FS (loop2): no-recovery mounts must be read-only. 04:52:32 executing program 0: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', 0x0, 0x2001001, 0x0) syz_mount_image$ext4(0x0, &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x100020, &(0x7f00000001c0)=ANY=[@ANYBLOB='journav=0x0000000000000000,\x00']) setxattr$trusted_overlay_nlink(&(0x7f0000000100)='./file0\x00', &(0x7f0000000140)='trusted.overlay.nlink\x00', &(0x7f0000000180)={'L-', 0x10000}, 0x28, 0x1) 04:52:32 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, &(0x7f0000000140)={0x0, @aes256}) 04:52:32 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) [ 297.222665] syz-executor.5: vmalloc: allocation failure: 0 bytes, mode:0x14000c0(GFP_KERNEL), nodemask=(null) [ 297.241317] syz-executor.5 cpuset=syz5 mems_allowed=0-1 [ 297.260141] CPU: 0 PID: 18292 Comm: syz-executor.5 Not tainted 4.14.131 #25 04:52:32 executing program 4: syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x28001) write$evdev(0xffffffffffffffff, &(0x7f0000000280)=[{}], 0x12) [ 297.267762] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 297.277327] Call Trace: [ 297.279942] dump_stack+0x138/0x19c [ 297.283614] warn_alloc.cold+0x96/0x1af [ 297.287603] ? zone_watermark_ok_safe+0x2b0/0x2b0 [ 297.292462] ? lock_downgrade+0x6e0/0x6e0 [ 297.296846] ? avc_has_perm+0x2df/0x4b0 [ 297.300842] __vmalloc_node_range+0x3be/0x6a0 [ 297.305460] ? trace_hardirqs_on+0x10/0x10 [ 297.309789] vmalloc+0x46/0x50 [ 297.312992] ? sel_write_load+0x1a0/0x1050 [ 297.317226] sel_write_load+0x1a0/0x1050 04:52:32 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) 04:52:32 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, &(0x7f0000000140)={0x0, @aes256}) [ 297.321297] ? save_trace+0x290/0x290 [ 297.325122] ? sel_read_bool+0x240/0x240 [ 297.329626] ? trace_hardirqs_on+0x10/0x10 [ 297.333911] ? save_trace+0x290/0x290 [ 297.337721] __vfs_write+0x105/0x6b0 [ 297.341875] ? __lock_is_held+0xb6/0x140 [ 297.345953] ? sel_read_bool+0x240/0x240 [ 297.350031] ? kernel_read+0x120/0x120 [ 297.353926] ? __lock_is_held+0xb6/0x140 [ 297.358651] ? check_preemption_disabled+0x3c/0x250 [ 297.363682] ? rcu_lockdep_current_cpu_online+0xf2/0x140 [ 297.369423] ? rcu_read_lock_sched_held+0x110/0x130 [ 297.374448] ? rcu_sync_lockdep_assert+0x6d/0xb0 [ 297.379337] ? __sb_start_write+0x153/0x2f0 [ 297.383673] vfs_write+0x198/0x500 [ 297.387215] SyS_write+0xfd/0x230 [ 297.390775] ? SyS_read+0x230/0x230 [ 297.390787] ? do_syscall_64+0x53/0x640 [ 297.390799] ? SyS_read+0x230/0x230 [ 297.390808] do_syscall_64+0x1e8/0x640 [ 297.390816] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 297.390830] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 297.390838] RIP: 0033:0x4597c9 04:52:32 executing program 5: socket$inet_udplite(0x2, 0x2, 0x88) ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") r0 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000140)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r0, &(0x7f0000000000)=ANY=[], 0x0) 04:52:32 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) 04:52:32 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, &(0x7f0000000140)={0x0, @aes256}) [ 297.390843] RSP: 002b:00007fbe448e1c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 297.390852] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000004597c9 [ 297.390858] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000004 [ 297.390863] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 297.390868] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fbe448e26d4 [ 297.390874] R13: 00000000004c97d2 R14: 00000000004e0bc8 R15: 00000000ffffffff [ 297.407278] XFS (loop2): no-recovery mounts must be read-only. 04:52:32 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) [ 297.466390] syz-executor.5: vmalloc: allocation failure: 0 bytes, mode:0x14000c0(GFP_KERNEL), nodemask=(null) [ 297.486974] syz-executor.5 cpuset=syz5 mems_allowed=0-1 [ 297.528173] CPU: 1 PID: 18314 Comm: syz-executor.5 Not tainted 4.14.131 #25 [ 297.535331] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 297.545055] Call Trace: [ 297.547654] dump_stack+0x138/0x19c [ 297.551322] warn_alloc.cold+0x96/0x1af [ 297.551332] ? zone_watermark_ok_safe+0x2b0/0x2b0 [ 297.551344] ? lock_downgrade+0x6e0/0x6e0 [ 297.551359] ? avc_has_perm+0x2df/0x4b0 [ 297.551373] __vmalloc_node_range+0x3be/0x6a0 [ 297.560177] ? trace_hardirqs_on+0x10/0x10 [ 297.560190] vmalloc+0x46/0x50 [ 297.560200] ? sel_write_load+0x1a0/0x1050 [ 297.560207] sel_write_load+0x1a0/0x1050 [ 297.560216] ? save_trace+0x290/0x290 [ 297.560230] ? sel_read_bool+0x240/0x240 [ 297.565647] EXT4-fs (sda1): Unrecognized mount option "journav=0x0000000000000000" or missing value [ 297.568416] ? trace_hardirqs_on+0x10/0x10 [ 297.610527] ? save_trace+0x290/0x290 [ 297.614345] __vfs_write+0x105/0x6b0 [ 297.618068] ? __lock_is_held+0xb6/0x140 [ 297.622138] ? sel_read_bool+0x240/0x240 [ 297.626210] ? kernel_read+0x120/0x120 [ 297.630108] ? __lock_is_held+0xb6/0x140 [ 297.634180] ? check_preemption_disabled+0x3c/0x250 [ 297.639214] ? rcu_lockdep_current_cpu_online+0xf2/0x140 [ 297.644680] ? rcu_read_lock_sched_held+0x110/0x130 [ 297.650034] ? rcu_sync_lockdep_assert+0x6d/0xb0 [ 297.654806] ? __sb_start_write+0x153/0x2f0 [ 297.659150] vfs_write+0x198/0x500 [ 297.662706] SyS_write+0xfd/0x230 [ 297.666363] ? SyS_read+0x230/0x230 [ 297.670019] ? do_syscall_64+0x53/0x640 [ 297.674077] ? SyS_read+0x230/0x230 [ 297.677776] do_syscall_64+0x1e8/0x640 [ 297.681643] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 297.686473] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 297.691648] RIP: 0033:0x4597c9 [ 297.695756] RSP: 002b:00007fbe448e1c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 297.703471] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000004597c9 [ 297.711259] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000004 [ 297.718885] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 04:52:32 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) 04:52:32 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, &(0x7f0000000140)={0x0, @aes256}) [ 297.726140] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fbe448e26d4 [ 297.733398] R13: 00000000004c97d2 R14: 00000000004e0bc8 R15: 00000000ffffffff [ 297.806777] warn_alloc_show_mem: 1 callbacks suppressed [ 297.806781] Mem-Info: [ 297.822846] active_anon:119560 inactive_anon:1224 isolated_anon:0 [ 297.822846] active_file:8239 inactive_file:12542 isolated_file:0 [ 297.822846] unevictable:0 dirty:109 writeback:0 unstable:0 [ 297.822846] slab_reclaimable:12393 slab_unreclaimable:108410 [ 297.822846] mapped:59013 shmem:2594 pagetables:1102 bounce:0 [ 297.822846] free:1273531 free_pcp:365 free_cma:0 [ 297.863374] Node 0 active_anon:478240kB inactive_anon:4896kB active_file:32816kB inactive_file:50168kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:236052kB dirty:432kB writeback:0kB shmem:10376kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 399360kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 297.898637] EXT4-fs (sda1): Unrecognized mount option "journav=0x0000000000000000" or missing value [ 297.900633] Node 1 active_anon:0kB inactive_anon:0kB active_file:140kB inactive_file:0kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:4kB writeback:0kB shmem:0kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 297.936964] Node 0 DMA free:15908kB min:216kB low:268kB high:320kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 297.963447] lowmem_reserve[]: 0 2580 2580 2580 [ 297.968090] Node 0 DMA32 free:1292104kB min:36468kB low:45584kB high:54700kB active_anon:478140kB inactive_anon:4896kB active_file:32816kB inactive_file:50168kB unevictable:0kB writepending:432kB present:3129332kB managed:2644912kB mlocked:0kB kernel_stack:7392kB pagetables:4408kB bounce:0kB free_pcp:1096kB local_pcp:572kB free_cma:0kB [ 297.999722] lowmem_reserve[]: 0 0 0 0 04:52:32 executing program 0: r0 = syz_open_dev$amidi(&(0x7f0000000100)='/dev/amidi#\x00', 0x101, 0xc0000) ioctl$UI_SET_MSCBIT(r0, 0x40045568, 0x2a) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', 0x0, 0x2001001, 0x0) syz_mount_image$ext4(0x0, &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x100020, &(0x7f0000000040)={[{@journal_dev={'journal_dev'}}]}) 04:52:32 executing program 4: syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x28001) write$evdev(0xffffffffffffffff, &(0x7f0000000280)=[{}], 0x12) 04:52:32 executing program 2: syz_mount_image$xfs(&(0x7f0000000000)='xfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000002680)=ANY=[]) 04:52:32 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, &(0x7f0000000140)={0x0, @aes256}) 04:52:32 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) [ 298.003766] Node 0 Normal free:0kB min:0kB low:0kB high:0kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:0kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 298.039151] lowmem_reserve[]: 0 0 0 0 04:52:33 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, &(0x7f0000000140)={0x0, @aes256}) [ 298.047898] Node 1 Normal free:3786832kB min:53420kB low:66772kB high:80124kB active_anon:0kB inactive_anon:0kB active_file:140kB inactive_file:0kB unevictable:0kB writepending:4kB present:3932160kB managed:3870208kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 298.119086] lowmem_reserve[]: 0 0 0 0 [ 298.128371] Node 0 DMA: 1*4kB (U) 0*8kB 0*16kB 1*32kB (U) 2*64kB (U) 1*128kB (U) 1*256kB (U) 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15908kB [ 298.150911] Node 0 DMA32: 7830*4kB (UME) 1204*8kB (UME) 2695*16kB (UM) 1803*32kB (UME) 768*64kB (UM) 83*128kB (UM) 10*256kB (UME) 3*512kB (ME) 2*1024kB (UE) 4*2048kB (UME) 263*4096kB (M) = 1293128kB [ 298.169877] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 298.181355] Node 1 Normal: 48*4kB (UE) 360*8kB (UME) 279*16kB (UME) 53*32kB (UME) 17*64kB (UME) 12*128kB (UE) 4*256kB (UM) 3*512kB (UE) 2*1024kB (ME) 5*2048kB (UME) 918*4096kB (M) = 3786832kB [ 298.199801] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 298.218946] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 298.228006] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 298.240666] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 298.249535] 23380 total pagecache pages [ 298.249548] XFS (loop2): Invalid superblock magic number [ 298.253925] 0 pages in swap cache [ 298.265072] Swap cache stats: add 0, delete 0, find 0/0 04:52:33 executing program 5: socket$inet_udplite(0x2, 0x2, 0x88) ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") r0 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000140)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r0, &(0x7f0000000000)=ANY=[], 0x0) 04:52:33 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) 04:52:33 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, &(0x7f0000000140)={0x0, @aes256}) 04:52:33 executing program 4: syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x28001) write$evdev(0xffffffffffffffff, &(0x7f0000000280)=[{}], 0x12) [ 298.271044] Free swap = 0kB [ 298.274218] Total swap = 0kB [ 298.277489] 1965979 pages RAM [ 298.281195] 0 pages HighMem/MovableOnly [ 298.285288] 333222 pages reserved [ 298.288792] 0 pages cma reserved 04:52:33 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) 04:52:33 executing program 4: syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x28001) write$evdev(0xffffffffffffffff, &(0x7f0000000280)=[{}], 0x12) 04:52:33 executing program 0: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) r0 = syz_open_dev$swradio(&(0x7f0000000240)='/dev/swradio#\x00', 0x0, 0x2) ioctl$VIDIOC_G_EXT_CTRLS(r0, 0xc0205647, &(0x7f0000000300)={0xfffffff, 0x0, 0x2, [], &(0x7f00000002c0)={0x9a091d, 0x1, [], @string=&(0x7f0000000280)=0x7000000000}}) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', 0x0, 0x2001001, 0x0) mount$bpf(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000140)='bpf\x00', 0x1, &(0x7f0000000340)=ANY=[@ANYBLOB="6d6f64653d30303030303030303030303030303030303030303031302c6d6f64653d303030303030302c61707072616973655f747970653d696d617369672c646f6e745f61707072616973652c66736d616769633d3078303030303030303030303030303030392c61707072616973652c19d0c0b9a799bc8cc0a35c3e038ff96e6636b4c5323c968635af34a7a994adb1103a0bff31c649f43cccfd2e1a445fbda54783bc225a3b807dabb5628d2cff2195d70ab7a9e9f666b36822316a45cfa60229f06cc04dcfb3ab0e3f2e1e6e51edbc7e3d32ffbe333e7ca049a1b654502199bce70068e70561c33758155a9e6606d9362cc7327fee60bdd122c985014d95802c0611f951050705b12b6e440a0ac3309a1e949f1cd8e61ec40a52ca4b92baa078860045efc1de53cb423298302081c80adc3a8392a234d8976ce771febb67a9c6a00165e46c2f9772ee86f12d6e60eec35bb00d91e06ad84f540a92b2d4dc619b88868d4910410504c4dd7600"/382]) syz_mount_image$ext4(0x0, &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x100020, &(0x7f0000000040)={[{@journal_dev={'journal_dev'}}]}) 04:52:33 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, &(0x7f0000000140)={0x0, @aes256}) [ 298.349928] syz-executor.5: vmalloc: allocation failure: 0 bytes, mode:0x14000c0(GFP_KERNEL), nodemask=(null) [ 298.409125] syz-executor.5 cpuset=syz5 mems_allowed=0-1 [ 298.414794] CPU: 1 PID: 18388 Comm: syz-executor.5 Not tainted 4.14.131 #25 [ 298.422215] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 298.434288] Call Trace: [ 298.436901] dump_stack+0x138/0x19c [ 298.440799] warn_alloc.cold+0x96/0x1af [ 298.444849] ? zone_watermark_ok_safe+0x2b0/0x2b0 [ 298.450374] ? lock_downgrade+0x6e0/0x6e0 [ 298.454615] ? avc_has_perm+0x2df/0x4b0 [ 298.458582] __vmalloc_node_range+0x3be/0x6a0 [ 298.463067] ? trace_hardirqs_on+0x10/0x10 [ 298.468434] vmalloc+0x46/0x50 [ 298.472082] ? sel_write_load+0x1a0/0x1050 [ 298.476389] sel_write_load+0x1a0/0x1050 [ 298.480446] ? save_trace+0x290/0x290 [ 298.484244] ? sel_read_bool+0x240/0x240 [ 298.488328] ? trace_hardirqs_on+0x10/0x10 [ 298.492553] ? save_trace+0x290/0x290 [ 298.496342] __vfs_write+0x105/0x6b0 [ 298.500044] ? __lock_is_held+0xb6/0x140 [ 298.504097] ? sel_read_bool+0x240/0x240 [ 298.508173] ? kernel_read+0x120/0x120 [ 298.512077] ? __lock_is_held+0xb6/0x140 [ 298.516152] ? check_preemption_disabled+0x3c/0x250 [ 298.521159] ? rcu_lockdep_current_cpu_online+0xf2/0x140 [ 298.526614] ? rcu_read_lock_sched_held+0x110/0x130 [ 298.531975] ? rcu_sync_lockdep_assert+0x6d/0xb0 [ 298.536721] ? __sb_start_write+0x153/0x2f0 [ 298.541061] vfs_write+0x198/0x500 [ 298.544620] SyS_write+0xfd/0x230 [ 298.548071] ? SyS_read+0x230/0x230 [ 298.551702] ? do_syscall_64+0x53/0x640 [ 298.556095] ? SyS_read+0x230/0x230 [ 298.559716] do_syscall_64+0x1e8/0x640 [ 298.563597] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 298.568590] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 298.573770] RIP: 0033:0x4597c9 [ 298.577169] RSP: 002b:00007fbe448e1c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 298.585123] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000004597c9 [ 298.592378] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000004 [ 298.599650] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 04:52:33 executing program 2: syz_mount_image$xfs(&(0x7f0000000040)='xfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000002680)=ANY=[@ANYBLOB='norecovery,biosize=00000000000000000007,logdev=.']) r0 = syz_open_dev$media(&(0x7f0000000140)='/dev/media#\x00', 0xe31, 0x2000) unlinkat(r0, &(0x7f00000000c0)='./file0\x00', 0x0) ioctl$TIOCLINUX4(r0, 0x541c, &(0x7f0000000000)) 04:52:33 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) 04:52:33 executing program 5: socket$inet_udplite(0x2, 0x2, 0x88) ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") r0 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000140)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r0, &(0x7f0000000000)=ANY=[], 0x0) [ 298.606908] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fbe448e26d4 [ 298.614197] R13: 00000000004c97d2 R14: 00000000004e0bc8 R15: 00000000ffffffff 04:52:33 executing program 4: syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x28001) write$evdev(0xffffffffffffffff, &(0x7f0000000280)=[{}], 0x12) 04:52:33 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, &(0x7f0000000140)={0x0, @aes256}) 04:52:33 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) [ 298.739682] syz-executor.5: vmalloc: allocation failure: 0 bytes, mode:0x14000c0(GFP_KERNEL), nodemask=(null) [ 298.751963] syz-executor.5 cpuset=syz5 mems_allowed=0-1 [ 298.777409] CPU: 1 PID: 18409 Comm: syz-executor.5 Not tainted 4.14.131 #25 04:52:33 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) [ 298.784562] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 298.793922] Call Trace: [ 298.796518] dump_stack+0x138/0x19c [ 298.800155] warn_alloc.cold+0x96/0x1af [ 298.804151] ? zone_watermark_ok_safe+0x2b0/0x2b0 [ 298.809009] ? lock_downgrade+0x6e0/0x6e0 [ 298.813176] ? avc_has_perm+0x2df/0x4b0 [ 298.817165] __vmalloc_node_range+0x3be/0x6a0 [ 298.821683] ? trace_hardirqs_on+0x10/0x10 [ 298.825947] vmalloc+0x46/0x50 [ 298.829146] ? sel_write_load+0x1a0/0x1050 [ 298.833386] sel_write_load+0x1a0/0x1050 04:52:33 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) 04:52:33 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, &(0x7f0000000140)={0x0, @aes256}) [ 298.837543] ? save_trace+0x290/0x290 [ 298.841350] ? sel_read_bool+0x240/0x240 [ 298.841364] ? trace_hardirqs_on+0x10/0x10 [ 298.841380] ? save_trace+0x290/0x290 [ 298.849764] __vfs_write+0x105/0x6b0 [ 298.857344] ? __lock_is_held+0xb6/0x140 [ 298.861504] ? sel_read_bool+0x240/0x240 [ 298.865576] ? kernel_read+0x120/0x120 [ 298.869476] ? __lock_is_held+0xb6/0x140 [ 298.873641] ? check_preemption_disabled+0x3c/0x250 [ 298.878733] ? rcu_lockdep_current_cpu_online+0xf2/0x140 [ 298.884222] ? rcu_read_lock_sched_held+0x110/0x130 04:52:33 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) [ 298.889366] ? rcu_sync_lockdep_assert+0x6d/0xb0 [ 298.889378] ? __sb_start_write+0x153/0x2f0 [ 298.889392] vfs_write+0x198/0x500 [ 298.889405] SyS_write+0xfd/0x230 [ 298.889415] ? SyS_read+0x230/0x230 [ 298.905600] ? do_syscall_64+0x53/0x640 [ 298.913176] ? SyS_read+0x230/0x230 [ 298.916992] do_syscall_64+0x1e8/0x640 [ 298.921069] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 298.925960] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 298.931163] RIP: 0033:0x4597c9 [ 298.934357] RSP: 002b:00007fbe448e1c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 298.942085] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000004597c9 [ 298.949361] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000004 [ 298.956640] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 298.964115] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fbe448e26d4 [ 298.971396] R13: 00000000004c97d2 R14: 00000000004e0bc8 R15: 00000000ffffffff [ 298.980897] warn_alloc_show_mem: 1 callbacks suppressed [ 298.980900] Mem-Info: [ 298.988732] active_anon:120088 inactive_anon:1223 isolated_anon:0 [ 298.988732] active_file:8239 inactive_file:12559 isolated_file:0 [ 298.988732] unevictable:0 dirty:129 writeback:0 unstable:0 [ 298.988732] slab_reclaimable:12395 slab_unreclaimable:108360 [ 298.988732] mapped:59052 shmem:2594 pagetables:1120 bounce:0 [ 298.988732] free:1272777 free_pcp:240 free_cma:0 [ 299.023833] Node 0 active_anon:480352kB inactive_anon:4892kB active_file:32816kB inactive_file:50236kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:236208kB dirty:512kB writeback:0kB shmem:10376kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 395264kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 299.053152] Node 1 active_anon:0kB inactive_anon:0kB active_file:140kB inactive_file:0kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:4kB writeback:0kB shmem:0kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 299.079623] Node 0 DMA free:15908kB min:216kB low:268kB high:320kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 299.107490] lowmem_reserve[]: 0 2580 2580 2580 04:52:34 executing program 0: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', 0x0, 0x2001001, 0x0) syz_mount_image$ext4(0x0, &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x100020, &(0x7f0000000040)=ANY=[@ANYBLOB="6a6f75726e616c5f6465763d307830301f00303030303030303030302c00"]) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) getsockopt$inet_IP_XFRM_POLICY(r1, 0x0, 0x11, &(0x7f0000000300)={{{@in=@remote, @in=@broadcast, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@remote}}}, &(0x7f0000000400)=0xe8) sendmsg$nl_crypto(r0, &(0x7f0000000640)={&(0x7f00000004c0)={0x10, 0x0, 0x0, 0x852}, 0xc, &(0x7f0000000600)={&(0x7f0000000500)=@upd={0xe0, 0x12, 0x200, 0x70bd28, 0x10000, {{'rfc7539(ctr(serpent),sha512-avx)\x00'}, [], [], 0x2400, 0x2000}}, 0xe0}, 0x1, 0x0, 0x0, 0x24000010}, 0x80) syz_mount_image$xfs(&(0x7f00000001c0)='xfs\x00', &(0x7f0000000200)='./file0\x00', 0xfffffffffffffffa, 0x1, &(0x7f00000002c0)=[{&(0x7f0000000240)="610117c77767e59130f6a54c75b4368d4210fb21a9bdf93f4480b67cdfbebbd07bdd048cb816e498a056a7d85126e78f4fee336e53f6b10d74de8ee32750ed2e8bccf965433765a6524a031bdae6f9c2e67569391b4d9093b6c8d81f45657a856575abf125", 0x65, 0x8}], 0x2040001, &(0x7f0000000440)={[{@allocsize={'allocsize', 0x3d, [0x7f, 0x7f, 0x70, 0x71]}}, {@inode32='inode32'}, {@nolargeio='nolargeio'}, {@inode32='inode32'}, {@qnoenforce='qnoenforce'}, {@uquota='uquota'}], [{@pcr={'pcr', 0x3d, 0x1a}}, {@euid_lt={'euid<', r2}}]}) getsockname$packet(r0, &(0x7f0000000140)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @local}, &(0x7f0000000180)=0x14) 04:52:34 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, &(0x7f0000000140)={0x0, @aes256}) [ 299.121319] Node 0 DMA32 free:1288052kB min:36468kB low:45584kB high:54700kB active_anon:482384kB inactive_anon:4888kB active_file:32816kB inactive_file:50236kB unevictable:0kB writepending:512kB present:3129332kB managed:2644912kB mlocked:0kB kernel_stack:7552kB pagetables:4592kB bounce:0kB free_pcp:1100kB local_pcp:444kB free_cma:0kB [ 299.166814] lowmem_reserve[]: 0 0 0 [ 299.183614] 0 [ 299.186773] Node 0 Normal free:0kB min:0kB low:0kB high:0kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:0kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 299.208048] XFS (loop2): no-recovery mounts must be read-only. [ 299.226081] lowmem_reserve[]: 0 0 0 0 [ 299.234803] Node 1 Normal free:3786832kB min:53420kB low:66772kB high:80124kB active_anon:0kB inactive_anon:0kB active_file:140kB inactive_file:0kB unevictable:0kB writepending:4kB present:3932160kB managed:3870208kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 299.263443] lowmem_reserve[]: 0 0 0 0 [ 299.267360] Node 0 DMA: 1*4kB (U) 0*8kB 0*16kB 1*32kB (U) 2*64kB (U) 1*128kB (U) 1*256kB (U) 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15908kB [ 299.281427] Node 0 DMA32: 7768*4kB (UM) 1269*8kB (UME) 2678*16kB (UM) 1807*32kB (UME) 768*64kB (UM) 83*128kB (UM) 10*256kB (UME) 3*512kB (ME) 2*1024kB (UE) 4*2048kB (UME) 263*4096kB (M) = 1293256kB [ 299.299414] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 299.310583] Node 1 Normal: 48*4kB (UE) 360*8kB (UME) 279*16kB (UME) 53*32kB (UME) 17*64kB (UME) 12*128kB (UE) 4*256kB (UM) 3*512kB (UE) 2*1024kB (ME) 5*2048kB (UME) 918*4096kB (M) = 3786832kB [ 299.329458] XFS (loop2): no-recovery mounts must be read-only. [ 299.340807] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 299.349778] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 299.359644] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 299.368907] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 299.378156] 23397 total pagecache pages 04:52:34 executing program 2: syz_mount_image$xfs(&(0x7f0000000040)='xfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0xffffffffffffff25, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="6e6f726563d96f766572792c62696f73697a653d303030303030303030303030303030303030372c6c6f676465763d3e6af1fd2c8394a7ea2bdc7f0689f6bf8e5b002b6fbb2e6d922eb6ff3fe8ffd6ddda9100"]) r0 = openat$proc_capi20ncci(0xffffffffffffff9c, &(0x7f0000000000)='/proc/capi/capi20ncci\x00', 0x2002, 0x0) sendmsg$rds(r0, &(0x7f0000002300)={0x0, 0x0, &(0x7f0000000340)=[{&(0x7f0000000140)=""/185, 0xb9}, {&(0x7f0000000200)=""/22, 0x16}, {&(0x7f0000000240)=""/221, 0xdd}], 0x3, &(0x7f0000002180)=[@rdma_args={0x48, 0x114, 0x1, {{0x101, 0x401}, {&(0x7f0000000380)=""/161, 0xa1}, &(0x7f00000004c0)=[{&(0x7f0000000440)=""/125, 0x7d}], 0x1, 0x40}}, @rdma_args={0x48, 0x114, 0x1, {{0x4, 0x7fff}, {&(0x7f0000000500)=""/17, 0x11}, &(0x7f00000019c0)=[{&(0x7f0000000540)=""/78, 0x4e}, {&(0x7f00000005c0)=""/161, 0xa1}, {&(0x7f0000000680)=""/88, 0x58}, {&(0x7f0000000700)=""/142, 0x8e}, {&(0x7f00000007c0)=""/195, 0xc3}, {&(0x7f00000008c0)=""/132, 0x84}, {&(0x7f0000000980)=""/4096, 0x1000}, {&(0x7f0000001980)}], 0x8, 0x13, 0xa6}}, @mask_fadd={0x58, 0x114, 0x8, {{0x3, 0x8}, &(0x7f0000001a40)=0x55, &(0x7f0000001a80)=0x9, 0x9, 0x4d, 0x1, 0x9, 0x0, 0xfffffffffffff000}}, @rdma_map={0x30, 0x114, 0x3, {{&(0x7f0000001ac0)=""/22, 0x16}, &(0x7f0000001b00), 0x20}}, @rdma_args={0x48, 0x114, 0x1, {{0x5, 0x4}, {&(0x7f0000001b40)=""/4, 0x4}, &(0x7f00000020c0)=[{&(0x7f0000001b80)=""/141, 0x8d}, {&(0x7f0000001c40)=""/54, 0x36}, {&(0x7f0000001c80)=""/69, 0x45}, {&(0x7f0000001d00)=""/199, 0xc7}, {&(0x7f0000001e00)=""/138, 0x8a}, {&(0x7f0000001ec0)=""/197, 0xc5}, {&(0x7f0000001fc0)=""/18, 0x12}, {&(0x7f0000002000)=""/123, 0x7b}, {&(0x7f0000002080)=""/45, 0x2d}], 0x9, 0x1, 0xab}}], 0x160, 0x800}, 0x80) socket$inet_udp(0x2, 0x2, 0x0) openat$selinux_enforce(0xffffffffffffff9c, &(0x7f0000001980)='/selinux/enforce\x00', 0x80, 0x0) 04:52:34 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) [ 299.396737] 0 pages in swap cache [ 299.413574] Swap cache stats: add 0, delete 0, find 0/0 [ 299.419074] Free swap = 0kB [ 299.439814] Total swap = 0kB [ 299.447917] 1965979 pages RAM [ 299.454597] 0 pages HighMem/MovableOnly [ 299.463628] EXT4-fs: 2 callbacks suppressed [ 299.463636] EXT4-fs (sda1): Unrecognized mount option "journal_dev=0x00" or missing value [ 299.484050] 333222 pages reserved 04:52:34 executing program 5: socket$inet_udplite(0x2, 0x2, 0x88) ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") r0 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000140)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r0, &(0x7f0000000000)=ANY=[], 0x0) 04:52:34 executing program 4: syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x28001) write$evdev(0xffffffffffffffff, &(0x7f0000000280)=[{}], 0x12) 04:52:34 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, &(0x7f0000000140)={0x0, @aes256}) 04:52:34 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) 04:52:34 executing program 2: syz_mount_image$xfs(&(0x7f0000000040)='xfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000002680)=ANY=[@ANYBLOB='norecovery,biosize=00000000000000000007,logdev=.']) r0 = openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000)='/dev/btrfs-control\x00', 0x20040000, 0x0) getsockopt$IP6T_SO_GET_ENTRIES(r0, 0x29, 0x41, &(0x7f00000000c0)=ANY=[@ANYBLOB="6d616e676c650000000000000000000000000000000000000000000000000000e80000005bf3f1cd248b90a180416921597d9c438f392977bd94602ada0c171cc754527b0c74da1625dc5b2c2869813c614f1c865e8acf0e2a9c31eababca4b6c5cc45d6f6b5c8da708a32bee37e4cf0a880fc6cc7a758c009a4ad9f6239cae250668fbcc7dd05fae36c62998fb3739d9c18528b555046033b883f7a0e7ed791b283e87664778bc18d54d0a501092a0c0fa5e955697f21d0ccb84cf745fd0172aee3acb7042b00c861d2ee722b31c48f76f2e1c193a847238a5a42c8cae5bbe277dc93604ef07e6fa5a5fd640cab4fe9ec833bf9a5f525a2daa8cc9a1085a4fcec55e3a3d5eed9ff2019b55c"], &(0x7f0000000200)=0x10c) ioctl$BINDER_SET_CONTEXT_MGR(r0, 0x40046207, 0x0) [ 299.487721] 0 pages cma reserved 04:52:34 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) 04:52:34 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, &(0x7f0000000140)={0x0, @aes256}) 04:52:34 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) [ 299.575809] EXT4-fs (sda1): Unrecognized mount option "journal_dev=0x00" or missing value [ 299.586480] syz-executor.5: vmalloc: allocation failure: 0 bytes, mode:0x14000c0(GFP_KERNEL), nodemask=(null) [ 299.587036] XFS (loop2): no-recovery mounts must be read-only. [ 299.629977] syz-executor.5 cpuset=syz5 mems_allowed=0-1 [ 299.636488] CPU: 1 PID: 18471 Comm: syz-executor.5 Not tainted 4.14.131 #25 [ 299.643597] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 299.653492] Call Trace: [ 299.656093] dump_stack+0x138/0x19c [ 299.659721] warn_alloc.cold+0x96/0x1af [ 299.664138] ? zone_watermark_ok_safe+0x2b0/0x2b0 [ 299.670883] ? lock_downgrade+0x6e0/0x6e0 [ 299.675383] ? avc_has_perm+0x2df/0x4b0 [ 299.679452] __vmalloc_node_range+0x3be/0x6a0 [ 299.684658] ? trace_hardirqs_on+0x10/0x10 [ 299.689200] vmalloc+0x46/0x50 [ 299.692536] ? sel_write_load+0x1a0/0x1050 [ 299.697516] sel_write_load+0x1a0/0x1050 [ 299.702740] ? save_trace+0x290/0x290 [ 299.706557] ? sel_read_bool+0x240/0x240 [ 299.712072] ? trace_hardirqs_on+0x10/0x10 [ 299.716455] ? save_trace+0x290/0x290 [ 299.721306] __vfs_write+0x105/0x6b0 [ 299.725216] ? __lock_is_held+0xb6/0x140 [ 299.729268] ? sel_read_bool+0x240/0x240 [ 299.734537] ? kernel_read+0x120/0x120 [ 299.738441] ? __lock_is_held+0xb6/0x140 [ 299.742505] ? check_preemption_disabled+0x3c/0x250 [ 299.747821] ? rcu_lockdep_current_cpu_online+0xf2/0x140 [ 299.753268] ? rcu_read_lock_sched_held+0x110/0x130 [ 299.758275] ? rcu_sync_lockdep_assert+0x6d/0xb0 [ 299.763017] ? __sb_start_write+0x153/0x2f0 [ 299.767328] vfs_write+0x198/0x500 [ 299.770856] SyS_write+0xfd/0x230 [ 299.774479] ? SyS_read+0x230/0x230 [ 299.778095] ? do_syscall_64+0x53/0x640 [ 299.782096] ? SyS_read+0x230/0x230 [ 299.785721] do_syscall_64+0x1e8/0x640 [ 299.789591] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 299.794433] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 299.799624] RIP: 0033:0x4597c9 [ 299.802802] RSP: 002b:00007fbe448e1c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 299.810598] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000004597c9 [ 299.818495] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000004 04:52:34 executing program 0: r0 = openat$selinux_status(0xffffffffffffff9c, &(0x7f0000000180)='/selinux/status\x00', 0x0, 0x0) setsockopt$inet_sctp6_SCTP_AUTOCLOSE(r0, 0x84, 0x4, &(0x7f00000001c0)=0x3cab, 0x4) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', 0x0, 0x2001001, 0x0) r1 = openat$proc_capi20ncci(0xffffffffffffff9c, &(0x7f0000000100)='/proc/capi/capi20ncci\x00', 0x40040, 0x0) ioctl$sock_inet_sctp_SIOCINQ(r1, 0x541b, &(0x7f0000000140)) syz_mount_image$ext4(0x0, &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x100020, &(0x7f0000000040)=ANY=[@ANYBLOB="6a6f75726ec86c5f6465763d3078303030303030303030303030303030302f00"]) 04:52:34 executing program 4: syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x28001) write$evdev(0xffffffffffffffff, &(0x7f0000000280)=[{}], 0x12) 04:52:34 executing program 5: socket$inet_udplite(0x2, 0x2, 0x88) ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") r0 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000140)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r0, &(0x7f0000000000)=ANY=[], 0x0) [ 299.825761] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 299.833032] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fbe448e26d4 [ 299.840297] R13: 00000000004c97d2 R14: 00000000004e0bc8 R15: 00000000ffffffff 04:52:34 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, &(0x7f0000000140)={0x0, @aes256}) 04:52:34 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) [ 299.917408] XFS (loop2): no-recovery mounts must be read-only. [ 299.942500] syz-executor.5: vmalloc: allocation failure: 0 bytes, mode:0x14000c0(GFP_KERNEL), nodemask=(null) 04:52:34 executing program 2: syz_mount_image$xfs(&(0x7f0000000040)='xfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000002680)=ANY=[@ANYBLOB="6e6f7265636f766572792c62696f73697a654e30303030303030303030303016801b63a3d651d087161f676465763d2e"]) [ 299.989392] syz-executor.5 cpuset=syz5 mems_allowed=0-1 [ 300.007785] CPU: 1 PID: 18495 Comm: syz-executor.5 Not tainted 4.14.131 #25 [ 300.014948] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 300.025262] Call Trace: [ 300.027973] dump_stack+0x138/0x19c [ 300.031714] warn_alloc.cold+0x96/0x1af 04:52:34 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) [ 300.035714] ? zone_watermark_ok_safe+0x2b0/0x2b0 [ 300.040847] ? lock_downgrade+0x6e0/0x6e0 [ 300.040867] ? avc_has_perm+0x2df/0x4b0 [ 300.040881] __vmalloc_node_range+0x3be/0x6a0 [ 300.040892] ? trace_hardirqs_on+0x10/0x10 [ 300.040904] vmalloc+0x46/0x50 [ 300.049383] ? sel_write_load+0x1a0/0x1050 [ 300.049392] sel_write_load+0x1a0/0x1050 [ 300.049405] ? save_trace+0x290/0x290 [ 300.049421] ? sel_read_bool+0x240/0x240 [ 300.049432] ? trace_hardirqs_on+0x10/0x10 04:52:35 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) 04:52:35 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) [ 300.064804] XFS (loop2): unknown mount option [biosizeN000000000000€c£ÖQЇgdev=.]. [ 300.065949] ? save_trace+0x290/0x290 [ 300.065966] __vfs_write+0x105/0x6b0 [ 300.065978] ? __lock_is_held+0xb6/0x140 [ 300.078614] ? sel_read_bool+0x240/0x240 [ 300.078629] ? kernel_read+0x120/0x120 [ 300.091133] ? __lock_is_held+0xb6/0x140 [ 300.091145] ? check_preemption_disabled+0x3c/0x250 [ 300.091158] ? rcu_lockdep_current_cpu_online+0xf2/0x140 [ 300.091170] ? rcu_read_lock_sched_held+0x110/0x130 [ 300.091178] ? rcu_sync_lockdep_assert+0x6d/0xb0 04:52:35 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) [ 300.091188] ? __sb_start_write+0x153/0x2f0 [ 300.091201] vfs_write+0x198/0x500 [ 300.091215] SyS_write+0xfd/0x230 [ 300.091226] ? SyS_read+0x230/0x230 [ 300.091235] ? do_syscall_64+0x53/0x640 [ 300.091244] ? SyS_read+0x230/0x230 [ 300.091253] do_syscall_64+0x1e8/0x640 [ 300.091269] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 300.106228] EXT4-fs (sda1): Unrecognized mount option "journÈl_dev=0x0000000000000000/" or missing value [ 300.107106] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 300.107116] RIP: 0033:0x4597c9 04:52:35 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, &(0x7f0000000140)={0x0, @aes256}) [ 300.107122] RSP: 002b:00007fbe448e1c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 300.107133] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000004597c9 [ 300.107138] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000004 [ 300.107148] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 04:52:35 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, &(0x7f0000000140)={0x0, @aes256}) [ 300.156707] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fbe448e26d4 [ 300.179500] R13: 00000000004c97d2 R14: 00000000004e0bc8 R15: 00000000ffffffff [ 300.198612] warn_alloc_show_mem: 1 callbacks suppressed [ 300.198616] Mem-Info: [ 300.268859] active_anon:121146 inactive_anon:1221 isolated_anon:0 [ 300.268859] active_file:8239 inactive_file:12574 isolated_file:0 [ 300.268859] unevictable:0 dirty:156 writeback:0 unstable:0 [ 300.268859] slab_reclaimable:12395 slab_unreclaimable:108310 [ 300.268859] mapped:59062 shmem:2594 pagetables:1191 bounce:0 [ 300.268859] free:1271821 free_pcp:134 free_cma:0 [ 300.331446] EXT4-fs (sda1): Unrecognized mount option "journÈl_dev=0x0000000000000000/" or missing value [ 300.377443] Node 0 active_anon:480560kB inactive_anon:4884kB active_file:32816kB inactive_file:50296kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:236248kB dirty:620kB writeback:0kB shmem:10376kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 399360kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 300.407691] Node 1 active_anon:0kB inactive_anon:0kB active_file:140kB inactive_file:0kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:4kB writeback:0kB shmem:0kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 300.434580] Node 0 DMA free:15908kB min:216kB low:268kB high:320kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 300.463239] lowmem_reserve[]: 0 2580 2580 2580 04:52:35 executing program 0: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', 0x0, 0x2001001, 0x0) r0 = syz_open_dev$vcsn(&(0x7f0000000100)='/dev/vcs#\x00', 0x0, 0x0) ioctl$SNDRV_RAWMIDI_IOCTL_DROP(r0, 0x40045730, &(0x7f0000000140)=0x7) syz_mount_image$ext4(0x0, &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x100020, &(0x7f0000000040)=ANY=[@ANYBLOB="6a6f75726e616c5f6465763d3078303030020000000000000030303030302c00"]) 04:52:35 executing program 4: syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x28001) write$evdev(0xffffffffffffffff, &(0x7f0000000280)=[{}], 0x12) [ 300.467945] Node 0 DMA32 free:1293032kB min:36468kB low:45584kB high:54700kB active_anon:478280kB inactive_anon:4872kB active_file:32816kB inactive_file:50296kB unevictable:0kB writepending:620kB present:3129332kB managed:2644912kB mlocked:0kB kernel_stack:7392kB pagetables:4588kB bounce:0kB free_pcp:1288kB local_pcp:624kB free_cma:0kB [ 300.504423] XFS (loop2): unknown mount option [biosizeN000000000000€c£ÖQЇgdev=.]. [ 300.513326] lowmem_reserve[]: 0 0 0 0 [ 300.518176] Node 0 Normal free:0kB min:0kB low:0kB high:0kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:0kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 300.544101] lowmem_reserve[]: 0 0 0 0 [ 300.548039] Node 1 Normal free:3786832kB min:53420kB low:66772kB high:80124kB active_anon:0kB inactive_anon:0kB active_file:140kB inactive_file:0kB unevictable:0kB writepending:4kB present:3932160kB managed:3870208kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 300.577193] lowmem_reserve[]: 0 0 0 0 [ 300.581205] Node 0 DMA: 1*4kB (U) 0*8kB 0*16kB 1*32kB (U) 2*64kB (U) 1*128kB (U) 1*256kB (U) 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15908kB [ 300.596259] Node 0 DMA32: 7706*4kB (UME) 1136*8kB (UME) 2684*16kB (UM) 1801*32kB (UME) 769*64kB (UM) 83*128kB (UM) 10*256kB (UME) 3*512kB (ME) 2*1024kB (UE) 5*2048kB (UME) 262*4096kB (M) = 1289864kB [ 300.617439] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 300.633793] Node 1 Normal: 48*4kB (UE) 360*8kB (UME) 279*16kB (UME) 53*32kB (UME) 17*64kB (UME) 12*128kB (UE) 4*256kB (UM) 3*512kB (UE) 2*1024kB (ME) 5*2048kB (UME) 918*4096kB (M) = 3786832kB [ 300.653257] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 300.663392] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 300.674140] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 300.695009] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 300.704106] 23411 total pagecache pages [ 300.708445] 0 pages in swap cache [ 300.711985] Swap cache stats: add 0, delete 0, find 0/0 [ 300.717580] Free swap = 0kB [ 300.721125] Total swap = 0kB [ 300.724160] 1965979 pages RAM 04:52:35 executing program 5: socket$inet_udplite(0x2, 0x2, 0x88) ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") r0 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000140)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r0, &(0x7f0000000000)=ANY=[], 0x0) 04:52:35 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, &(0x7f0000000140)={0x0, @aes256}) 04:52:35 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) 04:52:35 executing program 4: syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x28001) write$evdev(0xffffffffffffffff, &(0x7f0000000280)=[{}], 0x12) 04:52:35 executing program 2: syz_mount_image$nfs(&(0x7f0000000000)='nfs\x00', &(0x7f00000000c0)='./file0\x00', 0x20000000000, 0x2, &(0x7f0000000280)=[{&(0x7f0000000100)="b6836ca8e7dce630d7b846c4c0bf9713dedae9b3fcbab93c74ec18c47194c614350c946842a44fd9a544d21e1865847eb7ab6db20d6f33095965cf9e35c401a448702678b0b656aff2098f704ebf1bc3d224870d3903a599e063e34b1038037c4975fc61aa0b6f37029599d96937dd91651acd1c704af82364a05a1085ff34e2093c95d1d1df9a9d8e5f1e88cb65574fda5119a27f8c22943c563d5ed78667672434", 0xa2, 0x3f}, {&(0x7f00000001c0)="ae8bdd0636e81a45695631d3535c428c28518e983b250826cf549d36171bd632bc8b2d318789eaf622a8134b2fd496643d5084025d2446b9da44a9bdfaf796f9a02597d9fff411f761edc3be2c270eb12eca6fc1805c5efc7c91527a39a5a6fa26a150edbcaecda033fc3957f3a4b1ce6ca11cebbf7d5f174a03184018c743fa4260a27e81d1dac25935887b458f6e1e42a84a2467fc039c163309dcfbb0b226d842e36463de135277de3f", 0xab, 0x8a}], 0x1000002, &(0x7f00000002c0)='\x00') 04:52:35 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, &(0x7f0000000140)={0x0, @aes256}) 04:52:35 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) [ 300.727296] 0 pages HighMem/MovableOnly [ 300.731317] 333222 pages reserved [ 300.734969] 0 pages cma reserved 04:52:35 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) [ 300.839861] syz-executor.5: vmalloc: allocation failure: 0 bytes, mode:0x14000c0(GFP_KERNEL), nodemask=(null) 04:52:35 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, &(0x7f0000000140)={0x0, @aes256}) [ 300.880632] EXT4-fs (sda1): Unrecognized mount option "journal_dev=0x000" or missing value [ 300.892586] syz-executor.5 cpuset=syz5 mems_allowed=0-1 [ 300.924816] CPU: 1 PID: 18553 Comm: syz-executor.5 Not tainted 4.14.131 #25 [ 300.932096] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 300.932103] Call Trace: [ 300.932123] dump_stack+0x138/0x19c [ 300.932139] warn_alloc.cold+0x96/0x1af [ 300.932149] ? zone_watermark_ok_safe+0x2b0/0x2b0 [ 300.932162] ? lock_downgrade+0x6e0/0x6e0 [ 300.932178] ? avc_has_perm+0x2df/0x4b0 [ 300.932193] __vmalloc_node_range+0x3be/0x6a0 04:52:35 executing program 4: syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x28001) write$evdev(0xffffffffffffffff, &(0x7f0000000280)=[{}], 0x12) [ 300.932203] ? trace_hardirqs_on+0x10/0x10 [ 300.932214] vmalloc+0x46/0x50 [ 300.932223] ? sel_write_load+0x1a0/0x1050 [ 300.932231] sel_write_load+0x1a0/0x1050 [ 300.932240] ? save_trace+0x290/0x290 [ 300.932255] ? sel_read_bool+0x240/0x240 [ 300.932265] ? trace_hardirqs_on+0x10/0x10 [ 300.932275] ? save_trace+0x290/0x290 [ 300.932287] __vfs_write+0x105/0x6b0 [ 300.932298] ? __lock_is_held+0xb6/0x140 [ 300.949325] ? sel_read_bool+0x240/0x240 [ 300.949341] ? kernel_read+0x120/0x120 [ 300.949355] ? __lock_is_held+0xb6/0x140 [ 300.959668] ? check_preemption_disabled+0x3c/0x250 [ 300.959685] ? rcu_lockdep_current_cpu_online+0xf2/0x140 [ 300.959701] ? rcu_read_lock_sched_held+0x110/0x130 [ 300.980729] ? rcu_sync_lockdep_assert+0x6d/0xb0 [ 301.050410] ? __sb_start_write+0x153/0x2f0 [ 301.054852] vfs_write+0x198/0x500 [ 301.058429] SyS_write+0xfd/0x230 [ 301.061882] ? SyS_read+0x230/0x230 [ 301.065719] ? do_syscall_64+0x53/0x640 [ 301.069817] ? SyS_read+0x230/0x230 [ 301.073536] do_syscall_64+0x1e8/0x640 [ 301.077721] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 301.083431] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 301.088623] RIP: 0033:0x4597c9 [ 301.091813] RSP: 002b:00007fbe448e1c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 301.099719] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000004597c9 [ 301.107432] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000004 [ 301.114963] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 301.124310] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fbe448e26d4 [ 301.131666] R13: 00000000004c97d2 R14: 00000000004e0bc8 R15: 00000000ffffffff [ 301.221830] EXT4-fs (sda1): Unrecognized mount option "journal_dev=0x000" or missing value 04:52:36 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, &(0x7f0000000140)={0x0, @aes256}) 04:52:36 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) 04:52:36 executing program 5: socket$inet_udplite(0x2, 0x2, 0x88) ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") r0 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000140)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r0, &(0x7f0000000000)=ANY=[], 0x0) 04:52:36 executing program 4: syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x28001) write$evdev(0xffffffffffffffff, &(0x7f0000000280)=[{}], 0x12) 04:52:36 executing program 0: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', 0x0, 0x2001001, 0x0) r0 = openat$proc_capi20(0xffffffffffffff9c, &(0x7f0000000180)='/proc/capi/capi20\x00', 0x20200804, 0x0) ioctl$KVM_GET_TSC_KHZ(r0, 0xaea3) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX_OLD(r0, 0x84, 0x6b, &(0x7f00000001c0)=[@in={0x2, 0x4e24, @multicast2}, @in6={0xa, 0x4e22, 0x7f, @rand_addr="c05486b3dcb1953b30c1ed54e1b7df9a", 0x3ff80}, @in6={0xa, 0x4e24, 0x4, @loopback, 0x8}, @in6={0xa, 0x4e23, 0x82, @empty, 0x404}, @in={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0xb}}, @in6={0xa, 0x4e22, 0x2, @initdev={0xfe, 0x88, [], 0x0, 0x0}, 0x4}, @in6={0xa, 0x4e22, 0x80000001, @mcast1, 0xfffffffffffffffd}, @in={0x2, 0x4e20, @local}, @in6={0xa, 0x4e24, 0x9, @initdev={0xfe, 0x88, [], 0x1, 0x0}, 0x8000}], 0xd8) syz_mount_image$ext4(0x0, &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x100020, &(0x7f0000000040)={[{@journal_dev={'journal_dev'}}]}) 04:52:36 executing program 2: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat$vfio(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/vfio/vfio\x00', 0xfffffffffbfffffe, 0x0) ioctl$TIOCGPTPEER(r0, 0x5441, 0x4) write$RDMA_USER_CM_CMD_NOTIFY(r0, &(0x7f0000000200)={0xf, 0x8, 0xfa00, {0xffffffffffffffff, 0x1f}}, 0xfffffffffffffecf) ioctl$UI_SET_PROPBIT(r0, 0x4004556e, 0x6) socket$l2tp(0x18, 0x1, 0x1) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) msgrcv(0x0, 0x0, 0x0, 0x0, 0x0) clone(0x21100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = socket$rds(0x15, 0x5, 0x0) ioctl$VIDIOC_S_SELECTION(r0, 0xc040565f, &(0x7f0000000100)={0xf, 0x0, 0x4, {0x68f, 0x80000000, 0x0, 0x3fc00000000}}) bind$rds(r1, &(0x7f0000000280)={0x2, 0x0, @multicast2}, 0x10) openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000240)='/dev/btrfs-control\x00', 0x802, 0x0) r2 = openat$selinux_avc_cache_threshold(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/avc/cache_threshold\x00', 0x2, 0x0) write$RDMA_USER_CM_CMD_MIGRATE_ID(r2, &(0x7f00000001c0)={0x12, 0x10, 0xfa00, {0x0}}, 0x18) mlock2(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x1) ioctl$SNDRV_SEQ_IOCTL_RUNNING_MODE(r2, 0xc0105303, &(0x7f0000000040)={0x109, 0x6}) socket$key(0xf, 0x3, 0x2) syz_mount_image$xfs(&(0x7f0000000040)='xfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000140)=ANY=[@ANYBLOB="6e6f7265636f766572792c62696f73697a653d303030303030306933eba330ad7104deea30303034303030abeed07630372c6c6f676465763d2e"]) 04:52:36 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) 04:52:36 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, &(0x7f0000000140)={0x0, @aes256}) [ 301.337384] syz-executor.5: vmalloc: allocation failure: 0 bytes, mode:0x14000c0(GFP_KERNEL), nodemask=(null) 04:52:36 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) [ 301.382105] syz-executor.5 cpuset=syz5 mems_allowed=0-1 04:52:36 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, &(0x7f0000000140)={0x0, @aes256}) [ 301.424559] CPU: 1 PID: 18593 Comm: syz-executor.5 Not tainted 4.14.131 #25 [ 301.431817] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 301.441624] Call Trace: [ 301.444291] dump_stack+0x138/0x19c [ 301.448118] warn_alloc.cold+0x96/0x1af [ 301.453600] ? zone_watermark_ok_safe+0x2b0/0x2b0 [ 301.459557] ? lock_downgrade+0x6e0/0x6e0 [ 301.463754] ? avc_has_perm+0x2df/0x4b0 [ 301.468582] __vmalloc_node_range+0x3be/0x6a0 04:52:36 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, &(0x7f0000000140)={0x0, @aes256}) [ 301.473379] ? trace_hardirqs_on+0x10/0x10 [ 301.477947] vmalloc+0x46/0x50 [ 301.482028] ? sel_write_load+0x1a0/0x1050 [ 301.486544] sel_write_load+0x1a0/0x1050 [ 301.490727] ? save_trace+0x290/0x290 [ 301.494730] ? sel_read_bool+0x240/0x240 [ 301.498988] ? trace_hardirqs_on+0x10/0x10 [ 301.503675] ? save_trace+0x290/0x290 [ 301.504327] RDS: rds_bind could not find a transport for 224.0.0.2, load rds_tcp or rds_rdma? [ 301.507757] __vfs_write+0x105/0x6b0 [ 301.507770] ? __lock_is_held+0xb6/0x140 04:52:36 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, &(0x7f0000000140)={0x0, @aes256}) 04:52:36 executing program 2: [ 301.507782] ? sel_read_bool+0x240/0x240 [ 301.507791] ? kernel_read+0x120/0x120 [ 301.507801] ? __lock_is_held+0xb6/0x140 [ 301.507811] ? check_preemption_disabled+0x3c/0x250 [ 301.507829] ? rcu_lockdep_current_cpu_online+0xf2/0x140 [ 301.529553] ? rcu_read_lock_sched_held+0x110/0x130 [ 301.529565] ? rcu_sync_lockdep_assert+0x6d/0xb0 [ 301.529574] ? __sb_start_write+0x153/0x2f0 [ 301.529585] vfs_write+0x198/0x500 [ 301.551133] SyS_write+0xfd/0x230 04:52:36 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, &(0x7f0000000140)={0x0, @aes256}) [ 301.551147] ? SyS_read+0x230/0x230 [ 301.551158] ? do_syscall_64+0x53/0x640 [ 301.551167] ? SyS_read+0x230/0x230 [ 301.551176] do_syscall_64+0x1e8/0x640 [ 301.551187] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 301.593866] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 301.599072] RIP: 0033:0x4597c9 [ 301.602364] RSP: 002b:00007fbe448e1c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 301.610372] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000004597c9 [ 301.618162] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000004 [ 301.625698] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 301.633801] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fbe448e26d4 [ 301.633807] R13: 00000000004c97d2 R14: 00000000004e0bc8 R15: 00000000ffffffff [ 301.661374] warn_alloc_show_mem: 1 callbacks suppressed [ 301.661378] Mem-Info: [ 301.682686] active_anon:120066 inactive_anon:1222 isolated_anon:0 [ 301.682686] active_file:8239 inactive_file:12587 isolated_file:0 [ 301.682686] unevictable:0 dirty:161 writeback:0 unstable:0 [ 301.682686] slab_reclaimable:12384 slab_unreclaimable:108128 [ 301.682686] mapped:59030 shmem:2594 pagetables:1106 bounce:0 [ 301.682686] free:1273362 free_pcp:324 free_cma:0 [ 301.722075] Node 0 active_anon:480264kB inactive_anon:4888kB active_file:32816kB inactive_file:50348kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:236120kB dirty:640kB writeback:0kB shmem:10376kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 391168kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 301.752732] Node 1 active_anon:0kB inactive_anon:0kB active_file:140kB inactive_file:0kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:4kB writeback:0kB shmem:0kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 301.785546] Node 0 DMA free:15908kB min:216kB low:268kB high:320kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 301.814174] lowmem_reserve[]: 0 2580 2580 2580 [ 301.819486] Node 0 DMA32 free:1290496kB min:36468kB low:45584kB high:54700kB active_anon:480264kB inactive_anon:4888kB active_file:32816kB inactive_file:50348kB unevictable:0kB writepending:640kB present:3129332kB managed:2644912kB mlocked:0kB kernel_stack:7424kB pagetables:4424kB bounce:0kB free_pcp:1144kB local_pcp:496kB free_cma:0kB [ 301.820385] EXT4-fs (sda1): Cannot specify journal on remount [ 301.856866] lowmem_reserve[]: 0 0 0 0 [ 301.863977] Node 0 Normal free:0kB min:0kB low:0kB high:0kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:0kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 301.897611] lowmem_reserve[]: 0 0 0 0 [ 301.919574] Node 1 Normal free:3786832kB min:53420kB low:66772kB high:80124kB active_anon:0kB inactive_anon:0kB active_file:140kB inactive_file:0kB unevictable:0kB writepending:4kB present:3932160kB managed:3870208kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 301.961423] lowmem_reserve[]: 0 0 0 0 [ 301.965681] Node 0 DMA: 1*4kB (U) 0*8kB 0*16kB 1*32kB (U) 2*64kB (U) 1*128kB (U) 1*256kB (U) 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15908kB [ 301.982600] Node 0 DMA32: 7731*4kB (UME) 1086*8kB (UME) 2655*16kB (UM) 1834*32kB (UME) 769*64kB (UM) 83*128kB (UM) 10*256kB (UME) 3*512kB (ME) 2*1024kB (UE) 3*2048kB (UME) 263*4096kB (M) = 1290156kB [ 302.003906] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 302.018911] Node 1 Normal: 48*4kB (UE) 360*8kB (UME) 279*16kB (UME) 53*32kB (UME) 17*64kB (UME) 12*128kB (UE) 4*256kB (UM) 3*512kB (UE) 2*1024kB (ME) 5*2048kB (UME) 918*4096kB (M) = 3786832kB [ 302.039259] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 302.048612] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 302.057963] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 302.067331] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 302.077857] 23427 total pagecache pages [ 302.082119] 0 pages in swap cache [ 302.085838] Swap cache stats: add 0, delete 0, find 0/0 [ 302.091770] Free swap = 0kB [ 302.094972] Total swap = 0kB [ 302.100006] 1965979 pages RAM [ 302.103202] 0 pages HighMem/MovableOnly [ 302.107440] 333222 pages reserved 04:52:37 executing program 5: socket$inet_udplite(0x2, 0x2, 0x88) ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") r0 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000140)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r0, &(0x7f0000000000)=ANY=[], 0x0) 04:52:37 executing program 4: syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x28001) write$evdev(0xffffffffffffffff, &(0x7f0000000280)=[{}], 0x12) 04:52:37 executing program 2: syz_mount_image$xfs(&(0x7f0000000000)='xfs\x00', &(0x7f00000000c0)='./file0\x00', 0xfffffffffffffffe, 0x0, 0x0, 0x3220046, &(0x7f0000002680)=ANY=[]) mlock(&(0x7f0000ffd000/0x3000)=nil, 0x3000) r0 = syz_open_dev$dspn(&(0x7f0000000200)='/dev/dsp#\x00', 0x4, 0x0) r1 = syz_genetlink_get_family_id$SEG6(&(0x7f0000000100)='SEG6\x00') sendmsg$SEG6_CMD_DUMPHMAC(r0, &(0x7f00000001c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)={0x30, r1, 0x310, 0x70bd25, 0x25dfdbfe, {}, [@SEG6_ATTR_DSTLEN={0x8, 0x2, 0x9}, @SEG6_ATTR_ALGID={0x8, 0x6, 0x5}, @SEG6_ATTR_SECRET={0xc, 0x4, [0x8001, 0x5]}]}, 0x30}, 0x1, 0x0, 0x0, 0x8000}, 0x4000) 04:52:37 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, &(0x7f0000000140)={0x0, @aes256}) 04:52:37 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) 04:52:37 executing program 0: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', 0x0, 0x2000, 0x0) syz_mount_image$ext4(0x0, &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x100020, &(0x7f0000000040)=ANY=[@ANYBLOB="6a6f75626e61075f6465e53d30783030303a3030103030303030303030302c00"]) execve(&(0x7f0000000100)='./file0\x00', &(0x7f00000002c0)=[&(0x7f0000000140)='journal_dev', &(0x7f0000000180)='&\x00', &(0x7f00000001c0)='\x00', &(0x7f0000000200)='#\x00', &(0x7f0000000240)='journal_dev', &(0x7f0000000280)='journal_dev'], &(0x7f00000004c0)=[&(0x7f0000000300), &(0x7f0000000340)='\x00', &(0x7f0000000380)='vboxnet0!posix_acl_accessbdevtrusted\x00', &(0x7f00000003c0)='\x00', &(0x7f0000000400)='journal_dev', &(0x7f0000000440)='journal_dev', &(0x7f0000000480)='journal_dev']) [ 302.111411] 0 pages cma reserved 04:52:37 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, &(0x7f0000000140)={0x0, @aes256}) 04:52:37 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) [ 302.180232] syz-executor.5: vmalloc: allocation failure: 0 bytes, mode:0x14000c0(GFP_KERNEL), nodemask=(null) 04:52:37 executing program 4: syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x28001) write$evdev(0xffffffffffffffff, &(0x7f0000000280)=[{}], 0x12) [ 302.235479] syz-executor.5 cpuset=syz5 mems_allowed=0-1 [ 302.268061] CPU: 1 PID: 18646 Comm: syz-executor.5 Not tainted 4.14.131 #25 04:52:37 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, &(0x7f0000000140)={0x0, @aes256}) 04:52:37 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, &(0x7f0000000140)={0x0, @aes256}) [ 302.276567] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 302.287096] Call Trace: [ 302.289836] dump_stack+0x138/0x19c [ 302.289854] warn_alloc.cold+0x96/0x1af [ 302.289865] ? zone_watermark_ok_safe+0x2b0/0x2b0 [ 302.289880] ? lock_downgrade+0x6e0/0x6e0 [ 302.289896] ? avc_has_perm+0x2df/0x4b0 [ 302.289911] __vmalloc_node_range+0x3be/0x6a0 [ 302.319677] ? trace_hardirqs_on+0x10/0x10 [ 302.325160] vmalloc+0x46/0x50 [ 302.328638] ? sel_write_load+0x1a0/0x1050 [ 302.333258] sel_write_load+0x1a0/0x1050 [ 302.337701] ? save_trace+0x290/0x290 [ 302.341993] ? sel_read_bool+0x240/0x240 [ 302.342004] ? trace_hardirqs_on+0x10/0x10 [ 302.342014] ? save_trace+0x290/0x290 [ 302.342027] __vfs_write+0x105/0x6b0 [ 302.342039] ? __lock_is_held+0xb6/0x140 [ 302.364195] ? sel_read_bool+0x240/0x240 [ 302.368644] ? kernel_read+0x120/0x120 [ 302.372875] ? __lock_is_held+0xb6/0x140 [ 302.377131] ? check_preemption_disabled+0x3c/0x250 04:52:37 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, &(0x7f0000000140)={0x0, @aes256}) [ 302.383584] ? rcu_lockdep_current_cpu_online+0xf2/0x140 [ 302.389863] ? rcu_read_lock_sched_held+0x110/0x130 [ 302.397031] ? rcu_sync_lockdep_assert+0x6d/0xb0 [ 302.403275] ? __sb_start_write+0x153/0x2f0 [ 302.408318] vfs_write+0x198/0x500 [ 302.412048] SyS_write+0xfd/0x230 [ 302.415668] ? SyS_read+0x230/0x230 [ 302.419545] ? do_syscall_64+0x53/0x640 [ 302.419556] ? SyS_read+0x230/0x230 [ 302.419567] do_syscall_64+0x1e8/0x640 [ 302.419576] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 302.419592] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 302.419601] RIP: 0033:0x4597c9 [ 302.419606] RSP: 002b:00007fbe448e1c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 302.459608] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000004597c9 [ 302.468344] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000004 [ 302.476239] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 04:52:37 executing program 5: socket$inet_udplite(0x2, 0x2, 0x88) ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") r0 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000140)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r0, &(0x7f0000000000)=ANY=[], 0x0) 04:52:37 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, &(0x7f0000000140)={0x0, @aes256}) 04:52:37 executing program 2: syz_mount_image$xfs(&(0x7f0000000040)='xfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="6e6f726563697a653d30303030303030303030303030303030303030372c6c6f676465763d2a00000000000000000000c3b19b9b88159317dc1fd73b0cae037031749570c1ec1944eb4902573e61ab902e75d13f453e2b16e534d27e6ded33e3a6d9c8786c2428c1773f9ca9a4c8161b00783f616789e1b1b3f62290d65d3014fba4405de01e34"]) r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer\x00', 0x80000, 0x0) ioctl$KDGKBDIACR(r0, 0x4b4a, &(0x7f00000000c0)=""/222) setsockopt$inet_tcp_TCP_FASTOPEN_KEY(r0, 0x6, 0x21, &(0x7f00000001c0)="4774a3146ab552e88c1de715f1c35796", 0x10) 04:52:37 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) [ 302.476247] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fbe448e26d4 [ 302.476252] R13: 00000000004c97d2 R14: 00000000004e0bc8 R15: 00000000ffffffff 04:52:37 executing program 0: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) r0 = socket$netlink(0x10, 0x3, 0xfffffffffffffffe) setsockopt$netlink_NETLINK_BROADCAST_ERROR(r0, 0x10e, 0x4, &(0x7f0000000100)=0x80, 0x4) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', 0x0, 0x2001001, 0x0) syz_mount_image$ext4(0x0, &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x100020, &(0x7f0000000040)=ANY=[@ANYBLOB="6a6f75f57b2d485422898c26b5726e616c5f6465763d3078303030713be43e30"]) setxattr$trusted_overlay_origin(&(0x7f0000000140)='./file0\x00', &(0x7f0000000180)='trusted.overlay.origin\x00', &(0x7f00000001c0)='y\x00', 0x2, 0x2) 04:52:37 executing program 4: syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x28001) write$evdev(0xffffffffffffffff, &(0x7f0000000280)=[{}], 0x12) 04:52:37 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) 04:52:37 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, &(0x7f0000000140)={0x0, @aes256}) [ 302.610776] XFS (loop2): unknown mount option [norecize=00000000000000000007]. [ 302.637580] syz-executor.5: vmalloc: allocation failure: 0 bytes, mode:0x14000c0(GFP_KERNEL), nodemask=(null) 04:52:37 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) [ 302.676773] EXT4-fs (sda1): Unrecognized mount option "jouõ{-HT"‰Œ&µrnal_dev=0x000q;ä>0" or missing value [ 302.702138] syz-executor.5 cpuset=syz5 mems_allowed=0-1 [ 302.708329] CPU: 0 PID: 18694 Comm: syz-executor.5 Not tainted 4.14.131 #25 [ 302.716235] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 302.716240] Call Trace: [ 302.716262] dump_stack+0x138/0x19c [ 302.716293] warn_alloc.cold+0x96/0x1af [ 302.716304] ? zone_watermark_ok_safe+0x2b0/0x2b0 [ 302.716323] ? lock_downgrade+0x6e0/0x6e0 [ 302.748773] ? avc_has_perm+0x2df/0x4b0 [ 302.753831] __vmalloc_node_range+0x3be/0x6a0 [ 302.758751] ? trace_hardirqs_on+0x10/0x10 [ 302.758768] vmalloc+0x46/0x50 [ 302.758779] ? sel_write_load+0x1a0/0x1050 [ 302.758786] sel_write_load+0x1a0/0x1050 [ 302.758796] ? save_trace+0x290/0x290 [ 302.772401] ? sel_read_bool+0x240/0x240 [ 302.772415] ? trace_hardirqs_on+0x10/0x10 [ 302.772426] ? save_trace+0x290/0x290 [ 302.781980] __vfs_write+0x105/0x6b0 [ 302.781993] ? __lock_is_held+0xb6/0x140 [ 302.782005] ? sel_read_bool+0x240/0x240 [ 302.782015] ? kernel_read+0x120/0x120 [ 302.782024] ? __lock_is_held+0xb6/0x140 04:52:37 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) 04:52:37 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) [ 302.782034] ? check_preemption_disabled+0x3c/0x250 [ 302.782047] ? rcu_lockdep_current_cpu_online+0xf2/0x140 [ 302.782058] ? rcu_read_lock_sched_held+0x110/0x130 [ 302.782068] ? rcu_sync_lockdep_assert+0x6d/0xb0 [ 302.782076] ? __sb_start_write+0x153/0x2f0 [ 302.782087] vfs_write+0x198/0x500 [ 302.782099] SyS_write+0xfd/0x230 [ 302.865379] ? SyS_read+0x230/0x230 [ 302.865392] ? do_syscall_64+0x53/0x640 04:52:37 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) [ 302.865404] ? SyS_read+0x230/0x230 [ 302.865414] do_syscall_64+0x1e8/0x640 [ 302.865426] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 302.872890] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 302.872899] RIP: 0033:0x4597c9 [ 302.872904] RSP: 002b:00007fbe448e1c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 302.872913] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000004597c9 [ 302.872917] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000004 [ 302.872922] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 302.872927] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fbe448e26d4 [ 302.872933] R13: 00000000004c97d2 R14: 00000000004e0bc8 R15: 00000000ffffffff [ 302.894336] warn_alloc_show_mem: 1 callbacks suppressed [ 302.894444] Mem-Info: [ 302.905181] active_anon:121171 inactive_anon:1224 isolated_anon:0 [ 302.905181] active_file:8239 inactive_file:12594 isolated_file:0 [ 302.905181] unevictable:0 dirty:178 writeback:0 unstable:0 [ 302.905181] slab_reclaimable:12384 slab_unreclaimable:108294 [ 302.905181] mapped:59033 shmem:2594 pagetables:1196 bounce:0 [ 302.905181] free:1271795 free_pcp:220 free_cma:0 [ 302.920364] Node 0 active_anon:484684kB inactive_anon:4896kB active_file:32816kB inactive_file:50376kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:236132kB dirty:708kB writeback:0kB shmem:10376kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 393216kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 302.962007] Node 1 active_anon:0kB inactive_anon:0kB active_file:140kB inactive_file:0kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:4kB writeback:0kB shmem:0kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 303.038717] Node 0 DMA free:15908kB min:216kB low:268kB high:320kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 303.093250] lowmem_reserve[]: 0 2580 2580 2580 [ 303.098294] Node 0 DMA32 free:1290364kB min:36468kB low:45584kB high:54700kB active_anon:480336kB inactive_anon:4896kB active_file:32816kB inactive_file:50404kB unevictable:0kB writepending:756kB present:3129332kB managed:2644912kB mlocked:0kB kernel_stack:7424kB pagetables:4428kB bounce:0kB free_pcp:1308kB local_pcp:652kB free_cma:0kB [ 303.131976] lowmem_reserve[]: 0 0 0 0 [ 303.137549] Node 0 Normal free:0kB min:0kB low:0kB high:0kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:0kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 303.167379] EXT4-fs (sda1): Unrecognized mount option "jouõ{-HT"‰Œ&µrnal_dev=0x000q;ä>0" or missing value [ 303.178684] lowmem_reserve[]: 0 0 0 0 [ 303.182853] Node 1 Normal free:3786832kB min:53420kB low:66772kB high:80124kB active_anon:0kB inactive_anon:0kB active_file:140kB inactive_file:0kB unevictable:0kB writepending:4kB present:3932160kB managed:3870208kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 303.223650] lowmem_reserve[]: 0 0 0 0 [ 303.227991] Node 0 DMA: 1*4kB (U) 0*8kB 0*16kB 1*32kB (U) 2*64kB (U) 1*128kB (U) 1*256kB (U) 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15908kB [ 303.250727] Node 0 DMA32: 7734*4kB (UME) 1116*8kB (UME) 2651*16kB (UM) 1808*32kB (UME) 769*64kB (UM) 83*128kB (UM) 10*256kB (UME) 3*512kB (ME) 2*1024kB (UE) 4*2048kB (UME) 263*4096kB (M) = 1291560kB [ 303.269776] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 303.286265] Node 1 Normal: 48*4kB (UE) 360*8kB (UME) 279*16kB (UME) 53*32kB (UME) 17*64kB (UME) 12*128kB (UE) 4*256kB (UM) 3*512kB (UE) 2*1024kB (ME) 5*2048kB (UME) 918*4096kB (M) = 3786832kB [ 303.304230] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 303.314092] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 303.323019] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB 04:52:38 executing program 5: socket$inet_udplite(0x2, 0x2, 0x88) ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") r0 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000140)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r0, &(0x7f0000000000)=ANY=[], 0x0) 04:52:38 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, &(0x7f0000000140)={0x0, @aes256}) 04:52:38 executing program 4: syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x28001) write$evdev(0xffffffffffffffff, &(0x7f0000000280)=[{}], 0x12) 04:52:38 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) 04:52:38 executing program 2: chroot(&(0x7f0000000000)='./file0\x00') syz_mount_image$xfs(&(0x7f0000000040)='xfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="6e6f7265636f766572792c62496f73697a653d30303030303030303030303096303030303030372c6c6f676465763d2e9637c454bab11ab498261f74b13b1cf610d0c2"]) r0 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/vcs\x00', 0x210200, 0x0) write$P9_RREADLINK(r0, &(0x7f0000000180)={0x10, 0x17, 0x1, {0x7, './file0'}}, 0x10) 04:52:38 executing program 0: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f0000000100)='./file0\x00', 0x0, 0x20, 0x0) r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000180)='/dev/zero\x00', 0x60007f, 0x0) ioctl$TIOCGSID(r0, 0x5429, &(0x7f00000000c0)) syz_mount_image$ext4(0x0, &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x100020, &(0x7f0000000280)=ANY=[@ANYBLOB="6772706a71756f74613d2e2f6600cb11c97a95d95d9186a3597e985263808fbdb01b20ef40d64bfd60ef9713f47ce9c74aba79a8955876410bbc323495563c63b959dbb13cad4f314d1f7a000000b387c70c05899f8b008557defc1ea5b60ab41cd7952ce34f8dc36249c23a3302537480d73de9c4a076c8c61b0bfdaccc33b81bb2dd6ecf65b9d6886ef0804c53f30888d1f149c1f70bf91e603cb557acd9c0296c83be78d00edee4557fb0542031c47314366674a06e25833fe34245fd9a6f1beca94f688f7db5d1cbf6c6e7341b0bf2f42ba60cdea4a7c46c86390102a975bcbbb7fa58b3b66582b576da64c063de100e95226e7b3d2b5ce83900002772f7d905af50"]) [ 303.332377] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 303.344059] 23442 total pagecache pages [ 303.348676] 0 pages in swap cache [ 303.355536] Swap cache stats: add 0, delete 0, find 0/0 [ 303.361207] Free swap = 0kB [ 303.364503] Total swap = 0kB [ 303.367609] 1965979 pages RAM [ 303.370846] 0 pages HighMem/MovableOnly [ 303.375113] 333222 pages reserved [ 303.378656] 0 pages cma reserved 04:52:38 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) 04:52:38 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, &(0x7f0000000140)={0x0, @aes256}) [ 303.429800] syz-executor.5: vmalloc: allocation failure: 0 bytes, mode:0x14000c0(GFP_KERNEL), nodemask=(null) [ 303.448950] XFS (loop2): unknown mount option [bIosize=000000000000–0000007]. [ 303.457332] syz-executor.5 cpuset=syz5 mems_allowed=0-1 [ 303.503644] CPU: 0 PID: 18738 Comm: syz-executor.5 Not tainted 4.14.131 #25 [ 303.510907] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 303.520451] Call Trace: [ 303.523260] dump_stack+0x138/0x19c [ 303.526935] warn_alloc.cold+0x96/0x1af [ 303.531018] ? zone_watermark_ok_safe+0x2b0/0x2b0 [ 303.536055] ? lock_downgrade+0x6e0/0x6e0 [ 303.540221] ? avc_has_perm+0x2df/0x4b0 [ 303.540235] __vmalloc_node_range+0x3be/0x6a0 [ 303.540249] ? trace_hardirqs_on+0x10/0x10 [ 303.540260] vmalloc+0x46/0x50 [ 303.540268] ? sel_write_load+0x1a0/0x1050 [ 303.540275] sel_write_load+0x1a0/0x1050 [ 303.540287] ? save_trace+0x290/0x290 [ 303.548956] ? sel_read_bool+0x240/0x240 [ 303.548969] ? trace_hardirqs_on+0x10/0x10 [ 303.548980] ? save_trace+0x290/0x290 [ 303.582382] __vfs_write+0x105/0x6b0 [ 303.586477] ? __lock_is_held+0xb6/0x140 [ 303.590893] ? sel_read_bool+0x240/0x240 [ 303.595193] ? kernel_read+0x120/0x120 [ 303.599918] ? __lock_is_held+0xb6/0x140 [ 303.604009] ? check_preemption_disabled+0x3c/0x250 [ 303.609582] ? rcu_lockdep_current_cpu_online+0xf2/0x140 [ 303.616035] ? rcu_read_lock_sched_held+0x110/0x130 [ 303.622226] ? rcu_sync_lockdep_assert+0x6d/0xb0 [ 303.627748] ? __sb_start_write+0x153/0x2f0 [ 303.632905] vfs_write+0x198/0x500 [ 303.636724] SyS_write+0xfd/0x230 [ 303.640292] ? SyS_read+0x230/0x230 [ 303.644218] ? do_syscall_64+0x53/0x640 [ 303.648232] ? SyS_read+0x230/0x230 [ 303.651890] do_syscall_64+0x1e8/0x640 [ 303.655924] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 303.660926] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 303.666191] RIP: 0033:0x4597c9 [ 303.669375] RSP: 002b:00007fbe448e1c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 303.677408] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000004597c9 [ 303.684927] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000004 [ 303.692456] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 04:52:38 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) 04:52:38 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, &(0x7f0000000140)={0x0, @aes256}) 04:52:38 executing program 2: syz_mount_image$xfs(&(0x7f0000000040)='xfs\x00', &(0x7f0000000000)='./file0\x00', 0x6, 0x0, 0x0, 0x0, &(0x7f0000002680)=ANY=[@ANYBLOB='norecovery,biosize=00000000000000000007,logdev=.']) 