T9362] syz-executor.4 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 2016.247534][ T9362] CPU: 1 PID: 9362 Comm: syz-executor.4 Not tainted 5.19.0-rc6-syzkaller-00104-g72a8e05d4f66-dirty #0 [ 2016.258543][ T9362] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 2016.268669][ T9362] Call Trace: [ 2016.271947][ T9362] [ 2016.274914][ T9362] dump_stack_lvl+0xd6/0x122 [ 2016.279510][ T9362] dump_stack+0x11/0x12 [ 2016.283670][ T9362] dump_header+0x98/0x410 [ 2016.288022][ T9362] oom_kill_process+0xfe/0x550 [ 2016.292813][ T9362] out_of_memory+0x620/0x880 [ 2016.297414][ T9362] mem_cgroup_oom+0x475/0x4f0 [ 2016.302127][ T9362] try_charge_memcg+0x746/0x960 [ 2016.307082][ T9362] __memcg_kmem_charge_page+0x2e4/0x480 [ 2016.312645][ T9362] alloc_thread_stack_node+0x101/0x360 [ 2016.318133][ T9362] dup_task_struct+0x96/0x2a0 [ 2016.322814][ T9362] copy_process+0x3cb/0x20b0 [ 2016.327498][ T9362] kernel_clone+0x163/0x5c0 [ 2016.332048][ T9362] __x64_sys_clone+0xc3/0xf0 [ 2016.336646][ T9362] do_syscall_64+0x2b/0x70 [ 2016.341075][ T9362] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 2016.347002][ T9362] RIP: 0033:0x7fe837fad531 [ 2016.351417][ T9362] Code: 48 85 ff 74 3d 48 85 f6 74 38 48 83 ee 10 48 89 4e 08 48 89 3e 48 89 d7 4c 89 c2 4d 89 c8 4c 8b 54 24 08 b8 38 00 00 00 0f 05 <48> 85 c0 7c 13 74 01 c3 31 ed 58 5f ff d0 48 89 c7 b8 3c 00 00 00 [ 2016.371109][ T9362] RSP: 002b:00007ffd964f7748 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 2016.379614][ T9362] RAX: ffffffffffffffda RBX: 00007fe837722700 RCX: 00007fe837fad531 [ 2016.387644][ T9362] RDX: 00007fe8377229d0 RSI: 00007fe8377222f0 RDI: 00000000003d0f00 [ 2016.395644][ T9362] RBP: 00007ffd964f7990 R08: 00007fe837722700 R09: 00007fe837722700 [ 2016.403616][ T9362] R10: 00007fe8377229d0 R11: 0000000000000206 R12: 00007ffd964f77fe [ 2016.411685][ T9362] R13: 00007ffd964f77ff R14: 00007fe837722300 R15: 0000000000022000 [ 2016.419724][ T9362] [ 2016.422830][ T9362] memory: usage 307200kB, limit 307200kB, failcnt 60905 [ 2016.429793][ T9362] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2016.436686][ T9362] Memory cgroup stats for /syz4: [ 2016.439053][ T9362] anon 90112 [ 2016.439053][ T9362] file 126976 [ 2016.439053][ T9362] kernel 314355712 [ 2016.439053][ T9362] kernel_stack 16384 [ 2016.439053][ T9362] pagetables 65536 [ 2016.439053][ T9362] percpu 11039616 [ 2016.439053][ T9362] sock 0 [ 2016.439053][ T9362] vmalloc 0 [ 2016.439053][ T9362] shmem 126976 [ 2016.439053][ T9362] file_mapped 126976 [ 2016.439053][ T9362] file_dirty 0 [ 2016.439053][ T9362] file_writeback 0 [ 2016.439053][ T9362] swapcached 0 [ 2016.439053][ T9362] inactive_anon 135168 [ 2016.439053][ T9362] active_anon 57344 [ 2016.439053][ T9362] inactive_file 0 [ 2016.439053][ T9362] active_file 0 [ 2016.439053][ T9362] unevictable 0 [ 2016.439053][ T9362] slab_reclaimable 33320 [ 2016.439053][ T9362] slab_unreclaimable 303144368 [ 2016.439053][ T9362] slab 303177688 [ 2016.439053][ T9362] workingset_refault_anon 0 [ 2016.439053][ T9362] workingset_refault_file 15 [ 2016.439053][ T9362] workingset_activate_anon 0 [ 2016.439053][ T9362] workingset_activate_file 0 [ 2016.534806][ T9362] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=9362,uid=0 [ 2016.550073][ T9362] Memory cgroup out of memory: Killed process 9362 (syz-executor.4) total-vm:46312kB, anon-rss:388kB, file-rss:8192kB, shmem-rss:0kB, UID:0 pgtables:68kB oom_score_adj:1000 01:40:07 executing program 0: getpid() socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, 0x0, 0x0, 0x2, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4000000010001fff000080030000000000000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00edd62ea20a1d331785", @ANYBLOB="f6058f6edd13b339a41741df7cc8ce16a184f1c3ce95557b15a6b9d8ed59050d446d58b1b14a601e31bc1f05ac2d5eab491981e7982e0834ddf3bc6592804936196dbce83b114f9265aa8c87654cf456311e4cba3ee22fd0451b75c902767755ccec2eb4ea77c45e8d4d4e77f867648d98797fdd8711d671c5f22669c60eb10bf9570150a2c247bf1e55cd1fb91e41588a73327e20823f2f15ce2255a75e6d8afb40aa37c5ae7af3fb6c770673242110d1e2c33cfd3264e2a156ae5ee38d5abfb2ad4c2a8a"], 0x40}}, 0x0) 01:40:07 executing program 5: r0 = syz_open_dev$usbmon(&(0x7f0000000400), 0x0, 0x0) read$usbmon(r0, 0x0, 0x36) 01:40:07 executing program 4: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$gtp(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$GTP_CMD_DELPDP(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010000", @ANYRES32=0x0], 0x24}}, 0x0) 01:40:07 executing program 2: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000240)=0x1) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4000000010001ffffeffffff0000000000000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00ed"], 0x40}}, 0x0) [ 2016.658759][ T9365] syz-executor.4 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 2016.669100][ T9365] CPU: 0 PID: 9365 Comm: syz-executor.4 Not tainted 5.19.0-rc6-syzkaller-00104-g72a8e05d4f66-dirty #0 [ 2016.680253][ T9365] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 2016.690413][ T9365] Call Trace: [ 2016.693697][ T9365] [ 2016.696701][ T9365] dump_stack_lvl+0xd6/0x122 [ 2016.701401][ T9365] dump_stack+0x11/0x12 [ 2016.705618][ T9365] dump_header+0x98/0x410 [ 2016.709964][ T9365] oom_kill_process+0xfe/0x550 [ 2016.714790][ T9365] out_of_memory+0x620/0x880 [ 2016.719738][ T9365] mem_cgroup_oom+0x475/0x4f0 [ 2016.724470][ T9365] try_charge_memcg+0x746/0x960 [ 2016.729417][ T9365] __memcg_kmem_charge_page+0x2e4/0x480 [ 2016.734994][ T9365] alloc_thread_stack_node+0x292/0x360 [ 2016.740503][ T9365] dup_task_struct+0x96/0x2a0 [ 2016.745229][ T9365] copy_process+0x3cb/0x20b0 [ 2016.749806][ T9365] kernel_clone+0x163/0x5c0 [ 2016.754393][ T9365] __x64_sys_clone+0xc3/0xf0 [ 2016.759004][ T9365] do_syscall_64+0x2b/0x70 [ 2016.763455][ T9365] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 2016.769349][ T9365] RIP: 0033:0x7fe837fad531 [ 2016.773803][ T9365] Code: 48 85 ff 74 3d 48 85 f6 74 38 48 83 ee 10 48 89 4e 08 48 89 3e 48 89 d7 4c 89 c2 4d 89 c8 4c 8b 54 24 08 b8 38 00 00 00 0f 05 <48> 85 c0 7c 13 74 01 c3 31 ed 58 5f ff d0 48 89 c7 b8 3c 00 00 00 [ 2016.793513][ T9365] RSP: 002b:00007ffd964f7748 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 01:40:07 executing program 1: r0 = openat$ptp0(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$PTP_SYS_OFFSET_EXTENDED(r0, 0xc4c03d09, 0x0) [ 2016.801971][ T9365] RAX: ffffffffffffffda RBX: 00007fe837722700 RCX: 00007fe837fad531 [ 2016.810006][ T9365] RDX: 00007fe8377229d0 RSI: 00007fe8377222f0 RDI: 00000000003d0f00 [ 2016.818507][ T9365] RBP: 00007ffd964f7990 R08: 00007fe837722700 R09: 00007fe837722700 [ 2016.826525][ T9365] R10: 00007fe8377229d0 R11: 0000000000000206 R12: 00007ffd964f77fe [ 2016.834494][ T9365] R13: 00007ffd964f77ff R14: 00007fe837722300 R15: 0000000000022000 [ 2016.842453][ T9365] [ 2016.845650][ T9365] memory: usage 307188kB, limit 307200kB, failcnt 60958 [ 2016.852624][ T9365] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2016.859504][ T9365] Memory cgroup stats for /syz4: [ 2016.887471][ T9365] anon 90112 [ 2016.887471][ T9365] file 126976 [ 2016.887471][ T9365] kernel 314343424 [ 2016.887471][ T9365] kernel_stack 16384 [ 2016.887471][ T9365] pagetables 65536 [ 2016.887471][ T9365] percpu 11039616 [ 2016.887471][ T9365] sock 0 [ 2016.887471][ T9365] vmalloc 0 [ 2016.887471][ T9365] shmem 126976 [ 2016.887471][ T9365] file_mapped 126976 [ 2016.887471][ T9365] file_dirty 0 [ 2016.887471][ T9365] file_writeback 0 [ 2016.887471][ T9365] swapcached 0 [ 2016.887471][ T9365] inactive_anon 159744 [ 2016.887471][ T9365] active_anon 57344 [ 2016.887471][ T9365] inactive_file 0 [ 2016.887471][ T9365] active_file 0 [ 2016.887471][ T9365] unevictable 0 [ 2016.887471][ T9365] slab_reclaimable 21744 [ 2016.887471][ T9365] slab_unreclaimable 303142648 [ 2016.887471][ T9365] slab 303164392 [ 2016.887471][ T9365] workingset_refault_anon 0 [ 2016.887471][ T9365] workingset_refault_file 15 [ 2016.887471][ T9365] workingset_activate_anon 0 [ 2016.887471][ T9365] workingset_activate_file 0 01:40:07 executing program 3: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000240)=0x1) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4000000010001fff000000000000001000000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00ed"], 0x40}}, 0x0) [ 2016.983607][ T9365] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=9365,uid=0 [ 2016.998910][ T9365] Memory cgroup out of memory: Killed process 9365 (syz-executor.4) total-vm:46312kB, anon-rss:388kB, file-rss:8192kB, shmem-rss:0kB, UID:0 pgtables:68kB oom_score_adj:1000 01:40:07 executing program 1: r0 = add_key$fscrypt_v1(&(0x7f0000000000), &(0x7f0000000040)={'fscrypt:', @desc1}, &(0x7f0000000080)={0x0, "23e340d0dbbf8424586c263e727bb1a4f1580806956ca38bc6bf11045f91a26c81c936dc9ae8331bfaff3f7d48690dee2ce676e9340d4c6838ff5127b3045fc9"}, 0x48, 0xfffffffffffffffc) add_key$keyring(&(0x7f0000000100), &(0x7f0000000140)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffe) add_key$keyring(&(0x7f0000000300), 0x0, 0x0, 0x0, r0) 01:40:07 executing program 4: r0 = socket$phonet(0x23, 0x2, 0x1) bind$phonet(r0, &(0x7f0000000000)={0x23, 0x0, 0x7}, 0x10) 01:40:07 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$IPVS_CMD_NEW_DAEMON(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={0x0, 0x1c}}, 0x0) 01:40:07 executing program 1: syz_genetlink_get_family_id$netlbl_calipso(&(0x7f0000000240), 0xffffffffffffffff) [ 2017.309197][ T9388] syz-executor.4 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=0, oom_score_adj=1000 [ 2017.321357][ T9388] CPU: 0 PID: 9388 Comm: syz-executor.4 Not tainted 5.19.0-rc6-syzkaller-00104-g72a8e05d4f66-dirty #0 [ 2017.332355][ T9388] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 2017.342467][ T9388] Call Trace: [ 2017.345745][ T9388] [ 2017.348740][ T9388] dump_stack_lvl+0xd6/0x122 [ 2017.353429][ T9388] dump_stack+0x11/0x12 [ 2017.357589][ T9388] dump_header+0x98/0x410 [ 2017.361926][ T9388] oom_kill_process+0xfe/0x550 [ 2017.366700][ T9388] out_of_memory+0x620/0x880 [ 2017.371297][ T9388] mem_cgroup_oom+0x475/0x4f0 [ 2017.375982][ T9388] try_charge_memcg+0x746/0x960 [ 2017.380840][ T9388] ? __perf_event_task_sched_out+0xed6/0xf00 [ 2017.386846][ T9388] ? __this_cpu_preempt_check+0xf/0x10 [ 2017.392394][ T9388] ? finish_task_switch+0xc5/0x260 [ 2017.397523][ T9388] obj_cgroup_charge+0x171/0x2b0 [ 2017.402465][ T9388] kmem_cache_alloc_trace+0x9d/0x320 [ 2017.407753][ T9388] ? copy_semundo+0x8a/0x170 [ 2017.412351][ T9388] copy_semundo+0x8a/0x170 [ 2017.416782][ T9388] copy_process+0xcd8/0x20b0 [ 2017.421448][ T9388] kernel_clone+0x163/0x5c0 [ 2017.426062][ T9388] __x64_sys_clone+0xc3/0xf0 [ 2017.430652][ T9388] do_syscall_64+0x2b/0x70 [ 2017.435093][ T9388] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 2017.441050][ T9388] RIP: 0033:0x7fe837fad531 [ 2017.445461][ T9388] Code: 48 85 ff 74 3d 48 85 f6 74 38 48 83 ee 10 48 89 4e 08 48 89 3e 48 89 d7 4c 89 c2 4d 89 c8 4c 8b 54 24 08 b8 38 00 00 00 0f 05 <48> 85 c0 7c 13 74 01 c3 31 ed 58 5f ff d0 48 89 c7 b8 3c 00 00 00 [ 2017.467116][ T9388] RSP: 002b:00007ffd964f7748 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 2017.475524][ T9388] RAX: ffffffffffffffda RBX: 00007fe837722700 RCX: 00007fe837fad531 [ 2017.483564][ T9388] RDX: 00007fe8377229d0 RSI: 00007fe8377222f0 RDI: 00000000003d0f00 [ 2017.491584][ T9388] RBP: 00007ffd964f7990 R08: 00007fe837722700 R09: 00007fe837722700 [ 2017.499551][ T9388] R10: 00007fe8377229d0 R11: 0000000000000206 R12: 00007ffd964f77fe 01:40:07 executing program 5: read$usbmon(0xffffffffffffffff, 0x0, 0x36) syz_usbip_server_init(0x1) 01:40:07 executing program 1: pselect6(0x0, 0x0, &(0x7f00000001c0), &(0x7f00000000c0), 0x0, 0x0) [ 2017.507649][ T9388] R13: 00007ffd964f77ff R14: 00007fe837722300 R15: 0000000000022000 [ 2017.515622][ T9388] [ 2017.518680][ T9388] memory: usage 307196kB, limit 307200kB, failcnt 60990 [ 2017.525642][ T9388] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2017.532489][ T9388] Memory cgroup stats for /syz4: [ 2017.545630][ T9388] anon 90112 [ 2017.545630][ T9388] file 126976 [ 2017.545630][ T9388] kernel 314343424 [ 2017.545630][ T9388] kernel_stack 32768 [ 2017.545630][ T9388] pagetables 65536 [ 2017.545630][ T9388] percpu 11039616 [ 2017.545630][ T9388] sock 0 [ 2017.545630][ T9388] vmalloc 0 [ 2017.545630][ T9388] shmem 126976 [ 2017.545630][ T9388] file_mapped 126976 [ 2017.545630][ T9388] file_dirty 0 [ 2017.545630][ T9388] file_writeback 0 [ 2017.545630][ T9388] swapcached 0 [ 2017.545630][ T9388] inactive_anon 159744 [ 2017.545630][ T9388] active_anon 57344 [ 2017.545630][ T9388] inactive_file 0 [ 2017.545630][ T9388] active_file 0 [ 2017.545630][ T9388] unevictable 0 [ 2017.545630][ T9388] slab_reclaimable 15840 [ 2017.545630][ T9388] slab_unreclaimable 303142144 [ 2017.545630][ T9388] slab 303157984 [ 2017.545630][ T9388] workingset_refault_anon 0 [ 2017.545630][ T9388] workingset_refault_file 15 [ 2017.545630][ T9388] workingset_activate_anon 0 [ 2017.545630][ T9388] workingset_activate_file 0 [ 2017.561610][ T9394] vhci_hcd vhci_hcd.0: pdev(5) rhport(0) sockfd(3) [ 2017.642567][ T9388] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null) [ 2017.648961][ T9394] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 2017.649069][ T9394] vhci_hcd vhci_hcd.0: Device attached [ 2017.655805][ T9388] ,cpuset=syz4,mems_allowed=0,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=9388,uid=0 [ 2017.675457][ T9395] vhci_hcd: connection closed [ 2017.679528][ T9388] Memory cgroup out of memory: Killed process 9388 (syz-executor.4) total-vm:46312kB, anon-rss:388kB, file-rss:8192kB, shmem-rss:0kB, UID:0 pgtables:68kB oom_score_adj:1000 [ 2017.681616][ T5088] vhci_hcd: stop threads [ 2017.705769][ T5088] vhci_hcd: release socket [ 2017.710173][ T5088] vhci_hcd: disconnect device 01:40:08 executing program 0: getpid() socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, 0x0, 0x0, 0x2, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4000000010001fff00008a030000000000000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00edd62ea20a1d331785", @ANYBLOB="f6058f6edd13b339a41741df7cc8ce16a184f1c3ce95557b15a6b9d8ed59050d446d58b1b14a601e31bc1f05ac2d5eab491981e7982e0834ddf3bc6592804936196dbce83b114f9265aa8c87654cf456311e4cba3ee22fd0451b75c902767755ccec2eb4ea77c45e8d4d4e77f867648d98797fdd8711d671c5f22669c60eb10bf9570150a2c247bf1e55cd1fb91e41588a73327e20823f2f15ce2255a75e6d8afb40aa37c5ae7af3fb6c770673242110d1e2c33cfd3264e2a156ae5ee38d5abfb2ad4c2a8a"], 0x40}}, 0x0) 01:40:08 executing program 4: r0 = socket$pptp(0x18, 0x1, 0x2) bind$pptp(r0, &(0x7f00000001c0)={0x18, 0x2, {0x0, @remote}}, 0x1e) [ 2017.771367][ T9399] syz-executor.4 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 2017.781707][ T9399] CPU: 0 PID: 9399 Comm: syz-executor.4 Not tainted 5.19.0-rc6-syzkaller-00104-g72a8e05d4f66-dirty #0 [ 2017.792713][ T9399] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 2017.802782][ T9399] Call Trace: [ 2017.806052][ T9399] [ 2017.808988][ T9399] dump_stack_lvl+0xd6/0x122 [ 2017.813686][ T9399] dump_stack+0x11/0x12 [ 2017.817844][ T9399] dump_header+0x98/0x410 [ 2017.822188][ T9399] oom_kill_process+0xfe/0x550 [ 2017.827031][ T9399] out_of_memory+0x620/0x880 [ 2017.831723][ T9399] mem_cgroup_oom+0x475/0x4f0 [ 2017.836436][ T9399] try_charge_memcg+0x746/0x960 [ 2017.841392][ T9399] charge_memcg+0x63/0x2c0 [ 2017.845917][ T9399] __mem_cgroup_charge+0x25/0xa0 [ 2017.850857][ T9399] wp_page_copy+0x20f/0x1460 [ 2017.855511][ T9399] do_wp_page+0x76f/0xe10 [ 2017.859854][ T9399] handle_mm_fault+0x5fb/0xa90 [ 2017.864637][ T9399] do_user_addr_fault+0x4cd/0x940 [ 2017.869725][ T9399] exc_page_fault+0x60/0x160 [ 2017.874362][ T9399] asm_exc_page_fault+0x22/0x30 [ 2017.879226][ T9399] RIP: 0033:0x7fe837f52edc [ 2017.883774][ T9399] Code: 2a 59 ff ff 41 39 5c 24 2c 7f d3 31 c0 48 8d 3d c5 20 0b 00 e8 15 59 ff ff 48 8b 44 24 08 c7 44 24 1c ff ff ff ff 44 8b 60 78 80 c8 00 00 00 00 45 85 e4 0f 8e 83 00 00 00 48 8b 44 24 08 8b [ 2017.903394][ T9399] RSP: 002b:00007fe837722190 EFLAGS: 00010202 [ 2017.909459][ T9399] RAX: 00007fe8380bef60 RBX: 0000000000000003 RCX: 00007fe838013c00 [ 2017.917563][ T9399] RDX: 00000000001dbe92 RSI: 0000000000000002 RDI: 00007fe838004f8b [ 2017.925542][ T9399] RBP: 00007fe83800605d R08: 00007ffd96573080 R09: 0000000000000010 [ 2017.933552][ T9399] R10: 00007ffd965730b8 R11: 000000000005b3aa R12: 0000000000000000 [ 2017.941574][ T9399] R13: 00007ffd964f77ff R14: 00007fe837722300 R15: 0000000000022000 [ 2017.949540][ T9399] [ 2017.952618][ T9399] memory: usage 307200kB, limit 307200kB, failcnt 61024 [ 2017.959645][ T9399] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2017.966508][ T9399] Memory cgroup stats for /syz4: [ 2017.967651][ T9399] anon 94208 [ 2017.967651][ T9399] file 126976 [ 2017.967651][ T9399] kernel 314351616 [ 2017.967651][ T9399] kernel_stack 32768 [ 2017.967651][ T9399] pagetables 69632 [ 2017.967651][ T9399] percpu 11039616 [ 2017.967651][ T9399] sock 0 [ 2017.967651][ T9399] vmalloc 0 [ 2017.967651][ T9399] shmem 126976 [ 2017.967651][ T9399] file_mapped 126976 [ 2017.967651][ T9399] file_dirty 0 [ 2017.967651][ T9399] file_writeback 0 [ 2017.967651][ T9399] swapcached 0 [ 2017.967651][ T9399] inactive_anon 114688 [ 2017.967651][ T9399] active_anon 57344 [ 2017.967651][ T9399] inactive_file 0 [ 2017.967651][ T9399] active_file 0 [ 2017.967651][ T9399] unevictable 0 [ 2017.967651][ T9399] slab_reclaimable 21744 [ 2017.967651][ T9399] slab_unreclaimable 303142584 [ 2017.967651][ T9399] slab 303164328 [ 2017.967651][ T9399] workingset_refault_anon 0 [ 2017.967651][ T9399] workingset_refault_file 15 [ 2017.967651][ T9399] workingset_activate_anon 0 [ 2017.967651][ T9399] workingset_activate_file 0 01:40:08 executing program 3: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000240)=0x1) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4000000010001fff000000000000001100000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00ed"], 0x40}}, 0x0) 01:40:08 executing program 2: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000240)=0x1) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4000000010001fff000000000010000000000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00ed"], 0x40}}, 0x0) 01:40:08 executing program 4: getsockopt$bt_l2cap_L2CAP_OPTIONS(0xffffffffffffffff, 0x6, 0x1, 0x0, 0x0) [ 2018.063771][ T9399] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=9398,uid=0 [ 2018.079054][ T9399] Memory cgroup out of memory: Killed process 9398 (syz-executor.4) total-vm:46312kB, anon-rss:388kB, file-rss:8192kB, shmem-rss:0kB, UID:0 pgtables:72kB oom_score_adj:1000 01:40:08 executing program 4: r0 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0) mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x200000a, 0x10, r0, 0x8000000) [ 2018.141274][ T9407] Memory cgroup out of memory: Killed process 9407 (syz-executor.4) total-vm:46312kB, anon-rss:388kB, file-rss:8192kB, shmem-rss:0kB, UID:0 pgtables:68kB oom_score_adj:1000 [ 2018.792515][ T9408] oom_kill_process: 1 callbacks suppressed [ 2018.792530][ T9408] syz-executor.4 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 2018.808634][ T9408] CPU: 1 PID: 9408 Comm: syz-executor.4 Not tainted 5.19.0-rc6-syzkaller-00104-g72a8e05d4f66-dirty #0 [ 2018.819585][ T9408] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 2018.829645][ T9408] Call Trace: [ 2018.833008][ T9408] [ 2018.835950][ T9408] dump_stack_lvl+0xd6/0x122 01:40:09 executing program 5: read$usbmon(0xffffffffffffffff, 0x0, 0x36) syz_usbip_server_init(0x1) 01:40:09 executing program 1: socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) close(r0) [ 2018.840657][ T9408] dump_stack+0x11/0x12 [ 2018.844818][ T9408] dump_header+0x98/0x410 [ 2018.849181][ T9408] oom_kill_process+0xfe/0x550 [ 2018.854049][ T9408] out_of_memory+0x620/0x880 [ 2018.858764][ T9408] mem_cgroup_oom+0x475/0x4f0 [ 2018.863458][ T9408] try_charge_memcg+0x746/0x960 [ 2018.868324][ T9408] charge_memcg+0x63/0x2c0 [ 2018.872787][ T9408] __mem_cgroup_charge+0x25/0xa0 [ 2018.877953][ T9408] wp_page_copy+0x20f/0x1460 [ 2018.882643][ T9408] ? shrink_zones+0x525/0x5d0 [ 2018.887336][ T9408] do_wp_page+0x76f/0xe10 01:40:09 executing program 1: r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x6, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180200001b00000000000000b296ffff850000004100000095000000000000003af1f53778422dccc1c3e37fb12b70dbbaa62f65a7762b5ed9fef666387df316ddb9043b838619eb042c080f5e94778ec365075dd75aaaa969f99760a84a18cb0534ba5f8ac821babe00f7e9d8af4c5b4692af9eac983e8f8ff0d856912643"], &(0x7f00000000c0)='GPL\x00', 0x4, 0x1000, &(0x7f000062b000)=""/4096, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000740)={r0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48) [ 2018.891689][ T9408] handle_mm_fault+0x5fb/0xa90 [ 2018.896476][ T9408] do_user_addr_fault+0x4cd/0x940 [ 2018.901518][ T9408] exc_page_fault+0x60/0x160 [ 2018.906153][ T9408] asm_exc_page_fault+0x22/0x30 [ 2018.911083][ T9408] RIP: 0033:0x7fe837f57a90 [ 2018.915549][ T9408] Code: 0f 84 b4 00 00 00 80 3d 21 09 0a 01 00 75 1b 80 3d 19 09 0a 01 00 75 12 80 3d 0b 09 0a 01 00 0f 84 95 00 00 00 0f 1f 44 00 00 <41> c6 44 24 f8 01 45 89 6c 24 f4 41 c6 44 24 14 00 8b 93 8c 00 00 [ 2018.935155][ T9408] RSP: 002b:00007ffd964f7880 EFLAGS: 00010202 [ 2018.941215][ T9408] RAX: 0000000000000000 RBX: 00007fe8380bef6c RCX: 0000000000000000 [ 2018.949179][ T9408] RDX: 00007ffd964f79f0 RSI: ffff8017c7f41094 RDI: 00007ffd964f7a18 [ 2018.957175][ T9408] RBP: 00007ffd964f79f0 R08: 0000000000000000 R09: 0000000000000000 [ 2018.965149][ T9408] R10: 00007ffd965730b8 R11: 000000000005b45a R12: 00007fe8380bef6c [ 2018.973197][ T9408] R13: 0000000000000000 R14: 00007fe8380bef60 R15: 00007ffd964f7b20 [ 2018.983614][ T9408] [ 2018.986776][ T9408] memory: usage 307184kB, limit 307200kB, failcnt 61195 01:40:09 executing program 0: getpid() socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, 0x0, 0x0, 0x2, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4000000010001fff0000a4030000000000000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00edd62ea20a1d331785", @ANYBLOB="f6058f6edd13b339a41741df7cc8ce16a184f1c3ce95557b15a6b9d8ed59050d446d58b1b14a601e31bc1f05ac2d5eab491981e7982e0834ddf3bc6592804936196dbce83b114f9265aa8c87654cf456311e4cba3ee22fd0451b75c902767755ccec2eb4ea77c45e8d4d4e77f867648d98797fdd8711d671c5f22669c60eb10bf9570150a2c247bf1e55cd1fb91e41588a73327e20823f2f15ce2255a75e6d8afb40aa37c5ae7af3fb6c770673242110d1e2c33cfd3264e2a156ae5ee38d5abfb2ad4c2a8a"], 0x40}}, 0x0) [ 2018.993772][ T9408] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2019.000647][ T9408] Memory cgroup stats for /syz4: [ 2019.008122][ T9408] anon 77824 [ 2019.008122][ T9408] file 126976 [ 2019.008122][ T9408] kernel 314351616 [ 2019.008122][ T9408] kernel_stack 16384 [ 2019.008122][ T9408] pagetables 73728 [ 2019.008122][ T9408] percpu 11039616 [ 2019.008122][ T9408] sock 0 [ 2019.008122][ T9408] vmalloc 0 [ 2019.008122][ T9408] shmem 126976 [ 2019.008122][ T9408] file_mapped 126976 [ 2019.008122][ T9408] file_dirty 0 [ 2019.008122][ T9408] file_writeback 0 [ 2019.008122][ T9408] swapcached 0 [ 2019.008122][ T9408] inactive_anon 147456 [ 2019.008122][ T9408] active_anon 57344 [ 2019.008122][ T9408] inactive_file 0 [ 2019.008122][ T9408] active_file 0 [ 2019.008122][ T9408] unevictable 0 [ 2019.008122][ T9408] slab_reclaimable 33320 [ 2019.008122][ T9408] slab_unreclaimable 303140040 [ 2019.008122][ T9408] slab 303173360 [ 2019.008122][ T9408] workingset_refault_anon 0 01:40:09 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$gtp(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$GTP_CMD_DELPDP(r0, &(0x7f0000000180)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000140)={&(0x7f00000000c0)={0x24, r1, 0x1, 0x0, 0x0, {}, [@GTPA_LINK={0x8}, @GTPA_FLOW={0x6}]}, 0x24}}, 0x0) [ 2019.008122][ T9408] workingset_refault_file 15 [ 2019.008122][ T9408] workingset_activate_anon 0 [ 2019.008122][ T9408] workingset_activate_file 0 [ 2019.028805][ T9416] vhci_hcd vhci_hcd.0: pdev(5) rhport(0) sockfd(3) [ 2019.103852][ T9408] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null) [ 2019.110256][ T9416] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 2019.110398][ T9416] vhci_hcd vhci_hcd.0: Device attached [ 2019.117174][ T9408] ,cpuset=syz4,mems_allowed=0,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=9408,uid=0 01:40:09 executing program 3: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000240)=0x1) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4000000010001fff000000000000001200000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00ed"], 0x40}}, 0x0) [ 2019.140792][ T9408] Memory cgroup out of memory: Killed process 9408 (syz-executor.4) total-vm:46180kB, anon-rss:388kB, file-rss:8192kB, shmem-rss:0kB, UID:0 pgtables:76kB oom_score_adj:1000 [ 2019.143037][ T9420] vhci_hcd: connection closed [ 2019.178717][ T5083] vhci_hcd: stop threads [ 2019.187703][ T5083] vhci_hcd: release socket 01:40:09 executing program 1: io_uring_setup(0x79eb, &(0x7f00000000c0)) 01:40:09 executing program 4: connect$pptp(0xffffffffffffffff, 0x0, 0x0) 01:40:09 executing program 1: r0 = socket$phonet(0x23, 0x2, 0x1) recvfrom$phonet(r0, 0x0, 0x0, 0x2, 0x0, 0x0) [ 2019.192136][ T5083] vhci_hcd: disconnect device [ 2019.213525][ T9429] syz-executor.4 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 2019.221142][ T24] audit: type=1400 audit(1657676409.581:567): avc: denied { read } for pid=9433 comm="syz-executor.1" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1 [ 2019.223816][ T9429] CPU: 0 PID: 9429 Comm: syz-executor.4 Not tainted 5.19.0-rc6-syzkaller-00104-g72a8e05d4f66-dirty #0 [ 2019.223839][ T9429] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 2019.223850][ T9429] Call Trace: [ 2019.223855][ T9429] [ 2019.223861][ T9429] dump_stack_lvl+0xd6/0x122 [ 2019.275514][ T9429] dump_stack+0x11/0x12 [ 2019.279669][ T9429] dump_header+0x98/0x410 [ 2019.283994][ T9429] oom_kill_process+0xfe/0x550 [ 2019.288818][ T9429] out_of_memory+0x620/0x880 [ 2019.293404][ T9429] mem_cgroup_oom+0x475/0x4f0 [ 2019.298080][ T9429] try_charge_memcg+0x746/0x960 [ 2019.302983][ T9429] __memcg_kmem_charge_page+0x2e4/0x480 [ 2019.308518][ T9429] alloc_thread_stack_node+0x292/0x360 [ 2019.314183][ T9429] dup_task_struct+0x96/0x2a0 [ 2019.318850][ T9429] copy_process+0x3cb/0x20b0 [ 2019.323565][ T9429] kernel_clone+0x163/0x5c0 [ 2019.328060][ T9429] __x64_sys_clone+0xc3/0xf0 [ 2019.332719][ T9429] do_syscall_64+0x2b/0x70 [ 2019.337153][ T9429] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 2019.343047][ T9429] RIP: 0033:0x7fe837fad531 [ 2019.347499][ T9429] Code: 48 85 ff 74 3d 48 85 f6 74 38 48 83 ee 10 48 89 4e 08 48 89 3e 48 89 d7 4c 89 c2 4d 89 c8 4c 8b 54 24 08 b8 38 00 00 00 0f 05 <48> 85 c0 7c 13 74 01 c3 31 ed 58 5f ff d0 48 89 c7 b8 3c 00 00 00 [ 2019.367167][ T9429] RSP: 002b:00007ffd964f7748 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 2019.375710][ T9429] RAX: ffffffffffffffda RBX: 00007fe837722700 RCX: 00007fe837fad531 [ 2019.383705][ T9429] RDX: 00007fe8377229d0 RSI: 00007fe8377222f0 RDI: 00000000003d0f00 [ 2019.391677][ T9429] RBP: 00007ffd964f7990 R08: 00007fe837722700 R09: 00007fe837722700 [ 2019.399722][ T9429] R10: 00007fe8377229d0 R11: 0000000000000206 R12: 00007ffd964f77fe [ 2019.407716][ T9429] R13: 00007ffd964f77ff R14: 00007fe837722300 R15: 0000000000022000 [ 2019.415721][ T9429] [ 2019.418944][ T9429] memory: usage 307200kB, limit 307200kB, failcnt 61226 [ 2019.425908][ T9429] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2019.432757][ T9429] Memory cgroup stats for /syz4: [ 2019.433364][ T9429] anon 90112 [ 2019.433364][ T9429] file 126976 [ 2019.433364][ T9429] kernel 314355712 [ 2019.433364][ T9429] kernel_stack 16384 [ 2019.433364][ T9429] pagetables 65536 [ 2019.433364][ T9429] percpu 11039616 [ 2019.433364][ T9429] sock 0 [ 2019.433364][ T9429] vmalloc 0 [ 2019.433364][ T9429] shmem 126976 [ 2019.433364][ T9429] file_mapped 126976 [ 2019.433364][ T9429] file_dirty 0 [ 2019.433364][ T9429] file_writeback 0 [ 2019.433364][ T9429] swapcached 0 [ 2019.433364][ T9429] inactive_anon 159744 [ 2019.433364][ T9429] active_anon 57344 [ 2019.433364][ T9429] inactive_file 0 [ 2019.433364][ T9429] active_file 0 [ 2019.433364][ T9429] unevictable 0 [ 2019.433364][ T9429] slab_reclaimable 33320 [ 2019.433364][ T9429] slab_unreclaimable 303144128 [ 2019.433364][ T9429] slab 303177448 [ 2019.433364][ T9429] workingset_refault_anon 0 [ 2019.433364][ T9429] workingset_refault_file 15 [ 2019.433364][ T9429] workingset_activate_anon 0 [ 2019.433364][ T9429] workingset_activate_file 0 [ 2019.529174][ T9429] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=9429,uid=0 [ 2019.544487][ T9429] Memory cgroup out of memory: Killed process 9429 (syz-executor.4) total-vm:46312kB, anon-rss:388kB, file-rss:8192kB, shmem-rss:0kB, UID:0 pgtables:68kB oom_score_adj:1000 01:40:10 executing program 2: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000240)=0x1) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4000000010001fff000000000000010000000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00ed"], 0x40}}, 0x0) 01:40:10 executing program 4: sendmsg$RDMA_NLDEV_CMD_SET(0xffffffffffffffff, 0x0, 0x0) 01:40:10 executing program 0: getpid() socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, 0x0, 0x0, 0x2, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4000000010001fff0000aa030000000000000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00edd62ea20a1d331785", @ANYBLOB="f6058f6edd13b339a41741df7cc8ce16a184f1c3ce95557b15a6b9d8ed59050d446d58b1b14a601e31bc1f05ac2d5eab491981e7982e0834ddf3bc6592804936196dbce83b114f9265aa8c87654cf456311e4cba3ee22fd0451b75c902767755ccec2eb4ea77c45e8d4d4e77f867648d98797fdd8711d671c5f22669c60eb10bf9570150a2c247bf1e55cd1fb91e41588a73327e20823f2f15ce2255a75e6d8afb40aa37c5ae7af3fb6c770673242110d1e2c33cfd3264e2a156ae5ee38d5abfb2ad4c2a8a"], 0x40}}, 0x0) [ 2019.842164][ T9445] syz-executor.4 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 2019.852485][ T9445] CPU: 1 PID: 9445 Comm: syz-executor.4 Not tainted 5.19.0-rc6-syzkaller-00104-g72a8e05d4f66-dirty #0 [ 2019.863480][ T9445] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 2019.873554][ T9445] Call Trace: [ 2019.876859][ T9445] [ 2019.879794][ T9445] dump_stack_lvl+0xd6/0x122 [ 2019.884387][ T9445] dump_stack+0x11/0x12 [ 2019.888597][ T9445] dump_header+0x98/0x410 [ 2019.892916][ T9445] oom_kill_process+0xfe/0x550 [ 2019.897758][ T9445] out_of_memory+0x620/0x880 [ 2019.902407][ T9445] mem_cgroup_oom+0x475/0x4f0 [ 2019.907071][ T9445] try_charge_memcg+0x746/0x960 [ 2019.911909][ T9445] charge_memcg+0x63/0x2c0 [ 2019.916308][ T9445] __mem_cgroup_charge+0x25/0xa0 [ 2019.921291][ T9445] wp_page_copy+0x20f/0x1460 [ 2019.925866][ T9445] do_wp_page+0x76f/0xe10 [ 2019.930206][ T9445] handle_mm_fault+0x5fb/0xa90 [ 2019.934969][ T9445] do_user_addr_fault+0x4cd/0x940 [ 2019.940041][ T9445] exc_page_fault+0x60/0x160 [ 2019.944689][ T9445] asm_exc_page_fault+0x22/0x30 [ 2019.949591][ T9445] RIP: 0033:0x7fe837f52edc [ 2019.954061][ T9445] Code: 2a 59 ff ff 41 39 5c 24 2c 7f d3 31 c0 48 8d 3d c5 20 0b 00 e8 15 59 ff ff 48 8b 44 24 08 c7 44 24 1c ff ff ff ff 44 8b 60 78 80 c8 00 00 00 00 45 85 e4 0f 8e 83 00 00 00 48 8b 44 24 08 8b [ 2019.973715][ T9445] RSP: 002b:00007fe837722190 EFLAGS: 00010202 [ 2019.979805][ T9445] RAX: 00007fe8380bef60 RBX: 0000000000000003 RCX: 00007fe8380122ba [ 2019.987827][ T9445] RDX: 00000000001dc6aa RSI: 0000000000000000 RDI: 00007fe838004f8b [ 2019.995799][ T9445] RBP: 00007fe83800605d R08: 00007ffd96573080 R09: 0000000000000010 [ 2020.003762][ T9445] R10: 00007ffd965730b8 R11: 000000000005b4f6 R12: 0000000000000000 [ 2020.011785][ T9445] R13: 00007ffd964f77ff R14: 00007fe837722300 R15: 0000000000022000 [ 2020.019750][ T9445] [ 2020.022919][ T9445] memory: usage 307200kB, limit 307200kB, failcnt 61272 [ 2020.029883][ T9445] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2020.036792][ T9445] Memory cgroup stats for /syz4: [ 2020.082908][ T9445] anon 94208 [ 2020.082908][ T9445] file 126976 [ 2020.082908][ T9445] kernel 314351616 [ 2020.082908][ T9445] kernel_stack 32768 [ 2020.082908][ T9445] pagetables 69632 [ 2020.082908][ T9445] percpu 11039616 [ 2020.082908][ T9445] sock 0 [ 2020.082908][ T9445] vmalloc 0 [ 2020.082908][ T9445] shmem 126976 [ 2020.082908][ T9445] file_mapped 126976 [ 2020.082908][ T9445] file_dirty 0 [ 2020.082908][ T9445] file_writeback 0 [ 2020.082908][ T9445] swapcached 0 [ 2020.082908][ T9445] inactive_anon 163840 [ 2020.082908][ T9445] active_anon 57344 [ 2020.082908][ T9445] inactive_file 0 [ 2020.082908][ T9445] active_file 0 [ 2020.082908][ T9445] unevictable 0 [ 2020.082908][ T9445] slab_reclaimable 21344 [ 2020.082908][ T9445] slab_unreclaimable 303142584 [ 2020.082908][ T9445] slab 303163928 [ 2020.082908][ T9445] workingset_refault_anon 0 [ 2020.082908][ T9445] workingset_refault_file 15 [ 2020.082908][ T9445] workingset_activate_anon 0 [ 2020.082908][ T9445] workingset_activate_file 0 [ 2020.178747][ T9445] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=9442,uid=0 [ 2020.194096][ T9445] Memory cgroup out of memory: Killed process 9442 (syz-executor.4) total-vm:46312kB, anon-rss:388kB, file-rss:8192kB, shmem-rss:0kB, UID:0 pgtables:72kB oom_score_adj:1000 01:40:10 executing program 5: read$usbmon(0xffffffffffffffff, 0x0, 0x36) syz_usbip_server_init(0x1) 01:40:10 executing program 3: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000240)=0x1) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4000000010001fff000000000000021a00000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00ed"], 0x40}}, 0x0) 01:40:10 executing program 1: syz_genetlink_get_family_id$gtp(&(0x7f0000000080), 0xffffffffffffffff) 01:40:10 executing program 1: socket(0x18, 0x0, 0x82) 01:40:10 executing program 4: r0 = socket$phonet(0x23, 0x2, 0x1) bind$phonet(r0, &(0x7f0000000000), 0x10) [ 2020.532690][ T9450] vhci_hcd vhci_hcd.0: pdev(5) rhport(0) sockfd(3) [ 2020.539234][ T9450] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 2020.546840][ T9450] vhci_hcd vhci_hcd.0: Device attached 01:40:10 executing program 1: r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0) connect$bt_l2cap(r0, &(0x7f00000005c0)={0x1f, 0x401, @none, 0x2}, 0xe) 01:40:11 executing program 1: r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) sendmsg$RDMA_NLDEV_CMD_SET(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={0x0}}, 0x24008811) 01:40:11 executing program 1: syz_open_dev$vcsn(&(0x7f0000000000), 0x0, 0x6042) [ 2020.641430][ T9454] vhci_hcd: connection closed [ 2020.642021][ T5088] vhci_hcd: stop threads [ 2020.651142][ T5088] vhci_hcd: release socket [ 2020.655574][ T5088] vhci_hcd: disconnect device 01:40:11 executing program 1: add_key$fscrypt_v1(&(0x7f0000000180), 0x0, 0x0, 0x0, 0x0) [ 2020.682267][ T9462] syz-executor.4 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 2020.692532][ T9462] CPU: 1 PID: 9462 Comm: syz-executor.4 Not tainted 5.19.0-rc6-syzkaller-00104-g72a8e05d4f66-dirty #0 [ 2020.703580][ T9462] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 2020.713666][ T9462] Call Trace: [ 2020.716951][ T9462] [ 2020.719939][ T9462] dump_stack_lvl+0xd6/0x122 [ 2020.724564][ T9462] dump_stack+0x11/0x12 [ 2020.728782][ T9462] dump_header+0x98/0x410 [ 2020.733169][ T9462] oom_kill_process+0xfe/0x550 [ 2020.737965][ T9462] out_of_memory+0x620/0x880 [ 2020.742562][ T9462] mem_cgroup_oom+0x475/0x4f0 [ 2020.747255][ T9462] try_charge_memcg+0x746/0x960 [ 2020.752091][ T9462] charge_memcg+0x63/0x2c0 [ 2020.756507][ T9462] __mem_cgroup_charge+0x25/0xa0 [ 2020.761513][ T9462] do_anonymous_page+0x1d6/0xa20 [ 2020.766532][ T9462] handle_mm_fault+0x8a0/0xa90 [ 2020.771363][ T9462] do_user_addr_fault+0x4cd/0x940 [ 2020.776466][ T9462] exc_page_fault+0x60/0x160 [ 2020.781061][ T9462] asm_exc_page_fault+0x22/0x30 [ 2020.785912][ T9462] RIP: 0033:0x7fe837f57d0d [ 2020.790305][ T9462] Code: e0 04 8b 44 02 08 85 c0 0f 85 d0 0a 00 00 31 c0 b9 40 42 0f 00 ba 81 00 00 00 c7 06 01 00 00 00 bf ca 00 00 00 e8 e3 43 05 00 <83> 05 ec b2 56 00 01 80 bc 24 d8 00 00 00 00 0f b6 05 6f 06 0a 01 [ 2020.809893][ T9462] RSP: 002b:00007ffd964f7880 EFLAGS: 00010217 [ 2020.815953][ T9462] RAX: 0000000000000000 RBX: 00007fe8380bef6c RCX: 00007fe837fac109 [ 2020.823932][ T9462] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007fe8380bef68 [ 2020.831887][ T9462] RBP: 00007fe8380bef60 R08: 00007fe837722700 R09: 0000000000000000 [ 2020.839933][ T9462] R10: 00007fe837722700 R11: 0000000000000246 R12: 00007fe8380bef6c [ 2020.847960][ T9462] R13: 00007fe8380c3060 R14: 00007fe8380bef60 R15: 0000000000000000 [ 2020.855935][ T9462] [ 2020.859066][ T9462] memory: usage 307200kB, limit 307200kB, failcnt 61343 [ 2020.866061][ T9462] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2020.872898][ T9462] Memory cgroup stats for /syz4: [ 2020.873458][ T9462] anon 90112 [ 2020.873458][ T9462] file 126976 [ 2020.873458][ T9462] kernel 314355712 [ 2020.873458][ T9462] kernel_stack 32768 [ 2020.873458][ T9462] pagetables 69632 [ 2020.873458][ T9462] percpu 11039616 [ 2020.873458][ T9462] sock 0 [ 2020.873458][ T9462] vmalloc 0 [ 2020.873458][ T9462] shmem 126976 [ 2020.873458][ T9462] file_mapped 126976 [ 2020.873458][ T9462] file_dirty 0 [ 2020.873458][ T9462] file_writeback 0 [ 2020.873458][ T9462] swapcached 0 [ 2020.873458][ T9462] inactive_anon 118784 [ 2020.873458][ T9462] active_anon 57344 [ 2020.873458][ T9462] inactive_file 0 [ 2020.873458][ T9462] active_file 0 [ 2020.873458][ T9462] unevictable 0 [ 2020.873458][ T9462] slab_reclaimable 32904 [ 2020.873458][ T9462] slab_unreclaimable 303137568 [ 2020.873458][ T9462] slab 303170472 [ 2020.873458][ T9462] workingset_refault_anon 0 [ 2020.873458][ T9462] workingset_refault_file 15 [ 2020.873458][ T9462] workingset_activate_anon 0 [ 2020.873458][ T9462] workingset_activate_file 0 [ 2020.969405][ T9462] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=9462,uid=0 [ 2020.984610][ T9462] Memory cgroup out of memory: Killed process 9462 (syz-executor.4) total-vm:46312kB, anon-rss:388kB, file-rss:8192kB, shmem-rss:0kB, UID:0 pgtables:72kB oom_score_adj:1000 01:40:11 executing program 2: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000240)=0x1) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4000000010001fff000000000000030000000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00ed"], 0x40}}, 0x0) 01:40:11 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$GTP_CMD_DELPDP(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16, @ANYBLOB="01"], 0x24}}, 0x0) 01:40:11 executing program 4: r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0) setsockopt$bt_l2cap_L2CAP_LM(r0, 0x6, 0x3, &(0x7f0000000000)=0x3, 0x4) [ 2021.083146][ T9475] syz-executor.4 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 2021.093462][ T9475] CPU: 1 PID: 9475 Comm: syz-executor.4 Not tainted 5.19.0-rc6-syzkaller-00104-g72a8e05d4f66-dirty #0 [ 2021.104412][ T9475] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 2021.114470][ T9475] Call Trace: [ 2021.117733][ T9475] [ 2021.121037][ T9475] dump_stack_lvl+0xd6/0x122 [ 2021.125632][ T9475] dump_stack+0x11/0x12 [ 2021.129887][ T9475] dump_header+0x98/0x410 [ 2021.134211][ T9475] oom_kill_process+0xfe/0x550 [ 2021.139035][ T9475] out_of_memory+0x620/0x880 [ 2021.143765][ T9475] mem_cgroup_oom+0x475/0x4f0 [ 2021.148464][ T9475] try_charge_memcg+0x746/0x960 [ 2021.153299][ T9475] charge_memcg+0x63/0x2c0 [ 2021.157699][ T9475] __mem_cgroup_charge+0x25/0xa0 [ 2021.162707][ T9475] do_anonymous_page+0x1d6/0xa20 [ 2021.167631][ T9475] handle_mm_fault+0x8a0/0xa90 [ 2021.172420][ T9475] do_user_addr_fault+0x4cd/0x940 [ 2021.177454][ T9475] exc_page_fault+0x60/0x160 [ 2021.182053][ T9475] asm_exc_page_fault+0x22/0x30 [ 2021.186967][ T9475] RIP: 0033:0x7fe837f57d0d [ 2021.191362][ T9475] Code: e0 04 8b 44 02 08 85 c0 0f 85 d0 0a 00 00 31 c0 b9 40 42 0f 00 ba 81 00 00 00 c7 06 01 00 00 00 bf ca 00 00 00 e8 e3 43 05 00 <83> 05 ec b2 56 00 01 80 bc 24 d8 00 00 00 00 0f b6 05 6f 06 0a 01 [ 2021.210987][ T9475] RSP: 002b:00007ffd964f7880 EFLAGS: 00010217 [ 2021.217057][ T9475] RAX: 0000000000000000 RBX: 00007fe8380bef6c RCX: 00007fe837fac109 [ 2021.225017][ T9475] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007fe8380bef68 [ 2021.233130][ T9475] RBP: 00007fe8380bef60 R08: 00007fe837722700 R09: 0000000000000000 [ 2021.241154][ T9475] R10: 00007fe837722700 R11: 0000000000000246 R12: 00007fe8380bef6c [ 2021.249133][ T9475] R13: 00007fe8380c3060 R14: 00007fe8380bef60 R15: 0000000000000000 [ 2021.257096][ T9475] [ 2021.260341][ T9475] memory: usage 307192kB, limit 307200kB, failcnt 61412 [ 2021.267301][ T9475] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2021.274160][ T9475] Memory cgroup stats for /syz4: [ 2021.279224][ T9475] anon 90112 [ 2021.279224][ T9475] file 126976 [ 2021.279224][ T9475] kernel 314343424 [ 2021.279224][ T9475] kernel_stack 32768 [ 2021.279224][ T9475] pagetables 69632 [ 2021.279224][ T9475] percpu 11039616 [ 2021.279224][ T9475] sock 0 [ 2021.279224][ T9475] vmalloc 0 [ 2021.279224][ T9475] shmem 126976 [ 2021.279224][ T9475] file_mapped 126976 [ 2021.279224][ T9475] file_dirty 0 [ 2021.279224][ T9475] file_writeback 0 [ 2021.279224][ T9475] swapcached 0 [ 2021.279224][ T9475] inactive_anon 131072 [ 2021.279224][ T9475] active_anon 57344 [ 2021.279224][ T9475] inactive_file 0 [ 2021.279224][ T9475] active_file 0 [ 2021.279224][ T9475] unevictable 0 [ 2021.279224][ T9475] slab_reclaimable 21744 [ 2021.279224][ T9475] slab_unreclaimable 303137256 [ 2021.279224][ T9475] slab 303159000 [ 2021.279224][ T9475] workingset_refault_anon 0 [ 2021.279224][ T9475] workingset_refault_file 15 [ 2021.279224][ T9475] workingset_activate_anon 0 [ 2021.279224][ T9475] workingset_activate_file 0 [ 2021.374951][ T9475] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=9475,uid=0 [ 2021.390149][ T9475] Memory cgroup out of memory: Killed process 9475 (syz-executor.4) total-vm:46312kB, anon-rss:388kB, file-rss:8192kB, shmem-rss:0kB, UID:0 pgtables:72kB oom_score_adj:1000 [ 2021.466919][ T9482] syz-executor.4 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=1, oom_score_adj=1000 [ 2021.477193][ T9482] CPU: 1 PID: 9482 Comm: syz-executor.4 Not tainted 5.19.0-rc6-syzkaller-00104-g72a8e05d4f66-dirty #0 [ 2021.488161][ T9482] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 2021.498357][ T9482] Call Trace: [ 2021.501636][ T9482] [ 2021.504566][ T9482] dump_stack_lvl+0xd6/0x122 [ 2021.509266][ T9482] dump_stack+0x11/0x12 01:40:11 executing program 5: r0 = syz_open_dev$usbmon(0x0, 0x0, 0x0) read$usbmon(r0, 0x0, 0x36) syz_usbip_server_init(0x1) 01:40:11 executing program 0: getpid() socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, 0x0, 0x0, 0x2, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4000000010001fff0000b0030000000000000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00edd62ea20a1d331785", @ANYBLOB="f6058f6edd13b339a41741df7cc8ce16a184f1c3ce95557b15a6b9d8ed59050d446d58b1b14a601e31bc1f05ac2d5eab491981e7982e0834ddf3bc6592804936196dbce83b114f9265aa8c87654cf456311e4cba3ee22fd0451b75c902767755ccec2eb4ea77c45e8d4d4e77f867648d98797fdd8711d671c5f22669c60eb10bf9570150a2c247bf1e55cd1fb91e41588a73327e20823f2f15ce2255a75e6d8afb40aa37c5ae7af3fb6c770673242110d1e2c33cfd3264e2a156ae5ee38d5abfb2ad4c2a8a"], 0x40}}, 0x0) 01:40:11 executing program 3: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000240)=0x1) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4000000010001fff000000000000011c00000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00ed"], 0x40}}, 0x0) 01:40:11 executing program 1: accept4$bt_l2cap(0xffffffffffffffff, 0x0, 0x0, 0x0) memfd_create(&(0x7f0000000100)='/\x00', 0x2) io_uring_register$IORING_REGISTER_FILES(0xffffffffffffffff, 0x2, 0x0, 0x0) 01:40:11 executing program 4: r0 = socket$phonet(0x23, 0x2, 0x1) bind$phonet(r0, 0x0, 0xf) [ 2021.513496][ T9482] dump_header+0x98/0x410 [ 2021.517833][ T9482] oom_kill_process+0xfe/0x550 [ 2021.522602][ T9482] out_of_memory+0x620/0x880 [ 2021.527294][ T9482] mem_cgroup_oom+0x475/0x4f0 [ 2021.531999][ T9482] try_charge_memcg+0x746/0x960 [ 2021.536894][ T9482] ? cgroup_rstat_updated+0x34/0x100 [ 2021.542260][ T9482] ? __rcu_read_unlock+0x4a/0x70 [ 2021.547204][ T9482] obj_cgroup_charge+0x171/0x2b0 [ 2021.552225][ T9482] kmem_cache_alloc_node+0xa5/0x2c0 [ 2021.557475][ T9482] ? dup_task_struct+0x5b/0x2a0 [ 2021.562330][ T9482] dup_task_struct+0x5b/0x2a0 [ 2021.567018][ T9482] copy_process+0x3cb/0x20b0 [ 2021.571603][ T9482] kernel_clone+0x163/0x5c0 [ 2021.576182][ T9482] __x64_sys_clone+0xc3/0xf0 [ 2021.580770][ T9482] do_syscall_64+0x2b/0x70 [ 2021.585317][ T9482] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 2021.591290][ T9482] RIP: 0033:0x7fe837fad531 [ 2021.595761][ T9482] Code: 48 85 ff 74 3d 48 85 f6 74 38 48 83 ee 10 48 89 4e 08 48 89 3e 48 89 d7 4c 89 c2 4d 89 c8 4c 8b 54 24 08 b8 38 00 00 00 0f 05 <48> 85 c0 7c 13 74 01 c3 31 ed 58 5f ff d0 48 89 c7 b8 3c 00 00 00 [ 2021.615358][ T9482] RSP: 002b:00007ffd964f7748 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 2021.623831][ T9482] RAX: ffffffffffffffda RBX: 00007fe837722700 RCX: 00007fe837fad531 [ 2021.631882][ T9482] RDX: 00007fe8377229d0 RSI: 00007fe8377222f0 RDI: 00000000003d0f00 [ 2021.639855][ T9482] RBP: 00007ffd964f7990 R08: 00007fe837722700 R09: 00007fe837722700 [ 2021.647816][ T9482] R10: 00007fe8377229d0 R11: 0000000000000206 R12: 00007ffd964f77fe [ 2021.655796][ T9482] R13: 00007ffd964f77ff R14: 00007fe837722300 R15: 0000000000022000 [ 2021.663822][ T9482] 01:40:12 executing program 1: r0 = socket$packet(0x11, 0x2, 0x300) setsockopt$packet_buf(r0, 0x107, 0x5, 0x0, 0x0) [ 2021.667031][ T9482] memory: usage 307196kB, limit 307200kB, failcnt 61431 [ 2021.674244][ T9482] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2021.681092][ T9482] Memory cgroup stats for /syz4: [ 2021.689071][ T9482] anon 90112 [ 2021.689071][ T9482] file 126976 [ 2021.689071][ T9482] kernel 314335232 [ 2021.689071][ T9482] kernel_stack 16384 [ 2021.689071][ T9482] pagetables 65536 [ 2021.689071][ T9482] percpu 11039616 [ 2021.689071][ T9482] sock 0 [ 2021.689071][ T9482] vmalloc 0 [ 2021.689071][ T9482] shmem 126976 [ 2021.689071][ T9482] file_mapped 126976 [ 2021.689071][ T9482] file_dirty 0 [ 2021.689071][ T9482] file_writeback 0 [ 2021.689071][ T9482] swapcached 0 [ 2021.689071][ T9482] inactive_anon 159744 [ 2021.689071][ T9482] active_anon 57344 [ 2021.689071][ T9482] inactive_file 0 [ 2021.689071][ T9482] active_file 0 [ 2021.689071][ T9482] unevictable 0 [ 2021.689071][ T9482] slab_reclaimable 33320 [ 2021.689071][ T9482] slab_unreclaimable 303137904 [ 2021.689071][ T9482] slab 303171224 [ 2021.689071][ T9482] workingset_refault_anon 0 [ 2021.689071][ T9482] workingset_refault_file 15 [ 2021.689071][ T9482] workingset_activate_anon 0 [ 2021.689071][ T9482] workingset_activate_file 0 [ 2021.696917][ T9490] vhci_hcd vhci_hcd.0: pdev(5) rhport(0) sockfd(3) [ 2021.784846][ T9482] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null) [ 2021.791278][ T9490] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 2021.798138][ T9482] ,cpuset=syz4,mems_allowed=0,oom_memcg= [ 2021.805677][ T9490] vhci_hcd vhci_hcd.0: Device attached 01:40:12 executing program 1: pselect6(0x0, 0x0, 0x0, &(0x7f00000000c0), 0x0, 0x0) [ 2021.816761][ T9482] /syz4,task_memcg=/syz4,task=syz-executor.4,pid=9482,uid=0 [ 2021.818836][ T9491] vhci_hcd: connection closed [ 2021.824093][ T9482] Memory cgroup out of memory: Killed process 9482 (syz-executor.4) total-vm:46312kB, anon-rss:388kB, file-rss:8192kB, shmem-rss:0kB, UID:0 pgtables:68kB oom_score_adj:1000 [ 2021.827450][ T5083] vhci_hcd: stop threads [ 2021.850224][ T5083] vhci_hcd: release socket [ 2021.854739][ T5083] vhci_hcd: disconnect device 01:40:12 executing program 4: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000100)=0x100000001, 0x4) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @empty}, 0x1c) setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f0000000140), 0x4) setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x1, &(0x7f0000000180)=@ccm_128={{0x303, 0x38}, '\x00', '\x00\x00\x00\x00\x00\x00\x00\x00\b\x00', "000200", "9d3333cc118b50d7"}, 0x28) r1 = eventfd2(0x0, 0x0) dup3(r1, r0, 0x0) [ 2021.949857][ T9501] syz-executor.4 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 2021.960079][ T9501] CPU: 1 PID: 9501 Comm: syz-executor.4 Not tainted 5.19.0-rc6-syzkaller-00104-g72a8e05d4f66-dirty #0 [ 2021.971032][ T9501] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 2021.981106][ T9501] Call Trace: [ 2021.984374][ T9501] [ 2021.987315][ T9501] dump_stack_lvl+0xd6/0x122 [ 2021.991976][ T9501] dump_stack+0x11/0x12 [ 2021.996191][ T9501] dump_header+0x98/0x410 [ 2022.000525][ T9501] oom_kill_process+0xfe/0x550 [ 2022.005354][ T9501] out_of_memory+0x620/0x880 [ 2022.010048][ T9501] mem_cgroup_oom+0x475/0x4f0 [ 2022.014728][ T9501] try_charge_memcg+0x746/0x960 [ 2022.019659][ T9501] charge_memcg+0x63/0x2c0 [ 2022.024076][ T9501] __mem_cgroup_charge+0x25/0xa0 [ 2022.029014][ T9501] wp_page_copy+0x20f/0x1460 [ 2022.033613][ T9501] do_wp_page+0x76f/0xe10 [ 2022.037951][ T9501] handle_mm_fault+0x5fb/0xa90 [ 2022.042721][ T9501] do_user_addr_fault+0x4cd/0x940 [ 2022.047751][ T9501] exc_page_fault+0x60/0x160 [ 2022.052397][ T9501] asm_exc_page_fault+0x22/0x30 [ 2022.057336][ T9501] RIP: 0033:0x7fe837f57a90 [ 2022.061752][ T9501] Code: 0f 84 b4 00 00 00 80 3d 21 09 0a 01 00 75 1b 80 3d 19 09 0a 01 00 75 12 80 3d 0b 09 0a 01 00 0f 84 95 00 00 00 0f 1f 44 00 00 <41> c6 44 24 f8 01 45 89 6c 24 f4 41 c6 44 24 14 00 8b 93 8c 00 00 [ 2022.081399][ T9501] RSP: 002b:00007ffd964f7880 EFLAGS: 00010202 [ 2022.087501][ T9501] RAX: 0000000000000000 RBX: 00007fe8380bef6c RCX: 0000000000000000 [ 2022.095474][ T9501] RDX: 00007ffd964f79e8 RSI: ffff8017c7f41094 RDI: 00007ffd964f7a18 [ 2022.103461][ T9501] RBP: 00007ffd964f79e8 R08: 0000000000000000 R09: 0000000000000000 [ 2022.111429][ T9501] R10: 00007ffd965730b8 R11: 000000000005b662 R12: 00007fe8380bef6c [ 2022.119422][ T9501] R13: 0000000000000000 R14: 00007fe8380bef60 R15: 00007ffd964f7b20 [ 2022.127561][ T9501] [ 2022.130711][ T9501] memory: usage 307200kB, limit 307200kB, failcnt 61460 [ 2022.137671][ T9501] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2022.144619][ T9501] Memory cgroup stats for /syz4: [ 2022.147184][ T9501] anon 73728 [ 2022.147184][ T9501] file 126976 [ 2022.147184][ T9501] kernel 314372096 [ 2022.147184][ T9501] kernel_stack 16384 [ 2022.147184][ T9501] pagetables 65536 [ 2022.147184][ T9501] percpu 11039616 [ 2022.147184][ T9501] sock 0 [ 2022.147184][ T9501] vmalloc 0 [ 2022.147184][ T9501] shmem 126976 [ 2022.147184][ T9501] file_mapped 126976 [ 2022.147184][ T9501] file_dirty 0 [ 2022.147184][ T9501] file_writeback 0 [ 2022.147184][ T9501] swapcached 0 [ 2022.147184][ T9501] inactive_anon 114688 [ 2022.147184][ T9501] active_anon 57344 [ 2022.147184][ T9501] inactive_file 0 [ 2022.147184][ T9501] active_file 0 [ 2022.147184][ T9501] unevictable 0 [ 2022.147184][ T9501] slab_reclaimable 53352 [ 2022.147184][ T9501] slab_unreclaimable 303150232 [ 2022.147184][ T9501] slab 303203584 [ 2022.147184][ T9501] workingset_refault_anon 0 [ 2022.147184][ T9501] workingset_refault_file 15 [ 2022.147184][ T9501] workingset_activate_anon 0 [ 2022.147184][ T9501] workingset_activate_file 0 01:40:12 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000140), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_WPAN_PHY_NETNS(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)={0x1c, r1, 0x1, 0x0, 0x0, {}, [@NL802154_ATTR_WPAN_PHY={0x8}]}, 0x1c}}, 0x0) [ 2022.243074][ T9501] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=9501,uid=0 [ 2022.258412][ T9501] Memory cgroup out of memory: Killed process 9501 (syz-executor.4) total-vm:46180kB, anon-rss:388kB, file-rss:8192kB, shmem-rss:0kB, UID:0 pgtables:68kB oom_score_adj:1000 [ 2022.300366][ T9502] syz-executor.4 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 2022.310629][ T9502] CPU: 1 PID: 9502 Comm: syz-executor.4 Not tainted 5.19.0-rc6-syzkaller-00104-g72a8e05d4f66-dirty #0 [ 2022.321619][ T9502] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 2022.331696][ T9502] Call Trace: [ 2022.334987][ T9502] [ 2022.337911][ T9502] dump_stack_lvl+0xd6/0x122 [ 2022.342505][ T9502] dump_stack+0x11/0x12 [ 2022.346737][ T9502] dump_header+0x98/0x410 [ 2022.351066][ T9502] oom_kill_process+0xfe/0x550 [ 2022.355918][ T9502] out_of_memory+0x620/0x880 [ 2022.360513][ T9502] mem_cgroup_oom+0x475/0x4f0 [ 2022.365185][ T9502] try_charge_memcg+0x746/0x960 [ 2022.370076][ T9502] __memcg_kmem_charge_page+0x2e4/0x480 [ 2022.375651][ T9502] alloc_thread_stack_node+0x101/0x360 [ 2022.381142][ T9502] dup_task_struct+0x96/0x2a0 [ 2022.385840][ T9502] copy_process+0x3cb/0x20b0 [ 2022.390435][ T9502] kernel_clone+0x163/0x5c0 [ 2022.394949][ T9502] __x64_sys_clone+0xc3/0xf0 [ 2022.399568][ T9502] do_syscall_64+0x2b/0x70 [ 2022.404099][ T9502] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 2022.409993][ T9502] RIP: 0033:0x7fe837fad531 [ 2022.414532][ T9502] Code: 48 85 ff 74 3d 48 85 f6 74 38 48 83 ee 10 48 89 4e 08 48 89 3e 48 89 d7 4c 89 c2 4d 89 c8 4c 8b 54 24 08 b8 38 00 00 00 0f 05 <48> 85 c0 7c 13 74 01 c3 31 ed 58 5f ff d0 48 89 c7 b8 3c 00 00 00 [ 2022.434210][ T9502] RSP: 002b:00007ffd964f7748 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 2022.442627][ T9502] RAX: ffffffffffffffda RBX: 00007fe837722700 RCX: 00007fe837fad531 [ 2022.450678][ T9502] RDX: 00007fe8377229d0 RSI: 00007fe8377222f0 RDI: 00000000003d0f00 [ 2022.458644][ T9502] RBP: 00007ffd964f7990 R08: 00007fe837722700 R09: 00007fe837722700 [ 2022.466612][ T9502] R10: 00007fe8377229d0 R11: 0000000000000206 R12: 00007ffd964f77fe [ 2022.474575][ T9502] R13: 00007ffd964f77ff R14: 00007fe837722300 R15: 0000000000022000 [ 2022.482543][ T9502] [ 2022.485593][ T9502] memory: usage 307200kB, limit 307200kB, failcnt 61500 [ 2022.492532][ T9502] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2022.499439][ T9502] Memory cgroup stats for /syz4: [ 2022.499886][ T9502] anon 90112 [ 2022.499886][ T9502] file 126976 [ 2022.499886][ T9502] kernel 314355712 [ 2022.499886][ T9502] kernel_stack 16384 [ 2022.499886][ T9502] pagetables 65536 [ 2022.499886][ T9502] percpu 11039616 [ 2022.499886][ T9502] sock 0 [ 2022.499886][ T9502] vmalloc 0 [ 2022.499886][ T9502] shmem 126976 [ 2022.499886][ T9502] file_mapped 126976 [ 2022.499886][ T9502] file_dirty 0 [ 2022.499886][ T9502] file_writeback 0 [ 2022.499886][ T9502] swapcached 0 [ 2022.499886][ T9502] inactive_anon 139264 [ 2022.499886][ T9502] active_anon 57344 [ 2022.499886][ T9502] inactive_file 0 [ 2022.499886][ T9502] active_file 0 [ 2022.499886][ T9502] unevictable 0 [ 2022.499886][ T9502] slab_reclaimable 33320 [ 2022.499886][ T9502] slab_unreclaimable 303144128 [ 2022.499886][ T9502] slab 303177448 [ 2022.499886][ T9502] workingset_refault_anon 0 [ 2022.499886][ T9502] workingset_refault_file 15 [ 2022.499886][ T9502] workingset_activate_anon 0 [ 2022.499886][ T9502] workingset_activate_file 0 01:40:13 executing program 2: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000240)=0x1) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4000000010001fff000000000000040000000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00ed"], 0x40}}, 0x0) 01:40:13 executing program 5: r0 = syz_open_dev$usbmon(0x0, 0x0, 0x0) read$usbmon(r0, 0x0, 0x36) syz_usbip_server_init(0x1) 01:40:13 executing program 4: io_uring_setup(0x694a, &(0x7f0000000180)={0x0, 0x3323, 0x8}) [ 2022.595811][ T9502] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=9502,uid=0 [ 2022.611012][ T9502] Memory cgroup out of memory: Killed process 9502 (syz-executor.4) total-vm:46312kB, anon-rss:388kB, file-rss:8192kB, shmem-rss:0kB, UID:0 pgtables:68kB oom_score_adj:1000 [ 2022.681271][ T9507] vhci_hcd vhci_hcd.0: pdev(5) rhport(0) sockfd(3) [ 2022.687870][ T9507] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 2022.693003][ T9508] syz-executor.4 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 2022.695446][ T9507] vhci_hcd vhci_hcd.0: Device attached [ 2022.705564][ T9508] CPU: 0 PID: 9508 Comm: syz-executor.4 Not tainted 5.19.0-rc6-syzkaller-00104-g72a8e05d4f66-dirty #0 [ 2022.714353][ T9509] vhci_hcd: connection closed 01:40:13 executing program 0: getpid() socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, 0x0, 0x0, 0x2, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4000000010001fff0000b6030000000000000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00edd62ea20a1d331785", @ANYBLOB="f6058f6edd13b339a41741df7cc8ce16a184f1c3ce95557b15a6b9d8ed59050d446d58b1b14a601e31bc1f05ac2d5eab491981e7982e0834ddf3bc6592804936196dbce83b114f9265aa8c87654cf456311e4cba3ee22fd0451b75c902767755ccec2eb4ea77c45e8d4d4e77f867648d98797fdd8711d671c5f22669c60eb10bf9570150a2c247bf1e55cd1fb91e41588a73327e20823f2f15ce2255a75e6d8afb40aa37c5ae7af3fb6c770673242110d1e2c33cfd3264e2a156ae5ee38d5abfb2ad4c2a8a"], 0x40}}, 0x0) 01:40:13 executing program 1: pselect6(0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000140), 0x8}) [ 2022.721906][ T9508] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 2022.734876][ T5088] vhci_hcd: stop threads [ 2022.736617][ T9508] Call Trace: [ 2022.736626][ T9508] [ 2022.736633][ T9508] dump_stack_lvl+0xd6/0x122 [ 2022.740850][ T5088] vhci_hcd: release socket [ 2022.744123][ T9508] dump_stack+0x11/0x12 [ 2022.744143][ T9508] dump_header+0x98/0x410 [ 2022.747060][ T5088] vhci_hcd: disconnect device [ 2022.769300][ T9508] oom_kill_process+0xfe/0x550 [ 2022.774123][ T9508] out_of_memory+0x620/0x880 [ 2022.778745][ T9508] mem_cgroup_oom+0x475/0x4f0 [ 2022.783434][ T9508] try_charge_memcg+0x746/0x960 [ 2022.788291][ T9508] charge_memcg+0x63/0x2c0 [ 2022.792694][ T9508] __mem_cgroup_charge+0x25/0xa0 [ 2022.797638][ T9508] wp_page_copy+0x20f/0x1460 [ 2022.802278][ T9508] do_wp_page+0x76f/0xe10 [ 2022.806613][ T9508] handle_mm_fault+0x5fb/0xa90 [ 2022.811369][ T9508] do_user_addr_fault+0x4cd/0x940 [ 2022.816382][ T9508] exc_page_fault+0x60/0x160 [ 2022.821023][ T9508] asm_exc_page_fault+0x22/0x30 [ 2022.825876][ T9508] RIP: 0033:0x7fe837f7b0d1 [ 2022.830291][ T9508] Code: 11 00 4c 29 e8 4b 8d 0c 2f 48 8b 6c 24 18 48 39 d3 48 89 4b 60 0f 95 c2 48 83 c8 01 0f b6 d2 48 c1 e2 02 4c 09 ea 48 83 ca 01 <49> 89 57 08 48 89 41 08 49 83 c7 10 eb b3 48 8d 3d ca de 09 00 e8 [ 2022.849885][ T9508] RSP: 002b:00007ffd964f76a0 EFLAGS: 00010206 [ 2022.855965][ T9508] RAX: 0000000000020801 RBX: 00007fe8380925e0 RCX: 00005555560a2800 [ 2022.863940][ T9508] RDX: 0000000000000121 RSI: 0000000000000000 RDI: 0000000000000004 [ 2022.872047][ T9508] RBP: 0000000000000110 R08: 0000000000000003 R09: 00007fe838092640 [ 2022.880011][ T9508] R10: 0000000000020022 R11: 0000000000000120 R12: 0000000000000010 [ 2022.888032][ T9508] R13: 0000000000000120 R14: 0000000000000012 R15: 00005555560a26e0 [ 2022.896018][ T9508] [ 2022.899143][ T9508] memory: usage 307192kB, limit 307200kB, failcnt 61547 [ 2022.906105][ T9508] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2022.913827][ T9508] Memory cgroup stats for /syz4: [ 2022.914791][ T9508] anon 90112 [ 2022.914791][ T9508] file 126976 [ 2022.914791][ T9508] kernel 314347520 [ 2022.914791][ T9508] kernel_stack 16384 [ 2022.914791][ T9508] pagetables 73728 [ 2022.914791][ T9508] percpu 11039616 [ 2022.914791][ T9508] sock 0 [ 2022.914791][ T9508] vmalloc 0 [ 2022.914791][ T9508] shmem 126976 [ 2022.914791][ T9508] file_mapped 126976 [ 2022.914791][ T9508] file_dirty 0 [ 2022.914791][ T9508] file_writeback 0 [ 2022.914791][ T9508] swapcached 0 [ 2022.914791][ T9508] inactive_anon 135168 [ 2022.914791][ T9508] active_anon 57344 [ 2022.914791][ T9508] inactive_file 0 [ 2022.914791][ T9508] active_file 0 [ 2022.914791][ T9508] unevictable 0 [ 2022.914791][ T9508] slab_reclaimable 21344 [ 2022.914791][ T9508] slab_unreclaimable 303145000 [ 2022.914791][ T9508] slab 303166344 [ 2022.914791][ T9508] workingset_refault_anon 0 [ 2022.914791][ T9508] workingset_refault_file 15 [ 2022.914791][ T9508] workingset_activate_anon 0 [ 2022.914791][ T9508] workingset_activate_file 0 [ 2023.012966][ T9508] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=9508,uid=0 [ 2023.028346][ T9508] Memory cgroup out of memory: Killed process 9508 (syz-executor.4) total-vm:46312kB, anon-rss:388kB, file-rss:8192kB, shmem-rss:0kB, UID:0 pgtables:76kB oom_score_adj:1000 01:40:13 executing program 3: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000240)=0x1) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4000000010001fff000000000000031e00000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00ed"], 0x40}}, 0x0) 01:40:13 executing program 4: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$gtp(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$GTP_CMD_DELPDP(r0, &(0x7f0000000180)={&(0x7f0000000040), 0xc, &(0x7f0000000140)={&(0x7f00000000c0)={0x24, r1, 0x1, 0x0, 0x0, {}, [@GTPA_LINK={0x8}, @GTPA_FLOW={0x6}]}, 0x24}}, 0x0) [ 2023.227186][ T9519] syz-executor.4 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 2023.237502][ T9519] CPU: 0 PID: 9519 Comm: syz-executor.4 Not tainted 5.19.0-rc6-syzkaller-00104-g72a8e05d4f66-dirty #0 [ 2023.248439][ T9519] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 2023.258481][ T9519] Call Trace: [ 2023.261814][ T9519] [ 2023.264744][ T9519] dump_stack_lvl+0xd6/0x122 [ 2023.269411][ T9519] dump_stack+0x11/0x12 [ 2023.273582][ T9519] dump_header+0x98/0x410 [ 2023.277922][ T9519] oom_kill_process+0xfe/0x550 [ 2023.282709][ T9519] out_of_memory+0x620/0x880 [ 2023.287348][ T9519] mem_cgroup_oom+0x475/0x4f0 [ 2023.292136][ T9519] try_charge_memcg+0x746/0x960 [ 2023.297005][ T9519] __memcg_kmem_charge_page+0x2e4/0x480 [ 2023.302562][ T9519] alloc_thread_stack_node+0x101/0x360 [ 2023.308073][ T9519] dup_task_struct+0x96/0x2a0 [ 2023.312741][ T9519] copy_process+0x3cb/0x20b0 [ 2023.317417][ T9519] kernel_clone+0x163/0x5c0 [ 2023.321914][ T9519] __x64_sys_clone+0xc3/0xf0 01:40:13 executing program 5: r0 = syz_open_dev$usbmon(0x0, 0x0, 0x0) read$usbmon(r0, 0x0, 0x36) syz_usbip_server_init(0x1) [ 2023.326493][ T9519] do_syscall_64+0x2b/0x70 [ 2023.330983][ T9519] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 2023.336942][ T9519] RIP: 0033:0x7fe837fad531 [ 2023.341365][ T9519] Code: 48 85 ff 74 3d 48 85 f6 74 38 48 83 ee 10 48 89 4e 08 48 89 3e 48 89 d7 4c 89 c2 4d 89 c8 4c 8b 54 24 08 b8 38 00 00 00 0f 05 <48> 85 c0 7c 13 74 01 c3 31 ed 58 5f ff d0 48 89 c7 b8 3c 00 00 00 [ 2023.360998][ T9519] RSP: 002b:00007ffd964f7748 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 2023.369411][ T9519] RAX: ffffffffffffffda RBX: 00007fe837722700 RCX: 00007fe837fad531 [ 2023.375798][ T9523] vhci_hcd vhci_hcd.0: pdev(5) rhport(0) sockfd(3) [ 2023.377476][ T9519] RDX: 00007fe8377229d0 RSI: 00007fe8377222f0 RDI: 00000000003d0f00 [ 2023.383966][ T9523] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 2023.391921][ T9519] RBP: 00007ffd964f7990 R08: 00007fe837722700 R09: 00007fe837722700 [ 2023.399456][ T9523] vhci_hcd vhci_hcd.0: Device attached [ 2023.407322][ T9519] R10: 00007fe8377229d0 R11: 0000000000000206 R12: 00007ffd964f77fe [ 2023.407376][ T9519] R13: 00007ffd964f77ff R14: 00007fe837722300 R15: 0000000000022000 [ 2023.407392][ T9519] [ 2023.423338][ T9524] vhci_hcd: connection closed [ 2023.428927][ T9519] memory: usage 307200kB, limit 307200kB, failcnt 61578 [ 2023.435765][ T5088] vhci_hcd: stop threads [ 2023.436602][ T9519] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2023.443538][ T5088] vhci_hcd: release socket [ 2023.447769][ T9519] Memory cgroup stats for [ 2023.454681][ T5088] vhci_hcd: disconnect device [ 2023.458975][ T9519] /syz4: [ 2023.464740][ T9519] anon 90112 [ 2023.464740][ T9519] file 126976 [ 2023.464740][ T9519] kernel 314351616 [ 2023.464740][ T9519] kernel_stack 16384 [ 2023.464740][ T9519] pagetables 65536 [ 2023.464740][ T9519] percpu 11039616 [ 2023.464740][ T9519] sock 0 [ 2023.464740][ T9519] vmalloc 0 [ 2023.464740][ T9519] shmem 126976 [ 2023.464740][ T9519] file_mapped 126976 [ 2023.464740][ T9519] file_dirty 0 [ 2023.464740][ T9519] file_writeback 0 [ 2023.464740][ T9519] swapcached 0 [ 2023.464740][ T9519] inactive_anon 114688 [ 2023.464740][ T9519] active_anon 57344 [ 2023.464740][ T9519] inactive_file 0 [ 2023.464740][ T9519] active_file 0 [ 2023.464740][ T9519] unevictable 0 [ 2023.464740][ T9519] slab_reclaimable 21344 [ 2023.464740][ T9519] slab_unreclaimable 303143680 [ 2023.464740][ T9519] slab 303165024 [ 2023.464740][ T9519] workingset_refault_anon 0 [ 2023.464740][ T9519] workingset_refault_file 15 [ 2023.464740][ T9519] workingset_activate_anon 0 [ 2023.464740][ T9519] workingset_activate_file 0 [ 2023.561823][ T9519] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=9519,uid=0 01:40:13 executing program 4: syz_clone(0x3000000, 0x0, 0x0, 0x0, 0x0, 0x0) 01:40:13 executing program 1: syz_open_dev$usbmon(&(0x7f0000000380), 0x0, 0x48801) [ 2023.577082][ T9519] Memory cgroup out of memory: Killed process 9519 (syz-executor.4) total-vm:46312kB, anon-rss:388kB, file-rss:8192kB, shmem-rss:0kB, UID:0 pgtables:68kB oom_score_adj:1000 01:40:14 executing program 1: ioctl$X86_IOC_RDMSR_REGS(0xffffffffffffffff, 0xc02063a0, 0x0) 01:40:14 executing program 4: r0 = add_key$keyring(&(0x7f0000000100), &(0x7f0000000140)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffe) r1 = add_key$fscrypt_v1(&(0x7f0000000180), &(0x7f00000001c0)={'fscrypt:', @desc4}, &(0x7f0000000200)={0x0, "c56c37e1ba0ee86f9a7409870f5e7667dabcb375cc52dfa5d65039700d4916dad2cb3bbb71442bc2d21a9c1e167b69a65ee4cf20f173c3fa41648ccd78ba3520"}, 0x48, r0) add_key$keyring(&(0x7f0000000280), 0x0, 0x0, 0x0, r1) 01:40:14 executing program 2: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000240)=0x1) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4000000010001fff000000000000080000000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00ed"], 0x40}}, 0x0) [ 2023.619787][ T9527] Memory cgroup out of memory: Killed process 9527 (syz-executor.4) total-vm:46312kB, anon-rss:388kB, file-rss:8192kB, shmem-rss:0kB, UID:0 pgtables:68kB oom_score_adj:1000 01:40:14 executing program 0: getpid() socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, 0x0, 0x0, 0x2, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4000000010001fff0000c0030000000000000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00edd62ea20a1d331785", @ANYBLOB="f6058f6edd13b339a41741df7cc8ce16a184f1c3ce95557b15a6b9d8ed59050d446d58b1b14a601e31bc1f05ac2d5eab491981e7982e0834ddf3bc6592804936196dbce83b114f9265aa8c87654cf456311e4cba3ee22fd0451b75c902767755ccec2eb4ea77c45e8d4d4e77f867648d98797fdd8711d671c5f22669c60eb10bf9570150a2c247bf1e55cd1fb91e41588a73327e20823f2f15ce2255a75e6d8afb40aa37c5ae7af3fb6c770673242110d1e2c33cfd3264e2a156ae5ee38d5abfb2ad4c2a8a"], 0x40}}, 0x0) 01:40:14 executing program 1: r0 = socket$phonet(0x23, 0x2, 0x1) accept$packet(r0, 0x0, 0x0) 01:40:14 executing program 1: r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0) connect$bt_l2cap(r0, &(0x7f00000005c0)={0x1f, 0x0, @none}, 0xe) [ 2023.747907][ T24] audit: type=1400 audit(1657676414.111:568): avc: denied { accept } for pid=9538 comm="syz-executor.1" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1 01:40:14 executing program 1: r0 = socket$inet6(0xa, 0x5, 0x0) sendmmsg$inet6(r0, &(0x7f0000005500)=[{{&(0x7f0000000000)={0xa, 0x0, 0x0, @private1}, 0x1c, &(0x7f0000000080)=[{&(0x7f0000000040)="d2", 0x1}], 0x1}}, {{&(0x7f00000000c0)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @multicast2}}, 0x1c, 0x0}}], 0x2, 0x0) [ 2024.147218][ T9536] oom_kill_process: 1 callbacks suppressed [ 2024.147235][ T9536] syz-executor.4 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 2024.163369][ T9536] CPU: 0 PID: 9536 Comm: syz-executor.4 Not tainted 5.19.0-rc6-syzkaller-00104-g72a8e05d4f66-dirty #0 [ 2024.174324][ T9536] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 2024.184379][ T9536] Call Trace: [ 2024.187701][ T9536] [ 2024.190658][ T9536] dump_stack_lvl+0xd6/0x122 [ 2024.195264][ T9536] dump_stack+0x11/0x12 [ 2024.199425][ T9536] dump_header+0x98/0x410 [ 2024.203866][ T9536] oom_kill_process+0xfe/0x550 [ 2024.208675][ T9536] out_of_memory+0x620/0x880 [ 2024.213340][ T9536] mem_cgroup_oom+0x475/0x4f0 [ 2024.218028][ T9536] try_charge_memcg+0x746/0x960 [ 2024.222904][ T9536] __memcg_kmem_charge_page+0x2e4/0x480 [ 2024.228535][ T9536] alloc_thread_stack_node+0x101/0x360 [ 2024.234064][ T9536] dup_task_struct+0x96/0x2a0 [ 2024.239345][ T9536] copy_process+0x3cb/0x20b0 01:40:14 executing program 3: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000240)=0x1) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4000000010001fff000000000000002000000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00ed"], 0x40}}, 0x0) [ 2024.243974][ T9536] ? __this_cpu_preempt_check+0xf/0x10 [ 2024.249449][ T9536] ? sysvec_call_function_single+0x99/0xb0 [ 2024.255290][ T9536] kernel_clone+0x163/0x5c0 [ 2024.259887][ T9536] __x64_sys_clone+0xc3/0xf0 [ 2024.264495][ T9536] do_syscall_64+0x2b/0x70 [ 2024.268930][ T9536] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 2024.274951][ T9536] RIP: 0033:0x7fe837fad531 [ 2024.279373][ T9536] Code: 48 85 ff 74 3d 48 85 f6 74 38 48 83 ee 10 48 89 4e 08 48 89 3e 48 89 d7 4c 89 c2 4d 89 c8 4c 8b 54 24 08 b8 38 00 00 00 0f 05 <48> 85 c0 7c 13 74 01 c3 31 ed 58 5f ff d0 48 89 c7 b8 3c 00 00 00 [ 2024.299026][ T9536] RSP: 002b:00007ffd964f7748 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 2024.307474][ T9536] RAX: ffffffffffffffda RBX: 00007fe837722700 RCX: 00007fe837fad531 [ 2024.315453][ T9536] RDX: 00007fe8377229d0 RSI: 00007fe8377222f0 RDI: 00000000003d0f00 [ 2024.323508][ T9536] RBP: 00007ffd964f7990 R08: 00007fe837722700 R09: 00007fe837722700 [ 2024.331556][ T9536] R10: 00007fe8377229d0 R11: 0000000000000206 R12: 00007ffd964f77fe [ 2024.339529][ T9536] R13: 00007ffd964f77ff R14: 00007fe837722300 R15: 0000000000022000 [ 2024.347586][ T9536] [ 2024.350891][ T9536] memory: usage 307200kB, limit 307200kB, failcnt 61725 [ 2024.357977][ T9536] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2024.364845][ T9536] Memory cgroup stats for /syz4: [ 2024.563940][ T9536] anon 94208 [ 2024.563940][ T9536] file 126976 [ 2024.563940][ T9536] kernel 314343424 [ 2024.563940][ T9536] kernel_stack 16384 [ 2024.563940][ T9536] pagetables 73728 [ 2024.563940][ T9536] percpu 11039616 [ 2024.563940][ T9536] sock 0 [ 2024.563940][ T9536] vmalloc 0 [ 2024.563940][ T9536] shmem 126976 [ 2024.563940][ T9536] file_mapped 126976 [ 2024.563940][ T9536] file_dirty 0 [ 2024.563940][ T9536] file_writeback 0 [ 2024.563940][ T9536] swapcached 0 01:40:15 executing program 5: syz_open_dev$usbmon(&(0x7f0000000400), 0x0, 0x0) read$usbmon(0xffffffffffffffff, 0x0, 0x36) syz_usbip_server_init(0x1) [ 2024.563940][ T9536] inactive_anon 163840 [ 2024.563940][ T9536] active_anon 57344 [ 2024.563940][ T9536] inactive_file 0 [ 2024.563940][ T9536] active_file 0 [ 2024.563940][ T9536] unevictable 0 [ 2024.563940][ T9536] slab_reclaimable 15840 [ 2024.563940][ T9536] slab_unreclaimable 303143576 [ 2024.563940][ T9536] slab 303159416 [ 2024.563940][ T9536] workingset_refault_anon 0 [ 2024.563940][ T9536] workingset_refault_file 15 [ 2024.563940][ T9536] workingset_activate_anon 0 [ 2024.563940][ T9536] workingset_activate_file 0 01:40:15 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000140), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_WPAN_PHY_NETNS(r0, &(0x7f0000000200)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f00000001c0)={&(0x7f0000000180)={0x24, r1, 0x1, 0x0, 0x0, {}, [@NL802154_ATTR_WPAN_PHY={0x8}, @NL802154_ATTR_IFINDEX={0x8}]}, 0x24}}, 0x0) [ 2024.659838][ T9536] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=9536,uid=0 [ 2024.668573][ T9555] vhci_hcd vhci_hcd.0: pdev(5) rhport(0) sockfd(4) [ 2024.675060][ T9536] Memory cgroup out of memory: Killed process 9536 (syz-executor.4) total-vm:46312kB, anon-rss:388kB, file-rss:8192kB, shmem-rss:0kB, UID:0 pgtables:76kB oom_score_adj:1000 [ 2024.681504][ T9555] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 2024.681639][ T9555] vhci_hcd vhci_hcd.0: Device attached [ 2024.729697][ T9556] vhci_hcd: connection closed [ 2024.729913][ T5088] vhci_hcd: stop threads [ 2024.738907][ T5088] vhci_hcd: release socket [ 2024.743340][ T5088] vhci_hcd: disconnect device [ 2024.743962][ T9559] syz-executor.4 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 2024.758295][ T9559] CPU: 1 PID: 9559 Comm: syz-executor.4 Not tainted 5.19.0-rc6-syzkaller-00104-g72a8e05d4f66-dirty #0 [ 2024.769265][ T9559] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 2024.779385][ T9559] Call Trace: [ 2024.782726][ T9559] [ 2024.785649][ T9559] dump_stack_lvl+0xd6/0x122 [ 2024.790263][ T9559] dump_stack+0x11/0x12 [ 2024.794498][ T9559] dump_header+0x98/0x410 [ 2024.798889][ T9559] oom_kill_process+0xfe/0x550 [ 2024.803769][ T9559] out_of_memory+0x620/0x880 [ 2024.808380][ T9559] mem_cgroup_oom+0x475/0x4f0 [ 2024.813057][ T9559] try_charge_memcg+0x746/0x960 [ 2024.818106][ T9559] __memcg_kmem_charge_page+0x2e4/0x480 [ 2024.823725][ T9559] alloc_thread_stack_node+0x101/0x360 [ 2024.829246][ T9559] dup_task_struct+0x96/0x2a0 [ 2024.833913][ T9559] copy_process+0x3cb/0x20b0 [ 2024.838583][ T9559] kernel_clone+0x163/0x5c0 [ 2024.843075][ T9559] __x64_sys_clone+0xc3/0xf0 [ 2024.847735][ T9559] do_syscall_64+0x2b/0x70 [ 2024.852155][ T9559] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 2024.858236][ T9559] RIP: 0033:0x7fe837fad531 [ 2024.862631][ T9559] Code: 48 85 ff 74 3d 48 85 f6 74 38 48 83 ee 10 48 89 4e 08 48 89 3e 48 89 d7 4c 89 c2 4d 89 c8 4c 8b 54 24 08 b8 38 00 00 00 0f 05 <48> 85 c0 7c 13 74 01 c3 31 ed 58 5f ff d0 48 89 c7 b8 3c 00 00 00 [ 2024.882228][ T9559] RSP: 002b:00007ffd964f7748 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 2024.890650][ T9559] RAX: ffffffffffffffda RBX: 00007fe837722700 RCX: 00007fe837fad531 [ 2024.898611][ T9559] RDX: 00007fe8377229d0 RSI: 00007fe8377222f0 RDI: 00000000003d0f00 [ 2024.906584][ T9559] RBP: 00007ffd964f7990 R08: 00007fe837722700 R09: 00007fe837722700 [ 2024.914547][ T9559] R10: 00007fe8377229d0 R11: 0000000000000206 R12: 00007ffd964f77fe [ 2024.922531][ T9559] R13: 00007ffd964f77ff R14: 00007fe837722300 R15: 0000000000022000 [ 2024.930529][ T9559] [ 2024.933657][ T9559] memory: usage 307200kB, limit 307200kB, failcnt 61779 [ 2024.940618][ T9559] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2024.947510][ T9559] Memory cgroup stats for /syz4: [ 2024.947975][ T9559] anon 90112 [ 2024.947975][ T9559] file 126976 [ 2024.947975][ T9559] kernel 314331136 [ 2024.947975][ T9559] kernel_stack 16384 [ 2024.947975][ T9559] pagetables 65536 [ 2024.947975][ T9559] percpu 11039616 [ 2024.947975][ T9559] sock 0 [ 2024.947975][ T9559] vmalloc 0 [ 2024.947975][ T9559] shmem 126976 [ 2024.947975][ T9559] file_mapped 126976 [ 2024.947975][ T9559] file_dirty 0 [ 2024.947975][ T9559] file_writeback 0 [ 2024.947975][ T9559] swapcached 0 [ 2024.947975][ T9559] inactive_anon 114688 [ 2024.947975][ T9559] active_anon 57344 [ 2024.947975][ T9559] inactive_file 0 [ 2024.947975][ T9559] active_file 0 [ 2024.947975][ T9559] unevictable 0 [ 2024.947975][ T9559] slab_reclaimable 15840 [ 2024.947975][ T9559] slab_unreclaimable 303143728 [ 2024.947975][ T9559] slab 303159568 [ 2024.947975][ T9559] workingset_refault_anon 0 01:40:15 executing program 4: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$GTP_CMD_DELPDP(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={0x0, 0x24}, 0x1, 0x0, 0xf00}, 0x0) [ 2024.947975][ T9559] workingset_refault_file 15 [ 2024.947975][ T9559] workingset_activate_anon 0 [ 2024.947975][ T9559] workingset_activate_file 0 [ 2025.043771][ T9559] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=9559,uid=0 [ 2025.058934][ T9559] Memory cgroup out of memory: Killed process 9559 (syz-executor.4) total-vm:46312kB, anon-rss:388kB, file-rss:8192kB, shmem-rss:0kB, UID:0 pgtables:68kB oom_score_adj:1000 01:40:15 executing program 1: r0 = socket(0x2a, 0x2, 0x0) sendmsg$GTP_CMD_DELPDP(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={0x0, 0x28}}, 0x0) 01:40:15 executing program 1: sendmsg$RDMA_NLDEV_CMD_SYS_SET(0xffffffffffffffff, 0x0, 0x0) syz_genetlink_get_family_id$fou(&(0x7f0000000440), 0xffffffffffffffff) socket$packet(0x11, 0x3, 0x300) [ 2025.097083][ T9562] syz-executor.4 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 2025.107367][ T9562] CPU: 1 PID: 9562 Comm: syz-executor.4 Not tainted 5.19.0-rc6-syzkaller-00104-g72a8e05d4f66-dirty #0 [ 2025.118319][ T9562] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 2025.128429][ T9562] Call Trace: [ 2025.131763][ T9562] [ 2025.134706][ T9562] dump_stack_lvl+0xd6/0x122 [ 2025.139314][ T9562] dump_stack+0x11/0x12 [ 2025.143507][ T9562] dump_header+0x98/0x410 [ 2025.147838][ T9562] oom_kill_process+0xfe/0x550 [ 2025.152769][ T9562] out_of_memory+0x620/0x880 [ 2025.157346][ T9562] mem_cgroup_oom+0x475/0x4f0 [ 2025.162121][ T9562] try_charge_memcg+0x746/0x960 [ 2025.167046][ T9562] __memcg_kmem_charge_page+0x2e4/0x480 [ 2025.172679][ T9562] alloc_thread_stack_node+0x101/0x360 [ 2025.178133][ T9562] dup_task_struct+0x96/0x2a0 [ 2025.182921][ T9562] copy_process+0x3cb/0x20b0 [ 2025.187576][ T9562] kernel_clone+0x163/0x5c0 [ 2025.192124][ T9562] __x64_sys_clone+0xc3/0xf0 [ 2025.196786][ T9562] do_syscall_64+0x2b/0x70 [ 2025.201213][ T9562] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 2025.207176][ T9562] RIP: 0033:0x7fe837fad531 [ 2025.211599][ T9562] Code: 48 85 ff 74 3d 48 85 f6 74 38 48 83 ee 10 48 89 4e 08 48 89 3e 48 89 d7 4c 89 c2 4d 89 c8 4c 8b 54 24 08 b8 38 00 00 00 0f 05 <48> 85 c0 7c 13 74 01 c3 31 ed 58 5f ff d0 48 89 c7 b8 3c 00 00 00 [ 2025.231335][ T9562] RSP: 002b:00007ffd964f7748 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 2025.239747][ T9562] RAX: ffffffffffffffda RBX: 00007fe837722700 RCX: 00007fe837fad531 01:40:15 executing program 1: syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) openat$pfkey(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0) syz_clone(0x5001000, &(0x7f0000000080)="e48c1576a5e494805ec2a822e40ca31263ce2f284477a53974445ad5857a6a80bbc26470e6ee90fe0e6d2b20569cefe0567744984b290010a166b3a17b9ad2b97acc0d09c170c474ba38d189259f641794d1cf1760dc865701428be291f546d1302eceaa11e0e29050073e9a1af3c3798c7c8346de1fe014", 0x78, &(0x7f0000000100), &(0x7f0000000140), &(0x7f0000000180)) [ 2025.247777][ T9562] RDX: 00007fe8377229d0 RSI: 00007fe8377222f0 RDI: 00000000003d0f00 [ 2025.255798][ T9562] RBP: 00007ffd964f7990 R08: 00007fe837722700 R09: 00007fe837722700 [ 2025.263859][ T9562] R10: 00007fe8377229d0 R11: 0000000000000206 R12: 00007ffd964f77fe [ 2025.271832][ T9562] R13: 00007ffd964f77ff R14: 00007fe837722300 R15: 0000000000022000 [ 2025.279811][ T9562] [ 2025.282920][ T9562] memory: usage 307192kB, limit 307200kB, failcnt 61808 [ 2025.289924][ T9562] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2025.296819][ T9562] Memory cgroup stats for /syz4: [ 2025.297183][ T9562] anon 90112 [ 2025.297183][ T9562] file 126976 [ 2025.297183][ T9562] kernel 314347520 [ 2025.297183][ T9562] kernel_stack 16384 [ 2025.297183][ T9562] pagetables 65536 [ 2025.297183][ T9562] percpu 11039616 [ 2025.297183][ T9562] sock 0 [ 2025.297183][ T9562] vmalloc 0 [ 2025.297183][ T9562] shmem 126976 [ 2025.297183][ T9562] file_mapped 126976 [ 2025.297183][ T9562] file_dirty 0 [ 2025.297183][ T9562] file_writeback 0 [ 2025.297183][ T9562] swapcached 0 [ 2025.297183][ T9562] inactive_anon 114688 [ 2025.297183][ T9562] active_anon 57344 [ 2025.297183][ T9562] inactive_file 0 [ 2025.297183][ T9562] active_file 0 [ 2025.297183][ T9562] unevictable 0 [ 2025.297183][ T9562] slab_reclaimable 30168 [ 2025.297183][ T9562] slab_unreclaimable 303143864 [ 2025.297183][ T9562] slab 303174032 [ 2025.297183][ T9562] workingset_refault_anon 0 [ 2025.297183][ T9562] workingset_refault_file 15 [ 2025.297183][ T9562] workingset_activate_anon 0 [ 2025.297183][ T9562] workingset_activate_file 0 01:40:15 executing program 2: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000240)=0x1) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4000000010001fff008000000000800000000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00ed"], 0x40}}, 0x0) 01:40:15 executing program 1: syz_genetlink_get_family_id$fou(&(0x7f0000000440), 0xffffffffffffffff) accept$packet(0xffffffffffffffff, 0x0, 0x0) socket$pppl2tp(0x18, 0x1, 0x1) socket$pppl2tp(0x18, 0x1, 0x1) 01:40:15 executing program 5: syz_open_dev$usbmon(&(0x7f0000000400), 0x0, 0x0) read$usbmon(0xffffffffffffffff, 0x0, 0x36) syz_usbip_server_init(0x1) 01:40:15 executing program 4: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$IPVS_CMD_NEW_DAEMON(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000200)=ANY=[@ANYBLOB="e6"], 0x1c}}, 0x0) 01:40:15 executing program 0: getpid() socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, 0x0, 0x0, 0x2, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4000000010001fff0000c6030000000000000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00edd62ea20a1d331785", @ANYBLOB="f6058f6edd13b339a41741df7cc8ce16a184f1c3ce95557b15a6b9d8ed59050d446d58b1b14a601e31bc1f05ac2d5eab491981e7982e0834ddf3bc6592804936196dbce83b114f9265aa8c87654cf456311e4cba3ee22fd0451b75c902767755ccec2eb4ea77c45e8d4d4e77f867648d98797fdd8711d671c5f22669c60eb10bf9570150a2c247bf1e55cd1fb91e41588a73327e20823f2f15ce2255a75e6d8afb40aa37c5ae7af3fb6c770673242110d1e2c33cfd3264e2a156ae5ee38d5abfb2ad4c2a8a"], 0x40}}, 0x0) [ 2025.393007][ T9562] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=9562,uid=0 [ 2025.408266][ T9562] Memory cgroup out of memory: Killed process 9562 (syz-executor.4) total-vm:46312kB, anon-rss:388kB, file-rss:8192kB, shmem-rss:0kB, UID:0 pgtables:68kB oom_score_adj:1000 01:40:15 executing program 3: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000240)=0x1) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4000000010001fff000000000000012200000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00ed"], 0x40}}, 0x0) 01:40:15 executing program 1: r0 = io_uring_setup(0x23cf, &(0x7f0000000200)) io_uring_register$IORING_REGISTER_FILES(r0, 0x2, &(0x7f00000003c0)=[0xffffffffffffffff, 0xffffffffffffffff], 0x2) [ 2025.475518][ T9579] vhci_hcd vhci_hcd.0: pdev(5) rhport(0) sockfd(4) [ 2025.482122][ T9579] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 2025.489679][ T9579] vhci_hcd vhci_hcd.0: Device attached [ 2025.506783][ T9580] vhci_hcd: connection closed [ 2025.508928][ T5082] vhci_hcd: stop threads [ 2025.515949][ T9582] syz-executor.4 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 2025.517890][ T5082] vhci_hcd: release socket [ 2025.517898][ T5082] vhci_hcd: disconnect device [ 2025.528085][ T9582] CPU: 0 PID: 9582 Comm: syz-executor.4 Not tainted 5.19.0-rc6-syzkaller-00104-g72a8e05d4f66-dirty #0 [ 2025.548112][ T9582] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 2025.558351][ T9582] Call Trace: [ 2025.561629][ T9582] [ 2025.564570][ T9582] dump_stack_lvl+0xd6/0x122 [ 2025.569228][ T9582] dump_stack+0x11/0x12 [ 2025.573381][ T9582] dump_header+0x98/0x410 [ 2025.577797][ T9582] oom_kill_process+0xfe/0x550 [ 2025.582563][ T9582] out_of_memory+0x620/0x880 [ 2025.587211][ T9582] mem_cgroup_oom+0x475/0x4f0 [ 2025.591926][ T9582] try_charge_memcg+0x746/0x960 [ 2025.596807][ T9582] __memcg_kmem_charge_page+0x2e4/0x480 [ 2025.602352][ T9582] alloc_thread_stack_node+0x101/0x360 [ 2025.607834][ T9582] dup_task_struct+0x96/0x2a0 [ 2025.612577][ T9582] copy_process+0x3cb/0x20b0 [ 2025.617244][ T9582] kernel_clone+0x163/0x5c0 [ 2025.621803][ T9582] __x64_sys_clone+0xc3/0xf0 [ 2025.626401][ T9582] do_syscall_64+0x2b/0x70 [ 2025.630813][ T9582] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 2025.636739][ T9582] RIP: 0033:0x7fe837fad531 [ 2025.641198][ T9582] Code: 48 85 ff 74 3d 48 85 f6 74 38 48 83 ee 10 48 89 4e 08 48 89 3e 48 89 d7 4c 89 c2 4d 89 c8 4c 8b 54 24 08 b8 38 00 00 00 0f 05 <48> 85 c0 7c 13 74 01 c3 31 ed 58 5f ff d0 48 89 c7 b8 3c 00 00 00 [ 2025.660801][ T9582] RSP: 002b:00007ffd964f7748 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 2025.669209][ T9582] RAX: ffffffffffffffda RBX: 00007fe837722700 RCX: 00007fe837fad531 [ 2025.677235][ T9582] RDX: 00007fe8377229d0 RSI: 00007fe8377222f0 RDI: 00000000003d0f00 [ 2025.685221][ T9582] RBP: 00007ffd964f7990 R08: 00007fe837722700 R09: 00007fe837722700 [ 2025.693186][ T9582] R10: 00007fe8377229d0 R11: 0000000000000206 R12: 00007ffd964f77fe [ 2025.701150][ T9582] R13: 00007ffd964f77ff R14: 00007fe837722300 R15: 0000000000022000 [ 2025.709118][ T9582] [ 2025.712268][ T9582] memory: usage 307200kB, limit 307200kB, failcnt 61858 [ 2025.719238][ T9582] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 01:40:17 executing program 1: r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) sched_rr_get_interval(r0, &(0x7f0000000280)) 01:40:17 executing program 1: sendmsg$RDMA_NLDEV_CMD_SYS_SET(0xffffffffffffffff, 0x0, 0x0) syz_genetlink_get_family_id$fou(&(0x7f0000000440), 0xffffffffffffffff) [ 2025.726189][ T9582] Memory cgroup stats for /syz4: [ 2026.963158][ T9582] anon 90112 [ 2026.963158][ T9582] file 126976 [ 2026.963158][ T9582] kernel 314327040 [ 2026.963158][ T9582] kernel_stack 16384 [ 2026.963158][ T9582] pagetables 65536 [ 2026.963158][ T9582] percpu 11039616 [ 2026.963158][ T9582] sock 0 [ 2026.963158][ T9582] vmalloc 0 [ 2026.963158][ T9582] shmem 126976 [ 2026.963158][ T9582] file_mapped 126976 [ 2026.963158][ T9582] file_dirty 0 [ 2026.963158][ T9582] file_writeback 0 [ 2026.963158][ T9582] swapcached 0 01:40:17 executing program 1: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL802154_CMD_SET_WPAN_PHY_NETNS(r0, &(0x7f0000000200)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f00000001c0)={&(0x7f0000000180)={0x14}, 0x14}}, 0x0) 01:40:17 executing program 1: pselect6(0x0, 0x0, &(0x7f0000000080), 0x0, &(0x7f0000000140), &(0x7f00000001c0)={&(0x7f0000000180)={[0x80000001]}, 0x8}) 01:40:17 executing program 1: socket(0x22, 0x0, 0x800) [ 2026.963158][ T9582] inactive_anon 159744 [ 2026.963158][ T9582] active_anon 57344 [ 2026.963158][ T9582] inactive_file 0 [ 2026.963158][ T9582] active_file 0 [ 2026.963158][ T9582] unevictable 0 [ 2026.963158][ T9582] slab_reclaimable 21344 [ 2026.963158][ T9582] slab_unreclaimable 303130960 [ 2026.963158][ T9582] slab 303152304 [ 2026.963158][ T9582] workingset_refault_anon 0 [ 2026.963158][ T9582] workingset_refault_file 15 [ 2026.963158][ T9582] workingset_activate_anon 0 [ 2026.963158][ T9582] workingset_activate_file 0 [ 2027.059071][ T9582] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=9582,uid=0 [ 2027.074355][ T9582] Memory cgroup out of memory: Killed process 9582 (syz-executor.4) total-vm:46312kB, anon-rss:388kB, file-rss:8192kB, shmem-rss:0kB, UID:0 pgtables:68kB oom_score_adj:1000 01:40:17 executing program 2: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000240)=0x1) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4000000010001fff000000000000000100000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00ed"], 0x40}}, 0x0) 01:40:17 executing program 1: openat$pfkey(0xffffffffffffff9c, &(0x7f0000000100), 0x682181, 0x0) 01:40:17 executing program 5: syz_open_dev$usbmon(&(0x7f0000000400), 0x0, 0x0) read$usbmon(0xffffffffffffffff, 0x0, 0x36) syz_usbip_server_init(0x1) 01:40:17 executing program 4: r0 = syz_open_dev$vcsn(&(0x7f0000000000), 0x6, 0x0) read$ptp(r0, 0x0, 0x0) 01:40:17 executing program 0: getpid() socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, 0x0, 0x0, 0x2, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4000000010001fff0000d6030000000000000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00edd62ea20a1d331785", @ANYBLOB="f6058f6edd13b339a41741df7cc8ce16a184f1c3ce95557b15a6b9d8ed59050d446d58b1b14a601e31bc1f05ac2d5eab491981e7982e0834ddf3bc6592804936196dbce83b114f9265aa8c87654cf456311e4cba3ee22fd0451b75c902767755ccec2eb4ea77c45e8d4d4e77f867648d98797fdd8711d671c5f22669c60eb10bf9570150a2c247bf1e55cd1fb91e41588a73327e20823f2f15ce2255a75e6d8afb40aa37c5ae7af3fb6c770673242110d1e2c33cfd3264e2a156ae5ee38d5abfb2ad4c2a8a"], 0x40}}, 0x0) 01:40:17 executing program 3: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000240)=0x1) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4000000010001fff000000000000002400000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00ed"], 0x40}}, 0x0) 01:40:17 executing program 1: syz_clone(0x5001000, 0x0, 0x0, 0x0, 0x0, 0x0) [ 2027.382447][ T9614] vhci_hcd vhci_hcd.0: pdev(5) rhport(0) sockfd(4) [ 2027.388993][ T9614] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 2027.396569][ T9614] vhci_hcd vhci_hcd.0: Device attached [ 2027.397738][ T9617] syz-executor.4 invoked oom-killer: gfp_mask=0xdc0(GFP_KERNEL|__GFP_ZERO), order=0, oom_score_adj=1000 [ 2027.413215][ T9617] CPU: 0 PID: 9617 Comm: syz-executor.4 Not tainted 5.19.0-rc6-syzkaller-00104-g72a8e05d4f66-dirty #0 [ 2027.422983][ T9615] vhci_hcd: connection closed 01:40:17 executing program 1: r0 = add_key$keyring(&(0x7f0000000100), &(0x7f0000000140)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffe) keyctl$restrict_keyring(0x1d, r0, &(0x7f0000000000)='syzkaller\x00', &(0x7f0000000040)='85baa174f0cb1142') 01:40:17 executing program 1: io_uring_setup(0x6207, &(0x7f0000000000)={0x0, 0x0, 0x20}) [ 2027.424581][ T9617] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 2027.424595][ T9617] Call Trace: [ 2027.424602][ T9617] [ 2027.424609][ T9617] dump_stack_lvl+0xd6/0x122 [ 2027.436465][T30026] vhci_hcd: stop threads [ 2027.439321][ T9617] dump_stack+0x11/0x12 [ 2027.442606][T30026] vhci_hcd: release socket [ 2027.442614][T30026] vhci_hcd: disconnect device [ 2027.445565][ T9617] dump_header+0x98/0x410 [ 2027.445599][ T9617] oom_kill_process+0xfe/0x550 [ 2027.476895][ T9617] out_of_memory+0x620/0x880 [ 2027.481568][ T9617] mem_cgroup_oom+0x475/0x4f0 [ 2027.486338][ T9617] try_charge_memcg+0x746/0x960 [ 2027.491353][ T9617] ? mem_cgroup_iter+0x267/0x340 [ 2027.496310][ T9617] ? shrink_node_memcgs+0x3ed/0x400 [ 2027.501552][ T9617] obj_cgroup_charge+0x171/0x2b0 [ 2027.506503][ T9617] kmem_cache_alloc+0x92/0x300 [ 2027.511352][ T9617] ? __alloc_file+0x2e/0x150 [ 2027.515950][ T9617] __alloc_file+0x2e/0x150 [ 2027.520389][ T9617] alloc_empty_file+0xcd/0x1c0 [ 2027.525161][ T9617] path_openat+0x65/0x1b30 [ 2027.529653][ T9617] ? shrink_zones+0x525/0x5d0 [ 2027.534346][ T9617] do_filp_open+0x105/0x220 [ 2027.538874][ T9617] do_sys_openat2+0xb5/0x2a0 [ 2027.543540][ T9617] ? __rcu_read_unlock+0x4a/0x70 [ 2027.548482][ T9617] __x64_sys_openat+0xef/0x110 [ 2027.553245][ T9617] do_syscall_64+0x2b/0x70 [ 2027.557693][ T9617] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 2027.563727][ T9617] RIP: 0033:0x7fe837f5f024 [ 2027.568145][ T9617] Code: 84 00 00 00 00 00 44 89 54 24 0c e8 96 f9 ff ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 c8 f9 ff ff 8b 44 [ 2027.587831][ T9617] RSP: 002b:00007fe837721ca0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 2027.596250][ T9617] RAX: ffffffffffffffda RBX: 6666666666666667 RCX: 00007fe837f5f024 [ 2027.604229][ T9617] RDX: 0000000000000000 RSI: 00007fe837721d40 RDI: 00000000ffffff9c [ 2027.612216][ T9617] RBP: 00007fe837721d40 R08: 0000000000000000 R09: 0000000000000000 [ 2027.620197][ T9617] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 2027.628178][ T9617] R13: 00007ffd964f77ff R14: 00007fe837722300 R15: 0000000000022000 [ 2027.636236][ T9617] [ 2027.639292][ T9617] memory: usage 307200kB, limit 307200kB, failcnt 61904 [ 2027.646329][ T9617] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 01:40:19 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$gtp(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$GTP_CMD_DELPDP(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="01", @ANYRES32=0x0, @ANYBLOB], 0x24}}, 0x0) [ 2027.653253][ T9617] Memory cgroup stats for /syz4: [ 2028.960369][ T9617] anon 106496 [ 2028.960369][ T9617] file 126976 [ 2028.960369][ T9617] kernel 314327040 [ 2028.960369][ T9617] kernel_stack 32768 [ 2028.960369][ T9617] pagetables 77824 [ 2028.960369][ T9617] percpu 11039616 [ 2028.960369][ T9617] sock 0 [ 2028.960369][ T9617] vmalloc 0 [ 2028.960369][ T9617] shmem 126976 [ 2028.960369][ T9617] file_mapped 126976 [ 2028.960369][ T9617] file_dirty 0 [ 2028.960369][ T9617] file_writeback 0 [ 2028.960369][ T9617] swapcached 0 [ 2028.960369][ T9617] inactive_anon 176128 [ 2028.960369][ T9617] active_anon 57344 [ 2028.960369][ T9617] inactive_file 0 [ 2028.960369][ T9617] active_file 0 [ 2028.960369][ T9617] unevictable 0 [ 2028.960369][ T9617] slab_reclaimable 15840 [ 2028.960369][ T9617] slab_unreclaimable 303123952 [ 2028.960369][ T9617] slab 303139792 [ 2028.960369][ T9617] workingset_refault_anon 0 [ 2028.960369][ T9617] workingset_refault_file 15 [ 2028.960369][ T9617] workingset_activate_anon 0 [ 2028.960369][ T9617] workingset_activate_file 0 01:40:19 executing program 4: pselect6(0x0, 0x0, &(0x7f00000001c0), 0x0, 0x0, 0x0) 01:40:19 executing program 1: syz_open_dev$vcsn(&(0x7f0000000000), 0x7, 0x62501) [ 2028.995590][ T9631] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.1'. [ 2029.056289][ T9617] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=9612,uid=0 [ 2029.080823][ T9617] Memory cgroup out of memory: Killed process 9612 (syz-executor.4) total-vm:46312kB, anon-rss:388kB, file-rss:8192kB, shmem-rss:0kB, UID:0 pgtables:80kB oom_score_adj:1000 01:40:19 executing program 2: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000240)=0x1) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4000000010001fff000000000000000200000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00ed"], 0x40}}, 0x0) 01:40:19 executing program 1: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000100)=0x100000001, 0x4) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @empty}, 0x1c) setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f0000000140), 0x4) setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x1, &(0x7f0000000180)=@ccm_128={{0x303, 0x37}, '\x00', '\x00\x00\x00\x00\x00\x00\x00\x00\b\x00', "c10ad4b8", "9d3333cc118b50d7"}, 0x28) 01:40:19 executing program 0: getpid() socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, 0x0, 0x0, 0x2, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4000000010001fff0000dc030000000000000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00edd62ea20a1d331785", @ANYBLOB="f6058f6edd13b339a41741df7cc8ce16a184f1c3ce95557b15a6b9d8ed59050d446d58b1b14a601e31bc1f05ac2d5eab491981e7982e0834ddf3bc6592804936196dbce83b114f9265aa8c87654cf456311e4cba3ee22fd0451b75c902767755ccec2eb4ea77c45e8d4d4e77f867648d98797fdd8711d671c5f22669c60eb10bf9570150a2c247bf1e55cd1fb91e41588a73327e20823f2f15ce2255a75e6d8afb40aa37c5ae7af3fb6c770673242110d1e2c33cfd3264e2a156ae5ee38d5abfb2ad4c2a8a"], 0x40}}, 0x0) 01:40:19 executing program 3: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000240)=0x1) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4000000010001fff000000000000032400000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00ed"], 0x40}}, 0x0) 01:40:19 executing program 1: io_uring_setup(0x23cf, &(0x7f0000000200)) 01:40:19 executing program 5: r0 = syz_open_dev$usbmon(&(0x7f0000000400), 0x0, 0x0) read$usbmon(r0, 0x0, 0x36) syz_usbip_server_init(0x0) 01:40:19 executing program 1: openat$pfkey(0xffffffffffffff9c, &(0x7f0000000740), 0x50000, 0x0) 01:40:20 executing program 1: r0 = add_key$keyring(&(0x7f0000000100), &(0x7f0000000140)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffe) add_key$fscrypt_v1(&(0x7f0000000180), &(0x7f00000001c0)={'fscrypt:', @desc4}, &(0x7f0000000200)={0x0, "c56c37e1ba0ee86f9a7409870f5e7667dabcb375cc52dfa5d65039700d4916dad2cb3bbb71442bc2d21a9c1e167b69a65ee4cf20f173c3fa41648ccd78ba3520"}, 0x48, r0) keyctl$get_persistent(0x16, 0xffffffffffffffff, r0) [ 2029.765706][ T9657] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN 01:40:20 executing program 1: r0 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0) accept$packet(r0, 0x0, 0x0) 01:40:20 executing program 1: r0 = add_key$keyring(&(0x7f0000000100), &(0x7f0000000140)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffe) keyctl$search(0xa, r0, &(0x7f0000000380)='user\x00', &(0x7f00000003c0)={'syz', 0x3}, r0) [ 2029.990351][ T9634] syz-executor.4 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 2030.000587][ T9634] CPU: 1 PID: 9634 Comm: syz-executor.4 Not tainted 5.19.0-rc6-syzkaller-00104-g72a8e05d4f66-dirty #0 [ 2030.011561][ T9634] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 2030.021618][ T9634] Call Trace: [ 2030.024928][ T9634] [ 2030.027864][ T9634] dump_stack_lvl+0xd6/0x122 [ 2030.032465][ T9634] dump_stack+0x11/0x12 [ 2030.036617][ T9634] dump_header+0x98/0x410 [ 2030.041004][ T9634] oom_kill_process+0xfe/0x550 [ 2030.045834][ T9634] out_of_memory+0x620/0x880 [ 2030.050508][ T9634] mem_cgroup_oom+0x475/0x4f0 [ 2030.055243][ T9634] try_charge_memcg+0x746/0x960 [ 2030.060083][ T9634] charge_memcg+0x63/0x2c0 [ 2030.064587][ T9634] __mem_cgroup_charge+0x25/0xa0 [ 2030.069621][ T9634] wp_page_copy+0x20f/0x1460 [ 2030.074310][ T9634] ? shrink_zones+0x525/0x5d0 [ 2030.078991][ T9634] do_wp_page+0x76f/0xe10 [ 2030.083312][ T9634] handle_mm_fault+0x5fb/0xa90 [ 2030.088133][ T9634] do_user_addr_fault+0x4cd/0x940 [ 2030.093154][ T9634] exc_page_fault+0x60/0x160 [ 2030.097833][ T9634] asm_exc_page_fault+0x22/0x30 [ 2030.102698][ T9634] RIP: 0033:0x7fe837f5a340 [ 2030.107128][ T9634] Code: fe ff 49 39 dc 75 eb 48 8b 44 24 18 89 28 48 83 c4 28 5b 5d 41 5c 41 5d 41 5e 41 5f c3 0f 1f 44 00 00 41 89 c5 e9 75 fe ff ff <43> 89 2c 84 e9 a3 fe ff ff 0f 1f 80 00 00 00 00 49 39 d4 74 70 48 [ 2030.127720][ T9634] RSP: 002b:00007ffd964f77d0 EFLAGS: 00010246 [ 2030.133834][ T9634] RAX: 000000000776374f RBX: 00007fe8380beff8 RCX: 0000001b2de20000 [ 2030.141806][ T9634] RDX: 0000000000000000 RSI: 0000001b2de20018 RDI: 0000000008c0dcbb [ 2030.149769][ T9634] RBP: 000000000776374f R08: 000000000000174f R09: 0000000007763753 [ 2030.157730][ T9634] R10: 00007ffd965730b8 R11: 000000000005bb92 R12: 00007fe8380b3000 [ 2030.165742][ T9634] R13: 0000000000000001 R14: 000000000000000a R15: ffffffff81522a19 [ 2030.173746][ T9634] ? __check_object_size+0x19/0x200 [ 2030.178998][ T9634] [ 2030.182203][ T9634] memory: usage 307200kB, limit 307200kB, failcnt 61957 [ 2030.189157][ T9634] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2030.196020][ T9634] Memory cgroup stats for /syz4: [ 2030.197837][ T9634] anon 122880 [ 2030.197837][ T9634] file 126976 [ 2030.197837][ T9634] kernel 314322944 [ 2030.197837][ T9634] kernel_stack 32768 [ 2030.197837][ T9634] pagetables 77824 [ 2030.197837][ T9634] percpu 11039616 [ 2030.197837][ T9634] sock 0 [ 2030.197837][ T9634] vmalloc 0 [ 2030.197837][ T9634] shmem 126976 [ 2030.197837][ T9634] file_mapped 126976 [ 2030.197837][ T9634] file_dirty 0 [ 2030.197837][ T9634] file_writeback 0 [ 2030.197837][ T9634] swapcached 0 [ 2030.197837][ T9634] inactive_anon 192512 [ 2030.197837][ T9634] active_anon 57344 [ 2030.197837][ T9634] inactive_file 0 [ 2030.197837][ T9634] active_file 0 [ 2030.197837][ T9634] unevictable 0 [ 2030.197837][ T9634] slab_reclaimable 15840 [ 2030.197837][ T9634] slab_unreclaimable 303122680 [ 2030.197837][ T9634] slab 303138520 [ 2030.197837][ T9634] workingset_refault_anon 0 [ 2030.197837][ T9634] workingset_refault_file 15 [ 2030.197837][ T9634] workingset_activate_anon 0 01:40:20 executing program 4: io_uring_setup(0x428e, &(0x7f0000000000)={0x0, 0x0, 0x1}) 01:40:20 executing program 1: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_UNLABEL_C_STATICREMOVE(r0, &(0x7f00000000c0)={&(0x7f0000000000), 0xc, 0x0}, 0x0) 01:40:20 executing program 2: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000240)=0x1) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4000000010001fff000000000000000300000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00ed"], 0x40}}, 0x0) 01:40:20 executing program 1: openat$pfkey(0xffffffffffffff9c, &(0x7f0000000300), 0x40782, 0x0) [ 2030.197837][ T9634] workingset_activate_file 0 [ 2030.293838][ T9634] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=9634,uid=0 [ 2030.309044][ T9634] Memory cgroup out of memory: Killed process 9634 (syz-executor.4) total-vm:46312kB, anon-rss:388kB, file-rss:8192kB, shmem-rss:0kB, UID:0 pgtables:80kB oom_score_adj:1000 [ 2030.368007][ T9673] syz-executor.4 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 2030.378322][ T9673] CPU: 0 PID: 9673 Comm: syz-executor.4 Not tainted 5.19.0-rc6-syzkaller-00104-g72a8e05d4f66-dirty #0 [ 2030.389425][ T9673] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 2030.399467][ T9673] Call Trace: [ 2030.402728][ T9673] [ 2030.405654][ T9673] dump_stack_lvl+0xd6/0x122 [ 2030.410282][ T9673] dump_stack+0x11/0x12 [ 2030.414503][ T9673] dump_header+0x98/0x410 [ 2030.418907][ T9673] oom_kill_process+0xfe/0x550 [ 2030.423731][ T9673] out_of_memory+0x620/0x880 [ 2030.428452][ T9673] mem_cgroup_oom+0x475/0x4f0 [ 2030.433115][ T9673] try_charge_memcg+0x746/0x960 [ 2030.438056][ T9673] __memcg_kmem_charge_page+0x2e4/0x480 [ 2030.443624][ T9673] alloc_thread_stack_node+0x101/0x360 [ 2030.449096][ T9673] dup_task_struct+0x96/0x2a0 [ 2030.453779][ T9673] copy_process+0x3cb/0x20b0 [ 2030.458404][ T9673] kernel_clone+0x163/0x5c0 [ 2030.462923][ T9673] __x64_sys_clone+0xc3/0xf0 [ 2030.467500][ T9673] do_syscall_64+0x2b/0x70 [ 2030.471915][ T9673] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 2030.477973][ T9673] RIP: 0033:0x7fe837fad531 [ 2030.482373][ T9673] Code: 48 85 ff 74 3d 48 85 f6 74 38 48 83 ee 10 48 89 4e 08 48 89 3e 48 89 d7 4c 89 c2 4d 89 c8 4c 8b 54 24 08 b8 38 00 00 00 0f 05 <48> 85 c0 7c 13 74 01 c3 31 ed 58 5f ff d0 48 89 c7 b8 3c 00 00 00 [ 2030.501974][ T9673] RSP: 002b:00007ffd964f7748 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 2030.510522][ T9673] RAX: ffffffffffffffda RBX: 00007fe837722700 RCX: 00007fe837fad531 [ 2030.518513][ T9673] RDX: 00007fe8377229d0 RSI: 00007fe8377222f0 RDI: 00000000003d0f00 [ 2030.526470][ T9673] RBP: 00007ffd964f7990 R08: 00007fe837722700 R09: 00007fe837722700 [ 2030.534505][ T9673] R10: 00007fe8377229d0 R11: 0000000000000206 R12: 00007ffd964f77fe [ 2030.542538][ T9673] R13: 00007ffd964f77ff R14: 00007fe837722300 R15: 0000000000022000 [ 2030.550548][ T9673] [ 2030.553617][ T9673] memory: usage 307192kB, limit 307200kB, failcnt 61993 [ 2030.560553][ T9673] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2030.567500][ T9673] Memory cgroup stats for /syz4: [ 2030.570303][ T9673] anon 94208 [ 2030.570303][ T9673] file 126976 [ 2030.570303][ T9673] kernel 314335232 [ 2030.570303][ T9673] kernel_stack 16384 [ 2030.570303][ T9673] pagetables 73728 [ 2030.570303][ T9673] percpu 11039616 [ 2030.570303][ T9673] sock 0 [ 2030.570303][ T9673] vmalloc 0 [ 2030.570303][ T9673] shmem 126976 [ 2030.570303][ T9673] file_mapped 126976 [ 2030.570303][ T9673] file_dirty 0 [ 2030.570303][ T9673] file_writeback 0 [ 2030.570303][ T9673] swapcached 0 [ 2030.570303][ T9673] inactive_anon 163840 [ 2030.570303][ T9673] active_anon 57344 [ 2030.570303][ T9673] inactive_file 0 [ 2030.570303][ T9673] active_file 0 [ 2030.570303][ T9673] unevictable 0 [ 2030.570303][ T9673] slab_reclaimable 29176 [ 2030.570303][ T9673] slab_unreclaimable 303130952 [ 2030.570303][ T9673] slab 303160128 [ 2030.570303][ T9673] workingset_refault_anon 0 [ 2030.570303][ T9673] workingset_refault_file 15 [ 2030.570303][ T9673] workingset_activate_anon 0 [ 2030.570303][ T9673] workingset_activate_file 0 [ 2030.665961][ T9673] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=9673,uid=0 [ 2030.681531][ T9673] Memory cgroup out of memory: Killed process 9673 (syz-executor.4) total-vm:46312kB, anon-rss:388kB, file-rss:8192kB, shmem-rss:0kB, UID:0 pgtables:76kB oom_score_adj:1000 [ 2030.765547][ T9679] syz-executor.4 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 2030.775776][ T9679] CPU: 0 PID: 9679 Comm: syz-executor.4 Not tainted 5.19.0-rc6-syzkaller-00104-g72a8e05d4f66-dirty #0 [ 2030.786773][ T9679] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 2030.796855][ T9679] Call Trace: [ 2030.800135][ T9679] [ 2030.803144][ T9679] dump_stack_lvl+0xd6/0x122 [ 2030.807794][ T9679] dump_stack+0x11/0x12 01:40:21 executing program 0: getpid() socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, 0x0, 0x0, 0x2, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4000000010001fff0000e0030000000000000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00edd62ea20a1d331785", @ANYBLOB="f6058f6edd13b339a41741df7cc8ce16a184f1c3ce95557b15a6b9d8ed59050d446d58b1b14a601e31bc1f05ac2d5eab491981e7982e0834ddf3bc6592804936196dbce83b114f9265aa8c87654cf456311e4cba3ee22fd0451b75c902767755ccec2eb4ea77c45e8d4d4e77f867648d98797fdd8711d671c5f22669c60eb10bf9570150a2c247bf1e55cd1fb91e41588a73327e20823f2f15ce2255a75e6d8afb40aa37c5ae7af3fb6c770673242110d1e2c33cfd3264e2a156ae5ee38d5abfb2ad4c2a8a"], 0x40}}, 0x0) 01:40:21 executing program 4: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$gtp(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$GTP_CMD_DELPDP(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000005c0)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="01000000000000000000010000000800", @ANYRES32=0x0, @ANYBLOB="060070"], 0x24}}, 0x0) [ 2030.812036][ T9679] dump_header+0x98/0x410 [ 2030.816404][ T9679] oom_kill_process+0xfe/0x550 [ 2030.821263][ T9679] out_of_memory+0x620/0x880 [ 2030.826003][ T9679] mem_cgroup_oom+0x475/0x4f0 [ 2030.830698][ T9679] try_charge_memcg+0x746/0x960 [ 2030.835587][ T9679] __memcg_kmem_charge_page+0x2e4/0x480 [ 2030.841150][ T9679] alloc_thread_stack_node+0x292/0x360 [ 2030.846619][ T9679] dup_task_struct+0x96/0x2a0 [ 2030.851362][ T9679] copy_process+0x3cb/0x20b0 [ 2030.856051][ T9679] kernel_clone+0x163/0x5c0 [ 2030.860552][ T9679] __x64_sys_clone+0xc3/0xf0 [ 2030.865205][ T9679] do_syscall_64+0x2b/0x70 [ 2030.869670][ T9679] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 2030.875550][ T9679] RIP: 0033:0x7fe837fad531 [ 2030.879947][ T9679] Code: 48 85 ff 74 3d 48 85 f6 74 38 48 83 ee 10 48 89 4e 08 48 89 3e 48 89 d7 4c 89 c2 4d 89 c8 4c 8b 54 24 08 b8 38 00 00 00 0f 05 <48> 85 c0 7c 13 74 01 c3 31 ed 58 5f ff d0 48 89 c7 b8 3c 00 00 00 [ 2030.899607][ T9679] RSP: 002b:00007ffd964f7748 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 2030.908089][ T9679] RAX: ffffffffffffffda RBX: 00007fe837722700 RCX: 00007fe837fad531 [ 2030.916148][ T9679] RDX: 00007fe8377229d0 RSI: 00007fe8377222f0 RDI: 00000000003d0f00 [ 2030.924104][ T9679] RBP: 00007ffd964f7990 R08: 00007fe837722700 R09: 00007fe837722700 [ 2030.932140][ T9679] R10: 00007fe8377229d0 R11: 0000000000000206 R12: 00007ffd964f77fe [ 2030.940114][ T9679] R13: 00007ffd964f77ff R14: 00007fe837722300 R15: 0000000000022000 [ 2030.948193][ T9679] [ 2030.951350][ T9679] memory: usage 307192kB, limit 307200kB, failcnt 62026 [ 2030.958322][ T9679] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2030.965198][ T9679] Memory cgroup stats for /syz4: [ 2030.966349][ T9679] anon 90112 [ 2030.966349][ T9679] file 126976 [ 2030.966349][ T9679] kernel 314347520 [ 2030.966349][ T9679] kernel_stack 16384 [ 2030.966349][ T9679] pagetables 65536 [ 2030.966349][ T9679] percpu 11039616 [ 2030.966349][ T9679] sock 0 [ 2030.966349][ T9679] vmalloc 0 [ 2030.966349][ T9679] shmem 126976 [ 2030.966349][ T9679] file_mapped 126976 [ 2030.966349][ T9679] file_dirty 0 [ 2030.966349][ T9679] file_writeback 0 [ 2030.966349][ T9679] swapcached 0 [ 2030.966349][ T9679] inactive_anon 114688 [ 2030.966349][ T9679] active_anon 57344 [ 2030.966349][ T9679] inactive_file 0 [ 2030.966349][ T9679] active_file 0 [ 2030.966349][ T9679] unevictable 0 [ 2030.966349][ T9679] slab_reclaimable 33320 [ 2030.966349][ T9679] slab_unreclaimable 303141832 [ 2030.966349][ T9679] slab 303175152 [ 2030.966349][ T9679] workingset_refault_anon 0 [ 2030.966349][ T9679] workingset_refault_file 15 [ 2030.966349][ T9679] workingset_activate_anon 0 [ 2030.966349][ T9679] workingset_activate_file 0 [ 2031.062203][ T9679] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=9679,uid=0 [ 2031.077458][ T9679] Memory cgroup out of memory: Killed process 9679 (syz-executor.4) total-vm:46312kB, anon-rss:388kB, file-rss:8192kB, shmem-rss:0kB, UID:0 pgtables:68kB oom_score_adj:1000 01:40:21 executing program 5: r0 = syz_open_dev$usbmon(&(0x7f0000000400), 0x0, 0x0) read$usbmon(r0, 0x0, 0x36) syz_usbip_server_init(0x0) 01:40:21 executing program 3: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000240)=0x1) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4000000010001fff000000000000002500000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00ed"], 0x40}}, 0x0) 01:40:21 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$gtp(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$GTP_CMD_DELPDP(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000005c0)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="01000000000000000000010000000800", @ANYBLOB="06"], 0x24}}, 0x0) 01:40:21 executing program 4: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000100)=0x100000001, 0x4) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @empty}, 0x1c) setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f0000000140), 0x4) setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x2, &(0x7f0000000180)=@ccm_128={{0x303, 0x37}, '\x00', '\x00\x00\x00\x00\x00\x00\x00\x00\b\x00', "c10ad4b8", "9d3333cc118b50d7"}, 0x28) 01:40:21 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$GTP_CMD_DELPDP(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={0x0, 0x33fe0}}, 0x0) [ 2031.167961][ T9684] netlink: 'syz-executor.1': attribute type 6 has an invalid length. [ 2031.176152][ T9684] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.1'. [ 2031.180388][ T9686] syz-executor.4 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 2031.195597][ T9686] CPU: 0 PID: 9686 Comm: syz-executor.4 Not tainted 5.19.0-rc6-syzkaller-00104-g72a8e05d4f66-dirty #0 [ 2031.206563][ T9686] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 01:40:21 executing program 1: pkey_mprotect(&(0x7f0000ffa000/0x1000)=nil, 0x1000, 0x1000004, 0xffffffffffffffff) 01:40:21 executing program 1: r0 = openat$ptp0(0xffffffffffffff9c, &(0x7f0000001400), 0x0, 0x0) read$ptp(r0, &(0x7f0000000000)=""/60, 0x3c) 01:40:21 executing program 1: r0 = add_key$keyring(&(0x7f0000000100), &(0x7f0000000140)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffe) r1 = add_key$fscrypt_v1(&(0x7f0000000180), &(0x7f00000001c0)={'fscrypt:', @desc4}, &(0x7f0000000200)={0x0, "c56c37e1ba0ee86f9a7409870f5e7667dabcb375cc52dfa5d65039700d4916dad2cb3bbb71442bc2d21a9c1e167b69a65ee4cf20f173c3fa41648ccd78ba3520"}, 0x48, r0) keyctl$link(0x8, r1, r0) [ 2031.216730][ T9686] Call Trace: [ 2031.220018][ T9686] [ 2031.222951][ T9686] dump_stack_lvl+0xd6/0x122 [ 2031.227639][ T9686] dump_stack+0x11/0x12 [ 2031.231852][ T9686] dump_header+0x98/0x410 [ 2031.236200][ T9686] oom_kill_process+0xfe/0x550 [ 2031.241068][ T9686] out_of_memory+0x620/0x880 [ 2031.245742][ T9686] mem_cgroup_oom+0x475/0x4f0 [ 2031.250568][ T9686] try_charge_memcg+0x746/0x960 [ 2031.255524][ T9686] charge_memcg+0x63/0x2c0 [ 2031.260036][ T9686] __mem_cgroup_charge+0x25/0xa0 [ 2031.265014][ T9686] wp_page_copy+0x20f/0x1460 [ 2031.269659][ T9686] do_wp_page+0x76f/0xe10 [ 2031.274052][ T9686] handle_mm_fault+0x5fb/0xa90 [ 2031.278953][ T9686] do_user_addr_fault+0x4cd/0x940 [ 2031.283998][ T9686] exc_page_fault+0x60/0x160 [ 2031.288653][ T9686] asm_exc_page_fault+0x22/0x30 [ 2031.293511][ T9686] RIP: 0033:0x7fe837f573f5 [ 2031.297929][ T9686] Code: 5c 41 5d c3 90 48 8b 57 18 48 83 fa ff 74 22 48 81 fa e7 03 00 00 0f 87 ee 00 00 00 48 c1 e2 04 48 8d 0d ae 3c 16 00 48 01 ca 02 01 48 89 42 08 48 8b 53 10 4c 8d 2d f9 bb 56 00 4c 39 ea 0f [ 2031.317689][ T9686] RSP: 002b:00007ffd964f7840 EFLAGS: 00010206 [ 2031.323834][ T9686] RAX: 0000000000000003 RBX: 00007fe8380bef60 RCX: 00007fe8380bb0a0 [ 2031.331877][ T9686] RDX: 00007fe8380bb0a0 RSI: 0000000000000080 RDI: 00007fe8380bef60 [ 2031.339851][ T9686] RBP: 00007fe8380bef60 R08: 0000000000000010 R09: 0000000000000000 [ 2031.347825][ T9686] R10: 00007ffd964f7960 R11: 0000000000000246 R12: 00000000001efe41 [ 2031.355861][ T9686] R13: 00007ffd964f7960 R14: 00007fe8380bef60 R15: 0000000000000032 [ 2031.363837][ T9686] [ 2031.367055][ T9686] memory: usage 307200kB, limit 307200kB, failcnt 62082 [ 2031.374022][ T9686] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2031.380904][ T9686] Memory cgroup stats for /syz4: [ 2031.399238][ T9686] anon 98304 [ 2031.399238][ T9686] file 126976 [ 2031.399238][ T9686] kernel 314347520 [ 2031.399238][ T9686] kernel_stack 32768 [ 2031.399238][ T9686] pagetables 69632 [ 2031.399238][ T9686] percpu 11039616 [ 2031.399238][ T9686] sock 0 [ 2031.399238][ T9686] vmalloc 0 [ 2031.399238][ T9686] shmem 126976 [ 2031.399238][ T9686] file_mapped 126976 [ 2031.399238][ T9686] file_dirty 0 [ 2031.399238][ T9686] file_writeback 0 [ 2031.399238][ T9686] swapcached 0 [ 2031.399238][ T9686] inactive_anon 167936 [ 2031.399238][ T9686] active_anon 57344 [ 2031.399238][ T9686] inactive_file 0 [ 2031.399238][ T9686] active_file 0 [ 2031.399238][ T9686] unevictable 0 [ 2031.399238][ T9686] slab_reclaimable 22720 [ 2031.399238][ T9686] slab_unreclaimable 303138688 [ 2031.399238][ T9686] slab 303161408 [ 2031.399238][ T9686] workingset_refault_anon 0 [ 2031.399238][ T9686] workingset_refault_file 15 [ 2031.399238][ T9686] workingset_activate_anon 0 [ 2031.399238][ T9686] workingset_activate_file 0 [ 2031.495045][ T9686] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=9686,uid=0 [ 2031.510297][ T9686] Memory cgroup out of memory: Killed process 9686 (syz-executor.4) total-vm:46312kB, anon-rss:388kB, file-rss:8192kB, shmem-rss:0kB, UID:0 pgtables:72kB oom_score_adj:1000 [ 2031.542561][ T9701] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN 01:40:21 executing program 2: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000240)=0x1) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4000000010001fff000000000000000400000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00ed"], 0x40}}, 0x0) 01:40:21 executing program 4: mmap$IORING_OFF_SQES(&(0x7f0000ff9000/0x4000)=nil, 0x4000, 0x0, 0x10, 0xffffffffffffffff, 0x10000000) 01:40:22 executing program 0: getpid() socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, 0x0, 0x0, 0x2, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4000000010001fff0000e6030000000000000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00edd62ea20a1d331785", @ANYBLOB="f6058f6edd13b339a41741df7cc8ce16a184f1c3ce95557b15a6b9d8ed59050d446d58b1b14a601e31bc1f05ac2d5eab491981e7982e0834ddf3bc6592804936196dbce83b114f9265aa8c87654cf456311e4cba3ee22fd0451b75c902767755ccec2eb4ea77c45e8d4d4e77f867648d98797fdd8711d671c5f22669c60eb10bf9570150a2c247bf1e55cd1fb91e41588a73327e20823f2f15ce2255a75e6d8afb40aa37c5ae7af3fb6c770673242110d1e2c33cfd3264e2a156ae5ee38d5abfb2ad4c2a8a"], 0x40}}, 0x0) 01:40:22 executing program 1: r0 = add_key$keyring(&(0x7f0000000100), &(0x7f0000000140)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffe) add_key$fscrypt_v1(&(0x7f0000000180), 0x0, &(0x7f0000000200)={0x0, "c56c37e1ba0ee86f9a7409870f5e7667dabcb375cc52dfa5d65039700d4916dad2cb3bbb71442bc2d21a9c1e167b69a65ee4cf20f173c3fa41648ccd78ba3520"}, 0x48, r0) [ 2031.643510][ T9705] syz-executor.4 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 2031.653786][ T9705] CPU: 0 PID: 9705 Comm: syz-executor.4 Not tainted 5.19.0-rc6-syzkaller-00104-g72a8e05d4f66-dirty #0 [ 2031.667127][ T9705] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 2031.677183][ T9705] Call Trace: [ 2031.680446][ T9705] [ 2031.683494][ T9705] dump_stack_lvl+0xd6/0x122 [ 2031.688085][ T9705] dump_stack+0x11/0x12 [ 2031.692282][ T9705] dump_header+0x98/0x410 [ 2031.696665][ T9705] oom_kill_process+0xfe/0x550 [ 2031.701426][ T9705] out_of_memory+0x620/0x880 [ 2031.706049][ T9705] mem_cgroup_oom+0x475/0x4f0 [ 2031.710814][ T9705] try_charge_memcg+0x746/0x960 [ 2031.715733][ T9705] charge_memcg+0x63/0x2c0 [ 2031.720151][ T9705] __mem_cgroup_charge+0x25/0xa0 [ 2031.725091][ T9705] wp_page_copy+0x20f/0x1460 [ 2031.729771][ T9705] do_wp_page+0x76f/0xe10 [ 2031.734152][ T9705] handle_mm_fault+0x5fb/0xa90 [ 2031.738920][ T9705] do_user_addr_fault+0x4cd/0x940 [ 2031.743999][ T9705] exc_page_fault+0x60/0x160 [ 2031.748590][ T9705] asm_exc_page_fault+0x22/0x30 [ 2031.753560][ T9705] RIP: 0033:0x7fe837f52edc [ 2031.758036][ T9705] Code: 2a 59 ff ff 41 39 5c 24 2c 7f d3 31 c0 48 8d 3d c5 20 0b 00 e8 15 59 ff ff 48 8b 44 24 08 c7 44 24 1c ff ff ff ff 44 8b 60 78 80 c8 00 00 00 00 45 85 e4 0f 8e 83 00 00 00 48 8b 44 24 08 8b [ 2031.777657][ T9705] RSP: 002b:00007fe837722190 EFLAGS: 00010202 [ 2031.783781][ T9705] RAX: 00007fe8380bef60 RBX: 0000000000000006 RCX: 00007fe83800f2ed [ 2031.791748][ T9705] RDX: 00000000001df4c3 RSI: 0000000010000000 RDI: 00007fe838004f8b [ 2031.799708][ T9705] RBP: 00007fe83800605d R08: 00007ffd96573080 R09: 0000000000000010 [ 2031.807827][ T9705] R10: 00007ffd965730b8 R11: 000000000005bc4e R12: 0000000000000000 [ 2031.815846][ T9705] R13: 00007ffd964f77ff R14: 00007fe837722300 R15: 0000000000022000 [ 2031.823827][ T9705] [ 2031.826958][ T9705] memory: usage 307200kB, limit 307200kB, failcnt 62142 [ 2031.834002][ T9705] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2031.840900][ T9705] Memory cgroup stats for /syz4: [ 2031.841318][ T9705] anon 94208 [ 2031.841318][ T9705] file 126976 [ 2031.841318][ T9705] kernel 314351616 [ 2031.841318][ T9705] kernel_stack 32768 [ 2031.841318][ T9705] pagetables 69632 [ 2031.841318][ T9705] percpu 11039616 [ 2031.841318][ T9705] sock 0 [ 2031.841318][ T9705] vmalloc 0 [ 2031.841318][ T9705] shmem 126976 [ 2031.841318][ T9705] file_mapped 126976 [ 2031.841318][ T9705] file_dirty 0 [ 2031.841318][ T9705] file_writeback 0 [ 2031.841318][ T9705] swapcached 0 [ 2031.841318][ T9705] inactive_anon 139264 [ 2031.841318][ T9705] active_anon 57344 [ 2031.841318][ T9705] inactive_file 0 [ 2031.841318][ T9705] active_file 0 [ 2031.841318][ T9705] unevictable 0 [ 2031.841318][ T9705] slab_reclaimable 21344 [ 2031.841318][ T9705] slab_unreclaimable 303142584 [ 2031.841318][ T9705] slab 303163928 [ 2031.841318][ T9705] workingset_refault_anon 0 [ 2031.841318][ T9705] workingset_refault_file 15 [ 2031.841318][ T9705] workingset_activate_anon 0 [ 2031.841318][ T9705] workingset_activate_file 0 [ 2031.937063][ T9705] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=9703,uid=0 [ 2031.952305][ T9705] Memory cgroup out of memory: Killed process 9703 (syz-executor.4) total-vm:46312kB, anon-rss:388kB, file-rss:8192kB, shmem-rss:0kB, UID:0 pgtables:72kB oom_score_adj:1000 01:40:22 executing program 5: r0 = syz_open_dev$usbmon(&(0x7f0000000400), 0x0, 0x0) read$usbmon(r0, 0x0, 0x36) syz_usbip_server_init(0x0) 01:40:22 executing program 1: r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0) connect$bt_l2cap(r0, &(0x7f00000005c0)={0x1f, 0x0, @none, 0x2}, 0xe) 01:40:22 executing program 4: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000100)=0x100000001, 0x4) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @empty}, 0x1c) setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f0000000140), 0x4) setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x2, &(0x7f0000000180)=@ccm_128={{0x303, 0x38}, '\x00', '\x00\x00\x00\x00\x00\x00\x00\x00\b\x00', "c10ad4b8", "9d3333cc118b50d7"}, 0x28) 01:40:22 executing program 3: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000240)=0x1) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4000000010001fff000000000000032a00000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00ed"], 0x40}}, 0x0) 01:40:22 executing program 0: getpid() socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, 0x0, 0x0, 0x2, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4000000010001fff0000ea030000000000000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00edd62ea20a1d331785", @ANYBLOB="f6058f6edd13b339a41741df7cc8ce16a184f1c3ce95557b15a6b9d8ed59050d446d58b1b14a601e31bc1f05ac2d5eab491981e7982e0834ddf3bc6592804936196dbce83b114f9265aa8c87654cf456311e4cba3ee22fd0451b75c902767755ccec2eb4ea77c45e8d4d4e77f867648d98797fdd8711d671c5f22669c60eb10bf9570150a2c247bf1e55cd1fb91e41588a73327e20823f2f15ce2255a75e6d8afb40aa37c5ae7af3fb6c770673242110d1e2c33cfd3264e2a156ae5ee38d5abfb2ad4c2a8a"], 0x40}}, 0x0) 01:40:22 executing program 2: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000240)=0x1) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4000000010001fff000000000000010400000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00ed"], 0x40}}, 0x0) 01:40:22 executing program 1: r0 = socket$pppoe(0x18, 0x1, 0x0) connect$pppoe(r0, &(0x7f0000000000)={0x18, 0x0, {0x3, @random, 'gre0\x00'}}, 0x1e) 01:40:22 executing program 1: pselect6(0x0, 0x0, &(0x7f0000000080), &(0x7f0000000100), &(0x7f0000000140), &(0x7f00000001c0)={&(0x7f0000000180), 0x8}) 01:40:22 executing program 1: pselect6(0x0, 0x0, &(0x7f0000000080), &(0x7f0000000100), &(0x7f0000000140), &(0x7f00000001c0)={&(0x7f0000000180)={[0x80000001]}, 0x8}) [ 2032.568625][ T9725] syz-executor.4 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 2032.578891][ T9725] CPU: 0 PID: 9725 Comm: syz-executor.4 Not tainted 5.19.0-rc6-syzkaller-00104-g72a8e05d4f66-dirty #0 [ 2032.589842][ T9725] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 2032.599906][ T9725] Call Trace: [ 2032.603240][ T9725] [ 2032.606172][ T9725] dump_stack_lvl+0xd6/0x122 [ 2032.610777][ T9725] dump_stack+0x11/0x12 [ 2032.614945][ T9725] dump_header+0x98/0x410 [ 2032.619366][ T9725] oom_kill_process+0xfe/0x550 [ 2032.624219][ T9725] out_of_memory+0x620/0x880 [ 2032.628905][ T9725] mem_cgroup_oom+0x475/0x4f0 [ 2032.633651][ T9725] try_charge_memcg+0x746/0x960 [ 2032.638544][ T9725] charge_memcg+0x63/0x2c0 [ 2032.642961][ T9725] __mem_cgroup_charge+0x25/0xa0 [ 2032.647929][ T9725] wp_page_copy+0x20f/0x1460 [ 2032.652623][ T9725] do_wp_page+0x76f/0xe10 [ 2032.656958][ T9725] handle_mm_fault+0x5fb/0xa90 [ 2032.661806][ T9725] do_user_addr_fault+0x4cd/0x940 [ 2032.666970][ T9725] exc_page_fault+0x60/0x160 [ 2032.671724][ T9725] asm_exc_page_fault+0x22/0x30 [ 2032.676653][ T9725] RIP: 0033:0x7fe837f52edc [ 2032.681071][ T9725] Code: 2a 59 ff ff 41 39 5c 24 2c 7f d3 31 c0 48 8d 3d c5 20 0b 00 e8 15 59 ff ff 48 8b 44 24 08 c7 44 24 1c ff ff ff ff 44 8b 60 78 80 c8 00 00 00 00 45 85 e4 0f 8e 83 00 00 00 48 8b 44 24 08 8b [ 2032.700763][ T9725] RSP: 002b:00007fe837722190 EFLAGS: 00010202 [ 2032.706847][ T9725] RAX: 00007fe8380bef60 RBX: 0000000000000003 RCX: 00007fe838013a0b [ 2032.714821][ T9725] RDX: 00000000001df861 RSI: 0000000000000000 RDI: 00007fe838004f8b [ 2032.722955][ T9725] RBP: 00007fe83800605d R08: 00007ffd96573080 R09: 0000000000000010 [ 2032.731016][ T9725] R10: 00007ffd965730b8 R11: 000000000005bcec R12: 0000000000000000 [ 2032.738989][ T9725] R13: 00007ffd964f77ff R14: 00007fe837722300 R15: 0000000000022000 [ 2032.747053][ T9725] [ 2032.750106][ T9725] memory: usage 307200kB, limit 307200kB, failcnt 62183 [ 2032.757055][ T9725] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2032.763913][ T9725] Memory cgroup stats for /syz4: [ 2033.008759][ T9725] anon 94208 [ 2033.008759][ T9725] file 126976 [ 2033.008759][ T9725] kernel 314351616 [ 2033.008759][ T9725] kernel_stack 32768 [ 2033.008759][ T9725] pagetables 73728 [ 2033.008759][ T9725] percpu 11039616 [ 2033.008759][ T9725] sock 0 [ 2033.008759][ T9725] vmalloc 0 [ 2033.008759][ T9725] shmem 126976 [ 2033.008759][ T9725] file_mapped 126976 [ 2033.008759][ T9725] file_dirty 0 [ 2033.008759][ T9725] file_writeback 0 [ 2033.008759][ T9725] swapcached 0 [ 2033.008759][ T9725] inactive_anon 163840 [ 2033.008759][ T9725] active_anon 57344 [ 2033.008759][ T9725] inactive_file 0 [ 2033.008759][ T9725] active_file 0 [ 2033.008759][ T9725] unevictable 0 [ 2033.008759][ T9725] slab_reclaimable 21744 [ 2033.008759][ T9725] slab_unreclaimable 303137256 [ 2033.008759][ T9725] slab 303159000 [ 2033.008759][ T9725] workingset_refault_anon 0 [ 2033.008759][ T9725] workingset_refault_file 15 [ 2033.008759][ T9725] workingset_activate_anon 0 [ 2033.008759][ T9725] workingset_activate_file 0 01:40:23 executing program 4: r0 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0) read$ptp(r0, 0x0, 0xfffffffffffffec8) [ 2033.104598][ T9725] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=9716,uid=0 [ 2033.119972][ T9725] Memory cgroup out of memory: Killed process 9716 (syz-executor.4) total-vm:46312kB, anon-rss:388kB, file-rss:8192kB, shmem-rss:0kB, UID:0 pgtables:76kB oom_score_adj:1000 [ 2033.144358][ T9734] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN 01:40:23 executing program 1: openat$pfkey(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0) openat$pfkey(0xffffffffffffff9c, &(0x7f0000000440), 0x200, 0x0) 01:40:23 executing program 1: memfd_create(&(0x7f0000000100)='/\x00', 0x2) [ 2033.177486][ T9737] syz-executor.4 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 2033.187783][ T9737] CPU: 0 PID: 9737 Comm: syz-executor.4 Not tainted 5.19.0-rc6-syzkaller-00104-g72a8e05d4f66-dirty #0 [ 2033.198814][ T9737] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 2033.208904][ T9737] Call Trace: [ 2033.212188][ T9737] [ 2033.215124][ T9737] dump_stack_lvl+0xd6/0x122 [ 2033.219724][ T9737] dump_stack+0x11/0x12 [ 2033.223965][ T9737] dump_header+0x98/0x410 [ 2033.228353][ T9737] oom_kill_process+0xfe/0x550 [ 2033.233210][ T9737] out_of_memory+0x620/0x880 [ 2033.237838][ T9737] mem_cgroup_oom+0x475/0x4f0 [ 2033.242515][ T9737] try_charge_memcg+0x746/0x960 [ 2033.247469][ T9737] __memcg_kmem_charge_page+0x2e4/0x480 [ 2033.253085][ T9737] alloc_thread_stack_node+0x292/0x360 [ 2033.258719][ T9737] dup_task_struct+0x96/0x2a0 [ 2033.263396][ T9737] copy_process+0x3cb/0x20b0 [ 2033.268070][ T9737] kernel_clone+0x163/0x5c0 [ 2033.272558][ T9737] __x64_sys_clone+0xc3/0xf0 [ 2033.277150][ T9737] do_syscall_64+0x2b/0x70 [ 2033.281672][ T9737] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 2033.287656][ T9737] RIP: 0033:0x7fe837fad531 [ 2033.292115][ T9737] Code: 48 85 ff 74 3d 48 85 f6 74 38 48 83 ee 10 48 89 4e 08 48 89 3e 48 89 d7 4c 89 c2 4d 89 c8 4c 8b 54 24 08 b8 38 00 00 00 0f 05 <48> 85 c0 7c 13 74 01 c3 31 ed 58 5f ff d0 48 89 c7 b8 3c 00 00 00 [ 2033.311971][ T9737] RSP: 002b:00007ffd964f7748 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 2033.320448][ T9737] RAX: ffffffffffffffda RBX: 00007fe837722700 RCX: 00007fe837fad531 [ 2033.328404][ T9737] RDX: 00007fe8377229d0 RSI: 00007fe8377222f0 RDI: 00000000003d0f00 [ 2033.336419][ T9737] RBP: 00007ffd964f7990 R08: 00007fe837722700 R09: 00007fe837722700 [ 2033.344383][ T9737] R10: 00007fe8377229d0 R11: 0000000000000206 R12: 00007ffd964f77fe [ 2033.352417][ T9737] R13: 00007ffd964f77ff R14: 00007fe837722300 R15: 0000000000022000 [ 2033.360395][ T9737] [ 2033.363605][ T9737] memory: usage 307200kB, limit 307200kB, failcnt 62240 [ 2033.370548][ T9737] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2033.377442][ T9737] Memory cgroup stats for /syz4: [ 2033.377759][ T9737] anon 94208 [ 2033.377759][ T9737] file 126976 [ 2033.377759][ T9737] kernel 314347520 [ 2033.377759][ T9737] kernel_stack 16384 [ 2033.377759][ T9737] pagetables 73728 [ 2033.377759][ T9737] percpu 11039616 [ 2033.377759][ T9737] sock 0 [ 2033.377759][ T9737] vmalloc 0 [ 2033.377759][ T9737] shmem 126976 [ 2033.377759][ T9737] file_mapped 126976 [ 2033.377759][ T9737] file_dirty 0 [ 2033.377759][ T9737] file_writeback 0 [ 2033.377759][ T9737] swapcached 0 [ 2033.377759][ T9737] inactive_anon 126976 [ 2033.377759][ T9737] active_anon 57344 [ 2033.377759][ T9737] inactive_file 0 [ 2033.377759][ T9737] active_file 0 [ 2033.377759][ T9737] unevictable 0 [ 2033.377759][ T9737] slab_reclaimable 34496 [ 2033.377759][ T9737] slab_unreclaimable 303137688 [ 2033.377759][ T9737] slab 303172184 [ 2033.377759][ T9737] workingset_refault_anon 0 [ 2033.377759][ T9737] workingset_refault_file 15 [ 2033.377759][ T9737] workingset_activate_anon 0 [ 2033.377759][ T9737] workingset_activate_file 0 [ 2033.473458][ T9737] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=9737,uid=0 [ 2033.488779][ T9737] Memory cgroup out of memory: Killed process 9737 (syz-executor.4) total-vm:46312kB, anon-rss:388kB, file-rss:8192kB, shmem-rss:0kB, UID:0 pgtables:76kB oom_score_adj:1000 01:40:24 executing program 3: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000240)=0x1) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4000000010001fff000000000000002f00000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00ed"], 0x40}}, 0x0) 01:40:24 executing program 1: syz_open_dev$usbmon(&(0x7f0000000380), 0x3, 0x0) 01:40:24 executing program 4: r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/block/loop0', 0x0, 0x0) ioctl$BLKSECTGET(r0, 0x1267, 0x0) 01:40:24 executing program 0: getpid() socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, 0x0, 0x0, 0x2, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4000000010001fff0000ec030000000000000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00edd62ea20a1d331785", @ANYBLOB="f6058f6edd13b339a41741df7cc8ce16a184f1c3ce95557b15a6b9d8ed59050d446d58b1b14a601e31bc1f05ac2d5eab491981e7982e0834ddf3bc6592804936196dbce83b114f9265aa8c87654cf456311e4cba3ee22fd0451b75c902767755ccec2eb4ea77c45e8d4d4e77f867648d98797fdd8711d671c5f22669c60eb10bf9570150a2c247bf1e55cd1fb91e41588a73327e20823f2f15ce2255a75e6d8afb40aa37c5ae7af3fb6c770673242110d1e2c33cfd3264e2a156ae5ee38d5abfb2ad4c2a8a"], 0x40}}, 0x0) 01:40:24 executing program 2: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000240)=0x1) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4000000010001fff000000000000000500000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00ed"], 0x40}}, 0x0) 01:40:24 executing program 5: syz_open_dev$vcsn(&(0x7f0000000000), 0x1, 0x0) 01:40:24 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$GTP_CMD_DELPDP(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={0x0, 0x24}, 0x1, 0x0, 0x261f}, 0x0) 01:40:24 executing program 5: r0 = add_key$fscrypt_v1(&(0x7f0000000000), &(0x7f0000000040)={'fscrypt:', @desc1}, &(0x7f0000000080)={0x0, "23e340d0dbbf8424586c263e727bb1a4f1580806956ca38bc6bf11045f91a26c81c936dc9ae8331bfaff3f7d48690dee2ce676e9340d4c6838ff5127b3045fc9"}, 0x48, 0xfffffffffffffffc) add_key$keyring(&(0x7f0000000300), 0x0, 0x0, 0x0, r0) 01:40:24 executing program 1: r0 = socket$pppoe(0x18, 0x1, 0x0) connect$pppoe(r0, &(0x7f0000000000)={0x18, 0x0, {0x0, @random, 'gre0\x00'}}, 0x1e) 01:40:24 executing program 5: socket(0x5f, 0x0, 0x0) 01:40:24 executing program 1: r0 = io_uring_setup(0x79eb, &(0x7f00000000c0)) io_uring_register$IORING_REGISTER_PROBE(r0, 0x8, &(0x7f0000000040)=ANY=[@ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\b'], 0xe) [ 2033.937351][ T9755] syz-executor.4 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 2033.947596][ T9755] CPU: 0 PID: 9755 Comm: syz-executor.4 Not tainted 5.19.0-rc6-syzkaller-00104-g72a8e05d4f66-dirty #0 [ 2033.958573][ T9755] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 2033.968698][ T9755] Call Trace: [ 2033.971984][ T9755] [ 2033.974981][ T9755] dump_stack_lvl+0xd6/0x122 [ 2033.979657][ T9755] dump_stack+0x11/0x12 01:40:24 executing program 5: add_key$keyring(&(0x7f0000000100), &(0x7f0000000140)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffe) [ 2033.983885][ T9755] dump_header+0x98/0x410 [ 2033.988234][ T9755] oom_kill_process+0xfe/0x550 [ 2033.993054][ T9755] out_of_memory+0x620/0x880 [ 2033.997661][ T9755] mem_cgroup_oom+0x475/0x4f0 [ 2034.002363][ T9755] try_charge_memcg+0x746/0x960 [ 2034.007280][ T9755] charge_memcg+0x63/0x2c0 [ 2034.011832][ T9755] __mem_cgroup_charge+0x25/0xa0 [ 2034.016785][ T9755] wp_page_copy+0x20f/0x1460 [ 2034.021430][ T9755] do_wp_page+0x76f/0xe10 [ 2034.025774][ T9755] handle_mm_fault+0x5fb/0xa90 [ 2034.030557][ T9755] do_user_addr_fault+0x4cd/0x940 [ 2034.035600][ T9755] exc_page_fault+0x60/0x160 [ 2034.040287][ T9755] asm_exc_page_fault+0x22/0x30 [ 2034.045176][ T9755] RIP: 0033:0x7fe837f52edc [ 2034.049643][ T9755] Code: 2a 59 ff ff 41 39 5c 24 2c 7f d3 31 c0 48 8d 3d c5 20 0b 00 e8 15 59 ff ff 48 8b 44 24 08 c7 44 24 1c ff ff ff ff 44 8b 60 78 80 c8 00 00 00 00 45 85 e4 0f 8e 83 00 00 00 48 8b 44 24 08 8b [ 2034.069256][ T9755] RSP: 002b:00007fe837722190 EFLAGS: 00010202 [ 2034.075314][ T9755] RAX: 00007fe8380bef60 RBX: 0000000000000004 RCX: 00007fe83801002c [ 2034.083294][ T9755] RDX: 00000000001dfdb7 RSI: 0000000000000000 RDI: 00007fe838004f8b [ 2034.091252][ T9755] RBP: 00007fe83800605d R08: 00007ffd96573080 R09: 0000000000000010 [ 2034.099294][ T9755] R10: 00007ffd965730b8 R11: 000000000005bdc2 R12: 0000000000000000 [ 2034.107275][ T9755] R13: 00007ffd964f77ff R14: 00007fe837722300 R15: 0000000000022000 [ 2034.115237][ T9755] [ 2034.118462][ T9755] memory: usage 307184kB, limit 307200kB, failcnt 62299 [ 2034.125435][ T9755] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2034.132325][ T9755] Memory cgroup stats for /syz4: [ 2035.779246][ T9755] anon 94208 [ 2035.779246][ T9755] file 126976 [ 2035.779246][ T9755] kernel 314314752 [ 2035.779246][ T9755] kernel_stack 32768 [ 2035.779246][ T9755] pagetables 77824 [ 2035.779246][ T9755] percpu 11039616 [ 2035.779246][ T9755] sock 0 [ 2035.779246][ T9755] vmalloc 0 [ 2035.779246][ T9755] shmem 126976 [ 2035.779246][ T9755] file_mapped 126976 [ 2035.779246][ T9755] file_dirty 0 [ 2035.779246][ T9755] file_writeback 0 [ 2035.779246][ T9755] swapcached 0 [ 2035.779246][ T9755] inactive_anon 163840 [ 2035.779246][ T9755] active_anon 57344 [ 2035.779246][ T9755] inactive_file 0 [ 2035.779246][ T9755] active_file 0 [ 2035.779246][ T9755] unevictable 0 [ 2035.779246][ T9755] slab_reclaimable 15840 [ 2035.779246][ T9755] slab_unreclaimable 303118864 [ 2035.779246][ T9755] slab 303134704 [ 2035.779246][ T9755] workingset_refault_anon 0 [ 2035.779246][ T9755] workingset_refault_file 15 [ 2035.779246][ T9755] workingset_activate_anon 0 [ 2035.779246][ T9755] workingset_activate_file 0 [ 2035.875006][ T9755] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=9747,uid=0 [ 2035.890282][ T9755] Memory cgroup out of memory: Killed process 9747 (syz-executor.4) total-vm:46312kB, anon-rss:388kB, file-rss:8192kB, shmem-rss:0kB, UID:0 pgtables:80kB oom_score_adj:1000 01:40:26 executing program 3: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000240)=0x1) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4000000010001fff000000000000033000000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00ed"], 0x40}}, 0x0) 01:40:26 executing program 1: syz_init_net_socket$bt_l2cap(0x1f, 0x0, 0x0) syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0) accept4$bt_l2cap(0xffffffffffffffff, 0x0, 0x0, 0x0) io_uring_register$IORING_REGISTER_FILES(0xffffffffffffffff, 0x2, 0x0, 0x0) syz_genetlink_get_family_id$ipvs(0x0, 0xffffffffffffffff) io_uring_setup(0x0, 0x0) 01:40:26 executing program 5: r0 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0) read$ptp(r0, 0x0, 0x25) 01:40:26 executing program 4: pselect6(0x40, &(0x7f0000000000), 0x0, &(0x7f00000000c0)={0x3ff}, 0x0, &(0x7f0000000180)={&(0x7f0000000140), 0x8}) 01:40:26 executing program 2: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000240)=0x1) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4000000010001fff000000000000000600000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00ed"], 0x40}}, 0x0) 01:40:26 executing program 0: getpid() socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, 0x0, 0x0, 0x2, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4000000010001fff0000ee030000000000000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00edd62ea20a1d331785", @ANYBLOB="f6058f6edd13b339a41741df7cc8ce16a184f1c3ce95557b15a6b9d8ed59050d446d58b1b14a601e31bc1f05ac2d5eab491981e7982e0834ddf3bc6592804936196dbce83b114f9265aa8c87654cf456311e4cba3ee22fd0451b75c902767755ccec2eb4ea77c45e8d4d4e77f867648d98797fdd8711d671c5f22669c60eb10bf9570150a2c247bf1e55cd1fb91e41588a73327e20823f2f15ce2255a75e6d8afb40aa37c5ae7af3fb6c770673242110d1e2c33cfd3264e2a156ae5ee38d5abfb2ad4c2a8a"], 0x40}}, 0x0) 01:40:26 executing program 1: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000100)=0x100000001, 0x4) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @empty}, 0x1c) setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f0000000140), 0x4) setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x1, &(0x7f0000000180)=@ccm_128={{0x303, 0x37}, '\x00', "00000000000000008f00", "c10ad4b8", "9d3333cc118b50d7"}, 0x28) 01:40:26 executing program 5: r0 = io_uring_setup(0x7c, &(0x7f0000000100)) io_uring_register$IORING_REGISTER_PROBE(r0, 0x8, &(0x7f0000000180)={0x0, 0x0, 0x0, '\x00', [{}]}, 0x1) 01:40:26 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$gtp(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$GTP_CMD_DELPDP(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="01"], 0x24}}, 0x0) [ 2036.152896][ T9775] syz-executor.4 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 2036.163184][ T9775] CPU: 0 PID: 9775 Comm: syz-executor.4 Not tainted 5.19.0-rc6-syzkaller-00104-g72a8e05d4f66-dirty #0 [ 2036.174166][ T9775] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 2036.184244][ T9775] Call Trace: [ 2036.187572][ T9775] [ 2036.189606][ T9792] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.1'. 01:40:26 executing program 5: add_key$keyring(&(0x7f0000000100), 0x0, 0x0, 0x0, 0xfffffffffffffffe) 01:40:26 executing program 1: r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0) setsockopt$bt_l2cap_L2CAP_OPTIONS(r0, 0x6, 0x1, &(0x7f0000000080)={0x0, 0xbc, 0x0, 0x1}, 0xc) 01:40:26 executing program 1: r0 = add_key$keyring(&(0x7f0000000100), &(0x7f0000000140)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffe) r1 = add_key$fscrypt_v1(&(0x7f0000000180), &(0x7f00000001c0)={'fscrypt:', @desc4}, &(0x7f0000000200)={0x0, "c56c37e1ba0ee86f9a7409870f5e7667dabcb375cc52dfa5d65039700d4916dad2cb3bbb71442bc2d21a9c1e167b69a65ee4cf20f173c3fa41648ccd78ba3520"}, 0x48, r0) keyctl$KEYCTL_MOVE(0x1e, r1, r0, 0x0, 0x0) [ 2036.190492][ T9775] dump_stack_lvl+0xd6/0x122 [ 2036.204557][ T9775] dump_stack+0x11/0x12 [ 2036.208723][ T9775] dump_header+0x98/0x410 [ 2036.213074][ T9775] oom_kill_process+0xfe/0x550 [ 2036.217976][ T9775] out_of_memory+0x620/0x880 [ 2036.222609][ T9775] mem_cgroup_oom+0x475/0x4f0 [ 2036.227303][ T9775] try_charge_memcg+0x746/0x960 [ 2036.232281][ T9775] charge_memcg+0x63/0x2c0 [ 2036.236708][ T9775] __mem_cgroup_charge+0x25/0xa0 [ 2036.241724][ T9775] wp_page_copy+0x20f/0x1460 [ 2036.246327][ T9775] ? delay_tsc+0xc1/0xe0 [ 2036.250668][ T9775] ? do_try_to_free_pages+0x498/0x720 [ 2036.256048][ T9775] do_wp_page+0x76f/0xe10 [ 2036.260444][ T9775] handle_mm_fault+0x5fb/0xa90 [ 2036.265279][ T9775] do_user_addr_fault+0x4cd/0x940 [ 2036.270323][ T9775] exc_page_fault+0x60/0x160 [ 2036.274930][ T9775] asm_exc_page_fault+0x22/0x30 [ 2036.279797][ T9775] RIP: 0033:0x7fe837f5a340 [ 2036.284213][ T9775] Code: fe ff 49 39 dc 75 eb 48 8b 44 24 18 89 28 48 83 c4 28 5b 5d 41 5c 41 5d 41 5e 41 5f c3 0f 1f 44 00 00 41 89 c5 e9 75 fe ff ff <43> 89 2c 84 e9 a3 fe ff ff 0f 1f 80 00 00 00 00 49 39 d4 74 70 48 [ 2036.303863][ T9775] RSP: 002b:00007ffd964f7790 EFLAGS: 00010246 [ 2036.310013][ T9775] RAX: 00000000fe8bbf04 RBX: 00007fe8380beff8 RCX: 0000001b2de20000 [ 2036.318016][ T9775] RDX: 0000000000000000 RSI: 0000001b2de20018 RDI: 0000000008c0668d [ 2036.325998][ T9775] RBP: 00000000fe8bbf04 R08: 0000000000001f04 R09: 00000000fe8bbf08 [ 2036.333979][ T9775] R10: 00007ffd964f7960 R11: 0000000000000246 R12: 00007fe8380b3000 [ 2036.341966][ T9775] R13: 0000000000000001 R14: 0000000000000003 R15: ffffffff81568ad5 [ 2036.349949][ T9775] ? __do_sys_pselect6+0x75/0x250 [ 2036.355117][ T9775] [ 2036.358320][ T9775] memory: usage 307200kB, limit 307200kB, failcnt 62342 [ 2036.365268][ T9775] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2036.372168][ T9775] Memory cgroup stats for /syz4: [ 2036.539693][ T9775] anon 114688 [ 2036.539693][ T9775] file 126976 [ 2036.539693][ T9775] kernel 314322944 [ 2036.539693][ T9775] kernel_stack 32768 [ 2036.539693][ T9775] pagetables 77824 [ 2036.539693][ T9775] percpu 11039616 [ 2036.539693][ T9775] sock 0 [ 2036.539693][ T9775] vmalloc 0 [ 2036.539693][ T9775] shmem 126976 [ 2036.539693][ T9775] file_mapped 126976 [ 2036.539693][ T9775] file_dirty 0 [ 2036.539693][ T9775] file_writeback 0 [ 2036.539693][ T9775] swapcached 0 [ 2036.539693][ T9775] inactive_anon 184320 [ 2036.539693][ T9775] active_anon 57344 [ 2036.539693][ T9775] inactive_file 0 [ 2036.539693][ T9775] active_file 0 [ 2036.539693][ T9775] unevictable 0 [ 2036.539693][ T9775] slab_reclaimable 15840 [ 2036.539693][ T9775] slab_unreclaimable 303122680 [ 2036.539693][ T9775] slab 303138520 [ 2036.539693][ T9775] workingset_refault_anon 0 [ 2036.539693][ T9775] workingset_refault_file 15 [ 2036.539693][ T9775] workingset_activate_anon 0 [ 2036.539693][ T9775] workingset_activate_file 0 [ 2036.635468][ T9775] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=9775,uid=0 [ 2036.650744][ T9775] Memory cgroup out of memory: Killed process 9775 (syz-executor.4) total-vm:46312kB, anon-rss:388kB, file-rss:8192kB, shmem-rss:0kB, UID:0 pgtables:80kB oom_score_adj:1000 01:40:27 executing program 3: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000240)=0x1) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4000000010001fff000000000000003200000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00ed"], 0x40}}, 0x0) 01:40:27 executing program 1: memfd_create(&(0x7f0000000040)='^,\x00', 0x0) 01:40:27 executing program 5: pselect6(0x40, &(0x7f0000000000), 0x0, &(0x7f00000000c0)={0x3ff}, &(0x7f0000000100)={0x77359400}, &(0x7f0000000180)={&(0x7f0000000140)={[0x3]}, 0x8}) 01:40:27 executing program 4: r0 = add_key$keyring(&(0x7f0000000000), &(0x7f0000000040)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffe) keyctl$clear(0x7, r0) 01:40:27 executing program 2: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000240)=0x1) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4000000010001fff000000000000000700000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00ed"], 0x40}}, 0x0) 01:40:27 executing program 0: getpid() socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, 0x0, 0x0, 0x2, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4000000010001fff0000f2030000000000000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00edd62ea20a1d331785", @ANYBLOB="f6058f6edd13b339a41741df7cc8ce16a184f1c3ce95557b15a6b9d8ed59050d446d58b1b14a601e31bc1f05ac2d5eab491981e7982e0834ddf3bc6592804936196dbce83b114f9265aa8c87654cf456311e4cba3ee22fd0451b75c902767755ccec2eb4ea77c45e8d4d4e77f867648d98797fdd8711d671c5f22669c60eb10bf9570150a2c247bf1e55cd1fb91e41588a73327e20823f2f15ce2255a75e6d8afb40aa37c5ae7af3fb6c770673242110d1e2c33cfd3264e2a156ae5ee38d5abfb2ad4c2a8a"], 0x40}}, 0x0) 01:40:27 executing program 1: r0 = socket$phonet(0x23, 0x2, 0x1) ioctl$ifreq_SIOCGIFINDEX_wireguard(r0, 0x8933, &(0x7f0000000040)={'wg0\x00'}) 01:40:27 executing program 5: syz_init_net_socket$bt_l2cap(0x1f, 0x2f5d0f6d459086fe, 0x0) 01:40:27 executing program 5: r0 = add_key$keyring(&(0x7f0000000100), &(0x7f0000000140)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffe) keyctl$link(0x8, 0x0, r0) 01:40:27 executing program 5: r0 = openat$urandom(0xffffffffffffff9c, &(0x7f00000005c0), 0x0, 0x0) preadv(r0, &(0x7f0000001940)=[{&(0x7f00000007c0)=""/4096, 0x1000}], 0x1, 0x0, 0x0) [ 2037.025258][ T9811] syz-executor.4 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 2037.035535][ T9811] CPU: 0 PID: 9811 Comm: syz-executor.4 Not tainted 5.19.0-rc6-syzkaller-00104-g72a8e05d4f66-dirty #0 [ 2037.046500][ T9811] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 2037.056559][ T9811] Call Trace: [ 2037.059834][ T9811] [ 2037.062766][ T9811] dump_stack_lvl+0xd6/0x122 [ 2037.067422][ T9811] dump_stack+0x11/0x12 01:40:27 executing program 5: r0 = io_uring_setup(0x23cf, &(0x7f0000000200)) io_uring_register$IORING_REGISTER_FILES(r0, 0x2, &(0x7f00000003c0), 0x0) 01:40:27 executing program 5: pkey_mprotect(&(0x7f0000ff8000/0x2000)=nil, 0x2000, 0xd, 0xffffffffffffffff) [ 2037.071649][ T9811] dump_header+0x98/0x410 [ 2037.076004][ T9811] oom_kill_process+0xfe/0x550 [ 2037.080801][ T9811] out_of_memory+0x620/0x880 [ 2037.085427][ T9811] mem_cgroup_oom+0x475/0x4f0 [ 2037.090203][ T9811] try_charge_memcg+0x746/0x960 [ 2037.095078][ T9811] charge_memcg+0x63/0x2c0 [ 2037.099621][ T9811] __mem_cgroup_charge+0x25/0xa0 [ 2037.104598][ T9811] wp_page_copy+0x20f/0x1460 [ 2037.109296][ T9811] do_wp_page+0x76f/0xe10 [ 2037.113642][ T9811] handle_mm_fault+0x5fb/0xa90 [ 2037.118483][ T9811] do_user_addr_fault+0x4cd/0x940 [ 2037.123520][ T9811] exc_page_fault+0x60/0x160 [ 2037.128217][ T9811] asm_exc_page_fault+0x22/0x30 [ 2037.133094][ T9811] RIP: 0033:0x7fe837f573f5 [ 2037.137490][ T9811] Code: 5c 41 5d c3 90 48 8b 57 18 48 83 fa ff 74 22 48 81 fa e7 03 00 00 0f 87 ee 00 00 00 48 c1 e2 04 48 8d 0d ae 3c 16 00 48 01 ca 02 01 48 89 42 08 48 8b 53 10 4c 8d 2d f9 bb 56 00 4c 39 ea 0f [ 2037.157094][ T9811] RSP: 002b:00007ffd964f7840 EFLAGS: 00010206 [ 2037.163193][ T9811] RAX: 000000002791cce6 RBX: 00007fe8380bef60 RCX: 00007fe8380bb0a0 [ 2037.171188][ T9811] RDX: 00007fe8380bb0a0 RSI: 0000000000000080 RDI: 00007fe8380bef60 [ 2037.179163][ T9811] RBP: 00007fe8380bef60 R08: 0000000000000010 R09: 0000000000000000 [ 2037.187222][ T9811] R10: 00007ffd964f7960 R11: 0000000000000246 R12: 00000000001f150b [ 2037.195185][ T9811] R13: 00007ffd964f7960 R14: 00007fe8380bef60 R15: 0000000000000032 [ 2037.203194][ T9811] [ 2037.206251][ T9811] memory: usage 307192kB, limit 307200kB, failcnt 62387 [ 2037.213368][ T9811] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2037.220278][ T9811] Memory cgroup stats for /syz4: [ 2038.861999][ T9811] anon 102400 [ 2038.861999][ T9811] file 126976 [ 2038.861999][ T9811] kernel 314318848 [ 2038.861999][ T9811] kernel_stack 32768 [ 2038.861999][ T9811] pagetables 77824 [ 2038.861999][ T9811] percpu 11039616 [ 2038.861999][ T9811] sock 0 [ 2038.861999][ T9811] vmalloc 0 [ 2038.861999][ T9811] shmem 126976 [ 2038.861999][ T9811] file_mapped 126976 [ 2038.861999][ T9811] file_dirty 0 [ 2038.861999][ T9811] file_writeback 0 [ 2038.861999][ T9811] swapcached 0 [ 2038.861999][ T9811] inactive_anon 172032 [ 2038.861999][ T9811] active_anon 57344 [ 2038.861999][ T9811] inactive_file 0 [ 2038.861999][ T9811] active_file 0 [ 2038.861999][ T9811] unevictable 0 [ 2038.861999][ T9811] slab_reclaimable 15840 [ 2038.861999][ T9811] slab_unreclaimable 303117832 [ 2038.861999][ T9811] slab 303133672 [ 2038.861999][ T9811] workingset_refault_anon 0 [ 2038.861999][ T9811] workingset_refault_file 15 [ 2038.861999][ T9811] workingset_activate_anon 0 [ 2038.861999][ T9811] workingset_activate_file 0 [ 2038.957850][ T9811] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=9811,uid=0 [ 2038.973292][ T9811] Memory cgroup out of memory: Killed process 9811 (syz-executor.4) total-vm:46312kB, anon-rss:388kB, file-rss:8192kB, shmem-rss:0kB, UID:0 pgtables:80kB oom_score_adj:1000 01:40:29 executing program 3: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000240)=0x1) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4000000010001fff000000000000033400000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00ed"], 0x40}}, 0x0) 01:40:29 executing program 5: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000100)=0x100000001, 0x4) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @empty}, 0x1c) setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f0000000140), 0x4) setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x1, &(0x7f0000000180)=@ccm_128={{0x303, 0x38}, '\x00', '\x00\x00\x00\x00\x00\x00\x00\x00\b\x00', "c10ad4b8", "9d3333cc118b50d7"}, 0x28) 01:40:29 executing program 1: pkey_mprotect(&(0x7f0000ffa000/0x1000)=nil, 0x1000, 0x0, 0xffffffffffffffff) 01:40:29 executing program 4: openat$pfkey(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0) openat$pfkey(0xffffffffffffff9c, &(0x7f0000000140), 0x40, 0x0) 01:40:29 executing program 2: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000240)=0x1) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4000000010001fff000000000000000800000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00ed"], 0x40}}, 0x0) 01:40:29 executing program 0: getpid() socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, 0x0, 0x0, 0x2, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4000000010001fff0000f6030000000000000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00edd62ea20a1d331785", @ANYBLOB="f6058f6edd13b339a41741df7cc8ce16a184f1c3ce95557b15a6b9d8ed59050d446d58b1b14a601e31bc1f05ac2d5eab491981e7982e0834ddf3bc6592804936196dbce83b114f9265aa8c87654cf456311e4cba3ee22fd0451b75c902767755ccec2eb4ea77c45e8d4d4e77f867648d98797fdd8711d671c5f22669c60eb10bf9570150a2c247bf1e55cd1fb91e41588a73327e20823f2f15ce2255a75e6d8afb40aa37c5ae7af3fb6c770673242110d1e2c33cfd3264e2a156ae5ee38d5abfb2ad4c2a8a"], 0x40}}, 0x0) 01:40:29 executing program 1: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000140), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_WPAN_PHY_NETNS(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)={0x14, r1, 0x1}, 0x14}}, 0x0) 01:40:29 executing program 1: r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0) setsockopt$bt_l2cap_L2CAP_LM(r0, 0x6, 0x3, &(0x7f0000000040)=0x30, 0x4) 01:40:29 executing program 1: r0 = socket(0x2a, 0x2, 0x0) setsockopt$packet_buf(r0, 0x107, 0x0, 0x0, 0x0) 01:40:29 executing program 1: r0 = add_key$keyring(&(0x7f0000000100), &(0x7f0000000140)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffe) add_key$fscrypt_v1(&(0x7f0000000180), &(0x7f00000001c0)={'fscrypt:', @desc4}, &(0x7f0000000200)={0x0, "c56c37e1baffff6f7667dabc0656cc52dfa5d6d2cb3bbb71442bc2d21a9c1e167b35200000000000000000000000000000000000000000000000000000004000"}, 0x48, r0) keyctl$link(0x8, r0, 0xffffffffffffffff) [ 2039.206216][ T9847] syz-executor.4 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 2039.216510][ T9847] CPU: 1 PID: 9847 Comm: syz-executor.4 Not tainted 5.19.0-rc6-syzkaller-00104-g72a8e05d4f66-dirty #0 [ 2039.223954][ T24] audit: type=1400 audit(1657676429.561:569): avc: denied { setopt } for pid=9855 comm="syz-executor.1" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1 01:40:29 executing program 1: io_uring_setup(0x23cf, &(0x7f0000000200)={0x0, 0x0, 0x2, 0x0, 0x95}) 01:40:29 executing program 1: r0 = add_key$keyring(&(0x7f0000000100), &(0x7f0000000140)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffe) add_key$fscrypt_v1(&(0x7f0000000180), &(0x7f00000001c0)={'fscrypt:', @desc4}, 0x0, 0x0, r0) [ 2039.227591][ T9847] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 2039.257592][ T9847] Call Trace: [ 2039.260875][ T9847] [ 2039.263811][ T9847] dump_stack_lvl+0xd6/0x122 [ 2039.268415][ T9847] dump_stack+0x11/0x12 [ 2039.272579][ T9847] dump_header+0x98/0x410 [ 2039.276929][ T9847] oom_kill_process+0xfe/0x550 [ 2039.281712][ T9847] out_of_memory+0x620/0x880 [ 2039.286416][ T9847] mem_cgroup_oom+0x475/0x4f0 [ 2039.291103][ T9847] try_charge_memcg+0x746/0x960 [ 2039.295968][ T9847] charge_memcg+0x63/0x2c0 [ 2039.300398][ T9847] __mem_cgroup_charge+0x25/0xa0 [ 2039.305401][ T9847] wp_page_copy+0x20f/0x1460 [ 2039.310006][ T9847] ? shrink_zones+0x525/0x5d0 [ 2039.314759][ T9847] do_wp_page+0x76f/0xe10 [ 2039.319097][ T9847] handle_mm_fault+0x5fb/0xa90 [ 2039.323955][ T9847] do_user_addr_fault+0x4cd/0x940 [ 2039.329081][ T9847] exc_page_fault+0x60/0x160 [ 2039.333856][ T9847] asm_exc_page_fault+0x22/0x30 [ 2039.338724][ T9847] RIP: 0033:0x7fe837f5a340 [ 2039.343276][ T9847] Code: fe ff 49 39 dc 75 eb 48 8b 44 24 18 89 28 48 83 c4 28 5b 5d 41 5c 41 5d 41 5e 41 5f c3 0f 1f 44 00 00 41 89 c5 e9 75 fe ff ff <43> 89 2c 84 e9 a3 fe ff ff 0f 1f 80 00 00 00 00 49 39 d4 74 70 48 [ 2039.363025][ T9847] RSP: 002b:00007ffd964f7790 EFLAGS: 00010246 [ 2039.369113][ T9847] RAX: 00000000e4742294 RBX: 00007fe8380beff8 RCX: 0000001b2de20000 [ 2039.377068][ T9847] RDX: 0000000000000000 RSI: 0000001b2de20018 RDI: 0000000008be2fcb [ 2039.385550][ T9847] RBP: 00000000e4742294 R08: 0000000000000294 R09: 00000000e4742298 [ 2039.393623][ T9847] R10: 00007ffd964f7960 R11: 0000000000000246 R12: 00007fe8380b3000 [ 2039.401646][ T9847] R13: 0000000000000001 R14: 0000000000000004 R15: ffffffff81529566 [ 2039.409678][ T9847] ? build_open_flags+0x16/0x390 [ 2039.414791][ T9847] [ 2039.417905][ T9847] memory: usage 307200kB, limit 307200kB, failcnt 62438 [ 2039.424932][ T9847] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2039.431849][ T9847] Memory cgroup stats for /syz4: [ 2040.041943][ T9847] anon 114688 [ 2040.041943][ T9847] file 126976 [ 2040.041943][ T9847] kernel 314327040 [ 2040.041943][ T9847] kernel_stack 32768 [ 2040.041943][ T9847] pagetables 77824 [ 2040.041943][ T9847] percpu 11039616 [ 2040.041943][ T9847] sock 0 [ 2040.041943][ T9847] vmalloc 0 [ 2040.041943][ T9847] shmem 126976 [ 2040.041943][ T9847] file_mapped 126976 [ 2040.041943][ T9847] file_dirty 0 [ 2040.041943][ T9847] file_writeback 0 [ 2040.041943][ T9847] swapcached 0 [ 2040.041943][ T9847] inactive_anon 184320 [ 2040.041943][ T9847] active_anon 57344 [ 2040.041943][ T9847] inactive_file 0 [ 2040.041943][ T9847] active_file 0 [ 2040.041943][ T9847] unevictable 0 [ 2040.041943][ T9847] slab_reclaimable 17632 [ 2040.041943][ T9847] slab_unreclaimable 303123160 [ 2040.041943][ T9847] slab 303140792 [ 2040.041943][ T9847] workingset_refault_anon 0 [ 2040.041943][ T9847] workingset_refault_file 15 [ 2040.041943][ T9847] workingset_activate_anon 0 [ 2040.041943][ T9847] workingset_activate_file 0 [ 2040.138071][ T9847] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=9847,uid=0 [ 2040.153238][ T9847] Memory cgroup out of memory: Killed process 9847 (syz-executor.4) total-vm:46312kB, anon-rss:388kB, file-rss:8192kB, shmem-rss:0kB, UID:0 pgtables:80kB oom_score_adj:1000 01:40:30 executing program 3: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000240)=0x1) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4000000010001fff000000000000023600000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00ed"], 0x40}}, 0x0) 01:40:30 executing program 1: io_uring_setup(0x79eb, &(0x7f00000000c0)={0x0, 0x0, 0x10, 0x3}) 01:40:30 executing program 5: syz_clone(0x40804200, 0x0, 0x0, 0x0, 0x0, 0x0) syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 01:40:30 executing program 4: r0 = add_key$keyring(&(0x7f0000000100), &(0x7f0000000140)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffe) r1 = add_key$fscrypt_v1(&(0x7f0000000180), &(0x7f00000001c0)={'fscrypt:', @desc4}, &(0x7f0000000200)={0x0, "c56c37e1ba0ee86f9a7409870f5e7667dabcb375cc52dfa5d65039700d4916dad2cb3bbb71442bc2d21a9c1e167b69a65ee4cf20f173c3fa41648ccd78ba3520"}, 0x48, r0) r2 = add_key$keyring(&(0x7f0000000100), &(0x7f0000000140)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffe) add_key$fscrypt_v1(&(0x7f0000000180), &(0x7f00000001c0)={'fscrypt:', @desc4}, &(0x7f0000000200)={0x0, "c56c37e1ba0ee86f9a7409870f5e7667dabcb375cc52dfa5d65039700d4916dad2cb3bbb71442bc2d21a9c1e167b69a65ee4cf20f173c3fa41648ccd78ba3520"}, 0x48, r2) add_key$keyring(&(0x7f0000000400), 0x0, 0x0, 0x0, r1) 01:40:30 executing program 0: getpid() socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, 0x0, 0x0, 0x2, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4000000010001fff0000fa030000000000000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00edd62ea20a1d331785", @ANYBLOB="f6058f6edd13b339a41741df7cc8ce16a184f1c3ce95557b15a6b9d8ed59050d446d58b1b14a601e31bc1f05ac2d5eab491981e7982e0834ddf3bc6592804936196dbce83b114f9265aa8c87654cf456311e4cba3ee22fd0451b75c902767755ccec2eb4ea77c45e8d4d4e77f867648d98797fdd8711d671c5f22669c60eb10bf9570150a2c247bf1e55cd1fb91e41588a73327e20823f2f15ce2255a75e6d8afb40aa37c5ae7af3fb6c770673242110d1e2c33cfd3264e2a156ae5ee38d5abfb2ad4c2a8a"], 0x40}}, 0x0) 01:40:30 executing program 2: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000240)=0x1) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4000000010001fff000000000000000900000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00ed"], 0x40}}, 0x0) 01:40:30 executing program 1: add_key$keyring(&(0x7f0000000100), &(0x7f0000000140)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffe) keyctl$search(0xa, 0x0, 0x0, 0x0, 0x0) 01:40:30 executing program 1: r0 = add_key$keyring(&(0x7f0000000100), &(0x7f0000000140)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffe) r1 = add_key$fscrypt_v1(&(0x7f0000000180), &(0x7f00000001c0)={'fscrypt:', @desc4}, &(0x7f0000000200)={0x0, "c56c37e1ba0ee86f9a7409870f5e7667dabcb375cc52dfa5d65039700d4916dad2cb3bbb71442bc2d21a9c1e167b69a65ee4cf20f173c3fa41648ccd78ba3520"}, 0x48, r0) keyctl$clear(0x7, r1) [ 2040.341025][ T9888] syz-executor.4 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 2040.351334][ T9888] CPU: 1 PID: 9888 Comm: syz-executor.4 Not tainted 5.19.0-rc6-syzkaller-00104-g72a8e05d4f66-dirty #0 [ 2040.362449][ T9888] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 2040.372698][ T9888] Call Trace: [ 2040.375982][ T9888] [ 2040.378918][ T9888] dump_stack_lvl+0xd6/0x122 [ 2040.383629][ T9888] dump_stack+0x11/0x12 01:40:30 executing program 1: pselect6(0x40, &(0x7f0000000000), 0x0, 0x0, &(0x7f0000000100)={0x77359400}, &(0x7f0000000180)={&(0x7f0000000140)={[0x3]}, 0x8}) [ 2040.387938][ T9888] dump_header+0x98/0x410 [ 2040.392272][ T9888] oom_kill_process+0xfe/0x550 [ 2040.397098][ T9888] out_of_memory+0x620/0x880 [ 2040.401705][ T9888] mem_cgroup_oom+0x475/0x4f0 [ 2040.406420][ T9888] try_charge_memcg+0x746/0x960 [ 2040.411275][ T9888] charge_memcg+0x63/0x2c0 [ 2040.415805][ T9888] __mem_cgroup_charge+0x25/0xa0 [ 2040.420752][ T9888] wp_page_copy+0x20f/0x1460 [ 2040.425340][ T9888] ? shrink_zones+0x525/0x5d0 [ 2040.430105][ T9888] do_wp_page+0x76f/0xe10 [ 2040.434636][ T9888] handle_mm_fault+0x5fb/0xa90 [ 2040.439400][ T9888] do_user_addr_fault+0x4cd/0x940 [ 2040.444421][ T9888] exc_page_fault+0x60/0x160 [ 2040.449116][ T9888] asm_exc_page_fault+0x22/0x30 [ 2040.453953][ T9888] RIP: 0033:0x7fe837f5a340 [ 2040.458358][ T9888] Code: fe ff 49 39 dc 75 eb 48 8b 44 24 18 89 28 48 83 c4 28 5b 5d 41 5c 41 5d 41 5e 41 5f c3 0f 1f 44 00 00 41 89 c5 e9 75 fe ff ff <43> 89 2c 84 e9 a3 fe ff ff 0f 1f 80 00 00 00 00 49 39 d4 74 70 48 [ 2040.479918][ T9888] RSP: 002b:00007ffd964f7790 EFLAGS: 00010246 [ 2040.485977][ T9888] RAX: 0000000041263e2b RBX: 00007fe8380beff8 RCX: 0000001b2de20000 [ 2040.494090][ T9888] RDX: 0000000000000000 RSI: 0000001b2de20018 RDI: 0000000000000022 [ 2040.502071][ T9888] RBP: 0000000041263e2b R08: 0000000000001e2b R09: 0000000041263e2f [ 2040.510090][ T9888] R10: 00007ffd964f7960 R11: 0000000000000246 R12: 00007fe8380b3000 [ 2040.518091][ T9888] R13: 0000000000000001 R14: 0000000000000000 R15: ffffffff818f7741 [ 2040.526150][ T9888] ? __x64_sys_add_key+0x11/0x70 [ 2040.531138][ T9888] [ 2040.534207][ T9888] memory: usage 307200kB, limit 307200kB, failcnt 62487 [ 2040.541149][ T9888] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2040.548147][ T9888] Memory cgroup stats for /syz4: [ 2041.905091][ T9888] anon 106496 [ 2041.905091][ T9888] file 126976 [ 2041.905091][ T9888] kernel 314331136 [ 2041.905091][ T9888] kernel_stack 32768 [ 2041.905091][ T9888] pagetables 77824 [ 2041.905091][ T9888] percpu 11039616 [ 2041.905091][ T9888] sock 0 [ 2041.905091][ T9888] vmalloc 0 [ 2041.905091][ T9888] shmem 126976 [ 2041.905091][ T9888] file_mapped 126976 [ 2041.905091][ T9888] file_dirty 0 [ 2041.905091][ T9888] file_writeback 0 [ 2041.905091][ T9888] swapcached 0 01:40:32 executing program 1: r0 = io_uring_setup(0x79eb, &(0x7f00000000c0)) io_uring_register$IORING_REGISTER_PROBE(r0, 0x8, &(0x7f0000000040)=ANY=[], 0xe) 01:40:32 executing program 5: r0 = add_key$keyring(&(0x7f0000000100), &(0x7f0000000140)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffe) keyctl$restrict_keyring(0x1d, r0, 0x0, 0x0) 01:40:32 executing program 1: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL802154_CMD_SET_WPAN_PHY_NETNS(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={0x0}}, 0x0) [ 2041.905091][ T9888] inactive_anon 176128 [ 2041.905091][ T9888] active_anon 57344 [ 2041.905091][ T9888] inactive_file 0 [ 2041.905091][ T9888] active_file 0 [ 2041.905091][ T9888] unevictable 0 [ 2041.905091][ T9888] slab_reclaimable 15840 [ 2041.905091][ T9888] slab_unreclaimable 303124192 [ 2041.905091][ T9888] slab 303140032 [ 2041.905091][ T9888] workingset_refault_anon 0 [ 2041.905091][ T9888] workingset_refault_file 15 [ 2041.905091][ T9888] workingset_activate_anon 0 [ 2041.905091][ T9888] workingset_activate_file 0 [ 2042.000826][ T9888] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=9888,uid=0 [ 2042.016958][ T9888] Memory cgroup out of memory: Killed process 9888 (syz-executor.4) total-vm:46312kB, anon-rss:388kB, file-rss:8192kB, shmem-rss:0kB, UID:0 pgtables:80kB oom_score_adj:1000 01:40:32 executing program 3: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000240)=0x1) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4000000010001fff000000000000003a00000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00ed"], 0x40}}, 0x0) 01:40:32 executing program 1: openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0x107000, 0x0) 01:40:32 executing program 5: r0 = add_key$keyring(&(0x7f0000000100), &(0x7f0000000140)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffe) keyctl$restrict_keyring(0x1d, r0, 0x0, &(0x7f0000000040)='85baa174f0cb1142') 01:40:32 executing program 4: unlinkat$binderfs_device(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/custom1\x00') 01:40:32 executing program 0: getpid() socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, 0x0, 0x0, 0x2, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4000000010001fff0000fe030000000000000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00edd62ea20a1d331785", @ANYBLOB="f6058f6edd13b339a41741df7cc8ce16a184f1c3ce95557b15a6b9d8ed59050d446d58b1b14a601e31bc1f05ac2d5eab491981e7982e0834ddf3bc6592804936196dbce83b114f9265aa8c87654cf456311e4cba3ee22fd0451b75c902767755ccec2eb4ea77c45e8d4d4e77f867648d98797fdd8711d671c5f22669c60eb10bf9570150a2c247bf1e55cd1fb91e41588a73327e20823f2f15ce2255a75e6d8afb40aa37c5ae7af3fb6c770673242110d1e2c33cfd3264e2a156ae5ee38d5abfb2ad4c2a8a"], 0x40}}, 0x0) 01:40:32 executing program 2: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000240)=0x1) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4000000010001fff000000000000000a00000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00ed"], 0x40}}, 0x0) 01:40:32 executing program 1: sendmsg$IPVS_CMD_GET_DEST(0xffffffffffffffff, 0x0, 0x1a6dc7a6b7702572) 01:40:32 executing program 5: r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0) setsockopt$bt_l2cap_L2CAP_OPTIONS(r0, 0x6, 0x1, &(0x7f0000000080)={0x0, 0xbc}, 0xc) 01:40:32 executing program 1: io_uring_setup(0x7c, &(0x7f0000000100)={0x0, 0x1b8d, 0x8}) 01:40:32 executing program 5: r0 = socket$unix(0x1, 0x2, 0x0) setsockopt$sock_linger(r0, 0x1, 0xd, &(0x7f0000000080)={0x0, 0x1}, 0x8) [ 2042.218514][ T9918] syz-executor.4 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 2042.228811][ T9918] CPU: 0 PID: 9918 Comm: syz-executor.4 Not tainted 5.19.0-rc6-syzkaller-00104-g72a8e05d4f66-dirty #0 [ 2042.239854][ T9918] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 2042.249975][ T9918] Call Trace: [ 2042.253293][ T9918] [ 2042.256230][ T9918] dump_stack_lvl+0xd6/0x122 [ 2042.260989][ T9918] dump_stack+0x11/0x12 01:40:32 executing program 1: pipe2(&(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) sendmsg$sock(r0, 0x0, 0x0) 01:40:32 executing program 5: r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000001000)='/sys/devices/system', 0x0, 0x0) recvmsg$unix(r0, 0x0, 0x0) [ 2042.265161][ T9918] dump_header+0x98/0x410 [ 2042.269535][ T9918] oom_kill_process+0xfe/0x550 [ 2042.274332][ T9918] out_of_memory+0x620/0x880 [ 2042.279012][ T9918] mem_cgroup_oom+0x475/0x4f0 [ 2042.283714][ T9918] try_charge_memcg+0x746/0x960 [ 2042.288595][ T9918] charge_memcg+0x63/0x2c0 [ 2042.293031][ T9918] __mem_cgroup_charge+0x25/0xa0 [ 2042.298035][ T9918] wp_page_copy+0x20f/0x1460 [ 2042.302648][ T9918] ? shrink_zones+0x525/0x5d0 [ 2042.307343][ T9918] do_wp_page+0x76f/0xe10 [ 2042.311705][ T9918] handle_mm_fault+0x5fb/0xa90 [ 2042.316490][ T9918] do_user_addr_fault+0x4cd/0x940 [ 2042.321528][ T9918] exc_page_fault+0x60/0x160 [ 2042.326154][ T9918] asm_exc_page_fault+0x22/0x30 [ 2042.331182][ T9918] RIP: 0033:0x7fe837f5a340 [ 2042.335699][ T9918] Code: fe ff 49 39 dc 75 eb 48 8b 44 24 18 89 28 48 83 c4 28 5b 5d 41 5c 41 5d 41 5e 41 5f c3 0f 1f 44 00 00 41 89 c5 e9 75 fe ff ff <43> 89 2c 84 e9 a3 fe ff ff 0f 1f 80 00 00 00 00 49 39 d4 74 70 48 [ 2042.355328][ T9918] RSP: 002b:00007ffd964f7790 EFLAGS: 00010246 [ 2042.361378][ T9918] RAX: 00000000aa84078e RBX: 00007fe8380beff8 RCX: 0000001b2de20000 [ 2042.369349][ T9918] RDX: 0000000000000000 RSI: 0000001b2de20018 RDI: 0000000008bf5d7c [ 2042.377315][ T9918] RBP: 00000000aa84078e R08: 000000000000078e R09: 00000000aa840792 [ 2042.385351][ T9918] R10: 00007ffd964f7960 R11: 0000000000000246 R12: 00007fe8380b3000 [ 2042.393321][ T9918] R13: 0000000000000001 R14: 0000000000000003 R15: ffffffff81ada12d [ 2042.401293][ T9918] ? strncpy_from_user+0x1d/0x230 [ 2042.406353][ T9918] [ 2042.409550][ T9918] memory: usage 307200kB, limit 307200kB, failcnt 62536 [ 2042.416533][ T9918] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2042.423387][ T9918] Memory cgroup stats for /syz4: [ 2043.814152][ T9918] anon 114688 [ 2043.814152][ T9918] file 126976 [ 2043.814152][ T9918] kernel 314331136 [ 2043.814152][ T9918] kernel_stack 32768 [ 2043.814152][ T9918] pagetables 77824 [ 2043.814152][ T9918] percpu 11039616 [ 2043.814152][ T9918] sock 0 [ 2043.814152][ T9918] vmalloc 0 [ 2043.814152][ T9918] shmem 126976 [ 2043.814152][ T9918] file_mapped 126976 [ 2043.814152][ T9918] file_dirty 0 [ 2043.814152][ T9918] file_writeback 0 [ 2043.814152][ T9918] swapcached 0 [ 2043.814152][ T9918] inactive_anon 184320 [ 2043.814152][ T9918] active_anon 57344 [ 2043.814152][ T9918] inactive_file 0 [ 2043.814152][ T9918] active_file 0 [ 2043.814152][ T9918] unevictable 0 [ 2043.814152][ T9918] slab_reclaimable 22920 [ 2043.814152][ T9918] slab_unreclaimable 303122944 [ 2043.814152][ T9918] slab 303145864 [ 2043.814152][ T9918] workingset_refault_anon 0 [ 2043.814152][ T9918] workingset_refault_file 15 [ 2043.814152][ T9918] workingset_activate_anon 0 [ 2043.814152][ T9918] workingset_activate_file 0 01:40:34 executing program 3: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000240)=0x1) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4000000010001fff000000000000003e00000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00ed"], 0x40}}, 0x0) 01:40:34 executing program 1: r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/class/power_supply', 0x0, 0x0) mmap$binder(&(0x7f0000ffb000/0x2000)=nil, 0x2000, 0x1, 0x11, r0, 0x0) 01:40:34 executing program 5: r0 = socket$unix(0x1, 0x1, 0x0) getsockopt$IP_VS_SO_GET_INFO(r0, 0x0, 0x481, 0x0, &(0x7f0000000040)) 01:40:34 executing program 4: r0 = socket$inet_tcp(0x2, 0x1, 0x0) getsockopt$inet_tcp_TCP_REPAIR_WINDOW(r0, 0x6, 0x1d, 0x0, &(0x7f0000000180)) [ 2043.910028][ T9918] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=9918,uid=0 [ 2043.926339][ T9918] Memory cgroup out of memory: Killed process 9918 (syz-executor.4) total-vm:46312kB, anon-rss:388kB, file-rss:8192kB, shmem-rss:0kB, UID:0 pgtables:80kB oom_score_adj:1000 [ 2043.993967][ T9943] syz-executor.4 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 2044.004234][ T9943] CPU: 0 PID: 9943 Comm: syz-executor.4 Not tainted 5.19.0-rc6-syzkaller-00104-g72a8e05d4f66-dirty #0 [ 2044.015176][ T9943] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 2044.025247][ T9943] Call Trace: [ 2044.028515][ T9943] [ 2044.031428][ T9943] dump_stack_lvl+0xd6/0x122 [ 2044.036091][ T9943] dump_stack+0x11/0x12 [ 2044.040268][ T9943] dump_header+0x98/0x410 [ 2044.044585][ T9943] oom_kill_process+0xfe/0x550 [ 2044.049406][ T9943] out_of_memory+0x620/0x880 [ 2044.054030][ T9943] mem_cgroup_oom+0x475/0x4f0 [ 2044.058701][ T9943] try_charge_memcg+0x746/0x960 [ 2044.063611][ T9943] charge_memcg+0x63/0x2c0 [ 2044.068069][ T9943] __mem_cgroup_charge+0x25/0xa0 [ 2044.073012][ T9943] wp_page_copy+0x20f/0x1460 [ 2044.077634][ T9943] ? shrink_zones+0x525/0x5d0 [ 2044.082365][ T9943] do_wp_page+0x76f/0xe10 [ 2044.086765][ T9943] handle_mm_fault+0x5fb/0xa90 [ 2044.091581][ T9943] do_user_addr_fault+0x4cd/0x940 [ 2044.096697][ T9943] exc_page_fault+0x60/0x160 [ 2044.101278][ T9943] asm_exc_page_fault+0x22/0x30 [ 2044.106194][ T9943] RIP: 0033:0x7fe837f5a340 [ 2044.110598][ T9943] Code: fe ff 49 39 dc 75 eb 48 8b 44 24 18 89 28 48 83 c4 28 5b 5d 41 5c 41 5d 41 5e 41 5f c3 0f 1f 44 00 00 41 89 c5 e9 75 fe ff ff <43> 89 2c 84 e9 a3 fe ff ff 0f 1f 80 00 00 00 00 49 39 d4 74 70 48 [ 2044.130390][ T9943] RSP: 002b:00007ffd964f7790 EFLAGS: 00010246 [ 2044.136441][ T9943] RAX: 0000000027c84cc8 RBX: 00007fe8380beff8 RCX: 0000001b2de20000 [ 2044.144455][ T9943] RDX: 0000000000000000 RSI: 0000001b2de20018 RDI: 000000000a0aeda7 [ 2044.152502][ T9943] RBP: 0000000027c84cc8 R08: 0000000000000cc8 R09: 0000000027c84ccc [ 2044.160517][ T9943] R10: 00007ffd964f7960 R11: 0000000000000246 R12: 00007fe8380b3000 [ 2044.168567][ T9943] R13: 0000000000000001 R14: 0000000000000004 R15: ffffffff8190bfeb [ 2044.176540][ T9943] ? security_socket_create+0x1b/0xa0 [ 2044.181925][ T9943] [ 2044.184962][ T9943] memory: usage 307200kB, limit 307200kB, failcnt 62594 [ 2044.191964][ T9943] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2044.198827][ T9943] Memory cgroup stats for /syz4: [ 2044.200750][ T9943] anon 110592 [ 2044.200750][ T9943] file 126976 [ 2044.200750][ T9943] kernel 314318848 [ 2044.200750][ T9943] kernel_stack 32768 [ 2044.200750][ T9943] pagetables 69632 [ 2044.200750][ T9943] percpu 11039616 [ 2044.200750][ T9943] sock 0 [ 2044.200750][ T9943] vmalloc 0 [ 2044.200750][ T9943] shmem 126976 [ 2044.200750][ T9943] file_mapped 126976 [ 2044.200750][ T9943] file_dirty 0 [ 2044.200750][ T9943] file_writeback 0 [ 2044.200750][ T9943] swapcached 0 [ 2044.200750][ T9943] inactive_anon 180224 [ 2044.200750][ T9943] active_anon 57344 [ 2044.200750][ T9943] inactive_file 0 [ 2044.200750][ T9943] active_file 0 [ 2044.200750][ T9943] unevictable 0 [ 2044.200750][ T9943] slab_reclaimable 16816 [ 2044.200750][ T9943] slab_unreclaimable 303126304 [ 2044.200750][ T9943] slab 303143120 [ 2044.200750][ T9943] workingset_refault_anon 0 [ 2044.200750][ T9943] workingset_refault_file 15 [ 2044.200750][ T9943] workingset_activate_anon 0 [ 2044.200750][ T9943] workingset_activate_file 0 [ 2044.296555][ T9943] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=9943,uid=0 [ 2044.311909][ T9943] Memory cgroup out of memory: Killed process 9943 (syz-executor.4) total-vm:46312kB, anon-rss:388kB, file-rss:8192kB, shmem-rss:0kB, UID:0 pgtables:72kB oom_score_adj:1000 01:40:34 executing program 0: getpid() socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, 0x0, 0x0, 0x2, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4000000010001fff000000050000000000000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00edd62ea20a1d331785", @ANYBLOB="f6058f6edd13b339a41741df7cc8ce16a184f1c3ce95557b15a6b9d8ed59050d446d58b1b14a601e31bc1f05ac2d5eab491981e7982e0834ddf3bc6592804936196dbce83b114f9265aa8c87654cf456311e4cba3ee22fd0451b75c902767755ccec2eb4ea77c45e8d4d4e77f867648d98797fdd8711d671c5f22669c60eb10bf9570150a2c247bf1e55cd1fb91e41588a73327e20823f2f15ce2255a75e6d8afb40aa37c5ae7af3fb6c770673242110d1e2c33cfd3264e2a156ae5ee38d5abfb2ad4c2a8a"], 0x40}}, 0x0) 01:40:34 executing program 2: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000240)=0x1) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4000000010001fff000000000000010a00000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00ed"], 0x40}}, 0x0) 01:40:34 executing program 1: getresgid(&(0x7f0000000980), &(0x7f00000009c0), &(0x7f0000000a00)) 01:40:34 executing program 5: r0 = socket$unix(0x1, 0x2, 0x0) ioctl$sock_inet_SIOCGIFPFLAGS(r0, 0x8935, 0x0) 01:40:34 executing program 4: r0 = getpgrp(0x0) sched_setaffinity(r0, 0x8, &(0x7f0000000100)=0xfffffffffffffffd) 01:40:34 executing program 1: uname(&(0x7f0000000000)=""/244) 01:40:34 executing program 5: r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/class/power_supply', 0x0, 0x0) sendmmsg$unix(r0, 0x0, 0x0, 0x0) 01:40:34 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$BTRFS_IOC_BALANCE_V2(r0, 0xc4009420, 0x0) [ 2044.572007][ T9959] syz-executor.4 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 2044.582334][ T9959] CPU: 1 PID: 9959 Comm: syz-executor.4 Not tainted 5.19.0-rc6-syzkaller-00104-g72a8e05d4f66-dirty #0 [ 2044.593285][ T9959] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 2044.603405][ T9959] Call Trace: [ 2044.606681][ T9959] [ 2044.609619][ T9959] dump_stack_lvl+0xd6/0x122 [ 2044.614262][ T9959] dump_stack+0x11/0x12 [ 2044.618419][ T9959] dump_header+0x98/0x410 [ 2044.622829][ T9959] oom_kill_process+0xfe/0x550 [ 2044.627623][ T9959] out_of_memory+0x620/0x880 [ 2044.632223][ T9959] mem_cgroup_oom+0x475/0x4f0 [ 2044.636902][ T9959] try_charge_memcg+0x746/0x960 [ 2044.641757][ T9959] charge_memcg+0x63/0x2c0 [ 2044.646175][ T9959] __mem_cgroup_charge+0x25/0xa0 [ 2044.651128][ T9959] wp_page_copy+0x20f/0x1460 [ 2044.655722][ T9959] ? shrink_zones+0x525/0x5d0 [ 2044.660403][ T9959] do_wp_page+0x76f/0xe10 [ 2044.664784][ T9959] handle_mm_fault+0x5fb/0xa90 [ 2044.669557][ T9959] do_user_addr_fault+0x4cd/0x940 [ 2044.674693][ T9959] exc_page_fault+0x60/0x160 [ 2044.679468][ T9959] asm_exc_page_fault+0x22/0x30 [ 2044.684672][ T9959] RIP: 0033:0x7fe837f5a340 [ 2044.689150][ T9959] Code: fe ff 49 39 dc 75 eb 48 8b 44 24 18 89 28 48 83 c4 28 5b 5d 41 5c 41 5d 41 5e 41 5f c3 0f 1f 44 00 00 41 89 c5 e9 75 fe ff ff <43> 89 2c 84 e9 a3 fe ff ff 0f 1f 80 00 00 00 00 49 39 d4 74 70 48 [ 2044.708834][ T9959] RSP: 002b:00007ffd964f7790 EFLAGS: 00010246 [ 2044.714972][ T9959] RAX: 00000000af23a752 RBX: 00007fe8380beff8 RCX: 0000001b2de20000 [ 2044.723007][ T9959] RDX: 0000000000000000 RSI: 0000001b2de20018 RDI: 00000000089a8cc3 [ 2044.730983][ T9959] RBP: 00000000af23a752 R08: 0000000000000752 R09: 00000000af23a756 [ 2044.739020][ T9959] R10: 00007ffd964f7960 R11: 0000000000000246 R12: 00007fe8380b3000 [ 2044.746995][ T9959] R13: 0000000000000001 R14: 0000000000000003 R15: ffffffff81124101 [ 2044.754972][ T9959] ? pid_vnr+0xc1/0xe0 [ 2044.759089][ T9959] [ 2044.762180][ T9959] memory: usage 307196kB, limit 307200kB, failcnt 62640 [ 2044.769144][ T9959] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2044.776011][ T9959] Memory cgroup stats for /syz4: [ 2044.814381][ T9959] anon 114688 [ 2044.814381][ T9959] file 126976 [ 2044.814381][ T9959] kernel 314327040 [ 2044.814381][ T9959] kernel_stack 32768 [ 2044.814381][ T9959] pagetables 69632 [ 2044.814381][ T9959] percpu 11039616 [ 2044.814381][ T9959] sock 0 [ 2044.814381][ T9959] vmalloc 0 [ 2044.814381][ T9959] shmem 126976 [ 2044.814381][ T9959] file_mapped 126976 [ 2044.814381][ T9959] file_dirty 0 [ 2044.814381][ T9959] file_writeback 0 [ 2044.814381][ T9959] swapcached 0 [ 2044.814381][ T9959] inactive_anon 184320 [ 2044.814381][ T9959] active_anon 57344 [ 2044.814381][ T9959] inactive_file 0 [ 2044.814381][ T9959] active_file 0 [ 2044.814381][ T9959] unevictable 0 [ 2044.814381][ T9959] slab_reclaimable 15840 [ 2044.814381][ T9959] slab_unreclaimable 303129120 [ 2044.814381][ T9959] slab 303144960 [ 2044.814381][ T9959] workingset_refault_anon 0 [ 2044.814381][ T9959] workingset_refault_file 15 [ 2044.814381][ T9959] workingset_activate_anon 0 [ 2044.814381][ T9959] workingset_activate_file 0 01:40:35 executing program 3: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000240)=0x1) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4000000010001fff000000000000023e00000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00ed"], 0x40}}, 0x0) 01:40:35 executing program 1: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x3, 0x4, 0x4, 0x9, 0x0, 0x1}, 0x48) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000080)={0x18, 0x5, &(0x7f0000000000)=@framed={{}, [@map_fd={0x18, 0x0, 0x1, 0x0, r0}]}, &(0x7f0000000a00)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80) 01:40:35 executing program 5: bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x9, 0x101, 0x2, 0x6, 0x54}, 0x48) 01:40:35 executing program 1: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x9, 0x101, 0x2, 0x6}, 0x48) bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f00000005c0)={r0, &(0x7f00000004c0), 0x0}, 0x20) [ 2044.910513][ T9959] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=9959,uid=0 [ 2044.925784][ T9959] Memory cgroup out of memory: Killed process 9959 (syz-executor.4) total-vm:46312kB, anon-rss:388kB, file-rss:8192kB, shmem-rss:0kB, UID:0 pgtables:72kB oom_score_adj:1000 01:40:35 executing program 5: perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x5, 0x16, &(0x7f0000000180)=ANY=[@ANYBLOB="61128c000000000061138c0000000000bf20000000000000150000006309000b2d03010000000000950000a7000000006916700000000000bf67000000000000b5060000fcff03046706000002000000170300000ef90060bf050000000000004f650000000000006507f9ff01000000470700004c0000005f75000000000000bf54000000000000070400000400f9fead4301000000000095000000000000000500000000000000950000000000000032ed3c5be9529914953170d2d7ffffff8ecf264e0f84f9f17d3c30e3c7bdd2d17f2f1754558f2278af6d71d79a5e12814cb1d8a5d4601d15871637b65f8903dc8711a0b9bdb7dd399703d6c4f6f3be4b369289aa6812b8e007e733a9a4f16d0a3e1282ee45a010fb94fc9de56c9d8a814261bd2b4a05000094742dfee78e821081762bab839dfa66810b5b40d893ea8fe0185473d51b546c087431d770000000767c955cfa1f6ab689fde4de5f63ede20271a51445dc8da39e5b0ab7010001000000009af619e3cca4d19e0dee5eb106774a8f3e6916df85aaf34c4756ad3a6d9fee0000000000000000c8fb735fd552bdc206004aeb0743eb2dc819b6cf5c8ac86d8a297dff0445a13d0045fb3cdaffa673a6bb55d8c85f21dce431e56723888fb126a163f16fb2ad9bc1172ba7cbebe174aba210d702a018f9bbec63222d20cecac4d03723f1c932b3a6aa57f1ad2e99e0e67a993716dbf580469f11294b482af97787f696649a462e7ee4bcf8b07a10d6735154beb4000004000000000000000000000000bc00f674629709e7e78f4ddc211bc3ebf0bd9d42ca019dd5d022cf74686e9fbe2562671cd47840a7afaab43176e65ec1118d46d1e827f3477523dcfa17690884f8d2001e03a651bb96589a7eab010e861bbd0000000000000000c59050647802cf86f1b4c3005f33d83f84e98a52fbbecd106425563d80bd0d0d703f37ca153f601ae899a53f6715a0a62a34b0c94cce69945205480a55c22fe394ac000000000000000000040000000000437d57defb79ea6a58b83eeed729a2f95e6a1fc3857fb51b324be00000000000000090867f7a3b9bc43717188cb8426286fc55fc57cc3c6de4aa67babf350709e282a4f2bf59f46e20465eae865dbfd533b1cb2d540d0490cd5248715c74b6bd0248a9a0b417bbdfb5351defc6e34a961f3593920437bf3cbbc04600c64acad9a04ffe62875177b51d2f0c6d7194c26789d2bec2d0846831455b8fcd03beaeca2c1335d8a49a92f9d2bef5f485c4b6f4cf710b7d19000000000000009d47d564a838bdf8901a719431a9d1ef918ec0ec79037cb61df16379e3bf2a1127c49407e8512e21080315e62559e8dd67dae85177d899d9e078f80585837f0e943b8820b19c75d243a78d8c2093c59cbc4c55f1578cff737502ea2d8dc5eee909928d0b9dc946dcb38692dcc8db84834cc7726429cb20603b5338184f9828aa802e3793c4f259d616307d8aa46ca094049c0ddc1caaed5485b4ff030000182620bcba2316f9e6df0c8647f6ff0000000000000000386096e4a4ff86042f0b42027ff933d2dfe2d5baffacc9dc2411302a185ea454af5839be28b7d040c1fe6ae0fd63fa7f32b8ab6cd6a8b8bf1b7d3e4ffeca635d84c376b03a58677dd9f8c2a6fa126c7dad3f9e939c92d63ab1cf2fbea26a60b951914aba5c0696cc64e66b9b0f2c4444f8c391c0d9b647a3be4885a055ce3879a91fb62ca97e6526286c14c80b6dc981c5ae6ebf0778ea01a3a44e01ab79bcccbb83266a1ce1a1dea83ebb89d07b4db1aa09ad2904040e7784e96cd66bda204d47b1c66d5a84e7c3de1d1062fd8a23d1b402003c177e76dbca599691164ade323ad4a17abe99975cba748bc2379eed5a83dc94947eb18976db8ba6d35bfb65a3d8b5baa9bbec017646649fa99537aa453f3e6b2acebeddb6c32a87455f351efc30260941825ba884d7db07e1212033409e62d7154cc68a7ee910e3d3470cdb781817f85373a647fd1b626035b666f224a66c0e47e15c6b836b324318507501a0f4b2cc9153167fd839a483615cbc2ad1a7d1528f01bf91b950a9bcd7d06491e1a355e476365f653d2d94ba898acbd64d70bdb364ef3adb5ba1e4d9d5002da76ccec5d5184e912aaf5a945ae000000000fb8cf0afee51c851546bb38c5ef303000000000000002ecdc2b82059750f019a418e3e8d20b6bf768a7db1f84727546f88add2f391d62b1313452553149a4634418de7eda7b2e682271c6e62f5dfaabba46560dfa410e1f334a5f60791b275368469ddc42f7712bff1689f2ffbf5268cc0572e23afd4c402b154ae94c1f65d7d4a79272945287c79b4b70183d2cde66c7225106a064a1800d777372b2b43326821d5c1c78fda699c7484f3e5fc8bbce6fb3039569646b0de22c431d90c12d48e314d8a5ef4db148110da070000002c4f7bd7f36f814ed92197fe3eb0843c2681c609231825b8a27be301142cec8a6fd85965f83ff4dd40296e5fb5678d93d0daee45c43bdb9bde9c1d1c988b909fdf78cfda5da3dc28792b10fb8f3f22ece745c074f86f471489337a9a8d9ad7f310aa50c983b490f561bc420289b6aa0fc3f43f8a4548aa9c723ce466287760f919afbb94b0410ff06071de3aa1c199f407347af666713096a422fbc70671ac08f9256ab0079c101a724136352af2895899effda7bcd127ba98521eb4b04b2a821935ee3b216190859942141fc2001ffce21fb059f9519c4804283d2ce09977842ff7309ad2c4d8f0420dfc8cdb1b37ad52985a88ca4cdc1e37715362a59f7c9c7df793d69f974399859e622ec3a1bab735a1aa489fe50619fe399eddaf92f67755cb54824685444a58731ee166ae65412709b853a5df7ce44220fc188c00291843d66e69da3744f39f5f6113fbe390b22cdbefb90ca2a51b1ff21f384e7bf076825aadaf02da77eeefb8875d630b7575e661b90eb6cd98674c92f179b2675b1f6c86712846ddae87bb3a3887b56292356270e85888c25a1c8ae958906ef6b71e1b800107da1c5608fe05d2f4265a5300000000000000007c737c9118049ae7dc000000556306f32e3ac264e9f02ffcf0318af80c83ea2020b1e1f47cfdd6097c49b5f4bb92bb9133df719f35d4bf730784f1caa8e4e16f4eeb535c059a700d5764d6c83c4a35a6ef44f135657d3d4185627fe1454d35253326d937125b6f23af7eb95bac231b84c6935a3a6d24d18f7e379db2fd5e76f92fa7154a6c155e8759eb0e7b39ef433861158bd496ecafb3d1c50294e43d5895df1a2de536f5d85e0a000049277bc09533ceead6812fdfb5ef59b15069ea0df6a3eee0484c848fe4e6e7461ffc3917e4e07d250d9459ebea5fd4e26fc04eb38e70597fcb693cb2f7506f5fd725ffa93360fb2b9feb1401e30996e1e7d14bb8db59880cde130af0a6a0e6152a6e3a8a684cabf379d4aa33c896bca694ce66659dd6e5df22910a1caca10fe3ce74f1b8156d8155a4e11d2f35674dffd223f4f0a1a7a2be83872662477884d65af42bcac801d0c667fba32e16ead8f076eed935d5998bca285c25349c6f26485902316c156eee9dcaa64f8a889abb1a890b23c7de6b2b0a6128545efc3ee8e60ea8eaf5617ec3f0bfb1e23c4f75bc2a649a886bf4d5378c58259fddea066f1d70df9633af91752bf41a0d4d0929c34472a6f7110de14267c64234b49ca299ca07ba65ce67dd46909ed693d71a5de47fe26a4eb2f4d514029b11f3f0c3ccb2403db497a55d23c25003ba864cdaf6e732f74e11d1a58e89f60267e60d79f467b181d236c9300420b30760bf861195eeb74275e9c4ed71f0e9fda02bdbf8aaa3e23a6d22dd423541b6acddf724567d4c4908391b979a1c7102f5be7ed9db7a36ecfc3b9e0ab0eedde347cc4c0255b364de463000bec5fbefb017985888ce019facc7be45b2ab04b1456da413e3f7cf345d6fed0bff086cf8c3018bd0ea78ed54c8b684c797390bf5cad492bff0d97e553e42aba229446354cb4f5825ee66870100ffd06e63c27b8a12d757210a43870a0ef4ba3bad01c492d792c1535aeff946f3415912b5abbff35d1cd17c842175357a4bc75ab4a943e06a7569fa1e1e4e017e43e8e47914d10000000000000000000000000000000027e138e599ab8fbba40d6175ada8441406c3a1e309dfd365bb737f4d9b02304f7b9ca3ce7d2e5b498eec1fb323861023d0"], &(0x7f0000000100)='GPL\x00'}, 0x48) 01:40:35 executing program 2: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000240)=0x1) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4000000010001fff000000000000000b00000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00ed"], 0x40}}, 0x0) 01:40:35 executing program 4: close(0xffffffffffffffff) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0) perf_event_open(&(0x7f00000004c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x9}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000400)={0x0, 0x80, 0x68, 0x3, 0x1, 0x0, 0x0, 0x2, 0x490ce, 0xa, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x2, 0x4, @perf_bp={&(0x7f0000000300)}, 0x41, 0x80, 0x4, 0x8, 0x4, 0x9, 0x0, 0x0, 0x2300, 0x0, 0x400}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f00000009c0)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065040400010010000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b7000000000008009500f10100000000487591731cba12c07d57d995b61e89a4530f92344f242b416ae9eeefc0e9c60ebab1c176bfdbb4dde984510c82dc2bd18189a7ca02f732e4c2eab72bf40c0682fd0a0c4ac106b29e220dc28dac72039456d4c4e6f3fe684ab8373bb4df9d72876ef3834293812e927c01a6da1322da44c7f2ed1084a12f56d1cb39df9858037458a4ca0376ed42f7dd5adb8e49f4a94608c9a20819e02fc22e6be45574d4ed88b37ab8d7674c644dca2f1b4d745fd95c41f9df0004afd1e5a3e7f2e898961cb43e438c2da3c28714dca4b04e41ae43ea118e14ffffffff14e7f574adde1a76b051c72be4b8a80366ce5401ec61921a1b529cc8b99bffff950c006c67767b03b95151aeb89e6d4a433eb215ba22f4e14336fc9dc7beedb130d9f2be90133a4500000058b8c9370634060105baa664953505605fba3973aa021945b985a8a66e0200ce8f00c219cb608acc4d305b37cb8d7f41aacfbd4089ea1bd22440f63db15d792e604a4f279b3bd6841bdf2c17bc0400001000000000ff8d01026200607a9a76e5d9656a7154c75773902a1bdf399df3925130312d095e9c1f973d091c198c1a11edb6b3cc425fe203d2f2655a76865c2ce2470fcfb1ce30c00e14a8198cd7248cc0ed5431a7fbcb0ef4f66a09af93a09fab1daae4b518d7a5d95a017864487367d6d7ee7bb0749cacf56cf27409c60fca2e0004000000000000a9cb6f4a78444986f9b1ab61f9dab530388eb1f43d4abbfc59d6d1b18fe380df4bf024f120bd715d82033f2fb7d8fc9a0d77b294e097e293db7f042c0024ab2fd8e5e7fb178f047ba32548b4d32972cba6f49051cec1bf6f16231bbb90a2d201a5a47811a2278a03bf7700b06fa191ebd3a0c2ef0058ffebd7cc4cf80f74a7cdac01d998c24f34a5ba9a4a2039d0416e3f81074100000000c7d8e94a27a06a4e3d9aaae835fd63384f69ce34640571e5bbb3e6d2b5eba505000000968983811f832d064048c0e0bbe46984f1f0d0504255c2080000f895aa5c2b0dcb25d7a656a93d0a7e6f08f9ffffff64875fea6ff57ba6ae25c5e8ca4f78d4a0130c243b08f1caa46be5244864184221e5f8e875857f083144c642f71cdc8e5634c1360c056430f677ee7ed7ac1f9743786b2fb8e0fcfcc3d36c93230b7b059bc295aa0e38ff07edc3c92b96e73d2060ac6fd0fd8145e4a5851bc4d6fdc5ad939d7795f3879baa88bd194d48e50c84892c97c80003000000a71835bdf8b846e31ce0b8ee953de70ea860f1ecf607a8dc38e525f415a1bd46b38845ebca04061bacbf627f9d1ffe599678fee48f83b5989543729e3600000000bc86cd51704f309130f534741377ea7b7bea3c46c0c4c4b7c27c5d057d95ac85a41cdcee8e6fa31f7d2137ed1fb4b21c13b9a2c5e3f7c9ef9c45885adbf0b9312be929863f000000000000004a82bc080de1f87808d0711dd76f2977ca7f2684bfa5c14a0cd6f1f561e3b0cfb284fcfde9015769b9eeac8ff10e934847604d930f62920562ce17fedadf5053ed8f33092a41bb46e1878c5295fecc27f9c6d1f62da58c000200000000000100000005e74591d5cdab1c268ef3c1984c7c0a566cfc2a080000009ec206a54fb49056a555414178ef00d8b8f3c59f01eb5d83415994efcc6ec4b3c275cd6b1b5ff82ef7d7abe7a1d0afa285706841aac9ccc89df41c39dd58dd70569fde45f8ad62edc65828fbb6e279f745d2872f0208635e465ca443a6a64c7803760880af23fb1f430a5d11fffc96dd1c2551642f1433f65b4e170a62a56bb7d0f9d5cef0d19389c43d4a4cc23e1c860900c2307500007e560fcc49062729e6a4de8b554d8f631e34c428bfe05b711f6e9abce622926614c8045dc670a31241bf657babf0615b85dc200a10294b7d5885b43ac62fc7f97a85586168483427072a535f2c7481ec261c00f725de74e48d9a86f7d4a5d28da3f099ca3e6472b9d7c86d961f525f799b4517141fc98af0673b8296f867eca1ec07be11bc497a6f7d2b752bcf77c2908b646300000000261bc2bc580a7474534b8dfc0432ab6bbc2486a03e69870cbfa7c3d3301fe227b713a371414c98695e559f9cbf6b046184064a5f24a4cc6f41f21fc24a3ad7d20a89e00a9dc99a40f890869d35fba3ce6f29c6610600ba21c65badf55d1859ea7e05c5711390bb2addd4581f9e7ef3e2693b46a8fc85be061ce79aa2832c04dc04db8b6536123b24be2ef80eb06b2db900fb30596c1574bda31f81d61ccfd58080d2330b9c7b87b5d17d48c32daffead3414b916626117c5cc91d5655e5eeb03e250eeedc7d65675bca9037426f643797be3e93da96b5643d3feed0b7c885d247c6b830d7cbf3152f27522f5142dcc84a9e48a07518f0142167abf5d6685d09945cbc778bcc3e7dcfac497bc1389a3a34ab9e5746a1353322960964183842601e5365b58060d417b01e6d80091a0d14ecb6ad9168040388c7640bfa2f886c259718543de7eebf4da8d1c3e76daace5217761d933d064b79609fcf5971aa1e77c3123910e72daaadd8878ad468eabafda2d521454ea9e8fcd3b53adfd6f00003a71345b841d04a02bf44195df032c59608a555bc44873272812e0fb874618a079f503379acff9825d582932a340c2b56b4cf44990f60000000000000000000000000000da0ca67905e877893646d185a75582f866785af6b0149e336c31fb177e3e2862ee1a07bc55df44d8d63f52fc5246b050f883247a0cd13c58cba50878620fa493937386ad2e2a0d60eb815aa05c33e22c32276dab36d14c63af66a31409ab2a403ec3c7a4e008d745efa2835a8c932f22aa6da40af9bcdf808b916bc8deb37d5b8c422b65c42d17e61751c561ce775a31b594cfbb7d2b3791b0300931610000000000000000000800000000000057e3bb75d0c9caecdd87b4d177b59f3807aa5fe4556fd97e90b31556262d1553d5721d2e089975877b808addae6f3550bcf8ac824a23854a6dc1706e22b717965a5434b736f72ab3f5af67db4fa1e8fab03f8084c461dd96299a36a79f1b40f36e5f115bc9c6821c4292e112664dba8e4a6a26614edbd1c49d4ae08c1fa43d7b03d1a3521d39968dbd298845060036f1d717fa394e4630e296937a2c37798cf83de74a0589003b4e1ba4f5173c080000000000000000000000a2671447b423b3963e4ebc75f17d4e654e29a5c189974c41a2721b86a754dcab9b311d1d0a2985675dd9e893edbde6105c8a556671d7ef8d2e20179a6f87b7172f7068b75b3287910000000408d72e3e3c54bdda389c4be1ad5073749c37a3ff61fd9e059e25d4d2002fa33cd5e2d1a69a2389b5c0b679ab9965ccebf2987f98ca9403e5b8fd45d3445b6329b5305625fbe1c0d68c57c2726fab5f0728dba6e1e0079ef2857662982bca4179c0e65aebd912c57fb3cb22cc0b50153dda5f2c67640396aff424d676047e2b5113714e20f14e7e24bd8d1686b5155bacb4de49168cd396838d5f02bb9ddd046d7f61bd7e6dea2e430a6c492778fe84390a6f16ef82135e70be04005c5cd3a99059a7b3ccd33b350305d134552d2ca379dac0d5d542027686a620458f9220a8d23adfa0dc7d03dc996b66ff96039109b504563132e0fd985b49741fc2eef5580c0432b58edb3486abca78b77236c9a442359601580000000049f557ed634597ae7c821d8c4b9f959aecc4a0e316e35176441ed2a4943640349f34f7bcba5fff1f6d918795dc44c124517fc9045b276c66b7e456bd7842902e55cf787b34f8131b261c83c20ead80324054458c272a09dae5e74c0794dfa36ed5c1b69684552e096e3ee77f3fed314fcb3101a3b0de8d07ecd9ebd8ccbf823548caf4d75e03058a2ecfd49ec86dbc1d2e2cf70918e9104d61219ad9eb940070c1ab7f8acd5c5c162efa20494628d081077b0555cd65bbd87da70000000000000000000000b1fcf34ed74ce256b12c4097200049ea1b007d4c2cfb545c4b1f0d38d4fdc99a37f92e0967297a6861a4511ea6601ba508144a836b445d34d36b63d821b94b1514fa8924bedae1c9773f43375945be99787417758ab15ba1533a58a9e6cccbe371c26a41699de1633059739b3a2b452d1c3b5e93a053d9bbce1b01243b846537fbeda9e5b9e5627df4252e030407961e9d8e62f9a10ccec5f100000000000000000000000000000000e58f8bde3a6ebd236dc8cdd2517e6fac778393328fd478265af3f3c91ff90f786fcf83917774648b4abb2ef9f2eaa8a53165bde445c19406ea3cba2d82e4db0b48af4fd095cdbc1348bf3b65f5055f9a02521a9b52a785b5918ce13f9a3ff1335c4ab9bac0ac9ab00e364a6ff4a5fc8aeda742a3115235c0ae3332a5fd736ac9ae174616a16a6e6ddf94936450510d5b4c83f41a909608b6ad05fbb81db37adfb8dbdaf363aef2be2165d3acd016f5cfe6833a1875fbc48f7e42f00038da295de727ab12df3d67c560bfd73c59e7a97993763f1cc28c7a2d73038cecea93c28a0ac2fd71afc82616c0be9cd3ec4b0f65a5617c6c6c5e813d556de2a15229e90f0aa0eebc35bdb50d2d80e3e74647555b78ce51da13d439b106ec1bd818d6459bbc3c049066e7935b9658df985f5304fac8940a14837d179710195d2a5a710418704498f2b7e1552af712306d938f5443fa0450848282b11753bbae7794bba7ce64e92b2d11619653e6984a014d3035e4ae38e316d4df55df6036f5c3a2c18e15367650f7a9661ee28764479542ef1a7b7ad7f0e5842bb8e7e4722f87cf4cf498469da0400eab9aa5f0da3662efb96c3a5b787f62b0f6476c853f92128c136684ae8ebef1d6f6ca5ebe39f5a6ac38e3f9f55e251fdd81cf737d14fe00359a0126994317c039d1a80000"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x222}, 0x48) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r1, 0x18000000000002a0, 0x1f, 0x0, &(0x7f0000000980)="b0ff07c66b1d698cb89e07e007ca1f74ffff100e7200636777fbac141436ee", 0x0, 0x2e, 0xe8034000, 0x0, 0x0, 0x0, 0x0}, 0x48) openat$cgroup_int(0xffffffffffffffff, &(0x7f00000000c0)='memory.max\x00', 0x2, 0x0) r2 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000280), 0x4) r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000140)=@base={0x7, 0x4, 0x10, 0x5}, 0x48) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x1, 0x5, &(0x7f0000000000)=@framed={{}, [@map_fd={0x18, 0x0, 0x2, 0x0, r3}]}, 0x0, 0x7, 0xf5, &(0x7f00000001c0)=""/245, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80) r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000140)=@base={0x7, 0x4, 0x10, 0x5}, 0x48) r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000140)=@base={0x7, 0x4, 0x10, 0x5}, 0x48) r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x1, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000018200000", @ANYRES32=r5, @ANYBLOB="000000dbd63e9fe6334e710000000000"], &(0x7f0000000040)='GPL\x00', 0x7, 0xf5, &(0x7f00000001c0)=""/245, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80) bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000380)=@bpf_ext={0x1c, 0x8, &(0x7f0000000040)=@framed={{0x18, 0x0, 0x0, 0x0, 0xfff, 0x0, 0x0, 0x0, 0x3}, [@generic={0x4e, 0x3, 0x2, 0x40, 0x5}, @map_idx_val={0x18, 0x7, 0x6, 0x0, 0x1, 0x0, 0x0, 0x0, 0x9ea}, @func={0x85, 0x0, 0x1, 0x0, 0x3}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x5}]}, &(0x7f0000000100)='syzkaller\x00', 0x1f, 0x0, &(0x7f0000000140), 0x41000, 0x8, '\x00', 0x0, 0x0, r0, 0x8, &(0x7f0000000180)={0x2, 0x5}, 0x8, 0x10, &(0x7f00000001c0)={0x1, 0x10, 0x6, 0x1}, 0x10, 0x307c3, r2, 0x0, &(0x7f00000002c0)=[r0, r0, r0, r4, r5]}, 0x80) bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x0, 0x2, &(0x7f0000000140)=@raw=[@btf_id], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80) bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0xc, 0xc, &(0x7f0000000580)=@framed={{0x18, 0x0, 0x0, 0x0, 0xffff7fff, 0x0, 0x0, 0x0, 0x5}, [@jmp={0x5, 0x0, 0x8, 0x7, 0x2, 0x10, 0xfffffffffffffffc}, @map_val={0x18, 0xa, 0x2, 0x0, r5, 0x0, 0x0, 0x0, 0x800}, @map_fd={0x18, 0x6}, @generic={0x5, 0x0, 0x0, 0x1ff, 0x1}, @map_val={0x18, 0x1, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0xffffffc1}, @generic={0x7, 0x0, 0x3, 0x3, 0x20000}]}, &(0x7f0000000600)='syzkaller\x00', 0xffffffff, 0xe9, &(0x7f0000000640)=""/233, 0x41100, 0x22, '\x00', 0x0, 0xcc2ace0ce83ef6e5, r0, 0x8, &(0x7f0000000740)={0x1, 0x3}, 0x8, 0x10, &(0x7f0000000780)={0x4, 0xa, 0x10001, 0x3f}, 0x10, 0x0, r6}, 0x80) bpf$BPF_PROG_GET_FD_BY_ID(0xd, 0x0, 0x0) syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 01:40:35 executing program 1: mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz1\x00', 0x1ff) bpf$LINK_GET_NEXT_ID(0x1f, &(0x7f0000000040)={0x9}, 0x8) 01:40:35 executing program 5: perf_event_open(&(0x7f0000000340)={0x1, 0x80, 0x1, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000001380)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2e6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000002c3f2cc2b7956244cef7baf48e6d2885a09a87507ebf4e4309ebcdac5f7a860c00269c781f6410457253e89ad528d985636a86ec0f68f59cd1159a2c2e85d726859a919cc9548a349980d1ccdce27f94bc074c27f81070545c146a0857153b7b8f00034debae58a4ab415b0d7ff0575cc2727e8d974927676468ff2d86e0ffac94712ed9cf6b40b3cf252a47c05af3a30d57cc3ed67d1877b54d24e2da18568c3b0f24b5269ebf84d3b042d6e432cd080e3b57239f0127473e6ba922aff649609d40b47ec331ccba3ce8f530ffff19a6471bf5abc742d9cbcfb964b13831034694a6aad86cf08a6c7b2235dc99de9aa3e6b77c7a2877261ed72da90864987f30926c9013eec3b86836ae504479f60b0ec920ae654d2b85627aa5a79f37eeae3023a8499800000000008f02712c3d8fc4e2b61adb0695e823887196d4f4e91f0000002c33df871a8e782352b88317c5adbbdb0015f89e9939bc424d1bafe5725c8a404724f8a4f1cda7997b65954f7409750600000000000000a4410009f95d5ba209b887af2c85c2d9ab09b5dd7d7f0006d2d7650bf7b2ff4602aec1eea200000064881c560c371a08e051374cf05c921a06fb78183e7e68de9dc8d95e0e5b365d1e1298f411432010e1004dae58b3b5b89709b0ff47b200000000000000cbefd9a6bb70f60eb9c0557c67a1d9f00e1dd2fc79a957c84f2369dcd548b3d360c4b85e4d961498f3a80131d21d856177a2189f45d011ef1da5c6d57bb8fd62020000c3899a914e47e82f040000009de2323f92739d580500d1f91c0d22597e05a61e3d8576ca168e88d7a9af95b04a37387bfffab9abbb31fa8c0080258cfa6d3f166e695f3c56490aeef464d9965d70a50f1282619344f223548e75fa39643adac1322cc7ca253ff2fb15166551ff7a31c3319e4a088276126feab16bacdf83c11816dbe959ebc5ec479c8309f73e2249eab0486b110702a481d3b51976a52303056e800b4ae5acc2df636a65eb1d672b37c8600dcda8462cc9b16624998be65683321e970000000009b8e2076234f0bec1bf4a3eb6769f2b23e842bacd9c685edea0ffa3e975424f8ede49eee3f1ff791cf7c9862f98b45852e4b2f78721b978a2df2f2a29a387c6f0576b36038f819286eca99a6a43487d775fe986a49fb82cf5f15972d55185ab18f1045384501adabb20f7b0e159a1289ba6e243668e671d305707e3de7652afc5b60c76deff43a1d6fd6a4180ab723735abbeffe7f2ec3a0bb86f9eddfc173d1d503d7a54b49e1ae6c5aafc91fbb4c256409e54daefbb107c381fa729ff5f3907d93430da178d685d771c8f89061487b38ff722096d2986334c25e45447b018174a9f4738b8c71fbdead06ab95e42f9a847182766964976b1fccde6131ba0a3723b0a4262b7023c22d4c6267965af782f8e55325399d9802264d06e40ae118e1d242d1128dcedeb44030d40adb5f8d4692e77e8960ef790fb0078215d65856eb55db8cbcba4b8de1f0d9852a5d2271097f8cae38a1d03912b31c98d42e1a1bda1290de1a499a519e5a90442abe0bdbc09242806d6849914c1787cc341fff44fec5c5e0abae01c439a1b0311e074e81ae9993b5b3459553ecede78d4c1541c70f5d85c0000000000000000aada2d1b83182952a76233d18e7d49638aebeafb7c255372795d2d192a0a33cab096e5a7d72fcdb0a11993d54d97a23754ac828674dbb93c0ad345715be4a13678b01edf76d8a9236558fea2c88c9d004505ab45d8f5f88aa816c7ce5c189704bb2cd7a2356397f1a0a23e662e2a6cc41de3121b3879f4182a4aa1000a315b9414dd9cafba2e72c659682a76c266fb594fd2338566176df5b59d8bfa89e58c3e0fa84da9abedd5698dec718a7f87be5a73aaa10f0e4ff98322361d3fd75f1f7cb0391299f8858a029f9d23d1e8e09a66d1cf039eee5bebc8945660eb892f7ffb22bbb580a202bb8eca3aeaa9faa25e4bab4a53e9bcbd11cdc30862c0011e6dfad2d6f5d51873e65f5cae47689c426cabacc31970c44d33b564b5e8f3e9ff7ee21b60b07378ace413b44a4ffa9a8acc44bd9476507014d01e76413df5d82dc74fc9c0fa29ae02dbb5667b551a3e146e28406ed3145bcf3b2877ce061a645206b4d89304cdeaee58d93b9de0bbb8994e3ce9fe9566fdaeb59771226e6061bb344825c9836b3bdff6865254aa174141c06304692065d8550558a4b299413b19a2692a03e37f81dd08c3a069cf6a0eb6926deb2dcfff88a377a86debb0680500256535093e3aeec7d58c3dca69c3912c769b492a60781c23c98b5bd469181fcd94d78d7d0b98332e8c5991e2ec2fb3a01d2e16745985106c5ec51b5483463f5aef606572b0f2e14f6a87e7c26c083555b015f317a1a647dbffe546ee9a4c83e401fb7bc387988b9b1cb26d561e3610749ffe3e8f057fb4261afc475bfb903afa81369e7149ca76ffe537f4f7bda6d7c1f705e9ff215f9c8d3425a4e4"], &(0x7f0000000340)='syzkaller\x00'}, 0x48) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000000c0)={r0, 0x20e, 0x5ee, 0xfd000002, &(0x7f00000004c0)="b9180bb76003070c009e40f008001fff310000003300fc8477fbac141434e0080001c699da153f0ae0e6e380f6010af683317585d7472be0ab4439f0f570ff155bc5f73ba3f8bb99a6e8ded1ce485cf058105cd981b42493481cd659416a2e10c9119664f36eb00b333c20c9ec0c222d644bdcb178c1cc53d6960fbb842d6a33dfcde3a1e1848135214baf139753866cadcbe3ce52505e992818cc452bee339d9ab076f484020eaa348a21d7911e4c44905256ec2cc54cca47a198b00c10aff62a4bed43a2ebcad92743fb22c593f28fd4bb7c703cde9cae0569d4c8d9a823f2c12863f7a6c0cf88ed22aae4f6f084508833b61429a25773eedf63dd9f33d430f2a0a30a7761db16fe0f743b95ded898c28aac1256ce2751b3d738899b8b19d9052b7f13ff94", 0x0, 0x31, 0x6000000000000000, 0xfffffffffffffe7e, 0x1d4}, 0x28) bpf$MAP_CREATE(0x0, 0x0, 0x0) syz_clone(0x40200000, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000480)) bpf$MAP_LOOKUP_ELEM(0x15, 0x0, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000340)='cgroup.controllers\x00', 0x100002, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(0xffffffffffffffff, 0xc028660f, &(0x7f00000005c0)=0x3fffffffe) perf_event_open(&(0x7f0000000ac0)={0x4, 0x80, 0x1, 0x40, 0x81, 0x1f, 0x0, 0x1, 0xb, 0x2, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x2, @perf_bp={&(0x7f0000000a80), 0x6}, 0x11202, 0x7, 0x8, 0x5, 0x0, 0x3, 0x4}, 0x0, 0x2, 0xffffffffffffffff, 0x0) 01:40:35 executing program 0: getpid() socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, 0x0, 0x0, 0x2, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4000000010001fff0000a1050000000000000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00edd62ea20a1d331785", @ANYBLOB="f6058f6edd13b339a41741df7cc8ce16a184f1c3ce95557b15a6b9d8ed59050d446d58b1b14a601e31bc1f05ac2d5eab491981e7982e0834ddf3bc6592804936196dbce83b114f9265aa8c87654cf456311e4cba3ee22fd0451b75c902767755ccec2eb4ea77c45e8d4d4e77f867648d98797fdd8711d671c5f22669c60eb10bf9570150a2c247bf1e55cd1fb91e41588a73327e20823f2f15ce2255a75e6d8afb40aa37c5ae7af3fb6c770673242110d1e2c33cfd3264e2a156ae5ee38d5abfb2ad4c2a8a"], 0x40}}, 0x0) 01:40:35 executing program 1: r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000080)='./cgroup.net/syz1\x00', 0x200002, 0x0) bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000100)={r0, 0x0, 0x1, 0x0, &(0x7f00000000c0)=[0x0], 0x1}, 0x20) [ 2045.400906][ T9991] syz-executor.4 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 2045.411198][ T9991] CPU: 0 PID: 9991 Comm: syz-executor.4 Not tainted 5.19.0-rc6-syzkaller-00104-g72a8e05d4f66-dirty #0 [ 2045.422206][ T9991] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 2045.432251][ T9991] Call Trace: [ 2045.435529][ T9991] [ 2045.438463][ T9991] dump_stack_lvl+0xd6/0x122 [ 2045.443052][ T9991] dump_stack+0x11/0x12 [ 2045.447202][ T9991] dump_header+0x98/0x410 [ 2045.451548][ T9991] oom_kill_process+0xfe/0x550 [ 2045.456389][ T9991] out_of_memory+0x620/0x880 [ 2045.461034][ T9991] mem_cgroup_oom+0x475/0x4f0 [ 2045.465774][ T9991] try_charge_memcg+0x746/0x960 [ 2045.470638][ T9991] charge_memcg+0x63/0x2c0 [ 2045.475078][ T9991] __mem_cgroup_charge+0x25/0xa0 [ 2045.480075][ T9991] wp_page_copy+0x20f/0x1460 [ 2045.484694][ T9991] ? shrink_zones+0x525/0x5d0 [ 2045.489467][ T9991] do_wp_page+0x76f/0xe10 [ 2045.493793][ T9991] handle_mm_fault+0x5fb/0xa90 [ 2045.498575][ T9991] do_user_addr_fault+0x4cd/0x940 [ 2045.503598][ T9991] exc_page_fault+0x60/0x160 [ 2045.508329][ T9991] asm_exc_page_fault+0x22/0x30 [ 2045.513249][ T9991] RIP: 0033:0x7fe837f5a340 [ 2045.517659][ T9991] Code: fe ff 49 39 dc 75 eb 48 8b 44 24 18 89 28 48 83 c4 28 5b 5d 41 5c 41 5d 41 5e 41 5f c3 0f 1f 44 00 00 41 89 c5 e9 75 fe ff ff <43> 89 2c 84 e9 a3 fe ff ff 0f 1f 80 00 00 00 00 49 39 d4 74 70 48 [ 2045.537315][ T9991] RSP: 002b:00007ffd964f7790 EFLAGS: 00010246 [ 2045.543472][ T9991] RAX: 0000000023c9409b RBX: 00007fe8380beff8 RCX: 0000001b2de20000 [ 2045.551449][ T9991] RDX: 0000000000000000 RSI: 0000001b2de20018 RDI: 0000000008be39c7 [ 2045.559466][ T9991] RBP: 0000000023c9409b R08: 000000000000009b R09: 0000000023c9409f [ 2045.567499][ T9991] R10: 00007ffd964f7960 R11: 0000000000000246 R12: 00007fe8380b3000 [ 2045.575528][ T9991] R13: 0000000000000001 R14: 0000000000000001 R15: ffffffff8157da16 [ 2045.583494][ T9991] ? close_fd+0x16/0x1a0 [ 2045.587748][ T9991] [ 2045.590915][ T9991] memory: usage 307200kB, limit 307200kB, failcnt 62688 [ 2045.597881][ T9991] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2045.604765][ T9991] Memory cgroup stats for /syz4: [ 2045.662922][ T9991] anon 102400 [ 2045.662922][ T9991] file 126976 [ 2045.662922][ T9991] kernel 314343424 [ 2045.662922][ T9991] kernel_stack 32768 [ 2045.662922][ T9991] pagetables 69632 [ 2045.662922][ T9991] percpu 11039616 [ 2045.662922][ T9991] sock 0 [ 2045.662922][ T9991] vmalloc 0 [ 2045.662922][ T9991] shmem 126976 [ 2045.662922][ T9991] file_mapped 126976 [ 2045.662922][ T9991] file_dirty 0 [ 2045.662922][ T9991] file_writeback 0 [ 2045.662922][ T9991] swapcached 0 [ 2045.662922][ T9991] inactive_anon 172032 [ 2045.662922][ T9991] active_anon 57344 [ 2045.662922][ T9991] inactive_file 0 [ 2045.662922][ T9991] active_file 0 [ 2045.662922][ T9991] unevictable 0 [ 2045.662922][ T9991] slab_reclaimable 21344 [ 2045.662922][ T9991] slab_unreclaimable 303135984 [ 2045.662922][ T9991] slab 303157328 [ 2045.662922][ T9991] workingset_refault_anon 0 [ 2045.662922][ T9991] workingset_refault_file 15 [ 2045.662922][ T9991] workingset_activate_anon 0 [ 2045.662922][ T9991] workingset_activate_file 0 01:40:36 executing program 4: bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x9, 0x101, 0x2, 0x6}, 0x48) 01:40:36 executing program 3: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000240)=0x1) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4000000010001fff000000000000003f00000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00ed"], 0x40}}, 0x0) [ 2045.758872][ T9991] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=9991,uid=0 [ 2045.774183][ T9991] Memory cgroup out of memory: Killed process 9991 (syz-executor.4) total-vm:46312kB, anon-rss:388kB, file-rss:8192kB, shmem-rss:0kB, UID:0 pgtables:72kB oom_score_adj:1000 01:40:36 executing program 1: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x9, 0x101, 0x2, 0x6}, 0x48) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000200), &(0x7f0000000100), 0x40, r0}, 0x38) 01:40:36 executing program 1: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x9, 0x101, 0x2, 0x6}, 0x48) bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, 0x0, r0, 0x0, 0x8}, 0x38) 01:40:36 executing program 1: perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c47, 0x48, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80, 0x4, @perf_bp={&(0x7f00000002c0), 0x1}, 0x20, 0x0, 0x0, 0x0, 0x4, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0) r0 = perf_event_open(&(0x7f0000000180)={0x0, 0x80, 0x2, 0x0, 0x0, 0x0, 0x0, 0x400000000000009, 0x42a1a, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0x4000000000001}, 0x40041, 0x3, 0xffffffff, 0x3, 0x100000010000008, 0xfff9, 0x0, 0x0, 0x3, 0x0, 0x5}, 0x0, 0x7, 0xffffffffffffffff, 0xa) mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000340)='./cgroup.net/syz1\x00', 0x1ff) openat$tun(0xffffffffffffff9c, &(0x7f0000000380), 0x41e842, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0) write$cgroup_int(r1, &(0x7f0000000740), 0x12) bpf$MAP_CREATE(0x0, &(0x7f0000000680)=@bloom_filter={0x1e, 0x40, 0x0, 0x6, 0x59d, r1, 0x3f, '\x00', 0x0, 0xffffffffffffffff, 0x2, 0x0, 0x5, 0x4}, 0x48) socketpair(0x1, 0x20000000000001, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0x8914, &(0x7f0000000040)='lo\x00\x96o\xd6Q\xb9Y\xa9\xc87,\x00\xd2\x97\x04\x03\xdc\r') r3 = syz_clone(0x40200000, &(0x7f0000000140)="f1c9b561540095156bd6f21de7b0ee304223312b19539057bada65717169d4dc3213f7b102f6e6790d408fe4ba78c0df0e5687f635db84062d1e8973c373cc8a14ed70d1e2cc936046361f239a17d6f809b7c1f23f3328cbaf2f8df5d65fff7b19b19f2838241d714ff8ecff942a4208a27f03bb12d747ed60c2b78187702da02c5f18d99a13a1e900"/152, 0x98, &(0x7f0000000200), &(0x7f0000000080), &(0x7f0000000480)="f7593cc53f65f6ce1170dbcba92edf6876681ae14d8d2f4c062bf2f86cc13f3e1a5dbc47b5f07684c0f3115f9870fc71dde7b03714eb4d7f5ba2958a0000f6700700f311335588d80629e2000000000000000000008976bbab9619f9ede7dae265ca56bbbea5d813077a78c91e5396ef057272788dd4c25d5503d35f2a16ce8d402793f8e29c098f5a7940bba9434114cf9212425f") perf_event_open(&(0x7f0000000180)={0x3, 0x80, 0xaf, 0x0, 0x9, 0xfd, 0x0, 0x5531, 0x10824, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x1, @perf_bp={&(0x7f0000000240), 0xa}, 0x802c, 0x1f, 0x3ff, 0x3, 0x4, 0x8, 0x0, 0x0, 0xfffffffd}, r3, 0xc, 0xffffffffffffffff, 0xa) close(r1) ioctl$TUNGETFILTER(r1, 0x801054db, &(0x7f00000000c0)=""/39) ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0x8923, &(0x7f0000000b40)='lo\x00\x96o8\x14d\xa1\xe3\xd7\\b}\x1f\xa1Y\xad4\x90\x9d`\xd2\x98\x00\x00\x00 \'Y\x17]\x15c\xcaR\xdd\x98OC\x89\xff\xe6\x84\xe2\x05\x80w\xd2|D\x8dK\x14Bx\xcbuH\xc2\xeec\xbf<>Y\x1a\xfc\x1f9OB\x81\x89\xb7l\xed}\xe5\x186\xc5q@n\xb4\xb6s\xb0\x00\x00\x00\x00\x0e\xa0\x00\x00\xda\xef\xecE\xec\xd5I\xb2\x9b\xfe\x8d\x90?