oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=14864,uid=0
Memory cgroup out of memory: Killed process 14864 (syz-executor.2) total-vm:73108kB, anon-rss:16568kB, file-rss:35896kB, shmem-rss:0kB, UID:0 pgtables:172032kB oom_score_adj:1000
==================================================================
BUG: KCSAN: data-race in inactive_list_is_low / snapshot_refaults

read to 0xffff8880a27ccc78 of 8 bytes by task 25287 on cpu 1:
 inactive_list_is_low+0x1d4/0x450 mm/vmscan.c:2257
 shrink_list mm/vmscan.c:2280 [inline]
 shrink_node_memcg+0x599/0xf80 mm/vmscan.c:2603
 shrink_node+0x164/0xb30 mm/vmscan.c:2808
 shrink_zones mm/vmscan.c:3025 [inline]
 do_try_to_free_pages+0x242/0x940 mm/vmscan.c:3083
 try_to_free_mem_cgroup_pages+0x1fd/0x4c0 mm/vmscan.c:3383
 try_charge+0x479/0xbe0 mm/memcontrol.c:2572
 __memcg_kmem_charge_memcg+0x4a/0xe0 mm/memcontrol.c:2954
 __memcg_kmem_charge+0xde/0x240 mm/memcontrol.c:2994
 __alloc_pages_nodemask+0x26c/0x310 mm/page_alloc.c:4780
 alloc_pages_current+0xd1/0x170 mm/mempolicy.c:2192
 alloc_pages include/linux/gfp.h:532 [inline]
 __pte_alloc_one include/asm-generic/pgalloc.h:63 [inline]
 pte_alloc_one+0x18/0x50 arch/x86/mm/pgtable.c:26
 __pte_alloc+0x2d/0x220 mm/memory.c:408
 do_anonymous_page mm/memory.c:2972 [inline]
 handle_pte_fault mm/memory.c:3847 [inline]
 __handle_mm_fault+0x29a2/0x2c70 mm/memory.c:3973
 handle_mm_fault+0x21b/0x530 mm/memory.c:4010
 do_user_addr_fault arch/x86/mm/fault.c:1441 [inline]
 __do_page_fault+0x456/0x8d0 arch/x86/mm/fault.c:1506
 do_page_fault+0x38/0x194 arch/x86/mm/fault.c:1530
 page_fault+0x34/0x40 arch/x86/entry/entry_64.S:1202

write to 0xffff8880a27ccc78 of 8 bytes by task 25303 on cpu 0:
 snapshot_refaults+0x170/0x200 mm/vmscan.c:3046
 do_try_to_free_pages+0x6e8/0x940 mm/vmscan.c:3105
 try_to_free_mem_cgroup_pages+0x1fd/0x4c0 mm/vmscan.c:3383
 try_charge+0x479/0xbe0 mm/memcontrol.c:2572
 mem_cgroup_try_charge+0xd2/0x260 mm/memcontrol.c:6513
 mem_cgroup_try_charge_delay+0x3a/0x80 mm/memcontrol.c:6528
 wp_page_copy+0x322/0x1120 mm/memory.c:2333
 do_wp_page+0x192/0x11f0 mm/memory.c:2628
 handle_pte_fault mm/memory.c:3865 [inline]
 __handle_mm_fault+0x1ab1/0x2c70 mm/memory.c:3973
 handle_mm_fault+0x21b/0x530 mm/memory.c:4010
 do_user_addr_fault arch/x86/mm/fault.c:1441 [inline]
 __do_page_fault+0x456/0x8d0 arch/x86/mm/fault.c:1506
 do_page_fault+0x38/0x194 arch/x86/mm/fault.c:1530
 page_fault+0x34/0x40 arch/x86/entry/entry_64.S:1202
 copy_user_enhanced_fast_string+0xe/0x30 arch/x86/lib/copy_user_64.S:204
 copy_page_to_iter_iovec lib/iov_iter.c:211 [inline]
 copy_page_to_iter+0x254/0x8b0 lib/iov_iter.c:900
 pipe_to_user+0x71/0xc0 fs/splice.c:1248
 splice_from_pipe_feed fs/splice.c:500 [inline]
 __splice_from_pipe+0x248/0x480 fs/splice.c:624
 vmsplice_to_user fs/splice.c:1272 [inline]
 do_vmsplice.part.0+0x1c5/0x210 fs/splice.c:1350
 do_vmsplice fs/splice.c:1344 [inline]
 __do_sys_vmsplice+0x15f/0x1c0 fs/splice.c:1371
 __se_sys_vmsplice fs/splice.c:1353 [inline]
 __x64_sys_vmsplice+0x5e/0x80 fs/splice.c:1353
 do_syscall_64+0xcc/0x370 arch/x86/entry/common.c:290
 entry_SYSCALL_64_after_hwframe+0x44/0xa9

Reported by Kernel Concurrency Sanitizer on:
CPU: 0 PID: 25303 Comm: syz-executor.2 Not tainted 5.4.0-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
==================================================================