04:52:38 executing program 4: syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x28001) write$evdev(0xffffffffffffffff, &(0x7f0000000280)=[{}], 0x12) 04:52:38 executing program 5: socket$inet_udplite(0x2, 0x2, 0x88) ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") r0 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000140)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r0, &(0x7f0000000000)=ANY=[], 0x0) [ 303.699981] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fbe448e26d4 [ 303.707538] R13: 00000000004c97d2 R14: 00000000004e0bc8 R15: 00000000ffffffff 04:52:38 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, &(0x7f0000000140)={0x0, @aes256}) 04:52:38 executing program 0: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', 0x0, 0x2001001, 0x0) r0 = openat$selinux_avc_cache_threshold(0xffffffffffffff9c, &(0x7f0000000100)='/selinux/avc/cache_threshold\x00', 0x2, 0x0) ioctl$TIOCGSID(r0, 0x5429, &(0x7f0000000140)) syz_mount_image$ext4(0x0, &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x100020, &(0x7f0000000180)=ANY=[@ANYBLOB="6a6f75726e616c5f6465763d307830303030303030c177b12630303030302c00d3ba316d97efd2ae138b0740361c08858c39"]) 04:52:38 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) [ 303.813182] syz-executor.5: vmalloc: allocation failure: 0 bytes, mode:0x14000c0(GFP_KERNEL), nodemask=(null) 04:52:38 executing program 4: syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x28001) write$evdev(0xffffffffffffffff, &(0x7f0000000280)=[{}], 0x12) [ 303.863196] XFS (loop2): no-recovery mounts must be read-only. [ 303.917482] syz-executor.5 cpuset=syz5 mems_allowed=0-1 [ 303.928747] EXT4-fs (sda1): Unrecognized mount option "journal_dev=0x0000000Áw±&00000" or missing value [ 303.941245] CPU: 0 PID: 18772 Comm: syz-executor.5 Not tainted 4.14.131 #25 [ 303.948484] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 303.958327] Call Trace: [ 303.961242] dump_stack+0x138/0x19c [ 303.964912] warn_alloc.cold+0x96/0x1af [ 303.968912] ? zone_watermark_ok_safe+0x2b0/0x2b0 [ 303.973785] ? lock_downgrade+0x6e0/0x6e0 [ 303.977964] ? avc_has_perm+0x2df/0x4b0 [ 303.982229] __vmalloc_node_range+0x3be/0x6a0 [ 303.987019] ? trace_hardirqs_on+0x10/0x10 [ 303.991453] vmalloc+0x46/0x50 [ 303.994662] ? sel_write_load+0x1a0/0x1050 [ 303.999283] sel_write_load+0x1a0/0x1050 [ 304.003471] ? save_trace+0x290/0x290 [ 304.008437] ? sel_read_bool+0x240/0x240 [ 304.013438] ? trace_hardirqs_on+0x10/0x10 [ 304.018564] ? save_trace+0x290/0x290 [ 304.022478] __vfs_write+0x105/0x6b0 [ 304.026386] ? __lock_is_held+0xb6/0x140 [ 304.030464] ? sel_read_bool+0x240/0x240 [ 304.034548] ? kernel_read+0x120/0x120 [ 304.038460] ? __lock_is_held+0xb6/0x140 [ 304.042550] ? check_preemption_disabled+0x3c/0x250 [ 304.047732] ? rcu_lockdep_current_cpu_online+0xf2/0x140 [ 304.053183] ? rcu_read_lock_sched_held+0x110/0x130 [ 304.058308] ? rcu_sync_lockdep_assert+0x6d/0xb0 [ 304.063273] ? __sb_start_write+0x153/0x2f0 [ 304.067720] vfs_write+0x198/0x500 [ 304.071307] SyS_write+0xfd/0x230 [ 304.074822] ? SyS_read+0x230/0x230 [ 304.078449] ? do_syscall_64+0x53/0x640 [ 304.082522] ? SyS_read+0x230/0x230 [ 304.086238] do_syscall_64+0x1e8/0x640 [ 304.090249] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 304.095218] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 304.101502] RIP: 0033:0x4597c9 [ 304.104975] RSP: 002b:00007fbe448e1c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 04:52:39 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, &(0x7f0000000140)={0x0, @aes256}) 04:52:39 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) [ 304.112880] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000004597c9 [ 304.120793] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000004 [ 304.128126] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 304.135573] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fbe448e26d4 [ 304.142937] R13: 00000000004c97d2 R14: 00000000004e0bc8 R15: 00000000ffffffff [ 304.174777] warn_alloc_show_mem: 1 callbacks suppressed [ 304.174781] Mem-Info: [ 304.185453] XFS (loop2): no-recovery mounts must be read-only. [ 304.200559] active_anon:121704 inactive_anon:1220 isolated_anon:0 [ 304.200559] active_file:8239 inactive_file:12622 isolated_file:0 [ 304.200559] unevictable:0 dirty:223 writeback:0 unstable:0 [ 304.200559] slab_reclaimable:12386 slab_unreclaimable:108269 [ 304.200559] mapped:59051 shmem:2594 pagetables:1222 bounce:0 [ 304.200559] free:1271450 free_pcp:206 free_cma:0 04:52:39 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) 04:52:39 executing program 4: syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x28001) write$evdev(0xffffffffffffffff, &(0x7f0000000280)=[{}], 0x12) 04:52:39 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, &(0x7f0000000140)={0x0, @aes256}) [ 304.245678] Node 0 active_anon:484712kB inactive_anon:4880kB active_file:32816kB inactive_file:50488kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:236104kB dirty:888kB writeback:0kB shmem:10376kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 401408kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no 04:52:39 executing program 2: syz_emit_ethernet(0x2e, &(0x7f0000000240)={@empty, @random="c6d7006c54d3", [{[], {0x8100, 0x2, 0x85, 0x1}}], {@mpls_mc={0x8848, {[{0x6, 0x0, 0xb683}], @llc={@llc={0xaa, 0xf0, "61b4", "14bdeb58f3a34cbb1733d31866e0d68a410478f4"}}}}}}, 0x0) syz_mount_image$xfs(&(0x7f0000000040)='xfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="6e6f7265636ffcec1ca4c48b6f2e73697a653d30303030303030303030303030303030303030372c6c6f676465763d2e1d9ae6500388684a5c8670a369852f058a89a43124d5c283c22c0b55dc22e8967a5e30c2806d69002d2508184f1774de48e024cacd2f9c482fffff9f9aa8cc277b968277d7ed3204b0668a7b30c2117e00385062e0eb8b48f8c0987eace1128d0ea56e8baf18a02726b596fa10d2226df57b0ae97b80e28a0f46c84b1be22a1800c3c368a9324ead6fb674c06090aa789d0559a5538917c68e68a296d69346361199a469b0786c5127959a0ecfe75eaf3c9ece01fadd8b2ac609e342575a457c543263db6add9b8088"]) r0 = openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000000)='/dev/cachefiles\x00', 0xc0, 0x0) ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffff9c, 0xc0206434, &(0x7f00000001c0)={0x80000000, 0x0, 0x3, 0x8}) ioctl$DRM_IOCTL_AGP_BIND(r0, 0x40106436, &(0x7f0000000200)={r1, 0x5}) remap_file_pages(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x200000a, 0xfffffffffffffff9, 0x108100) 04:52:39 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) [ 304.403373] XFS (loop2): unknown mount option [norecoüì¤Ä‹o.size=00000000000000000007]. [ 304.414726] Node 1 active_anon:0kB inactive_anon:0kB active_file:140kB inactive_file:0kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:4kB writeback:0kB shmem:0kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 304.457941] Node 0 DMA free:15908kB min:216kB low:268kB high:320kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 304.486168] lowmem_reserve[]: 0 2580 2580 2580 [ 304.491463] Node 0 DMA32 free:1288684kB min:36468kB low:45584kB high:54700kB active_anon:480484kB inactive_anon:4880kB active_file:32816kB inactive_file:50488kB unevictable:0kB writepending:888kB present:3129332kB managed:2644912kB mlocked:0kB kernel_stack:7488kB pagetables:4592kB bounce:0kB free_pcp:1400kB local_pcp:684kB free_cma:0kB [ 304.523652] lowmem_reserve[]: 0 0 0 0 [ 304.528432] Node 0 Normal free:0kB min:0kB low:0kB high:0kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:0kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 304.555906] lowmem_reserve[]: 0 0 0 0 [ 304.559832] Node 1 Normal free:3786832kB min:53420kB low:66772kB high:80124kB active_anon:0kB inactive_anon:0kB active_file:140kB inactive_file:0kB unevictable:0kB writepending:4kB present:3932160kB managed:3870208kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 304.588983] lowmem_reserve[]: 0 0 0 0 [ 304.606255] Node 0 DMA: 1*4kB (U) 0*8kB 0*16kB 1*32kB (U) 2*64kB (U) 1*128kB (U) 1*256kB (U) 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15908kB [ 304.628604] Node 0 DMA32: 7639*4kB (UME) 1299*8kB (UME) 2665*16kB (UM) 1801*32kB (UME) 769*64kB (UM) 83*128kB (UM) 10*256kB (UME) 3*512kB (ME) 2*1024kB (UE) 4*2048kB (UME) 263*4096kB (M) = 1292644kB [ 304.647966] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 304.660799] Node 1 Normal: 48*4kB (UE) 360*8kB (UME) 279*16kB (UME) 53*32kB (UME) 17*64kB (UME) 12*128kB (UE) 4*256kB (UM) 3*512kB (UE) 2*1024kB (ME) 5*2048kB (UME) 918*4096kB (M) = 3786832kB [ 304.680810] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 304.689743] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 304.698991] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB 04:52:39 executing program 5: socket$inet_udplite(0x2, 0x2, 0x88) ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") r0 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000140)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r0, &(0x7f0000000000)=ANY=[], 0x0) 04:52:39 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, &(0x7f0000000140)={0x0, @aes256}) 04:52:39 executing program 4: syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x28001) write$evdev(0xffffffffffffffff, &(0x7f0000000280)=[{}], 0x12) 04:52:39 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) 04:52:39 executing program 0: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000040)={0x1e, 0x7fff, 0x9, 0xcc, 0x23, 0xffffffffffffff9c, 0x4, [], 0x0, 0xffffffffffffff9c, 0x2, 0x4}, 0x3c) fcntl$getownex(r0, 0x10, &(0x7f0000000180)) r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000100)='/dev/zero\x00', 0x10000, 0x0) r2 = syz_genetlink_get_family_id$ipvs(&(0x7f00000001c0)='IPVS\x00') sendmsg$IPVS_CMD_ZERO(r1, &(0x7f0000000280)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x82102208}, 0xc, &(0x7f0000000240)={&(0x7f0000000200)={0x34, r2, 0x0, 0x70bd29, 0x100, {}, [@IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x100}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x80000000}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x9}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x8}]}, 0x34}, 0x1, 0x0, 0x0, 0x20000000}, 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', 0x0, 0x2001001, 0x0) syz_mount_image$ext4(0x0, &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x100020, &(0x7f00000001c0)=ANY=[]) semget$private(0x0, 0x3, 0x0) 04:52:39 executing program 2: syz_mount_image$xfs(&(0x7f0000000040)='xfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000002680)=ANY=[@ANYBLOB='norecovery,biosize=00000000000000000007,logdev=.']) r0 = socket$l2tp(0x18, 0x1, 0x1) r1 = openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000100)='/dev/cachefiles\x00', 0x60000, 0x0) ioctl$DRM_IOCTL_IRQ_BUSID(r1, 0xc0106403, &(0x7f0000000140)={0x0, 0x9, 0x3, 0x8000}) r2 = syz_open_dev$swradio(&(0x7f00000000c0)='/dev/swradio#\x00', 0x0, 0x2) bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000280)={0xffffffffffffffff, 0x10, &(0x7f0000000240)={&(0x7f0000000180)=""/135, 0x87, 0x0}}, 0x10) bpf$BPF_GET_BTF_INFO(0xf, &(0x7f00000003c0)={r2, 0xfffffffffffffec2, &(0x7f00000002c0)={&(0x7f0000000340)=""/79, 0x4f, r3}}, 0x10) ioctl$PPPIOCGMRU(r0, 0x80047453, &(0x7f0000000000)) [ 304.708699] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 304.717814] 23454 total pagecache pages [ 304.721985] 0 pages in swap cache [ 304.725588] Swap cache stats: add 0, delete 0, find 0/0 [ 304.731082] Free swap = 0kB [ 304.734378] Total swap = 0kB [ 304.737397] 1965979 pages RAM [ 304.740743] 0 pages HighMem/MovableOnly [ 304.744825] 333222 pages reserved [ 304.748271] 0 pages cma reserved 04:52:39 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, &(0x7f0000000140)={0x0, @aes256}) 04:52:39 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) [ 304.797441] XFS (loop2): no-recovery mounts must be read-only. [ 304.819594] syz-executor.5: vmalloc: allocation failure: 0 bytes, mode:0x14000c0(GFP_KERNEL), nodemask=(null) 04:52:39 executing program 4: syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x28001) write$evdev(0xffffffffffffffff, &(0x7f0000000280)=[{}], 0x12) 04:52:39 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, &(0x7f0000000140)={0x0, @aes256}) [ 304.891569] XFS (loop2): no-recovery mounts must be read-only. [ 304.902718] syz-executor.5 cpuset=syz5 mems_allowed=0-1 [ 304.915619] CPU: 1 PID: 18845 Comm: syz-executor.5 Not tainted 4.14.131 #25 [ 304.923271] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 304.932641] Call Trace: [ 304.932663] dump_stack+0x138/0x19c 04:52:39 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, &(0x7f0000000140)={0x0, @aes256}) [ 304.932680] warn_alloc.cold+0x96/0x1af [ 304.932689] ? zone_watermark_ok_safe+0x2b0/0x2b0 [ 304.932707] ? lock_downgrade+0x6e0/0x6e0 [ 304.943253] ? avc_has_perm+0x2df/0x4b0 [ 304.943269] __vmalloc_node_range+0x3be/0x6a0 [ 304.943284] ? trace_hardirqs_on+0x10/0x10 [ 304.943298] vmalloc+0x46/0x50 [ 304.943308] ? sel_write_load+0x1a0/0x1050 [ 304.943317] sel_write_load+0x1a0/0x1050 [ 304.943325] ? save_trace+0x290/0x290 [ 304.943339] ? sel_read_bool+0x240/0x240 [ 304.969114] ? trace_hardirqs_on+0x10/0x10 04:52:39 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, &(0x7f0000000140)={0x0, @aes256}) [ 304.969125] ? save_trace+0x290/0x290 [ 304.977680] __vfs_write+0x105/0x6b0 [ 304.977694] ? __lock_is_held+0xb6/0x140 [ 304.977706] ? sel_read_bool+0x240/0x240 [ 304.977716] ? kernel_read+0x120/0x120 [ 305.006574] ? __lock_is_held+0xb6/0x140 [ 305.015839] ? check_preemption_disabled+0x3c/0x250 [ 305.015857] ? rcu_lockdep_current_cpu_online+0xf2/0x140 [ 305.015870] ? rcu_read_lock_sched_held+0x110/0x130 [ 305.015880] ? rcu_sync_lockdep_assert+0x6d/0xb0 [ 305.015890] ? __sb_start_write+0x153/0x2f0 [ 305.046053] vfs_write+0x198/0x500 [ 305.046066] SyS_write+0xfd/0x230 [ 305.046077] ? SyS_read+0x230/0x230 [ 305.055888] ? do_syscall_64+0x53/0x640 [ 305.055902] ? SyS_read+0x230/0x230 [ 305.055916] do_syscall_64+0x1e8/0x640 [ 305.055926] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 305.055942] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 305.055950] RIP: 0033:0x4597c9 [ 305.055965] RSP: 002b:00007fbe448e1c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 305.094326] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000004597c9 [ 305.102025] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000004 [ 305.109398] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 305.116777] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fbe448e26d4 [ 305.124062] R13: 00000000004c97d2 R14: 00000000004e0bc8 R15: 00000000ffffffff 04:52:40 executing program 5: socket$inet_udplite(0x2, 0x2, 0x88) ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") r0 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000140)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r0, &(0x7f0000000000)=ANY=[], 0x0) 04:52:40 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, &(0x7f0000000140)={0x0, @aes256}) 04:52:40 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) 04:52:40 executing program 2: syz_mount_image$xfs(&(0x7f0000000040)='xfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000002680)=ANY=[@ANYBLOB='norecovery,biosize=00000000000000000007,logdev=.']) r0 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/autofs\x00', 0x20200, 0x0) read$rfkill(r0, &(0x7f00000000c0), 0x8) 04:52:40 executing program 0: mkdir(&(0x7f0000000100)='./file0\x00', 0x80) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', 0x0, 0x2001001, 0x0) syz_mount_image$ext4(0x0, &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x100020, &(0x7f0000000040)={[{@journal_dev={'journal_dev'}}]}) 04:52:40 executing program 4: syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x28001) write$evdev(0xffffffffffffffff, &(0x7f0000000280)=[{}], 0x12) 04:52:40 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) 04:52:40 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, &(0x7f0000000140)={0x0, @aes256}) [ 305.245036] XFS (loop2): no-recovery mounts must be read-only. [ 305.268610] syz-executor.5: vmalloc: allocation failure: 0 bytes, mode:0x14000c0(GFP_KERNEL), nodemask=(null) [ 305.288471] syz-executor.5 cpuset=syz5 mems_allowed=0-1 [ 305.294130] CPU: 0 PID: 18896 Comm: syz-executor.5 Not tainted 4.14.131 #25 [ 305.301414] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 305.310974] Call Trace: [ 305.313587] dump_stack+0x138/0x19c [ 305.317340] warn_alloc.cold+0x96/0x1af [ 305.321857] ? zone_watermark_ok_safe+0x2b0/0x2b0 [ 305.326700] ? lock_downgrade+0x6e0/0x6e0 [ 305.330939] ? avc_has_perm+0x2df/0x4b0 [ 305.335159] __vmalloc_node_range+0x3be/0x6a0 [ 305.340100] ? trace_hardirqs_on+0x10/0x10 [ 305.344417] vmalloc+0x46/0x50 [ 305.347735] ? sel_write_load+0x1a0/0x1050 [ 305.351969] sel_write_load+0x1a0/0x1050 [ 305.356024] ? save_trace+0x290/0x290 [ 305.360151] ? sel_read_bool+0x240/0x240 [ 305.364215] ? trace_hardirqs_on+0x10/0x10 [ 305.369490] ? save_trace+0x290/0x290 [ 305.373608] __vfs_write+0x105/0x6b0 [ 305.377417] ? __lock_is_held+0xb6/0x140 [ 305.381626] ? sel_read_bool+0x240/0x240 [ 305.385779] ? kernel_read+0x120/0x120 [ 305.389676] ? __lock_is_held+0xb6/0x140 [ 305.393830] ? check_preemption_disabled+0x3c/0x250 [ 305.399111] ? rcu_lockdep_current_cpu_online+0xf2/0x140 [ 305.405382] ? rcu_read_lock_sched_held+0x110/0x130 [ 305.410797] ? rcu_sync_lockdep_assert+0x6d/0xb0 [ 305.415719] ? __sb_start_write+0x153/0x2f0 [ 305.420061] vfs_write+0x198/0x500 [ 305.424039] SyS_write+0xfd/0x230 [ 305.427569] ? SyS_read+0x230/0x230 [ 305.431200] ? do_syscall_64+0x53/0x640 [ 305.435435] ? SyS_read+0x230/0x230 [ 305.439678] do_syscall_64+0x1e8/0x640 [ 305.443723] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 305.448679] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 305.453970] RIP: 0033:0x4597c9 [ 305.460975] RSP: 002b:00007fbe448e1c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 305.468989] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000004597c9 [ 305.476741] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000004 [ 305.484014] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 305.491669] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fbe448e26d4 [ 305.499324] R13: 00000000004c97d2 R14: 00000000004e0bc8 R15: 00000000ffffffff [ 305.515403] warn_alloc_show_mem: 1 callbacks suppressed [ 305.515407] Mem-Info: [ 305.525514] active_anon:121194 inactive_anon:1219 isolated_anon:0 [ 305.525514] active_file:8239 inactive_file:12634 isolated_file:0 [ 305.525514] unevictable:0 dirty:235 writeback:0 unstable:0 04:52:40 executing program 0: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', 0x0, 0x2001001, 0x0) syz_mount_image$ext4(0x0, &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x100020, &(0x7f0000000040)={[{@journal_dev={'journal_dev'}}]}) chmod(&(0x7f0000000100)='./file0\x00', 0x2) rename(&(0x7f0000000140)='./file0\x00', &(0x7f0000000180)='./file0\x00') 04:52:40 executing program 4: syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x28001) write$evdev(0xffffffffffffffff, &(0x7f0000000280)=[{}], 0x12) [ 305.525514] slab_reclaimable:12359 slab_unreclaimable:108523 [ 305.525514] mapped:59042 shmem:2594 pagetables:1169 bounce:0 [ 305.525514] free:1271760 free_pcp:334 free_cma:0 [ 305.607862] Node 0 active_anon:482756kB inactive_anon:4876kB active_file:32816kB inactive_file:50536kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:236268kB dirty:936kB writeback:0kB shmem:10376kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 397312kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 305.608850] EXT4-fs: 1 callbacks suppressed [ 305.608857] EXT4-fs (sda1): Cannot specify journal on remount 04:52:40 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, &(0x7f0000000140)={0x0, @aes256}) 04:52:40 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) [ 305.660901] XFS (loop2): no-recovery mounts must be read-only. [ 305.665367] Node 1 active_anon:0kB inactive_anon:0kB active_file:140kB inactive_file:0kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:4kB writeback:0kB shmem:0kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 305.790872] Node 0 DMA free:15908kB min:216kB low:268kB high:320kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 305.839683] lowmem_reserve[]: 0 2580 2580 2580 [ 305.844990] Node 0 DMA32 free:1287644kB min:36468kB low:45584kB high:54700kB active_anon:478672kB inactive_anon:4876kB active_file:32816kB inactive_file:50536kB unevictable:0kB writepending:936kB present:3129332kB managed:2644912kB mlocked:0kB kernel_stack:7424kB pagetables:4528kB bounce:0kB free_pcp:1312kB local_pcp:672kB free_cma:0kB [ 305.877712] lowmem_reserve[]: 0 0 0 0 [ 305.881672] Node 0 Normal free:0kB min:0kB low:0kB high:0kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:0kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 305.881692] lowmem_reserve[]: 0 0 0 0 [ 305.881711] Node 1 Normal free:3786832kB min:53420kB low:66772kB high:80124kB active_anon:0kB inactive_anon:0kB active_file:140kB inactive_file:0kB unevictable:0kB writepending:4kB present:3932160kB managed:3870208kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 305.881730] lowmem_reserve[]: 0 0 0 0 [ 305.881749] Node 0 DMA: 1*4kB [ 305.945520] (U) 0*8kB 0*16kB 1*32kB (U) 2*64kB (U) 1*128kB (U) 1*256kB (U) 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15908kB [ 305.960504] Node 0 DMA32: 9714*4kB (UME) 1719*8kB (UME) 2708*16kB (UM) 1802*32kB (UME) 783*64kB (UM) 85*128kB (UM) 10*256kB (UME) 3*512kB (ME) 2*1024kB (UE) 3*2048kB (UME) 259*4096kB (M) = 1287744kB [ 305.962784] EXT4-fs (sda1): Cannot specify journal on remount [ 305.980850] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 305.997236] Node 1 Normal: 48*4kB (UE) 360*8kB (UME) 279*16kB (UME) 53*32kB (UME) 17*64kB (UME) 12*128kB (UE) 4*256kB (UM) 3*512kB (UE) 2*1024kB (ME) 5*2048kB (UME) 918*4096kB (M) = 3786832kB [ 306.015534] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 306.025152] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB 04:52:41 executing program 5: socket$inet_udplite(0x2, 0x2, 0x88) ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") r0 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000140)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r0, &(0x7f0000000000)=ANY=[], 0x0) 04:52:41 executing program 2: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000340)='cpuacct.usage_sys\x00', 0x0, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f00000003c0)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000380)={0xffffffffffffffff}, 0x106, 0xc}}, 0x20) write$RDMA_USER_CM_CMD_BIND_IP(r0, &(0x7f0000000400)={0x2, 0x28, 0xfa00, {0x0, {0xa, 0x4e21, 0x3, @mcast2, 0x3160000000000000}, r1}}, 0x30) syz_mount_image$xfs(&(0x7f00000001c0)='xfs\x00', &(0x7f0000000180)='./file0\x00', 0x1000, 0x1a2, 0x0, 0x0, &(0x7f0000000140)=ANY=[@ANYRES32]) r2 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dsp\x00', 0x88f8edb0f23f5803, 0x0) getsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX3(0xffffffffffffffff, 0x84, 0x6f, &(0x7f00000000c0)={0x0, 0x74, &(0x7f0000000040)=[@in6={0xa, 0x4e22, 0xf40, @initdev={0xfe, 0x88, [], 0x0, 0x0}, 0x9}, @in6={0xa, 0x4e24, 0x20, @initdev={0xfe, 0x88, [], 0x1, 0x0}, 0x9}, @in6={0xa, 0x4e24, 0x40, @dev={0xfe, 0x80, [], 0x23}, 0x3}, @in={0x2, 0x4e21, @multicast2}, @in={0x2, 0x4e24, @initdev={0xac, 0x1e, 0x1, 0x0}}]}, &(0x7f0000000100)=0x10) fstat(r2, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, 0x0}) ioprio_set$uid(0x3, r4, 0x5) setsockopt$packet_tx_ring(r2, 0x107, 0xd, &(0x7f0000000280)=@req={0x8fb, 0xd6e, 0x4, 0x5}, 0x10) getsockopt$inet_sctp_SCTP_ENABLE_STREAM_RESET(r2, 0x84, 0x76, &(0x7f0000000200)={r3, 0xe22a}, &(0x7f0000000240)=0x8) 04:52:41 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, &(0x7f0000000140)={0x0, @aes256}) 04:52:41 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) 04:52:41 executing program 4: syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x28001) write$evdev(0xffffffffffffffff, &(0x7f0000000280)=[{}], 0x12) 04:52:41 executing program 0: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', 0x0, 0x2001001, 0x0) pipe(&(0x7f0000000040)={0xffffffffffffffff}) ioctl$VIDIOC_S_MODULATOR(r0, 0x40445637, &(0x7f0000000340)={0x7, "b94c2714505179812fafcabcb8b0f70c931df03706f96e674a70d0d597c1884a", 0x42, 0x5, 0xfffffffffffffffd, 0x0, 0x3}) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffff9c, 0x0, 0x11, &(0x7f0000000100)={{{@in=@multicast2, @in=@multicast1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@broadcast}, 0x0, @in6=@ipv4}}, &(0x7f0000000200)=0xe8) syz_mount_image$ext4(0x0, &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x100060, &(0x7f0000000240)={[{@journal_dev={'journal_dev'}}], [{@subj_user={'subj_user'}}, {@subj_role={'subj_role', 0x3d, 'journal_dev'}}, {@context={'context', 0x3d, 'sysadm_u'}}, {@fowner_gt={'fowner>', r1}}, {@permit_directio='permit_directio'}, {@fowner_gt={'fowner>', r1}}, {@smackfsdef={'smackfsdef', 0x3d, '}security'}}, {@measure='measure'}, {@appraise_type='appraise_type=imasig'}, {@uid_lt={'uid<', r1}}]}) [ 306.033894] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 306.043148] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 306.051943] 23475 total pagecache pages [ 306.055994] 0 pages in swap cache [ 306.059707] Swap cache stats: add 0, delete 0, find 0/0 [ 306.066096] Free swap = 0kB [ 306.069553] Total swap = 0kB [ 306.073513] 1965979 pages RAM [ 306.076816] 0 pages HighMem/MovableOnly [ 306.081375] 333222 pages reserved [ 306.085138] 0 pages cma reserved 04:52:41 executing program 2: listxattr(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)=""/214, 0xd6) syz_mount_image$xfs(&(0x7f0000000040)='xfs\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000080)=ANY=[@ANYBLOB="6e6f7265636f766572792c62696f736901f0ffffffffffff3030303030303030303030303030372c6c6f676465763d2eb1c509dc016c515a69b428f996614d2e705df66e42af0c8714f3f66325e0ea4adb054bed4738f87923f14a2515ac67d55ef78fd298fb117a6db02dff4d1c80cf9c1d31bed66527862070922c44ed3c056246d2523fa79e52bcc51cb864f3c9e0f4e848ab0dc4007fd6816974a3846c2356d6693f95673fd334c754b2d559d5950f85c219bb21e3c11f70de48996dc4b9b4825627fa62fc146e91902b6076f43125cf11deb37e5e340f8f7a9077541faa97671033cbf581e4072faf03d98030d25955067c20"]) [ 306.148455] syz-executor.5: vmalloc: allocation failure: 0 bytes, mode:0x14000c0(GFP_KERNEL), nodemask=(null) [ 306.163220] XFS (loop2): unknown mount option [biosiðÿÿÿÿÿÿ000000000000007]. [ 306.194830] syz-executor.5 cpuset=syz5 mems_allowed=0-1 [ 306.200781] CPU: 1 PID: 18946 Comm: syz-executor.5 Not tainted 4.14.131 #25 [ 306.208009] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 306.217883] Call Trace: [ 306.217907] dump_stack+0x138/0x19c [ 306.217921] warn_alloc.cold+0x96/0x1af [ 306.217930] ? zone_watermark_ok_safe+0x2b0/0x2b0 [ 306.217943] ? lock_downgrade+0x6e0/0x6e0 [ 306.217958] ? avc_has_perm+0x2df/0x4b0 04:52:41 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, &(0x7f0000000140)={0x0, @aes256}) 04:52:41 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) 04:52:41 executing program 4: syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x28001) write$evdev(0xffffffffffffffff, &(0x7f0000000280)=[{}], 0x12) [ 306.217975] __vmalloc_node_range+0x3be/0x6a0 [ 306.217987] ? trace_hardirqs_on+0x10/0x10 [ 306.217998] vmalloc+0x46/0x50 [ 306.218006] ? sel_write_load+0x1a0/0x1050 [ 306.218014] sel_write_load+0x1a0/0x1050 [ 306.218023] ? save_trace+0x290/0x290 [ 306.218039] ? sel_read_bool+0x240/0x240 [ 306.218049] ? trace_hardirqs_on+0x10/0x10 [ 306.218059] ? save_trace+0x290/0x290 [ 306.218071] __vfs_write+0x105/0x6b0 [ 306.218080] ? __lock_is_held+0xb6/0x140 04:52:41 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) [ 306.218096] ? sel_read_bool+0x240/0x240 [ 306.218106] ? kernel_read+0x120/0x120 [ 306.218116] ? __lock_is_held+0xb6/0x140 [ 306.218127] ? check_preemption_disabled+0x3c/0x250 [ 306.218141] ? rcu_lockdep_current_cpu_online+0xf2/0x140 [ 306.218151] ? rcu_read_lock_sched_held+0x110/0x130 [ 306.218162] ? rcu_sync_lockdep_assert+0x6d/0xb0 [ 306.224819] ? __sb_start_write+0x153/0x2f0 [ 306.224836] vfs_write+0x198/0x500 [ 306.239601] SyS_write+0xfd/0x230 [ 306.239614] ? SyS_read+0x230/0x230 04:52:41 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, &(0x7f0000000140)={0x0, @aes256}) [ 306.239626] ? do_syscall_64+0x53/0x640 [ 306.239634] ? SyS_read+0x230/0x230 [ 306.239647] do_syscall_64+0x1e8/0x640 [ 306.276017] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 306.276036] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 306.276046] RIP: 0033:0x4597c9 [ 306.276052] RSP: 002b:00007fbe448e1c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 306.276062] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000004597c9 [ 306.276069] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000004 [ 306.292506] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 306.292512] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fbe448e26d4 [ 306.292517] R13: 00000000004c97d2 R14: 00000000004e0bc8 R15: 00000000ffffffff [ 306.410418] SELinux: security_context_str_to_sid(sysadm_u) failed for (dev sda1, type ext4) errno=-22 [ 306.529258] Mem-Info: [ 306.540285] active_anon:119626 inactive_anon:1222 isolated_anon:0 [ 306.540285] active_file:8239 inactive_file:12644 isolated_file:0 [ 306.540285] unevictable:0 dirty:246 writeback:0 unstable:0 [ 306.540285] slab_reclaimable:12355 slab_unreclaimable:108411 [ 306.540285] mapped:59025 shmem:2594 pagetables:1131 bounce:0 [ 306.540285] free:1273534 free_pcp:315 free_cma:0 [ 306.585236] Node 0 active_anon:478460kB inactive_anon:4912kB active_file:32820kB inactive_file:50592kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:236088kB dirty:1000kB writeback:0kB shmem:10372kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 411648kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 306.619373] Node 1 active_anon:0kB inactive_anon:0kB active_file:140kB inactive_file:0kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:4kB writeback:0kB shmem:0kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 306.648187] Node 0 DMA free:15908kB min:216kB low:268kB high:320kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 306.676112] lowmem_reserve[]: 0 2580 2580 2580 [ 306.676139] Node 0 DMA32 free:1291956kB min:36468kB low:45584kB high:54700kB active_anon:478460kB inactive_anon:4912kB active_file:32820kB inactive_file:50592kB unevictable:0kB writepending:1000kB present:3129332kB managed:2644912kB mlocked:0kB kernel_stack:7264kB pagetables:4360kB bounce:0kB free_pcp:1324kB local_pcp:628kB free_cma:0kB [ 306.676161] lowmem_reserve[]: 0 0 0 0 [ 306.718099] Node 0 Normal free:0kB min:0kB low:0kB high:0kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:0kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 306.745736] lowmem_reserve[]: 0 0 0 0 [ 306.750236] Node 1 Normal free:3786832kB min:53420kB low:66772kB high:80124kB active_anon:0kB inactive_anon:0kB active_file:140kB inactive_file:0kB unevictable:0kB writepending:4kB present:3932160kB managed:3870208kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 306.780359] lowmem_reserve[]: 0 0 0 0 [ 306.784659] Node 0 DMA: 1*4kB (U) 0*8kB 0*16kB 1*32kB (U) 2*64kB (U) 1*128kB (U) 1*256kB (U) 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15908kB [ 306.798652] Node 0 DMA32: 9787*4kB (UME) 1724*8kB (UME) 2772*16kB (UM) 1813*32kB (UME) 783*64kB (UM) 85*128kB (UM) 10*256kB (UME) 3*512kB (ME) 2*1024kB (UE) 4*2048kB (UME) 259*4096kB (M) = 1291500kB [ 306.819997] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 306.832547] Node 1 Normal: 48*4kB (UE) 360*8kB (UME) 279*16kB (UME) 53*32kB (UME) 17*64kB (UME) 12*128kB (UE) 4*256kB (UM) 3*512kB (UE) 2*1024kB (ME) 5*2048kB (UME) 918*4096kB (M) = 3786832kB [ 306.851701] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 306.861111] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 306.870798] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 306.880247] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 306.893066] 23483 total pagecache pages [ 306.899178] 0 pages in swap cache [ 306.903121] Swap cache stats: add 0, delete 0, find 0/0 [ 306.910475] Free swap = 0kB [ 306.914455] Total swap = 0kB [ 306.918884] 1965979 pages RAM [ 306.922273] 0 pages HighMem/MovableOnly [ 306.926249] 333222 pages reserved 04:52:41 executing program 5: socket$inet_udplite(0x2, 0x2, 0x88) ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") r0 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000140)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r0, &(0x7f0000000000)=ANY=[], 0x0) 04:52:41 executing program 2: syz_mount_image$xfs(&(0x7f0000000040)='xfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="6e6f7265636f766572792c62696f73b030303030303030267661b0d58030372c53b66c6f676465763d2e0000000000000000007fcf21c88cec2671e2df93f500000000006ce46bc7cd5139b1f516bc6469eac4bfa0651d3d752980a0bc6c2dae49be3175"]) 04:52:41 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, &(0x7f0000000140)={0x0, @aes256}) 04:52:41 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) 04:52:41 executing program 4: syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x28001) write$evdev(0xffffffffffffffff, &(0x7f0000000280)=[{}], 0x12) 04:52:41 executing program 0: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) r0 = syz_open_dev$usbmon(&(0x7f00000001c0)='/dev/usbmon#\x00', 0x3ff, 0x10400) ioctl$KVM_ASSIGN_PCI_DEVICE(r0, 0x8040ae69, &(0x7f0000000200)={0x2, 0x0, 0x17129a80, 0x2, 0x7}) write$FUSE_NOTIFY_POLL(r0, &(0x7f0000000240)={0x18, 0x1, 0x0, {0x1}}, 0x18) r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0) getsockopt$bt_BT_SECURITY(r1, 0x112, 0x4, &(0x7f0000000100), 0x2) r2 = syz_open_dev$adsp(&(0x7f0000000140)='/dev/adsp#\x00', 0xfffffffffffffffb, 0x400000) setsockopt$inet_sctp_SCTP_ADAPTATION_LAYER(r2, 0x84, 0x7, &(0x7f0000000180)={0x6}, 0x4) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', 0x0, 0x2001001, 0x0) syz_mount_image$ext4(0x0, &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x100020, &(0x7f0000000280)=ANY=[@ANYBLOB="6a6f75726e616c5f6465763d30783030303030303030303039eba88b1d31e0c0cba53866ab7e19af369503efc5f0e2a6c126f468c4f5ae9d83fbd8701666f8496e0108455236137fdc312a21c57d9be79cb9ea8d53b8deaf4d51ed7300882e18a6cd9865f267f4b57a86641098c49032bff6bf341512149b74f12b3c983c597f35a587774b8a5e5d9fc1f2a74c3ccc9d159dc2ef4c15cdc9cef1d545ca3307a4d4fa3568b94b7ee8"]) [ 306.930584] 0 pages cma reserved [ 306.982825] EXT4-fs (sda1): Unrecognized mount option "journal_dev=0x00000000009먋1àÀË¥8f«~¯6•ïÅðâ¦Á&ôhÄõ®ƒûØpføInER6Ü1*!Å}›çœ¹êS¸Þ¯MQís" or missing value [ 306.989938] syz-executor.5: [ 307.022251] XFS (loop2): unknown mount option [bios°0000000&va°Õ€07]. 04:52:41 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, &(0x7f0000000140)={0x0, @aes256}) 04:52:41 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) 04:52:41 executing program 4: syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x28001) write$evdev(0xffffffffffffffff, &(0x7f0000000280)=[{}], 0x12) [ 307.025857] vmalloc: allocation failure: 0 bytes, mode:0x14000c0(GFP_KERNEL), nodemask=(null) 04:52:42 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, &(0x7f0000000140)={0x0, @aes256}) [ 307.085250] syz-executor.5 cpuset=syz5 mems_allowed=0-1 [ 307.124648] XFS (loop2): unknown mount option [bios°0000000&va°Õ€07]. [ 307.127419] CPU: 0 PID: 18989 Comm: syz-executor.5 Not tainted 4.14.131 #25 [ 307.140363] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 307.150699] Call Trace: [ 307.153985] dump_stack+0x138/0x19c [ 307.158084] warn_alloc.cold+0x96/0x1af [ 307.162735] ? zone_watermark_ok_safe+0x2b0/0x2b0 [ 307.168821] ? lock_downgrade+0x6e0/0x6e0 [ 307.173192] ? avc_has_perm+0x2df/0x4b0 [ 307.177282] __vmalloc_node_range+0x3be/0x6a0 [ 307.182388] ? finish_task_switch+0x178/0x650 [ 307.188039] ? finish_task_switch+0x14d/0x650 [ 307.192663] ? switch_mm_irqs_off+0x5e1/0xec0 [ 307.198042] vmalloc+0x46/0x50 [ 307.201250] ? sel_write_load+0x1a0/0x1050 [ 307.205661] sel_write_load+0x1a0/0x1050 [ 307.209819] ? save_trace+0x290/0x290 [ 307.214056] ? sel_read_bool+0x240/0x240 [ 307.218436] ? trace_hardirqs_on+0x10/0x10 [ 307.235139] ? save_trace+0x290/0x290 [ 307.244740] __vfs_write+0x105/0x6b0 [ 307.249152] ? __lock_is_held+0xb6/0x140 [ 307.254114] ? sel_read_bool+0x240/0x240 [ 307.260651] ? kernel_read+0x120/0x120 [ 307.264747] ? __lock_is_held+0xb6/0x140 [ 307.268984] ? check_preemption_disabled+0x3c/0x250 [ 307.274206] ? rcu_lockdep_current_cpu_online+0xf2/0x140 [ 307.279677] ? rcu_read_lock_sched_held+0x110/0x130 [ 307.284708] ? rcu_sync_lockdep_assert+0x6d/0xb0 [ 307.289782] ? __sb_start_write+0x153/0x2f0 [ 307.294547] vfs_write+0x198/0x500 [ 307.298397] SyS_write+0xfd/0x230 [ 307.302297] ? SyS_read+0x230/0x230 [ 307.306093] ? do_syscall_64+0x53/0x640 [ 307.310576] ? SyS_read+0x230/0x230 [ 307.315521] do_syscall_64+0x1e8/0x640 [ 307.320194] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 307.326598] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 307.333012] RIP: 0033:0x4597c9 [ 307.336929] RSP: 002b:00007fbe448e1c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 307.347989] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000004597c9 [ 307.356790] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000004 [ 307.364688] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 307.372819] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fbe448e26d4 04:52:42 executing program 0: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', 0x0, 0x2001001, 0x0) r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f00000021c0)='/proc/sys/net/ipv4/vs/snat_reroute\x00', 0x2, 0x0) write$FUSE_BMAP(r0, &(0x7f0000002200)={0x18, 0x0, 0x4, {0xfffffffffffff800}}, 0x18) r1 = syz_open_dev$swradio(&(0x7f0000000100)='/dev/swradio#\x00', 0x1, 0x2) ioctl$KVM_SET_NESTED_STATE(r1, 0x4080aebf, &(0x7f0000000140)={0x2, 0x0, 0x2080, {0xf001, 0xd000, 0x1}, [], "3616250994984062d3adcefa2a11a84f14f02965a88017e384af0ba6f1de6c03a146f86d08807aefb24f92a05b73d532a887ae157679ac5e4ab869a3a50973684f6be2d1937824f18ee3a15fd2e00d90dcb5b42f73b7a62c833984c905ec202a638d0765229fba88cc76da74aedfae9a1bd6ca96122a4e5628836ecd6cc6894bf64aef0ef020bbffd7005bb084b938d965fa2b20c5dc6d7d722f9d3954fc7e1b58466a2d424b6b24809331b09ab09f8d386c0daf4a2f06a28df88eeef6265b11e073844c24831a18ea951bad89d484c4f1206a438a7ccbb485d5cc79dc2bdd02e401976e8e6405a3bd0e94b201f255c8d308f4593533654087b1900c84c3c9f76333936e4835c6bb5ce6ae67bb406c17e657bc0ad1e542842560535a6edb8b3c3d40ecaa0fb415d4f2f5f3afccd796a84ebcb3456bcb65347543dc44c7dfed65127ef7cf9a0757594ea196cab9f11b72c21013a6f7fa18a863b9f3dffcb138a8ddb6a1eb1d868fc86bca36d2de751ac7d0703815731ddbec1402cbeeb071bc37d07f779701170efb0ec9686c82b27055f12fb09a8d0a19743450f021a16760fa005a62f015747af0794b9fb39f4c45ec24618bbc6356ca47427f9a09ceee48b9ece1dab1637c5927670b93758bb011e8649952339a75708d1872c43354566ce9b758151fbd11e0dc4d4966ff38d2ea1118f71633e2808f413bfa6714e8a67acc145d6652f8f6260c8dc47d2e212186b94379005d3c390b0c8690ee533bb676d4d032d6a5b89432115730d434c6a0eaf512248423294f5202e273608380f41230202b2f2a3a5526095e92afbbcb606749f867e87724f3d8be53d305eb90ef7c5188e71aa83f375ceb5532b31df0a5004c99061b496b346a1378767128b04b79bc0dc8de4195ed0d8e3ba6a3276286a464be7f94ee11ae7658b4786c0e75f61bbfc0d4014413b1fca758d6afc201aef73dafb489d5a7bca1fd29fe14a5a0c076a9792cc6ae5c1ddf96be1df349e97d896390b777ecdbb1d282abd6d8ff3c14fc083254a743545574478d742348ed8c30d2e4e379dbfc2a8f530bea82bafcb6ed43578224587e4da410d46cab02c48733b239210db081ff98b4041bb274547c32662dc8c625e05752f5a1a13d7727bf7b68f53a7560218348b8e724a9b160a3a3cff7aa9213872ef3101176266176d6bde6381585655ea095aebaef9e337e9557cb7c8bd630acebaf34a4013ac12cfc0663a945f2eb8d81bc824ba98c22f97ce13e8d85b02afd81095c096b253dff47f3c878c10e4a0cfb2282d118ea6b064febb6e2b64e2ef56808c5fa4b4226009069ddcfd47af83e2b5960604bb5ac743a57d4f3509fa75c36850cc85fd0f21bbb87471ab24139cc3709f399890ca4baa5b45ae2084e7904eaade14c14425bb2ac69ed37e3ef344d6ec9a9987d95c4b04d87302d46d48e50761b089fab9d220741a312a4e33f87af4995e78f6f7679f10c41209314d3712ddb2600bf97913d24666597ff7ffc609b50e46b6866d491ce94a932c10a5a3371026095014e24e2834bb5bbc60dde759417702f0b798a0e07f0a3d1449e677e5b84ac2372381dc055044e9a447de81369b7f735c493557677a3d1d7957febaa7fbf9314b320de53c2e371f46212a8da7a5083ebd06aefa632127714f3a8ec499f3304801480d4b5cb6e98e41dcb2d7322ce275b98ff37d3157de2f2c5e97cb9309b17af921469a5517487f0db0e990bdbc64afd833a88803d9477950ff9f3d727d9c645993db06e2b5e0a73d977f75f277a43615ab822b752ce6c29c1392702e64a15217f48409772a78a36e5b61c7b4bf1744406b3503ee27eeb1d3e6a929ca58ee0530583b85ff67b70d2d70b00af22005ed2d69797cd52206e98eba7c250b50f9772df8bafc21efe668d163ae6565e01556b8084092099718e0d3eeb665dc23828449cb67c4f963ba3dcf3514fe97df338b13f24ac723d876b7c630ba2c86abcad99d7020a7c35f20bc6120adf0d2ec8777b385dd13ef666b3689ff52630096e619461f6cb657deff8af29790d4ae935e1bf6fb3b4534a2239146ff3fbda5ed203cb5dd3c164cf1ce08b37b7d4093aed1d63581e36622232b214768b39978ce4235468a97887c7315cef571e4300d2495c975e84a8b7bd1614ed2928a5ecc82f3f3dad9dde2248bbab3cfd3c32662e3fab766d34f4b4d1ca7c7d87855d79b2d0fe3da3d7a66cf96ac505d07fa45ed3af827adc11277205aad552da26840599d0e1aae619f2497abc0ea67bdbdc10bf7fb930f0744f5f0fa52f93d4eac936cd7909f5171ea611623d8332f17e7315a65720b8b4132f6d5cd75b37f0c6c37dc4a4f4f749d062d1d8a21f6bfc5f6b3d194f2715ffac94d810df25cdd16d3d510f8e5e79c95d3f5589ac2279757d6aba48799d6c0dec05d35620c13c4e91f768ce955853f78d73095899bd7e91570665915507c75fb2493807a1f4750a226254c8cd01d1843771f946932715271e66b3e810d0f3be5850aa993e4550974367e233d7ca71183239742556fb32b8579bc8bbef8ad83de470f4a02aad71267af6620145ef3d8ad7da452958ba578b2190393ffdcd81772c57e4007000d5fec356cb389af41cb78d7f52d1101dafc9d186ab7fdc323b6209d04418e7e6d0dfa3ddc25bd4a13978310bc2069adc154af066142742bd10a8685c898f4d5ac19c831a18a487aa253b6c7326e9ccaa3342f175e57d2276ca8fe09eb5f2463a0b12beb0204db1c206a0ae6eb2d7776c3b07b7c39b5265fadefed27dd9c617b96065dcda2cf270be3923893b9b0ff9fdb48e9e7a755c07469778a4ffb091c316208a342071213eefdfca692f7f2b13670680e92f911c40493a2e5675685ff9fcc60a4d4f6f2249a531ea8abdcd9a92ee6ec9a48d501715963925cd8584975f6b6a26b431f99abebbe7abfe483f1080b6e529fb83304f1fa9485cc139fc78db6d30e3c4b91d1e6252362bf0b31f155d5f57f342c32915953252a060443d69e6fd47d76fbe4edabf19dfd8412c1900c323e40d11090c02064b0e6e6de6dd8c8318649aa86918e4257f61e84fd455f454532b4141e2eec82601873763df78d0be1f8459c6f70fb65ecd5ce3812a197100ecb6e6eecf6fa007e1b27bef0d7e58060b4125d0ee91155c5a11fca4e4df164a49aadfd9f181841329724c53f797736b31ed7b511b3f1950ff8f68db75d753b02f1280f57139c04953ee8b5e423f5e51e03973bd3b3f207aba12976eabfe1581737244740798e8bfb6b31def5e13ed5cce3dffc10d5ce56f698ec799d6dd1e55defdc12d19c24fa2861a9af53650e004f5c0088b4f4cfe51f02d7fceba80909ff1944f4978a22dee56108e7b9b4d5e5badf79b5a24f701df074a85d9d569946418b69e73387a3d649856c44836cc44ad344a5e03740a52f143d5e548b20f3647daa3862ae2a916b2a7f78d3f33d4c5f42a52ee970d1b88bc42b914b7b6b088ee6ee956df7177ebe89a2f66b4c6420057d1cb5ac4b12a4441405ae487b21418351c56328be515d3d26d0379582e732d710ce62ef9f296082f3964debf79e0641d9e73dff13798618f1b8f700790671e8ebc42d13016bfea824ff49df9111ab7cb8ce8f137598da41a59b8e515477216cee2d84e1fa1fa09a6f9d93d598a6d0dea115ddb7a3669642c07e133c64968a134766831e19e3b013e815084c9746264480b75aa381d6c8d478b1f83f4371a798d66fbe19fb99aecd220409b4b4935e04cca779c28aa3c0c98192c180a5e6cc8ffcf3f6acf6dd238f94c44540c88464cfa925e45e134c429fb39a0971f452beba478be683f47010c68e8d2e7415f4931254c1e94b2c122b1ba0fe31958f5209786354559152e4c3605c7727192cec606243bdedd63d0b3308f4faec7ca643e973099b6ff9ca4c93b533355524dad23c8809c4d2810e7babd0ab770c8bd38499f83a1f83ad600edf72fecff109a2002680a45a231a09fb6c6cb35cbe3ab786921c20cb2b9dfc86eeaff2c555dc9f45ebc6078c2b140a0260d3219462c34f0fdd83ed88caef7b950ba64bb70bda89e9d18d046f65da21b5f84552d0cafc609d3b345827f33e5773de7475a228d2ef34c9cecffab6fe938a15aa2853e30f95f3792af89ca38a98590ab7526e0c5efe87dc1a6fc916c8392bc75be13e7398b5d694b42bb9aea942d32151a28b96f519fd6cbdc39c808e1e175ef6379774e828ebda4df1ce778b8aac201b80594bdeec28985b03cd4b9918f6cb0cf5c8bbba75e13743b6e99e1516e22a4746535f779da9b8672d420e0e145ba7ce34bc19586227317f2d28be5352c707600c3cb287e6ec1380e6cf8d8ac4eebd5915e52b4d7dd21593ad69f66e2cbe3f70625195296bf919f3d193e3d9ef59c415702a5ae8c3d21cfc946a7bba3d6a9554797f706a615541a77b2b87de68f1bdfd5f32c774e10bc2bd5121826736105e1d449ca06c0e0c09e402d73b68d731c5840004037d5a10a1b7fc54eca11e34148537cc397ba676c22a30c64446f12e9bcb35759a70f5789b2380f2d730bbf94fbf60f97b0aeeec2b257b865d20701ba7aa139acaea66c196331d71b68c17ccd480fa314c398b86e096e56b81023f4b65a1be51d9f1b5b8a8954efa7a42664c865fd13b19844eeab0d0699b37a1515981ede15fc553da5c53ffe303d5f28e2522264b63302f4cf53986410663da657dd2a86e3dd241d9f05476e53c60e06f884f19d04d0e4829de4459518b3033795fc7247b5ece4b7d457c239f318dae26831f074ac55f35caf05a26c166eb8a35e93b30db85fb53eefb5d8bc6fec8f7dd3874accd404c7985079c7707743b8c52a28d1179f2d767e290183aaf2e7537ffb5d1b85965d0a2c335d6a9441778e6b37f174619aa9f888b83fabfb2fbb5bfdbfcc4d7824140245ac7059f92e6cd08e6a43e92903be5eb981a20734d6eb4b4a45e802d5c4c7daa2f3080662dd4704a063d770ce4dd40d23cf4b1d93398e6195b3a02c81fcab0c87991d3185e55c2b37e3d98778e44d3df6ad3aedc9a18348a8482bb34697844ef41370a278c7391f419ed2b59bdc04b691b17432b54b891fe7685996301ba0cce6a624b584420d579e72a9544d28c0784395111fb32efa05725a3971d77cac66be525bc99659d4fa209ce4143c3641db15cfc7f874f7fba4e414d49377d9e0de230027c345b54798dd69a918a91f89dba4b9aab39d10de2584a9212ef630f1c3350fc83e9ce93085481c3cb41d2a44e9474e0327b13bfd1b64158d380b59a04f0dddd3b65db4ada1eb189fa241a49b631302d8456c1154e032934c1733f4097e3e7a1fe235a88c78be669e280215fc9c7cac0e87cbb1a858e7e1ac2bed91e58e748ff1ee2af87dfe747e705484dba3ba63114b5540b35867eacbdecf961095fb2bb85f91a52e748b4963c3ccecf3462bba0e76a27a932ffa9b0fe6e258b0a09c6e00bae3896e5bac149ec3757b4dbabc27712f79a52be733bb66d8a667fec10467eea318b867a9101b0a781886d3d2e90c84925afad4b8fcdd72bf48ca6f3835ab69682b09db35a2fbc23e5b7754fefd7d294796170bc44e91625b461d79030b7988fe3fcc511316bb801c69e3e315a8988cd10132b5c412ed790db161721ea0994cf06f3d20f3a079f8c89af06a0edf3fc3b590264a432b7572636b76456b34b38cca49bcb0ca1a0b5a6463b6606a88a840fdcad41cfb0c741c8123bf601f28d0d917a2c8433f1390d8560dc596896d47b43bec1ee554", "cce87899dde967d36a4483ad84e6d22db508d3556e4e7ccebf93689179bfd031659890b3cde81fc214d97fc298cf5d737fb4302cbdc36cb91e4d1c17d0f160b5cb4471265a425544a3b55e01561e1694ee518bb43cb7b1a1db6cba3caf525846bdbfb00b22c7fd7c260b2133f3fa9ab0275b25cf25c9e71f9c1e7792fb1c0a55596f761720e5a4a1dfcbd8246262c13ab6a96eddf247a18ba8b26ec7568570f5f2f3e6904ad3fbf356685b06b0e4aed18e49e7a34d33706045656739c4d8b54e8c4073d04932df6787fa466ee321951e8b0c8a002110ed5d4068599bd54ec42d895b93a8239f98717f9ab405a24428b1d19e4e034a6777d300c9ddc55ea4281d11616766e6974a1b6b99a0cb873f945ce30d8d14fcf1ec4018d755d88eb77a1e45e9fcddd4adc99cb0f53cf50a38256f5a68ae8c504a952d4adf8b271a7fb1099e6c4515bb32535da8484699164470d00a4f1f14e1be53a09ae469b76940eaf564856121b0676f1133819b2fc7f9b51c13aab2f636dcd5741ea09f502e8f098192800bc56c94c9a203258cd33f10bbcecad5bd31d34857d31a84f6bf581ec999e11ea830e1593545a4611a18d77290e80d78c7b87a56578e4d513d13028d576e1a58b820d9f99dd98b4e409cdbc09bf4a9039472cec65b26fd9f060abc7484f064a8868e0c9a99ec9d0db96db191cfe0966d3fa851bc2c6a72b14f78178fbe356332116ca4e3b367433ee9d166d89df1b801cc7645255a00ac91e3e4f7fcb2f7c85a53f948af7db689d5871ff29912de81fb4966657ceec667851137017e54a7921ac8ceb52023acd01223ca3bab5807176403cf8203e78e4ac62e9a14d3853db983e8fdfe4992bee51d92ee9e3b6ea0fd38dad06f2d352fa59b1215ee982b1bb5a35d80df559fe94e9d6237208c038935c2adc988d84ee8f01f3d5dc49fc586123bfc1774288dfa8979864cde6eb3b7ea6cd3e4e793fb11b25f9dca6b30b84ea8be83ea7f77d37e996f85310e9d3d7fca4028deeac01839f702e13cb9e615f463201ab55772683bf2d6c3686c7eae3b99d38678d5ad26419f0cd410f32186c1d47cfd8a7c4caf83d2cdb7ff5dc5614d7e4bd65fa01443f8ccaa77aea91b2629322cd215a8248ce2fbf2ffc7068c1a3d03525a7409360dbe1ee3705d6eb6c69b3a15a46d06fded6d601b8ab47c2a302545e11d13352cf42475aed8816e64c869697fcae966cd1f5227eb92b5d9a830684a4697e4eeea89ab953af520a5185ab389f915ae7d38cae625e1901c4d140886846330adca7483e9c9d9c57db7d295a1f67bd869fcdb36f63036b953a13470d0d63150ddd6c7c927dff331ef8dc964183c4c8d834b57a52e924d8e65c3214dccf95ab4bac654ebf11f39c0b3c1181ed000d5059572b4621b5e84d5204c74b4dfc92051eefeae4583bfe9961c8736188f59410368d20bf3caa2b925ac82840a933a9b3577e1d4dbfdd410e1ba8db5347ba6376baf583eedcf470d47536e4410d02dc69ea0db044b8a8101fdbc3b8a7d7fe68ae0660fa222abcbd75021ee3e975d0879bef5293368601fb094a1433b5f9358574ec2f6e99437635f7f3f5a0b55816b35f50f0fc1cecbe30bd089b28ca0f8c39e3fe0946ba012801d5ae8bab7f7dbafd2607b2b6bff316b3619929ba1bb9aa04d32e5ceee2153fceca3002910d9ad05f94a5b6de36a81bd5ed0cd2727712953be2e4e266886ae4472e1cf2bfb696150171cfdb181874acaa5627dfdee3c026f57db9410653d398f8170e03fc4a15492ad9f8e6dc19c523b9be19ac012fbc61ac537c5168ba8cffc4636748a3aed03fc2d25ebfbcd1da5293f8390dc3bd3b251be86b4efb452756c5941f058cb34febcce1555707177e5d228490039833973f0487cf512433f3e60456a6a3aeac517526c02b61435e4c1b7a0e8444374006bda06043a42d8b63b2ed6b0f167a588dede2eb6efd63ae261e2db0d295b813587ad3d4a9e349ba3c9bee3d2d615cccaa34a1d124916a22abef5f17ac99f815232f05340667918d9604cf6eb96bccbc7017cbd606712c2139701d56e1264f17a422dcfe3b0288c35916c4f14a9765790bc70eba31c39b0131ce83a9386e885aef25b65c699367b68ac2b5bc1af910575c165a005a509944f071254ff28b2d56597cf6a179c6aa4b8cc88f4ef83ce31e2d1f86aa30e8ddfb288c22e36c33def522a4f8ab07143a1fbb0f2b8a547b12907cc0d06794c09daa571ae2c0d0208769b34d4c1638809d28dd669a8499575ee63029342367aa358c6ff27f661f1a0537a1f5956d4d4c20700867bdc4c6bc84d083a070f7ee50f1dd68b4b10913ea69b212e1649de0f2dc40a296e292e7c6d6b51624e4cde26a3802525cabb9f0e61934cb02e2b8321ec394ef6964613680736de5bacaf486999e178f810e1982ed11c5e1f58ca805650a6fa76f68114c81eba73e57822dff272f758199c3cd8c636164f535bafcc3888d9c2943943234d3ee0615dc5bbe1f10536acd3e345ed5c514ca0150e9885d3932be74bf3b65528388c836b911ac5857fd425752b59c216aa405a369027b9ca76148ef7faa4fd61bea750a2416b8762f3caebc6555535a236ed2c7723e89a89b2471334f31f0d4cc6a9cb2ee27450d14aa625c8714b420aa770b57ec8cb074d054c27c3465e6aec2b8e56764c7f41d0a1dfac2ac6ff6d29a69c0059f98dc36d99619242e58c00e909db9addfd2c9f4e80a4a9dc52b82a6800a6df42aacb41f06ae3bf866a3425daf827aa9e1d30e29857d0fb05967f8b57dc07a1b862b0e98b42501ca7cfc1d2ffd459fb3c4e0fb956913307dc5204aa704954422023c2c1138e16c016fc6f13ee9300ba9a716df9e3dbb398b886b30dc2cf911252b105215a09de96f9cacedba927184d1dd36eff9895a7c2e92161c8ba1ab2cfb03a75caee12b56692c54002386d3bfdca213344f27a8a3077318d2be6e76d9aac080705bedd5b7617211704c6a8abae9217288da41d014e2689f247c0222c419a99fa10bb760273aebc60ce113b8a41ade96cd9952cb8d4eaf17c21a8db7db8a500fdf084719d909fe26b461e53ae680d6072d9cd473ed3416ff28f0860a5106e9f60b5a9210e7a13849c4e9f5763a97284e146e54831e3e77ccb26c62d724603f5f205a59f575776e2e3ea54a4e442a8c8e095f9a918db67b760ff799bf58811862c1ee61b9b5c7606818017dc9ab6916c01e96594b43b8bd29c7d7481dfb0e8c6f48fe61c29a92fff9a1c14f9adedbe01fa6fbb3b82d7a7da62fdacc58638a5e753c5503e8f1eb96a362ae7748d9847d31a673de56ace03cf9d07384fbd8e587aed6ccccc3d1f6aba55db69c649ca5f67e9f80bf48a2f5a5c0e74561249c1bd2a9dfb21cf054d41dcde1b804da597d3b45f7f90909b789f077e76785295c0d1d4a23750a9bbafcf8fefdee04f2c20fa11885fe44f5d63e5f4170e7d0c7f268bf5fbfb8b145b73c6607c3f56b22bd3f2e3ef32004f47d6ec5ec7a6f6100ce1723e8b2e4c3170f42945e6b7515483e9938236c3a7854c811d754f0d91f0a53e3b358c4d2f5a3b5bc0f4b749095536d2853e257a9f8bc578af2f31e980bebbdc615caef15348533aa5c0f876769c2c7ece19a98ce6b6172f40af8af1f81c9b664f6feb85b20b5829a668ad62d106c1c287b5a1aa5783466c70be14a6733bb7aebb0a942ef653a681cb73e38c9a380a58ffc674d0478065f6a51ec718aafad99b7b65894402e98a84f92938b89b6f5f67942b2a3591c991ee6ea3a59836321c55d2487f4d9145f62e3edf0ab7e4b44f60e1051895b2dada32e15dbad5c54dead8290217473d3fc67585fdf9deb729bb113db4839f198d6282fcb9a73d6182f3c66dedf3aba803c2f5934d2cd9e18052bacadf18215b04065be6a5668f92cf0d29ea9073bb354515ec6388bc6e604058b29fad0f59946d2e7ccab384c0aaae65a471e6f3ce9cae06d9fd4b7dd141e4682e6142a3933a852b3ab670e6bea4e9e22f73c01f4e2c3e0d8e12249adf96dd5f432e2f05e42ecbe6bfe1066827fdc68fd248b3d488c5f2e0bd73f13f2c830ef1481bbcf4f9c2aa8e315467f0570e7ae9f31ef4555aed702995f5403adc1158e8989c76d5458085c0315e5c26e57e22a8054ee7f17a7421e74b59a4cd8c0dc3ca6428ecafbd33fc14fafedce64307a142a8dbcf72e561effa45ec3738249c0f184a3f13fb223bc76f20d1947150f100ea783bdbb0a56f1edaa45edad5278a071ac77bcc6c833b447b62fd12c4a52b7741238f6d1669ca16b4d6ead68347dfbfef073b73f0570a92a9fbe07b963a7ae066e4a89aa99b6df0e1f4dd47f2da72d58258886119f31ee385f237c4f174e14dc5db6dec71efc5ab7a557f9d28371228d276b2aa83c6d378bf2b0361312bcf3b1c9a79ba7c343f6a26a7b49850717d349814116e2e73138a6b8feca4dbc0eb3eeb53a5caae484216e534f14cde66f43af9b70dc8813c1104a06a44803133f8adbf370788fb8750d8af679a0cbef7eb3fe42fbaf09248feba8d57096e4b41c7c472866fbd1aa510da7edf6de168817c12f9426e4fa0b965c7e5a064b44fe31f76aa93afc957fd0cc64b69490a4c0dbf50677ea36511416e010d494803730b5aa75cec0ffa1afec93273b94108caa8597bd82229a802c844a5489533a4ac4994c997190952ba2d97d0072ef8da594d6335f1a4992b3ac228d072ddae8484545d669cef457b0cc1f6e1d81840649ed3f5330890ba850eccf4cb0660fae62cbb061f52bd072665b90ce86523b3c0cf916c28edbb48881411a26de7f15a3859fa20e2d90afb043dca221a6368da6a751ca4536c4c96485de9cd6e519ba5d80a824fd66a6d782c16ad7a1e92b28ede5fc71158f0ed660d6c2a523798906d0234bcbe7b122de28e78573adf770148499ace4fb90d8e4363b7dd509f0bd2465e3976fc66061837c3a98d2a8f5cdbe09f90613b070e470a850ed883cdf8aac570efca2f6756b66694e08563554c66ee159080cf250b85d9beb74dfadd2c7195284bd14a9c23b3f29b8e64b73eeb35cc6cc94858ac13d72c0474f6f407f0d9c26a2a4b4e4dad2d7f49d0a9e10374d1b883ac0e5b772d17bbb2ff47067243d62b040ac94b365797fdd0eed9e2a8a1f1377e2e0c7af6278d30f77e704bb5e4469f49fa4a71d20d9556f22481018362c4384d13cbd0a23b616b14f85bada70c9b2dccdf576a6a2eda390738229447c3d138cd0f1daa224d1d17fcf3ea263a499614bf0a2e022ef36aa8e241ab9479de4c29bd74b1f05790239b11028ce2a56f64a52409860d3b0db358f2abfaf435d3fd1e25c42db1f61e13e0b900ba92cafaa05b11d3890efa3e16cf050d5fb0333492b78467db0a149611a7f8dcdf3ff0ad56d43957574542ab7a43f464c82879bd9a52feaac8e444df91029355f32b9dde4fe91c4fe8bf0340c3a0840281bc40703ae30f77ea9bb6cc5193908a3faaee4dbdd52b8f06b5b8643c12d5b0c879792c85def5ad64442359813fff98337e2a3ed596e3c8c2d5111030dfeb24164053e4dc20f9975e7f6377a6c190b44d5274611048bca170316c9280dc78d6ef3d86bf4c00cb9fd48a72fae86047d32cee9ba8beb76589163cfcdf54437db5ffd38b5dfd57e3517657f0e93bf3bdf3e3187b6a398582b89494c9618b28d8db25a6460e49cf1b40add97987a3fcb6db796845d178d629a714041c639640f7677ad9257c887ebad8e4e1ffe8a4233b2f609648c3a195eb4126561c4179a0"}) syz_mount_image$ext4(0x0, &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x100020, &(0x7f0000000040)={[{@journal_dev={'journal_dev'}}]}) 04:52:42 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, &(0x7f0000000140)={0x0, @aes256}) 04:52:42 executing program 5: socket$inet_udplite(0x2, 0x2, 0x88) ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") r0 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000140)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r0, &(0x7f0000000000)=ANY=[], 0x0) [ 307.380345] R13: 00000000004c97d2 R14: 00000000004e0bc8 R15: 00000000ffffffff 04:52:42 executing program 2: r0 = socket$vsock_stream(0x28, 0x1, 0x0) getsockopt$IP_VS_SO_GET_DAEMON(r0, 0x0, 0x487, &(0x7f0000000000), &(0x7f00000000c0)=0x30) syz_mount_image$xfs(&(0x7f0000000040)='xfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000002680)=ANY=[@ANYBLOB='norecovery,biosize=00000000000000000007,logdev=.']) 04:52:42 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) 04:52:42 executing program 4: syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x28001) write$evdev(0xffffffffffffffff, &(0x7f0000000280)=[{}], 0x12) 04:52:42 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, &(0x7f0000000140)={0x0, @aes256}) [ 307.498276] syz-executor.5: vmalloc: allocation failure: 0 bytes, mode:0x14000c0(GFP_KERNEL), nodemask=(null) 04:52:42 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) [ 307.545634] EXT4-fs (sda1): Cannot specify journal on remount [ 307.560794] syz-executor.5 cpuset=syz5 mems_allowed=0-1 [ 307.564088] XFS (loop2): no-recovery mounts must be read-only. 04:52:42 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, &(0x7f0000000140)={0x0, @aes256}) [ 307.591138] CPU: 1 PID: 19026 Comm: syz-executor.5 Not tainted 4.14.131 #25 [ 307.598397] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 307.608724] Call Trace: [ 307.611338] dump_stack+0x138/0x19c [ 307.615214] warn_alloc.cold+0x96/0x1af [ 307.619210] ? zone_watermark_ok_safe+0x2b0/0x2b0 [ 307.624887] ? lock_downgrade+0x6e0/0x6e0 [ 307.629060] ? avc_has_perm+0x2df/0x4b0 [ 307.633063] __vmalloc_node_range+0x3be/0x6a0 [ 307.637577] ? trace_hardirqs_on+0x10/0x10 [ 307.637592] vmalloc+0x46/0x50 [ 307.637603] ? sel_write_load+0x1a0/0x1050 [ 307.637614] sel_write_load+0x1a0/0x1050 [ 307.649846] ? save_trace+0x290/0x290 [ 307.649866] ? sel_read_bool+0x240/0x240 [ 307.649879] ? trace_hardirqs_on+0x10/0x10 [ 307.649890] ? save_trace+0x290/0x290 [ 307.649905] __vfs_write+0x105/0x6b0 [ 307.649914] ? __lock_is_held+0xb6/0x140 [ 307.679011] ? sel_read_bool+0x240/0x240 [ 307.683424] ? kernel_read+0x120/0x120 [ 307.687776] ? __lock_is_held+0xb6/0x140 [ 307.692009] ? check_preemption_disabled+0x3c/0x250 [ 307.697952] ? rcu_lockdep_current_cpu_online+0xf2/0x140 [ 307.704187] ? rcu_read_lock_sched_held+0x110/0x130 [ 307.709870] ? rcu_sync_lockdep_assert+0x6d/0xb0 [ 307.714813] ? __sb_start_write+0x153/0x2f0 [ 307.719286] vfs_write+0x198/0x500 [ 307.722914] SyS_write+0xfd/0x230 [ 307.726369] ? SyS_read+0x230/0x230 [ 307.730203] ? do_syscall_64+0x53/0x640 [ 307.734172] ? SyS_read+0x230/0x230 [ 307.737793] do_syscall_64+0x1e8/0x640 [ 307.741797] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 307.746636] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 307.752041] RIP: 0033:0x4597c9 [ 307.755320] RSP: 002b:00007fbe448e1c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 307.763177] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000004597c9 [ 307.770650] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000004 [ 307.778003] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 307.785478] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fbe448e26d4 04:52:42 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) 04:52:42 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) [ 307.793063] R13: 00000000004c97d2 R14: 00000000004e0bc8 R15: 00000000ffffffff [ 307.807065] warn_alloc_show_mem: 1 callbacks suppressed [ 307.807069] Mem-Info: [ 307.815167] active_anon:121744 inactive_anon:1226 isolated_anon:0 [ 307.815167] active_file:8241 inactive_file:12659 isolated_file:0 [ 307.815167] unevictable:0 dirty:264 writeback:0 unstable:0 [ 307.815167] slab_reclaimable:12332 slab_unreclaimable:108878 [ 307.815167] mapped:59015 shmem:2593 pagetables:1168 bounce:0 04:52:42 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, &(0x7f0000000140)={0x0, @aes256}) [ 307.815167] free:1270890 free_pcp:192 free_cma:0 [ 307.851900] Node 0 active_anon:484936kB inactive_anon:4904kB active_file:32824kB inactive_file:50636kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:236060kB dirty:1052kB writeback:0kB shmem:10372kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 413696kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 307.897188] XFS (loop2): no-recovery mounts must be read-only. [ 307.914807] Node 1 active_anon:0kB inactive_anon:0kB active_file:140kB inactive_file:0kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:4kB writeback:0kB shmem:0kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 307.947761] Node 0 DMA free:15908kB min:216kB low:268kB high:320kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 307.986439] lowmem_reserve[]: 0 2580 2580 2580 04:52:42 executing program 0: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) r0 = syz_open_dev$radio(&(0x7f0000000100)='/dev/radio#\x00', 0x3, 0x2) openat$rtc(0xffffffffffffff9c, &(0x7f0000000140)='/dev/rtc0\x00', 0x800, 0x0) fcntl$notify(r0, 0x402, 0x10) r1 = socket$inet6(0xa, 0x40000080806, 0x0) setsockopt$inet6_int(r1, 0x29, 0x42, &(0x7f00000000c0), 0x3df) bind$inet6(r1, &(0x7f000047b000)={0xa, 0x4e20}, 0x1c) listen(r1, 0x4000000020000000) r2 = socket$inet6(0xa, 0x6, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) connect$inet6(r2, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) r3 = accept4(r1, 0x0, 0x0, 0x0) sendmmsg(r3, &(0x7f0000003d40)=[{{0x0, 0x0, 0x0}}], 0x4000000000000d0, 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', 0x0, 0x2001001, 0x0) syz_mount_image$ext4(0x0, &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x100020, &(0x7f0000000040)=ANY=[@ANYBLOB="6a6f75726e616c5f6465003d3078303030303030303030553bd365ac30303030"]) ioctl$PPPIOCGUNIT(r0, 0x80047456, &(0x7f0000000180)) 04:52:42 executing program 4: syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x28001) write$evdev(0xffffffffffffffff, &(0x7f0000000280)=[{}], 0x12) [ 307.991746] Node 0 DMA32 free:1285916kB min:36468kB low:45584kB high:54700kB active_anon:482836kB inactive_anon:4904kB active_file:32824kB inactive_file:50636kB unevictable:0kB writepending:1052kB present:3129332kB managed:2644912kB mlocked:0kB kernel_stack:7488kB pagetables:4524kB bounce:0kB free_pcp:948kB local_pcp:296kB free_cma:0kB [ 308.045006] lowmem_reserve[]: 0 0 0 0 [ 308.049237] Node 0 Normal free:0kB min:0kB low:0kB high:0kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:0kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 308.093089] lowmem_reserve[]: 0 0 0 0 [ 308.098741] Node 1 Normal free:3786832kB min:53420kB low:66772kB high:80124kB active_anon:0kB inactive_anon:0kB active_file:140kB inactive_file:0kB unevictable:0kB writepending:4kB present:3932160kB managed:3870208kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 308.134526] lowmem_reserve[]: 0 0 0 0 [ 308.139354] Node 0 DMA: 1*4kB (U) 0*8kB 0*16kB 1*32kB (U) 2*64kB (U) 1*128kB (U) 1*256kB (U) 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15908kB [ 308.159812] Node 0 DMA32: 9557*4kB (UME) 1718*8kB (ME) 2741*16kB (UM) 1802*32kB (UME) 782*64kB (UM) 86*128kB (UM) 10*256kB (UME) 3*512kB (ME) 2*1024kB (UE) 3*2048kB (UME) 259*4096kB (M) = 1287700kB [ 308.178692] audit: type=1400 audit(1562129563.081:65): avc: denied { name_bind } for pid=19065 comm="syz-executor.0" src=20000 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=system_u:object_r:port_t:s0 tclass=dccp_socket permissive=1 [ 308.210346] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 308.230584] Node 1 Normal: 48*4kB (UE) 360*8kB (UME) 279*16kB (UME) 53*32kB (UME) 17*64kB (UME) 12*128kB (UE) 4*256kB (UM) 3*512kB (UE) 2*1024kB (ME) 5*2048kB (UME) 918*4096kB (M) = 3786832kB [ 308.278756] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 308.308926] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 308.327849] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 308.344358] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 308.354999] 23501 total pagecache pages 04:52:43 executing program 5: socket$inet_udplite(0x2, 0x2, 0x88) ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") r0 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000140)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r0, &(0x7f0000000000)=ANY=[], 0x0) 04:52:43 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) 04:52:43 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, &(0x7f0000000140)={0x0, @aes256}) 04:52:43 executing program 2: syz_mount_image$xfs(&(0x7f0000000040)='xfs\x00', &(0x7f0000000000)='./file0\x00', 0x2, 0x0, 0x0, 0x0, &(0x7f0000002680)=ANY=[@ANYBLOB='norecovery,biosize=00000000000000000007,logdev=.']) 04:52:43 executing program 4: syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x28001) write$evdev(0xffffffffffffffff, &(0x7f0000000280)=[{}], 0x12) [ 308.356427] audit: type=1400 audit(1562129563.131:66): avc: denied { node_bind } for pid=19065 comm="syz-executor.0" src=20000 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=system_u:object_r:node_t:s0 tclass=dccp_socket permissive=1 [ 308.359251] 0 pages in swap cache [ 308.359258] Swap cache stats: add 0, delete 0, find 0/0 [ 308.359263] Free swap = 0kB [ 308.359266] Total swap = 0kB [ 308.359272] 1965979 pages RAM [ 308.359276] 0 pages HighMem/MovableOnly [ 308.359282] 333222 pages reserved [ 308.421090] 0 pages cma reserved 04:52:43 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) [ 308.488041] syz-executor.5: vmalloc: allocation failure: 0 bytes, mode:0x14000c0(GFP_KERNEL), nodemask=(null) [ 308.515432] syz-executor.5 cpuset=syz5 mems_allowed=0-1 04:52:43 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, &(0x7f0000000140)={0x0, @aes256}) [ 308.534482] XFS (loop2): no-recovery mounts must be read-only. [ 308.570381] CPU: 1 PID: 19080 Comm: syz-executor.5 Not tainted 4.14.131 #25 [ 308.577978] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 308.587349] Call Trace: [ 308.589960] dump_stack+0x138/0x19c [ 308.593611] warn_alloc.cold+0x96/0x1af [ 308.597626] ? zone_watermark_ok_safe+0x2b0/0x2b0 [ 308.602663] ? lock_downgrade+0x6e0/0x6e0 [ 308.605827] audit: type=1400 audit(1562129563.131:67): avc: denied { name_connect } for pid=19065 comm="syz-executor.0" dest=20000 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=system_u:object_r:port_t:s0 tclass=dccp_socket permissive=1 [ 308.606847] ? avc_has_perm+0x2df/0x4b0 [ 308.606865] __vmalloc_node_range+0x3be/0x6a0 [ 308.606876] ? trace_hardirqs_on+0x10/0x10 [ 308.606892] vmalloc+0x46/0x50 [ 308.646290] ? sel_write_load+0x1a0/0x1050 [ 308.650686] sel_write_load+0x1a0/0x1050 [ 308.654759] ? save_trace+0x290/0x290 [ 308.658586] ? sel_read_bool+0x240/0x240 [ 308.662753] ? trace_hardirqs_on+0x10/0x10 [ 308.667101] ? save_trace+0x290/0x290 [ 308.671191] __vfs_write+0x105/0x6b0 [ 308.675175] ? __lock_is_held+0xb6/0x140 [ 308.679378] ? sel_read_bool+0x240/0x240 [ 308.683449] ? kernel_read+0x120/0x120 [ 308.687490] ? __lock_is_held+0xb6/0x140 [ 308.691579] ? check_preemption_disabled+0x3c/0x250 [ 308.696629] ? rcu_lockdep_current_cpu_online+0xf2/0x140 [ 308.702348] ? rcu_read_lock_sched_held+0x110/0x130 [ 308.707637] ? rcu_sync_lockdep_assert+0x6d/0xb0 [ 308.712407] ? __sb_start_write+0x153/0x2f0 [ 308.716862] vfs_write+0x198/0x500 04:52:43 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, &(0x7f0000000140)={0x0, @aes256}) [ 308.720518] SyS_write+0xfd/0x230 [ 308.724201] ? SyS_read+0x230/0x230 [ 308.727949] ? do_syscall_64+0x53/0x640 [ 308.732204] ? SyS_read+0x230/0x230 [ 308.735848] do_syscall_64+0x1e8/0x640 [ 308.739756] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 308.744771] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 308.750305] RIP: 0033:0x4597c9 [ 308.753508] RSP: 002b:00007fbe448e1c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 308.761602] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000004597c9 04:52:43 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, &(0x7f0000000140)={0x0, @aes256}) 04:52:43 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, &(0x7f0000000140)={0x0, @aes256}) [ 308.768899] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000004 [ 308.776492] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 308.783798] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fbe448e26d4 [ 308.791248] R13: 00000000004c97d2 R14: 00000000004e0bc8 R15: 00000000ffffffff [ 308.818323] XFS (loop2): no-recovery mounts must be read-only. [ 308.838069] Mem-Info: [ 308.849936] active_anon:121274 inactive_anon:1219 isolated_anon:0 [ 308.849936] active_file:8241 inactive_file:12667 isolated_file:0 [ 308.849936] unevictable:0 dirty:272 writeback:0 unstable:0 [ 308.849936] slab_reclaimable:12321 slab_unreclaimable:109164 [ 308.849936] mapped:59059 shmem:2594 pagetables:1178 bounce:0 [ 308.849936] free:1270541 free_pcp:194 free_cma:0 04:52:43 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, &(0x7f0000000140)={0x0, @aes256}) 04:52:43 executing program 0: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', 0x0, 0x2001001, 0x0) syz_mount_image$ext4(0x0, &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x100020, &(0x7f0000000180)=ANY=[@ANYBLOB="6a6f75726e616c5f6465763d3078303030303030303030303030303030302c003c3554e11999000000464b44e6ac2c90f6ef923a9650c6451994f5cbfce85f834e32dbc0dc623360924b2463403dc158f2ab3b805cea510a95ea0ae209f7b94f20b6d5908cdf3ce571040d638a54acc1ee01b5b7d1fc47522dc3496486402e173ff5677a3fa386984e8837cf2bcda0203389ccb3e23b15ae73aa170854c1ab34d970c124160a46e546523651397b9233e28db523bc904c88e9db13d569918765e7dc8aa3ac33bd2e1c981aa8f515e11e0529e08af4d6ea3b326a29bcb8279c4cfe3dd05566b44a7dc18fee50b849279047eb24afac89c13827d4d0c1048c852de31950560e0db982d1e5849e841a452347a1bb12ade4"]) recvmmsg(0xffffffffffffff9c, &(0x7f0000001840)=[{{&(0x7f0000000100)=@pppol2tpv3={0x18, 0x1, {0x0, 0xffffffffffffffff}}, 0x80, &(0x7f0000000040)=[{&(0x7f00000002c0)=""/4096, 0x1000}], 0x1, &(0x7f00000012c0)=""/168, 0xa8}, 0x4}, {{&(0x7f0000001380)=@alg, 0x80, &(0x7f0000001700)=[{&(0x7f0000001400)=""/245, 0xf5}, {&(0x7f0000001500)=""/173, 0xad}, {&(0x7f00000015c0)=""/11, 0xb}, {&(0x7f0000001600)=""/226, 0xe2}], 0x4, &(0x7f0000001740)=""/200, 0xc8}, 0x7}], 0x2, 0x40000000, &(0x7f00000018c0)={0x77359400}) r1 = syz_open_dev$vbi(&(0x7f0000001a40)='/dev/vbi#\x00', 0x0, 0x2) ioctl$PPPIOCSNPMODE(r1, 0x4008744b, &(0x7f0000001a80)={0xc025, 0x3}) r2 = syz_genetlink_get_family_id$fou(&(0x7f0000001940)='fou\x00') sendmsg$FOU_CMD_DEL(r0, &(0x7f0000001a00)={&(0x7f0000001900)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f00000019c0)={&(0x7f0000001ac0)=ANY=[@ANYBLOB="38000000e68b6ed107547fb6a4567d24dc8dfd380400fc62a4347cda130dd138ed997dd0ce4471c51a7b0515fa80706738c836ff209698f84f8500f24516670ea6c4a51b36b86ef9f5381ebf245344c416e38f6687d209ab63989d6866dcd9d95780f1822742f28b97", @ANYRES16=r2, @ANYBLOB="00012dbd7000fedbdf250700000008000a004e230000080004000100000014000700fe8000000000000000000000000000aa"], 0x38}, 0x1, 0x0, 0x0, 0x44090}, 0x4000000) [ 308.917757] Node 0 active_anon:478576kB inactive_anon:4876kB active_file:32824kB inactive_file:50668kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:236236kB dirty:1084kB writeback:0kB shmem:10376kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 411648kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 308.970621] Node 1 active_anon:0kB inactive_anon:0kB active_file:140kB inactive_file:0kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:4kB writeback:0kB shmem:0kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 308.998746] EXT4-fs (sda1): Cannot specify journal on remount [ 309.019259] Node 0 DMA free:15908kB min:216kB low:268kB high:320kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 309.046196] lowmem_reserve[]: 0 2580 2580 2580 [ 309.051211] Node 0 DMA32 free:1285604kB min:36468kB low:45584kB high:54700kB active_anon:480644kB inactive_anon:4884kB active_file:32828kB inactive_file:50672kB unevictable:0kB writepending:1132kB present:3129332kB managed:2644912kB mlocked:0kB kernel_stack:7424kB pagetables:4392kB bounce:0kB free_pcp:884kB local_pcp:560kB free_cma:0kB [ 309.084296] lowmem_reserve[]: 0 0 0 0 [ 309.088427] Node 0 Normal free:0kB min:0kB low:0kB high:0kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:0kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 309.114584] lowmem_reserve[]: 0 0 0 0 [ 309.118508] Node 1 Normal free:3786832kB min:53420kB low:66772kB high:80124kB active_anon:0kB inactive_anon:0kB active_file:140kB inactive_file:0kB unevictable:0kB writepending:4kB present:3932160kB managed:3870208kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 309.148741] lowmem_reserve[]: 0 0 0 0 [ 309.152632] Node 0 DMA: 1*4kB (U) 0*8kB 0*16kB 1*32kB (U) 2*64kB (U) 1*128kB (U) 1*256kB (U) 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15908kB [ 309.167417] Node 0 DMA32: 9624*4kB (UME) 1837*8kB (UME) 2713*16kB (UM) 1759*32kB (UME) 778*64kB (UM) 86*128kB (UM) 10*256kB (UME) 3*512kB (ME) 2*1024kB (UE) 5*2048kB (UME) 258*4096kB (M) = 1286840kB [ 309.190956] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 309.219202] Node 1 Normal: 48*4kB (UE) 360*8kB (UME) 279*16kB (UME) 53*32kB (UME) 17*64kB (UME) 12*128kB (UE) 4*256kB (UM) 3*512kB (UE) 2*1024kB (ME) 5*2048kB (UME) 918*4096kB (M) = 3786832kB [ 309.238204] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 309.238213] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 309.238220] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB 04:52:44 executing program 5: socket$inet_udplite(0x2, 0x2, 0x88) ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") r0 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000140)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r0, &(0x7f0000000000)=ANY=[], 0x0) 04:52:44 executing program 4: syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x28001) write$evdev(0xffffffffffffffff, &(0x7f0000000280)=[{}], 0x12) 04:52:44 executing program 2: syz_mount_image$xfs(&(0x7f0000000040)='xfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="6e6f3865fd05588bf2ee01040000000000003d30303030303030303030303030303030303030372c6c6f676465763d2e5b59c8b8351fd0b9216700ed00e02ba5dce3e2bfc32ae21e7a7068f367c0f29f78b82165c10007ce155e2c72b53b5c7c077ac49b4f9f6b830c5d6b8834e9000058ccc51f6885cae334626c12782f11"]) 04:52:44 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) 04:52:44 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, &(0x7f0000000140)={0x0, @aes256}) [ 309.238226] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 309.238230] 23514 total pagecache pages [ 309.238242] 0 pages in swap cache [ 309.238247] Swap cache stats: add 0, delete 0, find 0/0 [ 309.238250] Free swap = 0kB [ 309.238253] Total swap = 0kB [ 309.238258] 1965979 pages RAM [ 309.238261] 0 pages HighMem/MovableOnly [ 309.238264] 333222 pages reserved [ 309.238267] 0 pages cma reserved [ 309.273819] syz-executor.5: [ 309.278623] vmalloc: allocation failure: 0 bytes 04:52:44 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) [ 309.300729] , mode:0x14000c0(GFP_KERNEL), nodemask=(null) [ 309.338484] syz-executor.5 cpuset=syz5 mems_allowed=0-1 [ 309.346357] XFS (loop2): unknown mount option [no8eýX‹òî]. [ 309.357614] CPU: 1 PID: 19120 Comm: syz-executor.5 Not tainted 4.14.131 #25 [ 309.364853] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 309.374764] Call Trace: [ 309.377445] dump_stack+0x138/0x19c [ 309.381288] warn_alloc.cold+0x96/0x1af [ 309.385732] ? zone_watermark_ok_safe+0x2b0/0x2b0 [ 309.390883] ? lock_downgrade+0x6e0/0x6e0 [ 309.395060] ? avc_has_perm+0x2df/0x4b0 [ 309.399268] __vmalloc_node_range+0x3be/0x6a0 [ 309.399286] ? trace_hardirqs_on+0x10/0x10 [ 309.409326] vmalloc+0x46/0x50 [ 309.412894] ? sel_write_load+0x1a0/0x1050 [ 309.417483] sel_write_load+0x1a0/0x1050 [ 309.422153] ? save_trace+0x290/0x290 [ 309.426344] ? sel_read_bool+0x240/0x240 [ 309.430404] ? trace_hardirqs_on+0x10/0x10 [ 309.435070] ? save_trace+0x290/0x290 [ 309.439089] __vfs_write+0x105/0x6b0 [ 309.444646] ? __lock_is_held+0xb6/0x140 [ 309.448910] ? sel_read_bool+0x240/0x240 [ 309.453144] ? kernel_read+0x120/0x120 [ 309.457154] ? __lock_is_held+0xb6/0x140 [ 309.461385] ? check_preemption_disabled+0x3c/0x250 [ 309.466576] ? rcu_lockdep_current_cpu_online+0xf2/0x140 [ 309.472288] ? rcu_read_lock_sched_held+0x110/0x130 [ 309.477574] ? rcu_sync_lockdep_assert+0x6d/0xb0 [ 309.482581] ? __sb_start_write+0x153/0x2f0 [ 309.487088] vfs_write+0x198/0x500 [ 309.490781] SyS_write+0xfd/0x230 [ 309.494472] ? SyS_read+0x230/0x230 [ 309.498265] ? do_syscall_64+0x53/0x640 [ 309.502352] ? SyS_read+0x230/0x230 [ 309.505988] do_syscall_64+0x1e8/0x640 [ 309.510424] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 309.515654] entry_SYSCALL_64_after_hwframe+0x42/0xb7 04:52:44 executing program 5: socket$inet_udplite(0x2, 0x2, 0x88) ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") r0 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000140)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r0, &(0x7f0000000000)=ANY=[], 0x0) 04:52:44 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) 04:52:44 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, &(0x7f0000000140)={0x0, @aes256}) [ 309.521180] RIP: 0033:0x4597c9 [ 309.524574] RSP: 002b:00007fbe448e1c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 309.532305] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000004597c9 [ 309.539758] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000004 [ 309.547390] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 309.554745] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fbe448e26d4 [ 309.562173] R13: 00000000004c97d2 R14: 00000000004e0bc8 R15: 00000000ffffffff 04:52:44 executing program 4: syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x28001) write$evdev(0xffffffffffffffff, &(0x7f0000000280)=[{}], 0x12) [ 309.625812] EXT4-fs (sda1): Cannot specify journal on remount [ 309.643427] syz-executor.5: vmalloc: allocation failure: 0 bytes, mode:0x14000c0(GFP_KERNEL), nodemask=(null) [ 309.658181] XFS (loop2): unknown mount option [no8eýX‹òî]. 