\x00\xe9\xe4~g:\xc1\xb2ak\x96\xbb\xa7\xe2\xc0\xdc\xf9Q\b\xeb\x01\x00\x00\x00\xd3\r7\x8e\xabd\x0ftp\x82\xae\xd2\x15\x8e+c\xf6\xbf\xe14>\xa6-\xa5c\xde\xd7\xab\xea\x1f\xd5s2\x9cVF\xd5\x18\xfe\x0f\x8f \x01\x00\x00\xb1\x88\xebW_\xa5\xe1\xf6\x8aj\xca\xf8m\xab\xe8\x99\xebw#\x8at\x1c\x80\xfc\xb0\x95\xa2\xa7\xd7,Y]E8\x83X\xf5F\xdc\x88-\xf5\xb0\xb5^\xdb\x1a\xb6\xaa\x14\xe2\rh^J-\xd1\xbaUn\x04\'%\x1c\xb5\xbf\xb6\x90\xb4\xc2\x7f]/\xb3\xe7\xc9\'\x94\xcfIo\xdf\x04\x95\xb5\x06\x84\x1fH>\xda\xc5\x04 \x94\x88\xeb\'\xd4;6\x7f\xd9\x99-\x1b|G\x8d\xd4\xb9%\xaaQ\xa0K\x10\x1f\x9c,\x113\x7f\x03\x93\xe1\xcc\xe7f\r\xf3\xff0\f\x82%_\x92\x8b\xc4\xb9\xd9\xe7\xf2\xe4\xc1i\x03\x9d\xdd\x1bj\xdf\xacg\xe3\xa0S\xd3\x8a\xe1n\x97\xea\xf5\xa0\'\v\xe9\xa0\xf1 f\xaan\xcf\xb5i\xb6d\xbc\x92\v\xd58\x16\b\xb3_:\xa4!\ny\xc4&\nWMM\xa8\xc4\v\x9f\x01o\xf4\xab&\xb6\x17\x02P\xc3!N\xa1\x86\r\xd7\x04\xf1\xc0!\xed\xff\xee$\xc89\x8cB0\xd1\xa8\xd4\xe6K0\xe1\xa3TS\x18\xe6x\x1f%P\x9fU)\x83E\n\x90M\r.\x85gn_\xb2\xe9\x8a\x1c\xe3\x93\xd8\xbc\xb6N\xc3\xe1\xafh\xa0iF\xdcq\xf9\x17\xd9i\x844E\x1a\x13\x9a\xe6\xd3\xab:PM\xfbe\xfe9\xd9\x94\x1dx\xd6\x03b\xf7\x10N\xd1\x93\rU\x7fy\x18tE\xf1*\x9a0Z\x9f\xdc{\x13\xf6\xb7\xf7\xe6=\x9cD\x108\x8eS\xa0\xd0\xa7\tn\xd9\xae\xc0\x18~x[\x85Y\xb2\x82w\x150\x97\xba\xe6\xca\xb1\xa3\x02\x14^\xbdZ\xae\xf5/\xcf\xb8\xea8Uw\x92`\"2\x81j\xbb\x87+\x89\xc5 [ 2045.929801][T10004] dump_stack_lvl+0xd6/0x122 [ 2045.934410][T10004] dump_stack+0x11/0x12 [ 2045.938559][T10004] dump_header+0x98/0x410 [ 2045.942962][T10004] oom_kill_process+0xfe/0x550 [ 2045.947748][T10004] out_of_memory+0x620/0x880 [ 2045.952416][T10004] mem_cgroup_oom+0x475/0x4f0 [ 2045.957104][T10004] try_charge_memcg+0x746/0x960 [ 2045.962039][T10004] charge_memcg+0x63/0x2c0 [ 2045.966501][T10004] __mem_cgroup_charge+0x25/0xa0 [ 2045.971450][T10004] wp_page_copy+0x20f/0x1460 [ 2045.976125][T10004] do_wp_page+0x76f/0xe10 [ 2045.980459][T10004] handle_mm_fault+0x5fb/0xa90 [ 2045.985291][T10004] do_user_addr_fault+0x4cd/0x940 [ 2045.990326][T10004] exc_page_fault+0x60/0x160 [ 2045.994983][T10004] asm_exc_page_fault+0x22/0x30 [ 2045.999841][T10004] RIP: 0033:0x7fe837f7b0d1 [ 2046.004257][T10004] Code: 11 00 4c 29 e8 4b 8d 0c 2f 48 8b 6c 24 18 48 39 d3 48 89 4b 60 0f 95 c2 48 83 c8 01 0f b6 d2 48 c1 e2 02 4c 09 ea 48 83 ca 01 <49> 89 57 08 48 89 41 08 49 83 c7 10 eb b3 48 8d 3d ca de 09 00 e8 [ 2046.023879][T10004] RSP: 002b:00007ffd964f76a0 EFLAGS: 00010206 [ 2046.029944][T10004] RAX: 0000000000020801 RBX: 00007fe8380925e0 RCX: 00005555560a2800 [ 2046.037977][T10004] RDX: 0000000000000121 RSI: 0000000000000000 RDI: 0000000000000004 [ 2046.046021][T10004] RBP: 0000000000000110 R08: 0000000000000003 R09: 00007fe838092640 [ 2046.053991][T10004] R10: 0000000000020022 R11: 0000000000000120 R12: 0000000000000010 [ 2046.061962][T10004] R13: 0000000000000120 R14: 0000000000000012 R15: 00005555560a26e0 [ 2046.070036][T10004] [ 2046.073119][T10004] memory: usage 307200kB, limit 307200kB, failcnt 62725 [ 2046.080102][T10004] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2046.087030][T10004] Memory cgroup stats for /syz4: [ 2046.128823][T10004] anon 90112 [ 2046.128823][T10004] file 126976 [ 2046.128823][T10004] kernel 314318848 [ 2046.128823][T10004] kernel_stack 16384 [ 2046.128823][T10004] pagetables 73728 [ 2046.128823][T10004] percpu 11039616 [ 2046.128823][T10004] sock 0 [ 2046.128823][T10004] vmalloc 0 [ 2046.128823][T10004] shmem 126976 [ 2046.128823][T10004] file_mapped 126976 [ 2046.128823][T10004] file_dirty 0 [ 2046.128823][T10004] file_writeback 0 [ 2046.128823][T10004] swapcached 0 [ 2046.128823][T10004] inactive_anon 159744 [ 2046.128823][T10004] active_anon 57344 [ 2046.128823][T10004] inactive_file 0 [ 2046.128823][T10004] active_file 0 [ 2046.128823][T10004] unevictable 0 [ 2046.128823][T10004] slab_reclaimable 15840 [ 2046.128823][T10004] slab_unreclaimable 303131776 [ 2046.128823][T10004] slab 303147616 [ 2046.128823][T10004] workingset_refault_anon 0 [ 2046.128823][T10004] workingset_refault_file 15 [ 2046.128823][T10004] workingset_activate_anon 0 [ 2046.128823][T10004] workingset_activate_file 0 01:40:36 executing program 4: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x9, 0x101, 0x2, 0x6}, 0x48) bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f00000005c0)={r0, 0x0, 0x0}, 0x20) [ 2046.224711][T10004] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=10004,uid=0 [ 2046.240046][T10004] Memory cgroup out of memory: Killed process 10004 (syz-executor.4) total-vm:46312kB, anon-rss:388kB, file-rss:8192kB, shmem-rss:0kB, UID:0 pgtables:76kB oom_score_adj:1000 [ 2046.265012][T10011] device lo entered promiscuous mode [ 2046.292443][T10017] syz-executor.4 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=1, oom_score_adj=1000 [ 2046.295961][T10015] Y­4`Ò˜: renamed from lo [ 2046.302816][T10017] CPU: 0 PID: 10017 Comm: syz-executor.4 Not tainted 5.19.0-rc6-syzkaller-00104-g72a8e05d4f66-dirty #0 [ 2046.318253][T10017] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 2046.328292][T10017] Call Trace: [ 2046.332093][T10017] [ 2046.335003][T10017] dump_stack_lvl+0xd6/0x122 [ 2046.339655][T10017] dump_stack+0x11/0x12 [ 2046.343789][T10017] dump_header+0x98/0x410 [ 2046.348101][T10017] oom_kill_process+0xfe/0x550 [ 2046.352918][T10017] out_of_memory+0x620/0x880 [ 2046.357537][T10017] mem_cgroup_oom+0x475/0x4f0 [ 2046.362198][T10017] try_charge_memcg+0x746/0x960 [ 2046.367043][T10017] obj_cgroup_charge+0x171/0x2b0 [ 2046.372036][T10017] kmem_cache_alloc_node+0xa5/0x2c0 [ 2046.377246][T10017] ? dup_task_struct+0x5b/0x2a0 [ 2046.382085][T10017] ? delay_tsc+0xc1/0xe0 [ 2046.386325][T10017] dup_task_struct+0x5b/0x2a0 [ 2046.391075][T10017] copy_process+0x3cb/0x20b0 [ 2046.395721][T10017] kernel_clone+0x163/0x5c0 [ 2046.400352][T10017] __x64_sys_clone+0xc3/0xf0 [ 2046.404933][T10017] do_syscall_64+0x2b/0x70 [ 2046.409378][T10017] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 2046.415465][T10017] RIP: 0033:0x7fe837fad531 [ 2046.419868][T10017] Code: 48 85 ff 74 3d 48 85 f6 74 38 48 83 ee 10 48 89 4e 08 48 89 3e 48 89 d7 4c 89 c2 4d 89 c8 4c 8b 54 24 08 b8 38 00 00 00 0f 05 <48> 85 c0 7c 13 74 01 c3 31 ed 58 5f ff d0 48 89 c7 b8 3c 00 00 00 [ 2046.439476][T10017] RSP: 002b:00007ffd964f7748 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 2046.447892][T10017] RAX: ffffffffffffffda RBX: 00007fe837722700 RCX: 00007fe837fad531 [ 2046.455900][T10017] RDX: 00007fe8377229d0 RSI: 00007fe8377222f0 RDI: 00000000003d0f00 [ 2046.464086][T10017] RBP: 00007ffd964f7990 R08: 00007fe837722700 R09: 00007fe837722700 [ 2046.472040][T10017] R10: 00007fe8377229d0 R11: 0000000000000206 R12: 00007ffd964f77fe [ 2046.480211][T10017] R13: 00007ffd964f77ff R14: 00007fe837722300 R15: 0000000000022000 [ 2046.488234][T10017] [ 2046.491284][T10017] memory: usage 307200kB, limit 307200kB, failcnt 62758 [ 2046.498327][T10017] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2046.505256][T10017] Memory cgroup stats for /syz4: [ 2046.506600][T10017] anon 94208 [ 2046.506600][T10017] file 126976 [ 2046.506600][T10017] kernel 314327040 [ 2046.506600][T10017] kernel_stack 16384 [ 2046.506600][T10017] pagetables 73728 [ 2046.506600][T10017] percpu 11039616 [ 2046.506600][T10017] sock 0 [ 2046.506600][T10017] vmalloc 0 [ 2046.506600][T10017] shmem 126976 [ 2046.506600][T10017] file_mapped 126976 [ 2046.506600][T10017] file_dirty 0 [ 2046.506600][T10017] file_writeback 0 [ 2046.506600][T10017] swapcached 0 [ 2046.506600][T10017] inactive_anon 163840 [ 2046.506600][T10017] active_anon 57344 [ 2046.506600][T10017] inactive_file 0 [ 2046.506600][T10017] active_file 0 [ 2046.506600][T10017] unevictable 0 [ 2046.506600][T10017] slab_reclaimable 15840 [ 2046.506600][T10017] slab_unreclaimable 303132808 [ 2046.506600][T10017] slab 303148648 [ 2046.506600][T10017] workingset_refault_anon 0 [ 2046.506600][T10017] workingset_refault_file 15 [ 2046.506600][T10017] workingset_activate_anon 0 [ 2046.506600][T10017] workingset_activate_file 0 [ 2046.602582][T10017] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=10017,uid=0 [ 2046.617950][T10017] Memory cgroup out of memory: Killed process 10017 (syz-executor.4) total-vm:46312kB, anon-rss:388kB, file-rss:8192kB, shmem-rss:0kB, UID:0 pgtables:76kB oom_score_adj:1000 01:40:37 executing program 1: r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, &(0x7f0000000400)=ANY=[@ANYBLOB="bf16000000000000b70700000100f0ff5070000000000000200000000000c00095000000000000002ba728041598d6fbd30cb599e83d24a3aa81d36bb3010100bd2321afb56fa54f26fb0b71d0e6adfefcf1d8f7faf75e0f226bd99eea7960717142fa9ea4318123741c4a0e168c1886d0d4d94f2f4e345c652fbc16ee988e6e0dc8cedf3ce99fbfbf9b0a4def23d410f6296b32a834388107200759cda9036b4e369a9e152ddcc7b1b85f3c4744aeaccd3641110bec4e9027a0c8055bbfc3a96d2e8910c2c3b35967dec6e802f5ab3eea57b09a2ed4048d3b867ddd58211d6ececb0cd2b6d357b85a0218ce740068725837079e468ee207d2f73902fbcfcf49822775985bf31b715f5888b24efa000000000000ffffffdf0000000000000000000000000000020000000000000000000000000000b27cf3d1848a54d7132be1ffb0adf9736bdeab29ea3323aa9fdfb52faf449c3bfd09000000b91ab219efdebb7b3de8f67581cf796a1d4223b9ff7ffcad3f6c962b9f292324b7ab7f7da31cf41ab12012fb1e0a494034127de7c6592df1a6c64d8f20a67745409e011f1264d43e153b3d34899f40159e800ea2474b544035a30b23bcee46762c2093bcc9eae5ee3e980026c96f80ee1a74e04bde740750fa4d9aaa705989b8e673e3296e52d337c56abf112874ec309baed0495f06d058a75fa4c81e5c9f42d9383e41d277b10392a96286744f839c3f128f8f92ef992239eafce5c1b3f97a297c9e49a0c3300ef7b7fb5f09e0c8a868a353409e34d3e82279637598f37ad380a447483cac394c7bbdcd0e3b1c39b2e00916de48a4e70f03cc4146a77af02c1d4cef5379da860aed8477dfa8ceefb405005c6977c78cdbf37704ec73755539280b064bda144910fe050038ec9e47de89298b7bf4d769ccc18eede00e8ca5457870eb30d211e23ccc8e06cd58b61799257ab55ff413c86ba9affb12ec757c7234c270246c87a901160e6c07bf6cf8809c3a0d46ff7f000000000000ad1e1f493354b2822b9837421134c0167d78e6c24ed0a2768e825972ea3b774a1467c89fa0f82e8440105051e5510a33dcda5e143fbfff161c12ca389cbe4c51b3fa00055cc1b66c5fd9c26a54d43fa050645bd6109b113b67664e08add7115c61afcb718cf3c4680b2f6c7a84a4e378a9b15bc20f49e298727340e97cdefb40e56e9cfad973347d0de7ba4754ff231a1b033d8f841ba3442b2c7c503f3d0e7ab0e958adb862822e40009995ae166deb9856291a43a6f7eb2e32cefbf46306f2ef79e184f5e93ba5c8c2a4c0443fb652b8d4c2ff030000000000000007b82e6044f643068cd47ae636a5dbe9864a517d27326850a7c3b570863f532c218b10af13d7be94987005088a83880ccab9c99220002af8c5e13d52c83ac3fa7c3a3ee6c08384865b66d2b4dcb5dd9cba16b64ebbbf8702ae12c77e6e34991a225c120a3c950942fe0bc9f2a1a7506d35e5b439edeb7088aeda890cf8a4a6f31ba6d9b8cb098f935bdcbb29fd0f1a342c9eed00000000ab6648a9dea0b6c91996d65da6c24a702a86c814459f3cdaaf99020000000000000000bf2130d1b32c826563c518d0ad23bc83ba3f3757210a057e177615c068bd7d74233da1a3b56d4e04a7ec4792b1c4cffddbbdcfdd13ab52f5aaab812201d1aba3d70471fcd9b466569f3ef72f39d87fcccab514fc02b70be8629c9b73ce7bc4be7f8be71cb7b2d0a4ac58ddcc0f2b14214db0ff8f6abe7dbad64dfa63966945d93c33b038ce0d890f85f8a6ab8487c383e24d4a8051f80e1811e387723a25dda119f64b35e71c5400000000000000000000000000000034c751ebdf3f20a95b817ea3df3d6c0002a41783058e56c70afe8016b3dd9dc7785b36e609f173cc6b893ecd138289709839747837ffa6283b3452c57a5d44cacd363589845637071320921d22c1663964eddec902fc7cc33158bc306d8c3bdae8108a23d2dc96a5cdb518f58832ec0906aaec43659c79c8ad37b0f961f3beaa3e02f7762c5dd633d13b5e487e996597b2ab42c81eb7dd8390e13b395aacce4683e55bcfe8c17615257364365fd48bd77da79e52ce9edfe6dca9c42c4d719347f39ef006c2df747e27a2d1fa000008ffffffffffffff003049ca923d059c0ab5d886a491adacb7e4b43b1b57776e5fe25cf105fa57f000756755b7230e2c0c1fed5487271c4f2981cf8f4351ef5d08641dacaed0000800"/1608], &(0x7f0000000140)='GPL\x00'}, 0x48) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000380)={r0, 0x0, 0xe, 0x0, &(0x7f00000000c0)="24c2afc3a2e0527bea33d6541650", 0x0, 0xf0ffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48) 01:40:37 executing program 4: close(0xffffffffffffffff) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0) perf_event_open(&(0x7f00000004c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x9}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000400)={0x0, 0x80, 0x68, 0x3, 0x1, 0x3, 0x0, 0x2, 0x490ce, 0xa, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x2, 0x4, @perf_bp={&(0x7f0000000300)}, 0x41, 0x80, 0x4, 0x8, 0x4, 0x9, 0x5, 0x0, 0x2300, 0x0, 0x400}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f00000009c0)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065040400010010000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b7000000000008009500f10100000000487591731cba12c07d57d995b61e89a4530f92344f242b416ae9eeefc0e9c60ebab1c176bfdbb4dde984510c82dc2bd18189a7ca02f732e4c2eab72bf40c0682fd0a0c4ac106b29e220dc28dac72039456d4c4e6f3fe684ab8373bb4df9d72876ef3834293812e927c01a6da1322da44c7f2ed1084a12f56d1cb39df9858037458a4ca0376ed42f7dd5adb8e49f4a94608c9a20819e02fc22e6be45574d4ed88b37ab8d7674c644dca2f1b4d745fd95c41f9df0004afd1e5a3e7f2e898961cb43e438c2da3c28714dca4b04e41ae43ea118e14ffffffff14e7f574adde1a76b051c72be4b8a80366ce5401ec61921a1b529cc8b99bffff950c006c67767b03b95151aeb89e6d4a433eb215ba22f4e14336fc9dc7beedb130d9f2be90133a4500000058b8c9370634060105baa664953505605fba3973aa021945b985a8a66e0200ce8f00c219cb608acc4d305b37cb8d7f41aacfbd4089ea1bd22440f63db15d792e604a4f279b3bd6841bdf2c17bc0400001000000000ff8d01026200607a9a76e5d9656a7154c75773902a1bdf399df3925130312d095e9c1f973d091c198c1a11edb6b3cc425fe203d2f2655a76865c2ce2470fcfb1ce30c00e14a8198cd7248cc0ed5431a7fbcb0ef4f66a09af93a09fab1daae4b518d7a5d95a017864487367d6d7ee7bb0749cacf56cf27409c60fca2e0004000000000000a9cb6f4a78444986f9b1ab61f9dab530388eb1f43d4abbfc59d6d1b18fe380df4bf024f120bd715d82033f2fb7d8fc9a0d77b294e097e293db7f042c0024ab2fd8e5e7fb178f047ba32548b4d32972cba6f49051cec1bf6f16231bbb90a2d201a5a47811a2278a03bf7700b06fa191ebd3a0c2ef0058ffebd7cc4cf80f74a7cdac01d998c24f34a5ba9a4a2039d0416e3f81074100000000c7d8e94a27a06a4e3d9aaae835fd63384f69ce34640571e5bbb3e6d2b5eba505000000968983811f832d064048c0e0bbe46984f1f0d0504255c2080000f895aa5c2b0dcb25d7a656a93d0a7e6f08f9ffffff64875fea6ff57ba6ae25c5e8ca4f78d4a0130c243b08f1caa46be5244864184221e5f8e875857f083144c642f71cdc8e5634c1360c056430f677ee7ed7ac1f9743786b2fb8e0fcfcc3d36c93230b7b059bc295aa0e38ff07edc3c92b96e73d2060ac6fd0fd8145e4a5851bc4d6fdc5ad939d7795f3879baa88bd194d48e50c84892c97c80003000000a71835bdf8b846e31ce0b8ee953de70ea860f1ecf607a8dc38e525f415a1bd46b38845ebca04061bacbf627f9d1ffe599678fee48f83b5989543729e3600000000bc86cd51704f309130f534741377ea7b7bea3c46c0c4c4b7c27c5d057d95ac85a41cdcee8e6fa31f7d2137ed1fb4b21c13b9a2c5e3f7c9ef9c45885adbf0b9312be929863f000000000000004a82bc080de1f87808d0711dd76f2977ca7f2684bfa5c14a0cd6f1f561e3b0cfb284fcfde9015769b9eeac8ff10e934847604d930f62920562ce17fedadf5053ed8f33092a41bb46e1878c5295fecc27f9c6d1f62da58c000200000000000100000005e74591d5cdab1c268ef3c1984c7c0a566cfc2a080000009ec206a54fb49056a555414178ef00d8b8f3c59f01eb5d83415994efcc6ec4b3c275cd6b1b5ff82ef7d7abe7a1d0afa285706841aac9ccc89df41c39dd58dd70569fde45f8ad62edc65828fbb6e279f745d2872f0208635e465ca443a6a64c7803760880af23fb1f430a5d11fffc96dd1c2551642f1433f65b4e170a62a56bb7d0f9d5cef0d19389c43d4a4cc23e1c860900c2307500007e560fcc49062729e6a4de8b554d8f631e34c428bfe05b711f6e9abce622926614c8045dc670a31241bf657babf0615b85dc200a10294b7d5885b43ac62fc7f97a85586168483427072a535f2c7481ec261c00f725de74e48d9a86f7d4a5d28da3f099ca3e6472b9d7c86d961f525f799b4517141fc98af0673b8296f867eca1ec07be11bc497a6f7d2b752bcf77c2908b646300000000261bc2bc580a7474534b8dfc0432ab6bbc2486a03e69870cbfa7c3d3301fe227b713a371414c98695e559f9cbf6b046184064a5f24a4cc6f41f21fc24a3ad7d20a89e00a9dc99a40f890869d35fba3ce6f29c6610600ba21c65badf55d1859ea7e05c5711390bb2addd4581f9e7ef3e2693b46a8fc85be061ce79aa2832c04dc04db8b6536123b24be2ef80eb06b2db900fb30596c1574bda31f81d61ccfd58080d2330b9c7b87b5d17d48c32daffead3414b916626117c5cc91d5655e5eeb03e250eeedc7d65675bca9037426f643797be3e93da96b5643d3feed0b7c885d247c6b830d7cbf3152f27522f5142dcc84a9e48a07518f0142167abf5d6685d09945cbc778bcc3e7dcfac497bc1389a3a34ab9e5746a1353322960964183842601e5365b58060d417b01e6d80091a0d14ecb6ad9168040388c7640bfa2f886c259718543de7eebf4da8d1c3e76daace5217761d933d064b79609fcf5971aa1e77c3123910e72daaadd8878ad468eabafda2d521454ea9e8fcd3b53adfd6f00003a71345b841d04a02bf44195df032c59608a555bc44873272812e0fb874618a079f503379acff9825d582932a340c2b56b4cf44990f60000000000000000000000000000da0ca67905e877893646d185a75582f866785af6b0149e336c31fb177e3e2862ee1a07bc55df44d8d63f52fc5246b050f883247a0cd13c58cba50878620fa493937386ad2e2a0d60eb815aa05c33e22c32276dab36d14c63af66a31409ab2a403ec3c7a4e008d745efa2835a8c932f22aa6da40af9bcdf808b916bc8deb37d5b8c422b65c42d17e61751c561ce775a31b594cfbb7d2b3791b0300931610000000000000000000800000000000057e3bb75d0c9caecdd87b4d177b59f3807aa5fe4556fd97e90b31556262d1553d5721d2e089975877b808addae6f3550bcf8ac824a23854a6dc1706e22b717965a5434b736f72ab3f5af67db4fa1e8fab03f8084c461dd96299a36a79f1b40f36e5f115bc9c6821c4292e112664dba8e4a6a26614edbd1c49d4ae08c1fa43d7b03d1a3521d39968dbd298845060036f1d717fa394e4630e296937a2c37798cf83de74a0589003b4e1ba4f5173c080000000000000000000000a2671447b423b3963e4ebc75f17d4e654e29a5c189974c41a2721b86a754dcab9b311d1d0a2985675dd9e893edbde6105c8a556671d7ef8d2e20179a6f87b7172f7068b75b3287910000000408d72e3e3c54bdda389c4be1ad5073749c37a3ff61fd9e059e25d4d2002fa33cd5e2d1a69a2389b5c0b679ab9965ccebf2987f98ca9403e5b8fd45d3445b6329b5305625fbe1c0d68c57c2726fab5f0728dba6e1e0079ef2857662982bca4179c0e65aebd912c57fb3cb22cc0b50153dda5f2c67640396aff424d676047e2b5113714e20f14e7e24bd8d1686b5155bacb4de49168cd396838d5f02bb9ddd046d7f61bd7e6dea2e430a6c492778fe84390a6f16ef82135e70be04005c5cd3a99059a7b3ccd33b350305d134552d2ca379dac0d5d542027686a620458f9220a8d23adfa0dc7d03dc996b66ff96039109b504563132e0fd985b49741fc2eef5580c0432b58edb3486abca78b77236c9a442359601580000000049f557ed634597ae7c821d8c4b9f959aecc4a0e316e35176441ed2a4943640349f34f7bcba5fff1f6d918795dc44c124517fc9045b276c66b7e456bd7842902e55cf787b34f8131b261c83c20ead80324054458c272a09dae5e74c0794dfa36ed5c1b69684552e096e3ee77f3fed314fcb3101a3b0de8d07ecd9ebd8ccbf823548caf4d75e03058a2ecfd49ec86dbc1d2e2cf70918e9104d61219ad9eb940070c1ab7f8acd5c5c162efa20494628d081077b0555cd65bbd87da70000000000000000000000b1fcf34ed74ce256b12c4097200049ea1b007d4c2cfb545c4b1f0d38d4fdc99a37f92e0967297a6861a4511ea6601ba508144a836b445d34d36b63d821b94b1514fa8924bedae1c9773f43375945be99787417758ab15ba1533a58a9e6cccbe371c26a41699de1633059739b3a2b452d1c3b5e93a053d9bbce1b01243b846537fbeda9e5b9e5627df4252e030407961e9d8e62f9a10ccec5f100000000000000000000000000000000e58f8bde3a6ebd236dc8cdd2517e6fac778393328fd478265af3f3c91ff90f786fcf83917774648b4abb2ef9f2eaa8a53165bde445c19406ea3cba2d82e4db0b48af4fd095cdbc1348bf3b65f5055f9a02521a9b52a785b5918ce13f9a3ff1335c4ab9bac0ac9ab00e364a6ff4a5fc8aeda742a3115235c0ae3332a5fd736ac9ae174616a16a6e6ddf94936450510d5b4c83f41a909608b6ad05fbb81db37adfb8dbdaf363aef2be2165d3acd016f5cfe6833a1875fbc48f7e42f00038da295de727ab12df3d67c560bfd73c59e7a97993763f1cc28c7a2d73038cecea93c28a0ac2fd71afc82616c0be9cd3ec4b0f65a5617c6c6c5e813d556de2a15229e90f0aa0eebc35bdb50d2d80e3e74647555b78ce51da13d439b106ec1bd818d6459bbc3c049066e7935b9658df985f5304fac8940a14837d179710195d2a5a710418704498f2b7e1552af712306d938f5443fa0450848282b11753bbae7794bba7ce64e92b2d11619653e6984a014d3035e4ae38e316d4df55df6036f5c3a2c18e15367650f7a9661ee28764479542ef1a7b7ad7f0e5842bb8e7e4722f87cf4cf498469da0400eab9aa5f0da3662efb96c3a5b787f62b0f6476c853f92128c136684ae8ebef1d6f6ca5ebe39f5a6ac38e3f9f55e251fdd81cf737d14fe00359a0126994317c039d1a80000"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x222}, 0x48) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r1, 0x18000000000002a0, 0x1f, 0x0, &(0x7f0000000980)="b0ff07c66b1d698cb89e07e007ca1f74ffff100e7200636777fbac141436ee", 0x0, 0x2e, 0xe8034000, 0x0, 0x0, 0x0, 0x0}, 0x48) openat$cgroup_int(0xffffffffffffffff, &(0x7f00000000c0)='memory.max\x00', 0x2, 0x0) r2 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000280), 0x4) r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000140)=@base={0x7, 0x4, 0x10, 0x5}, 0x48) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x1, 0x5, &(0x7f0000000000)=@framed={{}, [@map_fd={0x18, 0x0, 0x2, 0x0, r3}]}, &(0x7f0000000040)='GPL\x00', 0x7, 0xf5, &(0x7f00000001c0)=""/245, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80) r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000140)=@base={0x7, 0x4, 0x10, 0x5}, 0x48) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x1, 0x5, &(0x7f0000000000)=@framed={{}, [@map_fd={0x18, 0x0, 0x2, 0x0, r4}]}, &(0x7f0000000040)='GPL\x00', 0x7, 0xf5, &(0x7f00000001c0)=""/245, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80) r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000140)=@base={0x7, 0x4, 0x10, 0x5}, 0x48) r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x1, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000018200000", @ANYRES32=r5, @ANYBLOB="000000dbd63e9fe6334e710000000000"], &(0x7f0000000040)='GPL\x00', 0x7, 0xf5, &(0x7f00000001c0)=""/245, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80) bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000380)=@bpf_ext={0x1c, 0x8, &(0x7f0000000040)=@framed={{0x18, 0x0, 0x0, 0x0, 0xfff, 0x0, 0x0, 0x0, 0x3}, [@generic={0x4e, 0x3, 0x2, 0x40, 0x5}, @map_idx_val={0x18, 0x7, 0x6, 0x0, 0x1, 0x0, 0x0, 0x0, 0x9ea}, @func={0x85, 0x0, 0x1, 0x0, 0x3}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x5}]}, &(0x7f0000000100)='syzkaller\x00', 0x1f, 0x0, &(0x7f0000000140), 0x41000, 0x8, '\x00', 0x0, 0x0, r0, 0x8, &(0x7f0000000180)={0x2, 0x5}, 0x8, 0x10, &(0x7f00000001c0)={0x1, 0x10, 0x6, 0x1}, 0x10, 0x307c3, r2, 0x0, &(0x7f00000002c0)=[r0, r3, r0, r0, r4, r5]}, 0x80) bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x0, 0x2, &(0x7f0000000140)=@raw=[@btf_id], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80) bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0xc, 0xc, &(0x7f0000000580)=@framed={{0x18, 0x0, 0x0, 0x0, 0xffff7fff, 0x0, 0x0, 0x0, 0x5}, [@jmp={0x5, 0x0, 0x8, 0x7, 0x2, 0x10, 0xfffffffffffffffc}, @map_val={0x18, 0xa, 0x2, 0x0, r5, 0x0, 0x0, 0x0, 0x800}, @map_fd={0x18, 0x6}, @generic={0x5, 0x0, 0x0, 0x1ff, 0x1}, @map_val={0x18, 0x1, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0xffffffc1}, @generic={0x7, 0x0, 0x3, 0x3, 0x20000}]}, &(0x7f0000000600)='syzkaller\x00', 0xffffffff, 0xe9, &(0x7f0000000640)=""/233, 0x41100, 0x22, '\x00', 0x0, 0xcc2ace0ce83ef6e5, r0, 0x8, &(0x7f0000000740)={0x1, 0x3}, 0x8, 0x10, &(0x7f0000000780)={0x4, 0xa, 0x10001, 0x3f}, 0x10, 0x0, r6}, 0x80) bpf$BPF_PROG_GET_FD_BY_ID(0xd, 0x0, 0x0) 01:40:37 executing program 2: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000240)=0x1) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4000000010001fff000000000000000c00000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00ed"], 0x40}}, 0x0) 01:40:37 executing program 0: getpid() socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, 0x0, 0x0, 0x2, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4000000010001fff0000c6050000000000000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00edd62ea20a1d331785", @ANYBLOB="f6058f6edd13b339a41741df7cc8ce16a184f1c3ce95557b15a6b9d8ed59050d446d58b1b14a601e31bc1f05ac2d5eab491981e7982e0834ddf3bc6592804936196dbce83b114f9265aa8c87654cf456311e4cba3ee22fd0451b75c902767755ccec2eb4ea77c45e8d4d4e77f867648d98797fdd8711d671c5f22669c60eb10bf9570150a2c247bf1e55cd1fb91e41588a73327e20823f2f15ce2255a75e6d8afb40aa37c5ae7af3fb6c770673242110d1e2c33cfd3264e2a156ae5ee38d5abfb2ad4c2a8a"], 0x40}}, 0x0) [ 2046.751157][T10027] syz-executor.4 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 2046.761424][T10027] CPU: 0 PID: 10027 Comm: syz-executor.4 Not tainted 5.19.0-rc6-syzkaller-00104-g72a8e05d4f66-dirty #0 [ 2046.772524][T10027] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 2046.782591][T10027] Call Trace: [ 2046.785873][T10027] [ 2046.788811][T10027] dump_stack_lvl+0xd6/0x122 [ 2046.793522][T10027] dump_stack+0x11/0x12 [ 2046.797682][T10027] dump_header+0x98/0x410 [ 2046.802031][T10027] oom_kill_process+0xfe/0x550 [ 2046.806911][T10027] out_of_memory+0x620/0x880 [ 2046.811508][T10027] mem_cgroup_oom+0x475/0x4f0 [ 2046.816193][T10027] try_charge_memcg+0x746/0x960 [ 2046.821124][T10027] charge_memcg+0x63/0x2c0 [ 2046.825673][T10027] __mem_cgroup_charge+0x25/0xa0 [ 2046.830611][T10027] wp_page_copy+0x20f/0x1460 [ 2046.835209][T10027] do_wp_page+0x76f/0xe10 [ 2046.839544][T10027] handle_mm_fault+0x5fb/0xa90 [ 2046.844388][T10027] do_user_addr_fault+0x4cd/0x940 [ 2046.849424][T10027] exc_page_fault+0x60/0x160 [ 2046.854035][T10027] asm_exc_page_fault+0x22/0x30 [ 2046.858986][T10027] RIP: 0033:0x7fe837f52edc [ 2046.863407][T10027] Code: 2a 59 ff ff 41 39 5c 24 2c 7f d3 31 c0 48 8d 3d c5 20 0b 00 e8 15 59 ff ff 48 8b 44 24 08 c7 44 24 1c ff ff ff ff 44 8b 60 78 80 c8 00 00 00 00 45 85 e4 0f 8e 83 00 00 00 48 8b 44 24 08 8b [ 2046.883047][T10027] RSP: 002b:00007fe837722190 EFLAGS: 00010202 [ 2046.889119][T10027] RAX: 00007fe8380bef60 RBX: 0000000000000001 RCX: 00007fe8380331a2 [ 2046.897158][T10027] RDX: 00000000001e2fc1 RSI: ffffffffffffffff RDI: 00007fe838004f8b [ 2046.905377][T10027] RBP: 00007fe83800605d R08: 00007ffd96573080 R09: 0000000000000010 [ 2046.913431][T10027] R10: 00007ffd965730b8 R11: 000000000005c6a6 R12: 0000000000000000 [ 2046.921408][T10027] R13: 00007ffd964f77ff R14: 00007fe837722300 R15: 0000000000022000 [ 2046.929426][T10027] [ 2046.932569][T10027] memory: usage 307200kB, limit 307200kB, failcnt 62798 [ 2046.939641][T10027] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2046.946513][T10027] Memory cgroup stats for /syz4: [ 2047.274930][T10027] anon 98304 [ 2047.274930][T10027] file 126976 [ 2047.274930][T10027] kernel 314335232 [ 2047.274930][T10027] kernel_stack 32768 [ 2047.274930][T10027] pagetables 69632 [ 2047.274930][T10027] percpu 11039616 [ 2047.274930][T10027] sock 0 [ 2047.274930][T10027] vmalloc 0 [ 2047.274930][T10027] shmem 126976 [ 2047.274930][T10027] file_mapped 126976 [ 2047.274930][T10027] file_dirty 0 [ 2047.274930][T10027] file_writeback 0 [ 2047.274930][T10027] swapcached 0 [ 2047.274930][T10027] inactive_anon 163840 [ 2047.274930][T10027] active_anon 57344 [ 2047.274930][T10027] inactive_file 0 [ 2047.274930][T10027] active_file 0 [ 2047.274930][T10027] unevictable 0 [ 2047.274930][T10027] slab_reclaimable 15840 [ 2047.274930][T10027] slab_unreclaimable 303135720 [ 2047.274930][T10027] slab 303151560 [ 2047.274930][T10027] workingset_refault_anon 0 [ 2047.274930][T10027] workingset_refault_file 15 [ 2047.274930][T10027] workingset_activate_anon 0 [ 2047.274930][T10027] workingset_activate_file 0 [ 2047.370839][T10027] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=10021,uid=0 [ 2047.386289][T10027] Memory cgroup out of memory: Killed process 10021 (syz-executor.4) total-vm:46312kB, anon-rss:388kB, file-rss:8192kB, shmem-rss:0kB, UID:0 pgtables:72kB oom_score_adj:1000 01:40:38 executing program 3: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000240)=0x1) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4000000010001fff000000000000004000000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00ed"], 0x40}}, 0x0) 01:40:38 executing program 4: socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000019c0)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg(r0, &(0x7f0000003500)={&(0x7f0000001a00)=@ax25={{0x3, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x3}}, [@null, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @bcast, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @null]}, 0x80, 0x0}, 0x0) 01:40:38 executing program 0: getpid() socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, 0x0, 0x0, 0x2, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4000000010001fff0000c7050000000000000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00edd62ea20a1d331785", @ANYBLOB="f6058f6edd13b339a41741df7cc8ce16a184f1c3ce95557b15a6b9d8ed59050d446d58b1b14a601e31bc1f05ac2d5eab491981e7982e0834ddf3bc6592804936196dbce83b114f9265aa8c87654cf456311e4cba3ee22fd0451b75c902767755ccec2eb4ea77c45e8d4d4e77f867648d98797fdd8711d671c5f22669c60eb10bf9570150a2c247bf1e55cd1fb91e41588a73327e20823f2f15ce2255a75e6d8afb40aa37c5ae7af3fb6c770673242110d1e2c33cfd3264e2a156ae5ee38d5abfb2ad4c2a8a"], 0x40}}, 0x0) 01:40:38 executing program 2: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000240)=0x1) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4000000010001fff000000000000000d00000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00ed"], 0x40}}, 0x0) 01:40:38 executing program 5: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000040)={0x0, 0xffffffffffffffff, 0x0, 0x1ab, &(0x7f00000003c0)='bdev!)-%+wlan\x00posi\x19Mx_dxl_accesszQ\tU\x97\x12=J\xd5\x8b;YE\xec\x8c;\xf7\xcc\xa7\x8b6\n\xbe\x01\x01\xae\xb6\f4\x87\xd9j\xd8\x0e\xc2\x10\xb1\x7f\x95\x01fE\xaea\x10\x8f\xac\xa9+V\x863Hhk{2\x00\x14I\xf7\xd6\xcd)\x05\x87q6\xed~\xd0\xb2\xf8\x8d\xaa\b\xe4\"\x1c\xbf\x8f_[\x17@\xe5\xec\x10\a\xb95w\x8by}/\x8cw\xe6\x99\xfe \x84]8\x940U\xb3E;\xff\xa1!\x9a\x87\x88\x02\xbf\xab\x97B\xd9\x06\xf2\n\xf7\x1f\xd8v\x7fD\xf2\x87\xf7}V\x89}\xf0\xb7\x8d\x85\xf6\x9b\xcc\xd3Lh.\r\xd3J\"\x1f\xdeW;F.\xdf$\xee\x18\x0e5\xa1\xfcN\x88`\xbbj,q[\x90/\x9b\xf0\xccr\xc1\xa8\x85E\x85p+\xd1\xbe\x10\rgx\xb8\x93k\x8c\x1dTi\xafq\xde\x06/ \x93O.\xe5<0\xfa\b\x82\xe4c&\x99\xd6psf\xa8\xacjh9\x8bk\x8f\n$\xf2\x06#\xc8\xd2\x00\x00w\x03,\xbb\xed\xf1o\xd8\x19\xd2\x1d\xbb\xd3\x18E\x0e&\x83\xdfWL?P$\xb4a\f\x154\xdd\xacx\x91<\x97\x13\xab\xe2\xdd\n\x13\x19\xb9U\n\xb5\xb6\xffBQ\x80\xe6\xe6\xaf\xc8\x15_>\xe6\xfc\xb9R\x06\xcd/\x87\x11\xf1\xb9\xbe&,c\xfd3\xc4\xeaP\x9b\xdf5\xcc\xa4RDx\xad\xc0\x8f|\xe3u\xbe\x1e\xd5\xa6\xcc\xb8\x86\x8b0\'\xcc\x01\x9bQ/\xf9\xa7vfa\xdf!\x1axt\xd1\r\xd9&MC\xcc,2\xce\xd2kCJ\x10\x88\xc5#\x92\xa32)2\xd3\xa02q\xdb\xe4\xe3\x97\x9d\xbc\xc9\xf8G'}, 0x30) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18000000000000000000000020306800850000000700000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80) write$cgroup_subtree(0xffffffffffffffff, 0x0, 0x1f) perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x77fc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x5}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000600)={0x3, 0x80, 0x40, 0x4, 0x5, 0x0, 0x0, 0x0, 0x41090, 0x4, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x4, @perf_bp={&(0x7f0000000280)}, 0x12, 0x400, 0x6, 0x8, 0x0, 0x7, 0x0, 0x0, 0x3}, 0xffffffffffffffff, 0x0, r0, 0x1) write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000300)={[{0x2b, 'cpuacct'}, {0x2d, 'cpuacct'}, {0x2b, 'blkio'}, {0x2d, 'cpuacct'}, {0x2d, 'pids'}, {0x2b, 'rdma'}, {0x2b, 'freezer'}, {0x2d, 'hugetlb'}]}, 0x40) openat$cgroup_type(0xffffffffffffffff, &(0x7f0000000000), 0x2, 0x0) openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x26e1, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000380)='ext4_ext_show_extent\x00', r1}, 0x10) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000140)={0x0, 0xffffffffffffffff, 0x0, 0x1ab, &(0x7f0000000780)='bdev!)-%+wlan\x00posi\x19Mx_dxl_accesszQ\tU\x97\x12=J\xd5\x8b;YE\xec\x8c;\xf7\xcc\xa7\x8b6\n\xbe\x01\x01\xae\xb6\f4\x87\xd9j\xd8\x0e\xc2\x10\xb1\x7f\x95\x01fE\xaea\x10\x8f\xac\xa9+V\x863Hhk{2\x00\x14I\xf7\xd6\xcd)\x05\x87q6\xed~\xd0\xb2\xf8\x8d\xaa\b\xe4\"\x1c\xbf\x8f_[\x17@\xe5\xec\x10\a\xb95w\x8by}/\x8cw\xe6\x99\xfe \x84]8\x940U\xb3E;\xff\xa1!\x9a\x87\x88\x02\xbf\xab\x97B\xd9\x06\xf2\n\xf7\x1f\xd8v\x7fD\xf2\x87\xf7}V\x89}\xf0\xb7\x8d\x85\xf6\x9b\xcc\xd3Lh.\r\xd3J\"\x1f\xdeW;F.\xdf$\xee\x18\x0e5\xa1\xfcN\x88`\xbbj,q[\x90/\x9b\xf0\xccr\xc1\xa8\x85E\x85p+\xd1\xbe\x10\rgx\xb8\x93k\x8c\x1dTi\xafq\xde\x06/ \x93O.\xe5<0\xfa\b\x82\xe4c&\x99\xd6psf\xa8\xacjh9\x8bk\x8f\n$\xf2\x06#\xc8\xd2\x00\x00w\x03,\xbb\xed\xf1o\xd8\x19\xd2\x1d\xbb\xd3\x18E\x0e&\x83\xdfWL?P$\xb4a\f\x154\xdd\xacx\x91<\x97\x13\xab\xe2\xdd\n\x13\x19\xb9U\n\xb5\xb6\xffBQ\x80\xe6\xe6\xaf\xc8\x15_>\xe6\xfc\xb9R\x06\xcd/\x87\x11\xf1\xb9\xbe&,c\xfd3\xc4\xeaP\x9b\xdf5\xcc\xa4RDx\xad\xc0\x8f|\xe3u\xbe\x1e\xd5\xa6\xcc\xb8\x86\x8b0\'\xcc\x01\x9bQ/\xf9\xa7vfa\xdf!\x1axt\xd1\r\xd9&MC\xcc,2\xce\xd2kCJ\x10\x88\xc5#\x92\xa32)2\xd3\xa02q\xdb\xe4\xe3\x97\x9d\xbc\xc9\xf8G'}, 0x30) ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x4030582a, &(0x7f0000000040)) 01:40:38 executing program 1: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x9, 0x101, 0x2, 0x6}, 0x48) bpf$MAP_LOOKUP_BATCH(0x19, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, 0x0, r0}, 0x38) 01:40:38 executing program 1: close(0xffffffffffffffff) perf_event_open(&(0x7f00000004c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x9}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000400)={0x0, 0x80, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x2, 0x4, @perf_bp={&(0x7f0000000300)}, 0x0, 0x80, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f00000009c0)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065040400010010000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b7000000000008009500f10100000000487591731cba12c07d57d995b61e89a4530f92344f242b416ae9eeefc0e9c60ebab1c176bfdbb4dde984510c82dc2bd18189a7ca02f732e4c2eab72bf40c0682fd0a0c4ac106b29e220dc28dac72039456d4c4e6f3fe684ab8373bb4df9d72876ef3834293812e927c01a6da1322da44c7f2ed1084a12f56d1cb39df9858037458a4ca0376ed42f7dd5adb8e49f4a94608c9a20819e02fc22e6be45574d4ed88b37ab8d7674c644dca2f1b4d745fd95c41f9df0004afd1e5a3e7f2e898961cb43e438c2da3c28714dca4b04e41ae43ea118e14ffffffff14e7f574adde1a76b051c72be4b8a80366ce5401ec61921a1b529cc8b99bffff950c006c67767b03b95151aeb89e6d4a433eb215ba22f4e14336fc9dc7beedb130d9f2be90133a4500000058b8c9370634060105baa664953505605fba3973aa021945b985a8a66e0200ce8f00c219cb608acc4d305b37cb8d7f41aacfbd4089ea1bd22440f63db15d792e604a4f279b3bd6841bdf2c17bc0400001000000000ff8d01026200607a9a76e5d9656a7154c75773902a1bdf399df3925130312d095e9c1f973d091c198c1a11edb6b3cc425fe203d2f2655a76865c2ce2470fcfb1ce30c00e14a8198cd7248cc0ed5431a7fbcb0ef4f66a09af93a09fab1daae4b518d7a5d95a017864487367d6d7ee7bb0749cacf56cf27409c60fca2e0004000000000000a9cb6f4a78444986f9b1ab61f9dab530388eb1f43d4abbfc59d6d1b18fe380df4bf024f120bd715d82033f2fb7d8fc9a0d77b294e097e293db7f042c0024ab2fd8e5e7fb178f047ba32548b4d32972cba6f49051cec1bf6f16231bbb90a2d201a5a47811a2278a03bf7700b06fa191ebd3a0c2ef0058ffebd7cc4cf80f74a7cdac01d998c24f34a5ba9a4a2039d0416e3f81074100000000c7d8e94a27a06a4e3d9aaae835fd63384f69ce34640571e5bbb3e6d2b5eba505000000968983811f832d064048c0e0bbe46984f1f0d0504255c2080000f895aa5c2b0dcb25d7a656a93d0a7e6f08f9ffffff64875fea6ff57ba6ae25c5e8ca4f78d4a0130c243b08f1caa46be5244864184221e5f8e875857f083144c642f71cdc8e5634c1360c056430f677ee7ed7ac1f9743786b2fb8e0fcfcc3d36c93230b7b059bc295aa0e38ff07edc3c92b96e73d2060ac6fd0fd8145e4a5851bc4d6fdc5ad939d7795f3879baa88bd194d48e50c84892c97c80003000000a71835bdf8b846e31ce0b8ee953de70ea860f1ecf607a8dc38e525f415a1bd46b38845ebca04061bacbf627f9d1ffe599678fee48f83b5989543729e3600000000bc86cd51704f309130f534741377ea7b7bea3c46c0c4c4b7c27c5d057d95ac85a41cdcee8e6fa31f7d2137ed1fb4b21c13b9a2c5e3f7c9ef9c45885adbf0b9312be929863f000000000000004a82bc080de1f87808d0711dd76f2977ca7f2684bfa5c14a0cd6f1f561e3b0cfb284fcfde9015769b9eeac8ff10e934847604d930f62920562ce17fedadf5053ed8f33092a41bb46e1878c5295fecc27f9c6d1f62da58c000200000000000100000005e74591d5cdab1c268ef3c1984c7c0a566cfc2a080000009ec206a54fb49056a555414178ef00d8b8f3c59f01eb5d83415994efcc6ec4b3c275cd6b1b5ff82ef7d7abe7a1d0afa285706841aac9ccc89df41c39dd58dd70569fde45f8ad62edc65828fbb6e279f745d2872f0208635e465ca443a6a64c7803760880af23fb1f430a5d11fffc96dd1c2551642f1433f65b4e170a62a56bb7d0f9d5cef0d19389c43d4a4cc23e1c860900c2307500007e560fcc49062729e6a4de8b554d8f631e34c428bfe05b711f6e9abce622926614c8045dc670a31241bf657babf0615b85dc200a10294b7d5885b43ac62fc7f97a85586168483427072a535f2c7481ec261c00f725de74e48d9a86f7d4a5d28da3f099ca3e6472b9d7c86d961f525f799b4517141fc98af0673b8296f867eca1ec07be11bc497a6f7d2b752bcf77c2908b646300000000261bc2bc580a7474534b8dfc0432ab6bbc2486a03e69870cbfa7c3d3301fe227b713a371414c98695e559f9cbf6b046184064a5f24a4cc6f41f21fc24a3ad7d20a89e00a9dc99a40f890869d35fba3ce6f29c6610600ba21c65badf55d1859ea7e05c5711390bb2addd4581f9e7ef3e2693b46a8fc85be061ce79aa2832c04dc04db8b6536123b24be2ef80eb06b2db900fb30596c1574bda31f81d61ccfd58080d2330b9c7b87b5d17d48c32daffead3414b916626117c5cc91d5655e5eeb03e250eeedc7d65675bca9037426f643797be3e93da96b5643d3feed0b7c885d247c6b830d7cbf3152f27522f5142dcc84a9e48a07518f0142167abf5d6685d09945cbc778bcc3e7dcfac497bc1389a3a34ab9e5746a1353322960964183842601e5365b58060d417b01e6d80091a0d14ecb6ad9168040388c7640bfa2f886c259718543de7eebf4da8d1c3e76daace5217761d933d064b79609fcf5971aa1e77c3123910e72daaadd8878ad468eabafda2d521454ea9e8fcd3b53adfd6f00003a71345b841d04a02bf44195df032c59608a555bc44873272812e0fb874618a079f503379acff9825d582932a340c2b56b4cf44990f60000000000000000000000000000da0ca67905e877893646d185a75582f866785af6b0149e336c31fb177e3e2862ee1a07bc55df44d8d63f52fc5246b050f883247a0cd13c58cba50878620fa493937386ad2e2a0d60eb815aa05c33e22c32276dab36d14c63af66a31409ab2a403ec3c7a4e008d745efa2835a8c932f22aa6da40af9bcdf808b916bc8deb37d5b8c422b65c42d17e61751c561ce775a31b594cfbb7d2b3791b0300931610000000000000000000800000000000057e3bb75d0c9caecdd87b4d177b59f3807aa5fe4556fd97e90b31556262d1553d5721d2e089975877b808addae6f3550bcf8ac824a23854a6dc1706e22b717965a5434b736f72ab3f5af67db4fa1e8fab03f8084c461dd96299a36a79f1b40f36e5f115bc9c6821c4292e112664dba8e4a6a26614edbd1c49d4ae08c1fa43d7b03d1a3521d39968dbd298845060036f1d717fa394e4630e296937a2c37798cf83de74a0589003b4e1ba4f5173c080000000000000000000000a2671447b423b3963e4ebc75f17d4e654e29a5c189974c41a2721b86a754dcab9b311d1d0a2985675dd9e893edbde6105c8a556671d7ef8d2e20179a6f87b7172f7068b75b3287910000000408d72e3e3c54bdda389c4be1ad5073749c37a3ff61fd9e059e25d4d2002fa33cd5e2d1a69a2389b5c0b679ab9965ccebf2987f98ca9403e5b8fd45d3445b6329b5305625fbe1c0d68c57c2726fab5f0728dba6e1e0079ef2857662982bca4179c0e65aebd912c57fb3cb22cc0b50153dda5f2c67640396aff424d676047e2b5113714e20f14e7e24bd8d1686b5155bacb4de49168cd396838d5f02bb9ddd046d7f61bd7e6dea2e430a6c492778fe84390a6f16ef82135e70be04005c5cd3a99059a7b3ccd33b350305d134552d2ca379dac0d5d542027686a620458f9220a8d23adfa0dc7d03dc996b66ff96039109b504563132e0fd985b49741fc2eef5580c0432b58edb3486abca78b77236c9a442359601580000000049f557ed634597ae7c821d8c4b9f959aecc4a0e316e35176441ed2a4943640349f34f7bcba5fff1f6d918795dc44c124517fc9045b276c66b7e456bd7842902e55cf787b34f8131b261c83c20ead80324054458c272a09dae5e74c0794dfa36ed5c1b69684552e096e3ee77f3fed314fcb3101a3b0de8d07ecd9ebd8ccbf823548caf4d75e03058a2ecfd49ec86dbc1d2e2cf70918e9104d61219ad9eb940070c1ab7f8acd5c5c162efa20494628d081077b0555cd65bbd87da70000000000000000000000b1fcf34ed74ce256b12c4097200049ea1b007d4c2cfb545c4b1f0d38d4fdc99a37f92e0967297a6861a4511ea6601ba508144a836b445d34d36b63d821b94b1514fa8924bedae1c9773f43375945be99787417758ab15ba1533a58a9e6cccbe371c26a41699de1633059739b3a2b452d1c3b5e93a053d9bbce1b01243b846537fbeda9e5b9e5627df4252e030407961e9d8e62f9a10ccec5f100000000000000000000000000000000e58f8bde3a6ebd236dc8cdd2517e6fac778393328fd478265af3f3c91ff90f786fcf83917774648b4abb2ef9f2eaa8a53165bde445c19406ea3cba2d82e4db0b48af4fd095cdbc1348bf3b65f5055f9a02521a9b52a785b5918ce13f9a3ff1335c4ab9bac0ac9ab00e364a6ff4a5fc8aeda742a3115235c0ae3332a5fd736ac9ae174616a16a6e6ddf94936450510d5b4c83f41a909608b6ad05fbb81db37adfb8dbdaf363aef2be2165d3acd016f5cfe6833a1875fbc48f7e42f00038da295de727ab12df3d67c560bfd73c59e7a97993763f1cc28c7a2d73038cecea93c28a0ac2fd71afc82616c0be9cd3ec4b0f65a5617c6c6c5e813d556de2a15229e90f0aa0eebc35bdb50d2d80e3e74647555b78ce51da13d439b106ec1bd818d6459bbc3c049066e7935b9658df985f5304fac8940a14837d179710195d2a5a710418704498f2b7e1552af712306d938f5443fa0450848282b11753bbae7794bba7ce64e92b2d11619653e6984a014d3035e4ae38e316d4df55df6036f5c3a2c18e15367650f7a9661ee28764479542ef1a7b7ad7f0e5842bb8e7e4722f87cf4cf498469da0400eab9aa5f0da3662efb96c3a5b787f62b0f6476c853f92128c136684ae8ebef1d6f6ca5ebe39f5a6ac38e3f9f55e251fdd81cf737d14fe00359a0126994317c039d1a80000"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x222}, 0x48) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r0, 0x18000000000002a0, 0xf, 0x0, &(0x7f0000000980)="b0ff07c66b1d698cb89e07e007ca1f", 0x0, 0x2e, 0xe8034000, 0x0, 0x0, 0x0, 0x0}, 0x48) openat$cgroup_int(0xffffffffffffffff, 0x0, 0x2, 0x0) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000280), 0x4) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80) r1 = bpf$MAP_CREATE(0x0, 0x0, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x1, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000", @ANYRES32=r1, @ANYBLOB], &(0x7f0000000040)='GPL\x00', 0x0, 0xf5, &(0x7f00000001c0)=""/245, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_PROG_GET_FD_BY_ID(0xd, 0x0, 0x0) syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) [ 2048.004797][T10042] syz-executor.4 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=0, oom_score_adj=1000 [ 2048.017050][T10042] CPU: 1 PID: 10042 Comm: syz-executor.4 Not tainted 5.19.0-rc6-syzkaller-00104-g72a8e05d4f66-dirty #0 [ 2048.028088][T10042] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 2048.038177][T10042] Call Trace: [ 2048.041470][T10042] [ 2048.044405][T10042] dump_stack_lvl+0xd6/0x122 [ 2048.049077][T10042] dump_stack+0x11/0x12 [ 2048.053234][T10042] dump_header+0x98/0x410 [ 2048.057589][T10042] oom_kill_process+0xfe/0x550 [ 2048.062363][T10042] out_of_memory+0x620/0x880 [ 2048.067041][T10042] mem_cgroup_oom+0x475/0x4f0 [ 2048.071804][T10042] try_charge_memcg+0x746/0x960 [ 2048.076665][T10042] __memcg_kmem_charge_page+0x2e4/0x480 [ 2048.082339][T10042] __alloc_pages+0x1c1/0x340 [ 2048.086944][T10042] alloc_pages+0x34d/0x450 [ 2048.091454][T10042] pte_alloc_one+0x29/0xb0 [ 2048.095897][T10042] __pte_alloc+0x2f/0x1f0 [ 2048.100341][T10042] do_anonymous_page+0x799/0xa20 [ 2048.105363][T10042] ? preempt_count_add+0x5e/0xa0 [ 2048.110314][T10042] ? _raw_spin_unlock+0x2d/0x50 [ 2048.115168][T10042] ? __pmd_alloc+0x2cb/0x300 [ 2048.119790][T10042] handle_mm_fault+0x8a0/0xa90 [ 2048.124588][T10042] do_user_addr_fault+0x4cd/0x940 [ 2048.129661][T10042] exc_page_fault+0x60/0x160 [ 2048.134388][T10042] asm_exc_page_fault+0x22/0x30 [ 2048.139252][T10042] RIP: 0010:__put_user_nocheck_4+0x3/0x11 [ 2048.145081][T10042] Code: 00 00 48 39 d9 73 54 0f 01 cb 66 89 01 31 c9 0f 01 ca c3 0f 1f 44 00 00 48 bb fd ef ff ff ff 7f 00 00 48 39 d9 73 34 0f 01 cb <89> 01 31 c9 0f 01 ca c3 66 0f 1f 44 00 00 48 bb f9 ef ff ff ff 7f [ 2048.164699][T10042] RSP: 0018:ffffc90001223eb8 EFLAGS: 00050297 [ 2048.170770][T10042] RAX: 0000000000000003 RBX: 00007fffffffeffd RCX: 00000000200019c0 [ 2048.178769][T10042] RDX: ffff888160d18a40 RSI: 0000000000000004 RDI: 0000000000000000 [ 2048.186743][T10042] RBP: 0000000000000002 R08: ffffffff83a12fe0 R09: 0000000000000000 [ 2048.194726][T10042] R10: 000188812411c200 R11: 0001ffffffffffff R12: 00000000200019c0 [ 2048.202819][T10042] R13: 0000000000000000 R14: 0000000000000001 R15: 0000000000000003 [ 2048.210818][T10042] ? __sys_socketpair+0xa0/0x420 [ 2048.215839][T10042] __sys_socketpair+0xb6/0x420 [ 2048.220687][T10042] __x64_sys_socketpair+0x4e/0x60 [ 2048.225722][T10042] do_syscall_64+0x2b/0x70 [ 2048.230156][T10042] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 2048.236153][T10042] RIP: 0033:0x7fe837fac109 01:40:38 executing program 1: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xa, 0x6, 0x2, 0x6, 0x42, 0x1}, 0x48) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000200), &(0x7f0000000100), 0x40, r0}, 0x38) [ 2048.240612][T10042] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 2048.260307][T10042] RSP: 002b:00007fe837722168 EFLAGS: 00000246 ORIG_RAX: 0000000000000035 [ 2048.268820][T10042] RAX: ffffffffffffffda RBX: 00007fe8380bef60 RCX: 00007fe837fac109 [ 2048.276800][T10042] RDX: 0000000000000000 RSI: 0000000000000002 RDI: 0000000000000001 [ 2048.284827][T10042] RBP: 00007fe83800605d R08: 0000000000000000 R09: 0000000000000000 [ 2048.292809][T10042] R10: 00000000200019c0 R11: 0000000000000246 R12: 0000000000000000 [ 2048.300810][T10042] R13: 00007ffd964f77ff R14: 00007fe837722300 R15: 0000000000022000 [ 2048.308859][T10042] [ 2048.312236][T10042] memory: usage 307200kB, limit 307200kB, failcnt 62838 [ 2048.319224][T10042] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 01:40:38 executing program 5: perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x5, 0x16, &(0x7f0000000180)=ANY=[@ANYBLOB="61128c000000000061138c0000000000bf20000000000000150000006309000b2d03010000000000950000a7000000006916700000000000bf67000000000000b5060000fcff03046706000002000000170300000ef90060bf050000000000004f650000000000006507f9ff01000000470700004c0000005f75000000000000bf54000000000000070400000400f9fead4301000000000095000000000000000500000000000000950000000000000032ed3c5be9529914953170d2d7ffffff8ecf264e0f84f9f17d3c30e3c7bdd2d17f2f1754558f2278af6d71d79a5e12814cb1d8a5d4601d15871637b65f8903dc8711a0b9bdb7dd399703d6c4f6f3be4b369289aa6812b8e007e733a9a4f16d0a3e1282ee45a010fb94fc9de56c9d8a814261bd2b4a05000094742dfee78e821081762bab839dfa66810b5b40d893ea8fe0185473d51b546c087431d770000000767c955cfa1f6ab689fde4de5f63ede20271a51445dc8da39e5b0ab7010001000000009af619e3cca4d19e0dee5eb106774a8f3e6916df85aaf34c4756ad3a6d9fee0000000000000000c8fb735fd552bdc206004aeb0743eb2dc819b6cf5c8ac86d8a297dff0445a13d0045fb3cdaffa673a6bb55d8c85f21dce431e56723888fb126a163f16fb2ad9bc1172ba7cbebe174aba210d702a018f9bbec63222d20cecac4d03723f1c932b3a6aa57f1ad2e99e0e67a993716dbf580469f11294b482af97787f696649a462e7ee4bcf8b07a10d6735154beb4000004000000000000000000000000bc00f674629709e7e78f4ddc211bc3ebf0bd9d42ca019dd5d022cf74686e9fbe2562671cd47840a7afaab43176e65ec1118d46d1e827f3477523dcfa17690884f8d2001e03a651bb96589a7eab010e861bbd0000000000000000c59050647802cf86f1b4c3005f33d83f84e98a52fbbecd106425563d80bd0d0d703f37ca153f601ae899a53f6715a0a62a34b0c94cce69945205480a55c22fe394ac000000000000000000040000000000437d57defb79ea6a58b83eeed729a2f95e6a1fc3857fb51b324be00000000000000090867f7a3b9bc43717188cb8426286fc55fc57cc3c6de4aa67babf350709e282a4f2bf59f46e20465eae865dbfd533b1cb2d540d0490cd5248715c74b6bd0248a9a0b417bbdfb5351defc6e34a961f3593920437bf3cbbc04600c64acad9a04ffe62875177b51d2f0c6d7194c26789d2bec2d0846831455b8fcd03beaeca2c1335d8a49a92f9d2bef5f485c4b6f4cf710b7d19000000000000009d47d564a838bdf8901a719431a9d1ef918ec0ec79037cb61df16379e3bf2a1127c49407e8512e21080315e62559e8dd67dae85177d899d9e078f80585837f0e943b8820b19c75d243a78d8c2093c59cbc4c55f1578cff737502ea2d8dc5eee909928d0b9dc946dcb38692dcc8db84834cc7726429cb20603b5338184f9828aa802e3793c4f259d616307d8aa46ca094049c0ddc1caaed5485b4ff030000182620bcba2316f9e6df0c8647f6ff0000000000000000386096e4a4ff86042f0b42027ff933d2dfe2d5baffacc9dc2411302a185ea454af5839be28b7d040c1fe6ae0fd63fa7f32b8ab6cd6a8b8bf1b7d3e4ffeca635d84c376b03a58677dd9f8c2a6fa126c7dad3f9e939c92d63ab1cf2fbea26a60b951914aba5c0696cc64e66b9b0f2c4444f8c391c0d9b647a3be4885a055ce3879a91fb62ca97e6526286c14c80b6dc981c5ae6ebf0778ea01a3a44e01ab79bcccbb83266a1ce1a1dea83ebb89d07b4db1aa09ad2904040e7784e96cd66bda204d47b1c66d5a84e7c3de1d1062fd8a23d1b402003c177e76dbca599691164ade323ad4a17abe99975cba748bc2379eed5a83dc94947eb18976db8ba6d35bfb65a3d8b5baa9bbec017646649fa99537aa453f3e6b2acebeddb6c32a87455f351efc30260941825ba884d7db07e1212033409e62d7154cc68a7ee910e3d3470cdb781817f85373a647fd1b626035b666f224a66c0e47e15c6b836b324318507501a0f4b2cc9153167fd839a483615cbc2ad1a7d1528f01bf91b950a9bcd7d06491e1a355e476365f653d2d94ba898acbd64d70bdb364ef3adb5ba1e4d9d5002da76ccec5d5184e912aaf5a945ae000000000fb8cf0afee51c851546bb38c5ef303000000000000002ecdc2b82059750f019a418e3e8d20b6bf768a7db1f84727546f88add2f391d62b1313452553149a4634418de7eda7b2e682271c6e62f5dfaabba46560dfa410e1f334a5f60791b275368469ddc42f7712bff1689f2ffbf5268cc0572e23afd4c402b154ae94c1f65d7d4a79272945287c79b4b70183d2cde66c7225106a064a1800d777372b2b43326821d5c1c78fda699c7484f3e5fc8bbce6fb3039569646b0de22c431d90c12d48e314d8a5ef4db148110da070000002c4f7bd7f36f814ed92197fe3eb0843c2681c609231825b8a27be301142cec8a6fd85965f83ff4dd40296e5fb5678d93d0daee45c43bdb9bde9c1d1c988b909fdf78cfda5da3dc28792b10fb8f3f22ece745c074f86f471489337a9a8d9ad7f310aa50c983b490f561bc420289b6aa0fc3f43f8a4548aa9c723ce466287760f919afbb94b0410ff06071de3aa1c199f407347af666713096a422fbc70671ac08f9256ab0079c101a724136352af2895899effda7bcd127ba98521eb4b04b2a821935ee3b216190859942141fc2001ffce21fb059f9519c4804283d2ce09977842ff7309ad2c4d8f0420dfc8cdb1b37ad52985a88ca4cdc1e37715362a59f7c9c7df793d69f974399859e622ec3a1bab735a1aa489fe50619fe399eddaf92f67755cb54824685444a58731ee166ae65412709b853a5df7ce44220fc188c00291843d66e69da3744f39f5f6113fbe390b22cdbefb90ca2a51b1ff21f384e7bf076825aadaf02da77eeefb8875d630b7575e661b90eb6cd98674c92f179b2675b1f6c86712846ddae87bb3a3887b56292356270e85888c25a1c8ae958906ef6b71e1b800107da1c5608fe05d2f4265a5300000000000000007c737c9118049ae7dc000000556306f32e3ac264e9f02ffcf0318af80c83ea2020b1e1f47cfdd6097c49b5f4bb92bb9133df719f35d4bf730784f1caa8e4e16f4eeb535c059a700d5764d6c83c4a35a6ef44f135657d3d4185627fe1454d35253326d937125b6f23af7eb95bac231b84c6935a3a6d24d18f7e379db2fd5e76f92fa7154a6c155e8759eb0e7b39ef433861158bd496ecafb3d1c50294e43d5895df1a2de536f5d85e0a000049277bc09533ceead6812fdfb5ef59b15069ea0df6a3eee0484c848fe4e6e7461ffc3917e4e07d250d9459ebea5fd4e26fc04eb38e70597fcb693cb2f7506f5fd725ffa93360fb2b9feb1401e30996e1e7d14bb8db59880cde130af0a6a0e6152a6e3a8a684cabf379d4aa33c896bca694ce66659dd6e5df22910a1caca10fe3ce74f1b8156d8155a4e11d2f35674dffd223f4f0a1a7a2be83872662477884d65af42bcac801d0c667fba32e16ead8f076eed935d5998bca285c25349c6f26485902316c156eee9dcaa64f8a889abb1a890b23c7de6b2b0a6128545efc3ee8e60ea8eaf5617ec3f0bfb1e23c4f75bc2a649a886bf4d5378c58259fddea066f1d70df9633af91752bf41a0d4d0929c34472a6f7110de14267c64234b49ca299ca07ba65ce67dd46909ed693d71a5de47fe26a4eb2f4d514029b11f3f0c3ccb2403db497a55d23c25003ba864cdaf6e732f74e11d1a58e89f60267e60d79f467b181d236c9300420b30760bf861195eeb74275e9c4ed71f0e9fda02bdbf8aaa3e23a6d22dd423541b6acddf724567d4c4908391b979a1c7102f5be7ed9db7a36ecfc3b9e0ab0eedde347cc4c0255b364de463000bec5fbefb017985888ce019facc7be45b2ab04b1456da413e3f7cf345d6fed0bff086cf8c3018bd0ea78ed54c8b684c797390bf5cad492bff0d97e553e42aba229446354cb4f5825ee66870100ffd06e63c27b8a12d757210a43870a0ef4ba3bad01c492d792c1535aeff946f3415912b5abbff35d1cd17c842175357a4bc75ab4a943e06a7569fa1e1e4e017e43e8e47914d10000000000000000000000000000000027e138e599ab8fbba40d6175ada8441406c3a1e309dfd365bb737f4d9b02304f7b9ca3ce7d2e5b498eec1fb323861023d0"], &(0x7f0000000100)='GPL\x00'}, 0x48) 01:40:38 executing program 1: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x9, 0x101, 0x2, 0x6}, 0x48) bpf$OBJ_GET_MAP(0x7, 0x0, 0x0) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000200), &(0x7f0000000100), 0x7fff, r0}, 0x38) 01:40:38 executing program 0: getpid() socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, 0x0, 0x0, 0x2, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4000000010001fff000000060000000000000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00edd62ea20a1d331785", @ANYBLOB="f6058f6edd13b339a41741df7cc8ce16a184f1c3ce95557b15a6b9d8ed59050d446d58b1b14a601e31bc1f05ac2d5eab491981e7982e0834ddf3bc6592804936196dbce83b114f9265aa8c87654cf456311e4cba3ee22fd0451b75c902767755ccec2eb4ea77c45e8d4d4e77f867648d98797fdd8711d671c5f22669c60eb10bf9570150a2c247bf1e55cd1fb91e41588a73327e20823f2f15ce2255a75e6d8afb40aa37c5ae7af3fb6c770673242110d1e2c33cfd3264e2a156ae5ee38d5abfb2ad4c2a8a"], 0x40}}, 0x0) [ 2048.326122][T10042] Memory cgroup stats for /syz4: [ 2048.638439][T10042] anon 98304 [ 2048.638439][T10042] file 126976 [ 2048.638439][T10042] kernel 314331136 [ 2048.638439][T10042] kernel_stack 32768 [ 2048.638439][T10042] pagetables 73728 [ 2048.638439][T10042] percpu 11039616 [ 2048.638439][T10042] sock 0 [ 2048.638439][T10042] vmalloc 0 [ 2048.638439][T10042] shmem 126976 [ 2048.638439][T10042] file_mapped 126976 [ 2048.638439][T10042] file_dirty 0 [ 2048.638439][T10042] file_writeback 0 [ 2048.638439][T10042] swapcached 0 [ 2048.638439][T10042] inactive_anon 167936 [ 2048.638439][T10042] active_anon 57344 [ 2048.638439][T10042] inactive_file 0 [ 2048.638439][T10042] active_file 0 [ 2048.638439][T10042] unevictable 0 [ 2048.638439][T10042] slab_reclaimable 15840 [ 2048.638439][T10042] slab_unreclaimable 303129120 [ 2048.638439][T10042] slab 303144960 [ 2048.638439][T10042] workingset_refault_anon 0 [ 2048.638439][T10042] workingset_refault_file 15 [ 2048.638439][T10042] workingset_activate_anon 0 [ 2048.638439][T10042] workingset_activate_file 0 01:40:39 executing program 5: close(0xffffffffffffffff) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0) perf_event_open(&(0x7f00000004c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f00000009c0)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065040400010010000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b7000000000008009500f10100000000487591731cba12c07d57d995b61e89a4530f92344f242b416ae9eeefc0e9c60ebab1c176bfdbb4dde984510c82dc2bd18189a7ca02f732e4c2eab72bf40c0682fd0a0c4ac106b29e220dc28dac72039456d4c4e6f3fe684ab8373bb4df9d72876ef3834293812e927c01a6da1322da44c7f2ed1084a12f56d1cb39df9858037458a4ca0376ed42f7dd5adb8e49f4a94608c9a20819e02fc22e6be45574d4ed88b37ab8d7674c644dca2f1b4d745fd95c41f9df0004afd1e5a3e7f2e898961cb43e438c2da3c28714dca4b04e41ae43ea118e14ffffffff14e7f574adde1a76b051c72be4b8a80366ce5401ec61921a1b529cc8b99bffff950c006c67767b03b95151aeb89e6d4a433eb215ba22f4e14336fc9dc7beedb130d9f2be90133a4500000058b8c9370634060105baa664953505605fba3973aa021945b985a8a66e0200ce8f00c219cb608acc4d305b37cb8d7f41aacfbd4089ea1bd22440f63db15d792e604a4f279b3bd6841bdf2c17bc0400001000000000ff8d01026200607a9a76e5d9656a7154c75773902a1bdf399df3925130312d095e9c1f973d091c198c1a11edb6b3cc425fe203d2f2655a76865c2ce2470fcfb1ce30c00e14a8198cd7248cc0ed5431a7fbcb0ef4f66a09af93a09fab1daae4b518d7a5d95a017864487367d6d7ee7bb0749cacf56cf27409c60fca2e0004000000000000a9cb6f4a78444986f9b1ab61f9dab530388eb1f43d4abbfc59d6d1b18fe380df4bf024f120bd715d82033f2fb7d8fc9a0d77b294e097e293db7f042c0024ab2fd8e5e7fb178f047ba32548b4d32972cba6f49051cec1bf6f16231bbb90a2d201a5a47811a2278a03bf7700b06fa191ebd3a0c2ef0058ffebd7cc4cf80f74a7cdac01d998c24f34a5ba9a4a2039d0416e3f81074100000000c7d8e94a27a06a4e3d9aaae835fd63384f69ce34640571e5bbb3e6d2b5eba505000000968983811f832d064048c0e0bbe46984f1f0d0504255c2080000f895aa5c2b0dcb25d7a656a93d0a7e6f08f9ffffff64875fea6ff57ba6ae25c5e8ca4f78d4a0130c243b08f1caa46be5244864184221e5f8e875857f083144c642f71cdc8e5634c1360c056430f677ee7ed7ac1f9743786b2fb8e0fcfcc3d36c93230b7b059bc295aa0e38ff07edc3c92b96e73d2060ac6fd0fd8145e4a5851bc4d6fdc5ad939d7795f3879baa88bd194d48e50c84892c97c80003000000a71835bdf8b846e31ce0b8ee953de70ea860f1ecf607a8dc38e525f415a1bd46b38845ebca04061bacbf627f9d1ffe599678fee48f83b5989543729e3600000000bc86cd51704f309130f534741377ea7b7bea3c46c0c4c4b7c27c5d057d95ac85a41cdcee8e6fa31f7d2137ed1fb4b21c13b9a2c5e3f7c9ef9c45885adbf0b9312be929863f000000000000004a82bc080de1f87808d0711dd76f2977ca7f2684bfa5c14a0cd6f1f561e3b0cfb284fcfde9015769b9eeac8ff10e934847604d930f62920562ce17fedadf5053ed8f33092a41bb46e1878c5295fecc27f9c6d1f62da58c000200000000000100000005e74591d5cdab1c268ef3c1984c7c0a566cfc2a080000009ec206a54fb49056a555414178ef00d8b8f3c59f01eb5d83415994efcc6ec4b3c275cd6b1b5ff82ef7d7abe7a1d0afa285706841aac9ccc89df41c39dd58dd70569fde45f8ad62edc65828fbb6e279f745d2872f0208635e465ca443a6a64c7803760880af23fb1f430a5d11fffc96dd1c2551642f1433f65b4e170a62a56bb7d0f9d5cef0d19389c43d4a4cc23e1c860900c2307500007e560fcc49062729e6a4de8b554d8f631e34c428bfe05b711f6e9abce622926614c8045dc670a31241bf657babf0615b85dc200a10294b7d5885b43ac62fc7f97a85586168483427072a535f2c7481ec261c00f725de74e48d9a86f7d4a5d28da3f099ca3e6472b9d7c86d961f525f799b4517141fc98af0673b8296f867eca1ec07be11bc497a6f7d2b752bcf77c2908b646300000000261bc2bc580a7474534b8dfc0432ab6bbc2486a03e69870cbfa7c3d3301fe227b713a371414c98695e559f9cbf6b046184064a5f24a4cc6f41f21fc24a3ad7d20a89e00a9dc99a40f890869d35fba3ce6f29c6610600ba21c65badf55d1859ea7e05c5711390bb2addd4581f9e7ef3e2693b46a8fc85be061ce79aa2832c04dc04db8b6536123b24be2ef80eb06b2db900fb30596c1574bda31f81d61ccfd58080d2330b9c7b87b5d17d48c32daffead3414b916626117c5cc91d5655e5eeb03e250eeedc7d65675bca9037426f643797be3e93da96b5643d3feed0b7c885d247c6b830d7cbf3152f27522f5142dcc84a9e48a07518f0142167abf5d6685d09945cbc778bcc3e7dcfac497bc1389a3a34ab9e5746a1353322960964183842601e5365b58060d417b01e6d80091a0d14ecb6ad9168040388c7640bfa2f886c259718543de7eebf4da8d1c3e76daace5217761d933d064b79609fcf5971aa1e77c3123910e72daaadd8878ad468eabafda2d521454ea9e8fcd3b53adfd6f00003a71345b841d04a02bf44195df032c59608a555bc44873272812e0fb874618a079f503379acff9825d582932a340c2b56b4cf44990f60000000000000000000000000000da0ca67905e877893646d185a75582f866785af6b0149e336c31fb177e3e2862ee1a07bc55df44d8d63f52fc5246b050f883247a0cd13c58cba50878620fa493937386ad2e2a0d60eb815aa05c33e22c32276dab36d14c63af66a31409ab2a403ec3c7a4e008d745efa2835a8c932f22aa6da40af9bcdf808b916bc8deb37d5b8c422b65c42d17e61751c561ce775a31b594cfbb7d2b3791b0300931610000000000000000000800000000000057e3bb75d0c9caecdd87b4d177b59f3807aa5fe4556fd97e90b31556262d1553d5721d2e089975877b808addae6f3550bcf8ac824a23854a6dc1706e22b717965a5434b736f72ab3f5af67db4fa1e8fab03f8084c461dd96299a36a79f1b40f36e5f115bc9c6821c4292e112664dba8e4a6a26614edbd1c49d4ae08c1fa43d7b03d1a3521d39968dbd298845060036f1d717fa394e4630e296937a2c37798cf83de74a0589003b4e1ba4f5173c080000000000000000000000a2671447b423b3963e4ebc75f17d4e654e29a5c189974c41a2721b86a754dcab9b311d1d0a2985675dd9e893edbde6105c8a556671d7ef8d2e20179a6f87b7172f7068b75b3287910000000408d72e3e3c54bdda389c4be1ad5073749c37a3ff61fd9e059e25d4d2002fa33cd5e2d1a69a2389b5c0b679ab9965ccebf2987f98ca9403e5b8fd45d3445b6329b5305625fbe1c0d68c57c2726fab5f0728dba6e1e0079ef2857662982bca4179c0e65aebd912c57fb3cb22cc0b50153dda5f2c67640396aff424d676047e2b5113714e20f14e7e24bd8d1686b5155bacb4de49168cd396838d5f02bb9ddd046d7f61bd7e6dea2e430a6c492778fe84390a6f16ef82135e70be04005c5cd3a99059a7b3ccd33b350305d134552d2ca379dac0d5d542027686a620458f9220a8d23adfa0dc7d03dc996b66ff96039109b504563132e0fd985b49741fc2eef5580c0432b58edb3486abca78b77236c9a442359601580000000049f557ed634597ae7c821d8c4b9f959aecc4a0e316e35176441ed2a4943640349f34f7bcba5fff1f6d918795dc44c124517fc9045b276c66b7e456bd7842902e55cf787b34f8131b261c83c20ead80324054458c272a09dae5e74c0794dfa36ed5c1b69684552e096e3ee77f3fed314fcb3101a3b0de8d07ecd9ebd8ccbf823548caf4d75e03058a2ecfd49ec86dbc1d2e2cf70918e9104d61219ad9eb940070c1ab7f8acd5c5c162efa20494628d081077b0555cd65bbd87da70000000000000000000000b1fcf34ed74ce256b12c4097200049ea1b007d4c2cfb545c4b1f0d38d4fdc99a37f92e0967297a6861a4511ea6601ba508144a836b445d34d36b63d821b94b1514fa8924bedae1c9773f43375945be99787417758ab15ba1533a58a9e6cccbe371c26a41699de1633059739b3a2b452d1c3b5e93a053d9bbce1b01243b846537fbeda9e5b9e5627df4252e030407961e9d8e62f9a10ccec5f100000000000000000000000000000000e58f8bde3a6ebd236dc8cdd2517e6fac778393328fd478265af3f3c91ff90f786fcf83917774648b4abb2ef9f2eaa8a53165bde445c19406ea3cba2d82e4db0b48af4fd095cdbc1348bf3b65f5055f9a02521a9b52a785b5918ce13f9a3ff1335c4ab9bac0ac9ab00e364a6ff4a5fc8aeda742a3115235c0ae3332a5fd736ac9ae174616a16a6e6ddf94936450510d5b4c83f41a909608b6ad05fbb81db37adfb8dbdaf363aef2be2165d3acd016f5cfe6833a1875fbc48f7e42f00038da295de727ab12df3d67c560bfd73c59e7a97993763f1cc28c7a2d73038cecea93c28a0ac2fd71afc82616c0be9cd3ec4b0f65a5617c6c6c5e813d556de2a15229e90f0aa0eebc35bdb50d2d80e3e74647555b78ce51da13d439b106ec1bd818d6459bbc3c049066e7935b9658df985f5304fac8940a14837d179710195d2a5a710418704498f2b7e1552af712306d938f5443fa0450848282b11753bbae7794bba7ce64e92b2d11619653e6984a014d3035e4ae38e316d4df55df6036f5c3a2c18e15367650f7a9661ee28764479542ef1a7b7ad7f0e5842bb8e7e4722f87cf4cf498469da0400eab9aa5f0da3662efb96c3a5b787f62b0f6476c853f92128c136684ae8ebef1d6f6ca5ebe39f5a6ac38e3f9f55e251fdd81cf737d14fe00359a0126994317c039d1a80000"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x222}, 0x48) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r0, 0x18000000000002a0, 0x1f, 0x0, &(0x7f0000000980)="b0ff07c66b1d698cb89e07e007ca1f74ffff100e7200636777fbac141436ee", 0x0, 0x2e, 0xe8034000, 0x0, 0x0, 0x0, 0x0}, 0x48) openat$cgroup_int(0xffffffffffffffff, 0x0, 0x2, 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000140)=@base={0x7, 0x4, 0x10, 0x5}, 0x48) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x1, 0x5, &(0x7f0000000000)=@framed={{}, [@map_fd={0x18, 0x0, 0x2, 0x0, r1}]}, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80) bpf$MAP_CREATE(0x0, &(0x7f0000000140)=@base={0x7, 0x4, 0x10, 0x5}, 0x48) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x1, 0x5, 0x0, &(0x7f0000000040)='GPL\x00', 0x7, 0xf5, &(0x7f00000001c0)=""/245, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80) bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x0, 0x0, 0x0, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_PROG_GET_FD_BY_ID(0xd, 0x0, 0x0) syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) [ 2048.734250][T10042] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=10033,uid=0 [ 2048.749583][T10042] Memory cgroup out of memory: Killed process 10033 (syz-executor.4) total-vm:46312kB, anon-rss:388kB, file-rss:8192kB, shmem-rss:0kB, UID:0 pgtables:76kB oom_score_adj:1000 01:40:39 executing program 3: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000240)=0x1) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4000000010001fff000000000000014000000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00ed"], 0x40}}, 0x0) 01:40:39 executing program 4: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x9, 0xff, 0x2, 0x6}, 0x48) bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f00000005c0)={r0, &(0x7f00000004c0), 0x0}, 0x20) 01:40:39 executing program 5: perf_event_open(&(0x7f0000000340)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000001380)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2e6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000002c3f2cc2b7956244cef7baf48e6d2885a09a87507ebf4e4309ebcdac5f7a860c00269c781f6410457253e89ad528d985636a86ec0f68f59cd1159a2c2e85d726859a919cc9548a349980d1ccdce27f94bc074c27f81070545c146a0857153b7b8f00034debae58a4ab415b0d7ff0575cc2727e8d974927676468ff2d86e0ffac94712ed9cf6b40b3cf252a47c05af3a30d57cc3ed67d1877b54d24e2da18568c3b0f24b5269ebf84d3b042d6e432cd080e3b57239f0127473e6ba922aff649609d40b47ec331ccba3ce8f530ffff19a6471bf5abc742d9cbcfb964b13831034694a6aad86cf08a6c7b2235dc99de9aa3e6b77c7a2877261ed72da90864987f30926c9013eec3b86836ae504479f60b0ec920ae654d2b85627aa5a79f37eeae3023a8499800000000008f02712c3d8fc4e2b61adb0695e823887196d4f4e91f0000002c33df871a8e782352b88317c5adbbdb0015f89e9939bc424d1bafe5725c8a404724f8a4f1cda7997b65954f7409750600000000000000a4410009f95d5ba209b887af2c85c2d9ab09b5dd7d7f0006d2d7650bf7b2ff4602aec1eea200000064881c560c371a08e051374cf05c921a06fb78183e7e68de9dc8d95e0e5b365d1e1298f411432010e1004dae58b3b5b89709b0ff47b200000000000000cbefd9a6bb70f60eb9c0557c67a1d9f00e1dd2fc79a957c84f2369dcd548b3d360c4b85e4d961498f3a80131d21d856177a2189f45d011ef1da5c6d57bb8fd62020000c3899a914e47e82f040000009de2323f92739d580500d1f91c0d22597e05a61e3d8576ca168e88d7a9af95b04a37387bfffab9abbb31fa8c0080258cfa6d3f166e695f3c56490aeef464d9965d70a50f1282619344f223548e75fa39643adac1322cc7ca253ff2fb15166551ff7a31c3319e4a088276126feab16bacdf83c11816dbe959ebc5ec479c8309f73e2249eab0486b110702a481d3b51976a52303056e800b4ae5acc2df636a65eb1d672b37c8600dcda8462cc9b16624998be65683321e970000000009b8e2076234f0bec1bf4a3eb6769f2b23e842bacd9c685edea0ffa3e975424f8ede49eee3f1ff791cf7c9862f98b45852e4b2f78721b978a2df2f2a29a387c6f0576b36038f819286eca99a6a43487d775fe986a49fb82cf5f15972d55185ab18f1045384501adabb20f7b0e159a1289ba6e243668e671d305707e3de7652afc5b60c76deff43a1d6fd6a4180ab723735abbeffe7f2ec3a0bb86f9eddfc173d1d503d7a54b49e1ae6c5aafc91fbb4c256409e54daefbb107c381fa729ff5f3907d93430da178d685d771c8f89061487b38ff722096d2986334c25e45447b018174a9f4738b8c71fbdead06ab95e42f9a847182766964976b1fccde6131ba0a3723b0a4262b7023c22d4c6267965af782f8e55325399d9802264d06e40ae118e1d242d1128dcedeb44030d40adb5f8d4692e77e8960ef790fb0078215d65856eb55db8cbcba4b8de1f0d9852a5d2271097f8cae38a1d03912b31c98d42e1a1bda1290de1a499a519e5a90442abe0bdbc09242806d6849914c1787cc341fff44fec5c5e0abae01c439a1b0311e074e81ae9993b5b3459553ecede78d4c1541c70f5d85c0000000000000000aada2d1b83182952a76233d18e7d49638aebeafb7c255372795d2d192a0a33cab096e5a7d72fcdb0a11993d54d97a23754ac828674dbb93c0ad345715be4a13678b01edf76d8a9236558fea2c88c9d004505ab45d8f5f88aa816c7ce5c189704bb2cd7a2356397f1a0a23e662e2a6cc41de3121b3879f4182a4aa1000a315b9414dd9cafba2e72c659682a76c266fb594fd2338566176df5b59d8bfa89e58c3e0fa84da9abedd5698dec718a7f87be5a73aaa10f0e4ff98322361d3fd75f1f7cb0391299f8858a029f9d23d1e8e09a66d1cf039eee5bebc8945660eb892f7ffb22bbb580a202bb8eca3aeaa9faa25e4bab4a53e9bcbd11cdc30862c0011e6dfad2d6f5d51873e65f5cae47689c426cabacc31970c44d33b564b5e8f3e9ff7ee21b60b07378ace413b44a4ffa9a8acc44bd9476507014d01e76413df5d82dc74fc9c0fa29ae02dbb5667b551a3e146e28406ed3145bcf3b2877ce061a645206b4d89304cdeaee58d93b9de0bbb8994e3ce9fe9566fdaeb59771226e6061bb344825c9836b3bdff6865254aa174141c06304692065d8550558a4b299413b19a2692a03e37f81dd08c3a069cf6a0eb6926deb2dcfff88a377a86debb0680500256535093e3aeec7d58c3dca69c3912c769b492a60781c23c98b5bd469181fcd94d78d7d0b98332e8c5991e2ec2fb3a01d2e16745985106c5ec51b5483463f5aef606572b0f2e14f6a87e7c26c083555b015f317a1a647dbffe546ee9a4c83e401fb7bc387988b9b1cb26d561e3610749ffe3e8f057fb4261afc475bfb903afa81369e7149ca76ffe537f4f7bda6d7c1f705e9ff215f9c8d3425a4e4"], &(0x7f0000000340)='syzkaller\x00'}, 0x48) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000000c0)={r0, 0x20e, 0x5ee, 0xfd000002, &(0x7f00000004c0)="b9180bb76003070c009e40f008001fff310000003300fc8477fbac141434e0080001c699da153f0ae0e6e380f6010af683317585d7472be0ab4439f0f570ff155bc5f73ba3f8bb99a6e8ded1ce485cf058105cd981b42493481cd659416a2e10c9119664f36eb00b333c20c9ec0c222d644bdcb178c1cc53d6960fbb842d6a33dfcde3a1e1848135214baf139753866cadcbe3ce52505e992818cc452bee339d9ab076f484020eaa348a21d7911e4c44905256ec2cc54cca47a198b00c10aff62a4bed43a2ebcad92743fb22c593f28fd4bb7c703cde9cae0569d4c8d9a823f2c12863f7a6c0cf88ed22aae4f6f084508833b61429a25773eedf63dd9f33d430f2a0a30a7761db16fe0f743b95ded898c28aac1256ce2751b3d738899b8b19d9052b7f13ff94", 0x0, 0x31, 0x6000000000000000, 0xfffffffffffffe7e, 0x1d4}, 0x28) 01:40:39 executing program 2: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000240)=0x1) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4000000010001fff000000000000000e00000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00ed"], 0x40}}, 0x0) 01:40:39 executing program 5: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x9, 0x20101, 0x2, 0x6}, 0x48) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000200), &(0x7f0000000100), 0x40, r0}, 0x38) bpf$BPF_MAP_FREEZE(0x16, &(0x7f0000000000)=r0, 0x4) [ 2048.859546][T10071] syz-executor.4 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 2048.869840][T10071] CPU: 0 PID: 10071 Comm: syz-executor.4 Not tainted 5.19.0-rc6-syzkaller-00104-g72a8e05d4f66-dirty #0 [ 2048.880876][T10071] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 2048.890937][T10071] Call Trace: [ 2048.894221][T10071] [ 2048.897154][T10071] dump_stack_lvl+0xd6/0x122 [ 2048.901760][T10071] dump_stack+0x11/0x12 [ 2048.906008][T10071] dump_header+0x98/0x410 [ 2048.910354][T10071] oom_kill_process+0xfe/0x550 [ 2048.915159][T10071] out_of_memory+0x620/0x880 [ 2048.919826][T10071] mem_cgroup_oom+0x475/0x4f0 [ 2048.924520][T10071] try_charge_memcg+0x746/0x960 [ 2048.929452][T10071] __memcg_kmem_charge_page+0x2e4/0x480 [ 2048.935068][T10071] alloc_thread_stack_node+0x292/0x360 [ 2048.940554][T10071] dup_task_struct+0x96/0x2a0 [ 2048.945269][T10071] copy_process+0x3cb/0x20b0 [ 2048.949881][T10071] kernel_clone+0x163/0x5c0 [ 2048.954434][T10071] __x64_sys_clone+0xc3/0xf0 [ 2048.959078][T10071] do_syscall_64+0x2b/0x70 [ 2048.963508][T10071] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 2048.969427][T10071] RIP: 0033:0x7fe837fad531 [ 2048.973931][T10071] Code: 48 85 ff 74 3d 48 85 f6 74 38 48 83 ee 10 48 89 4e 08 48 89 3e 48 89 d7 4c 89 c2 4d 89 c8 4c 8b 54 24 08 b8 38 00 00 00 0f 05 <48> 85 c0 7c 13 74 01 c3 31 ed 58 5f ff d0 48 89 c7 b8 3c 00 00 00 [ 2048.993813][T10071] RSP: 002b:00007ffd964f7748 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 2049.002232][T10071] RAX: ffffffffffffffda RBX: 00007fe837722700 RCX: 00007fe837fad531 [ 2049.010203][T10071] RDX: 00007fe8377229d0 RSI: 00007fe8377222f0 RDI: 00000000003d0f00 [ 2049.018181][T10071] RBP: 00007ffd964f7990 R08: 00007fe837722700 R09: 00007fe837722700 [ 2049.026183][T10071] R10: 00007fe8377229d0 R11: 0000000000000206 R12: 00007ffd964f77fe [ 2049.034156][T10071] R13: 00007ffd964f77ff R14: 00007fe837722300 R15: 0000000000022000 [ 2049.042170][T10071] [ 2049.045217][T10071] memory: usage 307200kB, limit 307200kB, failcnt 62874 [ 2049.052148][T10071] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 01:40:40 executing program 0: getpid() socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, 0x0, 0x0, 0x2, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4000000010001fff000000070000000000000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00edd62ea20a1d331785", @ANYBLOB="f6058f6edd13b339a41741df7cc8ce16a184f1c3ce95557b15a6b9d8ed59050d446d58b1b14a601e31bc1f05ac2d5eab491981e7982e0834ddf3bc6592804936196dbce83b114f9265aa8c87654cf456311e4cba3ee22fd0451b75c902767755ccec2eb4ea77c45e8d4d4e77f867648d98797fdd8711d671c5f22669c60eb10bf9570150a2c247bf1e55cd1fb91e41588a73327e20823f2f15ce2255a75e6d8afb40aa37c5ae7af3fb6c770673242110d1e2c33cfd3264e2a156ae5ee38d5abfb2ad4c2a8a"], 0x40}}, 0x0) [ 2049.059011][T10071] Memory cgroup stats for /syz4: [ 2049.803361][T10071] anon 94208 [ 2049.803361][T10071] file 126976 [ 2049.803361][T10071] kernel 314314752 [ 2049.803361][T10071] kernel_stack 16384 [ 2049.803361][T10071] pagetables 73728 [ 2049.803361][T10071] percpu 11039616 [ 2049.803361][T10071] sock 0 [ 2049.803361][T10071] vmalloc 0 [ 2049.803361][T10071] shmem 126976 [ 2049.803361][T10071] file_mapped 126976 [ 2049.803361][T10071] file_dirty 0 [ 2049.803361][T10071] file_writeback 0 [ 2049.803361][T10071] swapcached 0 01:40:40 executing program 2: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000240)=0x1) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4000000010001fff000000000000010e00000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00ed"], 0x40}}, 0x0) [ 2049.803361][T10071] inactive_anon 163840 [ 2049.803361][T10071] active_anon 57344 [ 2049.803361][T10071] inactive_file 0 [ 2049.803361][T10071] active_file 0 [ 2049.803361][T10071] unevictable 0 [ 2049.803361][T10071] slab_reclaimable 15840 [ 2049.803361][T10071] slab_unreclaimable 303122504 [ 2049.803361][T10071] slab 303138344 [ 2049.803361][T10071] workingset_refault_anon 0 [ 2049.803361][T10071] workingset_refault_file 15 [ 2049.803361][T10071] workingset_activate_anon 0 [ 2049.803361][T10071] workingset_activate_file 0 01:40:40 executing program 4: bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xa, 0x101, 0x2, 0x6, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x2}, 0x48) [ 2049.899071][T10071] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=10071,uid=0 [ 2049.914386][T10071] Memory cgroup out of memory: Killed process 10071 (syz-executor.4) total-vm:46312kB, anon-rss:388kB, file-rss:8192kB, shmem-rss:0kB, UID:0 pgtables:76kB oom_score_adj:1000 01:40:40 executing program 3: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000240)=0x1) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4000000010001fff000000000000034200000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00ed"], 0x40}}, 0x0) [ 2050.281842][T10086] syz-executor.4 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 2050.292161][T10086] CPU: 1 PID: 10086 Comm: syz-executor.4 Not tainted 5.19.0-rc6-syzkaller-00104-g72a8e05d4f66-dirty #0 [ 2050.303240][T10086] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 2050.313395][T10086] Call Trace: [ 2050.316787][T10086] [ 2050.319723][T10086] dump_stack_lvl+0xd6/0x122 [ 2050.324390][T10086] dump_stack+0x11/0x12 [ 2050.328628][T10086] dump_header+0x98/0x410 [ 2050.332999][T10086] oom_kill_process+0xfe/0x550 [ 2050.337769][T10086] out_of_memory+0x620/0x880 [ 2050.342376][T10086] mem_cgroup_oom+0x475/0x4f0 [ 2050.347123][T10086] try_charge_memcg+0x746/0x960 [ 2050.352059][T10086] charge_memcg+0x63/0x2c0 [ 2050.356480][T10086] __mem_cgroup_charge+0x25/0xa0 [ 2050.361417][T10086] wp_page_copy+0x20f/0x1460 [ 2050.366060][T10086] do_wp_page+0x76f/0xe10 [ 2050.370628][T10086] handle_mm_fault+0x5fb/0xa90 [ 2050.375399][T10086] do_user_addr_fault+0x4cd/0x940 [ 2050.380438][T10086] exc_page_fault+0x60/0x160 [ 2050.385031][T10086] asm_exc_page_fault+0x22/0x30 [ 2050.389985][T10086] RIP: 0033:0x7fe837f5a340 [ 2050.394445][T10086] Code: fe ff 49 39 dc 75 eb 48 8b 44 24 18 89 28 48 83 c4 28 5b 5d 41 5c 41 5d 41 5e 41 5f c3 0f 1f 44 00 00 41 89 c5 e9 75 fe ff ff <43> 89 2c 84 e9 a3 fe ff ff 0f 1f 80 00 00 00 00 49 39 d4 74 70 48 [ 2050.414096][T10086] RSP: 002b:00007ffd964f7790 EFLAGS: 00010246 [ 2050.420307][T10086] RAX: 0000000050fff9c3 RBX: 00007fe8380beff8 RCX: 0000001b2de20000 [ 2050.428282][T10086] RDX: 0000000000000000 RSI: 0000001b2de20018 RDI: 0000000008aa79a2 [ 2050.436257][T10086] RBP: 0000000050fff9c3 R08: 00000000000019c3 R09: 0000000050fff9c7 [ 2050.444228][T10086] R10: 00007ffd964f7960 R11: 0000000000000246 R12: 00007fe8380b3000 [ 2050.452197][T10086] R13: 0000000000000001 R14: 0000000000000002 R15: ffffffff810f09fb [ 2050.460224][T10086] ? capable+0xb/0xa0 [ 2050.464308][T10086] [ 2050.467741][T10086] memory: usage 307200kB, limit 307200kB, failcnt 62921 [ 2050.474718][T10086] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 01:40:41 executing program 1: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000c80)=@bloom_filter={0x1e, 0x0, 0x5, 0x57}, 0x48) bpf$BPF_MAP_LOOKUP_AND_DELETE_BATCH(0x19, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x0, 0x0, r0}, 0x38) 01:40:41 executing program 0: getpid() socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, 0x0, 0x0, 0x2, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4000000010001fff000000090000000000000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00edd62ea20a1d331785", @ANYBLOB="f6058f6edd13b339a41741df7cc8ce16a184f1c3ce95557b15a6b9d8ed59050d446d58b1b14a601e31bc1f05ac2d5eab491981e7982e0834ddf3bc6592804936196dbce83b114f9265aa8c87654cf456311e4cba3ee22fd0451b75c902767755ccec2eb4ea77c45e8d4d4e77f867648d98797fdd8711d671c5f22669c60eb10bf9570150a2c247bf1e55cd1fb91e41588a73327e20823f2f15ce2255a75e6d8afb40aa37c5ae7af3fb6c770673242110d1e2c33cfd3264e2a156ae5ee38d5abfb2ad4c2a8a"], 0x40}}, 0x0) 01:40:41 executing program 5: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x9, 0x101, 0x2, 0x6}, 0x48) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000200), &(0x7f0000000100), 0x7fff, r0}, 0x38) 01:40:41 executing program 2: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000240)=0x1) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4000000010001fff000000000000000f00000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00ed"], 0x40}}, 0x0) 01:40:41 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001280)={0x11, 0x3, &(0x7f0000000000)=@raw=[@initr0, @jmp={0x5, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe}], &(0x7f0000000040)='syzkaller\x00', 0x2, 0x1000, &(0x7f0000000200)=""/4096, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80) [ 2050.481587][T10086] Memory cgroup stats for /syz4: [ 2050.771293][T10086] anon 110592 [ 2050.771293][T10086] file 126976 [ 2050.771293][T10086] kernel 314335232 [ 2050.771293][T10086] kernel_stack 32768 [ 2050.771293][T10086] pagetables 77824 [ 2050.771293][T10086] percpu 11039616 [ 2050.771293][T10086] sock 0 [ 2050.771293][T10086] vmalloc 0 [ 2050.771293][T10086] shmem 126976 [ 2050.771293][T10086] file_mapped 126976 [ 2050.771293][T10086] file_dirty 0 [ 2050.771293][T10086] file_writeback 0 [ 2050.771293][T10086] swapcached 0 01:40:41 executing program 1: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x9, 0x101, 0x2, 0x6}, 0x48) bpf$OBJ_GET_MAP(0x7, 0x0, 0x0) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000001200)={0x0, &(0x7f0000002280)=""/4100, &(0x7f0000000200)="de", &(0x7f0000000100), 0x7fff, r0}, 0x38) [ 2050.771293][T10086] inactive_anon 180224 [ 2050.771293][T10086] active_anon 57344 [ 2050.771293][T10086] inactive_file 0 [ 2050.771293][T10086] active_file 0 [ 2050.771293][T10086] unevictable 0 [ 2050.771293][T10086] slab_reclaimable 15840 [ 2050.771293][T10086] slab_unreclaimable 303129280 [ 2050.771293][T10086] slab 303145120 [ 2050.771293][T10086] workingset_refault_anon 0 [ 2050.771293][T10086] workingset_refault_file 15 [ 2050.771293][T10086] workingset_activate_anon 0 [ 2050.771293][T10086] workingset_activate_file 0 [ 2050.867283][T10086] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=10086,uid=0 [ 2050.882755][T10086] Memory cgroup out of memory: Killed process 10086 (syz-executor.4) total-vm:46312kB, anon-rss:388kB, file-rss:8192kB, shmem-rss:0kB, UID:0 pgtables:80kB oom_score_adj:1000 01:40:41 executing program 4: bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x5, 0x101, 0x2, 0x6}, 0x48) [ 2051.022837][T10110] syz-executor.4 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 2051.033089][T10110] CPU: 1 PID: 10110 Comm: syz-executor.4 Not tainted 5.19.0-rc6-syzkaller-00104-g72a8e05d4f66-dirty #0 [ 2051.044139][T10110] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 2051.054202][T10110] Call Trace: [ 2051.057481][T10110] [ 2051.060418][T10110] dump_stack_lvl+0xd6/0x122 [ 2051.065078][T10110] dump_stack+0x11/0x12 [ 2051.069274][T10110] dump_header+0x98/0x410 [ 2051.073673][T10110] oom_kill_process+0xfe/0x550 [ 2051.078465][T10110] out_of_memory+0x620/0x880 [ 2051.083067][T10110] mem_cgroup_oom+0x475/0x4f0 [ 2051.087754][T10110] try_charge_memcg+0x746/0x960 [ 2051.092741][T10110] charge_memcg+0x63/0x2c0 [ 2051.097165][T10110] __mem_cgroup_charge+0x25/0xa0 [ 2051.102102][T10110] do_anonymous_page+0x1d6/0xa20 [ 2051.107052][T10110] handle_mm_fault+0x8a0/0xa90 [ 2051.111867][T10110] do_user_addr_fault+0x4cd/0x940 [ 2051.116921][T10110] exc_page_fault+0x60/0x160 [ 2051.121645][T10110] asm_exc_page_fault+0x22/0x30 [ 2051.126557][T10110] RIP: 0033:0x7fe837f57d0d [ 2051.130973][T10110] Code: e0 04 8b 44 02 08 85 c0 0f 85 d0 0a 00 00 31 c0 b9 40 42 0f 00 ba 81 00 00 00 c7 06 01 00 00 00 bf ca 00 00 00 e8 e3 43 05 00 <83> 05 ec b2 56 00 01 80 bc 24 d8 00 00 00 00 0f b6 05 6f 06 0a 01 [ 2051.150605][T10110] RSP: 002b:00007ffd964f7880 EFLAGS: 00010217 [ 2051.156673][T10110] RAX: 0000000000000000 RBX: 00007fe8380bef6c RCX: 00007fe837fac109 [ 2051.164720][T10110] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007fe8380bef68 01:40:41 executing program 3: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000240)=0x1) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4000000010001fff000000000000034400000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00ed"], 0x40}}, 0x0) [ 2051.172702][T10110] RBP: 00007fe8380bef60 R08: 00007fe837722700 R09: 0000000000000000 [ 2051.180684][T10110] R10: 00007fe837722700 R11: 0000000000000246 R12: 00007fe8380bef6c [ 2051.188683][T10110] R13: 00007fe8380c3298 R14: 00007fe8380bef60 R15: 0000000000000000 [ 2051.196712][T10110] [ 2051.199761][T10110] memory: usage 307200kB, limit 307200kB, failcnt 62969 [ 2051.206714][T10110] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2051.213582][T10110] Memory cgroup stats for /syz4: [ 2051.255379][T10110] anon 98304 [ 2051.255379][T10110] file 126976 [ 2051.255379][T10110] kernel 314339328 [ 2051.255379][T10110] kernel_stack 32768 [ 2051.255379][T10110] pagetables 77824 [ 2051.255379][T10110] percpu 11039936 [ 2051.255379][T10110] sock 0 [ 2051.255379][T10110] vmalloc 0 [ 2051.255379][T10110] shmem 126976 [ 2051.255379][T10110] file_mapped 126976 [ 2051.255379][T10110] file_dirty 0 [ 2051.255379][T10110] file_writeback 0 [ 2051.255379][T10110] swapcached 0 [ 2051.255379][T10110] inactive_anon 163840 [ 2051.255379][T10110] active_anon 57344 [ 2051.255379][T10110] inactive_file 0 [ 2051.255379][T10110] active_file 0 [ 2051.255379][T10110] unevictable 0 [ 2051.255379][T10110] slab_reclaimable 15840 [ 2051.255379][T10110] slab_unreclaimable 303129280 [ 2051.255379][T10110] slab 303145120 [ 2051.255379][T10110] workingset_refault_anon 0 [ 2051.255379][T10110] workingset_refault_file 15 [ 2051.255379][T10110] workingset_activate_anon 0 [ 2051.255379][T10110] workingset_activate_file 0 [ 2051.351247][T10110] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=10110,uid=0 [ 2051.366562][T10110] Memory cgroup out of memory: Killed process 10110 (syz-executor.4) total-vm:46312kB, anon-rss:388kB, file-rss:8192kB, shmem-rss:0kB, UID:0 pgtables:80kB oom_score_adj:1000 01:40:41 executing program 4: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x9, 0x20101, 0x2, 0x6}, 0x48) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000200), &(0x7f0000000100), 0x40, r0}, 0x38) 01:40:41 executing program 0: getpid() socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, 0x0, 0x0, 0x2, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4000000010001fff0000000a0000000000000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00edd62ea20a1d331785", @ANYBLOB="f6058f6edd13b339a41741df7cc8ce16a184f1c3ce95557b15a6b9d8ed59050d446d58b1b14a601e31bc1f05ac2d5eab491981e7982e0834ddf3bc6592804936196dbce83b114f9265aa8c87654cf456311e4cba3ee22fd0451b75c902767755ccec2eb4ea77c45e8d4d4e77f867648d98797fdd8711d671c5f22669c60eb10bf9570150a2c247bf1e55cd1fb91e41588a73327e20823f2f15ce2255a75e6d8afb40aa37c5ae7af3fb6c770673242110d1e2c33cfd3264e2a156ae5ee38d5abfb2ad4c2a8a"], 0x40}}, 0x0) 01:40:42 executing program 1: r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000100)={'virt_wifi0\x00', 0x1}) 01:40:42 executing program 0: getpid() socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, 0x0, 0x0, 0x2, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4000000010001fff0000010a0000000000000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00edd62ea20a1d331785", @ANYBLOB="f6058f6edd13b339a41741df7cc8ce16a184f1c3ce95557b15a6b9d8ed59050d446d58b1b14a601e31bc1f05ac2d5eab491981e7982e0834ddf3bc6592804936196dbce83b114f9265aa8c87654cf456311e4cba3ee22fd0451b75c902767755ccec2eb4ea77c45e8d4d4e77f867648d98797fdd8711d671c5f22669c60eb10bf9570150a2c247bf1e55cd1fb91e41588a73327e20823f2f15ce2255a75e6d8afb40aa37c5ae7af3fb6c770673242110d1e2c33cfd3264e2a156ae5ee38d5abfb2ad4c2a8a"], 0x40}}, 0x0) [ 2051.828079][T10123] syz-executor.4 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 2051.838399][T10123] CPU: 1 PID: 10123 Comm: syz-executor.4 Not tainted 5.19.0-rc6-syzkaller-00104-g72a8e05d4f66-dirty #0 [ 2051.849434][T10123] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 2051.859603][T10123] Call Trace: [ 2051.862921][T10123] [ 2051.865851][T10123] dump_stack_lvl+0xd6/0x122 [ 2051.870453][T10123] dump_stack+0x11/0x12 01:40:42 executing program 5: socketpair(0x10, 0x3, 0x8000, &(0x7f0000003240)) 01:40:42 executing program 5: bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x1, 0x101, 0x2, 0x6}, 0x48) [ 2051.874612][T10123] dump_header+0x98/0x410 [ 2051.879006][T10123] oom_kill_process+0xfe/0x550 [ 2051.883790][T10123] out_of_memory+0x620/0x880 [ 2051.888397][T10123] mem_cgroup_oom+0x475/0x4f0 [ 2051.893133][T10123] try_charge_memcg+0x746/0x960 [ 2051.898008][T10123] charge_memcg+0x63/0x2c0 [ 2051.902476][T10123] __mem_cgroup_charge+0x25/0xa0 [ 2051.907433][T10123] wp_page_copy+0x20f/0x1460 [ 2051.912120][T10123] do_wp_page+0x76f/0xe10 [ 2051.916512][T10123] handle_mm_fault+0x5fb/0xa90 [ 2051.921300][T10123] do_user_addr_fault+0x4cd/0x940 01:40:42 executing program 5: r0 = io_uring_setup(0x3bf5, &(0x7f0000000000)={0x0, 0xcf74}) io_uring_register$IORING_REGISTER_EVENTFD(r0, 0x4, &(0x7f00000000c0), 0x1) [ 2051.926381][T10123] exc_page_fault+0x60/0x160 [ 2051.931043][T10123] asm_exc_page_fault+0x22/0x30 [ 2051.935917][T10123] RIP: 0033:0x7fe837f52edc [ 2051.940341][T10123] Code: 2a 59 ff ff 41 39 5c 24 2c 7f d3 31 c0 48 8d 3d c5 20 0b 00 e8 15 59 ff ff 48 8b 44 24 08 c7 44 24 1c ff ff ff ff 44 8b 60 78 80 c8 00 00 00 00 45 85 e4 0f 8e 83 00 00 00 48 8b 44 24 08 8b [ 2051.959993][T10123] RSP: 002b:00007fe837722190 EFLAGS: 00010202 [ 2051.966070][T10123] RAX: 00007fe8380bef60 RBX: 0000000000000003 RCX: 00007fe838006f5d [ 2051.974054][T10123] RDX: 00000000001e438e RSI: 0000000000000048 RDI: 00007fe838004f8b [ 2051.982381][T10123] RBP: 00007fe83800605d R08: 00007ffd96573080 R09: 0000000000000010 [ 2051.990558][T10123] R10: 00007ffd965730b8 R11: 000000000005ca2c R12: 0000000000000000 [ 2051.998565][T10123] R13: 00007ffd964f77ff R14: 00007fe837722300 R15: 0000000000022000 [ 2052.006555][T10123] [ 2052.009704][T10123] memory: usage 307200kB, limit 307200kB, failcnt 63050 [ 2052.016663][T10123] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2052.023612][T10123] Memory cgroup stats for /syz4: [ 2052.029987][T10123] anon 102400 [ 2052.029987][T10123] file 126976 [ 2052.029987][T10123] kernel 314335232 [ 2052.029987][T10123] kernel_stack 32768 [ 2052.029987][T10123] pagetables 77824 [ 2052.029987][T10123] percpu 11039616 [ 2052.029987][T10123] sock 0 [ 2052.029987][T10123] vmalloc 0 [ 2052.029987][T10123] shmem 126976 [ 2052.029987][T10123] file_mapped 126976 [ 2052.029987][T10123] file_dirty 0 [ 2052.029987][T10123] file_writeback 0 [ 2052.029987][T10123] swapcached 0 01:40:42 executing program 2: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000240)=0x1) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4000000010001fff000000000000001000000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00ed"], 0x40}}, 0x0) 01:40:42 executing program 5: r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup/syz0\x00', 0x200002, 0x0) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000080)={@cgroup=r0}, 0x10) 01:40:42 executing program 1: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x9, 0x101, 0x2, 0x6}, 0x48) bpf$MAP_DELETE_BATCH(0x1b, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x0, r0}, 0x38) [ 2052.029987][T10123] inactive_anon 172032 [ 2052.029987][T10123] active_anon 57344 [ 2052.029987][T10123] inactive_file 0 [ 2052.029987][T10123] active_file 0 [ 2052.029987][T10123] unevictable 0 [ 2052.029987][T10123] slab_reclaimable 15840 [ 2052.029987][T10123] slab_unreclaimable 303129520 [ 2052.029987][T10123] slab 303145360 [ 2052.029987][T10123] workingset_refault_anon 0 [ 2052.029987][T10123] workingset_refault_file 15 [ 2052.029987][T10123] workingset_activate_anon 0 [ 2052.029987][T10123] workingset_activate_file 0 01:40:42 executing program 5: perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x5, 0x16, &(0x7f0000000180)=ANY=[@ANYBLOB="61128c000000000061138c0000000000bf20000000000000150000006309000b2d03010000000000950000a7000000006916700000000000bf67000000000000b5060000fcff03046706000002000000170300000ef90060bf050000000000004f650000000000006507f9ff01000000470700004c0000005f75000000000000bf54000000000000070400000400f9fead4301000000000095000000000000000500000000000000950000000000000032ed3c5be9529914953170d2d7ffffff8ecf264e0f84f9f17d3c30e3c7bdd2d17f2f1754558f2278af6d71d79a5e12814cb1d8a5d4601d15871637b65f8903dc8711a0b9bdb7dd399703d6c4f6f3be4b369289aa6812b8e007e733a9a4f16d0a3e1282ee45a010fb94fc9de56c9d8a814261bd2b4a05000094742dfee78e821081762bab839dfa66810b5b40d893ea8fe0185473d51b546c087431d770000000767c955cfa1f6ab689fde4de5f63ede20271a51445dc8da39e5b0ab7010001000000009af619e3cca4d19e0dee5eb106774a8f3e6916df85aaf34c4756ad3a6d9fee0000000000000000c8fb735fd552bdc206004aeb0743eb2dc819b6cf5c8ac86d8a297dff0445a13d0045fb3cdaffa673a6bb55d8c85f21dce431e56723888fb126a163f16fb2ad9bc1172ba7cbebe174aba210d702a018f9bbec63222d20cecac4d03723f1c932b3a6aa57f1ad2e99e0e67a993716dbf580469f11294b482af97787f696649a462e7ee4bcf8b07a10d6735154beb4000004000000000000000000000000bc00f674629709e7e78f4ddc211bc3ebf0bd9d42ca019dd5d022cf74686e9fbe2562671cd47840a7afaab43176e65ec1118d46d1e827f3477523dcfa17690884f8d2001e03a651bb96589a7eab010e861bbd0000000000000000c59050647802cf86f1b4c3005f33d83f84e98a52fbbecd106425563d80bd0d0d703f37ca153f601ae899a53f6715a0a62a34b0c94cce69945205480a55c22fe394ac000000000000000000040000000000437d57defb79ea6a58b83eeed729a2f95e6a1fc3857fb51b324be00000000000000090867f7a3b9bc43717188cb8426286fc55fc57cc3c6de4aa67babf350709e282a4f2bf59f46e20465eae865dbfd533b1cb2d540d0490cd5248715c74b6bd0248a9a0b417bbdfb5351defc6e34a961f3593920437bf3cbbc04600c64acad9a04ffe62875177b51d2f0c6d7194c26789d2bec2d0846831455b8fcd03beaeca2c1335d8a49a92f9d2bef5f485c4b6f4cf710b7d19000000000000009d47d564a838bdf8901a719431a9d1ef918ec0ec79037cb61df16379e3bf2a1127c49407e8512e21080315e62559e8dd67dae85177d899d9e078f80585837f0e943b8820b19c75d243a78d8c2093c59cbc4c55f1578cff737502ea2d8dc5eee909928d0b9dc946dcb38692dcc8db84834cc7726429cb20603b5338184f9828aa802e3793c4f259d616307d8aa46ca094049c0ddc1caaed5485b4ff030000182620bcba2316f9e6df0c8647f6ff0000000000000000386096e4a4ff86042f0b42027ff933d2dfe2d5baffacc9dc2411302a185ea454af5839be28b7d040c1fe6ae0fd63fa7f32b8ab6cd6a8b8bf1b7d3e4ffeca635d84c376b03a58677dd9f8c2a6fa126c7dad3f9e939c92d63ab1cf2fbea26a60b951914aba5c0696cc64e66b9b0f2c4444f8c391c0d9b647a3be4885a055ce3879a91fb62ca97e6526286c14c80b6dc981c5ae6ebf0778ea01a3a44e01ab79bcccbb83266a1ce1a1dea83ebb89d07b4db1aa09ad2904040e7784e96cd66bda204d47b1c66d5a84e7c3de1d1062fd8a23d1b402003c177e76dbca599691164ade323ad4a17abe99975cba748bc2379eed5a83dc94947eb18976db8ba6d35bfb65a3d8b5baa9bbec017646649fa99537aa453f3e6b2acebeddb6c32a87455f351efc30260941825ba884d7db07e1212033409e62d7154cc68a7ee910e3d3470cdb781817f85373a647fd1b626035b666f224a66c0e47e15c6b836b324318507501a0f4b2cc9153167fd839a483615cbc2ad1a7d1528f01bf91b950a9bcd7d06491e1a355e476365f653d2d94ba898acbd64d70bdb364ef3adb5ba1e4d9d5002da76ccec5d5184e912aaf5a945ae000000000fb8cf0afee51c851546bb38c5ef303000000000000002ecdc2b82059750f019a418e3e8d20b6bf768a7db1f84727546f88add2f391d62b1313452553149a4634418de7eda7b2e682271c6e62f5dfaabba46560dfa410e1f334a5f60791b275368469ddc42f7712bff1689f2ffbf5268cc0572e23afd4c402b154ae94c1f65d7d4a79272945287c79b4b70183d2cde66c7225106a064a1800d777372b2b43326821d5c1c78fda699c7484f3e5fc8bbce6fb3039569646b0de22c431d90c12d48e314d8a5ef4db148110da070000002c4f7bd7f36f814ed92197fe3eb0843c2681c609231825b8a27be301142cec8a6fd85965f83ff4dd40296e5fb5678d93d0daee45c43bdb9bde9c1d1c988b909fdf78cfda5da3dc28792b10fb8f3f22ece745c074f86f471489337a9a8d9ad7f310aa50c983b490f561bc420289b6aa0fc3f43f8a4548aa9c723ce466287760f919afbb94b0410ff06071de3aa1c199f407347af666713096a422fbc70671ac08f9256ab0079c101a724136352af2895899effda7bcd127ba98521eb4b04b2a821935ee3b216190859942141fc2001ffce21fb059f9519c4804283d2ce09977842ff7309ad2c4d8f0420dfc8cdb1b37ad52985a88ca4cdc1e37715362a59f7c9c7df793d69f974399859e622ec3a1bab735a1aa489fe50619fe399eddaf92f67755cb54824685444a58731ee166ae65412709b853a5df7ce44220fc188c00291843d66e69da3744f39f5f6113fbe390b22cdbefb90ca2a51b1ff21f384e7bf076825aadaf02da77eeefb8875d630b7575e661b90eb6cd98674c92f179b2675b1f6c86712846ddae87bb3a3887b56292356270e85888c25a1c8ae958906ef6b71e1b800107da1c5608fe05d2f4265a5300000000000000007c737c9118049ae7dc000000556306f32e3ac264e9f02ffcf0318af80c83ea2020b1e1f47cfdd6097c49b5f4bb92bb9133df719f35d4bf730784f1caa8e4e16f4eeb535c059a700d5764d6c83c4a35a6ef44f135657d3d4185627fe1454d35253326d937125b6f23af7eb95bac231b84c6935a3a6d24d18f7e379db2fd5e76f92fa7154a6c155e8759eb0e7b39ef433861158bd496ecafb3d1c50294e43d5895df1a2de536f5d85e0a000049277bc09533ceead6812fdfb5ef59b15069ea0df6a3eee0484c848fe4e6e7461ffc3917e4e07d250d9459ebea5fd4e26fc04eb38e70597fcb693cb2f7506f5fd725ffa93360fb2b9feb1401e30996e1e7d14bb8db59880cde130af0a6a0e6152a6e3a8a684cabf379d4aa33c896bca694ce66659dd6e5df22910a1caca10fe3ce74f1b8156d8155a4e11d2f35674dffd223f4f0a1a7a2be83872662477884d65af42bcac801d0c667fba32e16ead8f076eed935d5998bca285c25349c6f26485902316c156eee9dcaa64f8a889abb1a890b23c7de6b2b0a6128545efc3ee8e60ea8eaf5617ec3f0bfb1e23c4f75bc2a649a886bf4d5378c58259fddea066f1d70df9633af91752bf41a0d4d0929c34472a6f7110de14267c64234b49ca299ca07ba65ce67dd46909ed693d71a5de47fe26a4eb2f4d514029b11f3f0c3ccb2403db497a55d23c25003ba864cdaf6e732f74e11d1a58e89f60267e60d79f467b181d236c9300420b30760bf861195eeb74275e9c4ed71f0e9fda02bdbf8aaa3e23a6d22dd423541b6acddf724567d4c4908391b979a1c7102f5be7ed9db7a36ecfc3b9e0ab0eedde347cc4c0255b364de463000bec5fbefb017985888ce019facc7be45b2ab04b1456da413e3f7cf345d6fed0bff086cf8c3018bd0ea78ed54c8b684c797390bf5cad492bff0d97e553e42aba229446354cb4f5825ee66870100ffd06e63c27b8a12d757210a43870a0ef4ba3bad01c492d792c1535aeff946f3415912b5abbff35d1cd17c842175357a4bc75ab4a943e06a7569fa1e1e4e017e43e8e47914d10000000000000000000000000000000027e138e599ab8fbba40d6175ada8441406c3a1e309dfd365bb737f4d9b02304f7b9ca3ce7d2e5b498eec1fb323861023d0"], &(0x7f0000000100)='GPL\x00'}, 0x48) bpf$ITER_CREATE(0x21, 0x0, 0x0) 01:40:42 executing program 3: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000240)=0x1) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4000000010001fff000000000000004800000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00ed"], 0x40}}, 0x0) 01:40:42 executing program 4: bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x2, 0x4, 0x100000, 0x1, 0x500, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x80}, 0x48) 01:40:42 executing program 1: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x1, 0x101, 0x2, 0x6}, 0x48) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000200), &(0x7f0000000100), 0x40, r0}, 0x38) [ 2052.125889][T10123] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=10122,uid=0 [ 2052.141463][T10123] Memory cgroup out of memory: Killed process 10122 (syz-executor.4) total-vm:46312kB, anon-rss:388kB, file-rss:8192kB, shmem-rss:0kB, UID:0 pgtables:80kB oom_score_adj:1000 01:40:42 executing program 1: bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x9, 0x101, 0x2, 0x6, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x2}, 0x48) [ 2052.221568][T10148] syz-executor.4 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 2052.231818][T10148] CPU: 0 PID: 10148 Comm: syz-executor.4 Not tainted 5.19.0-rc6-syzkaller-00104-g72a8e05d4f66-dirty #0 [ 2052.242981][T10148] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 2052.253058][T10148] Call Trace: [ 2052.256340][T10148] [ 2052.259269][T10148] dump_stack_lvl+0xd6/0x122 [ 2052.263898][T10148] dump_stack+0x11/0x12 [ 2052.268079][T10148] dump_header+0x98/0x410 [ 2052.272427][T10148] oom_kill_process+0xfe/0x550 [ 2052.277241][T10148] out_of_memory+0x620/0x880 [ 2052.281871][T10148] mem_cgroup_oom+0x475/0x4f0 [ 2052.286564][T10148] try_charge_memcg+0x746/0x960 [ 2052.291444][T10148] __memcg_kmem_charge_page+0x2e4/0x480 [ 2052.297004][T10148] alloc_thread_stack_node+0x292/0x360 [ 2052.302501][T10148] dup_task_struct+0x96/0x2a0 [ 2052.307206][T10148] copy_process+0x3cb/0x20b0 [ 2052.311807][T10148] kernel_clone+0x163/0x5c0 [ 2052.316392][T10148] __x64_sys_clone+0xc3/0xf0 [ 2052.321058][T10148] do_syscall_64+0x2b/0x70 [ 2052.325479][T10148] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 2052.331389][T10148] RIP: 0033:0x7fe837fad531 [ 2052.335800][T10148] Code: 48 85 ff 74 3d 48 85 f6 74 38 48 83 ee 10 48 89 4e 08 48 89 3e 48 89 d7 4c 89 c2 4d 89 c8 4c 8b 54 24 08 b8 38 00 00 00 0f 05 <48> 85 c0 7c 13 74 01 c3 31 ed 58 5f ff d0 48 89 c7 b8 3c 00 00 00 [ 2052.355474][T10148] RSP: 002b:00007ffd964f7748 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 2052.363889][T10148] RAX: ffffffffffffffda RBX: 00007fe837722700 RCX: 00007fe837fad531 [ 2052.371860][T10148] RDX: 00007fe8377229d0 RSI: 00007fe8377222f0 RDI: 00000000003d0f00 [ 2052.379835][T10148] RBP: 00007ffd964f7990 R08: 00007fe837722700 R09: 00007fe837722700 [ 2052.387841][T10148] R10: 00007fe8377229d0 R11: 0000000000000206 R12: 00007ffd964f77fe [ 2052.395858][T10148] R13: 00007ffd964f77ff R14: 00007fe837722300 R15: 0000000000022000 [ 2052.403953][T10148] [ 2052.407104][T10148] memory: usage 307196kB, limit 307200kB, failcnt 63084 [ 2052.414047][T10148] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2052.420892][T10148] Memory cgroup stats for /syz4: [ 2052.595818][T10148] anon 94208 [ 2052.595818][T10148] file 126976 [ 2052.595818][T10148] kernel 314347520 [ 2052.595818][T10148] kernel_stack 16384 [ 2052.595818][T10148] pagetables 73728 [ 2052.595818][T10148] percpu 11039616 [ 2052.595818][T10148] sock 0 [ 2052.595818][T10148] vmalloc 0 [ 2052.595818][T10148] shmem 126976 [ 2052.595818][T10148] file_mapped 126976 [ 2052.595818][T10148] file_dirty 0 [ 2052.595818][T10148] file_writeback 0 [ 2052.595818][T10148] swapcached 0 [ 2052.595818][T10148] inactive_anon 163840 [ 2052.595818][T10148] active_anon 57344 [ 2052.595818][T10148] inactive_file 0 [ 2052.595818][T10148] active_file 0 [ 2052.595818][T10148] unevictable 0 [ 2052.595818][T10148] slab_reclaimable 24848 [ 2052.595818][T10148] slab_unreclaimable 303137288 [ 2052.595818][T10148] slab 303162136 [ 2052.595818][T10148] workingset_refault_anon 0 [ 2052.595818][T10148] workingset_refault_file 15 [ 2052.595818][T10148] workingset_activate_anon 0 [ 2052.595818][T10148] workingset_activate_file 0 [ 2052.691447][T10148] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=10148,uid=0 [ 2052.706799][T10148] Memory cgroup out of memory: Killed process 10148 (syz-executor.4) total-vm:46312kB, anon-rss:388kB, file-rss:8192kB, shmem-rss:0kB, UID:0 pgtables:76kB oom_score_adj:1000 01:40:43 executing program 0: getpid() socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, 0x0, 0x0, 0x2, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4000000010001fff0000000b0000000000000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00edd62ea20a1d331785", @ANYBLOB="f6058f6edd13b339a41741df7cc8ce16a184f1c3ce95557b15a6b9d8ed59050d446d58b1b14a601e31bc1f05ac2d5eab491981e7982e0834ddf3bc6592804936196dbce83b114f9265aa8c87654cf456311e4cba3ee22fd0451b75c902767755ccec2eb4ea77c45e8d4d4e77f867648d98797fdd8711d671c5f22669c60eb10bf9570150a2c247bf1e55cd1fb91e41588a73327e20823f2f15ce2255a75e6d8afb40aa37c5ae7af3fb6c770673242110d1e2c33cfd3264e2a156ae5ee38d5abfb2ad4c2a8a"], 0x40}}, 0x0) 01:40:43 executing program 5: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x9, 0x101, 0x2, 0x6}, 0x48) bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f00000000c0)={r0, &(0x7f0000000000), 0x0}, 0x20) 01:40:43 executing program 4: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x9, 0x101, 0x2, 0x6}, 0x48) bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, 0x0, r0, 0x8}, 0x38) 01:40:43 executing program 1: bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x4, 0x16, &(0x7f0000000180)=ANY=[@ANYBLOB="611230000000000061138c0000000000bf20000000000000150000006309000b2d03010000000000950000a7000000006916700000000000bf67000000000000b5060000fcff03046706000002000000170300000ef90060bf050000000000004f650000000000006507f9ff01000000470700004c0000005f75000000000000bf54000000000000070400000400f9fead4301000000000095000000000000000500000000000000950000000000000032ed3c5be9529914953170d2d7ffffff8ecf264e0f84f9f17d3c30e3c7bdd2d17f2f1754558f2278af6d71d79a5e12814cb1d8a5d4601d15871637b65f8903dc8711a0b9bdb7dd399703d6c4f6f3be4b369289aa6812b8e007e733a9a4f16d0a3e1282ee45a010fb94fc9de56c9d8a814261bd2b4a05000094742dfee78e821081762bab839dfa66810b5b40d893ea8fe0185473d51b546c087431d770000000767c955cfa1f6ab689fde4de5f63ede20271a51445dc8da39e5b0ab7010001000000009af619e3cca4d19e0dee5eb106774a8f3e6916df85aaf34c4756ad3a6d9fee0000000000000000c8fb735fd552bdc206004aeb0743eb2dc819b6cf5c8ac86d8a297dff0445a13d0045fb3cdaffa673a6bb55d8c85f21dce431e56723888fb126a163f16fb2ad9bc1172ba7cbebe174aba210d702a018f9bbec63222d20cecac4d03723f1c932b3a6aa57f1ad2e99e0e67a993716dbf580469f11294b482af97787f696649a462e7ee4bcf8b07a10d6735154beb4000004000000000000000000000000bc00f674629709e7e78f4ddc211bc3ebf0bd9d42ca019dd5d022cf74686e9fbe2562671cd47840a7afaab43176e65ec1118d46d1e827f3477523dcfa17690884f8d2001e03a651bb96589a7eab010e861bbd0000000000000000c59050647802cf86f1b4c3005f33d83f84e98a52fbbecd106425563d80bd0d0d703f37ca153f601ae899a53f6715a0a62a34b0c94cce69945205480a55c22fe394ac000000000000000000040000000000437d57defb79ea6a58b83eeed729a2f95e6a1fc3857fb51b324be00000000000000090867f7a3b9bc43717188cb8426286fc55fc57cc3c6de4aa67babf350709e282a4f2bf59f46e20465eae865dbfd533b1cb2d540d0490cd5248715c74b6bd0248a9a0b417bbdfb5351defc6e34a961f3593920437bf3cbbc04600c64acad9a04ffe62875177b51d2f0c6d7194c26789d2bec2d0846831455b8fcd03beaeca2c1335d8a49a92f9d2bef5f485c4b6f4cf710b7d19000000000000009d47d564a838bdf8901a719431a9d1ef918ec0ec79037cb61df16379e3bf2a1127c49407e8512e21080315e62559e8dd67dae85177d899d9e078f80585837f0e943b8820b19c75d243a78d8c2093c59cbc4c55f1578cff737502ea2d8dc5eee909928d0b9dc946dcb38692dcc8db84834cc7726429cb20603b5338184f9828aa802e3793c4f259d616307d8aa46ca094049c0ddc1caaed5485b4ff030000182620bcba2316f9e6df0c8647f6ff0000000000000000386096e4a4ff86042f0b42027ff933d2dfe2d5baffacc9dc2411302a185ea454af5839be28b7d040c1fe6ae0fd63fa7f32b8ab6cd6a8b8bf1b7d3e4ffeca635d84c376b03a58677dd9f8c2a6fa126c7dad3f9e939c92d63ab1cf2fbea26a60b951914aba5c0696cc64e66b9b0f2c4444f8c391c0d9b647a3be4885a055ce3879a91fb62ca97e6526286c14c80b6dc981c5ae6ebf0778ea01a3a44e01ab79bcccbb83266a1ce1a1dea83ebb89d07b4db1aa09ad2904040e7784e96cd66bda204d47b1c66d5a84e7c3de1d1062fd8a23d1b402003c177e76dbca599691164ade323ad4a17abe99975cba748bc2379eed5a83dc94947eb18976db8ba6d35bfb65a3d8b5baa9bbec017646649fa99537aa453f3e6b2acebeddb6c32a87455f351efc30260941825ba884d7db07e1212033409e62d7154cc68a7ee910e3d3470cdb781817f85373a647fd1b626035b666f224a66c0e47e15c6b836b324318507501a0f4b2cc9153167fd839a483615cbc2ad1a7d1528f01bf91b950a9bcd7d06491e1a355e476365f653d2d94ba898acbd64d70bdb364ef3adb5ba1e4d9d5002da76ccec5d5184e912aaf5a945ae000000000fb8cf0afee51c851546bb38c5ef303000000000000002ecdc2b82059750f019a418e3e8d20b6bf768a7db1f84727546f88add2f391d62b1313452553149a4634418de7eda7b2e682271c6e62f5dfaabba46560dfa410e1f334a5f60791b275368469ddc42f7712bff1689f2ffbf5268cc0572e23afd4c402b154ae94c1f65d7d4a79272945287c79b4b70183d2cde66c7225106a064a1800d777372b2b43326821d5c1c78fda699c7484f3e5fc8bbce6fb3039569646b0de22c431d90c12d48e314d8a5ef4db148110da070000002c4f7bd7f36f814ed92197fe3eb0843c2681c609231825b8a27be301142cec8a6fd85965f83ff4dd40296e5fb5678d93d0daee45c43bdb9bde9c1d1c988b909fdf78cfda5da3dc28792b10fb8f3f22ece745c074f86f471489337a9a8d9ad7f310aa50c983b490f561bc420289b6aa0fc3f43f8a4548aa9c723ce466287760f919afbb94b0410ff06071de3aa1c199f407347af666713096a422fbc70671ac08f9256ab0079c101a724136352af2895899effda7bcd127ba98521eb4b04b2a821935ee3b216190859942141fc2001ffce21fb059f9519c4804283d2ce09977842ff7309ad2c4d8f0420dfc8cdb1b37ad52985a88ca4cdc1e37715362a59f7c9c7df793d69f974399859e622ec3a1bab735a1aa489fe50619fe399eddaf92f67755cb54824685444a58731ee166ae65412709b853a5df7ce44220fc188c00291843d66e69da3744f39f5f6113fbe390b22cdbefb90ca2a51b1ff21f384e7bf076825aadaf02da77eeefb8875d630b7575e661b90eb6cd98674c92f179b2675b1f6c86712846ddae87bb3a3887b56292356270e85888c25a1c8ae958906ef6b71e1b800107da1c5608fe05d2f4265a5300000000000000007c737c9118049ae7dc000000556306f32e3ac264e9f02ffcf0318af80c83ea2020b1e1f47cfdd6097c49b5f4bb92bb9133df719f35d4bf730784f1caa8e4e16f4eeb535c059a700d5764d6c83c4a35a6ef44f135657d3d4185627fe1454d35253326d937125b6f23af7eb95bac231b84c6935a3a6d24d18f7e379db2fd5e76f92fa7154a6c155e8759eb0e7b39ef433861158bd496ecafb3d1c50294e43d5895df1a2de536f5d85e0a000049277bc09533ceead6812fdfb5ef59b15069ea0df6a3eee0484c848fe4e6e7461ffc3917e4e07d250d9459ebea5fd4e26fc04eb38e70597fcb693cb2f7506f5fd725ffa93360fb2b9feb1401e30996e1e7d14bb8db59880cde130af0a6a0e6152a6e3a8a684cabf379d4aa33c896bca694ce66659dd6e5df22910a1caca10fe3ce74f1b8156d8155a4e11d2f35674dffd223f4f0a1a7a2be83872662477884d65af42bcac801d0c667fba32e16ead8f076eed935d5998bca285c25349c6f26485902316c156eee9dcaa64f8a889abb1a890b23c7de6b2b0a6128545efc3ee8e60ea8eaf5617ec3f0bfb1e23c4f75bc2a649a886bf4d5378c58259fddea066f1d70df9633af91752bf41a0d4d0929c34472a6f7110de14267c64234b49ca299ca07ba65ce67dd46909ed693d71a5de47fe26a4eb2f4d514029b11f3f0c3ccb2403db497a55d23c25003ba864cdaf6e732f74e11d1a58e89f60267e60d79f467b181d236c9300420b30760bf861195eeb74275e9c4ed71f0e9fda02bdbf8aaa3e23a6d22dd423541b6acddf724567d4c4908391b979a1c7102f5be7ed9db7a36ecfc3b9e0ab0eedde347cc4c0255b364de463000bec5fbefb017985888ce019facc7be45b2ab04b1456da413e3f7cf345d6fed0bff086cf8c3018bd0ea78ed54c8b684c797390bf5cad492bff0d97e553e42aba229446354cb4f5825ee66870100ffd06e63c27b8a12d757210a43870a0ef4ba3bad01c492d792c1535aeff946f3415912b5abbff35d1cd17c842175357a4bc75ab4a943e06a7569fa1e1e4e017e43e8e47914d10000000000000000000000000000000027e138e599ab8fbba40d6175ada8441406c3a1e309dfd365bb737f4d9b02304f7b9ca3ce7d2e5b498eec1fb323861023d0"], &(0x7f0000000100)='GPL\x00'}, 0x48) [ 2052.863255][T10164] syz-executor.4 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 2052.873543][T10164] CPU: 0 PID: 10164 Comm: syz-executor.4 Not tainted 5.19.0-rc6-syzkaller-00104-g72a8e05d4f66-dirty #0 [ 2052.884666][T10164] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 2052.894754][T10164] Call Trace: [ 2052.898023][T10164] [ 2052.900935][T10164] dump_stack_lvl+0xd6/0x122 [ 2052.905512][T10164] dump_stack+0x11/0x12 [ 2052.909674][T10164] dump_header+0x98/0x410 [ 2052.914053][T10164] oom_kill_process+0xfe/0x550 [ 2052.918852][T10164] out_of_memory+0x620/0x880 [ 2052.923502][T10164] mem_cgroup_oom+0x475/0x4f0 [ 2052.928209][T10164] try_charge_memcg+0x746/0x960 [ 2052.933140][T10164] __memcg_kmem_charge_page+0x2e4/0x480 [ 2052.938701][T10164] alloc_thread_stack_node+0x101/0x360 [ 2052.944226][T10164] dup_task_struct+0x96/0x2a0 [ 2052.949046][T10164] copy_process+0x3cb/0x20b0 [ 2052.953629][T10164] kernel_clone+0x163/0x5c0 [ 2052.958119][T10164] __x64_sys_clone+0xc3/0xf0 [ 2052.962765][T10164] do_syscall_64+0x2b/0x70 [ 2052.967171][T10164] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 2052.973125][T10164] RIP: 0033:0x7fe837fad531 [ 2052.977538][T10164] Code: 48 85 ff 74 3d 48 85 f6 74 38 48 83 ee 10 48 89 4e 08 48 89 3e 48 89 d7 4c 89 c2 4d 89 c8 4c 8b 54 24 08 b8 38 00 00 00 0f 05 <48> 85 c0 7c 13 74 01 c3 31 ed 58 5f ff d0 48 89 c7 b8 3c 00 00 00 [ 2052.997267][T10164] RSP: 002b:00007ffd964f7748 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 2053.005683][T10164] RAX: ffffffffffffffda RBX: 00007fe837722700 RCX: 00007fe837fad531 [ 2053.013643][T10164] RDX: 00007fe8377229d0 RSI: 00007fe8377222f0 RDI: 00000000003d0f00 [ 2053.021605][T10164] RBP: 00007ffd964f7990 R08: 00007fe837722700 R09: 00007fe837722700 [ 2053.029659][T10164] R10: 00007fe8377229d0 R11: 0000000000000206 R12: 00007ffd964f77fe [ 2053.037614][T10164] R13: 00007ffd964f77ff R14: 00007fe837722300 R15: 0000000000022000 [ 2053.045596][T10164] [ 2053.048675][T10164] memory: usage 307200kB, limit 307200kB, failcnt 63136 [ 2053.055690][T10164] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2053.062635][T10164] Memory cgroup stats for /syz4: [ 2053.064307][T10164] anon 94208 [ 2053.064307][T10164] file 126976 [ 2053.064307][T10164] kernel 314343424 [ 2053.064307][T10164] kernel_stack 16384 [ 2053.064307][T10164] pagetables 73728 [ 2053.064307][T10164] percpu 11039616 [ 2053.064307][T10164] sock 0 [ 2053.064307][T10164] vmalloc 0 [ 2053.064307][T10164] shmem 126976 [ 2053.064307][T10164] file_mapped 126976 [ 2053.064307][T10164] file_dirty 0 [ 2053.064307][T10164] file_writeback 0 [ 2053.064307][T10164] swapcached 0 [ 2053.064307][T10164] inactive_anon 143360 [ 2053.064307][T10164] active_anon 57344 [ 2053.064307][T10164] inactive_file 0 [ 2053.064307][T10164] active_file 0 [ 2053.064307][T10164] unevictable 0 [ 2053.064307][T10164] slab_reclaimable 21744 [ 2053.064307][T10164] slab_unreclaimable 303137240 [ 2053.064307][T10164] slab 303158984 [ 2053.064307][T10164] workingset_refault_anon 0 [ 2053.064307][T10164] workingset_refault_file 15 [ 2053.064307][T10164] workingset_activate_anon 0 [ 2053.064307][T10164] workingset_activate_file 0 01:40:43 executing program 2: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000240)=0x1) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4000000010001fff000000000000001100000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00ed"], 0x40}}, 0x0) 01:40:43 executing program 5: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x9, 0x101, 0x2, 0x6}, 0x48) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000001200)={0x0, &(0x7f0000002280)=""/4100, &(0x7f0000000200)="de", &(0x7f0000000100), 0x7fff, r0}, 0x38) 01:40:43 executing program 1: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001380)=@base={0x9, 0x101, 0x2, 0x6, 0x8}, 0x48) bpf$BPF_MAP_LOOKUP_AND_DELETE_BATCH(0x19, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x0, r0}, 0x38) 01:40:43 executing program 3: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000240)=0x1) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4000000010001fff000000000000014800000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00ed"], 0x40}}, 0x0) 01:40:43 executing program 4: bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x9, 0x101, 0x2, 0xfbffffc0}, 0x48) 01:40:43 executing program 1: bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x4, 0x16, &(0x7f0000000180)=ANY=[@ANYBLOB="61128c000000000061134c0000000000bf20000000000000150000006309000b2d03010000000000950000a7000000006916700000000000bf67000000000000b5060000fcff03046706000002000000170300000ef90060bf050000000000004f650000000000006507f9ff01000000470700004c0000005f75000000000000bf54000000000000070400000400f9fead4301000000000095000000000000000500000000000000950000000000000032ed3c5be9529914953170d2d7ffffff8ecf264e0f84f9f17d3c30e3c7bdd2d17f2f1754558f2278af6d71d79a5e12814cb1d8a5d4601d15871637b65f8903dc8711a0b9bdb7dd399703d6c4f6f3be4b369289aa6812b8e007e733a9a4f16d0a3e1282ee45a010fb94fc9de56c9d8a814261bd2b4a05000094742dfee78e821081762bab839dfa66810b5b40d893ea8fe0185473d51b546c087431d770000000767c955cfa1f6ab689fde4de5f63ede20271a51445dc8da39e5b0ab7010001000000009af619e3cca4d19e0dee5eb106774a8f3e6916df85aaf34c4756ad3a6d9fee0000000000000000c8fb735fd552bdc206004aeb0743eb2dc819b6cf5c8ac86d8a297dff0445a13d0045fb3cdaffa673a6bb55d8c85f21dce431e56723888fb126a163f16fb2ad9bc1172ba7cbebe174aba210d702a018f9bbec63222d20cecac4d03723f1c932b3a6aa57f1ad2e99e0e67a993716dbf580469f11294b482af97787f696649a462e7ee4bcf8b07a10d6735154beb4000004000000000000000000000000bc00f674629709e7e78f4ddc211bc3ebf0bd9d42ca019dd5d022cf74686e9fbe2562671cd47840a7afaab43176e65ec1118d46d1e827f3477523dcfa17690884f8d2001e03a651bb96589a7eab010e861bbd0000000000000000c59050647802cf86f1b4c3005f33d83f84e98a52fbbecd106425563d80bd0d0d703f37ca153f601ae899a53f6715a0a62a34b0c94cce69945205480a55c22fe394ac000000000000000000040000000000437d57defb79ea6a58b83eeed729a2f95e6a1fc3857fb51b324be00000000000000090867f7a3b9bc43717188cb8426286fc55fc57cc3c6de4aa67babf350709e282a4f2bf59f46e20465eae865dbfd533b1cb2d540d0490cd5248715c74b6bd0248a9a0b417bbdfb5351defc6e34a961f3593920437bf3cbbc04600c64acad9a04ffe62875177b51d2f0c6d7194c26789d2bec2d0846831455b8fcd03beaeca2c1335d8a49a92f9d2bef5f485c4b6f4cf710b7d19000000000000009d47d564a838bdf8901a719431a9d1ef918ec0ec79037cb61df16379e3bf2a1127c49407e8512e21080315e62559e8dd67dae85177d899d9e078f80585837f0e943b8820b19c75d243a78d8c2093c59cbc4c55f1578cff737502ea2d8dc5eee909928d0b9dc946dcb38692dcc8db84834cc7726429cb20603b5338184f9828aa802e3793c4f259d616307d8aa46ca094049c0ddc1caaed5485b4ff030000182620bcba2316f9e6df0c8647f6ff0000000000000000386096e4a4ff86042f0b42027ff933d2dfe2d5baffacc9dc2411302a185ea454af5839be28b7d040c1fe6ae0fd63fa7f32b8ab6cd6a8b8bf1b7d3e4ffeca635d84c376b03a58677dd9f8c2a6fa126c7dad3f9e939c92d63ab1cf2fbea26a60b951914aba5c0696cc64e66b9b0f2c4444f8c391c0d9b647a3be4885a055ce3879a91fb62ca97e6526286c14c80b6dc981c5ae6ebf0778ea01a3a44e01ab79bcccbb83266a1ce1a1dea83ebb89d07b4db1aa09ad2904040e7784e96cd66bda204d47b1c66d5a84e7c3de1d1062fd8a23d1b402003c177e76dbca599691164ade323ad4a17abe99975cba748bc2379eed5a83dc94947eb18976db8ba6d35bfb65a3d8b5baa9bbec017646649fa99537aa453f3e6b2acebeddb6c32a87455f351efc30260941825ba884d7db07e1212033409e62d7154cc68a7ee910e3d3470cdb781817f85373a647fd1b626035b666f224a66c0e47e15c6b836b324318507501a0f4b2cc9153167fd839a483615cbc2ad1a7d1528f01bf91b950a9bcd7d06491e1a355e476365f653d2d94ba898acbd64d70bdb364ef3adb5ba1e4d9d5002da76ccec5d5184e912aaf5a945ae000000000fb8cf0afee51c851546bb38c5ef303000000000000002ecdc2b82059750f019a418e3e8d20b6bf768a7db1f84727546f88add2f391d62b1313452553149a4634418de7eda7b2e682271c6e62f5dfaabba46560dfa410e1f334a5f60791b275368469ddc42f7712bff1689f2ffbf5268cc0572e23afd4c402b154ae94c1f65d7d4a79272945287c79b4b70183d2cde66c7225106a064a1800d777372b2b43326821d5c1c78fda699c7484f3e5fc8bbce6fb3039569646b0de22c431d90c12d48e314d8a5ef4db148110da070000002c4f7bd7f36f814ed92197fe3eb0843c2681c609231825b8a27be301142cec8a6fd85965f83ff4dd40296e5fb5678d93d0daee45c43bdb9bde9c1d1c988b909fdf78cfda5da3dc28792b10fb8f3f22ece745c074f86f471489337a9a8d9ad7f310aa50c983b490f561bc420289b6aa0fc3f43f8a4548aa9c723ce466287760f919afbb94b0410ff06071de3aa1c199f407347af666713096a422fbc70671ac08f9256ab0079c101a724136352af2895899effda7bcd127ba98521eb4b04b2a821935ee3b216190859942141fc2001ffce21fb059f9519c4804283d2ce09977842ff7309ad2c4d8f0420dfc8cdb1b37ad52985a88ca4cdc1e37715362a59f7c9c7df793d69f974399859e622ec3a1bab735a1aa489fe50619fe399eddaf92f67755cb54824685444a58731ee166ae65412709b853a5df7ce44220fc188c00291843d66e69da3744f39f5f6113fbe390b22cdbefb90ca2a51b1ff21f384e7bf076825aadaf02da77eeefb8875d630b7575e661b90eb6cd98674c92f179b2675b1f6c86712846ddae87bb3a3887b56292356270e85888c25a1c8ae958906ef6b71e1b800107da1c5608fe05d2f4265a5300000000000000007c737c9118049ae7dc000000556306f32e3ac264e9f02ffcf0318af80c83ea2020b1e1f47cfdd6097c49b5f4bb92bb9133df719f35d4bf730784f1caa8e4e16f4eeb535c059a700d5764d6c83c4a35a6ef44f135657d3d4185627fe1454d35253326d937125b6f23af7eb95bac231b84c6935a3a6d24d18f7e379db2fd5e76f92fa7154a6c155e8759eb0e7b39ef433861158bd496ecafb3d1c50294e43d5895df1a2de536f5d85e0a000049277bc09533ceead6812fdfb5ef59b15069ea0df6a3eee0484c848fe4e6e7461ffc3917e4e07d250d9459ebea5fd4e26fc04eb38e70597fcb693cb2f7506f5fd725ffa93360fb2b9feb1401e30996e1e7d14bb8db59880cde130af0a6a0e6152a6e3a8a684cabf379d4aa33c896bca694ce66659dd6e5df22910a1caca10fe3ce74f1b8156d8155a4e11d2f35674dffd223f4f0a1a7a2be83872662477884d65af42bcac801d0c667fba32e16ead8f076eed935d5998bca285c25349c6f26485902316c156eee9dcaa64f8a889abb1a890b23c7de6b2b0a6128545efc3ee8e60ea8eaf5617ec3f0bfb1e23c4f75bc2a649a886bf4d5378c58259fddea066f1d70df9633af91752bf41a0d4d0929c34472a6f7110de14267c64234b49ca299ca07ba65ce67dd46909ed693d71a5de47fe26a4eb2f4d514029b11f3f0c3ccb2403db497a55d23c25003ba864cdaf6e732f74e11d1a58e89f60267e60d79f467b181d236c9300420b30760bf861195eeb74275e9c4ed71f0e9fda02bdbf8aaa3e23a6d22dd423541b6acddf724567d4c4908391b979a1c7102f5be7ed9db7a36ecfc3b9e0ab0eedde347cc4c0255b364de463000bec5fbefb017985888ce019facc7be45b2ab04b1456da413e3f7cf345d6fed0bff086cf8c3018bd0ea78ed54c8b684c797390bf5cad492bff0d97e553e42aba229446354cb4f5825ee66870100ffd06e63c27b8a12d757210a43870a0ef4ba3bad01c492d792c1535aeff946f3415912b5abbff35d1cd17c842175357a4bc75ab4a943e06a7569fa1e1e4e017e43e8e47914d10000000000000000000000000000000027e138e599ab8fbba40d6175ada8441406c3a1e309dfd365bb737f4d9b02304f7b9ca3ce7d2e5b498eec1fb323861023d0"], &(0x7f0000000100)='GPL\x00'}, 0x48) [ 2053.160272][T10164] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=10164,uid=0 [ 2053.175557][T10164] Memory cgroup out of memory: Killed process 10164 (syz-executor.4) total-vm:46312kB, anon-rss:388kB, file-rss:8192kB, shmem-rss:0kB, UID:0 pgtables:76kB oom_score_adj:1000 [ 2053.243482][T10169] syz-executor.4 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 2053.253799][T10169] CPU: 0 PID: 10169 Comm: syz-executor.4 Not tainted 5.19.0-rc6-syzkaller-00104-g72a8e05d4f66-dirty #0 [ 2053.264838][T10169] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 2053.274968][T10169] Call Trace: [ 2053.278243][T10169] [ 2053.281249][T10169] dump_stack_lvl+0xd6/0x122 [ 2053.285962][T10169] dump_stack+0x11/0x12 [ 2053.290119][T10169] dump_header+0x98/0x410 [ 2053.294456][T10169] oom_kill_process+0xfe/0x550 [ 2053.299234][T10169] out_of_memory+0x620/0x880 [ 2053.303832][T10169] mem_cgroup_oom+0x475/0x4f0 [ 2053.308581][T10169] try_charge_memcg+0x746/0x960 [ 2053.313542][T10169] __memcg_kmem_charge_page+0x2e4/0x480 [ 2053.319099][T10169] alloc_thread_stack_node+0x101/0x360 [ 2053.324567][T10169] dup_task_struct+0x96/0x2a0 [ 2053.329334][T10169] copy_process+0x3cb/0x20b0 [ 2053.333992][T10169] kernel_clone+0x163/0x5c0 [ 2053.338537][T10169] __x64_sys_clone+0xc3/0xf0 [ 2053.343201][T10169] do_syscall_64+0x2b/0x70 [ 2053.347716][T10169] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 2053.353667][T10169] RIP: 0033:0x7fe837fad531 [ 2053.358082][T10169] Code: 48 85 ff 74 3d 48 85 f6 74 38 48 83 ee 10 48 89 4e 08 48 89 3e 48 89 d7 4c 89 c2 4d 89 c8 4c 8b 54 24 08 b8 38 00 00 00 0f 05 <48> 85 c0 7c 13 74 01 c3 31 ed 58 5f ff d0 48 89 c7 b8 3c 00 00 00 [ 2053.377775][T10169] RSP: 002b:00007ffd964f7748 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 2053.386235][T10169] RAX: ffffffffffffffda RBX: 00007fe837722700 RCX: 00007fe837fad531 [ 2053.394362][T10169] RDX: 00007fe8377229d0 RSI: 00007fe8377222f0 RDI: 00000000003d0f00 [ 2053.402339][T10169] RBP: 00007ffd964f7990 R08: 00007fe837722700 R09: 00007fe837722700 [ 2053.410312][T10169] R10: 00007fe8377229d0 R11: 0000000000000206 R12: 00007ffd964f77fe [ 2053.418295][T10169] R13: 00007ffd964f77ff R14: 00007fe837722300 R15: 0000000000022000 [ 2053.426360][T10169] [ 2053.429524][T10169] memory: usage 307200kB, limit 307200kB, failcnt 63185 [ 2053.436519][T10169] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 01:40:43 executing program 1: bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0x0) perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = bpf$MAP_CREATE(0x100000000000000, &(0x7f0000000140)=@base={0xa, 0x16, 0x8, 0x7f}, 0x48) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x2, 0xa, &(0x7f0000000680)=@framed={{0x18, 0x8}, [@func={0x85, 0x0, 0x1, 0x0, 0x6}, @map_fd={0x18, 0x0, 0x1, 0x0, r0}, @generic={0x24}, @initr0, @exit]}, &(0x7f0000000000)='GPL\x00', 0x4, 0xee, &(0x7f0000000340)=""/238, 0x0, 0xe, '\x00', 0x0, 0x7300, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80) [ 2053.443365][T10169] Memory cgroup stats for /syz4: [ 2054.960345][T10169] anon 94208 [ 2054.960345][T10169] file 126976 [ 2054.960345][T10169] kernel 314314752 [ 2054.960345][T10169] kernel_stack 16384 [ 2054.960345][T10169] pagetables 73728 [ 2054.960345][T10169] percpu 11039616 [ 2054.960345][T10169] sock 0 [ 2054.960345][T10169] vmalloc 0 [ 2054.960345][T10169] shmem 126976 [ 2054.960345][T10169] file_mapped 126976 [ 2054.960345][T10169] file_dirty 0 [ 2054.960345][T10169] file_writeback 0 [ 2054.960345][T10169] swapcached 0 [ 2054.960345][T10169] inactive_anon 163840 [ 2054.960345][T10169] active_anon 57344 [ 2054.960345][T10169] inactive_file 0 [ 2054.960345][T10169] active_file 0 [ 2054.960345][T10169] unevictable 0 [ 2054.960345][T10169] slab_reclaimable 17216 [ 2054.960345][T10169] slab_unreclaimable 303124520 [ 2054.960345][T10169] slab 303141736 [ 2054.960345][T10169] workingset_refault_anon 0 [ 2054.960345][T10169] workingset_refault_file 15 [ 2054.960345][T10169] workingset_activate_anon 0 [ 2054.960345][T10169] workingset_activate_file 0 [ 2055.056024][T10169] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=10169,uid=0 [ 2055.071344][T10169] Memory cgroup out of memory: Killed process 10169 (syz-executor.4) total-vm:46312kB, anon-rss:388kB, file-rss:8192kB, shmem-rss:0kB, UID:0 pgtables:76kB oom_score_adj:1000 01:40:45 executing program 1: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x9, 0x101, 0x2, 0x6}, 0x48) bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f0000000140)={&(0x7f0000000000)='w', 0x0, 0x0, 0x0, 0x7fff, r0}, 0x38) 01:40:45 executing program 0: getpid() socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, 0x0, 0x0, 0x2, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4000000010001fff0000000c0000000000000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00edd62ea20a1d331785", @ANYBLOB="f6058f6edd13b339a41741df7cc8ce16a184f1c3ce95557b15a6b9d8ed59050d446d58b1b14a601e31bc1f05ac2d5eab491981e7982e0834ddf3bc6592804936196dbce83b114f9265aa8c87654cf456311e4cba3ee22fd0451b75c902767755ccec2eb4ea77c45e8d4d4e77f867648d98797fdd8711d671c5f22669c60eb10bf9570150a2c247bf1e55cd1fb91e41588a73327e20823f2f15ce2255a75e6d8afb40aa37c5ae7af3fb6c770673242110d1e2c33cfd3264e2a156ae5ee38d5abfb2ad4c2a8a"], 0x40}}, 0x0) 01:40:45 executing program 4: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x9, 0x9, 0x2, 0x6}, 0x48) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000080), &(0x7f0000000100), 0x100, r0}, 0x38) 01:40:45 executing program 1: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x9, 0x101, 0x2, 0x6}, 0x48) bpf$MAP_LOOKUP_BATCH(0x1a, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, 0x7fff, r0}, 0x38) 01:40:45 executing program 1: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x9, 0x101, 0x2, 0x6}, 0x48) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000200)="de", &(0x7f0000000100), 0x7fff, r0}, 0x38) [ 2055.282703][T10188] syz-executor.4 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 2055.293038][T10188] CPU: 1 PID: 10188 Comm: syz-executor.4 Not tainted 5.19.0-rc6-syzkaller-00104-g72a8e05d4f66-dirty #0 [ 2055.304709][T10188] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 2055.314766][T10188] Call Trace: [ 2055.318046][T10188] [ 2055.320971][T10188] dump_stack_lvl+0xd6/0x122 [ 2055.325581][T10188] dump_stack+0x11/0x12 [ 2055.329756][T10188] dump_header+0x98/0x410 [ 2055.334097][T10188] oom_kill_process+0xfe/0x550 [ 2055.338870][T10188] out_of_memory+0x620/0x880 [ 2055.343647][T10188] mem_cgroup_oom+0x475/0x4f0 [ 2055.348374][T10188] try_charge_memcg+0x746/0x960 [ 2055.353243][T10188] charge_memcg+0x63/0x2c0 [ 2055.357749][T10188] __mem_cgroup_charge+0x25/0xa0 [ 2055.362703][T10188] wp_page_copy+0x20f/0x1460 [ 2055.367338][T10188] ? shrink_zones+0x525/0x5d0 [ 2055.372039][T10188] do_wp_page+0x76f/0xe10 [ 2055.376386][T10188] handle_mm_fault+0x5fb/0xa90 [ 2055.381209][T10188] do_user_addr_fault+0x4cd/0x940 [ 2055.386253][T10188] exc_page_fault+0x60/0x160 [ 2055.390913][T10188] asm_exc_page_fault+0x22/0x30 [ 2055.395886][T10188] RIP: 0033:0x7fe837f5a340 [ 2055.400306][T10188] Code: fe ff 49 39 dc 75 eb 48 8b 44 24 18 89 28 48 83 c4 28 5b 5d 41 5c 41 5d 41 5e 41 5f c3 0f 1f 44 00 00 41 89 c5 e9 75 fe ff ff <43> 89 2c 84 e9 a3 fe ff ff 0f 1f 80 00 00 00 00 49 39 d4 74 70 48 [ 2055.419962][T10188] RSP: 002b:00007ffd964f7790 EFLAGS: 00010246 [ 2055.426032][T10188] RAX: 0000000050fff9c3 RBX: 00007fe8380beff8 RCX: 0000001b2de20000 [ 2055.434002][T10188] RDX: 0000000000000000 RSI: 0000001b2de20018 RDI: 0000000008aa79a2 [ 2055.441978][T10188] RBP: 0000000050fff9c3 R08: 00000000000019c3 R09: 0000000050fff9c7 [ 2055.449978][T10188] R10: 00007ffd964f7960 R11: 0000000000000246 R12: 00007fe8380b3000 [ 2055.458028][T10188] R13: 0000000000000001 R14: 0000000000000002 R15: ffffffff810f09fb [ 2055.466043][T10188] ? capable+0xb/0xa0 [ 2055.470037][T10188] [ 2055.473208][T10188] memory: usage 307200kB, limit 307200kB, failcnt 63215 [ 2055.480296][T10188] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2055.487160][T10188] Memory cgroup stats for /syz4: [ 2055.490880][T10188] anon 114688 [ 2055.490880][T10188] file 126976 [ 2055.490880][T10188] kernel 314327040 [ 2055.490880][T10188] kernel_stack 32768 [ 2055.490880][T10188] pagetables 77824 [ 2055.490880][T10188] percpu 11039744 [ 2055.490880][T10188] sock 0 [ 2055.490880][T10188] vmalloc 0 [ 2055.490880][T10188] shmem 126976 [ 2055.490880][T10188] file_mapped 126976 [ 2055.490880][T10188] file_dirty 0 [ 2055.490880][T10188] file_writeback 0 [ 2055.490880][T10188] swapcached 0 [ 2055.490880][T10188] inactive_anon 184320 [ 2055.490880][T10188] active_anon 57344 [ 2055.490880][T10188] inactive_file 0 [ 2055.490880][T10188] active_file 0 [ 2055.490880][T10188] unevictable 0 [ 2055.490880][T10188] slab_reclaimable 16040 [ 2055.490880][T10188] slab_unreclaimable 303124632 [ 2055.490880][T10188] slab 303140672 [ 2055.490880][T10188] workingset_refault_anon 0 [ 2055.490880][T10188] workingset_refault_file 15 [ 2055.490880][T10188] workingset_activate_anon 0 [ 2055.490880][T10188] workingset_activate_file 0 [ 2055.586585][T10188] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=10188,uid=0 [ 2055.601914][T10188] Memory cgroup out of memory: Killed process 10188 (syz-executor.4) total-vm:46312kB, anon-rss:388kB, file-rss:8192kB, shmem-rss:0kB, UID:0 pgtables:80kB oom_score_adj:1000 01:40:46 executing program 2: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000240)=0x1) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4000000010001fff000000000000001200000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00ed"], 0x40}}, 0x0) 01:40:46 executing program 5: bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x9, 0x6, 0x2, 0xfff}, 0x48) 01:40:46 executing program 4: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x9, 0x101, 0x2, 0x6}, 0x48) bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, 0x7fff, r0}, 0x38) 01:40:46 executing program 3: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000240)=0x1) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4000000010001fff000000000000004a00000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00ed"], 0x40}}, 0x0) 01:40:46 executing program 5: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000040)={0x0, 0xffffffffffffffff, 0x0, 0x1ab, &(0x7f00000003c0)='bdev!)-%+wlan\x00posi\x19Mx_dxl_accesszQ\tU\x97\x12=J\xd5\x8b;YE\xec\x8c;\xf7\xcc\xa7\x8b6\n\xbe\x01\x01\xae\xb6\f4\x87\xd9j\xd8\x0e\xc2\x10\xb1\x7f\x95\x01fE\xaea\x10\x8f\xac\xa9+V\x863Hhk{2\x00\x14I\xf7\xd6\xcd)\x05\x87q6\xed~\xd0\xb2\xf8\x8d\xaa\b\xe4\"\x1c\xbf\x8f_[\x17@\xe5\xec\x10\a\xb95w\x8by}/\x8cw\xe6\x99\xfe \x84]8\x940U\xb3E;\xff\xa1!\x9a\x87\x88\x02\xbf\xab\x97B\xd9\x06\xf2\n\xf7\x1f\xd8v\x7fD\xf2\x87\xf7}V\x89}\xf0\xb7\x8d\x85\xf6\x9b\xcc\xd3Lh.\r\xd3J\"\x1f\xdeW;F.\xdf$\xee\x18\x0e5\xa1\xfcN\x88`\xbbj,q[\x90/\x9b\xf0\xccr\xc1\xa8\x85E\x85p+\xd1\xbe\x10\rgx\xb8\x93k\x8c\x1dTi\xafq\xde\x06/ \x93O.\xe5<0\xfa\b\x82\xe4c&\x99\xd6psf\xa8\xacjh9\x8bk\x8f\n$\xf2\x06#\xc8\xd2\x00\x00w\x03,\xbb\xed\xf1o\xd8\x19\xd2\x1d\xbb\xd3\x18E\x0e&\x83\xdfWL?P$\xb4a\f\x154\xdd\xacx\x91<\x97\x13\xab\xe2\xdd\n\x13\x19\xb9U\n\xb5\xb6\xffBQ\x80\xe6\xe6\xaf\xc8\x15_>\xe6\xfc\xb9R\x06\xcd/\x87\x11\xf1\xb9\xbe&,c\xfd3\xc4\xeaP\x9b\xdf5\xcc\xa4RDx\xad\xc0\x8f|\xe3u\xbe\x1e\xd5\xa6\xcc\xb8\x86\x8b0\'\xcc\x01\x9bQ/\xf9\xa7vfa\xdf!\x1axt\xd1\r\xd9&MC\xcc,2\xce\xd2kCJ\x10\x88\xc5#\x92\xa32)2\xd3\xa02q\xdb\xe4\xe3\x97\x9d\xbc\xc9\xf8G'}, 0x30) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18000000000000000000000020306800850000000700000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80) perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x77fc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x5}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000600)={0x3, 0x80, 0x40, 0x4, 0x5, 0x0, 0x0, 0xfffffffffffffffc, 0x41090, 0x4, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x4, @perf_bp={&(0x7f0000000280)}, 0x12, 0x400, 0x6, 0x8, 0x0, 0x7, 0x0, 0x0, 0x3}, 0xffffffffffffffff, 0x0, r0, 0x1) write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000300)={[{0x2b, 'cpuacct'}, {0x2b, 'blkio'}, {0x2d, 'cpuacct'}, {0x2d, 'pids'}, {0x2b, 'rdma'}, {0x2b, 'freezer'}, {0x2d, 'hugetlb'}]}, 0x37) openat$cgroup_type(0xffffffffffffffff, &(0x7f0000000000), 0x2, 0x0) openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x26e1, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000380)='ext4_ext_show_extent\x00', r1}, 0x10) ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x4030582a, &(0x7f0000000040)) 01:40:46 executing program 0: getpid() socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, 0x0, 0x0, 0x2, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4000000010001fff0000000d0000000000000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00edd62ea20a1d331785", @ANYBLOB="f6058f6edd13b339a41741df7cc8ce16a184f1c3ce95557b15a6b9d8ed59050d446d58b1b14a601e31bc1f05ac2d5eab491981e7982e0834ddf3bc6592804936196dbce83b114f9265aa8c87654cf456311e4cba3ee22fd0451b75c902767755ccec2eb4ea77c45e8d4d4e77f867648d98797fdd8711d671c5f22669c60eb10bf9570150a2c247bf1e55cd1fb91e41588a73327e20823f2f15ce2255a75e6d8afb40aa37c5ae7af3fb6c770673242110d1e2c33cfd3264e2a156ae5ee38d5abfb2ad4c2a8a"], 0x40}}, 0x0) [ 2055.737056][T10200] syz-executor.4 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 2055.747374][T10200] CPU: 0 PID: 10200 Comm: syz-executor.4 Not tainted 5.19.0-rc6-syzkaller-00104-g72a8e05d4f66-dirty #0 [ 2055.758405][T10200] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 2055.768480][T10200] Call Trace: [ 2055.771847][T10200] [ 2055.774804][T10200] dump_stack_lvl+0xd6/0x122 [ 2055.779407][T10200] dump_stack+0x11/0x12 [ 2055.783609][T10200] dump_header+0x98/0x410 [ 2055.787945][T10200] oom_kill_process+0xfe/0x550 [ 2055.792791][T10200] out_of_memory+0x620/0x880 [ 2055.797553][T10200] mem_cgroup_oom+0x475/0x4f0 [ 2055.802366][T10200] try_charge_memcg+0x746/0x960 [ 2055.807271][T10200] charge_memcg+0x63/0x2c0 [ 2055.811691][T10200] __mem_cgroup_charge+0x25/0xa0 [ 2055.816627][T10200] wp_page_copy+0x20f/0x1460 [ 2055.821224][T10200] ? shrink_zones+0x525/0x5d0 [ 2055.825910][T10200] do_wp_page+0x76f/0xe10 [ 2055.830243][T10200] handle_mm_fault+0x5fb/0xa90 [ 2055.835017][T10200] do_user_addr_fault+0x4cd/0x940 [ 2055.840087][T10200] exc_page_fault+0x60/0x160 [ 2055.844696][T10200] asm_exc_page_fault+0x22/0x30 [ 2055.849562][T10200] RIP: 0033:0x7fe837f5a340 [ 2055.853981][T10200] Code: fe ff 49 39 dc 75 eb 48 8b 44 24 18 89 28 48 83 c4 28 5b 5d 41 5c 41 5d 41 5e 41 5f c3 0f 1f 44 00 00 41 89 c5 e9 75 fe ff ff <43> 89 2c 84 e9 a3 fe ff ff 0f 1f 80 00 00 00 00 49 39 d4 74 70 48 [ 2055.873596][T10200] RSP: 002b:00007ffd964f7790 EFLAGS: 00010246 [ 2055.879710][T10200] RAX: 000000004186ca56 RBX: 00007fe8380beff8 RCX: 0000001b2de20000 [ 2055.887686][T10200] RDX: 0000000000000000 RSI: 0000001b2de20018 RDI: 0000000000000022 [ 2055.895658][T10200] RBP: 000000004186ca56 R08: 0000000000000a56 R09: 000000004186ca5a [ 2055.903721][T10200] R10: 00007ffd964f7960 R11: 0000000000000246 R12: 00007fe8380b3000 [ 2055.911692][T10200] R13: 0000000000000001 R14: 0000000000000000 R15: ffffffff812f833c [ 2055.919697][T10200] ? __x64_sys_bpf+0xc/0x50 [ 2055.924215][T10200] [ 2055.927330][T10200] memory: usage 307200kB, limit 307200kB, failcnt 63281 [ 2055.934280][T10200] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2055.941125][T10200] Memory cgroup stats for /syz4: [ 2056.124794][T10200] anon 106496 [ 2056.124794][T10200] file 126976 [ 2056.124794][T10200] kernel 314339328 [ 2056.124794][T10200] kernel_stack 32768 [ 2056.124794][T10200] pagetables 77824 [ 2056.124794][T10200] percpu 11039744 [ 2056.124794][T10200] sock 0 [ 2056.124794][T10200] vmalloc 0 [ 2056.124794][T10200] shmem 126976 [ 2056.124794][T10200] file_mapped 126976 [ 2056.124794][T10200] file_dirty 0 [ 2056.124794][T10200] file_writeback 0 [ 2056.124794][T10200] swapcached 0 [ 2056.124794][T10200] inactive_anon 176128 [ 2056.124794][T10200] active_anon 57344 [ 2056.124794][T10200] inactive_file 0 [ 2056.124794][T10200] active_file 0 [ 2056.124794][T10200] unevictable 0 [ 2056.124794][T10200] slab_reclaimable 16040 [ 2056.124794][T10200] slab_unreclaimable 303132768 [ 2056.124794][T10200] slab 303148808 [ 2056.124794][T10200] workingset_refault_anon 0 [ 2056.124794][T10200] workingset_refault_file 15 [ 2056.124794][T10200] workingset_activate_anon 0 [ 2056.124794][T10200] workingset_activate_file 0 [ 2056.220600][T10200] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=10200,uid=0 [ 2056.235935][T10200] Memory cgroup out of memory: Killed process 10200 (syz-executor.4) total-vm:46312kB, anon-rss:388kB, file-rss:8192kB, shmem-rss:0kB, UID:0 pgtables:80kB oom_score_adj:1000 01:40:46 executing program 4: socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000019c0)) [ 2056.321357][T10213] syz-executor.4 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 2056.331638][T10213] CPU: 0 PID: 10213 Comm: syz-executor.4 Not tainted 5.19.0-rc6-syzkaller-00104-g72a8e05d4f66-dirty #0 [ 2056.343017][T10213] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 2056.353065][T10213] Call Trace: [ 2056.356338][T10213] [ 2056.359293][T10213] dump_stack_lvl+0xd6/0x122 [ 2056.363898][T10213] dump_stack+0x11/0x12 [ 2056.368129][T10213] dump_header+0x98/0x410 [ 2056.372453][T10213] oom_kill_process+0xfe/0x550 [ 2056.377285][T10213] out_of_memory+0x620/0x880 [ 2056.381918][T10213] mem_cgroup_oom+0x475/0x4f0 [ 2056.386589][T10213] try_charge_memcg+0x746/0x960 [ 2056.391447][T10213] __memcg_kmem_charge_page+0x2e4/0x480 [ 2056.397120][T10213] alloc_thread_stack_node+0x101/0x360 [ 2056.404149][T10213] dup_task_struct+0x96/0x2a0 [ 2056.408869][T10213] copy_process+0x3cb/0x20b0 [ 2056.413491][T10213] ? handle_mm_fault+0x7a9/0xa90 [ 2056.418425][T10213] kernel_clone+0x163/0x5c0 [ 2056.422967][T10213] __x64_sys_clone+0xc3/0xf0 [ 2056.427645][T10213] do_syscall_64+0x2b/0x70 [ 2056.432071][T10213] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 2056.437980][T10213] RIP: 0033:0x7fe837fad531 [ 2056.442386][T10213] Code: 48 85 ff 74 3d 48 85 f6 74 38 48 83 ee 10 48 89 4e 08 48 89 3e 48 89 d7 4c 89 c2 4d 89 c8 4c 8b 54 24 08 b8 38 00 00 00 0f 05 <48> 85 c0 7c 13 74 01 c3 31 ed 58 5f ff d0 48 89 c7 b8 3c 00 00 00 [ 2056.462114][T10213] RSP: 002b:00007ffd964f7748 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 2056.470543][T10213] RAX: ffffffffffffffda RBX: 00007fe837722700 RCX: 00007fe837fad531 [ 2056.478591][T10213] RDX: 00007fe8377229d0 RSI: 00007fe8377222f0 RDI: 00000000003d0f00 [ 2056.486633][T10213] RBP: 00007ffd964f7990 R08: 00007fe837722700 R09: 00007fe837722700 [ 2056.494606][T10213] R10: 00007fe8377229d0 R11: 0000000000000206 R12: 00007ffd964f77fe [ 2056.502629][T10213] R13: 00007ffd964f77ff R14: 00007fe837722300 R15: 0000000000022000 [ 2056.510606][T10213] [ 2056.513756][T10213] memory: usage 307200kB, limit 307200kB, failcnt 63321 [ 2056.520702][T10213] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2056.527577][T10213] Memory cgroup stats for /syz4: [ 2056.542462][T10213] anon 90112 [ 2056.542462][T10213] file 126976 [ 2056.542462][T10213] kernel 314351616 [ 2056.542462][T10213] kernel_stack 16384 [ 2056.542462][T10213] pagetables 65536 [ 2056.542462][T10213] percpu 11039616 [ 2056.542462][T10213] sock 0 [ 2056.542462][T10213] vmalloc 0 [ 2056.542462][T10213] shmem 126976 [ 2056.542462][T10213] file_mapped 126976 [ 2056.542462][T10213] file_dirty 0 [ 2056.542462][T10213] file_writeback 0 [ 2056.542462][T10213] swapcached 0 [ 2056.542462][T10213] inactive_anon 114688 [ 2056.542462][T10213] active_anon 57344 [ 2056.542462][T10213] inactive_file 0 [ 2056.542462][T10213] active_file 0 [ 2056.542462][T10213] unevictable 0 [ 2056.542462][T10213] slab_reclaimable 33320 [ 2056.542462][T10213] slab_unreclaimable 303142096 [ 2056.542462][T10213] slab 303175416 01:40:46 executing program 1: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000001100), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000100)={'syzkaller1\x00', 0x2}) 01:40:46 executing program 5: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x9, 0x101, 0x2, 0x6}, 0x48) bpf$OBJ_GET_MAP(0x7, &(0x7f0000000400)={&(0x7f00000003c0)='./file0\x00'}, 0x10) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000001200)={0x0, &(0x7f0000002280)=""/4100, &(0x7f0000000200)="de", &(0x7f0000000100), 0x40, r0}, 0x38) 01:40:46 executing program 1: r0 = io_uring_setup(0x49c1, &(0x7f0000000000)) mmap$IORING_OFF_SQES(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0xc, 0x11, r0, 0x10000000) [ 2056.542462][T10213] workingset_refault_anon 0 [ 2056.542462][T10213] workingset_refault_file 15 [ 2056.542462][T10213] workingset_activate_anon 0 [ 2056.542462][T10213] workingset_activate_file 0 [ 2056.604252][ T24] audit: type=1400 audit(1657676446.971:570): avc: denied { execute } for pid=10219 comm="syz-executor.1" path="anon_inode:[io_uring]" dev="anon_inodefs" ino=307177 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1 01:40:47 executing program 1: openat$null(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0) 01:40:47 executing program 1: keyctl$instantiate(0x1c, 0x0, 0x0, 0x0, 0xfffffffffffffffc) [ 2056.638571][T10213] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=10213,uid=0 [ 2056.678895][T10213] Memory cgroup out of memory: Killed process 10213 (syz-executor.4) total-vm:46312kB, anon-rss:388kB, file-rss:8192kB, shmem-rss:0kB, UID:0 pgtables:68kB oom_score_adj:1000 01:40:47 executing program 2: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000240)=0x1) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4000000010001fff000000000000001a00000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00ed"], 0x40}}, 0x0) 01:40:47 executing program 4: bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x9, 0x80101, 0x2, 0x6, 0x0, 0x1}, 0x48) 01:40:47 executing program 1: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000001100), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000000)={'veth1_to_bridge\x00', 0x2}) 01:40:47 executing program 5: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x9, 0x101, 0x2, 0x6}, 0x48) bpf$MAP_GET_NEXT_KEY(0x15, &(0x7f00000005c0)={r0, &(0x7f00000004c0), 0x0}, 0x20) 01:40:47 executing program 3: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000240)=0x1) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4000000010001fff000000000000004c00000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00ed"], 0x40}}, 0x0) 01:40:47 executing program 0: getpid() socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, 0x0, 0x0, 0x2, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4000000010001fff0000000e0000000000000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00edd62ea20a1d331785", @ANYBLOB="f6058f6edd13b339a41741df7cc8ce16a184f1c3ce95557b15a6b9d8ed59050d446d58b1b14a601e31bc1f05ac2d5eab491981e7982e0834ddf3bc6592804936196dbce83b114f9265aa8c87654cf456311e4cba3ee22fd0451b75c902767755ccec2eb4ea77c45e8d4d4e77f867648d98797fdd8711d671c5f22669c60eb10bf9570150a2c247bf1e55cd1fb91e41588a73327e20823f2f15ce2255a75e6d8afb40aa37c5ae7af3fb6c770673242110d1e2c33cfd3264e2a156ae5ee38d5abfb2ad4c2a8a"], 0x40}}, 0x0) 01:40:47 executing program 5: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x9, 0x101, 0x2, 0x6}, 0x48) bpf$MAP_GET_NEXT_KEY(0x15, &(0x7f00000005c0)={r0, 0x0, 0x0}, 0x20) 01:40:47 executing program 1: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x9, 0x101, 0x2, 0x6}, 0x48) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x0, r0, 0x4}, 0x38) 01:40:47 executing program 1: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x9, 0x101, 0x2, 0x6}, 0x48) sendmsg$sock(r0, 0x0, 0x0) 01:40:47 executing program 5: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x9, 0x20101, 0x2, 0x6}, 0x48) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000200), &(0x7f0000000100), 0x40, r0}, 0x38) bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f00000000c0)={r0, &(0x7f0000000000), &(0x7f0000000080)=""/1}, 0x20) [ 2056.870355][T10234] syz-executor.4 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 2056.880751][T10234] CPU: 0 PID: 10234 Comm: syz-executor.4 Not tainted 5.19.0-rc6-syzkaller-00104-g72a8e05d4f66-dirty #0 [ 2056.891893][T10234] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 2056.901971][T10234] Call Trace: [ 2056.905250][T10234] [ 2056.908215][T10234] dump_stack_lvl+0xd6/0x122 [ 2056.912827][T10234] dump_stack+0x11/0x12 [ 2056.917000][T10234] dump_header+0x98/0x410 [ 2056.921341][T10234] oom_kill_process+0xfe/0x550 [ 2056.926120][T10234] out_of_memory+0x620/0x880 [ 2056.930875][T10234] mem_cgroup_oom+0x475/0x4f0 [ 2056.935556][T10234] try_charge_memcg+0x746/0x960 [ 2056.940416][T10234] __memcg_kmem_charge_page+0x2e4/0x480 [ 2056.945976][T10234] alloc_thread_stack_node+0x292/0x360 [ 2056.951452][T10234] dup_task_struct+0x96/0x2a0 [ 2056.956173][T10234] copy_process+0x3cb/0x20b0 [ 2056.960867][T10234] kernel_clone+0x163/0x5c0 [ 2056.965455][T10234] __x64_sys_clone+0xc3/0xf0 [ 2056.970054][T10234] do_syscall_64+0x2b/0x70 [ 2056.974520][T10234] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 2056.980503][T10234] RIP: 0033:0x7fe837fad531 [ 2056.985049][T10234] Code: 48 85 ff 74 3d 48 85 f6 74 38 48 83 ee 10 48 89 4e 08 48 89 3e 48 89 d7 4c 89 c2 4d 89 c8 4c 8b 54 24 08 b8 38 00 00 00 0f 05 <48> 85 c0 7c 13 74 01 c3 31 ed 58 5f ff d0 48 89 c7 b8 3c 00 00 00 [ 2057.004665][T10234] RSP: 002b:00007ffd964f7748 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 2057.013087][T10234] RAX: ffffffffffffffda RBX: 00007fe837722700 RCX: 00007fe837fad531 01:40:47 executing program 1: bpf$MAP_LOOKUP_BATCH(0xa, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x8}, 0x38) [ 2057.021082][T10234] RDX: 00007fe8377229d0 RSI: 00007fe8377222f0 RDI: 00000000003d0f00 [ 2057.029063][T10234] RBP: 00007ffd964f7990 R08: 00007fe837722700 R09: 00007fe837722700 [ 2057.037046][T10234] R10: 00007fe8377229d0 R11: 0000000000000206 R12: 00007ffd964f77fe [ 2057.045017][T10234] R13: 00007ffd964f77ff R14: 00007fe837722300 R15: 0000000000022000 [ 2057.052995][T10234] [ 2057.056068][T10234] memory: usage 307200kB, limit 307200kB, failcnt 63374 [ 2057.063101][T10234] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2057.069997][T10234] Memory cgroup stats for /syz4: [ 2058.466161][T10234] anon 94208 [ 2058.466161][T10234] file 126976 [ 2058.466161][T10234] kernel 314322944 [ 2058.466161][T10234] kernel_stack 16384 [ 2058.466161][T10234] pagetables 73728 [ 2058.466161][T10234] percpu 11039616 [ 2058.466161][T10234] sock 0 [ 2058.466161][T10234] vmalloc 0 [ 2058.466161][T10234] shmem 126976 [ 2058.466161][T10234] file_mapped 126976 [ 2058.466161][T10234] file_dirty 0 [ 2058.466161][T10234] file_writeback 0 [ 2058.466161][T10234] swapcached 0 [ 2058.466161][T10234] inactive_anon 163840 [ 2058.466161][T10234] active_anon 57344 [ 2058.466161][T10234] inactive_file 0 [ 2058.466161][T10234] active_file 0 [ 2058.466161][T10234] unevictable 0 [ 2058.466161][T10234] slab_reclaimable 21344 [ 2058.466161][T10234] slab_unreclaimable 303123488 [ 2058.466161][T10234] slab 303144832 [ 2058.466161][T10234] workingset_refault_anon 0 [ 2058.466161][T10234] workingset_refault_file 15 [ 2058.466161][T10234] workingset_activate_anon 0 [ 2058.466161][T10234] workingset_activate_file 0 01:40:48 executing program 3: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000240)=0x1) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4000000010001fff000000000000025800000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00ed"], 0x40}}, 0x0) [ 2058.562051][T10234] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=10234,uid=0 [ 2058.577402][T10234] Memory cgroup out of memory: Killed process 10234 (syz-executor.4) total-vm:46312kB, anon-rss:388kB, file-rss:8192kB, shmem-rss:0kB, UID:0 pgtables:76kB oom_score_adj:1000 01:40:49 executing program 4: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x9, 0x101, 0x2, 0x6}, 0x48) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000a80)={0x0, 0x0, &(0x7f0000000880), &(0x7f0000000980), 0x4, r0}, 0x38) 01:40:49 executing program 5: socketpair(0x2, 0x1, 0x40, &(0x7f0000000000)) 01:40:49 executing program 1: bpf$MAP_CREATE(0x1300000000000000, &(0x7f0000000180)=@base={0x9, 0x101, 0x2, 0x6, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x2}, 0x48) 01:40:49 executing program 2: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000240)=0x1) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4000000010001fff000000000000021a00000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00ed"], 0x40}}, 0x0) 01:40:49 executing program 0: getpid() socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, 0x0, 0x0, 0x2, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4000000010001fff0000010e0000000000000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00edd62ea20a1d331785", @ANYBLOB="f6058f6edd13b339a41741df7cc8ce16a184f1c3ce95557b15a6b9d8ed59050d446d58b1b14a601e31bc1f05ac2d5eab491981e7982e0834ddf3bc6592804936196dbce83b114f9265aa8c87654cf456311e4cba3ee22fd0451b75c902767755ccec2eb4ea77c45e8d4d4e77f867648d98797fdd8711d671c5f22669c60eb10bf9570150a2c247bf1e55cd1fb91e41588a73327e20823f2f15ce2255a75e6d8afb40aa37c5ae7af3fb6c770673242110d1e2c33cfd3264e2a156ae5ee38d5abfb2ad4c2a8a"], 0x40}}, 0x0) 01:40:49 executing program 1: r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, &(0x7f0000000400)=ANY=[@ANYBLOB="bf16000000000000b70700000100f0ff5070000000000000200000000000c00095000000000000002ba728041598d6fbd30cb599e83d24a3aa81d36bb3010100bd2321afb56fa54f26fb0b71d0e6adfefcf1d8f7faf75e0f226bd99eea7960717142fa9ea4318123741c4a0e168c1886d0d4d94f2f4e345c652fbc16ee988e6e0dc8cedf3ce99fbfbf9b0a4def23d410f6296b32a834388107200759cda9036b4e369a9e152ddcc7b1b85f3c4744aeaccd3641110bec4e9027a0c8055bbfc3a96d2e8910c2c3b35967dec6e802f5ab3eea57b09a2ed4048d3b867ddd58211d6ececb0cd2b6d357b85a0218ce740068725837079e468ee207d2f73902fbcfcf49822775985bf31b715f5888b24efa000000000000ffffffdf0000000000000000000000000000020000000000000000000000000000b27cf3d1848a54d7132be1ffb0adf9736bdeab29ea3323aa9fdfb52faf449c3bfd09000000b91ab219efdebb7b3de8f67581cf796a1d4223b9ff7ffcad3f6c962b9f292324b7ab7f7da31cf41ab12012fb1e0a494034127de7c6592df1a6c64d8f20a67745409e011f1264d43e153b3d34899f40159e800ea2474b544035a30b23bcee46762c2093bcc9eae5ee3e980026c96f80ee1a74e04bde740750fa4d9aaa705989b8e673e3296e52d337c56abf112874ec309baed0495f06d058a75fa4c81e5c9f42d9383e41d277b10392a96286744f839c3f128f8f92ef992239eafce5c1b3f97a297c9e49a0c3300ef7b7fb5f09e0c8a868a353409e34d3e82279637598f37ad380a447483cac394c7bbdcd0e3b1c39b2e00916de48a4e70f03cc4146a77af02c1d4cef5379da860aed8477dfa8ceefb405005c6977c78cdbf37704ec73755539280b064bda144910fe050038ec9e47de89298b7bf4d769ccc18eede00e8ca5457870eb30d211e23ccc8e06cd58b61799257ab55ff413c86ba9affb12ec757c7234c270246c87a901160e6c07bf6cf8809c3a0d46ff7f000000000000ad1e1f493354b2822b9837421134c0167d78e6c24ed0a2768e825972ea3b774a1467c89fa0f82e8440105051e5510a33dcda5e143fbfff161c12ca389cbe4c51b3fa00055cc1b66c5fd9c26a54d43fa050645bd6109b113b67664e08add7115c61afcb718cf3c4680b2f6c7a84a4e378a9b15bc20f49e298727340e97cdefb40e56e9cfad973347d0de7ba4754ff231a1b033d8f841ba3442b2c7c503f3d0e7ab0e958adb862822e40009995ae166deb9856291a43a6f7eb2e32cefbf46306f2ef79e184f5e93ba5c8c2a4c0443fb652b8d4c2ff030000000000000007b82e6044f643068cd47ae636a5dbe9864a517d27326850a7c3b570863f532c218b10af13d7be94987005088a83880ccab9c99220002af8c5e13d52c83ac3fa7c3a3ee6c08384865b66d2b4dcb5dd9cba16b64ebbbf8702ae12c77e6e34991a225c120a3c950942fe0bc9f2a1a7506d35e5b439edeb7088aeda890cf8a4a6f31ba6d9b8cb098f935bdcbb29fd0f1a342c9eed00000000ab6648a9dea0b6c91996d65da6c24a702a86c814459f3cdaaf99020000000000000000bf2130d1b32c826563c518d0ad23bc83ba3f3757210a057e177615c068bd7d74233da1a3b56d4e04a7ec4792b1c4cffddbbdcfdd13ab52f5aaab812201d1aba3d70471fcd9b466569f3ef72f39d87fcccab514fc02b70be8629c9b73ce7bc4be7f8be71cb7b2d0a4ac58ddcc0f2b14214db0ff8f6abe7dbad64dfa63966945d93c33b038ce0d890f85f8a6ab8487c383e24d4a8051f80e1811e387723a25dda119f64b35e71c5400000000000000000000000000000034c751ebdf3f20a95b817ea3df3d6c0002a41783058e56c70afe8016b3dd9dc7785b36e609f173cc6b893ecd138289709839747837ffa6283b3452c57a5d44cacd363589845637071320921d22c1663964eddec902fc7cc33158bc306d8c3bdae8108a23d2dc96a5cdb518f58832ec0906aaec43659c79c8ad37b0f961f3beaa3e02f7762c5dd633d13b5e487e996597b2ab42c81eb7dd8390e13b395aacce4683e55bcfe8c17615257364365fd48bd77da79e52ce9edfe6dca9c42c4d719347f39ef006c2df747e27a2d1fa000008ffffffffffffff003049ca923d059c0ab5d886a491adacb7e4b43b1b57776e5fe25cf105fa57f000756755b7230e2c0c1fed5487271c4f2981cf8f4351ef5d08641dacaed0000800"/1608], &(0x7f0000000140)='GPL\x00'}, 0x48) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000380)={r0, 0x0, 0xe, 0x0, &(0x7f00000000c0)="24c2afc3a2e0527bea33d6541650", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48) [ 2059.329880][T10268] syz-executor.4 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 2059.340150][T10268] CPU: 0 PID: 10268 Comm: syz-executor.4 Not tainted 5.19.0-rc6-syzkaller-00104-g72a8e05d4f66-dirty #0 [ 2059.351181][T10268] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 2059.361247][T10268] Call Trace: [ 2059.364601][T10268] [ 2059.367604][T10268] dump_stack_lvl+0xd6/0x122 [ 2059.372297][T10268] dump_stack+0x11/0x12 [ 2059.376453][T10268] dump_header+0x98/0x410 [ 2059.380843][T10268] oom_kill_process+0xfe/0x550 [ 2059.385609][T10268] out_of_memory+0x620/0x880 [ 2059.390204][T10268] mem_cgroup_oom+0x475/0x4f0 [ 2059.394874][T10268] try_charge_memcg+0x746/0x960 [ 2059.399839][T10268] charge_memcg+0x63/0x2c0 [ 2059.404252][T10268] __mem_cgroup_charge+0x25/0xa0 [ 2059.409181][T10268] wp_page_copy+0x20f/0x1460 [ 2059.413817][T10268] ? shrink_zones+0x525/0x5d0 [ 2059.418487][T10268] do_wp_page+0x76f/0xe10 [ 2059.422809][T10268] handle_mm_fault+0x5fb/0xa90 [ 2059.427698][T10268] do_user_addr_fault+0x4cd/0x940 [ 2059.432797][T10268] exc_page_fault+0x60/0x160 [ 2059.437396][T10268] asm_exc_page_fault+0x22/0x30 [ 2059.442301][T10268] RIP: 0033:0x7fe837f5a340 [ 2059.446707][T10268] Code: fe ff 49 39 dc 75 eb 48 8b 44 24 18 89 28 48 83 c4 28 5b 5d 41 5c 41 5d 41 5e 41 5f c3 0f 1f 44 00 00 41 89 c5 e9 75 fe ff ff <43> 89 2c 84 e9 a3 fe ff ff 0f 1f 80 00 00 00 00 49 39 d4 74 70 48 [ 2059.466396][T10268] RSP: 002b:00007ffd964f7790 EFLAGS: 00010246 [ 2059.472530][T10268] RAX: 000000009e43720a RBX: 00007fe8380beff8 RCX: 0000001b2de20000 [ 2059.480495][T10268] RDX: 0000000000000000 RSI: 0000001b2de20018 RDI: 0000000008e17b0f [ 2059.488458][T10268] RBP: 000000009e43720a R08: 000000000000120a R09: 000000009e43720e [ 2059.496457][T10268] R10: 00007ffd964f7960 R11: 0000000000000246 R12: 00007fe8380b3000 [ 2059.504459][T10268] R13: 0000000000000001 R14: 0000000000000004 R15: ffffffff81902069 [ 2059.512428][T10268] ? cap_capable+0x19/0x130 [ 2059.516932][T10268] [ 2059.520132][T10268] memory: usage 307200kB, limit 307200kB, failcnt 63419 01:40:49 executing program 1: r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, &(0x7f0000000400)=ANY=[@ANYBLOB="bf16000000000000b70700000100f0ff5070000000000000200000000000c00095000000000000002ba728041598d6fbd30cb599e83d24a3aa81d36bb3010100bd2321afb56fa54f26fb0b71d0e6adfefcf1d8f7faf75e0f226bd99eea7960717142fa9ea4318123741c4a0e168c1886d0d4d94f2f4e345c652fbc16ee988e6e0dc8cedf3ce99fbfbf9b0a4def23d410f6296b32a834388107200759cda9036b4e369a9e152ddcc7b1b85f3c4744aeaccd3641110bec4e9027a0c8055bbfc3a96d2e8910c2c3b35967dec6e802f5ab3eea57b09a2ed4048d3b867ddd58211d6ececb0cd2b6d357b85a0218ce740068725837079e468ee207d2f73902fbcfcf49822775985bf31b715f5888b24efa000000000000ffffffdf0000000000000000000000000000020000000000000000000000000000b27cf3d1848a54d7132be1ffb0adf9736bdeab29ea3323aa9fdfb52faf449c3bfd09000000b91ab219efdebb7b3de8f67581cf796a1d4223b9ff7ffcad3f6c962b9f292324b7ab7f7da31cf41ab12012fb1e0a494034127de7c6592df1a6c64d8f20a67745409e011f1264d43e153b3d34899f40159e800ea2474b544035a30b23bcee46762c2093bcc9eae5ee3e980026c96f80ee1a74e04bde740750fa4d9aaa705989b8e673e3296e52d337c56abf112874ec309baed0495f06d058a75fa4c81e5c9f42d9383e41d277b10392a96286744f839c3f128f8f92ef992239eafce5c1b3f97a297c9e49a0c3300ef7b7fb5f09e0c8a868a353409e34d3e82279637598f37ad380a447483cac394c7bbdcd0e3b1c39b2e00916de48a4e70f03cc4146a77af02c1d4cef5379da860aed8477dfa8ceefb405005c6977c78cdbf37704ec73755539280b064bda144910fe050038ec9e47de89298b7bf4d769ccc18eede00e8ca5457870eb30d211e23ccc8e06cd58b61799257ab55ff413c86ba9affb12ec757c7234c270246c87a901160e6c07bf6cf8809c3a0d46ff7f000000000000ad1e1f493354b2822b9837421134c0167d78e6c24ed0a2768e825972ea3b774a1467c89fa0f82e8440105051e5510a33dcda5e143fbfff161c12ca389cbe4c51b3fa00055cc1b66c5fd9c26a54d43fa050645bd6109b113b67664e08add7115c61afcb718cf3c4680b2f6c7a84a4e378a9b15bc20f49e298727340e97cdefb40e56e9cfad973347d0de7ba4754ff231a1b033d8f841ba3442b2c7c503f3d0e7ab0e958adb862822e40009995ae166deb9856291a43a6f7eb2e32cefbf46306f2ef79e184f5e93ba5c8c2a4c0443fb652b8d4c2ff030000000000000007b82e6044f643068cd47ae636a5dbe9864a517d27326850a7c3b570863f532c218b10af13d7be94987005088a83880ccab9c99220002af8c5e13d52c83ac3fa7c3a3ee6c08384865b66d2b4dcb5dd9cba16b64ebbbf8702ae12c77e6e34991a225c120a3c950942fe0bc9f2a1a7506d35e5b439edeb7088aeda890cf8a4a6f31ba6d9b8cb098f935bdcbb29fd0f1a342c9eed00000000ab6648a9dea0b6c91996d65da6c24a702a86c814459f3cdaaf99020000000000000000bf2130d1b32c826563c518d0ad23bc83ba3f3757210a057e177615c068bd7d74233da1a3b56d4e04a7ec4792b1c4cffddbbdcfdd13ab52f5aaab812201d1aba3d70471fcd9b466569f3ef72f39d87fcccab514fc02b70be8629c9b73ce7bc4be7f8be71cb7b2d0a4ac58ddcc0f2b14214db0ff8f6abe7dbad64dfa63966945d93c33b038ce0d890f85f8a6ab8487c383e24d4a8051f80e1811e387723a25dda119f64b35e71c5400000000000000000000000000000034c751ebdf3f20a95b817ea3df3d6c0002a41783058e56c70afe8016b3dd9dc7785b36e609f173cc6b893ecd138289709839747837ffa6283b3452c57a5d44cacd363589845637071320921d22c1663964eddec902fc7cc33158bc306d8c3bdae8108a23d2dc96a5cdb518f58832ec0906aaec43659c79c8ad37b0f961f3beaa3e02f7762c5dd633d13b5e487e996597b2ab42c81eb7dd8390e13b395aacce4683e55bcfe8c17615257364365fd48bd77da79e52ce9edfe6dca9c42c4d719347f39ef006c2df747e27a2d1fa000008ffffffffffffff003049ca923d059c0ab5d886a491adacb7e4b43b1b57776e5fe25cf105fa57f000756755b7230e2c0c1fed5487271c4f2981cf8f4351ef5d08641dacaed0000800"/1608], &(0x7f0000000140)='GPL\x00'}, 0x48) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000380)={r0, 0x0, 0xcc0, 0x0, &(0x7f00000000c0)="24c2afc3a2e0527bea33d6541650", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48) 01:40:49 executing program 5: close(0xffffffffffffffff) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0) perf_event_open(&(0x7f00000004c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x9}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000400)={0x0, 0x80, 0x68, 0x3, 0x1, 0x3, 0x0, 0x0, 0x490ce, 0xa, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x2, 0x4, @perf_bp={&(0x7f0000000300)}, 0x0, 0x80, 0x4, 0x8, 0x4, 0x0, 0x5, 0x0, 0x0, 0x0, 0x400}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f00000009c0)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065040400010010000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b7000000000008009500f10100000000487591731cba12c07d57d995b61e89a4530f92344f242b416ae9eeefc0e9c60ebab1c176bfdbb4dde984510c82dc2bd18189a7ca02f732e4c2eab72bf40c0682fd0a0c4ac106b29e220dc28dac72039456d4c4e6f3fe684ab8373bb4df9d72876ef3834293812e927c01a6da1322da44c7f2ed1084a12f56d1cb39df9858037458a4ca0376ed42f7dd5adb8e49f4a94608c9a20819e02fc22e6be45574d4ed88b37ab8d7674c644dca2f1b4d745fd95c41f9df0004afd1e5a3e7f2e898961cb43e438c2da3c28714dca4b04e41ae43ea118e14ffffffff14e7f574adde1a76b051c72be4b8a80366ce5401ec61921a1b529cc8b99bffff950c006c67767b03b95151aeb89e6d4a433eb215ba22f4e14336fc9dc7beedb130d9f2be90133a4500000058b8c9370634060105baa664953505605fba3973aa021945b985a8a66e0200ce8f00c219cb608acc4d305b37cb8d7f41aacfbd4089ea1bd22440f63db15d792e604a4f279b3bd6841bdf2c17bc0400001000000000ff8d01026200607a9a76e5d9656a7154c75773902a1bdf399df3925130312d095e9c1f973d091c198c1a11edb6b3cc425fe203d2f2655a76865c2ce2470fcfb1ce30c00e14a8198cd7248cc0ed5431a7fbcb0ef4f66a09af93a09fab1daae4b518d7a5d95a017864487367d6d7ee7bb0749cacf56cf27409c60fca2e0004000000000000a9cb6f4a78444986f9b1ab61f9dab530388eb1f43d4abbfc59d6d1b18fe380df4bf024f120bd715d82033f2fb7d8fc9a0d77b294e097e293db7f042c0024ab2fd8e5e7fb178f047ba32548b4d32972cba6f49051cec1bf6f16231bbb90a2d201a5a47811a2278a03bf7700b06fa191ebd3a0c2ef0058ffebd7cc4cf80f74a7cdac01d998c24f34a5ba9a4a2039d0416e3f81074100000000c7d8e94a27a06a4e3d9aaae835fd63384f69ce34640571e5bbb3e6d2b5eba505000000968983811f832d064048c0e0bbe46984f1f0d0504255c2080000f895aa5c2b0dcb25d7a656a93d0a7e6f08f9ffffff64875fea6ff57ba6ae25c5e8ca4f78d4a0130c243b08f1caa46be5244864184221e5f8e875857f083144c642f71cdc8e5634c1360c056430f677ee7ed7ac1f9743786b2fb8e0fcfcc3d36c93230b7b059bc295aa0e38ff07edc3c92b96e73d2060ac6fd0fd8145e4a5851bc4d6fdc5ad939d7795f3879baa88bd194d48e50c84892c97c80003000000a71835bdf8b846e31ce0b8ee953de70ea860f1ecf607a8dc38e525f415a1bd46b38845ebca04061bacbf627f9d1ffe599678fee48f83b5989543729e3600000000bc86cd51704f309130f534741377ea7b7bea3c46c0c4c4b7c27c5d057d95ac85a41cdcee8e6fa31f7d2137ed1fb4b21c13b9a2c5e3f7c9ef9c45885adbf0b9312be929863f000000000000004a82bc080de1f87808d0711dd76f2977ca7f2684bfa5c14a0cd6f1f561e3b0cfb284fcfde9015769b9eeac8ff10e934847604d930f62920562ce17fedadf5053ed8f33092a41bb46e1878c5295fecc27f9c6d1f62da58c000200000000000100000005e74591d5cdab1c268ef3c1984c7c0a566cfc2a080000009ec206a54fb49056a555414178ef00d8b8f3c59f01eb5d83415994efcc6ec4b3c275cd6b1b5ff82ef7d7abe7a1d0afa285706841aac9ccc89df41c39dd58dd70569fde45f8ad62edc65828fbb6e279f745d2872f0208635e465ca443a6a64c7803760880af23fb1f430a5d11fffc96dd1c2551642f1433f65b4e170a62a56bb7d0f9d5cef0d19389c43d4a4cc23e1c860900c2307500007e560fcc49062729e6a4de8b554d8f631e34c428bfe05b711f6e9abce622926614c8045dc670a31241bf657babf0615b85dc200a10294b7d5885b43ac62fc7f97a85586168483427072a535f2c7481ec261c00f725de74e48d9a86f7d4a5d28da3f099ca3e6472b9d7c86d961f525f799b4517141fc98af0673b8296f867eca1ec07be11bc497a6f7d2b752bcf77c2908b646300000000261bc2bc580a7474534b8dfc0432ab6bbc2486a03e69870cbfa7c3d3301fe227b713a371414c98695e559f9cbf6b046184064a5f24a4cc6f41f21fc24a3ad7d20a89e00a9dc99a40f890869d35fba3ce6f29c6610600ba21c65badf55d1859ea7e05c5711390bb2addd4581f9e7ef3e2693b46a8fc85be061ce79aa2832c04dc04db8b6536123b24be2ef80eb06b2db900fb30596c1574bda31f81d61ccfd58080d2330b9c7b87b5d17d48c32daffead3414b916626117c5cc91d5655e5eeb03e250eeedc7d65675bca9037426f643797be3e93da96b5643d3feed0b7c885d247c6b830d7cbf3152f27522f5142dcc84a9e48a07518f0142167abf5d6685d09945cbc778bcc3e7dcfac497bc1389a3a34ab9e5746a1353322960964183842601e5365b58060d417b01e6d80091a0d14ecb6ad9168040388c7640bfa2f886c259718543de7eebf4da8d1c3e76daace5217761d933d064b79609fcf5971aa1e77c3123910e72daaadd8878ad468eabafda2d521454ea9e8fcd3b53adfd6f00003a71345b841d04a02bf44195df032c59608a555bc44873272812e0fb874618a079f503379acff9825d582932a340c2b56b4cf44990f60000000000000000000000000000da0ca67905e877893646d185a75582f866785af6b0149e336c31fb177e3e2862ee1a07bc55df44d8d63f52fc5246b050f883247a0cd13c58cba50878620fa493937386ad2e2a0d60eb815aa05c33e22c32276dab36d14c63af66a31409ab2a403ec3c7a4e008d745efa2835a8c932f22aa6da40af9bcdf808b916bc8deb37d5b8c422b65c42d17e61751c561ce775a31b594cfbb7d2b3791b0300931610000000000000000000800000000000057e3bb75d0c9caecdd87b4d177b59f3807aa5fe4556fd97e90b31556262d1553d5721d2e089975877b808addae6f3550bcf8ac824a23854a6dc1706e22b717965a5434b736f72ab3f5af67db4fa1e8fab03f8084c461dd96299a36a79f1b40f36e5f115bc9c6821c4292e112664dba8e4a6a26614edbd1c49d4ae08c1fa43d7b03d1a3521d39968dbd298845060036f1d717fa394e4630e296937a2c37798cf83de74a0589003b4e1ba4f5173c080000000000000000000000a2671447b423b3963e4ebc75f17d4e654e29a5c189974c41a2721b86a754dcab9b311d1d0a2985675dd9e893edbde6105c8a556671d7ef8d2e20179a6f87b7172f7068b75b3287910000000408d72e3e3c54bdda389c4be1ad5073749c37a3ff61fd9e059e25d4d2002fa33cd5e2d1a69a2389b5c0b679ab9965ccebf2987f98ca9403e5b8fd45d3445b6329b5305625fbe1c0d68c57c2726fab5f0728dba6e1e0079ef2857662982bca4179c0e65aebd912c57fb3cb22cc0b50153dda5f2c67640396aff424d676047e2b5113714e20f14e7e24bd8d1686b5155bacb4de49168cd396838d5f02bb9ddd046d7f61bd7e6dea2e430a6c492778fe84390a6f16ef82135e70be04005c5cd3a99059a7b3ccd33b350305d134552d2ca379dac0d5d542027686a620458f9220a8d23adfa0dc7d03dc996b66ff96039109b504563132e0fd985b49741fc2eef5580c0432b58edb3486abca78b77236c9a442359601580000000049f557ed634597ae7c821d8c4b9f959aecc4a0e316e35176441ed2a4943640349f34f7bcba5fff1f6d918795dc44c124517fc9045b276c66b7e456bd7842902e55cf787b34f8131b261c83c20ead80324054458c272a09dae5e74c0794dfa36ed5c1b69684552e096e3ee77f3fed314fcb3101a3b0de8d07ecd9ebd8ccbf823548caf4d75e03058a2ecfd49ec86dbc1d2e2cf70918e9104d61219ad9eb940070c1ab7f8acd5c5c162efa20494628d081077b0555cd65bbd87da70000000000000000000000b1fcf34ed74ce256b12c4097200049ea1b007d4c2cfb545c4b1f0d38d4fdc99a37f92e0967297a6861a4511ea6601ba508144a836b445d34d36b63d821b94b1514fa8924bedae1c9773f43375945be99787417758ab15ba1533a58a9e6cccbe371c26a41699de1633059739b3a2b452d1c3b5e93a053d9bbce1b01243b846537fbeda9e5b9e5627df4252e030407961e9d8e62f9a10ccec5f100000000000000000000000000000000e58f8bde3a6ebd236dc8cdd2517e6fac778393328fd478265af3f3c91ff90f786fcf83917774648b4abb2ef9f2eaa8a53165bde445c19406ea3cba2d82e4db0b48af4fd095cdbc1348bf3b65f5055f9a02521a9b52a785b5918ce13f9a3ff1335c4ab9bac0ac9ab00e364a6ff4a5fc8aeda742a3115235c0ae3332a5fd736ac9ae174616a16a6e6ddf94936450510d5b4c83f41a909608b6ad05fbb81db37adfb8dbdaf363aef2be2165d3acd016f5cfe6833a1875fbc48f7e42f00038da295de727ab12df3d67c560bfd73c59e7a97993763f1cc28c7a2d73038cecea93c28a0ac2fd71afc82616c0be9cd3ec4b0f65a5617c6c6c5e813d556de2a15229e90f0aa0eebc35bdb50d2d80e3e74647555b78ce51da13d439b106ec1bd818d6459bbc3c049066e7935b9658df985f5304fac8940a14837d179710195d2a5a710418704498f2b7e1552af712306d938f5443fa0450848282b11753bbae7794bba7ce64e92b2d11619653e6984a014d3035e4ae38e316d4df55df6036f5c3a2c18e15367650f7a9661ee28764479542ef1a7b7ad7f0e5842bb8e7e4722f87cf4cf498469da0400eab9aa5f0da3662efb96c3a5b787f62b0f6476c853f92128c136684ae8ebef1d6f6ca5ebe39f5a6ac38e3f9f55e251fdd81cf737d14fe00359a0126994317c039d1a80000"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x222}, 0x48) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r1, 0x18000000000002a0, 0x1e, 0x0, &(0x7f0000000980)="b0ff07c66b1d698cb89e07e007ca1f74ffff100e7200636777fbac141436", 0x0, 0x2e, 0xe8034000, 0x0, 0x0, 0x0, 0x0}, 0x48) openat$cgroup_int(0xffffffffffffffff, &(0x7f00000000c0)='memory.max\x00', 0x2, 0x0) r2 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000280), 0x4) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x1, 0x0, 0x0, &(0x7f0000000040)='GPL\x00', 0x7, 0xf5, &(0x7f00000001c0)=""/245, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x1, 0x5, &(0x7f0000000000)=@framed={{}, [@map_fd={0x18, 0x0, 0x2}]}, &(0x7f0000000040)='GPL\x00', 0x7, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80) r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000140)=@base={0x7, 0x4, 0x0, 0x5}, 0x48) r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x1, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000018200000", @ANYRES32=r3], &(0x7f0000000040)='GPL\x00', 0x7, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80) bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000380)=@bpf_ext={0x1c, 0x8, &(0x7f0000000040)=@framed={{0x18, 0x0, 0x0, 0x0, 0xfff, 0x0, 0x0, 0x0, 0x3}, [@generic={0x4e, 0x3, 0x2, 0x0, 0x5}, @map_idx_val={0x18, 0x7, 0x6, 0x0, 0x1, 0x0, 0x0, 0x0, 0x9ea}, @func={0x85, 0x0, 0x1, 0x0, 0x3}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x5}]}, &(0x7f0000000100)='syzkaller\x00', 0x1f, 0x0, &(0x7f0000000140), 0x0, 0x0, '\x00', 0x0, 0x0, r0, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x307c3, r2, 0x0, &(0x7f00000002c0)=[0xffffffffffffffff, 0xffffffffffffffff, r0, r0, 0xffffffffffffffff, r3]}, 0x80) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0xc, 0xc, &(0x7f0000000580)=@framed={{0x18, 0x0, 0x0, 0x0, 0xffff7fff, 0x0, 0x0, 0x0, 0x5}, [@jmp={0x5, 0x0, 0x8, 0x7, 0x2, 0x10, 0xfffffffffffffffc}, @map_val={0x18, 0x0, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x800}, @map_fd={0x18, 0x6}, @generic={0x5, 0x0, 0x0, 0x1ff}, @map_val={0x18, 0x1}, @generic={0x7, 0x0, 0x3, 0x3, 0x20000}]}, &(0x7f0000000600)='syzkaller\x00', 0xffffffff, 0xe9, &(0x7f0000000640)=""/233, 0x41100, 0x22, '\x00', 0x0, 0x0, r0, 0x8, &(0x7f0000000740)={0x1, 0x3}, 0x8, 0x10, &(0x7f0000000780)={0x4, 0xa, 0x10001}, 0x10, 0x0, r4}, 0x80) bpf$BPF_PROG_GET_FD_BY_ID(0xd, 0x0, 0x0) syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) [ 2059.527113][T10268] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2059.533993][T10268] Memory cgroup stats for /syz4: [ 2059.539148][T10268] anon 118784 [ 2059.539148][T10268] file 126976 [ 2059.539148][T10268] kernel 314327040 [ 2059.539148][T10268] kernel_stack 32768 [ 2059.539148][T10268] pagetables 77824 [ 2059.539148][T10268] percpu 11039744 [ 2059.539148][T10268] sock 0 [ 2059.539148][T10268] vmalloc 0 [ 2059.539148][T10268] shmem 126976 [ 2059.539148][T10268] file_mapped 126976 [ 2059.539148][T10268] file_dirty 0 [ 2059.539148][T10268] file_writeback 0 [ 2059.539148][T10268] swapcached 0 [ 2059.539148][T10268] inactive_anon 188416 [ 2059.539148][T10268] active_anon 57344 [ 2059.539148][T10268] inactive_file 0 [ 2059.539148][T10268] active_file 0 [ 2059.539148][T10268] unevictable 0 [ 2059.539148][T10268] slab_reclaimable 16040 [ 2059.539148][T10268] slab_unreclaimable 303126168 [ 2059.539148][T10268] slab 303142208 [ 2059.539148][T10268] workingset_refault_anon 0 [ 2059.539148][T10268] workingset_refault_file 15 [ 2059.539148][T10268] workingset_activate_anon 0 01:40:50 executing program 1: bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000000)={&(0x7f0000000080)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x2, [@func_proto={0x0, 0x0, 0x0, 0x2}]}}, &(0x7f0000000140)=""/245, 0x26, 0xf5, 0x1}, 0x20) 01:40:50 executing program 2: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000240)=0x1) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4000000010001fff000000000000011c00000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00ed"], 0x40}}, 0x0) 01:40:50 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL802154_CMD_SET_WPAN_PHY_NETNS(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000280)=ANY=[], 0x4c}}, 0x0) 01:40:50 executing program 3: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000240)=0x1) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4000000010001fff000000000000006000000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00ed"], 0x40}}, 0x0) [ 2059.539148][T10268] workingset_activate_file 0 [ 2059.634980][T10268] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=10268,uid=0 [ 2059.650408][T10268] Memory cgroup out of memory: Killed process 10268 (syz-executor.4) total-vm:46312kB, anon-rss:388kB, file-rss:8192kB, shmem-rss:0kB, UID:0 pgtables:80kB oom_score_adj:1000 01:40:50 executing program 1: pselect6(0x0, 0x0, &(0x7f0000000080), &(0x7f00000000c0)={0x0, 0x7, 0xa15, 0x0, 0x0, 0x7e, 0x0, 0x62}, &(0x7f0000000100)={0x0, 0x989680}, &(0x7f0000000180)={&(0x7f0000000140)={[0x8]}, 0x8}) 01:40:50 executing program 5: syz_emit_ethernet(0x42, &(0x7f0000000300)={@local, @dev, @val={@void}, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x30, 0x0, 0x0, 0x0, 0x4, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @broadcast}, @source_quench={0x4, 0x0, 0x0, 0x0, {0x5, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @multicast2, @remote}}}}}}, 0x0) 01:40:50 executing program 5: syz_emit_ethernet(0x42, &(0x7f0000000300)={@local, @dev, @val={@void}, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x30, 0x0, 0x0, 0x0, 0x4, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @broadcast}, @source_quench={0x4, 0x0, 0x0, 0x0, {0x5, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @multicast2, @remote}}}}}}, 0x0) 01:40:50 executing program 5: syz_emit_ethernet(0x42, &(0x7f0000000300)={@local, @dev, @val={@void}, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x30, 0x0, 0x0, 0x0, 0x4, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @broadcast}, @source_quench={0x4, 0x0, 0x0, 0x0, {0x5, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @multicast2, @remote}}}}}}, 0x0) [ 2059.732360][T10293] syz-executor.4 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 2059.742682][T10293] CPU: 0 PID: 10293 Comm: syz-executor.4 Not tainted 5.19.0-rc6-syzkaller-00104-g72a8e05d4f66-dirty #0 [ 2059.753790][T10293] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 2059.763935][T10293] Call Trace: [ 2059.767217][T10293] [ 2059.770158][T10293] dump_stack_lvl+0xd6/0x122 [ 2059.774776][T10293] dump_stack+0x11/0x12 01:40:50 executing program 0: getpid() socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, 0x0, 0x0, 0x2, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4000000010001fff0000000f0000000000000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00edd62ea20a1d331785", @ANYBLOB="f6058f6edd13b339a41741df7cc8ce16a184f1c3ce95557b15a6b9d8ed59050d446d58b1b14a601e31bc1f05ac2d5eab491981e7982e0834ddf3bc6592804936196dbce83b114f9265aa8c87654cf456311e4cba3ee22fd0451b75c902767755ccec2eb4ea77c45e8d4d4e77f867648d98797fdd8711d671c5f22669c60eb10bf9570150a2c247bf1e55cd1fb91e41588a73327e20823f2f15ce2255a75e6d8afb40aa37c5ae7af3fb6c770673242110d1e2c33cfd3264e2a156ae5ee38d5abfb2ad4c2a8a"], 0x40}}, 0x0) 01:40:50 executing program 5: syz_emit_ethernet(0x42, &(0x7f0000000300)={@local, @dev, @val={@void}, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x30, 0x0, 0x0, 0x0, 0x4, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @broadcast}, @source_quench={0x4, 0x0, 0x0, 0x0, {0x5, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @multicast2, @remote}}}}}}, 0x0) 01:40:50 executing program 1: r0 = syz_open_dev$evdev(&(0x7f0000001500), 0x0, 0x0) ioctl$EVIOCGMASK(r0, 0x80104592, &(0x7f00000000c0)={0x27, 0x1, &(0x7f0000000000)='Y'}) 01:40:50 executing program 5: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x9, 0x101, 0x2, 0x6}, 0x48) bpf$MAP_DELETE_BATCH(0x1b, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000000c0), 0x0, 0x52a093d5, r0}, 0x38) [ 2059.779015][T10293] dump_header+0x98/0x410 [ 2059.783471][T10293] oom_kill_process+0xfe/0x550 [ 2059.788348][T10293] out_of_memory+0x620/0x880 [ 2059.793049][T10293] mem_cgroup_oom+0x475/0x4f0 [ 2059.797816][T10293] try_charge_memcg+0x746/0x960 [ 2059.802681][T10293] charge_memcg+0x63/0x2c0 [ 2059.807114][T10293] __mem_cgroup_charge+0x25/0xa0 [ 2059.812068][T10293] wp_page_copy+0x20f/0x1460 [ 2059.816674][T10293] ? shrink_zones+0x525/0x5d0 [ 2059.821380][T10293] do_wp_page+0x76f/0xe10 [ 2059.825729][T10293] handle_mm_fault+0x5fb/0xa90 [ 2059.830526][T10293] do_user_addr_fault+0x4cd/0x940 [ 2059.835593][T10293] exc_page_fault+0x60/0x160 [ 2059.840276][T10293] asm_exc_page_fault+0x22/0x30 [ 2059.845183][T10293] RIP: 0033:0x7fe837f5a340 [ 2059.849670][T10293] Code: fe ff 49 39 dc 75 eb 48 8b 44 24 18 89 28 48 83 c4 28 5b 5d 41 5c 41 5d 41 5e 41 5f c3 0f 1f 44 00 00 41 89 c5 e9 75 fe ff ff <43> 89 2c 84 e9 a3 fe ff ff 0f 1f 80 00 00 00 00 49 39 d4 74 70 48 [ 2059.869273][T10293] RSP: 002b:00007ffd964f7790 EFLAGS: 00010246 01:40:50 executing program 5: sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f0000000180)=@abs, 0x6e) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) sched_setscheduler(0x0, 0x0, &(0x7f0000000200)) sched_setscheduler(0x0, 0x3, &(0x7f0000000040)=0x3) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0xa, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000ce0000000f000000010000000000000000000000002000000020000020000000d2f4655fd2f4655f0100ffff53ef010001000000d1f4655f000000000000000001000000000000000b00000080000000080000005247000062", 0x65, 0x400}, {&(0x7f0000010200)="010000000000050011", 0x9, 0x560}, {&(0x7f0000000340)="5592f5a1d5f96188c4f13642f86580c71242d6fde507f2256b84ec166db5a006e81bad794ee8360581757b", 0x2b, 0x640}, {&(0x7f0000010400)="030000001300000023000000ce", 0xd, 0x800}, {&(0x7f0000010500), 0x0, 0xc00}, {&(0x7f0000011600)="504d4d00504d4dff", 0x8, 0x4400}, {0x0, 0x0, 0x4800}, {&(0x7f0000012b00)="ed41000000040000d1f4655fd2f4655fd2f4655f00000000000004000200000000000800050000000af301000400000000000000000000000100000004", 0x3d, 0x8c80}, {0x0, 0x0, 0x8d00}, {0x0}], 0x0, &(0x7f0000013800)) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000100)=ANY=[@ANYBLOB="18000000020000040000000000000001040000000e0000f1850000000e00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x10) gettid() syz_mount_image$ext4(&(0x7f0000000300)='ext2\x00', &(0x7f0000000380)='./file0\x00', 0x2, 0x1, &(0x7f0000000500)=[{&(0x7f0000000440)="893e16d1d1bab8033ed18e752f0076697567bccd207cbe4f0c6dbf44237dcc5f7e334c9362693fae2870b21029a92bb932aa80eca64b241e535b8d9c49f344dd16f2c8d0d89b3918aee2d5fab5e22abeb853c89f62a3f98cd3ae9a1ee824b4ee197f08ae47cd78b0718c18b26c4dc0972ecd639190fd773764a0f9c7226653df2e0d6cfe84a4498c4cfd4ba58d93b64d4d019f8b3560bc0692582b9f28acb43ee31a2f4511", 0xa5, 0x22fd1668}], 0x4000, &(0x7f0000000540)={[{@jqfmt_vfsv1}, {@noinit_itable}, {@dax}], [{@subj_role={'subj_role', 0x3d, '.,)'}}]}) [ 2059.875332][T10293] RAX: 0000000038fda513 RBX: 00007fe8380beff8 RCX: 0000001b2de20000 [ 2059.883306][T10293] RDX: 0000000000000000 RSI: 0000001b2de20018 RDI: 0000000008be33e4 [ 2059.891401][T10293] RBP: 0000000038fda513 R08: 0000000000000513 R09: 0000000038fda517 [ 2059.899425][T10293] R10: 00007ffd964f7960 R11: 0000000000000246 R12: 00007fe8380b3000 [ 2059.907511][T10293] R13: 0000000000000001 R14: 0000000000000001 R15: ffffffff8152a2ad [ 2059.915474][T10293] ? __x64_sys_openat+0x9d/0x110 [ 2059.920460][T10293] [ 2059.923548][T10293] memory: usage 307200kB, limit 307200kB, failcnt 63463 [ 2059.930524][T10293] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2059.937416][T10293] Memory cgroup stats for /syz4: [ 2060.965147][T10293] anon 106496 [ 2060.965147][T10293] file 126976 [ 2060.965147][T10293] kernel 314327040 [ 2060.965147][T10293] kernel_stack 32768 [ 2060.965147][T10293] pagetables 69632 [ 2060.965147][T10293] percpu 11039616 [ 2060.965147][T10293] sock 0 [ 2060.965147][T10293] vmalloc 0 [ 2060.965147][T10293] shmem 126976 [ 2060.965147][T10293] file_mapped 126976 [ 2060.965147][T10293] file_dirty 0 [ 2060.965147][T10293] file_writeback 0 [ 2060.965147][T10293] swapcached 0 [ 2060.965147][T10293] inactive_anon 176128 [ 2060.965147][T10293] active_anon 57344 [ 2060.965147][T10293] inactive_file 0 [ 2060.965147][T10293] active_file 0 [ 2060.965147][T10293] unevictable 0 [ 2060.965147][T10293] slab_reclaimable 26112 [ 2060.965147][T10293] slab_unreclaimable 303123896 [ 2060.965147][T10293] slab 303150008 [ 2060.965147][T10293] workingset_refault_anon 0 [ 2060.965147][T10293] workingset_refault_file 15 [ 2060.965147][T10293] workingset_activate_anon 0 [ 2060.965147][T10293] workingset_activate_file 0 [ 2061.061204][T10293] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=10293,uid=0 [ 2061.076553][T10293] Memory cgroup out of memory: Killed process 10293 (syz-executor.4) total-vm:46312kB, anon-rss:388kB, file-rss:8192kB, shmem-rss:0kB, UID:0 pgtables:72kB oom_score_adj:1000 01:40:51 executing program 2: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000240)=0x1) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4000000010001fff000000000000031e00000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00ed"], 0x40}}, 0x0) 01:40:51 executing program 0: getpid() socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, 0x0, 0x0, 0x2, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4000000010001fff000000110000000000000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00edd62ea20a1d331785", @ANYBLOB="f6058f6edd13b339a41741df7cc8ce16a184f1c3ce95557b15a6b9d8ed59050d446d58b1b14a601e31bc1f05ac2d5eab491981e7982e0834ddf3bc6592804936196dbce83b114f9265aa8c87654cf456311e4cba3ee22fd0451b75c902767755ccec2eb4ea77c45e8d4d4e77f867648d98797fdd8711d671c5f22669c60eb10bf9570150a2c247bf1e55cd1fb91e41588a73327e20823f2f15ce2255a75e6d8afb40aa37c5ae7af3fb6c770673242110d1e2c33cfd3264e2a156ae5ee38d5abfb2ad4c2a8a"], 0x40}}, 0x0) 01:40:51 executing program 1: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f0000000240)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) connect$unix(r2, &(0x7f00000003c0)=@abs={0x0, 0x0, 0x4e21}, 0x6e) r3 = getpid() sched_setscheduler(r3, 0x0, &(0x7f0000000200)=0x4) sched_setscheduler(r3, 0x3, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x9, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000ce0000000f000000010000000000000000000000002000000020000020000000d2f4655fd2f4655f0100ffff53ef010001000000d1f4655f000000000000000001000000000000000b00000080000000080000005247000062", 0x65, 0x400}, {&(0x7f0000010200)="010000000000050011", 0x9, 0x560}, {&(0x7f0000000340)="5592f5a1d5f96188c4f13642f86580c71242d6fde507f2256b84ec166db5a006e81bad794ee8360581757b4dfa96e3d18e06fd13bbc6ce9f25", 0x39, 0x640}, {&(0x7f0000010400)="030000001300000023000000ce", 0xd, 0x800}, {&(0x7f0000010500), 0x0, 0xc00}, {&(0x7f0000011600)="504d4d00504d4dff", 0x8, 0x4400}, {&(0x7f0000011700)="11", 0x1, 0x4800}, {&(0x7f0000012b00)="ed41000000040000d1f4655fd2f4655fd2f4655f00000000000004000200000000000800050000000af301000400000000000000000000000100000004", 0x3d, 0x8c80}, {0x0, 0x0, 0x8d00}], 0x0, &(0x7f0000013800)) r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000100)=ANY=[@ANYBLOB="18000000020000040000000000000001040000000e0000f1850000000e00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10) gettid() syz_mount_image$ext4(&(0x7f0000000300)='ext2\x00', &(0x7f0000000380)='./file0\x00', 0x2, 0x1, &(0x7f0000000500)=[{&(0x7f0000000440)="893e16d1d1bab8033ed18e752f0076697567bccd207cbe4f0c6dbf44237dcc5f7e334c9362693fae2870b21029a92bb932aa80eca64b241e535b8d9c49f344dd16f2c8d0d89b3918aee2d5fab5e22abeb853c89f62a3f98cd3ae9a1ee824b4ee197f08ae47cd78b0718c18b26c4dc0972ecd639190fd773764a0f9c7226653df2e0d6cfe84a4498c4cfd4ba58d93b64d4d019f8b3560bc0692582b9f28acb43ee31a2f4511cb", 0xa6, 0x22fd1668}], 0x4000, &(0x7f0000000540)={[{@jqfmt_vfsv1}, {@noinit_itable}, {@dax}], [{@subj_role={'subj_role', 0x3d, '.,)'}}]}) 01:40:51 executing program 4: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb", 0x1}, {0x0, 0x0, 0x40001001}], 0x0, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) chdir(&(0x7f00000001c0)='./file1\x00') connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r2 = creat(&(0x7f0000000040)='./bus\x00', 0x0) ftruncate(r2, 0x800) r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x0, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r3}, 0x10) lseek(r2, 0x200, 0x0) lseek(0xffffffffffffffff, 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5}, 0x0) r4 = open(&(0x7f0000000440)='./bus\x00', 0x24080, 0x20) sendfile(r2, r4, 0x0, 0x10000) 01:40:51 executing program 3: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000240)=0x1) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4000000010001fff000000000000586500000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00ed"], 0x40}}, 0x0) [ 2061.527687][T10331] syz-executor.4 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 2061.538360][T10331] CPU: 1 PID: 10331 Comm: syz-executor.4 Not tainted 5.19.0-rc6-syzkaller-00104-g72a8e05d4f66-dirty #0 [ 2061.549402][T10331] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 2061.559448][T10331] Call Trace: [ 2061.562717][T10331] [ 2061.565707][T10331] dump_stack_lvl+0xd6/0x122 [ 2061.570507][T10331] dump_stack+0x11/0x12 [ 2061.574662][T10331] dump_header+0x98/0x410 [ 2061.579052][T10331] oom_kill_process+0xfe/0x550 [ 2061.583875][T10331] out_of_memory+0x620/0x880 [ 2061.588453][T10331] mem_cgroup_oom+0x475/0x4f0 [ 2061.593246][T10331] try_charge_memcg+0x746/0x960 [ 2061.598165][T10331] obj_cgroup_charge+0x171/0x2b0 [ 2061.603087][T10331] memcg_slab_pre_alloc_hook+0xf7/0x170 [ 2061.608682][T10331] ? shmem_alloc_inode+0x2d/0x40 [ 2061.613673][T10331] kmem_cache_alloc_lru+0x76/0x2b0 [ 2061.618814][T10331] ? do_try_to_free_pages+0x702/0x720 [ 2061.624216][T10331] shmem_alloc_inode+0x2d/0x40 [ 2061.629073][T10331] ? shmem_match+0xa0/0xa0 [ 2061.633497][T10331] alloc_inode+0x38/0x150 [ 2061.637895][T10331] new_inode+0x21/0x140 [ 2061.642097][T10331] shmem_get_inode+0x22b/0x6e0 [ 2061.646862][T10331] __shmem_file_setup+0xef/0x1c0 [ 2061.651829][T10331] shmem_file_setup+0x37/0x40 [ 2061.656598][T10331] __se_sys_memfd_create+0x1c1/0x330 [ 2061.661950][T10331] __x64_sys_memfd_create+0x2d/0x40 [ 2061.667220][T10331] do_syscall_64+0x2b/0x70 [ 2061.671753][T10331] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 2061.677713][T10331] RIP: 0033:0x7fe837fac109 [ 2061.682142][T10331] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 2061.701776][T10331] RSP: 002b:00007fe837721f28 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 2061.710202][T10331] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007fe837fac109 [ 2061.718281][T10331] RDX: 000000000f202002 RSI: 0000000000000000 RDI: 00007fe8380051be [ 2061.726255][T10331] RBP: 0000000000000002 R08: 0000000040001001 R09: 0000000000000000 [ 2061.734267][T10331] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000008100000 [ 2061.742311][T10331] R13: 00000000200000c0 R14: 0000000008100000 R15: 0000000000000000 [ 2061.750370][T10331] [ 2061.753442][T10331] memory: usage 307200kB, limit 307200kB, failcnt 63512 [ 2061.760418][T10331] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 01:40:53 executing program 1: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f0000000240)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) connect$unix(r2, &(0x7f00000003c0)=@abs={0x0, 0x0, 0x4e21}, 0x6e) r3 = getpid() sched_setscheduler(r3, 0x0, &(0x7f0000000200)=0x4) sched_setscheduler(r3, 0x3, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x9, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000ce0000000f000000010000000000000000000000002000000020000020000000d2f4655fd2f4655f0100ffff53ef010001000000d1f4655f000000000000000001000000000000000b00000080000000080000005247000062", 0x65, 0x400}, {&(0x7f0000010200)="010000000000050011", 0x9, 0x560}, {&(0x7f0000000340)="5592f5a1d5f96188c4f13642f86580c71242d6fde507f2256b84ec166db5a006e81bad794ee8360581757b4dfa96e3d18e06fd13bbc6ce9f25", 0x39, 0x640}, {&(0x7f0000010400)="030000001300000023000000ce", 0xd, 0x800}, {&(0x7f0000010500), 0x0, 0xc00}, {&(0x7f0000011600)="504d4d00504d4dff", 0x8, 0x4400}, {&(0x7f0000011700)="11", 0x1, 0x4800}, {&(0x7f0000012b00)="ed41000000040000d1f4655fd2f4655fd2f4655f00000000000004000200000000000800050000000af301000400000000000000000000000100000004", 0x3d, 0x8c80}, {0x0, 0x0, 0x8d00}], 0x0, &(0x7f0000013800)) r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000100)=ANY=[@ANYBLOB="18000000020000040000000000000001040000000e0000f1850000000e00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10) gettid() syz_mount_image$ext4(&(0x7f0000000300)='ext2\x00', &(0x7f0000000380)='./file0\x00', 0x2, 0x1, &(0x7f0000000500)=[{&(0x7f0000000440)="893e16d1d1bab8033ed18e752f0076697567bccd207cbe4f0c6dbf44237dcc5f7e334c9362693fae2870b21029a92bb932aa80eca64b241e535b8d9c49f344dd16f2c8d0d89b3918aee2d5fab5e22abeb853c89f62a3f98cd3ae9a1ee824b4ee197f08ae47cd78b0718c18b26c4dc0972ecd639190fd773764a0f9c7226653df2e0d6cfe84a4498c4cfd4ba58d93b64d4d019f8b3560bc0692582b9f28acb43ee31a2f4511cb", 0xa6, 0x22fd1668}], 0x4000, &(0x7f0000000540)={[{@jqfmt_vfsv1}, {@noinit_itable}, {@dax}], [{@subj_role={'subj_role', 0x3d, '.,)'}}]}) 01:40:53 executing program 5: bpf$BPF_MAP_GET_FD_BY_ID(0x14, &(0x7f0000000040)={0x0, 0x0, 0x8}, 0xc) 01:40:53 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8}, 0x0) sched_setscheduler(0x0, 0x0, &(0x7f0000000080)=0x7) sched_setaffinity(0x0, 0x8, &(0x7f0000000240)=0x2) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f0000000180)=@abs, 0x6e) sendmmsg$unix(0xffffffffffffffff, &(0x7f00000bd000), 0x318, 0x0) connect$unix(r1, &(0x7f00000003c0)=@abs={0x0, 0x0, 0x4e21}, 0x6e) sched_setscheduler(0x0, 0x0, &(0x7f0000000200)=0x4) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x8, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000ce0000000f000000010000000000000000000000002000000020000020000000d2f4655fd2f4655f0100ffff53ef010001000000d1f4655f000000000000000001000000000000000b00000080000000080000005247", 0x62, 0x400}, {&(0x7f0000000340)="5592f5a1d5f96188c4f13642f86580c71242d6fde507f2256b84ec166db5a006e81bad794ee8360581757b4dfa96e3d18e06fd13bbc6ce9f", 0x38, 0x640}, {&(0x7f0000010400)="030000001300000023000000ce", 0xd, 0x800}, {&(0x7f0000010500), 0x0, 0xc00}, {&(0x7f0000011600)="504d4d00504d4dff", 0x8, 0x4400}, {&(0x7f0000011700)="111fc0d901000000803a09", 0xb, 0x4800}, {&(0x7f0000012b00)="ed41000000040000d1f4655fd2f4655fd2f4655f00000000000004000200000000000800050000000af301000400000000000000000000000100000004", 0x3d, 0x8c80}, {0x0, 0x0, 0x8d00}], 0x0, &(0x7f0000013800)) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) [ 2061.767360][T10331] Memory cgroup stats for /syz4: [ 2062.962121][T10331] anon 106496 [ 2062.962121][T10331] file 126976 [ 2062.962121][T10331] kernel 314335232 [ 2062.962121][T10331] kernel_stack 32768 [ 2062.962121][T10331] pagetables 77824 [ 2062.962121][T10331] percpu 11039616 [ 2062.962121][T10331] sock 0 [ 2062.962121][T10331] vmalloc 0 [ 2062.962121][T10331] shmem 126976 [ 2062.962121][T10331] file_mapped 126976 [ 2062.962121][T10331] file_dirty 0 [ 2062.962121][T10331] file_writeback 0 [ 2062.962121][T10331] swapcached 0 [ 2062.962121][T10331] inactive_anon 176128 [ 2062.962121][T10331] active_anon 57344 [ 2062.962121][T10331] inactive_file 0 [ 2062.962121][T10331] active_file 0 [ 2062.962121][T10331] unevictable 0 [ 2062.962121][T10331] slab_reclaimable 21744 [ 2062.962121][T10331] slab_unreclaimable 303124216 [ 2062.962121][T10331] slab 303145960 [ 2062.962121][T10331] workingset_refault_anon 0 [ 2062.962121][T10331] workingset_refault_file 15 [ 2062.962121][T10331] workingset_activate_anon 0 [ 2062.962121][T10331] workingset_activate_file 0 [ 2063.059637][T10331] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=10330,uid=0 [ 2063.074990][T10331] Memory cgroup out of memory: Killed process 10330 (syz-executor.4) total-vm:46444kB, anon-rss:388kB, file-rss:8192kB, shmem-rss:0kB, UID:0 pgtables:80kB oom_score_adj:1000 01:40:54 executing program 4: open(&(0x7f00000000c0)='./file0\x00', 0x81ff, 0x0) r0 = open(&(0x7f00009e1000)='./file0\x00', 0x0, 0x0) fcntl$setsig(r0, 0xa, 0x11) fcntl$setlease(r0, 0x400, 0x1) open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0) close(r0) [ 2063.702998][T10350] syz-executor.4 invoked oom-killer: gfp_mask=0xdc0(GFP_KERNEL|__GFP_ZERO), order=0, oom_score_adj=1000 [ 2063.714173][T10350] CPU: 0 PID: 10350 Comm: syz-executor.4 Not tainted 5.19.0-rc6-syzkaller-00104-g72a8e05d4f66-dirty #0 [ 2063.725274][T10350] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 2063.735336][T10350] Call Trace: [ 2063.738617][T10350] [ 2063.741562][T10350] dump_stack_lvl+0xd6/0x122 [ 2063.746238][T10350] dump_stack+0x11/0x12 [ 2063.750567][T10350] dump_header+0x98/0x410 [ 2063.754913][T10350] oom_kill_process+0xfe/0x550 [ 2063.759751][T10350] out_of_memory+0x620/0x880 [ 2063.764361][T10350] mem_cgroup_oom+0x475/0x4f0 [ 2063.769113][T10350] try_charge_memcg+0x746/0x960 [ 2063.774050][T10350] ? vmpressure+0xbb/0x230 [ 2063.778475][T10350] ? shrink_node_memcgs+0x3ed/0x400 [ 2063.783685][T10350] ? vmpressure+0xbb/0x230 [ 2063.788181][T10350] obj_cgroup_charge+0x171/0x2b0 [ 2063.793125][T10350] kmem_cache_alloc+0x92/0x300 [ 2063.797974][T10350] ? __alloc_file+0x2e/0x150 [ 2063.802593][T10350] __alloc_file+0x2e/0x150 [ 2063.807017][T10350] alloc_empty_file+0xcd/0x1c0 [ 2063.811864][T10350] path_openat+0x65/0x1b30 [ 2063.816294][T10350] ? shrink_zones+0x525/0x5d0 [ 2063.821057][T10350] do_filp_open+0x105/0x220 [ 2063.825574][T10350] do_sys_openat2+0xb5/0x2a0 [ 2063.830177][T10350] __x64_sys_open+0xe2/0x110 [ 2063.834779][T10350] do_syscall_64+0x2b/0x70 [ 2063.839259][T10350] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 2063.845191][T10350] RIP: 0033:0x7fe837fac109 [ 2063.849608][T10350] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 2063.869222][T10350] RSP: 002b:00007fe837722168 EFLAGS: 00000246 ORIG_RAX: 0000000000000002 [ 2063.877674][T10350] RAX: ffffffffffffffda RBX: 00007fe8380bef60 RCX: 00007fe837fac109 [ 2063.885750][T10350] RDX: 0000000000000000 RSI: 00000000000081ff RDI: 00000000200000c0 [ 2063.893723][T10350] RBP: 00007fe83800605d R08: 0000000000000000 R09: 0000000000000000 [ 2063.901739][T10350] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 2063.909712][T10350] R13: 00007ffd964f77ff R14: 00007fe837722300 R15: 0000000000022000 [ 2063.917749][T10350] [ 2063.920875][T10350] memory: usage 307192kB, limit 307200kB, failcnt 63577 [ 2063.927856][T10350] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 01:40:54 executing program 5: syz_mount_image$vfat(0x0, &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{0x0}, {0x0, 0x0, 0x40001001}], 0x0, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r2 = creat(&(0x7f0000000040)='./bus\x00', 0x0) r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r3}, 0x10) lseek(r2, 0x200, 0x0) lseek(0xffffffffffffffff, 0x0, 0x0) sched_setattr(0x0, 0x0, 0x0) r4 = open(&(0x7f0000000440)='./bus\x00', 0x24080, 0x20) sendfile(r2, r4, 0x0, 0x10000) [ 2063.934762][T10350] Memory cgroup stats for /syz4: [ 2063.976207][T10350] anon 110592 [ 2063.976207][T10350] file 126976 [ 2063.976207][T10350] kernel 314335232 [ 2063.976207][T10350] kernel_stack 32768 [ 2063.976207][T10350] pagetables 81920 [ 2063.976207][T10350] percpu 11039616 [ 2063.976207][T10350] sock 0 [ 2063.976207][T10350] vmalloc 0 [ 2063.976207][T10350] shmem 126976 [ 2063.976207][T10350] file_mapped 126976 [ 2063.976207][T10350] file_dirty 0 [ 2063.976207][T10350] file_writeback 0 [ 2063.976207][T10350] swapcached 0 [ 2063.976207][T10350] inactive_anon 139264 [ 2063.976207][T10350] active_anon 57344 [ 2063.976207][T10350] inactive_file 0 [ 2063.976207][T10350] active_file 0 [ 2063.976207][T10350] unevictable 0 [ 2063.976207][T10350] slab_reclaimable 14048 [ 2063.976207][T10350] slab_unreclaimable 303127408 [ 2063.976207][T10350] slab 303141456 [ 2063.976207][T10350] workingset_refault_anon 0 [ 2063.976207][T10350] workingset_refault_file 15 [ 2063.976207][T10350] workingset_activate_anon 0 [ 2063.976207][T10350] workingset_activate_file 0 01:40:54 executing program 4: prlimit64(0x0, 0x0, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f0000000240)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) connect$unix(r2, &(0x7f00000003c0)=@abs={0x0, 0x0, 0x4e21}, 0x6e) r3 = getpid() sched_setscheduler(r3, 0x0, &(0x7f0000000200)=0x4) sched_setscheduler(r3, 0x3, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x0, 0x0) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x9, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000ce0000000f000000010000000000000000000000002000000020000020000000d2f4655fd2f4655f0100ffff53ef010001000000d1f4655f000000000000000001000000000000000b00000080", 0x59, 0x400}, {&(0x7f0000010200)="010000000000050011", 0x9, 0x560}, {&(0x7f0000000340)="5592f5a1d5f96188c4f13642f86580c71242d6fde507f2256b84ec166db5a006e81bad794ee8360581757b4dfa96e3d18e", 0x31, 0x640}, {&(0x7f0000010400)="030000001300000023000000ce", 0xd, 0x800}, {&(0x7f0000010500), 0x0, 0xc00}, {&(0x7f0000011600)="504d4d00504d4dff", 0x8, 0x4400}, {&(0x7f0000011700)="111fc0d901000000803a09", 0xb}, {&(0x7f0000012b00)="ed41000000040000d1f4655fd2f4655fd2f4655f00000000000004000200000000000800050000000af301000400000000000000000000000100000004", 0x3d, 0x8c80}, {0x0, 0x0, 0x8d00}], 0x0, &(0x7f0000013800)) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, 0x0, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80) gettid() syz_mount_image$ext4(0x0, 0x0, 0x2, 0x1, &(0x7f0000000500)=[{0x0, 0x0, 0x22fd1668}], 0x4000, &(0x7f0000000540)={[{@jqfmt_vfsv1}, {@noinit_itable}, {@dax}], [{@subj_role={'subj_role', 0x3d, '.,)'}}]}) 01:40:54 executing program 0: getpid() socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, 0x0, 0x0, 0x2, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4000000010001fff000000120000000000000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00edd62ea20a1d331785", @ANYBLOB="f6058f6edd13b339a41741df7cc8ce16a184f1c3ce95557b15a6b9d8ed59050d446d58b1b14a601e31bc1f05ac2d5eab491981e7982e0834ddf3bc6592804936196dbce83b114f9265aa8c87654cf456311e4cba3ee22fd0451b75c902767755ccec2eb4ea77c45e8d4d4e77f867648d98797fdd8711d671c5f22669c60eb10bf9570150a2c247bf1e55cd1fb91e41588a73327e20823f2f15ce2255a75e6d8afb40aa37c5ae7af3fb6c770673242110d1e2c33cfd3264e2a156ae5ee38d5abfb2ad4c2a8a"], 0x40}}, 0x0) [ 2064.072384][T10350] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=10349,uid=0 [ 2064.087754][T10350] Memory cgroup out of memory: Killed process 10349 (syz-executor.4) total-vm:46444kB, anon-rss:388kB, file-rss:8192kB, shmem-rss:0kB, UID:0 pgtables:84kB oom_score_adj:1000 [ 2064.172586][T10358] syz-executor.4 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 2064.182854][T10358] CPU: 1 PID: 10358 Comm: syz-executor.4 Not tainted 5.19.0-rc6-syzkaller-00104-g72a8e05d4f66-dirty #0 [ 2064.193918][T10358] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 2064.204043][T10358] Call Trace: [ 2064.207316][T10358] [ 2064.210244][T10358] dump_stack_lvl+0xd6/0x122 [ 2064.214866][T10358] dump_stack+0x11/0x12 [ 2064.219038][T10358] dump_header+0x98/0x410 [ 2064.223603][T10358] oom_kill_process+0xfe/0x550 [ 2064.228382][T10358] out_of_memory+0x620/0x880 [ 2064.233011][T10358] mem_cgroup_oom+0x475/0x4f0 [ 2064.237698][T10358] try_charge_memcg+0x746/0x960 [ 2064.242596][T10358] charge_memcg+0x63/0x2c0 [ 2064.247007][T10358] __mem_cgroup_charge+0x25/0xa0 [ 2064.251946][T10358] do_anonymous_page+0x1d6/0xa20 [ 2064.256892][T10358] handle_mm_fault+0x8a0/0xa90 [ 2064.261653][T10358] do_user_addr_fault+0x4cd/0x940 [ 2064.266686][T10358] exc_page_fault+0x60/0x160 [ 2064.271303][T10358] asm_exc_page_fault+0x22/0x30 [ 2064.276157][T10358] RIP: 0033:0x7fe837f57d0d [ 2064.280585][T10358] Code: e0 04 8b 44 02 08 85 c0 0f 85 d0 0a 00 00 31 c0 b9 40 42 0f 00 ba 81 00 00 00 c7 06 01 00 00 00 bf ca 00 00 00 e8 e3 43 05 00 <83> 05 ec b2 56 00 01 80 bc 24 d8 00 00 00 00 0f b6 05 6f 06 0a 01 [ 2064.300254][T10358] RSP: 002b:00007ffd964f7880 EFLAGS: 00010217 [ 2064.306352][T10358] RAX: 0000000000000000 RBX: 00007fe8380bef6c RCX: 00007fe837fac109 [ 2064.314317][T10358] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007fe8380bef68 [ 2064.322334][T10358] RBP: 00007fe8380bef60 R08: 00007fe837722700 R09: 0000000000000000 [ 2064.330399][T10358] R10: 00007fe837722700 R11: 0000000000000246 R12: 00007fe8380bef6c [ 2064.338436][T10358] R13: 00007fe8380c30c8 R14: 00007fe8380bef60 R15: 0000000000000000 [ 2064.346453][T10358] [ 2064.349571][T10358] memory: usage 307192kB, limit 307200kB, failcnt 63668 [ 2064.356527][T10358] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2064.363430][T10358] Memory cgroup stats for /syz4: [ 2064.372535][T10358] anon 98304 [ 2064.372535][T10358] file 126976 [ 2064.372535][T10358] kernel 314335232 [ 2064.372535][T10358] kernel_stack 32768 [ 2064.372535][T10358] pagetables 77824 [ 2064.372535][T10358] percpu 11039616 [ 2064.372535][T10358] sock 0 [ 2064.372535][T10358] vmalloc 0 [ 2064.372535][T10358] shmem 126976 [ 2064.372535][T10358] file_mapped 126976 [ 2064.372535][T10358] file_dirty 0 [ 2064.372535][T10358] file_writeback 0 [ 2064.372535][T10358] swapcached 0 [ 2064.372535][T10358] inactive_anon 167936 [ 2064.372535][T10358] active_anon 57344 [ 2064.372535][T10358] inactive_file 0 [ 2064.372535][T10358] active_file 0 [ 2064.372535][T10358] unevictable 0 [ 2064.372535][T10358] slab_reclaimable 15840 [ 2064.372535][T10358] slab_unreclaimable 303129280 [ 2064.372535][T10358] slab 303145120 [ 2064.372535][T10358] workingset_refault_anon 0 [ 2064.372535][T10358] workingset_refault_file 15 [ 2064.372535][T10358] workingset_activate_anon 0 [ 2064.372535][T10358] workingset_activate_file 0 01:40:54 executing program 2: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000240)=0x1) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4000000010001fff000000000000002000000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00ed"], 0x40}}, 0x0) 01:40:54 executing program 3: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000240)=0x1) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4000000010001fff000000000000006800000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00ed"], 0x40}}, 0x0) 01:40:54 executing program 1: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f0000000240)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) connect$unix(r2, &(0x7f00000003c0)=@abs={0x0, 0x0, 0x4e21}, 0x6e) r3 = getpid() sched_setscheduler(r3, 0x0, &(0x7f0000000200)=0x4) sched_setscheduler(r3, 0x3, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x9, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000ce0000000f000000010000000000000000000000002000000020000020000000d2f4655fd2f4655f0100ffff53ef010001000000d1f4655f000000000000000001000000000000000b00000080000000080000005247000062", 0x65, 0x400}, {&(0x7f0000010200)="010000000000050011", 0x9, 0x560}, {&(0x7f0000000340)="5592f5a1d5f96188c4f13642f86580c71242d6fde507f2256b84ec166db5a006e81bad794ee8360581757b4dfa96e3d18e06fd13bbc6ce9f25", 0x39, 0x640}, {&(0x7f0000010400)="030000001300000023000000ce", 0xd, 0x800}, {&(0x7f0000010500), 0x0, 0xc00}, {&(0x7f0000011600)="504d4d00504d4dff", 0x8, 0x4400}, {&(0x7f0000011700)="11", 0x1, 0x4800}, {&(0x7f0000012b00)="ed41000000040000d1f4655fd2f4655fd2f4655f00000000000004000200000000000800050000000af301000400000000000000000000000100000004", 0x3d, 0x8c80}, {0x0, 0x0, 0x8d00}], 0x0, &(0x7f0000013800)) r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000100)=ANY=[@ANYBLOB="18000000020000040000000000000001040000000e0000f1850000000e00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10) gettid() syz_mount_image$ext4(&(0x7f0000000300)='ext2\x00', &(0x7f0000000380)='./file0\x00', 0x2, 0x1, &(0x7f0000000500)=[{&(0x7f0000000440)="893e16d1d1bab8033ed18e752f0076697567bccd207cbe4f0c6dbf44237dcc5f7e334c9362693fae2870b21029a92bb932aa80eca64b241e535b8d9c49f344dd16f2c8d0d89b3918aee2d5fab5e22abeb853c89f62a3f98cd3ae9a1ee824b4ee197f08ae47cd78b0718c18b26c4dc0972ecd639190fd773764a0f9c7226653df2e0d6cfe84a4498c4cfd4ba58d93b64d4d019f8b3560bc0692582b9f28acb43ee31a2f4511cb", 0xa6, 0x22fd1668}], 0x4000, &(0x7f0000000540)={[{@jqfmt_vfsv1}, {@noinit_itable}, {@dax}], [{@subj_role={'subj_role', 0x3d, '.,)'}}]}) 