04:52:44 executing program 0: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', 0x0, 0x2001001, 0x0) syz_mount_image$ext4(0x0, &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x100020, &(0x7f0000000040)={[{@journal_dev={'journal_dev'}}]}) r0 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000100)='/dev/autofs\x00', 0x40882, 0x0) ioctl$TIOCNOTTY(r0, 0x5422) [ 309.682716] syz-executor.5 cpuset=syz5 mems_allowed=0-1 [ 309.688753] CPU: 0 PID: 19139 Comm: syz-executor.5 Not tainted 4.14.131 #25 [ 309.696084] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 309.705542] Call Trace: [ 309.708150] dump_stack+0x138/0x19c [ 309.711801] warn_alloc.cold+0x96/0x1af [ 309.715935] ? zone_watermark_ok_safe+0x2b0/0x2b0 [ 309.720788] ? lock_downgrade+0x6e0/0x6e0 [ 309.725216] ? avc_has_perm+0x2df/0x4b0 [ 309.730147] __vmalloc_node_range+0x3be/0x6a0 [ 309.734956] ? trace_hardirqs_on+0x10/0x10 [ 309.739808] vmalloc+0x46/0x50 [ 309.743384] ? sel_write_load+0x1a0/0x1050 [ 309.747767] sel_write_load+0x1a0/0x1050 [ 309.751842] ? save_trace+0x290/0x290 [ 309.756080] ? sel_read_bool+0x240/0x240 [ 309.760291] ? trace_hardirqs_on+0x10/0x10 [ 309.764706] ? save_trace+0x290/0x290 [ 309.768591] __vfs_write+0x105/0x6b0 [ 309.772306] ? __lock_is_held+0xb6/0x140 [ 309.776377] ? sel_read_bool+0x240/0x240 [ 309.780541] ? kernel_read+0x120/0x120 [ 309.784513] ? __lock_is_held+0xb6/0x140 [ 309.788688] ? check_preemption_disabled+0x3c/0x250 [ 309.793778] ? rcu_lockdep_current_cpu_online+0xf2/0x140 [ 309.799406] ? rcu_read_lock_sched_held+0x110/0x130 [ 309.804596] ? rcu_sync_lockdep_assert+0x6d/0xb0 [ 309.809529] ? __sb_start_write+0x153/0x2f0 [ 309.813883] vfs_write+0x198/0x500 [ 309.817676] SyS_write+0xfd/0x230 [ 309.821204] ? SyS_read+0x230/0x230 [ 309.824828] ? do_syscall_64+0x53/0x640 [ 309.828978] ? SyS_read+0x230/0x230 [ 309.832614] do_syscall_64+0x1e8/0x640 [ 309.836734] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 309.841579] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 309.846851] RIP: 0033:0x4597c9 [ 309.850052] RSP: 002b:00007fbe448e1c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 309.857966] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000004597c9 [ 309.865399] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000004 [ 309.872805] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 04:52:44 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, &(0x7f0000000140)={0x0, @aes256}) 04:52:44 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) [ 309.880686] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fbe448e26d4 [ 309.888052] R13: 00000000004c97d2 R14: 00000000004e0bc8 R15: 00000000ffffffff [ 309.898516] warn_alloc_show_mem: 1 callbacks suppressed [ 309.898520] Mem-Info: [ 309.906922] active_anon:120762 inactive_anon:1221 isolated_anon:0 [ 309.906922] active_file:8243 inactive_file:12681 isolated_file:0 [ 309.906922] unevictable:0 dirty:301 writeback:0 unstable:0 [ 309.906922] slab_reclaimable:12284 slab_unreclaimable:109178 [ 309.906922] mapped:59070 shmem:2594 pagetables:1168 bounce:0 [ 309.906922] free:1271518 free_pcp:320 free_cma:0 [ 309.946855] Node 0 active_anon:483048kB inactive_anon:4884kB active_file:32832kB inactive_file:50724kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:236280kB dirty:1200kB writeback:0kB shmem:10376kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 413696kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 309.976679] Node 1 active_anon:0kB inactive_anon:0kB active_file:140kB inactive_file:0kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:4kB writeback:0kB shmem:0kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no 04:52:44 executing program 4: syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x28001) write$evdev(0xffffffffffffffff, &(0x7f0000000280)=[{}], 0x12) [ 310.004018] Node 0 DMA free:15908kB min:216kB low:268kB high:320kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 310.038435] lowmem_reserve[]: 0 2580 2580 2580 [ 310.044015] Node 0 DMA32 free:1285520kB min:36468kB low:45584kB high:54700kB active_anon:480924kB inactive_anon:4884kB active_file:32832kB inactive_file:50732kB unevictable:0kB writepending:1212kB present:3129332kB managed:2644912kB mlocked:0kB kernel_stack:7488kB pagetables:4672kB bounce:0kB free_pcp:1096kB local_pcp:648kB free_cma:0kB [ 310.076475] lowmem_reserve[]: 0 0 0 0 04:52:45 executing program 2: syz_mount_image$xfs(&(0x7f0000000040)='xfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000002680)=ANY=[@ANYBLOB='norecovery,biosize=00000000000000000007,logdev=.']) socketpair(0x3, 0xa, 0x4, &(0x7f0000000000)) [ 310.080733] Node 0 Normal free:0kB min:0kB low:0kB high:0kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:0kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 310.108304] lowmem_reserve[]: 0 0 0 0 [ 310.112322] Node 1 Normal free:3786832kB min:53420kB low:66772kB high:80124kB active_anon:0kB inactive_anon:0kB active_file:140kB inactive_file:0kB unevictable:0kB writepending:4kB present:3932160kB managed:3870208kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 310.141503] lowmem_reserve[]: 0 0 0 0 [ 310.145410] Node 0 DMA: 1*4kB (U) 0*8kB 0*16kB 1*32kB (U) 2*64kB (U) 1*128kB (U) 1*256kB (U) 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15908kB [ 310.160602] Node 0 DMA32: 9542*4kB (UME) 1841*8kB (UME) 2721*16kB (UM) 1759*32kB (UME) 778*64kB (UM) 86*128kB (UM) 10*256kB (UME) 3*512kB (ME) 2*1024kB (UE) 4*2048kB (UME) 259*4096kB (M) = 1288720kB [ 310.183904] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 310.210840] Node 1 [ 310.213393] Normal: 48*4kB (UE) 360*8kB (UME) 279*16kB (UME) 53*32kB (UME) 17*64kB (UME) 12*128kB (UE) 4*256kB (UM) 3*512kB (UE) 2*1024kB (ME) 5*2048kB (UME) 918*4096kB (M) = 3786832kB 04:52:45 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, &(0x7f0000000140)={0x0, @aes256}) 04:52:45 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) [ 310.238465] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 310.259159] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB 04:52:45 executing program 4: syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x28001) write$evdev(0xffffffffffffffff, &(0x7f0000000280)=[{}], 0x12) [ 310.302277] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 310.320462] XFS (loop2): no-recovery mounts must be read-only. [ 310.323384] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 310.346307] EXT4-fs (sda1): Cannot specify journal on remount [ 310.353847] 23526 total pagecache pages [ 310.358051] 0 pages in swap cache [ 310.389221] Swap cache stats: add 0, delete 0, find 0/0 [ 310.398699] Free swap = 0kB [ 310.402541] Total swap = 0kB [ 310.405657] 1965979 pages RAM [ 310.411370] 0 pages HighMem/MovableOnly [ 310.416181] 333222 pages reserved [ 310.419690] 0 pages cma reserved [ 310.428848] XFS (loop2): no-recovery mounts must be read-only. 04:52:45 executing program 5: socket$inet_udplite(0x2, 0x2, 0x88) ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") r0 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000140)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r0, &(0x7f0000000000)=ANY=[], 0x0) 04:52:45 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, &(0x7f0000000140)={0x0, @aes256}) 04:52:45 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) 04:52:45 executing program 4: syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x28001) write$evdev(0xffffffffffffffff, &(0x7f0000000280)=[{}], 0x12) [ 310.462362] EXT4-fs (sda1): Cannot specify journal on remount [ 310.496767] syz-executor.5: vmalloc: allocation failure: 0 bytes, mode:0x14000c0(GFP_KERNEL), nodemask=(null) [ 310.525867] syz-executor.5 cpuset=syz5 mems_allowed=0-1 [ 310.537654] CPU: 1 PID: 19190 Comm: syz-executor.5 Not tainted 4.14.131 #25 [ 310.544891] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 310.554341] Call Trace: [ 310.556933] dump_stack+0x138/0x19c [ 310.560645] warn_alloc.cold+0x96/0x1af [ 310.564610] ? zone_watermark_ok_safe+0x2b0/0x2b0 [ 310.569440] ? lock_downgrade+0x6e0/0x6e0 [ 310.573573] ? avc_has_perm+0x2df/0x4b0 [ 310.577533] __vmalloc_node_range+0x3be/0x6a0 [ 310.582011] ? trace_hardirqs_on+0x10/0x10 [ 310.586230] vmalloc+0x46/0x50 [ 310.589403] ? sel_write_load+0x1a0/0x1050 [ 310.593792] sel_write_load+0x1a0/0x1050 [ 310.597834] ? save_trace+0x290/0x290 [ 310.601617] ? sel_read_bool+0x240/0x240 [ 310.605663] ? trace_hardirqs_on+0x10/0x10 [ 310.609887] ? save_trace+0x290/0x290 [ 310.613673] __vfs_write+0x105/0x6b0 [ 310.617373] ? __lock_is_held+0xb6/0x140 [ 310.621413] ? sel_read_bool+0x240/0x240 [ 310.625456] ? kernel_read+0x120/0x120 [ 310.629343] ? __lock_is_held+0xb6/0x140 [ 310.633398] ? check_preemption_disabled+0x3c/0x250 [ 310.638401] ? rcu_lockdep_current_cpu_online+0xf2/0x140 [ 310.643840] ? rcu_read_lock_sched_held+0x110/0x130 [ 310.648972] ? rcu_sync_lockdep_assert+0x6d/0xb0 [ 310.653761] ? __sb_start_write+0x153/0x2f0 [ 310.658072] vfs_write+0x198/0x500 [ 310.661603] SyS_write+0xfd/0x230 [ 310.665037] ? SyS_read+0x230/0x230 [ 310.668659] ? do_syscall_64+0x53/0x640 [ 310.672631] ? SyS_read+0x230/0x230 [ 310.676271] do_syscall_64+0x1e8/0x640 [ 310.680141] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 310.684993] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 310.690166] RIP: 0033:0x4597c9 [ 310.693338] RSP: 002b:00007fbe448e1c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 310.701029] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000004597c9 [ 310.708307] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000004 [ 310.715566] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 04:52:45 executing program 0: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', 0x0, 0x2001001, 0x0) syz_mount_image$ext4(0x0, &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x100020, &(0x7f0000000040)={[{@bh='bh'}]}) 04:52:45 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, &(0x7f0000000140)={0x0, @aes256}) 04:52:45 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) 04:52:45 executing program 5: socket$inet_udplite(0x2, 0x2, 0x88) ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") r0 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000140)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r0, &(0x7f0000000000)=ANY=[], 0x0) 04:52:45 executing program 2: syz_mount_image$xfs(&(0x7f0000000040)='xfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000002680)=ANY=[@ANYBLOB='nor=00000000000000000007,l=.']) syz_open_dev$audion(&(0x7f0000000000)='/dev/audio#\x00', 0x1f, 0x0) [ 310.722838] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fbe448e26d4 [ 310.730113] R13: 00000000004c97d2 R14: 00000000004e0bc8 R15: 00000000ffffffff 04:52:45 executing program 4: syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x28001) write$evdev(0xffffffffffffffff, &(0x7f0000000280)=[{}], 0x12) 04:52:45 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, &(0x7f0000000140)={0x0, @aes256}) 04:52:45 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) [ 310.858670] syz-executor.5: vmalloc: allocation failure: 0 bytes, mode:0x14000c0(GFP_KERNEL), nodemask=(null) [ 310.877447] syz-executor.5 cpuset=syz5 mems_allowed=0-1 [ 310.884393] CPU: 1 PID: 19211 Comm: syz-executor.5 Not tainted 4.14.131 #25 [ 310.891535] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 310.900890] Call Trace: [ 310.903533] dump_stack+0x138/0x19c [ 310.907251] warn_alloc.cold+0x96/0x1af [ 310.911212] ? zone_watermark_ok_safe+0x2b0/0x2b0 [ 310.916058] ? lock_downgrade+0x6e0/0x6e0 [ 310.920200] ? avc_has_perm+0x2df/0x4b0 [ 310.924162] __vmalloc_node_range+0x3be/0x6a0 [ 310.928737] ? trace_hardirqs_on+0x10/0x10 [ 310.932959] vmalloc+0x46/0x50 [ 310.936220] ? sel_write_load+0x1a0/0x1050 [ 310.940439] sel_write_load+0x1a0/0x1050 [ 310.944487] ? save_trace+0x290/0x290 [ 310.948269] ? sel_read_bool+0x240/0x240 [ 310.952316] ? trace_hardirqs_on+0x10/0x10 [ 310.956550] ? save_trace+0x290/0x290 [ 310.960337] __vfs_write+0x105/0x6b0 [ 310.964029] ? __lock_is_held+0xb6/0x140 [ 310.968085] ? sel_read_bool+0x240/0x240 [ 310.972138] ? kernel_read+0x120/0x120 [ 310.976107] ? __lock_is_held+0xb6/0x140 [ 310.980149] ? check_preemption_disabled+0x3c/0x250 [ 310.985148] ? rcu_lockdep_current_cpu_online+0xf2/0x140 [ 310.990587] ? rcu_read_lock_sched_held+0x110/0x130 [ 310.995609] ? rcu_sync_lockdep_assert+0x6d/0xb0 [ 311.000365] ? __sb_start_write+0x153/0x2f0 [ 311.004671] vfs_write+0x198/0x500 [ 311.008206] SyS_write+0xfd/0x230 [ 311.011647] ? SyS_read+0x230/0x230 [ 311.015295] ? do_syscall_64+0x53/0x640 [ 311.019267] ? SyS_read+0x230/0x230 [ 311.022959] do_syscall_64+0x1e8/0x640 [ 311.026831] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 311.031658] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 311.036851] RIP: 0033:0x4597c9 [ 311.040030] RSP: 002b:00007fbe448e1c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 311.047810] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000004597c9 [ 311.055059] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000004 [ 311.062316] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 311.069582] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fbe448e26d4 [ 311.076859] R13: 00000000004c97d2 R14: 00000000004e0bc8 R15: 00000000ffffffff [ 311.085219] warn_alloc_show_mem: 1 callbacks suppressed [ 311.085224] Mem-Info: [ 311.097060] XFS (loop2): unknown mount option [nor=00000000000000000007]. [ 311.104132] active_anon:120735 inactive_anon:1221 isolated_anon:0 [ 311.104132] active_file:8243 inactive_file:12698 isolated_file:0 [ 311.104132] unevictable:0 dirty:318 writeback:0 unstable:0 [ 311.104132] slab_reclaimable:12215 slab_unreclaimable:109260 [ 311.104132] mapped:59057 shmem:2594 pagetables:1136 bounce:0 [ 311.104132] free:1271743 free_pcp:282 free_cma:0 [ 311.138701] Node 0 active_anon:482940kB inactive_anon:4884kB active_file:32832kB inactive_file:50792kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:236228kB dirty:1268kB writeback:0kB shmem:10376kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 415744kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no 04:52:46 executing program 4: syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x28001) write$evdev(0xffffffffffffffff, &(0x7f0000000280)=[{}], 0x12) 04:52:46 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, &(0x7f0000000140)={0x0, @aes256}) [ 311.213693] XFS (loop2): unknown mount option [nor=00000000000000000007]. 04:52:46 executing program 2: syz_mount_image$xfs(&(0x7f0000000040)='xfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="6e6f7265636f766572792c62696f73697a653d303030303030303030ef6ad4b72145445ba230303030303030303030372c6c6f676465763d2e"]) r0 = fcntl$dupfd(0xffffffffffffff9c, 0x0, 0xffffffffffffff9c) ioctl$VIDIOC_S_SELECTION(r0, 0xc040565f, &(0x7f00000000c0)={0x7, 0x102, 0x1, {0x81, 0x1, 0x5, 0xa9a5}}) 04:52:46 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) [ 311.271263] Node 1 active_anon:0kB inactive_anon:0kB active_file:140kB inactive_file:0kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:4kB writeback:0kB shmem:0kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 311.305537] EXT4-fs (sda1): Ignoring removed bh option [ 311.315829] EXT4-fs (sda1): re-mounted. Opts: bh, [ 311.376277] EXT4-fs (sda1): Ignoring removed bh option [ 311.393136] XFS (loop2): unknown mount option [biosize=000000000ïjÔ·!ED[¢00000000007]. [ 311.395651] EXT4-fs (sda1): re-mounted. Opts: bh, [ 311.406847] Node 0 DMA free:15908kB min:216kB low:268kB high:320kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 311.433933] lowmem_reserve[]: 0 2580 2580 2580 [ 311.438598] Node 0 DMA32 free:1282444kB min:36468kB low:45584kB high:54700kB active_anon:483108kB inactive_anon:4884kB active_file:32836kB inactive_file:50820kB unevictable:0kB writepending:1304kB present:3129332kB managed:2644912kB mlocked:0kB kernel_stack:7616kB pagetables:4640kB bounce:0kB free_pcp:996kB local_pcp:704kB free_cma:0kB [ 311.468611] lowmem_reserve[]: 0 0 0 0 04:52:46 executing program 0: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', 0x0, 0x2002001001, 0x0) r0 = openat$proc_capi20(0xffffffffffffff9c, &(0x7f0000000100)='/proc/capi/capi20\x00', 0x80040, 0x0) sendmsg$kcm(r0, &(0x7f0000000600)={&(0x7f0000000140)=@isdn={0x22, 0x5, 0x4, 0x7, 0x7}, 0x80, &(0x7f0000000540)=[{&(0x7f00000001c0)="6866a25d48a6533d3e748d70b07a7f", 0xf}, {&(0x7f0000000200)="be9fd60127ad1289e8f094075c078d9a26056ed7e32a6d36b92cc58921c5f9eedb23070d7c7b757217c5866396584e2f7985b9bbf500586c3c43901aec6a83e62b2fb6ea40d9ed48e0b098412a6952958e92b2ed499aa6a570cc0035b2db90f4815e9c6d94d6c8a5ecb43cc23e3bdf68c831a1639c87494c472b78a79ae6802991732170d61dd826ecf347a82a034e813de322fe7e73bff7f393b3ad207e120c575331523bbd8ef2d8e99143c18a4638c9da49", 0xb3}, {&(0x7f00000002c0)="1c03947be482cd93f599741961d557dc3e75abf1fd53dcca284379acda3f7b0f3c668740a901f8a757505d76adf1446e00fd85c8164abfbb0d2b5c29e9287b43226215169e8100de0546164f8408b19b0e21d91eda790607475ebd3e94a0512ff48899590021073f0e421d242180c99732ec9781382f73ef35c9ea5e721db3f974bda5cdde9884aa", 0x88}, {&(0x7f0000000380)="ba51b6cc524ed3b53c82d4c907db9b855c2c965da88d5410342a64b8161dadec5e211baf4b7a63a9cdd7bbe9ba7061", 0x2f}, {&(0x7f00000003c0)="9c50d20c00762c8e04c9e5ca880eafbd1035a4dcc902ec81f6cb77747d6295741ed37b515401000018e0179dcb520c2794c499eec40ced1324155847490c77e9ca4a8a438ee51d00f852684fec54ff93b8bfd3c13ac2b9ce2947e47685fffcec6a81ba75dbde12cdd72d334a19c5a1efcccb126f83f5d120ea52ac0cfe46ceb792a0c4855ba079d15769663dfc517359e8834502ffed0a7820c1db1c3f0b73293c", 0xa1}, {&(0x7f0000000480)="1a9a8f76895c26857383ae1e0db8d412fadb0c4b6c98592dabe2ab05478a749a5c21cddad1799aa3179df5444c43a5375c078e39caa8ec106f467760a4f30bc6dc4466b701bbffbb993b5b5e54446f327644a53b876b46b043b25a3604461c8133906e56f981e3a84b85cd4b1e18c54423c5fc8f24", 0x75}, {&(0x7f0000000500)="430dc76ab2108d10180c93066e604f5e9fad1880", 0x14}], 0x7, &(0x7f00000005c0)=[{0x40, 0x1ff, 0x2, "6b3e5e900c23c500a64dc8a7a8e47da1132f2f4222e03e3431d0181ef6633040091f09663b606910c70d08f9216c"}], 0x40}, 0x4000040) syz_mount_image$ext4(0x0, &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x100020, &(0x7f0000000040)={[{@journal_dev={'journal_dev'}}]}) 04:52:46 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) 04:52:46 executing program 4: syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x28001) write$evdev(0xffffffffffffffff, &(0x7f0000000280)=[{}], 0x12) [ 311.483566] Node 0 Normal free:0kB min:0kB low:0kB high:0kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:0kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 311.514556] lowmem_reserve[]: 0 0 0 0 [ 311.518455] Node 1 Normal free:3786832kB min:53420kB low:66772kB high:80124kB active_anon:0kB inactive_anon:0kB active_file:140kB inactive_file:0kB unevictable:0kB writepending:4kB present:3932160kB managed:3870208kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 311.547623] lowmem_reserve[]: 0 0 0 0 [ 311.551663] Node 0 DMA: 1*4kB (U) 0*8kB 0*16kB 1*32kB (U) 2*64kB (U) 1*128kB (U) 1*256kB (U) 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15908kB [ 311.579612] XFS (loop2): unknown mount option [biosize=000000000ïjÔ·!ED[¢00000000007]. [ 311.588344] Node 0 DMA32: 9543*4kB (UME) 1741*8kB (ME) 2705*16kB (UM) 1734*32kB (UME) 780*64kB (UM) 86*128kB (UM) 10*256kB (UME) 3*512kB (ME) 2*1024kB (UE) 4*2048kB (UME) 258*4096kB (M) = 1282900kB [ 311.608325] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 311.624567] Node 1 Normal: 48*4kB (UE) 360*8kB (UME) 279*16kB (UME) 53*32kB (UME) 17*64kB (UME) 12*128kB (UE) 4*256kB (UM) 3*512kB (UE) 2*1024kB (ME) 5*2048kB (UME) 918*4096kB (M) = 3786832kB [ 311.649741] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 311.660438] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 311.669417] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 311.699672] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 311.719836] 23546 total pagecache pages [ 311.724207] 0 pages in swap cache [ 311.728587] Swap cache stats: add 0, delete 0, find 0/0 [ 311.735437] Free swap = 0kB [ 311.738544] Total swap = 0kB [ 311.741720] 1965979 pages RAM [ 311.744910] 0 pages HighMem/MovableOnly 04:52:46 executing program 5: socket$inet_udplite(0x2, 0x2, 0x88) ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") r0 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000140)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r0, &(0x7f0000000000)=ANY=[], 0x0) 04:52:46 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, &(0x7f0000000140)={0x0, @aes256}) 04:52:46 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) 04:52:46 executing program 4: syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x28001) write$evdev(0xffffffffffffffff, &(0x7f0000000280)=[{}], 0x12) 04:52:46 executing program 2: getrandom(&(0x7f0000000440)=""/203, 0xcb, 0x2) syz_mount_image$xfs(&(0x7f0000000040)='xfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="6e6f7265e199636f766572792c62696f73697a653d30303030372c6c6f676465763d2e00000300"/50]) r0 = openat$sequencer2(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/sequencer2\x00', 0x4000, 0x0) lstat(&(0x7f0000000200)='./file0\x00', &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x0}) lstat(&(0x7f00000002c0)='./file0\x00', &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) write$FUSE_CREATE_OPEN(r0, &(0x7f0000000380)={0xa0, 0x0, 0x1, {{0x2, 0x2, 0x400, 0x1, 0x1ff, 0x0, {0x5, 0x400, 0x2, 0x0, 0x8000, 0x3, 0x3, 0x52, 0xbf, 0xffffffff, 0x225, r1, r2, 0x71, 0x2}}, {0x0, 0x1}}}, 0xa0) ioctl$VIDIOC_QUERY_EXT_CTRL(r0, 0xc0e85667, &(0x7f0000000100)={0x80000000, 0x6, "8b29cce631a1e788c0f14684ad6d7c549cf764d311be1be2ec75bcf60fbe7381", 0x4, 0x7, 0x5, 0xc00, 0xa22, 0x100, 0x7fff, 0x4, [0x3c3a, 0x3, 0x3, 0x5d]}) [ 311.749067] 333222 pages reserved [ 311.753126] 0 pages cma reserved 04:52:46 executing program 0: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', 0x0, 0x2001001, 0x0) syz_mount_image$ext4(0x0, &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x100020, &(0x7f0000000040)=ANY=[@ANYBLOB='journal00000000000000,\x00']) 04:52:46 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) [ 311.824113] XFS (loop2): unknown mount option [noreá™covery]. [ 311.851603] syz-executor.5: vmalloc: allocation failure: 0 bytes, mode:0x14000c0(GFP_KERNEL), nodemask=(null) 04:52:46 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, &(0x7f0000000140)={0x0, @aes256}) [ 311.885176] syz-executor.5 cpuset=syz5 mems_allowed=0-1 [ 311.904572] CPU: 0 PID: 19285 Comm: syz-executor.5 Not tainted 4.14.131 #25 [ 311.911719] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 311.921081] Call Trace: [ 311.923695] dump_stack+0x138/0x19c [ 311.927333] warn_alloc.cold+0x96/0x1af [ 311.931318] ? zone_watermark_ok_safe+0x2b0/0x2b0 [ 311.936170] ? lock_downgrade+0x6e0/0x6e0 [ 311.940334] ? avc_has_perm+0x2df/0x4b0 [ 311.944765] __vmalloc_node_range+0x3be/0x6a0 [ 311.949268] ? trace_hardirqs_on+0x10/0x10 [ 311.953512] vmalloc+0x46/0x50 [ 311.956709] ? sel_write_load+0x1a0/0x1050 [ 311.960939] sel_write_load+0x1a0/0x1050 [ 311.960954] ? save_trace+0x290/0x290 [ 311.960968] ? sel_read_bool+0x240/0x240 [ 311.960978] ? trace_hardirqs_on+0x10/0x10 [ 311.960987] ? save_trace+0x290/0x290 [ 311.961000] __vfs_write+0x105/0x6b0 04:52:46 executing program 4: syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x28001) write$evdev(0xffffffffffffffff, &(0x7f0000000280)=[{}], 0x12) [ 311.961008] ? __lock_is_held+0xb6/0x140 [ 311.961016] ? sel_read_bool+0x240/0x240 [ 311.961026] ? kernel_read+0x120/0x120 [ 311.968878] ? __lock_is_held+0xb6/0x140 [ 311.968889] ? check_preemption_disabled+0x3c/0x250 [ 311.968907] ? rcu_lockdep_current_cpu_online+0xf2/0x140 [ 311.977171] ? rcu_read_lock_sched_held+0x110/0x130 [ 311.977182] ? rcu_sync_lockdep_assert+0x6d/0xb0 [ 311.977194] ? __sb_start_write+0x153/0x2f0 [ 311.988751] vfs_write+0x198/0x500 [ 311.988766] SyS_write+0xfd/0x230 [ 311.988779] ? SyS_read+0x230/0x230 [ 312.035911] ? do_syscall_64+0x53/0x640 [ 312.039875] ? SyS_read+0x230/0x230 [ 312.043488] do_syscall_64+0x1e8/0x640 [ 312.047508] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 312.052357] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 312.057537] RIP: 0033:0x4597c9 [ 312.060705] RSP: 002b:00007fbe448e1c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 312.068458] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000004597c9 [ 312.075734] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000004 04:52:47 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, &(0x7f0000000140)={0x0, @aes256}) 04:52:47 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) [ 312.082992] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 312.090254] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fbe448e26d4 [ 312.097511] R13: 00000000004c97d2 R14: 00000000004e0bc8 R15: 00000000ffffffff [ 312.107930] Mem-Info: [ 312.110517] active_anon:121314 inactive_anon:1220 isolated_anon:0 [ 312.110517] active_file:8245 inactive_file:12714 isolated_file:0 [ 312.110517] unevictable:0 dirty:337 writeback:0 unstable:0 [ 312.110517] slab_reclaimable:12196 slab_unreclaimable:109386 04:52:47 executing program 2: syz_mount_image$xfs(&(0x7f0000000040)='xfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000002680)=ANY=[@ANYBLOB='norecovery,biosize=00000000000000000007,logdev=.']) r0 = openat$selinux_avc_hash_stats(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/avc/hash_stats\x00', 0x0, 0x0) openat(r0, &(0x7f00000000c0)='./file0\x00', 0x2, 0x40) openat$vim2m(0xffffffffffffff9c, &(0x7f0000000100)='/dev/video35\x00', 0x2, 0x0) [ 312.110517] mapped:59069 shmem:2594 pagetables:1184 bounce:0 [ 312.110517] free:1270820 free_pcp:189 free_cma:0 [ 312.145164] Node 0 active_anon:485256kB inactive_anon:4880kB active_file:32840kB inactive_file:50856kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:236276kB dirty:1348kB writeback:0kB shmem:10376kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 417792kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 312.174137] Node 1 active_anon:0kB inactive_anon:0kB active_file:140kB inactive_file:0kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:4kB writeback:0kB shmem:0kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 312.207584] Node 0 DMA free:15908kB min:216kB low:268kB high:320kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 312.233802] lowmem_reserve[]: 0 2580 2580 2580 [ 312.238419] Node 0 DMA32 free:1283048kB min:36468kB low:45584kB high:54700kB active_anon:483000kB inactive_anon:4884kB active_file:32840kB inactive_file:50860kB unevictable:0kB writepending:1352kB present:3129332kB managed:2644912kB mlocked:0kB kernel_stack:7488kB pagetables:4588kB bounce:0kB free_pcp:1176kB local_pcp:568kB free_cma:0kB [ 312.268409] lowmem_reserve[]: 0 0 0 0 [ 312.272302] Node 0 Normal free:0kB min:0kB low:0kB high:0kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:0kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 312.308776] lowmem_reserve[]: 0 0 0 0 [ 312.312704] Node 1 Normal free:3786832kB min:53420kB low:66772kB high:80124kB active_anon:0kB inactive_anon:0kB active_file:140kB inactive_file:0kB unevictable:0kB writepending:4kB present:3932160kB managed:3870208kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 312.346758] lowmem_reserve[]: 0 0 0 0 [ 312.358905] Node 0 DMA: 1*4kB (U) 0*8kB 0*16kB 1*32kB (U) 2*64kB (U) 1*128kB (U) 1*256kB (U) 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15908kB [ 312.417045] Node 0 DMA32: 9570*4kB (UME) 1792*8kB (UME) 2738*16kB (UME) 1730*32kB (UME) 780*64kB (UM) 86*128kB (UM) 10*256kB (UME) 3*512kB (ME) 2*1024kB (UE) 4*2048kB (UME) 259*4096kB (M) = 1287912kB [ 312.457267] XFS (loop2): no-recovery mounts must be read-only. [ 312.464395] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 312.479641] Node 1 Normal: 48*4kB (UE) 360*8kB (UME) 279*16kB (UME) 53*32kB (UME) 17*64kB (UME) 12*128kB (UE) 4*256kB (UM) 3*512kB (UE) 2*1024kB (ME) 5*2048kB (UME) 918*4096kB (M) = 3786832kB [ 312.502043] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 312.513450] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 312.527333] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 312.542491] XFS (loop2): no-recovery mounts must be read-only. [ 312.548829] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 312.560950] 23554 total pagecache pages 04:52:47 executing program 5: socket$inet_udplite(0x2, 0x2, 0x88) ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") r0 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000140)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r0, &(0x7f0000000000)=ANY=[], 0x0) 04:52:47 executing program 4: syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x28001) write$evdev(0xffffffffffffffff, &(0x7f0000000280)=[{}], 0x12) 04:52:47 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, &(0x7f0000000140)={0x0, @aes256}) 04:52:47 executing program 0: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', 0x0, 0x2001001, 0x0) getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffff9c, 0x0, 0x10, &(0x7f0000000280)={{{@in=@multicast1, @in=@broadcast, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@loopback}}}, &(0x7f0000000380)=0xe8) stat(&(0x7f00000003c0)='./file0\x00', &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, 0x0}) getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000000480)={{{@in6=@loopback, @in, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@multicast2}, 0x0, @in=@initdev}}, &(0x7f0000000580)=0xe8) syz_mount_image$vfat(&(0x7f0000000100)='vfat\x00', &(0x7f0000000140)='./file0\x00', 0x3ff, 0x1, &(0x7f0000000240)=[{&(0x7f0000000180)="b67590596d488018fd21210c98e253538469ff1f5ded991cf53b993a840d4313efaa8a21909c49b68b7220243818998c86c60040861dc08f66074d73a60f3aa8ad3327beca801140022ca0fb1edfbd09035e78d8d0fcaf8338f8cbcf44c643c67a89ce68d3dbff9c790819b4c99dcae9b7ac93a9f7eaff188d83eaf0a49513ce290044fd5e7d37045f61c6558f67d0753cebe3fcd9afdd5e8515d4662ffdfa409edf998a8020a8bca8cee72c68c80c80700713", 0xb3, 0x6d2}], 0x20000, &(0x7f00000005c0)={[{@shortname_lower='shortname=lower'}, {@shortname_win95='shortname=win95'}, {@utf8='utf8=1'}, {@numtail='nonumtail=0'}, {@uni_xlateno='uni_xlate=0'}, {@nonumtail='nnonumtail=1'}, {@utf8='utf8=1'}, {@nonumtail='nnonumtail=1'}, {@iocharset={'iocharset', 0x3d, 'maccroatian'}}], [{@dont_appraise='dont_appraise'}, {@uid_gt={'uid>', r0}}, {@fowner_eq={'fowner', 0x3d, r1}}, {@rootcontext={'rootcontext', 0x3d, 'root'}}, {@measure='measure'}, {@fsname={'fsname'}}, {@dont_measure='dont_measure'}, {@fsname={'fsname', 0x3d, 'journal_dev'}}, {@uid_eq={'uid', 0x3d, r2}}, {@hash='hash'}]}) setxattr$trusted_overlay_opaque(&(0x7f0000000780)='./file0\x00', &(0x7f00000007c0)='trusted.overlay.opaque\x00', &(0x7f0000000800)='y\x00', 0x2, 0x1) syz_mount_image$ext4(0x0, &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x100020, &(0x7f0000000040)={[{@journal_dev={'journal_dev'}}]}) r3 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000700)='/proc/sys/net/ipv4/vs/am_droprate\x00', 0x2, 0x0) ioctl$SIOCAX25ADDFWD(r3, 0x89ea, &(0x7f0000000740)={@default, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}}) 04:52:47 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) 04:52:47 executing program 2: syz_mount_image$xfs(&(0x7f0000000040)='xfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000002680)=ANY=[@ANYBLOB='norecovery,biosize=00000000000000000007,logdev=.']) setxattr$trusted_overlay_nlink(&(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='trusted.overlay.nlink\x00', &(0x7f0000000100)={'L+', 0x4}, 0x28, 0x1) [ 312.565318] 0 pages in swap cache [ 312.568923] Swap cache stats: add 0, delete 0, find 0/0 [ 312.575496] Free swap = 0kB [ 312.578648] Total swap = 0kB [ 312.581914] 1965979 pages RAM [ 312.593376] 0 pages HighMem/MovableOnly [ 312.597386] 333222 pages reserved [ 312.601018] 0 pages cma reserved [ 312.658748] syz-executor.5: vmalloc: allocation failure: 0 bytes, mode:0x14000c0(GFP_KERNEL), nodemask=(null) [ 312.673241] syz-executor.5 cpuset=syz5 mems_allowed=0-1 [ 312.680490] CPU: 1 PID: 19341 Comm: syz-executor.5 Not tainted 4.14.131 #25 [ 312.687809] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 312.697168] Call Trace: [ 312.699775] dump_stack+0x138/0x19c [ 312.701096] XFS (loop2): no-recovery mounts must be read-only. [ 312.703411] warn_alloc.cold+0x96/0x1af [ 312.703423] ? zone_watermark_ok_safe+0x2b0/0x2b0 [ 312.703440] ? lock_downgrade+0x6e0/0x6e0 [ 312.722405] ? avc_has_perm+0x2df/0x4b0 [ 312.726574] __vmalloc_node_range+0x3be/0x6a0 [ 312.731082] ? trace_hardirqs_on+0x10/0x10 [ 312.735323] vmalloc+0x46/0x50 [ 312.738503] ? sel_write_load+0x1a0/0x1050 [ 312.742725] sel_write_load+0x1a0/0x1050 [ 312.746914] ? save_trace+0x290/0x290 [ 312.750714] ? sel_read_bool+0x240/0x240 [ 312.754762] ? trace_hardirqs_on+0x10/0x10 [ 312.758999] ? save_trace+0x290/0x290 [ 312.762797] __vfs_write+0x105/0x6b0 [ 312.766493] ? __lock_is_held+0xb6/0x140 [ 312.770572] ? sel_read_bool+0x240/0x240 [ 312.774614] ? kernel_read+0x120/0x120 [ 312.778576] ? __lock_is_held+0xb6/0x140 [ 312.782625] ? check_preemption_disabled+0x3c/0x250 [ 312.787623] ? rcu_lockdep_current_cpu_online+0xf2/0x140 [ 312.793057] ? rcu_read_lock_sched_held+0x110/0x130 [ 312.798173] ? rcu_sync_lockdep_assert+0x6d/0xb0 [ 312.803278] ? __sb_start_write+0x153/0x2f0 [ 312.807595] vfs_write+0x198/0x500 [ 312.811138] SyS_write+0xfd/0x230 [ 312.814574] ? SyS_read+0x230/0x230 [ 312.818183] ? do_syscall_64+0x53/0x640 [ 312.822147] ? SyS_read+0x230/0x230 [ 312.825758] do_syscall_64+0x1e8/0x640 [ 312.829624] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 312.834541] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 312.839798] RIP: 0033:0x4597c9 [ 312.842966] RSP: 002b:00007fbe448e1c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 312.850678] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000004597c9 04:52:47 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) 04:52:47 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, &(0x7f0000000140)={0x0, @aes256}) 04:52:47 executing program 5: socket$inet_udplite(0x2, 0x2, 0x88) ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") r0 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000140)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r0, &(0x7f0000000000)=ANY=[], 0x0) [ 312.857942] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000004 [ 312.865226] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 312.872489] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fbe448e26d4 [ 312.879914] R13: 00000000004c97d2 R14: 00000000004e0bc8 R15: 00000000ffffffff 04:52:47 executing program 2: syz_mount_image$xfs(&(0x7f0000000040)='xfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000002680)=ANY=[@ANYBLOB='norecovery,biosize=00000000000000000007,logdev=.']) mknod(&(0x7f0000000000)='./file0\x00', 0xe000, 0x1) 04:52:47 executing program 4: syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x28001) write$evdev(0xffffffffffffffff, &(0x7f0000000280)=[{}], 0x12) [ 312.945313] EXT4-fs (sda1): Cannot specify journal on remount 04:52:47 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, &(0x7f0000000140)={0x0, @aes256}) 04:52:47 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) [ 313.019337] syz-executor.5: vmalloc: allocation failure: 0 bytes, mode:0x14000c0(GFP_KERNEL), nodemask=(null) [ 313.046665] XFS (loop2): no-recovery mounts must be read-only. 04:52:48 executing program 4: syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x28001) write$evdev(0xffffffffffffffff, &(0x7f0000000280)=[{}], 0x12) 04:52:48 executing program 0: mkdir(&(0x7f0000000140)='./file0\x00', 0xd0) setrlimit(0x40000000000008, &(0x7f0000000080)) r0 = shmget$private(0x0, 0x1000, 0x0, &(0x7f0000ffe000/0x1000)=nil) shmctl$SHM_LOCK(r0, 0xb) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', 0x0, 0x80, 0x0) syz_mount_image$ext4(0x0, &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x100020, &(0x7f0000000040)={[{@journal_dev={'journal_dev'}}]}) syz_extract_tcp_res(&(0x7f0000000100), 0x5, 0x0) [ 313.088805] syz-executor.5 cpuset=syz5 mems_allowed=0-1 04:52:48 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) 04:52:48 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, &(0x7f0000000140)={0x0, @aes256}) [ 313.143791] CPU: 0 PID: 19365 Comm: syz-executor.5 Not tainted 4.14.131 #25 [ 313.144081] XFS (loop2): no-recovery mounts must be read-only. [ 313.150940] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 313.150945] Call Trace: [ 313.150975] dump_stack+0x138/0x19c [ 313.150992] warn_alloc.cold+0x96/0x1af [ 313.151008] ? zone_watermark_ok_safe+0x2b0/0x2b0 [ 313.151022] ? lock_downgrade+0x6e0/0x6e0 [ 313.151038] ? avc_has_perm+0x2df/0x4b0 [ 313.151051] __vmalloc_node_range+0x3be/0x6a0 [ 313.151062] ? trace_hardirqs_on+0x10/0x10 [ 313.151075] vmalloc+0x46/0x50 [ 313.151084] ? sel_write_load+0x1a0/0x1050 [ 313.151092] sel_write_load+0x1a0/0x1050 [ 313.151101] ? save_trace+0x290/0x290 [ 313.151115] ? sel_read_bool+0x240/0x240 [ 313.151126] ? trace_hardirqs_on+0x10/0x10 [ 313.151136] ? save_trace+0x290/0x290 [ 313.151154] __vfs_write+0x105/0x6b0 [ 313.177780] ? __lock_is_held+0xb6/0x140 04:52:48 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) [ 313.187276] ? sel_read_bool+0x240/0x240 [ 313.187287] ? kernel_read+0x120/0x120 [ 313.187300] ? __lock_is_held+0xb6/0x140 [ 313.213151] ? check_preemption_disabled+0x3c/0x250 [ 313.213170] ? rcu_lockdep_current_cpu_online+0xf2/0x140 [ 313.213182] ? rcu_read_lock_sched_held+0x110/0x130 [ 313.213193] ? rcu_sync_lockdep_assert+0x6d/0xb0 [ 313.225257] ? __sb_start_write+0x153/0x2f0 [ 313.225271] vfs_write+0x198/0x500 [ 313.225284] SyS_write+0xfd/0x230 [ 313.225294] ? SyS_read+0x230/0x230 [ 313.284968] ? do_syscall_64+0x53/0x640 04:52:48 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, &(0x7f0000000140)={0x0, @aes256}) [ 313.284987] ? SyS_read+0x230/0x230 [ 313.284998] do_syscall_64+0x1e8/0x640 [ 313.292577] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 313.292595] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 313.292604] RIP: 0033:0x4597c9 [ 313.313302] RSP: 002b:00007fbe448e1c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 313.321115] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000004597c9 [ 313.328440] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000004 [ 313.335714] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 04:52:48 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) [ 313.342995] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fbe448e26d4 [ 313.350358] R13: 00000000004c97d2 R14: 00000000004e0bc8 R15: 00000000ffffffff [ 313.372925] warn_alloc_show_mem: 1 callbacks suppressed [ 313.372930] Mem-Info: [ 313.380901] active_anon:120761 inactive_anon:1219 isolated_anon:0 [ 313.380901] active_file:8245 inactive_file:12726 isolated_file:0 [ 313.380901] unevictable:0 dirty:350 writeback:0 unstable:0 [ 313.380901] slab_reclaimable:12182 slab_unreclaimable:109492 [ 313.380901] mapped:59080 shmem:2595 pagetables:1159 bounce:0 [ 313.380901] free:1270566 free_pcp:269 free_cma:0 [ 313.415471] Node 0 active_anon:483044kB inactive_anon:4876kB active_file:32840kB inactive_file:50904kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:236320kB dirty:1396kB writeback:0kB shmem:10380kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 415744kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 313.415488] Node 1 active_anon:0kB inactive_anon:0kB active_file:140kB inactive_file:0kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:4kB writeback:0kB shmem:0kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 313.415492] Node 0 DMA free:15908kB min:216kB low:268kB high:320kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 313.415513] lowmem_reserve[]: 0 2580 [ 313.471121] 2580 2580 [ 313.512679] Node 0 DMA32 free:1283664kB min:36468kB low:45584kB high:54700kB active_anon:482996kB inactive_anon:4876kB active_file:32840kB inactive_file:50904kB unevictable:0kB writepending:1396kB present:3129332kB managed:2644912kB mlocked:0kB kernel_stack:7488kB pagetables:4636kB bounce:0kB free_pcp:1404kB local_pcp:692kB free_cma:0kB [ 313.553535] lowmem_reserve[]: 0 0 0 0 [ 313.562718] Node 0 Normal free:0kB min:0kB low:0kB high:0kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:0kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 313.617138] lowmem_reserve[]: 0 0 0 0 [ 313.634415] Node 1 Normal free:3786832kB min:53420kB low:66772kB high:80124kB active_anon:0kB inactive_anon:0kB active_file:140kB inactive_file:0kB unevictable:0kB writepending:4kB present:3932160kB managed:3870208kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 313.666531] lowmem_reserve[]: 0 0 0 0 [ 313.670556] Node 0 DMA: 1*4kB (U) 0*8kB 0*16kB 1*32kB (U) 2*64kB (U) 1*128kB (U) 1*256kB (U) 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15908kB [ 313.670638] Node 0 DMA32: 9533*4kB (UME) 1906*8kB (UME) 2750*16kB (UME) 1711*32kB (UME) 780*64kB (UM) 86*128kB (UM) 10*256kB (UME) 3*512kB (ME) 2*1024kB (UE) 5*2048kB (UME) 258*4096kB (M) = 1286212kB [ 313.670724] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 313.670774] Node 1 Normal: 48*4kB (UE) 360*8kB (UME) 279*16kB (UME) 53*32kB (UME) 17*64kB (UME) 12*128kB (UE) 4*256kB (UM) 3*512kB (UE) 2*1024kB (ME) 5*2048kB (UME) 918*4096kB (M) = 3786832kB [ 313.670859] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 313.670865] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 313.670872] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB 04:52:48 executing program 5: socket$inet_udplite(0x2, 0x2, 0x88) ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") r0 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000140)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r0, &(0x7f0000000000)=ANY=[], 0x0) 04:52:48 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, &(0x7f0000000140)={0x0, @aes256}) 04:52:48 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) 04:52:48 executing program 4: syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x28001) write$evdev(0xffffffffffffffff, &(0x7f0000000280)=[{}], 0x12) 04:52:48 executing program 2: syz_mount_image$xfs(&(0x7f0000000040)='xfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000002680)=ANY=[@ANYBLOB="6e8908b872654ab0766572792c62693030303030303030300000303030303030372c6c6f67646576"]) r0 = syz_open_dev$admmidi(&(0x7f0000000000)='/dev/admmidi#\x00', 0x0, 0x200) ioctl$KVM_SET_GSI_ROUTING(r0, 0x4008ae6a, &(0x7f00000000c0)) getsockopt$IP_VS_SO_GET_DAEMON(r0, 0x0, 0x487, &(0x7f00000001c0), &(0x7f0000000200)=0x30) accept4(r0, &(0x7f0000000100)=@l2, &(0x7f0000000180)=0x80, 0x80000) setsockopt$bt_hci_HCI_DATA_DIR(r0, 0x0, 0x1, &(0x7f0000000240)=0x4, 0x4) 04:52:48 executing program 0: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', 0x0, 0x2001001, 0x0) r0 = socket$kcm(0x29, 0x5, 0x0) sendmsg$kcm(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f0000000200)="4046b2b40c9c37333596f90960231cf0a825eed14b8b3b269b173f7d6a43b6ee90daea9bd7c5a9823f6878cc726bc59a2c45568872319fd05bb2add1", 0x3c}, {&(0x7f0000000240)="2ae1c7e4317a888b5545ace468203ddfd7296012c5fbc04d8e963f1491faaabf2f6d58e55ec44e477e47fc15b7d1f1e657f962ff28279d2a8d0fd1a6aed394ac9d5d31886517eb330757113b6f4372", 0x4f}], 0x2}, 0x80) r1 = socket$isdn(0x22, 0x3, 0x1) recvfrom(r1, &(0x7f0000000100)=""/112, 0x70, 0x1, &(0x7f0000000180)=@nfc_llcp={0x27, 0x0, 0x0, 0x6, 0xff, 0xd43, "28bb8ce051675dfb95d1d9a1ebf583c13942c7a5328d1626e536dfb5fb56927c3f25f1881e233701020db37ca3fac0cdbca4a60b8e95abcf468ddf2373f0ce", 0x1a}, 0x80) r2 = creat(&(0x7f0000000340)='./file0\x00', 0x42) r3 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000380)='/proc/self/net/pfkey\x00', 0x0, 0x0) ioctl$FUSE_DEV_IOC_CLONE(r2, 0x8004e500, &(0x7f00000003c0)=r3) syz_mount_image$ext4(0x0, &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x100020, &(0x7f0000000400)=ANY=[@ANYBLOB="6a6f75726e616c5f6465a93d3078303030303030303030223030303030302c00acc17d3f262269917687ac8b6e1ccccbce672321cb38fc81bc17d673e3799d3b5fac552f262c3752549e2dba48ec7f713f42f97d9db2f4"]) [ 313.670878] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 313.670882] 23565 total pagecache pages [ 313.670894] 0 pages in swap cache [ 313.670900] Swap cache stats: add 0, delete 0, find 0/0 [ 313.670903] Free swap = 0kB [ 313.670928] Total swap = 0kB [ 313.735991] 1965979 pages RAM [ 313.760179] 0 pages HighMem/MovableOnly [ 313.795031] 333222 pages reserved [ 313.799610] 0 pages cma reserved 04:52:48 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, &(0x7f0000000140)={0x0, @aes256}) [ 313.844160] syz-executor.5: vmalloc: allocation failure: 0 bytes, mode:0x14000c0(GFP_KERNEL), nodemask=(null) [ 313.871895] XFS (loop2): unknown mount option [n‰¸reJ°very]. 04:52:48 executing program 4: syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x28001) write$evdev(0xffffffffffffffff, &(0x7f0000000280)=[{}], 0x12) 04:52:48 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, &(0x7f0000000140)={0x0, @aes256}) 04:52:48 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) [ 313.895590] EXT4-fs (sda1): Unrecognized mount option "journal_de©=0x000000000"000000" or missing value [ 313.917959] syz-executor.5 cpuset=syz5 mems_allowed=0-1 [ 313.928385] XFS (loop2): unknown mount option [n‰¸reJ°very]. 04:52:48 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, &(0x7f0000000140)={0x0, @aes256}) [ 313.979094] CPU: 1 PID: 19424 Comm: syz-executor.5 Not tainted 4.14.131 #25 [ 313.986298] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 313.997161] Call Trace: [ 313.999791] dump_stack+0x138/0x19c [ 314.003524] warn_alloc.cold+0x96/0x1af [ 314.007502] ? zone_watermark_ok_safe+0x2b0/0x2b0 [ 314.012471] ? lock_downgrade+0x6e0/0x6e0 [ 314.016608] ? avc_has_perm+0x2df/0x4b0 [ 314.020573] __vmalloc_node_range+0x3be/0x6a0 [ 314.025053] ? trace_hardirqs_on+0x10/0x10 [ 314.029272] vmalloc+0x46/0x50 [ 314.032540] ? sel_write_load+0x1a0/0x1050 [ 314.036781] sel_write_load+0x1a0/0x1050 [ 314.040923] ? save_trace+0x290/0x290 [ 314.045392] ? sel_read_bool+0x240/0x240 [ 314.049461] ? trace_hardirqs_on+0x10/0x10 [ 314.053777] ? save_trace+0x290/0x290 [ 314.057735] __vfs_write+0x105/0x6b0 [ 314.063593] ? __lock_is_held+0xb6/0x140 [ 314.067641] ? sel_read_bool+0x240/0x240 [ 314.071702] ? kernel_read+0x120/0x120 [ 314.075596] ? __lock_is_held+0xb6/0x140 [ 314.080160] ? check_preemption_disabled+0x3c/0x250 [ 314.085632] ? rcu_lockdep_current_cpu_online+0xf2/0x140 [ 314.091209] ? rcu_read_lock_sched_held+0x110/0x130 [ 314.096224] ? rcu_sync_lockdep_assert+0x6d/0xb0 [ 314.101758] ? __sb_start_write+0x153/0x2f0 [ 314.106070] vfs_write+0x198/0x500 [ 314.109617] SyS_write+0xfd/0x230 [ 314.113240] ? SyS_read+0x230/0x230 [ 314.116854] ? do_syscall_64+0x53/0x640 [ 314.120825] ? SyS_read+0x230/0x230 [ 314.124445] do_syscall_64+0x1e8/0x640 [ 314.128338] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 314.133281] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 314.138456] RIP: 0033:0x4597c9 [ 314.141626] RSP: 002b:00007fbe448e1c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 314.149318] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000004597c9 [ 314.156585] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000004 [ 314.163840] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 314.171102] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fbe448e26d4 04:52:49 executing program 2: syz_mount_image$xfs(&(0x7f0000000040)='xfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0xe2, 0x0, 0x200000, &(0x7f0000002680)=ANY=[@ANYPTR64]) statfs(&(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)=""/102) syz_open_dev$dmmidi(&(0x7f0000000140)='/dev/dmmidi#\x00', 0x2, 0x0) 04:52:49 executing program 5: socket$inet_udplite(0x2, 0x2, 0x88) ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") r0 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000140)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r0, &(0x7f0000000000)=ANY=[], 0x0) 04:52:49 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) [ 314.178371] R13: 00000000004c97d2 R14: 00000000004e0bc8 R15: 00000000ffffffff 04:52:49 executing program 4: syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x28001) write$evdev(0xffffffffffffffff, &(0x7f0000000280)=[{}], 0x12) 04:52:49 executing program 0: mkdir(&(0x7f0000000000)='./file0\x00', 0x120) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', 0x0, 0x2001001, 0x0) r0 = accept4(0xffffffffffffff9c, &(0x7f0000000100)=@xdp, &(0x7f0000000180)=0x80, 0x80000) r1 = syz_genetlink_get_family_id$tipc(&(0x7f0000000200)='TIPC\x00') sendmsg$TIPC_CMD_SET_NODE_ADDR(r0, &(0x7f00000002c0)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000000280)={&(0x7f0000000240)={0x24, r1, 0x400, 0x70bd26, 0x25dfdbfd, {{}, 0x0, 0x8001, 0x0, {0x8, 0x11, 0x1f}}, [""]}, 0x24}, 0x1, 0x0, 0x0, 0x8000}, 0x20000000) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000640)={0x0, 0x0}, &(0x7f0000000680)=0xc) openat$selinux_mls(0xffffffffffffff9c, &(0x7f0000000a40)='/selinux/mls\x00', 0x0, 0x0) fstat(r0, &(0x7f00000006c0)={0x0, 0x0, 0x0, 0x0, 0x0}) getsockopt$inet6_IPV6_IPSEC_POLICY(r0, 0x29, 0x22, &(0x7f0000000740)={{{@in=@multicast1, @in6=@initdev, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@multicast1}, 0x0, @in6=@dev}}, &(0x7f0000000840)=0xe8) syz_mount_image$hfs(&(0x7f0000000300)='hfs\x00', &(0x7f0000000340)='./file0\x00', 0x6, 0x3, &(0x7f00000005c0)=[{&(0x7f0000000380)="c401e28b83aea3ae16df0b03d0224c9a5e7c2ea56acd3d8723f09bc8c6454ee43c38d7201e52c50dd8f9f0eff28028f0214201a94047b466faa1f549f85a7bdcd771a23f187b2dfa90379baa6c48ad2a9c10cfa6d5f28f475f1933e6509f81720a3639b980343458b5f83e1fc20ab1d8d0e64553c8f9f4cfd40af9ecec74ffa44407389d2993ac5cb22dd99700409cfca48e637cf92b4911b77150159ae3de2d423e48f0ab", 0xa5, 0xe70f}, {&(0x7f0000000440)="fbcfd9ce0510ef9e626bf40bc769c6e19fc24f4423072757e7b5012d7f0a5ad4b7d230f0c60d3b4a47857af67224559d697a4e4a553f74cb2772f0b2ab76b91afec8db1d338f61f7c8292272f7cfa74eef897e3e639aaa05515ba12ddfd05593d8f997db94e4d1bf9ebf05f9d51cae87c0f9946e23d511f475b3cb85649d0af7677ca050ed90bd8ba7053e467765b2c8c07df4af7a22880390", 0x99, 0x373f0cd}, {&(0x7f0000000500)="a838b80cd2b997ae706808fab83250e437d09d4f76cd71194514edc9f051324f7152261bafae5a3e48e9a8dc65dfb7eb029b8ea06c323c8251045f32ab9c18740d6d061bc8e9f2e5619b66caa553859f87aa578f6d821091fa18c8a8ed8da417b0cc73cbe8c026778af5380b566053a41e84fb6e1e24e82b0a8b15875edfe872aeb57daf037224", 0x87, 0x5}], 0x20e0004, &(0x7f0000000880)={[{@dir_umask={'dir_umask', 0x3d, 0xda}}, {@iocharset={'iocharset', 0x3d, 'ascii'}}, {@file_umask={'file_umask', 0x3d, 0x80}}], [{@smackfsfloor={'smackfsfloor', 0x3d, 'journal_dev'}}, {@mask={'mask', 0x3d, 'MAY_WRITE'}}, {@subj_type={'subj_type', 0x3d, 'journal_dev'}}, {@func={'func', 0x3d, 'MMAP_CHECK'}}, {@uid_gt={'uid>', r2}}, {@euid_eq={'euid', 0x3d, r3}}, {@smackfsfloor={'smackfsfloor', 0x3d, 'journal_dev'}}, {@euid_lt={'euid<', r4}}, {@func={'func', 0x3d, 'KEXEC_KERNEL_CHECK'}}]}) syz_mount_image$ext4(0x0, &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x100020, &(0x7f0000000040)={[{@journal_dev={'journal_dev'}}]}) [ 314.295822] syz-executor.5: vmalloc: allocation failure: 0 bytes, mode:0x14000c0(GFP_KERNEL), nodemask=(null) 04:52:49 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) 04:52:49 executing program 2: r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer\x00', 0x10000, 0x0) ioctl$ASHMEM_GET_SIZE(r0, 0x7704, 0x0) syz_mount_image$xfs(&(0x7f0000000040)='xfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000002680)=ANY=[@ANYBLOB='norecovery,biosize=00000000000000000007,logdev=.']) [ 314.344119] syz-executor.5 cpuset=syz5 mems_allowed=0-1 [ 314.349822] CPU: 0 PID: 19460 Comm: syz-executor.5 Not tainted 4.14.131 #25 [ 314.356947] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 314.366435] Call Trace: [ 314.369126] dump_stack+0x138/0x19c [ 314.372949] warn_alloc.cold+0x96/0x1af [ 314.377032] ? zone_watermark_ok_safe+0x2b0/0x2b0 [ 314.382161] ? lock_downgrade+0x6e0/0x6e0 [ 314.386330] ? avc_has_perm+0x2df/0x4b0 04:52:49 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) [ 314.386352] __vmalloc_node_range+0x3be/0x6a0 [ 314.394823] ? trace_hardirqs_on+0x10/0x10 [ 314.394839] vmalloc+0x46/0x50 [ 314.394853] ? sel_write_load+0x1a0/0x1050 [ 314.406504] sel_write_load+0x1a0/0x1050 [ 314.406749] XFS (loop2): no-recovery mounts must be read-only. [ 314.410563] ? save_trace+0x290/0x290 [ 314.410582] ? sel_read_bool+0x240/0x240 [ 314.410591] ? trace_hardirqs_on+0x10/0x10 [ 314.410600] ? save_trace+0x290/0x290 [ 314.410615] __vfs_write+0x105/0x6b0 [ 314.410622] ? __lock_is_held+0xb6/0x140 04:52:49 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) [ 314.410631] ? sel_read_bool+0x240/0x240 [ 314.410639] ? kernel_read+0x120/0x120 [ 314.410647] ? __lock_is_held+0xb6/0x140 [ 314.410660] ? check_preemption_disabled+0x3c/0x250 [ 314.463216] ? rcu_lockdep_current_cpu_online+0xf2/0x140 [ 314.469847] ? rcu_read_lock_sched_held+0x110/0x130 [ 314.477685] ? rcu_sync_lockdep_assert+0x6d/0xb0 [ 314.482928] ? __sb_start_write+0x153/0x2f0 [ 314.482941] vfs_write+0x198/0x500 [ 314.482954] SyS_write+0xfd/0x230 04:52:49 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) [ 314.482964] ? SyS_read+0x230/0x230 [ 314.482974] ? do_syscall_64+0x53/0x640 [ 314.482984] ? SyS_read+0x230/0x230 [ 314.482993] do_syscall_64+0x1e8/0x640 [ 314.483004] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 314.491038] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 314.521541] RIP: 0033:0x4597c9 [ 314.525264] RSP: 002b:00007fbe448e1c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 314.533170] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000004597c9 04:52:49 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) 04:52:49 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, &(0x7f0000000140)={0x0, @aes256}) [ 314.540897] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000004 [ 314.548813] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 314.556452] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fbe448e26d4 [ 314.556459] R13: 00000000004c97d2 R14: 00000000004e0bc8 R15: 00000000ffffffff [ 314.565052] warn_alloc_show_mem: 1 callbacks suppressed [ 314.565056] Mem-Info: [ 314.587157] active_anon:121226 inactive_anon:1218 isolated_anon:0 04:52:49 executing program 4: syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x28001) write$evdev(0xffffffffffffffff, &(0x7f0000000280)=[{}], 0x12) [ 314.587157] active_file:8245 inactive_file:12740 isolated_file:0 [ 314.587157] unevictable:0 dirty:364 writeback:0 unstable:0 [ 314.587157] slab_reclaimable:12174 slab_unreclaimable:109514 [ 314.587157] mapped:59069 shmem:2594 pagetables:1185 bounce:0 [ 314.587157] free:1270678 free_pcp:177 free_cma:0 [ 314.671073] XFS (loop2): no-recovery mounts must be read-only. [ 314.676613] Node 0 active_anon:482852kB inactive_anon:4872kB active_file:32840kB inactive_file:50960kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:236176kB dirty:1452kB writeback:0kB shmem:10376kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 413696kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 314.719405] Node 1 active_anon:0kB inactive_anon:0kB active_file:140kB inactive_file:0kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:4kB writeback:0kB shmem:0kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 314.763303] Node 0 DMA free:15908kB min:216kB low:268kB high:320kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 314.790980] lowmem_reserve[]: 0 2580 2580 2580 [ 314.796387] Node 0 DMA32 free:1282004kB min:36468kB low:45584kB high:54700kB active_anon:485136kB inactive_anon:4876kB active_file:32840kB inactive_file:50988kB unevictable:0kB writepending:1480kB present:3129332kB managed:2644912kB mlocked:0kB kernel_stack:7584kB pagetables:4696kB bounce:0kB free_pcp:496kB local_pcp:376kB free_cma:0kB [ 314.797146] EXT4-fs (sda1): Cannot specify journal on remount [ 314.832328] lowmem_reserve[]: 0 0 0 0 [ 314.838105] Node 0 Normal free:0kB min:0kB low:0kB high:0kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:0kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 314.878683] lowmem_reserve[]: 0 0 0 0 [ 314.887463] Node 1 Normal free:3786832kB min:53420kB low:66772kB high:80124kB active_anon:0kB inactive_anon:0kB active_file:140kB inactive_file:0kB unevictable:0kB writepending:4kB present:3932160kB managed:3870208kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 314.921515] lowmem_reserve[]: 0 0 0 0 [ 314.925438] Node 0 DMA: 1*4kB (U) 0*8kB 0*16kB 1*32kB (U) 2*64kB (U) 1*128kB (U) 1*256kB (U) 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15908kB [ 314.943107] Node 0 DMA32: 9436*4kB (UME) 1805*8kB (UME) 2738*16kB (UME) 1713*32kB (UME) 780*64kB (UM) 86*128kB (UM) 10*256kB (UME) 3*512kB (ME) 2*1024kB (UE) 5*2048kB (UME) 258*4096kB (M) = 1284888kB [ 314.961837] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 314.976015] Node 1 Normal: 48*4kB (UE) 360*8kB (UME) 279*16kB (UME) 53*32kB (UME) 17*64kB (UME) 12*128kB (UE) 4*256kB (UM) 3*512kB (UE) 2*1024kB (ME) 5*2048kB (UME) 918*4096kB (M) = 3786832kB [ 314.993524] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 315.003798] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 315.013346] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 315.013783] EXT4-fs (sda1): Cannot specify journal on remount 04:52:50 executing program 5: socket$inet_udplite(0x2, 0x2, 0x88) ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") r0 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000140)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r0, &(0x7f0000000000)=ANY=[], 0x0) 04:52:50 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) 04:52:50 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, &(0x7f0000000140)={0x0, @aes256}) [ 315.026537] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 315.037880] 23587 total pagecache pages [ 315.042085] 0 pages in swap cache [ 315.045656] Swap cache stats: add 0, delete 0, find 0/0 [ 315.051323] Free swap = 0kB [ 315.054465] Total swap = 0kB [ 315.057583] 1965979 pages RAM [ 315.061050] 0 pages HighMem/MovableOnly [ 315.065045] 333222 pages reserved [ 315.068580] 0 pages cma reserved 04:52:50 executing program 0: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000080)="c0dca5055e0bcfec7be070") connect$inet6(0xffffffffffffffff, &(0x7f00000000c0)={0xa, 0x0, 0x100, @loopback}, 0x1c) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x4) openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) connect$inet6(r1, &(0x7f0000000080), 0x1c) r2 = dup2(r1, r1) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r2, 0x6, 0x16, &(0x7f0000000440), 0x132224) clone(0x2102001ff2, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = gettid() setsockopt$inet6_buf(r1, 0x29, 0x22, &(0x7f00000000c0), 0x235) ptrace$setopts(0x4206, r3, 0x0, 0x0) ioctl$TCFLSH(r2, 0x540b, 0x7f) tkill(r3, 0x39) fcntl$setstatus(r2, 0x4, 0x42803) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', 0x0, 0x2001001, 0x0) syz_mount_image$ext4(0x0, &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x100020, &(0x7f0000000040)=ANY=[@ANYBLOB="6a6f75726e616c5f6465993d30783030303030303030b0303034303030302c00"]) openat$proc_capi20(0xffffffffffffff9c, &(0x7f0000000140)='/proc/capi/capi20\x00', 0x189280, 0x0) 04:52:50 executing program 4: syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x28001) write$evdev(0xffffffffffffffff, &(0x7f0000000280)=[{}], 0x12) 04:52:50 executing program 2: syz_mount_image$xfs(&(0x7f0000000040)='xfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x3cd, 0x0, 0x0, &(0x7f0000002680)=ANY=[@ANYBLOB="6e6f7265636f766572792c62696f736993653d30303030303030303030303030303030303030372c6c6f676465763d2e"]) 04:52:50 executing program 2: syz_mount_image$xfs(&(0x7f0000000040)='xfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000002680)=ANY=[@ANYBLOB="6e6f7265636f766572792c62696f73697a653d3030303030303030303030303030303030b030372c6c6f676465763d2e"]) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='cgroup.events\x00', 0x0, 0x0) ioctl$VIDIOC_G_PARM(r0, 0xc0cc5615, &(0x7f00000000c0)={0x9, @output={0x1000, 0x1, {0xd644}, 0x7, 0x7fff}}) 04:52:50 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) 04:52:50 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, &(0x7f0000000140)={0x0, @aes256}) [ 315.139275] syz-executor.5: vmalloc: allocation failure: 0 bytes, mode:0x14000c0(GFP_KERNEL), nodemask=(null) [ 315.149945] syz-executor.5 cpuset=syz5 [ 315.183291] mems_allowed=0-1 [ 315.191027] CPU: 0 PID: 19518 Comm: syz-executor.5 Not tainted 4.14.131 #25 [ 315.198177] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 315.207552] Call Trace: [ 315.210157] dump_stack+0x138/0x19c [ 315.213798] warn_alloc.cold+0x96/0x1af [ 315.217784] ? zone_watermark_ok_safe+0x2b0/0x2b0 [ 315.222644] ? lock_downgrade+0x6e0/0x6e0 [ 315.226802] ? avc_has_perm+0x2df/0x4b0 [ 315.230801] __vmalloc_node_range+0x3be/0x6a0 [ 315.235307] ? trace_hardirqs_on+0x10/0x10 04:52:50 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) 04:52:50 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) [ 315.239556] vmalloc+0x46/0x50 [ 315.242745] ? sel_write_load+0x1a0/0x1050 [ 315.246987] sel_write_load+0x1a0/0x1050 [ 315.251054] ? save_trace+0x290/0x290 [ 315.254865] ? sel_read_bool+0x240/0x240 [ 315.258947] ? trace_hardirqs_on+0x10/0x10 [ 315.263200] ? save_trace+0x290/0x290 [ 315.267016] __vfs_write+0x105/0x6b0 [ 315.270933] ? __lock_is_held+0xb6/0x140 [ 315.275086] ? sel_read_bool+0x240/0x240 [ 315.275099] ? kernel_read+0x120/0x120 [ 315.275109] ? __lock_is_held+0xb6/0x140 [ 315.275118] ? check_preemption_disabled+0x3c/0x250 [ 315.275132] ? rcu_lockdep_current_cpu_online+0xf2/0x140 [ 315.287113] ? rcu_read_lock_sched_held+0x110/0x130 [ 315.287124] ? rcu_sync_lockdep_assert+0x6d/0xb0 [ 315.307526] ? __sb_start_write+0x153/0x2f0 [ 315.311874] vfs_write+0x198/0x500 [ 315.315428] SyS_write+0xfd/0x230 [ 315.318902] ? SyS_read+0x230/0x230 [ 315.322542] ? do_syscall_64+0x53/0x640 [ 315.326523] ? SyS_read+0x230/0x230 [ 315.330156] do_syscall_64+0x1e8/0x640 [ 315.334045] ? trace_hardirqs_off_thunk+0x1a/0x1c 04:52:50 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) 04:52:50 executing program 5: socket$inet_udplite(0x2, 0x2, 0x88) ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") r0 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000140)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r0, &(0x7f0000000000)=ANY=[], 0x0) 04:52:50 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, &(0x7f0000000140)={0x0, @aes256}) [ 315.338898] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 315.344176] RIP: 0033:0x4597c9 [ 315.347360] RSP: 002b:00007fbe448e1c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 315.355067] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000004597c9 [ 315.355074] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000004 [ 315.355079] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 315.355086] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fbe448e26d4 [ 315.355092] R13: 00000000004c97d2 R14: 00000000004e0bc8 R15: 00000000ffffffff 04:52:50 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, &(0x7f0000000140)={0x0, @aes256}) [ 315.415899] XFS (loop2): unknown mount option [biosize=00000000000000000°07]. [ 315.422119] syz-executor.5: vmalloc: allocation failure: 0 bytes, mode:0x14000c0(GFP_KERNEL), nodemask=(null) [ 315.485800] XFS (loop2): unknown mount option [biosize=00000000000000000°07]. [ 315.511009] syz-executor.5 cpuset=syz5 mems_allowed=0-1 [ 315.538019] CPU: 0 PID: 19543 Comm: syz-executor.5 Not tainted 4.14.131 #25 [ 315.547339] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 315.556710] Call Trace: [ 315.559311] dump_stack+0x138/0x19c [ 315.562968] warn_alloc.cold+0x96/0x1af [ 315.562980] ? zone_watermark_ok_safe+0x2b0/0x2b0 [ 315.571834] ? lock_downgrade+0x6e0/0x6e0 [ 315.571850] ? avc_has_perm+0x2df/0x4b0 [ 315.571864] __vmalloc_node_range+0x3be/0x6a0 [ 315.571875] ? trace_hardirqs_on+0x10/0x10 [ 315.571887] vmalloc+0x46/0x50 [ 315.571895] ? sel_write_load+0x1a0/0x1050 [ 315.571902] sel_write_load+0x1a0/0x1050 [ 315.571912] ? save_trace+0x290/0x290 [ 315.571927] ? sel_read_bool+0x240/0x240 [ 315.571936] ? trace_hardirqs_on+0x10/0x10 [ 315.571949] ? save_trace+0x290/0x290 [ 315.620990] __vfs_write+0x105/0x6b0 [ 315.624981] ? __lock_is_held+0xb6/0x140 [ 315.629053] ? sel_read_bool+0x240/0x240 [ 315.634470] ? kernel_read+0x120/0x120 [ 315.639317] ? __lock_is_held+0xb6/0x140 [ 315.639329] ? check_preemption_disabled+0x3c/0x250 [ 315.639343] ? rcu_lockdep_current_cpu_online+0xf2/0x140 [ 315.653946] ? rcu_read_lock_sched_held+0x110/0x130 [ 315.653958] ? rcu_sync_lockdep_assert+0x6d/0xb0 [ 315.663814] ? __sb_start_write+0x153/0x2f0 [ 315.668139] vfs_write+0x198/0x500 [ 315.671771] SyS_write+0xfd/0x230 [ 315.675240] ? SyS_read+0x230/0x230 [ 315.678868] ? do_syscall_64+0x53/0x640 [ 315.682863] ? SyS_read+0x230/0x230 [ 315.686487] do_syscall_64+0x1e8/0x640 [ 315.690378] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 315.695228] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 315.700422] RIP: 0033:0x4597c9 [ 315.703699] RSP: 002b:00007fbe448e1c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 315.711419] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000004597c9 [ 315.718696] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000004 [ 315.725969] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 315.733272] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fbe448e26d4 [ 315.740655] R13: 00000000004c97d2 R14: 00000000004e0bc8 R15: 00000000ffffffff [ 315.751684] warn_alloc_show_mem: 1 callbacks suppressed [ 315.751687] Mem-Info: [ 315.757166] active_anon:120209 inactive_anon:1223 isolated_anon:0 [ 315.757166] active_file:8246 inactive_file:12754 isolated_file:0 [ 315.757166] unevictable:0 dirty:383 writeback:0 unstable:0 [ 315.757166] slab_reclaimable:12158 slab_unreclaimable:109602 [ 315.757166] mapped:59092 shmem:2595 pagetables:1106 bounce:0 [ 315.757166] free:1271732 free_pcp:280 free_cma:0 [ 315.793908] Node 0 active_anon:480836kB inactive_anon:4892kB active_file:32844kB inactive_file:51016kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:236368kB dirty:1528kB writeback:0kB shmem:10380kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 411648kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 315.822870] Node 1 active_anon:0kB inactive_anon:0kB active_file:140kB inactive_file:0kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:4kB writeback:0kB shmem:0kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 315.849895] Node 0 DMA free:15908kB min:216kB low:268kB high:320kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 315.881011] lowmem_reserve[]: 0 2580 2580 2580 [ 315.885844] Node 0 DMA32 free:1284956kB min:36468kB low:45584kB high:54700kB active_anon:480864kB inactive_anon:4888kB active_file:32844kB inactive_file:51036kB unevictable:0kB writepending:1532kB present:3129332kB managed:2644912kB mlocked:0kB kernel_stack:7552kB pagetables:4480kB bounce:0kB free_pcp:1440kB local_pcp:712kB free_cma:0kB [ 315.916527] lowmem_reserve[]: 0 0 0 0 [ 315.920523] Node 0 Normal free:0kB min:0kB low:0kB high:0kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:0kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 315.946085] lowmem_reserve[]: 0 0 0 0 [ 315.950055] Node 1 Normal free:3786832kB min:53420kB low:66772kB high:80124kB active_anon:0kB inactive_anon:0kB active_file:140kB inactive_file:0kB unevictable:0kB writepending:4kB present:3932160kB managed:3870208kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 315.977956] lowmem_reserve[]: 0 0 0 0 [ 315.981956] Node 0 DMA: 1*4kB (U) 0*8kB 0*16kB 1*32kB (U) 2*64kB (U) 1*128kB (U) 1*256kB (U) 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15908kB [ 315.995900] Node 0 DMA32: 10102*4kB (UME) 1956*8kB (UME) 2751*16kB (UME) 1710*32kB (UME) 783*64kB (UM) 86*128kB (UM) 10*256kB (UME) 3*512kB (ME) 2*1024kB (UE) 5*2048kB (UME) 257*4096kB (M) = 1284968kB [ 316.014228] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 316.025413] Node 1 Normal: 48*4kB (UE) 360*8kB (UME) 279*16kB (UME) 53*32kB (UME) 17*64kB (UME) 12*128kB (UE) 4*256kB (UM) 3*512kB (UE) 2*1024kB (ME) 5*2048kB (UME) 918*4096kB (M) = 3786832kB [ 316.042913] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 316.052005] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 316.060781] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 316.069756] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 316.079897] 23604 total pagecache pages [ 316.084176] 0 pages in swap cache 04:52:51 executing program 0: mkdir(&(0x7f0000000140)='./file1\x00', 0x21) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', 0x0, 0x2001001, 0x0) syz_mount_image$ext4(0x0, &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x100020, &(0x7f0000000040)={[{@journal_dev={'journal_dev'}}]}) 04:52:51 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) 04:52:51 executing program 4: syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x28001) write$evdev(0xffffffffffffffff, &(0x7f0000000280)=[{}], 0x12) 04:52:51 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, &(0x7f0000000140)={0x0, @aes256}) 04:52:51 executing program 2: 04:52:51 executing program 5: socket$inet_udplite(0x2, 0x2, 0x88) ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") r0 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000140)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r0, &(0x7f0000000000)=ANY=[], 0x0) 04:52:51 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) [ 316.087828] Swap cache stats: add 0, delete 0, find 0/0 [ 316.100254] Free swap = 0kB [ 316.103373] Total swap = 0kB [ 316.106541] 1965979 pages RAM [ 316.109870] 0 pages HighMem/MovableOnly [ 316.114573] 333222 pages reserved [ 316.121775] 0 pages cma reserved 04:52:51 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) 04:52:51 executing program 2: syz_mount_image$xfs(&(0x7f0000000040)='xfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000002680)=ANY=[@ANYBLOB="6e6f7265f93527636f766572792c62699873697a653d3030303030303030303030303030473030f6215e3d875f854765"]) 04:52:51 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, &(0x7f0000000140)={0x0, @aes256}) 04:52:51 executing program 4: syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x28001) write$evdev(0xffffffffffffffff, &(0x7f0000000280)=[{}], 0x12) [ 316.215337] syz-executor.5: vmalloc: allocation failure: 0 bytes, mode:0x14000c0(GFP_KERNEL), nodemask=(null) [ 316.227605] syz-executor.5 cpuset=syz5 mems_allowed=0-1 [ 316.285426] CPU: 1 PID: 19588 Comm: syz-executor.5 Not tainted 4.14.131 #25 [ 316.292660] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 316.292666] Call Trace: [ 316.292685] dump_stack+0x138/0x19c [ 316.292703] warn_alloc.cold+0x96/0x1af [ 316.292713] ? zone_watermark_ok_safe+0x2b0/0x2b0 [ 316.292726] ? lock_downgrade+0x6e0/0x6e0 [ 316.292741] ? avc_has_perm+0x2df/0x4b0 [ 316.292757] __vmalloc_node_range+0x3be/0x6a0 [ 316.292768] ? trace_hardirqs_on+0x10/0x10 04:52:51 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) [ 316.292782] vmalloc+0x46/0x50 [ 316.292792] ? sel_write_load+0x1a0/0x1050 [ 316.292801] sel_write_load+0x1a0/0x1050 [ 316.292812] ? save_trace+0x290/0x290 [ 316.292828] ? sel_read_bool+0x240/0x240 [ 316.292838] ? trace_hardirqs_on+0x10/0x10 [ 316.292848] ? save_trace+0x290/0x290 [ 316.292865] __vfs_write+0x105/0x6b0 [ 316.312420] ? __lock_is_held+0xb6/0x140 [ 316.325189] XFS (loop2): unknown mount option [noreù5'covery]. [ 316.325364] ? sel_read_bool+0x240/0x240 [ 316.325380] ? kernel_read+0x120/0x120 [ 316.337361] ? __lock_is_held+0xb6/0x140 [ 316.345625] ? check_preemption_disabled+0x3c/0x250 [ 316.345643] ? rcu_lockdep_current_cpu_online+0xf2/0x140 [ 316.345655] ? rcu_read_lock_sched_held+0x110/0x130 [ 316.345664] ? rcu_sync_lockdep_assert+0x6d/0xb0 [ 316.345675] ? __sb_start_write+0x153/0x2f0 [ 316.413734] vfs_write+0x198/0x500 [ 316.417265] SyS_write+0xfd/0x230 [ 316.420701] ? SyS_read+0x230/0x230 [ 316.425864] ? do_syscall_64+0x53/0x640 [ 316.429833] ? SyS_read+0x230/0x230 [ 316.433454] do_syscall_64+0x1e8/0x640 [ 316.437407] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 316.442239] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 316.447498] RIP: 0033:0x4597c9 [ 316.450683] RSP: 002b:00007fbe448e1c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 316.458387] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000004597c9 [ 316.465646] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000004 [ 316.472902] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 316.480157] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fbe448e26d4 [ 316.488253] R13: 00000000004c97d2 R14: 00000000004e0bc8 R15: 00000000ffffffff 04:52:51 executing program 0: mkdir(&(0x7f0000000140)='./file0\x00', 0x800000080000000) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', 0x0, 0x2001001, 0x0) syz_mount_image$ext4(0x0, &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x100020, &(0x7f0000000040)={[{@journal_dev={'journal_dev'}}]}) r0 = syz_open_dev$dspn(&(0x7f0000000000)='/dev/dsp#\x00', 0x80000000, 0x240) ioctl$EVIOCSKEYCODE(r0, 0x40084504, &(0x7f0000000100)=[0x8, 0x4]) 04:52:51 executing program 5: socket$inet_udplite(0x2, 0x2, 0x88) ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") r0 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000140)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r0, &(0x7f0000000000)=ANY=[], 0x0) 04:52:51 executing program 2: syz_mount_image$xfs(&(0x7f0000000040)='xfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="6e6f7265636f766572792c62696f7369585dfef07c7a653d30303030303030303030303030303030303030372c6c6f676465763d2e"]) getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffff9c, 0x0, 0x10, &(0x7f00000004c0)={{{@in6=@mcast2, @in6=@local, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@empty}, 0x0, @in=@initdev}}, &(0x7f0000000400)=0xe8) syz_mount_image$msdos(&(0x7f00000000c0)='msdos\x00', &(0x7f0000000100)='./file0\x00', 0x1, 0x2, &(0x7f00000002c0)=[{&(0x7f0000000140)="63cdf5cf4eaf564f988a598a6d2cc04c633abf7ea1ce16acbedbe2e05c6ad581bd89bf075e7621d284dd7c02de51e930be06e616f2291d538631b44a725fe0bda3463c0ec6e9a368dbbc676084fd6de594e54b3ed2bc5a2542d9ad5f32452014e7f46f95e7508ffd8936f9c0d6b7118d6945309cc6c97ba1d4ff66310c796afb04d52f7f3048b023e4be68f6ec", 0x8d, 0x9}, {&(0x7f0000000200)="99abe85c444a4fde29c1b7f5d842f1e2c6de187c9d48209553cfe9b96dc7e75fd78d21f4fd48af1ddab5d659b1215595eeba45a89d5ad197791ff4e6aebbb20d1a57d0358795adc49315e17f59ca42b336d8a37ae9a723025f97712d206821e5be0b5dc607a08c10e29be1a7e6e9da9bffe4820b7eeb08813a58658ab434404fb16e5dc191291462391d0ba1db974f53", 0x90, 0x6}], 0x2110000, &(0x7f0000000440)={[{@dots='dots'}, {@fat=@tz_utc='tz=UTC'}, {@fat=@dmask={'dmask', 0x3d, 0x8}}, {@dots='dots'}, {@nodots='nodots'}, {@fat=@showexec='showexec'}, {@nodots='nodots'}, {@nodots='nodots'}], [{@defcontext={'defcontext', 0x3d, 'system_u'}}, {@fowner_gt={'fowner>', r0}}]}) 04:52:51 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, &(0x7f0000000140)={0x0, @aes256}) 04:52:51 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) 04:52:51 executing program 4: syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x28001) write$evdev(0xffffffffffffffff, &(0x7f0000000280)=[{}], 0x12) 04:52:51 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, &(0x7f0000000140)={0x0, @aes256}) [ 316.656944] syz-executor.5: vmalloc: allocation failure: 0 bytes, mode:0x14000c0(GFP_KERNEL), nodemask=(null) [ 316.674216] XFS (loop2): unknown mount option [biosiX]þð|ze=00000000000000000007]. 04:52:51 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) 04:52:51 executing program 4: syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x28001) write$evdev(0xffffffffffffffff, &(0x7f0000000280)=[{}], 0x12) [ 316.705230] syz-executor.5 cpuset=syz5 mems_allowed=0-1 [ 316.752537] XFS (loop2): unknown mount option [biosiX]þð|ze=00000000000000000007]. [ 316.754842] CPU: 0 PID: 19623 Comm: syz-executor.5 Not tainted 4.14.131 #25 [ 316.769221] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 316.778754] Call Trace: [ 316.781391] dump_stack+0x138/0x19c [ 316.785033] warn_alloc.cold+0x96/0x1af [ 316.789018] ? zone_watermark_ok_safe+0x2b0/0x2b0 [ 316.793879] ? lock_downgrade+0x6e0/0x6e0 [ 316.798064] ? avc_has_perm+0x2df/0x4b0 [ 316.802072] __vmalloc_node_range+0x3be/0x6a0 [ 316.806668] ? trace_hardirqs_on+0x10/0x10 [ 316.810924] vmalloc+0x46/0x50 [ 316.814128] ? sel_write_load+0x1a0/0x1050 [ 316.818359] sel_write_load+0x1a0/0x1050 [ 316.818373] ? save_trace+0x290/0x290 [ 316.818391] ? sel_read_bool+0x240/0x240 [ 316.818403] ? trace_hardirqs_on+0x10/0x10 [ 316.818414] ? save_trace+0x290/0x290 [ 316.830519] __vfs_write+0x105/0x6b0 [ 316.830531] ? __lock_is_held+0xb6/0x140 [ 316.830542] ? sel_read_bool+0x240/0x240 04:52:51 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) [ 316.830553] ? kernel_read+0x120/0x120 [ 316.830563] ? __lock_is_held+0xb6/0x140 [ 316.830572] ? check_preemption_disabled+0x3c/0x250 [ 316.830584] ? rcu_lockdep_current_cpu_online+0xf2/0x140 [ 316.830595] ? rcu_read_lock_sched_held+0x110/0x130 [ 316.830604] ? rcu_sync_lockdep_assert+0x6d/0xb0 [ 316.830612] ? __sb_start_write+0x153/0x2f0 [ 316.830622] vfs_write+0x198/0x500 [ 316.830634] SyS_write+0xfd/0x230 [ 316.830655] ? SyS_read+0x230/0x230 [ 316.883105] ? do_syscall_64+0x53/0x640 [ 316.890070] ? SyS_read+0x230/0x230 04:52:51 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) 04:52:51 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, &(0x7f0000000140)={0x0, @aes256}) [ 316.890079] do_syscall_64+0x1e8/0x640 [ 316.890087] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 316.890101] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 316.890108] RIP: 0033:0x4597c9 [ 316.890113] RSP: 002b:00007fbe448e1c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 316.890123] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000004597c9 [ 316.890129] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000004 [ 316.890133] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 316.890138] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fbe448e26d4 [ 316.890144] R13: 00000000004c97d2 R14: 00000000004e0bc8 R15: 00000000ffffffff [ 316.964406] warn_alloc_show_mem: 1 callbacks suppressed [ 316.964410] Mem-Info: [ 316.982274] active_anon:121380 inactive_anon:1226 isolated_anon:23 [ 316.982274] active_file:8248 inactive_file:12770 isolated_file:0 [ 316.982274] unevictable:0 dirty:398 writeback:0 unstable:0 [ 316.982274] slab_reclaimable:12159 slab_unreclaimable:109363 [ 316.982274] mapped:59064 shmem:2594 pagetables:1205 bounce:0 [ 316.982274] free:1270821 free_pcp:327 free_cma:0 [ 317.021365] Node 0 active_anon:485520kB inactive_anon:4904kB active_file:32852kB inactive_file:51080kB unevictable:0kB isolated(anon):92kB isolated(file):0kB mapped:236256kB dirty:1588kB writeback:0kB shmem:10376kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 425984kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 317.078546] Node 1 active_anon:0kB inactive_anon:0kB active_file:140kB inactive_file:0kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:4kB writeback:0kB shmem:0kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no 04:52:52 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) [ 317.115158] Node 0 DMA free:15908kB min:216kB low:268kB high:320kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 317.153236] lowmem_reserve[]: 0 2580 2580 2580 [ 317.160130] Node 0 DMA32 free:1285744kB min:36468kB low:45584kB high:54700kB active_anon:481132kB inactive_anon:4884kB active_file:32852kB inactive_file:51108kB unevictable:0kB writepending:1616kB present:3129332kB managed:2644912kB mlocked:0kB kernel_stack:7360kB pagetables:4496kB bounce:0kB free_pcp:964kB local_pcp:460kB free_cma:0kB [ 317.198189] lowmem_reserve[]: 0 0 0 0 [ 317.209376] Node 0 Normal free:0kB min:0kB low:0kB high:0kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:0kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 317.234937] lowmem_reserve[]: 0 0 0 0 [ 317.238826] Node 1 Normal free:3786832kB min:53420kB low:66772kB high:80124kB active_anon:0kB inactive_anon:0kB active_file:140kB inactive_file:0kB unevictable:0kB writepending:4kB present:3932160kB managed:3870208kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 317.267328] lowmem_reserve[]: 0 0 0 0 [ 317.271227] Node 0 DMA: 1*4kB (U) 0*8kB 0*16kB 1*32kB (U) 2*64kB (U) 1*128kB (U) 1*256kB (U) 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15908kB [ 317.285445] Node 0 DMA32: 10781*4kB (UME) 2659*8kB (UME) 2739*16kB (UME) 1766*32kB (UME) 811*64kB (UM) 87*128kB (UM) 9*256kB (UME) 4*512kB (ME) 2*1024kB (UE) 5*2048kB (UME) 254*4096kB (M) = 1284796kB [ 317.303509] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 317.314628] Node 1 Normal: 48*4kB (UE) 360*8kB (UME) 279*16kB (UME) 53*32kB (UME) 17*64kB (UME) 12*128kB (UE) 4*256kB (UM) 3*512kB (UE) 2*1024kB (ME) 5*2048kB (UME) 918*4096kB (M) = 3786832kB [ 317.332304] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 317.341301] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 317.349916] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 317.358851] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 317.367452] 23621 total pagecache pages [ 317.371482] 0 pages in swap cache 04:52:52 executing program 5: socket$inet_udplite(0x2, 0x2, 0x88) ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") r0 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000140)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r0, &(0x7f0000000000)=ANY=[], 0x0) 04:52:52 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, &(0x7f0000000140)={0x0, @aes256}) 04:52:52 executing program 2: setxattr$security_ima(&(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='security.ima\x00', &(0x7f0000000100)=@md5={0x1, "903c07353675238d55999a5b5a9d8303"}, 0x11, 0x2) syz_mount_image$xfs(&(0x7f0000000040)='xfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000002680)=ANY=[@ANYBLOB='norecovery,biosize=00000000000000000007,logdev=.']) 04:52:52 executing program 4: syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x28001) write$evdev(0xffffffffffffffff, &(0x7f0000000280)=[{}], 0x12) 04:52:52 executing program 0: mkdir(&(0x7f0000000180)='./file0\x00', 0x10000000000) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', 0x0, 0x2001001, 0x0) syz_mount_image$ext4(0x0, &(0x7f0000000080)='./file0\x00', 0x3, 0xfffffffffffffe7d, 0x0, 0x205400, &(0x7f0000000100)=ANY=[@ANYRESOCT]) 04:52:52 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) [ 317.374932] Swap cache stats: add 0, delete 0, find 0/0 [ 317.380345] Free swap = 0kB [ 317.383359] Total swap = 0kB [ 317.386364] 1965979 pages RAM [ 317.389563] 0 pages HighMem/MovableOnly [ 317.393592] 333222 pages reserved [ 317.398175] 0 pages cma reserved 04:52:52 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) 04:52:52 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, &(0x7f0000000140)={0x0, @aes256}) 04:52:52 executing program 0: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) r0 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vga_arbiter\x00', 0x40080, 0x0) ioctl$SG_GET_SCSI_ID(r0, 0x2276, &(0x7f0000000080)) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', 0x0, 0x2001001, 0x0) syz_mount_image$ext4(0x0, &(0x7f0000000140)='./file0\x00', 0x0, 0x0, 0x0, 0x100020, &(0x7f0000000100)) [ 317.454479] XFS (loop2): no-recovery mounts must be read-only. [ 317.482180] syz-executor.5: vmalloc: allocation failure: 0 bytes, mode:0x14000c0(GFP_KERNEL), nodemask=(null) [ 317.497739] syz-executor.5 cpuset=syz5 mems_allowed=0-1 04:52:52 executing program 2: syz_mount_image$xfs(&(0x7f0000000040)='xfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000002680)=ANY=[@ANYBLOB='norecovery,biosize=00000000000000000007,logdev=.']) r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffff9c, 0x0, 0x11, &(0x7f00000000c0)={{{@in6=@local, @in6=@initdev, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@broadcast}, 0x0, @in6=@remote}}, &(0x7f0000000000)=0xe8) bind(r0, &(0x7f00000001c0)=@xdp={0x2c, 0x0, r1, 0xb}, 0x80) 04:52:52 executing program 4: syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x28001) write$evdev(0xffffffffffffffff, &(0x7f0000000280)=[{}], 0x12) [ 317.525984] CPU: 1 PID: 19687 Comm: syz-executor.5 Not tainted 4.14.131 #25 [ 317.533132] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 317.542494] Call Trace: [ 317.545095] dump_stack+0x138/0x19c [ 317.548739] warn_alloc.cold+0x96/0x1af [ 317.552721] ? zone_watermark_ok_safe+0x2b0/0x2b0 [ 317.557569] ? lock_downgrade+0x6e0/0x6e0 [ 317.561710] ? avc_has_perm+0x2df/0x4b0 [ 317.561725] __vmalloc_node_range+0x3be/0x6a0 [ 317.561736] ? trace_hardirqs_on+0x10/0x10 [ 317.561747] vmalloc+0x46/0x50 [ 317.561755] ? sel_write_load+0x1a0/0x1050 [ 317.561764] sel_write_load+0x1a0/0x1050 [ 317.585891] ? save_trace+0x290/0x290 [ 317.585909] ? sel_read_bool+0x240/0x240 [ 317.585923] ? trace_hardirqs_on+0x10/0x10 [ 317.593763] ? save_trace+0x290/0x290 [ 317.593779] __vfs_write+0x105/0x6b0 [ 317.593788] ? __lock_is_held+0xb6/0x140 [ 317.593798] ? sel_read_bool+0x240/0x240 [ 317.593806] ? kernel_read+0x120/0x120 [ 317.593816] ? __lock_is_held+0xb6/0x140 [ 317.602399] XFS (loop2): no-recovery mounts must be read-only. [ 317.605521] ? check_preemption_disabled+0x3c/0x250 [ 317.605539] ? rcu_lockdep_current_cpu_online+0xf2/0x140 [ 317.605552] ? rcu_read_lock_sched_held+0x110/0x130 [ 317.605562] ? rcu_sync_lockdep_assert+0x6d/0xb0 [ 317.648017] ? __sb_start_write+0x153/0x2f0 [ 317.652352] vfs_write+0x198/0x500 [ 317.655907] SyS_write+0xfd/0x230 [ 317.659381] ? SyS_read+0x230/0x230 [ 317.663032] ? do_syscall_64+0x53/0x640 [ 317.667011] ? SyS_read+0x230/0x230 [ 317.667026] do_syscall_64+0x1e8/0x640 [ 317.667036] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 317.667051] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 317.667062] RIP: 0033:0x4597c9 [ 317.676202] RSP: 002b:00007fbe448e1c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 317.676213] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000004597c9 [ 317.676219] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000004 [ 317.676225] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 317.676231] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fbe448e26d4 04:52:52 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, &(0x7f0000000140)={0x0, @aes256}) 04:52:52 executing program 5: socket$inet_udplite(0x2, 0x2, 0x88) ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") r0 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000140)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r0, &(0x7f0000000000)=ANY=[], 0x0) 04:52:52 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) [ 317.676237] R13: 00000000004c97d2 R14: 00000000004e0bc8 R15: 00000000ffffffff [ 317.774417] XFS (loop2): no-recovery mounts must be read-only. [ 317.792730] syz-executor.5: vmalloc: allocation failure: 0 bytes, mode:0x14000c0(GFP_KERNEL), nodemask=(null) 04:52:52 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) 04:52:52 executing program 4: syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x28001) write$evdev(0xffffffffffffffff, &(0x7f0000000280)=[{}], 0x12) 04:52:52 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, &(0x7f0000000140)={0x0, @aes256}) [ 317.819903] syz-executor.5 cpuset=syz5 mems_allowed=0-1 04:52:52 executing program 2: r0 = syz_open_dev$dspn(&(0x7f0000001140)='/dev/dsp#\x00', 0xffff, 0xc0000) arch_prctl$ARCH_SET_CPUID(0x1012, 0x1) recvfrom$unix(r0, &(0x7f0000001200)=""/246, 0xf6, 0x2020, &(0x7f0000001580)=@file={0x0, './file0\x00'}, 0x6e) syz_mount_image$xfs(&(0x7f0000000040)='xfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000002680)=ANY=[@ANYBLOB='norecovery,biosize=00000000000000000007,logdev=.']) stat(&(0x7f0000001340)='./file0\x00', &(0x7f0000001180)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) syz_mount_image$iso9660(&(0x7f0000000000)='iso9660\x00', &(0x7f00000000c0)='./file0\x00', 0x4, 0x1, &(0x7f0000001100)=[{&(0x7f0000000100)="0e63139f05c1b996d4d2b2ccb533efcce15c8f3c81330f5e65465e4608fda64953182228ae9d79f362e8f99c55892012435464dcae26d88a4b40f91e99549b49ab14a5a58721ea44d7040c72f3ff07bfa899d7c77c70a0a34e7face75681c79c5f7b41629b90e528d2da8ee04289a178bad26783cdd523a93cbbb2f70f8a4d8d2961d6c6a02c81fa1e4e3a8c40c9fd2ae98a2edc30ae2d0ce5703b1621e56139c3463cad07f05382290484d811a370b1fa81b7638458d9dbf21d159e17e60a7a6dc53b1d8b16b772ed208c0ee7f6625518e449ada92cb60302104701035da18c60c2c6fd2e67fca9f8ed4d07db451ac63895935e175f5d4d510ec320b8edc90d39d1584ea30d480cfa56243a0e01eae95a1238431f360969bab8901ac2a1b23e3b6acd11cc1adef7baaa91ad2531bf5e3f2b5b130a747c9170ff301931a9580accb11c4b3b85b3fa7e4989a83b730972a25c36fb3a76db30ec745edd096d1ffba6575589d597c770d9d5145aace996a81bb8468316d16889a3bc81b1e2a22113a5db3b89688ce18070435b3f08f1252e340f4ab061a01003059d3a430d7b2263b49dbe6f2be11d8bcd769a50795a026cda9edd8c004bc9f8e947933f31893071551ef730883d18c2fc7e80735673272f7662ff0921260d2c37aa9b8fbef2528ab60045a92b5fc28eb5bfa7be367cd4848e4d4a15829ae44253ef1e950db7bfdef5db128cc0d180f6867323cbd9492ad04270467cdcf8a7e26754f3a73d835c2aebcbad9f0f80d03ff4545b69bee11be01eec5a62501cee896b1426a481ca556dfc2dadd320c8c7011e96f7482b2d55c01deab763caccde351e52257e18b9d218d5b6fc3bbcf30daf029f411410f93a01573593d7bde4f52db6371c1d575333eac13ee1f4218fc5cb719d58d63a03b5656809b7eaaf41162cc16962f593a33bd043dab5d2d14ce4e70711102d42143acbfd8b653bdfcb856b0a7a5ef0d140f661e81c01781ce6749bd27727d6c9d201eb44bca2c406abe7557eae768ffda40050904c289f35a2202c7b7136dc58bb1c3b14e4dc7557596ca8fff1d6c9a397b597cbcafa5105d51d0d46d7c72f387e69b95fad3f96e599ad72139c123ab2e3c397957d8dd292946a9402f463da9da0d9740f357957cbc583d2503b555ec65f6e7ba3e5ea88c94cc6e777b91b01ea9c918d028f8bc5337e16190fe2b6b036f53a8e9275395a7113d8d88c428d347f03a32c2b0df91b71c65dc76893b904b5c337756b244660f29cdbafd847e4414e17b172161d51eb699d2035cba2b78a80930d81168455f36f633c94754a129d689d15dd2d7ad5f048ac7cd15c66ef1a9b6110e02252153ad2a73c5e401ed40bda68e9121a2e9f174a8570185753290a79eae6a6c780450a51e72c5799d9ee7e8122d33560dafd8a4045a626cab5b544577a1fd1d8d354085674e4391f9a414f23a6049035a856fb9dcece0754da16f8b869efbed757ddc7d4fe5ca9f1930f69aeda123afa9486aef9a0c1a13f9e8321cdf02a8f7454dea5b78e543991f7f98cdb9ae4fcc9edfa6c22ad8e19d6954e29b8a97a8669141c4c96b3749c8c32ae90fa60c67cfed8f2165219f5402d7feacab8db2d8ff8d8ad099b4105511bc3fd78e5d1a35662c587967ce02647c4feec660ca485aea0c3f072b4319f3fccc3ebe3b7d5532b6ccee81fc04d985ae79bc82a563bb5eb942ab691e4555c7e709e7aff14d5636816b52ad31ec7d4f3955d3b2c5f0d52ab50fb23c1a61051e2b6af2a640d2e4f4eb07f6af44c6714edc1fbce8222bcf3170f16adced6242dae37dae3f85992461c5d3e0e33d4dbe0efb37e8b128f1a08edac372173e1126aa07f7cb1e0cbb954347a791be472bc53da5868230c0daf2ba3872234bb501acc3c13767bdcddea2b3f7451c935fe2336542b67c09d249031afc6c43fff4240bbd5f09ec487a72262da33a8ab01e5442588399e6d6073bdf85bfa8bab84aabdaef835905a886b91503cc4713079ce1f14558c7122c3d8544d463b4c4d50e343c79d00dfffd6029e31873e2c8923f1cb4aae22837321d8f263e5a0a5285a329926249d74cf482efa68e0f98d452757411dc4122aa230c24b4bce8d5c161c70fa77ac3a7a9e8a43118068c8a2e78c5fc7461c856d3aaaf71baf66d30672d95788fc8a37d398371f379a2091e406f57b52f6891427f47e5a6973686f7378e0da1039200e888a657a792c221b4c4e6cf9522bc1f3a9862acab1601cb4c0846dcb9e14ecb446e7a52fe0e48b7e84ac7401f74096f2c9bad257fdbb0412c85a20aae35c56ee6cb7e444282067581dbfdcce10470fb007967df197e03a31116f7fff42ed171c48071b3b86f8f2f0813aa4246c5fed97b9b227789620c591a217e7072359a64d86fefd5ebc50173435b870fe715c9e324f09b87f7d249a9c5a7820d76667d7e1d0136d819f6f62be93bb7b7328d954a4883e88235b8960b9a696e1695c9339880fa2880166a2ae9414f392fc96413bab26e1aa2ec8bf202cb9159bbdfe0712df7051f27f4b461b34bc253327f0e3e32500feef73d5222e4a4776ea4bd7d167278f260854bdd1891e994697a8af03cf7e4ab4e973cd257d1e3f0ef57c4a34e1711d0d94581a00119b1eb5d1d4df8bd5e783c8096122f7f4a22b5383992ea57871d5c113659d19194220fb2efc8ad210d47a7f46fe4c15cd9e7990a1ef38b0c78c61e7623746cb5bb44df5e23c521d467f405515ca66297f15253d8bbef1a9736312959011a4d595165ad8150b3e78840d0d24228e906c17db7335fab1ba474d3cf7d7b0dbe2585843485c5e64fdeea1764f31872b7afb6aee6917663921210fe5ff10aa1973984ed2ea1f65017eb21fababd37adc4eaddefae265d6d6c434421babfde4486050fe4cb5dd066608ad299653912ae4e331e7c15d1658cc4e158157f5482ce9dbb51bbc906fcd2c699ce392c9bfe954a08b5ee634b6b791205c3e491cd4f8faf336ed1f05cc6dbcc267b94eabc705b00881d3170ef80c59d16ac3a87fbbe841fc4388d9a821ced590b7b99f66541c7dd806888cba01d63e36abe0985ee0fac02b6f3119ede68af31afaa370138cb21497627f1c39bac180503fd18c67e585f5aff2a704c19a3e82fe879b3d1ee5ed8dcda8e75e707b82f8689467f1c4f2684baef7c4349b50040bf9c9f755d374c847bb1d896ab2c85ca152140be97e6a6c0d246cebeb280e3cd3990fb8c8972689403a382af0e9d226895b24ffa6a9a931372c65e114b35363483262679224637c616dfaed58c4d5b46ccedf8ffaa9c113c95346f07a7dd98981a6a3b909967d6c88733c6fc25272d92abfa225f33551c150f74e2073d9c7b24ed25c07652bc703c1ba1362a734a1896cc4d54629a09d4750f623b58f3d4120fd3db48fc4a76f2ebd642b8dd04f936da6a7f8df49c66ea9d94f612422d351aa864205292a4d4853c7e5a88d7027e262d528fb6cc17da8e4cd14a9fd9ed10a8fa10c252654557047a7eca394d35745346c2776f871fe324a8aa7e6ea08599f770ccb7869e1700bf1b5617b963ec53c3f3dbbc056593c35ab0e1317d1d65f9504afbe98944b3f9335d337a4811128b4cc2d7c0c73cb5e28382d16cf4f84c8ffdd6501e0320dcacc37c1a444415449ae041d8f809e5e69d53e5fb9c63e35b5233ab15a6f55de2c30ec8dc4bd345a92e412aba3b588b91a4097e020c10f5ae1b87457dcde4dd0c6b02e10fdd54902d8af9d77821478b2620f106311b86018843b089219ed6c9abbca822b82dee513a5960d6f12be0c850dd3580a737fe71e401dbfd6438b8aa908b0c34a65ae4759d88ae3cae2804f45ff454247fdd3c8933d959f253ce14a18898258ed4ee8c10c97de64600bd0cea60f3db143eb757c3cf4261ac424e1165ec51baf22912f72a50a30ddadb7ac11c8c16acc1c2492958424503059375f3069e5ef4a437193340b91201554ee8f25fb30c488e5c5dfa843ab6736cbb5174991b04cb605d6fd2dc0004bf845fa68d1f7ff3317e5b96878dca54eb9fde786d571d3321dfa7c4331f1fd11c48cc66659d349993e11f9b0a95d68ceb7abba5b7e20e0a381d1184ab2f92c0841cf7bdb85f779f7e85a76dee9fc553cf7d0d9e9a69d16df717e5eff1125ee39a7d771a9e8155bce93d671725962ec2f17b412ccc8a203795bcc47e2413a9019477e78687ec0fbca00ba98852121208bd8b526eae67a0d0207fd5a607afd34c60163fb830beab5d0d34f110477fe4db8dba2159a9575153efa166e7846cbd061ccc2bd042adccd6ff4ff84b55246f7b4b620b3e1d75f101432b2c5b203bd6787255955a420ad12cabc5eed6e31051621c2227a15e47a6c776c758859b2ff88e0d35e42ae8848c3fbd75decc006875f7757c3be64494203f1e9786150a73e19e48b75bd3ee012a77f4130124e1a918601c082255ab199667e6c75b57bc1d21135fb33b82d27dc4818d197a168cf7af90a6d42afaee950c3b0b98c9fb73332aa5a5a875078481072553e2a459c34c64828ea0246c7871446485b5794a5cdeb46fedaba699b85e2e39a597c8d573c23f20571245dc638447029dafd8fe188f9d0bd025bca9e9d488a1e6619b5bb79ff383c591b51671dc6b438fb562ef6171d955b27ee612120a2496e486d96559786e88f370f4d48ad338c91b95aadcc0e2ad0da7e99a10227d6a5535b30858e45405206ac623a9fbca9306ab70a46ae7bc9e37a82cdf248bbf3b81eba57eb0596a626a3a4f83f580d4e64731d688d5f6610b83d240f70d02c0badcf0e0d0bf6d4cb8e4a3ec3d4eda7c501f1c3b2c34659abb19c56ae124a56e15def6331555dbe6d394800b04a02bfd729fe1ea795cf28cfc5f15068ab81a5e983db9673f41794d8816457410d26ea1c439050bb6e768d32d70db5b068a09ad0ad855955073d0335b9fdaa9516e7bb6686646b72c73f50692b34d4ec00e2beb23c588450db79dedd35c88edc45713bb428fb9cc418c6e06738e013cac4397d7994470e6cc98758044cad0f3abb29c4231ca43a8f50d790279f300db078cc08a9fe8c4b52e0ceed2fb6a990a583877d34d9ac50b690008b7907536aa7e54689727a04bac80fbeadc881bf1d976888bed132b33429d031d16608f26562fc6a35dabe5872a21edfa55ec46f5dd7f047303d20df81d3c00eb43b52b3a39367f59bba8fbe50b021f54c6fcd73bed0c4f6c5c259c965ec8b075d474d0da6425fd34b83d3005c0b689c5687471db50eccf5c3a8da6c53f7c49b56adbd0cd91580ed38919b84c0630988071333978fda0b1939014f19fb0ed0c90f146bb53062c33dc4047e57fc0ddb97ba4a739977849ae9328162f6e423080fab89378f4fde548e82ae0a6626e1604c8d299023e25a924b4ec3c1f09fa21296729e02276779d6410ba7be7620c7e68dfb822c11546a77b01078d3d88adb3368c8beedb8055a4421d007523fc5067209ffc4b6606fbc0e030d3eaa765be8be26db4224a9ae7eb9882a073f7a20ca7f67b8baf53f02b3aaaa9ec26c77b3206f2c0a76384308feda181ed5907c0f0762054f0642ff15de32239ecc2447c9975f9cbf2fea4f41b11980ea7de1142150f121ae83ebf205e69b6c22aff7f068e96aceac0fc46c2d25dff8007077e87a5eee9867e4f8fbcfad0328b33a835f3784a96334b9b08a46a22461fb97f1b34b506c8f36485c6b667b648215ed039dfe91dc0366803bc301220540d2b65cf96ad93b9ce72ced8fd15d043eaac53e5a229458ee7e", 0x1000, 0x7ff}], 0x2050040, &(0x7f00000013c0)=ANY=[@ANYBLOB='mode=0xffffffffffffff01,gid=', @ANYRESHEX=r1, @ANYBLOB="2c6d61703d6f66662c6d61703d6e6f726de96c2c7362736563746f723d3078303030303030303030303030303030332c696f636861727365743d6d616363656c7469632c696f636861727365743d6d61636761656c69632c6d61703d61636f726e2c73657373696f6e3d3078303030303030303030303030303033612c756e686964642c6f626a5f726f6c653d76626f786e6574305e7d2c7065726d69745f646972656374696f2c646f6e745f61707072616973652c61756469742c6f626a5f757365723d70707031776c616e312d2c00d8511c30153df1827650540250d047e0086a9386c80f2c717e22431e6d0f352050f9bb3b6da2d4ba989c8e36a29fe243f8d310587af6d3012d6e5a0a98ea24546156a0d658cad7835603aec54faf06e8ed5fa8672d328bae9ef1d2cd18c9e8ac23b0002f75924aa439c6a4514b3dd0464affbe2b1c5f02b2fcc61fdf64352e6c1544291770f02a37e2cc0f80bc259626e90836c47fc2826ac02e86983e80b6c544b67b3175009b7e"]) [ 317.888908] CPU: 1 PID: 19715 Comm: syz-executor.5 Not tainted 4.14.131 #25 [ 317.896107] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 317.905643] Call Trace: [ 317.908335] dump_stack+0x138/0x19c [ 317.911980] warn_alloc.cold+0x96/0x1af [ 317.915968] ? zone_watermark_ok_safe+0x2b0/0x2b0 [ 317.920820] ? lock_downgrade+0x6e0/0x6e0 [ 317.924984] ? avc_has_perm+0x2df/0x4b0 [ 317.928973] __vmalloc_node_range+0x3be/0x6a0 [ 317.933225] EXT4-fs (sda1): re-mounted. Opts: [ 317.933474] ? trace_hardirqs_on+0x10/0x10 [ 317.942279] vmalloc+0x46/0x50 [ 317.945479] ? sel_write_load+0x1a0/0x1050 [ 317.950065] sel_write_load+0x1a0/0x1050 [ 317.950080] ? save_trace+0x290/0x290 [ 317.950100] ? sel_read_bool+0x240/0x240 [ 317.950110] ? trace_hardirqs_on+0x10/0x10 [ 317.950119] ? save_trace+0x290/0x290 [ 317.950132] __vfs_write+0x105/0x6b0 [ 317.950141] ? __lock_is_held+0xb6/0x140 [ 317.950150] ? sel_read_bool+0x240/0x240 [ 317.950159] ? kernel_read+0x120/0x120 04:52:52 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) [ 317.950167] ? __lock_is_held+0xb6/0x140 [ 317.950176] ? check_preemption_disabled+0x3c/0x250 [ 317.950190] ? rcu_lockdep_current_cpu_online+0xf2/0x140 [ 317.950201] ? rcu_read_lock_sched_held+0x110/0x130 [ 317.950211] ? rcu_sync_lockdep_assert+0x6d/0xb0 [ 317.950219] ? __sb_start_write+0x153/0x2f0 [ 317.950228] vfs_write+0x198/0x500 [ 317.950240] SyS_write+0xfd/0x230 [ 317.958081] ? SyS_read+0x230/0x230 [ 317.958099] ? do_syscall_64+0x53/0x640 [ 317.958109] ? SyS_read+0x230/0x230 [ 317.958125] do_syscall_64+0x1e8/0x640 [ 317.970595] XFS (loop2): no-recovery mounts must be read-only. [ 317.973990] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 317.974009] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 317.974018] RIP: 0033:0x4597c9 [ 317.974023] RSP: 002b:00007fbe448e1c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 318.001552] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000004597c9 [ 318.001558] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000004 [ 318.001563] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 318.001568] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fbe448e26d4 [ 318.001573] R13: 00000000004c97d2 R14: 00000000004e0bc8 R15: 00000000ffffffff [ 318.009363] warn_alloc_show_mem: 1 callbacks suppressed [ 318.009368] Mem-Info: [ 318.023753] active_anon:121938 inactive_anon:1224 isolated_anon:0 [ 318.023753] active_file:8248 inactive_file:12780 isolated_file:0 [ 318.023753] unevictable:0 dirty:409 writeback:0 unstable:0 [ 318.023753] slab_reclaimable:12159 slab_unreclaimable:109539 04:52:53 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, &(0x7f0000000140)={0x0, @aes256}) [ 318.023753] mapped:59073 shmem:2594 pagetables:1260 bounce:0 [ 318.023753] free:1270039 free_pcp:290 free_cma:0 [ 318.031717] Node 0 active_anon:487752kB inactive_anon:4896kB active_file:32852kB inactive_file:51120kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:236292kB dirty:1632kB writeback:0kB shmem:10376kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 428032kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 318.039228] Node 1 active_anon:0kB inactive_anon:0kB active_file:140kB inactive_file:0kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:4kB writeback:0kB shmem:0kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 318.083480] Node 0 [ 318.152301] DMA free:15908kB min:216kB low:268kB high:320kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB 04:52:53 executing program 0: mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', 0x0, 0x2001001, 0x0) r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/sequencer\x00', 0x400, 0x0) getsockopt$inet_sctp_SCTP_STREAM_SCHEDULER_VALUE(0xffffffffffffffff, 0x84, 0x7c, &(0x7f0000000140)={0x0, 0x50aa, 0x6}, &(0x7f0000000180)=0x8) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000240)={0x0, 0x18, 0xfa00, {0x2, &(0x7f0000000200)={0xffffffffffffffff}, 0x113, 0xe}}, 0x20) setsockopt$ALG_SET_AEAD_AUTHSIZE(r0, 0x117, 0x5, 0x0, 0x100000000) ioctl$EXT4_IOC_MOVE_EXT(r0, 0xc028660f, &(0x7f0000000000)={0x0, r0, 0x4, 0x9, 0x55, 0x3f4b4157}) write$RDMA_USER_CM_CMD_BIND(r0, &(0x7f0000000280)={0x14, 0x88, 0xfa00, {r2, 0x1c, 0x0, @ib={0x1b, 0x2, 0xfffffffffffff329, {"a4993b0e061aa5abca77c55b5a486601"}, 0x7f, 0x8001, 0x1}}}, 0x90) setsockopt$inet_sctp6_SCTP_RESET_ASSOC(r0, 0x84, 0x78, &(0x7f00000001c0)=r1, 0x4) syz_mount_image$ext4(0x0, &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x100020, &(0x7f0000000340)=ANY=[@ANYBLOB="6a6f75726e616c5f6465763dcafde0f2303030303030ffff3030303030302c00505f189e6cd9cfcbbf08000000640bd04f7634170c53e2c1ca9e81650de60ba782efa57a1a511a426f484643976217f0d7711575756b2499aef6369970a0bb6cb9b5f7227de9752fba35e229d3d8fac6e7a3c83eae2df17985c83c61ca04000000a46d686e353248a673f8ef9b0a9f1f3da90e47652177e427549da8c53a307d436aea11b91d08087de155782a61c14e0b25f30bb07ed04197797a9d493f6abc02c769b8f39507ed33d71b816ce8a0c7edc0abeb9836a338ed5184b5ea176ff64381e8"]) 04:52:53 executing program 4: syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x28001) write$evdev(0xffffffffffffffff, &(0x7f0000000280)=[{}], 0x12) 04:52:53 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) 04:52:53 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, &(0x7f0000000140)={0x0, @aes256}) [ 318.257949] lowmem_reserve[]: 0 2580 2580 2580 [ 318.276284] Node 0 DMA32 free:1282428kB min:36468kB low:45584kB high:54700kB active_anon:483660kB inactive_anon:4892kB active_file:32852kB inactive_file:51164kB unevictable:0kB writepending:1672kB present:3129332kB managed:2644912kB mlocked:0kB kernel_stack:7616kB pagetables:4768kB bounce:0kB free_pcp:560kB local_pcp:248kB free_cma:0kB [ 318.309493] lowmem_reserve[]: 0 0 0 0 [ 318.313815] Node 0 Normal free:0kB min:0kB low:0kB high:0kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:0kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 318.374778] lowmem_reserve[]: 0 0 0 0 [ 318.378711] Node 1 Normal free:3786832kB min:53420kB low:66772kB high:80124kB active_anon:0kB inactive_anon:0kB active_file:140kB inactive_file:0kB unevictable:0kB writepending:4kB present:3932160kB managed:3870208kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 318.406879] lowmem_reserve[]: 0 0 0 0 [ 318.429985] Node 0 DMA: 1*4kB (U) 0*8kB 0*16kB 1*32kB (U) 2*64kB (U) 1*128kB (U) 1*256kB (U) 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15908kB [ 318.446858] Node 0 DMA32: 10706*4kB (UME) 2620*8kB (UME) 2733*16kB (UME) 1769*32kB (UME) 813*64kB (UM) 87*128kB (UM) 9*256kB (UME) 4*512kB (ME) 2*1024kB (UE) 5*2048kB (UME) 254*4096kB (M) = 1284312kB [ 318.466065] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 318.476884] Node 1 Normal: 48*4kB (UE) 360*8kB (UME) 279*16kB (UME) 53*32kB (UME) 17*64kB (UME) 12*128kB (UE) 4*256kB (UM) 3*512kB (UE) 2*1024kB (ME) 5*2048kB (UME) 918*4096kB (M) = 3786832kB [ 318.494465] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 318.512122] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 318.525287] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 318.543402] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 318.552163] 23634 total pagecache pages [ 318.556215] 0 pages in swap cache [ 318.559718] Swap cache stats: add 0, delete 0, find 0/0 [ 318.566302] Free swap = 0kB [ 318.569410] Total swap = 0kB [ 318.572835] 1965979 pages RAM [ 318.576008] 0 pages HighMem/MovableOnly 04:52:53 executing program 5: socket$inet_udplite(0x2, 0x2, 0x88) ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") r0 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000140)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r0, &(0x7f0000000000)=ANY=[], 0x0) 04:52:53 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) 04:52:53 executing program 2: syz_mount_image$xfs(&(0x7f0000000040)='xfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000002680)=ANY=[@ANYBLOB="6e6f7265636f766572792c62696f73e97a653d30303030303030303030303030303030303030372c6c6f676465763d2e"]) r0 = syz_open_dev$audion(&(0x7f0000000000)='/dev/audio#\x00', 0x0, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000280)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000240)={0xffffffffffffffff}, 0xffffffffffffffff, 0x2}}, 0xffffff43) write$RDMA_USER_CM_CMD_INIT_QP_ATTR(r0, &(0x7f0000000200)={0xb, 0x10, 0xfa00, {&(0x7f00000000c0), r1, 0x5}}, 0x18) pipe2(&(0x7f0000000180), 0x0) 04:52:53 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, &(0x7f0000000140)={0x0, @aes256}) 04:52:53 executing program 4: syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x28001) write$evdev(0xffffffffffffffff, &(0x7f0000000280)=[{}], 0x12) [ 318.579994] 333222 pages reserved [ 318.583778] 0 pages cma reserved 04:52:53 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, &(0x7f0000000140)={0x0, @aes256}) 04:52:53 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) 04:52:53 executing program 0: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', 0x0, 0x2001005, 0x0) syz_mount_image$ext4(0x0, &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x100020, &(0x7f0000000140)=ANY=[@ANYBLOB="6a6f75726e616c5f6465763d3078303030303030303030303030303030302c00df76685d8b1e95d2493d49af73ba76264b1aa35d73903404ce89a4ff5741a20d21f3b250b3f5288304fd67bbfc5bbb5a9a2887241caa518e229809645482122013802cac8df4a2fc5a3c452f7bf25d31036c9faa1cf6074558d8fe83b5e1cec3e53fc2ce1b3e96a1844a509827805782c9cc3ebabfb1a807fc2a01d5a60020120d45e2e04290efe4fa62a248540709673d29301f381c10ac7226ab463469b793d6bb137367d739d6e86ed2e6b947cffc892f6633da88fa0ce2949ab950dd9c8986124e6c803409130ebdd803fe31c96b3d2062d8"]) pipe(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$KVM_GET_CLOCK(r0, 0x8030ae7c, &(0x7f0000000100)) [ 318.659781] XFS (loop2): unknown mount option [bioséze=00000000000000000007]. [ 318.673389] syz-executor.5: vmalloc: allocation failure: 0 bytes, mode:0x14000c0(GFP_KERNEL), nodemask=(null) 04:52:53 executing program 4: syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x28001) write$evdev(0xffffffffffffffff, &(0x7f0000000280)=[{}], 0x12) [ 318.704465] syz-executor.5 cpuset=syz5 mems_allowed=0-1 [ 318.736666] CPU: 1 PID: 19781 Comm: syz-executor.5 Not tainted 4.14.131 #25 [ 318.743817] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 04:52:53 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, &(0x7f0000000140)={0x0, @aes256}) [ 318.753179] Call Trace: [ 318.755783] dump_stack+0x138/0x19c [ 318.759426] warn_alloc.cold+0x96/0x1af [ 318.763409] ? zone_watermark_ok_safe+0x2b0/0x2b0 [ 318.768260] ? lock_downgrade+0x6e0/0x6e0 [ 318.768278] ? avc_has_perm+0x2df/0x4b0 [ 318.776384] __vmalloc_node_range+0x3be/0x6a0 [ 318.776400] ? trace_hardirqs_on+0x10/0x10 [ 318.785108] vmalloc+0x46/0x50 [ 318.788301] ? sel_write_load+0x1a0/0x1050 [ 318.788310] sel_write_load+0x1a0/0x1050 [ 318.788322] ? save_trace+0x290/0x290 [ 318.796588] ? sel_read_bool+0x240/0x240 [ 318.796605] ? trace_hardirqs_on+0x10/0x10 [ 318.808678] ? save_trace+0x290/0x290 [ 318.812490] __vfs_write+0x105/0x6b0 [ 318.812918] XFS (loop2): unknown mount option [bioséze=00000000000000000007]. [ 318.816216] ? __lock_is_held+0xb6/0x140 [ 318.816229] ? sel_read_bool+0x240/0x240 [ 318.816238] ? kernel_read+0x120/0x120 [ 318.816249] ? __lock_is_held+0xb6/0x140 [ 318.840187] ? check_preemption_disabled+0x3c/0x250 [ 318.845219] ? rcu_lockdep_current_cpu_online+0xf2/0x140 04:52:53 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, &(0x7f0000000140)={0x0, @aes256}) [ 318.850689] ? rcu_read_lock_sched_held+0x110/0x130 [ 318.855795] ? rcu_sync_lockdep_assert+0x6d/0xb0 [ 318.860552] ? __sb_start_write+0x153/0x2f0 [ 318.864878] vfs_write+0x198/0x500 [ 318.868516] SyS_write+0xfd/0x230 [ 318.872097] ? SyS_read+0x230/0x230 [ 318.875741] ? do_syscall_64+0x53/0x640 [ 318.879703] ? SyS_read+0x230/0x230 [ 318.883320] do_syscall_64+0x1e8/0x640 [ 318.887188] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 318.893062] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 318.898322] RIP: 0033:0x4597c9 04:52:53 executing program 5: socket$inet_udplite(0x2, 0x2, 0x88) ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") r0 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000140)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r0, &(0x7f0000000000)=ANY=[], 0x0) 04:52:53 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) [ 318.901496] RSP: 002b:00007fbe448e1c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 318.909620] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000004597c9 [ 318.916877] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000004 [ 318.924225] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 318.931486] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fbe448e26d4 [ 318.938739] R13: 00000000004c97d2 R14: 00000000004e0bc8 R15: 00000000ffffffff 04:52:53 executing program 2: syz_mount_image$xfs(&(0x7f0000000040)='xfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000002680)=ANY=[@ANYBLOB="6e6f7265636f76657284136d3b81bd2953a8bfb2472fd120792c62696f73527a653d3030303030303087303030303030"]) r0 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000300)='/dev/autofs\x00', 0x0, 0x0) setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f00000000c0)=[@in6={0xa, 0xffffffffb81003d0, 0x0, @rand_addr="487403d21399c3e89a13c7e542be2ec2"}, @in={0x2, 0x4e24, @broadcast}], 0x2c) socket$bt_cmtp(0x1f, 0x3, 0x5) getsockopt$inet_sctp6_SCTP_GET_ASSOC_STATS(r0, 0x84, 0x70, &(0x7f0000000100)={0x0, @in6={{0xa, 0x4e20, 0x7, @empty, 0x1ff}}, [0x80000001, 0x6cd, 0x1, 0xffff, 0x200, 0x7f, 0x1f, 0x6, 0x1ff, 0x4, 0x5, 0x7, 0x7, 0x6, 0x5da]}, &(0x7f0000000200)=0x100) setsockopt$inet_sctp6_SCTP_PR_SUPPORTED(r0, 0x84, 0x71, &(0x7f0000000240)={r1, 0x2}, 0x8) 04:52:53 executing program 4: syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x28001) write$evdev(0xffffffffffffffff, &(0x7f0000000280)=[{}], 0x12) [ 319.023175] EXT4-fs (sda1): Cannot specify journal on remount 04:52:54 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) [ 319.071536] EXT4-fs (sda1): Cannot specify journal on remount [ 319.081472] syz-executor.5: vmalloc: allocation failure: 0 bytes, mode:0x14000c0(GFP_KERNEL), nodemask=(null) 04:52:54 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, &(0x7f0000000140)={0x0, @aes256}) 04:52:54 executing program 0: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) r0 = openat$full(0xffffffffffffff9c, &(0x7f0000000100)='/dev/full\x00', 0x8000, 0x0) recvfrom$x25(r0, &(0x7f0000000140)=""/206, 0xce, 0x2, &(0x7f0000000240)={0x9, @remote={[], 0x0}}, 0x12) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', 0x0, 0x2001001, 0x0) syz_mount_image$ext4(0x0, &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x100020, &(0x7f0000000040)={[{@journal_dev={'journal_dev'}}]}) [ 319.112814] XFS (loop2): unknown mount option [norecover„m;½)S¨¿²G/Ñ y]. [ 319.148952] syz-executor.5 cpuset=syz5 mems_allowed=0-1 04:52:54 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, &(0x7f0000000140)={0x0, @aes256}) [ 319.168043] XFS (loop2): unknown mount option [norecover„m;½)S¨¿²G/Ñ y]. [ 319.182271] CPU: 1 PID: 19821 Comm: syz-executor.5 Not tainted 4.14.131 #25 [ 319.189824] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 319.199270] Call Trace: [ 319.201872] dump_stack+0x138/0x19c [ 319.205871] warn_alloc.cold+0x96/0x1af [ 319.209860] ? zone_watermark_ok_safe+0x2b0/0x2b0 04:52:54 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, &(0x7f0000000140)={0x0, @aes256}) [ 319.214696] ? lock_downgrade+0x6e0/0x6e0 [ 319.214713] ? avc_has_perm+0x2df/0x4b0 [ 319.214727] __vmalloc_node_range+0x3be/0x6a0 [ 319.214741] ? trace_hardirqs_on+0x10/0x10 [ 319.231713] vmalloc+0x46/0x50 [ 319.234918] ? sel_write_load+0x1a0/0x1050 [ 319.239157] sel_write_load+0x1a0/0x1050 [ 319.243228] ? save_trace+0x290/0x290 [ 319.247042] ? sel_read_bool+0x240/0x240 [ 319.251120] ? trace_hardirqs_on+0x10/0x10 [ 319.255359] ? save_trace+0x290/0x290 [ 319.259160] __vfs_write+0x105/0x6b0 [ 319.262862] ? __lock_is_held+0xb6/0x140 [ 319.262872] ? sel_read_bool+0x240/0x240 [ 319.262882] ? kernel_read+0x120/0x120 [ 319.262891] ? __lock_is_held+0xb6/0x140 [ 319.262901] ? check_preemption_disabled+0x3c/0x250 [ 319.262913] ? rcu_lockdep_current_cpu_online+0xf2/0x140 [ 319.262924] ? rcu_read_lock_sched_held+0x110/0x130 [ 319.294497] ? rcu_sync_lockdep_assert+0x6d/0xb0 [ 319.299262] ? __sb_start_write+0x153/0x2f0 [ 319.303602] vfs_write+0x198/0x500 [ 319.307152] SyS_write+0xfd/0x230 [ 319.310608] ? SyS_read+0x230/0x230 [ 319.314247] ? do_syscall_64+0x53/0x640 04:52:54 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, &(0x7f0000000140)={0x0, @aes256}) [ 319.318229] ? SyS_read+0x230/0x230 [ 319.322042] do_syscall_64+0x1e8/0x640 [ 319.325940] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 319.330798] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 319.330807] RIP: 0033:0x4597c9 [ 319.330812] RSP: 002b:00007fbe448e1c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 319.330822] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000004597c9 [ 319.330830] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000004 [ 319.346889] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 04:52:54 executing program 4: syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x28001) write$evdev(0xffffffffffffffff, &(0x7f0000000280)=[{}], 0x12) 04:52:54 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) [ 319.346895] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fbe448e26d4 [ 319.346901] R13: 00000000004c97d2 R14: 00000000004e0bc8 R15: 00000000ffffffff [ 319.372560] warn_alloc_show_mem: 1 callbacks suppressed [ 319.372563] Mem-Info: [ 319.391723] active_anon:120838 inactive_anon:1222 isolated_anon:0 [ 319.391723] active_file:8249 inactive_file:12803 isolated_file:0 [ 319.391723] unevictable:0 dirty:432 writeback:0 unstable:0 [ 319.391723] slab_reclaimable:12147 slab_unreclaimable:109937 [ 319.391723] mapped:59090 shmem:2594 pagetables:1125 bounce:0 [ 319.391723] free:1270578 free_pcp:331 free_cma:0 [ 319.432628] Node 0 active_anon:485416kB inactive_anon:4888kB active_file:32856kB inactive_file:51212kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:236360kB dirty:1724kB writeback:0kB shmem:10376kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 434176kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 319.467574] Node 1 active_anon:0kB inactive_anon:0kB active_file:140kB inactive_file:0kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:4kB writeback:0kB shmem:0kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 319.497745] Node 0 DMA free:15908kB min:216kB low:268kB high:320kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 319.525627] EXT4-fs (sda1): Cannot specify journal on remount [ 319.531850] lowmem_reserve[]: 0 2580 2580 2580 [ 319.536456] Node 0 DMA32 free:1281124kB min:36468kB low:45584kB high:54700kB active_anon:485276kB inactive_anon:4888kB active_file:32856kB inactive_file:51212kB unevictable:0kB writepending:1724kB present:3129332kB managed:2644912kB mlocked:0kB kernel_stack:7488kB pagetables:4648kB bounce:0kB free_pcp:1308kB local_pcp:688kB free_cma:0kB [ 319.568819] lowmem_reserve[]: 0 0 0 0 [ 319.581374] Node 0 Normal free:0kB min:0kB low:0kB high:0kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:0kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 319.625401] lowmem_reserve[]: 0 0 0 0 [ 319.629642] Node 1 Normal free:3786832kB min:53420kB low:66772kB high:80124kB active_anon:0kB inactive_anon:0kB active_file:140kB inactive_file:0kB unevictable:0kB writepending:4kB present:3932160kB managed:3870208kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 319.659263] lowmem_reserve[]: 0 0 0 0 [ 319.664870] Node 0 DMA: 1*4kB (U) 0*8kB 0*16kB 1*32kB (U) 2*64kB (U) 1*128kB (U) 1*256kB (U) 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15908kB [ 319.680231] Node 0 DMA32: 10556*4kB (UME) 2606*8kB (ME) 2755*16kB (UME) 1756*32kB (UME) 813*64kB (UM) 87*128kB (UM) 9*256kB (UME) 4*512kB (ME) 2*1024kB (UE) 4*2048kB (UME) 254*4096kB (M) = 1281488kB [ 319.701150] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 319.713305] Node 1 Normal: 48*4kB (UE) 360*8kB (UME) 279*16kB (UME) 53*32kB (UME) 17*64kB (UME) 12*128kB (UE) 4*256kB (UM) 3*512kB (UE) 2*1024kB (ME) 5*2048kB (UME) 918*4096kB (M) = 3786832kB [ 319.730831] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 319.730840] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 319.730850] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 319.748797] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 319.769291] EXT4-fs (sda1): Cannot specify journal on remount 04:52:54 executing program 5: socket$inet_udplite(0x2, 0x2, 0x88) ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") r0 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000140)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r0, &(0x7f0000000000)=ANY=[], 0x0) 04:52:54 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, &(0x7f0000000140)={0x0, @aes256}) 04:52:54 executing program 2: r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snapshot\x00', 0x200, 0x0) getsockopt$inet6_mreq(r0, 0x29, 0x15, &(0x7f0000000180)={@local, 0x0}, &(0x7f00000001c0)=0x14) ioctl$sock_inet6_SIOCDIFADDR(r0, 0x8936, &(0x7f0000000140)={@local, 0x5a, r1}) syz_mount_image$xfs(&(0x7f0000000040)='xfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000002680)=ANY=[@ANYBLOB='norecovery,biosize=00000000000000000007,logdev=.']) setsockopt$bt_BT_RCVMTU(r0, 0x112, 0xd, &(0x7f00000000c0)=0x4, 0x2) 04:52:54 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) 04:52:54 executing program 4: syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x28001) write$evdev(0xffffffffffffffff, &(0x7f0000000280)=[{}], 0x12) 04:52:54 executing program 0: r0 = syz_open_dev$dspn(&(0x7f0000000140)='/dev/dsp#\x00', 0x2, 0x0) ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f0000000180)=0x0) ioctl$TIOCSPGRP(r0, 0x5410, &(0x7f00000001c0)=r1) arch_prctl$ARCH_GET_FS(0x1003, &(0x7f0000000100)) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', 0x0, 0x2001001, 0x0) syz_mount_image$ext4(0x0, &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x100020, &(0x7f0000000200)=ANY=[@ANYBLOB="6a6f75726e616c5f6465763d4d78303030303030303030303030303030302c000b2791184238ff053374d026a29833f4acbfc7046a0b4ec6a3ddaa001442"]) setsockopt$inet6_buf(r0, 0x29, 0x2c, &(0x7f0000000240)="7cc9718b24edf0bf95c45edde51480241bb3fbf0323a73ed08571cffebc60c74c53eca2055aa035727b84381a327dd78d14b73524ee34d284099f202ea500c088275dd87e26b9244a86fb35185b81150764a97654223fb3ac7fcd1286301825917ca5c3572ab840fb9225b97c3a8f072f5754a54f35a3062838ea63b28ef", 0x7e) [ 319.771614] 23654 total pagecache pages [ 319.779354] 0 pages in swap cache [ 319.783052] Swap cache stats: add 0, delete 0, find 0/0 [ 319.788429] Free swap = 0kB [ 319.791559] Total swap = 0kB [ 319.794676] 1965979 pages RAM [ 319.797765] 0 pages HighMem/MovableOnly [ 319.802658] 333222 pages reserved [ 319.806124] 0 pages cma reserved 04:52:54 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, &(0x7f0000000140)={0x0, @aes256}) 04:52:54 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) 04:52:54 executing program 4: syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x28001) write$evdev(0xffffffffffffffff, &(0x7f0000000280)=[{}], 0x12) [ 319.874063] XFS (loop2): no-recovery mounts must be read-only. [ 319.936616] syz-executor.5: vmalloc: allocation failure: 0 bytes, mode:0x14000c0(GFP_KERNEL), nodemask=(null) 04:52:54 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, &(0x7f0000000140)={0x0, @aes256}) [ 319.994655] syz-executor.5 cpuset=syz5 mems_allowed=0-1 [ 320.009364] EXT4-fs (sda1): Unrecognized mount option "journal_dev=Mx0000000000000000" or missing value [ 320.027079] CPU: 0 PID: 19881 Comm: syz-executor.5 Not tainted 4.14.131 #25 [ 320.034765] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 320.034770] Call Trace: [ 320.034790] dump_stack+0x138/0x19c [ 320.034809] warn_alloc.cold+0x96/0x1af [ 320.054663] ? zone_watermark_ok_safe+0x2b0/0x2b0 [ 320.059538] ? lock_downgrade+0x6e0/0x6e0 [ 320.063704] ? avc_has_perm+0x2df/0x4b0 [ 320.067716] __vmalloc_node_range+0x3be/0x6a0 [ 320.072401] ? trace_hardirqs_on+0x10/0x10 [ 320.076670] vmalloc+0x46/0x50 [ 320.079889] ? sel_write_load+0x1a0/0x1050 [ 320.084135] sel_write_load+0x1a0/0x1050 [ 320.088300] ? save_trace+0x290/0x290 04:52:54 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) 04:52:55 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) [ 320.092125] ? sel_read_bool+0x240/0x240 [ 320.096387] ? trace_hardirqs_on+0x10/0x10 [ 320.100635] ? save_trace+0x290/0x290 [ 320.104452] __vfs_write+0x105/0x6b0 [ 320.108470] ? __lock_is_held+0xb6/0x140 [ 320.112539] ? sel_read_bool+0x240/0x240 [ 320.116611] ? kernel_read+0x120/0x120 [ 320.120509] ? __lock_is_held+0xb6/0x140 [ 320.124582] ? check_preemption_disabled+0x3c/0x250 [ 320.129691] ? rcu_lockdep_current_cpu_online+0xf2/0x140 [ 320.135159] ? rcu_read_lock_sched_held+0x110/0x130 [ 320.140209] ? rcu_sync_lockdep_assert+0x6d/0xb0 [ 320.140219] ? __sb_start_write+0x153/0x2f0 [ 320.140231] vfs_write+0x198/0x500 [ 320.140254] SyS_write+0xfd/0x230 [ 320.140273] ? SyS_read+0x230/0x230 [ 320.153755] ? do_syscall_64+0x53/0x640 [ 320.153769] ? SyS_read+0x230/0x230 [ 320.153779] do_syscall_64+0x1e8/0x640 [ 320.153788] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 320.177247] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 320.182441] RIP: 0033:0x4597c9 [ 320.185629] RSP: 002b:00007fbe448e1c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 04:52:55 executing program 5: socket$inet_udplite(0x2, 0x2, 0x88) ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") r0 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000140)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r0, &(0x7f0000000000)=ANY=[], 0x0) 04:52:55 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) 04:52:55 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, &(0x7f0000000140)={0x0, @aes256}) 04:52:55 executing program 2: syz_mount_image$xfs(&(0x7f0000000040)='xfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000002680)=ANY=[@ANYBLOB='norecovesy,biosize=00000000000000000007,logdev=.']) rename(&(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='./file0\x00') [ 320.193359] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000004597c9 [ 320.200882] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000004 [ 320.208200] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 320.215463] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fbe448e26d4 [ 320.230767] R13: 00000000004c97d2 R14: 00000000004e0bc8 R15: 00000000ffffffff 04:52:55 executing program 4: syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x28001) write$evdev(0xffffffffffffffff, &(0x7f0000000280)=[{}], 0x12) [ 320.314651] syz-executor.5: vmalloc: allocation failure: 0 bytes, mode:0x14000c0(GFP_KERNEL), nodemask=(null) [ 320.342938] XFS (loop2): unknown mount option [norecovesy]. [ 320.350679] EXT4-fs (sda1): Unrecognized mount option "journal_dev=Mx0000000000000000" or missing value [ 320.382678] syz-executor.5 cpuset=syz5 mems_allowed=0-1 [ 320.389678] CPU: 1 PID: 19914 Comm: syz-executor.5 Not tainted 4.14.131 #25 [ 320.396804] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 320.406395] Call Trace: [ 320.409021] dump_stack+0x138/0x19c [ 320.412640] warn_alloc.cold+0x96/0x1af [ 320.416599] ? zone_watermark_ok_safe+0x2b0/0x2b0 [ 320.421428] ? lock_downgrade+0x6e0/0x6e0 [ 320.425562] ? avc_has_perm+0x2df/0x4b0 [ 320.429524] __vmalloc_node_range+0x3be/0x6a0 [ 320.434024] ? trace_hardirqs_on+0x10/0x10 [ 320.438261] vmalloc+0x46/0x50 [ 320.441436] ? sel_write_load+0x1a0/0x1050 [ 320.445673] sel_write_load+0x1a0/0x1050 [ 320.449739] ? save_trace+0x290/0x290 [ 320.453613] ? sel_read_bool+0x240/0x240 [ 320.457654] ? trace_hardirqs_on+0x10/0x10 [ 320.461876] ? save_trace+0x290/0x290 [ 320.465664] __vfs_write+0x105/0x6b0 [ 320.469726] ? __lock_is_held+0xb6/0x140 [ 320.473962] ? sel_read_bool+0x240/0x240 [ 320.478220] ? kernel_read+0x120/0x120 [ 320.482101] ? __lock_is_held+0xb6/0x140 [ 320.486149] ? check_preemption_disabled+0x3c/0x250 [ 320.491151] ? rcu_lockdep_current_cpu_online+0xf2/0x140 [ 320.496757] ? rcu_read_lock_sched_held+0x110/0x130 [ 320.501770] ? rcu_sync_lockdep_assert+0x6d/0xb0 [ 320.506516] ? __sb_start_write+0x153/0x2f0 [ 320.510827] vfs_write+0x198/0x500 [ 320.514354] SyS_write+0xfd/0x230 [ 320.517805] ? SyS_read+0x230/0x230 [ 320.521448] ? do_syscall_64+0x53/0x640 [ 320.527427] ? SyS_read+0x230/0x230 [ 320.531049] do_syscall_64+0x1e8/0x640 [ 320.534929] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 320.539765] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 320.545030] RIP: 0033:0x4597c9 [ 320.548201] RSP: 002b:00007fbe448e1c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 320.556207] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000004597c9 [ 320.564279] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000004 [ 320.572964] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 320.580490] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fbe448e26d4 [ 320.587766] R13: 00000000004c97d2 R14: 00000000004e0bc8 R15: 00000000ffffffff [ 320.600625] warn_alloc_show_mem: 1 callbacks suppressed [ 320.600628] Mem-Info: [ 320.608598] active_anon:121950 inactive_anon:1220 isolated_anon:0 [ 320.608598] active_file:8249 inactive_file:12820 isolated_file:0 [ 320.608598] unevictable:0 dirty:451 writeback:0 unstable:0 [ 320.608598] slab_reclaimable:12136 slab_unreclaimable:109697 04:52:55 executing program 0: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', 0x0, 0x2001001, 0x0) syz_mount_image$ext4(0x0, &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x100020, &(0x7f0000000180)=ANY=[@ANYBLOB="6a6f75726e456c003030303030303030302c0056b303ea7dde1576989c92abac3a6a7b82f1613bd5406313c510b419b9439907ee3f96f30056a38b529612229ae1ecd8f78f87d884fdfd8a82e489bdc227b0f2f738fb9ee682b7663356c2da54e675ff9d5e0fc3"]) 04:52:55 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, &(0x7f0000000140)={0x0, @aes256}) 04:52:55 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) 04:52:55 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) [ 320.608598] mapped:59069 shmem:2594 pagetables:1210 bounce:0 [ 320.608598] free:1269996 free_pcp:220 free_cma:0 04:52:55 executing program 4: syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x28001) write$evdev(0xffffffffffffffff, &(0x7f0000000280)=[{}], 0x12) [ 320.653946] Node 0 active_anon:485696kB inactive_anon:4880kB active_file:32856kB inactive_file:51280kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:236276kB dirty:1800kB writeback:0kB shmem:10376kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 436224kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 320.685139] Node 1 active_anon:0kB inactive_anon:0kB active_file:140kB inactive_file:0kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:4kB writeback:0kB shmem:0kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no 04:52:55 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, &(0x7f0000000140)={0x0, @aes256}) [ 320.719842] Node 0 DMA free:15908kB min:216kB low:268kB high:320kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 320.765873] XFS (loop2): unknown mount option [norecovesy]. [ 320.776716] lowmem_reserve[]: 0 2580 2580 2580 04:52:55 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, &(0x7f0000000140)={0x0, @aes256}) [ 320.788690] Node 0 DMA32 free:1282108kB min:36468kB low:45584kB high:54700kB active_anon:483300kB inactive_anon:4880kB active_file:32856kB inactive_file:51280kB unevictable:0kB writepending:1800kB present:3129332kB managed:2644912kB mlocked:0kB kernel_stack:7648kB pagetables:4944kB bounce:0kB free_pcp:768kB local_pcp:508kB free_cma:0kB [ 320.854359] lowmem_reserve[]: 0 0 0 0 [ 320.858743] Node 0 Normal free:0kB min:0kB low:0kB high:0kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:0kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 320.895982] EXT4-fs (sda1): Unrecognized mount option "journEl" or missing value [ 320.904146] lowmem_reserve[]: 0 0 0 0 [ 320.922287] Node 1 Normal free:3786832kB min:53420kB low:66772kB high:80124kB active_anon:0kB inactive_anon:0kB active_file:140kB inactive_file:0kB unevictable:0kB writepending:4kB present:3932160kB managed:3870208kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 320.966931] lowmem_reserve[]: 0 0 0 0 [ 320.971986] Node 0 DMA: 1*4kB (U) 0*8kB 0*16kB 1*32kB (U) 2*64kB (U) 1*128kB (U) 1*256kB (U) 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15908kB [ 320.995115] Node 0 DMA32: 10600*4kB (UME) 2626*8kB (UME) 2783*16kB (UME) 1771*32kB (UME) 813*64kB (UM) 87*128kB (UM) 9*256kB (UME) 4*512kB (ME) 2*1024kB (UE) 4*2048kB (UME) 254*4096kB (M) = 1282752kB [ 321.014343] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 321.026397] Node 1 Normal: 48*4kB (UE) 360*8kB (UME) 279*16kB (UME) 53*32kB (UME) 17*64kB (UME) 12*128kB (UE) 4*256kB (UM) 3*512kB (UE) 2*1024kB (ME) 5*2048kB (UME) 918*4096kB (M) = 3786832kB [ 321.044413] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 321.053887] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 321.058829] EXT4-fs (sda1): Unrecognized mount option "journEl" or missing value [ 321.069562] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 321.080563] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 321.089350] 23667 total pagecache pages [ 321.093478] 0 pages in swap cache [ 321.096999] Swap cache stats: add 0, delete 0, find 0/0 [ 321.102879] Free swap = 0kB [ 321.105904] Total swap = 0kB [ 321.108931] 1965979 pages RAM [ 321.112183] 0 pages HighMem/MovableOnly 04:52:56 executing program 5: socket$inet_udplite(0x2, 0x2, 0x88) ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") r0 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000140)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r0, &(0x7f0000000000)=ANY=[], 0x0) 04:52:56 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) 04:52:56 executing program 2: syz_mount_image$xfs(&(0x7f0000000040)='xfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000002680)=ANY=[@ANYBLOB='norecovery,biosize=00000000000000000007,logdev=.']) r0 = openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000)='/dev/btrfs-control\x00', 0x200080, 0x0) ioctl$EVIOCSFF(r0, 0x40304580, &(0x7f00000000c0)={0x57, 0x8000, 0x0, {0x5, 0x9}, {0x6, 0x9}, @rumble={0x200, 0x9}}) 04:52:56 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, &(0x7f0000000140)={0x0, @aes256}) 04:52:56 executing program 4: syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x28001) write$evdev(0xffffffffffffffff, &(0x7f0000000280)=[{}], 0x12) 04:52:56 executing program 0: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', 0x0, 0x2001001, 0x0) setxattr$security_smack_transmute(&(0x7f0000000100)='./file0\x00', &(0x7f0000000140)='security.SMACK64TRANSMUTE\x00', &(0x7f0000000180)='TRUE', 0x4, 0x1) syz_mount_image$ext4(0x0, &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x100020, &(0x7f0000000040)={[{@journal_dev={'journal_dev'}}]}) [ 321.116146] 333222 pages reserved [ 321.119576] 0 pages cma reserved 04:52:56 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) 04:52:56 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, &(0x7f0000000140)={0x0, @aes256}) [ 321.165422] syz-executor.5: vmalloc: allocation failure: 0 bytes, mode:0x14000c0(GFP_KERNEL), nodemask=(null) [ 321.183570] syz-executor.5 cpuset=syz5 mems_allowed=0-1 [ 321.189213] CPU: 1 PID: 19968 Comm: syz-executor.5 Not tainted 4.14.131 #25 [ 321.196424] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 321.205854] Call Trace: [ 321.208435] dump_stack+0x138/0x19c [ 321.212056] warn_alloc.cold+0x96/0x1af [ 321.216019] ? zone_watermark_ok_safe+0x2b0/0x2b0 [ 321.220860] ? lock_downgrade+0x6e0/0x6e0 [ 321.224995] ? avc_has_perm+0x2df/0x4b0 [ 321.228958] __vmalloc_node_range+0x3be/0x6a0 [ 321.233433] ? trace_hardirqs_on+0x10/0x10 [ 321.237674] vmalloc+0x46/0x50 [ 321.240854] ? sel_write_load+0x1a0/0x1050 [ 321.245094] sel_write_load+0x1a0/0x1050 [ 321.249794] ? save_trace+0x290/0x290 [ 321.253598] ? sel_read_bool+0x240/0x240 [ 321.257658] ? trace_hardirqs_on+0x10/0x10 [ 321.261875] ? save_trace+0x290/0x290 [ 321.265664] __vfs_write+0x105/0x6b0 [ 321.269375] ? __lock_is_held+0xb6/0x140 [ 321.273459] ? sel_read_bool+0x240/0x240 [ 321.277504] ? kernel_read+0x120/0x120 [ 321.281373] ? __lock_is_held+0xb6/0x140 [ 321.285412] ? check_preemption_disabled+0x3c/0x250 [ 321.290433] ? rcu_lockdep_current_cpu_online+0xf2/0x140 [ 321.295874] ? rcu_read_lock_sched_held+0x110/0x130 [ 321.300884] ? rcu_sync_lockdep_assert+0x6d/0xb0 [ 321.305661] ? __sb_start_write+0x153/0x2f0 [ 321.310006] vfs_write+0x198/0x500 [ 321.313573] SyS_write+0xfd/0x230 [ 321.317011] ? SyS_read+0x230/0x230 [ 321.320628] ? do_syscall_64+0x53/0x640 [ 321.324589] ? SyS_read+0x230/0x230 [ 321.328213] do_syscall_64+0x1e8/0x640 [ 321.332089] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 321.336914] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 321.342087] RIP: 0033:0x4597c9 [ 321.345258] RSP: 002b:00007fbe448e1c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 321.352949] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000004597c9 [ 321.360232] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000004 [ 321.367514] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 321.375871] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fbe448e26d4 [ 321.383125] R13: 00000000004c97d2 R14: 00000000004e0bc8 R15: 00000000ffffffff 04:52:56 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) 04:52:56 executing program 5: socket$inet_udplite(0x2, 0x2, 0x88) ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") r0 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000140)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r0, &(0x7f0000000000)=ANY=[], 0x0) 04:52:56 executing program 4: syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x28001) write$evdev(0xffffffffffffffff, &(0x7f0000000280)=[{}], 0x12) [ 321.413195] XFS (loop2): no-recovery mounts must be read-only. [ 321.485968] XFS (loop2): no-recovery mounts must be read-only. 04:52:56 executing program 2: syz_mount_image$xfs(&(0x7f0000000040)='xfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000002680)=ANY=[@ANYBLOB='norecovery,biosize=00000000000000000007,logdev=.']) r0 = openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000000)='/dev/cachefiles\x00', 0x4000, 0x0) r1 = syz_open_dev$usbmon(&(0x7f0000000100)='/dev/usbmon#\x00', 0x7f, 0xa00) setsockopt$inet_opts(r1, 0x0, 0x4, &(0x7f0000000140)="eb69ae6a98f3cbe365b34cd849be2c6d35ebfb63cc64d2fdb43d17c80a29ad2caa22f16f8fe4a9c8ff47947c2010a7c2", 0x30) ioctl$VIDIOC_STREAMON(r0, 0x40045612, &(0x7f00000000c0)=0x8632) 04:52:56 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, &(0x7f0000000140)={0x0, @aes256}) 04:52:56 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) [ 321.528356] syz-executor.5: vmalloc: allocation failure: 0 bytes, mode:0x14000c0(GFP_KERNEL), nodemask=(null) [ 321.579613] EXT4-fs (sda1): Cannot specify journal on remount [ 321.604553] syz-executor.5 cpuset=syz5 mems_allowed=0-1 [ 321.629513] CPU: 0 PID: 19990 Comm: syz-executor.5 Not tainted 4.14.131 #25 [ 321.636655] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 321.636660] Call Trace: [ 321.636679] dump_stack+0x138/0x19c [ 321.636693] warn_alloc.cold+0x96/0x1af [ 321.656590] ? zone_watermark_ok_safe+0x2b0/0x2b0 [ 321.656606] ? lock_downgrade+0x6e0/0x6e0 [ 321.656622] ? avc_has_perm+0x2df/0x4b0 [ 321.664284] XFS (loop2): no-recovery mounts must be read-only. [ 321.665597] __vmalloc_node_range+0x3be/0x6a0 [ 321.665611] ? trace_hardirqs_on+0x10/0x10 [ 321.665623] vmalloc+0x46/0x50 [ 321.687535] ? sel_write_load+0x1a0/0x1050 [ 321.691869] sel_write_load+0x1a0/0x1050 [ 321.695929] ? save_trace+0x290/0x290 [ 321.699723] ? sel_read_bool+0x240/0x240 [ 321.699735] ? trace_hardirqs_on+0x10/0x10 [ 321.699747] ? save_trace+0x290/0x290 [ 321.699761] __vfs_write+0x105/0x6b0 [ 321.715540] ? __lock_is_held+0xb6/0x140 [ 321.719613] ? sel_read_bool+0x240/0x240 [ 321.723683] ? kernel_read+0x120/0x120 04:52:56 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) 04:52:56 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) 04:52:56 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) [ 321.727584] ? __lock_is_held+0xb6/0x140 [ 321.731650] ? check_preemption_disabled+0x3c/0x250 [ 321.736693] ? rcu_lockdep_current_cpu_online+0xf2/0x140 [ 321.742414] ? rcu_read_lock_sched_held+0x110/0x130 [ 321.747422] ? rcu_sync_lockdep_assert+0x6d/0xb0 [ 321.747432] ? __sb_start_write+0x153/0x2f0 [ 321.747444] vfs_write+0x198/0x500 [ 321.760043] SyS_write+0xfd/0x230 [ 321.763507] ? SyS_read+0x230/0x230 [ 321.767141] ? do_syscall_64+0x53/0x640 [ 321.771128] ? SyS_read+0x230/0x230 [ 321.774772] do_syscall_64+0x1e8/0x640 [ 321.778705] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 321.783652] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 321.789014] RIP: 0033:0x4597c9 [ 321.792204] RSP: 002b:00007fbe448e1c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 321.799920] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000004597c9 [ 321.807197] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000004 [ 321.814470] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 321.814477] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fbe448e26d4 [ 321.814482] R13: 00000000004c97d2 R14: 00000000004e0bc8 R15: 00000000ffffffff [ 321.819361] warn_alloc_show_mem: 1 callbacks suppressed [ 321.819364] Mem-Info: [ 321.829313] active_anon:121883 inactive_anon:1218 isolated_anon:0 [ 321.829313] active_file:8250 inactive_file:12831 isolated_file:0 [ 321.829313] unevictable:0 dirty:461 writeback:0 unstable:0 [ 321.829313] slab_reclaimable:12137 slab_unreclaimable:109554 [ 321.829313] mapped:59087 shmem:2594 pagetables:1188 bounce:0 [ 321.829313] free:1269856 free_pcp:312 free_cma:0 [ 321.879153] Node 0 active_anon:485412kB inactive_anon:4872kB active_file:32860kB inactive_file:51324kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:236348kB dirty:1840kB writeback:0kB shmem:10376kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 438272kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no 04:52:56 executing program 0: r0 = socket$inet(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000240)="24000000180007841dfffd946f610500020081001f03fe0504000800080005000400ff7e", 0x24}], 0x1}, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', 0x0, 0x2001001, 0x0) syz_mount_image$ext4(0x0, &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x100020, &(0x7f0000000040)={[{@journal_dev={'journal_dev'}}]}) 04:52:56 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) 04:52:56 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, &(0x7f0000000140)={0x0, @aes256}) 04:52:56 executing program 4: syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x28001) write$evdev(0xffffffffffffffff, &(0x7f0000000280)=[{}], 0x12) [ 321.917486] Node 1 active_anon:0kB inactive_anon:0kB active_file:140kB inactive_file:0kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:4kB writeback:0kB shmem:0kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 321.948991] XFS (loop2): no-recovery mounts must be read-only. [ 321.994130] Node 0 DMA free:15908kB min:216kB low:268kB high:320kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 322.048366] lowmem_reserve[]: 0 2580 2580 2580 [ 322.087370] Node 0 DMA32 free:1284100kB min:36468kB low:45584kB high:54700kB active_anon:481328kB inactive_anon:4876kB active_file:32860kB inactive_file:51364kB unevictable:0kB writepending:1880kB present:3129332kB managed:2644912kB mlocked:0kB kernel_stack:7488kB pagetables:4736kB bounce:0kB free_pcp:988kB local_pcp:348kB free_cma:0kB [ 322.147098] lowmem_reserve[]: 0 0 0 0 [ 322.151152] Node 0 Normal free:0kB min:0kB low:0kB high:0kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:0kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 322.178327] lowmem_reserve[]: 0 0 0 0 [ 322.183561] Node 1 Normal free:3786832kB min:53420kB low:66772kB high:80124kB active_anon:0kB inactive_anon:0kB active_file:140kB inactive_file:0kB unevictable:0kB writepending:4kB present:3932160kB managed:3870208kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 322.215413] lowmem_reserve[]: 0 0 0 0 [ 322.219272] Node 0 DMA: 1*4kB (U) 0*8kB 0*16kB 1*32kB (U) 2*64kB (U) 1*128kB (U) 1*256kB (U) 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15908kB [ 322.233245] Node 0 DMA32: 10681*4kB (UME) 2609*8kB (UME) 2756*16kB (UME) 1770*32kB (UME) 814*64kB (UM) 87*128kB (UM) 9*256kB (UME) 4*512kB (ME) 2*1024kB (UE) 2*2048kB (UE) 255*4096kB (M) = 1282540kB [ 322.251255] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 322.264109] Node 1 Normal: 48*4kB (UE) 360*8kB (UME) 279*16kB (UME) 53*32kB (UME) 17*64kB (UME) 12*128kB (UE) 4*256kB (UM) 3*512kB (UE) 2*1024kB (ME) 5*2048kB (UME) 918*4096kB (M) = 3786832kB [ 322.281850] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 322.290804] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 322.299394] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 322.308278] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 322.317027] 23687 total pagecache pages [ 322.321054] 0 pages in swap cache [ 322.324496] Swap cache stats: add 0, delete 0, find 0/0 [ 322.329835] Free swap = 0kB [ 322.332900] Total swap = 0kB [ 322.335903] 1965979 pages RAM [ 322.338988] 0 pages HighMem/MovableOnly [ 322.342992] 333222 pages reserved 04:52:57 executing program 5: socket$inet_udplite(0x2, 0x2, 0x88) ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") r0 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000140)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r0, &(0x7f0000000000)=ANY=[], 0x0) 04:52:57 executing program 2: r0 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/qat_adf_ctl\x00', 0x54000, 0x0) getsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f00000000c0), &(0x7f0000000100)=0x4) r1 = openat$vfio(0xffffffffffffff9c, &(0x7f0000000080)='/dev/vfio/vfio\x00', 0x4000, 0x0) ioctl$VIDIOC_QUERY_EXT_CTRL(r1, 0xc0e85667, &(0x7f00000011c0)={0x40000000, 0x7, "9fccb179dfda707946329d0cce413c319333d2f3261dde934330d6da15f5426f", 0xffffffffffff0001, 0x0, 0x7fff, 0x9, 0xe055, 0x0, 0x1, 0x5, [0x370eabad, 0x12, 0x7, 0x1]}) syz_mount_image$xfs(&(0x7f0000000040)='xfs\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000180)=ANY=[@ANYRESOCT=r0, @ANYBLOB="739b400a82069457407f85a288a3aeadc7b256828f2152f6d38fa4e2c05ba16fc45a2b7d144d71def1613d2aa20897ffe0ac5096223827b6711997e365bc633a675e9264467b3c17d2de32194f698e47cad0d9e4726712d143b19e121533cea3aa7d22ce514a9f304789f3f8cf2563cbb0478b19e22a13407390759429ec32b96c77d6062673dc0e0d97bbb8e5a960623cabebadf2d9a5a0fae62f8ee61a1e1d3c4178454c36b1f5d4446bc44f16f8afca8c5824a6fa295ebae64fc24d0aa034bb79f62769b879d7ae7e30b3f63a7f9b309b790ab68f97cc716bcf9f784ff69d5a3bf2a3930e69a5e9637bda4f3076b167f96d8ab4f04968cc54a129b39ae6dacd9c57b5223086c32346a6afb172546948adb6b95ce96e023352a2e8ed48160c974c7453bb197ba3cf50123f7acf3ad0afdba188bf857527b8efc09f7de92a2e4de1dbb64a4faee7ee5e7a150df446b548ff829c1f4773a9679a2485ad30198fd834259aa2cb2bc2ae48fab6147c838055281a1c99aeb698dd211249538b9dcbdae69ca32138079630b0bcab531a0a1c48feaab87f55aba77841a367196b22a4620fe73f01158d9f70afceda4f29913d16867f55a9fbc011952454dee1ebf41e50472fe9de0ea17dc8c600ea1af9a00abe6e5a386fd110c769709e8f57f2e26eea4fb05632b84a95ebbc9b48f9861b48681b39c7c64dbef91992733ad11bfda4c810cbe6baa059f7d265476c0d184d32b2165b8423581c8226efaa79ad66af6c3252d763e5070b6072c3364bb0ed8fab88b75c1c159102d612e98b3ef1cb8d93c0493454eb8cb7084c872844c01f9e6c392664732267ffcb381e522856addeba50890904a2b49eb428ec3cac295cdde0422fb6b5bcf4c2fe51522bba11b5ec47db81a52e6a0a8da7fa1a4bb552ea8a7e772b7cbfdc49ee78afc7942168b755717ada63f033bc6d7e85aa5af2d0a7b3ec753bf45aa614e6d0510ec1e40e1dcd3cbb3954d09f482b089a881c240345b6a465db601213f14e150e3d5a2ad74cb20c81947481ac4be01e5e25298438b8551e1ad6fda230d858457c1a4b826317a4588ae16085fd7842923d8556c350cacac730203572e1e3fe14dd22289576ae4d09aca83dc53c9d2fca0056a3a1b42c02e008ac5d8df37dd37dcb4163af9aa78ae9e67a5bf02b7f36eb3a8dc3da6f687df58d2dd3e94434f5845ceeb1dbdea7fa6b0991dc87a4a92a2312dfcd049baa172667074366ee11b7d206cad52af44068742cb78271ce3798924f6492a58a4b869b237d0965b3df314697babac89f7d19d86052e2c70f8a30ddd729dda215af6c9d71fc768338a765d419a9300822e9378b209ad69625d1d694194bc4d561919e2264d555ee7f56e00929add270b0a110918b027f814a1b877ec6cbe8ae45e168fa0b2c4cf4d758f2585f028c42ef5b5cb82e0215ffb7bd78c9f44bf59aabf555bade09360980be89d7b7926437af44e81a0f600913808261c7dade0d428e17b80b7707e1ac974d64983b9fe6fa94969bed30b8028f453d12be3a678a5c36b6f0f3051f41223de978507daec895f56c0c450659148e899e2cc8eaa35abff32cd9ad82651500dfc02b5013bd587b6a4b164a793f6b296dfa7129963d15861884ebf12c89d39703d00daa7bdba3837018df46e458d1f4f16be77ecebffe7be83dea52ffc5c5042e0f5669fb2a523350f469bd277b011938d75c8dc15556596400ca79bad650928be8d028e74406d68b4dd97aa30a03bff80dfeda247562245b3b2087bc07c15bca399437465aec50659a53e3d56f1d80b044d67803baf45ceaa247d2f3225cbc139e8ec9d7b63003b8793110f433dad551abc72460d3b7687d65e94ef56f721d05ce9870043508e48e40243a9fec898df8776bc2bd64231eb2eab5b5c32e5b33679e828ed985e9ed74da0e7ad465a53f9a7f7cb6d5d471185fc0343c653bcbf57288b20aea1338d16d40358655bf2a519d0e8a2ca7b65f0ca76d2c1ef6d6cd5ea640773c6afaecb02da26dd26c8879fe1739bc48383fb612eced0d6c73b8421629e7f0436c7f9add22e3a9f3e4db4c69ad59326848c92eedde671ad1c46ae1f02aefa9635796804a9acd74f7303c481ec9237a208d79e9902211e9fcf7ac6fb79f29539594de3e01a2741380da9ecfd1e5fb166b6123fd02ffd238c5e04cf355271519ef2233c31746212d686ccab8828ee933a7149c8c9195579b96e64a21592c32b5f0d1324467098df6745174f1bc398d4d5e3bede44ec6f73b3067ece060e5ead0cbc54aa7127a0fa2e4b8d92d13f1df6777dace2095e3c995ed840b6f26fe24563349390c215d48da439d6f4f4c78d44f8de8f855c6e8264cad8d376cc19e01a7c5cb8db1f3a3425a5cd6f965129cb8ffb1a3f55622661e9672f1aeaab6e890893af600d4ab7ff83214c58846cbb555afdae7c63f8e09fc902c59f9dc2c2ad9aa4625a1449938f4b193102f934fea9c1940a06c1c98ce85bea18003d44befd7cef6fb30fd59a80157ce55c8a1612286a72155935a273f8cc712459fa3fde03c641295b3574df6698f5f40e2662b2c84a2da45788d2817109ae73ebc5c446b5e121aeb1a7317df6ed13fa0ea0919662a0cd96534579fa32914b37c13cfbcf6cdc494b9283e49e819da109f846d90a5bc63d385b9a791b4c1e19606159640b17fa83f2d0ad2d80e15da89205ee1c1d2c548b60701a189864796d0b30f8d541b104454c2f1dce4070d61ec9916c564380ac4652aeeac64dd59f81e8a322cccb11f47d9378de3cbfd74986ad897ed453664465e0f6819346cb3359750917eb854685f9aee1f98acce3f82e6ec834b793ab40551fc84aeeb066413a86ade8e3a9062d9843a8c1c4a3b3c572a29fa02eb85ab1f0736b243e946b66dcb8697dfca4813c913a1ef707c0ae97fabee9109515712a4addbc4a135b4113a53ca22d2911bd6e7fa70c6c327f58c07cb2487db2567e67f9f94d4ab9529c96bc8ec10a1a843bac0a1b7a436f913b6a9ee514be4b5b70d3826b8b62b3e1c20dfba5d93da94a5beab850748d1edb3e1294e60bf97242ae426bddbb99b672fa9acc1d342b80df387b619e94b69aa167dbbe844a4ccc6e2696f8041a63fa2db433dc8d87a77aa4f09d589afd2002674803db0f7b8451dac189621a85722c69592611d7548bdec698d9890981b89777c46f7d2079fddf78ca4f5489243e681d31bec101d5844e97be27ad1dfae78522e60c1eaa1cff12af28f147c7991af8368d1af49d8d4b1ea7c0fe515080a5dc2e279ca3353cc639520f8eeb1dae17e79799b16d8a5cabd332b0158c94e1f5dda2a66a54b835e71bd2d341787668d5e92adb42e88cef9d3cafd36dc7ad0912e53968097c1918d71c42feadc153411cb7685dbc8ee8ef549c4f11b1fced90f0322a7ab801f9cc3be07194899f1fe9570e9fe4ec9680bbc0303833dff12d74ed17bd600e94dabdd5c1e3700601c4e40eb0cd42b3038fb1460c393a6fd28a880f028bcb654dd4d450a1c66b2dd5b435764b4e8561644c68ef8f69c5457c42b7a2f30dc701b827b56098fb1b1449f9139a50fbe1317aae294f4f807d1f8b8396f28ee8e34078627e2bd7df44048a5bf8b1356ab267e4c1cce9ca2493a694b095c5cadf7013c88e1c619e84ec26ef47e213fca7617111ac4d285b7fd8093dcd0738d4db8fc81025cf043f8e83053554efc0b643e3d0f10291198022006b8511483d799ce05df5783d0e559751d3e122c137b750a044c1d587158bad7f9fe7e05a48ed55f0587b7809846a0d796c8fa937a44b734e2ff4a426f54dadd00420ab7c1bc66760619eef0e6e26be902dc93e782e3fa4441c9d55d4d869fd9f8a118c0843affc27e1a8283dfca17d0ccccb5ded4be0c489b70b17027dab0db1238e5a31544179611a577035eb223dbc311337ec7e15fda8831efc43364fd1668cb2debfae4bc8c7afb5b4eaf5bd66177513a5f79110331ccfde0009f8d0d87c9caf878bfb287d6e9d7760461eb48bae05c11a32c23f23f591eb2d09eb38275e65306100799bb116dea18baa1c9125bf2c8261fb7f46068a50c9f5ba1dabfdb63013204c64e3ac40027b0df1a3b8b92348332e2c4063f6b7e4fb82b34ba61685b33461d8ad65deed5379feabb0679b3c6aad95f831e077075de2c813dcc71a23060171af0556e1eda2e82a9b42d810ef487a9971653691aa48fe7e7c4b1e0a2c57dad2415d67a7bdc025a62cf12b58ab50dd52a8bfbbfda8b6ca977cca4bc33ef9ba6c4e1f666b8c9bb0d742f2ef4f97404367a14fe4365607ab03307613560dad6e9825043b860c3d5ddcc20529cfd7784196ed606b9e7bdb2f770af72ee7d5f9ffaba4fa1ceb985a94a250bbcf4bf64240d4fdc749added2d9d04fd58889d12a4888bd35cff625bdb9909da2e6533b986e440b51657cf2817cdadaf9ad0e354ab029547a583956f2b3482181fceff2309c1be171dfa61434c447e7cbc85c6fb808d8e3f71fe40a706307f451c0924d650b1685c554c75fff0fc71707303f946a27b4cecd0d703f2783a1cc436b5a2f686ae14265493ac2dea579441b64d88c7469c2c6eaf216ff9fb12b8cd1d27fde0d8aac1a08ae07ec7f95bcbbb89eaae8833137ab8615bc46142ec41be6d7c52fcea2e2109992a48b714fd7cc9090cf43c7ebcf7367a74497f4f6a9716734a373d6dbd6c664a88f92998322b52c02b949f8f449ea8d5c937023f35d73bc742bb4a147ece795cea692a36197100bc9707f849c82393f40bab826431fcb720334caf4623506d333687944aa0cd6dd844cdffe771df2471a3d1cb84667c0886fb48358e0a7ca74bd74f924f2cd41025a698c91b8180709ff4e338ba51a66ac57765220c24b9b131b0575e5ad7ce32c792f077dc61b8011866b96018aa9e3a82cff6c26cc232404d397c1092d3dcf7831118a4298a7562601994d4dec972d0cd48810bfa296033ae1ba0beb22747732e85833127f53597fe78b5b667e417d1343cb05862939699c0d2d1a38ec32a0d3010acb213051f7677b804763abdb2aa4b18007ce515d24aa09519d867372e49f7150fb4eb92d243e0c664fc84fb013d074ae1a175b9d09968b055a3abb7027bf7fa3157f0d960c5df15b32437ab48a0f4b50c0b2ec4dc21d6596b263398385dec810d2299c873932593f95c7216c11f09d5bc51195648e6dd596183c2f415eef7035ae73049591d75055cf8dd75379004e50bbdd76a5df50a7ce110d6bf4efef2628a0aaa98f715b0940b33f863b2fc97fb4c765c1d16cf58e88ed12dc55a380b6623a1c5020ad8c4e3a8a84514ebfbc583342165e7a2925dc25de1185c462f55934402988869d132eec3a6ee316c637c525cd3e28f528ae37378a6b2d9548ad52e8352d3ae806770c4c449deab8860c2d3063261272b730a24e5efcecfff68f7d3e047181284826c0f8f15ea1f044c70f4f6e85eac325d245f8d5e574fb68b27b6d315b4ef7231f52d129790ec7670f749f61c8512e2f9f028cdc722b47552ace9f18ac826fa579620d9bb90cbafaca724be7bdf052ebd1b1fbd918f9d69814b9d754b96b8fe1eb0145ba0b9992fdc31b34e6f66ffc3b607de2f93124f76f4270cdd5585fafe5100b6ff4541d3766f323f12d02dfa062a4b382856d3c5d18a4164fa33e83c4188732ab31237aacde034549bb2ab41a955b01376f8d4192411a15e4c4fa2e658418640fb1732bfc70ba7bab55026523a9b828a4d1d7ebc6334f66cca39359b906bf09dd4905050"]) 04:52:57 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, &(0x7f0000000140)={0x0, @aes256}) 04:52:57 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) 04:52:57 executing program 4: syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x28001) write$evdev(0xffffffffffffffff, &(0x7f0000000280)=[{}], 0x12) 04:52:57 executing program 0: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', 0x0, 0x2001001, 0x0) syz_mount_image$ext4(0x0, &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x100020, &(0x7f0000000100)=ANY=[@ANYBLOB="6a6f758b6e616c5f6465763d3078303030303030303030303030303030302c0010dce0754e237757571e3e9679b509501b8e87e5524a4d0038f8fa231380c7d3a3cfd5034fe0f2f9ff032f86f2ca006d06eed6465b1d4ab087d0da4a"]) [ 322.346432] 0 pages cma reserved 04:52:57 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) 04:52:57 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, &(0x7f0000000140)={0x0, @aes256}) [ 322.404532] XFS (loop2): unknown mount option [01777777777777777777777s›@ [ 322.404532] ‚”W@…¢ˆ£®­Ç²V‚!RöÓ¤âÀ[¡oÄZ+}MqÞña=*¢—ÿà¬P–"8'¶q—ãe¼c:g^’dF{<ÒÞ2OiŽGÊÐÙärgÑC±ž3Σª}"ÎQJŸ0G‰óøÏ%cË°G‹â*@su”)ì2¹lwÖ&sÜ —»¸å©`b<«ë­òÙ¥ úæ/Žæ0x0}) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000200)={0x0, 0x0, 0x0}, &(0x7f0000000280)=0xc) fchownat(r0, &(0x7f0000000140)='./file0\x00', r1, r2, 0x1000) getsockname$tipc(r0, &(0x7f00000000c0)=@name, &(0x7f0000000100)=0x10) 04:52:57 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, &(0x7f0000000140)={0x0, @aes256}) 04:52:57 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) 04:52:57 executing program 4: syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x28001) write$evdev(0xffffffffffffffff, &(0x7f0000000280)=[{}], 0x12) 04:52:57 executing program 0: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) r0 = openat(0xffffffffffffffff, &(0x7f0000000180)='./file0\x00', 0x200802, 0x1) r1 = openat$dlm_monitor(0xffffffffffffff9c, &(0x7f0000000200)='/dev/dlm-monitor\x00', 0x40000, 0x0) linkat(r0, &(0x7f00000001c0)='./file0\x00', r1, &(0x7f0000000240)='./file0\x00', 0x400) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', 0x0, 0x2001001, 0x0) syz_mount_image$ext4(0x0, &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x100020, &(0x7f0000000100)=ANY=[@ANYBLOB="6a6f75726e616c5f6465763d307830f8fc29393030303030303030303030303030302c00"]) bpf$OBJ_GET_MAP(0x7, &(0x7f0000000140)={&(0x7f0000000040)='./file0\x00', 0x0, 0x10}, 0x10) 04:52:57 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, &(0x7f0000000140)={0x0, @aes256}) 