01:40:54 executing program 4: mkdir(&(0x7f0000000180)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000000)='sysfs\x00', 0x0, 0x0) [ 2064.468128][T10358] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=10358,uid=0 [ 2064.483458][T10358] Memory cgroup out of memory: Killed process 10358 (syz-executor.4) total-vm:46312kB, anon-rss:388kB, file-rss:8192kB, shmem-rss:0kB, UID:0 pgtables:80kB oom_score_adj:1000 01:40:56 executing program 1: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f0000000240)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) connect$unix(r2, &(0x7f00000003c0)=@abs={0x0, 0x0, 0x4e21}, 0x6e) r3 = getpid() sched_setscheduler(r3, 0x0, &(0x7f0000000200)=0x4) sched_setscheduler(r3, 0x3, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x9, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000ce0000000f000000010000000000000000000000002000000020000020000000d2f4655fd2f4655f0100ffff53ef010001000000d1f4655f000000000000000001000000000000000b00000080000000080000005247000062", 0x65, 0x400}, {&(0x7f0000010200)="010000000000050011", 0x9, 0x560}, {&(0x7f0000000340)="5592f5a1d5f96188c4f13642f86580c71242d6fde507f2256b84ec166db5a006e81bad794ee8360581757b4dfa96e3d18e06fd13bbc6ce9f25", 0x39, 0x640}, {&(0x7f0000010400)="030000001300000023000000ce", 0xd, 0x800}, {&(0x7f0000010500), 0x0, 0xc00}, {&(0x7f0000011600)="504d4d00504d4dff", 0x8, 0x4400}, {&(0x7f0000011700)="11", 0x1, 0x4800}, {&(0x7f0000012b00)="ed41000000040000d1f4655fd2f4655fd2f4655f00000000000004000200000000000800050000000af301000400000000000000000000000100000004", 0x3d, 0x8c80}, {0x0, 0x0, 0x8d00}], 0x0, &(0x7f0000013800)) r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000100)=ANY=[@ANYBLOB="18000000020000040000000000000001040000000e0000f1850000000e00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10) gettid() syz_mount_image$ext4(&(0x7f0000000300)='ext2\x00', &(0x7f0000000380)='./file0\x00', 0x2, 0x1, &(0x7f0000000500)=[{&(0x7f0000000440)="893e16d1d1bab8033ed18e752f0076697567bccd207cbe4f0c6dbf44237dcc5f7e334c9362693fae2870b21029a92bb932aa80eca64b241e535b8d9c49f344dd16f2c8d0d89b3918aee2d5fab5e22abeb853c89f62a3f98cd3ae9a1ee824b4ee197f08ae47cd78b0718c18b26c4dc0972ecd639190fd773764a0f9c7226653df2e0d6cfe84a4498c4cfd4ba58d93b64d4d019f8b3560bc0692582b9f28acb43ee31a2f4511cb", 0xa6, 0x22fd1668}], 0x4000, &(0x7f0000000540)={[{@jqfmt_vfsv1}, {@noinit_itable}, {@dax}], [{@subj_role={'subj_role', 0x3d, '.,)'}}]}) 01:40:56 executing program 0: getpid() socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, 0x0, 0x0, 0x2, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4000000010001fff00002c130000000000000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00edd62ea20a1d331785", @ANYBLOB="f6058f6edd13b339a41741df7cc8ce16a184f1c3ce95557b15a6b9d8ed59050d446d58b1b14a601e31bc1f05ac2d5eab491981e7982e0834ddf3bc6592804936196dbce83b114f9265aa8c87654cf456311e4cba3ee22fd0451b75c902767755ccec2eb4ea77c45e8d4d4e77f867648d98797fdd8711d671c5f22669c60eb10bf9570150a2c247bf1e55cd1fb91e41588a73327e20823f2f15ce2255a75e6d8afb40aa37c5ae7af3fb6c770673242110d1e2c33cfd3264e2a156ae5ee38d5abfb2ad4c2a8a"], 0x40}}, 0x0) [ 2065.995594][T10367] syz-executor.4 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 2066.005821][T10367] CPU: 1 PID: 10367 Comm: syz-executor.4 Not tainted 5.19.0-rc6-syzkaller-00104-g72a8e05d4f66-dirty #0 [ 2066.016903][T10367] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 2066.027044][T10367] Call Trace: [ 2066.030322][T10367] [ 2066.033277][T10367] dump_stack_lvl+0xd6/0x122 [ 2066.037968][T10367] dump_stack+0x11/0x12 [ 2066.042195][T10367] dump_header+0x98/0x410 [ 2066.046586][T10367] oom_kill_process+0xfe/0x550 [ 2066.051351][T10367] out_of_memory+0x620/0x880 [ 2066.056004][T10367] mem_cgroup_oom+0x475/0x4f0 [ 2066.061033][T10367] try_charge_memcg+0x746/0x960 [ 2066.065988][T10367] charge_memcg+0x63/0x2c0 [ 2066.070401][T10367] __mem_cgroup_charge+0x25/0xa0 [ 2066.075354][T10367] wp_page_copy+0x20f/0x1460 [ 2066.079953][T10367] ? shrink_zones+0x525/0x5d0 [ 2066.084654][T10367] do_wp_page+0x76f/0xe10 [ 2066.088994][T10367] handle_mm_fault+0x5fb/0xa90 [ 2066.093794][T10367] do_user_addr_fault+0x4cd/0x940 [ 2066.098909][T10367] exc_page_fault+0x60/0x160 [ 2066.103503][T10367] asm_exc_page_fault+0x22/0x30 [ 2066.108367][T10367] RIP: 0033:0x7fe837f5a340 [ 2066.112823][T10367] Code: fe ff 49 39 dc 75 eb 48 8b 44 24 18 89 28 48 83 c4 28 5b 5d 41 5c 41 5d 41 5e 41 5f c3 0f 1f 44 00 00 41 89 c5 e9 75 fe ff ff <43> 89 2c 84 e9 a3 fe ff ff 0f 1f 80 00 00 00 00 49 39 d4 74 70 48 [ 2066.132442][T10367] RSP: 002b:00007ffd964f7790 EFLAGS: 00010246 [ 2066.138524][T10367] RAX: 0000000011090239 RBX: 00007fe8380beff8 RCX: 0000001b2de20000 [ 2066.146509][T10367] RDX: 0000000000000000 RSI: 0000001b2de20018 RDI: 0000000008f05e9f [ 2066.154479][T10367] RBP: 0000000011090239 R08: 0000000000000239 R09: 000000001109023d [ 2066.162448][T10367] R10: 00007ffd964f7960 R11: 0000000000000246 R12: 00007fe8380b3000 [ 2066.170415][T10367] R13: 0000000000000001 R14: 0000000000000005 R15: ffffffff81522a19 [ 2066.178385][T10367] ? __check_object_size+0x19/0x200 [ 2066.183644][T10367] [ 2066.186862][T10367] memory: usage 307196kB, limit 307200kB, failcnt 63737 [ 2066.193845][T10367] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2066.200724][T10367] Memory cgroup stats for /syz4: [ 2066.771105][T10367] anon 110592 [ 2066.771105][T10367] file 126976 [ 2066.771105][T10367] kernel 314322944 [ 2066.771105][T10367] kernel_stack 32768 [ 2066.771105][T10367] pagetables 77824 [ 2066.771105][T10367] percpu 11039616 [ 2066.771105][T10367] sock 0 [ 2066.771105][T10367] vmalloc 0 [ 2066.771105][T10367] shmem 126976 [ 2066.771105][T10367] file_mapped 126976 [ 2066.771105][T10367] file_dirty 0 [ 2066.771105][T10367] file_writeback 0 [ 2066.771105][T10367] swapcached 0 [ 2066.771105][T10367] inactive_anon 180224 [ 2066.771105][T10367] active_anon 57344 [ 2066.771105][T10367] inactive_file 0 [ 2066.771105][T10367] active_file 0 [ 2066.771105][T10367] unevictable 0 [ 2066.771105][T10367] slab_reclaimable 17216 [ 2066.771105][T10367] slab_unreclaimable 303118864 [ 2066.771105][T10367] slab 303136080 [ 2066.771105][T10367] workingset_refault_anon 0 [ 2066.771105][T10367] workingset_refault_file 15 [ 2066.771105][T10367] workingset_activate_anon 0 [ 2066.771105][T10367] workingset_activate_file 0 [ 2066.867034][T10367] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=10367,uid=0 [ 2066.882320][T10367] Memory cgroup out of memory: Killed process 10367 (syz-executor.4) total-vm:46312kB, anon-rss:388kB, file-rss:8192kB, shmem-rss:0kB, UID:0 pgtables:80kB oom_score_adj:1000 01:40:57 executing program 3: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000240)=0x1) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4000000010001fff000000000000006c00000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00ed"], 0x40}}, 0x0) 01:40:57 executing program 4: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f8", 0x16}, {0x0, 0x0, 0x40001001}], 0x0, &(0x7f0000000180)=ANY=[]) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) chdir(&(0x7f00000001c0)='./file1\x00') connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r2 = creat(&(0x7f0000000040)='./bus\x00', 0x0) accept4(0xffffffffffffffff, 0x0, 0x0, 0x80000) ftruncate(r2, 0x800) r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r3}, 0x10) lseek(r2, 0x200, 0x0) lseek(0xffffffffffffffff, 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5}, 0x0) r4 = open(&(0x7f0000000440)='./bus\x00', 0x24080, 0x20) sendfile(r2, r4, 0x0, 0x10000) 01:40:57 executing program 0: getpid() socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, 0x0, 0x0, 0x2, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4000000010001fff000000140000000000000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00edd62ea20a1d331785", @ANYBLOB="f6058f6edd13b339a41741df7cc8ce16a184f1c3ce95557b15a6b9d8ed59050d446d58b1b14a601e31bc1f05ac2d5eab491981e7982e0834ddf3bc6592804936196dbce83b114f9265aa8c87654cf456311e4cba3ee22fd0451b75c902767755ccec2eb4ea77c45e8d4d4e77f867648d98797fdd8711d671c5f22669c60eb10bf9570150a2c247bf1e55cd1fb91e41588a73327e20823f2f15ce2255a75e6d8afb40aa37c5ae7af3fb6c770673242110d1e2c33cfd3264e2a156ae5ee38d5abfb2ad4c2a8a"], 0x40}}, 0x0) [ 2067.249009][T10390] loop4: detected capacity change from 0 to 264192 [ 2067.270324][T10390] syz-executor.4 invoked oom-killer: gfp_mask=0x408d40(GFP_NOFS|__GFP_NOFAIL|__GFP_ZERO|__GFP_ACCOUNT), order=0, oom_score_adj=1000 [ 2067.284047][T10390] CPU: 1 PID: 10390 Comm: syz-executor.4 Not tainted 5.19.0-rc6-syzkaller-00104-g72a8e05d4f66-dirty #0 [ 2067.295079][T10390] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 2067.305221][T10390] Call Trace: [ 2067.308502][T10390] [ 2067.311471][T10390] dump_stack_lvl+0xd6/0x122 [ 2067.316141][T10390] dump_stack+0x11/0x12 [ 2067.320380][T10390] dump_header+0x98/0x410 [ 2067.324741][T10390] oom_kill_process+0xfe/0x550 [ 2067.329592][T10390] out_of_memory+0x620/0x880 [ 2067.334208][T10390] mem_cgroup_oom+0x475/0x4f0 [ 2067.338956][T10390] try_charge_memcg+0x746/0x960 [ 2067.343851][T10390] ? __perf_event_task_sched_out+0xed6/0xf00 [ 2067.350022][T10390] ? debug_smp_processor_id+0x13/0x20 [ 2067.355418][T10390] ? mod_objcg_state+0x474/0x580 [ 2067.360357][T10390] ? finish_task_switch+0xc5/0x260 [ 2067.365544][T10390] obj_cgroup_charge+0x171/0x2b0 [ 2067.370505][T10390] kmem_cache_alloc+0x92/0x300 [ 2067.375292][T10390] ? alloc_buffer_head+0x2b/0xd0 [ 2067.380342][T10390] alloc_buffer_head+0x2b/0xd0 [ 2067.385125][T10390] alloc_page_buffers+0x179/0x380 [ 2067.390263][T10390] grow_dev_page+0x11a/0x600 [ 2067.394856][T10390] __getblk_gfp+0x112/0x1c0 [ 2067.399367][T10390] __bread_gfp+0x28/0x220 [ 2067.403828][T10390] fat_fill_super+0xdd2/0x26c0 [ 2067.408700][T10390] ? vfat_fill_super+0x40/0x40 [ 2067.413559][T10390] ? vsnprintf+0xe2a/0xe80 [ 2067.418004][T10390] vfat_fill_super+0x2c/0x40 [ 2067.422609][T10390] mount_bdev+0x1e2/0x280 [ 2067.426971][T10390] ? vfat_mount+0x40/0x40 [ 2067.431413][T10390] ? __fat_nfs_get_inode+0x250/0x250 [ 2067.436722][T10390] vfat_mount+0x2d/0x40 [ 2067.440892][T10390] legacy_get_tree+0x70/0xc0 [ 2067.445495][T10390] vfs_get_tree+0x49/0x190 [ 2067.450173][T10390] do_new_mount+0x200/0x650 [ 2067.454750][T10390] path_mount+0x4b1/0xb60 [ 2067.459094][T10390] __se_sys_mount+0x281/0x2d0 [ 2067.463782][T10390] __x64_sys_mount+0x63/0x70 [ 2067.468401][T10390] do_syscall_64+0x2b/0x70 [ 2067.472897][T10390] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 2067.478882][T10390] RIP: 0033:0x7fe837fad63a [ 2067.483293][T10390] Code: 48 c7 c2 b8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 2067.502937][T10390] RSP: 002b:00007fe837721f88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 2067.511463][T10390] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00007fe837fad63a [ 2067.519440][T10390] RDX: 0000000020000000 RSI: 00000000200000c0 RDI: 00007fe837721fe0 [ 2067.527504][T10390] RBP: 00007fe837722020 R08: 00007fe837722020 R09: 0000000020000000 [ 2067.535483][T10390] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000020000000 [ 2067.543462][T10390] R13: 00000000200000c0 R14: 00007fe837721fe0 R15: 0000000020000180 [ 2067.551605][T10390] [ 2067.554685][T10390] memory: usage 307200kB, limit 307200kB, failcnt 63790 [ 2067.561695][T10390] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2067.568595][T10390] Memory cgroup stats for /syz4: [ 2067.578021][T10390] anon 110592 [ 2067.578021][T10390] file 135168 [ 2067.578021][T10390] kernel 314327040 [ 2067.578021][T10390] kernel_stack 32768 [ 2067.578021][T10390] pagetables 77824 [ 2067.578021][T10390] percpu 11039616 [ 2067.578021][T10390] sock 0 [ 2067.578021][T10390] vmalloc 0 [ 2067.578021][T10390] shmem 131072 [ 2067.578021][T10390] file_mapped 126976 [ 2067.578021][T10390] file_dirty 0 [ 2067.578021][T10390] file_writeback 0 [ 2067.578021][T10390] swapcached 0 [ 2067.578021][T10390] inactive_anon 176128 [ 2067.578021][T10390] active_anon 61440 [ 2067.578021][T10390] inactive_file 0 [ 2067.578021][T10390] active_file 0 [ 2067.578021][T10390] unevictable 0 [ 2067.578021][T10390] slab_reclaimable 17976 01:40:58 executing program 5: syz_mount_image$vfat(0x0, &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{0x0}, {0x0, 0x0, 0x40001001}], 0x0, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r2 = creat(&(0x7f0000000040)='./bus\x00', 0x0) r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r3}, 0x10) lseek(r2, 0x200, 0x0) lseek(0xffffffffffffffff, 0x0, 0x0) sched_setattr(0x0, 0x0, 0x0) r4 = open(&(0x7f0000000440)='./bus\x00', 0x24080, 0x20) sendfile(r2, r4, 0x0, 0x10000) 01:40:58 executing program 1: r0 = socket$inet(0x2, 0x2, 0x0) ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(r0, 0x89f1, &(0x7f0000000080)={'ip_vti0\x00', &(0x7f0000000000)={'tunl0\x00', 0x0, 0x0, 0x0, 0x0, 0x0, {{0x5, 0x4, 0x0, 0x0, 0x14, 0x0, 0x0, 0x0, 0x0, 0x0, @dev, @loopback}}}}) [ 2067.578021][T10390] slab_unreclaimable 303124768 [ 2067.578021][T10390] slab 303142744 [ 2067.578021][T10390] workingset_refault_anon 0 [ 2067.578021][T10390] workingset_refault_file 15 [ 2067.578021][T10390] workingset_activate_anon 0 [ 2067.578021][T10390] workingset_activate_file 0 [ 2067.674743][T10390] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=10387,uid=0 01:40:58 executing program 2: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000240)=0x1) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4000000010001fff000000000000012200000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00ed"], 0x40}}, 0x0) 01:40:58 executing program 1: bpf$PROG_LOAD(0x5, &(0x7f0000000ac0)={0x0, 0x0, &(0x7f0000000840), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000a00)={0x7, 0x1}, 0x8, 0x10, 0x0, 0x0, 0xffffffffffffffff}, 0x80) ioctl$TUNSETIFINDEX(0xffffffffffffffff, 0x400454da, 0x0) r0 = syz_clone(0x40000000, &(0x7f00000004c0), 0x0, 0x0, 0x0, 0x0) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000680)={r0, 0xffffffffffffffff, 0x0, 0x0, 0x0}, 0x30) bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000b40)={&(0x7f0000000a00)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x5, [@union={0x4, 0x0, 0x0, 0x5, 0x1}]}, {0x0, [0x5f, 0x61, 0x0]}}, &(0x7f0000000a80)=""/139, 0x29, 0x8b}, 0x20) 01:40:58 executing program 0: getpid() socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, 0x0, 0x0, 0x2, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4000000010001fff0000021a0000000000000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00edd62ea20a1d331785", @ANYBLOB="f6058f6edd13b339a41741df7cc8ce16a184f1c3ce95557b15a6b9d8ed59050d446d58b1b14a601e31bc1f05ac2d5eab491981e7982e0834ddf3bc6592804936196dbce83b114f9265aa8c87654cf456311e4cba3ee22fd0451b75c902767755ccec2eb4ea77c45e8d4d4e77f867648d98797fdd8711d671c5f22669c60eb10bf9570150a2c247bf1e55cd1fb91e41588a73327e20823f2f15ce2255a75e6d8afb40aa37c5ae7af3fb6c770673242110d1e2c33cfd3264e2a156ae5ee38d5abfb2ad4c2a8a"], 0x40}}, 0x0) [ 2067.690252][T10390] Memory cgroup out of memory: Killed process 10387 (syz-executor.4) total-vm:46444kB, anon-rss:388kB, file-rss:8192kB, shmem-rss:0kB, UID:0 pgtables:80kB oom_score_adj:1000 [ 2067.725768][T10390] FAT-fs (loop4): bogus number of FAT sectors [ 2067.731918][T10390] FAT-fs (loop4): Can't find a valid FAT filesystem 01:40:58 executing program 4: keyctl$chown(0x6, 0x0, 0x0, 0xee00) 01:40:58 executing program 3: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000240)=0x1) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4000000010001fff000000000000026e00000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00ed"], 0x40}}, 0x0) [ 2068.130033][T10409] syz-executor.4 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 2068.140260][T10409] CPU: 1 PID: 10409 Comm: syz-executor.4 Not tainted 5.19.0-rc6-syzkaller-00104-g72a8e05d4f66-dirty #0 [ 2068.151309][T10409] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 2068.161363][T10409] Call Trace: [ 2068.164669][T10409] [ 2068.167608][T10409] dump_stack_lvl+0xd6/0x122 [ 2068.172226][T10409] dump_stack+0x11/0x12 [ 2068.176432][T10409] dump_header+0x98/0x410 [ 2068.180837][T10409] oom_kill_process+0xfe/0x550 [ 2068.185696][T10409] out_of_memory+0x620/0x880 [ 2068.190296][T10409] mem_cgroup_oom+0x475/0x4f0 [ 2068.195019][T10409] try_charge_memcg+0x746/0x960 [ 2068.199871][T10409] charge_memcg+0x63/0x2c0 [ 2068.204357][T10409] __mem_cgroup_charge+0x25/0xa0 [ 2068.209311][T10409] wp_page_copy+0x20f/0x1460 [ 2068.213911][T10409] ? ___bpf_prog_run+0x2d5f/0x2da0 [ 2068.219073][T10409] do_wp_page+0x76f/0xe10 [ 2068.223439][T10409] handle_mm_fault+0x5fb/0xa90 01:40:58 executing program 1: bpf$PROG_LOAD(0x5, &(0x7f0000000ac0)={0x0, 0x0, &(0x7f0000000840), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000a00)={0x7, 0x1}, 0x8, 0x10, 0x0, 0x0, 0xffffffffffffffff}, 0x80) ioctl$TUNSETIFINDEX(0xffffffffffffffff, 0x400454da, 0x0) r0 = syz_clone(0x40000000, &(0x7f00000004c0), 0x0, 0x0, 0x0, 0x0) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000680)={r0, 0xffffffffffffffff, 0x0, 0x0, 0x0}, 0x30) bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000b40)={&(0x7f0000000a00)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x5, [@union={0x4, 0x0, 0x0, 0x5, 0x1}]}, {0x0, [0x5f, 0x61, 0x0]}}, &(0x7f0000000a80)=""/139, 0x29, 0x8b}, 0x20) [ 2068.228212][T10409] do_user_addr_fault+0x4cd/0x940 [ 2068.233284][T10409] exc_page_fault+0x60/0x160 [ 2068.237882][T10409] asm_exc_page_fault+0x22/0x30 [ 2068.242831][T10409] RIP: 0033:0x7fe837f5a340 [ 2068.247335][T10409] Code: fe ff 49 39 dc 75 eb 48 8b 44 24 18 89 28 48 83 c4 28 5b 5d 41 5c 41 5d 41 5e 41 5f c3 0f 1f 44 00 00 41 89 c5 e9 75 fe ff ff <43> 89 2c 84 e9 a3 fe ff ff 0f 1f 80 00 00 00 00 49 39 d4 74 70 48 [ 2068.267118][T10409] RSP: 002b:00007ffd964f7790 EFLAGS: 00010246 [ 2068.273375][T10409] RAX: 00000000ff7e1541 RBX: 00007fe8380beff8 RCX: 0000001b2de20000 [ 2068.281355][T10409] RDX: 0000000000000000 RSI: 0000001b2de20018 RDI: 0000000008e09ee1 [ 2068.289350][T10409] RBP: 00000000ff7e1541 R08: 0000000000001541 R09: 00000000ff7e1545 [ 2068.297376][T10409] R10: 00007ffd964f7960 R11: 0000000000000246 R12: 00007fe8380b3000 [ 2068.305354][T10409] R13: 0000000000000001 R14: 0000000000000008 R15: ffffffff818f8666 [ 2068.313328][T10409] ? keyctl_describe_key+0x46/0x360 [ 2068.318554][T10409] [ 2068.321716][T10409] memory: usage 307200kB, limit 307200kB, failcnt 63886 [ 2068.328746][T10409] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2068.335656][T10409] Memory cgroup stats for /syz4: [ 2068.356349][T10409] anon 118784 [ 2068.356349][T10409] file 126976 [ 2068.356349][T10409] kernel 314327040 [ 2068.356349][T10409] kernel_stack 32768 [ 2068.356349][T10409] pagetables 69632 [ 2068.356349][T10409] percpu 11039616 [ 2068.356349][T10409] sock 0 [ 2068.356349][T10409] vmalloc 0 [ 2068.356349][T10409] shmem 126976 [ 2068.356349][T10409] file_mapped 126976 [ 2068.356349][T10409] file_dirty 0 [ 2068.356349][T10409] file_writeback 0 [ 2068.356349][T10409] swapcached 0 [ 2068.356349][T10409] inactive_anon 188416 [ 2068.356349][T10409] active_anon 57344 [ 2068.356349][T10409] inactive_file 0 [ 2068.356349][T10409] active_file 0 [ 2068.356349][T10409] unevictable 0 [ 2068.356349][T10409] slab_reclaimable 15840 [ 2068.356349][T10409] slab_unreclaimable 303129120 [ 2068.356349][T10409] slab 303144960 [ 2068.356349][T10409] workingset_refault_anon 0 [ 2068.356349][T10409] workingset_refault_file 15 [ 2068.356349][T10409] workingset_activate_anon 0 [ 2068.356349][T10409] workingset_activate_file 0 01:40:58 executing program 0: getpid() socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, 0x0, 0x0, 0x2, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4000000010001fff0000031a0000000000000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00edd62ea20a1d331785", @ANYBLOB="f6058f6edd13b339a41741df7cc8ce16a184f1c3ce95557b15a6b9d8ed59050d446d58b1b14a601e31bc1f05ac2d5eab491981e7982e0834ddf3bc6592804936196dbce83b114f9265aa8c87654cf456311e4cba3ee22fd0451b75c902767755ccec2eb4ea77c45e8d4d4e77f867648d98797fdd8711d671c5f22669c60eb10bf9570150a2c247bf1e55cd1fb91e41588a73327e20823f2f15ce2255a75e6d8afb40aa37c5ae7af3fb6c770673242110d1e2c33cfd3264e2a156ae5ee38d5abfb2ad4c2a8a"], 0x40}}, 0x0) [ 2068.452201][T10409] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=10409,uid=0 [ 2068.467707][T10409] Memory cgroup out of memory: Killed process 10409 (syz-executor.4) total-vm:46312kB, anon-rss:388kB, file-rss:8192kB, shmem-rss:0kB, UID:0 pgtables:72kB oom_score_adj:1000 01:40:59 executing program 4: r0 = add_key$keyring(&(0x7f0000000780), &(0x7f00000007c0)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffe) keyctl$read(0xb, r0, &(0x7f0000000000)=""/36, 0x24) 01:40:59 executing program 2: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000240)=0x1) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4000000010001fff000000000000002400000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00ed"], 0x40}}, 0x0) [ 2068.826202][T10426] syz-executor.4 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 2068.836669][T10426] CPU: 0 PID: 10426 Comm: syz-executor.4 Not tainted 5.19.0-rc6-syzkaller-00104-g72a8e05d4f66-dirty #0 [ 2068.847735][T10426] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 2068.857834][T10426] Call Trace: [ 2068.861142][T10426] [ 2068.864076][T10426] dump_stack_lvl+0xd6/0x122 [ 2068.868751][T10426] dump_stack+0x11/0x12 01:40:59 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f00000006c0), 0xffffffffffffffff) sendmsg$NL80211_CMD_REGISTER_BEACONS(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)={0x1c, r1, 0x1, 0x0, 0x0, {{}, {@void, @val={0x8}, @void}}}, 0x1c}}, 0x0) [ 2068.872921][T10426] dump_header+0x98/0x410 [ 2068.877333][T10426] oom_kill_process+0xfe/0x550 [ 2068.882149][T10426] out_of_memory+0x620/0x880 [ 2068.886759][T10426] mem_cgroup_oom+0x475/0x4f0 [ 2068.891560][T10426] try_charge_memcg+0x746/0x960 [ 2068.896446][T10426] __memcg_kmem_charge_page+0x2e4/0x480 [ 2068.902103][T10426] alloc_thread_stack_node+0x101/0x360 [ 2068.907593][T10426] dup_task_struct+0x96/0x2a0 [ 2068.912286][T10426] copy_process+0x3cb/0x20b0 [ 2068.916893][T10426] kernel_clone+0x163/0x5c0 [ 2068.921544][T10426] __x64_sys_clone+0xc3/0xf0 [ 2068.926153][T10426] do_syscall_64+0x2b/0x70 [ 2068.930581][T10426] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 2068.936562][T10426] RIP: 0033:0x7fe837fad531 [ 2068.940978][T10426] Code: 48 85 ff 74 3d 48 85 f6 74 38 48 83 ee 10 48 89 4e 08 48 89 3e 48 89 d7 4c 89 c2 4d 89 c8 4c 8b 54 24 08 b8 38 00 00 00 0f 05 <48> 85 c0 7c 13 74 01 c3 31 ed 58 5f ff d0 48 89 c7 b8 3c 00 00 00 [ 2068.960644][T10426] RSP: 002b:00007ffd964f7748 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 2068.969140][T10426] RAX: ffffffffffffffda RBX: 00007fe837722700 RCX: 00007fe837fad531 [ 2068.977170][T10426] RDX: 00007fe8377229d0 RSI: 00007fe8377222f0 RDI: 00000000003d0f00 [ 2068.985137][T10426] RBP: 00007ffd964f7990 R08: 00007fe837722700 R09: 00007fe837722700 [ 2068.993099][T10426] R10: 00007fe8377229d0 R11: 0000000000000206 R12: 00007ffd964f77fe [ 2069.001063][T10426] R13: 00007ffd964f77ff R14: 00007fe837722300 R15: 0000000000022000 [ 2069.009032][T10426] [ 2069.012157][T10426] memory: usage 307188kB, limit 307200kB, failcnt 63929 [ 2069.019164][T10426] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2069.026077][T10426] Memory cgroup stats for /syz4: [ 2069.027871][T10426] anon 94208 [ 2069.027871][T10426] file 126976 [ 2069.027871][T10426] kernel 314327040 [ 2069.027871][T10426] kernel_stack 16384 [ 2069.027871][T10426] pagetables 73728 [ 2069.027871][T10426] percpu 11039616 [ 2069.027871][T10426] sock 0 [ 2069.027871][T10426] vmalloc 0 [ 2069.027871][T10426] shmem 126976 [ 2069.027871][T10426] file_mapped 126976 [ 2069.027871][T10426] file_dirty 0 [ 2069.027871][T10426] file_writeback 0 [ 2069.027871][T10426] swapcached 0 [ 2069.027871][T10426] inactive_anon 114688 [ 2069.027871][T10426] active_anon 57344 [ 2069.027871][T10426] inactive_file 0 [ 2069.027871][T10426] active_file 0 [ 2069.027871][T10426] unevictable 0 [ 2069.027871][T10426] slab_reclaimable 21344 [ 2069.027871][T10426] slab_unreclaimable 303130640 [ 2069.027871][T10426] slab 303151984 [ 2069.027871][T10426] workingset_refault_anon 0 [ 2069.027871][T10426] workingset_refault_file 15 [ 2069.027871][T10426] workingset_activate_anon 0 [ 2069.027871][T10426] workingset_activate_file 0 [ 2069.123642][T10426] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=10426,uid=0 [ 2069.139093][T10426] Memory cgroup out of memory: Killed process 10426 (syz-executor.4) total-vm:46312kB, anon-rss:388kB, file-rss:8192kB, shmem-rss:0kB, UID:0 pgtables:76kB oom_score_adj:1000 01:40:59 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f00000006c0), 0xffffffffffffffff) sendmsg$NL80211_CMD_REGISTER_BEACONS(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)={0x1c, r1, 0x1, 0x0, 0x0, {{}, {@void, @val={0x8}, @void}}}, 0x1c}}, 0x0) 01:40:59 executing program 5: syz_mount_image$vfat(0x0, &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{0x0}, {0x0, 0x0, 0x40001001}], 0x0, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r2 = creat(&(0x7f0000000040)='./bus\x00', 0x0) r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r3}, 0x10) lseek(r2, 0x200, 0x0) lseek(0xffffffffffffffff, 0x0, 0x0) sched_setattr(0x0, 0x0, 0x0) r4 = open(&(0x7f0000000440)='./bus\x00', 0x24080, 0x20) sendfile(r2, r4, 0x0, 0x10000) 01:40:59 executing program 4: syz_mount_image$msdos(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000001400), 0x0, &(0x7f00000014c0)=ANY=[@ANYBLOB='dots,time_offset=0xfff']) 01:40:59 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f00000006c0), 0xffffffffffffffff) sendmsg$NL80211_CMD_REGISTER_BEACONS(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)={0x1c, r1, 0x1, 0x0, 0x0, {{}, {@void, @val={0x8}, @void}}}, 0x1c}}, 0x0) 01:40:59 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f00000006c0), 0xffffffffffffffff) sendmsg$NL80211_CMD_REGISTER_BEACONS(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)={0x1c, r1, 0x1, 0x0, 0x0, {{}, {@void, @val={0x8}, @void}}}, 0x1c}}, 0x0) 01:40:59 executing program 1: mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0) chdir(&(0x7f0000000240)='./file0\x00') rmdir(&(0x7f00000000c0)='./file0\x00') [ 2069.489984][T10438] syz-executor.4 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=1, oom_score_adj=1000 [ 2069.500314][T10438] CPU: 0 PID: 10438 Comm: syz-executor.4 Not tainted 5.19.0-rc6-syzkaller-00104-g72a8e05d4f66-dirty #0 [ 2069.511355][T10438] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 2069.521501][T10438] Call Trace: [ 2069.524776][T10438] [ 2069.527690][T10438] dump_stack_lvl+0xd6/0x122 [ 2069.532339][T10438] dump_stack+0x11/0x12 [ 2069.536515][T10438] dump_header+0x98/0x410 [ 2069.540948][T10438] oom_kill_process+0xfe/0x550 [ 2069.545797][T10438] out_of_memory+0x620/0x880 [ 2069.550397][T10438] mem_cgroup_oom+0x475/0x4f0 [ 2069.555096][T10438] try_charge_memcg+0x746/0x960 [ 2069.560021][T10438] obj_cgroup_charge+0x171/0x2b0 [ 2069.565052][T10438] kmem_cache_alloc_node+0xa5/0x2c0 [ 2069.570275][T10438] ? dup_task_struct+0x5b/0x2a0 [ 2069.575132][T10438] ? shrink_zones+0x525/0x5d0 [ 2069.579901][T10438] dup_task_struct+0x5b/0x2a0 [ 2069.584627][T10438] copy_process+0x3cb/0x20b0 [ 2069.589224][T10438] kernel_clone+0x163/0x5c0 [ 2069.593735][T10438] __x64_sys_clone+0xc3/0xf0 [ 2069.598474][T10438] do_syscall_64+0x2b/0x70 [ 2069.602910][T10438] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 2069.608800][T10438] RIP: 0033:0x7fe837fad531 [ 2069.613205][T10438] Code: 48 85 ff 74 3d 48 85 f6 74 38 48 83 ee 10 48 89 4e 08 48 89 3e 48 89 d7 4c 89 c2 4d 89 c8 4c 8b 54 24 08 b8 38 00 00 00 0f 05 <48> 85 c0 7c 13 74 01 c3 31 ed 58 5f ff d0 48 89 c7 b8 3c 00 00 00 [ 2069.632845][T10438] RSP: 002b:00007ffd964f7748 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 2069.641261][T10438] RAX: ffffffffffffffda RBX: 00007fe837722700 RCX: 00007fe837fad531 [ 2069.649269][T10438] RDX: 00007fe8377229d0 RSI: 00007fe8377222f0 RDI: 00000000003d0f00 [ 2069.657265][T10438] RBP: 00007ffd964f7990 R08: 00007fe837722700 R09: 00007fe837722700 [ 2069.665225][T10438] R10: 00007fe8377229d0 R11: 0000000000000206 R12: 00007ffd964f77fe [ 2069.673195][T10438] R13: 00007ffd964f77ff R14: 00007fe837722300 R15: 0000000000022000 [ 2069.681169][T10438] 01:41:00 executing program 3: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000240)=0x1) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4000000010001fff000000000000007400000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00ed"], 0x40}}, 0x0) 01:41:00 executing program 1: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f0000000240)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) connect$unix(r2, &(0x7f00000003c0)=@abs={0x0, 0x0, 0x4e21}, 0x6e) r3 = getpid() sched_setscheduler(r3, 0x0, &(0x7f0000000200)=0x4) sched_setscheduler(r3, 0x3, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x9, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000ce0000000f000000010000000000000000000000002000000020000020000000d2f4655fd2f4655f0100ffff53ef010001000000d1f4655f000000000000000001000000000000000b00000080000000080000005247000062", 0x65, 0x400}, {&(0x7f0000010200)="010000000000050011", 0x9, 0x560}, {&(0x7f0000000340)="5592f5a1d5f96188c4f13642f86580c71242d6fde507f2256b84ec166db5a006e81bad794ee8360581757b4dfa96e3d18e06fd13bbc6ce9f25", 0x39, 0x640}, {&(0x7f0000010400)="030000001300000023000000ce", 0xd, 0x800}, {&(0x7f0000010500), 0x0, 0xc00}, {&(0x7f0000011600)="504d4d00504d4dff", 0x8, 0x4400}, {&(0x7f0000011700)="111fc0d901000000803a09", 0xb, 0x4800}, {&(0x7f0000012b00)="ed41000000040000d1f4655fd2f4655fd2f4655f00000000000004000200000000000800050000000af301000400000000000000000000000100000004", 0x3d, 0x8c80}, {0x0, 0x0, 0x8d00}], 0x0, &(0x7f0000013800)) r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000100)=ANY=[@ANYBLOB="18000000020000040000000000000001040000000e0000f1850000000e00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10) gettid() syz_mount_image$ext4(&(0x7f0000000300)='ext2\x00', &(0x7f0000000380)='./file0\x00', 0x2, 0x1, &(0x7f0000000500)=[{&(0x7f0000000440)="893e16d1d1bab8033ed18e752f0076697567bccd207cbe4f0c6dbf44237dcc5f7e334c9362693fae2870b21029a92bb932aa80eca64b241e535b8d9c49f344dd16f2c8d0d89b3918aee2d5fab5e22abeb853c89f62a3f98cd3ae9a1ee824b4ee197f08ae47cd78b0718c18b26c4dc0972ecd639190fd773764a0f9c7226653df2e0d6cfe84a4498c4cfd4ba58d93b64d4d019f8b3560bc0692582b9f28acb43ee31a2f4511cb", 0xa6, 0x22fd1668}], 0x4000, &(0x7f0000000540)={[{@jqfmt_vfsv1}, {@noinit_itable}, {@dax}], [{@subj_role={'subj_role', 0x3d, '.,)'}}]}) [ 2069.684338][T10438] memory: usage 307180kB, limit 307200kB, failcnt 63975 [ 2069.691282][T10438] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2069.698159][T10438] Memory cgroup stats for /syz4: [ 2069.729138][T10438] anon 98304 [ 2069.729138][T10438] file 126976 [ 2069.729138][T10438] kernel 314318848 [ 2069.729138][T10438] kernel_stack 16384 [ 2069.729138][T10438] pagetables 73728 [ 2069.729138][T10438] percpu 11039616 [ 2069.729138][T10438] sock 0 [ 2069.729138][T10438] vmalloc 0 [ 2069.729138][T10438] shmem 126976 [ 2069.729138][T10438] file_mapped 126976 [ 2069.729138][T10438] file_dirty 0 [ 2069.729138][T10438] file_writeback 0 [ 2069.729138][T10438] swapcached 0 [ 2069.729138][T10438] inactive_anon 167936 [ 2069.729138][T10438] active_anon 57344 [ 2069.729138][T10438] inactive_file 0 [ 2069.729138][T10438] active_file 0 [ 2069.729138][T10438] unevictable 0 [ 2069.729138][T10438] slab_reclaimable 15840 [ 2069.729138][T10438] slab_unreclaimable 303131536 [ 2069.729138][T10438] slab 303147376 [ 2069.729138][T10438] workingset_refault_anon 0 [ 2069.729138][T10438] workingset_refault_file 15 [ 2069.729138][T10438] workingset_activate_anon 0 [ 2069.729138][T10438] workingset_activate_file 0 [ 2069.825103][T10438] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=10438,uid=0 [ 2069.840755][T10438] Memory cgroup out of memory: Killed process 10438 (syz-executor.4) total-vm:46312kB, anon-rss:388kB, file-rss:8192kB, shmem-rss:0kB, UID:0 pgtables:76kB oom_score_adj:1000 01:41:00 executing program 0: getpid() socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, 0x0, 0x0, 0x2, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4000000010001fff0000011c0000000000000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00edd62ea20a1d331785", @ANYBLOB="f6058f6edd13b339a41741df7cc8ce16a184f1c3ce95557b15a6b9d8ed59050d446d58b1b14a601e31bc1f05ac2d5eab491981e7982e0834ddf3bc6592804936196dbce83b114f9265aa8c87654cf456311e4cba3ee22fd0451b75c902767755ccec2eb4ea77c45e8d4d4e77f867648d98797fdd8711d671c5f22669c60eb10bf9570150a2c247bf1e55cd1fb91e41588a73327e20823f2f15ce2255a75e6d8afb40aa37c5ae7af3fb6c770673242110d1e2c33cfd3264e2a156ae5ee38d5abfb2ad4c2a8a"], 0x40}}, 0x0) 01:41:00 executing program 2: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000240)=0x1) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4000000010001fff000000000000032400000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00ed"], 0x40}}, 0x0) 01:41:00 executing program 1: add_key$keyring(&(0x7f0000000100), &(0x7f0000000140)={'syz', 0x0}, 0x0, 0x0, 0xfffffffffffffffc) 01:41:01 executing program 1: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000100)={[], [{@defcontext={'defcontext', 0x3d, 'root'}}, {@rootcontext={'rootcontext', 0x3d, 'sysadm_u'}}]}) [ 2070.788274][T10470] SELinux: security_context_str_to_sid (root) failed with errno=-22 01:41:01 executing program 5: syz_mount_image$vfat(0x0, &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{0x0}, {0x0, 0x0, 0x40001001}], 0x0, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r2 = creat(&(0x7f0000000040)='./bus\x00', 0x0) r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r3}, 0x10) lseek(r2, 0x200, 0x0) lseek(0xffffffffffffffff, 0x0, 0x0) sched_setattr(0x0, 0x0, 0x0) r4 = open(&(0x7f0000000440)='./bus\x00', 0x24080, 0x20) sendfile(r2, r4, 0x0, 0x10000) 01:41:01 executing program 3: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000240)=0x1) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4000000010001fff000000000000007a00000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00ed"], 0x40}}, 0x0) 01:41:01 executing program 0: getpid() socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, 0x0, 0x0, 0x2, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4000000010001fff0000011d0000000000000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00edd62ea20a1d331785", @ANYBLOB="f6058f6edd13b339a41741df7cc8ce16a184f1c3ce95557b15a6b9d8ed59050d446d58b1b14a601e31bc1f05ac2d5eab491981e7982e0834ddf3bc6592804936196dbce83b114f9265aa8c87654cf456311e4cba3ee22fd0451b75c902767755ccec2eb4ea77c45e8d4d4e77f867648d98797fdd8711d671c5f22669c60eb10bf9570150a2c247bf1e55cd1fb91e41588a73327e20823f2f15ce2255a75e6d8afb40aa37c5ae7af3fb6c770673242110d1e2c33cfd3264e2a156ae5ee38d5abfb2ad4c2a8a"], 0x40}}, 0x0) 01:41:01 executing program 1: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0xc911, &(0x7f00000003c0), 0x0, &(0x7f0000000640)=ANY=[@ANYBLOB='debug']) 01:41:01 executing program 4: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000840)={0x0, 0x0, &(0x7f0000000800)={&(0x7f0000000780)=@bridge_getvlan={0x30, 0x72, 0x0, 0x0, 0x0, {}, [@BRIDGE_VLANDB_DUMP_FLAGS={0x8}, @BRIDGE_VLANDB_DUMP_FLAGS={0x8}, @BRIDGE_VLANDB_DUMP_FLAGS={0x8}]}, 0x30}, 0x1, 0x0, 0x0, 0xd0}, 0x10) [ 2071.311065][T10472] syz-executor.4 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 2071.321358][T10472] CPU: 1 PID: 10472 Comm: syz-executor.4 Not tainted 5.19.0-rc6-syzkaller-00104-g72a8e05d4f66-dirty #0 [ 2071.332392][T10472] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 2071.342520][T10472] Call Trace: [ 2071.345857][T10472] [ 2071.348789][T10472] dump_stack_lvl+0xd6/0x122 [ 2071.353389][T10472] dump_stack+0x11/0x12 [ 2071.357553][T10472] dump_header+0x98/0x410 [ 2071.361952][T10472] oom_kill_process+0xfe/0x550 [ 2071.366734][T10472] out_of_memory+0x620/0x880 [ 2071.371426][T10472] mem_cgroup_oom+0x475/0x4f0 [ 2071.376166][T10472] try_charge_memcg+0x746/0x960 [ 2071.381067][T10472] charge_memcg+0x63/0x2c0 [ 2071.385550][T10472] __mem_cgroup_charge+0x25/0xa0 [ 2071.390486][T10472] wp_page_copy+0x20f/0x1460 [ 2071.395098][T10472] ? shrink_zones+0x525/0x5d0 [ 2071.399795][T10472] do_wp_page+0x76f/0xe10 [ 2071.404192][T10472] handle_mm_fault+0x5fb/0xa90 [ 2071.409027][T10472] do_user_addr_fault+0x4cd/0x940 [ 2071.414068][T10472] exc_page_fault+0x60/0x160 [ 2071.418670][T10472] asm_exc_page_fault+0x22/0x30 [ 2071.423548][T10472] RIP: 0033:0x7fe837f5a340 [ 2071.427962][T10472] Code: fe ff 49 39 dc 75 eb 48 8b 44 24 18 89 28 48 83 c4 28 5b 5d 41 5c 41 5d 41 5e 41 5f c3 0f 1f 44 00 00 41 89 c5 e9 75 fe ff ff <43> 89 2c 84 e9 a3 fe ff ff 0f 1f 80 00 00 00 00 49 39 d4 74 70 48 [ 2071.447620][T10472] RSP: 002b:00007ffd964f7790 EFLAGS: 00010246 [ 2071.453757][T10472] RAX: 00000000f4d62eb8 RBX: 00007fe8380beff8 RCX: 0000001b2de20000 [ 2071.461785][T10472] RDX: 0000000000000000 RSI: 0000001b2de20018 RDI: 0000000008e36ccc [ 2071.469749][T10472] RBP: 00000000f4d62eb8 R08: 0000000000000eb8 R09: 00000000f4d62ebc [ 2071.477713][T10472] R10: 00007ffd964f7960 R11: 0000000000000246 R12: 00007fe8380b3000 [ 2071.485674][T10472] R13: 0000000000000001 R14: 000000000000000b R15: ffffffff8194cf11 [ 2071.493757][T10472] ? security_compute_sid+0x141/0xee0 [ 2071.499227][T10472] [ 2071.502288][T10472] memory: usage 307200kB, limit 307200kB, failcnt 64021 [ 2071.509245][T10472] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 01:41:02 executing program 2: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000240)=0x1) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4000000010001fff000000000000002500000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00ed"], 0x40}}, 0x0) [ 2071.516132][T10472] Memory cgroup stats for /syz4: [ 2071.869469][T10472] anon 122880 [ 2071.869469][T10472] file 126976 [ 2071.869469][T10472] kernel 314314752 [ 2071.869469][T10472] kernel_stack 32768 [ 2071.869469][T10472] pagetables 69632 [ 2071.869469][T10472] percpu 11039616 [ 2071.869469][T10472] sock 0 [ 2071.869469][T10472] vmalloc 0 [ 2071.869469][T10472] shmem 126976 [ 2071.869469][T10472] file_mapped 126976 [ 2071.869469][T10472] file_dirty 0 [ 2071.869469][T10472] file_writeback 0 [ 2071.869469][T10472] swapcached 0 [ 2071.869469][T10472] inactive_anon 192512 [ 2071.869469][T10472] active_anon 57344 [ 2071.869469][T10472] inactive_file 0 [ 2071.869469][T10472] active_file 0 [ 2071.869469][T10472] unevictable 0 [ 2071.869469][T10472] slab_reclaimable 16816 [ 2071.869469][T10472] slab_unreclaimable 303122784 [ 2071.869469][T10472] slab 303139600 [ 2071.869469][T10472] workingset_refault_anon 0 [ 2071.869469][T10472] workingset_refault_file 15 [ 2071.869469][T10472] workingset_activate_anon 0 [ 2071.869469][T10472] workingset_activate_file 0 [ 2071.965672][T10472] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=10472,uid=0 [ 2071.980961][T10472] Memory cgroup out of memory: Killed process 10472 (syz-executor.4) total-vm:46312kB, anon-rss:388kB, file-rss:8192kB, shmem-rss:0kB, UID:0 pgtables:72kB oom_score_adj:1000 01:41:02 executing program 4: unshare(0x40020000) ioctl$EVIOCGNAME(0xffffffffffffffff, 0x80404506, &(0x7f0000000000)=""/94) ioctl$EVIOCGUNIQ(0xffffffffffffffff, 0x80404508, &(0x7f0000000080)=""/212) unshare(0x400) r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$TIPC_CMD_SHOW_PORTS(r0, 0x0, 0x0) write$cgroup_type(0xffffffffffffffff, &(0x7f0000000280), 0x9) 01:41:02 executing program 1: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f00000003c0), 0x0, &(0x7f0000000640)=ANY=[@ANYBLOB='debug']) 01:41:02 executing program 1: r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x42441) write$sndseq(r0, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0xfe, @time, {}, {}, @raw8={"a35704000000b6215dd33459"}}], 0x1c) [ 2072.391378][T10494] syz-executor.4 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 2072.401682][T10494] CPU: 0 PID: 10494 Comm: syz-executor.4 Not tainted 5.19.0-rc6-syzkaller-00104-g72a8e05d4f66-dirty #0 [ 2072.412830][T10494] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 2072.423043][T10494] Call Trace: [ 2072.426330][T10494] [ 2072.429255][T10494] dump_stack_lvl+0xd6/0x122 [ 2072.433850][T10494] dump_stack+0x11/0x12 [ 2072.438037][T10494] dump_header+0x98/0x410 [ 2072.442384][T10494] oom_kill_process+0xfe/0x550 [ 2072.447236][T10494] out_of_memory+0x620/0x880 [ 2072.451876][T10494] mem_cgroup_oom+0x475/0x4f0 [ 2072.456549][T10494] try_charge_memcg+0x746/0x960 [ 2072.461469][T10494] obj_cgroup_charge+0x171/0x2b0 [ 2072.466451][T10494] memcg_slab_pre_alloc_hook+0xf7/0x170 [ 2072.472009][T10494] ? sock_alloc_inode+0x2d/0xa0 [ 2072.476889][T10494] kmem_cache_alloc_lru+0x76/0x2b0 [ 2072.482101][T10494] ? __local_bh_enable_ip+0x54/0x80 [ 2072.487299][T10494] ? _raw_spin_unlock_bh+0x32/0x40 [ 2072.492413][T10494] sock_alloc_inode+0x2d/0xa0 [ 2072.497177][T10494] ? sockfs_init_fs_context+0x70/0x70 [ 2072.502566][T10494] alloc_inode+0x38/0x150 [ 2072.506927][T10494] new_inode_pseudo+0x13/0x90 [ 2072.511690][T10494] sock_create_lite+0x89/0x290 [ 2072.516450][T10494] __netlink_kernel_create+0xaf/0x5e0 [ 2072.521863][T10494] ? should_fail+0x2a/0x250 [ 2072.526361][T10494] nfnetlink_net_init+0x8e/0xd0 [ 2072.531247][T10494] ? nfnetlink_net_exit_batch+0xa0/0xa0 [ 2072.536790][T10494] ? nfnetlink_rcv+0x13c0/0x13c0 [ 2072.541731][T10494] ? nfnetlink_bind+0x110/0x110 [ 2072.546626][T10494] ops_init+0x1f1/0x240 [ 2072.550815][T10494] setup_net+0x2cb/0x810 [ 2072.555067][T10494] copy_net_ns+0x2a2/0x440 [ 2072.559497][T10494] create_new_namespaces+0x22c/0x450 [ 2072.564916][T10494] unshare_nsproxy_namespaces+0xe2/0x120 [ 2072.570549][T10494] ksys_unshare+0x38c/0x6e0 [ 2072.575052][T10494] __x64_sys_unshare+0x1b/0x20 [ 2072.579824][T10494] do_syscall_64+0x2b/0x70 [ 2072.584256][T10494] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 2072.590211][T10494] RIP: 0033:0x7fe837fac109 [ 2072.594634][T10494] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 2072.614263][T10494] RSP: 002b:00007fe837722168 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 2072.622727][T10494] RAX: ffffffffffffffda RBX: 00007fe8380bef60 RCX: 00007fe837fac109 [ 2072.631841][T10494] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040020000 01:41:03 executing program 1: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000500)=@newtfilter={0x24, 0x2c, 0x1}, 0x24}}, 0x0) [ 2072.639871][T10494] RBP: 00007fe83800605d R08: 0000000000000000 R09: 0000000000000000 [ 2072.647847][T10494] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 2072.655864][T10494] R13: 00007ffd964f77ff R14: 00007fe837722300 R15: 0000000000022000 [ 2072.663836][T10494] [ 2072.666877][T10494] memory: usage 307200kB, limit 307200kB, failcnt 64082 [ 2072.673837][T10494] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2072.680767][T10494] Memory cgroup stats for /syz4: [ 2072.681410][T10494] anon 98304 [ 2072.681410][T10494] file 126976 01:41:03 executing program 0: getpid() socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, 0x0, 0x0, 0x2, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4000000010001fff0000031e0000000000000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00edd62ea20a1d331785", @ANYBLOB="f6058f6edd13b339a41741df7cc8ce16a184f1c3ce95557b15a6b9d8ed59050d446d58b1b14a601e31bc1f05ac2d5eab491981e7982e0834ddf3bc6592804936196dbce83b114f9265aa8c87654cf456311e4cba3ee22fd0451b75c902767755ccec2eb4ea77c45e8d4d4e77f867648d98797fdd8711d671c5f22669c60eb10bf9570150a2c247bf1e55cd1fb91e41588a73327e20823f2f15ce2255a75e6d8afb40aa37c5ae7af3fb6c770673242110d1e2c33cfd3264e2a156ae5ee38d5abfb2ad4c2a8a"], 0x40}}, 0x0) [ 2072.681410][T10494] kernel 314347520 [ 2072.681410][T10494] kernel_stack 32768 [ 2072.681410][T10494] pagetables 69632 [ 2072.681410][T10494] percpu 11039616 [ 2072.681410][T10494] sock 0 [ 2072.681410][T10494] vmalloc 0 [ 2072.681410][T10494] shmem 126976 [ 2072.681410][T10494] file_mapped 126976 [ 2072.681410][T10494] file_dirty 0 [ 2072.681410][T10494] file_writeback 0 [ 2072.681410][T10494] swapcached 0 [ 2072.681410][T10494] inactive_anon 167936 [ 2072.681410][T10494] active_anon 57344 [ 2072.681410][T10494] inactive_file 0 01:41:03 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_FLUSH(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000040)={0x28, 0x4, 0x6, 0x801, 0x0, 0x0, {}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}]}, 0x28}}, 0x0) [ 2072.681410][T10494] active_file 0 [ 2072.681410][T10494] unevictable 0 [ 2072.681410][T10494] slab_reclaimable 21272 [ 2072.681410][T10494] slab_unreclaimable 303151384 [ 2072.681410][T10494] slab 303172656 [ 2072.681410][T10494] workingset_refault_anon 0 [ 2072.681410][T10494] workingset_refault_file 15 [ 2072.681410][T10494] workingset_activate_anon 0 [ 2072.681410][T10494] workingset_activate_file 0 [ 2072.777152][T10494] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=10492,uid=0 [ 2072.792606][T10494] Memory cgroup out of memory: Killed process 10492 (syz-executor.4) total-vm:46312kB, anon-rss:388kB, file-rss:8192kB, shmem-rss:0kB, UID:0 pgtables:72kB oom_score_adj:1000 01:41:03 executing program 3: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000240)=0x1) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4000000010001fff000000000000037e00000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00ed"], 0x40}}, 0x0) 01:41:03 executing program 1: socketpair(0x1, 0x3, 0x0, &(0x7f0000000000)={0xffffffffffffffff}) ioctl$sock_inet_tcp_SIOCINQ(r0, 0x541b, 0x0) 01:41:03 executing program 2: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000240)=0x1) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4000000010001fff000000000000032a00000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00ed"], 0x40}}, 0x0) 01:41:03 executing program 4: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000500)=@newtfilter={0x2c, 0x2c, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {}, {}, {0x0, 0x5}}, [@TCA_CHAIN={0x8}]}, 0x2c}}, 0x0) 01:41:03 executing program 5: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000640), 0x2d000, &(0x7f0000000500)) 01:41:03 executing program 0: getpid() socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, 0x0, 0x0, 0x2, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4000000010001fff000000200000000000000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00edd62ea20a1d331785", @ANYBLOB="f6058f6edd13b339a41741df7cc8ce16a184f1c3ce95557b15a6b9d8ed59050d446d58b1b14a601e31bc1f05ac2d5eab491981e7982e0834ddf3bc6592804936196dbce83b114f9265aa8c87654cf456311e4cba3ee22fd0451b75c902767755ccec2eb4ea77c45e8d4d4e77f867648d98797fdd8711d671c5f22669c60eb10bf9570150a2c247bf1e55cd1fb91e41588a73327e20823f2f15ce2255a75e6d8afb40aa37c5ae7af3fb6c770673242110d1e2c33cfd3264e2a156ae5ee38d5abfb2ad4c2a8a"], 0x40}}, 0x0) 01:41:03 executing program 1: r0 = add_key$keyring(&(0x7f0000000780), &(0x7f00000007c0)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffe) r1 = add_key(&(0x7f00000000c0)='user\x00', &(0x7f0000000100)={'syz', 0x1}, &(0x7f0000000800)="a434ef1f62430731acb2b3c115a3c562f329bc57fe8b64f9983271bc8430dac8e12c1e05cd16e186ffff687cdffc19d37f1b0066f9e255b2420f046288d5e5aede5f7a11ceda3fe54cc73846c33c70718b9540d0022b1728d6eaa0c6796263f9862d8adf8e18bf8e52b6536866da4c09ecbea4d51d66bd5d168c4021719416f1f818506d6f32049d86466ff27c33dae60e0a1248aacf43303d22fdeff6c3388afd3d1d784c518f95a084ac660560761b54435b0f7f962e0d4878d47a58b9958881b678f38f75ddd31b51bb5c4e60ff3ce94495baaadaa7d4d59fc3770c7783be8e5288aad9a64dc77bc9e042521497dcfbb5ab33db985947318ba824e7e85d16680dc541870f3a3e9378595efe7eeab2ff65e2a0e21c980359ce8d6dd5789f63853a475cdc84078f195700f966f09954dc3547398f0e83f4b8e360646369129d25b91e8803df2b1cd6993072a714eaf737e4e6649eea17931cbbe5b88b0e3f62f5ff783f5e1dd595784e9ffee2c5692468ba7334654dda7a8f299581d1f13ed2a4db3c2c0fa577b10200eb946636c6cf994f6a3200070952562ef563e2d52d501e2c92b785ea608ab194f5367170c9e63d76850978f08245bd29177d89bd58b1e9352baad4adf14ab03e235aa34bd41673b643e37e09d2077f37f76842074592b6a6e34d9c88caa29fa2e481b1b60006691d227e7a2a65915a0490a34270f98e8dd07756a39be56aadadb4c1d3c550e8d7888aadbce89a553f03eac2d00683cf86d3bbe0131a95f1e8874ea32cdf702ff98825ee895eca23fd22de989bf18fd36bd43b5a48e1c32181648315493312ab70d6e0b398a123f2705619d1e2257a8e2c260348a7a61cc445cf7cfa5b5071338cb25676cbc2176dc7ea0b242ebd8d4a5187bf414b46d4d97af8a5757debc4bdeda441350e6458b9c00763746a4be5a42f1461390c40ec561a8e74b9a05246b8e55ffd94e39d123674525b6f98d4694f14c8561321387fd4fc10917d58d6c645708e0b4810910b08d7f15f95efba3dcd2ec423b21582a6594dee29739c1dee549cc9ee8d1de0b807c49c92da45e941fd4386956ed00ac00616066b9604b98b4ed2e9dff7edd1a82de282280c7a694dd29f4f7b1a2399bbb5a6fb5f3822cf436d141c8d66babbef6a90abff5b1ab09efe828132fe94d72546edde6530ad33cd8b89160816f2a129f5ad2a886bfea74a7bb9361867c3d2e0b76bcab41850ccd779f40ec7e5643fa97592d33c5273fab4f66dd30f33fbd25230c5c8e37114c8116a7f98c04f4fcf3b8cbcda5d09de8f89ea760c2d44153a812f52f17a0a8855431c891578ff2323d30912ff46ffc7e0b53cb85e9f5bb2b8338b8414503d3401f8d20a87fdbc61fcb30ffd9291636e96a86b20adba1aee87420d09c286c6ccb589d71c99f624ba1fd5fc8743520c48ca6e0c802e8173777d6a6a9cbad2034b0fd07e74c8900e5f524f7d2f2d84f4535d6b7584fe93b4a4de1c596c05ddcb584f7fc188e333f923f6a03bed9e64a2406861fa13f7692aef855d8e0d742db0121bb6081ba400ad29fa69804a7d81a7a1a6c15a5b016dabb2d80cd7a261eb5c304e90210344e4d4505d2820ba558c841ed49b5d4dafefdb00fa3192fde1766932e32aad7e93c19991c5f64f53a4617f62a39c7c3fbbf3093113f1bdf140efa63df13bfac057c0c5e6392cf2866cc35c2f03e46f438d5d20a540e819d88efaa250381341ee0fd56a1ec926fa768f387ffbc24c4a59cac9480335d52d07a3070f4e3354960f62e3c97f474103156c37f012b15ab8ec7dd20265a776ef8bfcfcf35e8e82546c7ec364118ab3dfbcf7296ad7b45fe447cbdcb147de274c8ec1aadccb1aa2db038f47a346afe6f34acc9acc85961cad85ac96487cc94fee2a161100bf2fbcfdc30285860ba78c222a9f4f739a5318fa8fb113d1b7e9007f87b61486612cf594433bf85a7c5a05ef59cb6e66c67e202f717e5e086e0b13cf1b1a8eaf546241b079db16aa97ef64c23dfc3d911ad0e1ac2fb1915670b70be32eb8d50eb2302e259348d2e5ab5a089ee77aabed4d876cf530d9bf8398c6f197bc3a851328077dd87e0a73c25f4fb57aed15e16d9d042e8115fd42d03d71faebc35a014c470c2ccbe3191919183fc1920764ace69fd81dcaa33ca7f804007794f58f77c04655cee4cd657df62639b088efd2fcc3d314ca3bb20bd9751d441638f30d355e6cd0866a6c45883dadfaed25de202419737385c389bea9362b89bdefb6d19266820f6d38477cd1506851c6d7317d2359ca2d3c3d2c4476fd03761228ddfca29a826ad28dc31fc07223076730ac0bab67e3cca27992d7f09d3998b372f53797c6b54540a912a47881fe0f47006d80bccf17b55c55a7e305052ff47e72376aac4facd1d8fd51305eba51d9385661b06076b5748b8a2701f384bdb731abffd3d6db3bdea96f3915ad0fe1c0e7aced49bea3e8c464ca886de674bc91e2b25c647e1350c8b2ad14d797d49634c04d8f24d964f0e4896c87d6234a2c09fcb3d2f60be9d7dbd2de2263028d3131f2fd01b8eca7c32ac411712b8523360e528816e9744cfce756b94b8776f83f433f8dc82c8c3020b81be034358e8b728327f5c9e62f734cc70a95256c87297e6d8dd35cedc1a418ddc859b5197e36f7de4151d42e7081e74d81a8bbefa98788b755cf2006677a4fe24e1a599fd007504b53f6f157e8768286a8a508d97b364d208cfe3e8f041c5cd1f3c555a9edf54b4efd71177e817cfed4b31f582d6911adbb17a81186dd46a3c5cb67af640115a45159bf0c7536c1a3ab08cec6205b70dec3a78b766d399c5a5c0d1bee971d1c1bf48f03c67cf912052a74dea59e177d6421531faf99f598e33274e15fa52d078ca217ee0564338c941f0a1db459bccea534a7e42d7de4597144d003b7e1e79a5423c9af3886cb15ae4003421ce4ede573ec89409df85612502b686bb78d58b4693a2e02e7c978d43d4d84fefa4e4ea6ca34152f5a75cdcf4b6a92add2cc658c2af5018263d4ad08f9e6c195be320fa56fa8663023d0f24396b28934b49465c6cb9fef49dc5564d34bd64cba5fe1dc7e013e70321616715cea07493164b20fa6c00b0f42cfd1f6872cca0a3a4226f9554611262fee3ad74caa3a11e064cf2b6d87bfe4f4a4b42160b175528e866fd7251c0c8105cbb7dd1a8e45249aa6b6bd940992369cc20d34eee29a0520c067191c2b62f5fd83824b11c8627f1cc1aba34672e2938a895ce9a16abc2fc612bd607ee1c4f8789f66dae9001fa9311ea8dd7986d6dfa7b704591f371bb3091865f0c85a3bcfb7f9f629b4d9130a8bb00358aa76559fe6a41c0ba7da03d87c424e62eee82a88bd27c12d68b8c7ba0bd41d997bb0c7e7e826655fa4aa1e48b411d45a97bd1cf3023a4f7c7033bef832c1445646b3c2317d1a981dee2aec6bd4bb2a8da5090b2cb7766886858c66b780f0ed6d4e0129343918468abe23f49c6e9eecdb8d134dde6c3091760f64f423c054c05df1338762fa5d5ebcbf992ce2cccf0d56b424dd8e05fb0b2f7143ff8fac2d577628707002735db32d5fa036eb2d7421ed0bb49590752cc72a91c0d6605ac9ad5c646b28d40c7b04ff49e57c82d84a2bbc50028a8aa51167a28d663524df2b13d305d03a8405eed5277e9409ee70517a18bc3d2d615615f0a0b47c4536a1a136810bbcea3e9533f2092fde4ef2b02ac780bcccc9744e8099b5efd94fe437227055ef91ff198d225b4dc187c2e46e6590ec3eb058ab14660abfd1e97a21ff95f86faeba87cc2b8806642bb136011517af29c9323d02ce7571aa6e199357236214def6df370d1481ee3dc3d21065b1cf3f94388217598eafe515d628b5a26e3b0378058315cf4141dd9970f6258ae2f36366cd999ab886cb4fa252712360966135d3225314276b5a60df7a488fbaef8e0ad57866e0a2188ace101866e9684fdf83c8ad16c4d86046224e565bcb10a281c302a3769157c3475350a984f75ce6a776994410e77f2e5932c85402b9c4ab4e0238f011523f4fbccbefb5c3b9a494270f0f214e74ca24634adf834e8266f609ba52ac6eb1e7c2187e04d2925e6bb45bcd0ef39e6054feaa693b1fac0915f6f583ef37b38978b8f4fd454ee131f30317420a731490ff6218bf2af6ec9c84396485c0c9ea893ec622b2ba3e3ebbc1b1186f599f1ed123a6eb80188471f2109a71c502c72167f535d5af57f58a8c1c39cf68ba44006aff7ff40f8abff47169b343959a362277170a90bd4ecc2eee584b2649aa198fca17d31ee83ecd3fddf81cc1eedadc2d80cc9dd4e0e56be1ff10abdcfc58d7a29b19bb5e158c330c0358063cbb11dcfaf53108f1bd32b34a7f8b6463deb5362bd98cb5220312ead667c42cf4fe2abe229fec7a3a89a40b539266f202c52aa86113c69d03ea2a8fecafe618b5141ac4b7dfe9f6ec8ddba059aedc2fa3651fbdd542be63c617c8e94e1436b6df181e117d280565664df6a254d0e8410ac988bf71378f678d1b7bd958cfa1457d2ffe48a076e61553b973a63b233e256fe5917db4291e71b82ce2998c316bec79992c26699220a340a070f2d35629330ac7b494c73af518902371deb86ffb82cabba76b9cab7e6589b4e0733a1570ffacb24454bdefa3a011f5e8ff0330046ffa5012dd5792998c44c956576097015b30a0e5b9143b954d8c11a4b87c46b0dfea7034dbeefb2ac8a073ebb5e9ae72930ab4c195f1ca3772e68b2d28d8d5627ec8c9ac4ed0e35f5704c456840e36fd2561c7207ed2490a47db1904ec9a0e81f4fcd83d9189032c506b1302917955ffc59c7dc231898f3f30183ae4376b6a515ef3a608954f2d0505b617c14de1aafade2c795c2ff9fc575f982ea1f95c197b364443ba9911b1874c337dd13f92fc63c8548c514dbc6a9b495f323dc228a21a47e0c292ff2f9ceb36f0bdfe74f7f8e5c7b9888cca86be90cb0d7bc01cfce94c1fb6f9fe681d3ff2e915d5715210ac7212c5d52ebcfb9c0e9725b4aacd10be4fd5846d7c2eddfbb5c552cb3327bbc5e11cdf54f030af7a39850d5d4dc74970317220336706210a706afde3072f4599807f48a5b53445ed7b1fd72b33e0265362b528a4ebe40c08d5c82f35585c17312089c873e33b19e7b77e40429196620652bf143ba44eff9fe7df28c185e5ebabb95ef055afdf2da2bf8a66f8470f95d15c3b81ae59bd26ba9831ed4bed2fb7f7cfb43da8dc336edbe22709c80197b4a5d7efdc57377ecee67792e83c39f58bc20b7efb6feb1badd84e8a365e0dbeee791519dd6e50082ca66187d73bd3977105d1beadff7f6742eeffb24eb9a64d882dafc5dfd89a09f38b23f718041e15ece42b57e93fb96fa0aca7800590afc921b1f1ef42c41ecf32e1b16151985ae6f14fe4bfbb16eb3058fc6c6ef23465c05827b15bb50b7a59c3cf1e7a257d4f211d73a33c3ad4c72e411622018d6ec1bf9e411b4b3bef1051e0c45204d3b89f6df597520f676df9a8d3afa9e6bd18355b8c1ba01ad9da503aceb374fb47969af22d63618360faf5b98994ed73f0cc7a022c9c8ba4cf25309ddb576b60fe51ae30be076566ef43434b875e2d7fbc1b73c6041976987ee9f7ac17ce33e7ec604d0fceb2cb38b6fdd509c8d92d53acec29d4040db708563900751fd929ba9e39ef8613ee3fb2979f9fd9986bd679c2bb733f01c264c564b695ce9547f3b5c9100688f7830cdb3e3c0893064bebbc25bafe7a2e681b6f9aa3d9cb2027f8dafdd7d042c6857a45", 0x1000, r0) request_key(&(0x7f0000000000)='id_resolver\x00', &(0x7f0000000040)={'syz', 0x2}, &(0x7f0000000080)='(+.#\x00', r1) 01:41:03 executing program 5: socketpair(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$AUDIT_USER_AVC(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={0x0, 0x38}}, 0x0) 01:41:03 executing program 1: syz_mount_image$vfat(0x0, &(0x7f0000000200)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) newfstatat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0), 0x1000) [ 2073.045614][T10510] syz-executor.4 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 2073.055944][T10510] CPU: 0 PID: 10510 Comm: syz-executor.4 Not tainted 5.19.0-rc6-syzkaller-00104-g72a8e05d4f66-dirty #0 [ 2073.066989][T10510] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 2073.077055][T10510] Call Trace: [ 2073.080369][T10510] [ 2073.083311][T10510] dump_stack_lvl+0xd6/0x122 [ 2073.087908][T10510] dump_stack+0x11/0x12 [ 2073.092218][T10510] dump_header+0x98/0x410 [ 2073.096623][T10510] oom_kill_process+0xfe/0x550 [ 2073.101395][T10510] out_of_memory+0x620/0x880 [ 2073.106010][T10510] mem_cgroup_oom+0x475/0x4f0 [ 2073.110691][T10510] try_charge_memcg+0x746/0x960 [ 2073.115657][T10510] charge_memcg+0x63/0x2c0 [ 2073.120212][T10510] __mem_cgroup_charge+0x25/0xa0 [ 2073.125179][T10510] wp_page_copy+0x20f/0x1460 [ 2073.129778][T10510] ? shrink_zones+0x525/0x5d0 [ 2073.134460][T10510] do_wp_page+0x76f/0xe10 [ 2073.138866][T10510] handle_mm_fault+0x5fb/0xa90 [ 2073.143661][T10510] do_user_addr_fault+0x4cd/0x940 [ 2073.148745][T10510] exc_page_fault+0x60/0x160 [ 2073.153365][T10510] asm_exc_page_fault+0x22/0x30 [ 2073.158238][T10510] RIP: 0033:0x7fe837f5a340 [ 2073.162660][T10510] Code: fe ff 49 39 dc 75 eb 48 8b 44 24 18 89 28 48 83 c4 28 5b 5d 41 5c 41 5d 41 5e 41 5f c3 0f 1f 44 00 00 41 89 c5 e9 75 fe ff ff <43> 89 2c 84 e9 a3 fe ff ff 0f 1f 80 00 00 00 00 49 39 d4 74 70 48 [ 2073.182363][T10510] RSP: 002b:00007ffd964f7790 EFLAGS: 00010246 [ 2073.188508][T10510] RAX: 00000000adb543af RBX: 00007fe8380beff8 RCX: 0000001b2de20000 [ 2073.196546][T10510] RDX: 0000000000000000 RSI: 0000001b2de20018 RDI: 0000000008e12307 [ 2073.205157][T10510] RBP: 00000000adb543af R08: 00000000000003af R09: 00000000adb543b3 [ 2073.213133][T10510] R10: 00007ffd964f7960 R11: 0000000000000246 R12: 00007fe8380b3000 [ 2073.221122][T10510] R13: 0000000000000001 R14: 0000000000000005 R15: ffffffff81923e3c [ 2073.229096][T10510] ? selinux_socket_create+0x2c/0x180 [ 2073.234487][T10510] [ 2073.237550][T10510] memory: usage 307196kB, limit 307200kB, failcnt 64146 [ 2073.244504][T10510] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 01:41:03 executing program 5: r0 = epoll_create1(0x0) epoll_pwait(r0, &(0x7f0000000040)=[{}], 0x1, 0x40, &(0x7f00000000c0)={[0x3]}, 0x8) 01:41:05 executing program 1: r0 = syz_open_dev$evdev(&(0x7f00000001c0), 0x2, 0x862f01) write$evdev(r0, &(0x7f00000000c0)=[{{}, 0x14, 0x8001}], 0x18) 01:41:05 executing program 1: r0 = request_key(&(0x7f0000000000)='user\x00', &(0x7f0000000040)={'syz', 0x2}, 0x0, 0xfffffffffffffffb) keyctl$chown(0x6, r0, 0xffffffffffffffff, 0xee00) [ 2073.251398][T10510] Memory cgroup stats for /syz4: [ 2074.671937][T10510] anon 114688 [ 2074.671937][T10510] file 126976 [ 2074.671937][T10510] kernel 314314752 [ 2074.671937][T10510] kernel_stack 32768 [ 2074.671937][T10510] pagetables 69632 [ 2074.671937][T10510] percpu 11039616 [ 2074.671937][T10510] sock 0 [ 2074.671937][T10510] vmalloc 0 [ 2074.671937][T10510] shmem 126976 [ 2074.671937][T10510] file_mapped 126976 [ 2074.671937][T10510] file_dirty 0 [ 2074.671937][T10510] file_writeback 0 [ 2074.671937][T10510] swapcached 0 [ 2074.671937][T10510] inactive_anon 184320 [ 2074.671937][T10510] active_anon 57344 [ 2074.671937][T10510] inactive_file 0 [ 2074.671937][T10510] active_file 0 [ 2074.671937][T10510] unevictable 0 [ 2074.671937][T10510] slab_reclaimable 16816 [ 2074.671937][T10510] slab_unreclaimable 303124056 [ 2074.671937][T10510] slab 303140872 [ 2074.671937][T10510] workingset_refault_anon 0 [ 2074.671937][T10510] workingset_refault_file 15 [ 2074.671937][T10510] workingset_activate_anon 0 [ 2074.671937][T10510] workingset_activate_file 0 [ 2074.767801][T10510] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=10510,uid=0 [ 2074.783261][T10510] Memory cgroup out of memory: Killed process 10510 (syz-executor.4) total-vm:46312kB, anon-rss:388kB, file-rss:8192kB, shmem-rss:0kB, UID:0 pgtables:72kB oom_score_adj:1000 01:41:05 executing program 3: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000240)=0x1) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4000000010001fff000000000000018000000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00ed"], 0x40}}, 0x0) 01:41:05 executing program 1: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x9, 0x101, 0x2, 0x6}, 0x48) bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f00000005c0)={r0, &(0x7f00000004c0), 0x0}, 0x20) 01:41:05 executing program 2: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000240)=0x1) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4000000010001fff000000000000012e00000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00ed"], 0x40}}, 0x0) 01:41:05 executing program 5: bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x5, 0x101, 0x2, 0x6, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x2}, 0x48) 01:41:05 executing program 4: syz_mount_image$vfat(&(0x7f0000000700), &(0x7f0000000740)='./file0\x00', 0x0, 0x0, &(0x7f00000008c0), 0x0, &(0x7f0000000900)={[{@fat=@usefree}, {@fat=@discard}]}) 01:41:05 executing program 0: getpid() socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, 0x0, 0x0, 0x2, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4000000010001fff000001220000000000000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00edd62ea20a1d331785", @ANYBLOB="f6058f6edd13b339a41741df7cc8ce16a184f1c3ce95557b15a6b9d8ed59050d446d58b1b14a601e31bc1f05ac2d5eab491981e7982e0834ddf3bc6592804936196dbce83b114f9265aa8c87654cf456311e4cba3ee22fd0451b75c902767755ccec2eb4ea77c45e8d4d4e77f867648d98797fdd8711d671c5f22669c60eb10bf9570150a2c247bf1e55cd1fb91e41588a73327e20823f2f15ce2255a75e6d8afb40aa37c5ae7af3fb6c770673242110d1e2c33cfd3264e2a156ae5ee38d5abfb2ad4c2a8a"], 0x40}}, 0x0) 01:41:05 executing program 1: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0xd800, &(0x7f00000003c0), 0x0, &(0x7f0000000640)=ANY=[@ANYBLOB='debug']) [ 2074.961245][T10552] FAT-fs (loop4): bogus number of reserved sectors [ 2074.967860][T10552] FAT-fs (loop4): Can't find a valid FAT filesystem 01:41:05 executing program 5: syz_mount_image$vfat(0x0, 0xfffffffffffffffc, 0x0, 0x0, 0x0, 0x0, 0x0) 01:41:06 executing program 5: socketpair(0x1, 0x3, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$AUDIT_USER_AVC(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={0x0, 0x38}, 0x1, 0x0, 0x803e0000}, 0x0) 01:41:06 executing program 5: sendmsg$GTP_CMD_DELPDP(0xffffffffffffffff, 0x0, 0xbf2fd321ec504094) 01:41:06 executing program 5: openat$vsock(0xffffffffffffff9c, &(0x7f0000000080), 0x41, 0x0) [ 2075.726781][T10549] syz-executor.4 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 2075.737085][T10549] CPU: 1 PID: 10549 Comm: syz-executor.4 Not tainted 5.19.0-rc6-syzkaller-00104-g72a8e05d4f66-dirty #0 [ 2075.748132][T10549] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 2075.758190][T10549] Call Trace: [ 2075.761561][T10549] [ 2075.764581][T10549] dump_stack_lvl+0xd6/0x122 [ 2075.769233][T10549] dump_stack+0x11/0x12 [ 2075.773404][T10549] dump_header+0x98/0x410 [ 2075.777771][T10549] oom_kill_process+0xfe/0x550 [ 2075.782569][T10549] out_of_memory+0x620/0x880 [ 2075.787177][T10549] mem_cgroup_oom+0x475/0x4f0 [ 2075.792005][T10549] try_charge_memcg+0x746/0x960 [ 2075.796939][T10549] charge_memcg+0x63/0x2c0 [ 2075.801386][T10549] __mem_cgroup_charge+0x25/0xa0 [ 2075.806390][T10549] wp_page_copy+0x20f/0x1460 [ 2075.811045][T10549] ? __this_cpu_preempt_check+0xf/0x10 [ 2075.816532][T10549] do_wp_page+0x76f/0xe10 [ 2075.820878][T10549] handle_mm_fault+0x5fb/0xa90 01:41:06 executing program 1: unshare(0x20030380) [ 2075.825652][T10549] do_user_addr_fault+0x4cd/0x940 [ 2075.830689][T10549] exc_page_fault+0x60/0x160 [ 2075.835318][T10549] asm_exc_page_fault+0x22/0x30 [ 2075.840252][T10549] RIP: 0033:0x7fe837f5a340 [ 2075.844771][T10549] Code: fe ff 49 39 dc 75 eb 48 8b 44 24 18 89 28 48 83 c4 28 5b 5d 41 5c 41 5d 41 5e 41 5f c3 0f 1f 44 00 00 41 89 c5 e9 75 fe ff ff <43> 89 2c 84 e9 a3 fe ff ff 0f 1f 80 00 00 00 00 49 39 d4 74 70 48 [ 2075.864380][T10549] RSP: 002b:00007ffd964f7790 EFLAGS: 00010246 [ 2075.870593][T10549] RAX: 000000007a3a1c80 RBX: 00007fe8380beff8 RCX: 0000001b2de20000 [ 2075.878578][T10549] RDX: 0000000000000000 RSI: 0000001b2de20018 RDI: 0000000008f1655a [ 2075.886562][T10549] RBP: 000000007a3a1c80 R08: 0000000000001c80 R09: 000000007a3a1c84 [ 2075.894545][T10549] R10: 0000000000000000 R11: 0000000000000000 R12: 00007fe8380b3000 [ 2075.902515][T10549] R13: 0000000000000001 R14: 0000000000000005 R15: ffffffff81436860 [ 2075.910527][T10549] ? memdup_user+0x10/0xb0 [ 2075.914997][T10549] [ 2075.918143][T10549] memory: usage 307200kB, limit 307200kB, failcnt 64198 [ 2075.925131][T10549] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2075.931965][T10549] Memory cgroup stats for /syz4: [ 2075.936197][T10549] anon 118784 [ 2075.936197][T10549] file 126976 [ 2075.936197][T10549] kernel 314322944 [ 2075.936197][T10549] kernel_stack 32768 [ 2075.936197][T10549] pagetables 77824 [ 2075.936197][T10549] percpu 11039616 [ 2075.936197][T10549] sock 0 [ 2075.936197][T10549] vmalloc 0 [ 2075.936197][T10549] shmem 126976 [ 2075.936197][T10549] file_mapped 126976 [ 2075.936197][T10549] file_dirty 0 [ 2075.936197][T10549] file_writeback 0 [ 2075.936197][T10549] swapcached 0 [ 2075.936197][T10549] inactive_anon 188416 [ 2075.936197][T10549] active_anon 57344 [ 2075.936197][T10549] inactive_file 0 [ 2075.936197][T10549] active_file 0 [ 2075.936197][T10549] unevictable 0 [ 2075.936197][T10549] slab_reclaimable 17016 [ 2075.936197][T10549] slab_unreclaimable 303122680 [ 2075.936197][T10549] slab 303139696 [ 2075.936197][T10549] workingset_refault_anon 0 [ 2075.936197][T10549] workingset_refault_file 15 [ 2075.936197][T10549] workingset_activate_anon 0 01:41:06 executing program 3: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000240)=0x1) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4000000010001fff000000000000038000000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00ed"], 0x40}}, 0x0) 01:41:06 executing program 1: unshare(0x4040000) [ 2075.936197][T10549] workingset_activate_file 0 [ 2076.032061][T10549] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=10549,uid=0 [ 2076.047499][T10549] Memory cgroup out of memory: Killed process 10549 (syz-executor.4) total-vm:46312kB, anon-rss:388kB, file-rss:8192kB, shmem-rss:0kB, UID:0 pgtables:80kB oom_score_adj:1000 01:41:06 executing program 2: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000240)=0x1) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4000000010001fff000000000000002f00000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00ed"], 0x40}}, 0x0) 01:41:06 executing program 5: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x1020, &(0x7f0000000640)=ANY=[]) 01:41:06 executing program 0: getpid() socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, 0x0, 0x0, 0x2, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4000000010001fff000000240000000000000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00edd62ea20a1d331785", @ANYBLOB="f6058f6edd13b339a41741df7cc8ce16a184f1c3ce95557b15a6b9d8ed59050d446d58b1b14a601e31bc1f05ac2d5eab491981e7982e0834ddf3bc6592804936196dbce83b114f9265aa8c87654cf456311e4cba3ee22fd0451b75c902767755ccec2eb4ea77c45e8d4d4e77f867648d98797fdd8711d671c5f22669c60eb10bf9570150a2c247bf1e55cd1fb91e41588a73327e20823f2f15ce2255a75e6d8afb40aa37c5ae7af3fb6c770673242110d1e2c33cfd3264e2a156ae5ee38d5abfb2ad4c2a8a"], 0x40}}, 0x0) 01:41:06 executing program 4: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0xa00, 0x0, &(0x7f00000003c0), 0x0, &(0x7f0000000640)=ANY=[]) 01:41:06 executing program 1: socketpair(0x1, 0x3, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$AUDIT_USER_AVC(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={0x0, 0x38}}, 0x4004085) [ 2076.220754][T10578] syz-executor.4 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 2076.231207][T10578] CPU: 0 PID: 10578 Comm: syz-executor.4 Not tainted 5.19.0-rc6-syzkaller-00104-g72a8e05d4f66-dirty #0 [ 2076.242311][T10578] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 2076.252388][T10578] Call Trace: [ 2076.255674][T10578] [ 2076.258669][T10578] dump_stack_lvl+0xd6/0x122 [ 2076.263292][T10578] dump_stack+0x11/0x12 [ 2076.267537][T10578] dump_header+0x98/0x410 [ 2076.271886][T10578] oom_kill_process+0xfe/0x550 [ 2076.276663][T10578] out_of_memory+0x620/0x880 [ 2076.281311][T10578] mem_cgroup_oom+0x475/0x4f0 [ 2076.286002][T10578] try_charge_memcg+0x746/0x960 [ 2076.290881][T10578] obj_cgroup_charge+0x171/0x2b0 [ 2076.295890][T10578] memcg_slab_pre_alloc_hook+0xf7/0x170 [ 2076.301498][T10578] ? shmem_alloc_inode+0x2d/0x40 [ 2076.306509][T10578] kmem_cache_alloc_lru+0x76/0x2b0 [ 2076.311680][T10578] ? __this_cpu_preempt_check+0xf/0x10 [ 2076.317261][T10578] ? __perf_event_task_sched_out+0xed6/0xf00 [ 2076.323271][T10578] ? preempt_count_add+0x51/0xa0 [ 2076.328221][T10578] shmem_alloc_inode+0x2d/0x40 [ 2076.333105][T10578] ? shmem_match+0xa0/0xa0 [ 2076.337529][T10578] alloc_inode+0x38/0x150 [ 2076.341936][T10578] new_inode+0x21/0x140 [ 2076.346227][T10578] shmem_get_inode+0x22b/0x6e0 [ 2076.351050][T10578] __shmem_file_setup+0xef/0x1c0 [ 2076.355991][T10578] shmem_file_setup+0x37/0x40 [ 2076.360683][T10578] __se_sys_memfd_create+0x1c1/0x330 [ 2076.366010][T10578] __x64_sys_memfd_create+0x2d/0x40 [ 2076.371366][T10578] do_syscall_64+0x2b/0x70 [ 2076.375835][T10578] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 2076.381808][T10578] RIP: 0033:0x7fe837fac109 [ 2076.386223][T10578] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 2076.405977][T10578] RSP: 002b:00007fe837721f28 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 2076.414450][T10578] RAX: ffffffffffffffda RBX: 00000000200003c0 RCX: 00007fe837fac109 [ 2076.422431][T10578] RDX: 00007fe837721fe0 RSI: 0000000000000000 RDI: 00007fe8380051be [ 2076.430438][T10578] RBP: 0000000000000000 R08: 00007fe837721fd8 R09: 0000000000000000 [ 2076.438470][T10578] R10: 00007fe837721fdc R11: 0000000000000246 R12: 0000000020000000 [ 2076.446511][T10578] R13: 0000000020000040 R14: 0000000000000a00 R15: 0000000020000640 [ 2076.454499][T10578] [ 2076.457626][T10578] memory: usage 307200kB, limit 307200kB, failcnt 64245 [ 2076.464680][T10578] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 01:41:06 executing program 5: r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x42441) sendmsg$NL80211_CMD_SET_WIPHY_NETNS(0xffffffffffffffff, &(0x7f0000000200)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x211}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x4c0c0}, 0x0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r0, 0xc08c5332, &(0x7f00000004c0)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @raw8={"a35704000000b6215dd33459"}}], 0xffffff01) close(0xffffffffffffffff) close(r0) 01:41:06 executing program 1: request_key(&(0x7f0000000640)='encrypted\x00', &(0x7f0000000680)={'syz', 0x0}, 0x0, 0x0) 01:41:06 executing program 5: r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x42441) sendmsg$NL80211_CMD_SET_WIPHY_NETNS(0xffffffffffffffff, &(0x7f0000000200)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x211}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x4c0c0}, 0x0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r0, 0xc08c5332, &(0x7f00000004c0)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @raw8={"a35704000000b6215dd33459"}}], 0xffffff01) close(0xffffffffffffffff) close(r0) 01:41:06 executing program 1: syz_emit_ethernet(0x38, &(0x7f0000000700)={@local, @empty, @void, {@ipv6={0x86dd, @generic={0x0, 0x6, "d576d7", 0x2, 0x2c, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', @remote, {[], "39be"}}}}}, 0x0) [ 2076.471531][T10578] Memory cgroup stats for /syz4: [ 2076.476981][T10578] anon 106496 [ 2076.476981][T10578] file 126976 [ 2076.476981][T10578] kernel 314335232 [ 2076.476981][T10578] kernel_stack 32768 [ 2076.476981][T10578] pagetables 77824 [ 2076.476981][T10578] percpu 11039616 [ 2076.476981][T10578] sock 0 [ 2076.476981][T10578] vmalloc 0 [ 2076.476981][T10578] shmem 126976 [ 2076.476981][T10578] file_mapped 126976 [ 2076.476981][T10578] file_dirty 0 [ 2076.476981][T10578] file_writeback 0 [ 2076.476981][T10578] swapcached 0 01:41:06 executing program 5: r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x42441) sendmsg$NL80211_CMD_SET_WIPHY_NETNS(0xffffffffffffffff, &(0x7f0000000200)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x211}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x4c0c0}, 0x0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r0, 0xc08c5332, &(0x7f00000004c0)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @raw8={"a35704000000b6215dd33459"}}], 0xffffff01) close(0xffffffffffffffff) close(r0) [ 2076.476981][T10578] inactive_anon 131072 [ 2076.476981][T10578] active_anon 57344 [ 2076.476981][T10578] inactive_file 0 [ 2076.476981][T10578] active_file 0 [ 2076.476981][T10578] unevictable 0 [ 2076.476981][T10578] slab_reclaimable 17216 [ 2076.476981][T10578] slab_unreclaimable 303129544 [ 2076.476981][T10578] slab 303146760 [ 2076.476981][T10578] workingset_refault_anon 0 [ 2076.476981][T10578] workingset_refault_file 15 [ 2076.476981][T10578] workingset_activate_anon 0 [ 2076.476981][T10578] workingset_activate_file 0 [ 2076.573163][T10578] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=10576,uid=0 [ 2076.588551][T10578] Memory cgroup out of memory: Killed process 10576 (syz-executor.4) total-vm:46312kB, anon-rss:388kB, file-rss:8192kB, shmem-rss:0kB, UID:0 pgtables:80kB oom_score_adj:1000 01:41:07 executing program 3: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000240)=0x1) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4000000010001fff000000000000008100000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00ed"], 0x40}}, 0x0) 01:41:07 executing program 1: unshare(0x400) r0 = openat$vcsu(0xffffffffffffff9c, &(0x7f0000000a80), 0x0, 0x0) sendmsg$nl_route(r0, 0x0, 0x0) 01:41:07 executing program 2: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000240)=0x1) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4000000010001fff000000000000033000000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00ed"], 0x40}}, 0x0) 01:41:07 executing program 4: socketpair(0x1, 0x3, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$AUDIT_USER_AVC(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={0x0, 0x38}, 0x1, 0x0, 0x2}, 0x0) 01:41:07 executing program 5: r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x42441) sendmsg$NL80211_CMD_SET_WIPHY_NETNS(0xffffffffffffffff, &(0x7f0000000200)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x211}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x4c0c0}, 0x0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r0, 0xc08c5332, &(0x7f00000004c0)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @raw8={"a35704000000b6215dd33459"}}], 0xffffff01) close(0xffffffffffffffff) close(r0) 01:41:07 executing program 1: keyctl$instantiate_iov(0x14, 0x0, &(0x7f00000003c0)=[{&(0x7f00000005c0)="c7e24611da264951d803f4fc877c1a6438ef168002d58435f7930673ead36eba29c29fc52ece2f5d667748721e15a8fe6e70b427605454f3f3d8c77b1bec3b4f790458be723290fa4ebd9ae5bea4db1f9091ea807079c47f3bac5c4d6a932bb654f2982f19a6f4919ee8ffd094b67d6035c374fa5dfd2365bf644861876babb761dae3036d6d0dcde472dfe8870626095a783056a5d8d45de1fd6ea1364f8373fb529154a86396e897b3f96fe8a9d7ebb00c71a5a92de4c47dc1347cec33bd1fa669c15c301998563383c6a10b", 0xcd}, {&(0x7f00000000c0)="a09ad233089e7020bb6d1885490da8dae255a3560ad2e1b74c2d65e064671bc86ec23ee791325d5cd213df8a0c51a04a436d1daaa346116afab7e05c1c6c501fe0a077e382da7b69daf616d4c4c711cfc0e4546a83366fd1daeddad5af22727e378161b9182c00fb97b2d38b62439553feb7e37165c7acfa9a0ea601a051148db94c955803725f1bc363b07da4c06842cfa2f739f0e59be926f9535feb5dfc2ab74bfc1049594a1fd4a21693610f6381d4", 0xb1}, {&(0x7f0000000180)="00000000307624250d64706eb7cb80cdec31", 0x12}, {&(0x7f00000001c0)="ae9994340da311b26101f8a9c79548b57d7018523116d2e548f950e265911d6f213e308f55a2305cfdee1b242ae885e4eb6291fb5878d95cf89b01fe4148daafb407a99d73d83184e1268b87611d7e3edc0d9956f52576a6bb744fdf674297dab0dfe9b6d3c0220249892412822f2dae5e10b257fda6c5f32887bc5bc96134dc08a7a1172f23f2d30f8dc5b35ec3bfa3e4259d4fdd1c9774fd15af9e628ffb40ce29687008973bc54035acef45934b654cc34bc3ac735b19553a9d634fe20478542957e8587adbf838a3acde13e604aa606a09b791f0b7c7e1fb011f9db0c460f1273fc7167582", 0xe7}, {&(0x7f00000002c0)="d6779bc959a26af4bead88d36e0f0b615e44feffffffffffffff28cbfd00e7a243d541240082af29b581705c1d150a20742b3ac1e40650632ebc2d51a764cfc96acaa6e5cccacb6ea8c3ba0cf622f52d07c119bb876ee3bcf74878b9ad9dd1f3f8ff22a6073ff8168e14492a3a0b67e594f8952e01f11ec595a07dff7feed7111a28b4c42494485216383947bb74939d3288a96ac6e0a8cef85c2ee956d164cd", 0xa0}, {&(0x7f0000000380)="7f80e57da27ad420cd94128e7da64bfc6c6b9a8539c8f35aaffe4fc02b7b8f03c9abc3ae90684f023bf49897531536fc973395a8bae1f566f284c5130c1af9", 0x3f}], 0x10d5, 0x0) 01:41:07 executing program 0: getpid() socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, 0x0, 0x0, 0x2, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4000000010001fff000003240000000000000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00edd62ea20a1d331785", @ANYBLOB="f6058f6edd13b339a41741df7cc8ce16a184f1c3ce95557b15a6b9d8ed59050d446d58b1b14a601e31bc1f05ac2d5eab491981e7982e0834ddf3bc6592804936196dbce83b114f9265aa8c87654cf456311e4cba3ee22fd0451b75c902767755ccec2eb4ea77c45e8d4d4e77f867648d98797fdd8711d671c5f22669c60eb10bf9570150a2c247bf1e55cd1fb91e41588a73327e20823f2f15ce2255a75e6d8afb40aa37c5ae7af3fb6c770673242110d1e2c33cfd3264e2a156ae5ee38d5abfb2ad4c2a8a"], 0x40}}, 0x0) 01:41:07 executing program 1: request_key(&(0x7f00000003c0)='asymmetric\x00', &(0x7f0000000400)={'syz', 0x3}, 0x0, 0x0) 01:41:07 executing program 5: keyctl$instantiate_iov(0x14, 0x0, &(0x7f0000000640)=[{&(0x7f00000003c0)="a933d4ccf17c64a929826c7458549b359f1f41af159368", 0xfffffe02}, {&(0x7f0000000400)="f371250d71796a8a7c4d5e634320926cccc55076ae00e6fa419519b8981aea7c11147fa84699236b64c87be1d4691b6007d7fe3f17bd7f2c69644406cc85f9ee05a23fed9b90de69b064d0b0300bfc052737622e9e5793b7f289904811a99beba086019ffe3935a47b35fc9045cf76a40eeecc1185a599fa52e8bc82093f73bf3bad24ad12aec4a0c1021fe01825f4c9054126f90cd03c308f320334416da86956011d49a741dc56875c43d4ef8542aadb2d9eb7ac20320ae420331e336f283adb16c85bbfe399ce5375e00b6ace609748f17c96df945d89783c148196f78598bff2", 0xe2}, {&(0x7f0000000500)="1d82a5d5c073fef1769b9c4bde04488e898536727eff6a22acc0eab7d753b1dfa052d6dbe534672f9c268a", 0x2b}, {&(0x7f0000000540)="0bb5531d11d94cf1b7830451f1b567f2022ad4e445510a71c634a969fe52d04ab0aeb27a01acc6f263b847778503831a6620acf3d3a8749aaa2313ae4c36847172fa84183def2801c23970ae3251fc00b2af67b3f90e993018cc6591dd74c3f7cc1410f3abd8e799ccce477ebbb75b14b23cb08500646696f98765515c8521617370f103105d9b381c9800558e6ff38e806e5113e269253bc56c26813e3fe14a976327aac1a15d52723375ef65540d0dd0fb7e25a52ade011df49b68c9975087016ac1", 0xc3}], 0x4, 0x0) 01:41:07 executing program 5: socketpair(0x1, 0x3, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$AUDIT_USER_AVC(r0, &(0x7f0000000100)={0x0, 0x0, 0x0, 0xffffff1f}, 0x0) 01:41:07 executing program 1: r0 = add_key$user(&(0x7f0000000000), &(0x7f0000000040)={'syz', 0x1}, &(0x7f0000000080)="16", 0x1, 0xfffffffffffffffe) keyctl$revoke(0x3, r0) 01:41:07 executing program 5: syz_mount_image$vfat(&(0x7f0000000700), &(0x7f0000000740)='./file0\x00', 0x0, 0x0, &(0x7f00000008c0), 0x0, &(0x7f0000000900)={[{@fat=@usefree}]}) [ 2077.377465][T10606] syz-executor.4 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 2077.387799][T10606] CPU: 1 PID: 10606 Comm: syz-executor.4 Not tainted 5.19.0-rc6-syzkaller-00104-g72a8e05d4f66-dirty #0 [ 2077.398830][T10606] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 2077.408894][T10606] Call Trace: [ 2077.412234][T10606] [ 2077.415185][T10606] dump_stack_lvl+0xd6/0x122 [ 2077.419790][T10606] dump_stack+0x11/0x12 [ 2077.423958][T10606] dump_header+0x98/0x410 [ 2077.428373][T10606] oom_kill_process+0xfe/0x550 [ 2077.433198][T10606] out_of_memory+0x620/0x880 [ 2077.437870][T10606] mem_cgroup_oom+0x475/0x4f0 [ 2077.442641][T10606] try_charge_memcg+0x746/0x960 [ 2077.447491][T10606] charge_memcg+0x63/0x2c0 [ 2077.451971][T10606] __mem_cgroup_charge+0x25/0xa0 [ 2077.456978][T10606] wp_page_copy+0x20f/0x1460 [ 2077.461622][T10606] do_wp_page+0x76f/0xe10 [ 2077.466011][T10606] handle_mm_fault+0x5fb/0xa90 [ 2077.470770][T10606] do_user_addr_fault+0x4cd/0x940 [ 2077.475809][T10606] exc_page_fault+0x60/0x160 [ 2077.480433][T10606] asm_exc_page_fault+0x22/0x30 [ 2077.485348][T10606] RIP: 0033:0x7fe837f5747e [ 2077.489766][T10606] Code: 8b 72 18 48 8d 54 24 08 48 c7 44 24 08 00 00 00 00 48 89 43 10 e8 12 4f ff ff 84 c0 74 16 48 8b 44 24 08 49 c1 e4 04 49 01 ec <41> c6 04 24 01 49 89 44 24 08 48 8b 53 10 4c 39 ea 73 59 4c 8d 4a [ 2077.509363][T10606] RSP: 002b:00007ffd964f7840 EFLAGS: 00010206 [ 2077.515484][T10606] RAX: 0000000000000004 RBX: 00007fe8380bef60 RCX: 0000000000000004 [ 2077.523451][T10606] RDX: 96f38f4ddf9c718a RSI: 0000000000000000 RDI: 00005555560a12e8 [ 2077.531425][T10606] RBP: 00007fe8380bb0a0 R08: 0000000000000010 R09: 00007fe8380c3090 [ 2077.539456][T10606] R10: 00007ffd964f7960 R11: 0000000000000246 R12: 00007fe8380bb0a0 [ 2077.547414][T10606] R13: 00007fe8384c3000 R14: 00007fe8380bef60 R15: 0000000000000032 [ 2077.555553][T10606] [ 2077.558615][T10606] memory: usage 307196kB, limit 307200kB, failcnt 64287 [ 2077.565555][T10606] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2077.572389][T10606] Memory cgroup stats for /syz4: [ 2077.572762][T10606] anon 102400 [ 2077.572762][T10606] file 126976 [ 2077.572762][T10606] kernel 314339328 [ 2077.572762][T10606] kernel_stack 32768 [ 2077.572762][T10606] pagetables 77824 [ 2077.572762][T10606] percpu 11039616 [ 2077.572762][T10606] sock 0 [ 2077.572762][T10606] vmalloc 0 [ 2077.572762][T10606] shmem 126976 [ 2077.572762][T10606] file_mapped 126976 [ 2077.572762][T10606] file_dirty 0 [ 2077.572762][T10606] file_writeback 0 [ 2077.572762][T10606] swapcached 0 [ 2077.572762][T10606] inactive_anon 172032 [ 2077.572762][T10606] active_anon 57344 [ 2077.572762][T10606] inactive_file 0 [ 2077.572762][T10606] active_file 0 [ 2077.572762][T10606] unevictable 0 [ 2077.572762][T10606] slab_reclaimable 17792 [ 2077.572762][T10606] slab_unreclaimable 303132000 [ 2077.572762][T10606] slab 303149792 [ 2077.572762][T10606] workingset_refault_anon 0 [ 2077.572762][T10606] workingset_refault_file 15 [ 2077.572762][T10606] workingset_activate_anon 0 [ 2077.572762][T10606] workingset_activate_file 0 [ 2077.668450][T10606] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=10606,uid=0 [ 2077.683774][T10606] Memory cgroup out of memory: Killed process 10606 (syz-executor.4) total-vm:46312kB, anon-rss:388kB, file-rss:8192kB, shmem-rss:0kB, UID:0 pgtables:80kB oom_score_adj:1000 01:41:08 executing program 1: syz_mount_image$vfat(0x0, &(0x7f0000000200)='.\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 01:41:08 executing program 3: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000240)=0x1) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4000000010001fff00000000ffffff8100000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00ed"], 0x40}}, 0x0) 01:41:08 executing program 5: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f00000003c0), 0x840, &(0x7f0000000640)=ANY=[@ANYBLOB='debug']) 01:41:08 executing program 4: r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x42441) close(r0) 01:41:08 executing program 1: r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x42441) sendmsg$NL80211_CMD_SET_WIPHY_NETNS(0xffffffffffffffff, 0x0, 0x0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r0, 0xc08c5332, &(0x7f00000004c0)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {0xd3}, @quote={{0x3}, 0x0, &(0x7f0000000000)={0x47, 0x0, 0x0, 0x0, @time, {}, {}, @result}}}], 0x1c) 01:41:08 executing program 2: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000240)=0x1) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4000000010001fff000000000000003200000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00ed"], 0x40}}, 0x0) 01:41:08 executing program 0: getpid() socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, 0x0, 0x0, 0x2, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4000000010001fff000000250000000000000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00edd62ea20a1d331785", @ANYBLOB="f6058f6edd13b339a41741df7cc8ce16a184f1c3ce95557b15a6b9d8ed59050d446d58b1b14a601e31bc1f05ac2d5eab491981e7982e0834ddf3bc6592804936196dbce83b114f9265aa8c87654cf456311e4cba3ee22fd0451b75c902767755ccec2eb4ea77c45e8d4d4e77f867648d98797fdd8711d671c5f22669c60eb10bf9570150a2c247bf1e55cd1fb91e41588a73327e20823f2f15ce2255a75e6d8afb40aa37c5ae7af3fb6c770673242110d1e2c33cfd3264e2a156ae5ee38d5abfb2ad4c2a8a"], 0x40}}, 0x0) 01:41:08 executing program 5: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f00000003c0), 0x0, &(0x7f0000000640)=ANY=[]) 01:41:08 executing program 1: syz_open_dev$evdev(&(0x7f0000000000), 0x3, 0x26681) [ 2078.446778][T10638] syz-executor.4 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 2078.457221][T10638] CPU: 1 PID: 10638 Comm: syz-executor.4 Not tainted 5.19.0-rc6-syzkaller-00104-g72a8e05d4f66-dirty #0 [ 2078.468260][T10638] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 2078.478311][T10638] Call Trace: [ 2078.481589][T10638] [ 2078.484541][T10638] dump_stack_lvl+0xd6/0x122 [ 2078.489136][T10638] dump_stack+0x11/0x12 [ 2078.493306][T10638] dump_header+0x98/0x410 [ 2078.497641][T10638] oom_kill_process+0xfe/0x550 [ 2078.502497][T10638] out_of_memory+0x620/0x880 [ 2078.507132][T10638] mem_cgroup_oom+0x475/0x4f0 [ 2078.511829][T10638] try_charge_memcg+0x746/0x960 [ 2078.516682][T10638] charge_memcg+0x63/0x2c0 [ 2078.521165][T10638] __mem_cgroup_charge+0x25/0xa0 [ 2078.526105][T10638] wp_page_copy+0x20f/0x1460 [ 2078.530702][T10638] ? shrink_zones+0x525/0x5d0 [ 2078.535382][T10638] do_wp_page+0x76f/0xe10 [ 2078.539737][T10638] handle_mm_fault+0x5fb/0xa90 [ 2078.544557][T10638] do_user_addr_fault+0x4cd/0x940 [ 2078.549597][T10638] exc_page_fault+0x60/0x160 [ 2078.554569][T10638] asm_exc_page_fault+0x22/0x30 [ 2078.559442][T10638] RIP: 0033:0x7fe837f5a340 [ 2078.563860][T10638] Code: fe ff 49 39 dc 75 eb 48 8b 44 24 18 89 28 48 83 c4 28 5b 5d 41 5c 41 5d 41 5e 41 5f c3 0f 1f 44 00 00 41 89 c5 e9 75 fe ff ff <43> 89 2c 84 e9 a3 fe ff ff 0f 1f 80 00 00 00 00 49 39 d4 74 70 48 [ 2078.583473][T10638] RSP: 002b:00007ffd964f7790 EFLAGS: 00010246 [ 2078.589545][T10638] RAX: 0000000038fda513 RBX: 00007fe8380beff8 RCX: 0000001b2de20000 01:41:09 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl$sock_ipv6_tunnel_SIOCGET6RD(r0, 0x89f8, &(0x7f0000000000)={'erspan0\x00', 0x0}) [ 2078.597600][T10638] RDX: 0000000000000000 RSI: 0000001b2de20018 RDI: 0000000008be33e4 [ 2078.605569][T10638] RBP: 0000000038fda513 R08: 0000000000000513 R09: 0000000038fda517 [ 2078.613538][T10638] R10: 00007ffd964f7960 R11: 0000000000000246 R12: 00007fe8380b3000 [ 2078.621526][T10638] R13: 0000000000000001 R14: 0000000000000001 R15: ffffffff8152a2ad [ 2078.629517][T10638] ? __x64_sys_openat+0x9d/0x110 [ 2078.634470][T10638] [ 2078.637807][T10638] memory: usage 307200kB, limit 307200kB, failcnt 64345 01:41:09 executing program 5: r0 = add_key$keyring(&(0x7f0000000780), &(0x7f00000007c0)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffe) r1 = add_key(&(0x7f00000000c0)='user\x00', &(0x7f0000000100)={'syz', 0x1}, &(0x7f0000000800)="a4", 0x1, r0) add_key$keyring(&(0x7f00000001c0), 0x0, 0x0, 0x0, r1) 01:41:09 executing program 5: socketpair(0x1, 0x3, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$AUDIT_USER_AVC(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={0x0, 0x33fe0}}, 0x0) [ 2078.644822][T10638] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2078.651680][T10638] Memory cgroup stats for /syz4: [ 2078.652175][T10638] anon 110592 [ 2078.652175][T10638] file 126976 [ 2078.652175][T10638] kernel 314335232 [ 2078.652175][T10638] kernel_stack 32768 [ 2078.652175][T10638] pagetables 77824 [ 2078.652175][T10638] percpu 11039616 [ 2078.652175][T10638] sock 0 [ 2078.652175][T10638] vmalloc 0 [ 2078.652175][T10638] shmem 126976 [ 2078.652175][T10638] file_mapped 126976 [ 2078.652175][T10638] file_dirty 0 [ 2078.652175][T10638] file_writeback 0 01:41:09 executing program 5: r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x42441) sendmsg$NL80211_CMD_SET_WIPHY_NETNS(0xffffffffffffffff, &(0x7f0000000200)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x211}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x4c0c0}, 0x0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r0, 0xc08c5332, &(0x7f00000004c0)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @raw8={"a35704000000b6215dd33459"}}], 0xffffff01) ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r0, 0x4040534e, &(0x7f0000000040)={0x2c2}) [ 2078.652175][T10638] swapcached 0 [ 2078.652175][T10638] inactive_anon 180224 [ 2078.652175][T10638] active_anon 57344 [ 2078.652175][T10638] inactive_file 0 [ 2078.652175][T10638] active_file 0 [ 2078.652175][T10638] unevictable 0 [ 2078.652175][T10638] slab_reclaimable 15840 [ 2078.652175][T10638] slab_unreclaimable 303129544 [ 2078.652175][T10638] slab 303145384 [ 2078.652175][T10638] workingset_refault_anon 0 [ 2078.652175][T10638] workingset_refault_file 15 [ 2078.652175][T10638] workingset_activate_anon 0 [ 2078.652175][T10638] workingset_activate_file 0 01:41:09 executing program 3: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000240)=0x1) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4000000010001fff000000000000008400000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00ed"], 0x40}}, 0x0) 01:41:09 executing program 5: r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x42441) sendmsg$NL80211_CMD_SET_WIPHY_NETNS(0xffffffffffffffff, &(0x7f0000000200)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x211}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x4c0c0}, 0x0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r0, 0xc08c5332, &(0x7f00000004c0)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @raw8={"a35704000000b6215dd33459"}}], 0xffffff01) ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r0, 0x4040534e, &(0x7f0000000040)={0x2c2}) 01:41:09 executing program 4: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000640)=ANY=[@ANYBLOB='\"']) 01:41:09 executing program 5: r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x42441) sendmsg$NL80211_CMD_SET_WIPHY_NETNS(0xffffffffffffffff, &(0x7f0000000200)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x211}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x4c0c0}, 0x0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r0, 0xc08c5332, &(0x7f00000004c0)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @raw8={"a35704000000b6215dd33459"}}], 0xffffff01) ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r0, 0x4040534e, &(0x7f0000000040)={0x2c2}) [ 2078.748365][T10638] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=10638,uid=0 [ 2078.763884][T10638] Memory cgroup out of memory: Killed process 10638 (syz-executor.4) total-vm:46312kB, anon-rss:388kB, file-rss:8192kB, shmem-rss:0kB, UID:0 pgtables:80kB oom_score_adj:1000 [ 2078.846428][T10671] syz-executor.4 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 2078.856728][T10671] CPU: 1 PID: 10671 Comm: syz-executor.4 Not tainted 5.19.0-rc6-syzkaller-00104-g72a8e05d4f66-dirty #0 [ 2078.867846][T10671] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 2078.877939][T10671] Call Trace: [ 2078.881204][T10671] [ 2078.884185][T10671] dump_stack_lvl+0xd6/0x122 [ 2078.888783][T10671] dump_stack+0x11/0x12 [ 2078.892978][T10671] dump_header+0x98/0x410 [ 2078.897300][T10671] oom_kill_process+0xfe/0x550 [ 2078.902122][T10671] out_of_memory+0x620/0x880 [ 2078.906743][T10671] mem_cgroup_oom+0x475/0x4f0 [ 2078.911410][T10671] try_charge_memcg+0x746/0x960 [ 2078.916258][T10671] obj_cgroup_charge+0x171/0x2b0 [ 2078.921266][T10671] memcg_slab_pre_alloc_hook+0xf7/0x170 [ 2078.926794][T10671] ? __d_alloc+0x3d/0x380 [ 2078.931126][T10671] kmem_cache_alloc_lru+0x76/0x2b0 [ 2078.936311][T10671] ? __d_lookup+0x3a6/0x3d0 [ 2078.940804][T10671] __d_alloc+0x3d/0x380 [ 2078.945013][T10671] d_alloc+0x2a/0x100 [ 2078.948993][T10671] __lookup_hash+0x8f/0x180 [ 2078.953533][T10671] filename_create+0x147/0x2b0 [ 2078.958368][T10671] do_mkdirat+0x63/0x280 [ 2078.962605][T10671] __x64_sys_mkdirat+0x4c/0x60 [ 2078.967420][T10671] do_syscall_64+0x2b/0x70 [ 2078.971822][T10671] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 2078.977722][T10671] RIP: 0033:0x7fe837fab217 [ 2078.982123][T10671] Code: 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 02 01 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 2079.001814][T10671] RSP: 002b:00007fe837721f88 EFLAGS: 00000246 ORIG_RAX: 0000000000000102 [ 2079.010290][T10671] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fe837fab217 [ 2079.018249][T10671] RDX: 00000000000001ff RSI: 0000000020000040 RDI: 00000000ffffff9c [ 2079.026205][T10671] RBP: 00007fe83800605d R08: 0000000000000000 R09: 0000000000000000 [ 2079.034160][T10671] R10: 0000000020000000 R11: 0000000000000246 R12: 0000000020000000 [ 2079.042133][T10671] R13: 0000000020000040 R14: 00007fe837721fe0 R15: 0000000020000640 [ 2079.050109][T10671] [ 2079.053208][T10671] memory: usage 307200kB, limit 307200kB, failcnt 64395 [ 2079.060207][T10671] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2079.067055][T10671] Memory cgroup stats for /syz4: [ 2079.067716][T10671] anon 106496 [ 2079.067716][T10671] file 126976 [ 2079.067716][T10671] kernel 314339328 [ 2079.067716][T10671] kernel_stack 32768 [ 2079.067716][T10671] pagetables 77824 [ 2079.067716][T10671] percpu 11039616 [ 2079.067716][T10671] sock 0 [ 2079.067716][T10671] vmalloc 0 [ 2079.067716][T10671] shmem 126976 [ 2079.067716][T10671] file_mapped 126976 [ 2079.067716][T10671] file_dirty 0 [ 2079.067716][T10671] file_writeback 0 [ 2079.067716][T10671] swapcached 0 [ 2079.067716][T10671] inactive_anon 147456 [ 2079.067716][T10671] active_anon 57344 [ 2079.067716][T10671] inactive_file 0 [ 2079.067716][T10671] active_file 0 [ 2079.067716][T10671] unevictable 0 [ 2079.067716][T10671] slab_reclaimable 21344 [ 2079.067716][T10671] slab_unreclaimable 303129544 [ 2079.067716][T10671] slab 303150888 [ 2079.067716][T10671] workingset_refault_anon 0 [ 2079.067716][T10671] workingset_refault_file 15 [ 2079.067716][T10671] workingset_activate_anon 0 [ 2079.067716][T10671] workingset_activate_file 0 [ 2079.163534][T10671] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=10664,uid=0 [ 2079.179072][T10671] Memory cgroup out of memory: Killed process 10664 (syz-executor.4) total-vm:46312kB, anon-rss:388kB, file-rss:8192kB, shmem-rss:0kB, UID:0 pgtables:80kB oom_score_adj:1000 01:41:09 executing program 5: r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x42441) sendmsg$NL80211_CMD_SET_WIPHY_NETNS(0xffffffffffffffff, &(0x7f0000000200)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x211}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x4c0c0}, 0x0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r0, 0xc08c5332, &(0x7f00000004c0)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @raw8={"a35704000000b6215dd33459"}}], 0xffffff01) ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r0, 0x4040534e, &(0x7f0000000040)={0x2c2}) 01:41:09 executing program 1: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000840)={0x0, 0x0, &(0x7f0000000800)={&(0x7f0000000780)=@bridge_getvlan={0x28, 0x72, 0x0, 0x0, 0x0, {}, [@BRIDGE_VLANDB_DUMP_FLAGS={0x8}, @BRIDGE_VLANDB_DUMP_FLAGS={0x8}]}, 0x28}}, 0x0) 01:41:09 executing program 4: unshare(0x20600) 01:41:09 executing program 0: getpid() socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, 0x0, 0x0, 0x2, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4000000010001fff000000280000000000000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00edd62ea20a1d331785", @ANYBLOB="f6058f6edd13b339a41741df7cc8ce16a184f1c3ce95557b15a6b9d8ed59050d446d58b1b14a601e31bc1f05ac2d5eab491981e7982e0834ddf3bc6592804936196dbce83b114f9265aa8c87654cf456311e4cba3ee22fd0451b75c902767755ccec2eb4ea77c45e8d4d4e77f867648d98797fdd8711d671c5f22669c60eb10bf9570150a2c247bf1e55cd1fb91e41588a73327e20823f2f15ce2255a75e6d8afb40aa37c5ae7af3fb6c770673242110d1e2c33cfd3264e2a156ae5ee38d5abfb2ad4c2a8a"], 0x40}}, 0x0) 01:41:09 executing program 2: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000240)=0x1) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4000000010001fff000000000000033400000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00ed"], 0x40}}, 0x0) 01:41:09 executing program 5: r0 = add_key$keyring(&(0x7f0000000780), &(0x7f00000007c0)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffe) add_key(&(0x7f0000000140)='encrypted\x00', &(0x7f0000000180)={'syz', 0x0}, 0x0, 0x0, r0) 01:41:09 executing program 1: syz_mount_image$vfat(0x0, &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) newfstatat(0xffffffffffffff9c, &(0x7f0000000680)='./file0\x00', &(0x7f00000006c0), 0x0) 01:41:09 executing program 1: r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$PPPIOCSFLAGS1(r0, 0x40047459, 0x0) [ 2079.489226][T10684] syz-executor.4 invoked oom-killer: gfp_mask=0xdc0(GFP_KERNEL|__GFP_ZERO), order=0, oom_score_adj=1000 [ 2079.500529][T10684] CPU: 0 PID: 10684 Comm: syz-executor.4 Not tainted 5.19.0-rc6-syzkaller-00104-g72a8e05d4f66-dirty #0 [ 2079.511570][T10684] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 2079.521639][T10684] Call Trace: [ 2079.524958][T10684] [ 2079.527895][T10684] dump_stack_lvl+0xd6/0x122 [ 2079.532569][T10684] dump_stack+0x11/0x12 [ 2079.536738][T10684] dump_header+0x98/0x410 [ 2079.541082][T10684] oom_kill_process+0xfe/0x550 [ 2079.545859][T10684] out_of_memory+0x620/0x880 [ 2079.550543][T10684] mem_cgroup_oom+0x475/0x4f0 [ 2079.555249][T10684] try_charge_memcg+0x746/0x960 [ 2079.560108][T10684] ? pcpu_alloc_area+0x4e6/0x500 [ 2079.565126][T10684] ? _find_next_bit+0x188/0x190 [ 2079.570097][T10684] obj_cgroup_charge+0x171/0x2b0 [ 2079.575092][T10684] kmem_cache_alloc+0x92/0x300 [ 2079.579858][T10684] ? alloc_vfsmnt+0x2b/0x2e0 [ 2079.584472][T10684] alloc_vfsmnt+0x2b/0x2e0 [ 2079.588895][T10684] clone_mnt+0x40/0x880 [ 2079.593054][T10684] copy_tree+0x313/0x870 [ 2079.597307][T10684] copy_mnt_ns+0x116/0x600 [ 2079.601730][T10684] ? create_new_namespaces+0x3c/0x450 [ 2079.607185][T10684] create_new_namespaces+0x88/0x450 [ 2079.612415][T10684] unshare_nsproxy_namespaces+0xe2/0x120 [ 2079.618215][T10684] ksys_unshare+0x38c/0x6e0 [ 2079.622732][T10684] __x64_sys_unshare+0x1b/0x20 [ 2079.627510][T10684] do_syscall_64+0x2b/0x70 [ 2079.631977][T10684] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 2079.637934][T10684] RIP: 0033:0x7fe837fac109 [ 2079.642347][T10684] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 2079.661988][T10684] RSP: 002b:00007fe837722168 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 2079.670580][T10684] RAX: ffffffffffffffda RBX: 00007fe8380bef60 RCX: 00007fe837fac109 [ 2079.678798][T10684] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000020600 [ 2079.686774][T10684] RBP: 00007fe83800605d R08: 0000000000000000 R09: 0000000000000000 [ 2079.694879][T10684] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 2079.702966][T10684] R13: 00007ffd964f77ff R14: 00007fe837722300 R15: 0000000000022000 [ 2079.711018][T10684] [ 2079.714074][T10684] memory: usage 307200kB, limit 307200kB, failcnt 64431 [ 2079.721008][T10684] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2079.727886][T10684] Memory cgroup stats for /syz4: [ 2079.746320][T10684] anon 98304 [ 2079.746320][T10684] file 126976 [ 2079.746320][T10684] kernel 314347520 [ 2079.746320][T10684] kernel_stack 32768 [ 2079.746320][T10684] pagetables 69632 [ 2079.746320][T10684] percpu 11039616 [ 2079.746320][T10684] sock 0 [ 2079.746320][T10684] vmalloc 0 [ 2079.746320][T10684] shmem 126976 [ 2079.746320][T10684] file_mapped 126976 [ 2079.746320][T10684] file_dirty 0 [ 2079.746320][T10684] file_writeback 0 [ 2079.746320][T10684] swapcached 0 01:41:10 executing program 3: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000240)=0x1) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4000000010001fff000000000000018600000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00ed"], 0x40}}, 0x0) 01:41:10 executing program 5: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0xf9fdffff, 0x0, &(0x7f00000003c0), 0x0, &(0x7f0000000640)=ANY=[]) 01:41:10 executing program 1: syz_mount_image$vfat(&(0x7f00000001c0), &(0x7f0000000200)='./file0\x00', 0x0, 0x0, 0x0, 0x1328c0, &(0x7f0000000080)) 01:41:10 executing program 1: r0 = add_key$keyring(&(0x7f0000000780), &(0x7f0000000000)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffe) keyctl$chown(0x4, r0, 0xee00, 0xee01) keyctl$chown(0x4, r0, 0x0, 0x0) 01:41:10 executing program 5: r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x42441) sendmsg$NL80211_CMD_SET_WIPHY_NETNS(0xffffffffffffffff, &(0x7f0000000200)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x211}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x4c0c0}, 0x0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r0, 