04:52:57 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) 04:52:57 executing program 2: ioctl$sock_FIOGETOWN(0xffffffffffffff9c, 0x8903, &(0x7f0000000440)=0x0) r1 = syz_open_dev$swradio(&(0x7f0000000480)='/dev/swradio#\x00', 0x1, 0x2) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000700)={0xffffffffffffff9c, 0xc0, &(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000500)=0xfffffffffffffffe, 0x0, 0x0, 0x0, &(0x7f0000000540)={0x2, 0x4}, 0x0, 0x0, &(0x7f0000000580)={0x1, 0x9, 0x6, 0xffffffffffffffff}, &(0x7f00000005c0)=0x8001, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000600)=0x9}}, 0x10) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000740)={r0, r1, 0x0, 0x23, &(0x7f00000004c0)='selinuxprocem1ppp1cpusetem0trusted\x00', r2}, 0x30) r3 = openat$btrfs_control(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/btrfs-control\x00', 0xa0000, 0x0) setsockopt$nfc_llcp_NFC_LLCP_RW(r3, 0x118, 0x0, &(0x7f0000000200)=0x400, 0x4) syz_mount_image$xfs(&(0x7f0000000040)='xfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000002680)=ANY=[@ANYBLOB='norecovery,biosize=00000000000000000007,logdev=.']) r4 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x80800, 0x0) ioctl$SG_GET_PACK_ID(r4, 0x227c, &(0x7f00000000c0)) ioctl$BLKTRACESTART(r3, 0x1274, 0x0) ioctl$FS_IOC_GETFSMAP(r4, 0xc0c0583b, &(0x7f00000002c0)={0x0, 0x0, 0x3, 0x0, [], [{0x7fff, 0xfffffffffffffc01, 0x8b60, 0x3ff, 0x10000, 0x1000}, {0x4, 0x2, 0x40, 0xfffffffffffffae8, 0x3, 0x5}], [[], [], []]}) r5 = fcntl$getown(r4, 0x9) move_pages(r5, 0x4, &(0x7f0000000100)=[&(0x7f0000ffb000/0x2000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffb000/0x3000)=nil], &(0x7f0000000140)=[0x6b28, 0x9], &(0x7f0000000180)=[0x0, 0x0, 0x0, 0x0, 0x0], 0x6) ioctl$BLKTRACESETUP(r3, 0xc0481273, &(0x7f0000000240)={[], 0x80, 0x0, 0x5, 0x6, 0x10000, r5}) 04:52:57 executing program 4: syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x28001) write$evdev(0xffffffffffffffff, &(0x7f0000000280)=[{}], 0x12) [ 322.961678] syz-executor.5: vmalloc: allocation failure: 0 bytes, mode:0x14000c0(GFP_KERNEL), nodemask=(null) [ 322.997333] syz-executor.5 cpuset=syz5 mems_allowed=0-1 [ 323.025653] CPU: 1 PID: 20104 Comm: syz-executor.5 Not tainted 4.14.131 #25 [ 323.032808] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 323.042350] Call Trace: [ 323.044956] dump_stack+0x138/0x19c [ 323.048606] warn_alloc.cold+0x96/0x1af [ 323.053920] ? zone_watermark_ok_safe+0x2b0/0x2b0 [ 323.058793] ? lock_downgrade+0x6e0/0x6e0 [ 323.062978] ? avc_has_perm+0x2df/0x4b0 [ 323.066959] __vmalloc_node_range+0x3be/0x6a0 [ 323.066976] ? trace_hardirqs_on+0x10/0x10 [ 323.066988] vmalloc+0x46/0x50 [ 323.075700] ? sel_write_load+0x1a0/0x1050 [ 323.075710] sel_write_load+0x1a0/0x1050 [ 323.075723] ? save_trace+0x290/0x290 [ 323.075738] ? sel_read_bool+0x240/0x240 [ 323.075750] ? trace_hardirqs_on+0x10/0x10 [ 323.081665] XFS (loop2): no-recovery mounts must be read-only. [ 323.083164] ? save_trace+0x290/0x290 [ 323.083182] __vfs_write+0x105/0x6b0 [ 323.083192] ? __lock_is_held+0xb6/0x140 [ 323.083207] ? sel_read_bool+0x240/0x240 [ 323.116823] ? kernel_read+0x120/0x120 [ 323.116837] ? __lock_is_held+0xb6/0x140 [ 323.116849] ? check_preemption_disabled+0x3c/0x250 [ 323.116864] ? rcu_lockdep_current_cpu_online+0xf2/0x140 [ 323.124796] ? rcu_read_lock_sched_held+0x110/0x130 [ 323.124808] ? rcu_sync_lockdep_assert+0x6d/0xb0 [ 323.124819] ? __sb_start_write+0x153/0x2f0 [ 323.124831] vfs_write+0x198/0x500 [ 323.124844] SyS_write+0xfd/0x230 [ 323.134607] EXT4-fs: 3 callbacks suppressed [ 323.134617] EXT4-fs (sda1): Unrecognized mount option "journal_dev=0x0øü)9000000000000000" or missing value [ 323.139621] ? SyS_read+0x230/0x230 [ 323.139635] ? do_syscall_64+0x53/0x640 [ 323.139651] ? SyS_read+0x230/0x230 [ 323.139663] do_syscall_64+0x1e8/0x640 [ 323.190552] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 323.195511] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 323.200693] RIP: 0033:0x4597c9 [ 323.203867] RSP: 002b:00007fbe448e1c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 323.211558] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000004597c9 [ 323.218812] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000004 04:52:58 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) [ 323.226238] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 323.233499] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fbe448e26d4 [ 323.240764] R13: 00000000004c97d2 R14: 00000000004e0bc8 R15: 00000000ffffffff 04:52:58 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) [ 323.270456] warn_alloc_show_mem: 1 callbacks suppressed [ 323.270460] Mem-Info: [ 323.284043] XFS (loop2): no-recovery mounts must be read-only. [ 323.290158] active_anon:121903 inactive_anon:1222 isolated_anon:0 [ 323.290158] active_file:8251 inactive_file:12855 isolated_file:0 [ 323.290158] unevictable:0 dirty:488 writeback:0 unstable:0 [ 323.290158] slab_reclaimable:12138 slab_unreclaimable:109414 [ 323.290158] mapped:59065 shmem:2594 pagetables:1216 bounce:0 [ 323.290158] free:1270255 free_pcp:234 free_cma:0 [ 323.340557] Node 0 active_anon:485540kB inactive_anon:4888kB active_file:32864kB inactive_file:51420kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:236260kB dirty:1948kB writeback:0kB shmem:10376kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 436224kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 323.386928] Node 1 active_anon:0kB inactive_anon:0kB active_file:140kB inactive_file:0kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:4kB writeback:0kB shmem:0kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 323.415350] Node 0 DMA free:15908kB min:216kB low:268kB high:320kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 323.460989] lowmem_reserve[]: 0 2580 2580 2580 [ 323.465691] Node 0 DMA32 free:1285436kB min:36468kB low:45584kB high:54700kB active_anon:481240kB inactive_anon:4888kB active_file:32864kB inactive_file:51420kB unevictable:0kB writepending:1948kB present:3129332kB managed:2644912kB mlocked:0kB kernel_stack:7360kB pagetables:4568kB bounce:0kB free_pcp:888kB local_pcp:572kB free_cma:0kB [ 323.496561] lowmem_reserve[]: 0 0 0 0 [ 323.500827] Node 0 Normal free:0kB min:0kB low:0kB high:0kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:0kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 323.527927] lowmem_reserve[]: 0 0 0 0 [ 323.531940] Node 1 Normal free:3786832kB min:53420kB low:66772kB high:80124kB active_anon:0kB inactive_anon:0kB active_file:140kB inactive_file:0kB unevictable:0kB writepending:4kB present:3932160kB managed:3870208kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 323.560134] lowmem_reserve[]: 0 0 0 0 [ 323.563973] Node 0 DMA: 1*4kB (U) 0*8kB 0*16kB 1*32kB (U) 2*64kB (U) 1*128kB (U) 1*256kB (U) 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15908kB [ 323.578102] Node 0 DMA32: 10706*4kB (UME) 2771*8kB (UME) 2741*16kB (UME) 1785*32kB (UME) 814*64kB (UM) 87*128kB (UM) 9*256kB (UME) 4*512kB (ME) 2*1024kB (UE) 3*2048kB (UME) 255*4096kB (M) = 1286224kB [ 323.596271] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 323.607052] Node 1 Normal: 48*4kB (UE) 360*8kB (UME) 279*16kB (UME) 53*32kB (UME) 17*64kB (UME) 12*128kB (UE) 4*256kB (UM) 3*512kB (UE) 2*1024kB (ME) 5*2048kB (UME) 918*4096kB (M) = 3786832kB [ 323.624497] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 323.633404] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 323.642811] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB 04:52:58 executing program 5: socket$inet_udplite(0x2, 0x2, 0x88) ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") r0 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000140)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r0, &(0x7f0000000000)=ANY=[], 0x0) 04:52:58 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, &(0x7f0000000140)={0x0, @aes256}) 04:52:58 executing program 0: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', 0x0, 0x2001001, 0x0) r0 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000100)='/dev/autofs\x00', 0x10002, 0x0) getsockopt$inet_sctp_SCTP_DELAYED_SACK(r0, 0x84, 0x10, &(0x7f0000000200)=@assoc_value={0x0, 0x8}, &(0x7f0000000240)=0x8) getsockopt$inet_sctp6_SCTP_RTOINFO(r0, 0x84, 0x0, &(0x7f0000000280)={r1, 0x0, 0x100000000, 0xffffffff}, &(0x7f00000002c0)=0x10) getsockopt$inet_sctp_SCTP_GET_ASSOC_ID_LIST(0xffffffffffffffff, 0x84, 0x1d, &(0x7f0000000300)=ANY=[@ANYBLOB="040000e5b19e6aee32774ed58d2baa39cc246444a715a5af1c32679467b4b98b7663664f95b638d86be0e574cc60e80b1bdb41e6d25f9b9357072dadbe8a7be72c75cb7b1a4bf56bad7576d7eb82b848d27f0b3b701c943928d9122243fb459f17e9eb04ffcee4c335ad6dc2444a2e4d1baa14ce421fc0e51784ce43efaf0157d13bd3e66632eb1d", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0], &(0x7f0000000180)=0x14) setsockopt$inet_sctp_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x76, &(0x7f00000001c0)={r2}, 0x8) syz_mount_image$ext4(0x0, &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x100020, &(0x7f0000000040)={[{@journal_dev={'journal_dev'}}]}) 04:52:58 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) 04:52:58 executing program 4: syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x28001) write$evdev(0xffffffffffffffff, &(0x7f0000000280)=[{}], 0x12) 04:52:58 executing program 2: syz_mount_image$xfs(&(0x7f0000000040)='xfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000002680)=ANY=[@ANYBLOB='norecovery,biosize=00000000000000000007,logdev=.']) syz_open_dev$vcsn(&(0x7f0000000000)='/dev/vcs#\x00', 0x6378, 0x8000) getsockopt$inet_sctp_SCTP_SOCKOPT_PEELOFF(0xffffffffffffff9c, 0x84, 0x66, &(0x7f0000001b40)={0x0, 0x8000}, &(0x7f0000001b80)=0x8) getsockopt$inet_sctp6_SCTP_DEFAULT_SEND_PARAM(0xffffffffffffffff, 0x84, 0xa, &(0x7f0000001bc0)={0x8ff5, 0x8, 0x6, 0xbc, 0x2, 0x4, 0x40, 0x6}, &(0x7f0000001c00)=0x20) getsockopt$inet_sctp_SCTP_GET_PEER_ADDRS(0xffffffffffffff9c, 0x84, 0x6c, &(0x7f00000046c0)={0x0, 0x1000, "ec8102b81ba7f6c39359df8f0d7bf7f08cf8857460a8f9b3098558ba74e52d12f7ec3e3f217e0be74cb1c97f478a566bec44c59991f4db042f49925a64bd545e339bf2bae16810bab873a77ab6ee8e28a9719c205e4d09b2256c7aa4b77f316802c0c88293390df26c2131dd4a38470aed765da789b6cbf5d5a409714336274a8c9c8948494a849269da4f3e83eeda3d3e1c5f152b492ffed18d282ad21aae845641f2a3d376e6890a50cce0f8c8be641900793386e038726b0191ffda58da3173d62d4b42f41d64c48d55746813ef83582612fd4e861394c4e64716b2f685ec42cd224c39cbca61c88717b0faabbfcf0b27911133a42df3b473d2c6e684469d865daabec2ce253fbf6f932a06e04ce71a13191430d4884980ab3a2b0d39a79b248d74721214fbb03d5f6630f89e39adaa90efe04e28a33a46370e23dc68b4644059eec33366bd1df2253aab1bf072f53e73fbada760706c29bcbbe8574eed34d88ceaf8a396d26f00ea4a983a875d3e7848e8c5806bef9b58e1183d2d9c915569901a574246d1005455b7048bdc1c771791913cdd5a0f61dad534c44fa40fea95da1bac0e2ae9d7916ec3e534b6ddfee6f176676cd40c241ff71497c4e854ff1e381a1f10aad601df7bf8bb3df24bfdfa3ff6653aa6098a45d2cccd36d83e2ece156d25a5903ca6f202de466ddf456b6a6a456b781a8d4af80a416e6ca11786af8d8c2ec848f32748b1bd04e0ae6bbd647b46a7806809d18eae2f83c1bc77b0c2c62633d16c113ffccdc96872f5202cf540679eba67de4f866cc472a57d88a465ce4632c9b1c058811709dac9aa540b777dd9d5937bdd28f4cc2cefb922095e76402c16549d2404c6094cc8634e3f7a2d5e014aa19d4adbf459a4be7d6799542ab6870a448c533c4c226160c783087e9a2e2aac4b1e4a0049e7af1cc1e03b50130a4c72a4ee14c8d58250ebb3ddccb95c31fb79fa17dc0f430c127a64651fdfbeae740aa079c7794650d45fcf0bf342757bdfa3d5dba0aca6e9ed3bf2653cd899848840afbe397365951050bb10167c4b2e2a986fd48f0d331b2cb0601b649bac5c0e19e25fa4979bc4ea3a372a05318729c1130f00bb5e29dab1985dbadfde9391c7899b9dcdcd5ee3229796b03fcfd7d4c374bae501d62643e47c5ff8e262f9178da06985c9a6d79d1cbe1e644d93cbf6e07ad6f6a574cb54ddf05e0f48db69213c9ca4b9ba9d9788f633d0050923728f555ceadce6a4b0003559020ae96308a2d0145f9d4d873a5b899d5db71544e51a97d533e8c699745a453dc87be848d789f15d12093b3d258392ca0c34d579c30eb7f3d3155a3e84916aa83aa112a546462a9e10cc86ddfa8ea44c01c2a39828a774f47590141f5a5f8e01fc61615cd28fd322eaa6dbf5015ded78180fdd54692bc0659abe2013499a5a60f4cbfbab5766da39c259ac217bf60060673e1a4a8d23c47aedee83c38eb05caf228c292469a148d1bee6029ada2195ef8aa8b7da1e8af60130a52812a02bb0596fd4df0ee444f96805f68bf3d80489515ba5634dcd3e8305bbf6d0c2b0180c895f36ebfd215825a8c2c91ded268858be9ec9cdac56b0c8bc04ae8a484bc60bb7ef47b6cbe999c326c9fb1be2727a69a74f2237dfa36f408b7b3decd3f3ffce2e1be55b7a122c4c6087f34047b17e350ee81d8760c5b15f84d9f031300952734cec15934cbaf0240b90f71a2047d059cdf6791b40034791cc3c5ba77b369f4c21b49b16ce4fb0b1b981c8cc6042bbbf558504dffb8afd3c1f4035a724dcb079af59545ff05eb59e6554af86f6959a850e3ec18557dd52e0d5509f68ef2d8e7165c5871ed9f9012e64f4b467c914620f2cba15ce9ea048451ead5e92a884c75c8855c780515ea6caa6c06a198da7b17b6c6985512a3c0fdc683d9404bf0f04b5ea6dc04110a9dc5765645f8e6b869b5244b365677226e26b34a97e2846c7d820b6787ea8613d1e396359d17be82c6e5ea2682f168d9fac0d7d0ccad2422656f6c99f318530f73010aa1045e4c37110bded9369792671f2a623572c670b9b8f6e931e30f8f081014d043d948ec9b800854352f63905dc0f4c0ee8779bca207d295cd7e0dc24e3d45bf06989e2e2d6bf3da9d8c9dffce9e686e4a1476241bb88f988d16d4cb7857b5a4e287c73cca86f7b86e32fcd23ff15a8717aaeed0b870042bfaf5166cb9d08f1f1a1d77c627dd2da7227691f46806ef5a3f409d4c229a2640b8d1b71a02e746b30c48853930672407597321bea7d1f0c6565e17e6227011170376531a99017499fc2e9b580b60f651d28870bce346d564554e8231c1be34a74d0dd8ad0146fb4291aab1902685dc7ab5f3059c7ec341f6a0982e41b13dcc7cd76473dfbd19915137497bdaa46afa8526e037e526f7a36cba0e00795db7e991d237f669b7f979b69ed751a8e94f44d0c5decdc4fa149be52b2c7ddd990c3b7758a09c2239e9f36150a045a0e448a24787e0ec08094235fd72e555dd6e1a4ee588f3444f22835470dd8e18f14bff196e1a659cd1269e400343f5aad7c1e1bbb679c767b88132320396894ce35dbe1cd3939cb916a122fd52d4c4952b202caf38f0e3e386ef63227776cc16a167ee8f8e90f6c17fc9e6a93ab666bad2f44802199c9f623799f1b846014ebd713fcad104f32bcbc0ffb71ec993e2ad9e30e27742ba5466004cf62d24bfabbb2377f2b0f058a9e7c2b19598d6188ac549dc9c5e51c72df82b76db7dae0d4220f8ccd8f483153c8727a0bae0252a77956cdaffc9a1612af14282ec7df9a2b2e4c8e302ec24d838bf18d7eeacb44e715bbe166b5aac68b064e1a6ddaad18242eb00947ee6620a5a19761d0ac1d42e0dc4680653b53c4aa043fb7b1a4cd701c1219cfe69f9281c2095bb5e5ce599f3a3fed2aa32d84b5129f4a4f14b7e93ec8cd24657ca45e0e5ed67b58975f3209b1045fefb2053ea51915ef753f6e203eb72e2c29723f74cc58ee3a21557d17c8becf03269e7771c9575c249c78f8b9bc28d938559ebf0704c89719228e488cff0f01f75f133f6dbfa099875a18ec628e71bb8d57b5e99a9b95c48de173c506c754ce7edbdae3369c20fc3fab9f848a52eadb405a0f093a7d4f8ecaffd67a1c3fc15284378edeff809685710292544ec43c5df90ddc141ac29d1e7d4996850d34834e4b68717ba3922a0e5c06fd3214e6ef0018233f2d6009f6e4cd3a4e8d45b79a084ac3e60fbcdc67e39c69fbe5bf91da9e878d300d8ec2c82856af32e7706e5023a7f54d7fbdb60028a5da4d8038461454cd821ef03ae2a1eeeeeb99d2099b06a5a7b429341ae91720f91af8ce753d0d0b12a47ad77ebdb4da9683989e454e9414040dce609704009de062579d8aefaa4de3c21735591722256f8d81792df916d55657705a27a37a441f2d46af82f593de37d340e178a68b32039a89ed1aaed8c46d8f21a978a8d9cd3384149a3c7388bee5fcc4d2cd460937f9dd163230f0be970b84db31a303737307691a5bdb302b996681e59e2d313d52946d737eed8dee154008345140bf09fe224cac68d007f03585cb9380802d31a63976608b939c93449ee2e9244ad3e9799c3bf1296e1ad9a99417522f4010a5d95da717fd38670a306b378acb23a171dc51857712829c9d9db2d8230fcd4141f2b623c518c51f5ccf353337c9b7c6e9f0095cc646ea2dcab6afeea38f55bf8aae82c9c71511561a548c77dfcd9b28c1f3924728660f6160ade3ebad60e2590d5c53c631b13cc42f977886f09ceb6bb76d7483446ab7f5c73a3bd3fbcf688579f69cb78c79b933f9f3cee9d87e8692bc7aa74208a92bd1dd04eee0ce9676d19614ef89012b63fa428be48474359c24a32ed471d6cfee59c9f6eda943e2356c9a8d9696b2a65aea3122f97ac1525dcecac5acac5ad60d5f487c6df6f1ceedd58496e09611b32f25d66e1160aec91da12a7151d8fbeade7d78d49faeeb23a19a61b37873b60d682f6d5ee122f552afd79517dceffb66c175c5043d484ba48ec1bfef25e70a844605eae9052353c6a2f74f9ef9b455d9ffb52075f3746198d2adaab72a57e90bfe8436147a95fe5f6cbda226177daf87a6ebf4a2e1bd856d90635117a3c42e99d55f8508a2306b6b16e382b236a04769f85018fc1997772a7e8d5aa5580d564e06be9b6eef640816b87fa57211948502b7c63e0c9748c0573b3a6c52fe40e14df7c0e6e112bc41669a776e777747268b1a0d48264efbbacd4dbf4912bb55ea03c9052f1f4e5e046a86b0b0b9badd46349ceec968f5395b39f9e800ce5f369a7484e523b60b8e9f6a76c7a3b71af4304d26b8e3bc6bd5337c1027d9234e680a2bda9c1583587adf8f27150d691d92ce913d93c9d4e0c6c12384ec292a84506ee9f3b08a050c72998b6397c0e23cd250db8b363b70b498a4d4f4d49e8914593fe87693f9be57dd99ac6cbc2646f21b805726d72ecb2cccc43e6f129700ce2f7be7eeb11c5fd96b88a90f0240a29c1ad6b03672fd37e0c64038ac58d639d6fbb90c8955204e3051602ef0687d63021e54407cd0744a5d92f45dd5422e283cd8aa9659d21acb8476165c7ffd2efe9a27a6f0af586dc9cdbf1d23c0a8d3c13da8f8635049a5c0ac3e97a539042cbe9600c0a2f990406af2492d6cf0ffa74d704756ff6796e19752ceb8e2ccb563a81167dfc54661e91297da24163b0ddc92411b1f94486944c840df0acfa0b455ad942537f985a493022d9c5d14fbc1a2a4ffcf39287c6fb6c24ea1191ef14fb2d6d7df267c493c2df8fcfe408761e82ea0784e857f0162a54cd06362c1751f45f0610f431d66ef67986c43003b47cd6f9fb9a929e98793360fee221f7315052973f0ca953d5cb4b65aa72510166acef1668aa79e1db6205c025b348de330fcf6cfed2bd5b8c1a9ca14c392ea33dc9b1fa7bbeb2a52c5b2e5eedf5bf2601a786946a5eb5f51824d74fc880ae4a6bfd114d1c3c8c17c50356110fa382b3407435a09628412f0b36946bf572469163393aa85cbec4fc66094fe2fcffa5fe6ec9572b8e2f64a0ec6a6a278df1225f41c390862e8f2b5d7862c43fcced840bf8daa8553da67a73aa1908f92c4fbad588feac611037f2901feb4c4e1603206e3c5ac7b5d814603d51645d8acfcaada1207f21d110d7153ab616df239869c68b74f049f4894a89cab38e51e102103df73e84e4294586c3b1eba7b73c0134bd2275054368d31883a677d516716d6af45a3603f30aec45eb389eee7bac2cc41b174ae2bb02e38da832a53f190109bff0882b7ce850a282d144c4cba6821f15c3f56ef03e112c33c43512af47d11bba39a6172b178387520d24e029eac4d6810b3f4a80073b1eb9a79f7ef4d6d41d73a71d78cdd7c31051b919b45d4b87710b7525a7fb0f6aca4202dcb97d5de5cc2c35735281abdae918c8da3e0e17127eff56fa5f14a37a28a8fe36430f3f510bcebfb0167606bc2fbd2caf88347513cd15ca1e65dbba85d11c42222913e1fb62b8e9ef7e26cfaeca4d8456b6bf7dd2b7bb58ca7c76b9b2f79ed379a0c4b7f8913abb2a4c52b97e164b43de4157cad5eef2cd380273efcd7b99065c0c34d7ea15c7060cee9f3f8365c6bb0b7d63313b6b7efce37f21216078debdafdc51bdfb6c10dc9125cdccb287cbd59848cf83d6173fdc17ea1fcbee6196c4b7b3bb353d464f29886245fa29bbbec25cbe460036c33da17af679b2568020b5e2f02b8f9547278271ec29a66fd598ab72f174b50c876641da1d482ac6a5cda"}, &(0x7f0000002000)=0x1008) 04:52:58 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) [ 323.654088] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 323.663259] 23701 total pagecache pages [ 323.667339] 0 pages in swap cache [ 323.670850] Swap cache stats: add 0, delete 0, find 0/0 [ 323.676203] Free swap = 0kB [ 323.679209] Total swap = 0kB [ 323.682284] 1965979 pages RAM [ 323.685375] 0 pages HighMem/MovableOnly [ 323.689325] 333222 pages reserved [ 323.692891] 0 pages cma reserved 04:52:58 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) 04:52:58 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, &(0x7f0000000140)={0x0, @aes256}) [ 323.767980] EXT4-fs (sda1): Cannot specify journal on remount [ 323.774212] syz-executor.5: vmalloc: allocation failure: 0 bytes, mode:0x14000c0(GFP_KERNEL), nodemask=(null) 04:52:58 executing program 4: syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x28001) write$evdev(0xffffffffffffffff, &(0x7f0000000280)=[{}], 0x12) [ 323.815197] XFS (loop2): no-recovery mounts must be read-only. [ 323.857787] syz-executor.5 cpuset=syz5 mems_allowed=0-1 [ 323.884946] CPU: 0 PID: 20154 Comm: syz-executor.5 Not tainted 4.14.131 #25 [ 323.892102] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 323.901560] Call Trace: [ 323.904162] dump_stack+0x138/0x19c [ 323.907806] warn_alloc.cold+0x96/0x1af [ 323.911777] ? zone_watermark_ok_safe+0x2b0/0x2b0 [ 323.911792] ? lock_downgrade+0x6e0/0x6e0 [ 323.911810] ? avc_has_perm+0x2df/0x4b0 [ 323.911825] __vmalloc_node_range+0x3be/0x6a0 [ 323.911837] ? trace_hardirqs_on+0x10/0x10 [ 323.911849] vmalloc+0x46/0x50 [ 323.911859] ? sel_write_load+0x1a0/0x1050 [ 323.920863] sel_write_load+0x1a0/0x1050 [ 323.920876] ? save_trace+0x290/0x290 [ 323.920891] ? sel_read_bool+0x240/0x240 [ 323.920903] ? trace_hardirqs_on+0x10/0x10 04:52:58 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) 04:52:58 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, &(0x7f0000000140)={0x0, @aes256}) [ 323.920915] ? save_trace+0x290/0x290 [ 323.920930] __vfs_write+0x105/0x6b0 [ 323.920938] ? __lock_is_held+0xb6/0x140 [ 323.920946] ? sel_read_bool+0x240/0x240 [ 323.920956] ? kernel_read+0x120/0x120 [ 323.933613] ? __lock_is_held+0xb6/0x140 [ 323.933627] ? check_preemption_disabled+0x3c/0x250 [ 323.933643] ? rcu_lockdep_current_cpu_online+0xf2/0x140 [ 323.933654] ? rcu_read_lock_sched_held+0x110/0x130 [ 323.933664] ? rcu_sync_lockdep_assert+0x6d/0xb0 [ 323.941068] ? __sb_start_write+0x153/0x2f0 [ 323.941088] vfs_write+0x198/0x500 [ 323.941102] SyS_write+0xfd/0x230 [ 323.941112] ? SyS_read+0x230/0x230 [ 323.941121] ? do_syscall_64+0x53/0x640 [ 323.941131] ? SyS_read+0x230/0x230 [ 323.941142] do_syscall_64+0x1e8/0x640 [ 323.941149] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 323.941164] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 323.941173] RIP: 0033:0x4597c9 [ 323.996265] RSP: 002b:00007fbe448e1c78 EFLAGS: 00000246 [ 324.005311] ORIG_RAX: 0000000000000001 [ 324.005324] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000004597c9 04:52:58 executing program 5: socket$inet_udplite(0x2, 0x2, 0x88) ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") r0 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000140)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r0, &(0x7f0000000000)=ANY=[], 0x0) 04:52:58 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, &(0x7f0000000140)={0x0, @aes256}) 04:52:58 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) 04:52:58 executing program 0: mkdir(&(0x7f0000000000)='./file0\x00', 0xfffffffffffffffe) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', 0x0, 0x2001001, 0x0) syz_mount_image$ext4(0x0, &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x100020, &(0x7f0000000040)={[{@journal_dev={'journal_dev'}}]}) [ 324.005330] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000004 [ 324.005336] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 324.005357] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fbe448e26d4 [ 324.005372] R13: 00000000004c97d2 R14: 00000000004e0bc8 R15: 00000000ffffffff 04:52:59 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) [ 324.109835] syz-executor.5: vmalloc: allocation failure: 0 bytes, mode:0x14000c0(GFP_KERNEL), nodemask=(null) [ 324.124632] syz-executor.5 cpuset=syz5 mems_allowed=0-1 [ 324.152090] CPU: 0 PID: 20186 Comm: syz-executor.5 Not tainted 4.14.131 #25 [ 324.159225] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 324.168696] Call Trace: [ 324.168716] dump_stack+0x138/0x19c [ 324.168731] warn_alloc.cold+0x96/0x1af [ 324.168740] ? zone_watermark_ok_safe+0x2b0/0x2b0 [ 324.168753] ? lock_downgrade+0x6e0/0x6e0 [ 324.168769] ? avc_has_perm+0x2df/0x4b0 [ 324.168783] __vmalloc_node_range+0x3be/0x6a0 [ 324.168793] ? trace_hardirqs_on+0x10/0x10 [ 324.168804] vmalloc+0x46/0x50 [ 324.168812] ? sel_write_load+0x1a0/0x1050 [ 324.168820] sel_write_load+0x1a0/0x1050 [ 324.168829] ? save_trace+0x290/0x290 [ 324.168844] ? sel_read_bool+0x240/0x240 [ 324.168854] ? trace_hardirqs_on+0x10/0x10 [ 324.168863] ? save_trace+0x290/0x290 [ 324.168876] __vfs_write+0x105/0x6b0 [ 324.168885] ? __lock_is_held+0xb6/0x140 [ 324.168893] ? sel_read_bool+0x240/0x240 [ 324.168902] ? kernel_read+0x120/0x120 [ 324.168911] ? __lock_is_held+0xb6/0x140 [ 324.168921] ? check_preemption_disabled+0x3c/0x250 [ 324.168934] ? rcu_lockdep_current_cpu_online+0xf2/0x140 [ 324.168945] ? rcu_read_lock_sched_held+0x110/0x130 [ 324.168954] ? rcu_sync_lockdep_assert+0x6d/0xb0 [ 324.168962] ? __sb_start_write+0x153/0x2f0 [ 324.168972] vfs_write+0x198/0x500 [ 324.168984] SyS_write+0xfd/0x230 [ 324.168994] ? SyS_read+0x230/0x230 [ 324.169003] ? do_syscall_64+0x53/0x640 [ 324.169012] ? SyS_read+0x230/0x230 [ 324.169022] do_syscall_64+0x1e8/0x640 [ 324.169034] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 324.179206] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 324.190002] RIP: 0033:0x4597c9 [ 324.198468] XFS (loop2): no-recovery mounts must be read-only. [ 324.198545] RSP: 002b:00007fbe448e1c78 EFLAGS: 00000246 [ 324.210168] ORIG_RAX: 0000000000000001 [ 324.210175] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000004597c9 [ 324.210180] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000004 [ 324.210184] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 324.210189] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fbe448e26d4 04:52:59 executing program 2: mknod(&(0x7f0000000000)='./file0\x00', 0xc000, 0xb47) syz_mount_image$xfs(&(0x7f0000000040)='xfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0xfffffffffffffc31, 0x0, 0x200000, &(0x7f00000000c0)=ANY=[@ANYBLOB="6e6f7265636f766572792c62696f73697a653d30303030303030303030303030303030303830372c6c6f676465763d2e1cfb6b4b0c339a9104f049e7200244c26ace470ec37e61ca06a8603a73d47907407449618a83b6906eeeb18a748b8c5525dce3efe60b110e70bcd1078352e0d0cc84222ec4bdc64f474d61546b3f4e4a7e71480ceedf75a40f725a9d84626aed4f0056e3916475872edfd36353267a65507a7c6041c7fdafe099dcc149dc1bf70c2379e1963c6afc2560d118699269aa095f655370aacde3911753548b05f6ae7366203719e8db5becd423f553a21d4c76da1b797d77ef974ae9c7b6944c16bc7bc59523ecd54a72c89fd7dcb40b5bebc87fe6d56f598dd5977126200000"]) r0 = accept$alg(0xffffffffffffffff, 0x0, 0x0) accept(r0, &(0x7f0000000200)=@isdn, &(0x7f0000000280)=0x80) 04:52:59 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, &(0x7f0000000140)={0x0, @aes256}) 04:52:59 executing program 4: syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x28001) write$evdev(0xffffffffffffffff, &(0x7f0000000280)=[{}], 0x12) 04:52:59 executing program 5: socket$inet_udplite(0x2, 0x2, 0x88) ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") r0 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000140)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r0, &(0x7f0000000000)=ANY=[], 0x0) 04:52:59 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) [ 324.210194] R13: 00000000004c97d2 R14: 00000000004e0bc8 R15: 00000000ffffffff [ 324.237347] EXT4-fs (sda1): Cannot specify journal on remount 04:52:59 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, &(0x7f0000000140)={0x0, @aes256}) 04:52:59 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) [ 324.438192] EXT4-fs (sda1): Cannot specify journal on remount [ 324.461440] syz-executor.5: vmalloc: allocation failure: 0 bytes, mode:0x14000c0(GFP_KERNEL), nodemask=(null) [ 324.485523] syz-executor.5 cpuset=syz5 mems_allowed=0-1 [ 324.491306] CPU: 1 PID: 20212 Comm: syz-executor.5 Not tainted 4.14.131 #25 [ 324.498554] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 324.508004] Call Trace: [ 324.510600] dump_stack+0x138/0x19c [ 324.510618] warn_alloc.cold+0x96/0x1af [ 324.510628] ? zone_watermark_ok_safe+0x2b0/0x2b0 [ 324.510643] ? lock_downgrade+0x6e0/0x6e0 [ 324.510659] ? avc_has_perm+0x2df/0x4b0 [ 324.518321] __vmalloc_node_range+0x3be/0x6a0 [ 324.535944] ? trace_hardirqs_on+0x10/0x10 [ 324.535962] vmalloc+0x46/0x50 [ 324.535971] ? sel_write_load+0x1a0/0x1050 [ 324.535980] sel_write_load+0x1a0/0x1050 [ 324.543565] ? save_trace+0x290/0x290 [ 324.555649] ? sel_read_bool+0x240/0x240 [ 324.559722] ? trace_hardirqs_on+0x10/0x10 [ 324.563972] ? save_trace+0x290/0x290 [ 324.567779] __vfs_write+0x105/0x6b0 [ 324.571759] ? __lock_is_held+0xb6/0x140 [ 324.575853] ? sel_read_bool+0x240/0x240 [ 324.580388] ? kernel_read+0x120/0x120 [ 324.584285] ? __lock_is_held+0xb6/0x140 [ 324.588360] ? check_preemption_disabled+0x3c/0x250 [ 324.593383] ? rcu_lockdep_current_cpu_online+0xf2/0x140 [ 324.598843] ? rcu_read_lock_sched_held+0x110/0x130 [ 324.603880] ? rcu_sync_lockdep_assert+0x6d/0xb0 [ 324.608642] ? __sb_start_write+0x153/0x2f0 [ 324.612970] vfs_write+0x198/0x500 [ 324.616530] SyS_write+0xfd/0x230 [ 324.619991] ? SyS_read+0x230/0x230 [ 324.623624] ? do_syscall_64+0x53/0x640 [ 324.627603] ? SyS_read+0x230/0x230 [ 324.631241] do_syscall_64+0x1e8/0x640 04:52:59 executing program 2: readlink(&(0x7f0000000000)='./file0/file0\x00', &(0x7f00000000c0)=""/4096, 0x1000) syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x1f2c, 0x80) 04:52:59 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) 04:52:59 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) [ 324.635129] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 324.639980] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 324.645172] RIP: 0033:0x4597c9 [ 324.648362] RSP: 002b:00007fbe448e1c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 324.656096] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000004597c9 [ 324.656101] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000004 [ 324.656106] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 324.656111] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fbe448e26d4 04:52:59 executing program 0: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', 0x0, 0x2001001, 0x0) r0 = syz_open_dev$admmidi(&(0x7f0000000100)='/dev/admmidi#\x00', 0xba3, 0x8440) ioctl$VIDIOC_SUBDEV_ENUM_MBUS_CODE(r0, 0xc0305602, &(0x7f0000000140)={0x0, 0x7, 0x301f}) syz_mount_image$ext4(0x0, &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x100020, &(0x7f0000000040)={[{@journal_dev={'journal_dev'}}]}) 04:52:59 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, &(0x7f0000000140)={0x0, @aes256}) 04:52:59 executing program 4: syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x28001) write$evdev(0xffffffffffffffff, &(0x7f0000000280)=[{}], 0x12) 04:52:59 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) [ 324.656116] R13: 00000000004c97d2 R14: 00000000004e0bc8 R15: 00000000ffffffff [ 324.658409] warn_alloc_show_mem: 2 callbacks suppressed [ 324.658412] Mem-Info: 04:52:59 executing program 2: syz_mount_image$xfs(&(0x7f0000000040)='xfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x3d6, 0x0, 0x0, &(0x7f0000002680)=ANY=[]) [ 324.777057] active_anon:120854 inactive_anon:1224 isolated_anon:0 [ 324.777057] active_file:8251 inactive_file:12866 isolated_file:0 [ 324.777057] unevictable:0 dirty:499 writeback:0 unstable:0 [ 324.777057] slab_reclaimable:12130 slab_unreclaimable:109707 [ 324.777057] mapped:59065 shmem:2595 pagetables:1204 bounce:0 [ 324.777057] free:1271057 free_pcp:311 free_cma:0 [ 324.835862] Node 0 active_anon:485260kB inactive_anon:4896kB active_file:32864kB inactive_file:51464kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:236160kB dirty:1992kB writeback:0kB shmem:10380kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 434176kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 324.873683] Node 1 active_anon:0kB inactive_anon:0kB active_file:140kB inactive_file:0kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:4kB writeback:0kB shmem:0kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 324.913694] Node 0 DMA free:15908kB min:216kB low:268kB high:320kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 324.947752] EXT4-fs (sda1): Cannot specify journal on remount [ 324.949309] lowmem_reserve[]: 0 2580 2580 2580 [ 324.964189] Node 0 DMA32 free:1281868kB min:36468kB low:45584kB high:54700kB active_anon:483260kB inactive_anon:4896kB active_file:32864kB inactive_file:51464kB unevictable:0kB writepending:1992kB present:3129332kB managed:2644912kB mlocked:0kB kernel_stack:7456kB pagetables:4520kB bounce:0kB free_pcp:1132kB local_pcp:648kB free_cma:0kB [ 324.998886] lowmem_reserve[]: 0 0 0 0 [ 325.002867] Node 0 Normal free:0kB min:0kB low:0kB high:0kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:0kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 325.028370] lowmem_reserve[]: 0 0 0 0 [ 325.032417] Node 1 Normal free:3786832kB min:53420kB low:66772kB high:80124kB active_anon:0kB inactive_anon:0kB active_file:140kB inactive_file:0kB unevictable:0kB writepending:4kB present:3932160kB managed:3870208kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 325.065584] lowmem_reserve[]: 0 0 0 0 [ 325.069918] Node 0 DMA: 1*4kB (U) 0*8kB 0*16kB 1*32kB (U) 2*64kB (U) 1*128kB (U) 1*256kB (U) 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15908kB [ 325.084325] Node 0 DMA32: 10665*4kB (UME) 2647*8kB (UME) 2743*16kB (UME) 1765*32kB (UME) 814*64kB (UM) 87*128kB (UM) 9*256kB (UME) 4*512kB (ME) 2*1024kB (UE) 4*2048kB (UME) 254*4096kB (M) = 1282412kB [ 325.102342] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 325.113129] Node 1 Normal: 48*4kB (UE) 360*8kB (UME) 279*16kB (UME) 53*32kB (UME) 17*64kB (UME) 12*128kB (UE) 4*256kB (UM) 3*512kB (UE) 2*1024kB (ME) 5*2048kB (UME) 918*4096kB (M) = 3786832kB [ 325.130680] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB 04:53:00 executing program 5: socket$inet_udplite(0x2, 0x2, 0x88) ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") r0 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000140)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r0, &(0x7f0000000000)=ANY=[], 0x0) 04:53:00 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, &(0x7f0000000140)={0x0, @aes256}) 04:53:00 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) 04:53:00 executing program 2: r0 = openat$selinux_mls(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/mls\x00', 0x0, 0x0) ioctl$KVM_GET_REGS(r0, 0x8090ae81, &(0x7f00000000c0)) syz_mount_image$xfs(&(0x7f0000000040)='xfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000002680)=ANY=[@ANYBLOB='norecovery,biosize=00000000000000000007,logdev=.']) 04:53:00 executing program 4: syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x28001) write$evdev(0xffffffffffffffff, &(0x7f0000000280)=[{}], 0x12) 04:53:00 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, &(0x7f0000000140)={0x0, @aes256}) [ 325.130689] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 325.130696] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 325.130702] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 325.130706] 23722 total pagecache pages [ 325.130719] 0 pages in swap cache [ 325.130725] Swap cache stats: add 0, delete 0, find 0/0 [ 325.130729] Free swap = 0kB [ 325.130732] Total swap = 0kB [ 325.130737] 1965979 pages RAM 04:53:00 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, &(0x7f0000000140)={0x0, @aes256}) [ 325.130740] 0 pages HighMem/MovableOnly [ 325.130743] 333222 pages reserved [ 325.130747] 0 pages cma reserved [ 325.206746] syz-executor.5: vmalloc: allocation failure: 0 bytes, mode:0x14000c0(GFP_KERNEL), nodemask=(null) [ 325.252911] syz-executor.5 cpuset=syz5 mems_allowed=0-1 [ 325.274488] XFS (loop2): no-recovery mounts must be read-only. [ 325.275885] EXT4-fs (sda1): Cannot specify journal on remount [ 325.295696] CPU: 1 PID: 20255 Comm: syz-executor.5 Not tainted 4.14.131 #25 [ 325.302836] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 325.312202] Call Trace: [ 325.312223] dump_stack+0x138/0x19c [ 325.312240] warn_alloc.cold+0x96/0x1af [ 325.312250] ? zone_watermark_ok_safe+0x2b0/0x2b0 [ 325.312263] ? lock_downgrade+0x6e0/0x6e0 [ 325.312279] ? avc_has_perm+0x2df/0x4b0 [ 325.312294] __vmalloc_node_range+0x3be/0x6a0 [ 325.312305] ? trace_hardirqs_on+0x10/0x10 [ 325.312316] vmalloc+0x46/0x50 [ 325.312326] ? sel_write_load+0x1a0/0x1050 [ 325.318516] sel_write_load+0x1a0/0x1050 [ 325.318530] ? save_trace+0x290/0x290 [ 325.318549] ? sel_read_bool+0x240/0x240 [ 325.318562] ? trace_hardirqs_on+0x10/0x10 [ 325.368263] ? save_trace+0x290/0x290 [ 325.372075] __vfs_write+0x105/0x6b0 [ 325.375775] ? __lock_is_held+0xb6/0x140 [ 325.379818] ? sel_read_bool+0x240/0x240 [ 325.383872] ? kernel_read+0x120/0x120 [ 325.387740] ? __lock_is_held+0xb6/0x140 [ 325.391781] ? check_preemption_disabled+0x3c/0x250 [ 325.396780] ? rcu_lockdep_current_cpu_online+0xf2/0x140 [ 325.402213] ? rcu_read_lock_sched_held+0x110/0x130 [ 325.407216] ? rcu_sync_lockdep_assert+0x6d/0xb0 [ 325.411950] ? __sb_start_write+0x153/0x2f0 [ 325.416253] vfs_write+0x198/0x500 [ 325.419780] SyS_write+0xfd/0x230 [ 325.423216] ? SyS_read+0x230/0x230 [ 325.426824] ? do_syscall_64+0x53/0x640 [ 325.430781] ? SyS_read+0x230/0x230 [ 325.434391] do_syscall_64+0x1e8/0x640 [ 325.438280] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 325.443124] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 325.448308] RIP: 0033:0x4597c9 [ 325.451483] RSP: 002b:00007fbe448e1c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 325.459184] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000004597c9 [ 325.466440] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000004 [ 325.473796] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 325.481056] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fbe448e26d4 [ 325.488339] R13: 00000000004c97d2 R14: 00000000004e0bc8 R15: 00000000ffffffff 04:53:00 executing program 0: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', 0x0, 0x2001001, 0x0) syz_mount_image$ext4(0x0, &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x100020, &(0x7f0000000040)={[{@journal_dev={'journal_dev'}}]}) 04:53:00 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, &(0x7f0000000140)={0x0, @aes256}) 04:53:00 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) 04:53:00 executing program 5: socket$inet_udplite(0x2, 0x2, 0x88) ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") r0 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000140)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r0, &(0x7f0000000000)=ANY=[], 0x0) 04:53:00 executing program 4: syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x28001) write$evdev(0xffffffffffffffff, &(0x7f0000000280)=[{}], 0x12) 04:53:00 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) [ 325.584248] XFS (loop2): no-recovery mounts must be read-only. [ 325.596970] syz-executor.5: vmalloc: allocation failure: 0 bytes, mode:0x14000c0(GFP_KERNEL), nodemask=(null) [ 325.610854] syz-executor.5 cpuset=syz5 mems_allowed=0-1 [ 325.622660] CPU: 1 PID: 20283 Comm: syz-executor.5 Not tainted 4.14.131 #25 [ 325.629882] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 325.639236] Call Trace: [ 325.641815] dump_stack+0x138/0x19c [ 325.645597] warn_alloc.cold+0x96/0x1af [ 325.650213] ? zone_watermark_ok_safe+0x2b0/0x2b0 [ 325.655042] ? lock_downgrade+0x6e0/0x6e0 [ 325.659193] ? avc_has_perm+0x2df/0x4b0 [ 325.663171] __vmalloc_node_range+0x3be/0x6a0 [ 325.667672] ? trace_hardirqs_on+0x10/0x10 [ 325.671889] vmalloc+0x46/0x50 [ 325.675058] ? sel_write_load+0x1a0/0x1050 [ 325.679265] sel_write_load+0x1a0/0x1050 [ 325.683327] ? save_trace+0x290/0x290 [ 325.687117] ? sel_read_bool+0x240/0x240 [ 325.691159] ? trace_hardirqs_on+0x10/0x10 [ 325.695372] ? save_trace+0x290/0x290 [ 325.699178] __vfs_write+0x105/0x6b0 [ 325.702872] ? __lock_is_held+0xb6/0x140 [ 325.706912] ? sel_read_bool+0x240/0x240 [ 325.710956] ? kernel_read+0x120/0x120 [ 325.714822] ? __lock_is_held+0xb6/0x140 [ 325.718872] ? check_preemption_disabled+0x3c/0x250 [ 325.723869] ? rcu_lockdep_current_cpu_online+0xf2/0x140 [ 325.729311] ? rcu_read_lock_sched_held+0x110/0x130 [ 325.734310] ? rcu_sync_lockdep_assert+0x6d/0xb0 [ 325.739041] ? __sb_start_write+0x153/0x2f0 [ 325.743344] vfs_write+0x198/0x500 [ 325.746956] SyS_write+0xfd/0x230 [ 325.750394] ? SyS_read+0x230/0x230 [ 325.754014] ? do_syscall_64+0x53/0x640 [ 325.757967] ? SyS_read+0x230/0x230 [ 325.761594] do_syscall_64+0x1e8/0x640 [ 325.765464] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 325.770328] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 325.775503] RIP: 0033:0x4597c9 04:53:00 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, &(0x7f0000000140)={0x0, @aes256}) [ 325.778682] RSP: 002b:00007fbe448e1c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 325.786378] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000004597c9 [ 325.793631] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000004 [ 325.800893] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 325.808165] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fbe448e26d4 [ 325.815450] R13: 00000000004c97d2 R14: 00000000004e0bc8 R15: 00000000ffffffff [ 325.829000] warn_alloc_show_mem: 1 callbacks suppressed 04:53:00 executing program 2: syz_mount_image$xfs(&(0x7f0000000040)='xfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000002680)=ANY=[@ANYBLOB='norecovery,biosize=00000000000000000007,logdev=.']) r0 = syz_open_dev$audion(&(0x7f00000000c0)='/dev/audio#\x00', 0x6c, 0x20001) ioctl$UI_SET_KEYBIT(r0, 0x40045565, 0x146) syz_open_dev$sndtimer(&(0x7f0000000000)='/dev/snd/timer\x00', 0x0, 0x10000) [ 325.829004] Mem-Info: [ 325.837198] active_anon:120818 inactive_anon:1223 isolated_anon:0 [ 325.837198] active_file:8252 inactive_file:12878 isolated_file:0 [ 325.837198] unevictable:0 dirty:512 writeback:0 unstable:0 [ 325.837198] slab_reclaimable:12130 slab_unreclaimable:109678 [ 325.837198] mapped:59060 shmem:2594 pagetables:1164 bounce:0 [ 325.837198] free:1271194 free_pcp:331 free_cma:0 [ 325.873807] Node 0 active_anon:483272kB inactive_anon:4892kB active_file:32868kB inactive_file:51512kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:236240kB dirty:2044kB writeback:0kB shmem:10376kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 434176kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 325.903074] Node 1 active_anon:0kB inactive_anon:0kB active_file:140kB inactive_file:0kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:4kB writeback:0kB shmem:0kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no 04:53:00 executing program 4: syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x28001) write$evdev(0xffffffffffffffff, &(0x7f0000000280)=[{}], 0x12) [ 325.929341] Node 0 DMA free:15908kB min:216kB low:268kB high:320kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 325.956323] lowmem_reserve[]: 0 2580 2580 2580 [ 325.961140] Node 0 DMA32 free:1282868kB min:36468kB low:45584kB high:54700kB active_anon:481128kB inactive_anon:4892kB active_file:32868kB inactive_file:51512kB unevictable:0kB writepending:2044kB present:3129332kB managed:2644912kB mlocked:0kB kernel_stack:7424kB pagetables:4508kB bounce:0kB free_pcp:1248kB local_pcp:624kB free_cma:0kB [ 325.991294] lowmem_reserve[]: 0 0 0 0 [ 325.995125] Node 0 Normal free:0kB min:0kB low:0kB high:0kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:0kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 326.021936] lowmem_reserve[]: 0 0 0 0 04:53:00 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, &(0x7f0000000140)={0x0, @aes256}) [ 326.025759] Node 1 Normal free:3786832kB min:53420kB low:66772kB high:80124kB active_anon:0kB inactive_anon:0kB active_file:140kB inactive_file:0kB unevictable:0kB writepending:4kB present:3932160kB managed:3870208kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 326.064983] lowmem_reserve[]: 0 0 0 0 [ 326.068935] Node 0 DMA: 1*4kB (U) 0*8kB 0*16kB 1*32kB (U) 2*64kB (U) 1*128kB (U) 1*256kB (U) 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15908kB 04:53:01 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) 04:53:01 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, &(0x7f0000000140)={0x0, @aes256}) [ 326.104201] Node 0 DMA32: 10599*4kB (UME) 2609*8kB (ME) 2721*16kB (UME) 1773*32kB (UME) 814*64kB (UM) 87*128kB (UM) 9*256kB (UME) 4*512kB (ME) 2*1024kB (UE) 3*2048kB (UME) 254*4096kB (M) = 1279700kB [ 326.185001] XFS (loop2): no-recovery mounts must be read-only. [ 326.191834] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 326.266812] Node 1 Normal: 48*4kB (UE) 360*8kB (UME) 279*16kB (UME) 53*32kB (UME) 17*64kB (UME) 12*128kB (UE) 4*256kB (UM) 3*512kB (UE) 2*1024kB (ME) 5*2048kB (UME) 918*4096kB (M) = 3786832kB [ 326.291331] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 326.304754] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB 04:53:01 executing program 4: syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x28001) write$evdev(0xffffffffffffffff, &(0x7f0000000280)=[{}], 0x12) 04:53:01 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) 04:53:01 executing program 0: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f0000000780)='./file0/file0\x00', 0x0, 0x20808, 0x0) r0 = syz_open_dev$amidi(&(0x7f0000000680)='/dev/amidi#\x00', 0x2e, 0x204202) ioctl$PPPIOCSACTIVE(r0, 0x40107446, &(0x7f0000000700)={0x8, &(0x7f00000006c0)=[{0x0, 0x8, 0x1, 0x401}, {0x10000, 0x7, 0x40, 0xff}, {0x7, 0x1, 0x8, 0xffffffffffff8446}, {0xffffffffffffffff, 0x80000001, 0x3, 0xfff}, {0x2, 0x9, 0x4, 0x100000001}, {0x8c4, 0x9, 0x7f, 0x800}, {0x7, 0x5, 0x4, 0x6}, {0x9, 0x2, 0xfffffffffffeffff}]}) syz_mount_image$ext4(0x0, &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x100020, &(0x7f00000007c0)=ANY=[@ANYBLOB="6a6f75726e616c5f6465763d3078303030303030303030303030303030302c005a744407a7966e9b02ea075689b41f668d1d237118eb6d21c969e21cebfd99433299186a9bbcfddc0eee8b3af2bba60b411cce49a02ab6c9d54084f183d1a94f6e867b00e25df4013afac9c70eceec22413635097548b743bc8e1a2fde8f503d3ad50f92d11239c659a6cafb040aefdfc7d87179b7f732d9bed1642abfe1a9836d54b5a6cd07e165c1b4594cc891d6b526c02f0d7bc4c0553b854f108cc80431c6753501cc8ae0bd0495cd3b3e5f4d8e8629c5a282cd9390d1e69d9d74b0d4f5f8c500"/239]) syz_mount_image$ceph(&(0x7f0000000100)='ceph\x00', &(0x7f0000000140)='./file0\x00', 0x6, 0x5, &(0x7f00000005c0)=[{&(0x7f0000000180)="20b95d874f8209b7977bdced60c2e1e26d38f70704c07c77d0f6b015217639ed9ed34a6e906ba3a38d9d97136a8b918711c9ab2f1157344c03223c90f276af587b5afe68e699278abd4f56e4226129a20c25be572107bac2c39d3858876ad3ab4d4d20997314f8f82a966e9b75327af779f00c0ca3ad10f4ac2158345d956e7a23fe237094c6609ef63628817eb4d734dec43552148f97308514a438e1c3e69388e65ad192d0a1fb56156b59d931335824e24decd43000c04b20f7fda45993e3ba79c8a685e07b61d1a1fd1df733d9012f01c767c1feea10bb9d9491b6bcebcba158e652b12ad096a3f2d2eb6d8cd92b52", 0xf1, 0x100}, {&(0x7f0000000280)="9e4c2062990afde2e417d5ec6835e626b8736a9555be173eb9fbd371868ff10f1ff7e95d32d8e1f6a5ef97ba3578afae1068a96028cd8f4b58c6545a812b83182a5762b4697bb52c4d88dac53f1dbd8740351f0e5606a23c98cc59e3ee095fbc7082d10478be0ec1936db1fef6c499e22f28b9f10aa96b39f957e655c641a9c9015ccded805085a49b45d8c712549bc2c6075190fc02e2d7b8aee7f72cb033ad6e00ec5e994c013ead416ef0d07d02e5af388fe8f09451136241fe079c1d15a10bd7", 0xc2, 0x1}, {&(0x7f0000000380)="95be543b3c3167b530257e6cb626b5bf6b8fcd80934abca6fcecdbf60faf9cc30bb1ef4c06bbcf6bd7b177a2034f6f9bd601b382a2d276d9381e58aacda3f8ca5a21413f32402773fa3ee53d812bab5360ef3ada5d4f3525ef23321cd30b552715cd923f0e25e4a81eaaa9029242d5f45b3b1acbdbd76b1bd05b668f75dfcc4f7bec9fc501222ef96a1a9c7b257a5adf6df731256371a98d508f", 0x9a, 0x1}, {&(0x7f0000000440)="4f639b85853ba9d044b3e6e5f706c8972d2d76c7bb4af7509ef3dea97cb5a88ac38af954df41dd6ce85e74921930d3ac9c0d131577d852b87d00e9775ce03f9e480e82e9ff8a9191621501a672bf95ce4828b2941b3b3d37a263933de272acd556f700c6b4843d8009814621fb50b33d43cf48e85d899c12c594f88fb44a265432f06b77c9733e24b1c410d5d3e4efd89b491fd21a5f074c9a980a2be9a9412da6a3aed8b73dcfb26952b1ceaff0e59f8b22028a5338241854d2c9f8fbf451d9416a9bacff4d531d22fc344bd5d2bce814b8a3faabb9765fdb9674a3eb2928a5860bb16ecda956", 0xe7, 0x2b}, {&(0x7f0000000540)="f6cfc239c3c07a1acdb4a679085e72b55960670c89291df8e5e5a817b579fb9759d5f28c95a433922e778bc7db9cf5605263a62676cbb2a1b0c7c16ef4d57cfde444b57c6c09983f2052d92abf66b9ae72dc2ad09cb80e72c7d3078bb4f5ad99823618e1a6700d6395dad41067052c46cd3fec4c764a63f728ad0cff77dcc992", 0x80, 0x7}], 0x28024, &(0x7f0000000640)='journal_dev') [ 326.304764] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 326.316002] XFS (loop2): no-recovery mounts must be read-only. [ 326.332079] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 326.356278] 23735 total pagecache pages 04:53:01 executing program 5: socket$inet_udplite(0x2, 0x2, 0x88) ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") r0 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000140)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r0, &(0x7f0000000000)=ANY=[], 0x0) 04:53:01 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, &(0x7f0000000140)={0x0, @aes256}) 04:53:01 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) 04:53:01 executing program 2: r0 = socket$inet_sctp(0x2, 0x5, 0x84) syz_mount_image$xfs(&(0x7f0000000040)='xfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000002680)=ANY=[@ANYBLOB='norecovery,biosize=00000000000000000007,logdev=.']) getsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(0xffffffffffffffff, 0x84, 0x1f, &(0x7f0000000140)={0x0, @in={{0x2, 0x6, @initdev={0xac, 0x1e, 0x0, 0x0}}}, 0x2, 0xfffffffffffffffc}, &(0x7f0000000200)=0x90) getsockopt$inet_sctp_SCTP_RTOINFO(r0, 0x84, 0x0, &(0x7f0000000440)={0x0, 0x3ff, 0x0, 0x100000001}, &(0x7f0000000480)=0x10) getsockopt$inet_sctp_SCTP_DEFAULT_SEND_PARAM(r0, 0x84, 0xa, &(0x7f00000004c0)={0x0, 0x1, 0x1, 0x2498, 0x2, 0x1, 0x80, 0x4, 0x0}, &(0x7f0000000500)=0x20) getsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(0xffffffffffffffff, 0x84, 0x72, &(0x7f0000000540)={0x0, 0x800, 0x30}, &(0x7f0000000580)=0xc) getsockopt$inet_sctp_SCTP_PR_SUPPORTED(r0, 0x84, 0x71, &(0x7f0000001e40)={0x0, 0xfffffffffffffffe}, &(0x7f0000001e80)=0x8) getsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r0, 0x84, 0x75, &(0x7f0000003bc0)={0x0, 0x101}, &(0x7f0000003c00)=0x8) getsockopt$inet_sctp_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x76, &(0x7f0000003dc0)={0x0, 0x40}, &(0x7f0000003e00)=0x8) getsockopt$inet_sctp6_SCTP_PARTIAL_DELIVERY_POINT(0xffffffffffffff9c, 0x84, 0x13, &(0x7f0000003e40)={0x0, 0x7f}, 0xfffffffffffffffe) getsockopt$inet_sctp_SCTP_LOCAL_AUTH_CHUNKS(r0, 0x84, 0x1b, &(0x7f0000005600)={0x0, 0x32, "329ecc52b5d25bc4369f3b7e3ca3081183760716e33cf59cb03de1f27fcd7d9859ccded6350a78291fae9cc0a1356c68243e"}, &(0x7f0000005640)=0x3a) getsockopt$inet_sctp_SCTP_GET_ASSOC_STATS(r0, 0x84, 0x70, &(0x7f0000005680)={0x0, @in6={{0xa, 0x4e20, 0x81, @mcast1, 0x4}}, [0x100000001, 0x7fffffff, 0x4, 0x1, 0x800, 0x4ea5, 0xffffffffffffc68b, 0x6, 0x0, 0x9, 0xfffffffffffff801, 0x0, 0x5, 0x2, 0xfffffffffffffffb]}, &(0x7f0000005780)=0x100) getsockopt$inet_sctp_SCTP_STREAM_SCHEDULER(r0, 0x84, 0x7b, &(0x7f00000057c0)={0x0, 0x5673}, &(0x7f0000005800)=0x8) getsockopt$inet_sctp6_SCTP_DEFAULT_SNDINFO(0xffffffffffffffff, 0x84, 0x22, &(0x7f0000005840)={0x9, 0x800a, 0x5, 0x0, 0x0}, &(0x7f0000005880)=0x10) getsockopt$inet_sctp_SCTP_GET_LOCAL_ADDRS(r0, 0x84, 0x6d, &(0x7f0000007180)=ANY=[@ANYRES32=0x0, @ANYBLOB="b000000074646bdb4d255b365bd5cb9d3cf6a00d392805427b83f2221caf07fcb9d5632f9086dc858b6a2a48190f4d727ce496ba856d7d840538f990a41b9c7f9cad64eed1ef7178fb03b15103db23ae2d2b4bbece546fb7942c6325475112d26ce220dea5becedf426dfdf1529a46fe80745a880d3144f9a1d327edd58afaa982aed23f887d07cd4aa0abc4ac5e605d4737784678f523fbeeacc3554d1f70fd5bdf673117842f084e4c385a84baf7b3184a2d3ad1123c20c942470b12e7f1"], &(0x7f0000005980)=0xb8) sendmmsg$inet_sctp(r0, &(0x7f0000006f40)=[{&(0x7f0000000000)=@in6={0xa, 0x4e22, 0x80, @initdev={0xfe, 0x88, [], 0x1, 0x0}, 0x2}, 0x1c, &(0x7f0000000100)=[{&(0x7f00000000c0)="2c6f401a42cffde95f8795c24ffcbcb41182efe4e2fde78cb85135e438cddebc2f9718fc709719990e4a61ccd56d41f2cf36a4bd7d431dd4c21e259504", 0x3d}], 0x1, &(0x7f0000000240)=[@prinfo={0x18, 0x84, 0x5, {0x30, 0x1f}}, @sndrcv={0x30, 0x84, 0x1, {0x50d0, 0x400, 0x0, 0x401, 0x1, 0x7, 0x0, 0x7, r1}}], 0x48, 0x20000800}, {&(0x7f00000002c0)=@in={0x2, 0x4e22, @dev={0xac, 0x14, 0x14, 0x22}}, 0x10, &(0x7f0000000380)=[{&(0x7f0000000300)="3603a1bd98c9271eccecbc62c2c171de389c4a166e956226146041f71028d4a351a72c9db3f6fb6c9f93fbdd320be6272f20bd0f874efc920ba75b18a8c4e61bbb355a91d765aa06405a887a722d330fe5807f43d0f3af34", 0x58}], 0x1, &(0x7f00000005c0)=[@init={0x18, 0x84, 0x0, {0xfff, 0x3f, 0x401, 0x1}}, @prinfo={0x18, 0x84, 0x5, {0x30, 0x401}}, @sndrcv={0x30, 0x84, 0x1, {0x1c8, 0x7ff, 0x2, 0x2, 0x100000001, 0x6, 0x5, 0x0, r2}}, @sndrcv={0x30, 0x84, 0x1, {0x2, 0x6, 0x9, 0x3, 0x4, 0x7, 0x9, 0x2, r3}}, @sndinfo={0x20, 0x84, 0x2, {0x9, 0x2, 0x2, 0x30, r4}}], 0xb0, 0x44}, {&(0x7f0000000680)=@in6={0xa, 0x4e22, 0xc1, @mcast1, 0x10000}, 0x1c, &(0x7f0000000980)=[{&(0x7f00000006c0)="e9f822769a1072a545270a7413b0aae02f150127fa1a84de5bc498a100b09d45ec097ea18d51d5a9febeca62ace4ee6036c569cb00b440a944189a2f18db18d8665cdf87f110d2a103c0a59275eef245f007d89e54ea8b1ccc0f77ea142d0fec211811377500363df9e3ed0d53f67d1947f58f69cd67ef6b589c59423477556138dd266a9bf1bcac834cc9ca535263cc70", 0x91}, {&(0x7f0000000780)="b95f4437b96159", 0x7}, {&(0x7f00000007c0)="2922cd0c71d755e3540736b9d75cbb378fdb064858b5197369537c930057931a5441c060728c91e3fb61c1afc9390fa889916a0f5ada952a1302922bd01ce88e1b1a784d36445b26d545990a77c0a28516d64e5af24e1046024a9d6df93e8e29f2314799350f91bf73388561b842e9990728a111ccc6c8413d10583c237613a7ac88133bfc29571bd79466a9c12aaca70bb6eeb0f0995cc2ab67806369d0a3076c68d363f879b18033847937c7cf8386785df3724b51dd43b214d6fc652536a77e6000977fd758b6dd", 0xc9}, {&(0x7f00000008c0)="538477453b754b8978dc56725309aefbf63df02bd8ba7b818f067e076bedc4b7b64cfc8548eff1c311832aba05976e18da2b04470e866c419298633e13573e0c5ced2c6c89765e96407f3e5c387a76ffeff917b558ef6681a39d87fb67709c2489f2752940022f0c718ec7e94414ffe482b36f8e0afa7ad61ee0678b7fb591ff181997e0436f21718406db059727857e796a", 0x92}], 0x4, &(0x7f00000009c0)=[@prinfo={0x18, 0x84, 0x5, {0x30, 0xfffffffffffffc01}}], 0x18, 0x4000000}, {&(0x7f0000000a00)=@in6={0xa, 0x4e20, 0x0, @local, 0x5}, 0x1c, &(0x7f0000001c80)=[{&(0x7f0000000a40)="502c088433", 0x5}, {&(0x7f0000000a80)="c9754828e324e92f2da9621ffd489a4e367861e38932fae9c74f39a126a605718c442c03bc1ba2d296ffd9950d0095b417615516e9e5624fe8f83ce07178d6e187ae7601be79f2dd9438dffe345334148b277fc92a052e2b1c51c8785ea321de8c0e80e44c90babfb1af065fe6cf27155daf4bd14a0394fc5b085814ab4f19f68dfe8e45dfe782ee5be067b6f7701b3b59ab8e6fceb57f7499315d630d43ef94cea0e5f6eb71057767c00cf667bd6aca8a78df56760d7f8395c760c9afd506d35b7b16e4ddd83fabc23816ea2ce3e3c103107c9348daea2f0ccde15cdb34a107e1244ac0f4c3ed13f8d006f217c7c383cb17b64878d9ecbd8c9e04", 0xfb}, {&(0x7f0000000b80)="382d64d8c482a077d07a08e358d8a11c2a301642c27e6d3f4abf74c6b4dadf9fceb12485d253319978fd3465bd33dfb5d0f7a2d3de62124eda150b1b6191d8f79a9ddcb97322dcb227a05f41345f57841f826a9be9732a1694c971fae2a129e0fb40ca79d76f6287c8da939db5314801aa8e475f71785dfd10ee432ae7cd2f6a55a07251219723274646113205bd39e1f798578e960d1d389e5f0ac273ba3b6eb656b1a434064c2427d37d482d54a0fd6ec74f492175fd697970642c77c3426342b3ba7b3cf1d9a1c7841b04e03af4b31d1459c7bca97c41175303014572d858506c3761a7bc12863622a983cdd056f3e9faf748a6ee5e7cbf548395f590e48cf10385fb2328d63fc230d18c8386980d654328deaee36208024f2f99e370f238fd6da037b447854845e2e7f9442d4457a5edb38cc47ccddc3fcc712625f1db0e3f274e78bf266bd579b86b278028227dc90853048054c743b877cd68c667fb6c80e9f7b2c3cc971445c173d41adfe9c42e31b82b5d61a25d718f2acc3edbd84e7336d373622e94ffd0a7ee1dc0f4cec41e6d01c8670b7d86772f3f4d12763610c27f46ce8f55860f153398eac1a70e7082417e306e5f0c7a50432546c08bf7c2dcfad6cf2e6e05b8292a206a8b5e926a79a062064d86f46e9e238d73198b8a0eaaaa13e70d9b91ff3072346ab73ce2f494a917c6d1757191fbcf5307e7da144588b89bdd3f925f63f32615908b5c4d4e577b7c65519a3555c358f83255335b9ee0c0be3fc38cbba2b4c48846830f54d5f9007d1ccafd216f7852afc8562061e65f8712fe4db93fbaf0389d78183db99e920b3e04c137ff589206576f0c1efe5baa2ee1188721cb97bec05b25406784259d962cba30300ce2d4ba8728aef97eb87653b68a7f8ffb1b5aa6f4e7ff1d91a946160ab1d6757c6e15dcc34faf99ec6962fb2774ea44bda426d77073ad69fb56922c1a2f41ba6b1bd9872d7a8bea880ab04dba55a0d0e7d455e3e1da78088ca250245a48488b6c16a66c550738bac8e80aebf1839d70ae3bb4af559231526c81a60238a9f42ad32f5f3a35a725f3aa984a464e4ccd1e9a99657917815b87d8830dd701bc523cfcd9d457538c54cec0900212f7b8572b3cfddadf5dd86c49e678b339877ae940cdd2f6b7c6cdb95c67a442316225d8dc83579122d57d99ac134be057cfb8ecac36fe0f74cd9208fccaaaa21806622d9777c2896492daf5a52c649ed30d8ffbea29cee7ed593e9633a081933dcee001b67951c4bbb3cc55f25123a529df7b074d6b3ae7cbcc1ad9db2cd0d0948ec9d8424af62680034477d116b571b500a7c9b288751cf43f37dba8d67b408adfddfcd8cfb1dd4d5b485975afb63b697917b6422e58647fb01fb6505700d92398bc76dc8b3dbd958916fc067fe6560cb4598e1af6266af4fd680968622f00ecd0c8fe7b39e962f724f64f33632ddac876bcacd999eadd8abfd80c534ab57de3a62f2a58f42503f4c2dfebe63839316418443f4b99da2168537663f6589123c62195167a40fd452b227e0a9c50fc4e59f7349b4a6e7f27e529bc57adf19b037b340e4b4c102925240459ee564b21261f7d58fd62ed3b1a8197e80d51440c245d12d01cb68dde937034dc4dea099a82115a98dd2225f1a3748309ecb7d8b1abb7282d3546075b738544e457937abedc0e994f00d79addfd7def1062762cc1e452cd87c9954a46357719809f60ce73126c44100e08baa36b64750941d72d250af2f4f8a6b25d89fe5967b03d47f99d16e3d56e31f34aa01981e439afe870e2e27d809e9e4cbf1cfedb67aad104bef55c1a1c1183699612709072afe1d73d147a941e168d93aeeecebe6437e198f69ad9d72beebb976e9b9258fbfb99b4cf422523e7b6b5ee864e8a77fb84c8cf77fe935c6f15bfeaaa9f387ad24771b4359a429ca6c45235e3d3f83e6685443030ff720538874b4825e48178b15928aee74d341ed8d4833960c71a77590332f4caf746acd8fb10ea898396593eed38b58e4bcbe53633756179b61479f11db50002b9087a7014d96b4417cf41174ce0213e1cd6e371c6e7779a23429058e5b58fdacb94f1e2c872f26331348eb6afb33fe261b1e04c45c6885a7f5f1e31cbfc92fbd34fea6efb4612ed4555cb74408c6918c931a5acadb07cea71211dc55b0ac69ee198e2254a5126c1db113d134253a780ff803bf818e9531b7360ccd9cb25908e797ef4acd559bbec136e7fdd1b873898d0be7194a2cb46d42c301c6ff702199a254ed97c76d1ab15f14287df04ed2bff78eb63256d90f8d30d975c70227bd5e20f63b959529eeb20c15db71772d98fe5aee3193563e03f6d28d843579d4060e818b14c6318201c13812f6dedbdfa8a86eebd6841ee7650e8ceaeb8d7488a89b2dca5c31ad17de4e0a09c3e3649cba79b05353d89bc61e995693cd49a05a32c43643c543b6e29d4b2b4a4d9786537f99bfe28a6c1ff7fffd0f7a1686b039abcd964720b792968eb7afef3e3281e82d544a68b7817a4414e6d60ca99afcbd40628f4d8cbf4ad854b59e7ee112d28d2378782346569eee09b6cf7522abeb2a2211b936bc44b0621a4f786d8d5d51aa352b6986c72ed5387b645eb6dd5301a6381d5afb394dfc69615e7eead14551ee072fb7da3cf781bc390c813cda932b109ac215b920775a8d7270b449e0a0c52f9b9ea5da482d0e7e64ddaef7fc2eff80bd02abe860f08f0fa4edaff81d43ef1510fa30d3b99031807a76b9df82bf1b68d7288194a2c7e00d820f02049810049fdbf23f4794b876c0661b7d8df03c37b79fba70e0b6dc4d40486ce16e2ee2dc3b48a7977831429bfa78a9bcd2cfeddaa5a02f0e2aa01a2d2e908836650df56a4b92808a54aa83eef8ae1a28e77e500de1e858e4c21fc8cf11086653da1e1e590ed1223ffd84992dc251f6e9b7846f6e2b7ac031b73162edbe144cca08608da72f18482cc74b70a128f7b2456a509a0d2ad9e260682db6d336574fc9ab6e116bc847b4b0754604190428086080b72705fe47e53935fc81ac941846bd951e0ec855989aba1978a205ffcf29a6c1077d531e387336851505729a3d260486e5ddd7731a4a0e8301bb1d337ce7b0b1bf0cc400bec34f2e7b810d4c41c98ad25d72fdfe28cea737d709a0ef9ac2e887cbaa37b1fdfcf87aed29e265827221590f6759d0a5faa8a2840d0a51472afa75a398b6e249ca22bc4e62c49dcbb0bcb3a19bbd734e1f0ad4aecef1822d1d7311f2828e02d6b05ad68647abcd36b823fccae2ecb85ba8bc389abb8eedba5efa2123ce788bc30775f5414b8bbb0d8d41374f0ac2edb52ab2cc23515aedbb23b6e09f20c742fcbe9f4d8ede172fd097a1739cd2823a7f145b17e9a80af81d2d4c63365aceac3ad7023d3490ec7db9c687519389a42976b0088f9c9b7fa64ae7cbe040f928fa6741c1666e2914203f3797341e6927984991fa0db3fa3dfe0e8bdce1d9f7840f80653547c0fe148e81ebc281f700facb30669d7c25fd3d3648d3065575788388b04e87d7bf219713605f1cc92890c9d35093d73097eba84733216a2d880ef816d341d319a3030cbf4ee71317b992bdc7dc7aadec4c8ff34f0475904f62cd0494abcfb3bdac9edc83913f120b31f7125a051607ef8f0d1811d8b446242902aa8c72dc996314e7fbd74a9bcd29040ff9c1335a8fa747dd35f454ca50012529a0730cb35562d6407ffb75e198b4e6096c59d3771349d17dd6c54a097f2fd3aab47a8353e66ad0b8b9035e71076a719f59afce6ac486d652533e74a37e0bb101a52ef9a87739e28a5993e314f02c7de828414284191ce70f520be284a1e7de2b83f17aaa0a27b48720853dc8273af335bfcbc430ea7b5bea024c86f26c89b90d0f42a069ac8a0dd291458d067824644dce2c236a57f089c511564d171014468bbef2468728fc361a75d57d47a85ffb5f720260e1d4d4c4c0368996ffa8d2248da36c8b2ba9196d59cc45089f47edc260bb3d5353078ab74d8e675679b6eda579b90056fd90e51971729a840a0d459b82d350771b7f1d601f3932f2451170c1cae2339b6616de1a1c7af1a5117df1ace2acfe8207980421c7d29d08e9038b47641c431a3e4da9917d3b0d7d7df64a02b06310133f9c71166f96736258922b28fa2b1cb7446005c2521d50bbb5eacd0683ef6a59ac64aa8b4d6804b7a9f58f4d353b14ffe1d197fafe3f32a383f83eca5055f315d5c1e3cfcf8f3db28a2b5d95c1e1eaa2c67e1f0c3867cc030e4400036d3685f2b8e949158d78dc2d48f6b91d8d38356df4c0b6199de5508de44b3e8d6e13f8944094dce6740874615a2982477f6f02779629a5d2e94ec86569819fe31f58d3d328a7cf169a9015181ef4bd6655e96b7bdb2ac6bc4e60eec66342df7e6f4d19a42e2e38d0c1c8b5cbee2795548399b6925a3522107cce782a155cdb037f82bebe3942635e1d5b8f674550e0ceb17748ce35c54492fe5b63cc1af4358259be1169121dccb6a98f13b1b3922f4cbd4cd5ecbc92a1691236e10f3f71a62b22bb5e7736eba7e30856621b1bc70fe6b706fc2daf0f3afb0b48ede6405edb98b99f0e8c133ba305c1b3893c22a3cbe98ecad956fc3092ac78c2edbeb9e4acecef61b055775d44615f66dc7f811a0501b88c202e79e2dbc36f116be11d75649135ce8ac98701a7c57ba9c7d52fdc195a015f8ea29e6849640709463c88852cc8074b23336211759fe525c5cad1e34aacf251f94d7fa2b5a1a7e01d2b803358fb34721cc5d3cba48bdd94bdf5d677895b3d6183a0cd1a644346a735fd744e22e4c695fa98773ef9e256f66577c2e78158b6ec1dea5752afbd1a52641ebf23134179eeca9bd5c07c821165a1ed830899bf4b6a151efa07374e2944031dcf092da2200db3f16bc9f2c09255392610a043610d5646b48e1505b45dfa0b83991d63e283a58903c5b32102cd9841c6f9db964fa50ca93cc9bccd1040cf30f7326cb68c4caeee18f37d570232ec353640e51d9707fc18f4b58d2fa67eb022925a4e2098e112d5dc93247e293b63c905e6acc2a9dc5ace7c9b1efca604ae5d5bdd6e9679b004755464822808e344cbc067e61aeea9f1fdf9a1711dadf7b138d41ed1f6a7e37854a236c8c8332a841d66123950e63369d0019699e542712e2292411504f76f25f5d43599f0e85bcb089026f6859253c90d90c21d11d3212f6bdef962da90a18abf368226694a4d3f7a73137c89793ae56aa5c69c7ccaf3002c0530528708fc551e334d32d80906ef1ff145545db14bd6901e269dea6f9f1a8f4e82fbb3b2e3cc148ff6e163130fdd6140e479dc1559dc73cec90a562f5e31646cbb3f5df00dc675cb5a966376af5480f49961a963c9129b9aab94d6793913fb64b7f700305266735fe05d6027fce0cb3e595a34d79fdd4084dbde1f7962195a1964c2458c48dad6d1a83e24be598dda7fffa9482534896b6194f72ea0dbc0f385b504d30a506a476556f5e27d14d420b9ee23e3af3403a6de95128c275496653aeb86da96a4ce2357034e5f50fc4903526e5a6f0656fdc8943c8efe07f19207812543ce8ced870c6fa237acf708e6ea3dc2341fccf2aad83ee937c8013a6a5afaa67c67bdeb57bb4e717b284a6fa0f6028cc9bdb46a8ff5db5da1762ea04cdc843f68492447367f174d107031660482523604446aaf01a67bd2a6ae8d7563fc106407cb56042478498f458c7785001ef76554ee996a12d57fd291d49ccab272500dc703d9618d13f7649e6", 0x1000}, {&(0x7f0000001b80)="24a1c14fb581d96991b0164e601be21f874644bcd4cc88d28e106480cd0dd11b3d043e50b01ea88f217a08e755e758d9a851cdcb63584c412925edefc09619d1107446ad2abeb06695f0ce286ac612d37767b080eccd4c219e039f3134bb79b2d9c5bd7ae20b6e1633abe75ffe453ff4994e0c0f4d41f1acc523d265497e15cbd626f774032787edb80bde0cfe5a4b831caf91fb8ebf345575d0ef7a17af28547d07d33f752ab27cb5941d856cd99789233471781b12cea60542b755e99d1e9a8dd038ab50aacfd54d731345ef39160c1e38bc50094f5f55e4838a23bf0fbccefd70f8cfd71063", 0xe7}], 0x4, 0x0, 0x0, 0x8800}, {&(0x7f0000001cc0)=@in6={0xa, 0x4e20, 0x2, @remote, 0x3}, 0x1c, &(0x7f0000001d80)=[{&(0x7f0000001d00)="b884fb0019b3a854f0e04935db0cd07c8be4bd9ab2911f2d809119b834958ee17d296a4f0f7aa009e2c3f0e86109b73430b1fa0fecd7236f1fc0dda0e8f1e7e8619fea75fbd4", 0x46}], 0x1, &(0x7f0000001ec0)=[@prinfo={0x18, 0x84, 0x5, {0x0, 0x180000}}, @dstaddrv4={0x18, 0x84, 0x7, @multicast2}, @sndrcv={0x30, 0x84, 0x1, {0xeb2f, 0x0, 0x2, 0x132, 0x1, 0x3f, 0x0, 0x70, r5}}, @prinfo={0x18, 0x84, 0x5, {0x30, 0xfffffffffffffffe}}, @init={0x18, 0x84, 0x0, {0x3, 0x140000000, 0x5d9, 0x81}}, @init={0x18, 0x84, 0x0, {0x10000000000000, 0xfff, 0xff, 0x20}}], 0xa8, 0x400c000}, {&(0x7f0000001f80)=@in6={0xa, 0x4e23, 0x4, @initdev={0xfe, 0x88, [], 0x0, 0x0}, 0x900}, 0x1c, &(0x7f00000036c0)=[{&(0x7f0000001fc0)="790c86ae453a3c428c93b28586ee3200d8fcf862f18e85b0580641915bff6c15c235d4d8026fbc891558e7587a3ad50a97de6cb1d4a76ef9d05b13f2d7d75e061dc7522866e90141b9eb6b04c6e9ce5825f7b8bbb5711ec592e43b4cfa49aba9388a9975c7b2e256c00d091c65cb19d121563859328e6c8e8efbe61b1492c1c2007b36ba958d3585b103bd866f6964ab", 0x90}, {&(0x7f00000026c0)="b4ac50ce33dc69284b9a4adfa102540ec21c3235e40347a21ef43f3b7e9c83a39e71629056d3b73ed25465a6a14c57f6aa409985c648bb703776cb59675a5a2c46ce03af54254a348c660a13289c1c0b3a4a7a5495e860e2e43441f6eabd812eefdcc84e2eb6cd26336851e84de9fd317b73885927797df0253b4cb03ba248b38cf0fc8f25dfab2d3f56be9a82aaa8d146d605d475e96e125fc9174f7664218bb95b8c937b98d126e5c9720aac1bfb955955c1082f01c7d52447cc7624e4ccafd7899113aaef71a91640412f86dd20f8d26f5ec50ea6db191758cbc6378df6254b07e6df63e8dac63db2f3ad97fa8ba647d3d2974f517ee34724ccc7f173fb8b2292b9fd55458ea3a6785751c54be453dd888b8b258704c2b0a88e028fd1e66caa5612d760ce9966297bf19309e467a5ce8a32e3ba21b1c7924266477949e5737af9706430aa27d80cd0bf6ceb07e4e18e264148ffab617038bedd4fb8d0c9486f47c5b788658fee719fc7112c6cbdf0f14efee08bbaae5dce5e2893d12c6192e3a03c8bd5a317a5ae6f556419bc24f3e4d5fba4c58e95ea41df7b332fa12ce76d8d6d93e9d4b1f3c25925159d4fde2e648c7293374e4e33a58da1315662e1daff2d1161ed9603ceb05c685df0316b7af412c6d39f3ea2f72f0573410883d583ea60f50e1e15e76d7516c4e0896d62cf27bac370f5bbcf33407888fe4475673c7aef42cc68aa6571bb1f83d2e5b9c524f10b93fab640b1936a8f46af76bd03a0084fa7511d09c250bcfa54373b1a6a5c345d3969986ed8b6ccf494c2b4601cc0d75cf6c071b507ccdb25032848f47fa008082ff5163368ad4875346a65c9ea998edff4742468d3ad0a839d7f510cdf8c64a27daabbcf08aee2b1da45adb0105c6254df55b443f980b23404cae028230bd27d2503d490144e1c79c8bcbe74e86bc1e78450ca10c322504bf3a3cf4bad6631e8e2037b4ab79528044f0fd21f7ecd0b2cdaa0490575819cf776ee1b53935c4e888639db6b86280afc0da40038e5f76bf1a2ecb24b6ce14dee9ff6ecb0551c59ef346af78d2847368c663a45abf81c2ab34e3f09c7e2b5fcb283351a3f0ac0923cf771cd307f89b88895a8b7b1689dad831e3eea28eac7d4abbfcd8c97b5d6106715b6f8f823daa988c08bc5313fb6641b3d9d5172341669c0a12bbd40076494a9f44612f0994ff0a7ecf59b437fa232c205843ba5d70e269fc6f9b64a1dc8221a6a1afc292b835598852d5138798ae27779de7855363129d445e4291555dee794379976650a8cc2187b7d13c59b9e0542e156aefb69201fdbe6b4c4a3567791023083fb2b80fbe02e9aab7399931daef79f6a680a382935ef157c7c90106f1b090d665af76243e0c48a471b7ce577fd8b135bddf31035975f612760242bc9cc6795687b4835adc1c922ce971897c2aac7821e3fa980eba05ca1038a24d95da99c47868d57fa87439ee4d997fc190aeda39ee508d0ff30e620e585d9222c5cb07456be7c8c1f1acd47edc750621b9f36057533cbe06698f06e6949f928006671278b335821a5748ef1bfe6a0247c8253d6765cf07761556e747ad1ae616771adc6bcbbc4ec38419d6d4e3db6baea2617c96c8724bf7ae87ea9d0c047bc95ade71ce0114c500b0226be96fa4446d62c3ade55a84f7e31e6b1c640c4729265a4a63438f88916a9b19553464b7eae3de456867754ecced88b7e7eadecb75325f8bf2ca15b3a70b81bda0f34c32d8ced72c3fb5fc1aa54781477e48e6a703e88b8f4238ee7ecf1422daf601c1f9b4890ecb050b85f783e6a86f9b46cf219447fc9ab8ccafd68f73fa8eff06c742308f1e48a833c908b02d9977eb98c002d2b58689273dc7a508ef9092df3c4e5bdbe19984e5260090ae96e6d086c3dd978a57e748f6a706dc1f4279d2556a9aef4f2442b1abf6695fa3bd6a2271226d925abe50ebf4b48438c70001add041c318316fe15f4cc04a7e4afb40ded5c3adbd56c90fb8d2d7f6480489923703e3595f28772f9c925b93184806774c3c8e9543a4caa6ad62f246798e9cd228e9ebcdc07f2359866abb9739d6024cf505c4dfc969b765fffc0a0737e17522e2303acfe2531dd086f380a19b070a2e2ef1ff35dd8826ad407fa94d527b5e03a2df362a1300cdd8efbd6793de3551161089514e0c2f2c021efe0d4b38bf9394bb4945fe08bad612ec04bf63308a1207497046de80433780dee97ea9788ee45b95b0901a87d12a256f3a5cfb96e61c490688e1b240ae888e500e3badb513f962f362b3bd5f20f68283c1188b01641dfc8f9c75933d2ce4fedc76145f4edf5c319400cebbdd53fb5d2b25d3050148ba0e73ac389f653b073ae8a4b8b813304c98154db248a3df00cc60102614b44e6e18991d9882ebdf2ede421555812532af5f56582ae8a79b6cefd404c8b14dffa3e3c9608706b3d6f63e25e23677e60d5a1c23d9f9a04b681c28e296b48c432f8ffd0d8f3c3f3babbdec4244f4a566abc73c8a0861938a4aeafa5b25ca3e453589b92016eb7d53496b083c233ce02538c07a7b54ee1928e00d616a86635c0826484b7ca61801733b1a5205a62a630a3c1bcfa84cbc89a74f1a53c084d5995eb0003bd9ee97371e606cb9779818dbcabb08e73f084adb76d9ad53836b843331abcc58fe4a31e551a72d913b4060ff1a756e9ceb9653b7d3cc4b2d97104f2d1f6c68c42d3cd0d18e82ea747468ed881de0d95cddaffa847b56c49c101ea54956aa171d2ee92b59c30bb659b317170223f6b8306df3b887d20021e08a388ea524d29cd1d088c5bd3355ec58d4988901884e0141c40b339f3823c8558af63ca4b2d14e28f1f777a6f70467c4fbca9cfc90dcb1c700f0d89b57a2db5a8e9de81cfd7d13036908adb53854e1886d5d6c43bcd217b2931be4abfc7692e172f7ba76b63785c5804024a772e055fd5d748d9b3d8d492a8bb7660a64810b91459647b57a146a3ab1a7829a01ddfc6ad379d23804acc3b30b0018ba37dc494c66df3bf7111bc129709056570a92dbcc4190a6cce2d530779234483aa027ba09a5eab3a1792c7ca81d3264d40b0b4d2a1715c9b7abf3c7fe84bd4758a2b8b859aed164846e2a29efd5bf623b3303d5249a5bcc6a5d500d1a7fd2968a7ac98e4a1adba2286631e347dcd396e5b4b6ff0e569e97cd74811430d2af34a3113ea3077eb79d9a4a424c74edfcaaa8da4f5eb0fa33be4fd4ff695376a4302b75f7d0d7d521df414b0ee54ae49973b46a86811d7fd42f0d4f9cdc796b83f14540a544c59d361eaa4360c5e1231a229882f2a4c8d3b96f90741053b9af79e0601f9f0948941200d0cacd7a56a9b7f6a1b6227d5de64a4bbe613140f443233b1cd4fcd85780ada8277d9e65f3d9e68d6bf392e4757fa3cf613fe1864c7e5ea97f4707f44642a4fcbee32b20bd1dba45bb75ba89cfafc05dcded84fc24e4d9bc1c23256f1dbeecaf1877bc3f91ed2bf465c90f722ff1c7bd2f3f771168e8209ad914e05768902e8f0e0619b90b54b1c7f821986ac99a8bcacc9dd4dedede209b6aa1ffe4961ea5cba729dd55317da370c3360bb327706c3fbb7b239f2a24d881160faedb7edfaf7d14e9fc1c884ca1fe03373c5183eefc33f338034f434e9d2155c49c670b55fe7953efec6ebcf2314124ab2cfe195e263796f844a289ec56b95abc5b483fbf105e2261b24945a11720e76477540503210e91ad7c848b4782535e54817cfbfbce57393b8444a9fce0d86361c68535a4ecf164f98540f91fbe9279d29684577d2a1a8598b5b7168c93062c6f9d0551bad0403a3c2c55ac7483b4ba4c814bcf65f785c7d247cfbdcc7763cdfa1f8042878124b3c54b6f4aa1f5d62c42025be90f2dcece3b009081f93e87a56be0aca90946eb71d346914b4f9cfc682feba200a44e2d43e91a7cec114304a675ff19fbabe85d67aaf1dbd9eec50c238bee556208d4f0add5a50374e98713b429e4d365ca9c19da64f7069c6ad33c78ccb5866c6f8114aa252b4b1c26d582d60cc39acda9edcbfdd4f42d416c36d462635e347cd0fbb081e944c99076970f93aa0b0c42637d503321db15cfe9e142a6df454f3936d27259a082c77914cb36bdd4d59eecd01acb96d6080da02dee362918a68c127bb39734c5cf6674133247256c875f6810dcca8e95fc7f56806cf325bb78e59963bba10af7b6830f646b257adcc9ef2209a1a5f6f9133c12d0f78448bad26700e03fb892522b4f39213f61d9cf2687cb8cce9efeafc14d0ee0a2bdcead5026ff5df605ce9d03f3bf0595587212a9ab51d0f20c0ad8e53f61c5cd5f27cbe50cc8e85af0d523ea83c905d32ac532fe0e5739b5f42014f71dfba574502894815d6394499a2fe41e025b4e22db5e11377f10e82a5da27f03fa194cc24024c5f159a9636594f5db3a259af4dcfa0a6e1685a4d910a73bb5786eee78f7bd0f327579dbf1e0824a3f3e535271d7f479e330d93e256ad5aa5cefd6060646110b5a4be0e4eb596ebb8344c50fd17f12e14606cfea48a35a8f89784952dadc9cf370b4b71e787f0f3c40ef32206da154679d1f7df8ca725d5e878c31ca81b7b979fc59c5daf060ead17b3dcd38f3b96af61f30181bfdd194a227a3145ef7c3a94460538df4f5a74437b466d7d9a1f6df1d6bb2b1d1cf9e2031faf2b07832ca4f94f35e79114966b9ee429892fbd9399b59475c27945a0d0ec610932535cedc0f6cd78ed70d74f8843f30a579073a2d19bc19412a56ba7fbb7d66856941f83a8afb39b338236f057e36bcebf01b6c4168c623effd0591c0dd4fe7b714045ff10085e8c3788e89c9be8ce0b8fd48758cbbd6f415eb44780bbae74135dabe35ae40b13f699d38cf4a150ad5a7fc0ceb891c2dcee5199ad2a74743afa0862136b5d1863f8a73a0e6093533c45308bfe9da60370e8d072a8bd8b2310766bf1c11b05833acec58b4db3cdbfde14f055695c8759e5f9b4695f5bc07b0e988edfb2739d2739cab5283cf95066a619e1737913ee915cbbfcb9ed1c035ea2423bd6846951c8a86415c259d70a927f87df224d358352c6ee28082b2ff5db2f18eab73f36d82463bbe6d07c4029f60e16fdc566520b5de935f5a53dc13e733f08db469b9e7ebc71c3030784cb04e58816a347ee740ac9da4e50519156b00472bfc5db5e8cb7924bb20b8e5509296012a6b7019e77ac64373f71aa2347df9d373fea4a2ccc5b5405841797f8e123baf05439118e1010c61f8be7a75631cfc840edfc138cf3bbde21f289e8d00679d128dc53b8b0e30b04f9cb53f5cb18d34eabc334171b796e9a2bc8868f90b0e22e16f6ab920f4063a3b64761a7e2fa0e728edc7550b9ca6c3dfea408021ef64678b05ae88cf6a4a2b288a6c959b371a149fd2bae0e2042e3269da82ce340dd0fc76d956442b199b0cb9aa043a16a7facf20a43a4873dc8cd2318624bd70e3add0d8e0bec7af2d5e53917643ca5ae968b4c70405cec41a1e6516221144400b204b9b9ad857565089054789de1200167ce2394b31d2673926e5affc1df65e7fdf4952dfbee836ef7414b070d2b512e26f58b6944fa13ef5e6e79dd24b049faab8ad2a88fd05eecfe681ce91829823ff498fa2247e9589536c0c361530d1d98ad153b9700eeb2d8a37f1d1c21c2e204dddb774c991d99b7c0eb6a9131533b926701a25a3a98bb70e637dddb897ccd104c5f564173a28fedf44c76994f1bed9c834abbcd0d9c43094b8c492b4f3db62c926b8172b8bdfbf753bc06aa30e1d7ba", 0x1000}, {&(0x7f0000002080)="8e2eb6adacc746540e6d1ad5a1cb00203dd886255db61ceb995f2c9054373f8a06fa990de4c522b21dcccbab33cfb6eca51cea9eee8ffd1f03cc8c799efffc326551b4d5003033430d5edb01610310a6fcf4830adfb7d139b98d5f3bf70bf94eab74d56b5cf7e5344828ca0b94dcd824ae18b22db9461ba407eddea892581c04a266096065fabb57aed2caed0a381ecadb83d56bfc6bbbd9dfed1fae4d43d92111c58ed7cd9f009a12b2a49f7449b187fa5cdb4c3e8f35cad028af17eb2e3ded1e049abb10642523aa03dc7782710538e14585c488cb3b3c61f32175af33", 0xde}, {&(0x7f0000002180)="7b8530a0fdba6b0281f7711e6b4b8ba8c9212937c529ae3bb5370dbda664935ec6706ddf0358b6d1fe25adef8d9470a2c246d2271a61711c94fcab8583fa1717e96a9665c059d233fb070f8a63aacd677c4b52d85002205625ceeaa27a4766468da9e143904285c6cc263fea4048fa5d1360d418e356d0eb39421cdf71ca7d3b613635a390826cd9fc2ecabba3fe04914ffc1334291afd979400d94572e967309a93a5039f80330843938d", 0xab}, {&(0x7f0000002240)="8c45fe524a014c4b1e78c317ca9f0ef2d87760f93b748dbf3376c10d21151c676ed42feb016a3bfa005cf1178c9d69dfdf83e8e04a437fdb3dd8fc79de3ee1baa7311817891a7fdd02475a4cd6230d44adc7b1a371c3f0e824548b766069482e289795d31a6661c11bbe0f9f8f1e34a6e38b977bfaccb7e245cffd983ceb981db12c7c5f282ecb6ee9e82539b814f030eeab3a7db6b95ef83dfb99620df7e5da3b8bb979", 0xa4}, {&(0x7f0000002300)="37f3214ee9a392d51e78db03c0559e65992e6f94dbfb7c0dfbba1f0489a0350096ecb6a7a3e085af1fd72914c10c9b5f38653d060ee4e7e0910856c28794ecbf7b1ccb068d8302fa2e05ff2b5de0d856dc37c9623f33a8fb5e8f841b39823500be830095bd328c3b5009def9d4527b348f587d54c578cdb0b5efccfb6ad8f245c678c0d6fc042d0e6b13e2a99a48f95070422827fcac68768e8df835169a905f24e32bb7a40b365ae55c0d3a787d83d5d68c", 0xb2}, {&(0x7f00000023c0)="570f42d71f309d1da0dc7ecac7127439c4a443693fee266ca1ba67fcd3ce63af14d9d0bba03f66e3b98a0281b36e7f15836a29853cb5c737708c53ee18ecc59dbc2a1a29113430ff", 0x48}, {&(0x7f0000002440)="9a59301c0e1140fe3585b711e91955451d397519bf070ede60c741fd2df71ac713d5e4a7a198a1e1a05a808f7168a48db668ebdb54936e1a20c1996fe7e826fdd055fa3ab19467e2f8a9f2c158ed554692ae17d31518e6adc895814a7e3530db76335d984de2aeef62a51c2dfc7c137786845027d5a773d436ae1d3ecded36d2057a92c070a4e9982ef05002310e6875b1a075efa1b7a82b13fd63debcce71134d07d72900421f52ddbf278cdb193910922d26bf44e229dbe72a5a5f857acacff44f4fecdde866021a4f8029d9912d9cb141891f964fe00cb13d6fd928d7dcb46759c4e6ef4c7db8b03e8920b0273965405aafe7", 0xf4}, {&(0x7f0000002540)="25d0b654cc5052ef6a553673399cc0c96ec7f1c3d7a2c2f66919efe5a67d78596f26cd1a8a2b507a1661db4914a8de3bb5c1eb5ebcf7faaefd0de3d27ce38d30bf92cdd6dfb89f3412779f8e249369849e09cbfc1725a0461e3accee5d47a979421e83626b", 0x65}, {&(0x7f00000025c0)="8c39b4fd0076a8ed0525a49941a01c9aca09e6c73993c9efa9aa81a9a5ce327ca9643c2bf4075b5793ab5fc2de4b694c6f384381a1a458857ba184b2d7961dcee4917da60373a3b2d7311228c0be95254e4b176a175ca93e7de161da600e101af89493c3e3f1d01e7ae5c5232fb201af592771a31465ab991bf1e64beb02cbd7f41571178623c35e4c2094e7092121274df79080c19258c20c45a874a0ba41", 0x9f}], 0xa, &(0x7f0000003780)=[@authinfo={0x18, 0x84, 0x6, {0x5}}], 0x18, 0x4081}, {&(0x7f00000037c0)=@in={0x2, 0x4e21, @rand_addr=0xe512}, 0x10, &(0x7f0000003b40)=[{&(0x7f0000003800)="1e6a22bbc3ae14f3872be6b776e92f3ef92881aff7550152427681fc30b07b62e8004eb6b6fb47940e4f45f2222a63642ce1bd83adb03dfbfb1da794e1786be8fd6f88a7afc7d5944b856e28bcc6aecdbd0885864ecc66a1c739bae3ae9fed8e69d235", 0x63}, {&(0x7f0000003880)="2a111a", 0x3}, {&(0x7f00000038c0)="33124f187f887675785445cfa9c671671dc4327d32360c3a7d2493450bc4ec636093a950bc1b5a507b6db25da6f6ef709c81a8afb7f90a99a023fe8fd7dd2187a07ce5ba988b64a554280304f11ce9d3b5d4ba3114b94f43c70c41e97cf96b4188948b61b93dccef71498373a4d893347455ceba8104b1aaa0cb6d344fbaf452198c6f2a56361d6f9575dc3d774814a31c15451725a4f8ae1df00f226772a41bf101bb4af96e4b2e6d001dee1b5e089b1fcfae152d46a63a5f35df210369b0", 0xbf}, {&(0x7f0000003980)="6063c03b6573866c5014e4603faf48589e9d01ecaa2c4b9e73159dbd1311aed05d126675c8f7ce7ce25fc09b0085899810c3769c443a483a2b2399c1e8b7f092726a72f602f43d5dda0ac9ba428536d2a173ace80c157f43515cf4490d90a1e9b38fc5dbb04e580087ff5eee64789d1590aac764095f761f06f4fdc291ba7a8349e14381e8b44322cca45d", 0x8b}, {&(0x7f0000003a40)="ecdda8d9c2f3e3f751b4ebe14f5b68580bf8555bd66c3ecbe54cbe198099c74fd3053b8ed45cf0a3208371443239fee17f8cbfe5162a422f8c01a6ce4260d4ece6ac4f531c275497545b980bef78f76ecb8db95a7dd13d14a0033cfb25334999306319416ebdcc974e01e727103c855692b0506fa88508b27f07aa7fdc45ef0e30a89db45754eaaff5645e1d5eb88805a573a15a2eadef4cbb432d548c1cfed343d9347c7d88318ca6e370698ba653776eb8d70aebf84b3b904a8d6d9a1bbe18686cf55b6ac0acb9ef84f1", 0xcb}], 0x5, &(0x7f0000003c40)=[@dstaddrv6={0x20, 0x84, 0x8, @ipv4={[], [], @empty}}, @sndinfo={0x20, 0x84, 0x2, {0x3f, 0x8000, 0x1000, 0x8, r6}}, @prinfo={0x18, 0x84, 0x5, {0x20, 0x400}}], 0x58, 0x4000}, {&(0x7f0000003cc0)=@in={0x2, 0x4e24, @rand_addr=0x3}, 0x10, &(0x7f0000003d80)=[{&(0x7f0000003d00)="968395a8c1c2851c3e758892e2a6bbf07992cade6cfd28e27d56f7aa2ead6b10d3e1183a21aa9a63283b77df21c4e3528b907dab64e87569cc66e7df81cda9c058608a28d94bad4285bfcd13", 0x4c}], 0x1, &(0x7f0000003e80)=[@sndinfo={0x20, 0x84, 0x2, {0x5, 0x200, 0x2, 0xffffffff7fffffff, r7}}, @sndrcv={0x30, 0x84, 0x1, {0x44, 0x3, 0x1, 0x9, 0x1, 0xffffffffffffffe1, 0x19, 0x401, r8}}, @init={0x18, 0x84, 0x0, {0x37c, 0x853, 0xb76, 0x6}}, @prinfo={0x18, 0x84, 0x5, {0x20, 0x200}}], 0x80, 0x4000}, {&(0x7f0000003f00)=@in6={0xa, 0x4e22, 0x4, @remote, 0x7ff}, 0x1c, &(0x7f0000005540)=[{&(0x7f0000003f40)="d383a9b66c69d59278fda1f555005f7fafa2116f4ee89f9ef378deb651646fcfce3b644230ffbc7778f1b842e59a3d73271d5cb38e238b17c7dfdaccdc251dad0a7ff9c7d608051f2fee87042fd45311a629dac3791e5dab3aafe6903157a597e1953a5298fa51dffb6d52bcdf48d7694a992f6fdfccc15316a7c6fe86f1866a4781fcb689bdaa24bb7f5a0ebd7eb5e9f4ef1c3f0c18dbbdde914d5de12732d44508983c3bfc1079c68bc80fca6953ee4093ebb66006a074ebe2c74eead422978c768b5944b1b21bef48d5c658", 0xcd}, {&(0x7f0000004040)="7c2609817f2a98845df78fd09f64695fa867e6aa4b52fb878d5ffa0861f166f2e39cc15754eb344c6219fdc1fbc158905afb513533177e20c49b764d2fd802c6283d", 0x42}, {&(0x7f00000040c0)="5ceec77ad20c4f5b059b964c040c7d2a14a6deea6d15bda45a724180cd88e7a1462c524afdbecf6325e620c1da6a470cba014ce5f597800b368e2f60bdf725408f763806e2be51910d0f483a0862431ec5b4e040e271a8164e951b207377e00e8873e4a9dad950e5c2c52e60f4c8dc", 0x6f}, {&(0x7f0000004140)="a26b51c97099e919c2e226a2c199db483ba167e34284264a1bd1d370e9e9cd703b48066b990a23adf1a258d5ad415bdefe31bb1c3ee1f82518c1bfce97f442d81500eb86394995358c6900cfbc02c29fef1529196dcef3d47636679bcc01a4fc3a59c36aeb75ba4ff426a78e42b7891d621c549132f836f08b20ce6578f5e0ae06d72bad3e3443de2695ab8d83e0a587ebb09be57a48d3a1d27cbf0d788a959c879dc36ccb441954d3cf0604a335834e79bcf5fac34a63c1917aa695cd387e3fb9a8b882116f1c76f579abd1f17b9f1202a7750c0716dd0361b20974648f1622ee36a8d81452f08cbfea4b77b12cbe63a7591f99c20d861e645684b6a8dfca00ecd5611cbfea2236ec4cbda8570066076781451da596b6972341dbee79c99efb7829296c1317d737f045ab96e9074678aaea2e979cf0b0bb8e86dcab6da7933ada6b8477fb86b8616fb2f02fae64b595efbcc6e90c2acf007c0e66b75979ace65b6e7038d6eb83ddc86553a7a8e5dc62dacca7214b13a78f94fcbee3c93fc802e4eee5635c9b4c25301e0b85c67f955599e89f79981356da6a9c2004d23493c1773386613eaeeb151ef885418ca3221afa7e2d940b2fae78fc3ab6b14ff5310bdcd9b6fe5cb5b055a52e3bfee9b86dcaa2d3a57a7ed2c7acd0f0cae00509fabfd69d1ec33be019a42c9ff65fe3c07edd9dc042f73319ed87d9c3f7c9a1c5d39c4e146edc3d1d7fc89e31df6b57ef0c1d4be993317fe4d143f7c7b604b41101b3ed5d19c629db25e5f7e139012e083fd7025ae87bfd21262072f9a7efb5afbc27b98d5bd7aeea86cbdb02febdb9f61b78e4b445d45cbe4ce6c2647bcc0a9e04580040853782f64392e3a3b0275035c2e888c252b2bcfc369fae9cd63c90755617aae037412c6ec09831edd26b25241dc6349f0a234454c065e6f0eda3790857ab56856ed8c22e48e3436b6cdc0694d482d6a14df4303182624c86945242309f5d74bde91909c57ea29ea3c8f968d8139328306ae9f692a53b767393b4f3ca6773a2cd81e4aec1b0ed427c7e4dc0aa91e5707282980b0f81eb20ecac6fea795d057b602d0d3c4c6dc157e0c79afe25144c59430f3127a0df114245c7aca4d62ec6c6046ba5a09b5ac6bca299a8805423035b626920dc06df879801559d91442b2d0daa32fccdeeaee50abd70591c74136380d8261ee43409ea215fb8a69d84f7074d46d004bf7ff439337f0cd2cd71a56cda465e2bce398d67d4be912af1ef303a12b22f65c9933427e45a33bf44d7ee0002d877d432dc2a4f1f0e984013b95ff831b81706aafdb63018d61f9b082f9d47681c6f7b02922ec5f1aa23c556b37b2ff046d924e0b30e4bc79f2d3d371e92792a1bdf342cb055139f5d86923830dbf7810d93c78543b8d65a82f85933891f015b424619f8059b1b8a63805082546b0919f6d3c147f724a0e4a52d39130d935784a9f4383deac46afb0e91178f2f31f0250f426be6d7f6843f7e43b06511a0d0996c7ee97767482bb786839eb27a13faa17925a500f6ab0c268f60395d0f22c8ee50a26516ba7687a90286121eef106178efb5643c64fca81c00cb1095a9a142f0e17750e890c2ec00e984c1e4ce2493c9f30c8706f31f85480dbfbf3330c73294fa2d2d87f0b3a6208c49e96e00fea78e5db025bfb8a706521ecb51372e3144ac778d73c4f6e4799494a32a390d879d87ed54f27146251169a2d273fb189b04f242f995211653bde79edcbeb28d363d5a625c0ba3ec49860071c8acb756f70f978b31d81b46a89ec7482671618b357586ca1b094741e8df86f63f86e556d642aa67eb04f2c95a712679f8706ab26a08156ec2fdfebb8d630dc407f9f0a3c3592090f938fe8c136df7d233377acd84439d1a502daa27558aa735d444484360836d241231b482e1cbf8d2ff4bb3bb159e281c5edeb2847bcd67709c8538333b6aa58721dc051b753fede3ad6fe6c46f67465b8617ec43577f8e9992041508d27ff53313e98ee67ab7869daa50045e5ed5ddc7f7fb1c35d6be6490e5655d81647f7fb57c945ac8a3c9650ac469d52e357e8a7d7b4df3b92f17f8a167709bdf7961e3e618232bffadf9d0facdc3632b53aeb621a8c329563d38171a5d2195a08e3816d2368ee8ce3c699599b1db65164f29c8ae91dbd5d276c175e7e42ea1ffd29d92f6451d9c7606da89a9bc963a6086c689838bcbb70114221154b6308ffc2c9423f5a2eeae53ce2cc09456402acb9b4467b4577e7cb6636eeff02c66c19acee085e43448324642dfed27865698b44d797a41e55929d822c671260c1258461399471c549bc976ee77dbf8872cb56a23617ae7f307b4fc9fb4be31941380879409d3c545fd7f346e0f051138447f290374f91bd814df39f2a147e7d6086026264d257f2c0db692bc7fc0eba304556de3dd6f3519b8f85770c0ca311b5a127771255f01ce64deb6a52f017d624b3fc0724354ef6e1f164b85f50790b900f32b5ee7a8e44f2fb3dcfd5dc56003cc2294471c96c6f8f54790d48e8761eae90a965afba0562256d2ba4b0b5518111d3c289c5a8ae7e8b764c2886f7d5b1db7aed66578098219ace20bbefcc0ee1269bdc53a86f6800046dbf8dacf9e89410d9722da33d0988c73c424552ab715628ef2f60f55aaa0ee7b891b25c9d62dae6bad6ef6f7e06545d823834a493f699776c4c24e2907091a535756dafc3be3f277d078c343f27320f194c8699787f2690ee005ca322424f2f025d4bf1644da558088e0ac70980c4d8d97c105eb74463289c475c44e69835ede91325f24ef5c70dc3890d8896490111ed46e975ea477a0021f82dfb881e618baa8353534c993827854123f687768d9fc0691030b93b2e1be5e52003cafa0df6b648a9b61eeabc6604d8714c7d1125b52beeb593a994ccac0173f15e5791ca3150f01d144acbc88adfdb58a8040a30a14b711bc586a4a1f81e302841c9ab24642021f44d5161d0fa8094cfd50582d0fe815176170685065a624e64ba3e1617462463be6ca129b44038dc493a24cf0be8bf290f5af7393c3e9cc33357f7b6c31fcd938a55b9df59a2673f057721eaaf8c8a626839b9192241d436bbd2af849f19ca7f7375987b4582aa9afe55017586d243668b4ad3eca30ed35d55927b17d657766ba87771280588ad0d70f0c6bbe1f285580a93b1d778926465bf252705898c61a74225590388b2189b48cb37dc7e498ef17443b4601d801a158863984507cb836f9324af26aba41e4859f26bbdcad95fd21095b4c92b01bce316484fcebcb54a92fac236bb4a7dd38896575e6488081ccb531d2c10e08c86d70f9de70aec3215f3c07c3e9244a12ad41ea2d00e9e1f91f007d09361ae9323d5169931750235778e9a5e9d153396f3d7fe2ecf903b7461c91463be223b9802b2a1f1e8934a7234d7a00720b914b72bf31ab3e029418130898346549b05e57ebad774ef31ef1d3c081f52125d29fbb401e9e8dc384bdb5c1fc22ee6ee9424b21b9058ff105d4f73f5c328bdaec36dd5c2bcd3a8df65589fab003c7e1a9f61d4d1f0017158611767f307ce51f10ef599e0a9fe4c591492c8f840ca947fa476b2654e6b0d770b7096cae2d89159b8260e14dc81e45d2dd147a3be4a79025f47eb7a9d309a91abb3fc75d45f9b8bd6fe8aca6bac9140e099fc2418e509b0bb6c6601741e75bff0229b701e9fa6643865ddaadd8704649abc9b262479b75cae2a864ad7d99cddf554683ba616cb4fd7b37b952193aa672a3e142d2233e359c1451af53645b089d19c748eed6f2f86bd1b636b5aa5fc293485e3409d36bbc2a132e74434d46f148d71b334c6e4b83595968a4e9fed07c020706eb22f15e718a78c4a18bc180ef38e703f1a7c73489b3edd00fb45b517faf91c688350ba51e9ed5021091ab48a7bef32fc1a00ba1bc7bcf690ea5921ec10d4fb79d02cb0d77432d33c45c35972eb62ef024c6dd935da024f01b0ba4fe094595ed71215b6b544689b7363b757a9baa4943ce01b3f627e9afc556c6b53fc7c94311bf7199637141e3b5439ff92b21acd52414e4961f88262c3f7aeccabfae3f97f240fb3d2ffc3e4527b560e65dc0c302e1c2e5ad3a05300cc72e04d339757a7552688d16aefe64184a681ed6162571c64d11eef68ef3dd794cda15c94ba4891ee57c79c0980100333f2730941b0e85b4a89a3cccbc8f063dc0705e714e30d342f61bb056a4666c8c96ba0d7c15209f5980f0900bc2b2aafab6448377bb83a77e039537e3aa58423418fb2ed2e48527d2de4188a7173769109534bcd0aedcbfd2fcc7f50555511bd3bb1685f3853db3e10f389323f0df17fe6e5163eaf81ceb6cefed46b44b7da0eb45a9209b9604dd3cd549a3ac36578a23e5e303760271f13343f3d2c8949f1d06fce556ddcbc5d840c2413c56b873609b82c0e283bebc6ad964a8208ede19cf925294619da230664904a06d8552cb7f9e27757d7e2b2f9ed87c1da78d3d5ff9afc370020d7d5430ba3cb0ae87cf6b6d4cc5f123e8ea242f11888ea03e929aa9a3d9631cfc244ba7b2d6e6667427db875d0dedffa0db64ba4e670be2d7428771afa26eeef83e2d8519c6b17d1c0aa1e1a446e9d3472387c4819c5313cf415ec6fcaa09a8df7f589c6fc6f16b29db152af96acea68e9478ce8607e714f364424b9885d88203c1f6b3db0549354088afaa8477a414556f8844bacc322af1957b58dc9ff913e3d93103ef5d97b47b3eff6a71fbfa04711b4695a4c40a5549cbd42d8d34778f4b1dc16420f4e4ff73850f6f8614a177749fd81490ddc40d4acefca19360def57ab275eb5bfd2b85b3ec7f3ebfae5e395fa6e7c554bb25fcd8d9985536d563ebf81ad679e1a67ed09db4270fbf05892641d447984179ad4911f8114f239064ea4e0997fa54256d25bfc7b9c7e91ec62edbab64e299f2d22496716521af126ed35d619f669c114db81cdd729338dda642286db9a3d88254c72b1b6fba2b0c64bfe96d954e11938b49a2c31ed813d6bfd2f483097782ec40b2042adc4969209a63c19d1a2d772044b4d0836b7f0b08e449d0339439aaf7b69fdaa7f53b413e84212a760fe2c5aa5c3deca340760f202371ce6781af0784957b5ed38133836c2acde9f7421873e54db26d8134e5c2c1f1483d27dd9361e7eae954c4a1e22a9d9995fdb252b924c870e7fe2ae6fa0fe5c3c8ee969de1db4943e0d1318c6b8469cef9cf6384239a9e5ed2323064bc3b1ad8daed690b0abdd57846653dd12d0ca45b67f107ad875a83b604028459acd1e373e8a80b74705efc45fc04d8964b197d7f64d00b11aee73960577661f004482590ecff8d0077e2bab8daf67cd72157a9e0b4bf7d9e73df8830db969789bc801c304caa0e9da6d7a033cadb3d6cc1b176f2bcf73f2abb4d6952b4d9e0b2395756203b3e2557699582031cf757f41b2279f6dc88feb9aeff5b74d3aa7c8899812a12cc44b23a907e18be2c7e4b6a3c2118c902f02704f076f8f0bf5674fd7b9e5212b86262c6c8205bf94116b0cccc6b9b43f40934dbb999aa1d2b72036e2559cfb2ef0586f60d8657f3617d7a82c29a08f8a7a21f9a8d3f72febf1ed19cfe677e6d401415f928e8a4f3a89d075ef1f1b2a923f7afce2bfea1d4ebcc74ad5842ae1bd006ca1c3d641e9000d2fe26ed0cafd9ed9a1df6d06d8982f9e8831756fa78b6df0ab7d165690d3638310fb627d9ac108907d506e11d608b568f1e8b9627e1cf21890615e0ed8dd241d3a8e6ac4ce4077e5642", 0x1000}, {&(0x7f0000005140)="45c5f291940456e078a5ce685c22c3ae1f8de8253f01624cc52a7e9dde8cf37ae33b20f969eb2df9c9bc1f4a41a191315323a0ee1a36b4a6e6e9fb3ad9004c23096261f09c237d12e1ebbd86f99e86dcb6abf5ea32bd679b39b5d4567c8f3ee96510cac4812fd7d54fe513289e6d86b15049f7d2683faf64def1dc651468bcb8e394df05bdf092e2bd7ac70e23cfa112d5ed5c92a004206a914c5738572e6c0e35576129d1ec21b2e2fae74bd5432f13e98b29af6e57d8f6dc43198259844106d4068e2ab8f935d2cf78c884", 0xcc}, {&(0x7f0000005240)="19b169532b75ef9bbfc87286438fdb6b03c8df686995ccf141b186fef212dfc3b696a7f094614b973a8248c129368d6f63a391d5c62d54b790bfccaf8acbb267ee1141c9cb27e01ed460dc75d97a0b09fd0e76044a16434a88ddb2290b9d556fad33be329cd08b42d6d97d7c9ce8b4811a612fba3778d6b6d1d633940ad780d8ec57d33e9e5c5ed5f4059de3fcb1b5ebef2f6b85d59d6c15bdbc75f4f9ade525c1ec810722b99d5251cc2c6d11e14d6de12523f3735b02c0da76ab358fa0a5e7d5760f132b70f912aaacc06aee1214459a", 0xd1}, {&(0x7f0000005340)="d1901ba3727d4aaeb9ff1f4fc808776d11f69e58bcf5d7041b278fdcda3114fe2d1e94b1a7a9cb499f79670a98f9368308ad7b943ecb771be71fc53f4417708824c87356", 0x44}, {&(0x7f00000053c0)="879b3cb7c310f7707c", 0x9}, {&(0x7f0000005400)="bea4ebd57eaec13ede658a82746442b98e4656534f8b4673f28ef3a364d3ec1a60676aad66cd809b20f1700b294ce27dda968b3fe72caae074163346a714013d1cf69966b9ff127f73d0398a4d502867b223a6fb0783b1c9a10eeda202621e24239bd85589d613c94c1db14965d2a2b33e4e99d305401f74630b7d1891c4d6ffb9dbe73a12d2", 0x86}, {&(0x7f00000054c0)="08fc0d7b710ee6961b0eeb76afb2737ec105c6120daa0fa9a6c372e50f8fecc9f137d8ffb04eee0cf3966947648d99f0fc46f87e778ff7b6dc2751a02a493d09b4d8d23bef41cd73a8a209ffa389ad402d2328e7666ccef98f9886315e07351f", 0x60}], 0xa, &(0x7f00000059c0)=ANY=[@ANYBLOB="180000000000000084000000000000000800fcff0000030018000000000000008400000007000000e000000100000000300000000000000084000000010000000900040001000000000000000200000002000000aa00000000000000", @ANYRES32=r9, @ANYBLOB="30000000000000008400000001000000080003000802000000080000a8000000a80c00000000000001000000", @ANYRES32=r10, @ANYBLOB="3000000000000000840000000100000009000400008000000100000022010000050000000000000000100000", @ANYRES32=r11, @ANYBLOB="200000000000000084000000020000000000020202000000ff030000", @ANYRES32=r12, @ANYBLOB="300000000004000100030000000400000024230000b50e01000000010001000000", @ANYRES32=r13], 0x110, 0x40000}, {&(0x7f0000005b00)=@in={0x2, 0x4e24, @remote}, 0x10, &(0x7f0000006e80)=[{&(0x7f0000005b40)="370c5d852c74bed04a7c189590685e6404f22cc944a3b622637736481d52c36d21b3a67dc6eba0270476463260236188436e44fc35426867775664f194b95714ee2e65a53eb13ec21c9255e5e0cc8f", 0x4f}, {&(0x7f0000005bc0)="554ae33dec22d9f164ea6440b5b8b80b3e3be4067fb6fcda97ec9c8c911605aedfef06879ba198c5a3330dadf31416c73e053f2aadfc4e54999348b7b3ab2202e24fa8532aee0aa83292acc45fde6e0d98eea4b8e45a00767d", 0x59}, {&(0x7f0000005c40)="da52a286ba64616da042d17a3f6dfb9ef92050f87cfd032a96a051407ea031575359376f85894c064906bf79c7e03829f53935068fc5068f50e49490a402c63bcac68ece6e17c93f88db4fdf414dab152e2f6c8fdac13463a0d8ac1e062ab8d82d0b3306d7e0611b550e48b73e72cb6378ac751f139fc65c2e31bcc4d7eef0196c15d22d4974c1aad49f3a9610b1dff0d021b60e951fa9a74fe02a16edcf949000721fac6a25312b409f2b47994d6e9cc0fa9121097632e8d3416df12f847b339516a9637766a46dce77c08b31a9cbaec8e976c5ee85a7311dff86bcdcc53054bd4b44b28dc72453aa80b0fec9fdfee8c5ecd328445dd29a76469d11a5eb680ff4f0644b932359ce01fd694de8fa3c26b560bf200bc09d5afe455d6dfadc1a608ccb0fc2707701b47c9a7b75efabcc7d1621ada72719b6b02c9057d14c33c358089af803e5d2330380a37edb8f257620c4d8f7d2c710eaf12d5d654989c4fb7d55b6ad735d2562df284d360d7c4e62301fa6015701c68c2571a32db8b5995233958f31a42861ebfeb7b2ebb377ef381e533e280e4e13b608b6e7862b0f10a0cd5e478aaad22355f167b8412656230d57e0377e7c31969af0fb8a1c44dc29b6cc01c5edbdea4d19e80b36b9a4394cd73fa0b7c950e03d524594d2ee07bd91cd2c370b58bac123c810989456eaad717f8869ac7aa957cb796316c61205e4aaca8ec7e3462972289abfbd4f3802fc092c1ec8adfba3867729d985fed8013a8586ce3dba0f9e0f124739fb960a01a107890d75a3934ec7afa1aeb1caef15083763802839238ff7cf6de19e36398a64f8f8223677a790f28a8b185d811afc331e205172665fb137287e8b33fed8a5b78562f59da5ae29716050f97f798eb5aeaea6b589561686e14ecdd52b301cf599edc3476ccb95c16a2ef13ce24b438fb53e2b03e4e20c972518523ee305c6c879bb25cefdcad7656c0686f6ca14d748510ffb3b63133d565d93b1f0fe43425ab6a88d2e7976e4015cb0aa4719c7fa90922a65445572e513c4a2e826e4ce69feb89c819d4eee1aedda6acb17f0c3aa43ba41017ffb8858e4cf89f6b903410dac5252468a8958044f9fa5116e002a406787783dc235711072092be4f850458909aa05344eb7b47ffd24b64364398252e6c6d25c4759b9552016ec034b2e61c9b8130720286dfc6168edca6ae3283b47de75cd08ec129bc23bb34c598c16c7ce03f66f45d5b132876a71d4837cd1916cd281d1e5efc1ad671fa07215cc93fbef7d617b2bbdd637fe3da097fef966830169295c46cbe264cf7b949d3272e06127d2b42c5ef0dcdcb4d3a71009809c494f508c75387a85aa3e348acfe6ae4301215496b33f1be1646a3f1deab822932cfcf8f409db22beaa1b0d6348af61fa057b7280cb49b9827d8133267baa9e0e6bfa790e586ae0e5d899ed10305c33d032e90166c798e1b779058a7a6979f1441f86ead5081e474f7716ef9db98e1ca4bacf7ab45eb7dd79fec2f1b05b7079cb3f4d479b78326c5a0f6f4021ecc6dbf98f6cff58455ac5f4d362adeb8f501a124166ad62dd95e80cb425d49087892832603e44e8a2ebd09a0d3e49b3dd25df8beec809897d3e828fc0d0967cb90e7e12db920dd90bdf5a9354fb2fce4221c7968311f7b4c5fb53f6f9c7f50d0d789c2f9f0e6661227f7c4289f5c2061fb590f3fa5e5af0d47dd1573b8debfc259c3d7f74ef07d5ef6ad61f34d4af95dac96628d1b6d0023d69c971f7ea4b8deac0e453b02195e5b75048ed536c863c548592ac3d9431b1accf2e9b8f14a74c79ba8ea4d4337434332768aabc3d06f497262647a87a3b106202fbf5f5d0621d2c5a7835877a3c92623798be347872a04700a7e49f4a61a51aa30d505e12879398815548343e05e31d15815a75fd4aabec03b79ea4d3264159c5554e4db73237e248535c20edb9ffa9681f401004c579a1f68a5373c8c5bc25642042aa80477598d6762414f8730fbdcbf5370fbdf54dbf1e470065c159df36523813e874121cd28e4f28603b24ffd5ed69505862b4bf78f1a0d8777d84336a0f921805c5a80e60accc57c2fe54ca36a92e03dea6ffc07fa16dcfeb4670d8badf2c8387537521aba65c62174f174b2dfa3f0070358be38ce3266855194af22b8332acbccf00236ec665f3d410495d0f9cab0b5063bcb856f956d7f425c0e96cadac13e8f0c8d6db466a2769fc11ee507de4606034ed4dd54feda5317f6e456e85f542da42dbbb4fa8fbac6012ca2deed4258bd29239023e378fc143ad4d5e4efefb59f4620d7a0820d4e988a53aeeda3b7ccf53d7329cb0d48d72e20ac3c21ef1b89656ffa17e07be9a4422ed7d247403dd1f049b30a3e611a2b5715b94eb42292605a650dfe1149b17d76d651a9f3afb470b769660a16ceca1918f0d9e0295bdfa1e752cf23c48a0230117bb66261f3aa9a0574f7886333f37ba20cb87d108b839efd47422b8cefeb44961f9207cb71472807fb722b843723ddf730f04dc4781f039c76542985c2813c676bb7b6c72a8c6bca27ed51fd9feba60522f011edbe1f3e6983b5fe1559479cac7fbfaaf5442cde0e79886a39f416f3cde39fe4e5719efdc4babc2d70dbaa29ec6c7642596b67249af607e3041e155394191c376fc1d70b49f79dfb2bcccdc64f4b7e18185b7a8b797fa57a5a12e677c64c3b59df1d631719fb5f45ff6290914ec1e9d26f9b6b0ed0ec9a0e87fafa3398e849297c781533c328c2fc8253b5ad7f4773fb201c3849b02f0fccce5cc3abbaa94a673648f4994c3a8cd43eac048c17f480d486ab4fe0a223ba69432d3f496cadc788b8b407d53209fc4105ca9644bb294da449dfef048acc9c2e2d616ff190abbd956cef0285af591d3f447929b9d1b980ed9cab0d2499b7c24ba89fd018a44faefe57b04c1cb814a8d35cba5567c5ea6f937c70ae4d18d98fcdf83c263641137d4b48e80c555345dba3149fca4868bf5842c48971a5f11d68f4ebb3422f7b711b990a9c9632f18af84edf7a6d529498aefd213a728c0185c3135ac13a4d08ab4a04e2f32ca91a85fd032eb0b56d17875b2051ad63691a68d02caaee4ce3a945b640baceff98a2fea85ef907a5c034c59b1816bed0c25cf6b8e6dffb5fc9d8441d58eb0fc1c78fd106b04ecb9b6c360e48380afe05f9c6bf6457d1777332acc430b2c39234a540ac4b9ae53cc1716844701ed8e695f82ef5042aa21fe5fd5a746801c6ec30496998baad67eeeed6d7f255a135116fc9ff0563240e1e8242aabba9ba396c4ce48758eb86d5badfe1846aa210e2025a4181bfad1c07403607747e57802f001f9b846af50cadd380bc55e31b38cc90001450c5616fda487db18968fd2cbae39d0e2c5546feb77cefa99b3327e2b386f8605aeeecf5eebb10627584aa8cbb3068ec1fc773e86c925de6bcc8464f490fc12b2292e026f735a47340a77c40a1f0ab2813d6865108451829502f981fbc11f38a8eaae1bc6d1e5b39d950fd0ad9fdba2ac9fae1e4b39db19f15466c25b4558b4b47354b60c3354351a8716827556e052ff525f553ba7208c1f49696905e2e910591eaaac385df606a69a16dec96fe2a5910e1e1967e67cd5534de7f882e0f35f068695588fa2b8a997022598bea39baabf48bd991d0029aaa373b802065894cff1831c23ea404f44c9f5bf35ac4f9d78c4b7df0a2d6ad84e120b222a1600e04aa681089227e1dd5216803787827cf25bf6d6df4b5d903f25f7b0a4689c7c81826c5eea0ef8e879583e94a217fa30fa3b074f3b249b04422e65ce528170d598d81b59f856c1492d8aefa3a039f27556514610e3604c6b18e1d32a8fa40ca1396ac358ccb72044a74839a6bc892ac4244e51586e9b136da60ffd2885e2e355c79bba09d0e4cb5edeaca3a6f4b5f18d0fe95c144387a2188a25ae90391b9c4b8d72f88c552a0320755b207bae7516f4dc734044a49a3db3bafa52ff4c984ab67c0874fd9d8c191ce3195a942375a87efd6b5d17f2994449587c0a7c85a5489f023815b58d3bb094335476e67ee43b29a3e9d9b53cca76b75766c810f7acc415ae1f6815f98a2c2cc9aef6598c3f99da0476e3322cdf1015ce4ad13bda4ad99878914c4c09202c45b46ad0b14b48ff614bc9f8fb17576aa6e7929fe8b5b1381fd412560221fc999e64ba764a46547272ce511fcbaac334fa55f2e821572d03f3769b5e9d26e004d447307762fc5b5346721b2f17c7b82fee3e41fb6c25e7c2994a2afd4027cd86c574cd6747d15096eae38998324757aef13c4979280ae946eea0c2138b17b3fafd5fbe302654433aa7fd0eaf61f165af55a20a5d19fca937352d855eee606a6b2367588f62cffa37255929a7231be8c5f536d46dc1577fbb0133b1deb2cdfecc987e730320fefafc29f1028a750ac9e3d121539de05083c7253afc08846275286dbefe00dfefc01ca6ba402d862e6170a8021dfcdd520e1f8c390bfd788abc82c9bf664cf6d498ee744338d90ae5262056ef58dd88b351a094303c4c151e0298b9ebb0875e1e6100d59899ca360c4e6672ed77c598755d5552bc74d3285dd2a4114c6c7220a9daa9f54f6c723ee8837044f93fe11ccb99d8d4c8de7a1926c0a0a8477dd59e842018bcd5527a3864c2d1c9f3d99bbac942252ec3ffe3908908a1db7b2ced1961fd5e9c40e7d2f7ec641f12de33e9c0ca61e57412c1677c1812aa579ddcb119a3266e5b847fddcd8973d7113364811444b34fffc113327807e647a3a1da7b6177480ccbeb90c52239701656bd2d033d3c9b46899bea8ee09f0ee9582c42ce4c556778a4997b41ac1ea028e36711fd4d77397798ae2f3dca12477d53c15db11f53fb8d1cf89623ef12ce05db45c9e2d19c1d38f1ad58ee674696bb54aa663f5c6def7b447e0af189df95b9f01fb3c07e0be276aff400aec4c0397b2f21e3d051d80e375ac9a0a6ff076ee8725b1da84c6b827222869bb97b5e15c825aec9f02c64cbfb239dc1da91719166883ae7668a4fbc3feccf2b549b35fd6135836924e20e3bb4f47fe2ca8e53bd03f6cd644d444665f1d4389e84f8d7f13867435695e61b1da7579042d92e344801e9989948d70165c0b88681bf059a10394bdf9aac5265da9d3388594579d0b5d784ed1a02854bbd37ad8dfe1bdcd6346d7615ee535881774344984b4b80454e638c638a5ccaf58d9ca629f769a2178ac3903bf773cd47af5fd0c2565259b3d83cb4272f1f099f0efcc0ced748f1eedf66844e48eae1cc994629f337cef9302967dca7484690e03514b641878f54fe080278ee2093b03f278931ef2287dc2530e17e4c1dc12360f89b7165c61930bc8a37a7d8a8147de559f7b55b60a59fa17f6bb87d8c52a47e05602c5fe9d6f893094b5138c24584ec4f91d885996161ea9b6f4eac49029940638e7168520a2860f8cf4f633f84f71ef05a4041aadc6d7b483531a624726180f3f270350a5c00eed5f048666e38ccf71922950b00ba23c86bda2d257b5476948a0960326ceacf82719053b1da346483a95a77945ff50741f5474ca9ffae1dba66ec5505ffc86493efa5016815a4fff163e8202507c5f316ee9bf6f4bd0cb78196ae21e4f4cf5a40fb7cdd8ea2909652abd9e85094fa8261053624b15286277d1322e21482176e081982941e76949cf759d9ad318233aef427ec6989eb6d0be9b6c038612ded9a23a383a3dbfe3d141eed15940889b62bffc1657c71bb7ab09a1d4aa40e4ac7ec355cd3161ebce8c093fa49de3751", 0x1000}, {&(0x7f0000006c40)="4df96a05f941516663ff86d8345d219a65cb91317d9bdba877bd57110f521296496a2a6c0b8cef799113e1dbfa253b82446de3fb9751d72c7b178f320f9ccd91555e2b30ccf987893606f1c0609bef2129a15d96495e63b1497f8843fdfa3e8c85685eb7ff1f7bc9747e92151958cdf8795c8aa23fe5ca3b61bd7c97df2efcac94d83e9bb1eca565b11c6ea1e4", 0x8d}, {&(0x7f0000006d00)='O:{', 0x3}, {&(0x7f0000006d40)="71921fc9377a2a6e9f1018806af891", 0xf}, {&(0x7f0000006d80)="895966e76c71d0b6cf7b4c1304aa079fc057bb2e60035dbd6ca5e51e7b418a2993ff03a59a254b38b8b72860fdb9b5ba4886828eb487a0725f57abd2fa08dc221bade36c507aa40a6545b3c55c9d464ae1473e", 0x53}, {&(0x7f0000006e00)="f7159c387b5f644cc9f5a8b08a65c6a572bf90c6e88b99a98078f094eea85f1083517ce418aef3a0fbd443e9231d2b400e9ccef043d28188714971476f428199c7baee", 0x43}], 0x8, &(0x7f0000006f00)=[@authinfo={0x18, 0x84, 0x6, {0xfffffffffffffffa}}], 0x18, 0x20000000}], 0xa, 0x4040880) [ 326.365636] 0 pages in swap cache [ 326.369354] Swap cache stats: add 0, delete 0, find 0/0 [ 326.376412] Free swap = 0kB [ 326.379633] Total swap = 0kB [ 326.383828] 1965979 pages RAM [ 326.386965] 0 pages HighMem/MovableOnly [ 326.393824] 333222 pages reserved [ 326.397438] 0 pages cma reserved 04:53:01 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, &(0x7f0000000140)={0x0, @aes256}) 04:53:01 executing program 4: syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x28001) write$evdev(0xffffffffffffffff, &(0x7f0000000280)=[{}], 0x12) [ 326.505602] syz-executor.5: vmalloc: allocation failure: 0 bytes, mode:0x14000c0(GFP_KERNEL), nodemask=(null) 04:53:01 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, &(0x7f0000000140)={0x0, @aes256}) [ 326.575837] syz-executor.5 cpuset=syz5 mems_allowed=0-1 [ 326.583032] CPU: 1 PID: 20347 Comm: syz-executor.5 Not tainted 4.14.131 #25 [ 326.590335] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 326.599702] Call Trace: [ 326.602647] dump_stack+0x138/0x19c [ 326.606297] warn_alloc.cold+0x96/0x1af [ 326.610442] ? zone_watermark_ok_safe+0x2b0/0x2b0 [ 326.615533] ? lock_downgrade+0x6e0/0x6e0 [ 326.619857] ? avc_has_perm+0x2df/0x4b0 [ 326.623825] __vmalloc_node_range+0x3be/0x6a0 [ 326.628420] ? trace_hardirqs_on+0x10/0x10 [ 326.632654] vmalloc+0x46/0x50 [ 326.635859] ? sel_write_load+0x1a0/0x1050 [ 326.640084] sel_write_load+0x1a0/0x1050 [ 326.644141] ? save_trace+0x290/0x290 [ 326.647941] ? sel_read_bool+0x240/0x240 [ 326.651991] ? trace_hardirqs_on+0x10/0x10 [ 326.656209] ? save_trace+0x290/0x290 [ 326.660016] __vfs_write+0x105/0x6b0 [ 326.663723] ? __lock_is_held+0xb6/0x140 [ 326.668813] ? sel_read_bool+0x240/0x240 [ 326.672864] ? kernel_read+0x120/0x120 [ 326.676768] ? __lock_is_held+0xb6/0x140 [ 326.680829] ? check_preemption_disabled+0x3c/0x250 [ 326.685844] ? rcu_lockdep_current_cpu_online+0xf2/0x140 [ 326.691313] ? rcu_read_lock_sched_held+0x110/0x130 [ 326.696426] ? rcu_sync_lockdep_assert+0x6d/0xb0 [ 326.701169] ? __sb_start_write+0x153/0x2f0 [ 326.705575] vfs_write+0x198/0x500 [ 326.709104] SyS_write+0xfd/0x230 [ 326.712566] ? SyS_read+0x230/0x230 [ 326.716365] ? do_syscall_64+0x53/0x640 [ 326.721026] ? SyS_read+0x230/0x230 [ 326.725393] do_syscall_64+0x1e8/0x640 [ 326.729286] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 326.734125] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 326.739325] RIP: 0033:0x4597c9 [ 326.742538] RSP: 002b:00007fbe448e1c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 326.750269] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000004597c9 [ 326.757531] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000004 [ 326.764893] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 04:53:01 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) [ 326.772154] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fbe448e26d4 [ 326.779566] R13: 00000000004c97d2 R14: 00000000004e0bc8 R15: 00000000ffffffff [ 326.795488] XFS (loop2): no-recovery mounts must be read-only. 04:53:01 executing program 4: syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x28001) write$evdev(0xffffffffffffffff, &(0x7f0000000280)=[{}], 0x12) 04:53:01 executing program 5: socket$inet_udplite(0x2, 0x2, 0x88) ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") r0 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000140)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r0, &(0x7f0000000000)=ANY=[], 0x0) 04:53:01 executing program 0: mkdir(&(0x7f0000000300)='./file0\x00', 0x4) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', 0x0, 0x2001001, 0x0) syz_mount_image$ext4(0x0, &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x100020, &(0x7f0000000340)=ANY=[@ANYBLOB="5adf4d7cbdf1746a6f75726e616c486465763d30302c00e35bf271b25efeccd14d46151b0260ed353ae57e19e9a456699ab5ec3ee9cf5894ea048fca5c28d68c5b5d25874bfbad6323d5daf8b35da5cfe5d014b8b2ec2656dcc4c97049624dd5c6554942362865979d03412c5ea7620e741b0d74e87cf7efce89eab071b4095efb0144d0fd9349cc867c3b62444054df7f4c9e5439dc73584463d0fde7"]) openat$selinux_policy(0xffffffffffffff9c, &(0x7f0000000180)='/selinux/policy\x00', 0x0, 0x0) r0 = openat$selinux_policy(0xffffffffffffff9c, &(0x7f0000000100)='/selinux/policy\x00', 0x0, 0x0) ioctl$BLKROTATIONAL(r0, 0x127e, &(0x7f0000000140)) epoll_ctl$EPOLL_CTL_DEL(r0, 0x2, r0) ioctl$SIOCAX25CTLCON(r0, 0x89e8, &(0x7f00000001c0)={@rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @bcast, @null, 0xb, 0xffffffffffffffe0, 0x2, [@remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @null, @default, @null, @null, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x3}, @null]}) ioctl$SIOCX25SENDCALLACCPT(r0, 0x89e9) lsetxattr(&(0x7f0000000240)='./file0\x00', &(0x7f0000000280)=@random={'user.', 'journal_dev'}, &(0x7f00000002c0)='journal_dev', 0xb, 0x2) 04:53:01 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, &(0x7f0000000140)={0x0, @aes256}) 04:53:01 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) 04:53:01 executing program 2: syz_mount_image$xfs(&(0x7f0000000040)='xfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000002680)=ANY=[@ANYBLOB="6e6f7265636f766572792c62696f736904003d3030303030303030303020000071b67a2c1dd1db4f6c6f676465763d2e"]) r0 = accept(0xffffffffffffffff, &(0x7f00000000c0)=@llc={0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast}, &(0x7f0000000000)=0x80) setsockopt$inet6_dccp_buf(r0, 0x21, 0x8f, &(0x7f0000000180)="8d3b3ad4aface56db53a4b68696b775e0ec79cef3de64e63905a88fc04fe7766d3dca9418af7054b831a5a6cc45bc0f44b4b11973157f1f4014322ce55e10d99749999abf94fd4f9a493373928f51c95f93426d520bf17ec07bfe8e9d8f1add3563fd4014a62ff4d32238f931555b9096ece238e051aa7580dcfca276bdec7ecbf967ed147ad902fc6b748d6a0e7c0e7445ceb5522a9cb42758b168596ccf62e5fbca4a08641d72a2b6fce7f0590ba632d0a188411a69bffedcde1d5bd040324c1717230c90d0ba55b071ac578", 0xfffffffffffffdfa) openat$snapshot(0xffffffffffffff9c, &(0x7f0000000140)='/dev/snapshot\x00', 0x4100, 0x0) 04:53:01 executing program 4: syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x28001) write$evdev(0xffffffffffffffff, &(0x7f0000000280)=[{}], 0x12) [ 326.946146] syz-executor.5: vmalloc: allocation failure: 0 bytes, mode:0x14000c0(GFP_KERNEL), nodemask=(null) 04:53:01 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, &(0x7f0000000140)={0x0, @aes256}) 04:53:01 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) [ 326.991999] XFS (loop2): unknown mount option [biosi]. [ 327.009303] syz-executor.5 cpuset=syz5 mems_allowed=0-1 [ 327.055104] CPU: 0 PID: 20376 Comm: syz-executor.5 Not tainted 4.14.131 #25 [ 327.062253] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 327.062258] Call Trace: [ 327.062276] dump_stack+0x138/0x19c [ 327.062293] warn_alloc.cold+0x96/0x1af [ 327.081834] ? zone_watermark_ok_safe+0x2b0/0x2b0 [ 327.086708] ? lock_downgrade+0x6e0/0x6e0 [ 327.090917] ? avc_has_perm+0x2df/0x4b0 [ 327.095000] __vmalloc_node_range+0x3be/0x6a0 [ 327.099590] ? trace_hardirqs_on+0x10/0x10 [ 327.103842] vmalloc+0x46/0x50 [ 327.107081] ? sel_write_load+0x1a0/0x1050 [ 327.111323] sel_write_load+0x1a0/0x1050 [ 327.115493] ? save_trace+0x290/0x290 [ 327.119402] ? sel_read_bool+0x240/0x240 [ 327.123480] ? trace_hardirqs_on+0x10/0x10 [ 327.127726] ? save_trace+0x290/0x290 [ 327.131820] __vfs_write+0x105/0x6b0 [ 327.135543] ? __lock_is_held+0xb6/0x140 [ 327.139616] ? sel_read_bool+0x240/0x240 [ 327.143687] ? kernel_read+0x120/0x120 [ 327.147596] ? __lock_is_held+0xb6/0x140 04:53:02 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) 04:53:02 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, &(0x7f0000000140)={0x0, @aes256}) [ 327.151668] ? check_preemption_disabled+0x3c/0x250 [ 327.156699] ? rcu_lockdep_current_cpu_online+0xf2/0x140 [ 327.162160] ? rcu_read_lock_sched_held+0x110/0x130 [ 327.167187] ? rcu_sync_lockdep_assert+0x6d/0xb0 [ 327.171949] ? __sb_start_write+0x153/0x2f0 [ 327.176282] vfs_write+0x198/0x500 [ 327.179839] SyS_write+0xfd/0x230 [ 327.183308] ? SyS_read+0x230/0x230 [ 327.183318] ? do_syscall_64+0x53/0x640 [ 327.183328] ? SyS_read+0x230/0x230 [ 327.190927] do_syscall_64+0x1e8/0x640 04:53:02 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) [ 327.190938] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 327.190954] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 327.190961] RIP: 0033:0x4597c9 [ 327.190966] RSP: 002b:00007fbe448e1c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 327.190975] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000004597c9 [ 327.190981] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000004 [ 327.190986] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 04:53:02 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, &(0x7f0000000140)={0x0, @aes256}) [ 327.190991] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fbe448e26d4 [ 327.190997] R13: 00000000004c97d2 R14: 00000000004e0bc8 R15: 00000000ffffffff [ 327.209972] warn_alloc_show_mem: 1 callbacks suppressed [ 327.209978] Mem-Info: [ 327.296996] active_anon:120856 inactive_anon:1224 isolated_anon:0 [ 327.296996] active_file:8253 inactive_file:12902 isolated_file:0 [ 327.296996] unevictable:0 dirty:91 writeback:0 unstable:0 [ 327.296996] slab_reclaimable:12132 slab_unreclaimable:109407 [ 327.296996] mapped:59023 shmem:2594 pagetables:1182 bounce:0 [ 327.296996] free:1271406 free_pcp:328 free_cma:0 [ 327.341487] Node 0 active_anon:485492kB inactive_anon:4896kB active_file:32872kB inactive_file:51608kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:236092kB dirty:360kB writeback:0kB shmem:10376kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 438272kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 327.372723] Node 1 active_anon:0kB inactive_anon:0kB active_file:140kB inactive_file:0kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:4kB writeback:0kB shmem:0kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 327.412193] Node 0 DMA free:15908kB min:216kB low:268kB high:320kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 327.439120] lowmem_reserve[]: 0 2580 2580 2580 [ 327.444800] Node 0 DMA32 free:1282620kB min:36468kB low:45584kB high:54700kB active_anon:483460kB inactive_anon:4896kB active_file:32872kB inactive_file:51608kB unevictable:0kB writepending:360kB present:3129332kB managed:2644912kB mlocked:0kB kernel_stack:7424kB pagetables:4580kB bounce:0kB free_pcp:1352kB local_pcp:636kB free_cma:0kB [ 327.474940] lowmem_reserve[]: 0 0 0 0 [ 327.474962] Node 0 Normal free:0kB min:0kB low:0kB high:0kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:0kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 327.474985] lowmem_reserve[]: 0 0 0 0 [ 327.475005] Node 1 Normal free:3786832kB min:53420kB low:66772kB high:80124kB active_anon:0kB inactive_anon:0kB active_file:140kB inactive_file:0kB unevictable:0kB writepending:4kB present:3932160kB managed:3870208kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 327.475027] lowmem_reserve[]: 0 0 0 0 [ 327.475046] Node 0 DMA: 1*4kB (U) 0*8kB 0*16kB 1*32kB (U) 2*64kB (U) 1*128kB (U) 1*256kB (U) [ 327.508685] 0*512kB 1*1024kB [ 327.543544] (U) [ 327.556066] 1*2048kB (M) 3*4096kB (M) = 15908kB [ 327.566001] Node 0 DMA32: 10765*4kB (UME) 2884*8kB (UME) 2756*16kB (UME) 1776*32kB (UME) 821*64kB (UM) 89*128kB (UM) 9*256kB (UME) 4*512kB (ME) 2*1024kB (UE) 3*2048kB (UME) 254*4096kB (M) = 1283924kB [ 327.594309] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 327.605280] Node 1 Normal: 48*4kB (UE) 360*8kB (UME) 279*16kB (UME) 53*32kB (UME) 17*64kB (UME) 12*128kB (UE) 4*256kB (UM) 3*512kB (UE) 2*1024kB (ME) 5*2048kB (UME) 918*4096kB (M) = 3786832kB [ 327.622710] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 327.631821] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB 04:53:02 executing program 5: socket$inet_udplite(0x2, 0x2, 0x88) ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") r0 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000140)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r0, &(0x7f0000000000)=ANY=[], 0x0) [ 327.640808] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 327.649794] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 327.658424] 23752 total pagecache pages [ 327.662454] 0 pages in swap cache [ 327.665903] Swap cache stats: add 0, delete 0, find 0/0 [ 327.671330] Free swap = 0kB [ 327.674345] Total swap = 0kB [ 327.677346] 1965979 pages RAM [ 327.680517] 0 pages HighMem/MovableOnly [ 327.684478] 333222 pages reserved [ 327.687909] 0 pages cma reserved [ 327.725676] syz-executor.5: vmalloc: allocation failure: 0 bytes, mode:0x14000c0(GFP_KERNEL), nodemask=(null) [ 327.736167] syz-executor.5 cpuset=syz5 mems_allowed=0-1 [ 327.742348] CPU: 1 PID: 20427 Comm: syz-executor.5 Not tainted 4.14.131 #25 [ 327.749465] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 327.758984] Call Trace: [ 327.759005] dump_stack+0x138/0x19c [ 327.759021] warn_alloc.cold+0x96/0x1af [ 327.759031] ? zone_watermark_ok_safe+0x2b0/0x2b0 [ 327.759045] ? lock_downgrade+0x6e0/0x6e0 [ 327.774010] ? avc_has_perm+0x2df/0x4b0 [ 327.774029] __vmalloc_node_range+0x3be/0x6a0 [ 327.786657] ? trace_hardirqs_on+0x10/0x10 [ 327.790904] vmalloc+0x46/0x50 [ 327.794105] ? sel_write_load+0x1a0/0x1050 [ 327.798426] sel_write_load+0x1a0/0x1050 [ 327.802473] ? save_trace+0x290/0x290 [ 327.806263] ? sel_read_bool+0x240/0x240 [ 327.810324] ? trace_hardirqs_on+0x10/0x10 [ 327.814738] ? save_trace+0x290/0x290 [ 327.818528] __vfs_write+0x105/0x6b0 [ 327.822228] ? __lock_is_held+0xb6/0x140 [ 327.826282] ? sel_read_bool+0x240/0x240 [ 327.830342] ? kernel_read+0x120/0x120 [ 327.834226] ? __lock_is_held+0xb6/0x140 [ 327.838278] ? check_preemption_disabled+0x3c/0x250 [ 327.843295] ? rcu_lockdep_current_cpu_online+0xf2/0x140 [ 327.848730] ? rcu_read_lock_sched_held+0x110/0x130 [ 327.853743] ? rcu_sync_lockdep_assert+0x6d/0xb0 [ 327.858492] ? __sb_start_write+0x153/0x2f0 [ 327.862841] vfs_write+0x198/0x500 [ 327.866479] SyS_write+0xfd/0x230 [ 327.870152] ? SyS_read+0x230/0x230 [ 327.873782] ? do_syscall_64+0x53/0x640 [ 327.877918] ? SyS_read+0x230/0x230 [ 327.881527] do_syscall_64+0x1e8/0x640 [ 327.885484] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 327.890317] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 327.895500] RIP: 0033:0x4597c9 [ 327.898671] RSP: 002b:00007fbe448e1c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 327.907043] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000004597c9 [ 327.914430] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000004 04:53:02 executing program 0: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) bpf$OBJ_GET_PROG(0x7, &(0x7f0000000140)={&(0x7f0000000100)='./file0\x00', 0x0, 0x18}, 0x10) r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0x0, 0x2) ioctl$RNDCLEARPOOL(r0, 0x5206, &(0x7f0000000080)=0x7) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', 0x0, 0x2001001, 0x0) syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0xe7, 0x5cb, 0x0, 0x100020, &(0x7f0000000240)={[], [{@obj_type={'obj_type', 0x3d, 'journal_dev'}}, {@fsmagic={'fsmagic', 0x3d, 0x4}}, {@obj_type={'obj_type', 0x3d, ']-keyring'}}, {@appraise='appraise'}]}) 04:53:02 executing program 4: syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x28001) write$evdev(0xffffffffffffffff, &(0x7f0000000280)=[{}], 0x12) 04:53:02 executing program 2: syz_mount_image$xfs(&(0x7f0000000040)='xfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000002680)=ANY=[@ANYBLOB="6e6f7265636f766572010062696f73697a653d30303030303030303030303030303030303030372c6c6f676465763d2e"]) r0 = openat$mixer(0xffffffffffffff9c, &(0x7f0000000000)='/dev/mixer\x00', 0x2000, 0x0) ioctl$VIDIOC_DQBUF(r0, 0xc0585611, &(0x7f0000000180)={0xff, 0x2, 0x4, 0x0, {0x77359400}, {0x1, 0x0, 0x6, 0x4ccb, 0x8, 0x4, "7e2644b9"}, 0x6, 0x7, @planes=&(0x7f0000000140)={0xffff, 0x67, @userptr=0x6, 0x5}, 0x4}) r1 = syz_open_dev$swradio(&(0x7f00000000c0)='/dev/swradio#\x00', 0x1, 0x2) setsockopt$TIPC_CONN_TIMEOUT(r1, 0x10f, 0x82, &(0x7f0000000200)=0x400, 0x4) r2 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000240)='/dev/vga_arbiter\x00', 0x0, 0x0) ioctl$IMGETVERSION(r2, 0x80044942, &(0x7f0000000100)) 04:53:02 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) 04:53:02 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, &(0x7f0000000140)={0x0, @aes256}) 04:53:02 executing program 5: socket$inet_udplite(0x2, 0x2, 0x88) ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") r0 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000140)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r0, &(0x7f0000000000)=ANY=[], 0x0) [ 327.922131] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 327.929396] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fbe448e26d4 [ 327.936655] R13: 00000000004c97d2 R14: 00000000004e0bc8 R15: 00000000ffffffff 04:53:02 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) 04:53:02 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, &(0x7f0000000140)={0x0, @aes256}) [ 328.009669] XFS (loop2): unknown mount option [norecover]. [ 328.013477] syz-executor.5: vmalloc: allocation failure: 0 bytes, mode:0x14000c0(GFP_KERNEL), nodemask=(null) 04:53:03 executing program 4: syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x28001) write$evdev(0xffffffffffffffff, &(0x7f0000000280)=[{}], 0x12) 04:53:03 executing program 0: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', 0x0, 0x1000000, 0x0) fcntl$getownex(0xffffffffffffff9c, 0x10, &(0x7f0000000200)={0x0, 0x0}) r1 = syz_open_dev$cec(&(0x7f0000001540)='/dev/cec#\x00', 0x3, 0x2) write$UHID_CREATE(r1, &(0x7f0000001680)={0x0, 'syz0\x00', 'syz1\x00', 'syz1\x00', &(0x7f0000001580)=""/240, 0xf0, 0xc7, 0x9, 0x2, 0x9b19, 0x5ff}, 0x120) process_vm_writev(r0, &(0x7f0000001340)=[{&(0x7f0000000240)=""/4096, 0x1000}, {&(0x7f0000001240)=""/245, 0xf5}], 0x2, &(0x7f0000001500)=[{&(0x7f0000001380)=""/206, 0xce}, {&(0x7f0000001480)=""/119, 0x77}], 0x2, 0x0) r2 = accept(0xffffffffffffff9c, &(0x7f0000000100)=@in6={0xa, 0x0, 0x0, @initdev}, &(0x7f0000000180)=0x80) setsockopt$SO_TIMESTAMPING(r2, 0x1, 0x25, &(0x7f00000001c0)=0x100, 0x4) getsockopt$inet6_IPV6_XFRM_POLICY(r1, 0x29, 0x23, &(0x7f00000017c0)={{{@in=@local, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@local}, 0x0, @in=@multicast2}}, &(0x7f00000018c0)=0xe8) syz_mount_image$ext4(0x0, &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x100020, &(0x7f0000001900)={[{@journal_dev={'journal_dev'}}], [{@appraise_type='appraise_type=imasig'}, {@uid_eq={'uid', 0x3d, r3}}, {@fscontext={'fscontext', 0x3d, 'unconfined_u'}}, {@dont_appraise='dont_appraise'}]}) getsockopt$inet6_IPV6_XFRM_POLICY(r1, 0x29, 0x23, &(0x7f0000001980)={{{@in=@initdev, @in6=@mcast2}}, {{@in=@broadcast}, 0x0, @in=@local}}, &(0x7f0000000040)=0xe8) [ 328.079839] syz-executor.5 cpuset=syz5 mems_allowed=0-1 [ 328.092076] CPU: 0 PID: 20443 Comm: syz-executor.5 Not tainted 4.14.131 #25 [ 328.099212] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 328.108588] Call Trace: [ 328.108627] dump_stack+0x138/0x19c [ 328.108658] warn_alloc.cold+0x96/0x1af [ 328.115043] ? zone_watermark_ok_safe+0x2b0/0x2b0 [ 328.115058] ? lock_downgrade+0x6e0/0x6e0 04:53:03 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) [ 328.115075] ? avc_has_perm+0x2df/0x4b0 [ 328.132111] __vmalloc_node_range+0x3be/0x6a0 [ 328.134302] XFS (loop2): unknown mount option [norecover]. [ 328.136640] ? trace_hardirqs_on+0x10/0x10 [ 328.136663] vmalloc+0x46/0x50 [ 328.149810] ? sel_write_load+0x1a0/0x1050 [ 328.154071] sel_write_load+0x1a0/0x1050 [ 328.158347] ? save_trace+0x290/0x290 [ 328.162195] ? sel_read_bool+0x240/0x240 [ 328.166300] ? trace_hardirqs_on+0x10/0x10 [ 328.171560] ? save_trace+0x290/0x290 [ 328.175380] __vfs_write+0x105/0x6b0 [ 328.179078] ? __lock_is_held+0xb6/0x140 [ 328.183137] ? sel_read_bool+0x240/0x240 [ 328.187204] ? kernel_read+0x120/0x120 [ 328.191179] ? __lock_is_held+0xb6/0x140 [ 328.195464] ? check_preemption_disabled+0x3c/0x250 [ 328.200475] ? rcu_lockdep_current_cpu_online+0xf2/0x140 [ 328.206054] ? rcu_read_lock_sched_held+0x110/0x130 [ 328.211068] ? rcu_sync_lockdep_assert+0x6d/0xb0 [ 328.215822] ? __sb_start_write+0x153/0x2f0 [ 328.220155] vfs_write+0x198/0x500 [ 328.223706] SyS_write+0xfd/0x230 [ 328.227942] ? SyS_read+0x230/0x230 [ 328.231643] ? do_syscall_64+0x53/0x640 [ 328.235622] ? SyS_read+0x230/0x230 [ 328.239244] do_syscall_64+0x1e8/0x640 [ 328.243143] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 328.247999] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 328.253181] RIP: 0033:0x4597c9 [ 328.256351] RSP: 002b:00007fbe448e1c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 328.264043] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000004597c9 [ 328.271304] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000004 04:53:03 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, &(0x7f0000000140)={0x0, @aes256}) [ 328.278652] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 328.285911] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fbe448e26d4 [ 328.293196] R13: 00000000004c97d2 R14: 00000000004e0bc8 R15: 00000000ffffffff [ 328.303672] warn_alloc_show_mem: 1 callbacks suppressed [ 328.303676] Mem-Info: [ 328.312000] active_anon:121457 inactive_anon:1220 isolated_anon:0 [ 328.312000] active_file:8253 inactive_file:12915 isolated_file:0 [ 328.312000] unevictable:0 dirty:109 writeback:0 unstable:0 04:53:03 executing program 2: syz_mount_image$xfs(&(0x7f0000000040)='xfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000002680)=ANY=[@ANYBLOB='norecovery,biosize=00000000000000000007,logdev=.']) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000140)={0x0, 0x0}, &(0x7f0000000180)=0xc) mount$9p_rdma(&(0x7f0000000000)='127.0.0.1\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='9p\x00', 0x2000, &(0x7f0000000300)={'trans=rdma,', {'port', 0x3d, 0x4e26}, 0x2c, {[{@sq={'sq', 0x3d, 0x4766}}, {@common=@nodevmap='nodevmap'}, {@common=@afid={'afid'}}, {@timeout={'timeout', 0x3d, 0x6}}, {@rq={'rq', 0x3d, 0x8ee1}}, {@rq={'rq', 0x3d, 0x2}}, {@rq={'rq', 0x3d, 0x5}}], [{@fscontext={'fscontext', 0x3d, 'user_u'}}, {@fowner_gt={'fowner>', r0}}, {@appraise_type='appraise_type=imasig'}, {@func={'func', 0x3d, 'KEXEC_KERNEL_CHECK'}}, {@appraise_type='appraise_type=imasig'}, {@dont_hash='dont_hash'}]}}) [ 328.312000] slab_reclaimable:12133 slab_unreclaimable:109691 [ 328.312000] mapped:59065 shmem:2594 pagetables:1200 bounce:0 [ 328.312000] free:1270571 free_pcp:232 free_cma:0 [ 328.347114] Node 0 active_anon:485828kB inactive_anon:4880kB active_file:32872kB inactive_file:51660kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:236260kB dirty:432kB writeback:0kB shmem:10376kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 438272kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no 04:53:03 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) [ 328.375789] Node 1 active_anon:0kB inactive_anon:0kB active_file:140kB inactive_file:0kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:4kB writeback:0kB shmem:0kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no 04:53:03 executing program 4: syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x28001) write$evdev(0xffffffffffffffff, &(0x7f0000000280)=[{}], 0x12) [ 328.406945] Node 0 DMA free:15908kB min:216kB low:268kB high:320kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 328.435831] lowmem_reserve[]: 0 2580 2580 2580 [ 328.440497] Node 0 DMA32 free:1283484kB min:36468kB low:45584kB high:54700kB active_anon:483796kB inactive_anon:4876kB active_file:32872kB inactive_file:51672kB unevictable:0kB writepending:436kB present:3129332kB managed:2644912kB mlocked:0kB kernel_stack:7520kB pagetables:4716kB bounce:0kB free_pcp:1076kB local_pcp:680kB free_cma:0kB 04:53:03 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) 04:53:03 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, &(0x7f0000000140)={0x0, @aes256}) [ 328.524622] lowmem_reserve[]: 0 0 0 0 [ 328.528500] Node 0 Normal free:0kB min:0kB low:0kB high:0kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:0kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 328.554699] lowmem_reserve[]: 0 0 0 0 [ 328.559475] Node 1 Normal free:3786832kB min:53420kB low:66772kB high:80124kB active_anon:0kB inactive_anon:0kB active_file:140kB inactive_file:0kB unevictable:0kB writepending:4kB present:3932160kB managed:3870208kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 328.591628] XFS (loop2): no-recovery mounts must be read-only. [ 328.646543] lowmem_reserve[]: 0 0 0 0 [ 328.656239] Node 0 DMA: 1*4kB (U) 0*8kB 0*16kB 1*32kB (U) 2*64kB (U) 1*128kB (U) 1*256kB (U) 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15908kB [ 328.677431] Node 0 DMA32: 10536*4kB [ 328.694128] (UME) 2742*8kB (UME) 2785*16kB (UME) 1776*32kB (UME) 821*64kB (UM) 89*128kB (UM) 9*256kB (UME) 4*512kB (ME) 2*1024kB (UE) 4*2048kB (UME) 253*4096kB (M) = 1280288kB [ 328.699807] XFS (loop2): no-recovery mounts must be read-only. [ 328.739813] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 328.754647] Node 1 Normal: 48*4kB (UE) 360*8kB (UME) 279*16kB (UME) 53*32kB (UME) 17*64kB (UME) 12*128kB (UE) 4*256kB (UM) 3*512kB (UE) 2*1024kB (ME) 5*2048kB (UME) 918*4096kB (M) = 3786832kB [ 328.775348] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 328.784403] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 328.793216] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 328.802122] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 328.814652] 23762 total pagecache pages [ 328.818664] 0 pages in swap cache [ 328.822640] Swap cache stats: add 0, delete 0, find 0/0 [ 328.828003] Free swap = 0kB [ 328.831078] Total swap = 0kB [ 328.834112] 1965979 pages RAM 04:53:03 executing program 5: socket$inet_udplite(0x2, 0x2, 0x88) ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") r0 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000140)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r0, &(0x7f0000000000)=ANY=[], 0x0) 04:53:03 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, &(0x7f0000000140)={0x0, @aes256}) 04:53:03 executing program 0: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) getresuid(&(0x7f0000000600)=0x0, &(0x7f0000000640), &(0x7f0000000680)) getresuid(&(0x7f00000006c0), &(0x7f0000000700), &(0x7f0000000740)=0x0) r2 = getuid() fstat(0xffffffffffffffff, &(0x7f0000000780)={0x0, 0x0, 0x0, 0x0, 0x0}) syz_mount_image$ext4(&(0x7f0000000100)='ext2\x00', &(0x7f0000000140)='./file0\x00', 0x1, 0x5, &(0x7f0000000580)=[{&(0x7f0000000180)="55796ef31726fc544aecd24a2dfd2b77fb382b5486141d20c053d31f0c49b819171880cc328ea6f4148d83a789eeae7b9cf76f11ada84fb38e0f6fa0a167c8dae81f148e9186a8c75e3f5f601a4f8d9d42ed34d92a23142e275226679021ec9dcc082f7d5b8e36cad0796a2cbbe5a5543ef939ff8c2f3cd51d9e0fb8886dab2a10976c80de7503bd35c721dfd7fc266a56ab99a15b8f96c17a8fefec4789f744d4c3cdad1fbf4199a643b993ae5f3ad01b864b9fc77749b169b44c1423f2a421e72c2243f0ef43987535800103bb41", 0xcf, 0xfffffffffffff7df}, {&(0x7f0000000280)="61f073f3a50d40741434c1ef3c0fa1bdb0425c456195af6b63e80abeca432409dd84ac9d5eeed9720e7a1c61985243233e5f2cf0bfe013b9496cdb9004d6a23a288b960bcc7cb1cbef326e15184c3e6027440078abf525251618c9409dfc0da094d057179d4835900e1a5ef13d873c6c", 0x70, 0x3cb3}, {&(0x7f0000000300)="c3e31193c96c1c048114f3d9ed2206a569749e5f02c20613194846022ebd4ada4056faa202b8f9aa1a36caf0afc8c1ca927c2f00b06424ca1b9fbb7ab5219f5e36305f287ff2890435b19b6a80e6ab7e705838d34dc787daf43952008aa92f23fd65d2fc09bfb4a08351d49b3b7950b2dae33e960c44cae398761cf747b1b8f831671845ea56d3f48ab6fa2ede367f097e1d982cddb58afa828d845cd5aa2f1ef1fbcadcf78340249977fe5284d6b35a30cc206ab0e1d47b6a61b63624af9f18e6f0fcbe8c730e7adb033405e2fdd66e58d61fee4f78f3cb0bae3e50b92e370c6f42baef0cd5f0aea6598d6e5cbf20d8ae69", 0xf2, 0x4}, {&(0x7f0000000400)="69931b4d682f5ed1b41427475fb753baece4a8712a859aef172efd65149a192ff8102c0441a81ac38a35f23221cf50cb335f5e82faefd981356b8725a941e85895d2c25fc1766919460b3e7050068c92f688da8f43b22506fd8f9e88e00dd992d2f4899e5911cf929f7f8bf9b558a9c791055b300704bd5ac836", 0x7a, 0x8}, {&(0x7f0000000480)="8fcdd53a057feeaf00dda6c5cd378ec386b364c8902dfbef9ddf67c92ecf1bf50da6c77f920e9f4097281bcafd14f1c662472982c9ef5f8aa10d968b31a05e6a93859e249d2ba3e235d4b6c504c7208c48e359689f8f5c7e66313f8e77c9bce1f26df3228bc6bdabe38f503fece77118eeb264edf026487ee478a04f32360f3c09f9d245cadfa3f28daf7345fc3c4469420629c88591f624f83766a78ca8129bff9df1de06169fc5b96826f1aaa5e5abaadb1b37b0be3310c89619762247fcc05885749ac330767e420b1bf6005985a1cb63d1791f67a7", 0xd7, 0xc1cc}], 0x100028, &(0x7f0000000800)={[{@test_dummy_encryption='test_dummy_encryption'}, {@init_itable_val={'init_itable', 0x3d, 0x7fff}}], [{@uid_eq={'uid', 0x3d, r0}}, {@uid_gt={'uid>', r1}}, {@dont_appraise='dont_appraise'}, {@uid_eq={'uid', 0x3d, r2}}, {@dont_appraise='dont_appraise'}, {@uid_gt={'uid>', r3}}]}) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', 0x0, 0x2001001, 0x0) syz_mount_image$ext4(0x0, &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x100020, &(0x7f0000000040)={[{@journal_dev={'journal_dev'}}]}) 04:53:03 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) 04:53:03 executing program 4: syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x28001) write$evdev(0xffffffffffffffff, &(0x7f0000000280)=[{}], 0x12) 04:53:03 executing program 2: syz_mount_image$xfs(&(0x7f0000000040)='xfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)=ANY=[@ANYPTR64=&(0x7f0000001100)=ANY=[@ANYRES64, @ANYBLOB="aa150421a22f0eba5b42b7eee8c93392e67e48131b9cb4fb58813744d1cd5cbf6b1a06f82a20948dcdeacde779cfd2e1de4005916bf98e85bda42b2733a8f156884e760efd", @ANYRES16, @ANYRES32, @ANYRESHEX, @ANYPTR64=&(0x7f00000000c0)=ANY=[@ANYRES32, @ANYBLOB="f1c5681323cca2d26995c657e64a14d309c21012eb6ea67b2bde208625221909969f755a2f70da9e7a688e1cc78c977094e9667de135990c45ac7ec135c0d27820489d22b4638d78f6d81571f43746e5ede033bbfbfc3deb03ab1b7f9b712d8856079d0be0ed134f88bf6f7f020b2d43c9d1fad749734ac61f0e84af0aeb7bdbebb7a04bcbdbf284c40d2e86607b2d4a78bfe050f3309bf994d1414cada64a2110672abe1a12d74af0b507db45962e5d3389caff2de19eb04630cd096bae65939f10bbef56378600ca98ec872ed7ac0e66a3c8d8f250c7584afd7ae11a7b49a9a535877c8515ad990fecec48a486cf06bd00ec337e00af1b24b2e5b57f3a718802dbe89ea453048eab7f62ae0afc061f15a4960d80824bc81723690d929689bcb0cf0c57e356047f4a99b0bcf3636ce9093f546c916c6c65335ec1517c63017886823179d10c1d9120b42e7398058a2c026c7fab2e09fbdb92bd8f99ce7f6a680e3fe35d058ad2f962bf8ec90d8e823631b908ad2adac6f59ccc5dcfa6a41f11198c4f02663d35e59d454458b4a13607740a474267d1a1018d2a5b0ac52ba39575acb09263e1c60b01691769b147812dfb21a9744cf22197963e546a48695bbf4102b493ddc8de257791082d27806e1485aef3a46fb0d6f2269011ffd59445eb9aad7f2ee2616f495948b642e4e27611efce699c34f0e8096a73bb43931ed8f5e6524597488322524b326d41f836285952356ece1ded661f2b607abb2f4241d7ed71640128877b75e8abb036f7607d038c83b0ea97e9e76f79d91f6d611e8a9f91fa95dcbb077b6a3a2a416846ff8f0a6ff22a82f9f35a938f50ca0876409f7cf16a7fa378d1dc6571591575e3e253732b1f52cecbac05fed88245b3ec269719d6a614371e0478405d2ae9245b3d14b3fa800a3038ff497a921c077a18861a564f122cfba6f44a97d9a39c4f420b119175a868ab8fa0cccab61de9b3dadecfd834982d8a616042a95605be567576ac25913cdafd07288ffd33fc401319a35b5acb26f9be7f62359aff5417717a03debdab7afe735e7e5a031b9b9563e92e0486781a8c84af0b3ad8be724f01d9c17c0b7fb0527378e7346982193cd9ef5ecac86a0e24c406a3ed30b818e7a992dc50a87bb54a5651f0e0c573638ccbb241092238130036004582f75b6621c3f4302548a07d2d14dd6b22a01d1fe0c1a3b78891e55791cfd5fe810612f2fed5057c5fb42087780025c399f389da66a80b6c9e044237763625cf2c5098883f39175810a0582a13a5a38b69ab9e1f7b65885cb59a362bf9db3c56916a2ec08fa07fa3b31cc3cfbe5b05a2d0dd55683c6aceac731fd059056e3661992f8944e6f6415d1500923d4657652755de76b3d564fa9487c6b2e03f403a3c0e2d437754f5b450abd065136960902163c2c55a5fdc9d1d9853695b0d615425895b6c330546ab6b5bffa8218fd977d0a2d11712dc986a3581bd0e3444303c570dabfb8b4664595e724f765db29474dc9513c1c917bc3dd7c7ea56fbe42db7c0393a0e29a670ae2852f9f1a2af3426e94eed6b17a9b5e2cc260c9be5157698ffbd6ed28b60d9f8cc11dbc75326aebc3b1dad668dad2e1746544d268489a087a039829e3a115e0888702b87f3220e1f0c3fa629b7f6a058a2f8a19aee07ceac1ef5a3d6e088c2651767248d61aef3cf97e921baf9c805e01f1fa4874272362ce10742376bde1f4d221f9f3f2328d11a3c6072b1cff8d21cd976eba7a674645bdd68b3095fd831a20f488146bc11783f84b7a0494af26c7bcfa6fae3910f0f55dbb83d6561aaa1e7aeae0efcd1079c0121f0407855e6e0257a439097d5acf039ba7af9d7d569510e175a12fae8314b58cc5540a73b9f5f08b5b93e76701c32f6aa779468d83b92c01c957265546f42ac12c355d5a38d8f9fb3afca147e275e4061c10d60ba1882765ed7a6bdee598e5ecc6940870f645037c2947be9eb172d52aa6cd6c54e37400b68efcf0371dbda906766ace62b05c3a012aba83e88292253a2049b0c4b7bead17eeb981fc803e439cfbe13c3b7a12b79eea94c7c1e3083f1509efc13b8cecd8140d4402bff4297fac6d5911c9e13e98cec2662d6b5594da1478cf8faf0090f2b2c7acf16ba4b18f0c58907d384c4608d58aa7ead40974eced1eee560d8ea710f2fec6acaa1ed14b126b80ea6a2cc784e5bce7f68023f3dfe9b517a845f4b283d3a7bd5cdde2c11188f98f0adac3963e695dd0cf339286c8867f998b8fb3053afb3861e51dfd1ac535a6c3cefc8b4d8b05870ffce72b5c368356d3088dbea38fafbb257eca3579f2ee332d91f3c5382b8f81ce5da011e95e56b7764cccd74bdafaa110bd99c7f8c09e7bd2e9fdc0b7418d35245cae79e939bcaa175d68c9bb4ecf20c9c4bedbc4f0ca28f6fb2b5005db6f78a877d343e9be4f73d919e24909af78bc9709fa3ccecbf0ffe0489c0e7e614d58dfac5b49fca38344873cb2efd1b72fc17ae56f9c4785ae1edb6b0f09161b223ce14bd1d89f837e6695fe85b472978f47d37df5c3366e6b7f2a8df29ddcb912fd373ac3cd81af6b968f07a84c1199b6efa0da290d45a7a5e0d02497d316801b426227c424288ef8043a15085dddc722f1724c805b168f03f0743e3aa68ac2356ae69b060ee26870c97d29e99699c865f676cd1d50fb7e55875e6856fbb0fb33e8b4a2d99949059a9dd09ae898e6199120b16ce0c4d77623aab1fa06b2d7d7369e8877cf5ce7636817c2607db6ecb91ad45b899392a4aa55f1f7719631c3b679cbd201a734bfdb1cdafef2acb3877bb8e9e4775d7c29d674e38c4a10275c75c8c06b35bb7d11f972ce5c352c001f24e03a4906ba18f2f319fe12e9ed1f29d2e1da555367f1b171a5e7cf9012bda62df9dbbedddc102c3c8f6f92d168986c0182141fa5510e025b784b30560aef65f0b6570ff72efd4d2e0cb4a848e8d6d4e05c1d0d1c2fbde75a1075708f3528c5c957b833dddc85a334e7888162614e66b341cadc56460537f39de25671bce1c78db0fc0780b9d75a04c401b3d746a12b8f754decf6f11130d5336d2fa45d197f8492f14592859abac20f2998ab6e8ec75f7771fff4ff778d5de5bd3641bd0bfdd30f9873a674da222d0a3be6ceebbb31e2401ad142b4ffd9280138fa752039c16361af3aac471127ae1e3a7ce2c7d4df06fd7747948946da808dfb2059216c025726d98e04fdb44db06555a85a05d3519c5a1486f780a352afad315b7bb3a85df903abaf142f3cf27baaace2fae0188915a692439221c5ce6ba06889751a7237e4be191e19d22fd9f34b6883dc648940b34995f36b412ba0d06293f16b38ba9e04a1c6f26ca877438568fbd07f984b43f7f6490415a67c19119b7d770716d3e5e60b1548d2197c739372c860591f999ada7af836db5e3b86b59b43195c13683ad26f1618160436c8e6c61391c77773a98ad7052909b6be19a2d6394e90f94c45fa40f9be80401606914e69eb60e837de333df63389b55742a2f67765c065858397d8b6e7eea3a06e3eaf6fa15170d124f55c265214358026c23beed5557badee7037bee4285950bcfe2b4ff5270bf93338e5af515d51e527b5c837b61600e29c6c60b59e2a9a254db89194b2e1ad776ed7b4e5bd4648ef081f5699af8fae779441ff9b09a10e4b9c434f3cb299ac76f800b5294ed996f4194cc1a79dbfec73be20ed92acbd84342ecace758dee7a529d7fdf072a5a6e69e8f97d388be32d3e793dd3b516d025c2a898712e5eefaf82e5680a1abaa9d01bd7fbeeb31e7b38759a41218aef55d8ab69836a439bf232f84896ff6c3247d3eb90d95c3692c6f04d3d01431ad2f59f69e2f12b679bbfef6fff97c52d40049588199473a4eba842bfb59f2f4586ed610f6c16a4aa5ebc618104f8e5c5bdd8ffe485a19bcf040e7ae065c7f691b8d7aee05225ebd48a43e4430d65f227a3e39fe6bea2ab6181a23309cc42d16955c627740221f1af0691d142d4dc873208531a634d5ef19c19d32b7eeac076ff81f467709d1649d38c77648d7e91c9372f92e7e8cc1a4e7f85d405aece1eda432e4c8dd4a48e9279f193933e000835749a2d50d6e3cbfc19f13186d85b912b7e1b598760d5839650237c0bb6542fc027473895f43e5900faa37951e777a38118349cd9aa1f1364728f82f48938d3e724e62081797bdc175baed4bcd10cfa6de1d8dabf1770f9c52cb62b123435334a47208961a87b8e7ea26eb293d545faad1e0f6981091b8c5ce3fdfb31ed8a30875620d518e7b50759ce067224ac63641f0debc20fb8cb4bb53d968b72146b3cdd1fab7f95c893386f3a7573803a4d4e5fb0a7e3f996780d0c96d279ea113d0a3904e30b2d7a1708a9577f6c2754dabd936f20ac0388a1fcbe92ed8ab4407436e6c903b7848e32d9052f29082552fdb640ad6f88f394d6f75a339691cd38e7a3ce3b908021a58a6cc6489002863faa70cdd3af2452ae8f7550af0baea8f5b00076d8c454489f703c2d45efd1e3a00843bad9c8558432378d85b3944fe049e83cdccff1cb80e2e6e0baf2327c06a2aa267683d27a54a0444a41953a29274a50dbf1884c4734a800ee32511fe3698b6208e86127565c1a40ecacdd820e45794d501567b7df8559050a4f7b5f2670cc3ebbcb66bc0980826b1f4af5b0397a6d4352d04145bfbd9092178247f486c8bf25be47a0053ad988c9be900aea54d37fc2127b9fb53d6c033aeba1e83f25299fa06c5fbff2440a9980cbb2f803e0fd2c5dc07351382080892a4dcbc291586b1a186ac8afa0b2a7e6b42ebd8f731d5b22b8ffdde490ff6fa2478268ebd5d9ab998bc91d1401c80433d78c1bccea71456b0c21b2d626b997900d71017a82271d93b6370008dd2bd4e5b5ca0fa9bd445f6231c18ada6ca03e504c85fd1b8799feae68c2700b0c7f902571895abc95c5ba06baef9b00b13341386c306442d6c0f172eb7c5a0ce1c3a81a3ba73e55cd2ba9bdab32303fa9cd5a8a6341e74046e3f5cd2cce7849f48189a46c697cdefe53afa9a015d0b1974d830c5e827af9ca7d1a7757a144b92c04d72e9a6744487316cb0de26ff5783976e355074850febd7e3a297a6f207b094646879f97cfafe37102b3d037c270951b3bcf90da89b97a288d50906cce5f2347e95bd4df7b524e137cd646e57a741f467b3b1f23592302f347987108a075c88a95d7bf44193b55bfead893b4ddf02f3f321b3c70d38b3901c62018af90d3822a42399cbc13fef5367781ca9d0003c051ba17cebaf938a1d2975d18727eea5350450547a6b993bd54d2e652270e008b3e252a9247c1fabf1bf5548788b33a2503e1d0bdccef6fe18fb6a18352451e612a63285658ed1e27b0cba201560bf8852dff9207f8f58b90273dddfa099e6a0585747085276baf4af50659c02699b32bfbedc746a027a512f1b76b53593980f050ace80cccc8642bec923d16dad11cde85913441a415e30d02f777899fd6e85a8e9f5b81df132ec6544d316f9bae8e8a259da6eedbd049f2e495d0b360be141ed0e88b7357277fe916c292849e958faef8cf34f9bf2e3387e67309baeca865b3349dd0c3513c48508f5f9b44f374c04429c8b2e6ef78e76c263e23e09bf0c8f402b36c77587ea54760408fec933ca0b668387e367c3a6c45fcf5404cf6670fe9c3028c87a0829f6d58ee5eaf6f3b0fd88f620ca6ae14bc6bf47701863a5ee9f3cca3ef51cf3771970f136cd8836b124a360018e256029a6287230d739c3078a8c"], @ANYRES16]]) [ 328.837192] 0 pages HighMem/MovableOnly [ 328.841223] 333222 pages reserved [ 328.844667] 0 pages cma reserved 04:53:03 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, &(0x7f0000000140)={0x0, @aes256}) 04:53:03 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) 04:53:03 executing program 4: syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x28001) write$evdev(0xffffffffffffffff, &(0x7f0000000280)=[{}], 0x12) [ 328.922045] syz-executor.5: vmalloc: allocation failure: 0 bytes, mode:0x14000c0(GFP_KERNEL), nodemask=(null) [ 328.949655] syz-executor.5 cpuset=syz5 mems_allowed=0-1 [ 328.962866] CPU: 1 PID: 20515 Comm: syz-executor.5 Not tainted 4.14.131 #25 [ 328.970450] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 328.979916] Call Trace: [ 328.979937] dump_stack+0x138/0x19c [ 328.979954] warn_alloc.cold+0x96/0x1af [ 328.979966] ? zone_watermark_ok_safe+0x2b0/0x2b0 [ 328.979979] ? lock_downgrade+0x6e0/0x6e0 [ 328.979995] ? avc_has_perm+0x2df/0x4b0 [ 328.990213] __vmalloc_node_range+0x3be/0x6a0 [ 328.990230] ? trace_hardirqs_on+0x10/0x10 [ 328.990244] vmalloc+0x46/0x50 [ 328.990254] ? sel_write_load+0x1a0/0x1050 04:53:04 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, &(0x7f0000000140)={0x0, @aes256}) [ 328.990261] sel_write_load+0x1a0/0x1050 [ 328.990271] ? save_trace+0x290/0x290 [ 328.990286] ? sel_read_bool+0x240/0x240 [ 328.990297] ? trace_hardirqs_on+0x10/0x10 [ 328.999368] ? save_trace+0x290/0x290 [ 328.999386] __vfs_write+0x105/0x6b0 [ 328.999396] ? __lock_is_held+0xb6/0x140 [ 328.999407] ? sel_read_bool+0x240/0x240 [ 328.999418] ? kernel_read+0x120/0x120 [ 329.007864] ? __lock_is_held+0xb6/0x140 [ 329.007877] ? check_preemption_disabled+0x3c/0x250 [ 329.007893] ? rcu_lockdep_current_cpu_online+0xf2/0x140 [ 329.007906] ? rcu_read_lock_sched_held+0x110/0x130 [ 329.007916] ? rcu_sync_lockdep_assert+0x6d/0xb0 [ 329.007926] ? __sb_start_write+0x153/0x2f0 [ 329.061102] vfs_write+0x198/0x500 [ 329.061119] SyS_write+0xfd/0x230 [ 329.061131] ? SyS_read+0x230/0x230 [ 329.061142] ? do_syscall_64+0x53/0x640 [ 329.061201] ? SyS_read+0x230/0x230 [ 329.071846] do_syscall_64+0x1e8/0x640 [ 329.071856] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 329.071872] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 329.071881] RIP: 0033:0x4597c9 04:53:04 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) 04:53:04 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, &(0x7f0000000140)={0x0, @aes256}) [ 329.071886] RSP: 002b:00007fbe448e1c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 329.071897] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000004597c9 [ 329.071901] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000004 [ 329.071905] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 329.071911] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fbe448e26d4 [ 329.071916] R13: 00000000004c97d2 R14: 00000000004e0bc8 R15: 00000000ffffffff [ 329.108546] XFS (loop2): Invalid superblock magic number 04:53:04 executing program 5: socket$inet_udplite(0x2, 0x2, 0x88) ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") r0 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000140)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r0, &(0x7f0000000000)=ANY=[], 0x0) 04:53:04 executing program 4: syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x28001) write$evdev(0xffffffffffffffff, &(0x7f0000000280)=[{}], 0x12) [ 329.126878] EXT4-fs (sda1): Test dummy encryption mount option ignored [ 329.143734] EXT4-fs (sda1): Unrecognized mount option "uid=00000000000000000000" or missing value [ 329.246979] syz-executor.5: vmalloc: allocation failure: 0 bytes, mode:0x14000c0(GFP_KERNEL), nodemask=(null) [ 329.267641] syz-executor.5 cpuset=syz5 mems_allowed=0-1 [ 329.274283] CPU: 1 PID: 20545 Comm: syz-executor.5 Not tainted 4.14.131 #25 [ 329.281433] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 329.290884] Call Trace: [ 329.293496] dump_stack+0x138/0x19c [ 329.297186] warn_alloc.cold+0x96/0x1af [ 329.301199] ? zone_watermark_ok_safe+0x2b0/0x2b0 [ 329.306229] ? lock_downgrade+0x6e0/0x6e0 [ 329.310394] ? avc_has_perm+0x2df/0x4b0 [ 329.314380] __vmalloc_node_range+0x3be/0x6a0 [ 329.318887] ? trace_hardirqs_on+0x10/0x10 [ 329.323136] vmalloc+0x46/0x50 [ 329.326343] ? sel_write_load+0x1a0/0x1050 [ 329.330582] sel_write_load+0x1a0/0x1050 [ 329.334654] ? save_trace+0x290/0x290 [ 329.338461] ? sel_read_bool+0x240/0x240 [ 329.342930] ? trace_hardirqs_on+0x10/0x10 [ 329.347327] ? save_trace+0x290/0x290 [ 329.351144] __vfs_write+0x105/0x6b0 [ 329.355076] ? __lock_is_held+0xb6/0x140 [ 329.359149] ? sel_read_bool+0x240/0x240 [ 329.363370] ? kernel_read+0x120/0x120 [ 329.367342] ? __lock_is_held+0xb6/0x140 [ 329.372214] ? check_preemption_disabled+0x3c/0x250 [ 329.377222] ? rcu_lockdep_current_cpu_online+0xf2/0x140 [ 329.382657] ? rcu_read_lock_sched_held+0x110/0x130 [ 329.388287] ? rcu_sync_lockdep_assert+0x6d/0xb0 [ 329.393695] ? __sb_start_write+0x153/0x2f0 [ 329.398025] vfs_write+0x198/0x500 [ 329.401552] SyS_write+0xfd/0x230 [ 329.405006] ? SyS_read+0x230/0x230 [ 329.408619] ? do_syscall_64+0x53/0x640 [ 329.412598] ? SyS_read+0x230/0x230 [ 329.416232] do_syscall_64+0x1e8/0x640 [ 329.420107] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 329.424951] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 329.430133] RIP: 0033:0x4597c9 [ 329.433303] RSP: 002b:00007fbe448e1c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 329.441015] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000004597c9 [ 329.448550] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000004 [ 329.456312] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 329.463578] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fbe448e26d4 [ 329.470835] R13: 00000000004c97d2 R14: 00000000004e0bc8 R15: 00000000ffffffff [ 329.480209] warn_alloc_show_mem: 1 callbacks suppressed [ 329.480212] Mem-Info: [ 329.485980] active_anon:121910 inactive_anon:1244 isolated_anon:0 [ 329.485980] active_file:8253 inactive_file:12929 isolated_file:0 [ 329.485980] unevictable:0 dirty:121 writeback:0 unstable:0 [ 329.485980] slab_reclaimable:12125 slab_unreclaimable:109642 [ 329.485980] mapped:59023 shmem:2616 pagetables:1202 bounce:0 [ 329.485980] free:1269934 free_pcp:323 free_cma:0 [ 329.522665] Node 0 active_anon:487640kB inactive_anon:4976kB active_file:32872kB inactive_file:51716kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:236092kB dirty:480kB writeback:0kB shmem:10464kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 438272kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 329.551657] Node 1 active_anon:0kB inactive_anon:0kB active_file:140kB inactive_file:0kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:4kB writeback:0kB shmem:0kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 329.586339] Node 0 DMA free:15908kB min:216kB low:268kB high:320kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 329.618840] lowmem_reserve[]: 0 2580 2580 2580 [ 329.624393] Node 0 DMA32 free:1282820kB min:36468kB low:45584kB high:54700kB active_anon:483392kB inactive_anon:4976kB active_file:32872kB inactive_file:51716kB unevictable:0kB writepending:480kB present:3129332kB managed:2644912kB mlocked:0kB kernel_stack:7488kB pagetables:4512kB bounce:0kB free_pcp:1344kB local_pcp:616kB free_cma:0kB [ 329.659366] lowmem_reserve[]: 0 0 0 0 [ 329.667847] Node 0 Normal free:0kB min:0kB low:0kB high:0kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:0kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB 04:53:04 executing program 0: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', 0x0, 0x2001001, 0x0) syz_mount_image$ext4(0x0, &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x100020, &(0x7f0000000040)={[{@journal_dev={'journal_dev'}}]}) r0 = dup2(0xffffffffffffff9c, 0xffffffffffffffff) ioctl$KVM_ARM_SET_DEVICE_ADDR(r0, 0x4010aeab, &(0x7f00000001c0)={0x6}) r1 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ubi_ctrl\x00', 0x240000, 0x0) bind$unix(r1, &(0x7f0000000140)=@abs={0x0, 0x0, 0x4e21}, 0x6e) 04:53:04 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, &(0x7f0000000140)={0x0, @aes256}) 04:53:04 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) 04:53:04 executing program 4: syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x28001) write$evdev(0xffffffffffffffff, &(0x7f0000000280)=[{}], 0x12) 04:53:04 executing program 2: prctl$PR_SET_MM(0x23, 0x5, &(0x7f0000ffc000/0x2000)=nil) r0 = openat$selinux_status(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/status\x00', 0x0, 0x0) ioctl$KVM_GET_LAPIC(r0, 0x8400ae8e, &(0x7f0000000040)={"fc5aa4d6f471a7aea291ff47628f45cd6f2d01445f1d9cb69d4230bc50eae117275fded47404d35cc0d21ec2959c59ab70d6bfd71f829da18e5ff82e2c79f9a86a414a5028a16cf06924dc67d5aadeba1b21fed78eb57a1ac09cc3d6892f11fc963332fd3076419eb7ff9599d60a8e31ff976ce90beeb1410ed6e884be2baccb8c446976567075be731a357919f9f4d5f9d956658ed7c3f9a7f9ab1d0a0ebe84f583182137d6f6a3f0aaaae7d8a394dce32249fa1171de10445f630ab65be3ca80e80ee09d8972b74045dcec3db9ea46cf9d44b8fe28693d8edd8d5e2c198c1d1f86527cdae8a9fd90ed04d3dcbda931d6a499349fca55c5ed84de216e72ac48e3cb5f7f52ccbc745b7c0c1417c595a566b77bb937b3fafa8d9bb17fd7ba4948404d0ca1de45bef40ee44b83320adf91678dfbe13e0f37921a9c4788c510ee89c7e78bf46bb791a3ac5de0c5fbb2bcb8718d13b8fd3a6e54497c68f7a933dbaee9929998d4fc3a2203b555e1c7bb1c764069492cb8195fe3f7916d8356dbaabd7b5ca3a3f4ec309e50968d1df635293d38b56db35fae6b644b6669d06bfc32723c2a74052f1432f6438406e130cf93c67aef38675984db38407bd819df6619563fc56052b91e011e3b7a26d992a1af5acf88e7d7146895d83bc72844b0e47e4a1624a2141e6f26066db7a60867560f62ab057149708ae532f4b0b86fb42783697947bdfdda8d6991902b79fa15e58b1c3a1998e8b504f160d55c0b3174416bbd17968eb47d3e3e8632715d32d11f8ca1359ab7134228f35850bd44e98172222ee123a09193b4be9e655f3cc237f5f74fd0101506cacd6cdc295ae5d478240cb91215640729a4e811e549c4cb87ef004bdbebd7f8b571b3d8653371a5cca8d344d51f3ebd318b751fb616540220b0861a933a34c225928dbffe48c5b997f0dd947e83059554cc9ed58928ce3e7b4ab74d933b0102baaa2ef292065b8f1141cb29f9aded69de9a229238d514af236d9819eeacae6b416b600ff524fee5043e6d3c9e38ff3d48892708f37041413ea4b977236c8930ebe168ceff19d4b01625da05e6c426a820662ed5dc9e9890134803668bc241ce6fb89eadf1f3353055f8b00b0548fa367127bc31a5b14949eb5e873b5b5c4e8ddce77ccd63bfcf8a4b5d3dab28881691fbeb268446549020a72aa4f9d37b58405be979ab224481ab34e43ddb1a309068d38641c858366efd9a0dc972708dcf9bbb239e75ac97c89c86d0374199e88db53e7466c1bdb0b7a4b0ab393ad1d1007dcd681e90bcfd9f19130e394d021f2ea079b7353a1cdf0dc06c54a84f21913b03cfc320e751f11f787257f9a1e02dd3d6fff5cc32a8e7e7234a2eb80c9342daa5823d7e1a24a5596a8bcd2b13759150a358710ab0a68241f51a2d7ba5f10bec5eecb4ee726f5d40ac3e7016f6"}) [ 329.698472] lowmem_reserve[]: 0 0 0 0 [ 329.702562] Node 1 Normal free:3786832kB min:53420kB low:66772kB high:80124kB active_anon:0kB inactive_anon:0kB active_file:140kB inactive_file:0kB unevictable:0kB writepending:4kB present:3932160kB managed:3870208kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 329.753069] lowmem_reserve[]: 0 0 0 0 [ 329.757072] Node 0 DMA: 1*4kB (U) 0*8kB 0*16kB 1*32kB (U) 2*64kB (U) 1*128kB (U) 1*256kB (U) 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15908kB [ 329.772251] Node 0 DMA32: 10588*4kB (UME) 2805*8kB (UME) 2747*16kB (UME) 1786*32kB (UME) 821*64kB (UM) 89*128kB (UM) 9*256kB (UME) 4*512kB (ME) 2*1024kB (UE) 2*2048kB (UE) 253*4096kB (M) = 1276616kB [ 329.791106] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB 04:53:04 executing program 2: r0 = syz_open_dev$adsp(&(0x7f00000000c0)='/dev/adsp#\x00', 0x6, 0x501800) setsockopt$TIPC_MCAST_BROADCAST(r0, 0x10f, 0x85) r1 = openat(0xffffffffffffffff, &(0x7f0000000000)='./file0\x00', 0x0, 0x120) setsockopt$inet_tcp_TCP_FASTOPEN_KEY(r1, 0x6, 0x21, &(0x7f0000000100)="1e40907833cdc57b0ad79c3e9691c001", 0x10) syz_mount_image$xfs(&(0x7f0000000040)='xfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000002680)=ANY=[@ANYBLOB="6e6f7265636f636572792c62696d734b7a653d1030303037763d2e00000000000000000000000000002d"]) 04:53:04 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) 04:53:04 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, &(0x7f0000000140)={0x0, @aes256}) 04:53:04 executing program 4: syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x28001) write$evdev(0xffffffffffffffff, &(0x7f0000000280)=[{}], 0x12) [ 329.810713] Node 1 Normal: 48*4kB (UE) 360*8kB (UME) 279*16kB (UME) 53*32kB (UME) 17*64kB (UME) 12*128kB (UE) 4*256kB (UM) 3*512kB (UE) 2*1024kB (ME) 5*2048kB (UME) 918*4096kB (M) = 3786832kB 04:53:04 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, &(0x7f0000000140)={0x0, @aes256}) [ 329.892304] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 329.916041] XFS (loop2): unknown mount option [norecocery]. [ 329.936711] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 329.942474] EXT4-fs (sda1): Cannot specify journal on remount [ 329.977865] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 330.002098] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 330.011635] 23763 total pagecache pages [ 330.016731] 0 pages in swap cache [ 330.022488] Swap cache stats: add 0, delete 0, find 0/0 [ 330.032776] Free swap = 0kB [ 330.036795] XFS (loop2): unknown mount option [norecocery]. [ 330.043434] Total swap = 0kB [ 330.046699] 1965979 pages RAM 04:53:05 executing program 5: socket$inet_udplite(0x2, 0x2, 0x88) ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") r0 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000140)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r0, &(0x7f0000000000)=ANY=[], 0x0) 04:53:05 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) [ 330.049892] 0 pages HighMem/MovableOnly [ 330.054662] 333222 pages reserved [ 330.059071] 0 pages cma reserved [ 330.069078] EXT4-fs (sda1): Cannot specify journal on remount [ 330.127312] syz-executor.5: vmalloc: allocation failure: 0 bytes, mode:0x14000c0(GFP_KERNEL), nodemask=(null) [ 330.141657] syz-executor.5 cpuset=syz5 mems_allowed=0-1 [ 330.147200] CPU: 1 PID: 20614 Comm: syz-executor.5 Not tainted 4.14.131 #25 [ 330.154309] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 330.163662] Call Trace: [ 330.166246] dump_stack+0x138/0x19c [ 330.170069] warn_alloc.cold+0x96/0x1af [ 330.174072] ? zone_watermark_ok_safe+0x2b0/0x2b0 [ 330.178947] ? lock_downgrade+0x6e0/0x6e0 [ 330.183378] ? avc_has_perm+0x2df/0x4b0 [ 330.187369] __vmalloc_node_range+0x3be/0x6a0 [ 330.191874] ? trace_hardirqs_on+0x10/0x10 [ 330.196116] vmalloc+0x46/0x50 [ 330.199288] ? sel_write_load+0x1a0/0x1050 [ 330.203773] sel_write_load+0x1a0/0x1050 [ 330.208221] ? save_trace+0x290/0x290 [ 330.212010] ? sel_read_bool+0x240/0x240 [ 330.216060] ? trace_hardirqs_on+0x10/0x10 [ 330.220292] ? save_trace+0x290/0x290 [ 330.224079] __vfs_write+0x105/0x6b0 [ 330.227861] ? __lock_is_held+0xb6/0x140 [ 330.231902] ? sel_read_bool+0x240/0x240 [ 330.235964] ? kernel_read+0x120/0x120 [ 330.239836] ? __lock_is_held+0xb6/0x140 [ 330.243881] ? check_preemption_disabled+0x3c/0x250 [ 330.248881] ? rcu_lockdep_current_cpu_online+0xf2/0x140 [ 330.256158] ? rcu_read_lock_sched_held+0x110/0x130 [ 330.261165] ? rcu_sync_lockdep_assert+0x6d/0xb0 [ 330.265918] ? __sb_start_write+0x153/0x2f0 [ 330.270250] vfs_write+0x198/0x500 [ 330.274218] SyS_write+0xfd/0x230 [ 330.277654] ? SyS_read+0x230/0x230 [ 330.281265] ? do_syscall_64+0x53/0x640 [ 330.285242] ? SyS_read+0x230/0x230 [ 330.288887] do_syscall_64+0x1e8/0x640 [ 330.292778] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 330.297625] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 330.302835] RIP: 0033:0x4597c9 [ 330.306004] RSP: 002b:00007fbe448e1c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 330.313695] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000004597c9 [ 330.320975] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000004 04:53:05 executing program 4: syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x28001) write$evdev(0xffffffffffffffff, &(0x7f0000000280)=[{}], 0x12) 04:53:05 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, &(0x7f0000000140)={0x0, @aes256}) 04:53:05 executing program 2: syz_mount_image$xfs(&(0x7f0000000040)='xfs\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000002680)=ANY=[@ANYBLOB="6e6f7294318b65636f766572792c62696f73697a653d303030303c3030303030b63030303030303030372c6c6f676465"]) r0 = syz_open_dev$cec(&(0x7f0000001540)='/dev/cec#\x00', 0x3, 0x2) ioctl$SNDRV_SEQ_IOCTL_GET_CLIENT_POOL(r0, 0xc058534b, &(0x7f0000001580)={0xfcea, 0x7f, 0x7, 0x7, 0x20, 0x2}) munlock(&(0x7f0000ff1000/0xf000)=nil, 0xf000) r1 = add_key(&(0x7f0000000080)='pkcs7_test\x00', &(0x7f00000000c0)={'syz', 0x3}, &(0x7f0000000100)="16bda76773a2d58db7258948b2ce32661a8db4cb1d728e2bd1000b31f75c343179a8791b11e8be4daa537635e63009f86b", 0x31, 0xfffffffffffffffc) r2 = add_key$user(&(0x7f0000000140)='user\x00', &(0x7f0000000180)={'syz', 0x2}, &(0x7f00000001c0)="3e9cbbf6f6bdaa31a49a2c6374116ab2ae950b474bd4e402e287091a508ed7446565dbe58f468ef0db5755664d80ccfe27fcd1063e42f2b8932b6897c60ff3673a0f349ee6e1cc0be92e5c4e65d1ed0259badd5cbb60a7add742f2ec4ab6fbb9ce8ed78e4b911fe1825fe7eb6c736cfd0dcc948f42cc06c0efea8a6d29f68bc86ead5341c642273e588b1e3456c60e90b69315f8f9be9bf6f2e2f8bb04b7130b0f224162bccbad96b7b3bf7dab3629c971a4f4ba4ce6783aee80f97fafaeec9503ff4e93aeeb7d4734215489462d819efab243779fb43cbd1b6d64fdae738be21dbe3d5f0558445f2c4fcd744f881831d192bb88555feadd7c4acd2e6a204ce8062ba92d8e47e38c64fb71044b72db69bbb60e12ef979dd7057a9a2230a7b9529ad1df39ff576727dc870947986bb37c9ecff0a910a2bc1f407eb0c771fd264f401d17fe82e433fea5f2171c86397f51a8e74ea4b5dd84647da3747a261125f3fd5f3988471055c5d95770ed8cb906b1714586052e8fbe0bf57d4d58c3469c84cad59d9ae2c160f3e0fd88916e21ef59be69dabdea64a224aec5872221404b1758ed7470b8e26f34c878fed8da1fed11d0556a6cf6da0b3e0fea8084f8b50ec5070836b5bbc4db2b5334edbe65c5d350fde63e545f8ff57b8981fc4e3317148a68946e55ea0c908db9eb4b97ca64f28d7c55d60f3921b7b6c3c180587ad47811f1a8a1c7e55fbd020375b8b3c2cab54f9c8c10223a49ac6926c9a228d852a3f126621d81b5c52555fd8ec34cf0620dd3df4e9dfdac8e833928e8b801a3cd9c2c2517eb0291cef06673b7b396f77af6928c19030fc07d0c2b9fe61da1a6fdd4beed63de44615f0f28ffa906e88c90c4d38809a6845c2b13374de371c07b63fe6b164c2b154bbc7f99634be49ad99044c3809bdbdcdcd57af31f48954fa162882a69f208c19fb66f8b530b13edf40f43a5d236492fd05f904777bb65498fd5d9bba0a8e3b6fe16bb8d9ef7d5edf865b21b919c977881c284ca15dea217b4f18e42fe5028049687cd4d06a8b6521541a8cb1e7d8c68148503826fb1a7504ede6f02afbdb892dae7b86e69823e2b8fa39de9b6e663eead5e9aac82fcf46762ae5fb94eea20be0db791e08b7b53e95659f19da469dabc36f18240c3628c71c07c442b921caea256f0edaf88f55c0889bcff6ebfe1a040617cac6db141e51eb64462fdbd35479257a40a712610ea691481678f74fb76cddcff3714a399cc379046e35ea56743a6dcc453efbf572a0a2b2ee09c3b07f53bb807dcc01713135597ffdf84e0989a5ec010d31fe636651b8821b33111b796bd9f231bec2fc78639ff190240040bbe913f2625699ee7a8f10395864b0126ad1145bc22b10beb4f993394e97df02e377a3ae1b664c89e701038a44b4cacd80e126938ab7c128ecad792605900b892ee444b84baccfb6e8a81703bf040571a2aaf6ce625c758ea0637e19e69a5f2ec9c1fb28889eee170ba5a2c36ff5c9f8d3f804d02331a6287ca86006ae45a3112bfc4c9c67e3c2b0ef957d6b209c180682ce7c40da7b070094ed6dd02cef11661a8859f1f7fafe269f4a7e86c93ff8acd5781db030e303bc939c2bcb8738df1927d2c92015534a366e6bc999d19c2ac4265f0345ffe7bd87759ced7c85b05b42609870aa96e4f78cbaa0bcf8e926b9ee4a85bdbcc3c720503d80c195cdfa095effcf81dae4c1a9636b012cac3ed8a4aab901bbd525e734d10a8245501019d972c3cf8cec55585fdef85282977576a18cc0b144fb4d5d5ad5eed1172c1ceb43fb49aadc9d8c4ff87267cbee7d5062b3602c1bea4dbcb318760b7195649f791e83bd028c52774c3be2ed7fe9c94b9fa4289651de137539fcc83876f4cba78fdadc891d6071b503ac318d9dfc8a83503d8be7ad449cd48eeeed25f473546b4b87f39fa07ce7c7b1132af35de7a7aeb84d7794f55e439cc01abd7d057564825e2e9ab8b65396de499ac8eb28f1cad5517f7cb4fb31e154218962fd7a638dec9acdf5ae5bbe0220f87713480e28bd6361ae654666b03b71620905dea604f328b4fa1e576ffffe63e6383ef6cec8e80eb549c0bbdd8f854c2efb4626d4058ad2192f28d516cdf10421dca771ad353359e3da48d68f500aa866d9910441d2809fc3802b32acb2422d4bb0b137a763326f2df6cd57139d0e4c5f3c60e607bd7e9160a37f49301e5ca4569193052bbafdd94f8b7954d16e4e7d87fae0ec70b938611a92979049fff989b1c3e3c94c013970724d6bbdafa0fb39862c88df06c4022a9ee96c602c6580399435c7953cf8325860cd3a9e866eef443d4fc39e7167ce320de71749802de6d28ad726632fd8d56a5c56f292bd9686c8846207615b3fa0008872ab790197a9c526d278f86ae5942a04a140c42a9c888d38090bf0b5de459c74c7b8fda068b8366f8898505d3cce331151df86752030d16792cbcb228a4010edde6193850da4d8965559a1f06de7270ced5577d86ccdd8c1b952346f29cae3b5264ae15739e6ef9fe39431b14abba759a1caa0e06986195d9bfe41f93d212c687ce69ce8fe71cff5c2976202b3ec47361b5c80f5054433d927ac155a7bcb17a2c24f48d1bdc3a6dd66f3437f183eaf02a76348e5454d56e497a2b4e0781e24c46d97168a4d3d4b21f89454bd742464edff15885a7a1233521a41492aa187ab66e47a3d2ad8e62b70203d43884aa35de6268d6927a39320df430fad57eb80653528d01ff33f5b8a64b5ffa55dd5c3004e045a48bd9e6c28b404086d7bcf40efa1f830f141126449a0630c59e85d8d0de9fc6cae4be40578512d05adc5c1bf1c61bc1a95ea0bfe7a6c207df4ccfd6fa1805a936cd56651d6620952d4058e5a71e5029bb135ea9db64fd4f1506d1c9d2c822a7ca1a192ab48e8a5b24a46b47370a167f92aa0decd6c418c92cd0ad14be6663938b41c6e4aa0cb3bf97b678d9605765ee0735ef619760080a9595a8dd5bee1eba8de98dc562a807e6b3515ffa7f23f3dda0ffb2772891795cf4a2812d73c2b91c4aaa398899c8792de9c023c0595186d484596a72e78d4e51f7cf4287ad726e0394bab69567e26611cbdfcb0abbdf07dc6c769112d44e4b30c4bae916bf2b2a0d68fc0fe68d1b6fd84f679600051e9aa6486ae4dd7f06e7b994555be17a1acec96b7602056919964017dc1a69f8ae4f135eccc32c6804f77802576ab2c0b73645ec83c60d472ec7391c9347cfde8242bd394f47f2b78b8db01bdb999a85f1335d6c65dce77c5bf5bd5a73eb2b911f44b182d0a59c91ad181061f7714f794d270fe7e4ad1b024ff0d57c5575af229b4d7ccbdc1c146d10624dde9d94eb492e2cbd6c8d01cdedb2f52c5087315719ae52cdcf0088fcbf60e24a02c8fd1a6f1a409deba698140c02505e7c887494f4fb9022ebda925687f5f2ef4e15ffe834ba064ee4d5aeadb0790710a79f8cf401da976391b096f1023d519b48bc62b6fbe6553c6ac0ca67801dc9777fcb3bcb6306049b760ccfe398ada4b42427a9dc4ee50ff22cf00c0813a0abfc4c3f6ed698e862719b190464bd6c1c6b799c8650475b1625a6d806f6395c35f14e810f7005134438451f787eb4928ec28efaef77d4bfc7e74913350a7df8cb1387d8d0a795a47442717d8b2181838bbb5be04bbc0930e50f964011fd21a37d72ecbd136316950ed16d87a495c2c556d0224b2c70c72845834a2141397a8da5908d37823c099a58e8d0cb36dd31eb020b32225004203b551de7e82a3d8b4abc06ef6d0f3525869ad348f9926ed825cc7d2f2a9c33fb578e1c64b1be3c623bb489a6c7ee5f3f9aa90d84d336450eb9849ca6507ce8e22094244d1f76f899092305eda8b7e2daeec3f63b1d38f3f8fa7abd1900f9af8e1d234f46b09568ab12db8e7547e7032dd5b9944b9662f39561f2a2cc8fc61b4907ebf72c52ae6b47247de84a44a742304f38839c37ebda44848dfaac3797cf9b3021ac3454060599236add2924faf5966e6510522df0b51165b16068e3b94ac2636ee0b87383f43a17c3a397764a436a584444dc5a6d7901181c80ca576fd41a4ddafb543395ebc489fe7363691b0af20ae57ed39114f9c4073dc16c27d1072d3cf7c44dacb2b33927a85d7e1e4de22364ecd8ee8d84bbeaa45a1dfe60bd89824d9581b8f61495bdc9fb48d2a4d9bfcf48d459f881c52c4cc58893273bb2388e6c57169b85a124f804e5d424d7a7959635ee6424d51b35597b5426cdeac227fc1a8caf9cd43145f54958f6468e94edaa1f3f0e29d8061d5e9d0129a3742f1cbd34239e6afa44136d9d729a415983c8f6e16a7ca7c243b0a998bfc5a4adfba228868ba244669e6bf80dfc0cc6e703fbd6a0cb97b804389fb23ed88f04d30148daa56092005f350356bc62fd9fd7ba523224d509f9bcd8406157823d401dc7929f817eea1ce250a6d6370a6b01d9c775e75e851f1accb1497d524c8d6d53e0efc9baf22e91099c92f1901bc5993ccf66aca27e6942d8cd3337c5e2043dc9da571209738318ff8aa65f681747db12c3d31e901e03085c8bd65b14991e93fe15a1e714cc1e7a3aba40b9f25516caa977bcd2e75428e1d263d20ffa1018f775dcc7d1ec52d54c4f12a78015824493dd1fe8ad96edd4a92f42096bc2c68721e3c18f45383ba4c0e71569581227a8f191d46eb66642a872a04053ccf13a18eabe4165e98a05b89b1dbbddbacd9dac6d5c8fd590ec7cc7c07c59976673cb150dbf979118f9ef12474e6ce4b18ecc4ed6ecd62f1d943aac286353cb65495e2e8c66f3035a1e1c015ca7281f65de3fcd81e75ff7e1d7051a2207bd952b6331b6a399a963a5090aba7420d24b6de83075b26748765d2fca455c82beadf8a2f184a9538691ca1a8237dcc5cd084bfb68797b880d45b0574d50dd86788cbe7ce9e19e4ae6dd20f88c72369e4750605a87fd87ae0907accd929fb08f337f47f7b3c13d9bb1a5f8caaba1d594869cfab8578e364557ff2cbec44163d10bfd4cda3380a45166a2354317a5cabdc500d3660a982cfaa290d8199234258613622ee0a64ee4a3ca62db0e7cde2e13c53857b1c65ff09253d79bd7ee2a8db75314590ff36b9730838bf01c9b199bf1c14fe0be6a11a3a2ad42b0580719ea4e6bcb81b3b770c3060894644133a4a66d76c068d8e3a087102fe9e4c49bc3c39f58d2b725a4e47a7d89887d6c7a4981c173b5a22770f89ea6947f0371a0c3beacc0858946773449b4b0231cbec1caa4918615695aa0905b63a5b9b69f247cf3b5062e5fce38a897421aadc62f4269322d2d4ec3c8e7eaba66c0ce3ca618a63fe8e7c5a2ace8f450689ed3c19efb24a84c21251062bd4dfd0d025e477733ee79a2c8bd61dcbc9558109c6a09a041dd40ed776a6563220e926824843353462001569421156c859e97419b8aa4a4370c6fe0c6cd5484f670f85c5f9c4a2f365eb091e6d43267cabdd4cc5a25c4eead3b7aa05fd32adb538748b7193122def14449ddfb2c12a6468bf46432f27aecfcc800ffb8c4dea95ba8029775befaa7eaa545e6c043b1a3f0ce5ec9751873ea7d37e17f7d139f55d112410a531974f9333ac6db58d9296e3d7db83538ad78f383e8122b90711356944e2120e4cdb7576aea2ef75cec5ec8882df74e66ffd7d2a180241cd46b0d9f9cba8ff73afb84cb4a6471efc259b2f57f8a8463ca66d747608cc7113354add2229b5b98dffb028be357a767f919c801e666a0839ecc79caae10b347ab13b8c956371d66554cc156f0", 0x1000, 0x0) r3 = add_key$user(&(0x7f00000011c0)='user\x00', &(0x7f0000001200)={'syz', 0x2}, &(0x7f0000001240)="c67dbe49a6f57b9c6a0c4da04947573744e89ba3600dc50845340ca9015867f5d10bf2372de08c8af600022bcc86e3882f110d859eabae5d5cf8d8af594e753a83bb020edece931c3f728597f50a0b0c21224e1461e6a484f7404cccfa50cd778518b80a1f18f57802e060b2a111f062140bef3593d62293c06943c59643360f13cf2b882b39989380e0206577e905800c6e367ef61224cac6575429b4490feafb1157a4b7c5c54268103d27374bc4739664207def8c90b1841637197fb767", 0xbf, 0xfffffffffffffff8) keyctl$dh_compute(0x17, &(0x7f0000001300)={r1, r2, r3}, &(0x7f0000001340)=""/101, 0x65, &(0x7f0000001500)={&(0x7f00000013c0)={'ghash-clmulni\x00'}, &(0x7f0000001400)="d8780a1e398796bc9a25076c4f0bbcfcb9c45688e92e7c6373689241ca463c556c9e47a2c5ba750ae2f172ed7a37131c7b04c0224d90083dffce39ff271a4882ec95660665a60e48a26491ba75eb730ae6535bed34bdc87070825543410f0849cf9be34aaebaf48ebd491f4e119f96d527256670fe85f0030ed06cee60fd348da2bb5b8511972ff33b18bbd7b4212199af4319900214e2b66b9bf4ef9cab69447f03d536a99fdf5280bf36d6adbad765ff9e9e8fab4e09bdb2761a09205cf6b82227545cac27b53ddfde1e7445", 0xcd}) 04:53:05 executing program 0: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', 0x0, 0x2001001, 0x0) syz_mount_image$ext4(0x0, &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x100020, &(0x7f0000000040)={[{@journal_dev={'journal_dev'}}]}) removexattr(&(0x7f0000000100)='./file0\x00', &(0x7f0000000140)=@known='system.posix_acl_access\x00') 04:53:05 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) 04:53:05 executing program 5: socket$inet_udplite(0x2, 0x2, 0x88) ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") r0 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000140)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r0, &(0x7f0000000000)=ANY=[], 0x0) [ 330.328547] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 330.335813] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fbe448e26d4 [ 330.343066] R13: 00000000004c97d2 R14: 00000000004e0bc8 R15: 00000000ffffffff 04:53:05 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) 04:53:05 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) [ 330.403179] XFS (loop2): unknown mount option [nor”1‹ecovery]. [ 330.433391] syz-executor.5: vmalloc: allocation failure: 0 bytes, mode:0x14000c0(GFP_KERNEL), nodemask=(null) 04:53:05 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, &(0x7f0000000140)={0x0, @aes256}) [ 330.452111] syz-executor.5 cpuset=syz5 mems_allowed=0-1 [ 330.462691] XFS (loop2): unknown mount option [nor”1‹ecovery]. [ 330.477740] CPU: 1 PID: 20633 Comm: syz-executor.5 Not tainted 4.14.131 #25 [ 330.484887] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 330.494334] Call Trace: [ 330.496946] dump_stack+0x138/0x19c 04:53:05 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) 04:53:05 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) [ 330.500592] warn_alloc.cold+0x96/0x1af [ 330.504584] ? zone_watermark_ok_safe+0x2b0/0x2b0 [ 330.509449] ? lock_downgrade+0x6e0/0x6e0 [ 330.513807] ? avc_has_perm+0x2df/0x4b0 [ 330.517795] __vmalloc_node_range+0x3be/0x6a0 [ 330.522303] ? trace_hardirqs_on+0x10/0x10 [ 330.526554] vmalloc+0x46/0x50 [ 330.529838] ? sel_write_load+0x1a0/0x1050 [ 330.534078] sel_write_load+0x1a0/0x1050 [ 330.538154] ? save_trace+0x290/0x290 [ 330.541963] ? sel_read_bool+0x240/0x240 [ 330.546035] ? trace_hardirqs_on+0x10/0x10 [ 330.550281] ? save_trace+0x290/0x290 04:53:05 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) [ 330.554175] __vfs_write+0x105/0x6b0 [ 330.557902] ? __lock_is_held+0xb6/0x140 [ 330.561971] ? sel_read_bool+0x240/0x240 [ 330.566047] ? kernel_read+0x120/0x120 [ 330.569947] ? __lock_is_held+0xb6/0x140 [ 330.574026] ? check_preemption_disabled+0x3c/0x250 [ 330.579061] ? rcu_lockdep_current_cpu_online+0xf2/0x140 [ 330.584517] ? rcu_read_lock_sched_held+0x110/0x130 [ 330.589572] ? rcu_sync_lockdep_assert+0x6d/0xb0 [ 330.594333] ? __sb_start_write+0x153/0x2f0 [ 330.598665] vfs_write+0x198/0x500 [ 330.602210] SyS_write+0xfd/0x230 [ 330.605684] ? SyS_read+0x230/0x230 [ 330.609325] ? do_syscall_64+0x53/0x640 [ 330.613297] ? SyS_read+0x230/0x230 [ 330.613311] do_syscall_64+0x1e8/0x640 [ 330.613319] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 330.613334] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 330.613343] RIP: 0033:0x4597c9 [ 330.613349] RSP: 002b:00007fbe448e1c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 330.613357] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000004597c9 04:53:05 executing program 4: syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x28001) write$evdev(0xffffffffffffffff, &(0x7f0000000280)=[{}], 0x12) 04:53:05 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) [ 330.613365] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000004 [ 330.620848] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 330.620854] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fbe448e26d4 [ 330.620859] R13: 00000000004c97d2 R14: 00000000004e0bc8 R15: 00000000ffffffff [ 330.636709] warn_alloc_show_mem: 1 callbacks suppressed [ 330.636713] Mem-Info: [ 330.656198] active_anon:121417 inactive_anon:1223 isolated_anon:0 [ 330.656198] active_file:8253 inactive_file:12942 isolated_file:0 [ 330.656198] unevictable:0 dirty:144 writeback:0 unstable:0 [ 330.656198] slab_reclaimable:12126 slab_unreclaimable:109544 [ 330.656198] mapped:59054 shmem:2594 pagetables:1203 bounce:0 [ 330.656198] free:1270516 free_pcp:256 free_cma:0 [ 330.689529] Node 0 active_anon:487736kB inactive_anon:4892kB active_file:32872kB inactive_file:51768kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:236216kB dirty:572kB writeback:0kB shmem:10376kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 432128kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 330.726065] EXT4-fs (sda1): Cannot specify journal on remount [ 330.758251] Node 1 active_anon:0kB inactive_anon:0kB active_file:140kB inactive_file:0kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:4kB writeback:0kB shmem:0kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 330.785809] Node 0 DMA free:15908kB min:216kB low:268kB high:320kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 330.816387] lowmem_reserve[]: 0 2580 2580 2580 04:53:05 executing program 2: syz_mount_image$xfs(&(0x7f0000000240)='xfs\x00', &(0x7f0000000080)='./file0\x00', 0x7, 0x0, 0x0, 0x4000000000, &(0x7f0000002680)=ANY=[]) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000000)={0x0, 0x0, 0x0}, &(0x7f00000000c0)=0xc) fstat(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) stat(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) setresgid(r0, r1, r2) [ 330.830141] Node 0 DMA32 free:1280548kB min:36468kB low:45584kB high:54700kB active_anon:485576kB inactive_anon:4892kB active_file:32872kB inactive_file:51768kB unevictable:0kB writepending:572kB present:3129332kB managed:2644912kB mlocked:0kB kernel_stack:7584kB pagetables:4812kB bounce:0kB free_pcp:1164kB local_pcp:564kB free_cma:0kB [ 330.894287] lowmem_reserve[]: 0 0 0 0 [ 330.898314] Node 0 Normal free:0kB min:0kB low:0kB high:0kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:0kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 330.931572] lowmem_reserve[]: [ 330.941808] 0 0 0 0 [ 330.945270] EXT4-fs (sda1): Cannot specify journal on remount [ 330.952139] Node 1 Normal free:3786832kB min:53420kB low:66772kB high:80124kB active_anon:0kB inactive_anon:0kB active_file:140kB inactive_file:0kB unevictable:0kB writepending:4kB present:3932160kB managed:3870208kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 330.980894] lowmem_reserve[]: 0 0 0 0 [ 330.985009] Node 0 DMA: 1*4kB (U) 0*8kB 0*16kB 1*32kB (U) 2*64kB (U) 1*128kB (U) 1*256kB (U) 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15908kB [ 330.998964] Node 0 DMA32: 10551*4kB (UME) 2825*8kB (UME) 2731*16kB (UME) 1797*32kB (UME) 821*64kB (UM) 89*128kB (UM) 9*256kB (UME) 4*512kB (ME) 2*1024kB (UE) 2*2048kB (UE) 254*4096kB (M) = 1280820kB [ 331.017364] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 331.028166] Node 1 Normal: 48*4kB (UE) 360*8kB (UME) 279*16kB (UME) 53*32kB (UME) 17*64kB (UME) 12*128kB (UE) 4*256kB (UM) 3*512kB (UE) 2*1024kB (ME) 5*2048kB (UME) 918*4096kB (M) = 3786832kB 04:53:06 executing program 0: setxattr(&(0x7f0000000100)='./file0\x00', &(0x7f0000000140)=@known='system.posix_acl_access\x00', &(0x7f0000000180)='journal_dev', 0xb, 0x2) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', 0x0, 0x2001001, 0x0) syz_mount_image$ext4(0x0, &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x100020, &(0x7f0000000040)={[{@journal_dev={'journal_dev'}}]}) 04:53:06 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) [ 331.045767] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 331.054809] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 331.063812] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 331.072737] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 331.081413] 23799 total pagecache pages [ 331.086694] 0 pages in swap cache [ 331.090244] Swap cache stats: add 0, delete 0, find 0/0 04:53:06 executing program 5: socket$inet_udplite(0x2, 0x2, 0x88) ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") r0 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000140)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r0, &(0x7f0000000000)=ANY=[], 0x0) 04:53:06 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, &(0x7f0000000140)={0x0, @aes256}) 04:53:06 executing program 4: syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x28001) write$evdev(0xffffffffffffffff, &(0x7f0000000280)=[{}], 0x12) 04:53:06 executing program 2: r0 = syz_open_dev$usbmon(&(0x7f0000000000)='/dev/usbmon#\x00', 0x9ea, 0x2000) r1 = fcntl$getown(r0, 0x9) kcmp(0x0, r1, 0x3, r0, r0) [ 331.095631] Free swap = 0kB [ 331.098728] Total swap = 0kB [ 331.101830] 1965979 pages RAM [ 331.104932] 0 pages HighMem/MovableOnly [ 331.108922] 333222 pages reserved [ 331.112461] 0 pages cma reserved 04:53:06 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) 04:53:06 executing program 2: syz_mount_image$xfs(&(0x7f0000000000)='xfs\x00', &(0x7f0000000080)='./file0\x00', 0xfffffffffffffffc, 0x27d, 0x0, 0x40000, &(0x7f0000000100)=ANY=[@ANYRESHEX]) [ 331.189670] syz-executor.5: vmalloc: allocation failure: 0 bytes, mode:0x14000c0(GFP_KERNEL), nodemask=(null) 04:53:06 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, &(0x7f0000000140)={0x0, @aes256}) 04:53:06 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) [ 331.234527] syz-executor.5 cpuset=syz5 mems_allowed=0-1 [ 331.259248] CPU: 0 PID: 20686 Comm: syz-executor.5 Not tainted 4.14.131 #25 [ 331.266399] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 331.275763] Call Trace: [ 331.278466] dump_stack+0x138/0x19c [ 331.282118] warn_alloc.cold+0x96/0x1af [ 331.286152] ? zone_watermark_ok_safe+0x2b0/0x2b0 [ 331.291020] ? lock_downgrade+0x6e0/0x6e0 [ 331.295182] ? avc_has_perm+0x2df/0x4b0 [ 331.299166] __vmalloc_node_range+0x3be/0x6a0 [ 331.303678] ? trace_hardirqs_on+0x10/0x10 [ 331.307918] vmalloc+0x46/0x50 [ 331.311115] ? sel_write_load+0x1a0/0x1050 [ 331.315360] sel_write_load+0x1a0/0x1050 [ 331.319434] ? save_trace+0x290/0x290 [ 331.323248] ? sel_read_bool+0x240/0x240 [ 331.327418] ? trace_hardirqs_on+0x10/0x10 [ 331.331677] ? save_trace+0x290/0x290 [ 331.335482] __vfs_write+0x105/0x6b0 [ 331.335494] ? __lock_is_held+0xb6/0x140 [ 331.335507] ? sel_read_bool+0x240/0x240 [ 331.343430] ? kernel_read+0x120/0x120 [ 331.343440] ? __lock_is_held+0xb6/0x140 [ 331.343455] ? check_preemption_disabled+0x3c/0x250 [ 331.343469] ? rcu_lockdep_current_cpu_online+0xf2/0x140 [ 331.343479] ? rcu_read_lock_sched_held+0x110/0x130 [ 331.343488] ? rcu_sync_lockdep_assert+0x6d/0xb0 [ 331.343497] ? __sb_start_write+0x153/0x2f0 [ 331.343508] vfs_write+0x198/0x500 [ 331.343521] SyS_write+0xfd/0x230 [ 331.343531] ? SyS_read+0x230/0x230 [ 331.343540] ? do_syscall_64+0x53/0x640 [ 331.343551] ? SyS_read+0x230/0x230 [ 331.357911] EXT4-fs (sda1): Cannot specify journal on remount [ 331.360521] do_syscall_64+0x1e8/0x640 [ 331.360530] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 331.360545] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 331.360553] RIP: 0033:0x4597c9 [ 331.360557] RSP: 002b:00007fbe448e1c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 04:53:06 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) 04:53:06 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, &(0x7f0000000140)={0x0, @aes256}) 04:53:06 executing program 4: syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x28001) write$evdev(0xffffffffffffffff, &(0x7f0000000280)=[{}], 0x12) [ 331.360567] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000004597c9 [ 331.360573] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000004 [ 331.360578] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 331.360584] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fbe448e26d4 [ 331.360589] R13: 00000000004c97d2 R14: 00000000004e0bc8 R15: 00000000ffffffff 04:53:06 executing program 0: mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', 0x0, 0x2001001, 0x0) syz_mount_image$ext4(0x0, &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x100020, &(0x7f0000000000)=ANY=[@ANYBLOB="6a6f7572630a6fe73e88a5cb2e78303030303030303030303030303030940ce12135302c00"]) 04:53:06 executing program 5: socket$inet_udplite(0x2, 0x2, 0x88) ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") r0 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000140)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r0, &(0x7f0000000000)=ANY=[], 0x0) 04:53:06 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) 04:53:06 executing program 2: r0 = getgid() syz_mount_image$jfs(&(0x7f0000000000)='jfs\x00', &(0x7f00000000c0)='./file0\x00', 0x400, 0x3, &(0x7f0000001200)=[{&(0x7f0000000100)="b3c0bf95e91ab5277512494b1731dde26b9670797bc4300d4a4d99ad7774b321a2cc078ab7ce6903c46a6464d2b75661549fc00ccb54ccdcceca979b40dd1d74d986c852427de95e4f350629370ce01e940dd3b1c77c0b87", 0x58, 0x5}, {&(0x7f0000000180)="352e95e21b636c9a96fe918f17b7766add219c8bd646bf5898d46b5cb5ae5495e122314ff90f51a03bec519431d1914af90598b33d043548205b2070510764b19ecb00fb74c883665cec3a925a32b6bba78c52b8e0b0282f46b26f9ec0dd002f0f22609bf3eb074fcb2ce05f72fcd4922a14f41110a1e7d36b1e9bbe8261663cb5fcc5d1d8994e68e1549fae31054d098788fdcfefec074d284e2bf5ee9a7f316115f604c52dd40ca7188827aa058640824da25c6bff2d99b9fdabbbe82b69b19c1842442b51e0c4cfacd9f9e8b63526293baced648170f1915721178b1910973480c9e41364bd2ace24db3886dd14999de8a275923af26de3ef912e1f11a175962e5ce687f172b14d323756de793d0819f9f4b66e4e561e36cfda380ed5864a297ec7eff69da180b4f8f1b427ae5867c4554bbe83d383a5c4ea70d1db4cadbc468f8f28e484185e563fc6e00a788b0f2f4acde4b0a75f6c2cc51e4ca243ece939004ab5a960d0f27b69e08736bb991cf40f0fb3f0da629d19772f358d498d46e8140bbbf1ed23fc5217b62e18510fbe4f36387a39c3f17a7f261dc927ecdda05c184e6575329e54b76168faad7b460fd6871d6e022ea6a500d2cebc8bccad45f1524f3bfa6fcf68eac9c51993689745285d5145bd6c0dcff47e58ee43e36d5135982e65670fed639675af8ba381626ab78524d51f70c8bc22f3bbfe085bc56d4c5da7385eacf019e3f538dc4550ee83e02d9fd5624c2280fb9bcce5ce522c5eabe6017e6d3cb859e3a1333e0bc62ce79ec83fd4ba4a697d4e7e908cf405cbcd414b1d9d0100bce2f5faf19a08e72ccb51546341f0608fa01dc97faf8e312fc03dc52de9481d42f66abd55360318aeca0bd68c21fb68b968c6e6c595368b517a3f265e09c3427a9d8a6b0b60071e94864c81c848bf27354357738707367c02ae895032ad42bc2a4e66b9b878fbdda7842dafd12f159e61e40626ff29d7aeab56313722115a097e72d1e13241b95f5ed759e66360dde2433b868687487bf9a44c41ee2f29de0bd4ee23932d89f491edf5da32671e516f5d15b2c26a9e2622b2c480ae8ae903f37c6fd5ab1b66038e9c48baefb913378c46aa168fb12008af028b9b2371ca274311f22dd594b59b0479569a57d365ffde2d4ab104b8bf581b5e606867ad5238787538a22ab6166a099e68b5e3c0afd8f36ea0d1862810aba95cc2faad3bea336312ddd2551f5d28cb3948b9317b9b389f3b78c544f5640c8a62d749d3c582be9de96d61b79bec448ff215cf8ae5e2dc47e83f88fb3ce6adb4dbdb16dcaaaccdd8858c821e539280c18b32f85735e254a229561385055bbbe8c7e18577657a90e691dd4de6ae35e470ca9f6541eb13ebbca797e90116c08a47a647ec65a1544d00de95533cb49f9a8ab7f4837a6968ecd0865314415d5475d2314a0e2897dd51f0c315761bbc181a6c31894c9d1c8c18a9997d42a368a733b0d38e9a0a2bb48207f43073dca844889ff52ae8ed682e373412057085c4d7980956aeefc9bc3b75ed41c4c060905b40ba8615e68c3dccc30034972c5d29be722f76ebc65d1c1f5bc90c51950a636e619a2d3cef99839d3755e40e789e3aeeb0542ae42ebbb0e9d8f0f81e19f883012a387101a088a780cd281b38ecf14490f10f5c3360ec28e6e3992add3a799544ced97f2d2f7a1d9b0d5d78a35501cde2c3af81c9f725407dff9698931469bc09736ab2d3b7129861e2494e57c4137ce4c036ea09c5c44aae55665a3102f5611ddf1ecdf2c9b4ad607c83433609db44ea1c9c384145b628ab25171eed0dcdb958321d575ef9df58ad7cb3d4ca3b754493c6c5c263c06eaf7696961c6a5e74e5210691882c74fe6a0896c6437bb7fb24233e2dec37191716473a0b2335999e0eb96885ff30e057e70eaad303f4862bfeb67ef37f06c3707640c0406f0a4248c42c4d0f7731db807054aba17323e0472b6b1e6325c8606064aae0484711e30d53d5f229abc53c0221b0c7053baa23d2b7db1c8899da694ddbdff84261be62a308ae9a90781217219c01d95139fb64638a40ee2a9c7adb6a6550fe203a4bf8755ff6aefdf83bfb73c0781d3b0f5dd80acdc893d642fba67c9557feccb7b00f6000c073b34bba94aaa626f63ea6e32d3edc0fd2bafae4ce74617b39010fc6545c6dc4aca8cf31997a997d4e4e6e327313287541faffddd65e5ae8930e9022b1eaab2903916428a4ab829b333d2d056b74356f68acd974921653b708745b96b76c9bbfaef62270b2827f0317c05f3877f6f2848c9acf0e59783539fe6ee87a0f42431923af7ccba4e0fd8eea59bdb2aeaaeff7dd209e123b0634f35ba0d2e700898cb40b138e0eb5c88f9cdff24db896a8e4ecdf48d89a8ef83d969e09cafb0bb32ef895a29e7f66a61a9ee02dda8d1c8c627bdd107c3f6f3440f8cbe6a3cf06c7d1ebda1b678c145e079ca6e22eb3e932630f4ad9e227f6ac5c9869155a29565b0bf80005d7e2844efd627f1a04a4a153f0f2d0d0e7aca6bc9189c0201be05cc283aae851e8295eec0f6fd8b1a465c8223f31732d72c656daf89914e7e1829b2f1d9cdff3cdb6f06fbf3d32e26555352dce6c5fee9a2aecef5ad8018e6f2ffbcd92148e369fa3283f77cf3a4cab6571fc57b75be7386726da2ea51a35ad6c05304f25a2e3f9c9edb125b2ecd33824f054d60adee6133c3a5357932506c41b2793ccf689654d1210a50ecab99f1b8ae325accae2f74aa725cc0fc9a70228e757a5614d72de79b8f17607e76aa1fd51260a6aaceb15a862f0dde6dade50371dd6e0b9af8a554157bfe088eb9a3f0a83173133ef4f00e4c7ed7809e7e4eef312c03d075639f69e1e29175c239ea5c07dfc0e3628819ae0402f5f2ef5a5e0d86647aa018a8249e3ffce43be6adbf91c8043e70372d585ccc393c33c0e8f13fd9cda2718ed2e6b686e39165315d42345b98d69f7b17321ef743385c6be09ea9274b535ee421faba82fd493165016a7719c6ed7dc64cf881b6e1789bbb0d1491200c1dfc003602b18d1e2bf587cf38867207f2ea69020a1c1cf27489ab9c07df5e90e9b7dd99b420eb8e8bcee8ad1520c30905c0335a263dadf28645c173f1535d2f77ee45ac10468fd2aa5cf268a073a9fdd4a29eee741ecd23127af0556531b0c946a238d5c67e04d42ee6bd1349b02e6c8c5d896cf28677c5ef3d4e48c6d260a0ca3e53f03dd0e9a907c15e9da32a68abba52ae79f11912c1766aefb2d68a1cb302a07ccca201946e749fe0e22806ef4f3a925df9bff8852330e3b89517ec9224815d3de8d3c11e0229a5fe2f0bdc7e6cf3e3663c611925e1a96aebc2b2e4c9b149861f8b64b0474c230e846d90d8e33c8a627bf1307584fec661cd6703288ce5ff182c5b6b7b2795a27f8936275afda2300103430d2f26eabdb586c64d50b02509dca8684ed57b13ee785cc9b25d22b17dd07ddc7366dfaa74294f018408207fd2371926b4206021f9f339663ea7aa7cf4e364042f96c8ed8584ae95b387340d02c6fccd1e00bda8356d99cd98e770b616a7401746fa41aa0998191d7f8b7297994bb61fc1d3b78226cbd8e83a7f7092fb96ec7364e8534669f46bceb0219fd2f1cf29cc618c982a31e4e189c2abac8d69bd7f2e173820a24cd24dd5e5a9d44d5ac59af35dd574733bbfad5c85b02e0547c0422de7204fe592b8244d0e4d08824d7946f5a642fbc7677ba4c62ecab48aa4bc0e292968b33d4f0268d27b174d6deca31aa09f6062692aad0f8d08cb2cbb56263574a827b453c973588a65f1289013cee3fa099412c84fef02d8fa98e986c474e3ea873628b3605a68fb72d9a8861061f27886f66428dbd93ab9789ddf0deda87401b86b01e8cda5005e076eb3c868f51966b5aca4e4e30d53e72c359f36e77bd8f6d93b032231d109919ce7885a7de44104482278cd78e2453e3e32847867dc95ec4d6fc64dc7e83fda3b87aee8714142fcc9e4bafda36c6d0c326a2f747590adadeb3eafaaa5224a46bb8374f32f929345ac1c0c5f88f9f58796140650aad4228d89c59b53b079f8642ef660f843abb0800ed0d947a6e145c77776f8b2d4ebe3481eb9147222472e7b503b7dc73b1178b02acdd737cd2ff480d96a6677f03aaccaa91483a35ce34217699affbe08941f1935b639de09c7926466e46e1c7389fb55033f85bc233bb1c5bdc45a330cd3f0589ace725bb1f4c7f9c4661622f89c6322ee0be52a8aa9403dd20573de2609f3ef8cd000b45856eb27b8f500e3d96c482695dc8752aa69c3a137dc5a99039fd417dc544ef1aa9eaabbfecfa9062aebb0c47b17dcfcf6c7f3c9366ea266af70f35a1cbd91c031015e7e81e60493cbd545628382d23082420220837677224b725dcbae98d6e5183effd32e3c498b9a7fa9da4ffdc615f7a207651308abafac50e3e4613157b21f995232e3af896c9f302f15686217433c02b005f91759fa820eb844d4b6e3466713d0f1170cb8d784ba4f8fe85b60141a0b05ea3abda7b13d8b3dfa901d97cf62fa4fc7d797a0377e5ac20649759bcc863e14a0b16f66ab85ca8f91a80ef6ed37c801d080725efeef1b0d19b15dfbc16e1ad7430111c402c6034cf28350751fc78a2649090eb0da046b7eac173123da27a0d14118d19524a2cd6641baa8a4d731ad42be3a11632f1de77a5b4e0507bf4c038a1d959755b9782d5447cadf30b8d621716c67157c901f2372abc52e965f65415f65dd35be6d98e54bfb0f2877b53de6392e5612bd6e9e14793706a1cb18b621d08ccab686b77feb83f1fcc8bb3f084cd045a7a781137c324d3154377f1faa5f639dca82980aadd22ce90a136fcaafa91ef270189bdf8b3fac937374518878a15a9c749bffe87a17ffebabf4baf91e0f929bfe410e42856018b7c03b6148496b6e7ebe388ff3d32edad0d712bd42addbf59c27aa223b9779129e5abc7129346633621c0e498a1067cb37e79885c8e152abb0ad7789c43d62dde61716f3c1f309a19fe3f8ccc96e1384b462410f3da1ca15483576fe18beae1269714064c812f372f08284547ff30e301519c050b9b4140d5e73bbca4e45db404253bff9bb62166f5361eae392aa0312ff7bc5d2eeb65069086ade2987c9d11bd1d7968b122f0187610ab0bbc0fe722c458b55a365a760edcf5c63ccb19330afff09d9b5b206fc0616b44a0e30846f9c59eee5f7b02108cdf583cf2663efe344b07bec53f20ca1c9a268e74ad741e90b5b2c5a5979b7688488c8be179a6823e23fd9720aa2ab2564a5a4a9e0aaa3795489f917fd80e1ab9e521e47951f23f2444332fe55f9555de1feb37194a44a4fbde7453e02d83d05575a7ed4e5ce445fe7b38347bc9fd3f73cd66e4528c75f6b6d7e03aee656cc32d1892794203b243019ce3a0e1d956bb66ac6a79c2283d33e4fba68782dac9014d40372d183438af027f1631591bed48b571e6047be905192cdd392c8cfc145986f686222b4e80e18bf2a30af9ffa9f97a171e9f002cc453012d68a7c7dcccf61cfc1827ddfc9b878cd7a5a8304ef79217e7366a22d34def7786ade3a828be378687d3c20ea1d54071b517875356cf1706eab3b322cbf492bee53e8f39191d845d02fc52645e8ebcb20020ce7631f9b87f55f3f5f659775ec15eef894b102ef7b7b0c4d25bd6cece0aaa8b16827a7e0454958d4a64232f140eb5e6692b8f5a2744052074f512fe3f6d3316ba6b67b8987a1dbe66ecd5fe6344b93b83e40da9f66832b177c97ae3768232db974f72", 0x1000, 0x3}, {&(0x7f0000001180)="8035a0f00f0e0f740bb7161529260d9d7c9fce5dc9a76e9916202c386e001cc6b93ab56280f99e8de7301703bf485fa0bec032f78d4ea969ac2dae72843612efc230b82dd117b3fdd41c4a4dfd6f8e818b17a67999416ef4480b042624245d6edd2d7f89de74aab4cb903767ff23f20f073002f49dc1ad7f", 0x78, 0x1000}], 0x400, &(0x7f0000001280)={[{@discard_size={'discard', 0x3d, 0xfffffffffffffffb}}, {@resize_size={'resize', 0x3d, 0x80000000}}, {@umask={'umask', 0x3d, 0x401}}, {@umask={'umask', 0x3d, 0x8000}}, {@gid={'gid', 0x3d, r0}}, {@errors_continue='errors=continue'}, {@umask={'umask', 0x3d, 0xfffffffffffffffd}}, {@resize_size={'resize', 0x3d, 0x1ff}}, {@nointegrity='nointegrity'}], [{@measure='measure'}]}) r1 = syz_open_dev$midi(&(0x7f0000001380)='/dev/midi#\x00', 0xffffffff, 0x400) r2 = syz_genetlink_get_family_id$tipc2(&(0x7f0000001400)='TIPCv2\x00') sendmsg$TIPC_NL_BEARER_ENABLE(r1, &(0x7f0000001580)={&(0x7f00000013c0), 0xc, &(0x7f0000001540)={&(0x7f0000001440)={0xdc, r2, 0x4, 0x70bd28, 0x25dfdbff, {}, [@TIPC_NLA_BEARER={0x48, 0x1, [@TIPC_NLA_BEARER_NAME={0x18, 0x1, @l2={'eth', 0x3a, 'veth1_to_bond\x00'}}, @TIPC_NLA_BEARER_UDP_OPTS={0x2c, 0x4, {{0x14, 0x1, @in={0x2, 0x4e23, @broadcast}}, {0x14, 0x2, @in={0x2, 0x4e21, @multicast1}}}}]}, @TIPC_NLA_MON={0x1c, 0x9, [@TIPC_NLA_MON_REF={0x8, 0x2, 0x1112}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x100000001}]}, @TIPC_NLA_MEDIA={0x50, 0x5, [@TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'udp\x00'}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'ib\x00'}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'eth\x00'}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'udp\x00'}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'udp\x00'}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'ib\x00'}, @TIPC_NLA_MEDIA_PROP={0x1c, 0x2, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0xd41}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x401}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x80000001}]}]}, @TIPC_NLA_NET={0x14, 0x7, [@TIPC_NLA_NET_ID={0x8}, @TIPC_NLA_NET_ADDR={0x8, 0x2, 0xffffffffffffffff}]}]}, 0xdc}, 0x1, 0x0, 0x0, 0x40}, 0x44000) syz_mount_image$xfs(&(0x7f0000000040)='xfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000002680)=ANY=[@ANYBLOB='norecovery,biosize=00000000000000000007,logdev=.']) 04:53:06 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, &(0x7f0000000140)={0x0, @aes256}) 04:53:06 executing program 4: syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x28001) write$evdev(0xffffffffffffffff, &(0x7f0000000280)=[{}], 0x12) 04:53:06 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) 04:53:06 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, &(0x7f0000000140)={0x0, @aes256}) [ 331.578256] syz-executor.5: vmalloc: allocation failure: 0 bytes, mode:0x14000c0(GFP_KERNEL), nodemask=(null) [ 331.597001] JFS: discard option not supported on device [ 331.632840] syz-executor.5 cpuset=syz5 mems_allowed=0-1 [ 331.646758] CPU: 0 PID: 20728 Comm: syz-executor.5 Not tainted 4.14.131 #25 [ 331.653903] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 331.653909] Call Trace: [ 331.653928] dump_stack+0x138/0x19c [ 331.653944] warn_alloc.cold+0x96/0x1af [ 331.653956] ? zone_watermark_ok_safe+0x2b0/0x2b0 [ 331.678318] ? lock_downgrade+0x6e0/0x6e0 04:53:06 executing program 4: syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x28001) write$evdev(0xffffffffffffffff, &(0x7f0000000280)=[{}], 0x12) [ 331.682471] ? avc_has_perm+0x2df/0x4b0 [ 331.682490] __vmalloc_node_range+0x3be/0x6a0 [ 331.682504] ? trace_hardirqs_on+0x10/0x10 [ 331.682514] vmalloc+0x46/0x50 [ 331.682523] ? sel_write_load+0x1a0/0x1050 [ 331.682531] sel_write_load+0x1a0/0x1050 [ 331.682539] ? save_trace+0x290/0x290 [ 331.682555] ? sel_read_bool+0x240/0x240 [ 331.682565] ? trace_hardirqs_on+0x10/0x10 [ 331.682576] ? save_trace+0x290/0x290 [ 331.682590] __vfs_write+0x105/0x6b0 [ 331.682599] ? __lock_is_held+0xb6/0x140 [ 331.682607] ? sel_read_bool+0x240/0x240 [ 331.682615] ? kernel_read+0x120/0x120 [ 331.682625] ? __lock_is_held+0xb6/0x140 [ 331.702713] ? check_preemption_disabled+0x3c/0x250 [ 331.702732] ? rcu_lockdep_current_cpu_online+0xf2/0x140 [ 331.702742] ? rcu_read_lock_sched_held+0x110/0x130 [ 331.702752] ? rcu_sync_lockdep_assert+0x6d/0xb0 [ 331.710607] ? __sb_start_write+0x153/0x2f0 [ 331.710621] vfs_write+0x198/0x500 [ 331.710634] SyS_write+0xfd/0x230 [ 331.710643] ? SyS_read+0x230/0x230 [ 331.710653] ? do_syscall_64+0x53/0x640 04:53:06 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, &(0x7f0000000140)={0x0, @aes256}) 04:53:06 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, &(0x7f0000000140)={0x0, @aes256}) [ 331.710663] ? SyS_read+0x230/0x230 [ 331.710673] do_syscall_64+0x1e8/0x640 [ 331.710681] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 331.710696] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 331.730604] RIP: 0033:0x4597c9 [ 331.730611] RSP: 002b:00007fbe448e1c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 331.730622] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000004597c9 [ 331.730628] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000004 [ 331.730634] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 04:53:06 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, &(0x7f0000000140)={0x0, @aes256}) [ 331.730640] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fbe448e26d4 [ 331.730645] R13: 00000000004c97d2 R14: 00000000004e0bc8 R15: 00000000ffffffff [ 331.757700] warn_alloc_show_mem: 1 callbacks suppressed [ 331.757704] Mem-Info: [ 331.866320] XFS (loop2): no-recovery mounts must be read-only. [ 331.872349] active_anon:121914 inactive_anon:1223 isolated_anon:0 [ 331.872349] active_file:8253 inactive_file:12964 isolated_file:0 [ 331.872349] unevictable:0 dirty:184 writeback:0 unstable:0 [ 331.872349] slab_reclaimable:12127 slab_unreclaimable:109512 [ 331.872349] mapped:59038 shmem:2594 pagetables:1194 bounce:0 [ 331.872349] free:1270067 free_pcp:333 free_cma:0 [ 331.907552] Node 0 active_anon:487656kB inactive_anon:4892kB active_file:32872kB inactive_file:51856kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:236152kB dirty:736kB writeback:0kB shmem:10376kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 432128kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 331.936622] Node 1 active_anon:0kB inactive_anon:0kB active_file:140kB inactive_file:0kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:4kB writeback:0kB shmem:0kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no 04:53:06 executing program 0: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', 0x0, 0x2001001, 0x0) syz_mount_image$ext4(0x0, &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x100020, &(0x7f0000000040)={[{@journal_dev={'journal_dev'}}]}) openat$proc_capi20ncci(0xffffffffffffff9c, &(0x7f0000000200)='/proc/capi/capi20ncci\x00', 0x40000, 0x0) r0 = syz_open_dev$vbi(&(0x7f0000000240)='/dev/vbi#\x00', 0x2, 0x2) fcntl$getownex(r0, 0x10, &(0x7f0000000280)={0x0, 0x0}) ptrace$setregs(0xf, r1, 0x67, &(0x7f0000000140)="5fedbeb409e11abcb65323fc640952431f01ed00d56c0a25c8a18a2fb5449573729a1c14035bbadb7ac319bc18cc01d7f11cbbc7c9d898ca3d0fff6a6beacd9e258d3715f66da5be1387fdb2") [ 331.963235] Node 0 DMA free:15908kB min:216kB low:268kB high:320kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 332.049737] lowmem_reserve[]: 0 2580 2580 2580 [ 332.055503] Node 0 DMA32 free:1284896kB min:36468kB low:45584kB high:54700kB active_anon:481448kB inactive_anon:4892kB active_file:32872kB inactive_file:51856kB unevictable:0kB writepending:736kB present:3129332kB managed:2644912kB mlocked:0kB kernel_stack:7456kB pagetables:4628kB bounce:0kB free_pcp:720kB local_pcp:592kB free_cma:0kB [ 332.101654] EXT4-fs (sda1): Cannot specify journal on remount [ 332.117031] lowmem_reserve[]: 0 0 0 0 [ 332.123363] Node 0 Normal free:0kB min:0kB low:0kB high:0kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:0kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 332.149912] lowmem_reserve[]: 0 0 0 0 [ 332.153871] Node 1 Normal free:3786832kB min:53420kB low:66772kB high:80124kB active_anon:0kB inactive_anon:0kB active_file:140kB inactive_file:0kB unevictable:0kB writepending:4kB present:3932160kB managed:3870208kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 332.183662] lowmem_reserve[]: 0 0 0 0 [ 332.187463] Node 0 DMA: 1*4kB (U) 0*8kB 0*16kB 1*32kB (U) 2*64kB (U) 1*128kB (U) 1*256kB (U) 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15908kB [ 332.208703] Node 0 DMA32: 10640*4kB (UME) 2715*8kB (UME) 2695*16kB (UME) 1816*32kB (UME) 823*64kB (UM) 89*128kB (UM) 9*256kB (UME) 4*512kB (ME) 2*1024kB (UE) 3*2048kB (UME) 254*4096kB (M) = 1282504kB [ 332.227273] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 332.238067] Node 1 Normal: 48*4kB (UE) 360*8kB (UME) 279*16kB (UME) 53*32kB (UME) 17*64kB (UME) 12*128kB (UE) 4*256kB (UM) 3*512kB (UE) 2*1024kB (ME) 5*2048kB (UME) 918*4096kB (M) = 3786832kB [ 332.258138] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 332.267065] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 332.267074] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 332.267081] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 332.267085] 23813 total pagecache pages [ 332.267098] 0 pages in swap cache 04:53:07 executing program 5: socket$inet_udplite(0x2, 0x2, 0x88) ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") r0 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000140)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r0, &(0x7f0000000000)=ANY=[], 0x0) 04:53:07 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, &(0x7f0000000140)={0x0, @aes256}) 04:53:07 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) 04:53:07 executing program 4: syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x28001) write$evdev(0xffffffffffffffff, &(0x7f0000000280)=[{}], 0x12) 04:53:07 executing program 2: syz_mount_image$xfs(&(0x7f0000000100)='xfs\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000002680)=ANY=[]) [ 332.267104] Swap cache stats: add 0, delete 0, find 0/0 [ 332.267108] Free swap = 0kB [ 332.267111] Total swap = 0kB [ 332.267117] 1965979 pages RAM [ 332.267120] 0 pages HighMem/MovableOnly [ 332.267124] 333222 pages reserved [ 332.267128] 0 pages cma reserved [ 332.316441] syz-executor.5: [ 332.323962] vmalloc: allocation failure: 0 bytes, mode:0x14000c0(GFP_KERNEL), nodemask=(null) 04:53:07 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, &(0x7f0000000140)={0x0, @aes256}) 04:53:07 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) 04:53:07 executing program 4: syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x28001) write$evdev(0xffffffffffffffff, &(0x7f0000000280)=[{}], 0x12) [ 332.371331] syz-executor.5 cpuset=syz5 mems_allowed=0-1 [ 332.410956] CPU: 1 PID: 20774 Comm: syz-executor.5 Not tainted 4.14.131 #25 [ 332.418102] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 332.429945] Call Trace: [ 332.432543] dump_stack+0x138/0x19c [ 332.436185] warn_alloc.cold+0x96/0x1af [ 332.440179] ? zone_watermark_ok_safe+0x2b0/0x2b0 [ 332.445037] ? lock_downgrade+0x6e0/0x6e0 [ 332.449203] ? avc_has_perm+0x2df/0x4b0 [ 332.453281] __vmalloc_node_range+0x3be/0x6a0 [ 332.457793] ? trace_hardirqs_on+0x10/0x10 [ 332.462043] vmalloc+0x46/0x50 [ 332.465778] ? sel_write_load+0x1a0/0x1050 04:53:07 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) 04:53:07 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) [ 332.470456] sel_write_load+0x1a0/0x1050 [ 332.474526] ? save_trace+0x290/0x290 [ 332.478343] ? sel_read_bool+0x240/0x240 [ 332.482414] ? trace_hardirqs_on+0x10/0x10 [ 332.486658] ? save_trace+0x290/0x290 [ 332.490474] __vfs_write+0x105/0x6b0 [ 332.494197] ? __lock_is_held+0xb6/0x140 [ 332.498268] ? sel_read_bool+0x240/0x240 [ 332.502337] ? kernel_read+0x120/0x120 [ 332.506235] ? __lock_is_held+0xb6/0x140 [ 332.510137] XFS (loop2): Invalid superblock magic number [ 332.510305] ? check_preemption_disabled+0x3c/0x250 04:53:07 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) [ 332.520763] ? rcu_lockdep_current_cpu_online+0xf2/0x140 [ 332.526327] ? rcu_read_lock_sched_held+0x110/0x130 [ 332.531462] ? rcu_sync_lockdep_assert+0x6d/0xb0 [ 332.536227] ? __sb_start_write+0x153/0x2f0 [ 332.540690] vfs_write+0x198/0x500 [ 332.544243] SyS_write+0xfd/0x230 [ 332.547797] ? SyS_read+0x230/0x230 [ 332.551454] ? do_syscall_64+0x53/0x640 [ 332.555447] ? SyS_read+0x230/0x230 [ 332.559496] do_syscall_64+0x1e8/0x640 [ 332.564449] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 332.569659] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 332.575651] RIP: 0033:0x4597c9 [ 332.578857] RSP: 002b:00007fbe448e1c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 332.586655] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000004597c9 [ 332.593914] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000004 [ 332.601168] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 332.608439] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fbe448e26d4 [ 332.615834] R13: 00000000004c97d2 R14: 00000000004e0bc8 R15: 00000000ffffffff [ 332.637890] EXT4-fs (sda1): Cannot specify journal on remount 04:53:07 executing program 0: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', 0x0, 0x2001001, 0x0) syz_mount_image$ext4(0x0, &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x100020, &(0x7f00000003c0)=ANY=[@ANYBLOB="6a6f75726e616c5f6465763d3078303030303030303030303030203030302c00075d2102495722df6024cd8087292dc3ecfa9ffde0ca60357540fee69e428fa2e6640d9a474c6c83539ff7f5f516018f8a7feee148e5718c8001da09036ec5280fc01f08e6b83760c5efe958263e5cc195552c1ab5e2e43eeb47a03ce7184aa4bf31d9cde7d411f3d3ce103da7c2654e54fdd7e0b0f239cae2bd8bf887e2a0cedaf606a4a02075a7be607f3e98846c72e4d81f6cd1b6fd324654450544e16eb8e6e156eba4e51a86c1a069b20e62b93e791787b872d73b2b56"]) r0 = syz_open_dev$dmmidi(&(0x7f0000000340)='/dev/dmmidi#\x00', 0x1, 0x200) ioctl$BLKIOOPT(r0, 0x1279, &(0x7f0000000380)) pipe2(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}, 0x84800) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x18, 0xfa00, {0x1, &(0x7f0000000180)={0xffffffffffffffff}, 0x111}}, 0x20) write$RDMA_USER_CM_CMD_RESOLVE_ADDR(r1, &(0x7f0000000200)={0x15, 0x110, 0xfa00, {r2, 0x762, 0x0, 0x0, 0x0, @in={0x2, 0x4e22, @empty}, @ib={0x1b, 0xac, 0x68c, {"d14d0449cd012dcf42d66051f9798c9e"}, 0x0, 0xfffffffffffffe18, 0x1000}}}, 0x118) ioctl$TIOCMSET(r0, 0x5418, &(0x7f0000000100)=0x2) 04:53:07 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) 04:53:07 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, &(0x7f0000000140)={0x0, @aes256}) 04:53:07 executing program 5: socket$inet_udplite(0x2, 0x2, 0x88) ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") r0 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000140)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r0, &(0x7f0000000000)=ANY=[], 0x0) 04:53:07 executing program 4: syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x28001) write$evdev(0xffffffffffffffff, &(0x7f0000000280)=[{}], 0x12) 04:53:07 executing program 2: syz_mount_image$xfs(&(0x7f0000000040)='xfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000002680)=ANY=[@ANYBLOB='norecovery,biosize=00000000000000000007,logdev=.']) fstat(0xffffffffffffff9c, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffff9c, 0x0, 0x11, &(0x7f00000001c0)={{{@in6=@mcast1, @in=@multicast2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@ipv4={[], [], @loopback}}, 0x0, @in6=@dev}}, &(0x7f00000002c0)=0xe8) lstat(&(0x7f0000000300)='./file0\x00', &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, 0x0}) mount$9p_xen(&(0x7f0000000000)='securityppp1vmnet0\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='9p\x00', 0x2, &(0x7f00000003c0)={'trans=xen,', {[{@cache_mmap='cache=mmap'}, {@debug={'debug', 0x3d, 0x5}}, {@dfltgid={'dfltgid', 0x3d, r0}}, {@nodevmap='nodevmap'}, {@access_uid={'access', 0x3d, r1}}, {@access_uid={'access', 0x3d, r2}}, {@version_9p2000='version=9p2000'}], [{@smackfsdef={'smackfsdef'}}, {@appraise_type='appraise_type=imasig'}]}}) 04:53:07 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, &(0x7f0000000140)={0x0, @aes256}) [ 332.808372] syz-executor.5: vmalloc: allocation failure: 0 bytes, mode:0x14000c0(GFP_KERNEL), nodemask=(null) [ 332.831146] syz-executor.5 cpuset=syz5 mems_allowed=0-1 [ 332.839756] XFS (loop2): no-recovery mounts must be read-only. [ 332.846542] CPU: 0 PID: 20828 Comm: syz-executor.5 Not tainted 4.14.131 #25 [ 332.853662] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 332.863079] Call Trace: [ 332.865723] dump_stack+0x138/0x19c [ 332.869343] warn_alloc.cold+0x96/0x1af [ 332.873302] ? zone_watermark_ok_safe+0x2b0/0x2b0 [ 332.878132] ? lock_downgrade+0x6e0/0x6e0 [ 332.882285] ? avc_has_perm+0x2df/0x4b0 [ 332.886354] __vmalloc_node_range+0x3be/0x6a0 [ 332.890833] ? trace_hardirqs_on+0x10/0x10 [ 332.895065] vmalloc+0x46/0x50 [ 332.898255] ? sel_write_load+0x1a0/0x1050 [ 332.902565] sel_write_load+0x1a0/0x1050 [ 332.906606] ? finish_task_switch+0x178/0x650 [ 332.911083] ? save_trace+0x290/0x290 [ 332.914868] ? sel_read_bool+0x240/0x240 [ 332.918917] ? trace_hardirqs_on+0x10/0x10 [ 332.923130] ? save_trace+0x290/0x290 [ 332.926918] __vfs_write+0x105/0x6b0 [ 332.930612] ? __lock_is_held+0xb6/0x140 [ 332.934652] ? sel_read_bool+0x240/0x240 [ 332.938695] ? kernel_read+0x120/0x120 [ 332.942561] ? __lock_is_held+0xb6/0x140 [ 332.946614] ? check_preemption_disabled+0x3c/0x250 [ 332.951629] ? rcu_lockdep_current_cpu_online+0xf2/0x140 [ 332.957074] ? rcu_read_lock_sched_held+0x110/0x130 [ 332.962072] ? rcu_sync_lockdep_assert+0x6d/0xb0 [ 332.966991] ? __sb_start_write+0x153/0x2f0 [ 332.971295] vfs_write+0x198/0x500 [ 332.974831] SyS_write+0xfd/0x230 [ 332.978265] ? SyS_read+0x230/0x230 [ 332.981881] ? do_syscall_64+0x53/0x640 [ 332.985937] ? SyS_read+0x230/0x230 [ 332.989547] do_syscall_64+0x1e8/0x640 [ 332.993415] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 332.998240] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 333.003409] RIP: 0033:0x4597c9 04:53:07 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) [ 333.006592] RSP: 002b:00007fbe448e1c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 333.014284] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000004597c9 [ 333.021543] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000004 [ 333.028880] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 333.036508] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fbe448e26d4 [ 333.043766] R13: 00000000004c97d2 R14: 00000000004e0bc8 R15: 00000000ffffffff 04:53:08 executing program 4: syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x28001) write$evdev(0xffffffffffffffff, &(0x7f0000000280)=[{}], 0x12) [ 333.057136] 9pnet: Could not find request transport: xen 04:53:08 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, &(0x7f0000000140)={0x0, @aes256}) [ 333.133322] EXT4-fs (sda1): Unrecognized mount option "journal_dev=0x000000000000 000" or missing value [ 333.146226] XFS (loop2): no-recovery mounts must be read-only. [ 333.168543] 9pnet_virtio: no channels available for device securityppp1vmnet0 [ 333.171606] warn_alloc_show_mem: 1 callbacks suppressed 04:53:08 executing program 2: r0 = socket(0x8000000000000010, 0x2, 0x0) write(r0, &(0x7f0000000040)="2400000020000532006b000420edea20025900080110b5000010ffea08000100050000b7", 0x24) syz_mount_image$xfs(&(0x7f0000000040)='xfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000002680)=ANY=[@ANYBLOB='norecovery,biosize=00000000000000000007,logdev=.']) [ 333.171610] Mem-Info: [ 333.192329] active_anon:121398 inactive_anon:1220 isolated_anon:0 [ 333.192329] active_file:8253 inactive_file:12980 isolated_file:0 [ 333.192329] unevictable:0 dirty:202 writeback:0 unstable:0 [ 333.192329] slab_reclaimable:12120 slab_unreclaimable:109223 [ 333.192329] mapped:59069 shmem:2594 pagetables:1168 bounce:0 [ 333.192329] free:1271068 free_pcp:303 free_cma:0 [ 333.255233] Node 0 active_anon:483400kB inactive_anon:4880kB active_file:32872kB inactive_file:51920kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:236176kB dirty:804kB writeback:0kB shmem:10376kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 436224kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 333.308798] XFS (loop2): no-recovery mounts must be read-only. 04:53:08 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, &(0x7f0000000140)={0x0, @aes256}) 04:53:08 executing program 0: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', 0x0, 0x2001001, 0x0) r0 = openat$dlm_monitor(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dlm-monitor\x00', 0x109000, 0x0) openat(r0, &(0x7f0000000280)='./file1\x00', 0x200000, 0x1) syz_mount_image$ext4(0x0, &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x100020, &(0x7f0000000100)=ANY=[@ANYBLOB="6a694b4d39e8a45d6065be255725b093ad324e1d7875730a302750b3ae38ab359624be95596e5806302f7260e29292df833b7623440634f55edb9a9ff9c26181996aee42933853869a0921dac06700"/89]) keyctl$set_reqkey_keyring(0xe, 0x0) syslog(0x0, &(0x7f0000000180)=""/203, 0xcb) 04:53:08 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) [ 333.334765] Node 1 active_anon:0kB inactive_anon:0kB active_file:140kB inactive_file:0kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:4kB writeback:0kB shmem:0kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 333.371630] Node 0 DMA free:15908kB min:216kB low:268kB high:320kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 333.402122] lowmem_reserve[]: 0 2580 2580 2580 04:53:08 executing program 4: syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x28001) write$evdev(0xffffffffffffffff, &(0x7f0000000280)=[{}], 0x12) [ 333.436947] Node 0 DMA32 free:1284788kB min:36468kB low:45584kB high:54700kB active_anon:483772kB inactive_anon:4880kB active_file:32872kB inactive_file:51920kB unevictable:0kB writepending:804kB present:3129332kB managed:2644912kB mlocked:0kB kernel_stack:7552kB pagetables:4820kB bounce:0kB free_pcp:988kB local_pcp:628kB free_cma:0kB [ 333.470366] lowmem_reserve[]: 0 0 0 0 [ 333.474373] Node 0 Normal free:0kB min:0kB low:0kB high:0kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:0kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 333.507501] XFS (loop2): no-recovery mounts must be read-only. [ 333.534213] lowmem_reserve[]: 0 0 0 0 [ 333.544829] Node 1 Normal free:3786832kB min:53420kB low:66772kB high:80124kB active_anon:0kB inactive_anon:0kB active_file:140kB inactive_file:0kB unevictable:0kB writepending:4kB present:3932160kB managed:3870208kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 333.572726] lowmem_reserve[]: 0 0 0 0 [ 333.576595] Node 0 DMA: 1*4kB (U) 0*8kB 0*16kB 1*32kB (U) 2*64kB (U) 1*128kB (U) 1*256kB (U) 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15908kB [ 333.590416] Node 0 DMA32: 10543*4kB (UME) 2982*8kB (UME) 2742*16kB (UME) 1830*32kB (UME) 823*64kB (UM) 89*128kB (UM) 9*256kB (UME) 4*512kB (ME) 2*1024kB (UE) 3*2048kB (UME) 254*4096kB (M) = 1285452kB [ 333.608562] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 333.621987] Node 1 Normal: 48*4kB (UE) 360*8kB (UME) 279*16kB (UME) 53*32kB (UME) 17*64kB (UME) 12*128kB (UE) 4*256kB (UM) 3*512kB (UE) 2*1024kB (ME) 5*2048kB (UME) 918*4096kB (M) = 3786832kB [ 333.639380] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 333.648293] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 333.663079] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 333.678739] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB 04:53:08 executing program 5: socket$inet_udplite(0x2, 0x2, 0x88) ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") r0 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000140)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r0, &(0x7f0000000000)=ANY=[], 0x0) 04:53:08 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) 04:53:08 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, &(0x7f0000000140)={0x0, @aes256}) 04:53:08 executing program 2: syz_mount_image$xfs(&(0x7f0000000040)='xfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000002680)=ANY=[@ANYBLOB='norecovery,biosize=00000000000000000007,logdev=.']) lsetxattr$security_selinux(&(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='security.selinux\x00', &(0x7f0000000100)='system_u:object_r:sound_device_t:s0\x00', 0x24, 0x2) 04:53:08 executing program 4: syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x28001) write$evdev(0xffffffffffffffff, &(0x7f0000000280)=[{}], 0x12) [ 333.690723] 23832 total pagecache pages [ 333.698336] 0 pages in swap cache [ 333.702058] Swap cache stats: add 0, delete 0, find 0/0 [ 333.713663] Free swap = 0kB [ 333.716814] Total swap = 0kB [ 333.719835] 1965979 pages RAM [ 333.719840] 0 pages HighMem/MovableOnly [ 333.719844] 333222 pages reserved [ 333.719848] 0 pages cma reserved 04:53:08 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, &(0x7f0000000140)={0x0, @aes256}) [ 333.781869] syz-executor.5: vmalloc: allocation failure: 0 bytes, mode:0x14000c0(GFP_KERNEL), nodemask=(null) [ 333.798330] XFS (loop2): no-recovery mounts must be read-only. 04:53:08 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) 04:53:08 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) [ 333.816000] audit: type=1400 audit(1562129588.741:68): avc: denied { relabelto } for pid=20889 comm="syz-executor.2" name="file0" dev="sda1" ino=17169 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=system_u:object_r:sound_device_t:s0 tclass=dir permissive=1 [ 333.844887] syz-executor.5 cpuset=syz5 mems_allowed=0-1 [ 333.858950] CPU: 1 PID: 20900 Comm: syz-executor.5 Not tainted 4.14.131 #25 [ 333.866176] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 333.875562] Call Trace: [ 333.878167] dump_stack+0x138/0x19c 04:53:08 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, &(0x7f0000000140)={0x0, @aes256}) [ 333.881812] warn_alloc.cold+0x96/0x1af [ 333.885800] ? zone_watermark_ok_safe+0x2b0/0x2b0 [ 333.890668] ? lock_downgrade+0x6e0/0x6e0 [ 333.894928] ? avc_has_perm+0x2df/0x4b0 [ 333.898908] __vmalloc_node_range+0x3be/0x6a0 [ 333.903498] ? trace_hardirqs_on+0x10/0x10 [ 333.907751] vmalloc+0x46/0x50 [ 333.910933] ? sel_write_load+0x1a0/0x1050 [ 333.915190] sel_write_load+0x1a0/0x1050 [ 333.919242] ? save_trace+0x290/0x290 [ 333.923043] ? sel_read_bool+0x240/0x240 [ 333.927102] ? trace_hardirqs_on+0x10/0x10 [ 333.931416] ? save_trace+0x290/0x290 [ 333.935205] __vfs_write+0x105/0x6b0 [ 333.938905] ? __lock_is_held+0xb6/0x140 [ 333.942967] ? sel_read_bool+0x240/0x240 [ 333.947110] ? kernel_read+0x120/0x120 [ 333.950979] ? __lock_is_held+0xb6/0x140 [ 333.955025] ? check_preemption_disabled+0x3c/0x250 [ 333.961632] ? rcu_lockdep_current_cpu_online+0xf2/0x140 [ 333.967602] ? rcu_read_lock_sched_held+0x110/0x130 [ 333.972785] ? rcu_sync_lockdep_assert+0x6d/0xb0 [ 333.977871] ? __sb_start_write+0x153/0x2f0 [ 333.982194] vfs_write+0x198/0x500 [ 333.985759] SyS_write+0xfd/0x230 [ 333.989203] ? SyS_read+0x230/0x230 [ 333.992823] ? do_syscall_64+0x53/0x640 [ 333.996794] ? SyS_read+0x230/0x230 [ 334.000408] do_syscall_64+0x1e8/0x640 [ 334.004290] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 334.009214] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 334.014519] RIP: 0033:0x4597c9 [ 334.017777] RSP: 002b:00007fbe448e1c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 334.025555] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000004597c9 [ 334.032806] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000004 [ 334.040064] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 334.047314] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fbe448e26d4 [ 334.054667] R13: 00000000004c97d2 R14: 00000000004e0bc8 R15: 00000000ffffffff [ 334.123010] audit: type=1400 audit(1562129589.051:69): avc: denied { getattr } for pid=6808 comm="syz-executor.2" path="/root/syzkaller-testdir797747748/syzkaller.AKtNJK/350/file0" dev="sda1" ino=17169 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=system_u:object_r:sound_device_t:s0 tclass=dir permissive=1 [ 334.174126] audit: type=1400 audit(1562129589.051:70): avc: denied { read } for pid=6808 comm="syz-executor.2" name="file0" dev="sda1" ino=17169 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=system_u:object_r:sound_device_t:s0 tclass=dir permissive=1 04:53:09 executing program 0: mkdir(&(0x7f00000001c0)='./file0\x00', 0x10000000000006) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', 0x0, 0x2001001, 0x0) syz_mount_image$ext4(0x0, &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x100020, &(0x7f0000000100)=ANY=[@ANYBLOB="6a6f75726e616c5f6465763d3078303030303030303030303030303030302c00b3635d63e8970fd2a578119162862a57d763c17b724e430a3a05db8b6a5c4bb3ab02f5f6b698917a3f64a81f00e5d10dcf60f65f90e52db6c1c53cb5aa338ba5cb97fb0959557cc0a6702b7a7141fac24b41bbaeefa56b814b16acb089b278af08e8494fd8955601898edddccf086bfab6e29cb6900ff2b8230eef7d631ee2503422056ff208161895894e0dcde5772d964be493130d62cd"]) 04:53:09 executing program 4: syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x28001) write$evdev(0xffffffffffffffff, &(0x7f0000000280)=[{}], 0x12) 04:53:09 executing program 5: socket$inet_udplite(0x2, 0x2, 0x88) ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") r0 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000140)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r0, &(0x7f0000000000)=ANY=[], 0x0) 04:53:09 executing program 2: r0 = syz_open_dev$amidi(&(0x7f0000000000)='/dev/amidi#\x00', 0x3, 0x80) getsockopt$inet_sctp_SCTP_DEFAULT_PRINFO(r0, 0x84, 0x72, &(0x7f0000000140)={0x0, 0x6}, &(0x7f0000000180)=0xc) setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r0, 0x84, 0x72, &(0x7f00000001c0)={r1, 0x0, 0x20}, 0xc) getsockopt$inet_sctp6_SCTP_DISABLE_FRAGMENTS(r0, 0x84, 0x8, &(0x7f00000000c0), &(0x7f0000000100)=0x4) syz_mount_image$xfs(&(0x7f0000000040)='xfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000002680)=ANY=[@ANYBLOB='norecovery,biosize=00000000000000000007,logdev=.']) r2 = syz_open_dev$dspn(&(0x7f0000000200)='/dev/dsp#\x00', 0x6, 0x0) write$P9_RCLUNK(r2, &(0x7f0000000240)={0x7, 0x79, 0x1}, 0x7) 04:53:09 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, &(0x7f0000000140)={0x0, @aes256}) 04:53:09 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) 04:53:09 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, &(0x7f0000000140)={0x0, @aes256}) [ 334.207610] audit: type=1400 audit(1562129589.051:71): avc: denied { open } for pid=6808 comm="syz-executor.2" path="/root/syzkaller-testdir797747748/syzkaller.AKtNJK/350/file0" dev="sda1" ino=17169 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=system_u:object_r:sound_device_t:s0 tclass=dir permissive=1 [ 334.244772] audit: type=1400 audit(1562129589.051:72): avc: denied { rmdir } for pid=6808 comm="syz-executor.2" name="file0" dev="sda1" ino=17169 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=system_u:object_r:sound_device_t:s0 tclass=dir permissive=1 04:53:09 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, &(0x7f0000000140)={0x0, @aes256}) 04:53:09 executing program 4: syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x28001) write$evdev(0xffffffffffffffff, &(0x7f0000000280)=[{}], 0x12) [ 334.304551] XFS (loop2): no-recovery mounts must be read-only. [ 334.308038] syz-executor.5: vmalloc: allocation failure: 0 bytes, mode:0x14000c0(GFP_KERNEL), nodemask=(null) 04:53:09 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) [ 334.367608] syz-executor.5 cpuset=syz5 mems_allowed=0-1 [ 334.389332] CPU: 1 PID: 20933 Comm: syz-executor.5 Not tainted 4.14.131 #25 [ 334.396569] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 334.405931] Call Trace: [ 334.405955] dump_stack+0x138/0x19c [ 334.405973] warn_alloc.cold+0x96/0x1af 04:53:09 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, &(0x7f0000000140)={0x0, @aes256}) [ 334.405984] ? zone_watermark_ok_safe+0x2b0/0x2b0 [ 334.405998] ? lock_downgrade+0x6e0/0x6e0 [ 334.406013] ? avc_has_perm+0x2df/0x4b0 [ 334.406026] __vmalloc_node_range+0x3be/0x6a0 [ 334.406036] ? trace_hardirqs_on+0x10/0x10 [ 334.406050] vmalloc+0x46/0x50 [ 334.444002] ? sel_write_load+0x1a0/0x1050 [ 334.448345] sel_write_load+0x1a0/0x1050 [ 334.452719] ? save_trace+0x290/0x290 [ 334.456540] ? sel_read_bool+0x240/0x240 [ 334.460627] ? trace_hardirqs_on+0x10/0x10 04:53:09 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) [ 334.464975] ? save_trace+0x290/0x290 [ 334.469449] __vfs_write+0x105/0x6b0 [ 334.473263] ? __lock_is_held+0xb6/0x140 [ 334.477335] ? sel_read_bool+0x240/0x240 [ 334.481665] ? kernel_read+0x120/0x120 [ 334.481679] ? __lock_is_held+0xb6/0x140 [ 334.481694] ? check_preemption_disabled+0x3c/0x250 [ 334.481710] ? rcu_lockdep_current_cpu_online+0xf2/0x140 [ 334.481721] ? rcu_read_lock_sched_held+0x110/0x130 [ 334.481732] ? rcu_sync_lockdep_assert+0x6d/0xb0 [ 334.492439] ? __sb_start_write+0x153/0x2f0 [ 334.492453] vfs_write+0x198/0x500 [ 334.492468] SyS_write+0xfd/0x230 [ 334.492480] ? SyS_read+0x230/0x230 [ 334.492489] ? do_syscall_64+0x53/0x640 [ 334.492499] ? SyS_read+0x230/0x230 [ 334.492509] do_syscall_64+0x1e8/0x640 [ 334.492517] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 334.492531] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 334.536641] RIP: 0033:0x4597c9 [ 334.554127] RSP: 002b:00007fbe448e1c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 334.554139] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000004597c9 [ 334.554145] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000004 [ 334.554151] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 334.554157] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fbe448e26d4 [ 334.554163] R13: 00000000004c97d2 R14: 00000000004e0bc8 R15: 00000000ffffffff [ 334.589317] warn_alloc_show_mem: 1 callbacks suppressed [ 334.589320] Mem-Info: [ 334.611864] active_anon:121940 inactive_anon:1219 isolated_anon:0 [ 334.611864] active_file:8253 inactive_file:12987 isolated_file:0 [ 334.611864] unevictable:0 dirty:219 writeback:0 unstable:0 [ 334.611864] slab_reclaimable:12120 slab_unreclaimable:108859 [ 334.611864] mapped:59094 shmem:2594 pagetables:1203 bounce:0 [ 334.611864] free:1270893 free_pcp:209 free_cma:0 [ 334.646481] Node 0 active_anon:487960kB inactive_anon:4876kB active_file:32872kB inactive_file:51948kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:236376kB dirty:872kB writeback:0kB shmem:10376kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 434176kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 334.676865] XFS (loop2): no-recovery mounts must be read-only. [ 334.684950] Node 1 active_anon:0kB inactive_anon:0kB active_file:140kB inactive_file:0kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:4kB writeback:0kB shmem:0kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 334.718179] Node 0 DMA free:15908kB min:216kB low:268kB high:320kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 334.745131] lowmem_reserve[]: 0 2580 2580 2580 04:53:09 executing program 0: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', 0x0, 0x1000000, 0x0) creat(&(0x7f0000000100)='./file0\x00', 0x5) syz_mount_image$ext4(0x0, &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x100020, &(0x7f0000000040)={[{@journal_dev={'journal_dev'}}]}) 04:53:09 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, &(0x7f0000000140)={0x0, @aes256}) [ 334.749869] Node 0 DMA32 free:1282212kB min:36468kB low:45584kB high:54700kB active_anon:485868kB inactive_anon:4880kB active_file:32872kB inactive_file:51948kB unevictable:0kB writepending:880kB present:3129332kB managed:2644912kB mlocked:0kB kernel_stack:7488kB pagetables:4756kB bounce:0kB free_pcp:536kB local_pcp:316kB free_cma:0kB [ 334.795766] lowmem_reserve[]: 0 0 0 0 [ 334.823623] Node 0 Normal free:0kB min:0kB low:0kB high:0kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:0kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 334.875017] lowmem_reserve[]: 0 0 0 0 [ 334.878970] Node 1 Normal free:3786832kB min:53420kB low:66772kB high:80124kB active_anon:0kB inactive_anon:0kB active_file:140kB inactive_file:0kB unevictable:0kB writepending:4kB present:3932160kB managed:3870208kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 334.907842] lowmem_reserve[]: 0 0 0 0 [ 334.912036] Node 0 DMA: 1*4kB (U) 0*8kB 0*16kB 1*32kB (U) 2*64kB (U) 1*128kB (U) 1*256kB (U) 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15908kB [ 334.925966] Node 0 DMA32: 10692*4kB (UME) 2748*8kB (UME) 2777*16kB (UME) 1867*32kB (UME) 823*64kB (UM) 89*128kB (UM) 9*256kB (UME) 4*512kB (ME) 2*1024kB (UE) 4*2048kB (UME) 254*4096kB (M) = 1287968kB [ 334.944591] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 334.956486] Node 1 Normal: 48*4kB (UE) 360*8kB (UME) 279*16kB (UME) 53*32kB (UME) 17*64kB (UME) 12*128kB (UE) 4*256kB (UM) 3*512kB (UE) 2*1024kB (ME) 5*2048kB (UME) 918*4096kB (M) = 3786832kB [ 334.973901] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 334.982824] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 334.991494] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 335.000494] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 335.009247] 23839 total pagecache pages [ 335.013862] 0 pages in swap cache [ 335.017668] Swap cache stats: add 0, delete 0, find 0/0 04:53:09 executing program 5: socket$inet_udplite(0x2, 0x2, 0x88) ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") r0 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000140)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r0, &(0x7f0000000000)=ANY=[], 0x0) 04:53:09 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) 04:53:09 executing program 4: syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x28001) write$evdev(0xffffffffffffffff, &(0x7f0000000280)=[{}], 0x12) 04:53:09 executing program 2: stat(&(0x7f0000000540)='./file0\x00', &(0x7f0000000580)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) lstat(&(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r4 = socket$inet_tcp(0x2, 0x1, 0x0) syz_mount_image$vfat(&(0x7f0000000140)='vfat\x00', &(0x7f0000000180)='./file0\x00', 0x4, 0x2, &(0x7f00000002c0)=[{&(0x7f00000001c0)="69a5ac1dc513ad568d1dc5488ebada69e982c7457a19f6cb5cefb1f83d9cb5f7b91705f0ada35d9c4718eb2ed733fad8422a5551c7ce940135479f11c66f4090a985325c", 0x44, 0xb7d}, {&(0x7f0000000240)="6e8e127849576f0369312985b0fdd068b25934cbbf12bdef463310f4a0cab91403fec8d1c31cafe13c499213f7f01fe72bfd37441e8d2dad93b3ab86bba744e509cefdcb2628c5cc6d3762a7ed448ef340955455d3b205bcb085d94fcb9701b007ed4d6099a76a4b3c4418d565ba35caca5ff9468e1c16", 0x77, 0xff}], 0x200000, &(0x7f0000000300)={[{@iocharset={'iocharset', 0x3d, 'iso8859-5'}}, {@shortname_mixed='shortname=mixed'}, {@iocharset={'iocharset', 0x3d, 'koi8-ru'}}, {@utf8='utf8=1'}, {@utf8no='utf8=0'}, {@uni_xlate='uni_xlate=1'}, {@shortname_winnt='shortname=winnt'}], [{@audit='audit'}, {@dont_appraise='dont_appraise'}]}) syz_mount_image$xfs(&(0x7f0000000040)='xfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000002680)=ANY=[@ANYBLOB='norecovery,biosize=00000000000000000007,logdev=.']) r5 = openat$full(0xffffffffffffff9c, &(0x7f0000002840)='/dev/full\x00', 0x94400, 0x0) ioctl$TUNSETIFF(r5, 0x400454ca, &(0x7f0000002880)={'ip6gre0\x00', 0x100}) r6 = openat$dlm_control(0xffffffffffffff9c, &(0x7f0000000600)='/dev/dlm-control\x00', 0x401, 0x0) r7 = getpid() write$cgroup_pid(r6, &(0x7f00000029c0)=r7, 0x12) ioctl$sock_SIOCGPGRP(r4, 0x8904, &(0x7f00000007c0)=0x0) r9 = getpgrp(0x0) ioctl$SIOCGSTAMPNS(r5, 0x8907, &(0x7f00000028c0)) ioctl$TIOCGPGRP(0xffffffffffffff9c, 0x540f, &(0x7f0000001980)=0x0) r11 = getpid() bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000001bc0)={0x0, 0xffffffffffffff9c, 0x0, 0x7, &(0x7f0000001b80)='koi8-ru'}, 0x30) r13 = getpid() r14 = getpgrp(r10) r15 = getpid() sendmmsg$unix(r6, &(0x7f00000026c0)=[{&(0x7f0000000640)=@file={0x0, './file0\x00'}, 0x6e, &(0x7f0000000740)=[{&(0x7f00000006c0)="d69c9401aaf6612824bfca970ac69fdd19c2b199036690f0226a1864a8bbcee385a3ee805d56178b26695d93466333250c4b25efbe851ede3e3fcdc7f35bf330ddbbb3c9766a09eacda12a58f0a3544320b3f108cab189", 0x57}], 0x1, &(0x7f0000000800)=[@rights={{0x20, 0x1, 0x1, [r4, r4, r4, r4]}}, @cred={{0x1c, 0x1, 0x2, {r7, r0, r3}}}, @cred={{0x1c, 0x1, 0x2, {0x0, r0, r1}}}, @rights={{0x1c, 0x1, 0x1, [r4, r4, r4]}}, @cred={{0x1c, 0x1, 0x2, {r8, r0, r1}}}], 0xa0, 0x4000010}, {&(0x7f00000008c0)=@abs={0x1, 0x0, 0x4e23}, 