0xc08c5332, &(0x7f00000004c0)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @raw8={"a35704000000b6215dd33459"}}], 0xffffff01) close(r0) [ 2079.746320][T10684] inactive_anon 167936 [ 2079.746320][T10684] active_anon 57344 [ 2079.746320][T10684] inactive_file 0 [ 2079.746320][T10684] active_file 0 [ 2079.746320][T10684] unevictable 0 [ 2079.746320][T10684] slab_reclaimable 18192 [ 2079.746320][T10684] slab_unreclaimable 303142296 [ 2079.746320][T10684] slab 303160488 [ 2079.746320][T10684] workingset_refault_anon 0 [ 2079.746320][T10684] workingset_refault_file 15 [ 2079.746320][T10684] workingset_activate_anon 0 [ 2079.746320][T10684] workingset_activate_file 0 [ 2079.842251][T10684] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=10675,uid=0 [ 2079.857827][T10684] Memory cgroup out of memory: Killed process 10675 (syz-executor.4) total-vm:46312kB, anon-rss:388kB, file-rss:8192kB, shmem-rss:0kB, UID:0 pgtables:72kB oom_score_adj:1000 [ 2080.023377][T10709] syz-executor.4 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 2080.033748][T10709] CPU: 1 PID: 10709 Comm: syz-executor.4 Not tainted 5.19.0-rc6-syzkaller-00104-g72a8e05d4f66-dirty #0 [ 2080.044799][T10709] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 2080.054865][T10709] Call Trace: [ 2080.058146][T10709] [ 2080.061116][T10709] dump_stack_lvl+0xd6/0x122 [ 2080.065744][T10709] dump_stack+0x11/0x12 [ 2080.069904][T10709] dump_header+0x98/0x410 [ 2080.074277][T10709] oom_kill_process+0xfe/0x550 [ 2080.079115][T10709] out_of_memory+0x620/0x880 [ 2080.083730][T10709] mem_cgroup_oom+0x475/0x4f0 [ 2080.088496][T10709] try_charge_memcg+0x746/0x960 [ 2080.093352][T10709] __memcg_kmem_charge_page+0x2e4/0x480 [ 2080.098944][T10709] alloc_thread_stack_node+0x101/0x360 [ 2080.104470][T10709] dup_task_struct+0x96/0x2a0 [ 2080.109149][T10709] copy_process+0x3cb/0x20b0 [ 2080.113791][T10709] kernel_clone+0x163/0x5c0 [ 2080.118357][T10709] __x64_sys_clone+0xc3/0xf0 01:41:10 executing program 5: r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x42441) sendmsg$NL80211_CMD_SET_WIPHY_NETNS(0xffffffffffffffff, &(0x7f0000000200)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x211}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x4c0c0}, 0x0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r0, 0xc08c5332, &(0x7f00000004c0)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @raw8={"a35704000000b6215dd33459"}}], 0xffffff01) close(r0) 01:41:10 executing program 4: r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x42441) sendmsg$NL80211_CMD_SET_WIPHY_NETNS(0xffffffffffffffff, &(0x7f0000000200)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x211}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x4c0c0}, 0x0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r0, 0xc08c5332, &(0x7f00000004c0)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @raw8={"a35704000000b6215dd33459"}}], 0xffffff01) close(r0) [ 2080.122962][T10709] do_syscall_64+0x2b/0x70 [ 2080.127381][T10709] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 2080.133281][T10709] RIP: 0033:0x7fe837fad531 [ 2080.137731][T10709] Code: 48 85 ff 74 3d 48 85 f6 74 38 48 83 ee 10 48 89 4e 08 48 89 3e 48 89 d7 4c 89 c2 4d 89 c8 4c 8b 54 24 08 b8 38 00 00 00 0f 05 <48> 85 c0 7c 13 74 01 c3 31 ed 58 5f ff d0 48 89 c7 b8 3c 00 00 00 [ 2080.157382][T10709] RSP: 002b:00007ffd964f7748 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 2080.165839][T10709] RAX: ffffffffffffffda RBX: 00007fe837722700 RCX: 00007fe837fad531 [ 2080.173796][T10709] RDX: 00007fe8377229d0 RSI: 00007fe8377222f0 RDI: 00000000003d0f00 [ 2080.181765][T10709] RBP: 00007ffd964f7990 R08: 00007fe837722700 R09: 00007fe837722700 [ 2080.189737][T10709] R10: 00007fe8377229d0 R11: 0000000000000206 R12: 00007ffd964f77fe [ 2080.197706][T10709] R13: 00007ffd964f77ff R14: 00007fe837722300 R15: 0000000000022000 [ 2080.205678][T10709] [ 2080.208813][T10709] memory: usage 307200kB, limit 307200kB, failcnt 64484 [ 2080.215777][T10709] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2080.222613][T10709] Memory cgroup stats for /syz4: [ 2080.225018][T10709] anon 94208 [ 2080.225018][T10709] file 126976 [ 2080.225018][T10709] kernel 314327040 [ 2080.225018][T10709] kernel_stack 16384 [ 2080.225018][T10709] pagetables 73728 [ 2080.225018][T10709] percpu 11039616 [ 2080.225018][T10709] sock 0 [ 2080.225018][T10709] vmalloc 0 [ 2080.225018][T10709] shmem 126976 [ 2080.225018][T10709] file_mapped 126976 [ 2080.225018][T10709] file_dirty 0 [ 2080.225018][T10709] file_writeback 0 [ 2080.225018][T10709] swapcached 0 [ 2080.225018][T10709] inactive_anon 114688 [ 2080.225018][T10709] active_anon 57344 [ 2080.225018][T10709] inactive_file 0 [ 2080.225018][T10709] active_file 0 [ 2080.225018][T10709] unevictable 0 [ 2080.225018][T10709] slab_reclaimable 15840 [ 2080.225018][T10709] slab_unreclaimable 303135704 [ 2080.225018][T10709] slab 303151544 [ 2080.225018][T10709] workingset_refault_anon 0 [ 2080.225018][T10709] workingset_refault_file 15 [ 2080.225018][T10709] workingset_activate_anon 0 [ 2080.225018][T10709] workingset_activate_file 0 01:41:10 executing program 0: getpid() socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, 0x0, 0x0, 0x2, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4000000010001fff000002280000000000000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00edd62ea20a1d331785", @ANYBLOB="f6058f6edd13b339a41741df7cc8ce16a184f1c3ce95557b15a6b9d8ed59050d446d58b1b14a601e31bc1f05ac2d5eab491981e7982e0834ddf3bc6592804936196dbce83b114f9265aa8c87654cf456311e4cba3ee22fd0451b75c902767755ccec2eb4ea77c45e8d4d4e77f867648d98797fdd8711d671c5f22669c60eb10bf9570150a2c247bf1e55cd1fb91e41588a73327e20823f2f15ce2255a75e6d8afb40aa37c5ae7af3fb6c770673242110d1e2c33cfd3264e2a156ae5ee38d5abfb2ad4c2a8a"], 0x40}}, 0x0) 01:41:10 executing program 2: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000240)=0x1) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4000000010001fff000000000000003a00000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00ed"], 0x40}}, 0x0) 01:41:10 executing program 1: r0 = add_key$keyring(&(0x7f0000000780), &(0x7f0000000000)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffe) keyctl$chown(0x4, r0, 0xee00, 0xee01) keyctl$chown(0x4, r0, 0x0, 0x0) 01:41:10 executing program 5: r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x42441) sendmsg$NL80211_CMD_SET_WIPHY_NETNS(0xffffffffffffffff, &(0x7f0000000200)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x211}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x4c0c0}, 0x0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r0, 0xc08c5332, &(0x7f00000004c0)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @raw8={"a35704000000b6215dd33459"}}], 0xffffff01) close(r0) 01:41:10 executing program 4: r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x42441) sendmsg$NL80211_CMD_SET_WIPHY_NETNS(0xffffffffffffffff, &(0x7f0000000200)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x211}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x4c0c0}, 0x0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r0, 0xc08c5332, &(0x7f00000004c0)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @raw8={"a35704000000b6215dd33459"}}], 0xffffff01) close(r0) [ 2080.325320][T10709] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=10709,uid=0 [ 2080.340680][T10709] Memory cgroup out of memory: Killed process 10709 (syz-executor.4) total-vm:48360kB, anon-rss:388kB, file-rss:8192kB, shmem-rss:0kB, UID:0 pgtables:76kB oom_score_adj:1000 [ 2080.431312][T10721] syz-executor.4 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 2080.441634][T10721] CPU: 0 PID: 10721 Comm: syz-executor.4 Not tainted 5.19.0-rc6-syzkaller-00104-g72a8e05d4f66-dirty #0 [ 2080.452668][T10721] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 2080.462732][T10721] Call Trace: [ 2080.466021][T10721] [ 2080.469006][T10721] dump_stack_lvl+0xd6/0x122 [ 2080.473684][T10721] dump_stack+0x11/0x12 [ 2080.477883][T10721] dump_header+0x98/0x410 [ 2080.482373][T10721] oom_kill_process+0xfe/0x550 [ 2080.487209][T10721] out_of_memory+0x620/0x880 [ 2080.491802][T10721] mem_cgroup_oom+0x475/0x4f0 [ 2080.496535][T10721] try_charge_memcg+0x746/0x960 [ 2080.501393][T10721] __memcg_kmem_charge_page+0x2e4/0x480 [ 2080.507062][T10721] alloc_thread_stack_node+0x101/0x360 [ 2080.512551][T10721] dup_task_struct+0x96/0x2a0 [ 2080.517404][T10721] copy_process+0x3cb/0x20b0 [ 2080.522013][T10721] kernel_clone+0x163/0x5c0 [ 2080.526522][T10721] __x64_sys_clone+0xc3/0xf0 [ 2080.531160][T10721] do_syscall_64+0x2b/0x70 [ 2080.535605][T10721] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 2080.541629][T10721] RIP: 0033:0x7fe837fad531 [ 2080.546209][T10721] Code: 48 85 ff 74 3d 48 85 f6 74 38 48 83 ee 10 48 89 4e 08 48 89 3e 48 89 d7 4c 89 c2 4d 89 c8 4c 8b 54 24 08 b8 38 00 00 00 0f 05 <48> 85 c0 7c 13 74 01 c3 31 ed 58 5f ff d0 48 89 c7 b8 3c 00 00 00 [ 2080.565841][T10721] RSP: 002b:00007ffd964f7748 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 2080.574366][T10721] RAX: ffffffffffffffda RBX: 00007fe837722700 RCX: 00007fe837fad531 [ 2080.582425][T10721] RDX: 00007fe8377229d0 RSI: 00007fe8377222f0 RDI: 00000000003d0f00 [ 2080.590459][T10721] RBP: 00007ffd964f7990 R08: 00007fe837722700 R09: 00007fe837722700 [ 2080.598427][T10721] R10: 00007fe8377229d0 R11: 0000000000000206 R12: 00007ffd964f77fe [ 2080.606395][T10721] R13: 00007ffd964f77ff R14: 00007fe837722300 R15: 0000000000022000 [ 2080.614411][T10721] [ 2080.617552][T10721] memory: usage 307200kB, limit 307200kB, failcnt 64540 [ 2080.624498][T10721] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 01:41:11 executing program 5: r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x42441) sendmsg$NL80211_CMD_SET_WIPHY_NETNS(0xffffffffffffffff, &(0x7f0000000200)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x211}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x4c0c0}, 0x0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r0, 0xc08c5332, &(0x7f00000004c0)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @raw8={"a35704000000b6215dd33459"}}], 0xffffff01) close(r0) 01:41:11 executing program 1: r0 = add_key$keyring(&(0x7f0000000780), &(0x7f0000000000)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffe) keyctl$chown(0x4, r0, 0xee00, 0xee01) keyctl$chown(0x4, r0, 0x0, 0x0) 01:41:11 executing program 3: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000240)=0x1) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4000000010001fff000000000000478800000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00ed"], 0x40}}, 0x0) 01:41:11 executing program 5: r0 = add_key$keyring(&(0x7f0000000780), &(0x7f00000007c0)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffe) keyctl$revoke(0x3, r0) request_key(&(0x7f0000000000)='id_resolver\x00', &(0x7f0000000040)={'syz', 0x2}, 0x0, 0x0) 01:41:11 executing program 1: r0 = add_key$keyring(&(0x7f0000000780), &(0x7f0000000000)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffe) keyctl$chown(0x4, r0, 0xee00, 0xee01) keyctl$chown(0x4, r0, 0x0, 0x0) 01:41:11 executing program 0: getpid() socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, 0x0, 0x0, 0x2, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4000000010001fff0000032a0000000000000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00edd62ea20a1d331785", @ANYBLOB="f6058f6edd13b339a41741df7cc8ce16a184f1c3ce95557b15a6b9d8ed59050d446d58b1b14a601e31bc1f05ac2d5eab491981e7982e0834ddf3bc6592804936196dbce83b114f9265aa8c87654cf456311e4cba3ee22fd0451b75c902767755ccec2eb4ea77c45e8d4d4e77f867648d98797fdd8711d671c5f22669c60eb10bf9570150a2c247bf1e55cd1fb91e41588a73327e20823f2f15ce2255a75e6d8afb40aa37c5ae7af3fb6c770673242110d1e2c33cfd3264e2a156ae5ee38d5abfb2ad4c2a8a"], 0x40}}, 0x0) [ 2080.631345][T10721] Memory cgroup stats for /syz4: [ 2080.742820][T10721] anon 94208 [ 2080.742820][T10721] file 126976 [ 2080.742820][T10721] kernel 314347520 [ 2080.742820][T10721] kernel_stack 16384 [ 2080.742820][T10721] pagetables 73728 [ 2080.742820][T10721] percpu 11039616 [ 2080.742820][T10721] sock 0 [ 2080.742820][T10721] vmalloc 0 [ 2080.742820][T10721] shmem 126976 [ 2080.742820][T10721] file_mapped 126976 [ 2080.742820][T10721] file_dirty 0 [ 2080.742820][T10721] file_writeback 0 [ 2080.742820][T10721] swapcached 0 01:41:11 executing program 5: syz_open_dev$evdev(&(0x7f0000000000), 0xffffffffffffffff, 0x0) 01:41:11 executing program 5: r0 = socket$nl_sock_diag(0x10, 0x3, 0x4) sendmsg$DCCPDIAG_GETSOCK(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000000c0)={0x4c}, 0x4c}}, 0x0) [ 2080.742820][T10721] inactive_anon 163840 [ 2080.742820][T10721] active_anon 57344 [ 2080.742820][T10721] inactive_file 0 [ 2080.742820][T10721] active_file 0 [ 2080.742820][T10721] unevictable 0 [ 2080.742820][T10721] slab_reclaimable 15840 [ 2080.742820][T10721] slab_unreclaimable 303142304 [ 2080.742820][T10721] slab 303158144 [ 2080.742820][T10721] workingset_refault_anon 0 [ 2080.742820][T10721] workingset_refault_file 15 [ 2080.742820][T10721] workingset_activate_anon 0 [ 2080.742820][T10721] workingset_activate_file 0 [ 2080.838676][T10721] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=10721,uid=0 [ 2080.853950][T10721] Memory cgroup out of memory: Killed process 10721 (syz-executor.4) total-vm:48360kB, anon-rss:388kB, file-rss:8192kB, shmem-rss:0kB, UID:0 pgtables:76kB oom_score_adj:1000 01:41:11 executing program 5: fsopen(&(0x7f0000000440)='securityfs\x00', 0x0) 01:41:11 executing program 1: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f00000003c0), 0x6c, &(0x7f0000000640)=ANY=[@ANYBLOB='debu']) 01:41:11 executing program 2: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000240)=0x1) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4000000010001fff000000000000033a00000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00ed"], 0x40}}, 0x0) 01:41:11 executing program 4: r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x42441) sendmsg$NL80211_CMD_SET_WIPHY_NETNS(0xffffffffffffffff, &(0x7f0000000200)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x211}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x4c0c0}, 0x0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r0, 0xc08c5332, &(0x7f00000004c0)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @raw8={"a35704000000b6215dd33459"}}], 0xffffff01) close(r0) 01:41:11 executing program 5: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001700)=ANY=[@ANYBLOB="73686f72746e616d653d77696e39352c696fad13c7eedc4aa849a41bd2636861727365743d6d616363656e746575726f2c756e695f786c6174653d312c73686f72746e616d653d77696e39352c6e6e6f6e756d7461696c3d312c696f636861727365743d63703836302c696f636861727365743d6d61636761656c69632c636f6e746578743d73797361646d5f752c7365636c6162656c2c646566636f6e746578743d"]) 01:41:11 executing program 1: socketpair(0x1, 0x3, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$AUDIT_USER_AVC(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={0x0, 0x7ffffffff000}}, 0x0) [ 2081.278736][T10747] syz-executor.4 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 2081.289026][T10747] CPU: 0 PID: 10747 Comm: syz-executor.4 Not tainted 5.19.0-rc6-syzkaller-00104-g72a8e05d4f66-dirty #0 [ 2081.300058][T10747] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 2081.310162][T10747] Call Trace: [ 2081.313449][T10747] [ 2081.316381][T10747] dump_stack_lvl+0xd6/0x122 [ 2081.320854][T10757] SELinux: security_context_str_to_sid (sysadm_u) failed with errno=-22 [ 2081.320986][T10747] dump_stack+0x11/0x12 [ 2081.333462][T10747] dump_header+0x98/0x410 [ 2081.337845][T10747] oom_kill_process+0xfe/0x550 [ 2081.342662][T10747] out_of_memory+0x620/0x880 [ 2081.347277][T10747] mem_cgroup_oom+0x475/0x4f0 [ 2081.351958][T10747] try_charge_memcg+0x746/0x960 [ 2081.356801][T10747] charge_memcg+0x63/0x2c0 [ 2081.361208][T10747] __mem_cgroup_charge+0x25/0xa0 [ 2081.366131][T10747] do_anonymous_page+0x1d6/0xa20 [ 2081.371128][T10747] handle_mm_fault+0x8a0/0xa90 [ 2081.375889][T10747] do_user_addr_fault+0x4cd/0x940 [ 2081.380900][T10747] exc_page_fault+0x60/0x160 [ 2081.385687][T10747] asm_exc_page_fault+0x22/0x30 [ 2081.390540][T10747] RIP: 0033:0x7fe837f57d0d [ 2081.394946][T10747] Code: e0 04 8b 44 02 08 85 c0 0f 85 d0 0a 00 00 31 c0 b9 40 42 0f 00 ba 81 00 00 00 c7 06 01 00 00 00 bf ca 00 00 00 e8 e3 43 05 00 <83> 05 ec b2 56 00 01 80 bc 24 d8 00 00 00 00 0f b6 05 6f 06 0a 01 [ 2081.414826][T10747] RSP: 002b:00007ffd964f7880 EFLAGS: 00010217 [ 2081.420910][T10747] RAX: 0000000000000000 RBX: 00007fe8380bef6c RCX: 00007fe837fac109 [ 2081.428863][T10747] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007fe8380bef68 [ 2081.436853][T10747] RBP: 00007fe8380bef60 R08: 00007fe837722700 R09: 0000000000000000 [ 2081.444819][T10747] R10: 00007fe837722700 R11: 0000000000000246 R12: 00007fe8380bef6c [ 2081.452868][T10747] R13: 00007fe8380c3090 R14: 00007fe8380bef60 R15: 0000000000000000 [ 2081.460880][T10747] [ 2081.464000][T10747] memory: usage 307200kB, limit 307200kB, failcnt 64595 [ 2081.470931][T10747] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2081.477861][T10747] Memory cgroup stats for /syz4: [ 2081.479143][T10747] anon 94208 [ 2081.479143][T10747] file 126976 [ 2081.479143][T10747] kernel 314343424 [ 2081.479143][T10747] kernel_stack 32768 [ 2081.479143][T10747] pagetables 77824 [ 2081.479143][T10747] percpu 11039616 [ 2081.479143][T10747] sock 0 [ 2081.479143][T10747] vmalloc 0 [ 2081.479143][T10747] shmem 126976 [ 2081.479143][T10747] file_mapped 126976 [ 2081.479143][T10747] file_dirty 0 [ 2081.479143][T10747] file_writeback 0 [ 2081.479143][T10747] swapcached 0 [ 2081.479143][T10747] inactive_anon 155648 [ 2081.479143][T10747] active_anon 57344 [ 2081.479143][T10747] inactive_file 0 [ 2081.479143][T10747] active_file 0 [ 2081.479143][T10747] unevictable 0 [ 2081.479143][T10747] slab_reclaimable 15840 [ 2081.479143][T10747] slab_unreclaimable 303135880 [ 2081.479143][T10747] slab 303151720 [ 2081.479143][T10747] workingset_refault_anon 0 [ 2081.479143][T10747] workingset_refault_file 15 [ 2081.479143][T10747] workingset_activate_anon 0 [ 2081.479143][T10747] workingset_activate_file 0 01:41:12 executing program 3: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000240)=0x1) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4000000010001fff000000000000488800000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00ed"], 0x40}}, 0x0) 01:41:12 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_buf(r0, 0x6, 0x1f, &(0x7f0000000180)="1c", 0x1) 01:41:12 executing program 0: getpid() socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, 0x0, 0x0, 0x2, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4000000010001fff0000002c0000000000000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00edd62ea20a1d331785", @ANYBLOB="f6058f6edd13b339a41741df7cc8ce16a184f1c3ce95557b15a6b9d8ed59050d446d58b1b14a601e31bc1f05ac2d5eab491981e7982e0834ddf3bc6592804936196dbce83b114f9265aa8c87654cf456311e4cba3ee22fd0451b75c902767755ccec2eb4ea77c45e8d4d4e77f867648d98797fdd8711d671c5f22669c60eb10bf9570150a2c247bf1e55cd1fb91e41588a73327e20823f2f15ce2255a75e6d8afb40aa37c5ae7af3fb6c770673242110d1e2c33cfd3264e2a156ae5ee38d5abfb2ad4c2a8a"], 0x40}}, 0x0) 01:41:12 executing program 5: syz_mount_image$vfat(&(0x7f0000000000), 0x0, 0x0, 0x0, 0x0, 0xc0ed0000, &(0x7f0000000640)=ANY=[]) 01:41:12 executing program 4: request_key(&(0x7f0000000000)='user\x00', &(0x7f0000000040)={'syz', 0x2}, 0x0, 0xfffffffffffffffb) [ 2081.575067][T10747] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=10747,uid=0 [ 2081.590364][T10747] Memory cgroup out of memory: Killed process 10747 (syz-executor.4) total-vm:48360kB, anon-rss:388kB, file-rss:8192kB, shmem-rss:0kB, UID:0 pgtables:80kB oom_score_adj:1000 01:41:12 executing program 5: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x700, 0x0, &(0x7f00000003c0), 0x0, &(0x7f0000000640)=ANY=[]) 01:41:12 executing program 1: unshare(0x40020000) unshare(0x0) 01:41:12 executing program 5: unshare(0x400) r0 = openat$vcsu(0xffffffffffffff9c, &(0x7f0000000a80), 0x0, 0x0) write$cgroup_type(r0, 0x0, 0x0) [ 2081.652925][T10767] syz-executor.4 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 2081.663254][T10767] CPU: 0 PID: 10767 Comm: syz-executor.4 Not tainted 5.19.0-rc6-syzkaller-00104-g72a8e05d4f66-dirty #0 [ 2081.674337][T10767] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 2081.684514][T10767] Call Trace: [ 2081.687800][T10767] [ 2081.690819][T10767] dump_stack_lvl+0xd6/0x122 [ 2081.695505][T10767] dump_stack+0x11/0x12 [ 2081.699738][T10767] dump_header+0x98/0x410 [ 2081.699766][T10767] oom_kill_process+0xfe/0x550 [ 2081.699788][T10767] out_of_memory+0x620/0x880 [ 2081.699824][T10767] mem_cgroup_oom+0x475/0x4f0 [ 2081.699845][T10767] try_charge_memcg+0x746/0x960 [ 2081.699866][T10767] charge_memcg+0x63/0x2c0 [ 2081.699883][T10767] __mem_cgroup_charge+0x25/0xa0 [ 2081.699902][T10767] wp_page_copy+0x20f/0x1460 [ 2081.699967][T10767] do_wp_page+0x76f/0xe10 [ 2081.699988][T10767] handle_mm_fault+0x5fb/0xa90 [ 2081.700012][T10767] do_user_addr_fault+0x4cd/0x940 [ 2081.700060][T10767] exc_page_fault+0x60/0x160 [ 2081.700086][T10767] asm_exc_page_fault+0x22/0x30 [ 2081.700108][T10767] RIP: 0033:0x7fe837f7b0d1 [ 2081.700130][T10767] Code: 11 00 4c 29 e8 4b 8d 0c 2f 48 8b 6c 24 18 48 39 d3 48 89 4b 60 0f 95 c2 48 83 c8 01 0f b6 d2 48 c1 e2 02 4c 09 ea 48 83 ca 01 <49> 89 57 08 48 89 41 08 49 83 c7 10 eb b3 48 8d 3d ca de 09 00 e8 [ 2081.700147][T10767] RSP: 002b:00007ffd964f76a0 EFLAGS: 00010206 [ 2081.700162][T10767] RAX: 0000000000020801 RBX: 00007fe8380925e0 RCX: 00005555560a2800 [ 2081.700174][T10767] RDX: 0000000000000121 RSI: 0000000000000000 RDI: 0000000000000004 [ 2081.700187][T10767] RBP: 0000000000000110 R08: 0000000000000003 R09: 00007fe838092640 [ 2081.700201][T10767] R10: 0000000000020022 R11: 0000000000000120 R12: 0000000000000010 [ 2081.700267][T10767] R13: 0000000000000120 R14: 0000000000000012 R15: 00005555560a26e0 [ 2081.700283][T10767] [ 2081.700325][T10767] memory: usage 307200kB, limit 307200kB, failcnt 64625 [ 2081.700339][T10767] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2081.700350][T10767] Memory cgroup stats for /syz4: [ 2082.304370][T10767] anon 90112 [ 2082.304370][T10767] file 126976 [ 2082.304370][T10767] kernel 314335232 [ 2082.304370][T10767] kernel_stack 16384 [ 2082.304370][T10767] pagetables 73728 [ 2082.304370][T10767] percpu 11039616 [ 2082.304370][T10767] sock 0 [ 2082.304370][T10767] vmalloc 0 [ 2082.304370][T10767] shmem 126976 [ 2082.304370][T10767] file_mapped 126976 [ 2082.304370][T10767] file_dirty 0 [ 2082.304370][T10767] file_writeback 0 [ 2082.304370][T10767] swapcached 0 [ 2082.304370][T10767] inactive_anon 159744 [ 2082.304370][T10767] active_anon 57344 [ 2082.304370][T10767] inactive_file 0 [ 2082.304370][T10767] active_file 0 [ 2082.304370][T10767] unevictable 0 [ 2082.304370][T10767] slab_reclaimable 19568 [ 2082.304370][T10767] slab_unreclaimable 303139984 [ 2082.304370][T10767] slab 303159552 [ 2082.304370][T10767] workingset_refault_anon 0 [ 2082.304370][T10767] workingset_refault_file 15 [ 2082.304370][T10767] workingset_activate_anon 0 [ 2082.304370][T10767] workingset_activate_file 0 [ 2082.304526][T10767] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=10767,uid=0 01:41:12 executing program 2: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000240)=0x1) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4000000010001fff000000000000263a00000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00ed"], 0x40}}, 0x0) 01:41:12 executing program 4: syslog(0x2, &(0x7f0000000080)=""/91, 0x5b) 01:41:12 executing program 1: r0 = add_key$keyring(&(0x7f0000000780), &(0x7f00000007c0)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffe) r1 = add_key$keyring(&(0x7f0000000000), &(0x7f0000000040)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffe) keyctl$link(0x8, r0, r1) 01:41:12 executing program 0: getpid() socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, 0x0, 0x0, 0x2, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4000000010001fff0000132c0000000000000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00edd62ea20a1d331785", @ANYBLOB="f6058f6edd13b339a41741df7cc8ce16a184f1c3ce95557b15a6b9d8ed59050d446d58b1b14a601e31bc1f05ac2d5eab491981e7982e0834ddf3bc6592804936196dbce83b114f9265aa8c87654cf456311e4cba3ee22fd0451b75c902767755ccec2eb4ea77c45e8d4d4e77f867648d98797fdd8711d671c5f22669c60eb10bf9570150a2c247bf1e55cd1fb91e41588a73327e20823f2f15ce2255a75e6d8afb40aa37c5ae7af3fb6c770673242110d1e2c33cfd3264e2a156ae5ee38d5abfb2ad4c2a8a"], 0x40}}, 0x0) 01:41:13 executing program 3: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000240)=0x1) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4000000010001fff00000000ffffa88800000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00ed"], 0x40}}, 0x0) 01:41:13 executing program 1: r0 = socket$nl_route(0x10, 0x3, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r0, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00'}) 01:41:13 executing program 5: socketpair(0x1, 0x3, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$AUDIT_USER_AVC(r0, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x301}, 0x0) 01:41:13 executing program 5: unshare(0x400) r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$TIPC_CMD_SHOW_PORTS(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000001c0)={0x1c}, 0x1c}}, 0x0) [ 2082.304592][T10767] Memory cgroup out of memory: Killed process 10767 (syz-executor.4) total-vm:46312kB, anon-rss:388kB, file-rss:8192kB, shmem-rss:0kB, UID:0 pgtables:76kB oom_score_adj:1000 01:41:13 executing program 1: syz_mount_image$vfat(&(0x7f0000000100), &(0x7f0000000140)='./file1\x00', 0x0, 0x0, &(0x7f00000005c0), 0x0, &(0x7f00000003c0)={[{@fat=@tz_utc}]}) 01:41:13 executing program 5: r0 = add_key$keyring(&(0x7f0000000780), &(0x7f00000007c0)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffe) r1 = add_key$keyring(&(0x7f0000000180), &(0x7f00000001c0)={'syz', 0x1}, 0x0, 0x0, r0) keyctl$link(0x8, r1, r0) 01:41:13 executing program 1: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x11f7, &(0x7f0000000640)=ANY=[]) 01:41:13 executing program 5: r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x3, @fixed}, 0xe) [ 2083.473034][T10784] syz-executor.4 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 2083.483358][T10784] CPU: 1 PID: 10784 Comm: syz-executor.4 Not tainted 5.19.0-rc6-syzkaller-00104-g72a8e05d4f66-dirty #0 [ 2083.494625][T10784] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 2083.504720][T10784] Call Trace: [ 2083.508001][T10784] [ 2083.510935][T10784] dump_stack_lvl+0xd6/0x122 [ 2083.515591][T10784] dump_stack+0x11/0x12 [ 2083.519774][T10784] dump_header+0x98/0x410 [ 2083.524098][T10784] oom_kill_process+0xfe/0x550 [ 2083.528947][T10784] out_of_memory+0x620/0x880 [ 2083.533580][T10784] mem_cgroup_oom+0x475/0x4f0 [ 2083.538315][T10784] try_charge_memcg+0x746/0x960 [ 2083.543201][T10784] charge_memcg+0x63/0x2c0 [ 2083.547599][T10784] __mem_cgroup_charge+0x25/0xa0 [ 2083.552667][T10784] wp_page_copy+0x20f/0x1460 [ 2083.557325][T10784] ? shrink_zones+0x525/0x5d0 [ 2083.561987][T10784] do_wp_page+0x76f/0xe10 [ 2083.566315][T10784] handle_mm_fault+0x5fb/0xa90 [ 2083.571079][T10784] do_user_addr_fault+0x4cd/0x940 [ 2083.576118][T10784] exc_page_fault+0x60/0x160 [ 2083.580701][T10784] asm_exc_page_fault+0x22/0x30 [ 2083.585606][T10784] RIP: 0033:0x7fe837f5a340 [ 2083.590004][T10784] Code: fe ff 49 39 dc 75 eb 48 8b 44 24 18 89 28 48 83 c4 28 5b 5d 41 5c 41 5d 41 5e 41 5f c3 0f 1f 44 00 00 41 89 c5 e9 75 fe ff ff <43> 89 2c 84 e9 a3 fe ff ff 0f 1f 80 00 00 00 00 49 39 d4 74 70 48 [ 2083.609600][T10784] RSP: 002b:00007ffd964f77d0 EFLAGS: 00010246 [ 2083.615712][T10784] RAX: 00000000950d1d2c RBX: 00007fe8380beff8 RCX: 0000001b2de20000 [ 2083.623745][T10784] RDX: 0000000000000000 RSI: 0000001b2de20018 RDI: 0000000008e17ad6 [ 2083.631726][T10784] RBP: 00000000950d1d2c R08: 0000000000001d2c R09: 00000000950d1d30 [ 2083.639755][T10784] R10: 00007ffd965730b8 R11: 000000000005dfe4 R12: 00007fe8380b3000 [ 2083.647844][T10784] R13: 0000000000000001 R14: 0000000000000007 R15: ffffffff81917587 [ 2083.655828][T10784] ? selinux_capable+0x17/0x40 [ 2083.660732][T10784] [ 2083.663922][T10784] memory: usage 307200kB, limit 307200kB, failcnt 64671 [ 2083.670870][T10784] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2083.677833][T10784] Memory cgroup stats for /syz4: [ 2083.678188][T10784] anon 122880 [ 2083.678188][T10784] file 126976 [ 2083.678188][T10784] kernel 314322944 [ 2083.678188][T10784] kernel_stack 32768 [ 2083.678188][T10784] pagetables 77824 [ 2083.678188][T10784] percpu 11039616 [ 2083.678188][T10784] sock 0 [ 2083.678188][T10784] vmalloc 0 [ 2083.678188][T10784] shmem 126976 [ 2083.678188][T10784] file_mapped 126976 [ 2083.678188][T10784] file_dirty 0 [ 2083.678188][T10784] file_writeback 0 [ 2083.678188][T10784] swapcached 0 [ 2083.678188][T10784] inactive_anon 167936 [ 2083.678188][T10784] active_anon 57344 [ 2083.678188][T10784] inactive_file 0 [ 2083.678188][T10784] active_file 0 [ 2083.678188][T10784] unevictable 0 [ 2083.678188][T10784] slab_reclaimable 15840 [ 2083.678188][T10784] slab_unreclaimable 303123792 [ 2083.678188][T10784] slab 303139632 [ 2083.678188][T10784] workingset_refault_anon 0 [ 2083.678188][T10784] workingset_refault_file 15 [ 2083.678188][T10784] workingset_activate_anon 0 [ 2083.678188][T10784] workingset_activate_file 0 01:41:14 executing program 2: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000240)=0x1) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4000000010001fff000000000000003e00000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00ed"], 0x40}}, 0x0) 01:41:14 executing program 5: socketpair(0x1, 0x3, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$TIPC_CMD_GET_LINKS(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={0x0}}, 0x0) 01:41:14 executing program 1: socketpair(0x1, 0x3, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$AUDIT_USER_AVC(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={0x0, 0x38}, 0x1, 0x0, 0x3800}, 0x0) 01:41:14 executing program 0: getpid() socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, 0x0, 0x0, 0x2, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4000000010001fff0000002f0000000000000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00edd62ea20a1d331785", @ANYBLOB="f6058f6edd13b339a41741df7cc8ce16a184f1c3ce95557b15a6b9d8ed59050d446d58b1b14a601e31bc1f05ac2d5eab491981e7982e0834ddf3bc6592804936196dbce83b114f9265aa8c87654cf456311e4cba3ee22fd0451b75c902767755ccec2eb4ea77c45e8d4d4e77f867648d98797fdd8711d671c5f22669c60eb10bf9570150a2c247bf1e55cd1fb91e41588a73327e20823f2f15ce2255a75e6d8afb40aa37c5ae7af3fb6c770673242110d1e2c33cfd3264e2a156ae5ee38d5abfb2ad4c2a8a"], 0x40}}, 0x0) 01:41:14 executing program 3: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000240)=0x1) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4000000010001fff000000000000038a00000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00ed"], 0x40}}, 0x0) 01:41:14 executing program 4: syz_mount_image$vfat(&(0x7f0000000540), &(0x7f0000000680)='./file0\x00', 0x0, 0x0, &(0x7f0000000880), 0x0, &(0x7f0000000900)={[{@fat=@codepage={'codepage', 0x3d, '932'}}]}) [ 2083.774066][T10784] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=10784,uid=0 [ 2083.789823][T10784] Memory cgroup out of memory: Killed process 10784 (syz-executor.4) total-vm:46312kB, anon-rss:388kB, file-rss:8192kB, shmem-rss:0kB, UID:0 pgtables:80kB oom_score_adj:1000 01:41:14 executing program 5: syz_mount_image$vfat(0x0, &(0x7f0000000200)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) newfstatat(0xffffffffffffff9c, &(0x7f0000000000)='./file0/file0\x00', 0x0, 0x0) 01:41:14 executing program 1: r0 = add_key$keyring(&(0x7f0000000780), &(0x7f00000007c0)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffe) keyctl$search(0xa, r0, &(0x7f0000000000)='keyring\x00', &(0x7f0000000040)={'syz', 0x0}, 0xfffffffffffffffd) 01:41:14 executing program 1: request_key(&(0x7f0000000640)='encrypted\x00', &(0x7f0000000680)={'syz', 0x0}, &(0x7f00000006c0)='\x00', 0x0) 01:41:14 executing program 1: r0 = add_key$keyring(&(0x7f0000000780), &(0x7f00000007c0)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffe) add_key$keyring(&(0x7f0000000780), &(0x7f00000007c0)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffe) keyctl$chown(0x7, r0, 0x0, 0xee00) [ 2083.872746][T10824] syz-executor.4 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 2083.883405][T10824] CPU: 0 PID: 10824 Comm: syz-executor.4 Not tainted 5.19.0-rc6-syzkaller-00104-g72a8e05d4f66-dirty #0 [ 2083.894440][T10824] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 2083.904578][T10824] Call Trace: [ 2083.907896][T10824] [ 2083.910828][T10824] dump_stack_lvl+0xd6/0x122 [ 2083.915457][T10824] dump_stack+0x11/0x12 [ 2083.919626][T10824] dump_header+0x98/0x410 [ 2083.923976][T10824] oom_kill_process+0xfe/0x550 [ 2083.929052][T10824] out_of_memory+0x620/0x880 [ 2083.933693][T10824] mem_cgroup_oom+0x475/0x4f0 [ 2083.938401][T10824] try_charge_memcg+0x746/0x960 [ 2083.943257][T10824] obj_cgroup_charge+0x171/0x2b0 [ 2083.948310][T10824] memcg_slab_pre_alloc_hook+0xf7/0x170 [ 2083.953913][T10824] ? shmem_alloc_inode+0x2d/0x40 [ 2083.958857][T10824] kmem_cache_alloc_lru+0x76/0x2b0 [ 2083.964024][T10824] ? do_try_to_free_pages+0x702/0x720 [ 2083.969411][T10824] shmem_alloc_inode+0x2d/0x40 [ 2083.974179][T10824] ? shmem_match+0xa0/0xa0 [ 2083.978600][T10824] alloc_inode+0x38/0x150 [ 2083.983023][T10824] new_inode+0x21/0x140 [ 2083.987222][T10824] shmem_get_inode+0x22b/0x6e0 [ 2083.991992][T10824] __shmem_file_setup+0xef/0x1c0 [ 2083.996932][T10824] shmem_file_setup+0x37/0x40 [ 2084.001637][T10824] __se_sys_memfd_create+0x1c1/0x330 [ 2084.006963][T10824] __x64_sys_memfd_create+0x2d/0x40 [ 2084.012248][T10824] do_syscall_64+0x2b/0x70 [ 2084.016674][T10824] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 2084.022678][T10824] RIP: 0033:0x7fe837fac109 [ 2084.027091][T10824] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 2084.046712][T10824] RSP: 002b:00007fe837721f28 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 2084.055174][T10824] RAX: ffffffffffffffda RBX: 0000000020000880 RCX: 00007fe837fac109 [ 2084.063149][T10824] RDX: 00007fe837721fe0 RSI: 0000000000000000 RDI: 00007fe8380051be [ 2084.071192][T10824] RBP: 0000000000000000 R08: 00007fe837721fd8 R09: 0000000000000000 [ 2084.079163][T10824] R10: 00007fe837721fdc R11: 0000000000000246 R12: 0000000020000540 [ 2084.087227][T10824] R13: 0000000020000680 R14: 0000000000000000 R15: 0000000020000900 [ 2084.095204][T10824] [ 2084.098389][T10824] memory: usage 307200kB, limit 307200kB, failcnt 64701 [ 2084.105337][T10824] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2084.112204][T10824] Memory cgroup stats for /syz4: [ 2084.259079][T10824] anon 106496 [ 2084.259079][T10824] file 126976 [ 2084.259079][T10824] kernel 314339328 [ 2084.259079][T10824] kernel_stack 32768 [ 2084.259079][T10824] pagetables 77824 [ 2084.259079][T10824] percpu 11039616 [ 2084.259079][T10824] sock 0 [ 2084.259079][T10824] vmalloc 0 [ 2084.259079][T10824] shmem 126976 [ 2084.259079][T10824] file_mapped 126976 [ 2084.259079][T10824] file_dirty 0 [ 2084.259079][T10824] file_writeback 0 [ 2084.259079][T10824] swapcached 0 [ 2084.259079][T10824] inactive_anon 176128 [ 2084.259079][T10824] active_anon 57344 [ 2084.259079][T10824] inactive_file 0 [ 2084.259079][T10824] active_file 0 [ 2084.259079][T10824] unevictable 0 [ 2084.259079][T10824] slab_reclaimable 21744 [ 2084.259079][T10824] slab_unreclaimable 303129544 [ 2084.259079][T10824] slab 303151288 [ 2084.259079][T10824] workingset_refault_anon 0 [ 2084.259079][T10824] workingset_refault_file 15 [ 2084.259079][T10824] workingset_activate_anon 0 [ 2084.259079][T10824] workingset_activate_file 0 01:41:14 executing program 4: socketpair(0x1, 0x3, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$AUDIT_USER_AVC(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={0x0, 0x38}, 0x1, 0x0, 0x38}, 0x0) [ 2084.354962][T10824] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=10823,uid=0 [ 2084.370685][T10824] Memory cgroup out of memory: Killed process 10823 (syz-executor.4) total-vm:46312kB, anon-rss:388kB, file-rss:8192kB, shmem-rss:0kB, UID:0 pgtables:80kB oom_score_adj:1000 01:41:14 executing program 5: r0 = socket$inet6_udp(0xa, 0x2, 0x0) r1 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0) r2 = fcntl$dupfd(r0, 0x0, r1) sendmsg$nl_route(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={0x0}}, 0x0) [ 2084.480764][T10836] syz-executor.4 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 2084.491031][T10836] CPU: 1 PID: 10836 Comm: syz-executor.4 Not tainted 5.19.0-rc6-syzkaller-00104-g72a8e05d4f66-dirty #0 [ 2084.502036][T10836] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 2084.512094][T10836] Call Trace: [ 2084.515360][T10836] [ 2084.518286][T10836] dump_stack_lvl+0xd6/0x122 [ 2084.522873][T10836] dump_stack+0x11/0x12 [ 2084.527016][T10836] dump_header+0x98/0x410 [ 2084.531383][T10836] oom_kill_process+0xfe/0x550 [ 2084.536231][T10836] out_of_memory+0x620/0x880 [ 2084.540860][T10836] mem_cgroup_oom+0x475/0x4f0 [ 2084.545523][T10836] try_charge_memcg+0x746/0x960 [ 2084.550403][T10836] charge_memcg+0x63/0x2c0 [ 2084.554875][T10836] __mem_cgroup_charge+0x25/0xa0 [ 2084.559882][T10836] wp_page_copy+0x20f/0x1460 [ 2084.564549][T10836] ? shrink_zones+0x525/0x5d0 [ 2084.569263][T10836] do_wp_page+0x76f/0xe10 [ 2084.573682][T10836] handle_mm_fault+0x5fb/0xa90 [ 2084.578433][T10836] do_user_addr_fault+0x4cd/0x940 [ 2084.583482][T10836] exc_page_fault+0x60/0x160 [ 2084.588088][T10836] asm_exc_page_fault+0x22/0x30 [ 2084.592985][T10836] RIP: 0033:0x7fe837f5a340 [ 2084.597383][T10836] Code: fe ff 49 39 dc 75 eb 48 8b 44 24 18 89 28 48 83 c4 28 5b 5d 41 5c 41 5d 41 5e 41 5f c3 0f 1f 44 00 00 41 89 c5 e9 75 fe ff ff <43> 89 2c 84 e9 a3 fe ff ff 0f 1f 80 00 00 00 00 49 39 d4 74 70 48 [ 2084.617027][T10836] RSP: 002b:00007ffd964f7790 EFLAGS: 00010246 [ 2084.623083][T10836] RAX: 0000000043087a04 RBX: 00007fe8380beff8 RCX: 0000001b2de20000 [ 2084.631039][T10836] RDX: 0000000000000000 RSI: 0000001b2de20018 RDI: 0000000000000022 [ 2084.639025][T10836] RBP: 0000000043087a04 R08: 0000000000001a04 R09: 0000000043087a08 [ 2084.646987][T10836] R10: 00007ffd964f7960 R11: 0000000000000246 R12: 00007fe8380b3000 [ 2084.654962][T10836] R13: 0000000000000001 R14: 0000000000000000 R15: ffffffff83a1336e [ 2084.662957][T10836] ? __x64_sys_socketpair+0xe/0x60 [ 2084.668089][T10836] [ 2084.671220][T10836] memory: usage 307200kB, limit 307200kB, failcnt 64741 [ 2084.678238][T10836] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2084.685299][T10836] Memory cgroup stats for /syz4: [ 2084.687035][T10836] anon 106496 [ 2084.687035][T10836] file 126976 [ 2084.687035][T10836] kernel 314339328 [ 2084.687035][T10836] kernel_stack 32768 [ 2084.687035][T10836] pagetables 77824 [ 2084.687035][T10836] percpu 11039616 [ 2084.687035][T10836] sock 0 [ 2084.687035][T10836] vmalloc 0 [ 2084.687035][T10836] shmem 126976 [ 2084.687035][T10836] file_mapped 126976 [ 2084.687035][T10836] file_dirty 0 [ 2084.687035][T10836] file_writeback 0 [ 2084.687035][T10836] swapcached 0 [ 2084.687035][T10836] inactive_anon 176128 [ 2084.687035][T10836] active_anon 57344 [ 2084.687035][T10836] inactive_file 0 [ 2084.687035][T10836] active_file 0 [ 2084.687035][T10836] unevictable 0 [ 2084.687035][T10836] slab_reclaimable 17792 [ 2084.687035][T10836] slab_unreclaimable 303132000 [ 2084.687035][T10836] slab 303149792 [ 2084.687035][T10836] workingset_refault_anon 0 [ 2084.687035][T10836] workingset_refault_file 15 [ 2084.687035][T10836] workingset_activate_anon 0 [ 2084.687035][T10836] workingset_activate_file 0 [ 2084.782862][T10836] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=10836,uid=0 [ 2084.798230][T10836] Memory cgroup out of memory: Killed process 10836 (syz-executor.4) total-vm:46312kB, anon-rss:388kB, file-rss:8192kB, shmem-rss:0kB, UID:0 pgtables:80kB oom_score_adj:1000 01:41:15 executing program 2: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000240)=0x1) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4000000010001fff000000000000023e00000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00ed"], 0x40}}, 0x0) 01:41:15 executing program 1: syz_mount_image$vfat(&(0x7f00000001c0), &(0x7f0000000200)='./file0\x00', 0x0, 0x0, 0x0, 0x1080002, &(0x7f0000000600)=ANY=[]) 01:41:15 executing program 5: syz_mount_image$vfat(&(0x7f0000000080), 0x0, 0x0, 0x0, 0x0, 0xac19a29f231a498a, &(0x7f0000000180)=ANY=[]) 01:41:15 executing program 4: unshare(0x40020000) ioctl$EVIOCGUNIQ(0xffffffffffffffff, 0x80404508, &(0x7f0000000080)=""/212) r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$TIPC_CMD_SHOW_PORTS(r0, &(0x7f0000000240)={&(0x7f0000000180), 0xc, 0x0}, 0x0) 01:41:15 executing program 3: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000240)=0x1) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4000000010001fff000000000000019600000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00ed"], 0x40}}, 0x0) 01:41:15 executing program 0: getpid() socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, 0x0, 0x0, 0x2, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4000000010001fff000002300000000000000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00edd62ea20a1d331785", @ANYBLOB="f6058f6edd13b339a41741df7cc8ce16a184f1c3ce95557b15a6b9d8ed59050d446d58b1b14a601e31bc1f05ac2d5eab491981e7982e0834ddf3bc6592804936196dbce83b114f9265aa8c87654cf456311e4cba3ee22fd0451b75c902767755ccec2eb4ea77c45e8d4d4e77f867648d98797fdd8711d671c5f22669c60eb10bf9570150a2c247bf1e55cd1fb91e41588a73327e20823f2f15ce2255a75e6d8afb40aa37c5ae7af3fb6c770673242110d1e2c33cfd3264e2a156ae5ee38d5abfb2ad4c2a8a"], 0x40}}, 0x0) 01:41:15 executing program 5: pipe(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) write$cgroup_pressure(r0, 0x0, 0xfffffd71) 01:41:15 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) connect(r0, &(0x7f0000000000)=@l2tp={0x2, 0x0, @dev}, 0x80) 01:41:15 executing program 5: r0 = socket(0xa, 0x1, 0x0) setsockopt$sock_int(r0, 0x1, 0x29, &(0x7f0000000000), 0x4) 01:41:15 executing program 5: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_buf(r0, 0x6, 0x1c, &(0x7f0000000080)="ed", 0x1) [ 2084.977918][T10855] syz-executor.4 invoked oom-killer: gfp_mask=0xdc0(GFP_KERNEL|__GFP_ZERO), order=0, oom_score_adj=1000 [ 2084.989285][T10855] CPU: 0 PID: 10855 Comm: syz-executor.4 Not tainted 5.19.0-rc6-syzkaller-00104-g72a8e05d4f66-dirty #0 [ 2085.000325][T10855] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 2085.010397][T10855] Call Trace: [ 2085.013681][T10855] [ 2085.016614][T10855] dump_stack_lvl+0xd6/0x122 [ 2085.021301][T10855] dump_stack+0x11/0x12 [ 2085.025513][T10855] dump_header+0x98/0x410 [ 2085.029886][T10855] oom_kill_process+0xfe/0x550 [ 2085.034661][T10855] out_of_memory+0x620/0x880 [ 2085.039258][T10855] mem_cgroup_oom+0x475/0x4f0 [ 2085.044028][T10855] try_charge_memcg+0x746/0x960 [ 2085.048886][T10855] ? pcpu_alloc_area+0x4e6/0x500 [ 2085.053830][T10855] ? _find_next_bit+0x188/0x190 [ 2085.058743][T10855] obj_cgroup_charge+0x171/0x2b0 [ 2085.063689][T10855] kmem_cache_alloc+0x92/0x300 [ 2085.068456][T10855] ? alloc_vfsmnt+0x2b/0x2e0 [ 2085.073054][T10855] alloc_vfsmnt+0x2b/0x2e0 [ 2085.077478][T10855] clone_mnt+0x40/0x880 [ 2085.081712][T10855] copy_tree+0x313/0x870 [ 2085.086050][T10855] copy_mnt_ns+0x116/0x600 [ 2085.090497][T10855] ? create_new_namespaces+0x3c/0x450 [ 2085.095898][T10855] create_new_namespaces+0x88/0x450 [ 2085.101139][T10855] unshare_nsproxy_namespaces+0xe2/0x120 [ 2085.106782][T10855] ksys_unshare+0x38c/0x6e0 [ 2085.111358][T10855] __x64_sys_unshare+0x1b/0x20 [ 2085.116128][T10855] do_syscall_64+0x2b/0x70 [ 2085.120560][T10855] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 2085.126539][T10855] RIP: 0033:0x7fe837fac109 [ 2085.130989][T10855] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 2085.150607][T10855] RSP: 002b:00007fe837722168 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 2085.159049][T10855] RAX: ffffffffffffffda RBX: 00007fe8380bef60 RCX: 00007fe837fac109 [ 2085.167036][T10855] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040020000 [ 2085.175056][T10855] RBP: 00007fe83800605d R08: 0000000000000000 R09: 0000000000000000 [ 2085.183037][T10855] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 2085.191014][T10855] R13: 00007ffd964f77ff R14: 00007fe837722300 R15: 0000000000022000 [ 2085.199598][T10855] [ 2085.202756][T10855] memory: usage 307200kB, limit 307200kB, failcnt 64785 [ 2085.209707][T10855] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2085.216606][T10855] Memory cgroup stats for /syz4: [ 2085.334092][T10855] anon 98304 [ 2085.334092][T10855] file 126976 [ 2085.334092][T10855] kernel 314347520 [ 2085.334092][T10855] kernel_stack 32768 [ 2085.334092][T10855] pagetables 69632 [ 2085.334092][T10855] percpu 11039616 [ 2085.334092][T10855] sock 0 [ 2085.334092][T10855] vmalloc 0 [ 2085.334092][T10855] shmem 126976 [ 2085.334092][T10855] file_mapped 126976 [ 2085.334092][T10855] file_dirty 0 [ 2085.334092][T10855] file_writeback 0 [ 2085.334092][T10855] swapcached 0 [ 2085.334092][T10855] inactive_anon 167936 [ 2085.334092][T10855] active_anon 57344 [ 2085.334092][T10855] inactive_file 0 [ 2085.334092][T10855] active_file 0 [ 2085.334092][T10855] unevictable 0 [ 2085.334092][T10855] slab_reclaimable 19568 [ 2085.334092][T10855] slab_unreclaimable 303142632 [ 2085.334092][T10855] slab 303162200 [ 2085.334092][T10855] workingset_refault_anon 0 [ 2085.334092][T10855] workingset_refault_file 15 [ 2085.334092][T10855] workingset_activate_anon 0 [ 2085.334092][T10855] workingset_activate_file 0 [ 2085.429795][T10855] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=10851,uid=0 [ 2085.445224][T10855] Memory cgroup out of memory: Killed process 10851 (syz-executor.4) total-vm:46312kB, anon-rss:388kB, file-rss:8192kB, shmem-rss:0kB, UID:0 pgtables:72kB oom_score_adj:1000 01:41:15 executing program 5: pipe2$watch_queue(&(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0xb82e336200000000) r1 = ioctl$TUNGETDEVNETNS(r0, 0x5450, 0x0) write$P9_RRENAME(r1, 0x0, 0x0) 01:41:15 executing program 5: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_CALIPSO_C_LIST(r0, &(0x7f00000005c0)={&(0x7f0000000480)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000580)={&(0x7f0000000500)={0x14}, 0x14}}, 0x0) 01:41:16 executing program 2: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000240)=0x1) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4000000010001fff000000000000003f00000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00ed"], 0x40}}, 0x0) 01:41:16 executing program 5: socketpair(0x1, 0x80002, 0x0, &(0x7f0000000000)={0xffffffffffffffff}) shutdown(r0, 0x1) 01:41:16 executing program 4: r0 = gettid() tkill(r0, 0x0) 01:41:16 executing program 0: getpid() socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, 0x0, 0x0, 0x2, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4000000010001fff000003300000000000000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00edd62ea20a1d331785", @ANYBLOB="f6058f6edd13b339a41741df7cc8ce16a184f1c3ce95557b15a6b9d8ed59050d446d58b1b14a601e31bc1f05ac2d5eab491981e7982e0834ddf3bc6592804936196dbce83b114f9265aa8c87654cf456311e4cba3ee22fd0451b75c902767755ccec2eb4ea77c45e8d4d4e77f867648d98797fdd8711d671c5f22669c60eb10bf9570150a2c247bf1e55cd1fb91e41588a73327e20823f2f15ce2255a75e6d8afb40aa37c5ae7af3fb6c770673242110d1e2c33cfd3264e2a156ae5ee38d5abfb2ad4c2a8a"], 0x40}}, 0x0) 01:41:16 executing program 3: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000240)=0x1) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4000000010001fff00000000ffffff9e00000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00ed"], 0x40}}, 0x0) 01:41:16 executing program 5: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) sendto(r0, 0x0, 0x0, 0x0, &(0x7f0000000380)=@nfc_llcp={0x27, 0x0, 0x0, 0x0, 0x0, 0x0, "a408dcb1db4cacfa31153b5036bfe77fd1e867ac3af3633334b36c19e907d93be4df6b9487bb73e5ae6587b5131564a5fba7676a186a7f010bc44e6a1d6f22"}, 0x80) 01:41:16 executing program 5: r0 = socket$inet_udp(0x2, 0x2, 0x0) connect(r0, &(0x7f0000000000)=@l2tp={0x2, 0x0, @dev}, 0x80) [ 2085.841569][T10873] syz-executor.4 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 2085.851846][T10873] CPU: 0 PID: 10873 Comm: syz-executor.4 Not tainted 5.19.0-rc6-syzkaller-00104-g72a8e05d4f66-dirty #0 [ 2085.862927][T10873] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 2085.872993][T10873] Call Trace: [ 2085.876275][T10873] [ 2085.879274][T10873] dump_stack_lvl+0xd6/0x122 [ 2085.883963][T10873] dump_stack+0x11/0x12 [ 2085.888139][T10873] dump_header+0x98/0x410 [ 2085.892552][T10873] oom_kill_process+0xfe/0x550 [ 2085.897407][T10873] out_of_memory+0x620/0x880 [ 2085.902064][T10873] mem_cgroup_oom+0x475/0x4f0 [ 2085.906880][T10873] try_charge_memcg+0x746/0x960 [ 2085.911746][T10873] charge_memcg+0x63/0x2c0 [ 2085.916280][T10873] __mem_cgroup_charge+0x25/0xa0 [ 2085.921349][T10873] wp_page_copy+0x20f/0x1460 [ 2085.925982][T10873] do_wp_page+0x76f/0xe10 [ 2085.930323][T10873] handle_mm_fault+0x5fb/0xa90 [ 2085.935271][T10873] do_user_addr_fault+0x4cd/0x940 [ 2085.940304][T10873] exc_page_fault+0x60/0x160 [ 2085.945037][T10873] asm_exc_page_fault+0x22/0x30 [ 2085.949928][T10873] RIP: 0033:0x7fe837f573f5 [ 2085.954344][T10873] Code: 5c 41 5d c3 90 48 8b 57 18 48 83 fa ff 74 22 48 81 fa e7 03 00 00 0f 87 ee 00 00 00 48 c1 e2 04 48 8d 0d ae 3c 16 00 48 01 ca 02 01 48 89 42 08 48 8b 53 10 4c 8d 2d f9 bb 56 00 4c 39 ea 0f [ 2085.974124][T10873] RSP: 002b:00007ffd964f7840 EFLAGS: 00010206 [ 2085.980172][T10873] RAX: 0000000000002d02 RBX: 00007fe8380bef60 RCX: 00007fe8380bb0a0 [ 2085.988131][T10873] RDX: 00007fe8380bb0a0 RSI: 0000000000000080 RDI: 00007fe8380bef60 [ 2085.996087][T10873] RBP: 00007fe8380bef60 R08: 0000000000000010 R09: 0000000000000000 [ 2086.004050][T10873] R10: 00007ffd964f7960 R11: 0000000000000246 R12: 00000000001fd3be [ 2086.012059][T10873] R13: 00007ffd964f7960 R14: 00007fe8380bef60 R15: 0000000000000032 [ 2086.020059][T10873] [ 2086.023216][T10873] memory: usage 307200kB, limit 307200kB, failcnt 64870 [ 2086.030197][T10873] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2086.037087][T10873] Memory cgroup stats for /syz4: [ 2086.978181][T10873] anon 98304 [ 2086.978181][T10873] file 126976 [ 2086.978181][T10873] kernel 314335232 [ 2086.978181][T10873] kernel_stack 32768 [ 2086.978181][T10873] pagetables 69632 [ 2086.978181][T10873] percpu 11039616 [ 2086.978181][T10873] sock 0 [ 2086.978181][T10873] vmalloc 0 [ 2086.978181][T10873] shmem 126976 [ 2086.978181][T10873] file_mapped 126976 [ 2086.978181][T10873] file_dirty 0 [ 2086.978181][T10873] file_writeback 0 [ 2086.978181][T10873] swapcached 0 [ 2086.978181][T10873] inactive_anon 167936 [ 2086.978181][T10873] active_anon 57344 [ 2086.978181][T10873] inactive_file 0 [ 2086.978181][T10873] active_file 0 [ 2086.978181][T10873] unevictable 0 [ 2086.978181][T10873] slab_reclaimable 15840 [ 2086.978181][T10873] slab_unreclaimable 303126336 [ 2086.978181][T10873] slab 303142176 [ 2086.978181][T10873] workingset_refault_anon 0 [ 2086.978181][T10873] workingset_refault_file 15 [ 2086.978181][T10873] workingset_activate_anon 0 [ 2086.978181][T10873] workingset_activate_file 0 [ 2087.074320][T10873] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=10873,uid=0 [ 2087.089678][T10873] Memory cgroup out of memory: Killed process 10873 (syz-executor.4) total-vm:46312kB, anon-rss:388kB, file-rss:8192kB, shmem-rss:0kB, UID:0 pgtables:72kB oom_score_adj:1000 01:41:17 executing program 1: mq_open(&(0x7f0000000080)='$ ', 0x40, 0x108, &(0x7f00000000c0)) 01:41:17 executing program 5: r0 = socket$inet6_udp(0xa, 0x2, 0x0) sendto(r0, 0x0, 0x0, 0x0, &(0x7f0000000300)=@in6={0xa, 0x4e22, 0x0, @private0}, 0x80) 01:41:17 executing program 5: socketpair(0x1, 0x80002, 0x0, &(0x7f0000000000)) 01:41:17 executing program 1: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) sendto(r0, 0x0, 0x0, 0x20000040, 0x0, 0x0) 01:41:17 executing program 4: pipe(&(0x7f0000000900)={0xffffffffffffffff, 0xffffffffffffffff}) write$cgroup_pressure(r0, 0x0, 0x0) [ 2087.512133][T10903] syz-executor.4 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 2087.522404][T10903] CPU: 0 PID: 10903 Comm: syz-executor.4 Not tainted 5.19.0-rc6-syzkaller-00104-g72a8e05d4f66-dirty #0 [ 2087.533441][T10903] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 2087.543539][T10903] Call Trace: [ 2087.546873][T10903] [ 2087.549804][T10903] dump_stack_lvl+0xd6/0x122 [ 2087.554410][T10903] dump_stack+0x11/0x12 [ 2087.558672][T10903] dump_header+0x98/0x410 [ 2087.563007][T10903] oom_kill_process+0xfe/0x550 [ 2087.567906][T10903] out_of_memory+0x620/0x880 [ 2087.572485][T10903] mem_cgroup_oom+0x475/0x4f0 [ 2087.577179][T10903] try_charge_memcg+0x746/0x960 [ 2087.582113][T10903] charge_memcg+0x63/0x2c0 [ 2087.586656][T10903] __mem_cgroup_charge+0x25/0xa0 [ 2087.591587][T10903] wp_page_copy+0x20f/0x1460 [ 2087.596169][T10903] do_wp_page+0x76f/0xe10 [ 2087.600502][T10903] handle_mm_fault+0x5fb/0xa90 [ 2087.605286][T10903] do_user_addr_fault+0x4cd/0x940 [ 2087.611634][T10903] exc_page_fault+0x60/0x160 [ 2087.616309][T10903] asm_exc_page_fault+0x22/0x30 [ 2087.621272][T10903] RIP: 0033:0x7fe837f52edc [ 2087.625755][T10903] Code: 2a 59 ff ff 41 39 5c 24 2c 7f d3 31 c0 48 8d 3d c5 20 0b 00 e8 15 59 ff ff 48 8b 44 24 08 c7 44 24 1c ff ff ff ff 44 8b 60 78 80 c8 00 00 00 00 45 85 e4 0f 8e 83 00 00 00 48 8b 44 24 08 8b [ 2087.645499][T10903] RSP: 002b:00007fe837722190 EFLAGS: 00010202 [ 2087.651601][T10903] RAX: 00007fe8380bef60 RBX: 0000000000000001 RCX: 00007fe83802c164 [ 2087.659561][T10903] RDX: 00000000001eceff RSI: 0000000020000900 RDI: 00007fe838004f8b [ 2087.667688][T10903] RBP: 00007fe83800605d R08: 00007ffd96573080 R09: 0000000000000010 [ 2087.675648][T10903] R10: 00007ffd965730b8 R11: 000000000005e294 R12: 0000000000000000 [ 2087.683644][T10903] R13: 00007ffd964f77ff R14: 00007fe837722300 R15: 0000000000022000 [ 2087.691686][T10903] [ 2087.694730][T10903] memory: usage 307200kB, limit 307200kB, failcnt 64915 [ 2087.701932][T10903] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2087.708819][T10903] Memory cgroup stats for /syz4: [ 2087.709235][T10903] anon 98304 [ 2087.709235][T10903] file 126976 [ 2087.709235][T10903] kernel 314335232 [ 2087.709235][T10903] kernel_stack 32768 [ 2087.709235][T10903] pagetables 69632 [ 2087.709235][T10903] percpu 11039616 [ 2087.709235][T10903] sock 0 [ 2087.709235][T10903] vmalloc 0 [ 2087.709235][T10903] shmem 126976 [ 2087.709235][T10903] file_mapped 126976 [ 2087.709235][T10903] file_dirty 0 [ 2087.709235][T10903] file_writeback 0 [ 2087.709235][T10903] swapcached 0 [ 2087.709235][T10903] inactive_anon 135168 [ 2087.709235][T10903] active_anon 57344 [ 2087.709235][T10903] inactive_file 0 [ 2087.709235][T10903] active_file 0 [ 2087.709235][T10903] unevictable 0 [ 2087.709235][T10903] slab_reclaimable 32624 [ 2087.709235][T10903] slab_unreclaimable 303125640 [ 2087.709235][T10903] slab 303158264 [ 2087.709235][T10903] workingset_refault_anon 0 [ 2087.709235][T10903] workingset_refault_file 15 [ 2087.709235][T10903] workingset_activate_anon 0 [ 2087.709235][T10903] workingset_activate_file 0 [ 2087.805049][T10903] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=10901,uid=0 [ 2087.820376][T10903] Memory cgroup out of memory: Killed process 10901 (syz-executor.4) total-vm:46312kB, anon-rss:388kB, file-rss:8192kB, shmem-rss:0kB, UID:0 pgtables:72kB oom_score_adj:1000 01:41:18 executing program 2: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000240)=0x1) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4000000010001fff000000000000004000000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00ed"], 0x40}}, 0x0) 01:41:18 executing program 5: socketpair(0x1, 0x80002, 0x0, &(0x7f0000000000)={0xffffffffffffffff}) getsockopt$sock_timeval(r0, 0x1, 0x14, &(0x7f0000000080), &(0x7f00000000c0)=0x10) 01:41:18 executing program 1: socketpair(0x1, 0x80002, 0x0, &(0x7f0000000000)={0xffffffffffffffff}) getpeername(r0, 0x0, &(0x7f00000000c0)) 01:41:18 executing program 4: r0 = socket(0x10, 0x3, 0x0) setsockopt$inet6_mtu(r0, 0x29, 0x17, 0x0, 0x0) 01:41:18 executing program 3: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000240)=0x1) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4000000010001fff00000000000005a100000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00ed"], 0x40}}, 0x0) 01:41:18 executing program 0: getpid() socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, 0x0, 0x0, 0x2, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4000000010001fff000000320000000000000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00edd62ea20a1d331785", @ANYBLOB="f6058f6edd13b339a41741df7cc8ce16a184f1c3ce95557b15a6b9d8ed59050d446d58b1b14a601e31bc1f05ac2d5eab491981e7982e0834ddf3bc6592804936196dbce83b114f9265aa8c87654cf456311e4cba3ee22fd0451b75c902767755ccec2eb4ea77c45e8d4d4e77f867648d98797fdd8711d671c5f22669c60eb10bf9570150a2c247bf1e55cd1fb91e41588a73327e20823f2f15ce2255a75e6d8afb40aa37c5ae7af3fb6c770673242110d1e2c33cfd3264e2a156ae5ee38d5abfb2ad4c2a8a"], 0x40}}, 0x0) 01:41:18 executing program 5: r0 = socket(0xa, 0x1, 0x0) r1 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000500)) 01:41:18 executing program 1: socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) sendto(r0, 0x0, 0x0, 0x0, 0x0, 0x0) [ 2087.937339][T10909] syz-executor.4 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 2087.947767][T10909] CPU: 0 PID: 10909 Comm: syz-executor.4 Not tainted 5.19.0-rc6-syzkaller-00104-g72a8e05d4f66-dirty #0 [ 2087.958828][T10909] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 2087.968922][T10909] Call Trace: [ 2087.972205][T10909] [ 2087.975143][T10909] dump_stack_lvl+0xd6/0x122 [ 2087.979751][T10909] dump_stack+0x11/0x12 [ 2087.983947][T10909] dump_header+0x98/0x410 [ 2087.988320][T10909] oom_kill_process+0xfe/0x550 [ 2087.993135][T10909] out_of_memory+0x620/0x880 [ 2087.997806][T10909] mem_cgroup_oom+0x475/0x4f0 [ 2088.002513][T10909] try_charge_memcg+0x746/0x960 [ 2088.007414][T10909] charge_memcg+0x63/0x2c0 [ 2088.011842][T10909] __mem_cgroup_charge+0x25/0xa0 [ 2088.016878][T10909] wp_page_copy+0x20f/0x1460 [ 2088.021481][T10909] ? shrink_zones+0x525/0x5d0 [ 2088.026226][T10909] do_wp_page+0x76f/0xe10 [ 2088.030588][T10909] handle_mm_fault+0x5fb/0xa90 [ 2088.035365][T10909] do_user_addr_fault+0x4cd/0x940 [ 2088.040463][T10909] exc_page_fault+0x60/0x160 [ 2088.045082][T10909] asm_exc_page_fault+0x22/0x30 [ 2088.049984][T10909] RIP: 0033:0x7fe837f5a340 [ 2088.054492][T10909] Code: fe ff 49 39 dc 75 eb 48 8b 44 24 18 89 28 48 83 c4 28 5b 5d 41 5c 41 5d 41 5e 41 5f c3 0f 1f 44 00 00 41 89 c5 e9 75 fe ff ff <43> 89 2c 84 e9 a3 fe ff ff 0f 1f 80 00 00 00 00 49 39 d4 74 70 48 [ 2088.074201][T10909] RSP: 002b:00007ffd964f7790 EFLAGS: 00010246 [ 2088.080282][T10909] RAX: 000000009f18dd8f RBX: 00007fe8380beff8 RCX: 0000001b2de20000 [ 2088.089716][T10909] RDX: 0000000000000000 RSI: 0000001b2de20018 RDI: 000000000a0aed84 [ 2088.097780][T10909] RBP: 000000009f18dd8f R08: 0000000000001d8f R09: 000000009f18dd93 [ 2088.105865][T10909] R10: 00007ffd964f7960 R11: 0000000000000246 R12: 00007fe8380b3000 [ 2088.113941][T10909] R13: 0000000000000001 R14: 0000000000000004 R15: ffffffff8190bfeb [ 2088.121997][T10909] ? security_socket_create+0x1b/0xa0 [ 2088.127387][T10909] [ 2088.130466][T10909] memory: usage 307200kB, limit 307200kB, failcnt 64966 01:41:18 executing program 5: r0 = socket$inet_udp(0x2, 0x2, 0x0) connect(r0, &(0x7f0000000080)=@l2tp={0x2, 0x0, @broadcast}, 0x80) 01:41:18 executing program 1: mq_open(&(0x7f0000000040)='@,%\x00', 0x40, 0x1, &(0x7f0000000080)={0xffffffffffffa6d7, 0x7, 0x6, 0x7f}) pipe(&(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) timerfd_gettime(r0, &(0x7f0000000100)) pipe(&(0x7f0000000900)={0xffffffffffffffff}) ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r1, 0x89f2, 0x0) setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r1, 0x6, 0x14, &(0x7f0000000300)=0x1, 0x4) prctl$PR_GET_DUMPABLE(0x3) socketpair(0x1, 0x80002, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) pipe(&(0x7f0000000900)={0xffffffffffffffff}) r4 = accept4(r2, &(0x7f0000000180), &(0x7f0000000200)=0x80, 0x80000) accept4(r4, &(0x7f0000000240)=@alg, &(0x7f00000002c0)=0x80, 0x80800) ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r3, 0x89f2, 0x0) write$cgroup_freezer_state(r3, &(0x7f0000000140)='FREEZING\x00', 0x9) [ 2088.137419][T10909] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2088.144281][T10909] Memory cgroup stats for /syz4: [ 2088.245311][T10909] anon 110592 [ 2088.245311][T10909] file 126976 [ 2088.245311][T10909] kernel 314327040 [ 2088.245311][T10909] kernel_stack 32768 [ 2088.245311][T10909] pagetables 69632 [ 2088.245311][T10909] percpu 11039616 [ 2088.245311][T10909] sock 0 [ 2088.245311][T10909] vmalloc 0 [ 2088.245311][T10909] shmem 126976 [ 2088.245311][T10909] file_mapped 126976 [ 2088.245311][T10909] file_dirty 0 [ 2088.245311][T10909] file_writeback 0 [ 2088.245311][T10909] swapcached 0 [ 2088.245311][T10909] inactive_anon 180224 [ 2088.245311][T10909] active_anon 57344 [ 2088.245311][T10909] inactive_file 0 [ 2088.245311][T10909] active_file 0 [ 2088.245311][T10909] unevictable 0 [ 2088.245311][T10909] slab_reclaimable 16816 [ 2088.245311][T10909] slab_unreclaimable 303129384 [ 2088.245311][T10909] slab 303146200 [ 2088.245311][T10909] workingset_refault_anon 0 [ 2088.245311][T10909] workingset_refault_file 15 [ 2088.245311][T10909] workingset_activate_anon 0 [ 2088.245311][T10909] workingset_activate_file 0 [ 2088.341036][T10909] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=10909,uid=0 [ 2088.356371][T10909] Memory cgroup out of memory: Killed process 10909 (syz-executor.4) total-vm:46312kB, anon-rss:388kB, file-rss:8192kB, shmem-rss:0kB, UID:0 pgtables:72kB oom_score_adj:1000 01:41:18 executing program 5: r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='net/packet\x00') write$cgroup_pressure(r0, 0x0, 0x15) 01:41:18 executing program 1: mq_open(&(0x7f0000000040)='@,%\x00', 0x40, 0x1, &(0x7f0000000080)={0xffffffffffffa6d7, 0x7, 0x6, 0x7f}) pipe(&(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) timerfd_gettime(r0, &(0x7f0000000100)) pipe(&(0x7f0000000900)={0xffffffffffffffff}) ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r1, 0x89f2, 0x0) setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r1, 0x6, 0x14, &(0x7f0000000300)=0x1, 0x4) prctl$PR_GET_DUMPABLE(0x3) socketpair(0x1, 0x80002, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) pipe(&(0x7f0000000900)={0xffffffffffffffff}) r4 = accept4(r2, &(0x7f0000000180), &(0x7f0000000200)=0x80, 0x80000) accept4(r4, &(0x7f0000000240)=@alg, &(0x7f00000002c0)=0x80, 0x80800) ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r3, 0x89f2, 0x0) write$cgroup_freezer_state(r3, &(0x7f0000000140)='FREEZING\x00', 0x9) 01:41:19 executing program 2: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000240)=0x1) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4000000010001fff000000000000034200000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00ed"], 0x40}}, 0x0) 01:41:19 executing program 4: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) sendmsg$sock(r0, &(0x7f0000000380)={&(0x7f0000000040)=@alg={0x26, 'hash\x00', 0x0, 0x0, 'sha1-neon\x00'}, 0x80, 0x0}, 0x0) 01:41:19 executing program 5: r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000000c0)={'\x00', 0x0}) 01:41:19 executing program 1: mq_open(&(0x7f0000000040)='@,%\x00', 0x40, 0x1, &(0x7f0000000080)={0xffffffffffffa6d7, 0x7, 0x6, 0x7f}) pipe(&(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) timerfd_gettime(r0, &(0x7f0000000100)) pipe(&(0x7f0000000900)={0xffffffffffffffff}) ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r1, 0x89f2, 0x0) setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r1, 0x6, 0x14, &(0x7f0000000300)=0x1, 0x4) prctl$PR_GET_DUMPABLE(0x3) socketpair(0x1, 0x80002, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) pipe(&(0x7f0000000900)={0xffffffffffffffff}) r4 = accept4(r2, &(0x7f0000000180), &(0x7f0000000200)=0x80, 0x80000) accept4(r4, &(0x7f0000000240)=@alg, &(0x7f00000002c0)=0x80, 0x80800) ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r3, 0x89f2, 0x0) write$cgroup_freezer_state(r3, &(0x7f0000000140)='FREEZING\x00', 0x9) [ 2088.777519][T10935] syz-executor.4 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 2088.787875][T10935] CPU: 0 PID: 10935 Comm: syz-executor.4 Not tainted 5.19.0-rc6-syzkaller-00104-g72a8e05d4f66-dirty #0 [ 2088.798995][T10935] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 2088.809057][T10935] Call Trace: [ 2088.812325][T10935] [ 2088.815241][T10935] dump_stack_lvl+0xd6/0x122 [ 2088.819840][T10935] dump_stack+0x11/0x12 [ 2088.823978][T10935] dump_header+0x98/0x410 [ 2088.828297][T10935] oom_kill_process+0xfe/0x550 [ 2088.833094][T10935] out_of_memory+0x620/0x880 [ 2088.837751][T10935] mem_cgroup_oom+0x475/0x4f0 [ 2088.842416][T10935] try_charge_memcg+0x746/0x960 [ 2088.847352][T10935] charge_memcg+0x63/0x2c0 [ 2088.851839][T10935] __mem_cgroup_charge+0x25/0xa0 [ 2088.856861][T10935] wp_page_copy+0x20f/0x1460 [ 2088.861477][T10935] ? shrink_zones+0x525/0x5d0 [ 2088.866155][T10935] do_wp_page+0x76f/0xe10 [ 2088.870589][T10935] handle_mm_fault+0x5fb/0xa90 [ 2088.875458][T10935] do_user_addr_fault+0x4cd/0x940 [ 2088.880515][T10935] exc_page_fault+0x60/0x160 [ 2088.885146][T10935] asm_exc_page_fault+0x22/0x30 [ 2088.889983][T10935] RIP: 0033:0x7fe837f5a340 [ 2088.894388][T10935] Code: fe ff 49 39 dc 75 eb 48 8b 44 24 18 89 28 48 83 c4 28 5b 5d 41 5c 41 5d 41 5e 41 5f c3 0f 1f 44 00 00 41 89 c5 e9 75 fe ff ff <43> 89 2c 84 e9 a3 fe ff ff 0f 1f 80 00 00 00 00 49 39 d4 74 70 48 [ 2088.914067][T10935] RSP: 002b:00007ffd964f7790 EFLAGS: 00010246 [ 2088.920120][T10935] RAX: 00000000430867c6 RBX: 00007fe8380beff8 RCX: 0000001b2de20000 [ 2088.928083][T10935] RDX: 0000000000000000 RSI: 0000001b2de20018 RDI: 0000000000000022 [ 2088.936147][T10935] RBP: 00000000430867c6 R08: 00000000000007c6 R09: 00000000430867ca [ 2088.944205][T10935] R10: 00007ffd964f7960 R11: 0000000000000246 R12: 00007fe8380b3000 [ 2088.952201][T10935] R13: 0000000000000001 R14: 0000000000000000 R15: ffffffff83a12eac [ 2088.960276][T10935] ? __x64_sys_socket+0xc/0x50 [ 2088.965100][T10935] [ 2088.968185][T10935] memory: usage 307200kB, limit 307200kB, failcnt 65005 01:41:19 executing program 0: getpid() socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, 0x0, 0x0, 0x2, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4000000010001fff000003320000000000000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00edd62ea20a1d331785", @ANYBLOB="f6058f6edd13b339a41741df7cc8ce16a184f1c3ce95557b15a6b9d8ed59050d446d58b1b14a601e31bc1f05ac2d5eab491981e7982e0834ddf3bc6592804936196dbce83b114f9265aa8c87654cf456311e4cba3ee22fd0451b75c902767755ccec2eb4ea77c45e8d4d4e77f867648d98797fdd8711d671c5f22669c60eb10bf9570150a2c247bf1e55cd1fb91e41588a73327e20823f2f15ce2255a75e6d8afb40aa37c5ae7af3fb6c770673242110d1e2c33cfd3264e2a156ae5ee38d5abfb2ad4c2a8a"], 0x40}}, 0x0) 01:41:19 executing program 1: mq_open(&(0x7f0000000040)='@,%\x00', 0x40, 0x1, &(0x7f0000000080)={0xffffffffffffa6d7, 0x7, 0x6, 0x7f}) pipe(&(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) timerfd_gettime(r0, &(0x7f0000000100)) pipe(&(0x7f0000000900)={0xffffffffffffffff}) ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r1, 0x89f2, 0x0) setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r1, 0x6, 0x14, &(0x7f0000000300)=0x1, 0x4) prctl$PR_GET_DUMPABLE(0x3) socketpair(0x1, 0x80002, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) pipe(&(0x7f0000000900)={0xffffffffffffffff}) r4 = accept4(r2, &(0x7f0000000180), &(0x7f0000000200)=0x80, 0x80000) accept4(r4, &(0x7f0000000240)=@alg, &(0x7f00000002c0)=0x80, 0x80800) ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r3, 0x89f2, 0x0) write$cgroup_freezer_state(r3, &(0x7f0000000140)='FREEZING\x00', 0x9) 01:41:19 executing program 5: syz_mount_image$ext4(0x0, &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount$tmpfs(0x0, &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x3, 0x0) mount$9p_unix(0x0, &(0x7f0000000040)='./file0\x00', 0x0, 0x30c8061, 0x0) 01:41:19 executing program 3: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000240)=0x1) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4000000010001fff00000000000003a400000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00ed"], 0x40}}, 0x0) [ 2088.975219][T10935] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2088.982061][T10935] Memory cgroup stats for /syz4: [ 2089.030029][T10935] anon 102400 [ 2089.030029][T10935] file 126976 [ 2089.030029][T10935] kernel 314343424 [ 2089.030029][T10935] kernel_stack 32768 [ 2089.030029][T10935] pagetables 69632 [ 2089.030029][T10935] percpu 11039616 [ 2089.030029][T10935] sock 0 [ 2089.030029][T10935] vmalloc 0 [ 2089.030029][T10935] shmem 126976 [ 2089.030029][T10935] file_mapped 126976 [ 2089.030029][T10935] file_dirty 0 [ 2089.030029][T10935] file_writeback 0 [ 2089.030029][T10935] swapcached 0 [ 2089.030029][T10935] inactive_anon 172032 [ 2089.030029][T10935] active_anon 57344 [ 2089.030029][T10935] inactive_file 0 [ 2089.030029][T10935] active_file 0 [ 2089.030029][T10935] unevictable 0 [ 2089.030029][T10935] slab_reclaimable 22320 [ 2089.030029][T10935] slab_unreclaimable 303137280 [ 2089.030029][T10935] slab 303159600 [ 2089.030029][T10935] workingset_refault_anon 0 [ 2089.030029][T10935] workingset_refault_file 15 [ 2089.030029][T10935] workingset_activate_anon 0 [ 2089.030029][T10935] workingset_activate_file 0 01:41:19 executing program 4: socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) sendto(r0, 0x0, 0x0, 0x0, &(0x7f0000000140)=@generic={0x0, "1c5e8fae16830e2ee1579cb7073ecad4077829e4ba3d78ff0be905d4e3d10387fdaa3cb1362585e5b9d30dfca80acdfaf2c09e1d9e613b3a141bf4b963a4a7789fb2d2aeae238474dc2912c8c2da19c20036069ae988905878e7f742ec1504716248ffd20cc0b4d75f1d7e69e3217dfb09c716baf828ebbc2da9aa669f9d"}, 0x80) [ 2089.125848][T10935] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=10935,uid=0 [ 2089.141271][T10935] Memory cgroup out of memory: Killed process 10935 (syz-executor.4) total-vm:46312kB, anon-rss:388kB, file-rss:8192kB, shmem-rss:0kB, UID:0 pgtables:72kB oom_score_adj:1000 [ 2089.231363][T10954] syz-executor.4 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 2089.241616][T10954] CPU: 1 PID: 10954 Comm: syz-executor.4 Not tainted 5.19.0-rc6-syzkaller-00104-g72a8e05d4f66-dirty #0 [ 2089.252713][T10954] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 2089.262777][T10954] Call Trace: [ 2089.266063][T10954] [ 2089.268997][T10954] dump_stack_lvl+0xd6/0x122 [ 2089.273609][T10954] dump_stack+0x11/0x12 01:41:19 executing program 5: r0 = socket(0x10, 0x3, 0x0) getpeername(r0, 0x0, &(0x7f0000000080)) 01:41:19 executing program 5: mq_open(&(0x7f0000000000)='.{\x03\x00\x00\x19\xc5\xce\x91~M\x0e\xd7$o\xb2\\%\xbe\xc7\xc1#\x94a\xb3\x80\xdc\'\xc2?K\xae\x99\xc0!\x16(\xa0\x8c\xbd\xa0\xfd\x91o\x87\xc7\xa1\x8e\xe0E5\x85J\vlE\xe7\xb5\x81k\xef\xf2\xe2\xf3\xcf\xc4\xea\xd6R\xfe$\'\xe8\xcb\xd9]\xf0\xe3.Y\xb0\xfcT\xd9*3\xef\xa1l\xa0B\xb8\xe5\x1dn\xfe\xc4\xeau`\xce#\xd1\x19\x9bh\xbfw\xfa[`\x81\x00\xf1\"\xb3\xb5E\xc0\rZ\xaa\xb68;\xf1Ig\xfb\xd7\x9c;JC\xfe\x06\xc5w\xcdr\t\xc5_4d\x81\x00\x00\x00\x00\x00\x00\x00(\xeeCX;G\x16\xcbpl4\xfbn\x00\xb9\xb1\xb2\x91\x0f\xccU\xdf9aM\xefrGV\xcb\xa6\f\xaem$\x9a\xa0', 0x0, 0x1, &(0x7f00000000c0)) 01:41:19 executing program 5: r0 = socket(0x11, 0x3, 0x0) shutdown(r0, 0x0) [ 2089.277782][T10954] dump_header+0x98/0x410 [ 2089.282144][T10954] oom_kill_process+0xfe/0x550 [ 2089.286934][T10954] out_of_memory+0x620/0x880 [ 2089.291544][T10954] mem_cgroup_oom+0x475/0x4f0 [ 2089.296236][T10954] try_charge_memcg+0x746/0x960 [ 2089.301222][T10954] __memcg_kmem_charge_page+0x2e4/0x480 [ 2089.306790][T10954] alloc_thread_stack_node+0x292/0x360 [ 2089.312423][T10954] dup_task_struct+0x96/0x2a0 [ 2089.317343][T10954] copy_process+0x3cb/0x20b0 [ 2089.322049][T10954] kernel_clone+0x163/0x5c0 [ 2089.326721][T10954] __x64_sys_clone+0xc3/0xf0 [ 2089.331328][T10954] do_syscall_64+0x2b/0x70 [ 2089.335820][T10954] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 2089.341803][T10954] RIP: 0033:0x7fe837fad531 [ 2089.346279][T10954] Code: 48 85 ff 74 3d 48 85 f6 74 38 48 83 ee 10 48 89 4e 08 48 89 3e 48 89 d7 4c 89 c2 4d 89 c8 4c 8b 54 24 08 b8 38 00 00 00 0f 05 <48> 85 c0 7c 13 74 01 c3 31 ed 58 5f ff d0 48 89 c7 b8 3c 00 00 00 [ 2089.365946][T10954] RSP: 002b:00007ffd964f7748 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 2089.374371][T10954] RAX: ffffffffffffffda RBX: 00007fe837722700 RCX: 00007fe837fad531 [ 2089.382353][T10954] RDX: 00007fe8377229d0 RSI: 00007fe8377222f0 RDI: 00000000003d0f00 [ 2089.390325][T10954] RBP: 00007ffd964f7990 R08: 00007fe837722700 R09: 00007fe837722700 [ 2089.398371][T10954] R10: 00007fe8377229d0 R11: 0000000000000206 R12: 00007ffd964f77fe [ 2089.406341][T10954] R13: 00007ffd964f77ff R14: 00007fe837722300 R15: 0000000000022000 [ 2089.414321][T10954] [ 2089.417529][T10954] memory: usage 307196kB, limit 307200kB, failcnt 65038 [ 2089.424558][T10954] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2089.431417][T10954] Memory cgroup stats for /syz4: [ 2089.443594][T10954] anon 90112 [ 2089.443594][T10954] file 126976 [ 2089.443594][T10954] kernel 314351616 [ 2089.443594][T10954] kernel_stack 16384 [ 2089.443594][T10954] pagetables 65536 [ 2089.443594][T10954] percpu 11039616 [ 2089.443594][T10954] sock 0 [ 2089.443594][T10954] vmalloc 0 [ 2089.443594][T10954] shmem 126976 [ 2089.443594][T10954] file_mapped 126976 [ 2089.443594][T10954] file_dirty 0 [ 2089.443594][T10954] file_writeback 0 [ 2089.443594][T10954] swapcached 0 [ 2089.443594][T10954] inactive_anon 159744 [ 2089.443594][T10954] active_anon 57344 [ 2089.443594][T10954] inactive_file 0 [ 2089.443594][T10954] active_file 0 [ 2089.443594][T10954] unevictable 0 [ 2089.443594][T10954] slab_reclaimable 35272 [ 2089.443594][T10954] slab_unreclaimable 303142336 [ 2089.443594][T10954] slab 303177608 [ 2089.443594][T10954] workingset_refault_anon 0 [ 2089.443594][T10954] workingset_refault_file 15 [ 2089.443594][T10954] workingset_activate_anon 0 [ 2089.443594][T10954] workingset_activate_file 0 [ 2089.539235][T10954] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=10954,uid=0 [ 2089.554593][T10954] Memory cgroup out of memory: Killed process 10954 (syz-executor.4) total-vm:46312kB, anon-rss:388kB, file-rss:8192kB, shmem-rss:0kB, UID:0 pgtables:68kB oom_score_adj:1000 [ 2089.622621][ T24] audit: type=1400 audit(1657676479.981:571): avc: denied { shutdown } for pid=10965 comm="syz-executor.5" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 01:41:20 executing program 2: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000240)=0x1) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4000000010001fff000000000000004800000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00ed"], 0x40}}, 0x0) 01:41:20 executing program 1: prctl$PR_CAPBSET_READ(0x1c, 0x1000000000007fff) 01:41:20 executing program 4: socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000001c0)={'vcan0\x00', &(0x7f00000000c0)=@ethtool_rxnfc={0x0, 0x0, 0x0, {0x0, @sctp_ip6_spec={@local, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01'}, {}, @esp_ip4_spec={@rand_addr, @local}, {0x0, @dev}}}}) 01:41:20 executing program 5: syz_mount_image$msdos(0x0, &(0x7f00000000c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x515082, 0x0) r0 = inotify_init() inotify_add_watch(r0, &(0x7f00000004c0)='./file0\x00', 0x2) 01:41:20 executing program 0: getpid() socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, 0x0, 0x0, 0x2, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4000000010001fff0000003a0000000000000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00edd62ea20a1d331785", @ANYBLOB="f6058f6edd13b339a41741df7cc8ce16a184f1c3ce95557b15a6b9d8ed59050d446d58b1b14a601e31bc1f05ac2d5eab491981e7982e0834ddf3bc6592804936196dbce83b114f9265aa8c87654cf456311e4cba3ee22fd0451b75c902767755ccec2eb4ea77c45e8d4d4e77f867648d98797fdd8711d671c5f22669c60eb10bf9570150a2c247bf1e55cd1fb91e41588a73327e20823f2f15ce2255a75e6d8afb40aa37c5ae7af3fb6c770673242110d1e2c33cfd3264e2a156ae5ee38d5abfb2ad4c2a8a"], 0x40}}, 0x0) 01:41:20 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_buf(r0, 0x6, 0x15, &(0x7f0000000000)="71351048", 0x4) [ 2089.830453][T10973] syz-executor.4 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 2089.840761][T10973] CPU: 0 PID: 10973 Comm: syz-executor.4 Not tainted 5.19.0-rc6-syzkaller-00104-g72a8e05d4f66-dirty #0 [ 2089.851804][T10973] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 2089.861876][T10973] Call Trace: [ 2089.865161][T10973] [ 2089.868102][T10973] dump_stack_lvl+0xd6/0x122 [ 2089.872712][T10973] dump_stack+0x11/0x12 [ 2089.876933][T10973] dump_header+0x98/0x410 [ 2089.881379][T10973] oom_kill_process+0xfe/0x550 [ 2089.886155][T10973] out_of_memory+0x620/0x880 [ 2089.890891][T10973] mem_cgroup_oom+0x475/0x4f0 [ 2089.895564][T10973] try_charge_memcg+0x746/0x960 [ 2089.900534][T10973] charge_memcg+0x63/0x2c0 [ 2089.905010][T10973] __mem_cgroup_charge+0x25/0xa0 [ 2089.909948][T10973] wp_page_copy+0x20f/0x1460 [ 2089.914530][T10973] do_wp_page+0x76f/0xe10 [ 2089.918930][T10973] handle_mm_fault+0x5fb/0xa90 [ 2089.923693][T10973] do_user_addr_fault+0x4cd/0x940 [ 2089.928791][T10973] exc_page_fault+0x60/0x160 [ 2089.933547][T10973] asm_exc_page_fault+0x22/0x30 [ 2089.938393][T10973] RIP: 0033:0x7fe837f52edc [ 2089.942869][T10973] Code: 2a 59 ff ff 41 39 5c 24 2c 7f d3 31 c0 48 8d 3d c5 20 0b 00 e8 15 59 ff ff 48 8b 44 24 08 c7 44 24 1c ff ff ff ff 44 8b 60 78 80 c8 00 00 00 00 45 85 e4 0f 8e 83 00 00 00 48 8b 44 24 08 8b [ 2089.962552][T10973] RSP: 002b:00007fe837722190 EFLAGS: 00010202 [ 2089.968641][T10973] RAX: 00007fe8380bef60 RBX: 0000000000000004 RCX: 00007fe838013c85 [ 2089.976725][T10973] RDX: 00000000001ed80e RSI: 0000000020000040 RDI: 00007fe838004f8b [ 2089.984885][T10973] RBP: 00007fe83800605d R08: 00007ffd96573080 R09: 0000000000000010 [ 2089.992902][T10973] R10: 00007ffd965730b8 R11: 000000000005e3f4 R12: 0000000000000000 [ 2090.000957][T10973] R13: 00007ffd964f77ff R14: 00007fe837722300 R15: 0000000000022000 [ 2090.008980][T10973] [ 2090.012096][T10973] memory: usage 307188kB, limit 307200kB, failcnt 65136 [ 2090.019063][T10973] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2090.025964][T10973] Memory cgroup stats for /syz4: [ 2090.028929][T10973] anon 94208 [ 2090.028929][T10973] file 126976 [ 2090.028929][T10973] kernel 314339328 [ 2090.028929][T10973] kernel_stack 32768 [ 2090.028929][T10973] pagetables 73728 [ 2090.028929][T10973] percpu 11039616 [ 2090.028929][T10973] sock 0 [ 2090.028929][T10973] vmalloc 0 [ 2090.028929][T10973] shmem 126976 [ 2090.028929][T10973] file_mapped 126976 [ 2090.028929][T10973] file_dirty 0 [ 2090.028929][T10973] file_writeback 0 [ 2090.028929][T10973] swapcached 0 [ 2090.028929][T10973] inactive_anon 163840 [ 2090.028929][T10973] active_anon 57344 [ 2090.028929][T10973] inactive_file 0 [ 2090.028929][T10973] active_file 0 [ 2090.028929][T10973] unevictable 0 [ 2090.028929][T10973] slab_reclaimable 15840 [ 2090.028929][T10973] slab_unreclaimable 303135960 [ 2090.028929][T10973] slab 303151800 [ 2090.028929][T10973] workingset_refault_anon 0 [ 2090.028929][T10973] workingset_refault_file 15 [ 2090.028929][T10973] workingset_activate_anon 0 [ 2090.028929][T10973] workingset_activate_file 0 01:41:20 executing program 3: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000240)=0x1) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4000000010001fff00000000000002a800000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00ed"], 0x40}}, 0x0) 01:41:20 executing program 1: openat2$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x72) 01:41:20 executing program 5: inotify_init() pselect6(0x40, &(0x7f0000000000)={0x9}, 0x0, 0x0, &(0x7f00000000c0), 0x0) 01:41:20 executing program 4: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_buf(r0, 0x0, 0x4, &(0x7f0000000040)='\x00', 0x1) 01:41:20 executing program 5: socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCETHTOOL(r0, 0x8924, &(0x7f00000001c0)={'vcan0\x00', 0x0}) 01:41:20 executing program 1: r0 = socket$inet(0x2, 0xa, 0x0) sendmsg$IPSET_CMD_SWAP(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={0x0, 0xedff7f00000000}, 0x300}, 0x0) [ 2090.124719][T10973] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=10970,uid=0 [ 2090.140074][T10973] Memory cgroup out of memory: Killed process 10970 (syz-executor.4) total-vm:46312kB, anon-rss:388kB, file-rss:8192kB, shmem-rss:0kB, UID:0 pgtables:76kB oom_score_adj:1000 [ 2090.245118][T10997] syz-executor.4 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 2090.255493][T10997] CPU: 0 PID: 10997 Comm: syz-executor.4 Not tainted 5.19.0-rc6-syzkaller-00104-g72a8e05d4f66-dirty #0 [ 2090.266656][T10997] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 2090.276767][T10997] Call Trace: [ 2090.280044][T10997] [ 2090.282972][T10997] dump_stack_lvl+0xd6/0x122 [ 2090.287570][T10997] dump_stack+0x11/0x12 [ 2090.291739][T10997] dump_header+0x98/0x410 [ 2090.296183][T10997] oom_kill_process+0xfe/0x550 [ 2090.300971][T10997] out_of_memory+0x620/0x880 [ 2090.305648][T10997] mem_cgroup_oom+0x475/0x4f0 [ 2090.310364][T10997] try_charge_memcg+0x746/0x960 [ 2090.315225][T10997] charge_memcg+0x63/0x2c0 [ 2090.319775][T10997] __mem_cgroup_charge+0x25/0xa0 [ 2090.324889][T10997] wp_page_copy+0x20f/0x1460 [ 2090.329502][T10997] do_wp_page+0x76f/0xe10 [ 2090.333837][T10997] handle_mm_fault+0x5fb/0xa90 [ 2090.338607][T10997] do_user_addr_fault+0x4cd/0x940 [ 2090.343645][T10997] exc_page_fault+0x60/0x160 [ 2090.348246][T10997] asm_exc_page_fault+0x22/0x30 [ 2090.353099][T10997] RIP: 0033:0x7fe837f52edc [ 2090.357518][T10997] Code: 2a 59 ff ff 41 39 5c 24 2c 7f d3 31 c0 48 8d 3d c5 20 0b 00 e8 15 59 ff ff 48 8b 44 24 08 c7 44 24 1c ff ff ff ff 44 8b 60 78 80 c8 00 00 00 00 45 85 e4 0f 8e 83 00 00 00 48 8b 44 24 08 8b [ 2090.377135][T10997] RSP: 002b:00007fe837722190 EFLAGS: 00010202 [ 2090.383268][T10997] RAX: 00007fe8380bef60 RBX: 0000000000000003 RCX: 00007fe838013aac [ 2090.391242][T10997] RDX: 00000000001ed9ac RSI: 0000000000000000 RDI: 00007fe838004f8b [ 2090.399213][T10997] RBP: 00007fe83800605d R08: 00007ffd96573080 R09: 0000000000000010 [ 2090.407207][T10997] R10: 00007ffd965730b8 R11: 000000000005e418 R12: 0000000000000000 [ 2090.415375][T10997] R13: 00007ffd964f77ff R14: 00007fe837722300 R15: 0000000000022000 [ 2090.423530][T10997] [ 2090.426765][T10997] memory: usage 307192kB, limit 307200kB, failcnt 65207 [ 2090.433719][T10997] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2090.441150][T10997] Memory cgroup stats for /syz4: [ 2090.453799][T10997] anon 94208 [ 2090.453799][T10997] file 126976 [ 2090.453799][T10997] kernel 314335232 [ 2090.453799][T10997] kernel_stack 32768 [ 2090.453799][T10997] pagetables 69632 [ 2090.453799][T10997] percpu 11039616 [ 2090.453799][T10997] sock 0 [ 2090.453799][T10997] vmalloc 0 [ 2090.453799][T10997] shmem 126976 [ 2090.453799][T10997] file_mapped 126976 [ 2090.453799][T10997] file_dirty 0 [ 2090.453799][T10997] file_writeback 0 [ 2090.453799][T10997] swapcached 0 [ 2090.453799][T10997] inactive_anon 163840 [ 2090.453799][T10997] active_anon 57344 [ 2090.453799][T10997] inactive_file 0 [ 2090.453799][T10997] active_file 0 [ 2090.453799][T10997] unevictable 0 [ 2090.453799][T10997] slab_reclaimable 17216 [ 2090.453799][T10997] slab_unreclaimable 303135960 [ 2090.453799][T10997] slab 303153176 [ 2090.453799][T10997] workingset_refault_anon 0 [ 2090.453799][T10997] workingset_refault_file 15 [ 2090.453799][T10997] workingset_activate_anon 0 [ 2090.453799][T10997] workingset_activate_file 0 [ 2090.549808][T10997] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=10992,uid=0 [ 2090.565198][T10997] Memory cgroup out of memory: Killed process 10992 (syz-executor.4) total-vm:46312kB, anon-rss:388kB, file-rss:8192kB, shmem-rss:0kB, UID:0 pgtables:72kB oom_score_adj:1000 01:41:21 executing program 2: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000240)=0x1) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4000000010001fff000000000000014800000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00ed"], 0x40}}, 0x0) 01:41:21 executing program 5: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$BATADV_CMD_GET_MCAST_FLAGS(r0, &(0x7f0000000ec0)={&(0x7f0000000dc0), 0xc, &(0x7f0000000e80)={&(0x7f0000000e40)={0xfd76}, 0xfd76}}, 0x0) 01:41:21 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$BATADV_CMD_GET_MCAST_FLAGS(r0, &(0x7f0000000ec0)={&(0x7f0000000dc0), 0xc, &(0x7f0000000e80)={&(0x7f0000000e40)={0x14}, 0xf}}, 0x0) 01:41:21 executing program 0: getpid() socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, 0x0, 0x0, 0x2, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4000000010001fff0000023a0000000000000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00edd62ea20a1d331785", @ANYBLOB="f6058f6edd13b339a41741df7cc8ce16a184f1c3ce95557b15a6b9d8ed59050d446d58b1b14a601e31bc1f05ac2d5eab491981e7982e0834ddf3bc6592804936196dbce83b114f9265aa8c87654cf456311e4cba3ee22fd0451b75c902767755ccec2eb4ea77c45e8d4d4e77f867648d98797fdd8711d671c5f22669c60eb10bf9570150a2c247bf1e55cd1fb91e41588a73327e20823f2f15ce2255a75e6d8afb40aa37c5ae7af3fb6c770673242110d1e2c33cfd3264e2a156ae5ee38d5abfb2ad4c2a8a"], 0x40}}, 0x0) 01:41:21 executing program 4: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_buf(r0, 0x6, 0x9, &(0x7f0000000000)="713557c0", 0x4) 01:41:21 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_CHANNEL_SWITCH(r0, &(0x7f0000003a80)={0x0, 0x0, &(0x7f0000003a40)={&(0x7f0000000480)={0xec4, 0x0, 0x0, 0x0, 0x0, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_CSA_IES={0x20, 0xb9, 0x0, 0x1, [@NL80211_ATTR_CSA_C_OFF_BEACON={0x6, 0xba, [0x0]}, @NL80211_ATTR_CSA_C_OFF_BEACON={0xa, 0xba, [0x0, 0x9, 0x0]}, @NL80211_ATTR_CSA_C_OFF_PRESP={0x6, 0xbb, [0x0]}]}, @NL80211_ATTR_CSA_IES={0xe88, 0xb9, 0x0, 0x1, [@NL80211_ATTR_CSA_C_OFF_BEACON={0x16, 0xba, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}, @beacon_params=[@NL80211_ATTR_BEACON_HEAD={0x199, 0xe, {@wo_ht={{}, {}, @broadcast, @broadcast, @from_mac}, 0x0, @random, 0x0, @void, @void, @void, @void, @void, @void, @val={0x25, 0x3}, @val={0x2a, 0x1}, @val={0x3c, 0x4}, @val={0x2d, 0x1a}, @void, @val={0x71, 0x7}, @val={0x76, 0x6}, [{0xdd, 0xc1, "4b2ea5dfc4ca19ec7755caecc1c514a843eb1b1444719a924d0bf373376b36c86996c3b8c350df8954f23b5f3ed3dfdfd983ae102c7a0e00db8eeb92902ef196f3d91d98a5a04eee94e1168cf4e4a503fe4cdde519deb7ec527113c40460175002bf633b1b5dfd8abde351845c50210c5e09cea216d508fc836dd28d39ee5eae967736a2eb667f71c78e995ee92d3daae6c469e04e5c031331c23e6ec76250f85c2fe85f7739748835fcb3748d604254722b9ef3a9275973a346f0199c67462627"}, {0xdd, 0x71, "2cf89dcb97bdaa17796322a41519571556edbc37bbbf2083ad2357c5ab6ffa5877808bce84a64c032c8da4bf0e02449933f950d786213b25d17378810b69605f59bf10ca3969d819b253e74fd0a3a7f5a0f5d9f500d12392c44d2644124be243741c66193b8e7abec3ad2eaab1226b2b18"}]}}, @NL80211_ATTR_IE_ASSOC_RESP={0xd6, 0x80, [@perr={0x84, 0xc8, {0x0, 0xc, [@ext={{}, @broadcast, 0x0, @device_b}, @not_ext={{}, @broadcast}, @ext={{}, @broadcast, 0x0, @device_b}, @ext={{}, @device_a, 0x0, @device_b}, @ext={{}, @device_b}, @not_ext={{}, @broadcast}, @ext={{}, @device_a, 0x0, @broadcast}, @ext={{}, @device_b, 0x0, @device_b}, @not_ext, @ext={{}, @device_b, 0x0, @broadcast}, @not_ext={{}, @device_b}, @not_ext={{}, @device_b}]}}, @mesh_id={0x72, 0x6}]}, @NL80211_ATTR_PROBE_RESP={0xf5, 0x91, "cbf0c08582dbff1620bb190e4bdc4415e716e6fa92379c9fc3c54fc4248dc22231bfff6e9b7fa7016103bf8a2fbf70ba6431b21a38e7d26756671e501617a0477b31491a3780d5f0a530fa09ccb36a55108e0128583770947c997bb008e31a19fe1eefcf7645e6bd73c509c21cd26b18cfe2a15c7ba3da943abac994ece658477d98204a0be2726f57c7395f0f298523c0efa04e071b05d09a98928edcbe919497021358d55a81caf6d0914bd65d77e9e03c2374a9909191e711ebb03d5176f224fa16561bbc34d87d6789adbb246d8bfab88dddbee8af5b1463e95cd61b3dbf02e86e50582ce67dc2fc092c47c4812ffe"}, @NL80211_ATTR_PROBE_RESP={0x8c5, 0x91, "544726fd914a4a155eca2e373a7122adefd6c217d4c8c996877d2f99546338c5d13365603231d11fd2a61a16e5bff78871bebe7c0543aeff44a5ba9fab34a52011c2cec8f2690b3cb7d4555eb846e0d77288b176715f58456bb2f3513328d7f4009db1c254602f068fd34beafcbdbbc0abc7934b58367f17597d4a350893eb1e772c2e48eb9a943b33ed79237bdf4c475d0df98341e5651ad4d9e6e6a68f1e33ee0d069a2027ad937debfcd783f5086084616484231d355c85e40727977f6a2129abf49e4dd0364a7c67106bea6c81f84fc1db09c00d36e01967385d23651d03591a8d3d976e9767aa1deeaadd44ef5662c2d48cfc5380e9aa03cec20b660d4f6e2b88d3a834958fd0e5111393f665406b03a743198edd325f8dc51856f46459317158e8921b8e18bc12435d710d65d0320c22c960076e5f3890c53588e86df4e7d6c9b406f5e68e1d9d0a32f75317c1a81baaf1b895238f7ad5735f3a3f0efa2db13081a23c5019cbed8ef26754e4f1034b7af6d73b771600210ae88abf820a85d055556e89f57f86f5fdf1366a97aba9a6ec9e034fcb47556cd44c8bd2476b98742499cbbc16af340c59bbd74cbf183dbac171f030b5afbbd6236c6cff8f84118c447e9e223b252cfb29ede40b4574e3457e5fb61db3d7a6f70aea0024274b8d3ba734513da6562b244aabcc7b2c576369441360585d37b6b239f37a78dd81e53f80662094559441805d508d01369e9b458900bd8971b9037a76a3a57b0751f1a8551d363e88f4887b4afaf0d35bed06ec96c6748dd41cf57afbf3b885714e2d0828608962efddb091bdacb24be477202f9b4ae3046dbf6aef6cfc0b91506b08cf183b3c02aa8259a80caed15decfdd1f0c904496cd2d897fa87e3559f19b52469acac28a95a49bc1a38efa88148f3c9444c5a991d893a254195a926dc8aa96d786fde070e8b821baacb8d936ba9b9f34aea95f923028162275d8ce4af41c0b6ee7d15d12036458207c1202a27c03b4ca4d89db41e3995a276303281cf2abda1128d69f94b58e6c5201b85ca4d6c845886bfe919b7577b30110bf03aeaae1a646904653a0eebdb23b289bce982d861e249c3a38456f1da7849a7f5cff723604a8fe4d6d0f4d3ed2013e5601027745712cdb2152b6d1fa25bc1d86d5f0ed7b507942a2e350bf57e39e324d837a8dcd411019524b3094c9ae17f54c812bf9a53a3a903447f79933ea47b03fff371d2bb6fb01332ca1a340a101fc163a235b61e6f29d95c20d8848eeada58f8f1bb6f4cc246330db3970993d98250c1d815752fca92f9524f7faba6d830748cfd3d9d33c4176927742b9d06588f0906cda166d76b23cb8dd2493ccd6ff11ac4e0c9a0440c30e55450483637678cef4bdfac32460ba1fa4726aa9dc08aa067669c187ad3648db090b9c592ad53996ca65711b805f87d208aa52f668c8789cde33cf903ebd526daf495f0bda7b1471ff6bc7807e9ee27c762c6bf7b1dd6a2368c01146c07a5c9ef9bf383cb79e52afee58537730192ba010352d1c44ac7a56ca5e88c653b1e4ca78b869243ab3073d69f51142ac1149268b5b9099d8d1a3fcfe1ca495e36992ca9c1cdf03397b81a1fa87afac3c363c4cd4971530ebd855a19b137fd22bd0a06f04ee9f4f57909e5ce117d620a9c55eaa7bc70a374ba24972f020dbd8d965f66dddd56bc3f1596442c7f1d4da8a603dd53a6291fadf7ae643dda63ba9f37c8352815faa522d3c8f6d47064fa7fc5aeb8dd0dfeaa92f3529f7c97cd27a0fb8a57fc9364afe4c30120498e4327c1e84bd36cb79e4548ae581f27001101cbab4fe31319aea8b1c9b3e516b2927db9b9da523bab15cc3540ae7267491d7db3548ec7c47c80ff551e9406d5b85c2bd10d193333e9e64c6a919901b0c832f2bccc8852a31abaaa4cf45cd295a69097a7caa422b1e299726e665eba30bf2129760d0bd736ec0caae416d6c2349fd9edaaa9c57d037ab5a0de53aa9d7b2fd0ef52d59016daf8b690f56a7e5ec878c00eb32a513534255ade732f5d2ebe05b95a371b9eea0f5bc6bc3d5539786042c2a711314063aa5c56eafae39199441ff1ef08185616101dc05e29bd166fc8df101ad80f61a29149ee7e330dae20eec52bd446410ce1c690a4083e6b76a26055ad42576b8d84aa4b131056bdf375ac46cbe05b86ffb5fae0e23c4ba03d6225f4a177d937cf1b71e563ea7520baceaaf77b33c2c5eac0a78cf44c039ccd9dbd46f64fc3bef6880feb261ec0e0befb6d72d0d7fe359bc9c3ecae78fabe2a06a708daeaf7b449a8dc494a2136d47d2ab6d29f93837cf07e1747d257191fae7db0ec3729136534d23afcac87c7bbb80d4f35b345f44f72b418f7fe811ac47ea983016743f0e59091192dca7adbbc10eb04b1052649d176f9c0bbb89d89a4a233cd0f1ae31b4bad07a0c864644a5794095a2a8b20ddaa5de924784c8a81b3feb042bf1ab4b26cdd245f8170cf1caf183021ffdd32d7e31551f07a3de3f83df37d316c2836719b2bb39e363318c26203a5a56d123ad9b7d26b6101085226ed0120f5c99374875e64525b24ff9034fa057a3d88ae41afa16cf8316b8a85be3e168e3e0ff1faf8717ec7cda637863f553c4a358b6e974b4e16f21c749b0be1c100078ab09992bf4a0807806232f62652dd5206b909a59647985dc28af1fbeaeaba94dc484f594d5ecf2c2a2c130897c89115c7ce6aeb7da12df94fbafb01a55bc18ec5ab6185530d82a69dfe436813b4c52f71b5f4230f793733acd4d7166e388fa6919449acf0eef428db592d2604e85ed2f3ef3991f02623e3f3ac72497a211ac9a8331836caa3276064da192add2c507ae013ae6c8a4382b71d161266399b0ee1a9e10e905c29184a764a59b112556cb182ebc65f5210853a0e64f3706efcdb63e76715246b191a7dc7b8eb0236b8874540e6b99c8cde7575701c82294d4b6acd594da387501043fe411fe9be926d5e05536ae3373c0453445871ae75f2b6f89d9fe2cdc603d9d2c03d2f84f2c8d537ac4e5591f519be0003e7639f7d9663b40246a831e2dd656209432575661ba4b8658b587b121e381e77b91f7817a565654f5cbe1d2ea9732a3ce576d8bce164572f00968260bbeed746924b773d273dba6c374ca0ebd85922"}], @beacon_params=[@NL80211_ATTR_BEACON_HEAD={0x229, 0xe, {@wo_ht={{}, {}, @device_a, @device_a, @from_mac=@device_b}, 0x0, @random, 0x0, @val={0x0, 0x6, @default_ap_ssid}, @val, @val={0x3, 0x1}, @void, @void, @val={0x5, 0x6f, {0x0, 0x0, 0x0, "f3cec9033ff513426db63569ca045b9a6c086902d4f6e1eb9fd8667b8bcd377f7a6a656133787f02e1fc85ea90727ca154d367b7f17b8c8a70d8f55c9d0bb21ca77dd54434c14582aadfcaf62c76e1c918537e115b27e7f4d4789bdef28bf5e9e0844a5e9374ceab34a53233"}}, @void, @val={0x2a, 0x1}, @void, @val={0x2d, 0x1a}, @void, @val={0x71, 0x7}, @void, [{0xdd, 0xa7, "bc435ee2cbae68a6a95297f62a681a0e3e209906b049ddb2c725af8b211feb0847253ae647246ddbc7dca483b0d87ed230153768376d7c38dcf36459a2c5556efdf86cb459440421d688c097520becad48b863660f3613307e56f7c8f38278aa10421fe269383f2e7c3af0c8489fb35e8c3ea20338876257b58f78d6e2585dcb66986f657e4f7da89159425080a37535724a8fb48eb937718e4200aac7ddbb4942d8014507d669"}, {0xdd, 0x9d, "9c9579f90a13d50d84b10a0c980adaa9ae4970c7b7b29b5cae752725ecfb58c00a196104bfef97833dedf5c28b96c09dbaf24f7541b6d9f2ada220c393295c42bf3a9ccb7865cae9ec88f8684acea884dab4636bace47a9b9f31c247a8424826e5022cc3aa06afc1768e4cca0ae1b42f90ef3782ca76422d7c6fda2c913351193f852705067cf66a70c1f8dad3753429afc65cb60765b585cac0a2f90b"}, {0xdd, 0x11, "f27c7fa5381dacc5fb72eae7b78d15a552"}]}}], @NL80211_ATTR_CSA_C_OFF_PRESP={0xa, 0xbb, [0x0, 0x0, 0x0]}]}]}, 0xec4}}, 0x0) [ 2090.860038][T11009] syz-executor.4 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 2090.870299][T11009] CPU: 1 PID: 11009 Comm: syz-executor.4 Not tainted 5.19.0-rc6-syzkaller-00104-g72a8e05d4f66-dirty #0 [ 2090.881437][T11009] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 2090.891527][T11009] Call Trace: [ 2090.894799][T11009] [ 2090.897731][T11009] dump_stack_lvl+0xd6/0x122 [ 2090.902338][T11009] dump_stack+0x11/0x12 [ 2090.906486][T11009] dump_header+0x98/0x410 [ 2090.910799][T11009] oom_kill_process+0xfe/0x550 [ 2090.915596][T11009] out_of_memory+0x620/0x880 [ 2090.920190][T11009] mem_cgroup_oom+0x475/0x4f0 [ 2090.924863][T11009] try_charge_memcg+0x746/0x960 [ 2090.929718][T11009] charge_memcg+0x63/0x2c0 [ 2090.934124][T11009] __mem_cgroup_charge+0x25/0xa0 [ 2090.939064][T11009] wp_page_copy+0x20f/0x1460 [ 2090.943642][T11009] do_wp_page+0x76f/0xe10 [ 2090.947988][T11009] handle_mm_fault+0x5fb/0xa90 [ 2090.952737][T11009] do_user_addr_fault+0x4cd/0x940 [ 2090.957746][T11009] exc_page_fault+0x60/0x160 [ 2090.962333][T11009] asm_exc_page_fault+0x22/0x30 [ 2090.967225][T11009] RIP: 0033:0x7fe837f52edc [ 2090.971700][T11009] Code: 2a 59 ff ff 41 39 5c 24 2c 7f d3 31 c0 48 8d 3d c5 20 0b 00 e8 15 59 ff ff 48 8b 44 24 08 c7 44 24 1c ff ff ff ff 44 8b 60 78 80 c8 00 00 00 00 45 85 e4 0f 8e 83 00 00 00 48 8b 44 24 08 8b [ 2090.991364][T11009] RSP: 002b:00007fe837722190 EFLAGS: 00010202 [ 2090.997494][T11009] RAX: 00007fe8380bef60 RBX: 0000000000000003 RCX: 00007fe838013aac [ 2091.005471][T11009] RDX: 00000000001edc09 RSI: 0000000000000000 RDI: 00007fe838004f8b [ 2091.013458][T11009] RBP: 00007fe83800605d R08: 00007ffd96573080 R09: 0000000000000010 [ 2091.021504][T11009] R10: 00007ffd965730b8 R11: 000000000005e476 R12: 0000000000000000 [ 2091.029473][T11009] R13: 00007ffd964f77ff R14: 00007fe837722300 R15: 0000000000022000 [ 2091.037484][T11009] [ 2091.040717][T11009] memory: usage 307200kB, limit 307200kB, failcnt 65258 [ 2091.047679][T11009] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2091.054558][T11009] Memory cgroup stats for /syz4: [ 2091.105348][T11009] anon 94208 [ 2091.105348][T11009] file 126976 [ 2091.105348][T11009] kernel 314351616 [ 2091.105348][T11009] kernel_stack 32768 [ 2091.105348][T11009] pagetables 73728 [ 2091.105348][T11009] percpu 11039616 [ 2091.105348][T11009] sock 0 [ 2091.105348][T11009] vmalloc 0 [ 2091.105348][T11009] shmem 126976 [ 2091.105348][T11009] file_mapped 126976 [ 2091.105348][T11009] file_dirty 0 [ 2091.105348][T11009] file_writeback 0 [ 2091.105348][T11009] swapcached 0 [ 2091.105348][T11009] inactive_anon 163840 [ 2091.105348][T11009] active_anon 57344 [ 2091.105348][T11009] inactive_file 0 [ 2091.105348][T11009] active_file 0 [ 2091.105348][T11009] unevictable 0 [ 2091.105348][T11009] slab_reclaimable 15840 [ 2091.105348][T11009] slab_unreclaimable 303142320 [ 2091.105348][T11009] slab 303158160 [ 2091.105348][T11009] workingset_refault_anon 0 [ 2091.105348][T11009] workingset_refault_file 15 [ 2091.105348][T11009] workingset_activate_anon 0 [ 2091.105348][T11009] workingset_activate_file 0 01:41:21 executing program 1: add_key$fscrypt_provisioning(&(0x7f0000000000), 0x0, 0x0, 0x0, 0xfffffffffffffffd) add_key$fscrypt_provisioning(&(0x7f0000000100), 0x0, 0x0, 0x0, 0xffffffffffffffff) 01:41:21 executing program 3: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000240)=0x1) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4000000010001fff00000000000003aa00000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00ed"], 0x40}}, 0x0) 01:41:21 executing program 5: socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCETHTOOL(r0, 0x89e0, 0x0) 01:41:21 executing program 4: openat2$dir(0xffffffffffffff9c, 0x0, &(0x7f0000000040)={0x0, 0x0, 0x14}, 0x18) [ 2091.201160][T11009] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=11004,uid=0 [ 2091.216615][T11009] Memory cgroup out of memory: Killed process 11004 (syz-executor.4) total-vm:46312kB, anon-rss:388kB, file-rss:8192kB, shmem-rss:0kB, UID:0 pgtables:76kB oom_score_adj:1000 01:41:21 executing program 5: r0 = socket$inet_tcp(0x2, 0x1, 0x0) getsockopt$inet_mreqn(r0, 0x0, 0x60, 0x0, &(0x7f0000000600)) 01:41:21 executing program 1: r0 = socket$inet(0x2, 0xa, 0x0) sendmsg$IPSET_CMD_SWAP(r0, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x500}, 0x0) [ 2091.312548][T11022] syz-executor.4 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 2091.322898][T11022] CPU: 0 PID: 11022 Comm: syz-executor.4 Not tainted 5.19.0-rc6-syzkaller-00104-g72a8e05d4f66-dirty #0 [ 2091.333933][T11022] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 2091.344046][T11022] Call Trace: [ 2091.347345][T11022] [ 2091.350364][T11022] dump_stack_lvl+0xd6/0x122 [ 2091.354970][T11022] dump_stack+0x11/0x12 [ 2091.359137][T11022] dump_header+0x98/0x410 [ 2091.363495][T11022] oom_kill_process+0xfe/0x550 [ 2091.368275][T11022] out_of_memory+0x620/0x880 [ 2091.372942][T11022] mem_cgroup_oom+0x475/0x4f0 [ 2091.377655][T11022] try_charge_memcg+0x746/0x960 [ 2091.382634][T11022] charge_memcg+0x63/0x2c0 [ 2091.387032][T11022] __mem_cgroup_charge+0x25/0xa0 [ 2091.391959][T11022] do_anonymous_page+0x1d6/0xa20 [ 2091.396992][T11022] handle_mm_fault+0x8a0/0xa90 [ 2091.401765][T11022] do_user_addr_fault+0x4cd/0x940 [ 2091.406817][T11022] exc_page_fault+0x60/0x160 [ 2091.411451][T11022] asm_exc_page_fault+0x22/0x30 [ 2091.416478][T11022] RIP: 0033:0x7fe837f5c69f [ 2091.420945][T11022] Code: ff ff 4d 89 cd 48 85 c0 74 19 8b 95 44 ff ff ff 48 29 c6 48 01 c7 e8 80 fb 04 00 85 c0 0f 85 0b 03 00 00 48 8b 85 48 ff ff ff <41> c7 45 18 01 00 00 00 4c 89 ef 49 89 85 90 06 00 00 48 8b 85 50 [ 2091.440641][T11022] RSP: 002b:00007ffd964f77a0 EFLAGS: 00010246 [ 2091.446737][T11022] RAX: 00007fe837702000 RBX: 0000000000021000 RCX: 00007fe837fac217 [ 2091.454721][T11022] RDX: 0000000000000003 RSI: 0000000000020000 RDI: 00007fe837703000 [ 2091.462739][T11022] RBP: 00007ffd964f7870 R08: 00000000ffffffff R09: 00007fe837722700 [ 2091.470715][T11022] R10: 0000000000020022 R11: 0000000000000206 R12: 00007ffd964f7990 [ 2091.478707][T11022] R13: 00007fe837722700 R14: 0000000000000000 R15: 0000000000022000 [ 2091.486753][T11022] [ 2091.490288][T11022] memory: usage 307192kB, limit 307200kB, failcnt 65298 [ 2091.497282][T11022] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2091.504192][T11022] Memory cgroup stats for /syz4: [ 2091.523982][T11022] anon 81920 [ 2091.523982][T11022] file 126976 [ 2091.523982][T11022] kernel 314355712 [ 2091.523982][T11022] kernel_stack 16384 [ 2091.523982][T11022] pagetables 73728 [ 2091.523982][T11022] percpu 11039616 [ 2091.523982][T11022] sock 0 [ 2091.523982][T11022] vmalloc 0 [ 2091.523982][T11022] shmem 126976 [ 2091.523982][T11022] file_mapped 126976 [ 2091.523982][T11022] file_dirty 0 [ 2091.523982][T11022] file_writeback 0 [ 2091.523982][T11022] swapcached 0 [ 2091.523982][T11022] inactive_anon 151552 [ 2091.523982][T11022] active_anon 57344 [ 2091.523982][T11022] inactive_file 0 [ 2091.523982][T11022] active_file 0 [ 2091.523982][T11022] unevictable 0 [ 2091.523982][T11022] slab_reclaimable 33320 [ 2091.523982][T11022] slab_unreclaimable 303144664 [ 2091.523982][T11022] slab 303177984 [ 2091.523982][T11022] workingset_refault_anon 0 [ 2091.523982][T11022] workingset_refault_file 15 [ 2091.523982][T11022] workingset_activate_anon 0 [ 2091.523982][T11022] workingset_activate_file 0 [ 2091.619593][T11022] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=11022,uid=0 [ 2091.635059][T11022] Memory cgroup out of memory: Killed process 11022 (syz-executor.4) total-vm:46312kB, anon-rss:388kB, file-rss:8192kB, shmem-rss:0kB, UID:0 pgtables:76kB oom_score_adj:1000 01:41:22 executing program 2: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000240)=0x1) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4000000010001fff000000000000004a00000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00ed"], 0x40}}, 0x0) 01:41:22 executing program 5: socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCETHTOOL(r0, 0x541b, &(0x7f00000001c0)={'vcan0\x00', 0x0}) 01:41:22 executing program 1: syz_mount_image$ext4(0x0, &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount$tmpfs(0x0, &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x3, 0x0) 01:41:22 executing program 4: prctl$PR_CAPBSET_READ(0x1b, 0x0) 01:41:22 executing program 0: getpid() socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, 0x0, 0x0, 0x2, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4000000010001fff0000003e0000000000000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00edd62ea20a1d331785", @ANYBLOB="f6058f6edd13b339a41741df7cc8ce16a184f1c3ce95557b15a6b9d8ed59050d446d58b1b14a601e31bc1f05ac2d5eab491981e7982e0834ddf3bc6592804936196dbce83b114f9265aa8c87654cf456311e4cba3ee22fd0451b75c902767755ccec2eb4ea77c45e8d4d4e77f867648d98797fdd8711d671c5f22669c60eb10bf9570150a2c247bf1e55cd1fb91e41588a73327e20823f2f15ce2255a75e6d8afb40aa37c5ae7af3fb6c770673242110d1e2c33cfd3264e2a156ae5ee38d5abfb2ad4c2a8a"], 0x40}}, 0x0) 01:41:22 executing program 5: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$BATADV_CMD_GET_MCAST_FLAGS(r0, &(0x7f0000000ec0)={&(0x7f0000000dc0), 0xc, &(0x7f0000000e80)={&(0x7f0000000e40)={0x14}, 0xfd76}, 0xf}, 0x0) 01:41:22 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$BATADV_CMD_GET_MCAST_FLAGS(r0, &(0x7f0000000ec0)={&(0x7f0000000dc0), 0xc, &(0x7f0000000e80)={&(0x7f0000000e40)={0x14}, 0xfd76}, 0x10}, 0x0) [ 2091.930867][T11046] syz-executor.4 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 2091.941109][T11046] CPU: 1 PID: 11046 Comm: syz-executor.4 Not tainted 5.19.0-rc6-syzkaller-00104-g72a8e05d4f66-dirty #0 [ 2091.952194][T11046] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 2091.962236][T11046] Call Trace: [ 2091.965509][T11046] [ 2091.968462][T11046] dump_stack_lvl+0xd6/0x122 [ 2091.973044][T11046] dump_stack+0x11/0x12 [ 2091.977289][T11046] dump_header+0x98/0x410 [ 2091.981686][T11046] oom_kill_process+0xfe/0x550 [ 2091.986445][T11046] out_of_memory+0x620/0x880 [ 2091.991035][T11046] mem_cgroup_oom+0x475/0x4f0 [ 2091.995707][T11046] try_charge_memcg+0x746/0x960 [ 2092.000544][T11046] charge_memcg+0x63/0x2c0 [ 2092.004953][T11046] __mem_cgroup_charge+0x25/0xa0 [ 2092.009980][T11046] wp_page_copy+0x20f/0x1460 [ 2092.014629][T11046] do_wp_page+0x76f/0xe10 [ 2092.018960][T11046] handle_mm_fault+0x5fb/0xa90 [ 2092.023775][T11046] do_user_addr_fault+0x4cd/0x940 [ 2092.028847][T11046] exc_page_fault+0x60/0x160 [ 2092.033513][T11046] asm_exc_page_fault+0x22/0x30 [ 2092.038368][T11046] RIP: 0033:0x7fe837f52edc [ 2092.042777][T11046] Code: 2a 59 ff ff 41 39 5c 24 2c 7f d3 31 c0 48 8d 3d c5 20 0b 00 e8 15 59 ff ff 48 8b 44 24 08 c7 44 24 1c ff ff ff ff 44 8b 60 78 80 c8 00 00 00 00 45 85 e4 0f 8e 83 00 00 00 48 8b 44 24 08 8b [ 2092.062431][T11046] RSP: 002b:00007fe837722190 EFLAGS: 00010202 [ 2092.068534][T11046] RAX: 00007fe8380bef60 RBX: 0000000000000002 RCX: 00007fe8380103cb [ 2092.076497][T11046] RDX: 00000000001ee041 RSI: 0000000000000000 RDI: 00007fe838004f8b [ 2092.084465][T11046] RBP: 00007fe83800605d R08: 00007ffd96573080 R09: 0000000000000010 [ 2092.092430][T11046] R10: 00007ffd965730b8 R11: 000000000005e520 R12: 0000000000000000 [ 2092.100538][T11046] R13: 00007ffd964f77ff R14: 00007fe837722300 R15: 0000000000022000 [ 2092.108534][T11046] [ 2092.111559][T11046] memory: usage 307200kB, limit 307200kB, failcnt 65347 [ 2092.118526][T11046] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2092.125380][T11046] Memory cgroup stats for /syz4: [ 2092.127547][T11046] anon 94208 [ 2092.127547][T11046] file 126976 [ 2092.127547][T11046] kernel 314351616 [ 2092.127547][T11046] kernel_stack 32768 [ 2092.127547][T11046] pagetables 69632 [ 2092.127547][T11046] percpu 11039616 [ 2092.127547][T11046] sock 0 [ 2092.127547][T11046] vmalloc 0 [ 2092.127547][T11046] shmem 126976 [ 2092.127547][T11046] file_mapped 126976 [ 2092.127547][T11046] file_dirty 0 [ 2092.127547][T11046] file_writeback 0 [ 2092.127547][T11046] swapcached 0 [ 2092.127547][T11046] inactive_anon 159744 [ 2092.127547][T11046] active_anon 57344 [ 2092.127547][T11046] inactive_file 0 [ 2092.127547][T11046] active_file 0 [ 2092.127547][T11046] unevictable 0 [ 2092.127547][T11046] slab_reclaimable 21744 [ 2092.127547][T11046] slab_unreclaimable 303142584 [ 2092.127547][T11046] slab 303164328 [ 2092.127547][T11046] workingset_refault_anon 0 [ 2092.127547][T11046] workingset_refault_file 15 [ 2092.127547][T11046] workingset_activate_anon 0 [ 2092.127547][T11046] workingset_activate_file 0 [ 2092.223416][T11046] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=11039,uid=0 [ 2092.238746][T11046] Memory cgroup out of memory: Killed process 11039 (syz-executor.4) total-vm:46312kB, anon-rss:388kB, file-rss:8192kB, shmem-rss:0kB, UID:0 pgtables:72kB oom_score_adj:1000 01:41:22 executing program 5: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$BATADV_CMD_GET_MCAST_FLAGS(r0, &(0x7f0000000ec0)={0x0, 0x0, &(0x7f0000000e80)={0x0}, 0x1, 0x0, 0xf0}, 0x0) 01:41:22 executing program 3: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000240)=0x1) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4000000010001fff00000000000001ae00000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00ed"], 0x40}}, 0x0) 01:41:22 executing program 1: perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x8, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) ftruncate(r0, 0x800) lseek(r0, 0x200, 0x0) r1 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x10000) ioctl$EXT4_IOC_MOVE_EXT(0xffffffffffffffff, 0xc028660f, 0x0) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) memfd_create(&(0x7f00000003c0)='\xff\x00l\x1e\xa0 [ 2092.449634][T11053] dump_stack_lvl+0xd6/0x122 [ 2092.454288][T11053] dump_stack+0x11/0x12 [ 2092.458557][T11053] dump_header+0x98/0x410 [ 2092.462988][T11053] oom_kill_process+0xfe/0x550 [ 2092.467761][T11053] out_of_memory+0x620/0x880 [ 2092.472371][T11053] mem_cgroup_oom+0x475/0x4f0 [ 2092.477040][T11053] try_charge_memcg+0x746/0x960 [ 2092.481883][T11053] charge_memcg+0x63/0x2c0 [ 2092.486335][T11053] __mem_cgroup_charge+0x25/0xa0 [ 2092.491269][T11053] wp_page_copy+0x20f/0x1460 [ 2092.495926][T11053] ? shrink_zones+0x525/0x5d0 [ 2092.500619][T11053] do_wp_page+0x76f/0xe10 [ 2092.504997][T11053] handle_mm_fault+0x5fb/0xa90 [ 2092.509766][T11053] do_user_addr_fault+0x4cd/0x940 [ 2092.514947][T11053] exc_page_fault+0x60/0x160 [ 2092.519545][T11053] asm_exc_page_fault+0x22/0x30 [ 2092.524482][T11053] RIP: 0033:0x7fe837f5c6e2 [ 2092.528888][T11053] Code: 49 89 85 98 06 00 00 48 8b 85 70 ff ff ff 49 89 85 a0 06 00 00 49 8d 85 10 03 00 00 49 89 85 10 05 00 00 48 8b 05 46 bd 09 01 00 01 00 00 00 41 c7 85 1c 06 00 00 ff ff ff ff c7 05 43 fd 09 [ 2092.548492][T11053] RSP: 002b:00007ffd964f77a0 EFLAGS: 00010246 [ 2092.554642][T11053] RAX: 00007fe838ffd358 RBX: 0000000000021000 RCX: 00007fe837fac217 [ 2092.562625][T11053] RDX: 0000000000000003 RSI: 0000000000020000 RDI: 00007fe837722700 [ 2092.570646][T11053] RBP: 00007ffd964f7870 R08: 00000000ffffffff R09: 00007fe837722700 [ 2092.578699][T11053] R10: 0000000000020022 R11: 0000000000000206 R12: 00007ffd964f7990 [ 2092.586733][T11053] R13: 00007fe837722700 R14: 0000000000000000 R15: 0000000000022000 [ 2092.594773][T11053] [ 2092.597835][T11053] memory: usage 307172kB, limit 307200kB, failcnt 65382 [ 2092.604782][T11053] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2092.611821][T11053] Memory cgroup stats for /syz4: [ 2092.613939][T11053] anon 86016 [ 2092.613939][T11053] file 126976 [ 2092.613939][T11053] kernel 314331136 [ 2092.613939][T11053] kernel_stack 16384 [ 2092.613939][T11053] pagetables 73728 [ 2092.613939][T11053] percpu 11039616 [ 2092.613939][T11053] sock 0 [ 2092.613939][T11053] vmalloc 0 [ 2092.613939][T11053] shmem 126976 [ 2092.613939][T11053] file_mapped 126976 [ 2092.613939][T11053] file_dirty 0 [ 2092.613939][T11053] file_writeback 0 [ 2092.613939][T11053] swapcached 0 [ 2092.613939][T11053] inactive_anon 155648 [ 2092.613939][T11053] active_anon 57344 [ 2092.613939][T11053] inactive_file 0 [ 2092.613939][T11053] active_file 0 [ 2092.613939][T11053] unevictable 0 [ 2092.613939][T11053] slab_reclaimable 15840 [ 2092.613939][T11053] slab_unreclaimable 303138136 [ 2092.613939][T11053] slab 303153976 [ 2092.613939][T11053] workingset_refault_anon 0 [ 2092.613939][T11053] workingset_refault_file 15 [ 2092.613939][T11053] workingset_activate_anon 0 [ 2092.613939][T11053] workingset_activate_file 0 [ 2092.709588][T11053] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=11053,uid=0 [ 2092.724961][T11053] Memory cgroup out of memory: Killed process 11053 (syz-executor.4) total-vm:46312kB, anon-rss:388kB, file-rss:8192kB, shmem-rss:0kB, UID:0 pgtables:76kB oom_score_adj:1000 01:41:23 executing program 5: r0 = syz_genetlink_get_family_id$devlink(&(0x7f0000000080), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$DEVLINK_CMD_SB_PORT_POOL_SET(r1, &(0x7f0000000980)={&(0x7f00000007c0), 0xc, &(0x7f0000000940)={&(0x7f0000000800)={0x14, r0, 0x1}, 0x14}}, 0x0) 01:41:23 executing program 4: socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCETHTOOL(r0, 0x8904, &(0x7f00000001c0)={'vcan0\x00', 0x0}) 01:41:23 executing program 0: getpid() socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, 0x0, 0x0, 0x2, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4000000010001fff0000023e0000000000000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00edd62ea20a1d331785", @ANYBLOB="f6058f6edd13b339a41741df7cc8ce16a184f1c3ce95557b15a6b9d8ed59050d446d58b1b14a601e31bc1f05ac2d5eab491981e7982e0834ddf3bc6592804936196dbce83b114f9265aa8c87654cf456311e4cba3ee22fd0451b75c902767755ccec2eb4ea77c45e8d4d4e77f867648d98797fdd8711d671c5f22669c60eb10bf9570150a2c247bf1e55cd1fb91e41588a73327e20823f2f15ce2255a75e6d8afb40aa37c5ae7af3fb6c770673242110d1e2c33cfd3264e2a156ae5ee38d5abfb2ad4c2a8a"], 0x40}}, 0x0) 01:41:23 executing program 2: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000240)=0x1) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4000000010001fff000000000000004c00000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00ed"], 0x40}}, 0x0) 01:41:23 executing program 5: socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff}) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000000)={'lo\x00', &(0x7f0000000080)=@ethtool_per_queue_op={0x4b, 0xe}}) [ 2093.056147][T11070] syz-executor.4 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 2093.066466][T11070] CPU: 1 PID: 11070 Comm: syz-executor.4 Not tainted 5.19.0-rc6-syzkaller-00104-g72a8e05d4f66-dirty #0 [ 2093.077494][T11070] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 2093.087574][T11070] Call Trace: [ 2093.090839][T11070] [ 2093.093758][T11070] dump_stack_lvl+0xd6/0x122 [ 2093.098354][T11070] dump_stack+0x11/0x12 [ 2093.102577][T11070] dump_header+0x98/0x410 [ 2093.106911][T11070] oom_kill_process+0xfe/0x550 [ 2093.111701][T11070] out_of_memory+0x620/0x880 [ 2093.116280][T11070] mem_cgroup_oom+0x475/0x4f0 [ 2093.121034][T11070] try_charge_memcg+0x746/0x960 [ 2093.125904][T11070] charge_memcg+0x63/0x2c0 [ 2093.130345][T11070] __mem_cgroup_charge+0x25/0xa0 [ 2093.135294][T11070] wp_page_copy+0x20f/0x1460 [ 2093.139912][T11070] do_wp_page+0x76f/0xe10 [ 2093.144297][T11070] handle_mm_fault+0x5fb/0xa90 [ 2093.149169][T11070] do_user_addr_fault+0x4cd/0x940 [ 2093.154235][T11070] exc_page_fault+0x60/0x160 [ 2093.158906][T11070] asm_exc_page_fault+0x22/0x30 [ 2093.163742][T11070] RIP: 0033:0x7fe837f52edc [ 2093.168139][T11070] Code: 2a 59 ff ff 41 39 5c 24 2c 7f d3 31 c0 48 8d 3d c5 20 0b 00 e8 15 59 ff ff 48 8b 44 24 08 c7 44 24 1c ff ff ff ff 44 8b 60 78 80 c8 00 00 00 00 45 85 e4 0f 8e 83 00 00 00 48 8b 44 24 08 8b [ 2093.187793][T11070] RSP: 002b:00007fe837722190 EFLAGS: 00010202 [ 2093.193851][T11070] RAX: 00007fe8380bef60 RBX: 0000000000000004 RCX: 00007fe838013c85 [ 2093.201875][T11070] RDX: 00000000001ee4a6 RSI: 0000000020000040 RDI: 00007fe838004f8b [ 2093.209831][T11070] RBP: 00007fe83800605d R08: 00007ffd96573080 R09: 0000000000000010 [ 2093.217815][T11070] R10: 00007ffd965730b8 R11: 000000000005e5ec R12: 0000000000000000 [ 2093.225781][T11070] R13: 00007ffd964f77ff R14: 00007fe837722300 R15: 0000000000022000 [ 2093.233838][T11070] [ 2093.236960][T11070] memory: usage 307196kB, limit 307200kB, failcnt 65441 [ 2093.243952][T11070] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2093.250965][T11070] Memory cgroup stats for /syz4: [ 2093.272721][T11070] anon 94208 [ 2093.272721][T11070] file 126976 [ 2093.272721][T11070] kernel 314351616 [ 2093.272721][T11070] kernel_stack 32768 [ 2093.272721][T11070] pagetables 73728 [ 2093.272721][T11070] percpu 11039616 [ 2093.272721][T11070] sock 0 [ 2093.272721][T11070] vmalloc 0 [ 2093.272721][T11070] shmem 126976 [ 2093.272721][T11070] file_mapped 126976 [ 2093.272721][T11070] file_dirty 0 [ 2093.272721][T11070] file_writeback 0 [ 2093.272721][T11070] swapcached 0 [ 2093.272721][T11070] inactive_anon 163840 [ 2093.272721][T11070] active_anon 57344 [ 2093.272721][T11070] inactive_file 0 [ 2093.272721][T11070] active_file 0 [ 2093.272721][T11070] unevictable 0 [ 2093.272721][T11070] slab_reclaimable 15840 [ 2093.272721][T11070] slab_unreclaimable 303142320 [ 2093.272721][T11070] slab 303158160 [ 2093.272721][T11070] workingset_refault_anon 0 [ 2093.272721][T11070] workingset_refault_file 15 [ 2093.272721][T11070] workingset_activate_anon 0 [ 2093.272721][T11070] workingset_activate_file 0 [ 2093.368419][T11070] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=11063,uid=0 [ 2093.383765][T11070] Memory cgroup out of memory: Killed process 11063 (syz-executor.4) total-vm:46312kB, anon-rss:388kB, file-rss:8192kB, shmem-rss:0kB, UID:0 pgtables:76kB oom_score_adj:1000 01:41:23 executing program 3: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000240)=0x1) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4000000010001fff00000000000003b000000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00ed"], 0x40}}, 0x0) 01:41:23 executing program 1: syz_mount_image$ext4(0x0, &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount$tmpfs(0x0, &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x0, 0x0) openat2$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)={0x0, 0x0, 0xc}, 0x18) 01:41:23 executing program 5: syz_mount_image$ext4(0x0, &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount$tmpfs(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000100)={[{@nr_inodes={'nr_inodes', 0x3d, [0x35]}}], [{@smackfsdef}]}) 01:41:23 executing program 4: syz_mount_image$ext4(0x0, &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) statx(0xffffffffffffff9c, &(0x7f00000003c0)='./file0\x00', 0x0, 0x853, &(0x7f0000000400)) 01:41:23 executing program 5: syz_mount_image$ext4(0x0, &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount$tmpfs(0x0, &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x0, 0x0) openat2$dir(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', &(0x7f00000000c0)={0x0, 0x0, 0x4}, 0x18) [ 2093.542599][T11082] tmpfs: Unknown parameter 'smackfsdef' [ 2093.548398][T11080] syz-executor.4 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=1, oom_score_adj=1000 [ 2093.558635][T11080] CPU: 0 PID: 11080 Comm: syz-executor.4 Not tainted 5.19.0-rc6-syzkaller-00104-g72a8e05d4f66-dirty #0 [ 2093.569682][T11080] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 2093.579785][T11080] Call Trace: [ 2093.583066][T11080] [ 2093.586057][T11080] dump_stack_lvl+0xd6/0x122 [ 2093.590740][T11080] dump_stack+0x11/0x12 [ 2093.594901][T11080] dump_header+0x98/0x410 [ 2093.599279][T11080] oom_kill_process+0xfe/0x550 [ 2093.604050][T11080] out_of_memory+0x620/0x880 [ 2093.608724][T11080] mem_cgroup_oom+0x475/0x4f0 [ 2093.613408][T11080] try_charge_memcg+0x746/0x960 [ 2093.618265][T11080] obj_cgroup_charge+0x171/0x2b0 [ 2093.623214][T11080] kmem_cache_alloc_node+0xa5/0x2c0 [ 2093.628446][T11080] ? dup_task_struct+0x5b/0x2a0 [ 2093.633338][T11080] dup_task_struct+0x5b/0x2a0 [ 2093.638086][T11080] copy_process+0x3cb/0x20b0 [ 2093.642709][T11080] ? hrtimer_wakeup+0x37/0x50 [ 2093.647465][T11080] ? __run_hrtimer+0x420/0x420 [ 2093.652234][T11080] ? ktime_get+0x1b0/0x1e0 [ 2093.656650][T11080] ? __this_cpu_preempt_check+0xf/0x10 [ 2093.662185][T11080] kernel_clone+0x163/0x5c0 [ 2093.666700][T11080] __x64_sys_clone+0xc3/0xf0 [ 2093.671310][T11080] do_syscall_64+0x2b/0x70 [ 2093.675784][T11080] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 2093.681746][T11080] RIP: 0033:0x7fe837fad531 [ 2093.686237][T11080] Code: 48 85 ff 74 3d 48 85 f6 74 38 48 83 ee 10 48 89 4e 08 48 89 3e 48 89 d7 4c 89 c2 4d 89 c8 4c 8b 54 24 08 b8 38 00 00 00 0f 05 <48> 85 c0 7c 13 74 01 c3 31 ed 58 5f ff d0 48 89 c7 b8 3c 00 00 00 [ 2093.705875][T11080] RSP: 002b:00007ffd964f7748 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 2093.714343][T11080] RAX: ffffffffffffffda RBX: 00007fe837722700 RCX: 00007fe837fad531 [ 2093.722326][T11080] RDX: 00007fe8377229d0 RSI: 00007fe8377222f0 RDI: 00000000003d0f00 [ 2093.730296][T11080] RBP: 00007ffd964f7990 R08: 00007fe837722700 R09: 00007fe837722700 [ 2093.738387][T11080] R10: 00007fe8377229d0 R11: 0000000000000206 R12: 00007ffd964f77fe [ 2093.746357][T11080] R13: 00007ffd964f77ff R14: 00007fe837722300 R15: 0000000000022000 [ 2093.754366][T11080] [ 2093.757521][T11080] memory: usage 307192kB, limit 307200kB, failcnt 65497 [ 2093.764513][T11080] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2093.771429][T11080] Memory cgroup stats for /syz4: [ 2093.787976][T11080] anon 94208 [ 2093.787976][T11080] file 126976 [ 2093.787976][T11080] kernel 314339328 [ 2093.787976][T11080] kernel_stack 16384 [ 2093.787976][T11080] pagetables 73728 [ 2093.787976][T11080] percpu 11039616 [ 2093.787976][T11080] sock 0 [ 2093.787976][T11080] vmalloc 0 [ 2093.787976][T11080] shmem 126976 [ 2093.787976][T11080] file_mapped 126976 [ 2093.787976][T11080] file_dirty 0 [ 2093.787976][T11080] file_writeback 0 [ 2093.787976][T11080] swapcached 0 [ 2093.787976][T11080] inactive_anon 163840 [ 2093.787976][T11080] active_anon 57344 [ 2093.787976][T11080] inactive_file 0 [ 2093.787976][T11080] active_file 0 [ 2093.787976][T11080] unevictable 0 [ 2093.787976][T11080] slab_reclaimable 32624 [ 2093.787976][T11080] slab_unreclaimable 303133624 [ 2093.787976][T11080] slab 303166248 [ 2093.787976][T11080] workingset_refault_anon 0 [ 2093.787976][T11080] workingset_refault_file 15 [ 2093.787976][T11080] workingset_activate_anon 0 [ 2093.787976][T11080] workingset_activate_file 0 [ 2093.884211][T11080] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=11080,uid=0 [ 2093.899482][T11080] Memory cgroup out of memory: Killed process 11080 (syz-executor.4) total-vm:46312kB, anon-rss:388kB, file-rss:8192kB, shmem-rss:0kB, UID:0 pgtables:76kB oom_score_adj:1000 01:41:24 executing program 4: perf_event_open$cgroup(&(0x7f00000000c0)={0x0, 0xfffffea4}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 01:41:24 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_buf(r0, 0x6, 0x3, &(0x7f0000000000)="71351048", 0x4) 01:41:24 executing program 0: getpid() socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, 0x0, 0x0, 0x2, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4000000010001fff0000003f0000000000000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00edd62ea20a1d331785", @ANYBLOB="f6058f6edd13b339a41741df7cc8ce16a184f1c3ce95557b15a6b9d8ed59050d446d58b1b14a601e31bc1f05ac2d5eab491981e7982e0834ddf3bc6592804936196dbce83b114f9265aa8c87654cf456311e4cba3ee22fd0451b75c902767755ccec2eb4ea77c45e8d4d4e77f867648d98797fdd8711d671c5f22669c60eb10bf9570150a2c247bf1e55cd1fb91e41588a73327e20823f2f15ce2255a75e6d8afb40aa37c5ae7af3fb6c770673242110d1e2c33cfd3264e2a156ae5ee38d5abfb2ad4c2a8a"], 0x40}}, 0x0) 01:41:24 executing program 5: prctl$PR_CAPBSET_READ(0x7, 0x0) 01:41:24 executing program 5: syz_mount_image$ext4(0x0, &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount$tmpfs(0x0, &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x0, 0x0) mount$9p_unix(0x0, &(0x7f00000017c0)='./file0\x00', 0x0, 0x80000, 0x0) [ 2094.035356][T11088] syz-executor.4 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 2094.045719][T11088] CPU: 0 PID: 11088 Comm: syz-executor.4 Not tainted 5.19.0-rc6-syzkaller-00104-g72a8e05d4f66-dirty #0 [ 2094.056926][T11088] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 2094.066988][T11088] Call Trace: [ 2094.070272][T11088] [ 2094.073274][T11088] dump_stack_lvl+0xd6/0x122 [ 2094.077958][T11088] dump_stack+0x11/0x12 [ 2094.082155][T11088] dump_header+0x98/0x410 [ 2094.086539][T11088] oom_kill_process+0xfe/0x550 [ 2094.091285][T11088] out_of_memory+0x620/0x880 [ 2094.095897][T11088] mem_cgroup_oom+0x475/0x4f0 [ 2094.100634][T11088] try_charge_memcg+0x746/0x960 [ 2094.105557][T11088] __memcg_kmem_charge_page+0x2e4/0x480 [ 2094.111166][T11088] alloc_thread_stack_node+0x101/0x360 [ 2094.116734][T11088] dup_task_struct+0x96/0x2a0 [ 2094.121477][T11088] copy_process+0x3cb/0x20b0 [ 2094.126074][T11088] kernel_clone+0x163/0x5c0 [ 2094.130620][T11088] __x64_sys_clone+0xc3/0xf0 [ 2094.135197][T11088] do_syscall_64+0x2b/0x70 [ 2094.139681][T11088] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 2094.145590][T11088] RIP: 0033:0x7fe837fad531 [ 2094.149989][T11088] Code: 48 85 ff 74 3d 48 85 f6 74 38 48 83 ee 10 48 89 4e 08 48 89 3e 48 89 d7 4c 89 c2 4d 89 c8 4c 8b 54 24 08 b8 38 00 00 00 0f 05 <48> 85 c0 7c 13 74 01 c3 31 ed 58 5f ff d0 48 89 c7 b8 3c 00 00 00 [ 2094.169777][T11088] RSP: 002b:00007ffd964f7748 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 2094.178223][T11088] RAX: ffffffffffffffda RBX: 00007fe837722700 RCX: 00007fe837fad531 [ 2094.186971][T11088] RDX: 00007fe8377229d0 RSI: 00007fe8377222f0 RDI: 00000000003d0f00 [ 2094.194987][T11088] RBP: 00007ffd964f7990 R08: 00007fe837722700 R09: 00007fe837722700 [ 2094.202951][T11088] R10: 00007fe8377229d0 R11: 0000000000000206 R12: 00007ffd964f77fe [ 2094.211031][T11088] R13: 00007ffd964f77ff R14: 00007fe837722300 R15: 0000000000022000 [ 2094.218993][T11088] [ 2094.222080][T11088] memory: usage 307200kB, limit 307200kB, failcnt 65568 [ 2094.229331][T11088] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2094.236216][T11088] Memory cgroup stats for /syz4: [ 2094.237783][T11088] anon 94208 [ 2094.237783][T11088] file 126976 [ 2094.237783][T11088] kernel 314347520 [ 2094.237783][T11088] kernel_stack 16384 [ 2094.237783][T11088] pagetables 73728 [ 2094.237783][T11088] percpu 11039616 [ 2094.237783][T11088] sock 0 [ 2094.237783][T11088] vmalloc 0 [ 2094.237783][T11088] shmem 126976 [ 2094.237783][T11088] file_mapped 126976 [ 2094.237783][T11088] file_dirty 0 [ 2094.237783][T11088] file_writeback 0 [ 2094.237783][T11088] swapcached 0 [ 2094.237783][T11088] inactive_anon 163840 [ 2094.237783][T11088] active_anon 57344 [ 2094.237783][T11088] inactive_file 0 [ 2094.237783][T11088] active_file 0 [ 2094.237783][T11088] unevictable 0 [ 2094.237783][T11088] slab_reclaimable 15840 [ 2094.237783][T11088] slab_unreclaimable 303142304 [ 2094.237783][T11088] slab 303158144 [ 2094.237783][T11088] workingset_refault_anon 0 [ 2094.237783][T11088] workingset_refault_file 15 [ 2094.237783][T11088] workingset_activate_anon 0 [ 2094.237783][T11088] workingset_activate_file 0 01:41:24 executing program 2: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000240)=0x1) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4000000010001fff000000000000025800000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00ed"], 0x40}}, 0x0) 01:41:24 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_buf(r0, 0x6, 0xd, &(0x7f0000000000)='q', 0x1) [ 2094.333470][T11088] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=11088,uid=0 [ 2094.348834][T11088] Memory cgroup out of memory: Killed process 11088 (syz-executor.4) total-vm:46312kB, anon-rss:388kB, file-rss:8192kB, shmem-rss:0kB, UID:0 pgtables:76kB oom_score_adj:1000 01:41:24 executing program 3: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000240)=0x1) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4000000010001fff00000000000003b600000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00ed"], 0x40}}, 0x0) 01:41:24 executing program 5: readlinkat(0xffffffffffffffff, &(0x7f0000000240)='\x00', &(0x7f0000000280)=""/21, 0x15) 01:41:24 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) pipe(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_int(r2, 0x6, 0x10000000013, &(0x7f0000000200)=0x1, 0x4) setsockopt$sock_timeval(r2, 0x1, 0x15, &(0x7f0000000040)={0x0, 0x2710}, 0x10) setsockopt$SO_BINDTODEVICE(r2, 0x1, 0x19, &(0x7f0000000000)='vcan0\x00', 0x10) connect$inet(r2, &(0x7f00000000c0)={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10) setsockopt$inet_tcp_TCP_REPAIR_WINDOW(r2, 0x6, 0x1d, &(0x7f0000000100)={0x0, 0x81, 0x1fe}, 0x14) write$binfmt_misc(r1, &(0x7f0000002400)=ANY=[], 0xff01) splice(r0, 0x0, r2, 0x0, 0x10003, 0x0) 01:41:24 executing program 1: socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCETHTOOL(r0, 0x80108906, 0x0) 01:41:24 executing program 0: getpid() socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, 0x0, 0x0, 0x2, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4000000010001fff000000400000000000000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00edd62ea20a1d331785", @ANYBLOB="f6058f6edd13b339a41741df7cc8ce16a184f1c3ce95557b15a6b9d8ed59050d446d58b1b14a601e31bc1f05ac2d5eab491981e7982e0834ddf3bc6592804936196dbce83b114f9265aa8c87654cf456311e4cba3ee22fd0451b75c902767755ccec2eb4ea77c45e8d4d4e77f867648d98797fdd8711d671c5f22669c60eb10bf9570150a2c247bf1e55cd1fb91e41588a73327e20823f2f15ce2255a75e6d8afb40aa37c5ae7af3fb6c770673242110d1e2c33cfd3264e2a156ae5ee38d5abfb2ad4c2a8a"], 0x40}}, 0x0) [ 2094.573160][T11108] syz-executor.4 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=0, oom_score_adj=1000 [ 2094.585329][T11108] CPU: 1 PID: 11108 Comm: syz-executor.4 Not tainted 5.19.0-rc6-syzkaller-00104-g72a8e05d4f66-dirty #0 [ 2094.596367][T11108] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 2094.606444][T11108] Call Trace: [ 2094.609728][T11108] [ 2094.612665][T11108] dump_stack_lvl+0xd6/0x122 [ 2094.617263][T11108] dump_stack+0x11/0x12 [ 2094.621463][T11108] dump_header+0x98/0x410 [ 2094.625874][T11108] oom_kill_process+0xfe/0x550 [ 2094.630681][T11108] out_of_memory+0x620/0x880 [ 2094.635367][T11108] mem_cgroup_oom+0x475/0x4f0 [ 2094.640059][T11108] try_charge_memcg+0x746/0x960 [ 2094.644916][T11108] ? __rcu_read_unlock+0x4a/0x70 [ 2094.649930][T11108] obj_cgroup_charge+0x171/0x2b0 [ 2094.654872][T11108] kmem_cache_alloc_trace+0x9d/0x320 [ 2094.660161][T11108] ? copy_semundo+0x8a/0x170 [ 2094.664771][T11108] copy_semundo+0x8a/0x170 [ 2094.669203][T11108] copy_process+0xcd8/0x20b0 [ 2094.673925][T11108] kernel_clone+0x163/0x5c0 [ 2094.678507][T11108] __x64_sys_clone+0xc3/0xf0 [ 2094.683157][T11108] do_syscall_64+0x2b/0x70 [ 2094.687628][T11108] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 2094.693524][T11108] RIP: 0033:0x7fe837fad531 [ 2094.698008][T11108] Code: 48 85 ff 74 3d 48 85 f6 74 38 48 83 ee 10 48 89 4e 08 48 89 3e 48 89 d7 4c 89 c2 4d 89 c8 4c 8b 54 24 08 b8 38 00 00 00 0f 05 <48> 85 c0 7c 13 74 01 c3 31 ed 58 5f ff d0 48 89 c7 b8 3c 00 00 00 01:41:25 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_buf(r0, 0x0, 0x29, &(0x7f0000000000)="713510480af65f9fdf243c64743ccdae", 0x5000) 01:41:25 executing program 5: syz_mount_image$ext4(0x0, &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) lsetxattr$trusted_overlay_origin(&(0x7f0000000000)='./file0\x00', &(0x7f0000000100), 0x0, 0x0, 0x0) lsetxattr$trusted_overlay_origin(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0), 0x0, 0x0, 0x1) [ 2094.717648][T11108] RSP: 002b:00007ffd964f7748 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 2094.726072][T11108] RAX: ffffffffffffffda RBX: 00007fe837722700 RCX: 00007fe837fad531 [ 2094.734060][T11108] RDX: 00007fe8377229d0 RSI: 00007fe8377222f0 RDI: 00000000003d0f00 [ 2094.742043][T11108] RBP: 00007ffd964f7990 R08: 00007fe837722700 R09: 00007fe837722700 [ 2094.750064][T11108] R10: 00007fe8377229d0 R11: 0000000000000206 R12: 00007ffd964f77fe [ 2094.758083][T11108] R13: 00007ffd964f77ff R14: 00007fe837722300 R15: 0000000000022000 [ 2094.766082][T11108] [ 2094.769323][T11108] memory: usage 307200kB, limit 307200kB, failcnt 65634 [ 2094.776352][T11108] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2094.783231][T11108] Memory cgroup stats for /syz4: [ 2094.797347][T11108] anon 94208 [ 2094.797347][T11108] file 126976 [ 2094.797347][T11108] kernel 314351616 [ 2094.797347][T11108] kernel_stack 32768 [ 2094.797347][T11108] pagetables 73728 [ 2094.797347][T11108] percpu 11039616 [ 2094.797347][T11108] sock 0 [ 2094.797347][T11108] vmalloc 0 [ 2094.797347][T11108] shmem 126976 [ 2094.797347][T11108] file_mapped 126976 [ 2094.797347][T11108] file_dirty 0 [ 2094.797347][T11108] file_writeback 0 [ 2094.797347][T11108] swapcached 0 [ 2094.797347][T11108] inactive_anon 163840 [ 2094.797347][T11108] active_anon 57344 [ 2094.797347][T11108] inactive_file 0 [ 2094.797347][T11108] active_file 0 [ 2094.797347][T11108] unevictable 0 [ 2094.797347][T11108] slab_reclaimable 15840 [ 2094.797347][T11108] slab_unreclaimable 303142304 [ 2094.797347][T11108] slab 303158144 [ 2094.797347][T11108] workingset_refault_anon 0 [ 2094.797347][T11108] workingset_refault_file 15 [ 2094.797347][T11108] workingset_activate_anon 0 [ 2094.797347][T11108] workingset_activate_file 0 [ 2094.893147][T11108] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=11108,uid=0 01:41:25 executing program 4: syz_mount_image$ext4(0x0, &(0x7f0000000080)='./file0\x00', 0x0, 0xfffffffffffffec0, 0x0, 0x0, 0x0) mknod(&(0x7f0000000040)='./file0/file0\x00', 0x0, 0x0) mknod(&(0x7f00000000c0)='./file0/file0/file0\x00', 0x0, 0x0) [ 2094.908520][T11108] Memory cgroup out of memory: Killed process 11108 (syz-executor.4) total-vm:46312kB, anon-rss:388kB, file-rss:8192kB, shmem-rss:0kB, UID:0 pgtables:76kB oom_score_adj:1000 01:41:25 executing program 5: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_buf(r0, 0x6, 0x18, &(0x7f0000000000)="71351048", 0x4) 01:41:25 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_buf(r0, 0x6, 0x8, &(0x7f0000000000)='\x00\x00\x00\x00', 0x4) [ 2095.058357][T11124] syz-executor.4 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 2095.069819][T11124] CPU: 1 PID: 11124 Comm: syz-executor.4 Not tainted 5.19.0-rc6-syzkaller-00104-g72a8e05d4f66-dirty #0 [ 2095.080888][T11124] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 2095.090948][T11124] Call Trace: [ 2095.094224][T11124] [ 2095.097211][T11124] dump_stack_lvl+0xd6/0x122 [ 2095.101804][T11124] dump_stack+0x11/0x12 [ 2095.105956][T11124] dump_header+0x98/0x410 [ 2095.110350][T11124] oom_kill_process+0xfe/0x550 [ 2095.115130][T11124] out_of_memory+0x620/0x880 [ 2095.119767][T11124] mem_cgroup_oom+0x475/0x4f0 [ 2095.124522][T11124] try_charge_memcg+0x746/0x960 [ 2095.129446][T11124] charge_memcg+0x63/0x2c0 [ 2095.133924][T11124] __mem_cgroup_charge+0x25/0xa0 [ 2095.138908][T11124] wp_page_copy+0x20f/0x1460 [ 2095.143498][T11124] do_wp_page+0x76f/0xe10 [ 2095.147832][T11124] handle_mm_fault+0x5fb/0xa90 [ 2095.152593][T11124] do_user_addr_fault+0x4cd/0x940 [ 2095.157630][T11124] exc_page_fault+0x60/0x160 [ 2095.162291][T11124] asm_exc_page_fault+0x22/0x30 [ 2095.167251][T11124] RIP: 0033:0x7fe837f7b0d1 [ 2095.171725][T11124] Code: 11 00 4c 29 e8 4b 8d 0c 2f 48 8b 6c 24 18 48 39 d3 48 89 4b 60 0f 95 c2 48 83 c8 01 0f b6 d2 48 c1 e2 02 4c 09 ea 48 83 ca 01 <49> 89 57 08 48 89 41 08 49 83 c7 10 eb b3 48 8d 3d ca de 09 00 e8 [ 2095.191330][T11124] RSP: 002b:00007ffd964f76a0 EFLAGS: 00010206 [ 2095.197397][T11124] RAX: 0000000000020801 RBX: 00007fe8380925e0 RCX: 00005555560a2800 [ 2095.205364][T11124] RDX: 0000000000000121 RSI: 0000000000000000 RDI: 0000000000000004 [ 2095.213333][T11124] RBP: 0000000000000110 R08: 0000000000000003 R09: 00007fe838092640 [ 2095.221312][T11124] R10: 0000000000020022 R11: 0000000000000120 R12: 0000000000000010 [ 2095.229276][T11124] R13: 0000000000000120 R14: 0000000000000012 R15: 00005555560a26e0 [ 2095.237275][T11124] [ 2095.240404][T11124] memory: usage 307180kB, limit 307200kB, failcnt 65684 [ 2095.247398][T11124] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2095.254271][T11124] Memory cgroup stats for /syz4: [ 2095.254822][T11124] anon 90112 [ 2095.254822][T11124] file 126976 [ 2095.254822][T11124] kernel 314335232 [ 2095.254822][T11124] kernel_stack 16384 [ 2095.254822][T11124] pagetables 73728 [ 2095.254822][T11124] percpu 11039616 [ 2095.254822][T11124] sock 0 [ 2095.254822][T11124] vmalloc 0 [ 2095.254822][T11124] shmem 126976 [ 2095.254822][T11124] file_mapped 126976 [ 2095.254822][T11124] file_dirty 0 [ 2095.254822][T11124] file_writeback 0 [ 2095.254822][T11124] swapcached 0 [ 2095.254822][T11124] inactive_anon 118784 [ 2095.254822][T11124] active_anon 57344 [ 2095.254822][T11124] inactive_file 0 [ 2095.254822][T11124] active_file 0 [ 2095.254822][T11124] unevictable 0 [ 2095.254822][T11124] slab_reclaimable 21344 [ 2095.254822][T11124] slab_unreclaimable 303138640 [ 2095.254822][T11124] slab 303159984 [ 2095.254822][T11124] workingset_refault_anon 0 [ 2095.254822][T11124] workingset_refault_file 15 [ 2095.254822][T11124] workingset_activate_anon 0 [ 2095.254822][T11124] workingset_activate_file 0 [ 2095.350985][T11124] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=11124,uid=0 [ 2095.366259][T11124] Memory cgroup out of memory: Killed process 11124 (syz-executor.4) total-vm:46312kB, anon-rss:388kB, file-rss:8192kB, shmem-rss:0kB, UID:0 pgtables:76kB oom_score_adj:1000 01:41:25 executing program 2: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000240)=0x1) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4000000010001fff000000000000006000000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00ed"], 0x40}}, 0x0) 01:41:25 executing program 5: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$DEVLINK_CMD_TRAP_POLICER_GET(r0, 0xfffffffffffffffd, 0x0) 01:41:25 executing program 3: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000240)=0x1) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4000000010001fff00000000000025b900000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00ed"], 0x40}}, 0x0) 01:41:25 executing program 1: r0 = socket$nl_sock_diag(0x10, 0x3, 0x4) sendmsg$DCCPDIAG_GETSOCK(r0, &(0x7f00000002c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000280)={&(0x7f00000000c0)={0x4c}, 0x4c}}, 0x0) 01:41:25 executing program 4: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') open(&(0x7f0000000080)='./bus\x00', 0x14d842, 0x0) r0 = open(&(0x7f0000000280)='./bus\x00', 0x4c03e, 0x0) fallocate(r0, 0x40, 0x0, 0xc5fb) 01:41:25 executing program 5: syz_mount_image$ext4(0x0, &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount$tmpfs(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000240)={[{@mpol={'mpol', 0x3d, {'default', '', @void}}}]}) 01:41:26 executing program 0: getpid() socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, 0x0, 0x0, 0x2, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4000000010001fff000001400000000000000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00edd62ea20a1d331785", @ANYBLOB="f6058f6edd13b339a41741df7cc8ce16a184f1c3ce95557b15a6b9d8ed59050d446d58b1b14a601e31bc1f05ac2d5eab491981e7982e0834ddf3bc6592804936196dbce83b114f9265aa8c87654cf456311e4cba3ee22fd0451b75c902767755ccec2eb4ea77c45e8d4d4e77f867648d98797fdd8711d671c5f22669c60eb10bf9570150a2c247bf1e55cd1fb91e41588a73327e20823f2f15ce2255a75e6d8afb40aa37c5ae7af3fb6c770673242110d1e2c33cfd3264e2a156ae5ee38d5abfb2ad4c2a8a"], 0x40}}, 0x0) 01:41:26 executing program 1: socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCETHTOOL(r0, 0x894c, 0x0) 01:41:26 executing program 5: syz_mount_image$ext4(0x0, &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount$tmpfs(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000240)={[{@mpol={'mpol', 0x3d, {'default', '', @void}}}]}) 01:41:26 executing program 1: socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCETHTOOL(r0, 0x891d, &(0x7f00000001c0)={'vcan0\x00', 0x0}) 01:41:26 executing program 5: socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff}) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000000)={'lo\x00', &(0x7f0000000080)=@ethtool_per_queue_op}) 01:41:26 executing program 1: syz_mount_image$ext4(0x0, &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) openat2$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x20000058) [ 2096.213813][T11154] syz-executor.4 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 2096.224034][T11154] CPU: 1 PID: 11154 Comm: syz-executor.4 Not tainted 5.19.0-rc6-syzkaller-00104-g72a8e05d4f66-dirty #0 [ 2096.235147][T11154] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 2096.245297][T11154] Call Trace: [ 2096.248586][T11154] [ 2096.251556][T11154] dump_stack_lvl+0xd6/0x122 [ 2096.256196][T11154] dump_stack+0x11/0x12 [ 2096.260387][T11154] dump_header+0x98/0x410 [ 2096.264770][T11154] oom_kill_process+0xfe/0x550 [ 2096.269522][T11154] out_of_memory+0x620/0x880 [ 2096.274144][T11154] mem_cgroup_oom+0x475/0x4f0 [ 2096.278824][T11154] try_charge_memcg+0x746/0x960 [ 2096.283674][T11154] charge_memcg+0x63/0x2c0 [ 2096.288152][T11154] __mem_cgroup_charge+0x25/0xa0 [ 2096.293153][T11154] do_anonymous_page+0x1d6/0xa20 [ 2096.298145][T11154] handle_mm_fault+0x8a0/0xa90 [ 2096.302899][T11154] do_user_addr_fault+0x4cd/0x940 [ 2096.307922][T11154] exc_page_fault+0x60/0x160 [ 2096.312682][T11154] asm_exc_page_fault+0x22/0x30 [ 2096.317570][T11154] RIP: 0033:0x7fe837f4d651 [ 2096.321985][T11154] Code: 3d c4 88 0a 00 e8 ef c0 ff ff 66 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 41 57 41 56 41 55 41 54 55 53 48 81 ec 98 01 00 00 <48> 89 7c 24 38 48 89 74 24 30 48 89 54 24 28 48 89 4c 24 20 4c 89 [ 2096.341626][T11154] RSP: 002b:00007fe837721f90 EFLAGS: 00010206 [ 2096.347676][T11154] RAX: 00007fe837f4d640 RBX: 00007fe8380bef60 RCX: 0000000000000002 [ 2096.355638][T11154] RDX: 0000000000000000 RSI: 0000000020000100 RDI: 0000000020000000 [ 2096.363620][T11154] RBP: 00007fe83800605d R08: 0000000020000200 R09: 0000000000000000 [ 2096.371714][T11154] R10: 0000000020000000 R11: 0000000000000000 R12: 0000000000000000 [ 2096.379694][T11154] R13: 00007ffd964f77ff R14: 00007fe837722300 R15: 0000000000022000 [ 2096.387755][T11154] [ 2096.390872][T11154] memory: usage 307200kB, limit 307200kB, failcnt 65746 [ 2096.397905][T11154] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2096.404774][T11154] Memory cgroup stats for /syz4: [ 2096.407400][T11154] anon 102400 [ 2096.407400][T11154] file 126976 [ 2096.407400][T11154] kernel 314343424 [ 2096.407400][T11154] kernel_stack 32768 [ 2096.407400][T11154] pagetables 77824 [ 2096.407400][T11154] percpu 11039616 [ 2096.407400][T11154] sock 0 [ 2096.407400][T11154] vmalloc 0 [ 2096.407400][T11154] shmem 126976 [ 2096.407400][T11154] file_mapped 126976 [ 2096.407400][T11154] file_dirty 0 [ 2096.407400][T11154] file_writeback 0 [ 2096.407400][T11154] swapcached 0 [ 2096.407400][T11154] inactive_anon 167936 [ 2096.407400][T11154] active_anon 57344 [ 2096.407400][T11154] inactive_file 0 [ 2096.407400][T11154] active_file 0 [ 2096.407400][T11154] unevictable 0 [ 2096.407400][T11154] slab_reclaimable 15840 [ 2096.407400][T11154] slab_unreclaimable 303135880 [ 2096.407400][T11154] slab 303151720 [ 2096.407400][T11154] workingset_refault_anon 0 [ 2096.407400][T11154] workingset_refault_file 15 [ 2096.407400][T11154] workingset_activate_anon 0 [ 2096.407400][T11154] workingset_activate_file 0 [ 2096.504213][T11154] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=11135,uid=0 [ 2096.519683][T11154] Memory cgroup out of memory: Killed process 11135 (syz-executor.4) total-vm:46312kB, anon-rss:388kB, file-rss:8192kB, shmem-rss:0kB, UID:0 pgtables:80kB oom_score_adj:1000 01:41:26 executing program 2: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000240)=0x1) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4000000010001fff000000000000586500000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00ed"], 0x40}}, 0x0) 01:41:27 executing program 1: r0 = socket$inet(0x2, 0xa, 0x0) sendmsg$IPSET_CMD_SWAP(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={0x0}, 0x300}, 0x0) 01:41:27 executing program 5: syz_clone(0x2001700, 0x0, 0x0, 0x0, 0x0, 0x0) 01:41:27 executing program 4: r0 = socket$inet(0x2, 0xa, 0x0) sendmsg$IPSET_CMD_SWAP(r0, &(0x7f0000000180)={&(0x7f00000000c0), 0x200000cc, &(0x7f0000000140)={0x0}}, 0x0) 01:41:27 executing program 3: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000240)=0x1) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4000000010001fff00000000000001c000000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00ed"], 0x40}}, 0x0) 01:41:27 executing program 1: socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCETHTOOL(r0, 0x541b, 0x0) 01:41:27 executing program 0: getpid() socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, 0x0, 0x0, 0x2, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4000000010001fff000003420000000000000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00edd62ea20a1d331785", @ANYBLOB="f6058f6edd13b339a41741df7cc8ce16a184f1c3ce95557b15a6b9d8ed59050d446d58b1b14a601e31bc1f05ac2d5eab491981e7982e0834ddf3bc6592804936196dbce83b114f9265aa8c87654cf456311e4cba3ee22fd0451b75c902767755ccec2eb4ea77c45e8d4d4e77f867648d98797fdd8711d671c5f22669c60eb10bf9570150a2c247bf1e55cd1fb91e41588a73327e20823f2f15ce2255a75e6d8afb40aa37c5ae7af3fb6c770673242110d1e2c33cfd3264e2a156ae5ee38d5abfb2ad4c2a8a"], 0x40}}, 0x0) 01:41:27 executing program 5: r0 = socket$inet(0x2, 0x3, 0x3) sendmsg$IPSET_CMD_SWAP(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={0x0}}, 0x0) 01:41:27 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$BATADV_CMD_GET_MCAST_FLAGS(r0, &(0x7f0000000ec0)={0x0, 0x0, 0x0, 0x300}, 0x0) [ 2096.675261][T11169] syz-executor.4 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 2096.685525][T11169] CPU: 0 PID: 11169 Comm: syz-executor.4 Not tainted 5.19.0-rc6-syzkaller-00104-g72a8e05d4f66-dirty #0 [ 2096.696698][T11169] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 2096.706791][T11169] Call Trace: [ 2096.710080][T11169] [ 2096.713007][T11169] dump_stack_lvl+0xd6/0x122 [ 2096.717604][T11169] dump_stack+0x11/0x12 [ 2096.721827][T11169] dump_header+0x98/0x410 [ 2096.726162][T11169] oom_kill_process+0xfe/0x550 [ 2096.731001][T11169] out_of_memory+0x620/0x880 [ 2096.735613][T11169] mem_cgroup_oom+0x475/0x4f0 [ 2096.740346][T11169] try_charge_memcg+0x746/0x960 [ 2096.745268][T11169] charge_memcg+0x63/0x2c0 [ 2096.749712][T11169] __mem_cgroup_charge+0x25/0xa0 [ 2096.754660][T11169] wp_page_copy+0x20f/0x1460 [ 2096.759308][T11169] do_wp_page+0x76f/0xe10 [ 2096.763733][T11169] handle_mm_fault+0x5fb/0xa90 [ 2096.768526][T11169] do_user_addr_fault+0x4cd/0x940 [ 2096.773621][T11169] exc_page_fault+0x60/0x160 [ 2096.778236][T11169] asm_exc_page_fault+0x22/0x30 [ 2096.783098][T11169] RIP: 0033:0x7fe837f5a340 [ 2096.787512][T11169] Code: fe ff 49 39 dc 75 eb 48 8b 44 24 18 89 28 48 83 c4 28 5b 5d 41 5c 41 5d 41 5e 41 5f c3 0f 1f 44 00 00 41 89 c5 e9 75 fe ff ff <43> 89 2c 84 e9 a3 fe ff ff 0f 1f 80 00 00 00 00 49 39 d4 74 70 48 [ 2096.807204][T11169] RSP: 002b:00007ffd964f7790 EFLAGS: 00010246 [ 2096.813716][T11169] RAX: 00000000430867c6 RBX: 00007fe8380beff8 RCX: 0000001b2de20000 [ 2096.821696][T11169] RDX: 0000000000000000 RSI: 0000001b2de20018 RDI: 0000000000000022 [ 2096.829771][T11169] RBP: 00000000430867c6 R08: 00000000000007c6 R09: 00000000430867ca [ 2096.837741][T11169] R10: 00007ffd964f7960 R11: 0000000000000246 R12: 00007fe8380b3000 [ 2096.845716][T11169] R13: 0000000000000001 R14: 0000000000000000 R15: ffffffff83a12eac [ 2096.853691][T11169] ? __x64_sys_socket+0xc/0x50 [ 2096.858518][T11169] [ 2096.861575][T11169] memory: usage 307200kB, limit 307200kB, failcnt 65796 [ 2096.868528][T11169] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2096.875381][T11169] Memory cgroup stats for /syz4: [ 2097.026304][T11169] anon 102400 [ 2097.026304][T11169] file 126976 [ 2097.026304][T11169] kernel 314343424 [ 2097.026304][T11169] kernel_stack 32768 [ 2097.026304][T11169] pagetables 69632 [ 2097.026304][T11169] percpu 11039616 [ 2097.026304][T11169] sock 0 [ 2097.026304][T11169] vmalloc 0 [ 2097.026304][T11169] shmem 126976 [ 2097.026304][T11169] file_mapped 126976 [ 2097.026304][T11169] file_dirty 0 [ 2097.026304][T11169] file_writeback 0 [ 2097.026304][T11169] swapcached 0 [ 2097.026304][T11169] inactive_anon 172032 [ 2097.026304][T11169] active_anon 57344 [ 2097.026304][T11169] inactive_file 0 [ 2097.026304][T11169] active_file 0 [ 2097.026304][T11169] unevictable 0 [ 2097.026304][T11169] slab_reclaimable 22320 [ 2097.026304][T11169] slab_unreclaimable 303136248 [ 2097.026304][T11169] slab 303158568 [ 2097.026304][T11169] workingset_refault_anon 0 [ 2097.026304][T11169] workingset_refault_file 15 [ 2097.026304][T11169] workingset_activate_anon 0 [ 2097.026304][T11169] workingset_activate_file 0 [ 2097.122148][T11169] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=11169,uid=0 [ 2097.137633][T11169] Memory cgroup out of memory: Killed process 11169 (syz-executor.4) total-vm:46312kB, anon-rss:388kB, file-rss:8192kB, shmem-rss:0kB, UID:0 pgtables:72kB oom_score_adj:1000 01:41:27 executing program 1: socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCETHTOOL(r0, 0x8903, &(0x7f00000001c0)={'vcan0\x00', 0x0}) 01:41:27 executing program 4: socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCETHTOOL(r0, 0x8981, 0x0) 01:41:27 executing program 5: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_buf(r0, 0x6, 0x6, &(0x7f0000000000)="71351048", 0x4) [ 2097.235905][ T24] audit: type=1400 audit(1657676487.591:572): avc: denied { write } for pid=11174 comm="syz-executor.5" lport=3 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1 [ 2097.279343][T11187] syz-executor.4 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=0, oom_score_adj=1000 [ 2097.291612][T11187] CPU: 0 PID: 11187 Comm: syz-executor.4 Not tainted 5.19.0-rc6-syzkaller-00104-g72a8e05d4f66-dirty #0 [ 2097.302640][T11187] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 2097.312720][T11187] Call Trace: [ 2097.315994][T11187] [ 2097.318914][T11187] dump_stack_lvl+0xd6/0x122 [ 2097.323525][T11187] dump_stack+0x11/0x12 [ 2097.327692][T11187] dump_header+0x98/0x410 [ 2097.332040][T11187] oom_kill_process+0xfe/0x550 [ 2097.336791][T11187] out_of_memory+0x620/0x880 [ 2097.341488][T11187] mem_cgroup_oom+0x475/0x4f0 [ 2097.346326][T11187] try_charge_memcg+0x746/0x960 [ 2097.351198][T11187] __memcg_kmem_charge_page+0x2e4/0x480 [ 2097.356783][T11187] __alloc_pages+0x1c1/0x340 [ 2097.361497][T11187] alloc_pages+0x34d/0x450 [ 2097.365899][T11187] pte_alloc_one+0x29/0xb0 [ 2097.370328][T11187] __pte_alloc+0x2f/0x1f0 [ 2097.374661][T11187] do_anonymous_page+0x799/0xa20 [ 2097.379583][T11187] ? preempt_count_add+0x5e/0xa0 [ 2097.384584][T11187] ? _raw_spin_unlock+0x2d/0x50 [ 2097.389441][T11187] ? __pmd_alloc+0x2cb/0x300 [ 2097.394036][T11187] handle_mm_fault+0x8a0/0xa90 [ 2097.398886][T11187] do_user_addr_fault+0x4cd/0x940 [ 2097.403929][T11187] exc_page_fault+0x60/0x160 [ 2097.408509][T11187] asm_exc_page_fault+0x22/0x30 [ 2097.413390][T11187] RIP: 0010:__put_user_nocheck_4+0x3/0x11 [ 2097.419114][T11187] Code: 00 00 48 39 d9 73 54 0f 01 cb 66 89 01 31 c9 0f 01 ca c3 0f 1f 44 00 00 48 bb fd ef ff ff ff 7f 00 00 48 39 d9 73 34 0f 01 cb <89> 01 31 c9 0f 01 ca c3 66 0f 1f 44 00 00 48 bb f9 ef ff ff ff 7f [ 2097.438709][T11187] RSP: 0018:ffffc9000dab7eb8 EFLAGS: 00050293 [ 2097.444818][T11187] RAX: 0000000000000003 RBX: 00007fffffffeffd RCX: 0000000020000040 [ 2097.452907][T11187] RDX: ffff888160e0ed80 RSI: 0000000000000004 RDI: 0000000000000000 [ 2097.460864][T11187] RBP: 0000000000000001 R08: ffffffff83a12fe0 R09: 0000000000000000 [ 2097.468845][T11187] R10: 00018881379f9880 R11: 0001ffffffffffff R12: 0000000020000040 [ 2097.476887][T11187] R13: 0000000000000000 R14: 0000000000000001 R15: 0000000000000003 [ 2097.484851][T11187] ? __sys_socketpair+0xa0/0x420 [ 2097.489802][T11187] __sys_socketpair+0xb6/0x420 [ 2097.494687][T11187] __x64_sys_socketpair+0x4e/0x60 [ 2097.499734][T11187] do_syscall_64+0x2b/0x70 [ 2097.504241][T11187] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 2097.510120][T11187] RIP: 0033:0x7fe837fac109 [ 2097.514595][T11187] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 2097.534209][T11187] RSP: 002b:00007fe837722168 EFLAGS: 00000246 ORIG_RAX: 0000000000000035 [ 2097.542621][T11187] RAX: ffffffffffffffda RBX: 00007fe8380bef60 RCX: 00007fe837fac109 [ 2097.550645][T11187] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000001 [ 2097.558605][T11187] RBP: 00007fe83800605d R08: 0000000000000000 R09: 0000000000000000 [ 2097.566566][T11187] R10: 0000000020000040 R11: 0000000000000246 R12: 0000000000000000 [ 2097.574533][T11187] R13: 00007ffd964f77ff R14: 00007fe837722300 R15: 0000000000022000 [ 2097.582492][T11187] [ 2097.585527][T11187] memory: usage 307200kB, limit 307200kB, failcnt 65847 [ 2097.592547][T11187] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2097.599436][T11187] Memory cgroup stats for /syz4: [ 2097.608512][T11187] anon 98304 [ 2097.608512][T11187] file 126976 [ 2097.608512][T11187] kernel 314335232 [ 2097.608512][T11187] kernel_stack 32768 [ 2097.608512][T11187] pagetables 73728 [ 2097.608512][T11187] percpu 11039616 [ 2097.608512][T11187] sock 0 [ 2097.608512][T11187] vmalloc 0 [ 2097.608512][T11187] shmem 126976 [ 2097.608512][T11187] file_mapped 126976 [ 2097.608512][T11187] file_dirty 0 [ 2097.608512][T11187] file_writeback 0 [ 2097.608512][T11187] swapcached 0 [ 2097.608512][T11187] inactive_anon 118784 [ 2097.608512][T11187] active_anon 57344 [ 2097.608512][T11187] inactive_file 0 [ 2097.608512][T11187] active_file 0 [ 2097.608512][T11187] unevictable 0 [ 2097.608512][T11187] slab_reclaimable 21344 [ 2097.608512][T11187] slab_unreclaimable 303130656 [ 2097.608512][T11187] slab 303152000 [ 2097.608512][T11187] workingset_refault_anon 0 [ 2097.608512][T11187] workingset_refault_file 15 [ 2097.608512][T11187] workingset_activate_anon 0 [ 2097.608512][T11187] workingset_activate_file 0 [ 2097.704248][T11187] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=11184,uid=0 [ 2097.719581][T11187] Memory cgroup out of memory: Killed process 11184 (syz-executor.4) total-vm:46312kB, anon-rss:388kB, file-rss:8192kB, shmem-rss:0kB, UID:0 pgtables:76kB oom_score_adj:1000 01:41:28 executing program 2: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000240)=0x1) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4000000010001fff000000000000006800000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00ed"], 0x40}}, 0x0) 01:41:28 executing program 1: openat2$dir(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', &(0x7f0000000100), 0xffffffffffffffd5) 01:41:28 executing program 5: syz_mount_image$ext4(0x0, &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount$tmpfs(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000100)={[{@nr_inodes={'nr_inodes', 0x3d, [0x35]}}]}) 01:41:28 executing program 4: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$devlink(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$DEVLINK_CMD_TRAP_POLICER_SET(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000000c0)={0x14, r1, 0x301}, 0x14}}, 0x0) 01:41:28 executing program 0: getpid() socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, 0x0, 0x0, 0x2, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4000000010001fff000088470000000000000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00edd62ea20a1d331785", @ANYBLOB="f6058f6edd13b339a41741df7cc8ce16a184f1c3ce95557b15a6b9d8ed59050d446d58b1b14a601e31bc1f05ac2d5eab491981e7982e0834ddf3bc6592804936196dbce83b114f9265aa8c87654cf456311e4cba3ee22fd0451b75c902767755ccec2eb4ea77c45e8d4d4e77f867648d98797fdd8711d671c5f22669c60eb10bf9570150a2c247bf1e55cd1fb91e41588a73327e20823f2f15ce2255a75e6d8afb40aa37c5ae7af3fb6c770673242110d1e2c33cfd3264e2a156ae5ee38d5abfb2ad4c2a8a"], 0x40}}, 0x0) 01:41:28 executing program 3: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000240)=0x1) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4000000010001fff00000000000003c000000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00ed"], 0x40}}, 0x0) 01:41:28 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) setsockopt$inet_udp_int(r0, 0x11, 0x65, &(0x7f0000000040), 0x4) 01:41:28 executing program 1: syz_mount_image$ext4(0x0, &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount$tmpfs(0x0, &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f0000000500)={[{@size={'size', 0x3d, [0x4b]}}]}) 01:41:28 executing program 5: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_buf(r0, 0x6, 0x10, &(0x7f0000000000)='\x00\x00\x00\x00', 0x4) 01:41:28 executing program 1: socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCETHTOOL(r0, 0xc0189436, &(0x7f00000001c0)={'vcan0\x00', &(0x7f00000000c0)=@ethtool_rxnfc={0x0, 0x0, 0x0, {0x0, @sctp_ip6_spec={@local, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01'}, {}, @esp_ip4_spec={@rand_addr, @local}, {0x0, @dev}}}}) 01:41:28 executing program 5: socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCETHTOOL(r0, 0x8914, &(0x7f00000001c0)={'vcan0\x00', 0x0}) [ 2097.902363][T11191] syz-executor.4 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 2097.912680][T11191] CPU: 1 PID: 11191 Comm: syz-executor.4 Not tainted 5.19.0-rc6-syzkaller-00104-g72a8e05d4f66-dirty #0 [ 2097.923711][T11191] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 2097.933777][T11191] Call Trace: [ 2097.937062][T11191] [ 2097.940004][T11191] dump_stack_lvl+0xd6/0x122 [ 2097.944610][T11191] dump_stack+0x11/0x12 [ 2097.948780][T11191] dump_header+0x98/0x410 [ 2097.953099][T11191] oom_kill_process+0xfe/0x550 [ 2097.957859][T11191] out_of_memory+0x620/0x880 [ 2097.962649][T11191] mem_cgroup_oom+0x475/0x4f0 [ 2097.967331][T11191] try_charge_memcg+0x746/0x960 [ 2097.972268][T11191] charge_memcg+0x63/0x2c0 [ 2097.976771][T11191] __mem_cgroup_charge+0x25/0xa0 [ 2097.981694][T11191] wp_page_copy+0x20f/0x1460 [ 2097.986311][T11191] do_wp_page+0x76f/0xe10 [ 2097.990726][T11191] handle_mm_fault+0x5fb/0xa90 [ 2097.995527][T11191] do_user_addr_fault+0x4cd/0x940 [ 2098.000623][T11191] exc_page_fault+0x60/0x160 [ 2098.005234][T11191] asm_exc_page_fault+0x22/0x30 [ 2098.010127][T11191] RIP: 0033:0x7fe837f5a340 [ 2098.014533][T11191] Code: fe ff 49 39 dc 75 eb 48 8b 44 24 18 89 28 48 83 c4 28 5b 5d 41 5c 41 5d 41 5e 41 5f c3 0f 1f 44 00 00 41 89 c5 e9 75 fe ff ff <43> 89 2c 84 e9 a3 fe ff ff 0f 1f 80 00 00 00 00 49 39 d4 74 70 48 [ 2098.034406][T11191] RSP: 002b:00007ffd964f7790 EFLAGS: 00010246 [ 2098.040463][T11191] RAX: 00000000430867c6 RBX: 00007fe8380beff8 RCX: 0000001b2de20000 [ 2098.048462][T11191] RDX: 0000000000000000 RSI: 0000001b2de20018 RDI: 0000000000000022 [ 2098.056491][T11191] RBP: 00000000430867c6 R08: 00000000000007c6 R09: 00000000430867ca [ 2098.064497][T11191] R10: 00007ffd964f7960 R11: 0000000000000246 R12: 00007fe8380b3000 [ 2098.072463][T11191] R13: 0000000000000001 R14: 0000000000000000 R15: ffffffff83a12eac [ 2098.080534][T11191] ? __x64_sys_socket+0xc/0x50 [ 2098.085365][T11191] [ 2098.088512][T11191] memory: usage 307196kB, limit 307200kB, failcnt 65888 [ 2098.095473][T11191] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 01:41:30 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$devlink(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$DEVLINK_CMD_SB_PORT_POOL_GET(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000080)={0x4c, r1, 0x1, 0x0, 0x0, {}, [{{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8}}, {0x8}, {0x6}}]}, 0x4c}}, 0x0) [ 2098.102315][T11191] Memory cgroup stats for /syz4: [ 2099.768915][T11191] anon 102400 [ 2099.768915][T11191] file 126976 [ 2099.768915][T11191] kernel 314318848 [ 2099.768915][T11191] kernel_stack 32768 [ 2099.768915][T11191] pagetables 69632 [ 2099.768915][T11191] percpu 11039616 [ 2099.768915][T11191] sock 0 [ 2099.768915][T11191] vmalloc 0 [ 2099.768915][T11191] shmem 126976 [ 2099.768915][T11191] file_mapped 126976 [ 2099.768915][T11191] file_dirty 0 [ 2099.768915][T11191] file_writeback 0 [ 2099.768915][T11191] swapcached 0 [ 2099.768915][T11191] inactive_anon 172032 [ 2099.768915][T11191] active_anon 57344 [ 2099.768915][T11191] inactive_file 0 [ 2099.768915][T11191] active_file 0 [ 2099.768915][T11191] unevictable 0 [ 2099.768915][T11191] slab_reclaimable 16816 [ 2099.768915][T11191] slab_unreclaimable 303123264 [ 2099.768915][T11191] slab 303140080 [ 2099.768915][T11191] workingset_refault_anon 0 [ 2099.768915][T11191] workingset_refault_file 15 [ 2099.768915][T11191] workingset_activate_anon 0 [ 2099.768915][T11191] workingset_activate_file 0 [ 2099.865013][T11191] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=11191,uid=0 [ 2099.880536][T11191] Memory cgroup out of memory: Killed process 11191 (syz-executor.4) total-vm:46312kB, anon-rss:388kB, file-rss:8192kB, shmem-rss:0kB, UID:0 pgtables:72kB oom_score_adj:1000 01:41:30 executing program 2: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000240)=0x1) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4000000010001fff000000000000006c00000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00ed"], 0x40}}, 0x0) 01:41:30 executing program 5: syz_mount_image$ext4(0x0, &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount$tmpfs(0x0, &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x0, 0x0) statx(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0, 0x0, &(0x7f00000002c0)) 01:41:30 executing program 1: socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff}) sendmsg$MPTCP_PM_CMD_ADD_ADDR(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={0x0}}, 0x4088001) 01:41:30 executing program 4: prctl$PR_CAPBSET_READ(0x1c, 0x0) 01:41:30 executing program 0: getpid() socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, 0x0, 0x0, 0x2, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4000000010001fff000000480000000000000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00edd62ea20a1d331785", @ANYBLOB="f6058f6edd13b339a41741df7cc8ce16a184f1c3ce95557b15a6b9d8ed59050d446d58b1b14a601e31bc1f05ac2d5eab491981e7982e0834ddf3bc6592804936196dbce83b114f9265aa8c87654cf456311e4cba3ee22fd0451b75c902767755ccec2eb4ea77c45e8d4d4e77f867648d98797fdd8711d671c5f22669c60eb10bf9570150a2c247bf1e55cd1fb91e41588a73327e20823f2f15ce2255a75e6d8afb40aa37c5ae7af3fb6c770673242110d1e2c33cfd3264e2a156ae5ee38d5abfb2ad4c2a8a"], 0x40}}, 0x0) 01:41:30 executing program 3: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000240)=0x1) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4000000010001fff00000000ffffffc300000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00ed"], 0x40}}, 0x0) 01:41:30 executing program 5: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_buf(r0, 0x6, 0x8, &(0x7f0000000000)="713557c0", 0x4) 01:41:30 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_buf(r0, 0x6, 0x3, &(0x7f0000000000)='\x00\x00\x00\x00', 0x4) 01:41:30 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl$sock_SIOCETHTOOL(r0, 0x5411, 0x0) 01:41:30 executing program 5: openat$thread_pidfd(0xffffffffffffff9c, &(0x7f0000000140), 0x20000, 0x0) [ 2100.088792][T11231] syz-executor.4 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 2100.099054][T11231] CPU: 1 PID: 11231 Comm: syz-executor.4 Not tainted 5.19.0-rc6-syzkaller-00104-g72a8e05d4f66-dirty #0 [ 2100.110160][T11231] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 2100.120323][T11231] Call Trace: [ 2100.123608][T11231] [ 2100.126621][T11231] dump_stack_lvl+0xd6/0x122 [ 2100.131236][T11231] dump_stack+0x11/0x12 [ 2100.135393][T11231] dump_header+0x98/0x410 [ 2100.139775][T11231] oom_kill_process+0xfe/0x550 [ 2100.144779][T11231] out_of_memory+0x620/0x880 [ 2100.149394][T11231] mem_cgroup_oom+0x475/0x4f0 [ 2100.154076][T11231] try_charge_memcg+0x746/0x960 [ 2100.158983][T11231] charge_memcg+0x63/0x2c0 [ 2100.163402][T11231] __mem_cgroup_charge+0x25/0xa0 [ 2100.168340][T11231] wp_page_copy+0x20f/0x1460 [ 2100.173013][T11231] ? shrink_zones+0x525/0x5d0 [ 2100.177698][T11231] do_wp_page+0x76f/0xe10 [ 2100.182105][T11231] handle_mm_fault+0x5fb/0xa90 [ 2100.186877][T11231] do_user_addr_fault+0x4cd/0x940 [ 2100.191938][T11231] exc_page_fault+0x60/0x160 [ 2100.196583][T11231] asm_exc_page_fault+0x22/0x30 [ 2100.202775][T11231] RIP: 0033:0x7fe837f5a340 [ 2100.207251][T11231] Code: fe ff 49 39 dc 75 eb 48 8b 44 24 18 89 28 48 83 c4 28 5b 5d 41 5c 41 5d 41 5e 41 5f c3 0f 1f 44 00 00 41 89 c5 e9 75 fe ff ff <43> 89 2c 84 e9 a3 fe ff ff 0f 1f 80 00 00 00 00 49 39 d4 74 70 48 [ 2100.227700][T11231] RSP: 002b:00007ffd964f7790 EFLAGS: 00010246 [ 2100.233770][T11231] RAX: 0000000043096de3 RBX: 00007fe8380beff8 RCX: 0000001b2de20000 [ 2100.241745][T11231] RDX: 0000000000000000 RSI: 0000001b2de20018 RDI: 0000000008bd2014 [ 2100.249896][T11231] RBP: 0000000043096de3 R08: 0000000000000de3 R09: 0000000043096de7 [ 2100.257879][T11231] R10: 00007ffd964f7960 R11: 0000000000000246 R12: 00007fe8380b3000 [ 2100.265851][T11231] R13: 0000000000000001 R14: 000000000000000c R15: ffffffff8150b87f [ 2100.273827][T11231] ? page_counter_try_charge+0x24f/0x300 [ 2100.279480][T11231] [ 2100.282631][T11231] memory: usage 307200kB, limit 307200kB, failcnt 65938 [ 2100.289587][T11231] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 01:41:30 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_buf(r0, 0x6, 0x13, &(0x7f0000000000)="71351048", 0x4) [ 2100.296442][T11231] Memory cgroup stats for /syz4: [ 2100.475070][T11231] anon 122880 [ 2100.475070][T11231] file 126976 [ 2100.475070][T11231] kernel 314322944 [ 2100.475070][T11231] kernel_stack 32768 [ 2100.475070][T11231] pagetables 69632 [ 2100.475070][T11231] percpu 11039616 [ 2100.475070][T11231] sock 0 [ 2100.475070][T11231] vmalloc 0 [ 2100.475070][T11231] shmem 126976 [ 2100.475070][T11231] file_mapped 126976 [ 2100.475070][T11231] file_dirty 0 [ 2100.475070][T11231] file_writeback 0 [ 2100.475070][T11231] swapcached 0 [ 2100.475070][T11231] inactive_anon 192512 [ 2100.475070][T11231] active_anon 57344 [ 2100.475070][T11231] inactive_file 0 [ 2100.475070][T11231] active_file 0 [ 2100.475070][T11231] unevictable 0 [ 2100.475070][T11231] slab_reclaimable 21344 [ 2100.475070][T11231] slab_unreclaimable 303123024 [ 2100.475070][T11231] slab 303144368 [ 2100.475070][T11231] workingset_refault_anon 0 [ 2100.475070][T11231] workingset_refault_file 15 [ 2100.475070][T11231] workingset_activate_anon 0 [ 2100.475070][T11231] workingset_activate_file 0 01:41:31 executing program 5: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_buf(r0, 0x6, 0x1e, &(0x7f0000000000)='\x00\x00\x00\x00', 0x4) [ 2100.571203][T11231] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=11231,uid=0 [ 2100.586710][T11231] Memory cgroup out of memory: Killed process 11231 (syz-executor.4) total-vm:46312kB, anon-rss:388kB, file-rss:8192kB, shmem-rss:0kB, UID:0 pgtables:72kB oom_score_adj:1000 01:41:31 executing program 2: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000240)=0x1) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4000000010001fff000000000000026e00000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00ed"], 0x40}}, 0x0) 01:41:31 executing program 4: socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCETHTOOL(r0, 0x8943, &(0x7f00000001c0)={'vcan0\x00', 0x0}) 01:41:31 executing program 1: openat2$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x20000058) 01:41:31 executing program 5: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$BATADV_CMD_GET_MCAST_FLAGS(r0, &(0x7f0000000ec0)={0x0, 0x0, &(0x7f0000000e80)={0x0}, 0x1, 0x0, 0x9effffff}, 0x0) 01:41:31 executing program 0: getpid() socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, 0x0, 0x0, 0x2, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4000000010001fff000001480000000000000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00edd62ea20a1d331785", @ANYBLOB="f6058f6edd13b339a41741df7cc8ce16a184f1c3ce95557b15a6b9d8ed59050d446d58b1b14a601e31bc1f05ac2d5eab491981e7982e0834ddf3bc6592804936196dbce83b114f9265aa8c87654cf456311e4cba3ee22fd0451b75c902767755ccec2eb4ea77c45e8d4d4e77f867648d98797fdd8711d671c5f22669c60eb10bf9570150a2c247bf1e55cd1fb91e41588a73327e20823f2f15ce2255a75e6d8afb40aa37c5ae7af3fb6c770673242110d1e2c33cfd3264e2a156ae5ee38d5abfb2ad4c2a8a"], 0x40}}, 0x0) 01:41:31 executing program 3: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000240)=0x1) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4000000010001fff00000000000003c600000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00ed"], 0x40}}, 0x0) 01:41:31 executing program 5: r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$TIOCGRS485(r0, 0x5415, 0x0) [ 2100.950156][T11251] syz-executor.4 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 2100.960497][T11251] CPU: 0 PID: 11251 Comm: syz-executor.4 Not tainted 5.19.0-rc6-syzkaller-00104-g72a8e05d4f66-dirty #0 [ 2100.971606][T11251] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 2100.981670][T11251] Call Trace: [ 2100.984983][T11251] [ 2100.987925][T11251] dump_stack_lvl+0xd6/0x122 [ 2100.992533][T11251] dump_stack+0x11/0x12 01:41:31 executing program 5: socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCETHTOOL(r0, 0x8901, 0x0) 01:41:31 executing program 1: syz_mount_image$ext4(0x0, &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount$tmpfs(0x0, &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x0, 0x0) mount$tmpfs(0x0, &(0x7f0000000200)='./file0\x00', 0x0, 0x20, &(0x7f0000000340)={[{@mpol={'mpol', 0x3d, {'local', '=relative', @void}}}]}) 01:41:31 executing program 5: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_buf(r0, 0x6, 0x4, &(0x7f0000000000)="71351048", 0x4) [ 2100.996703][T11251] dump_header+0x98/0x410 [ 2101.001123][T11251] oom_kill_process+0xfe/0x550 [ 2101.005982][T11251] out_of_memory+0x620/0x880 [ 2101.010603][T11251] mem_cgroup_oom+0x475/0x4f0 [ 2101.015420][T11251] try_charge_memcg+0x746/0x960 [ 2101.020398][T11251] charge_memcg+0x63/0x2c0 [ 2101.024941][T11251] __mem_cgroup_charge+0x25/0xa0 [ 2101.029895][T11251] wp_page_copy+0x20f/0x1460 [ 2101.034511][T11251] ? shrink_zones+0x525/0x5d0 [ 2101.039290][T11251] do_wp_page+0x76f/0xe10 [ 2101.039558][T11269] tmpfs: Bad value for 'mpol' 01:41:31 executing program 5: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_buf(r0, 0x6, 0x12, &(0x7f0000000000)="713557c0", 0x4) 01:41:31 executing program 1: socket$inet(0x2, 0xa, 0x0) socketpair(0x2, 0xa, 0x0, &(0x7f0000000000)) [ 2101.043675][T11251] handle_mm_fault+0x5fb/0xa90 [ 2101.053181][T11251] do_user_addr_fault+0x4cd/0x940 [ 2101.058312][T11251] exc_page_fault+0x60/0x160 [ 2101.062973][T11251] asm_exc_page_fault+0x22/0x30 [ 2101.067842][T11251] RIP: 0033:0x7fe837f5a340 [ 2101.072307][T11251] Code: fe ff 49 39 dc 75 eb 48 8b 44 24 18 89 28 48 83 c4 28 5b 5d 41 5c 41 5d 41 5e 41 5f c3 0f 1f 44 00 00 41 89 c5 e9 75 fe ff ff <43> 89 2c 84 e9 a3 fe ff ff 0f 1f 80 00 00 00 00 49 39 d4 74 70 48 [ 2101.091926][T11251] RSP: 002b:00007ffd964f7790 EFLAGS: 00010246 [ 2101.098010][T11251] RAX: 0000000043087a04 RBX: 00007fe8380beff8 RCX: 0000001b2de20000 [ 2101.106014][T11251] RDX: 0000000000000000 RSI: 0000001b2de20018 RDI: 0000000000000022 [ 2101.113972][T11251] RBP: 0000000043087a04 R08: 0000000000001a04 R09: 0000000043087a08 [ 2101.121994][T11251] R10: 00007ffd964f7960 R11: 0000000000000246 R12: 00007fe8380b3000 [ 2101.129954][T11251] R13: 0000000000000001 R14: 0000000000000000 R15: ffffffff83a1336e [ 2101.137914][T11251] ? __x64_sys_socketpair+0xe/0x60 [ 2101.143015][T11251] [ 2101.146144][T11251] memory: usage 307200kB, limit 307200kB, failcnt 65993 [ 2101.153139][T11251] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2101.160030][T11251] Memory cgroup stats for /syz4: [ 2102.803971][T11251] anon 106496 [ 2102.803971][T11251] file 126976 [ 2102.803971][T11251] kernel 314318848 [ 2102.803971][T11251] kernel_stack 32768 [ 2102.803971][T11251] pagetables 77824 [ 2102.803971][T11251] percpu 11039616 [ 2102.803971][T11251] sock 0 [ 2102.803971][T11251] vmalloc 0 [ 2102.803971][T11251] shmem 126976 [ 2102.803971][T11251] file_mapped 126976 [ 2102.803971][T11251] file_dirty 0 [ 2102.803971][T11251] file_writeback 0 [ 2102.803971][T11251] swapcached 0 [ 2102.803971][T11251] inactive_anon 176128 [ 2102.803971][T11251] active_anon 57344 [ 2102.803971][T11251] inactive_file 0 [ 2102.803971][T11251] active_file 0 [ 2102.803971][T11251] unevictable 0 [ 2102.803971][T11251] slab_reclaimable 17792 [ 2102.803971][T11251] slab_unreclaimable 303121344 [ 2102.803971][T11251] slab 303139136 [ 2102.803971][T11251] workingset_refault_anon 0 [ 2102.803971][T11251] workingset_refault_file 15 [ 2102.803971][T11251] workingset_activate_anon 0 [ 2102.803971][T11251] workingset_activate_file 0 [ 2102.900146][T11251] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=11251,uid=0 [ 2102.915436][T11251] Memory cgroup out of memory: Killed process 11251 (syz-executor.4) total-vm:46312kB, anon-rss:388kB, file-rss:8192kB, shmem-rss:0kB, UID:0 pgtables:80kB oom_score_adj:1000 01:41:33 executing program 2: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000240)=0x1) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4000000010001fff000000000000007400000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00ed"], 0x40}}, 0x0) 01:41:33 executing program 5: r0 = socket$inet(0x2, 0xa, 0x0) sendmsg$IPSET_CMD_SWAP(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={0x0}, 0x1, 0x0, 0x5000}, 0x0) 01:41:33 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) ioctl$sock_inet_SIOCSARP(r0, 0x8955, &(0x7f0000000040)={{0x2, 0x0, @multicast1}, {0x0, @multicast}, 0x0, {0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}}) 01:41:33 executing program 4: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$BATADV_CMD_GET_MCAST_FLAGS(r0, &(0x7f0000000ec0)={0x0, 0x0, &(0x7f0000000e80)={0x0}, 0x1, 0x0, 0x51ef}, 0x0) 01:41:33 executing program 0: getpid() socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, 0x0, 0x0, 0x2, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4000000010001fff000088480000000000000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00edd62ea20a1d331785", @ANYBLOB="f6058f6edd13b339a41741df7cc8ce16a184f1c3ce95557b15a6b9d8ed59050d446d58b1b14a601e31bc1f05ac2d5eab491981e7982e0834ddf3bc6592804936196dbce83b114f9265aa8c87654cf456311e4cba3ee22fd0451b75c902767755ccec2eb4ea77c45e8d4d4e77f867648d98797fdd8711d671c5f22669c60eb10bf9570150a2c247bf1e55cd1fb91e41588a73327e20823f2f15ce2255a75e6d8afb40aa37c5ae7af3fb6c770673242110d1e2c33cfd3264e2a156ae5ee38d5abfb2ad4c2a8a"], 0x40}}, 0x0) 01:41:33 executing program 3: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000240)=0x1) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4000000010001fff00000000000005c600000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00ed"], 0x40}}, 0x0) 01:41:33 executing program 1: r0 = inotify_init() ioctl$INOTIFY_IOC_SETNEXTWD(r0, 0x40044900, 0x1ff) 01:41:33 executing program 5: syz_mount_image$ext4(0x0, &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) lsetxattr$trusted_overlay_origin(&(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x0, 0x0, 0x0) openat2$dir(0xffffffffffffff9c, &(0x7f0000000180)='./file0/file0\x00', &(0x7f00000001c0)={0xc42}, 0x18) 01:41:33 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCETHTOOL(r0, 0x5452, &(0x7f0000000000)={'bridge_slave_1\x00', 0x0}) syz_genetlink_get_family_id$gtp(&(0x7f0000000200), r0) [ 2103.104590][T11289] syz-executor.4 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 2103.114938][T11289] CPU: 1 PID: 11289 Comm: syz-executor.4 Not tainted 5.19.0-rc6-syzkaller-00104-g72a8e05d4f66-dirty #0 [ 2103.126048][T11289] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 2103.136108][T11289] Call Trace: [ 2103.139399][T11289] [ 2103.142362][T11289] dump_stack_lvl+0xd6/0x122 [ 2103.147024][T11289] dump_stack+0x11/0x12 [ 2103.151196][T11289] dump_header+0x98/0x410 [ 2103.155541][T11289] oom_kill_process+0xfe/0x550 [ 2103.160399][T11289] out_of_memory+0x620/0x880 [ 2103.165125][T11289] mem_cgroup_oom+0x475/0x4f0 [ 2103.169814][T11289] try_charge_memcg+0x746/0x960 [ 2103.174813][T11289] charge_memcg+0x63/0x2c0 [ 2103.179252][T11289] __mem_cgroup_charge+0x25/0xa0 [ 2103.184329][T11289] wp_page_copy+0x20f/0x1460 [ 2103.188926][T11289] ? shrink_zones+0x525/0x5d0 [ 2103.193609][T11289] do_wp_page+0x76f/0xe10 [ 2103.197946][T11289] handle_mm_fault+0x5fb/0xa90 [ 2103.202719][T11289] do_user_addr_fault+0x4cd/0x940 [ 2103.207753][T11289] exc_page_fault+0x60/0x160 [ 2103.212384][T11289] asm_exc_page_fault+0x22/0x30 [ 2103.217261][T11289] RIP: 0033:0x7fe837f5a340 [ 2103.221687][T11289] Code: fe ff 49 39 dc 75 eb 48 8b 44 24 18 89 28 48 83 c4 28 5b 5d 41 5c 41 5d 41 5e 41 5f c3 0f 1f 44 00 00 41 89 c5 e9 75 fe ff ff <43> 89 2c 84 e9 a3 fe ff ff 0f 1f 80 00 00 00 00 49 39 d4 74 70 48 [ 2103.241360][T11289] RSP: 002b:00007ffd964f7790 EFLAGS: 00010246 [ 2103.247426][T11289] RAX: 00000000f4d62eb8 RBX: 00007fe8380beff8 RCX: 0000001b2de20000 [ 2103.255402][T11289] RDX: 0000000000000000 RSI: 0000001b2de20018 RDI: 0000000008e36ccc [ 2103.263376][T11289] RBP: 00000000f4d62eb8 R08: 0000000000000eb8 R09: 00000000f4d62ebc [ 2103.271360][T11289] R10: 00007ffd964f7960 R11: 0000000000000246 R12: 00007fe8380b3000 [ 2103.279371][T11289] R13: 0000000000000001 R14: 000000000000000b R15: ffffffff8194cf11 [ 2103.287348][T11289] ? security_compute_sid+0x141/0xee0 [ 2103.292739][T11289] [ 2103.295800][T11289] memory: usage 307200kB, limit 307200kB, failcnt 66021 [ 2103.302747][T11289] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 01:41:33 executing program 5: socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCETHTOOL(r0, 0x8903, 0x0) 01:41:33 executing program 1: syz_mount_image$ext4(0x0, &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount$tmpfs(0x0, &(0x7f0000000240)='./file0\x00', &(0x7f0000000280), 0x0, &(0x7f00000002c0)={[{@mpol={'mpol', 0x3d, {'prefer', '=static', @void}}}]}) [ 2103.309646][T11289] Memory cgroup stats for /syz4: [ 2103.628457][T11289] anon 122880 [ 2103.628457][T11289] file 126976 [ 2103.628457][T11289] kernel 314318848 [ 2103.628457][T11289] kernel_stack 32768 [ 2103.628457][T11289] pagetables 69632 [ 2103.628457][T11289] percpu 11039616 [ 2103.628457][T11289] sock 0 [ 2103.628457][T11289] vmalloc 0 [ 2103.628457][T11289] shmem 126976 [ 2103.628457][T11289] file_mapped 126976 [ 2103.628457][T11289] file_dirty 0 [ 2103.628457][T11289] file_writeback 0 [ 2103.628457][T11289] swapcached 0 [ 2103.628457][T11289] inactive_anon 192512 [ 2103.628457][T11289] active_anon 57344 [ 2103.628457][T11289] inactive_file 0 [ 2103.628457][T11289] active_file 0 [ 2103.628457][T11289] unevictable 0 [ 2103.628457][T11289] slab_reclaimable 17992 [ 2103.628457][T11289] slab_unreclaimable 303122784 [ 2103.628457][T11289] slab 303140776 [ 2103.628457][T11289] workingset_refault_anon 0 [ 2103.628457][T11289] workingset_refault_file 15 [ 2103.628457][T11289] workingset_activate_anon 0 [ 2103.628457][T11289] workingset_activate_file 0 01:41:34 executing program 5: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_buf(r0, 0x6, 0x2, &(0x7f0000000000)='\x00\x00\x00\x00', 0x4) [ 2103.726405][T11289] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=11289,uid=0 [ 2103.736090][T11307] tmpfs: Bad value for 'mpol' [ 2103.741757][T11289] Memory cgroup out of memory: Killed process 11289 (syz-executor.4) total-vm:46312kB, anon-rss:388kB, file-rss:8192kB, shmem-rss:0kB, UID:0 pgtables:72kB oom_score_adj:1000 01:41:34 executing program 4: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_buf(r0, 0x6, 0x1b, &(0x7f0000000000)='\x00\x00\x00\x00', 0x4) 01:41:34 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_buf(r0, 0x6, 0x24, &(0x7f0000000000)="71351048", 0x4) 01:41:34 executing program 5: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_buf(r0, 0x0, 0x4, &(0x7f0000000000)="7104", 0x2) 01:41:34 executing program 2: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000240)=0x1) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4000000010001fff000000000000007a00000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00ed"], 0x40}}, 0x0) 01:41:34 executing program 0: getpid() socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, 0x0, 0x0, 0x2, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4000000010001fff0000004a0000000000000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00edd62ea20a1d331785", @ANYBLOB="f6058f6edd13b339a41741df7cc8ce16a184f1c3ce95557b15a6b9d8ed59050d446d58b1b14a601e31bc1f05ac2d5eab491981e7982e0834ddf3bc6592804936196dbce83b114f9265aa8c87654cf456311e4cba3ee22fd0451b75c902767755ccec2eb4ea77c45e8d4d4e77f867648d98797fdd8711d671c5f22669c60eb10bf9570150a2c247bf1e55cd1fb91e41588a73327e20823f2f15ce2255a75e6d8afb40aa37c5ae7af3fb6c770673242110d1e2c33cfd3264e2a156ae5ee38d5abfb2ad4c2a8a"], 0x40}}, 0x0) 01:41:34 executing program 3: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000240)=0x1) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4000000010001fff00000000000005c700000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00ed"], 0x40}}, 0x0) 01:41:34 executing program 5: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_buf(r0, 0x0, 0x29, &(0x7f0000000000)="713510480af65f9fdf243c64743ccdae", 0x10) 01:41:34 executing program 1: socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCETHTOOL(r0, 0x8901, &(0x7f00000001c0)={'vcan0\x00', 0x0}) 01:41:34 executing program 1: r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$inet_buf(r0, 0x0, 0x4, 0x0, 0x0) 01:41:34 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_buf(r0, 0x6, 0x5, &(0x7f0000000000)="01000000", 0x4) 01:41:34 executing program 5: syz_mount_image$ext4(0x0, &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) lsetxattr$trusted_overlay_origin(&(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x0, 0x0, 0x0) mknod(&(0x7f0000000040)='./file0/file0\x00', 0x0, 0x0) 01:41:34 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_buf(r0, 0x6, 0xc, &(0x7f0000000000)="71351048", 0x4) [ 2103.970612][T11317] syz-executor.4 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 2103.980870][T11317] CPU: 0 PID: 11317 Comm: syz-executor.4 Not tainted 5.19.0-rc6-syzkaller-00104-g72a8e05d4f66-dirty #0 [ 2103.991906][T11317] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 2104.002059][T11317] Call Trace: [ 2104.005350][T11317] [ 2104.008351][T11317] dump_stack_lvl+0xd6/0x122 [ 2104.012969][T11317] dump_stack+0x11/0x12 [ 2104.017140][T11317] dump_header+0x98/0x410 [ 2104.021629][T11317] oom_kill_process+0xfe/0x550 [ 2104.026405][T11317] out_of_memory+0x620/0x880 [ 2104.031108][T11317] mem_cgroup_oom+0x475/0x4f0 [ 2104.035786][T11317] try_charge_memcg+0x746/0x960 [ 2104.040637][T11317] charge_memcg+0x63/0x2c0 [ 2104.045104][T11317] __mem_cgroup_charge+0x25/0xa0 [ 2104.050104][T11317] wp_page_copy+0x20f/0x1460 [ 2104.054766][T11317] ? shrink_zones+0x525/0x5d0 [ 2104.059438][T11317] do_wp_page+0x76f/0xe10 [ 2104.063767][T11317] handle_mm_fault+0x5fb/0xa90 [ 2104.068567][T11317] do_user_addr_fault+0x4cd/0x940 [ 2104.073607][T11317] exc_page_fault+0x60/0x160 [ 2104.078234][T11317] asm_exc_page_fault+0x22/0x30 [ 2104.083086][T11317] RIP: 0033:0x7fe837f5a340 [ 2104.087488][T11317] Code: fe ff 49 39 dc 75 eb 48 8b 44 24 18 89 28 48 83 c4 28 5b 5d 41 5c 41 5d 41 5e 41 5f c3 0f 1f 44 00 00 41 89 c5 e9 75 fe ff ff <43> 89 2c 84 e9 a3 fe ff ff 0f 1f 80 00 00 00 00 49 39 d4 74 70 48 [ 2104.107180][T11317] RSP: 002b:00007ffd964f7790 EFLAGS: 00010246 [ 2104.114118][T11317] RAX: 00000000adb543af RBX: 00007fe8380beff8 RCX: 0000001b2de20000 [ 2104.122082][T11317] RDX: 0000000000000000 RSI: 0000001b2de20018 RDI: 0000000008e12307 [ 2104.130146][T11317] RBP: 00000000adb543af R08: 00000000000003af R09: 00000000adb543b3 [ 2104.138183][T11317] R10: 00007ffd964f7960 R11: 0000000000000246 R12: 00007fe8380b3000 [ 2104.146419][T11317] R13: 0000000000000001 R14: 0000000000000005 R15: ffffffff81923e3c [ 2104.154435][T11317] ? selinux_socket_create+0x2c/0x180 [ 2104.159915][T11317] [ 2104.163059][T11317] memory: usage 307200kB, limit 307200kB, failcnt 66067 [ 2104.170030][T11317] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2104.176891][T11317] Memory cgroup stats for /syz4: [ 2105.550234][T11317] anon 114688 [ 2105.550234][T11317] file 126976 [ 2105.550234][T11317] kernel 314318848 [ 2105.550234][T11317] kernel_stack 32768 [ 2105.550234][T11317] pagetables 69632 [ 2105.550234][T11317] percpu 11039616 [ 2105.550234][T11317] sock 0 [ 2105.550234][T11317] vmalloc 0 [ 2105.550234][T11317] shmem 126976 [ 2105.550234][T11317] file_mapped 126976 [ 2105.550234][T11317] file_dirty 0 [ 2105.550234][T11317] file_writeback 0 [ 2105.550234][T11317] swapcached 0 [ 2105.550234][T11317] inactive_anon 184320 [ 2105.550234][T11317] active_anon 57344 [ 2105.550234][T11317] inactive_file 0 [ 2105.550234][T11317] active_file 0 [ 2105.550234][T11317] unevictable 0 [ 2105.550234][T11317] slab_reclaimable 16816 [ 2105.550234][T11317] slab_unreclaimable 303125272 [ 2105.550234][T11317] slab 303142088 [ 2105.550234][T11317] workingset_refault_anon 0 [ 2105.550234][T11317] workingset_refault_file 15 [ 2105.550234][T11317] workingset_activate_anon 0 [ 2105.550234][T11317] workingset_activate_file 0 01:41:36 executing program 4: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$BATADV_CMD_GET_MCAST_FLAGS(r0, &(0x7f0000000ec0)={0x0, 0x0, &(0x7f0000000e80)={0x0}, 0x300}, 0x0) 01:41:36 executing program 5: r0 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x0) ioctl$SG_GET_RESERVED_SIZE(r0, 0x2272, 0x0) 01:41:36 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$BATADV_CMD_GET_MCAST_FLAGS(r0, &(0x7f0000000ec0)={&(0x7f0000000dc0)={0x2}, 0xc, &(0x7f0000000e80)={&(0x7f0000000e40)={0x14}, 0xfd76}}, 0x0) [ 2105.646048][T11317] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=11317,uid=0 [ 2105.661380][T11317] Memory cgroup out of memory: Killed process 11317 (syz-executor.4) total-vm:46312kB, anon-rss:388kB, file-rss:8192kB, shmem-rss:0kB, UID:0 pgtables:72kB oom_score_adj:1000 [ 2105.712237][T11348] syz-executor.4 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 2105.722518][T11348] CPU: 1 PID: 11348 Comm: syz-executor.4 Not tainted 5.19.0-rc6-syzkaller-00104-g72a8e05d4f66-dirty #0 [ 2105.733824][T11348] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 2105.744016][T11348] Call Trace: [ 2105.747279][T11348] [ 2105.750197][T11348] dump_stack_lvl+0xd6/0x122 [ 2105.754782][T11348] dump_stack+0x11/0x12 [ 2105.759013][T11348] dump_header+0x98/0x410 [ 2105.763343][T11348] oom_kill_process+0xfe/0x550 [ 2105.768107][T11348] out_of_memory+0x620/0x880 [ 2105.772778][T11348] mem_cgroup_oom+0x475/0x4f0 [ 2105.777542][T11348] try_charge_memcg+0x746/0x960 [ 2105.782391][T11348] ? avc_has_perm_noaudit+0x1c0/0x270 [ 2105.787820][T11348] obj_cgroup_charge+0x171/0x2b0 [ 2105.792748][T11348] memcg_slab_pre_alloc_hook+0xf7/0x170 [ 2105.798284][T11348] ? sock_alloc_inode+0x2d/0xa0 [ 2105.803333][T11348] kmem_cache_alloc_lru+0x76/0x2b0 [ 2105.808485][T11348] sock_alloc_inode+0x2d/0xa0 [ 2105.813219][T11348] ? sockfs_init_fs_context+0x70/0x70 [ 2105.818574][T11348] alloc_inode+0x38/0x150 [ 2105.822899][T11348] new_inode_pseudo+0x13/0x90 [ 2105.827687][T11348] __sock_create+0x122/0x4e0 [ 2105.832279][T11348] __sys_socket+0x9c/0x220 [ 2105.836748][T11348] __x64_sys_socket+0x3b/0x50 [ 2105.841552][T11348] do_syscall_64+0x2b/0x70 [ 2105.846064][T11348] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 2105.851986][T11348] RIP: 0033:0x7fe837fac109 [ 2105.856385][T11348] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 2105.876129][T11348] RSP: 002b:00007fe837722168 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 2105.884554][T11348] RAX: ffffffffffffffda RBX: 00007fe8380bef60 RCX: 00007fe837fac109 [ 2105.892510][T11348] RDX: 0000000000000010 RSI: 0000000000000003 RDI: 0000000000000010 [ 2105.900483][T11348] RBP: 00007fe83800605d R08: 0000000000000000 R09: 0000000000000000 [ 2105.908447][T11348] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 2105.916455][T11348] R13: 00007ffd964f77ff R14: 00007fe837722300 R15: 0000000000022000 [ 2105.924542][T11348] [ 2105.927584][T11348] memory: usage 307188kB, limit 307200kB, failcnt 66103 [ 2105.934547][T11348] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2105.941394][T11348] Memory cgroup stats for /syz4: [ 2105.941604][T11348] anon 106496 [ 2105.941604][T11348] file 126976 [ 2105.941604][T11348] kernel 314335232 [ 2105.941604][T11348] kernel_stack 32768 [ 2105.941604][T11348] pagetables 77824 [ 2105.941604][T11348] percpu 11039616 [ 2105.941604][T11348] sock 0 [ 2105.941604][T11348] vmalloc 0 [ 2105.941604][T11348] shmem 126976 [ 2105.941604][T11348] file_mapped 126976 [ 2105.941604][T11348] file_dirty 0 [ 2105.941604][T11348] file_writeback 0 [ 2105.941604][T11348] swapcached 0 [ 2105.941604][T11348] inactive_anon 114688 [ 2105.941604][T11348] active_anon 57344 [ 2105.941604][T11348] inactive_file 0 [ 2105.941604][T11348] active_file 0 [ 2105.941604][T11348] unevictable 0 [ 2105.941604][T11348] slab_reclaimable 24648 [ 2105.941604][T11348] slab_unreclaimable 303125064 [ 2105.941604][T11348] slab 303149712 [ 2105.941604][T11348] workingset_refault_anon 0 [ 2105.941604][T11348] workingset_refault_file 15 [ 2105.941604][T11348] workingset_activate_anon 0 [ 2105.941604][T11348] workingset_activate_file 0 [ 2106.042564][T11348] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=11347,uid=0 [ 2106.057938][T11348] Memory cgroup out of memory: Killed process 11347 (syz-executor.4) total-vm:46444kB, anon-rss:388kB, file-rss:8192kB, shmem-rss:0kB, UID:0 pgtables:80kB oom_score_adj:1000 [ 2106.081901][T11348] socket: no more sockets 01:41:36 executing program 2: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000240)=0x1) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4000000010001fff000000000000037e00000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00ed"], 0x40}}, 0x0) 01:41:36 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_CHANNEL_SWITCH(r0, &(0x7f0000003a80)={0x0, 0x0, &(0x7f0000003a40)={&(0x7f0000000480)={0xec4, 0x0, 0x0, 0x0, 0x0, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_CSA_IES={0x20, 0xb9, 0x0, 0x1, [@NL80211_ATTR_CSA_C_OFF_BEACON={0x6, 0xba, [0x0]}, @NL80211_ATTR_CSA_C_OFF_BEACON={0xa, 0xba, [0x0, 0x0, 0x1]}, @NL80211_ATTR_CSA_C_OFF_PRESP={0x6, 0xbb, [0x0]}]}, @NL80211_ATTR_CSA_IES={0xe88, 0xb9, 0x0, 0x1, [@NL80211_ATTR_CSA_C_OFF_BEACON={0x16, 0xba, [0x0, 0x0, 0x3ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}, @beacon_params=[@NL80211_ATTR_BEACON_HEAD={0x199, 0xe, {@wo_ht={{}, {}, @broadcast, @broadcast, @from_mac}, 0x0, @random, 0x0, @void, @void, @void, @void, @void, @void, @val={0x25, 0x3}, @val={0x2a, 0x1}, @val={0x3c, 0x4}, @val={0x2d, 0x1a}, @void, @val={0x71, 0x7}, @val={0x76, 0x6}, [{0xdd, 0xc1, "4b2ea5dfc4ca19ec7755caecc1c514a843eb1b1444719a924d0bf373376b36c86996c3b8c350df8954f23b5f3ed3dfdfd983ae102c7a0e00db8eeb92902ef196f3d91d98a5a04eee94e1168cf4e4a503fe4cdde519deb7ec527113c40460175002bf633b1b5dfd8abde351845c50210c5e09cea216d508fc836dd28d39ee5eae967736a2eb667f71c78e995ee92d3daae6c469e04e5c031331c23e6ec76250f85c2fe85f7739748835fcb3748d604254722b9ef3a9275973a346f0199c67462627"}, {0xdd, 0x71, "2cf89dcb97bdaa17796322a41519571556edbc37bbbf2083ad2357c5ab6ffa5877808bce84a64c032c8da4bf0e02449933f950d786213b25d17378810b69605f59bf10ca3969d819b253e74fd0a3a7f5a0f5d9f500d12392c44d2644124be243741c66193b8e7abec3ad2eaab1226b2b18"}]}}, @NL80211_ATTR_IE_ASSOC_RESP={0xd6, 0x80, [@perr={0x84, 0xc8, {0x0, 0xc, [@ext={{}, @broadcast, 0x0, @device_b}, @not_ext={{}, @broadcast}, @ext={{}, @broadcast, 0x0, @device_b}, @ext={{}, @device_a, 0x0, @device_b}, @ext={{}, @device_b}, @not_ext={{}, @broadcast}, @ext={{}, @device_a, 0x0, @broadcast}, @ext={{}, @device_b, 0x0, @device_b}, @not_ext, @ext={{}, @device_b, 0x0, @broadcast}, @not_ext={{}, @device_b}, @not_ext={{}, @device_b}]}}, @mesh_id={0x72, 0x6}]}, @NL80211_ATTR_PROBE_RESP={0xf5, 0x91, "cbf0c08582dbff1620bb190e4bdc4415e716e6fa92379c9fc3c54fc4248dc22231bfff6e9b7fa7016103bf8a2fbf70ba6431b21a38e7d26756671e501617a0477b31491a3780d5f0a530fa09ccb36a55108e0128583770947c997bb008e31a19fe1eefcf7645e6bd73c509c21cd26b18cfe2a15c7ba3da943abac994ece658477d98204a0be2726f57c7395f0f298523c0efa04e071b05d09a98928edcbe919497021358d55a81caf6d0914bd65d77e9e03c2374a9909191e711ebb03d5176f224fa16561bbc34d87d6789adbb246d8bfab88dddbee8af5b1463e95cd61b3dbf02e86e50582ce67dc2fc092c47c4812ffe"}, @NL80211_ATTR_PROBE_RESP={0x8c5, 0x91, "544726fd914a4a155eca2e373a7122adefd6c217d4c8c996877d2f99546338c5d13365603231d11fd2a61a16e5bff78871bebe7c0543aeff44a5ba9fab34a52011c2cec8f2690b3cb7d4555eb846e0d77288b176715f58456bb2f3513328d7f4009db1c254602f068fd34beafcbdbbc0abc7934b58367f17597d4a350893eb1e772c2e48eb9a943b33ed79237bdf4c475d0df98341e5651ad4d9e6e6a68f1e33ee0d069a2027ad937debfcd783f5086084616484231d355c85e40727977f6a2129abf49e4dd0364a7c67106bea6c81f84fc1db09c00d36e01967385d23651d03591a8d3d976e9767aa1deeaadd44ef5662c2d48cfc5380e9aa03cec20b660d4f6e2b88d3a834958fd0e5111393f665406b03a743198edd325f8dc51856f46459317158e8921b8e18bc12435d710d65d0320c22c960076e5f3890c53588e86df4e7d6c9b406f5e68e1d9d0a32f75317c1a81baaf1b895238f7ad5735f3a3f0efa2db13081a23c5019cbed8ef26754e4f1034b7af6d73b771600210ae88abf820a85d055556e89f57f86f5fdf1366a97aba9a6ec9e034fcb47556cd44c8bd2476b98742499cbbc16af340c59bbd74cbf183dbac171f030b5afbbd6236c6cff8f84118c447e9e223b252cfb29ede40b4574e3457e5fb61db3d7a6f70aea0024274b8d3ba734513da6562b244aabcc7b2c576369441360585d37b6b239f37a78dd81e53f80662094559441805d508d01369e9b458900bd8971b9037a76a3a57b0751f1a8551d363e88f4887b4afaf0d35bed06ec96c6748dd41cf57afbf3b885714e2d0828608962efddb091bdacb24be477202f9b4ae3046dbf6aef6cfc0b91506b08cf183b3c02aa8259a80caed15decfdd1f0c904496cd2d897fa87e3559f19b52469acac28a95a49bc1a38efa88148f3c9444c5a991d893a254195a926dc8aa96d786fde070e8b821baacb8d936ba9b9f34aea95f923028162275d8ce4af41c0b6ee7d15d12036458207c1202a27c03b4ca4d89db41e3995a276303281cf2abda1128d69f94b58e6c5201b85ca4d6c845886bfe919b7577b30110bf03aeaae1a646904653a0eebdb23b289bce982d861e249c3a38456f1da7849a7f5cff723604a8fe4d6d0f4d3ed2013e5601027745712cdb2152b6d1fa25bc1d86d5f0ed7b507942a2e350bf57e39e324d837a8dcd411019524b3094c9ae17f54c812bf9a53a3a903447f79933ea47b03fff371d2bb6fb01332ca1a340a101fc163a235b61e6f29d95c20d8848eeada58f8f1bb6f4cc246330db3970993d98250c1d815752fca92f9524f7faba6d830748cfd3d9d33c4176927742b9d06588f0906cda166d76b23cb8dd2493ccd6ff11ac4e0c9a0440c30e55450483637678cef4bdfac32460ba1fa4726aa9dc08aa067669c187ad3648db090b9c592ad53996ca65711b805f87d208aa52f668c8789cde33cf903ebd526daf495f0bda7b1471ff6bc7807e9ee27c762c6bf7b1dd6a2368c01146c07a5c9ef9bf383cb79e52afee58537730192ba010352d1c44ac7a56ca5e88c653b1e4ca78b869243ab3073d69f51142ac1149268b5b9099d8d1a3fcfe1ca495e36992ca9c1cdf03397b81a1fa87afac3c363c4cd4971530ebd855a19b137fd22bd0a06f04ee9f4f57909e5ce117d620a9c55eaa7bc70a374ba24972f020dbd8d965f66dddd56bc3f1596442c7f1d4da8a603dd53a6291fadf7ae643dda63ba9f37c8352815faa522d3c8f6d47064fa7fc5aeb8dd0dfeaa92f3529f7c97cd27a0fb8a57fc9364afe4c30120498e4327c1e84bd36cb79e4548ae581f27001101cbab4fe31319aea8b1c9b3e516b2927db9b9da523bab15cc3540ae7267491d7db3548ec7c47c80ff551e9406d5b85c2bd10d193333e9e64c6a919901b0c832f2bccc8852a31abaaa4cf45cd295a69097a7caa422b1e299726e665eba30bf2129760d0bd736ec0caae416d6c2349fd9edaaa9c57d037ab5a0de53aa9d7b2fd0ef52d59016daf8b690f56a7e5ec878c00eb32a513534255ade732f5d2ebe05b95a371b9eea0f5bc6bc3d5539786042c2a711314063aa5c56eafae39199441ff1ef08185616101dc05e29bd166fc8df101ad80f61a29149ee7e330dae20eec52bd446410ce1c690a4083e6b76a26055ad42576b8d84aa4b131056bdf375ac46cbe05b86ffb5fae0e23c4ba03d6225f4a177d937cf1b71e563ea7520baceaaf77b33c2c5eac0a78cf44c039ccd9dbd46f64fc3bef6880feb261ec0e0befb6d72d0d7fe359bc9c3ecae78fabe2a06a708daeaf7b449a8dc494a2136d47d2ab6d29f93837cf07e1747d257191fae7db0ec3729136534d23afcac87c7bbb80d4f35b345f44f72b418f7fe811ac47ea983016743f0e59091192dca7adbbc10eb04b1052649d176f9c0bbb89d89a4a233cd0f1ae31b4bad07a0c864644a5794095a2a8b20ddaa5de924784c8a81b3feb042bf1ab4b26cdd245f8170cf1caf183021ffdd32d7e31551f07a3de3f83df37d316c2836719b2bb39e363318c26203a5a56d123ad9b7d26b6101085226ed0120f5c99374875e64525b24ff9034fa057a3d88ae41afa16cf8316b8a85be3e168e3e0ff1faf8717ec7cda637863f553c4a358b6e974b4e16f21c749b0be1c100078ab09992bf4a0807806232f62652dd5206b909a59647985dc28af1fbeaeaba94dc484f594d5ecf2c2a2c130897c89115c7ce6aeb7da12df94fbafb01a55bc18ec5ab6185530d82a69dfe436813b4c52f71b5f4230f793733acd4d7166e388fa6919449acf0eef428db592d2604e85ed2f3ef3991f02623e3f3ac72497a211ac9a8331836caa3276064da192add2c507ae013ae6c8a4382b71d161266399b0ee1a9e10e905c29184a764a59b112556cb182ebc65f5210853a0e64f3706efcdb63e76715246b191a7dc7b8eb0236b8874540e6b99c8cde7575701c82294d4b6acd594da387501043fe411fe9be926d5e05536ae3373c0453445871ae75f2b6f89d9fe2cdc603d9d2c03d2f84f2c8d537ac4e5591f519be0003e7639f7d9663b40246a831e2dd656209432575661ba4b8658b587b121e381e77b91f7817a565654f5cbe1d2ea9732a3ce576d8bce164572f00968260bbeed746924b773d273dba6c374ca0ebd85922"}], @beacon_params=[@NL80211_ATTR_BEACON_HEAD={0x229, 0xe, {@wo_ht={{}, {}, @device_a, @device_a, @from_mac=@device_b}, 0x0, @random, 0x0, @val={0x0, 0x6, @default_ap_ssid}, @val, @val={0x3, 0x1}, @void, @void, @val={0x5, 0x6f, {0x0, 0x0, 0x0, "f3cec9033ff513426db63569ca045b9a6c086902d4f6e1eb9fd8667b8bcd377f7a6a656133787f02e1fc85ea90727ca154d367b7f17b8c8a70d8f55c9d0bb21ca77dd54434c14582aadfcaf62c76e1c918537e115b27e7f4d4789bdef28bf5e9e0844a5e9374ceab34a53233"}}, @void, @val={0x2a, 0x1}, @void, @val={0x2d, 0x1a}, @void, @val={0x71, 0x7}, @void, [{0xdd, 0xa7, "bc435ee2cbae68a6a95297f62a681a0e3e209906b049ddb2c725af8b211feb0847253ae647246ddbc7dca483b0d87ed230153768376d7c38dcf36459a2c5556efdf86cb459440421d688c097520becad48b863660f3613307e56f7c8f38278aa10421fe269383f2e7c3af0c8489fb35e8c3ea20338876257b58f78d6e2585dcb66986f657e4f7da89159425080a37535724a8fb48eb937718e4200aac7ddbb4942d8014507d669"}, {0xdd, 0x9d, "9c9579f90a13d50d84b10a0c980adaa9ae4970c7b7b29b5cae752725ecfb58c00a196104bfef97833dedf5c28b96c09dbaf24f7541b6d9f2ada220c393295c42bf3a9ccb7865cae9ec88f8684acea884dab4636bace47a9b9f31c247a8424826e5022cc3aa06afc1768e4cca0ae1b42f90ef3782ca76422d7c6fda2c913351193f852705067cf66a70c1f8dad3753429afc65cb60765b585cac0a2f90b"}, {0xdd, 0x11, "f27c7fa5381dacc5fb72eae7b78d15a552"}]}}], @NL80211_ATTR_CSA_C_OFF_PRESP={0xa, 0xbb, [0x0, 0x0, 0x0]}]}]}, 0xec4}}, 0x0) 01:41:36 executing program 4: syz_mount_image$msdos(&(0x7f0000000ac0), &(0x7f0000000b00)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001c40)=ANY=[@ANYBLOB='smackfshat<']) 01:41:36 executing program 5: syz_mount_image$ext4(0x0, &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) openat2$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)={0x200}, 0x18) 01:41:36 executing program 0: getpid() socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, 0x0, 0x0, 0x2, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4000000010001fff0000004c0000000000000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00edd62ea20a1d331785", @ANYBLOB="f6058f6edd13b339a41741df7cc8ce16a184f1c3ce95557b15a6b9d8ed59050d446d58b1b14a601e31bc1f05ac2d5eab491981e7982e0834ddf3bc6592804936196dbce83b114f9265aa8c87654cf456311e4cba3ee22fd0451b75c902767755ccec2eb4ea77c45e8d4d4e77f867648d98797fdd8711d671c5f22669c60eb10bf9570150a2c247bf1e55cd1fb91e41588a73327e20823f2f15ce2255a75e6d8afb40aa37c5ae7af3fb6c770673242110d1e2c33cfd3264e2a156ae5ee38d5abfb2ad4c2a8a"], 0x40}}, 0x0) 01:41:36 executing program 1: syz_mount_image$ext4(0x0, &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount$9p_unix(0x0, &(0x7f0000001ac0)='./file0\x00', &(0x7f0000001b00), 0x0, &(0x7f0000001b40)={'trans=unix,', {[{@version_u}]}}) 01:41:36 executing program 3: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000240)=0x1) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4000000010001fff00000000000000ca00000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00ed"], 0x40}}, 0x0) 01:41:36 executing program 5: socketpair(0x11, 0x0, 0x0, &(0x7f0000000580)) 01:41:36 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_buf(r0, 0x6, 0x11, &(0x7f0000000000)='\x00\x00\x00\x00', 0x4) [ 2106.221600][T11366] syz-executor.4 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 2106.231897][T11366] CPU: 0 PID: 11366 Comm: syz-executor.4 Not tainted 5.19.0-rc6-syzkaller-00104-g72a8e05d4f66-dirty #0 [ 2106.243049][T11366] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 2106.253191][T11366] Call Trace: [ 2106.256470][T11366] [ 2106.259412][T11366] dump_stack_lvl+0xd6/0x122 [ 2106.264015][T11366] dump_stack+0x11/0x12 [ 2106.268190][T11366] dump_header+0x98/0x410 [ 2106.272547][T11366] oom_kill_process+0xfe/0x550 [ 2106.277319][T11366] out_of_memory+0x620/0x880 [ 2106.281962][T11366] mem_cgroup_oom+0x475/0x4f0 [ 2106.286702][T11366] try_charge_memcg+0x746/0x960 [ 2106.291563][T11366] charge_memcg+0x63/0x2c0 [ 2106.296030][T11366] __mem_cgroup_charge+0x25/0xa0 [ 2106.300978][T11366] do_anonymous_page+0x1d6/0xa20 [ 2106.306042][T11366] handle_mm_fault+0x8a0/0xa90 [ 2106.310823][T11366] do_user_addr_fault+0x4cd/0x940 [ 2106.315908][T11366] exc_page_fault+0x60/0x160 [ 2106.320540][T11366] asm_exc_page_fault+0x22/0x30 [ 2106.325412][T11366] RIP: 0033:0x7fe837f4d651 [ 2106.329841][T11366] Code: 3d c4 88 0a 00 e8 ef c0 ff ff 66 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 41 57 41 56 41 55 41 54 55 53 48 81 ec 98 01 00 00 <48> 89 7c 24 38 48 89 74 24 30 48 89 54 24 28 48 89 4c 24 20 4c 89 [ 2106.349611][T11366] RSP: 002b:00007fe837721f90 EFLAGS: 00010206 [ 2106.355686][T11366] RAX: 00007fe837f4d640 RBX: 00007fe8380bef60 RCX: 0000000000000000 [ 2106.363757][T11366] RDX: 0000000000000000 RSI: 0000000020000b00 RDI: 0000000020000ac0 [ 2106.371729][T11366] RBP: 00007fe83800605d R08: 0000000000000000 R09: 0000000000000000 [ 2106.379731][T11366] R10: 0000000020000ac0 R11: 0000000000000000 R12: 0000000000000000 [ 2106.387763][T11366] R13: 00007ffd964f77ff R14: 00007fe837722300 R15: 0000000000022000 [ 2106.395953][T11366] [ 2106.399012][T11366] memory: usage 307200kB, limit 307200kB, failcnt 66224 [ 2106.405964][T11366] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2106.412807][T11366] Memory cgroup stats for /syz4: [ 2106.519989][T11366] anon 106496 [ 2106.519989][T11366] file 126976 [ 2106.519989][T11366] kernel 314339328 [ 2106.519989][T11366] kernel_stack 32768 [ 2106.519989][T11366] pagetables 77824 [ 2106.519989][T11366] percpu 11039616 [ 2106.519989][T11366] sock 0 [ 2106.519989][T11366] vmalloc 0 [ 2106.519989][T11366] shmem 126976 [ 2106.519989][T11366] file_mapped 126976 [ 2106.519989][T11366] file_dirty 0 [ 2106.519989][T11366] file_writeback 0 [ 2106.519989][T11366] swapcached 0 [ 2106.519989][T11366] inactive_anon 176128 [ 2106.519989][T11366] active_anon 57344 [ 2106.519989][T11366] inactive_file 0 [ 2106.519989][T11366] active_file 0 [ 2106.519989][T11366] unevictable 0 [ 2106.519989][T11366] slab_reclaimable 21344 [ 2106.519989][T11366] slab_unreclaimable 303129544 [ 2106.519989][T11366] slab 303150888 [ 2106.519989][T11366] workingset_refault_anon 0 [ 2106.519989][T11366] workingset_refault_file 15 [ 2106.519989][T11366] workingset_activate_anon 0 [ 2106.519989][T11366] workingset_activate_file 0 01:41:37 executing program 5: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x1b, &(0x7f0000000080)=0x9c, 0x4) 01:41:37 executing program 5: r0 = socket$inet_tcp(0x2, 0x1, 0x0) getsockopt$inet_mreqn(r0, 0x0, 0x42, 0x0, &(0x7f0000000080)) [ 2106.615719][T11366] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=11361,uid=0 [ 2106.631077][T11366] Memory cgroup out of memory: Killed process 11361 (syz-executor.4) total-vm:46312kB, anon-rss:388kB, file-rss:8192kB, shmem-rss:0kB, UID:0 pgtables:80kB oom_score_adj:1000 01:41:37 executing program 5: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_buf(r0, 0x6, 0x12, &(0x7f0000000000)="71351048", 0x4) 01:41:37 executing program 2: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000240)=0x1) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4000000010001fff000000000000038000000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00ed"], 0x40}}, 0x0) 01:41:37 executing program 4: syz_mount_image$ext4(0x0, &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount$tmpfs(0x0, &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x0, 0x0) openat2$dir(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', &(0x7f0000000300)={0xc1, 0x0, 0x3}, 0x18) 01:41:37 executing program 5: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_buf(r0, 0x6, 0xa, &(0x7f0000000000)="71351048", 0x4) 01:41:37 executing program 1: prctl$PR_CAPBSET_READ(0x18, 0x0) 01:41:37 executing program 0: getpid() socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, 0x0, 0x0, 0x2, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4000000010001fff000003560000000000000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00edd62ea20a1d331785", @ANYBLOB="f6058f6edd13b339a41741df7cc8ce16a184f1c3ce95557b15a6b9d8ed59050d446d58b1b14a601e31bc1f05ac2d5eab491981e7982e0834ddf3bc6592804936196dbce83b114f9265aa8c87654cf456311e4cba3ee22fd0451b75c902767755ccec2eb4ea77c45e8d4d4e77f867648d98797fdd8711d671c5f22669c60eb10bf9570150a2c247bf1e55cd1fb91e41588a73327e20823f2f15ce2255a75e6d8afb40aa37c5ae7af3fb6c770673242110d1e2c33cfd3264e2a156ae5ee38d5abfb2ad4c2a8a"], 0x40}}, 0x0) 01:41:37 executing program 5: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_buf(r0, 0x0, 0x4, &(0x7f0000000000)='q5', 0x2) 01:41:37 executing program 3: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000240)=0x1) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4000000010001fff00000000000002ce00000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00ed"], 0x40}}, 0x0) 01:41:37 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_buf(r0, 0x6, 0x8, &(0x7f0000000000)="71351048", 0x4) 01:41:37 executing program 5: socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCETHTOOL(r0, 0x8993, &(0x7f00000001c0)={'vcan0\x00', 0x0}) 01:41:37 executing program 1: socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCETHTOOL(r0, 0x891e, &(0x7f00000001c0)={'vcan0\x00', 0x0}) [ 2107.037527][T11379] syz-executor.4 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 2107.047848][T11379] CPU: 1 PID: 11379 Comm: syz-executor.4 Not tainted 5.19.0-rc6-syzkaller-00104-g72a8e05d4f66-dirty #0 [ 2107.058881][T11379] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 2107.068995][T11379] Call Trace: [ 2107.072279][T11379] [ 2107.075209][T11379] dump_stack_lvl+0xd6/0x122 [ 2107.079812][T11379] dump_stack+0x11/0x12 [ 2107.084010][T11379] dump_header+0x98/0x410 [ 2107.088416][T11379] oom_kill_process+0xfe/0x550 [ 2107.093192][T11379] out_of_memory+0x620/0x880 [ 2107.097781][T11379] mem_cgroup_oom+0x475/0x4f0 [ 2107.102460][T11379] try_charge_memcg+0x746/0x960 [ 2107.107316][T11379] charge_memcg+0x63/0x2c0 [ 2107.111712][T11379] __mem_cgroup_charge+0x25/0xa0 [ 2107.116764][T11379] do_anonymous_page+0x1d6/0xa20 [ 2107.121715][T11379] handle_mm_fault+0x8a0/0xa90 [ 2107.126528][T11379] do_user_addr_fault+0x4cd/0x940 [ 2107.131615][T11379] exc_page_fault+0x60/0x160 [ 2107.136195][T11379] asm_exc_page_fault+0x22/0x30 [ 2107.141044][T11379] RIP: 0033:0x7fe837f57d0d [ 2107.145445][T11379] Code: e0 04 8b 44 02 08 85 c0 0f 85 d0 0a 00 00 31 c0 b9 40 42 0f 00 ba 81 00 00 00 c7 06 01 00 00 00 bf ca 00 00 00 e8 e3 43 05 00 <83> 05 ec b2 56 00 01 80 bc 24 d8 00 00 00 00 0f b6 05 6f 06 0a 01 [ 2107.165165][T11379] RSP: 002b:00007ffd964f7880 EFLAGS: 00010217 [ 2107.171213][T11379] RAX: 0000000000000000 RBX: 00007fe8380bef6c RCX: 00007fe837fac109 [ 2107.179185][T11379] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007fe8380bef68 [ 2107.187153][T11379] RBP: 00007fe8380bef60 R08: 00007fe837722700 R09: 0000000000000000 [ 2107.195175][T11379] R10: 00007fe837722700 R11: 0000000000000246 R12: 00007fe8380bef6c [ 2107.203149][T11379] R13: 00007fe8380c30e8 R14: 00007fe8380bef60 R15: 0000000000000000 [ 2107.211255][T11379] [ 2107.214532][T11379] memory: usage 307200kB, limit 307200kB, failcnt 66289 [ 2107.221502][T11379] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2107.228413][T11379] Memory cgroup stats for /syz4: [ 2108.880471][T11379] anon 94208 [ 2108.880471][T11379] file 126976 [ 2108.880471][T11379] kernel 314318848 [ 2108.880471][T11379] kernel_stack 32768 [ 2108.880471][T11379] pagetables 77824 [ 2108.880471][T11379] percpu 11039616 [ 2108.880471][T11379] sock 0 [ 2108.880471][T11379] vmalloc 0 [ 2108.880471][T11379] shmem 126976 [ 2108.880471][T11379] file_mapped 126976 [ 2108.880471][T11379] file_dirty 0 [ 2108.880471][T11379] file_writeback 0 [ 2108.880471][T11379] swapcached 0 [ 2108.880471][T11379] inactive_anon 163840 [ 2108.880471][T11379] active_anon 57344 [ 2108.880471][T11379] inactive_file 0 [ 2108.880471][T11379] active_file 0 [ 2108.880471][T11379] unevictable 0 [ 2108.880471][T11379] slab_reclaimable 21344 [ 2108.880471][T11379] slab_unreclaimable 303119128 [ 2108.880471][T11379] slab 303140472 [ 2108.880471][T11379] workingset_refault_anon 0 [ 2108.880471][T11379] workingset_refault_file 15 [ 2108.880471][T11379] workingset_activate_anon 0 [ 2108.880471][T11379] workingset_activate_file 0 01:41:39 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$BATADV_CMD_GET_MCAST_FLAGS(r0, &(0x7f0000000ec0)={0x0, 0x0, &(0x7f0000000e80)={0x0}, 0x1, 0x0, 0xf00}, 0x0) 01:41:39 executing program 5: r0 = socket$inet(0x2, 0xa, 0x0) sendmsg$IPSET_CMD_SWAP(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={0x0}, 0x300}, 0x0) syz_clone3(&(0x7f0000001240)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, &(0x7f0000000100)=[0x0], 0x1}, 0x58) [ 2108.976215][T11379] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=11379,uid=0 [ 2108.991517][T11379] Memory cgroup out of memory: Killed process 11379 (syz-executor.4) total-vm:46312kB, anon-rss:388kB, file-rss:8192kB, shmem-rss:0kB, UID:0 pgtables:80kB oom_score_adj:1000 01:41:39 executing program 2: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000240)=0x1) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4000000010001fff000000000000008100000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00ed"], 0x40}}, 0x0) 01:41:39 executing program 4: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff}) recvfrom$unix(r0, 0x0, 0x0, 0x1, 0x0, 0x0) 01:41:39 executing program 5: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_buf(r0, 0x6, 0x14, &(0x7f0000000000)="71351048", 0x4) 01:41:39 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) setsockopt$inet_udp_int(r0, 0x11, 0x64, &(0x7f0000000040), 0x4) 01:41:39 executing program 0: getpid() socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, 0x0, 0x0, 0x2, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4000000010001fff000065580000000000000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00edd62ea20a1d331785", @ANYBLOB="f6058f6edd13b339a41741df7cc8ce16a184f1c3ce95557b15a6b9d8ed59050d446d58b1b14a601e31bc1f05ac2d5eab491981e7982e0834ddf3bc6592804936196dbce83b114f9265aa8c87654cf456311e4cba3ee22fd0451b75c902767755ccec2eb4ea77c45e8d4d4e77f867648d98797fdd8711d671c5f22669c60eb10bf9570150a2c247bf1e55cd1fb91e41588a73327e20823f2f15ce2255a75e6d8afb40aa37c5ae7af3fb6c770673242110d1e2c33cfd3264e2a156ae5ee38d5abfb2ad4c2a8a"], 0x40}}, 0x0) 01:41:39 executing program 3: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000240)=0x1) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4000000010001fff00000000000001d200000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00ed"], 0x40}}, 0x0) 01:41:39 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_buf(r0, 0x6, 0x16, &(0x7f0000000000)="71351048", 0x4) 01:41:39 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$BATADV_CMD_GET_MCAST_FLAGS(r0, &(0x7f0000000ec0)={&(0x7f0000000dc0), 0xb, &(0x7f0000000e80)={&(0x7f0000000e40)={0x14}, 0xfd76}}, 0x0) 01:41:39 executing program 5: socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCETHTOOL(r0, 0x8941, 0x0) 01:41:39 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_buf(r0, 0x6, 0xa, &(0x7f0000000000)='\x00\x00\x00\x00', 0x4) 01:41:39 executing program 5: syz_mount_image$ext4(0x0, &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount$tmpfs(0x0, &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x0, 0x0) mount$9p_unix(0x0, &(0x7f0000000040)='./file0\x00', 0x0, 0x30c8061, 0x0) [ 2109.209775][T11411] syz-executor.4 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 2109.220271][T11411] CPU: 0 PID: 11411 Comm: syz-executor.4 Not tainted 5.19.0-rc6-syzkaller-00104-g72a8e05d4f66-dirty #0 [ 2109.231415][T11411] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 2109.241607][T11411] Call Trace: [ 2109.244897][T11411] [ 2109.247839][T11411] dump_stack_lvl+0xd6/0x122 [ 2109.252588][T11411] dump_stack+0x11/0x12 01:41:39 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$BATADV_CMD_GET_MCAST_FLAGS(r0, &(0x7f0000000ec0)={&(0x7f0000000dc0)={0x10, 0x0, 0x9effffff}, 0xc, &(0x7f0000000e80)={&(0x7f0000000e40)={0x14}, 0xfd76}}, 0x0) [ 2109.256984][T11411] dump_header+0x98/0x410 [ 2109.261335][T11411] oom_kill_process+0xfe/0x550 [ 2109.266201][T11411] out_of_memory+0x620/0x880 [ 2109.270814][T11411] mem_cgroup_oom+0x475/0x4f0 [ 2109.275615][T11411] try_charge_memcg+0x746/0x960 [ 2109.280840][T11411] charge_memcg+0x63/0x2c0 [ 2109.285390][T11411] __mem_cgroup_charge+0x25/0xa0 [ 2109.290473][T11411] wp_page_copy+0x20f/0x1460 [ 2109.295079][T11411] ? shrink_zones+0x525/0x5d0 [ 2109.299827][T11411] do_wp_page+0x76f/0xe10 [ 2109.304270][T11411] handle_mm_fault+0x5fb/0xa90 [ 2109.309132][T11411] do_user_addr_fault+0x4cd/0x940 [ 2109.314165][T11411] exc_page_fault+0x60/0x160 [ 2109.318906][T11411] asm_exc_page_fault+0x22/0x30 [ 2109.323744][T11411] RIP: 0033:0x7fe837f5a340 [ 2109.328281][T11411] Code: fe ff 49 39 dc 75 eb 48 8b 44 24 18 89 28 48 83 c4 28 5b 5d 41 5c 41 5d 41 5e 41 5f c3 0f 1f 44 00 00 41 89 c5 e9 75 fe ff ff <43> 89 2c 84 e9 a3 fe ff ff 0f 1f 80 00 00 00 00 49 39 d4 74 70 48 [ 2109.347892][T11411] RSP: 002b:00007ffd964f7790 EFLAGS: 00010246 [ 2109.354085][T11411] RAX: 00000000596e4434 RBX: 00007fe8380beff8 RCX: 0000001b2de20000 [ 2109.362055][T11411] RDX: 0000000000000000 RSI: 0000001b2de20018 RDI: 000000000a0af388 [ 2109.370023][T11411] RBP: 00000000596e4434 R08: 0000000000000434 R09: 00000000596e4438 [ 2109.378041][T11411] R10: 00007ffd964f7960 R11: 0000000000000246 R12: 00007fe8380b3000 [ 2109.386111][T11411] R13: 0000000000000001 R14: 0000000000000001 R15: ffffffff83a12f6b [ 2109.394078][T11411] ? __sys_socketpair+0x2b/0x420 [ 2109.399005][T11411] [ 2109.402171][T11411] memory: usage 307192kB, limit 307200kB, failcnt 66327 [ 2109.409146][T11411] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2109.416041][T11411] Memory cgroup stats for /syz4: [ 2110.779532][T11411] anon 110592 [ 2110.779532][T11411] file 126976 [ 2110.779532][T11411] kernel 314327040 [ 2110.779532][T11411] kernel_stack 32768 [ 2110.779532][T11411] pagetables 77824 [ 2110.779532][T11411] percpu 11039616 [ 2110.779532][T11411] sock 0 [ 2110.779532][T11411] vmalloc 0 [ 2110.779532][T11411] shmem 126976 [ 2110.779532][T11411] file_mapped 126976 [ 2110.779532][T11411] file_dirty 0 [ 2110.779532][T11411] file_writeback 0 [ 2110.779532][T11411] swapcached 0 [ 2110.779532][T11411] inactive_anon 180224 [ 2110.779532][T11411] active_anon 57344 [ 2110.779532][T11411] inactive_file 0 [ 2110.779532][T11411] active_file 0 [ 2110.779532][T11411] unevictable 0 [ 2110.779532][T11411] slab_reclaimable 17792 [ 2110.779532][T11411] slab_unreclaimable 303125400 [ 2110.779532][T11411] slab 303143192 [ 2110.779532][T11411] workingset_refault_anon 0 [ 2110.779532][T11411] workingset_refault_file 15 [ 2110.779532][T11411] workingset_activate_anon 0 [ 2110.779532][T11411] workingset_activate_file 0 [ 2110.875498][T11411] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=11411,uid=0 [ 2110.890817][T11411] Memory cgroup out of memory: Killed process 11411 (syz-executor.4) total-vm:46312kB, anon-rss:388kB, file-rss:8192kB, shmem-rss:0kB, UID:0 pgtables:80kB oom_score_adj:1000 01:41:41 executing program 2: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000240)=0x1) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4000000010001fff00000000ffffff8100000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00ed"], 0x40}}, 0x0) 01:41:41 executing program 5: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_buf(r0, 0x6, 0xc, &(0x7f0000000000)='\x00\x00\x00\x00', 0x4) 01:41:41 executing program 1: syz_mount_image$ext4(0x0, &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount$tmpfs(0x0, &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0xc0ed0000, 0x0) 01:41:41 executing program 4: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$BATADV_CMD_GET_MCAST_FLAGS(r0, &(0x7f0000000ec0)={&(0x7f0000000dc0)={0x10, 0x0, 0x0, 0xc588c54ed000a594}, 0xc, &(0x7f0000000e80)={&(0x7f0000000e40)={0x14}, 0xfd76}}, 0x0) 01:41:41 executing program 0: getpid() socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, 0x0, 0x0, 0x2, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4000000010001fff000000600000000000000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00edd62ea20a1d331785", @ANYBLOB="f6058f6edd13b339a41741df7cc8ce16a184f1c3ce95557b15a6b9d8ed59050d446d58b1b14a601e31bc1f05ac2d5eab491981e7982e0834ddf3bc6592804936196dbce83b114f9265aa8c87654cf456311e4cba3ee22fd0451b75c902767755ccec2eb4ea77c45e8d4d4e77f867648d98797fdd8711d671c5f22669c60eb10bf9570150a2c247bf1e55cd1fb91e41588a73327e20823f2f15ce2255a75e6d8afb40aa37c5ae7af3fb6c770673242110d1e2c33cfd3264e2a156ae5ee38d5abfb2ad4c2a8a"], 0x40}}, 0x0) 01:41:41 executing program 3: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000240)=0x1) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4000000010001fff00000000000003d600000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00ed"], 0x40}}, 0x0) 01:41:41 executing program 1: prctl$PR_CAPBSET_READ(0x18, 0x1000000000007fff) 01:41:41 executing program 5: perf_event_open(&(0x7f000001d000)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet_udp(0x2, 0x2, 0x0) bind$inet(r0, &(0x7f0000000040)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x37}}, 0x10) setsockopt$sock_int(r0, 0x1, 0x6, &(0x7f0000000100)=0x5, 0x4) connect$inet(r0, &(0x7f0000000200)={0x2, 0x0, @broadcast}, 0x10) sendmmsg(r0, &(0x7f0000007fc0), 0x4000000000001a8, 0x0) r1 = socket$packet(0x11, 0x2, 0x300) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000000), 0x4) accept$unix(0xffffffffffffffff, 0x0, &(0x7f00000000c0)) 01:41:41 executing program 1: socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000001c0)={'vcan0\x00', &(0x7f00000000c0)=@ethtool_rxnfc={0x29, 0x0, 0x0, {0x0, @sctp_ip6_spec={@local, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01'}, {}, @esp_ip4_spec={@rand_addr, @local}, {0x0, @dev}}}}) 01:41:41 executing program 1: r0 = socket$inet(0x2, 0xa, 0x0) sendmmsg$sock(r0, &(0x7f0000001f40)=[{{&(0x7f0000000080)=@phonet, 0x80, 0x0}}], 0x1, 0x0) [ 2111.080572][T11440] syz-executor.4 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 2111.090817][T11440] CPU: 0 PID: 11440 Comm: syz-executor.4 Not tainted 5.19.0-rc6-syzkaller-00104-g72a8e05d4f66-dirty #0 [ 2111.102041][T11440] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 2111.112118][T11440] Call Trace: [ 2111.115414][T11440] [ 2111.118410][T11440] dump_stack_lvl+0xd6/0x122 [ 2111.123015][T11440] dump_stack+0x11/0x12 [ 2111.127187][T11440] dump_header+0x98/0x410 [ 2111.131526][T11440] oom_kill_process+0xfe/0x550 [ 2111.136370][T11440] out_of_memory+0x620/0x880 [ 2111.140986][T11440] mem_cgroup_oom+0x475/0x4f0 [ 2111.145671][T11440] try_charge_memcg+0x746/0x960 [ 2111.150562][T11440] charge_memcg+0x63/0x2c0 [ 2111.155062][T11440] __mem_cgroup_charge+0x25/0xa0 [ 2111.160013][T11440] wp_page_copy+0x20f/0x1460 [ 2111.164646][T11440] ? shrink_zones+0x525/0x5d0 [ 2111.169324][T11440] do_wp_page+0x76f/0xe10 [ 2111.173748][T11440] handle_mm_fault+0x5fb/0xa90 [ 2111.178591][T11440] do_user_addr_fault+0x4cd/0x940 [ 2111.183622][T11440] exc_page_fault+0x60/0x160 [ 2111.188281][T11440] asm_exc_page_fault+0x22/0x30 [ 2111.193215][T11440] RIP: 0033:0x7fe837f5a340 [ 2111.197641][T11440] Code: fe ff 49 39 dc 75 eb 48 8b 44 24 18 89 28 48 83 c4 28 5b 5d 41 5c 41 5d 41 5e 41 5f c3 0f 1f 44 00 00 41 89 c5 e9 75 fe ff ff <43> 89 2c 84 e9 a3 fe ff ff 0f 1f 80 00 00 00 00 49 39 d4 74 70 48 [ 2111.217280][T11440] RSP: 002b:00007ffd964f7790 EFLAGS: 00010246 [ 2111.223349][T11440] RAX: 00000000f4d62eb8 RBX: 00007fe8380beff8 RCX: 0000001b2de20000 [ 2111.231942][T11440] RDX: 0000000000000000 RSI: 0000001b2de20018 RDI: 0000000008e36ccc [ 2111.239958][T11440] RBP: 00000000f4d62eb8 R08: 0000000000000eb8 R09: 00000000f4d62ebc [ 2111.247928][T11440] R10: 00007ffd964f7960 R11: 0000000000000246 R12: 00007fe8380b3000 [ 2111.255905][T11440] R13: 0000000000000001 R14: 000000000000000b R15: ffffffff8194cf11 [ 2111.264057][T11440] ? security_compute_sid+0x141/0xee0 [ 2111.269525][T11440] [ 2111.272581][T11440] memory: usage 307200kB, limit 307200kB, failcnt 66370 [ 2111.279646][T11440] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2111.286553][T11440] Memory cgroup stats for /syz4: [ 2111.634348][T11440] anon 122880 [ 2111.634348][T11440] file 126976 [ 2111.634348][T11440] kernel 314322944 [ 2111.634348][T11440] kernel_stack 32768 [ 2111.634348][T11440] pagetables 69632 [ 2111.634348][T11440] percpu 11039616 [ 2111.634348][T11440] sock 0 [ 2111.634348][T11440] vmalloc 0 [ 2111.634348][T11440] shmem 126976 [ 2111.634348][T11440] file_mapped 126976 [ 2111.634348][T11440] file_dirty 0 [ 2111.634348][T11440] file_writeback 0 [ 2111.634348][T11440] swapcached 0 [ 2111.634348][T11440] inactive_anon 192512 [ 2111.634348][T11440] active_anon 57344 [ 2111.634348][T11440] inactive_file 0 [ 2111.634348][T11440] active_file 0 [ 2111.634348][T11440] unevictable 0 [ 2111.634348][T11440] slab_reclaimable 22320 [ 2111.634348][T11440] slab_unreclaimable 303123048 [ 2111.634348][T11440] slab 303145368 [ 2111.634348][T11440] workingset_refault_anon 0 [ 2111.634348][T11440] workingset_refault_file 15 [ 2111.634348][T11440] workingset_activate_anon 0 [ 2111.634348][T11440] workingset_activate_file 0 01:41:42 executing program 4: syz_mount_image$ext4(0x0, &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) openat2$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)={0x0, 0x0, 0xa}, 0x18) 01:41:42 executing program 1: syz_mount_image$msdos(0x0, &(0x7f00000000c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x515082, 0x0) [ 2111.730258][T11440] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=11440,uid=0 [ 2111.745631][T11440] Memory cgroup out of memory: Killed process 11440 (syz-executor.4) total-vm:46312kB, anon-rss:388kB, file-rss:8192kB, shmem-rss:0kB, UID:0 pgtables:72kB oom_score_adj:1000 [ 2111.811238][T11472] syz-executor.4 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 2111.821598][T11472] CPU: 1 PID: 11472 Comm: syz-executor.4 Not tainted 5.19.0-rc6-syzkaller-00104-g72a8e05d4f66-dirty #0 [ 2111.832610][T11472] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 2111.842693][T11472] Call Trace: [ 2111.845972][T11472] [ 2111.848915][T11472] dump_stack_lvl+0xd6/0x122 [ 2111.853654][T11472] dump_stack+0x11/0x12 [ 2111.857939][T11472] dump_header+0x98/0x410 [ 2111.862291][T11472] oom_kill_process+0xfe/0x550 [ 2111.867072][T11472] out_of_memory+0x620/0x880 [ 2111.871713][T11472] mem_cgroup_oom+0x475/0x4f0 [ 2111.876426][T11472] try_charge_memcg+0x746/0x960 [ 2111.881310][T11472] obj_cgroup_charge+0x171/0x2b0 [ 2111.886237][T11472] memcg_slab_pre_alloc_hook+0xf7/0x170 [ 2111.891770][T11472] ? __d_alloc+0x3d/0x380 [ 2111.896096][T11472] kmem_cache_alloc_lru+0x76/0x2b0 [ 2111.901230][T11472] ? __d_lookup+0x3a6/0x3d0 [ 2111.905734][T11472] __d_alloc+0x3d/0x380 [ 2111.910036][T11472] d_alloc+0x2a/0x100 [ 2111.914013][T11472] __lookup_hash+0x8f/0x180 [ 2111.918565][T11472] filename_create+0x147/0x2b0 [ 2111.923385][T11472] do_mkdirat+0x63/0x280 [ 2111.927640][T11472] __x64_sys_mkdirat+0x4c/0x60 [ 2111.932406][T11472] do_syscall_64+0x2b/0x70 [ 2111.936917][T11472] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 2111.942883][T11472] RIP: 0033:0x7fe837fab217 [ 2111.947329][T11472] Code: 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 02 01 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 2111.966975][T11472] RSP: 002b:00007fe837721f88 EFLAGS: 00000246 ORIG_RAX: 0000000000000102 [ 2111.975400][T11472] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fe837fab217 [ 2111.983372][T11472] RDX: 00000000000001ff RSI: 0000000020000080 RDI: 00000000ffffff9c [ 2111.991347][T11472] RBP: 00007fe83800605d R08: 0000000000000000 R09: 0000000000000000 [ 2111.999492][T11472] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 2112.007458][T11472] R13: 0000000020000080 R14: 00007fe837721fe0 R15: 0000000000000000 [ 2112.015422][T11472] [ 2112.018479][T11472] memory: usage 307200kB, limit 307200kB, failcnt 66444 [ 2112.025423][T11472] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2112.032263][T11472] Memory cgroup stats for /syz4: [ 2112.034610][T11472] anon 106496 [ 2112.034610][T11472] file 126976 [ 2112.034610][T11472] kernel 314339328 [ 2112.034610][T11472] kernel_stack 32768 [ 2112.034610][T11472] pagetables 77824 [ 2112.034610][T11472] percpu 11039616 [ 2112.034610][T11472] sock 0 [ 2112.034610][T11472] vmalloc 0 [ 2112.034610][T11472] shmem 126976 [ 2112.034610][T11472] file_mapped 126976 [ 2112.034610][T11472] file_dirty 0 [ 2112.034610][T11472] file_writeback 0 [ 2112.034610][T11472] swapcached 0 [ 2112.034610][T11472] inactive_anon 122880 [ 2112.034610][T11472] active_anon 57344 [ 2112.034610][T11472] inactive_file 0 [ 2112.034610][T11472] active_file 0 [ 2112.034610][T11472] unevictable 0 [ 2112.034610][T11472] slab_reclaimable 21344 [ 2112.034610][T11472] slab_unreclaimable 303129544 [ 2112.034610][T11472] slab 303150888 [ 2112.034610][T11472] workingset_refault_anon 0 [ 2112.034610][T11472] workingset_refault_file 15 [ 2112.034610][T11472] workingset_activate_anon 0 [ 2112.034610][T11472] workingset_activate_file 0 [ 2112.130306][T11472] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=11471,uid=0 [ 2112.145746][T11472] Memory cgroup out of memory: Killed process 11471 (syz-executor.4) total-vm:46444kB, anon-rss:388kB, file-rss:8192kB, shmem-rss:0kB, UID:0 pgtables:80kB oom_score_adj:1000 01:41:42 executing program 2: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000240)=0x1) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4000000010001fff000000000000008400000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00ed"], 0x40}}, 0x0) 01:41:42 executing program 5: socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCETHTOOL(r0, 0x8927, &(0x7f00000001c0)={'vcan0\x00', 0x0}) 01:41:42 executing program 1: mount$9p_unix(0x0, 0x0, 0x0, 0x0, &(0x7f0000000540)) getresuid(&(0x7f0000001640), &(0x7f0000001680), &(0x7f00000016c0)) 01:41:42 executing program 4: r0 = socket$inet_tcp(0x2, 0x1, 0x0) getsockopt$inet_mreqn(r0, 0x0, 0x63, 0x0, &(0x7f0000000600)) 01:41:42 executing program 0: getpid() socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, 0x0, 0x0, 0x2, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4000000010001fff000002600000000000000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00edd62ea20a1d331785", @ANYBLOB="f6058f6edd13b339a41741df7cc8ce16a184f1c3ce95557b15a6b9d8ed59050d446d58b1b14a601e31bc1f05ac2d5eab491981e7982e0834ddf3bc6592804936196dbce83b114f9265aa8c87654cf456311e4cba3ee22fd0451b75c902767755ccec2eb4ea77c45e8d4d4e77f867648d98797fdd8711d671c5f22669c60eb10bf9570150a2c247bf1e55cd1fb91e41588a73327e20823f2f15ce2255a75e6d8afb40aa37c5ae7af3fb6c770673242110d1e2c33cfd3264e2a156ae5ee38d5abfb2ad4c2a8a"], 0x40}}, 0x0) 01:41:42 executing program 3: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000240)=0x1) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4000000010001fff00000000000002da00000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00ed"], 0x40}}, 0x0) 01:41:42 executing program 5: socketpair(0x2, 0x2, 0x0, &(0x7f0000000180)) 01:41:42 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_buf(r0, 0x6, 0x13, &(0x7f0000000000)='\x00\x00\x00\x00', 0x4) 01:41:42 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) pipe(&(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_int(r2, 0x6, 0x10000000013, &(0x7f0000000200)=0x1, 0x4) setsockopt$sock_timeval(r2, 0x1, 0x15, &(0x7f0000000040)={0x0, 0x2710}, 0x10) setsockopt$SO_BINDTODEVICE(r2, 0x1, 0x19, &(0x7f0000000000)='vcan0\x00', 0x10) connect$inet(r2, &(0x7f00000000c0)={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10) setsockopt$inet_tcp_TCP_REPAIR_WINDOW(r2, 0x6, 0x1d, &(0x7f0000000100)={0x0, 0x81, 0x1fe}, 0x14) write$binfmt_misc(r1, &(0x7f0000002400)=ANY=[], 0xff01) r3 = fcntl$dupfd(r2, 0x0, r2) setsockopt$SO_BINDTODEVICE(r3, 0x1, 0x19, 0x0, 0x0) splice(r0, 0x0, r2, 0x0, 0x10003, 0x0) 01:41:42 executing program 5: syz_mount_image$ext4(0x0, &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount$tmpfs(0x0, &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x0, 0x0) mount$tmpfs(0x0, &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x0, 0x0) mount$9p_unix(0x0, &(0x7f00000017c0)='./file0\x00', 0x0, 0x80000, 0x0) [ 2112.265164][T11481] syz-executor.4 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 2112.275490][T11481] CPU: 1 PID: 11481 Comm: syz-executor.4 Not tainted 5.19.0-rc6-syzkaller-00104-g72a8e05d4f66-dirty #0 [ 2112.286522][T11481] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 2112.296582][T11481] Call Trace: [ 2112.299866][T11481] [ 2112.302825][T11481] dump_stack_lvl+0xd6/0x122 [ 2112.307501][T11481] dump_stack+0x11/0x12 01:41:42 executing program 5: socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCETHTOOL(r0, 0x8913, &(0x7f00000001c0)={'vcan0\x00', 0x0}) [ 2112.311668][T11481] dump_header+0x98/0x410 [ 2112.316056][T11481] oom_kill_process+0xfe/0x550 [ 2112.320942][T11481] out_of_memory+0x620/0x880 [ 2112.325621][T11481] mem_cgroup_oom+0x475/0x4f0 [ 2112.330488][T11481] try_charge_memcg+0x746/0x960 [ 2112.335390][T11481] charge_memcg+0x63/0x2c0 [ 2112.339828][T11481] __mem_cgroup_charge+0x25/0xa0 [ 2112.344752][T11481] wp_page_copy+0x20f/0x1460 [ 2112.349345][T11481] do_wp_page+0x76f/0xe10 [ 2112.353674][T11481] handle_mm_fault+0x5fb/0xa90 [ 2112.358543][T11481] do_user_addr_fault+0x4cd/0x940 01:41:42 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_CHANNEL_SWITCH(r0, &(0x7f0000003a80)={0x0, 0x0, &(0x7f0000003a40)={&(0x7f0000000480)={0xec4, 0x0, 0x0, 0x0, 0x0, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_CSA_IES={0x20, 0xb9, 0x0, 0x1, [@NL80211_ATTR_CSA_C_OFF_BEACON={0x6, 0xba, [0x0]}, @NL80211_ATTR_CSA_C_OFF_BEACON={0xa, 0xba, [0x0, 0x0, 0x0]}, @NL80211_ATTR_CSA_C_OFF_PRESP={0x6, 0xbb, [0x0]}]}, @NL80211_ATTR_CSA_IES={0xe88, 0xb9, 0x0, 0x1, [@NL80211_ATTR_CSA_C_OFF_BEACON={0x16, 0xba, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}, @beacon_params=[@NL80211_ATTR_BEACON_HEAD={0x199, 0xe, {@wo_ht={{}, {}, @broadcast, @broadcast, @from_mac}, 0x0, @random, 0x0, @void, @void, @void, @void, @void, @void, @val={0x25, 0x3}, @val={0x2a, 0x1}, @val={0x3c, 0x4}, @val={0x2d, 0x1a}, @void, @val={0x71, 0x7}, @val={0x76, 0x6}, [{0xdd, 0xc1, "4b2ea5dfc4ca19ec7755caecc1c514a843eb1b1444719a924d0bf373376b36c86996c3b8c350df8954f23b5f3ed3dfdfd983ae102c7a0e00db8eeb92902ef196f3d91d98a5a04eee94e1168cf4e4a503fe4cdde519deb7ec527113c40460175002bf633b1b5dfd8abde351845c50210c5e09cea216d508fc836dd28d39ee5eae967736a2eb667f71c78e995ee92d3daae6c469e04e5c031331c23e6ec76250f85c2fe85f7739748835fcb3748d604254722b9ef3a9275973a346f0199c67462627"}, {0xdd, 0x71, "2cf89dcb97bdaa17796322a41519571556edbc37bbbf2083ad2357c5ab6ffa5877808bce84a64c032c8da4bf0e02449933f950d786213b25d17378810b69605f59bf10ca3969d819b253e74fd0a3a7f5a0f5d9f500d12392c44d2644124be243741c66193b8e7abec3ad2eaab1226b2b18"}]}}, @NL80211_ATTR_IE_ASSOC_RESP={0xd6, 0x80, [@perr={0x84, 0xc8, {0x0, 0xc, [@ext={{}, @broadcast, 0x0, @device_b}, @not_ext={{}, @broadcast}, @ext={{}, @broadcast, 0x0, @device_b}, @ext={{}, @device_a, 0x0, @device_b}, @ext={{}, @device_b}, @not_ext={{}, @broadcast, 0x0, "", 0x23}, @ext={{}, @device_a, 0x0, @broadcast}, @ext={{}, @device_b, 0x0, @device_b}, @not_ext, @ext={{}, @device_b, 0x0, @broadcast}, @not_ext={{}, @device_b}, @not_ext={{}, @device_b}]}}, @mesh_id={0x72, 0x6}]}, @NL80211_ATTR_PROBE_RESP={0xf5, 0x91, "cbf0c08582dbff1620bb190e4bdc4415e716e6fa92379c9fc3c54fc4248dc22231bfff6e9b7fa7016103bf8a2fbf70ba6431b21a38e7d26756671e501617a0477b31491a3780d5f0a530fa09ccb36a55108e0128583770947c997bb008e31a19fe1eefcf7645e6bd73c509c21cd26b18cfe2a15c7ba3da943abac994ece658477d98204a0be2726f57c7395f0f298523c0efa04e071b05d09a98928edcbe919497021358d55a81caf6d0914bd65d77e9e03c2374a9909191e711ebb03d5176f224fa16561bbc34d87d6789adbb246d8bfab88dddbee8af5b1463e95cd61b3dbf02e86e50582ce67dc2fc092c47c4812ffe"}, @NL80211_ATTR_PROBE_RESP={0x8c5, 0x91, "544726fd914a4a155eca2e373a7122adefd6c217d4c8c996877d2f99546338c5d13365603231d11fd2a61a16e5bff78871bebe7c0543aeff44a5ba9fab34a52011c2cec8f2690b3cb7d4555eb846e0d77288b176715f58456bb2f3513328d7f4009db1c254602f068fd34beafcbdbbc0abc7934b58367f17597d4a350893eb1e772c2e48eb9a943b33ed79237bdf4c475d0df98341e5651ad4d9e6e6a68f1e33ee0d069a2027ad937debfcd783f5086084616484231d355c85e40727977f6a2129abf49e4dd0364a7c67106bea6c81f84fc1db09c00d36e01967385d23651d03591a8d3d976e9767aa1deeaadd44ef5662c2d48cfc5380e9aa03cec20b660d4f6e2b88d3a834958fd0e5111393f665406b03a743198edd325f8dc51856f46459317158e8921b8e18bc12435d710d65d0320c22c960076e5f3890c53588e86df4e7d6c9b406f5e68e1d9d0a32f75317c1a81baaf1b895238f7ad5735f3a3f0efa2db13081a23c5019cbed8ef26754e4f1034b7af6d73b771600210ae88abf820a85d055556e89f57f86f5fdf1366a97aba9a6ec9e034fcb47556cd44c8bd2476b98742499cbbc16af340c59bbd74cbf183dbac171f030b5afbbd6236c6cff8f84118c447e9e223b252cfb29ede40b4574e3457e5fb61db3d7a6f70aea0024274b8d3ba734513da6562b244aabcc7b2c576369441360585d37b6b239f37a78dd81e53f80662094559441805d508d01369e9b458900bd8971b9037a76a3a57b0751f1a8551d363e88f4887b4afaf0d35bed06ec96c6748dd41cf57afbf3b885714e2d0828608962efddb091bdacb24be477202f9b4ae3046dbf6aef6cfc0b91506b08cf183b3c02aa8259a80caed15decfdd1f0c904496cd2d897fa87e3559f19b52469acac28a95a49bc1a38efa88148f3c9444c5a991d893a254195a926dc8aa96d786fde070e8b821baacb8d936ba9b9f34aea95f923028162275d8ce4af41c0b6ee7d15d12036458207c1202a27c03b4ca4d89db41e3995a276303281cf2abda1128d69f94b58e6c5201b85ca4d6c845886bfe919b7577b30110bf03aeaae1a646904653a0eebdb23b289bce982d861e249c3a38456f1da7849a7f5cff723604a8fe4d6d0f4d3ed2013e5601027745712cdb2152b6d1fa25bc1d86d5f0ed7b507942a2e350bf57e39e324d837a8dcd411019524b3094c9ae17f54c812bf9a53a3a903447f79933ea47b03fff371d2bb6fb01332ca1a340a101fc163a235b61e6f29d95c20d8848eeada58f8f1bb6f4cc246330db3970993d98250c1d815752fca92f9524f7faba6d830748cfd3d9d33c4176927742b9d06588f0906cda166d76b23cb8dd2493ccd6ff11ac4e0c9a0440c30e55450483637678cef4bdfac32460ba1fa4726aa9dc08aa067669c187ad3648db090b9c592ad53996ca65711b805f87d208aa52f668c8789cde33cf903ebd526daf495f0bda7b1471ff6bc7807e9ee27c762c6bf7b1dd6a2368c01146c07a5c9ef9bf383cb79e52afee58537730192ba010352d1c44ac7a56ca5e88c653b1e4ca78b869243ab3073d69f51142ac1149268b5b9099d8d1a3fcfe1ca495e36992ca9c1cdf03397b81a1fa87afac3c363c4cd4971530ebd855a19b137fd22bd0a06f04ee9f4f57909e5ce117d620a9c55eaa7bc70a374ba24972f020dbd8d965f66dddd56bc3f1596442c7f1d4da8a603dd53a6291fadf7ae643dda63ba9f37c8352815faa522d3c8f6d47064fa7fc5aeb8dd0dfeaa92f3529f7c97cd27a0fb8a57fc9364afe4c30120498e4327c1e84bd36cb79e4548ae581f27001101cbab4fe31319aea8b1c9b3e516b2927db9b9da523bab15cc3540ae7267491d7db3548ec7c47c80ff551e9406d5b85c2bd10d193333e9e64c6a919901b0c832f2bccc8852a31abaaa4cf45cd295a69097a7caa422b1e299726e665eba30bf2129760d0bd736ec0caae416d6c2349fd9edaaa9c57d037ab5a0de53aa9d7b2fd0ef52d59016daf8b690f56a7e5ec878c00eb32a513534255ade732f5d2ebe05b95a371b9eea0f5bc6bc3d5539786042c2a711314063aa5c56eafae39199441ff1ef08185616101dc05e29bd166fc8df101ad80f61a29149ee7e330dae20eec52bd446410ce1c690a4083e6b76a26055ad42576b8d84aa4b131056bdf375ac46cbe05b86ffb5fae0e23c4ba03d6225f4a177d937cf1b71e563ea7520baceaaf77b33c2c5eac0a78cf44c039ccd9dbd46f64fc3bef6880feb261ec0e0befb6d72d0d7fe359bc9c3ecae78fabe2a06a708daeaf7b449a8dc494a2136d47d2ab6d29f93837cf07e1747d257191fae7db0ec3729136534d23afcac87c7bbb80d4f35b345f44f72b418f7fe811ac47ea983016743f0e59091192dca7adbbc10eb04b1052649d176f9c0bbb89d89a4a233cd0f1ae31b4bad07a0c864644a5794095a2a8b20ddaa5de924784c8a81b3feb042bf1ab4b26cdd245f8170cf1caf183021ffdd32d7e31551f07a3de3f83df37d316c2836719b2bb39e363318c26203a5a56d123ad9b7d26b6101085226ed0120f5c99374875e64525b24ff9034fa057a3d88ae41afa16cf8316b8a85be3e168e3e0ff1faf8717ec7cda637863f553c4a358b6e974b4e16f21c749b0be1c100078ab09992bf4a0807806232f62652dd5206b909a59647985dc28af1fbeaeaba94dc484f594d5ecf2c2a2c130897c89115c7ce6aeb7da12df94fbafb01a55bc18ec5ab6185530d82a69dfe436813b4c52f71b5f4230f793733acd4d7166e388fa6919449acf0eef428db592d2604e85ed2f3ef3991f02623e3f3ac72497a211ac9a8331836caa3276064da192add2c507ae013ae6c8a4382b71d161266399b0ee1a9e10e905c29184a764a59b112556cb182ebc65f5210853a0e64f3706efcdb63e76715246b191a7dc7b8eb0236b8874540e6b99c8cde7575701c82294d4b6acd594da387501043fe411fe9be926d5e05536ae3373c0453445871ae75f2b6f89d9fe2cdc603d9d2c03d2f84f2c8d537ac4e5591f519be0003e7639f7d9663b40246a831e2dd656209432575661ba4b8658b587b121e381e77b91f7817a565654f5cbe1d2ea9732a3ce576d8bce164572f00968260bbeed746924b773d273dba6c374ca0ebd85922"}], @beacon_params=[@NL80211_ATTR_BEACON_HEAD={0x229, 0xe, {@wo_ht={{}, {}, @device_a, @device_a, @from_mac=@device_b}, 0x0, @random, 0x0, @val={0x0, 0x6, @default_ap_ssid}, @val, @val={0x3, 0x1}, @void, @void, @val={0x5, 0x6f, {0x0, 0x0, 0x0, "f3cec9033ff513426db63569ca045b9a6c086902d4f6e1eb9fd8667b8bcd377f7a6a656133787f02e1fc85ea90727ca154d367b7f17b8c8a70d8f55c9d0bb21ca77dd54434c14582aadfcaf62c76e1c918537e115b27e7f4d4789bdef28bf5e9e0844a5e9374ceab34a53233"}}, @void, @val={0x2a, 0x1}, @void, @val={0x2d, 0x1a}, @void, @val={0x71, 0x7}, @void, [{0xdd, 0xa7, "bc435ee2cbae68a6a95297f62a681a0e3e209906b049ddb2c725af8b211feb0847253ae647246ddbc7dca483b0d87ed230153768376d7c38dcf36459a2c5556efdf86cb459440421d688c097520becad48b863660f3613307e56f7c8f38278aa10421fe269383f2e7c3af0c8489fb35e8c3ea20338876257b58f78d6e2585dcb66986f657e4f7da89159425080a37535724a8fb48eb937718e4200aac7ddbb4942d8014507d669"}, {0xdd, 0x9d, "9c9579f90a13d50d84b10a0c980adaa9ae4970c7b7b29b5cae752725ecfb58c00a196104bfef97833dedf5c28b96c09dbaf24f7541b6d9f2ada220c393295c42bf3a9ccb7865cae9ec88f8684acea884dab4636bace47a9b9f31c247a8424826e5022cc3aa06afc1768e4cca0ae1b42f90ef3782ca76422d7c6fda2c913351193f852705067cf66a70c1f8dad3753429afc65cb60765b585cac0a2f90b"}, {0xdd, 0x11, "f27c7fa5381dacc5fb72eae7b78d15a552"}]}}], @NL80211_ATTR_CSA_C_OFF_PRESP={0xa, 0xbb, [0x0, 0x0, 0x0]}]}]}, 0xec4}}, 0x0) [ 2112.363579][T11481] exc_page_fault+0x60/0x160 [ 2112.368190][T11481] asm_exc_page_fault+0x22/0x30 [ 2112.373077][T11481] RIP: 0033:0x7fe837f573f5 [ 2112.377497][T11481] Code: 5c 41 5d c3 90 48 8b 57 18 48 83 fa ff 74 22 48 81 fa e7 03 00 00 0f 87 ee 00 00 00 48 c1 e2 04 48 8d 0d ae 3c 16 00 48 01 ca 02 01 48 89 42 08 48 8b 53 10 4c 8d 2d f9 bb 56 00 4c 39 ea 0f [ 2112.397153][T11481] RSP: 002b:00007ffd964f7840 EFLAGS: 00010206 [ 2112.403245][T11481] RAX: 0000000000000003 RBX: 00007fe8380bef60 RCX: 00007fe8380bb0a0 [ 2112.411206][T11481] RDX: 00007fe8380bb0a0 RSI: 0000000000000080 RDI: 00007fe8380bef60 [ 2112.419184][T11481] RBP: 00007fe8380bef60 R08: 0000000000000010 R09: 0000000000000000 [ 2112.427145][T11481] R10: 00007ffd964f7960 R11: 0000000000000246 R12: 0000000000203afc [ 2112.435114][T11481] R13: 00007ffd964f7960 R14: 00007fe8380bef60 R15: 0000000000000032 [ 2112.443075][T11481] [ 2112.446212][T11481] memory: usage 307200kB, limit 307200kB, failcnt 66523 [ 2112.453152][T11481] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2112.460009][T11481] Memory cgroup stats for /syz4: [ 2113.074223][T11481] anon 98304 [ 2113.074223][T11481] file 126976 [ 2113.074223][T11481] kernel 314331136 [ 2113.074223][T11481] kernel_stack 32768 [ 2113.074223][T11481] pagetables 69632 [ 2113.074223][T11481] percpu 11039616 [ 2113.074223][T11481] sock 0 [ 2113.074223][T11481] vmalloc 0 [ 2113.074223][T11481] shmem 126976 [ 2113.074223][T11481] file_mapped 126976 [ 2113.074223][T11481] file_dirty 0 [ 2113.074223][T11481] file_writeback 0 [ 2113.074223][T11481] swapcached 0 [ 2113.074223][T11481] inactive_anon 167936 [ 2113.074223][T11481] active_anon 57344 [ 2113.074223][T11481] inactive_file 0 [ 2113.074223][T11481] active_file 0 [ 2113.074223][T11481] unevictable 0 [ 2113.074223][T11481] slab_reclaimable 16816 [ 2113.074223][T11481] slab_unreclaimable 303131872 [ 2113.074223][T11481] slab 303148688 [ 2113.074223][T11481] workingset_refault_anon 0 [ 2113.074223][T11481] workingset_refault_file 15 [ 2113.074223][T11481] workingset_activate_anon 0 [ 2113.074223][T11481] workingset_activate_file 0 [ 2113.169940][T11481] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=11481,uid=0 [ 2113.185292][T11481] Memory cgroup out of memory: Killed process 11481 (syz-executor.4) total-vm:46312kB, anon-rss:388kB, file-rss:8192kB, shmem-rss:0kB, UID:0 pgtables:72kB oom_score_adj:1000 01:41:43 executing program 2: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000240)=0x1) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4000000010001fff000000000000018600000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00ed"], 0x40}}, 0x0) 01:41:43 executing program 1: socketpair(0x1, 0x3, 0x0, &(0x7f0000000000)={0xffffffffffffffff}) getsockopt$inet_tcp_int(r0, 0x6, 0x0, 0x0, 0x0) 01:41:43 executing program 4: sendmmsg$sock(0xffffffffffffffff, 0x0, 0x0, 0xe9b3cc99d5caad8a) 01:41:43 executing program 5: socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff}) syz_genetlink_get_family_id$mptcp(&(0x7f00000001c0), r0) 01:41:43 executing program 0: getpid() socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, 0x0, 0x0, 0x2, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4000000010001fff000058650000000000000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00edd62ea20a1d331785", @ANYBLOB="f6058f6edd13b339a41741df7cc8ce16a184f1c3ce95557b15a6b9d8ed59050d446d58b1b14a601e31bc1f05ac2d5eab491981e7982e0834ddf3bc6592804936196dbce83b114f9265aa8c87654cf456311e4cba3ee22fd0451b75c902767755ccec2eb4ea77c45e8d4d4e77f867648d98797fdd8711d671c5f22669c60eb10bf9570150a2c247bf1e55cd1fb91e41588a73327e20823f2f15ce2255a75e6d8afb40aa37c5ae7af3fb6c770673242110d1e2c33cfd3264e2a156ae5ee38d5abfb2ad4c2a8a"], 0x40}}, 0x0) 01:41:43 executing program 3: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000240)=0x1) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4000000010001fff00000000000003dc00000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00ed"], 0x40}}, 0x0) 01:41:43 executing program 5: mknodat$loop(0xffffffffffffffff, 0x0, 0x8dd5c3ccffedd248, 0x0) 01:41:43 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_buf(r0, 0x6, 0x19, &(0x7f0000000000)="71351048", 0x4) 01:41:43 executing program 5: syz_open_dev$sg(&(0x7f0000000080), 0x5, 0x802) 01:41:43 executing program 1: syslog(0x2, &(0x7f0000000280)=""/134, 0x86) [ 2113.436058][T11512] ================================================================== [ 2113.444167][T11512] BUG: KCSAN: data-race in drain_all_stock / refill_stock [ 2113.451281][T11512] [ 2113.453594][T11512] read-write to 0xffff888237d28370 of 4 bytes by task 11520 on cpu 1: [ 2113.461736][T11512] refill_stock+0xcf/0x130 [ 2113.466145][T11512] try_charge_memcg+0x7da/0x960 [ 2113.470986][T11512] charge_memcg+0x63/0x2c0 [ 2113.475400][T11512] __mem_cgroup_charge+0x25/0xa0 [ 2113.480327][T11512] wp_page_copy+0x20f/0x1460 [ 2113.484921][T11512] do_wp_page+0x76f/0xe10 [ 2113.489241][T11512] handle_mm_fault+0x5fb/0xa90 [ 2113.493998][T11512] do_user_addr_fault+0x4cd/0x940 [ 2113.499024][T11512] exc_page_fault+0x60/0x160 [ 2113.503607][T11512] asm_exc_page_fault+0x22/0x30 [ 2113.508449][T11512] [ 2113.510758][T11512] read to 0xffff888237d28370 of 4 bytes by task 11512 on cpu 0: [ 2113.518375][T11512] drain_all_stock+0xb5/0x2e0 [ 2113.523054][T11512] try_charge_memcg+0x68a/0x960 [ 2113.527894][T11512] charge_memcg+0x63/0x2c0 [ 2113.532297][T11512] __mem_cgroup_charge+0x25/0xa0 [ 2113.537226][T11512] wp_page_copy+0x20f/0x1460 [ 2113.541810][T11512] do_wp_page+0x76f/0xe10 [ 2113.546132][T11512] handle_mm_fault+0x5fb/0xa90 [ 2113.550886][T11512] do_user_addr_fault+0x4cd/0x940 [ 2113.555902][T11512] exc_page_fault+0x60/0x160 [ 2113.560488][T11512] asm_exc_page_fault+0x22/0x30 [ 2113.565334][T11512] [ 2113.567645][T11512] value changed: 0x00000000 -> 0x0000001c [ 2113.573347][T11512] [ 2113.575659][T11512] Reported by Kernel Concurrency Sanitizer on: [ 2113.581882][T11512] CPU: 0 PID: 11512 Comm: syz-executor.4 Not tainted 5.19.0-rc6-syzkaller-00104-g72a8e05d4f66-dirty #0 [ 2113.592891][T11512] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 2113.602938][T11512] ================================================================== 01:41:45 executing program 5: syz_mount_image$ext4(0x0, &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount$tmpfs(0x0, &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f0000000500)={[{@size={'size', 0x3d, [0x30]}}]}) 01:41:45 executing program 5: socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCETHTOOL(r0, 0x8912, &(0x7f00000001c0)={'vcan0\x00', 0x0}) 01:41:45 executing program 2: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000240)=0x1) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4000000010001fff000000000000478800000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00ed"], 0x40}}, 0x0) 01:41:45 executing program 4: memfd_create(0x0, 0xcb41b21ed1d6eeb3) 01:41:45 executing program 5: socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCETHTOOL(r0, 0x8980, 0x0) 01:41:45 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(0xffffffffffffffff, 0x8933, 0x0) sendmsg$BATADV_CMD_GET_MCAST_FLAGS(r0, &(0x7f0000000ec0)={&(0x7f0000000dc0), 0xc, &(0x7f0000000e80)={&(0x7f0000000e40)={0x14}, 0xfd76}}, 0x0) 01:41:45 executing program 0: getpid() socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, 0x0, 0x0, 0x2, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4000000010001fff000000680000000000000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00edd62ea20a1d331785", @ANYBLOB="f6058f6edd13b339a41741df7cc8ce16a184f1c3ce95557b15a6b9d8ed59050d446d58b1b14a601e31bc1f05ac2d5eab491981e7982e0834ddf3bc6592804936196dbce83b114f9265aa8c87654cf456311e4cba3ee22fd0451b75c902767755ccec2eb4ea77c45e8d4d4e77f867648d98797fdd8711d671c5f22669c60eb10bf9570150a2c247bf1e55cd1fb91e41588a73327e20823f2f15ce2255a75e6d8afb40aa37c5ae7af3fb6c770673242110d1e2c33cfd3264e2a156ae5ee38d5abfb2ad4c2a8a"], 0x40}}, 0x0) 01:41:45 executing program 3: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000240)=0x1) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4000000010001fff00000000000003e000000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00ed"], 0x40}}, 0x0) 01:41:45 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_CHANNEL_SWITCH(r0, &(0x7f0000003a80)={0x0, 0x0, &(0x7f0000003a40)={&(0x7f0000000480)={0xec4, 0x0, 0x0, 0x0, 0x0, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_CSA_IES={0x20, 0xb9, 0x0, 0x1, [@NL80211_ATTR_CSA_C_OFF_BEACON={0x6, 0xba, [0x0]}, @NL80211_ATTR_CSA_C_OFF_BEACON={0xa, 0xba, [0x0, 0x0, 0x0]}, @NL80211_ATTR_CSA_C_OFF_PRESP={0x6, 0xbb, [0x0]}]}, @NL80211_ATTR_CSA_IES={0xe88, 0xb9, 0x0, 0x1, [@NL80211_ATTR_CSA_C_OFF_BEACON={0x16, 0xba, [0x0, 0x2e1b, 0x3ff, 0x0, 0x0, 0x0, 0x7, 0x87, 0x8000]}, @beacon_params=[@NL80211_ATTR_BEACON_HEAD={0x199, 0xe, {@wo_ht={{}, {}, @broadcast, @broadcast, @from_mac}, 0x0, @random, 0x0, @void, @void, @void, @void, @void, @void, @val={0x25, 0x3}, @val={0x2a, 0x1}, @val={0x3c, 0x4}, @val={0x2d, 0x1a}, @void, @val={0x71, 0x7, {0x0, 0x0, 0x0, 0x0, 0x1}}, @val={0x76, 0x6}, [{0xdd, 0xc1, "4b2ea5dfc4ca19ec7755caecc1c514a843eb1b1444719a924d0bf373376b36c86996c3b8c350df8954f23b5f3ed3dfdfd983ae102c7a0e00db8eeb92902ef196f3d91d98a5a04eee94e1168cf4e4a503fe4cdde519deb7ec527113c40460175002bf633b1b5dfd8abde351845c50210c5e09cea216d508fc836dd28d39ee5eae967736a2eb667f71c78e995ee92d3daae6c469e04e5c031331c23e6ec76250f85c2fe85f7739748835fcb3748d604254722b9ef3a9275973a346f0199c67462627"}, {0xdd, 0x71, "2cf89dcb97bdaa17796322a41519571556edbc37bbbf2083ad2357c5ab6ffa5877808bce84a64c032c8da4bf0e02449933f950d786213b25d17378810b69605f59bf10ca3969d819b253e74fd0a3a7f5a0f5d9f500d12392c44d2644124be243741c66193b8e7abec3ad2eaab1226b2b18"}]}}, @NL80211_ATTR_IE_ASSOC_RESP={0xd6, 0x80, [@perr={0x84, 0xc8, {0x0, 0xc, [@ext={{}, @broadcast, 0x0, @device_b}, @not_ext={{}, @broadcast}, @ext={{}, @broadcast, 0x0, @device_b}, @ext={{}, @device_a, 0x0, @device_b}, @ext={{}, @device_b}, @not_ext={{}, @broadcast}, @ext={{}, @device_a, 0x0, @broadcast}, @ext={{}, @device_b, 0x0, @device_b}, @not_ext, @ext={{}, @device_b, 0x0, @broadcast}, @not_ext={{}, @device_b}, @not_ext={{}, @device_b}]}}, @mesh_id={0x72, 0x6}]}, @NL80211_ATTR_PROBE_RESP={0xf5, 0x91, "cbf0c08582dbff1620bb190e4bdc4415e716e6fa92379c9fc3c54fc4248dc22231bfff6e9b7fa7016103bf8a2fbf70ba6431b21a38e7d26756671e501617a0477b31491a3780d5f0a530fa09ccb36a55108e0128583770947c997bb008e31a19fe1eefcf7645e6bd73c509c21cd26b18cfe2a15c7ba3da943abac994ece658477d98204a0be2726f57c7395f0f298523c0efa04e071b05d09a98928edcbe919497021358d55a81caf6d0914bd65d77e9e03c2374a9909191e711ebb03d5176f224fa16561bbc34d87d6789adbb246d8bfab88dddbee8af5b1463e95cd61b3dbf02e86e50582ce67dc2fc092c47c4812ffe"}, @NL80211_ATTR_PROBE_RESP={0x8c5, 0x91, "544726fd914a4a155eca2e373a7122adefd6c217d4c8c996877d2f99546338c5d13365603231d11fd2a61a16e5bff78871bebe7c0543aeff44a5ba9fab34a52011c2cec8f2690b3cb7d4555eb846e0d77288b176715f58456bb2f3513328d7f4009db1c254602f068fd34beafcbdbbc0abc7934b58367f17597d4a350893eb1e772c2e48eb9a943b33ed79237bdf4c475d0df98341e5651ad4d9e6e6a68f1e33ee0d069a2027ad937debfcd783f5086084616484231d355c85e40727977f6a2129abf49e4dd0364a7c67106bea6c81f84fc1db09c00d36e01967385d23651d03591a8d3d976e9767aa1deeaadd44ef5662c2d48cfc5380e9aa03cec20b660d4f6e2b88d3a834958fd0e5111393f665406b03a743198edd325f8dc51856f46459317158e8921b8e18bc12435d710d65d0320c22c960076e5f3890c53588e86df4e7d6c9b406f5e68e1d9d0a32f75317c1a81baaf1b895238f7ad5735f3a3f0efa2db13081a23c5019cbed8ef26754e4f1034b7af6d73b771600210ae88abf820a85d055556e89f57f86f5fdf1366a97aba9a6ec9e034fcb47556cd44c8bd2476b98742499cbbc16af340c59bbd74cbf183dbac171f030b5afbbd6236c6cff8f84118c447e9e223b252cfb29ede40b4574e3457e5fb61db3d7a6f70aea0024274b8d3ba734513da6562b244aabcc7b2c576369441360585d37b6b239f37a78dd81e53f80662094559441805d508d01369e9b458900bd8971b9037a76a3a57b0751f1a8551d363e88f4887b4afaf0d35bed06ec96c6748dd41cf57afbf3b885714e2d0828608962efddb091bdacb24be477202f9b4ae3046dbf6aef6cfc0b91506b08cf183b3c02aa8259a80caed15decfdd1f0c904496cd2d897fa87e3559f19b52469acac28a95a49bc1a38efa88148f3c9444c5a991d893a254195a926dc8aa96d786fde070e8b821baacb8d936ba9b9f34aea95f923028162275d8ce4af41c0b6ee7d15d12036458207c1202a27c03b4ca4d89db41e3995a276303281cf2abda1128d69f94b58e6c5201b85ca4d6c845886bfe919b7577b30110bf03aeaae1a646904653a0eebdb23b289bce982d861e249c3a38456f1da7849a7f5cff723604a8fe4d6d0f4d3ed2013e5601027745712cdb2152b6d1fa25bc1d86d5f0ed7b507942a2e350bf57e39e324d837a8dcd411019524b3094c9ae17f54c812bf9a53a3a903447f79933ea47b03fff371d2bb6fb01332ca1a340a101fc163a235b61e6f29d95c20d8848eeada58f8f1bb6f4cc246330db3970993d98250c1d815752fca92f9524f7faba6d830748cfd3d9d33c4176927742b9d06588f0906cda166d76b23cb8dd2493ccd6ff11ac4e0c9a0440c30e55450483637678cef4bdfac32460ba1fa4726aa9dc08aa067669c187ad3648db090b9c592ad53996ca65711b805f87d208aa52f668c8789cde33cf903ebd526daf495f0bda7b1471ff6bc7807e9ee27c762c6bf7b1dd6a2368c01146c07a5c9ef9bf383cb79e52afee58537730192ba010352d1c44ac7a56ca5e88c653b1e4ca78b869243ab3073d69f51142ac1149268b5b9099d8d1a3fcfe1ca495e36992ca9c1cdf03397b81a1fa87afac3c363c4cd4971530ebd855a19b137fd22bd0a06f04ee9f4f57909e5ce117d620a9c55eaa7bc70a374ba24972f020dbd8d965f66dddd56bc3f1596442c7f1d4da8a603dd53a6291fadf7ae643dda63ba9f37c8352815faa522d3c8f6d47064fa7fc5aeb8dd0dfeaa92f3529f7c97cd27a0fb8a57fc9364afe4c30120498e4327c1e84bd36cb79e4548ae581f27001101cbab4fe31319aea8b1c9b3e516b2927db9b9da523bab15cc3540ae7267491d7db3548ec7c47c80ff551e9406d5b85c2bd10d193333e9e64c6a919901b0c832f2bccc8852a31abaaa4cf45cd295a69097a7caa422b1e299726e665eba30bf2129760d0bd736ec0caae416d6c2349fd9edaaa9c57d037ab5a0de53aa9d7b2fd0ef52d59016daf8b690f56a7e5ec878c00eb32a513534255ade732f5d2ebe05b95a371b9eea0f5bc6bc3d5539786042c2a711314063aa5c56eafae39199441ff1ef08185616101dc05e29bd166fc8df101ad80f61a29149ee7e330dae20eec52bd446410ce1c690a4083e6b76a26055ad42576b8d84aa4b131056bdf375ac46cbe05b86ffb5fae0e23c4ba03d6225f4a177d937cf1b71e563ea7520baceaaf77b33c2c5eac0a78cf44c039ccd9dbd46f64fc3bef6880feb261ec0e0befb6d72d0d7fe359bc9c3ecae78fabe2a06a708daeaf7b449a8dc494a2136d47d2ab6d29f93837cf07e1747d257191fae7db0ec3729136534d23afcac87c7bbb80d4f35b345f44f72b418f7fe811ac47ea983016743f0e59091192dca7adbbc10eb04b1052649d176f9c0bbb89d89a4a233cd0f1ae31b4bad07a0c864644a5794095a2a8b20ddaa5de924784c8a81b3feb042bf1ab4b26cdd245f8170cf1caf183021ffdd32d7e31551f07a3de3f83df37d316c2836719b2bb39e363318c26203a5a56d123ad9b7d26b6101085226ed0120f5c99374875e64525b24ff9034fa057a3d88ae41afa16cf8316b8a85be3e168e3e0ff1faf8717ec7cda637863f553c4a358b6e974b4e16f21c749b0be1c100078ab09992bf4a0807806232f62652dd5206b909a59647985dc28af1fbeaeaba94dc484f594d5ecf2c2a2c130897c89115c7ce6aeb7da12df94fbafb01a55bc18ec5ab6185530d82a69dfe436813b4c52f71b5f4230f793733acd4d7166e388fa6919449acf0eef428db592d2604e85ed2f3ef3991f02623e3f3ac72497a211ac9a8331836caa3276064da192add2c507ae013ae6c8a4382b71d161266399b0ee1a9e10e905c29184a764a59b112556cb182ebc65f5210853a0e64f3706efcdb63e76715246b191a7dc7b8eb0236b8874540e6b99c8cde7575701c82294d4b6acd594da387501043fe411fe9be926d5e05536ae3373c0453445871ae75f2b6f89d9fe2cdc603d9d2c03d2f84f2c8d537ac4e5591f519be0003e7639f7d9663b40246a831e2dd656209432575661ba4b8658b587b121e381e77b91f7817a565654f5cbe1d2ea9732a3ce576d8bce164572f00968260bbeed746924b773d273dba6c374ca0ebd85922"}], @beacon_params=[@NL80211_ATTR_BEACON_HEAD={0x229, 0xe, {@wo_ht={{}, {}, @device_a, @device_a, @from_mac=@device_b}, 0x0, @random, 0x0, @val={0x0, 0x6, @default_ap_ssid}, @val, @val={0x3, 0x1}, @void, @void, @val={0x5, 0x6f, {0x0, 0x0, 0x0, "f3cec9033ff513426db63569ca045b9a6c086902d4f6e1eb9fd8667b8bcd377f7a6a656133787f02e1fc85ea90727ca154d367b7f17b8c8a70d8f55c9d0bb21ca77dd54434c14582aadfcaf62c76e1c918537e115b27e7f4d4789bdef28bf5e9e0844a5e9374ceab34a53233"}}, @void, @val={0x2a, 0x1}, @void, @val={0x2d, 0x1a}, @void, @val={0x71, 0x7}, @void, [{0xdd, 0xa7, "bc435ee2cbae68a6a95297f62a681a0e3e209906b049ddb2c725af8b211feb0847253ae647246ddbc7dca483b0d87ed230153768376d7c38dcf36459a2c5556efdf86cb459440421d688c097520becad48b863660f3613307e56f7c8f38278aa10421fe269383f2e7c3af0c8489fb35e8c3ea20338876257b58f78d6e2585dcb66986f657e4f7da89159425080a37535724a8fb48eb937718e4200aac7ddbb4942d8014507d669"}, {0xdd, 0x9d, "9c9579f90a13d50d84b10a0c980adaa9ae4970c7b7b29b5cae752725ecfb58c00a196104bfef97833dedf5c28b96c09dbaf24f7541b6d9f2ada220c393295c42bf3a9ccb7865cae9ec88f8684acea884dab4636bace47a9b9f31c247a8424826e5022cc3aa06afc1768e4cca0ae1b42f90ef3782ca76422d7c6fda2c913351193f852705067cf66a70c1f8dad3753429afc65cb60765b585cac0a2f90b"}, {0xdd, 0x11, "f27c7fa5381dacc5fb72eae7b78d15a552"}]}}], @NL80211_ATTR_CSA_C_OFF_PRESP={0xa, 0xbb, [0x0, 0x0, 0x0]}]}]}, 0xec4}}, 0x0) 01:41:45 executing program 5: syz_mount_image$ext4(0x0, &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) openat2$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)={0x4000}, 0x18) 01:41:45 executing program 5: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_buf(r0, 0x6, 0x17, &(0x7f0000000000)="713557c0", 0x4) 01:41:45 executing program 5: r0 = socket(0x11, 0x2, 0x0) sendmsg$IPSET_CMD_SWAP(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000080)={0x0}}, 0x0) 01:41:45 executing program 1: syz_mount_image$ext4(0x0, &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount$tmpfs(0x0, &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0xc0ed0000, &(0x7f0000000500)) 01:41:46 executing program 4: r0 = socket$inet_tcp(0x2, 0x1, 0x0) getsockopt$inet_mreqn(r0, 0x0, 0x61, 0x0, &(0x7f0000000600)) [ 2116.259546][T11561] syz-executor.4 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 2116.269868][T11561] CPU: 0 PID: 11561 Comm: syz-executor.4 Not tainted 5.19.0-rc6-syzkaller-00104-g72a8e05d4f66-dirty #0 [ 2116.281391][T11561] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 2116.291456][T11561] Call Trace: [ 2116.294721][T11561] [ 2116.297646][T11561] dump_stack_lvl+0xd6/0x122 [ 2116.302339][T11561] dump_stack+0x11/0x12 [ 2116.306547][T11561] dump_header+0x98/0x410 [ 2116.310939][T11561] oom_kill_process+0xfe/0x550 [ 2116.315785][T11561] out_of_memory+0x620/0x880 [ 2116.320362][T11561] mem_cgroup_oom+0x475/0x4f0 [ 2116.325032][T11561] try_charge_memcg+0x746/0x960 [ 2116.329934][T11561] charge_memcg+0x63/0x2c0 [ 2116.334343][T11561] __mem_cgroup_charge+0x25/0xa0 [ 2116.339273][T11561] wp_page_copy+0x20f/0x1460 [ 2116.343863][T11561] ? shrink_zones+0x525/0x5d0 [ 2116.348610][T11561] do_wp_page+0x76f/0xe10 [ 2116.352925][T11561] handle_mm_fault+0x5fb/0xa90 [ 2116.357679][T11561] do_user_addr_fault+0x4cd/0x940 [ 2116.362700][T11561] exc_page_fault+0x60/0x160 [ 2116.367312][T11561] asm_exc_page_fault+0x22/0x30 [ 2116.372161][T11561] RIP: 0033:0x7fe837f5a340 [ 2116.376569][T11561] Code: fe ff 49 39 dc 75 eb 48 8b 44 24 18 89 28 48 83 c4 28 5b 5d 41 5c 41 5d 41 5e 41 5f c3 0f 1f 44 00 00 41 89 c5 e9 75 fe ff ff <43> 89 2c 84 e9 a3 fe ff ff 0f 1f 80 00 00 00 00 49 39 d4 74 70 48 [ 2116.396245][T11561] RSP: 002b:00007ffd964f7790 EFLAGS: 00010246 [ 2116.402302][T11561] RAX: 000000009a77bf96 RBX: 00007fe8380beff8 RCX: 0000001b2de20000 [ 2116.410413][T11561] RDX: 0000000000000000 RSI: 0000001b2de20018 RDI: 0000000008e44857 [ 2116.418378][T11561] RBP: 000000009a77bf96 R08: 0000000000001f96 R09: 000000009a77bf9a [ 2116.426369][T11561] R10: 00007ffd964f7960 R11: 0000000000000246 R12: 00007fe8380b3000 [ 2116.434338][T11561] R13: 0000000000000001 R14: 000000000000000f R15: ffffffff81955488 [ 2116.442357][T11561] ? security_is_socket_class+0x38/0x250 [ 2116.447985][T11561] [ 2116.451168][T11561] memory: usage 307200kB, limit 307200kB, failcnt 66678 [ 2116.458193][T11561] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2116.465058][T11561] Memory cgroup stats for /syz4: [ 2116.466722][T11561] anon 131072 [ 2116.466722][T11561] file 126976 [ 2116.466722][T11561] kernel 314314752 [ 2116.466722][T11561] kernel_stack 32768 [ 2116.466722][T11561] pagetables 69632 [ 2116.466722][T11561] percpu 11039616 [ 2116.466722][T11561] sock 0 [ 2116.466722][T11561] vmalloc 0 [ 2116.466722][T11561] shmem 126976 [ 2116.466722][T11561] file_mapped 126976 [ 2116.466722][T11561] file_dirty 0 [ 2116.466722][T11561] file_writeback 0 [ 2116.466722][T11561] swapcached 0 [ 2116.466722][T11561] inactive_anon 176128 [ 2116.466722][T11561] active_anon 57344 [ 2116.466722][T11561] inactive_file 0 [ 2116.466722][T11561] active_file 0 [ 2116.466722][T11561] unevictable 0 [ 2116.466722][T11561] slab_reclaimable 22320 [ 2116.466722][T11561] slab_unreclaimable 303118696 [ 2116.466722][T11561] slab 303141016 [ 2116.466722][T11561] workingset_refault_anon 0 [ 2116.466722][T11561] workingset_refault_file 15 [ 2116.466722][T11561] workingset_activate_anon 0 [ 2116.466722][T11561] workingset_activate_file 0 [ 2116.562574][T11561] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=11561,uid=0 [ 2116.578035][T11561] Memory cgroup out of memory: Killed process 11561 (syz-executor.4) total-vm:46312kB, anon-rss:388kB, file-rss:8192kB, shmem-rss:0kB, UID:0 pgtables:72kB oom_score_adj:1000 01:41:47 executing program 2: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000240)=0x1) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4000000010001fff000000000000488800000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00ed"], 0x40}}, 0x0) 01:41:47 executing program 5: r0 = socket(0x11, 0x2, 0x0) sendmsg$IPSET_CMD_SWAP(r0, &(0x7f0000000200)={&(0x7f0000000040), 0xc, &(0x7f0000000080)={0x0}}, 0x0) 01:41:47 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$BATADV_CMD_GET_MCAST_FLAGS(r0, &(0x7f0000000ec0)={&(0x7f0000000dc0), 0xc, &(0x7f0000000e80)={&(0x7f0000000e40)={0x14}, 0xfd76}}, 0x0) syz_genetlink_get_family_id$batadv(0x0, r0) 01:41:47 executing program 0: getpid() socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, 0x0, 0x0, 0x2, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4000000010001fff0000006c0000000000000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00edd62ea20a1d331785", @ANYBLOB="f6058f6edd13b339a41741df7cc8ce16a184f1c3ce95557b15a6b9d8ed59050d446d58b1b14a601e31bc1f05ac2d5eab491981e7982e0834ddf3bc6592804936196dbce83b114f9265aa8c87654cf456311e4cba3ee22fd0451b75c902767755ccec2eb4ea77c45e8d4d4e77f867648d98797fdd8711d671c5f22669c60eb10bf9570150a2c247bf1e55cd1fb91e41588a73327e20823f2f15ce2255a75e6d8afb40aa37c5ae7af3fb6c770673242110d1e2c33cfd3264e2a156ae5ee38d5abfb2ad4c2a8a"], 0x40}}, 0x0) 01:41:47 executing program 4: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_buf(r0, 0x6, 0x1d, &(0x7f0000000000)="71351048", 0x4) 01:41:47 executing program 3: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000240)=0x1) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4000000010001fff00000000000000e600000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00ed"], 0x40}}, 0x0) 01:41:47 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_buf(r0, 0x6, 0x20, &(0x7f0000000040)="71351048069c46b59e5cf14bac5139d9ddcbbe2325f64feb484889b95c85292ee8e78bb7a65c3fe153898dd24041e49456a5a6c4c0e2b104561b60f7cd88e1cfc62c53024b06444b8b5aca7147a10fb54a02ebfc456136400f3653fc4fb17b8686aa8f5efd510498ad962eb65661160ed6cf52a795a88ac840b7389b704643c26bdd42a8ce644aafe87c14d26972a13222739c409ce358485b030b7f90a67a48bbe4c9940aa009791adf8fab10f5f5966ae24a85ce0bc5eeae9ef60b7ad2dba04f8f315ae897681092bd0e1564c7192a85f8d8867d22df11", 0xd8) 01:41:47 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) setsockopt$inet_udp_int(r0, 0x11, 0x64, &(0x7f0000000040)=0x3, 0x4) 01:41:47 executing program 1: add_key$fscrypt_provisioning(&(0x7f0000000080), 0x0, 0x0, 0x0, 0xfffffffffffffffd) prctl$PR_CAPBSET_READ(0x18, 0x0) 01:41:47 executing program 5: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_buf(r0, 0x6, 0x22, &(0x7f0000000000)="71351048", 0x4) 01:41:47 executing program 5: inotify_init() pselect6(0x40, &(0x7f0000000000)={0x9}, 0x0, 0x0, 0x0, 0x0) 01:41:47 executing program 1: syz_mount_image$ext4(0x0, &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount$tmpfs(0x0, &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x0, 0x0) mount$9p_unix(0x0, &(0x7f00000000c0)='./file0/../file0\x00', 0x0, 0x0, 0x0) [ 2116.689769][T11573] syz-executor.4 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 2116.700020][T11573] CPU: 0 PID: 11573 Comm: syz-executor.4 Not tainted 5.19.0-rc6-syzkaller-00104-g72a8e05d4f66-dirty #0 [ 2116.711051][T11573] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 2116.721173][T11573] Call Trace: [ 2116.724454][T11573] [ 2116.727385][T11573] dump_stack_lvl+0xd6/0x122 [ 2116.732020][T11573] dump_stack+0x11/0x12 [ 2116.736190][T11573] dump_header+0x98/0x410 [ 2116.740536][T11573] oom_kill_process+0xfe/0x550 [ 2116.745378][T11573] out_of_memory+0x620/0x880 [ 2116.749974][T11573] mem_cgroup_oom+0x475/0x4f0 [ 2116.754656][T11573] try_charge_memcg+0x746/0x960 [ 2116.759552][T11573] charge_memcg+0x63/0x2c0 [ 2116.763949][T11573] __mem_cgroup_charge+0x25/0xa0 [ 2116.768875][T11573] wp_page_copy+0x20f/0x1460 [ 2116.773543][T11573] do_wp_page+0x76f/0xe10 [ 2116.777866][T11573] handle_mm_fault+0x5fb/0xa90 [ 2116.782710][T11573] do_user_addr_fault+0x4cd/0x940 [ 2116.787789][T11573] exc_page_fault+0x60/0x160 [ 2116.792374][T11573] asm_exc_page_fault+0x22/0x30 [ 2116.797208][T11573] RIP: 0033:0x7fe837f5a340 [ 2116.801617][T11573] Code: fe ff 49 39 dc 75 eb 48 8b 44 24 18 89 28 48 83 c4 28 5b 5d 41 5c 41 5d 41 5e 41 5f c3 0f 1f 44 00 00 41 89 c5 e9 75 fe ff ff <43> 89 2c 84 e9 a3 fe ff ff 0f 1f 80 00 00 00 00 49 39 d4 74 70 48 [ 2116.821223][T11573] RSP: 002b:00007ffd964f7790 EFLAGS: 00010246 [ 2116.827362][T11573] RAX: 0000000065d64832 RBX: 00007fe8380beff8 RCX: 0000001b2de20000 [ 2116.835399][T11573] RDX: 0000000000000000 RSI: 0000001b2de20018 RDI: 0000000008e236a7 [ 2116.843437][T11573] RBP: 0000000065d64832 R08: 0000000000000832 R09: 0000000065d64836 [ 2116.851393][T11573] R10: 00007ffd964f7960 R11: 0000000000000246 R12: 00007fe8380b3000 [ 2116.859363][T11573] R13: 0000000000000001 R14: 0000000000000009 R15: ffffffff8192ab05 [ 2116.867354][T11573] ? socket_type_to_security_class+0x265/0x2f0 [ 2116.873586][T11573] [ 2116.877084][T11573] memory: usage 307200kB, limit 307200kB, failcnt 66700 [ 2116.884102][T11573] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2116.891014][T11573] Memory cgroup stats for /syz4: [ 2117.968164][T11573] anon 122880 [ 2117.968164][T11573] file 126976 [ 2117.968164][T11573] kernel 314318848 [ 2117.968164][T11573] kernel_stack 32768 [ 2117.968164][T11573] pagetables 69632 [ 2117.968164][T11573] percpu 11039616 [ 2117.968164][T11573] sock 0 [ 2117.968164][T11573] vmalloc 0 [ 2117.968164][T11573] shmem 126976 [ 2117.968164][T11573] file_mapped 126976 [ 2117.968164][T11573] file_dirty 0 [ 2117.968164][T11573] file_writeback 0 [ 2117.968164][T11573] swapcached 0 [ 2117.968164][T11573] inactive_anon 192512 [ 2117.968164][T11573] active_anon 57344 [ 2117.968164][T11573] inactive_file 0 [ 2117.968164][T11573] active_file 0 [ 2117.968164][T11573] unevictable 0 [ 2117.968164][T11573] slab_reclaimable 16816 [ 2117.968164][T11573] slab_unreclaimable 303125032 [ 2117.968164][T11573] slab 303141848 [ 2117.968164][T11573] workingset_refault_anon 0 [ 2117.968164][T11573] workingset_refault_file 15 [ 2117.968164][T11573] workingset_activate_anon 0 [ 2117.968164][T11573] workingset_activate_file 0 [ 2118.064214][T11573] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=11573,uid=0 [ 2118.079564][T11573] Memory cgroup out of memory: Killed process 11573 (syz-executor.4) total-vm:46312kB, anon-rss:388kB, file-rss:8192kB, shmem-rss:0kB, UID:0 pgtables:72kB oom_score_adj:1000 01:41:48 executing program 2: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000240)=0x1) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4000000010001fff00000000ffffa88800000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00ed"], 0x40}}, 0x0) 01:41:48 executing program 1: syslog(0x3, &(0x7f0000000000)=""/42, 0x2a) 01:41:48 executing program 5: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_buf(r0, 0x6, 0x17, &(0x7f0000000000)="71351048", 0x4) 01:41:48 executing program 3: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000240)=0x1) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4000000010001fff00000000000003e600000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00ed"], 0x40}}, 0x0) 01:41:48 executing program 4: syz_mount_image$ext4(0x0, &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount$tmpfs(0x0, &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x0, 0x0) mount$9p_unix(0x0, &(0x7f00000017c0)='./file0\x00', 0x0, 0x30b831, 0x0) 01:41:48 executing program 0: getpid() socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, 0x0, 0x0, 0x2, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4000000010001fff0000026e0000000000000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00edd62ea20a1d331785", @ANYBLOB="f6058f6edd13b339a41741df7cc8ce16a184f1c3ce95557b15a6b9d8ed59050d446d58b1b14a601e31bc1f05ac2d5eab491981e7982e0834ddf3bc6592804936196dbce83b114f9265aa8c87654cf456311e4cba3ee22fd0451b75c902767755ccec2eb4ea77c45e8d4d4e77f867648d98797fdd8711d671c5f22669c60eb10bf9570150a2c247bf1e55cd1fb91e41588a73327e20823f2f15ce2255a75e6d8afb40aa37c5ae7af3fb6c770673242110d1e2c33cfd3264e2a156ae5ee38d5abfb2ad4c2a8a"], 0x40}}, 0x0) 01:41:48 executing program 5: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, &(0x7f0000000000), 0x0, &(0x7f00000000c0)={[{}, {@fat=@dmask}]}) 01:41:48 executing program 5: socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCETHTOOL(r0, 0x8906, 0x0) [ 2118.689744][T11595] syz-executor.4 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 2118.700008][T11595] CPU: 0 PID: 11595 Comm: syz-executor.4 Not tainted 5.19.0-rc6-syzkaller-00104-g72a8e05d4f66-dirty #0 [ 2118.711057][T11595] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 2118.721118][T11595] Call Trace: [ 2118.724393][T11595] [ 2118.727322][T11595] dump_stack_lvl+0xd6/0x122 [ 2118.732001][T11595] dump_stack+0x11/0x12 [ 2118.736232][T11595] dump_header+0x98/0x410 [ 2118.740645][T11595] oom_kill_process+0xfe/0x550 [ 2118.745458][T11595] out_of_memory+0x620/0x880 [ 2118.750097][T11595] mem_cgroup_oom+0x475/0x4f0 [ 2118.754777][T11595] try_charge_memcg+0x746/0x960 [ 2118.759632][T11595] charge_memcg+0x63/0x2c0 [ 2118.764052][T11595] __mem_cgroup_charge+0x25/0xa0 [ 2118.769018][T11595] wp_page_copy+0x20f/0x1460 [ 2118.773609][T11595] ? vm_normal_page+0x16b/0x1b0 [ 2118.778532][T11595] ? vm_normal_page+0x159/0x1b0 [ 2118.783387][T11595] do_wp_page+0x76f/0xe10 [ 2118.787723][T11595] handle_mm_fault+0x5fb/0xa90 [ 2118.792497][T11595] do_user_addr_fault+0x4cd/0x940 [ 2118.797554][T11595] exc_page_fault+0x60/0x160 [ 2118.802150][T11595] asm_exc_page_fault+0x22/0x30 [ 2118.807041][T11595] RIP: 0033:0x7fe837f5a340 [ 2118.811454][T11595] Code: fe ff 49 39 dc 75 eb 48 8b 44 24 18 89 28 48 83 c4 28 5b 5d 41 5c 41 5d 41 5e 41 5f c3 0f 1f 44 00 00 41 89 c5 e9 75 fe ff ff <43> 89 2c 84 e9 a3 fe ff ff 0f 1f 80 00 00 00 00 49 39 d4 74 70 48 [ 2118.831159][T11595] RSP: 002b:00007ffd964f7790 EFLAGS: 00010246 01:41:49 executing program 5: r0 = socket$inet(0x2, 0xa, 0x0) sendmsg$IPSET_CMD_SWAP(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={0x0}, 0x1, 0x0, 0x7}, 0x0) 01:41:49 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$BATADV_CMD_GET_MCAST_FLAGS(r0, &(0x7f0000000ec0)={&(0x7f0000000dc0), 0xc, &(0x7f0000000e80)={&(0x7f0000000e40)={0x14}, 0xfffffdef}}, 0x0) 01:41:49 executing program 1: perf_event_open(&(0x7f0000000540)={0x2, 0x80, 0x3a, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xff7fffffffffffff, 0xffffffffffffffff, 0x0) migrate_pages(0x0, 0x0, 0x0, 0x0) [ 2118.837226][T11595] RAX: 000000005f35bbe8 RBX: 00007fe8380beff8 RCX: 0000001b2de20000 [ 2118.845268][T11595] RDX: 0000000000000000 RSI: 0000001b2de20018 RDI: 000000000896098f [ 2118.853244][T11595] RBP: 000000005f35bbe8 R08: 0000000000001be8 R09: 000000005f35bbec [ 2118.861271][T11595] R10: 00007ffd964f7960 R11: 0000000000000246 R12: 00007fe8380b3000 [ 2118.869335][T11595] R13: 0000000000000001 R14: 0000000000000002 R15: ffffffff810a3ab2 [ 2118.877671][T11595] ? do_user_addr_fault+0x82/0x940 [ 2118.882797][T11595] 01:41:49 executing program 5: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_buf(r0, 0x0, 0x29, &(0x7f0000000000)="713510480af65f9fdf243c64743ccdae", 0x20000010) [ 2118.885973][T11595] memory: usage 307196kB, limit 307200kB, failcnt 66750 [ 2118.892911][T11595] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2118.899879][T11595] Memory cgroup stats for /syz4: [ 2118.921572][T11595] anon 114688 [ 2118.921572][T11595] file 126976 [ 2118.921572][T11595] kernel 314327040 [ 2118.921572][T11595] kernel_stack 32768 [ 2118.921572][T11595] pagetables 77824 [ 2118.921572][T11595] percpu 11039616 [ 2118.921572][T11595] sock 0 [ 2118.921572][T11595] vmalloc 0 [ 2118.921572][T11595] shmem 126976 [ 2118.921572][T11595] file_mapped 126976 [ 2118.921572][T11595] file_dirty 0 [ 2118.921572][T11595] file_writeback 0 [ 2118.921572][T11595] swapcached 0 [ 2118.921572][T11595] inactive_anon 184320 [ 2118.921572][T11595] active_anon 57344 [ 2118.921572][T11595] inactive_file 0 [ 2118.921572][T11595] active_file 0 [ 2118.921572][T11595] unevictable 0 [ 2118.921572][T11595] slab_reclaimable 17216 [ 2118.921572][T11595] slab_unreclaimable 303122920 [ 2118.921572][T11595] slab 303140136 [ 2118.921572][T11595] workingset_refault_anon 0 [ 2118.921572][T11595] workingset_refault_file 15 [ 2118.921572][T11595] workingset_activate_anon 0 [ 2118.921572][T11595] workingset_activate_file 0 [ 2119.017889][T11595] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=11595,uid=0 [ 2119.033216][T11595] Memory cgroup out of memory: Killed process 11595 (syz-executor.4) total-vm:46312kB, anon-rss:388kB, file-rss:8192kB, shmem-rss:0kB, UID:0 pgtables:80kB oom_score_adj:1000 01:41:49 executing program 2: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000240)=0x1) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4000000010001fff000000000000038a00000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00ed"], 0x40}}, 0x0) 01:41:49 executing program 5: syz_mount_image$ext4(0x0, &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount$tmpfs(0x0, &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x0, 0x0) mount$9p_unix(0x0, &(0x7f00000017c0)='./file0\x00', 0x0, 0x800f0, 0x0) 01:41:49 executing program 4: syz_mount_image$ext4(0x0, &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount$tmpfs(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000100)={[{@nr_inodes={'nr_inodes', 0x3d, [0x35, 0x0]}}]}) 01:41:49 executing program 1: socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCETHTOOL(r0, 0x8982, &(0x7f00000001c0)={'vcan0\x00', 0x0}) 01:41:49 executing program 0: getpid() socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, 0x0, 0x0, 0x2, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4000000010001fff000000740000000000000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00edd62ea20a1d331785", @ANYBLOB="f6058f6edd13b339a41741df7cc8ce16a184f1c3ce95557b15a6b9d8ed59050d446d58b1b14a601e31bc1f05ac2d5eab491981e7982e0834ddf3bc6592804936196dbce83b114f9265aa8c87654cf456311e4cba3ee22fd0451b75c902767755ccec2eb4ea77c45e8d4d4e77f867648d98797fdd8711d671c5f22669c60eb10bf9570150a2c247bf1e55cd1fb91e41588a73327e20823f2f15ce2255a75e6d8afb40aa37c5ae7af3fb6c770673242110d1e2c33cfd3264e2a156ae5ee38d5abfb2ad4c2a8a"], 0x40}}, 0x0) 01:41:49 executing program 3: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000240)=0x1) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4000000010001fff00000000000003ea00000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00ed"], 0x40}}, 0x0) 01:41:49 executing program 1: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff}) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000080)={'vcan0\x00', &(0x7f0000000040)=@ethtool_pauseparam={0x13}}) 01:41:49 executing program 5: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$devlink(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$DEVLINK_CMD_SB_PORT_POOL_GET(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000080)={0x14, r1, 0x1}, 0x14}}, 0x0) 01:41:49 executing program 5: r0 = socket$inet(0x2, 0xa, 0x0) sendmsg$IPSET_CMD_SWAP(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={0x0}, 0x1, 0x0, 0xf0ff7f}, 0x0) 01:41:49 executing program 1: socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff}) ioctl$sock_SIOCETHTOOL(r0, 0x8922, &(0x7f0000000000)={'lo\x00', 0x0}) [ 2119.461922][T11632] syz-executor.4 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 2119.472327][T11632] CPU: 0 PID: 11632 Comm: syz-executor.4 Not tainted 5.19.0-rc6-syzkaller-00104-g72a8e05d4f66-dirty #0 [ 2119.483359][T11632] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 2119.493437][T11632] Call Trace: [ 2119.496719][T11632] [ 2119.499699][T11632] dump_stack_lvl+0xd6/0x122 [ 2119.504382][T11632] dump_stack+0x11/0x12 [ 2119.508539][T11632] dump_header+0x98/0x410 [ 2119.512880][T11632] oom_kill_process+0xfe/0x550 [ 2119.517806][T11632] out_of_memory+0x620/0x880 [ 2119.522423][T11632] mem_cgroup_oom+0x475/0x4f0 [ 2119.527122][T11632] try_charge_memcg+0x746/0x960 [ 2119.531987][T11632] charge_memcg+0x63/0x2c0 [ 2119.536434][T11632] __mem_cgroup_charge+0x25/0xa0 [ 2119.541437][T11632] wp_page_copy+0x20f/0x1460 [ 2119.546086][T11632] ? shrink_zones+0x525/0x5d0 [ 2119.553025][T11632] do_wp_page+0x76f/0xe10 [ 2119.557437][T11632] handle_mm_fault+0x5fb/0xa90 [ 2119.562212][T11632] do_user_addr_fault+0x4cd/0x940 [ 2119.567261][T11632] exc_page_fault+0x60/0x160 [ 2119.571869][T11632] asm_exc_page_fault+0x22/0x30 [ 2119.576762][T11632] RIP: 0033:0x7fe837f5a340 [ 2119.581176][T11632] Code: fe ff 49 39 dc 75 eb 48 8b 44 24 18 89 28 48 83 c4 28 5b 5d 41 5c 41 5d 41 5e 41 5f c3 0f 1f 44 00 00 41 89 c5 e9 75 fe ff ff <43> 89 2c 84 e9 a3 fe ff ff 0f 1f 80 00 00 00 00 49 39 d4 74 70 48 [ 2119.600843][T11632] RSP: 002b:00007ffd964f7790 EFLAGS: 00010246 [ 2119.606910][T11632] RAX: 000000007df56dcd RBX: 00007fe8380beff8 RCX: 0000001b2de20000 [ 2119.614904][T11632] RDX: 0000000000000000 RSI: 0000001b2de20018 RDI: 0000000008960975 [ 2119.622882][T11632] RBP: 000000007df56dcd R08: 0000000000000dcd R09: 000000007df56dd1 [ 2119.630853][T11632] R10: 00007ffd964f7960 R11: 0000000000000246 R12: 00007fe8380b3000 [ 2119.638958][T11632] R13: 0000000000000001 R14: 0000000000000001 R15: ffffffff810a3a9e [ 2119.646957][T11632] ? do_user_addr_fault+0x6e/0x940 [ 2119.652107][T11632] [ 2119.655169][T11632] memory: usage 307200kB, limit 307200kB, failcnt 66810 [ 2119.662103][T11632] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2119.668969][T11632] Memory cgroup stats for /syz4: [ 2119.851019][T11632] anon 110592 [ 2119.851019][T11632] file 126976 [ 2119.851019][T11632] kernel 314335232 [ 2119.851019][T11632] kernel_stack 32768 [ 2119.851019][T11632] pagetables 77824 [ 2119.851019][T11632] percpu 11039616 [ 2119.851019][T11632] sock 0 [ 2119.851019][T11632] vmalloc 0 [ 2119.851019][T11632] shmem 126976 [ 2119.851019][T11632] file_mapped 126976 [ 2119.851019][T11632] file_dirty 0 [ 2119.851019][T11632] file_writeback 0 [ 2119.851019][T11632] swapcached 0 [ 2119.851019][T11632] inactive_anon 180224 [ 2119.851019][T11632] active_anon 57344 [ 2119.851019][T11632] inactive_file 0 [ 2119.851019][T11632] active_file 0 [ 2119.851019][T11632] unevictable 0 [ 2119.851019][T11632] slab_reclaimable 17016 [ 2119.851019][T11632] slab_unreclaimable 303129280 [ 2119.851019][T11632] slab 303146296 [ 2119.851019][T11632] workingset_refault_anon 0 [ 2119.851019][T11632] workingset_refault_file 15 [ 2119.851019][T11632] workingset_activate_anon 0 [ 2119.851019][T11632] workingset_activate_file 0 01:41:50 executing program 5: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_buf(r0, 0x6, 0x5, &(0x7f0000000000)="71351048", 0x4) [ 2119.946881][T11632] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=11632,uid=0 [ 2119.962292][T11632] Memory cgroup out of memory: Killed process 11632 (syz-executor.4) total-vm:46312kB, anon-rss:388kB, file-rss:8192kB, shmem-rss:0kB, UID:0 pgtables:80kB oom_score_adj:1000 01:41:50 executing program 4: r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$inet_udp_int(r0, 0x11, 0xb, &(0x7f0000000100), 0x4) [ 2120.072024][T11658] syz-executor.4 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 2120.082283][T11658] CPU: 0 PID: 11658 Comm: syz-executor.4 Not tainted 5.19.0-rc6-syzkaller-00104-g72a8e05d4f66-dirty #0 [ 2120.093298][T11658] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 2120.103390][T11658] Call Trace: [ 2120.106663][T11658] [ 2120.109592][T11658] dump_stack_lvl+0xd6/0x122 [ 2120.114231][T11658] dump_stack+0x11/0x12 [ 2120.118386][T11658] dump_header+0x98/0x410 [ 2120.122719][T11658] oom_kill_process+0xfe/0x550 [ 2120.127478][T11658] out_of_memory+0x620/0x880 [ 2120.132161][T11658] mem_cgroup_oom+0x475/0x4f0 [ 2120.136932][T11658] try_charge_memcg+0x746/0x960 [ 2120.141802][T11658] ? avc_has_perm_noaudit+0x1c0/0x270 [ 2120.147236][T11658] obj_cgroup_charge+0x171/0x2b0 [ 2120.152268][T11658] memcg_slab_pre_alloc_hook+0xf7/0x170 [ 2120.158049][T11658] ? sock_alloc_inode+0x2d/0xa0 [ 2120.163028][T11658] kmem_cache_alloc_lru+0x76/0x2b0 [ 2120.168202][T11658] sock_alloc_inode+0x2d/0xa0 [ 2120.172866][T11658] ? sockfs_init_fs_context+0x70/0x70 [ 2120.178256][T11658] alloc_inode+0x38/0x150 [ 2120.182630][T11658] new_inode_pseudo+0x13/0x90 [ 2120.187367][T11658] __sock_create+0x122/0x4e0 [ 2120.192013][T11658] __sys_socket+0x9c/0x220 [ 2120.196433][T11658] __x64_sys_socket+0x3b/0x50 [ 2120.201116][T11658] do_syscall_64+0x2b/0x70 [ 2120.205565][T11658] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 2120.211444][T11658] RIP: 0033:0x7fe837fac109 [ 2120.215851][T11658] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 2120.235704][T11658] RSP: 002b:00007fe837722168 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 2120.244196][T11658] RAX: ffffffffffffffda RBX: 00007fe8380bef60 RCX: 00007fe837fac109 [ 2120.252252][T11658] RDX: 0000000000000000 RSI: 0000000000000002 RDI: 0000000000000002 [ 2120.260323][T11658] RBP: 00007fe83800605d R08: 0000000000000000 R09: 0000000000000000 [ 2120.268349][T11658] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 2120.276393][T11658] R13: 00007ffd964f77ff R14: 00007fe837722300 R15: 0000000000022000 [ 2120.284365][T11658] [ 2120.287426][T11658] memory: usage 307192kB, limit 307200kB, failcnt 66892 [ 2120.294394][T11658] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2120.301339][T11658] Memory cgroup stats for /syz4: [ 2120.301679][T11658] anon 98304 [ 2120.301679][T11658] file 126976 [ 2120.301679][T11658] kernel 314343424 [ 2120.301679][T11658] kernel_stack 32768 [ 2120.301679][T11658] pagetables 77824 [ 2120.301679][T11658] percpu 11039616 [ 2120.301679][T11658] sock 0 [ 2120.301679][T11658] vmalloc 0 [ 2120.301679][T11658] shmem 126976 [ 2120.301679][T11658] file_mapped 126976 [ 2120.301679][T11658] file_dirty 0 [ 2120.301679][T11658] file_writeback 0 [ 2120.301679][T11658] swapcached 0 [ 2120.301679][T11658] inactive_anon 114688 [ 2120.301679][T11658] active_anon 57344 [ 2120.301679][T11658] inactive_file 0 [ 2120.301679][T11658] active_file 0 [ 2120.301679][T11658] unevictable 0 [ 2120.301679][T11658] slab_reclaimable 24848 [ 2120.301679][T11658] slab_unreclaimable 303130944 [ 2120.301679][T11658] slab 303155792 [ 2120.301679][T11658] workingset_refault_anon 0 [ 2120.301679][T11658] workingset_refault_file 15 [ 2120.301679][T11658] workingset_activate_anon 0 [ 2120.301679][T11658] workingset_activate_file 0 [ 2120.397595][T11658] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=11657,uid=0 [ 2120.413059][T11658] Memory cgroup out of memory: Killed process 11657 (syz-executor.4) total-vm:46312kB, anon-rss:388kB, file-rss:8192kB, shmem-rss:0kB, UID:0 pgtables:80kB oom_score_adj:1000 01:41:50 executing program 2: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000240)=0x1) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4000000010001fff000000000000019600000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00ed"], 0x40}}, 0x0) 01:41:50 executing program 5: prctl$PR_CAPBSET_READ(0x2f, 0x0) 01:41:50 executing program 0: getpid() socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, 0x0, 0x0, 0x2, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4000000010001fff0000007a0000000000000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00edd62ea20a1d331785", @ANYBLOB="f6058f6edd13b339a41741df7cc8ce16a184f1c3ce95557b15a6b9d8ed59050d446d58b1b14a601e31bc1f05ac2d5eab491981e7982e0834ddf3bc6592804936196dbce83b114f9265aa8c87654cf456311e4cba3ee22fd0451b75c902767755ccec2eb4ea77c45e8d4d4e77f867648d98797fdd8711d671c5f22669c60eb10bf9570150a2c247bf1e55cd1fb91e41588a73327e20823f2f15ce2255a75e6d8afb40aa37c5ae7af3fb6c770673242110d1e2c33cfd3264e2a156ae5ee38d5abfb2ad4c2a8a"], 0x40}}, 0x0) 01:41:50 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_buf(r0, 0x0, 0x5, &(0x7f0000000000)='q', 0x1) 01:41:50 executing program 4: socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCETHTOOL(r0, 0x5411, 0x0) 01:41:50 executing program 3: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000240)=0x1) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4000000010001fff00000000ffffffea00000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00ed"], 0x40}}, 0x0) 01:41:50 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_buf(r0, 0x6, 0x22, &(0x7f0000000000)='\x00\x00\x00\x00', 0x4) 01:41:50 executing program 5: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$BATADV_CMD_GET_MCAST_FLAGS(r0, &(0x7f0000000ec0)={&(0x7f0000000dc0), 0xc, &(0x7f0000000e80)={&(0x7f0000000e40)={0x14}, 0xfd76}}, 0x0) 01:41:50 executing program 5: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_buf(r0, 0x6, 0x25, &(0x7f0000000000)="71351048", 0x37) 01:41:50 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_buf(r0, 0x0, 0x11, &(0x7f0000000040)="713510480af65f9fdf243c64743ccdae3a85093fd106a0f23a7326966b3647bc932da78e18775976f4bb8c8c0c3489bd814bba0166ac92b61d3c4dc312deaf9e1f40fc89734758bed3e2312a310c8a54f000bd2f35b2125f5dce9c6ad8dd7c4021b56db16615b6acb1cec9a85978be2d44e5713afda1d4d1fa6e06025bd6907273c701f7ee4baede8cf191b36932c84fcee56ed3d97b3d8a913f34bcd839511d8989d9bc14b8fa76", 0xa8) 01:41:50 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$BATADV_CMD_GET_MCAST_FLAGS(r0, &(0x7f0000000ec0)={&(0x7f0000000dc0), 0xc, &(0x7f0000000e80)={&(0x7f0000000e40)={0x14}, 0xfd76}, 0x300}, 0x0) 01:41:50 executing program 5: socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCETHTOOL(r0, 0x8982, 0x0) [ 2120.577738][T11673] syz-executor.4 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=0, oom_score_adj=1000 [ 2120.589959][T11673] CPU: 1 PID: 11673 Comm: syz-executor.4 Not tainted 5.19.0-rc6-syzkaller-00104-g72a8e05d4f66-dirty #0 [ 2120.601134][T11673] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 2120.611292][T11673] Call Trace: [ 2120.614658][T11673] [ 2120.617596][T11673] dump_stack_lvl+0xd6/0x122 [ 2120.622206][T11673] dump_stack+0x11/0x12 [ 2120.626381][T11673] dump_header+0x98/0x410 [ 2120.630732][T11673] oom_kill_process+0xfe/0x550 [ 2120.635516][T11673] out_of_memory+0x620/0x880 [ 2120.640228][T11673] mem_cgroup_oom+0x475/0x4f0 [ 2120.644943][T11673] try_charge_memcg+0x746/0x960 [ 2120.649815][T11673] __memcg_kmem_charge_page+0x2e4/0x480 [ 2120.655397][T11673] __alloc_pages+0x1c1/0x340 [ 2120.660017][T11673] alloc_pages+0x34d/0x450 [ 2120.664451][T11673] pte_alloc_one+0x29/0xb0 [ 2120.668969][T11673] __pte_alloc+0x2f/0x1f0 [ 2120.673305][T11673] do_anonymous_page+0x799/0xa20 [ 2120.678235][T11673] ? preempt_count_add+0x5e/0xa0 [ 2120.683167][T11673] ? _raw_spin_unlock+0x2d/0x50 [ 2120.688001][T11673] ? __pmd_alloc+0x2cb/0x300 [ 2120.692627][T11673] handle_mm_fault+0x8a0/0xa90 [ 2120.697458][T11673] do_user_addr_fault+0x4cd/0x940 [ 2120.702528][T11673] exc_page_fault+0x60/0x160 [ 2120.707194][T11673] asm_exc_page_fault+0x22/0x30 [ 2120.712041][T11673] RIP: 0010:__put_user_nocheck_4+0x3/0x11 [ 2120.717905][T11673] Code: 00 00 48 39 d9 73 54 0f 01 cb 66 89 01 31 c9 0f 01 ca c3 0f 1f 44 00 00 48 bb fd ef ff ff ff 7f 00 00 48 39 d9 73 34 0f 01 cb <89> 01 31 c9 0f 01 ca c3 66 0f 1f 44 00 00 48 bb f9 ef ff ff ff 7f [ 2120.737501][T11673] RSP: 0018:ffffc9000f5bbeb8 EFLAGS: 00050293 [ 2120.743622][T11673] RAX: 0000000000000003 RBX: 00007fffffffeffd RCX: 0000000020000040 [ 2120.751583][T11673] RDX: ffff888160b54dc0 RSI: 0000000000000004 RDI: 0000000000000000 [ 2120.759561][T11673] RBP: 0000000000000001 R08: ffffffff83a12fe0 R09: 0000000000000000 [ 2120.767563][T11673] R10: 00018881379f9280 R11: 0001ffffffffffff R12: 0000000020000040 [ 2120.775817][T11673] R13: 0000000000000000 R14: 0000000000000001 R15: 0000000000000003 [ 2120.783794][T11673] ? __sys_socketpair+0xa0/0x420 [ 2120.789469][T11673] __sys_socketpair+0xb6/0x420 [ 2120.794302][T11673] __x64_sys_socketpair+0x4e/0x60 [ 2120.799443][T11673] do_syscall_64+0x2b/0x70 [ 2120.803994][T11673] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 2120.809913][T11673] RIP: 0033:0x7fe837fac109 [ 2120.814345][T11673] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 2120.834141][T11673] RSP: 002b:00007fe837722168 EFLAGS: 00000246 ORIG_RAX: 0000000000000035 [ 2120.842615][T11673] RAX: ffffffffffffffda RBX: 00007fe8380bef60 RCX: 00007fe837fac109 [ 2120.850569][T11673] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000001 [ 2120.858533][T11673] RBP: 00007fe83800605d R08: 0000000000000000 R09: 0000000000000000 [ 2120.866540][T11673] R10: 0000000020000040 R11: 0000000000000246 R12: 0000000000000000 [ 2120.874505][T11673] R13: 00007ffd964f77ff R14: 00007fe837722300 R15: 0000000000022000 [ 2120.882490][T11673] [ 2120.885556][T11673] memory: usage 307196kB, limit 307200kB, failcnt 66960 [ 2120.892494][T11673] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2120.899375][T11673] Memory cgroup stats for /syz4: [ 2121.963370][T11673] anon 98304 [ 2121.963370][T11673] file 126976 [ 2121.963370][T11673] kernel 314331136 [ 2121.963370][T11673] kernel_stack 32768 [ 2121.963370][T11673] pagetables 73728 [ 2121.963370][T11673] percpu 11039616 [ 2121.963370][T11673] sock 0 [ 2121.963370][T11673] vmalloc 0 [ 2121.963370][T11673] shmem 126976 [ 2121.963370][T11673] file_mapped 126976 [ 2121.963370][T11673] file_dirty 0 [ 2121.963370][T11673] file_writeback 0 [ 2121.963370][T11673] swapcached 0 [ 2121.963370][T11673] inactive_anon 167936 [ 2121.963370][T11673] active_anon 57344 [ 2121.963370][T11673] inactive_file 0 [ 2121.963370][T11673] active_file 0 [ 2121.963370][T11673] unevictable 0 [ 2121.963370][T11673] slab_reclaimable 15840 [ 2121.963370][T11673] slab_unreclaimable 303129360 [ 2121.963370][T11673] slab 303145200 [ 2121.963370][T11673] workingset_refault_anon 0 [ 2121.963370][T11673] workingset_refault_file 15 [ 2121.963370][T11673] workingset_activate_anon 0 [ 2121.963370][T11673] workingset_activate_file 0 [ 2122.059803][T11673] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0,oom_memcg=/syz4,task_memcg=/syz4,task=syz-executor.4,pid=11668,uid=0 [ 2122.075168][T11673] Memory cgroup out of memory: Killed process 11668 (syz-executor.4) total-vm:46312kB, anon-rss:388kB, file-rss:8192kB, shmem-rss:0kB, UID:0 pgtables:76kB oom_score_adj:1000 01:41:53 executing program 2: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000240)=0x1) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4000000010001fff00000000ffffff9e00000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00ed"], 0x40}}, 0x0) 01:41:53 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_buf(r0, 0x6, 0xe, &(0x7f0000000000)="71351048", 0x4) 01:41:53 executing program 5: close(0xffffffffffffffff) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0) perf_event_open(&(0x7f00000004c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x9}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000400)={0x0, 0x80, 0x68, 0x3, 0x1, 0x3, 0x0, 0x2, 0x490ce, 0xa, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x2, 0x4, @perf_bp={&(0x7f0000000300)}, 0x41, 0x80, 0x4, 0x8, 0x4, 0x9, 0x5, 0x0, 0x2300, 0x0, 0x400}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f00000009c0)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065040400010010000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b7000000000008009500f10100000000487591731cba12c07d57d995b61e89a4530f92344f242b416ae9eeefc0e9c60ebab1c176bfdbb4dde984510c82dc2bd18189a7ca02f732e4c2eab72bf40c0682fd0a0c4ac106b29e220dc28dac72039456d4c4e6f3fe684ab8373bb4df9d72876ef3834293812e927c01a6da1322da44c7f2ed1084a12f56d1cb39df9858037458a4ca0376ed42f7dd5adb8e49f4a94608c9a20819e02fc22e6be45574d4ed88b37ab8d7674c644dca2f1b4d745fd95c41f9df0004afd1e5a3e7f2e898961cb43e438c2da3c28714dca4b04e41ae43ea118e14ffffffff14e7f574adde1a76b051c72be4b8a80366ce5401ec61921a1b529cc8b99bffff950c006c67767b03b95151aeb89e6d4a433eb215ba22f4e14336fc9dc7beedb130d9f2be90133a4500000058b8c9370634060105baa664953505605fba3973aa021945b985a8a66e0200ce8f00c219cb608acc4d305b37cb8d7f41aacfbd4089ea1bd22440f63db15d792e604a4f279b3bd6841bdf2c17bc0400001000000000ff8d01026200607a9a76e5d9656a7154c75773902a1bdf399df3925130312d095e9c1f973d091c198c1a11edb6b3cc425fe203d2f2655a76865c2ce2470fcfb1ce30c00e14a8198cd7248cc0ed5431a7fbcb0ef4f66a09af93a09fab1daae4b518d7a5d95a017864487367d6d7ee7bb0749cacf56cf27409c60fca2e0004000000000000a9cb6f4a78444986f9b1ab61f9dab530388eb1f43d4abbfc59d6d1b18fe380df4bf024f120bd715d82033f2fb7d8fc9a0d77b294e097e293db7f042c0024ab2fd8e5e7fb178f047ba32548b4d32972cba6f49051cec1bf6f16231bbb90a2d201a5a47811a2278a03bf7700b06fa191ebd3a0c2ef0058ffebd7cc4cf80f74a7cdac01d998c24f34a5ba9a4a2039d0416e3f81074100000000c7d8e94a27a06a4e3d9aaae835fd63384f69ce34640571e5bbb3e6d2b5eba505000000968983811f832d064048c0e0bbe46984f1f0d0504255c2080000f895aa5c2b0dcb25d7a656a93d0a7e6f08f9ffffff64875fea6ff57ba6ae25c5e8ca4f78d4a0130c243b08f1caa46be5244864184221e5f8e875857f083144c642f71cdc8e5634c1360c056430f677ee7ed7ac1f9743786b2fb8e0fcfcc3d36c93230b7b059bc295aa0e38ff07edc3c92b96e73d2060ac6fd0fd8145e4a5851bc4d6fdc5ad939d7795f3879baa88bd194d48e50c84892c97c80003000000a71835bdf8b846e31ce0b8ee953de70ea860f1ecf607a8dc38e525f415a1bd46b38845ebca04061bacbf627f9d1ffe599678fee48f83b5989543729e3600000000bc86cd51704f309130f534741377ea7b7bea3c46c0c4c4b7c27c5d057d95ac85a41cdcee8e6fa31f7d2137ed1fb4b21c13b9a2c5e3f7c9ef9c45885adbf0b9312be929863f000000000000004a82bc080de1f87808d0711dd76f2977ca7f2684bfa5c14a0cd6f1f561e3b0cfb284fcfde9015769b9eeac8ff10e934847604d930f62920562ce17fedadf5053ed8f33092a41bb46e1878c5295fecc27f9c6d1f62da58c000200000000000100000005e74591d5cdab1c268ef3c1984c7c0a566cfc2a080000009ec206a54fb49056a555414178ef00d8b8f3c59f01eb5d83415994efcc6ec4b3c275cd6b1b5ff82ef7d7abe7a1d0afa285706841aac9ccc89df41c39dd58dd70569fde45f8ad62edc65828fbb6e279f745d2872f0208635e465ca443a6a64c7803760880af23fb1f430a5d11fffc96dd1c2551642f1433f65b4e170a62a56bb7d0f9d5cef0d19389c43d4a4cc23e1c860900c2307500007e560fcc49062729e6a4de8b554d8f631e34c428bfe05b711f6e9abce622926614c8045dc670a31241bf657babf0615b85dc200a10294b7d5885b43ac62fc7f97a85586168483427072a535f2c7481ec261c00f725de74e48d9a86f7d4a5d28da3f099ca3e6472b9d7c86d961f525f799b4517141fc98af0673b8296f867eca1ec07be11bc497a6f7d2b752bcf77c2908b646300000000261bc2bc580a7474534b8dfc0432ab6bbc2486a03e69870cbfa7c3d3301fe227b713a371414c98695e559f9cbf6b046184064a5f24a4cc6f41f21fc24a3ad7d20a89e00a9dc99a40f890869d35fba3ce6f29c6610600ba21c65badf55d1859ea7e05c5711390bb2addd4581f9e7ef3e2693b46a8fc85be061ce79aa2832c04dc04db8b6536123b24be2ef80eb06b2db900fb30596c1574bda31f81d61ccfd58080d2330b9c7b87b5d17d48c32daffead3414b916626117c5cc91d5655e5eeb03e250eeedc7d65675bca9037426f643797be3e93da96b5643d3feed0b7c885d247c6b830d7cbf3152f27522f5142dcc84a9e48a07518f0142167abf5d6685d09945cbc778bcc3e7dcfac497bc1389a3a34ab9e5746a1353322960964183842601e5365b58060d417b01e6d80091a0d14ecb6ad9168040388c7640bfa2f886c259718543de7eebf4da8d1c3e76daace5217761d933d064b79609fcf5971aa1e77c3123910e72daaadd8878ad468eabafda2d521454ea9e8fcd3b53adfd6f00003a71345b841d04a02bf44195df032c59608a555bc44873272812e0fb874618a079f503379acff9825d582932a340c2b56b4cf44990f60000000000000000000000000000da0ca67905e877893646d185a75582f866785af6b0149e336c31fb177e3e2862ee1a07bc55df44d8d63f52fc5246b050f883247a0cd13c58cba50878620fa493937386ad2e2a0d60eb815aa05c33e22c32276dab36d14c63af66a31409ab2a403ec3c7a4e008d745efa2835a8c932f22aa6da40af9bcdf808b916bc8deb37d5b8c422b65c42d17e61751c561ce775a31b594cfbb7d2b3791b0300931610000000000000000000800000000000057e3bb75d0c9caecdd87b4d177b59f3807aa5fe4556fd97e90b31556262d1553d5721d2e089975877b808addae6f3550bcf8ac824a23854a6dc1706e22b717965a5434b736f72ab3f5af67db4fa1e8fab03f8084c461dd96299a36a79f1b40f36e5f115bc9c6821c4292e112664dba8e4a6a26614edbd1c49d4ae08c1fa43d7b03d1a3521d39968dbd298845060036f1d717fa394e4630e296937a2c37798cf83de74a0589003b4e1ba4f5173c080000000000000000000000a2671447b423b3963e4ebc75f17d4e654e29a5c189974c41a2721b86a754dcab9b311d1d0a2985675dd9e893edbde6105c8a556671d7ef8d2e20179a6f87b7172f7068b75b3287910000000408d72e3e3c54bdda389c4be1ad5073749c37a3ff61fd9e059e25d4d2002fa33cd5e2d1a69a2389b5c0b679ab9965ccebf2987f98ca9403e5b8fd45d3445b6329b5305625fbe1c0d68c57c2726fab5f0728dba6e1e0079ef2857662982bca4179c0e65aebd912c57fb3cb22cc0b50153dda5f2c67640396aff424d676047e2b5113714e20f14e7e24bd8d1686b5155bacb4de49168cd396838d5f02bb9ddd046d7f61bd7e6dea2e430a6c492778fe84390a6f16ef82135e70be04005c5cd3a99059a7b3ccd33b350305d134552d2ca379dac0d5d542027686a620458f9220a8d23adfa0dc7d03dc996b66ff96039109b504563132e0fd985b49741fc2eef5580c0432b58edb3486abca78b77236c9a442359601580000000049f557ed634597ae7c821d8c4b9f959aecc4a0e316e35176441ed2a4943640349f34f7bcba5fff1f6d918795dc44c124517fc9045b276c66b7e456bd7842902e55cf787b34f8131b261c83c20ead80324054458c272a09dae5e74c0794dfa36ed5c1b69684552e096e3ee77f3fed314fcb3101a3b0de8d07ecd9ebd8ccbf823548caf4d75e03058a2ecfd49ec86dbc1d2e2cf70918e9104d61219ad9eb940070c1ab7f8acd5c5c162efa20494628d081077b0555cd65bbd87da70000000000000000000000b1fcf34ed74ce256b12c4097200049ea1b007d4c2cfb545c4b1f0d38d4fdc99a37f92e0967297a6861a4511ea6601ba508144a836b445d34d36b63d821b94b1514fa8924bedae1c9773f43375945be99787417758ab15ba1533a58a9e6cccbe371c26a41699de1633059739b3a2b452d1c3b5e93a053d9bbce1b01243b846537fbeda9e5b9e5627df4252e030407961e9d8e62f9a10ccec5f100000000000000000000000000000000e58f8bde3a6ebd236dc8cdd2517e6fac778393328fd478265af3f3c91ff90f786fcf83917774648b4abb2ef9f2eaa8a53165bde445c19406ea3cba2d82e4db0b48af4fd095cdbc1348bf3b65f5055f9a02521a9b52a785b5918ce13f9a3ff1335c4ab9bac0ac9ab00e364a6ff4a5fc8aeda742a3115235c0ae3332a5fd736ac9ae174616a16a6e6ddf94936450510d5b4c83f41a909608b6ad05fbb81db37adfb8dbdaf363aef2be2165d3acd016f5cfe6833a1875fbc48f7e42f00038da295de727ab12df3d67c560bfd73c59e7a97993763f1cc28c7a2d73038cecea93c28a0ac2fd71afc82616c0be9cd3ec4b0f65a5617c6c6c5e813d556de2a15229e90f0aa0eebc35bdb50d2d80e3e74647555b78ce51da13d439b106ec1bd818d6459bbc3c049066e7935b9658df985f5304fac8940a14837d179710195d2a5a710418704498f2b7e1552af712306d938f5443fa0450848282b11753bbae7794bba7ce64e92b2d11619653e6984a014d3035e4ae38e316d4df55df6036f5c3a2c18e15367650f7a9661ee28764479542ef1a7b7ad7f0e5842bb8e7e4722f87cf4cf498469da0400eab9aa5f0da3662efb96c3a5b787f62b0f6476c853f92128c136684ae8ebef1d6f6ca5ebe39f5a6ac38e3f9f55e251fdd81cf737d14fe00359a0126994317c039d1a80000"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x222}, 0x48) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r1, 0x18000000000002a0, 0x1f, 0x0, &(0x7f0000000980)="b0ff07c66b1d698cb89e07e007ca1f74ffff100e7200636777fbac141436ee", 0x0, 0x2e, 0xe8034000, 0x0, 0x0, 0x0, 0x0}, 0x48) openat$cgroup_int(0xffffffffffffffff, &(0x7f00000000c0)='memory.max\x00', 0x2, 0x0) r2 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000280), 0x4) r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000140)=@base={0x7, 0x4, 0x10, 0x5}, 0x48) r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000140)=@base={0x7, 0x4, 0x10, 0x5}, 0x48) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x1, 0x5, &(0x7f0000000000)=@framed={{}, [@map_fd={0x18, 0x0, 0x2, 0x0, r4}]}, &(0x7f0000000040)='GPL\x00', 0x7, 0xf5, &(0x7f00000001c0)=""/245, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80) r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000140)=@base={0x7, 0x4, 0x10, 0x5}, 0x48) r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x1, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000018200000", @ANYRES32=r5, @ANYBLOB="000000dbd63e9fe6334e710000000000"], &(0x7f0000000040)='GPL\x00', 0x7, 0xf5, &(0x7f00000001c0)=""/245, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80) bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000380)=@bpf_ext={0x1c, 0x8, &(0x7f0000000040)=@framed={{0x18, 0x0, 0x0, 0x0, 0xfff, 0x0, 0x0, 0x0, 0x3}, [@generic={0x4e, 0x3, 0x2, 0x40, 0x5}, @map_idx_val={0x18, 0x7, 0x6, 0x0, 0x1, 0x0, 0x0, 0x0, 0x9ea}, @func={0x85, 0x0, 0x1, 0x0, 0x3}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x5}]}, &(0x7f0000000100)='syzkaller\x00', 0x1f, 0x0, &(0x7f0000000140), 0x41000, 0x8, '\x00', 0x0, 0x0, r0, 0x8, &(0x7f0000000180)={0x2, 0x5}, 0x8, 0x10, &(0x7f00000001c0)={0x0, 0x10, 0x6, 0x1}, 0x10, 0x307c3, r2, 0x0, &(0x7f00000002c0)=[0xffffffffffffffff, r3, r0, r0, r4, r5]}, 0x80) bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x0, 0x2, &(0x7f0000000140)=@raw=[@btf_id], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80) bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0xc, 0xc, &(0x7f0000000580)=@framed={{0x18, 0x0, 0x0, 0x0, 0xffff7fff, 0x0, 0x0, 0x0, 0x5}, [@jmp={0x5, 0x0, 0x8, 0x7, 0x2, 0x10, 0xfffffffffffffffc}, @map_val={0x18, 0xa, 0x2, 0x0, r5, 0x0, 0x0, 0x0, 0x800}, @map_fd={0x18, 0x6}, @generic={0x5, 0x0, 0x0, 0x1ff, 0x1}, @map_val={0x18, 0x1, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0xffffffc1}, @generic={0x7, 0x0, 0x3, 0x3, 0x20000}]}, &(0x7f0000000600)='syzkaller\x00', 0xffffffff, 0xe9, &(0x7f0000000640)=""/233, 0x41100, 0x22, '\x00', 0x0, 0xcc2ace0ce83ef6e5, r0, 0x8, &(0x7f0000000740)={0x1, 0x3}, 0x8, 0x10, &(0x7f0000000780)={0x4, 0xa, 0x10001, 0x3f}, 0x10, 0x0, r6}, 0x80) 01:41:53 executing program 4: socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000001c0)={'vcan0\x00', 0x0}) 01:41:53 executing program 0: getpid() socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, 0x0, 0x0, 0x2, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4000000010001fff0000027e0000000000000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00edd62ea20a1d331785", @ANYBLOB="f6058f6edd13b339a41741df7cc8ce16a184f1c3ce95557b15a6b9d8ed59050d446d58b1b14a601e31bc1f05ac2d5eab491981e7982e0834ddf3bc6592804936196dbce83b114f9265aa8c87654cf456311e4cba3ee22fd0451b75c902767755ccec2eb4ea77c45e8d4d4e77f867648d98797fdd8711d671c5f22669c60eb10bf9570150a2c247bf1e55cd1fb91e41588a73327e20823f2f15ce2255a75e6d8afb40aa37c5ae7af3fb6c770673242110d1e2c33cfd3264e2a156ae5ee38d5abfb2ad4c2a8a"], 0x40}}, 0x0) 01:41:53 executing program 3: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000240)=0x1) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4000000010001fff00000000000003ee00000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00ed"], 0x40}}, 0x0) 01:41:53 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_buf(r0, 0x6, 0x19, &(0x7f0000000000)='\x00\x00\x00\x00', 0x4) [ 2122.674606][T11694] syz-executor.4 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 2122.684868][T11694] CPU: 1 PID: 11694 Comm: syz-executor.4 Not tainted 5.19.0-rc6-syzkaller-00104-g72a8e05d4f66-dirty #0 [ 2122.695992][T11694] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 2122.706107][T11694] Call Trace: [ 2122.709388][T11694] [ 2122.712326][T11694] dump_stack_lvl+0xd6/0x122 [ 2122.716983][T11694] dump_stack+0x11/0x12 01:41:53 executing program 1: syz_mount_image$ext4(0x0, &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount$tmpfs(0x0, &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x0, 0x0) mount$9p_unix(0x0, &(0x7f00000017c0)='./file0\x00', 0x0, 0xa0000, 0x0) 01:41:53 executing program 5: openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000002380)='./cgroup.net/syz1\x00', 0x200002, 0x0) 01:41:53 executing program 5: syz_mount_image$ext4(0x0, &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) statx(0xffffffffffffff9c, &(0x7f00000003c0)='./file0\x00', 0x1000, 0x0, &(0x7f0000000400)) 01:41:53 executing program 1: prctl$PR_CAPBSET_READ(0x17, 0x1000000000007fff) 01:41:53 executing program 5: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000c80)=@bloom_filter={0x1e, 0x0, 0x5, 0x57}, 0x48) bpf$MAP_DELETE_ELEM(0x16, &(0x7f0000000080)={r0, 0x0}, 0x20) bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000000000)={r0, 0x0, 0x0}, 0x20) [ 2122.721226][T11694] dump_header+0x98/0x410 [ 2122.725625][T11694] oom_kill_process+0xfe/0x550 [ 2122.730409][T11694] out_of_memory+0x620/0x880 [ 2122.735056][T11694] mem_cgroup_oom+0x475/0x4f0 [ 2122.739794][T11694] try_charge_memcg+0x746/0x960 [ 2122.744753][T11694] charge_memcg+0x63/0x2c0 [ 2122.749183][T11694] __mem_cgroup_charge+0x25/0xa0 [ 2122.754192][T11694] wp_page_copy+0x20f/0x1460 [ 2122.758840][T11694] ? shrink_zones+0x525/0x5d0 [ 2122.763568][T11694] do_wp_page+0x76f/0xe10 [ 2122.767977][T11694] handle_mm_fault+0x5fb/0xa90 [ 2122.772774][T11694] do_user_addr_fault+0x4cd/0x940 [ 2122.777929][T11694] exc_page_fault+0x60/0x160 [ 2122.782513][T11694] asm_exc_page_fault+0x22/0x30 [ 2122.787503][T11694] RIP: 0033:0x7fe837f5a340 [ 2122.792032][T11694] Code: fe ff 49 39 dc 75 eb 48 8b 44 24 18 89 28 48 83 c4 28 5b 5d 41 5c 41 5d 41 5e 41 5f c3 0f 1f 44 00 00 41 89 c5 e9 75 fe ff ff <43> 89 2c 84 e9 a3 fe ff ff 0f 1f 80 00 00 00 00 49 39 d4 74 70 48 [ 2122.811644][T11694] RSP: 002b:00007ffd964f7790 EFLAGS: 00010246 [ 2122.817786][T11694] RAX: 00000000596e4434 RBX: 00007fe8380beff8 RCX: 0000001b2de20000 [ 2122.825744][T11694] RDX: 0000000000000000 RSI: 0000001b2de20018 RDI: 000000000a0af388 [ 2122.833750][T11694] RBP: 00000000596e4434 R08: 0000000000000434 R09: 00000000596e4438 [ 2122.841704][T11694] R10: 00007ffd964f7960 R11: 0000000000000246 R12: 00007fe8380b3000 [ 2122.849711][T11694] R13: 0000000000000001 R14: 0000000000000001 R15: ffffffff83a12f6b [ 2122.857701][T11694] ? __sys_socketpair+0x2b/0x420 [ 2122.862786][T11694] [ 2122.865891][T11694] memory: usage 307192kB, limit 307200kB, failcnt 67004 [ 2122.872836][T11694] swap: usage 0kB, limit 9007199254740988kB, failcnt 0