0x6e, &(0x7f0000001940)=[{&(0x7f0000000940)="fd7e6abf7f8d2174eca76bba6bd239f7faaa00efb5a86b72366117a068454bbb3660cc1af20385a6cb51cac429b19076ed78f80e972d76c0bc03bc3c63fa019ba11ade12da1e3aae9c51b58bcd07e51221625c7f8ec4dda4cec7660e364b7f7b1efa9e133ceae623354c728281939eb79dedd99e24efe9658261f94ac976f1215266b63b5606d43d884dbf1dfaa0f0b9e79e09dcb1246f1356dea3373bdba52aac167540b31c7cb7e13c60e7bb68f3ca879f7dd27463ac0f7c0b9ca41517c057efc26e3a0afb55bbe3769c9714aa8d54b6b891770181a5ffdf711e8e7f561b61e80d01e723f70f536931336953ccfae924cb5b7c75c71fac29afc5d78b28416b3a67dda6b999161da5dfb32434562b0c897c5efa8d152489b2edcd46372067be3ac3f8a931c669bec71ec4fa68b090a527773f4156b4056c1703deac7dd0d7aaf84507e97371cc1cce1a20b20b5535f17d7045b6d3bbaa9bd131457981d19571798e07835c2a635e4e59601f21489c702f88e1a77e6ff41677002ae21db51df7c9a7409d6e388f270f106d662d9fcf7d468ad7ebf33d5dabd91d4f69135cc81579b23513a3500188d60778a79ecccbc895c47a1efb8100025acfbcbe3ed3f41a34e533c435a788b85ba2fa5b2a33f6ff96bd8a6296fe2b3277974013011e955af6e010811b56c5c6b3d179e93f083878c225c2559316bc9cd214a3094926637b7fcb4287e467b6fd9c3a1031112770bff36aa3db304e54c7edcebcfb0a9bc954aac0e98b4ab94290eb90e74a12ce71730f1af9a258eb8930a6f42d771eeb1a2636d88d0d1a75c09e6aead4070d0486c851e620600c7fe6c13832ca93c76817326fe730c443f42f97433decb04bbbc8901b7a7ebd2bc79c9ac065fac9656d04d3d0fba3d4aa0316c06742c45393ad2b0b6fc1b5d8cae5f94c2bcc4cd1612f3a7098249cb1092decf9fc8fa81c71f86ee977d532c3d881f5cf503d15aff21e48e9c333d8b709e2a5354ecc523d51dd8b91080e8358b41f0d0a1955ecc4d11b5548664df9e1686a3bb48036b43ab3f2d87df9ffbdc2a68a6a1ba55609b4c4e533e48e376576710fcd9dd932fc5e723df0eb1bfd9eb6ea9076330839de2649d27e608261a5add6860a373e8a66d1a598f07f0d3b38eb0cefb822010a1e66a12e305a8010021d9a683ef262d95d804419d53ef1925503d53922ea4d2fc1602f4e6fc02f2e8dd9fa239c8ca0eb56fee9f375a1afcee1bdda677ee284108424d1b27a03541323b084958664b9845f6279f5122b4b103dfa88af702ec346ee41236a57235077ab29499701c7664b7e57279620b7e1dddb706cb4c9be2b41082aee076ae7787e588eed3bdf4329b05c37f78e8e7772a5da5626fdf91d3578ae6ff36fd4543848abf29143461c1b87bb1a64a1999bd33d38ec1ec51515d1cfa0c7977c07522f2e136113a81341231dfda8818faec8a9085561f87211286c95f03b32665725d04ec2d35d7348d1d50394095940d2151d0cc43bac02b882ce7e9d68ef3bf2e6601dbd5341d1b66cf37af35e6fd9a6f27f436595335605100705e3a6a7a794550a3319396a8c36be245d61d3879f0e632bd30abe284fea895a5ce6619ab2471f6198592c761cf769726b5b97f24226891d4eb67c9b0dc52c58e6fc7e4e931c4904d81e576f494ddb18984dfc46aa32a80970d8b8a8305839f930df46c03ec9909f11a21e659c4b0cfc18f253e6b7978562f73b84558ad69fa9237ac1a5fb625e731579855a3dbd6160facc411d1e7a4416ee2176d78a8f72e868591d499f1132c070ef421a0bbf12a57aec11bf05667f2761f2ebe20877637e39cdefc6c97872fc81bf5f439ea860f4bfd34119bdf85f3353a776f36a7d6226c2c76625ae89396216ed2ca5e8b639b882b9515ac8b8ebe61ee063deaced5bc2fd2fb744a2bd352ae4b9d7a401f3de42046456e39892af52a9ea04cae1bf3ef70383aba605ff90c5d080e04433872914c02d8cf98a32555b9a83651c2f3ef97491d2fcc6239da69a1f6b51e4d9002806b567409724d20ddb59dcf39191339b0bdaf87c4bb66b62d79749d3db45bcf924502fc93935df785e81ce7c86e37ed01d803cc30660baec9985a7bf19dcef8f240986f3b7b726ad6fb00f0235ca6c81a74e3bf0ac7442cabcc2186a0ed851f6bd66c080b46a56f2109be05bf7e4c9eb53ada5da192aeddefd80efe027c14ca114db70c47d5440ea17d6d7e65c3cbbded9a22ec6b0ed1231a8de4638ba3a8799eae2dc2c07be495c769a030cf1bbfd8809584a50ce611ae71af97ff30bf1ed1079bfa5b046f36b663d8046b149b6296073323f97bd3bbd62fe147d477712b395418c0cddec791a1c9d890c2de3fdb556a7b1281dc7ec71927318eec537d29b327367f041d66d151ce900b49fa8e9ea072dea5c0fe72c79dd41f593477fc75057f86dad801b59199735e1557123c6cf17550bb1ca7b80554111b7ad45997d4cf13b79182f062cead83b500243cdde0947762087d587d4012b868d087f4b82a5841af44a819ade1d4b3b957ac09a66124b269dac80be7dfaf603b2b945f843f1c50345018b91b0b04fd63904456bfd61f5c58e9d16c0e0b3b300905c31241a9d1bd8a6e44ce42b32281fc9551dc249ac7001430026cb19f10acd66dd1d17b1cda202f56a0a5534e142490de561fc83556b4946ae6b79bf6567e8fddf894ff2171e1f46745854b69bf0b6a58b70b2f575da5709f3318b75b27d338ab5b21599366dd9600383e680d858b1537bcc72242d5e2fa21f35e494a23f01a3d759a19cc82c0b924140a77adccc862bfa5d283f06485b7c1954861be9de68b6c299a5aaefe3d78397ab54aed5b0db951dc975d877c1830e76de52a3d384f8a6a2e71dcd070ffdde601ff959e1dc84628099117f1db15e127196370640f5e3856856065760379b5666e5b69ef65878d22f3f2877130e45400907eb4c9d49d57df91e215a8d85fe4b8254cde78d2264109391fc909b446a139690c026f6efeb383463f614406ad6c1c3b490220b01a5aec1d402e09c2150a7d083344313dec339ed0c2348246947ba0b2cc0baaa7c3ebfe33bc60ad0f0c14e0d254667e744cffdde45aa398f60bd3336fbf0d5d229183797a76d132240c623b1d1e50168f251304787be5f34a61dd453662850fbe0c047542110cbfc3b5f4b29fe7b64dddae103737170dcd448d5685905cda038866874e3a5965a00979500a15f97c64148c8c95b559c110bea28734f4c4c68c0bd84ad464ad107d434fa59ed484c723723d218aa006161d7161e0c938def519d76d638f78c1cd66eb5424d20e2660bdf07102518c9bd75694f885e700f34d624d89ad7c1c6fd2aa203a586210928ce1213af6c8fde14a214b539b595316fde72318465f9cfca095f6607834282318a190fb45ff3ba17f3a6a06651326234e493e918c87e590a853ee9f8e4d0cb0c736eaa0d9af008556426a896a59af1507990070e241ba08f56aa90a3bd590114e1df9f8ff555af583bb52435312d0705c644b1003792430a13cb7eedcb40cc258db7e3dd9fd1a31427e91c82d4a37eb4175494806c732567e6b62b52c899e57b7f1d6b111d26f83fccc7daf8988488df701ef29c4496cd7ac96f3a8d48a834e0eea8c2605c07e7e69934e0c73b9994c2283fbd4fcc76d34068a93293376019a8d92f052c98d19c360cb94639d9f875903cbcbb9d2eef8ea13436ec5dfe3cc3b3085a1d7f3cbede93043aa0e106a61b630aab97763006a05e325373c8aa4bcc37b0d355b7edbcff262a40fbbd6d69f82027e391e1e39f1c312b01ece170591eaed22e686711e6a0b3970b3d357a389db39a96d2baa02bed98f1a991bb2d365b1847687b3f428712b4cfc080526771ea2420e3854e51ca5790f55c06cc06b5614a19a507eaed43b68c2f7d1238f8f70087cf0af6a2c1db98aee418aa6b8ff9eae59c5b23915eb11e5ff746745f88c48abb4da836a2a9c5940b610c8efda96a698947637022e3cb552daf708c0fe1aed184dbce680ab47e17b3e3d4932bf13a15f89f0320c1c23ee6af14b07f9aed3d2db9e060977a0f3d68f637a34f46db38903cd1858485f8838b9fad1f5f60ad4a882b74c5dfcac6878fe6673935f9ce4ef28e9a2e7db020316802354871805b373b1dd526aa8eae79d9d595e08248de4fcf04ff2ff4b7f9ad5c929b7a8a4a517f8ef4d3aac84028d7e3cb569ab0c35784616cc6ae463f497f3f8fada7e246505ea5398b78ede13812521b1436c80494e9a3743d2f97e4410be24a3695c357ff68e945de02bdcf69464d3bcb1975f708c40474f579179093c930fcd58caf5005814a6375a36948acff40740987e931b98ad96c9bed372bf7581dd0c18542bf2ab0702fcdf863a7b527d668f92d5d5850add35f3cbfac07dc58923e9c005667cf6fef2c4d33838c35e8a6cd6640034734d3b8add74c72b5a1077d34be119ce8cb6318005ac321c81bc6fd550fe7ada709e22b77d336253cd1ae6e281a4700719363111acd587d4a26f371d0ac67dca9e074e0144ddb5343604ab0e58fdb1a5c4153df0cc0bbcc23a6874f91c987d888861433964ff12a05fe076ae705f67cb76972e76c185e257645eadd71e2206f8d911d96560de130da9d37387c5b0ff3356d8d09cb58ce107b835e3d0d4c227633b11d17bb744669ceb509fae446084fef2fa6779e0bc734b7bc806122a56648dc86609991ccf1e2acd0beb30f358ad950a3a3aff94f203b88f54fe8132cc75248748cfb89d4d5e351eb6bb405e60c6556505134a26933616de274077656476be661b9558b8871c5e13e53479d13daa08c0cbf8e05550def1b7a3512de414c0e455234ed5f63cbe6059470f3acc69cf78e55da6707463b40dabbe96152fdad72f2aba95cb01ded1a3f880da385812b02c9e60e2ec074e5556281c841e789de22f595d18fb1914540c5a63227fcb128e785d30f40a75c2fbbf08d8eedd1203af04a055b00829a960e45a7aeed12ba54a1cbc4cc3b6c7db76fde54760dcd5cde57d1843c9109fb4d850a28e0f0d887d66cc8b33f12ea663d8691a598d4517ff7cba67491133e4d51067d36fc0f0fc988ac983b2c9a250ab9d21bbe22dac846fd8e6d3a4718ec29e6047d94d7991fa9f01f51b15ed1d98b91a44c9839a67f1f5b036e1a54c62a1c81c3f5371370dc0306977067ac1dcb2ef2b971e17fc85124fd0c5917e62b29f38d39e7749806d464840c39f6c363bb57c7739b2c6ad9edda23f5483c2939a4c6f2431d334e27fd52541541619ad5a9e4a17a4f272fda09c68473369c9fbb060de69bf66afefdfff825c6ed59add2ea74b20e5c8ba48837e45fd0f167fe8714de826b8d9efbb7071921ac83ae1676cddb17e03439197e997997fd823fa4e18947d0facf29045b9da9763a9825644952c4c8702c927772ba605f5ef3dde7d562db904285990f80da47fbae35195bfd2b9c72c74c68146ef23038153eb6d282a8063a936f53f79e35d73933fcfa431371ba3a6187dbd1e5e5411f23d06fc81a4620f55f5a55931eed886e4b331492f3d1f150398076983616424be21dd1013de9bc119e8a30958ffddcfe4eb0fdc6df7b492e162f365dab339bb6cd81c5f14d38903b185e06e170bff93f7a459971cca3d7285f26913ac47e45bd3a77fbb7265e1baa83b8a26fcceee466117ff52ba51114fd02162c7ddc3f4c076b1921470c36b65ab8a3cc7f514ed4dbed26cbcf06cd4f1f5c2776ff4db4b58c13572d0ac794bbf557", 0x1000}], 0x1, &(0x7f00000019c0)=[@cred={{0x1c, 0x1, 0x2, {r9, r0, r1}}}, @cred={{0x1c, 0x1, 0x2, {r10, r2, r3}}}], 0x40, 0x8000}, {&(0x7f0000001a00)=@file={0x1, './file0\x00'}, 0x6e, &(0x7f0000001b40)=[{&(0x7f0000001a80)="6ffa55262946d103da0bf23eff5f7619e8e560c5fb142e0bb7398c4c0ebe40448a68ccaa6cbbaee8d71081b38083a68605f229e49de55415bfc528d04022f8ce707c86a8ff9eefe41e4a6c2648a28e2d5dac0a5dd5fb6a6c88f716b209624eabaa07cf7c5523ba077ee097cbd8c93587b097ad618f1bfdad949a5f9be8259b1e973a0216c885dc2ea12318825550d41b64376ac0f1ebf0c028652154989f4de476af325140c3594161dd850364fd29f5e50da66c2b72c923", 0xb8}], 0x1, &(0x7f0000001c00)=ANY=[@ANYBLOB="1c000000000000000100000002000000", @ANYRES32=r11, @ANYRES32=r2, @ANYRES32=r1, @ANYBLOB="000000001c000000000000000100000002000000", @ANYRES32=r12, @ANYRES32=r2, @ANYRES32=r1, @ANYBLOB="0000000030000000000000000100000001000000", @ANYRES32=r4, @ANYRES32=r4, @ANYRES32=r4, @ANYRES32=r4, @ANYRES32=r4, @ANYRES32=r4, @ANYRES32=r4, @ANYRES32=r4, @ANYBLOB="1c000000000000000100000001000000", @ANYRES32=r4, @ANYRES32=r4, @ANYRES32=r4, @ANYBLOB="01000080"], 0x90, 0x4000000}, {&(0x7f0000001cc0)=@file={0x1, './file0\x00'}, 0x6e, &(0x7f0000001e80)=[{&(0x7f0000001d40)="860acc1aa1c5bee6e38e11c62c1f1573042c9993892e1bc2536db2e9453784ea78d838b42d9af0cc142d8335fe80554b40340f2e6767cc0b886d43c4d6877becb5be74478b7647faddebce298fdd43b59ae9fe6630c2278e308d395e1b94307018591367fa00a361013e66ef5e4bf9c7689cef39a0beee459c9ec6b57d1bd45b65edf691db06532abd949f1687fcc67e66666bec0ebd9c1ba94af51fb9ceca3a1d425e4342c92c1861ce56b8ede7ed650acacb95b7a829285e88703f20bf1a56d4b7ec765cda0d897456e445492d990d35c53370da051c365781", 0xda}, {&(0x7f0000001e40)="9c1e197f4387d618e9fe939ca2af060d20cf2779b31c2129e4b1e542ea2202d5deadd827", 0x24}], 0x2, &(0x7f0000001ec0)=[@rights={{0x20, 0x1, 0x1, [r4, r4, r4, r4]}}, @rights={{0x24, 0x1, 0x1, [r4, r4, r4, r4, r4]}}, @cred={{0x1c, 0x1, 0x2, {r13, r0, r1}}}, @rights={{0x2c, 0x1, 0x1, [r4, r4, r4, r4, r4, r4, r4]}}, @rights={{0x1c, 0x1, 0x1, [r4, r4, r4]}}, @rights={{0x20, 0x1, 0x1, [r4, r4, r4, r4]}}], 0xd8, 0x20000800}, {&(0x7f0000001fc0)=@file={0x0, './file0\x00'}, 0x6e, &(0x7f0000002340)=[{&(0x7f0000002040)="5f84ea51b088a8fe0fbb9e1e0387c926c61fa9270d81641981a91c3704cee513b6f3d0e002a21e8de566e2af6db2a3721c2552ae56f5bb8bbe1dc97ec1fdd554b6cff16b9697112dd7395f10ed727fda2a57d40639a78f579b290a8f021614c9a0993b1bb9880e564b0aecb23fd2d7f485a5", 0x72}, {&(0x7f00000020c0)="fdebce1fad3125587ff4b59f4f7318bd32bcf2a39b7086bbe91e767e02b283cd801d8cff7c2f14bacc724bb1610b34f2d7da21d413232fb30bb9f65ce1b97b4ad404fd800e2508b49cceeadf0a25df89b8a32a4b0322d32af1751a5f5018db30258b0f22dd81dc888c26be7444f50b54ec14c74241b83e65813ccb3e528393b0a86b7692761182f72dd9cb14", 0x8c}, {&(0x7f0000002180)="8aab936ec38ea45d0f92c2c2fadb70a00f24d0337556b57b0ad1b158040ad444110ce795dca8374cc43d2c00a7e664e83a160a198d88c7e3eed4a102be16ecbb4b462f5b4aac62651c87b3526f8a2a57588d28ec342b641da48d8806d6f1d53a6ca5949d143745b4d9f836ce976ad3585e17cb512078234d81968ac5dc730a47805893a27649d690adc8be1474b9a547d0aaa819cdb0", 0x96}, {&(0x7f0000002240)="a02e68a4170fe74900f1f7911cb2869547dd96e8cf7b8b787aadf20ad3a6c0d26312c6172c09322f66f62de131f367f2d69ea4c88ce34d59c396c25d32347e4b3f56bbe6f1c5164583d8d7b4052a9951af1fbcff1b3b0a24b9cc5ce28a3b13557cec950bcbfc975359e4faaf20a5def69bc9f7aff5bd9debeec67a0eb8a7bea3bd1a11004e01c9107c82efcf6e5031dc9d26e0db0b3227c44e1f0d8ac6a0069f4a45fa99c2bed3a0820e905dfb527187bb68ef0d146c882053a2f2f41e4eb16308fa12d75adbdae0008b38a8d24a67a46db44f257f18e3bbd1be1547", 0xdc}], 0x4, &(0x7f0000002380)=ANY=[@ANYBLOB="18000000000000000100000001000000", @ANYRES32=r4, @ANYRES32=r4, @ANYBLOB="537a00001c8e54fc0100000600000000", @ANYRES32=r4, @ANYRES32=r4, @ANYRES32=r4, @ANYRES32=r4, @ANYRES32=r4, @ANYBLOB='\x00\x00\x00\x00'], 0x40, 0x44000}, {&(0x7f00000023c0)=@file={0x1, './file1\x00'}, 0x6e, &(0x7f0000002500)=[{&(0x7f0000002440)="7a59bf781e498fd8588c219cabb59daa117d3023eb341487d0f9fdf686e692a957976c54e196301a3516db13564be6e78b3ef43ba5a17f15b63a5ecdb9f06869b6d4bd98759296620fd753e319e565c4fbd01e0b4f2ee1fedaa17006", 0x5c}, {&(0x7f00000024c0)="0e734977c547476b57566408d5285a7ac585a802d5d447568f18127d318bd1", 0x1f}], 0x2, &(0x7f0000002540)=[@rights={{0x14, 0x1, 0x1, [r4]}}, @rights={{0x2c, 0x1, 0x1, [r4, r4, r4, r4, r4, r4, r4]}}, @rights={{0x14, 0x1, 0x1, [r4]}}, @cred={{0x1c, 0x1, 0x2, {r14, r0, r1}}}, @rights={{0x1c, 0x1, 0x1, [r4, r4, r4]}}, @rights={{0x18, 0x1, 0x1, [r4, r4]}}, @rights={{0x2c, 0x1, 0x1, [r4, r4, r4, r4, r4, r4, r4]}}, @cred={{0x1c, 0x1, 0x2, {r15, r2, r3}}}], 0x108, 0x8040}], 0x6, 0x44) ioctl$sock_SIOCGIFBR(r4, 0x8940, &(0x7f0000000480)=@get={0x1, &(0x7f0000000380)=""/231, 0x10001}) symlink(&(0x7f0000000780)='./file0\x00', &(0x7f0000002900)='./file1\x00') ioctl$PIO_UNIMAP(r6, 0x4b67, &(0x7f0000002980)={0x3, &(0x7f0000002940)=[{0x1, 0x8001}, {0xfffffffffffffffb, 0xee}, {0x7fffffff, 0x400}]}) r16 = syz_open_dev$radio(&(0x7f00000004c0)='/dev/radio#\x00', 0x1, 0x2) connect$bt_sco(r16, &(0x7f0000000500)={0x1f, {0x0, 0x0, 0x20, 0x5, 0x8000800000000000, 0x6}}, 0x8) 04:53:09 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, &(0x7f0000000140)={0x0, @aes256}) 04:53:09 executing program 0: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', 0x0, 0x2001001, 0x0) syz_mount_image$ext4(0x0, &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x100020, &(0x7f0000000040)={[{@journal_dev={'journal_dev'}}]}) r0 = fcntl$dupfd(0xffffffffffffffff, 0x406, 0xffffffffffffff9c) getsockopt$inet_mreqn(r0, 0x0, 0x24, &(0x7f0000000200)={@remote, @initdev}, &(0x7f0000000240)=0xc) mount(&(0x7f0000000100)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180)='ubifs\x00', 0x800, &(0x7f00000001c0)='journal_dev') [ 335.023104] Free swap = 0kB [ 335.026768] Total swap = 0kB [ 335.029959] 1965979 pages RAM [ 335.033165] 0 pages HighMem/MovableOnly [ 335.037147] 333222 pages reserved [ 335.040804] 0 pages cma reserved 04:53:10 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, &(0x7f0000000140)={0x0, @aes256}) [ 335.097589] syz-executor.5: vmalloc: allocation failure: 0 bytes, mode:0x14000c0(GFP_KERNEL), nodemask=(null) [ 335.116450] EXT4-fs: 3 callbacks suppressed [ 335.116457] EXT4-fs (sda1): Cannot specify journal on remount [ 335.126834] FAT-fs (loop2): Unrecognized mount option "audit" or missing value [ 335.131547] syz-executor.5 cpuset=syz5 mems_allowed=0-1 [ 335.143101] UBIFS error (pid: 20995): cannot open "/dev/loop0", error -22 [ 335.143401] CPU: 0 PID: 20988 Comm: syz-executor.5 Not tainted 4.14.131 #25 [ 335.157491] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 335.166846] Call Trace: [ 335.166865] dump_stack+0x138/0x19c [ 335.166878] warn_alloc.cold+0x96/0x1af [ 335.166891] ? zone_watermark_ok_safe+0x2b0/0x2b0 [ 335.166904] ? lock_downgrade+0x6e0/0x6e0 [ 335.166921] ? avc_has_perm+0x2df/0x4b0 [ 335.166934] __vmalloc_node_range+0x3be/0x6a0 04:53:10 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, &(0x7f0000000140)={0x0, @aes256}) [ 335.166946] ? trace_hardirqs_on+0x10/0x10 [ 335.166958] vmalloc+0x46/0x50 [ 335.166966] ? sel_write_load+0x1a0/0x1050 [ 335.166974] sel_write_load+0x1a0/0x1050 [ 335.166983] ? save_trace+0x290/0x290 [ 335.166998] ? sel_read_bool+0x240/0x240 [ 335.177233] ? trace_hardirqs_on+0x10/0x10 [ 335.177246] ? save_trace+0x290/0x290 [ 335.177260] __vfs_write+0x105/0x6b0 [ 335.214960] ? __lock_is_held+0xb6/0x140 [ 335.223222] ? sel_read_bool+0x240/0x240 [ 335.223232] ? kernel_read+0x120/0x120 [ 335.223241] ? __lock_is_held+0xb6/0x140 04:53:10 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, &(0x7f0000000140)={0x0, @aes256}) [ 335.223250] ? check_preemption_disabled+0x3c/0x250 [ 335.223263] ? rcu_lockdep_current_cpu_online+0xf2/0x140 [ 335.223274] ? rcu_read_lock_sched_held+0x110/0x130 [ 335.223283] ? rcu_sync_lockdep_assert+0x6d/0xb0 [ 335.223291] ? __sb_start_write+0x153/0x2f0 [ 335.223301] vfs_write+0x198/0x500 [ 335.223314] SyS_write+0xfd/0x230 [ 335.262809] ? SyS_read+0x230/0x230 [ 335.262821] ? do_syscall_64+0x53/0x640 [ 335.262830] ? SyS_read+0x230/0x230 [ 335.262841] do_syscall_64+0x1e8/0x640 04:53:10 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, &(0x7f0000000140)={0x0, @aes256}) 04:53:10 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) [ 335.272128] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 335.272157] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 335.304355] RIP: 0033:0x4597c9 [ 335.307543] RSP: 002b:00007fbe448e1c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 335.315250] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000004597c9 [ 335.315255] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000004 [ 335.315260] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 335.315265] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fbe448e26d4 04:53:10 executing program 4: syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x28001) write$evdev(0xffffffffffffffff, &(0x7f0000000280)=[{}], 0x12) [ 335.315269] R13: 00000000004c97d2 R14: 00000000004e0bc8 R15: 00000000ffffffff 04:53:10 executing program 5: socket$inet_udplite(0x2, 0x2, 0x88) ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") r0 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000140)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r0, &(0x7f0000000000)=ANY=[], 0x0) 04:53:10 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, &(0x7f0000000140)={0x0, @aes256}) 04:53:10 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) [ 335.386653] EXT4-fs (sda1): Cannot specify journal on remount [ 335.409103] FAT-fs (loop2): Unrecognized mount option "audit" or missing value 04:53:10 executing program 2: syz_mount_image$xfs(&(0x7f0000000040)='xfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000002680)=ANY=[@ANYBLOB='norecovery,biosize=00000000000000000007,logdev=.']) getresuid(&(0x7f0000000a40), &(0x7f0000000a80)=0x0, &(0x7f0000000ac0)) r1 = openat$dlm_control(0xffffffffffffff9c, &(0x7f0000000b80)='/dev/dlm-control\x00', 0x0, 0x0) getsockopt$inet_sctp_SCTP_PR_SUPPORTED(0xffffffffffffff9c, 0x84, 0x71, &(0x7f0000000bc0)={0x0, 0x8}, &(0x7f0000000c00)=0x8) getsockopt$inet_sctp6_SCTP_DEFAULT_SNDINFO(r1, 0x84, 0x22, &(0x7f0000000c40)={0x7, 0x4, 0x22, 0x3, r2}, &(0x7f0000000c80)=0x10) syz_mount_image$xfs(&(0x7f0000000000)='xfs\x00', &(0x7f00000000c0)='./file0\x00', 0x7ff, 0xa, &(0x7f0000000940)=[{&(0x7f0000000100)="aa597591faf008f996f32d8bf16dd1ce9035db2b5f0abf4a5f8c4d4cd409ec1a54ade8dae99d7e553f77def51fefd3532e88d063786f5cad39bd9d32b1d344b9bf3b1033d977c6f19090f299b2432d86c459622bd8d99dd3147dec274931883119e0651cd6615823a783b1ac9608f20af091d30a171097eb147c3d9fbc075a3ec08b068bceaa4f7887eedbfcfd5836aac842df57172891e378604bed472402bc575e89db87a143c127b043fda21840c8da9358e1b9c6d1c6a0c723c4dc506084adde66068fbc381a83a5fea779", 0xcd, 0x9}, {&(0x7f0000000200)="901f011ec60e7fe908c8396b105b0b46965825fe0cac02aafa0539f4d898e46c2201a8f4266b54b9ba4d2e4efa5c73d91337618e71013467640cf99451f775cb0076fc019a9e63aad590ce584b229a862394be81b0e125c9aa182fb70e42f5e3c5e94db256cfd52c4a5845990c8883948d6813c248f73c1a653983046b926161b8c57d5c23c910d9af18e5554d82304c988047350112", 0x96, 0x1}, {&(0x7f00000002c0)="18ef229aa0682830533afb1236e7555b3b26869506340e58d7e48e256adad3e7a88e82d51a8a2869f9101f047b75a5ddd3b97bb906eb4e8fd811eff25bc9febc4ff80b51d3c972451334f59333af1123c661d8a14d4e2b6794ce8d740993bc674d78fdce374b29fff9bcc434cba73e80346ade0d3e8186575c0abc0539e2a3b945412e73a1457675505eb1810c0b0eb344bf14dad9c91b34d1623e56432beea9b0be4e13541896875f8b8cc1e7816ab5a0402875c8d702ab5b4bb01ebbf827", 0xbf, 0x2}, {&(0x7f0000000380)="ec52cf097be9c6766782513307ef2d6aecb5c5af65573cb77d3bcf14a51d0578c5b3aa56c038e3072d5de1235b52c1be13505154024680e7758a29ad905758caa7c14e5f759af882c70da7f2d9bf18f5a89f0e485aeae58a15de2b9e9ff6f1b36dccf50996626a23990ef8dc68fa9b0b1ab85c92c263320139ff40ff925557d900cc7c005b207a8de2df226bcf6c", 0x8e}, {&(0x7f0000000440)="fd853da0a3f6d178e9393962a7a5348b94ce4753476ed946a81db0d318daf6b91d6b7670815f8b81069e22fae7a34951e107f539014220c9d0b6636d27b84e01c9c1d4e5a20b2679daab9f69e257953e8eb7c7d8cc10b64d0b4c6e9c3b860605022add40549b37d14776e79d112a45547957260982990308f541079b995479048122bb4e0067bd560997219158097f69b3858ab1d9aea828dc7e94eac6e811bbcd31785824d3ac24d24fc359b1b3fc2a9215d8329725b0d02515d97a88e6180a8dcaaf910a028bb7c20d", 0xca, 0x100000001}, {&(0x7f0000000540)="969d61bf2b0809b4fc6408106fcfe56f8f2c705a952d77f82fe4c93542db48874fbc308d97129c8ddb136d0d0bc394d94dfbcf44056fd5d227c430f2d201e4da98dbc97d677f1d47913a8c3359f56ea12ffcd6f1af61324519cd28fafb34921153433adb4587f1ecb2d2f9923badaa06b289fa4e729c9929a9805bade134", 0x7e, 0x8}, {&(0x7f00000005c0)="c629d606feb1e5094722732f26450d848457756e96f84a3bd1aa695e74be79440fc9fd3efa1be74b8d5bfae04fc4c777aa3bb87cecf706fa118d316f92bf7b972fd3b25662ba48d6adde73346297fdbc7cf5151b495274d2a24f9c2df865fb22ecaa526eb5fd631be58b3c66f009c1ccd9b3022c4a926201d1043232e23d0a7ae52dfa801227da93cf69adba65b207dc3180ce67a6bac94853d713cd7050ccac56ec8a488138cb7bc2c2bd12796ac0e4f0dc444f2973e3a804465be6f5eda8041e647d72360d8a", 0xc7, 0x4}, {&(0x7f00000006c0)="697459328b1387442296c41908b027d93eeb4a6d4dfe755feb5d2d36cb109443cc309d61f2b92ed354b3b63b8de6d4f5c9bb1d930b1f9f4126aa67721976ef7e7cce00008c7eab323c79d88f76bb9e008bb5a2352a8e498cb167a7471bebbe003f80e232c3e4e1436dc8538295fc226f8d982d0da8df353af9d0", 0x7a, 0x8c}, {&(0x7f0000000740)="3d95adf8f9d78d75b7404419e50808eb9251a1505777fd808ff0c930364398d3476399fb51dd730c94bf00f311b70ee14f9b80c397e4238c52329a9f94131106bf528a91908e185a1b87690edbe45bc66a9450b7769679cb2f37a01d749efb19463cfc7e635e909bf55537293be6faca57cc36427d7073b3d766e980a46b12e8b0f4e772a03d0c3621971a83a5717d0d2fef1b97b3f27b33a93520816e6c63439c31c7aaa1c7a5b585884121dbdfcd2b3c05263cdf1747908888b519fb3890f0bbd04f9213278e420bf4406de5fb", 0xce, 0x40}, {&(0x7f0000000840)="79be729190afece8e74ef7b74387e6f9b89b5f259a46c771cfe496dd747f1b7359351ef671e2293157b6293be21c2d498fde1fd75f7f007f19d43b46930240f901a4dd85529e695f7e592849ec8c292167df03af4374460d9512427f8146df386eece383c86abbf2c75e3b9387bea87155fce4f21637c3e6c45c220dd2683e6c8c8e7e1f66ca57d970e1b4e7c48a19e516f8289c9b3f60494e88fc3a609948e9cd01e55ef9f6149afcf6a15e99434f75a5e6b9a4f4fa89980c69c21bc20570a6baf0874a2160d7f24c75d5aae4e006c98e001a85ed2ec558ee8c1e699326648a63c7fef20105cbbb", 0xe8, 0x1}], 0x1882, &(0x7f0000000b00)={[{@nolargeio='nolargeio'}], [{@fscontext={'fscontext', 0x3d, 'sysadm_u'}}, {@subj_role={'subj_role', 0x3d, 'nnodevmd5summime_typeeth0Lmime_type,'}}, {@mask={'mask', 0x3d, '^MAY_WRITE'}}, {@fowner_lt={'fowner<', r0}}]}) 04:53:10 executing program 4: syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x28001) write$evdev(0xffffffffffffffff, &(0x7f0000000280)=[{}], 0x12) 04:53:10 executing program 0: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', 0x0, 0x2001001, 0x0) syz_mount_image$ext4(0x0, &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x100020, &(0x7f0000000180)=ANY=[@ANYBLOB="6a6f75726e616c5f6465761d307830300000303030303030303030303030b98ef91ce01b17e9dbf0809247b8b49f860f113c374949f205ceb8bd9177a030302f81fbe7a3159e7c38ba795d702116ce17c765905e3a467826a2301212d888c4b2a1872631f333e68beed89a946e718ee861c665db653215d14f4c86e544c29731f83c7a7b897466dc7c0cc871a0d64f4e6b4e070c1e6b108edc3b4951693cccab28bd717373db3f68db73a5f5023e29226619262f092df06c876c5459b355358f5044e49d066df92f14278c26013c35dd831d8acef5e3e6d31245b734578bbaa8f56284774327e9b00b47320c168963124e15ff3f9ec4d6df2eb2e04b051e40f2552f870463137d47cf224a"]) [ 335.524407] syz-executor.5: vmalloc: allocation failure: 0 bytes, mode:0x14000c0(GFP_KERNEL), nodemask=(null) [ 335.570291] syz-executor.5 cpuset=syz5 mems_allowed=0-1 [ 335.591493] CPU: 0 PID: 21026 Comm: syz-executor.5 Not tainted 4.14.131 #25 [ 335.598660] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 335.608014] Call Trace: [ 335.608038] dump_stack+0x138/0x19c [ 335.608052] warn_alloc.cold+0x96/0x1af [ 335.608062] ? zone_watermark_ok_safe+0x2b0/0x2b0 [ 335.608074] ? lock_downgrade+0x6e0/0x6e0 [ 335.608095] ? avc_has_perm+0x2df/0x4b0 [ 335.608109] __vmalloc_node_range+0x3be/0x6a0 [ 335.608121] ? trace_hardirqs_on+0x10/0x10 [ 335.608134] vmalloc+0x46/0x50 [ 335.608143] ? sel_write_load+0x1a0/0x1050 [ 335.608150] sel_write_load+0x1a0/0x1050 [ 335.608158] ? save_trace+0x290/0x290 [ 335.608172] ? sel_read_bool+0x240/0x240 [ 335.608183] ? trace_hardirqs_on+0x10/0x10 [ 335.608192] ? save_trace+0x290/0x290 04:53:10 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, &(0x7f0000000140)={0x0, @aes256}) 04:53:10 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) [ 335.608205] __vfs_write+0x105/0x6b0 [ 335.608214] ? __lock_is_held+0xb6/0x140 [ 335.608223] ? sel_read_bool+0x240/0x240 [ 335.608232] ? kernel_read+0x120/0x120 [ 335.608241] ? __lock_is_held+0xb6/0x140 [ 335.608251] ? check_preemption_disabled+0x3c/0x250 [ 335.608265] ? rcu_lockdep_current_cpu_online+0xf2/0x140 [ 335.608279] ? rcu_read_lock_sched_held+0x110/0x130 [ 335.618654] ? rcu_sync_lockdep_assert+0x6d/0xb0 [ 335.618666] ? __sb_start_write+0x153/0x2f0 [ 335.618678] vfs_write+0x198/0x500 [ 335.618692] SyS_write+0xfd/0x230 04:53:10 executing program 4: syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x28001) write$evdev(0xffffffffffffffff, &(0x7f0000000280)=[{}], 0x12) 04:53:10 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, &(0x7f0000000140)={0x0, @aes256}) [ 335.627832] XFS (loop2): no-recovery mounts must be read-only. [ 335.631710] ? SyS_read+0x230/0x230 [ 335.631723] ? do_syscall_64+0x53/0x640 [ 335.631733] ? SyS_read+0x230/0x230 [ 335.631745] do_syscall_64+0x1e8/0x640 [ 335.631754] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 335.631767] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 335.631775] RIP: 0033:0x4597c9 [ 335.631780] RSP: 002b:00007fbe448e1c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 335.631789] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000004597c9 [ 335.631794] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000004 [ 335.631798] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 335.631804] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fbe448e26d4 [ 335.631809] R13: 00000000004c97d2 R14: 00000000004e0bc8 R15: 00000000ffffffff [ 335.653032] warn_alloc_show_mem: 1 callbacks suppressed [ 335.653036] Mem-Info: [ 335.669019] active_anon:121922 inactive_anon:1219 isolated_anon:0 [ 335.669019] active_file:8255 inactive_file:13010 isolated_file:0 04:53:10 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, &(0x7f0000000140)={0x0, @aes256}) 04:53:10 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) [ 335.669019] unevictable:0 dirty:248 writeback:0 unstable:0 [ 335.669019] slab_reclaimable:12121 slab_unreclaimable:108813 [ 335.669019] mapped:59032 shmem:2594 pagetables:1189 bounce:0 [ 335.669019] free:1270935 free_pcp:248 free_cma:0 [ 335.769582] Node 0 active_anon:489740kB inactive_anon:4876kB active_file:32880kB inactive_file:52040kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:236128kB dirty:988kB writeback:0kB shmem:10376kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 436224kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 335.837160] Node 1 active_anon:0kB inactive_anon:0kB active_file:140kB inactive_file:0kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:4kB writeback:0kB shmem:0kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 335.877704] Node 0 DMA free:15908kB min:216kB low:268kB high:320kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 335.926075] lowmem_reserve[]: 0 2580 2580 2580 [ 335.948514] XFS (loop2): no-recovery mounts must be read-only. [ 335.964315] EXT4-fs (sda1): Unrecognized mount option "journal_dev0x00" or missing value [ 335.964365] Node 0 DMA32 free:1282316kB min:36468kB low:45584kB high:54700kB active_anon:485656kB inactive_anon:4876kB active_file:32880kB inactive_file:52040kB unevictable:0kB writepending:988kB present:3129332kB managed:2644912kB mlocked:0kB kernel_stack:7552kB pagetables:4608kB bounce:0kB free_pcp:860kB local_pcp:488kB free_cma:0kB [ 336.030810] lowmem_reserve[]: 0 0 0 0 [ 336.034661] Node 0 Normal free:0kB min:0kB low:0kB high:0kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:0kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 336.061213] lowmem_reserve[]: 0 0 0 0 [ 336.065186] Node 1 Normal free:3786832kB min:53420kB low:66772kB high:80124kB active_anon:0kB inactive_anon:0kB active_file:140kB inactive_file:0kB unevictable:0kB writepending:4kB present:3932160kB managed:3870208kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 336.093932] lowmem_reserve[]: 0 0 0 0 [ 336.097773] Node 0 DMA: 1*4kB (U) 0*8kB 0*16kB 1*32kB (U) 2*64kB (U) 1*128kB (U) 1*256kB (U) 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15908kB [ 336.112328] Node 0 DMA32: 10535*4kB (UME) 2834*8kB (UME) 2728*16kB (UME) 1869*32kB (UME) 826*64kB (UM) 89*128kB (UM) 9*256kB (UME) 4*512kB (ME) 2*1024kB (UE) 3*2048kB (UME) 254*4096kB (M) = 1285452kB [ 336.130421] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 336.141599] Node 1 Normal: 48*4kB (UE) 360*8kB (UME) 279*16kB (UME) 53*32kB (UME) 17*64kB (UME) 12*128kB (UE) 4*256kB (UM) 3*512kB (UE) 2*1024kB (ME) 5*2048kB (UME) 918*4096kB (M) = 3786832kB [ 336.169477] EXT4-fs (sda1): Unrecognized mount option "journal_dev0x00" or missing value [ 336.173810] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 336.187278] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB 04:53:11 executing program 5: socket$inet_udplite(0x2, 0x2, 0x88) ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") r0 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000140)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r0, &(0x7f0000000000)=ANY=[], 0x0) 04:53:11 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, &(0x7f0000000140)={0x0, @aes256}) 04:53:11 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) 04:53:11 executing program 4: syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x28001) write$evdev(0xffffffffffffffff, &(0x7f0000000280)=[{}], 0x12) 04:53:11 executing program 2: r0 = syz_open_dev$vcsn(&(0x7f0000000000)='/dev/vcs#\x00', 0xffffffff, 0x342ba257ae9c08c7) setsockopt$IPT_SO_SET_REPLACE(r0, 0x0, 0x40, &(0x7f0000000280)=@nat={'nat\x00', 0x1b, 0x5, 0x598, 0xd0, 0x308, 0x0, 0x308, 0x0, 0x500, 0x500, 0x500, 0x500, 0x500, 0x5, &(0x7f00000000c0), {[{{@uncond, 0x0, 0x98, 0xd0}, @REDIRECT={0x38, 'REDIRECT\x00', 0x0, {0x1, {0x2, @local, @empty, @port=0x4e23, @gre_key=0x1}}}}, {{@uncond, 0x0, 0x1f0, 0x238, 0x0, {}, [@common=@inet=@policy={0x158, 'policy\x00', 0x0, {[{@ipv6=@ipv4={[], [], @broadcast}, [0xff0000ff, 0xff000000, 0x0, 0xffffffff], @ipv6=@ipv4={[], [], @dev={0xac, 0x14, 0x14, 0xc}}, [0xff, 0xff, 0xffffffff], 0x4d5, 0x3502, 0x5c, 0x0, 0x1, 0x4}, {@ipv4=@loopback, [0xffffffff, 0xffffffff, 0xffffffff], @ipv4=@multicast1, [0x8cc002c830606046, 0xff000000, 0xff, 0xffffffff], 0x4d5, 0x3502, 0x2, 0x1, 0x10, 0x2}, {@ipv4=@empty, [0xff000000, 0xffffffff, 0xffffffff], @ipv4=@dev={0xac, 0x14, 0x14, 0x28}, [0xff000000, 0xffffff00, 0xffffffff, 0xffffff00], 0x4d6, 0x0, 0x67, 0x1, 0x1, 0x9}, {@ipv4=@multicast1, [0x0, 0x0, 0xffffffff, 0xff], @ipv4=@dev={0xac, 0x14, 0x14, 0x14}, [0xffffffff, 0xff, 0xffffff00], 0x4d2, 0x0, 0x0, 0x1, 0x8, 0x4}], 0xd, 0x3}}]}, @unspec=@SNAT1={0x48, 'SNAT\x00', 0x1, {0x8, @ipv6=@remote, @ipv4=@multicast2, @icmp_id=0x66, @gre_key=0xfffffffffffff90a}}}, {{@uncond, 0x0, 0xe0, 0x118, 0x0, {}, [@common=@socket0={0x20, 'socket\x00'}, @common=@unspec=@cgroup0={0x28, 'cgroup\x00', 0x0, {0x3}}]}, @MASQUERADE={0x38, 'MASQUERADE\x00', 0x0, {0x1, {0x8, @multicast2, @remote, @icmp_id=0x67, @icmp_id=0x67}}}}, {{@ip={@rand_addr=0x7, @local, 0xffffffff, 0xff0000ff, 'vxcan1\x00', 'bond_slave_0\x00', {0xff}, {0x298b0e5e15c779e7}, 0x6c, 0x1, 0x20}, 0x0, 0x98, 0xe0}, @unspec=@SNAT1={0x48, 'SNAT\x00', 0x1, {0x3, @ipv4=@multicast1, @ipv4=@remote, @port=0x4e21, @gre_key=0x5}}}], {{[], 0x0, 0x70, 0x98}, {0x28}}}}, 0x5f8) syz_mount_image$xfs(&(0x7f0000000240)='xfs\x00', &(0x7f0000000080)='./file0\x00', 0x400000000000, 0x0, 0x0, 0x4880, &(0x7f0000000200)=ANY=[@ANYRES64]) [ 336.195970] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 336.205054] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 336.213708] 23863 total pagecache pages [ 336.213723] 0 pages in swap cache [ 336.213728] Swap cache stats: add 0, delete 0, find 0/0 [ 336.213734] Free swap = 0kB [ 336.226771] Total swap = 0kB [ 336.226778] 1965979 pages RAM [ 336.226781] 0 pages HighMem/MovableOnly [ 336.226786] 333222 pages reserved [ 336.226789] 0 pages cma reserved 04:53:11 executing program 0: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f0000000100)='./file0\x00', 0x0, 0x2001001, 0x0) syz_mount_image$ext4(0x0, &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x100020, &(0x7f0000000040)={[{@journal_dev={'journal_dev'}}]}) 04:53:11 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) 04:53:11 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, &(0x7f0000000140)={0x0, @aes256}) [ 336.299871] syz-executor.5: vmalloc: allocation failure: 0 bytes, mode:0x14000c0(GFP_KERNEL), nodemask=(null) [ 336.313597] syz-executor.5 cpuset=syz5 mems_allowed=0-1 [ 336.319319] CPU: 0 PID: 21083 Comm: syz-executor.5 Not tainted 4.14.131 #25 [ 336.326461] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 336.335811] Call Trace: [ 336.338392] dump_stack+0x138/0x19c [ 336.342085] warn_alloc.cold+0x96/0x1af [ 336.346145] ? zone_watermark_ok_safe+0x2b0/0x2b0 [ 336.351088] ? lock_downgrade+0x6e0/0x6e0 [ 336.355753] ? avc_has_perm+0x2df/0x4b0 [ 336.359732] __vmalloc_node_range+0x3be/0x6a0 [ 336.364235] ? trace_hardirqs_on+0x10/0x10 [ 336.368460] vmalloc+0x46/0x50 [ 336.371637] ? sel_write_load+0x1a0/0x1050 [ 336.375870] sel_write_load+0x1a0/0x1050 [ 336.379944] ? save_trace+0x290/0x290 [ 336.384711] ? sel_read_bool+0x240/0x240 [ 336.388959] ? trace_hardirqs_on+0x10/0x10 [ 336.393196] ? save_trace+0x290/0x290 [ 336.397093] __vfs_write+0x105/0x6b0 [ 336.400793] ? __lock_is_held+0xb6/0x140 [ 336.404838] ? sel_read_bool+0x240/0x240 [ 336.408882] ? kernel_read+0x120/0x120 [ 336.412757] ? __lock_is_held+0xb6/0x140 [ 336.416809] ? check_preemption_disabled+0x3c/0x250 [ 336.423548] ? rcu_lockdep_current_cpu_online+0xf2/0x140 [ 336.429001] ? rcu_read_lock_sched_held+0x110/0x130 [ 336.434005] ? rcu_sync_lockdep_assert+0x6d/0xb0 [ 336.438761] ? __sb_start_write+0x153/0x2f0 [ 336.443073] vfs_write+0x198/0x500 [ 336.446601] SyS_write+0xfd/0x230 [ 336.450047] ? SyS_read+0x230/0x230 [ 336.453675] ? do_syscall_64+0x53/0x640 [ 336.457630] ? SyS_read+0x230/0x230 [ 336.461254] do_syscall_64+0x1e8/0x640 [ 336.465140] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 336.469972] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 336.475150] RIP: 0033:0x4597c9 [ 336.478335] RSP: 002b:00007fbe448e1c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 336.486029] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000004597c9 [ 336.493302] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000004 04:53:11 executing program 4: syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x28001) write$evdev(0xffffffffffffffff, &(0x7f0000000280)=[{}], 0x12) [ 336.500557] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 336.507810] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fbe448e26d4 [ 336.515070] R13: 00000000004c97d2 R14: 00000000004e0bc8 R15: 00000000ffffffff 04:53:11 executing program 5: socket$inet_udplite(0x2, 0x2, 0x88) ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") r0 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000140)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r0, &(0x7f0000000000)=ANY=[], 0x0) 04:53:11 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) 04:53:11 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, &(0x7f0000000140)={0x0, @aes256}) [ 336.574563] XFS (loop2): unknown mount option [ÿÿÿÿÿÿÿÿ]. [ 336.639547] XFS (loop2): unknown mount option [ÿÿÿÿÿÿÿÿ]. [ 336.666241] syz-executor.5: vmalloc: allocation failure: 0 bytes, mode:0x14000c0(GFP_KERNEL), nodemask=(null) 04:53:11 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, &(0x7f0000000140)={0x0, @aes256}) 04:53:11 executing program 2: r0 = openat$selinux_policy(0xffffffffffffff9c, &(0x7f0000001340)='/selinux/policy\x00', 0x0, 0x0) getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, &(0x7f0000001380)={{{@in6=@loopback, @in=@empty, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@loopback}, 0x0, @in6=@loopback}}, &(0x7f0000001480)=0xe8) fstat(0xffffffffffffffff, &(0x7f00000014c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) mount$fuseblk(&(0x7f0000000000)='/dev/loop0\x00', &(0x7f00000012c0)='./file0\x00', &(0x7f0000001300)='fuseblk\x00', 0x3004081, &(0x7f0000001540)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x1000}, 0x2c, {'user_id', 0x3d, r1}, 0x2c, {'group_id', 0x3d, r2}, 0x2c, {[{@allow_other='allow_other'}, {@allow_other='allow_other'}, {@blksize={'blksize', 0x3d, 0xc00}}, {@allow_other='allow_other'}], [{@subj_role={'subj_role', 0x3d, 'xfs\x00'}}, {@dont_appraise='dont_appraise'}, {@smackfsfloor={'smackfsfloor', 0x3d, '{'}}]}}) syz_mount_image$xfs(&(0x7f0000000040)='xfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x10000000002, &(0x7f0000002680)=ANY=[@ANYPTR64=&(0x7f0000000240)=ANY=[@ANYRESDEC, @ANYPTR=&(0x7f00000000c0)=ANY=[@ANYBLOB="cddb0c7a0fdcf79a5e9defc7cff70dc9dce95c2fc44e8cba1fd3d1ce5da262c08cbb3d9b3c46025dbf1bd2fe023d472ac20e19692671dd2cbfaece20dd065b577524a61d65becbd147c6d9a14ba5f5026e6b631e9dfadb212787e813b0e436bb50c65bfd49ee2540a45e25abcb642e46cfec5bbdcd750455602e73f6a99ad7e8256721ef9ff471cb96b1bc12aaf5e1cb510dd3fe835de0f973a76e23914d4e2d92454e08bfd7395a2ed05c9abdaabb21cf83b44bef8e90c2013ed1b710f9639f95dae24bd42333092423b61b3212c1d70d520d1b9b08", @ANYRESOCT, @ANYPTR, @ANYPTR64, @ANYRESDEC, @ANYBLOB="c7d05c3ae7b30cd15fd97928e8b076536b54c485611e228841ccc9f353be80ad95f6ebaa375a76083c6e2e0d81c71b25d11008f6ef62d8485407", @ANYRES32=0x0], @ANYRES64, @ANYRESOCT, @ANYBLOB="8f43a2cde204ca45c612e515f2477a103f9a467f0236b03378dbc9cc16f80bc59e81214991e725ad886ba9a11d11db87c91a2422bdf2bb45aaacb488af79e728661f742753f33c97f85ff7c9349a8369ff052e677c22538d334c349a6445cef9bad5783e29044de7cddb3def42a8d3255e90c0307f83e057e09e2aff386b47bed465cad25b69e0c5a71392781ca829dda3fa7242fa61aa8a62772c7b57ddff8af748ad9599e56f5dfe1bc77e93d654fcab3e993c3c85ce67890b935bd879410fd3ee7adf7d1290006451634d602a1d66e2631900d00ce8e2e86e6ff74cb43fd95e4016af4f57f33a49f45cb608be13f67f8960bf49f05086b15ad03bcedbfab88f79505ec634c928f4e015fa2c008f3adabf0e10c139e36acc0187be487e0b572bdef55f9e7361940015a93384e9431d8a744ffd560cf601a422ca4691e5e1d29492f60e7fecb70ad165cb885a7dd6898a27ab3064ee30829a551e129c329dc0b02ac73c81e548c56b600be3688522d455124b9de446690cb39e2204c9e3f3791b61ff2c949e20db3301c5b1e74c1c2bf490b5902e58b3ceebe8b7f09dc7748e0ce9ca5e9eb82e208eb8d75aef4d869a62df6d14b6898563cec9b2783aa6804ade778fa70f3b092c47827f3ac9fc0a8e5e0081c02e85d16739bf7f34a9fbe8c82204329cb51cfb7773ab70adc903c5383dfdd6f0919b2b166e53187f6c23f126b85696b3cc658c5903066ca9a807375cb939db125e606e90f9511bfdad39d1ee1453e8f7c0388c4ebf9186e8dc6b074c24f4d1481d1f20f68aebc0e08efaf17f8bb981d0c47132c811ad19b9a9692d35da4d936a7872e9456d2e5f80b920f565cd2df48e352f33f7947f6b11591743dd5af6aaca733119c1a0342d22db744bc056775bdd8509f4f2775d3f4016a46bbc933f83bd1e4fe3cb87e78a742bce74834a69b708846af0ac2de2b2ec8b203174933a514681f245626cc3523c9fbd474170da1e96190371523e0cb8f4200eccdfdb9ea80f2aef93e9ca7282b7a510badff428d2dc290e4b797acc379bddd3d88bc294472dfe5fa75eee9f26c78ac88ebc80ea9370d501f8293235d1ac56c0209d645192d3399bcc156596614522ea160b4b33185824ee61d3e25c9f7b28cb9fb4512d54b803a91b75bd2f89d39d1b45658d3aa4219f115969eae7a1c89fa2f17109ec78cbc115f7e422e2e9e795a322bdae2bac5a9f429bde2683298c81485ad025db3db6c7189a00f81c3db38f656f6ebb5056483ed4c619d74968b20b1f91d535a574b1e97b0b991441a4d125f777ff4e8a4d02aad659b5305370e4f20157ffaaf69a1cf6b5ec8a014cf54e1f28e1e19f5b77d22ccab7b1c378a7bbc2c2929d53bb7802dd830f24f0611181d71487e740daca3cad4bcac6eb90236903c13caf6fa9b90035dddd376132bcd4635162e4758cf3e5e52d7f3616c5f915151162f09ceeff49f95b64c7f3e4ae0c52d70afe14f4f9a10e42c71498e4d12b412d78740bccf346def5569b92619049761193c2b984ca09d5ff208e202ddc52d762548263632b36bccb28c7bc03660dec91c8aac79fa045304d6ffbea8f8c92eecdffdcf6893e0abb0ed2942f4281d6c553366f230dd2feef546759917f051a1f97b194638c9873675ecb5104972af6adfd9e1c8fb77538221c441d462dfb4d3b532c524de2f5c675931cc7e390d32904e867252c9f85cf4b2aad80096c5d4f6662063cd84926ea04458c57e5f09b832f0d82e814af99fd0cd175878130a1282642d01b27c497e98b901651ae76044f387844861827b23e6a25890b19131e48f594c6f51fc6d374d72b8fecf9690299d35d52d3cbba85184c6aada3d3acd9cf1a1eb6e59cbc032391a22c92861b9c763cfb0c6d9ddea81d55296fd167cafc6d1c4f9d565600b1c8697c5d0e2d47f5671b651fd56cf6d30037b4f55afd8eafbdce0c2e2dfc5a72d9e0fc63d4924bd4af7c05d84a0f0fe262f91ce1b4f0cebea9a16508889d77c6d5a80ac924881a52a33664fc3fce08ae3785c1c8b638a560ca989f6ea8090782374d1a006700301591f15e10db7df93c94081071424a0c1c55725fb88c006a554de8e52aa69d4720edb4d5d0c18c2e9164bfcb5e63a14da2a6a2c0e3b88e88608379186a89c92502c7209d421fa674c741c0e54647a41e5af7509077ef7db344a9f457af8b570f623e71d67665519699ff3e8edc5265a025c45b66faa68f44bc629b5c8e9e04e52db1e3a206f7c067f8b06f5b681822aa85a03878ab7c1657dfddfb3260d103249e60bf7f3412e249e596f6e9b274d4265d0b787e56bbc46c3fcd5c9b7ce83fac9a0194d90a4221f5fc811ca710fcb9637616dcf57ae4170355c05850b77316811735ba3428c10c67819cd4c899ea51656d29068be65fa3f93e6a03ad8985b99fb34c5b61493647a94cb284bc16eaf68cc2035ef03a0765bb04f7a2daa5a185cce3e2a8a9cfdb9ad26845a14f3fbc25a2623f846669344e24a2f9c38b1d63fbcc444fa441dd726f03c1839fbd35b1b7c5733d1a4cef90029c3a3cd5dcac29d778485fdfb8b5a48e02828fd3a1d7b9f8b55ec9a077134eae77809e45cae6c143002454d1de4e0e552841c93410e310cea60d54f4b4be2dbb5751844186ad178e26f9bd187dffc3a4c9954a03853d7ae4226d94f4867453d9b6bebdc186d5acddd6c03068cb51227549848c370a3f5094187bb4204bbfa7fe25198d244839971755dab312e96217c2bf21abeac7211f3d12ee3484588b7fc1bd30ea1832d7c63147cc888f2560535677fa751ff8078613695d8258898e4591ba832cafe891a835cb3b3e09373b4a16471efe14848f956f43758548b1316c5360a811506b73c8d7784698a381a5383cfc5c27ba8b4156095b96dcef13e9e77af13b0e9e9f2536e1cc56649c2b286d8a3e30424d471ff736f4cdbabe9745b60ee44f6b75fe47750118a2139e71399f7d40dc4069a32e880fe6a7c615b596dc97b6abbbe19f9aad35d16d2df137d365a28399116a87cd5135e91e4a4e906c7c77e87289a1b210958a4760de6b6aebc6e973b6fc4c9ed83b4d029b1b966371e06632ac20e8c5a84335c2ca5f5727427f0ff7d588e98d605b419cf5132bbd66796fa29d1cdd4b982543dc72aeb3b86b6ec9a75426d3cba6aced8e524506e6e024bf954457109be14632ad6af15c62ccb03a8d3c9fd4bfe44a0bace21733831b534d6c08774eccf7a516877830ba71723ed3d5fc7dd9e955c52e44a24c238ae148327a665fd44310fbf5bca7f23d384a3091c7a4c0cbb4891cc2a3d0b555d6328d298e36d31df2e8a4c31ad776638e73df897729f1bab5ba6c186358277908a587c41f3a9fcb8706295553364b07f32805e0583a4a7817515272a80f877ae1c7d501ddc06eed16b1a5ca7e48fd030434fb7ff978452b796c084ae91000567eb99a3e6a12fbc733601c3b71576cf9e571c709a7fbe130ccd677e94216be131554fed7617c170e96a4ef823b5a0d902a810a4205eca0a11bc67d47b0716734280b4524876416aca9788383adbfbb105808566e43227b6150eb755fae628b3c1b0acbd5531a60e70e57fc9fe65ff401969bdd126f17f23f6feb35b805bcfc8845f033fc04bf15afb1af870cfacd317184dd37bf2def8658dcca2364533f007bcb7ddbeb15f453a85d5cbfe8fde2d9ec912048d5488d4b57ad8857e7399f202795fac7403288795c2d7d91e45efcfca81f41e2842047f42a0ddd0f85eb30255ff0dba2f71c67d8ea9d4d321fc80dabb2a24e511432200eb50c0ee89a9838079448ba43dfcf64ed4372ee6e21edfcaf728f1e36db1aaa7c9ef5bb6f02e2386d228fc2087eb462dd80cb790b49577008f5e77af6817172e69fdce8dad8a086a99efda7f8f2b58e8d53b2b050c5a88fddd11feff5b8da84b1b485e5c6861ec8551e82386e881a630a410a9320382a0dbab27e9b19c2aadc03ed486a999995f98bb2670f0a7fb08bf43ed7942f122bb370b5f3b3b9db512a93e1555d9c155f3fd41852a99ccc038400213923fdd1cf449b63487bb86927b4c8138da7686bca15165c07e46eb4ddbfdb174f539edf606959919ad4ce9c3caf6262b2f3abd686aa1f868967735ceb801b383a09d3cc2ddd6d5daa216c6a9bdc338d73ba0fd6ef7d6281e43078e04b063e009eb1d202720f9c95082744ba09c01fa2fede06d2791576b81717e25515ba7603a51f11c3382e3f604a95a361b8ffdbf4d21eecb458deeae9bdbd7cd342e060fd5181b258209e89aed2f926f26bfab906c0bbfb39d6a9e55b8bba2d5fcbd54be414a12037dd8bc23b904a411684fb94d717827d634ee821cf077d737a3fc2eb9a9137edd4f4a38ab53372520f6c512d100455dce08493e899c138d7414067d73d59d9e14ad51b502c21a817e0ee7fe6500daf83ac345b80b76d13510c83879cd76a89474ecbbf17acf8e5f6ddcbd0fe4b03850ca49c5df29e81cdd0d25c525f14123900a6a3b81ca363c027a14c71d8f8025e6e260c2d5939db850c815eee8490ea32a20db9c96af3a22d06c06d975deb89f6990ca192363290cf677643831d4d2090c365ce75bd95f9f99b039d09e484e0b5a4fcf35d8e303bed8cbfc891e97941053db5c103918d370fd2aef450966d0c391c4a912833d16916d9f657583e2cf52edce936861b757ac195480a477440a084a403704bad52fe99c8f679617c605123cbd4d456de084afdffe5ed2561c7826b108e5b9e41875d2c64079ef9a5e0c1551b846f61650888b6f1b2c5f11c5d221f60ff132b39d26590313144f9c0f0e42ee7adb9ee0dff5386d6fbe88774e5410323dc4856717ebc0264a769c00fd6e0339838580c12e6513ba921fdf033b471af4f60e677d16e4c008d2b264c93121b00303d6aa890a1b593ee333627011138529e6c22cf2571d710e1e47f49afad3f28d5f976fa24d0065e6ca425a6e6cf40cc664a0feefb47fc6d568683b9421f8db381d1da60bb3852a857279bfb1e5d3350db2c32248476beafef1eb53250341edf3b8e592dbe3bf9add0e2b676fb3d0bfc0056feac3e328d5c17aa02814a1a5fb147dd32afabf8e7a1fa80f655554e7e3dd823b3be3f9cc6c6d141c54d22b24934c4312ce44c1481841ed0025800659bbc8ff12e55bdf0c2b616bc8810d631ff43573e8ad566ca1da7a7b62dd9d1d87362923596dbbe147dc70015bed321061d2ed81780d20ca5f00f12d1f897d0132bbc131ccb40a5d41f287ce989d42d8d8e52f9247b36a3f21764e17caa0c9da1c19eac6599eb60feb5069f72bbd2fe6c9b7fa16a2c397b1d56ceeeadb47d95b2334bcc71566899a69ed730c8f684baf808417309022b915f08230fa2f85cb1457efcda8eff349a96be5f29b516208b0990d65e95f69d1727a3c46f5db5131dd92ab7ebdd2190604e0b61241465d4c31ccdce61ceccbc41382c295fb4b4e7052bcf04ae3a3ac0e0e7e57361c312dfcf9753bbf29927444c77ab9875c5915bbb2eec657f55595fb6b52a5a7a76284184f69478a6c57749cb37b158fe2004fc5076b5a346c78937276463e59d2017a93a22fb3e36668c75e408127caced3a209ba3712dbc33b5c15a6ad15516b0cb9d7791684741837d30492e8a10db41daa53150adee520d4fb5090882499626756bfd81cfa84c6654a6ebb4848b0288fa2fb73f70bf5ce9c19db83820bb76576dc45375e6cb83257e694feae148f82db82a392ca757a15980d39ade60954f35ef8b6ecc45af3a443690d64f29ad93", @ANYRES16, @ANYBLOB="4280641b0eef3784a9efa764c05d0200b161d8456166ac770549bb4ba304e8331871bcc8033ea682b0e36df60793", @ANYPTR64]]) 04:53:11 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) [ 336.691800] syz-executor.5 cpuset=syz5 mems_allowed=0-1 [ 336.708018] CPU: 0 PID: 21105 Comm: syz-executor.5 Not tainted 4.14.131 #25 [ 336.715160] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 336.724519] Call Trace: [ 336.727115] dump_stack+0x138/0x19c [ 336.727132] warn_alloc.cold+0x96/0x1af [ 336.727144] ? zone_watermark_ok_safe+0x2b0/0x2b0 [ 336.727157] ? lock_downgrade+0x6e0/0x6e0 [ 336.727172] ? avc_has_perm+0x2df/0x4b0 [ 336.734754] __vmalloc_node_range+0x3be/0x6a0 [ 336.734771] ? trace_hardirqs_on+0x10/0x10 [ 336.734785] vmalloc+0x46/0x50 [ 336.734793] ? sel_write_load+0x1a0/0x1050 [ 336.734802] sel_write_load+0x1a0/0x1050 [ 336.767950] ? save_trace+0x290/0x290 [ 336.771859] ? sel_read_bool+0x240/0x240 [ 336.775938] ? trace_hardirqs_on+0x10/0x10 [ 336.780194] ? save_trace+0x290/0x290 [ 336.783999] __vfs_write+0x105/0x6b0 [ 336.784013] ? __lock_is_held+0xb6/0x140 04:53:11 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) [ 336.784025] ? sel_read_bool+0x240/0x240 [ 336.784036] ? kernel_read+0x120/0x120 [ 336.784047] ? __lock_is_held+0xb6/0x140 [ 336.784056] ? check_preemption_disabled+0x3c/0x250 [ 336.784069] ? rcu_lockdep_current_cpu_online+0xf2/0x140 [ 336.791818] ? rcu_read_lock_sched_held+0x110/0x130 [ 336.791829] ? rcu_sync_lockdep_assert+0x6d/0xb0 [ 336.791840] ? __sb_start_write+0x153/0x2f0 [ 336.791853] vfs_write+0x198/0x500 [ 336.791867] SyS_write+0xfd/0x230 [ 336.791878] ? SyS_read+0x230/0x230 04:53:11 executing program 4: syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x28001) write$evdev(0xffffffffffffffff, &(0x7f0000000280)=[{}], 0x12) [ 336.791886] ? do_syscall_64+0x53/0x640 [ 336.791894] ? SyS_read+0x230/0x230 [ 336.791904] do_syscall_64+0x1e8/0x640 [ 336.791913] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 336.791927] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 336.791934] RIP: 0033:0x4597c9 [ 336.791939] RSP: 002b:00007fbe448e1c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 336.809264] EXT4-fs (sda1): Cannot specify journal on remount [ 336.814417] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000004597c9 [ 336.814424] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000004 [ 336.814429] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 336.814435] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fbe448e26d4 [ 336.814441] R13: 00000000004c97d2 R14: 00000000004e0bc8 R15: 00000000ffffffff [ 336.867014] warn_alloc_show_mem: 1 callbacks suppressed [ 336.867018] Mem-Info: [ 336.938685] active_anon:121998 inactive_anon:1297 isolated_anon:0 [ 336.938685] active_file:8255 inactive_file:13019 isolated_file:0 [ 336.938685] unevictable:0 dirty:258 writeback:0 unstable:0 [ 336.938685] slab_reclaimable:12120 slab_unreclaimable:109070 [ 336.938685] mapped:59064 shmem:2669 pagetables:1213 bounce:0 [ 336.938685] free:1270328 free_pcp:134 free_cma:0 [ 336.974052] Node 0 active_anon:488068kB inactive_anon:5212kB active_file:32860kB inactive_file:52036kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:236236kB dirty:1064kB writeback:0kB shmem:10708kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 436224kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 337.002704] Node 1 active_anon:0kB inactive_anon:0kB active_file:140kB inactive_file:0kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:4kB writeback:0kB shmem:0kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 337.028539] Node 0 DMA free:15908kB min:216kB low:268kB high:320kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 337.028564] lowmem_reserve[]: 0 2580 2580 2580 [ 337.028583] Node 0 DMA32 free:1279928kB min:36468kB low:45584kB high:54700kB active_anon:488068kB inactive_anon:5212kB active_file:32860kB inactive_file:52036kB unevictable:0kB writepending:1064kB present:3129332kB managed:2644912kB mlocked:0kB kernel_stack:7712kB pagetables:4796kB bounce:0kB free_pcp:1344kB local_pcp:672kB free_cma:0kB [ 337.028608] lowmem_reserve[]: 0 0 0 0 [ 337.028627] Node 0 Normal free:0kB min:0kB low:0kB high:0kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:0kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 337.028650] lowmem_reserve[]: [ 337.110070] 0 0 0 0 [ 337.128069] Node 1 Normal free:3786832kB min:53420kB low:66772kB high:80124kB active_anon:0kB inactive_anon:0kB active_file:140kB inactive_file:0kB unevictable:0kB writepending:4kB present:3932160kB managed:3870208kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 337.158348] lowmem_reserve[]: 0 0 0 0 [ 337.166001] Node 0 DMA: 1*4kB (U) 0*8kB 0*16kB 1*32kB (U) 2*64kB (U) 1*128kB (U) 1*256kB (U) 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15908kB [ 337.181684] EXT4-fs (sda1): Cannot specify journal on remount [ 337.198253] Node 0 DMA32: 10473*4kB (UME) 2814*8kB (UME) 2748*16kB (UME) 1870*32kB (UME) 827*64kB (UM) 89*128kB (UM) 9*256kB (UME) 4*512kB (ME) 2*1024kB (UE) 2*2048kB (UE) 254*4096kB (M) = 1283412kB [ 337.219904] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB 04:53:12 executing program 0: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) r0 = syz_open_dev$dmmidi(&(0x7f0000000100)='/dev/dmmidi#\x00', 0xfffffffffffeffff, 0x20000) r1 = getpgid(0x0) write$P9_RGETLOCK(r0, &(0x7f0000000140)={0x20, 0x37, 0x1, {0x0, 0x3, 0x5, r1, 0x2, '@-'}}, 0x20) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', 0x0, 0x2001001, 0x0) syz_mount_image$ext4(0x0, &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x100020, &(0x7f0000000040)={[{@journal_dev={'journal_dev'}}]}) 04:53:12 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, &(0x7f0000000140)={0x0, @aes256}) 04:53:12 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) 04:53:12 executing program 4: syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x28001) write$evdev(0xffffffffffffffff, &(0x7f0000000280)=[{}], 0x12) [ 337.235061] Node 1 Normal: 48*4kB (UE) 360*8kB (UME) 279*16kB (UME) 53*32kB (UME) 17*64kB (UME) 12*128kB (UE) 4*256kB (UM) 3*512kB (UE) 2*1024kB (ME) 5*2048kB (UME) 918*4096kB (M) = 3786832kB [ 337.256788] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 337.271531] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 337.288668] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 337.297649] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 337.306306] 23879 total pagecache pages [ 337.310339] 0 pages in swap cache [ 337.313794] Swap cache stats: add 0, delete 0, find 0/0 [ 337.319168] Free swap = 0kB [ 337.323684] Total swap = 0kB [ 337.326875] 1965979 pages RAM [ 337.330171] 0 pages HighMem/MovableOnly [ 337.334199] 333222 pages reserved [ 337.337753] 0 pages cma reserved 04:53:12 executing program 5: socket$inet_udplite(0x2, 0x2, 0x88) ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") r0 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000140)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r0, &(0x7f0000000000)=ANY=[], 0x0) 04:53:12 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, &(0x7f0000000140)={0x0, @aes256}) 04:53:12 executing program 4: syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x28001) write$evdev(0xffffffffffffffff, &(0x7f0000000280)=[{}], 0x12) 04:53:12 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) [ 337.444556] syz-executor.5: vmalloc: allocation failure: 0 bytes, mode:0x14000c0(GFP_KERNEL), nodemask=(null) [ 337.468397] EXT4-fs (sda1): Cannot specify journal on remount 04:53:12 executing program 2: r0 = syz_open_dev$amidi(&(0x7f0000000000)='/dev/amidi#\x00', 0x1ff, 0x4000) getsockopt$netrom_NETROM_T1(r0, 0x103, 0x1, &(0x7f0000000180), &(0x7f00000001c0)=0x4) getsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(0xffffffffffffffff, 0x84, 0x75, &(0x7f00000000c0)={0x0, 0xe4ab}, &(0x7f0000000100)=0x8) setsockopt$inet_sctp6_SCTP_MAXSEG(r0, 0x84, 0xd, &(0x7f0000000140)=@assoc_id=r1, 0x4) syz_mount_image$xfs(&(0x7f0000000040)='xfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000002680)=ANY=[@ANYBLOB='norecovery,biosize=00000000000000000007,logdev=.']) 04:53:12 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) 04:53:12 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, &(0x7f0000000140)={0x0, @aes256}) [ 337.492400] syz-executor.5 cpuset=syz5 mems_allowed=0-1 [ 337.532830] CPU: 1 PID: 21160 Comm: syz-executor.5 Not tainted 4.14.131 #25 [ 337.539985] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 337.549440] Call Trace: [ 337.552049] dump_stack+0x138/0x19c [ 337.555700] warn_alloc.cold+0x96/0x1af [ 337.559686] ? zone_watermark_ok_safe+0x2b0/0x2b0 [ 337.564542] ? lock_downgrade+0x6e0/0x6e0 [ 337.568712] ? avc_has_perm+0x2df/0x4b0 [ 337.572707] __vmalloc_node_range+0x3be/0x6a0 [ 337.577219] ? trace_hardirqs_on+0x10/0x10 04:53:12 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) [ 337.581475] vmalloc+0x46/0x50 [ 337.584693] ? sel_write_load+0x1a0/0x1050 [ 337.588933] sel_write_load+0x1a0/0x1050 [ 337.588947] ? save_trace+0x290/0x290 [ 337.588965] ? sel_read_bool+0x240/0x240 [ 337.588976] ? trace_hardirqs_on+0x10/0x10 [ 337.588987] ? save_trace+0x290/0x290 [ 337.596830] __vfs_write+0x105/0x6b0 [ 337.596841] ? __lock_is_held+0xb6/0x140 [ 337.596851] ? sel_read_bool+0x240/0x240 [ 337.596860] ? kernel_read+0x120/0x120 [ 337.596870] ? __lock_is_held+0xb6/0x140 [ 337.628711] ? check_preemption_disabled+0x3c/0x250 [ 337.633747] ? rcu_lockdep_current_cpu_online+0xf2/0x140 [ 337.639212] ? rcu_read_lock_sched_held+0x110/0x130 [ 337.639223] ? rcu_sync_lockdep_assert+0x6d/0xb0 [ 337.639232] ? __sb_start_write+0x153/0x2f0 [ 337.639245] vfs_write+0x198/0x500 [ 337.649001] SyS_write+0xfd/0x230 [ 337.649014] ? SyS_read+0x230/0x230 [ 337.649023] ? do_syscall_64+0x53/0x640 [ 337.649034] ? SyS_read+0x230/0x230 [ 337.660448] XFS (loop2): no-recovery mounts must be read-only. [ 337.663969] do_syscall_64+0x1e8/0x640 [ 337.663980] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 337.663995] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 337.664005] RIP: 0033:0x4597c9 [ 337.694873] RSP: 002b:00007fbe448e1c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 337.702654] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000004597c9 [ 337.709994] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000004 [ 337.717268] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 337.724542] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fbe448e26d4 [ 337.731800] R13: 00000000004c97d2 R14: 00000000004e0bc8 R15: 00000000ffffffff 04:53:12 executing program 0: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', 0x0, 0x2001001, 0x0) syz_mount_image$ext4(0x0, &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x100020, &(0x7f0000000040)={[{@journal_dev={'journal_dev'}}]}) r0 = syz_open_dev$mouse(&(0x7f0000000100)='/dev/input/mouse#\x00', 0x3, 0x0) bind$netrom(r0, &(0x7f0000000140)={{0x3, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, 0x3}, [@bcast, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @bcast, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @default, @null]}, 0x48) 04:53:12 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, &(0x7f0000000140)={0x0, @aes256}) 04:53:12 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) 04:53:12 executing program 4: syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x28001) write$evdev(0xffffffffffffffff, &(0x7f0000000280)=[{}], 0x12) 04:53:12 executing program 5: socket$inet_udplite(0x2, 0x2, 0x88) ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") r0 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000140)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r0, &(0x7f0000000000)=ANY=[], 0x0) [ 337.777205] XFS (loop2): no-recovery mounts must be read-only. 04:53:12 executing program 2: syz_mount_image$xfs(&(0x7f0000000080)='xfs\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000002680)=ANY=[@ANYBLOB="4e6f7265636ff66572792c62296f73697a653d30303008000000000000003030303030303030372c6c6f67641c906576"]) timer_create(0x2, &(0x7f0000000040)={0x0, 0x38, 0x3, @tid=0xffffffffffffffff}, &(0x7f00000000c0)=0x0) timer_getoverrun(r0) 04:53:12 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, &(0x7f0000000140)={0x0, @aes256}) 04:53:12 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) [ 337.852162] syz-executor.5: vmalloc: allocation failure: 0 bytes, mode:0x14000c0(GFP_KERNEL), nodemask=(null) 04:53:12 executing program 4: syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x28001) write$evdev(0xffffffffffffffff, &(0x7f0000000280)=[{}], 0x12) [ 337.911141] syz-executor.5 cpuset=syz5 mems_allowed=0-1 [ 337.914125] XFS (loop2): unknown mount option [Norecoöery]. [ 337.947464] CPU: 0 PID: 21194 Comm: syz-executor.5 Not tainted 4.14.131 #25 [ 337.954635] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 337.964008] Call Trace: [ 337.966611] dump_stack+0x138/0x19c [ 337.970266] warn_alloc.cold+0x96/0x1af [ 337.974278] ? zone_watermark_ok_safe+0x2b0/0x2b0 [ 337.979141] ? lock_downgrade+0x6e0/0x6e0 [ 337.983303] ? avc_has_perm+0x2df/0x4b0 [ 337.987276] __vmalloc_node_range+0x3be/0x6a0 [ 337.987292] ? trace_hardirqs_on+0x10/0x10 [ 337.987307] vmalloc+0x46/0x50 [ 337.987316] ? sel_write_load+0x1a0/0x1050 [ 337.987328] sel_write_load+0x1a0/0x1050 [ 338.001679] EXT4-fs (sda1): Cannot specify journal on remount [ 338.003566] ? save_trace+0x290/0x290 [ 338.003586] ? sel_read_bool+0x240/0x240 [ 338.003598] ? trace_hardirqs_on+0x10/0x10 [ 338.003610] ? save_trace+0x290/0x290 [ 338.030362] __vfs_write+0x105/0x6b0 [ 338.034315] ? __lock_is_held+0xb6/0x140 [ 338.038407] ? sel_read_bool+0x240/0x240 [ 338.038421] ? kernel_read+0x120/0x120 [ 338.038432] ? __lock_is_held+0xb6/0x140 [ 338.038445] ? check_preemption_disabled+0x3c/0x250 [ 338.046390] ? rcu_lockdep_current_cpu_online+0xf2/0x140 04:53:12 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, &(0x7f0000000140)={0x0, @aes256}) 04:53:13 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, &(0x7f0000000140)={0x0, @aes256}) 04:53:13 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, &(0x7f0000000140)={0x0, @aes256}) [ 338.046405] ? rcu_read_lock_sched_held+0x110/0x130 [ 338.046416] ? rcu_sync_lockdep_assert+0x6d/0xb0 [ 338.046425] ? __sb_start_write+0x153/0x2f0 [ 338.046437] vfs_write+0x198/0x500 [ 338.078700] SyS_write+0xfd/0x230 [ 338.082177] ? SyS_read+0x230/0x230 [ 338.085813] ? do_syscall_64+0x53/0x640 [ 338.089983] ? SyS_read+0x230/0x230 [ 338.093617] do_syscall_64+0x1e8/0x640 [ 338.097515] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 338.102474] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 338.108721] RIP: 0033:0x4597c9 [ 338.111913] RSP: 002b:00007fbe448e1c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 338.119632] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000004597c9 [ 338.127174] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000004 [ 338.134464] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 338.141827] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fbe448e26d4 [ 338.141833] R13: 00000000004c97d2 R14: 00000000004e0bc8 R15: 00000000ffffffff [ 338.151605] warn_alloc_show_mem: 1 callbacks suppressed [ 338.151608] Mem-Info: [ 338.175595] active_anon:121939 inactive_anon:1222 isolated_anon:0 [ 338.175595] active_file:8255 inactive_file:13043 isolated_file:0 [ 338.175595] unevictable:0 dirty:283 writeback:0 unstable:0 [ 338.175595] slab_reclaimable:12122 slab_unreclaimable:108975 [ 338.175595] mapped:59044 shmem:2594 pagetables:1229 bounce:0 [ 338.175595] free:1270819 free_pcp:289 free_cma:0 [ 338.215186] Node 0 active_anon:487656kB inactive_anon:4888kB active_file:32880kB inactive_file:52172kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:236176kB dirty:1128kB writeback:0kB shmem:10376kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 438272kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 338.217888] XFS (loop2): unknown mount option [Norecoöery]. [ 338.251077] Node 1 active_anon:0kB inactive_anon:0kB active_file:140kB inactive_file:0kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:4kB writeback:0kB shmem:0kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 338.281005] Node 0 DMA free:15908kB min:216kB low:268kB high:320kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 338.315155] lowmem_reserve[]: 0 2580 2580 2580 [ 338.338072] Node 0 DMA32 free:1286136kB min:36468kB low:45584kB high:54700kB active_anon:483444kB inactive_anon:4888kB active_file:32880kB inactive_file:52180kB unevictable:0kB writepending:1136kB present:3129332kB managed:2644912kB mlocked:0kB kernel_stack:7488kB pagetables:4620kB bounce:0kB free_pcp:1008kB local_pcp:568kB free_cma:0kB [ 338.369430] lowmem_reserve[]: 0 0 0 0 04:53:13 executing program 0: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) prctl$PR_GET_SPECULATION_CTRL(0x34, 0x0, 0x2) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', 0x0, 0x2001001, 0x0) syz_mount_image$ext4(0x0, &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x100020, &(0x7f0000000040)=ANY=[@ANYBLOB="6a6f75cb0db1bc3030303030303030303030302c00"/32]) 04:53:13 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, &(0x7f0000000140)={0x0, @aes256}) 04:53:13 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) 04:53:13 executing program 4: syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x28001) write$evdev(0xffffffffffffffff, &(0x7f0000000280)=[{}], 0x12) [ 338.376484] Node 0 Normal free:0kB min:0kB low:0kB high:0kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:0kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 338.412243] lowmem_reserve[]: 0 0 0 0 [ 338.423838] Node 1 Normal free:3786832kB min:53420kB low:66772kB high:80124kB active_anon:0kB inactive_anon:0kB active_file:140kB inactive_file:0kB unevictable:0kB writepending:4kB present:3932160kB managed:3870208kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 338.452585] lowmem_reserve[]: 0 0 0 0 [ 338.456470] Node 0 DMA: 1*4kB (U) 0*8kB 0*16kB 1*32kB (U) 2*64kB (U) 1*128kB (U) 1*256kB (U) 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15908kB [ 338.474558] Node 0 DMA32: 10566*4kB (UME) 2744*8kB (UME) 2739*16kB (UME) 1879*32kB (UME) 827*64kB (UM) 89*128kB (UM) 9*256kB (UME) 4*512kB (ME) 2*1024kB (UE) 3*2048kB (UME) 254*4096kB (M) = 1285416kB [ 338.497529] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 338.522521] Node 1 Normal: 48*4kB (UE) 360*8kB (UME) 279*16kB (UME) 53*32kB (UME) 17*64kB (UME) 12*128kB (UE) 4*256kB (UM) 3*512kB (UE) 2*1024kB (ME) 5*2048kB (UME) 918*4096kB (M) = 3786832kB [ 338.547329] EXT4-fs (sda1): Unrecognized mount option "jouË ±¼000000000000" or missing value [ 338.557125] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 338.571233] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB 04:53:13 executing program 5: socket$inet_udplite(0x2, 0x2, 0x88) ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") r0 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000140)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r0, &(0x7f0000000000)=ANY=[], 0x0) 04:53:13 executing program 2: syz_mount_image$xfs(&(0x7f0000000040)='xfs\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB='norecovery,biosize=00000000000000000007,logdev=.']) openat$selinux_access(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/access\x00', 0x2, 0x0) 04:53:13 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) 04:53:13 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, &(0x7f0000000140)={0x0, @aes256}) 04:53:13 executing program 4: syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x28001) write$evdev(0xffffffffffffffff, &(0x7f0000000280)=[{}], 0x12) [ 338.584013] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 338.593257] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 338.602038] 23896 total pagecache pages [ 338.606017] 0 pages in swap cache [ 338.609454] Swap cache stats: add 0, delete 0, find 0/0 [ 338.614905] Free swap = 0kB [ 338.617918] Total swap = 0kB [ 338.620996] 1965979 pages RAM [ 338.624202] 0 pages HighMem/MovableOnly [ 338.628155] 333222 pages reserved [ 338.631665] 0 pages cma reserved 04:53:13 executing program 0: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000000200)={{{@in=@multicast1, @in=@loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@ipv4={[], [], @multicast1}}, 0x0, @in=@remote}}, &(0x7f0000000300)=0xe8) getsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffff9c, 0x29, 0x22, &(0x7f0000000340)={{{@in=@empty, @in6=@dev, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@mcast1}, 0x0, @in=@empty}}, &(0x7f0000000440)=0xe8) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000480)={{{@in=@loopback, @in=@local, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@initdev}, 0x0, @in6=@dev}}, &(0x7f0000000580)=0xe8) mount$overlay(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)='overlay\x00', 0x80, &(0x7f00000005c0)={[{@metacopy_off='metacopy=off'}, {@metacopy_on='metacopy=on'}, {@xino_off='xino=off'}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@xino_auto='xino=auto'}, {@default_permissions='default_permissions'}, {@default_permissions='default_permissions'}, {@index_on='index=on'}, {@metacopy_on='metacopy=on'}], [{@func={'func', 0x3d, 'MODULE_CHECK'}}, {@measure='measure'}, {@euid_eq={'euid', 0x3d, r0}}, {@fowner_lt={'fowner<', r1}}, {@euid_gt={'euid>', r2}}, {@smackfsfloor={'smackfsfloor', 0x3d, '/posix_acl_accessproc'}}]}) r3 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/qat_adf_ctl\x00', 0x480400, 0x0) r4 = geteuid() ioctl$SIOCAX25GETUID(r3, 0x89e0, &(0x7f0000000140)={0x3, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, r4}) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', 0x0, 0x2001001, 0x0) syz_mount_image$ext4(0x0, &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x100020, &(0x7f0000000040)={[{@journal_dev={'journal_dev'}}]}) [ 338.664079] syz-executor.5: vmalloc: allocation failure: 0 bytes, mode:0x14000c0(GFP_KERNEL), nodemask=(null) [ 338.696524] syz-executor.5 cpuset=syz5 mems_allowed=0-1 [ 338.702379] CPU: 1 PID: 21255 Comm: syz-executor.5 Not tainted 4.14.131 #25 [ 338.709753] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 338.719107] Call Trace: [ 338.721691] dump_stack+0x138/0x19c [ 338.721709] warn_alloc.cold+0x96/0x1af [ 338.721718] ? zone_watermark_ok_safe+0x2b0/0x2b0 [ 338.721731] ? lock_downgrade+0x6e0/0x6e0 [ 338.721747] ? avc_has_perm+0x2df/0x4b0 [ 338.742968] __vmalloc_node_range+0x3be/0x6a0 [ 338.747479] ? trace_hardirqs_on+0x10/0x10 [ 338.751736] vmalloc+0x46/0x50 [ 338.754941] ? sel_write_load+0x1a0/0x1050 [ 338.759178] sel_write_load+0x1a0/0x1050 04:53:13 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) 04:53:13 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) [ 338.763246] ? save_trace+0x290/0x290 [ 338.767093] ? sel_read_bool+0x240/0x240 [ 338.767107] ? trace_hardirqs_on+0x10/0x10 [ 338.767117] ? save_trace+0x290/0x290 [ 338.775499] __vfs_write+0x105/0x6b0 [ 338.775511] ? __lock_is_held+0xb6/0x140 [ 338.775521] ? sel_read_bool+0x240/0x240 [ 338.775531] ? kernel_read+0x120/0x120 [ 338.795204] ? __lock_is_held+0xb6/0x140 [ 338.799278] ? check_preemption_disabled+0x3c/0x250 [ 338.804674] ? rcu_lockdep_current_cpu_online+0xf2/0x140 04:53:13 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) 04:53:13 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, &(0x7f0000000140)={0x0, @aes256}) [ 338.810226] ? rcu_read_lock_sched_held+0x110/0x130 [ 338.815244] ? rcu_sync_lockdep_assert+0x6d/0xb0 [ 338.820176] ? __sb_start_write+0x153/0x2f0 [ 338.820188] vfs_write+0x198/0x500 [ 338.820201] SyS_write+0xfd/0x230 [ 338.820212] ? SyS_read+0x230/0x230 [ 338.820221] ? do_syscall_64+0x53/0x640 [ 338.820229] ? SyS_read+0x230/0x230 [ 338.820240] do_syscall_64+0x1e8/0x640 [ 338.846605] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 338.851452] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 338.857345] RIP: 0033:0x4597c9 04:53:13 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) 04:53:13 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) [ 338.860532] RSP: 002b:00007fbe448e1c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 338.868950] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000004597c9 [ 338.876226] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000004 [ 338.883528] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 338.890802] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fbe448e26d4 [ 338.898160] R13: 00000000004c97d2 R14: 00000000004e0bc8 R15: 00000000ffffffff [ 338.922913] XFS (loop2): no-recovery mounts must be read-only. 04:53:13 executing program 5: socket$inet_udplite(0x2, 0x2, 0x88) ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") r0 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000140)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r0, &(0x7f0000000000)=ANY=[], 0x0) 04:53:13 executing program 2: execve(&(0x7f0000000000)='./file0\x00', &(0x7f00000002c0)=[&(0x7f00000000c0)='xfs\x00', &(0x7f0000000100)='xfs\x00', &(0x7f0000000140)='em1!keyringposix_acl_access\x00', &(0x7f0000000180)='\x00', &(0x7f00000001c0)='&cpusetsystem%\x00', &(0x7f0000000200)='xfs\x00', &(0x7f0000000240)='xfs\x00', &(0x7f0000000280)=')\x00'], &(0x7f0000000380)=[&(0x7f0000000300)='xfs\x00', &(0x7f0000000340)='xfs\x00']) syz_mount_image$xfs(&(0x7f0000000040)='xfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000002680)=ANY=[@ANYBLOB='norecovery,biosize=00000000000000000007,logdev=.']) 04:53:13 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, &(0x7f0000000140)={0x0, @aes256}) 04:53:13 executing program 4: syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x28001) write$evdev(0xffffffffffffffff, &(0x7f0000000280)=[{}], 0x12) 04:53:13 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) [ 338.977315] XFS (loop2): no-recovery mounts must be read-only. [ 339.004611] overlayfs: unrecognized mount option "metacopy=off" or missing value [ 339.019545] EXT4-fs (sda1): Cannot specify journal on remount [ 339.086744] syz-executor.5: vmalloc: allocation failure: 0 bytes, mode:0x14000c0(GFP_KERNEL), nodemask=(null) [ 339.117836] overlayfs: unrecognized mount option "metacopy=off" or missing value [ 339.133446] XFS (loop2): no-recovery mounts must be read-only. [ 339.138111] syz-executor.5 cpuset=syz5 mems_allowed=0-1 [ 339.161635] CPU: 1 PID: 21298 Comm: syz-executor.5 Not tainted 4.14.131 #25 [ 339.168907] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 339.179518] Call Trace: [ 339.182125] dump_stack+0x138/0x19c [ 339.186362] warn_alloc.cold+0x96/0x1af [ 339.191108] ? zone_watermark_ok_safe+0x2b0/0x2b0 [ 339.195960] ? lock_downgrade+0x6e0/0x6e0 [ 339.200104] ? avc_has_perm+0x2df/0x4b0 [ 339.205373] __vmalloc_node_range+0x3be/0x6a0 [ 339.209876] ? trace_hardirqs_on+0x10/0x10 [ 339.214115] vmalloc+0x46/0x50 [ 339.217312] ? sel_write_load+0x1a0/0x1050 [ 339.221638] sel_write_load+0x1a0/0x1050 [ 339.225773] ? save_trace+0x290/0x290 [ 339.229568] ? sel_read_bool+0x240/0x240 [ 339.233752] ? trace_hardirqs_on+0x10/0x10 [ 339.237991] ? save_trace+0x290/0x290 [ 339.241788] __vfs_write+0x105/0x6b0 [ 339.245568] ? __lock_is_held+0xb6/0x140 [ 339.249627] ? sel_read_bool+0x240/0x240 [ 339.253674] ? kernel_read+0x120/0x120 [ 339.257552] ? __lock_is_held+0xb6/0x140 [ 339.261822] ? check_preemption_disabled+0x3c/0x250 [ 339.266835] ? rcu_lockdep_current_cpu_online+0xf2/0x140 [ 339.273064] ? rcu_read_lock_sched_held+0x110/0x130 [ 339.278091] ? rcu_sync_lockdep_assert+0x6d/0xb0 [ 339.282850] ? __sb_start_write+0x153/0x2f0 [ 339.287865] vfs_write+0x198/0x500 [ 339.291398] SyS_write+0xfd/0x230 [ 339.295025] ? SyS_read+0x230/0x230 [ 339.305190] ? do_syscall_64+0x53/0x640 [ 339.309168] ? SyS_read+0x230/0x230 [ 339.312788] do_syscall_64+0x1e8/0x640 [ 339.316698] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 339.321887] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 339.327079] RIP: 0033:0x4597c9 04:53:14 executing program 0: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file1\x00', 0x0, 0x800, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000100)='net/snmp6\x00') ioctl$VIDIOC_G_SLICED_VBI_CAP(r0, 0xc0745645, &(0x7f0000000140)={0x1f, [0x1dc00000000000, 0xfffffffffffffffb, 0x690a, 0x7, 0x6, 0xfc00000000000000, 0x7, 0x804c, 0x84f, 0x6, 0xfffffffffffffff7, 0x4, 0x81, 0x1, 0x9, 0x0, 0x101, 0x3, 0x925f, 0x6, 0x3, 0x903, 0x8e, 0x7f, 0x80, 0x7, 0x0, 0x1, 0x3, 0xfffffffffffffffc, 0x3, 0xb4a, 0x401, 0x0, 0x2, 0x93, 0xa0a8, 0x1, 0x7, 0xffffffffffffffff, 0x81, 0x2, 0x3, 0xfffffffffffff001, 0x100, 0x4, 0x63a1, 0x7ff], 0xb}) syz_mount_image$ext4(0x0, &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x100020, &(0x7f0000000040)={[{@journal_dev={'journal_dev'}}]}) 04:53:14 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, &(0x7f0000000140)={0x0, @aes256}) 04:53:14 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) [ 339.330627] RSP: 002b:00007fbe448e1c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 339.338841] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000004597c9 [ 339.346099] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000004 [ 339.353840] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 339.361104] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fbe448e26d4 [ 339.368379] R13: 00000000004c97d2 R14: 00000000004e0bc8 R15: 00000000ffffffff [ 339.377654] warn_alloc_show_mem: 1 callbacks suppressed [ 339.377658] Mem-Info: [ 339.389250] active_anon:121398 inactive_anon:1221 isolated_anon:0 [ 339.389250] active_file:8256 inactive_file:13054 isolated_file:0 [ 339.389250] unevictable:0 dirty:295 writeback:0 unstable:0 [ 339.389250] slab_reclaimable:12122 slab_unreclaimable:108739 [ 339.389250] mapped:59073 shmem:2594 pagetables:1206 bounce:0 [ 339.389250] free:1271548 free_pcp:203 free_cma:0 04:53:14 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) [ 339.435863] Node 0 active_anon:485596kB inactive_anon:4884kB active_file:32884kB inactive_file:52216kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:236292kB dirty:1176kB writeback:0kB shmem:10376kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 434176kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no 04:53:14 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, &(0x7f0000000140)={0x0, @aes256}) [ 339.464572] Node 1 active_anon:0kB inactive_anon:0kB active_file:140kB inactive_file:0kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:4kB writeback:0kB shmem:0kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no 04:53:14 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) 04:53:14 executing program 4: syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x28001) write$evdev(0xffffffffffffffff, &(0x7f0000000280)=[{}], 0x12) [ 339.515857] Node 0 DMA free:15908kB min:216kB low:268kB high:320kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 339.623176] lowmem_reserve[]: 0 2580 2580 2580 [ 339.639938] Node 0 DMA32 free:1284592kB min:36468kB low:45584kB high:54700kB active_anon:483620kB inactive_anon:4884kB active_file:32884kB inactive_file:52216kB unevictable:0kB writepending:1176kB present:3129332kB managed:2644912kB mlocked:0kB kernel_stack:7552kB pagetables:4676kB bounce:0kB free_pcp:688kB local_pcp:316kB free_cma:0kB [ 339.673217] lowmem_reserve[]: 0 0 0 0 [ 339.677156] Node 0 Normal free:0kB min:0kB low:0kB high:0kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:0kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 339.703201] lowmem_reserve[]: 0 0 0 0 [ 339.707128] Node 1 Normal free:3786832kB min:53420kB low:66772kB high:80124kB active_anon:0kB inactive_anon:0kB active_file:140kB inactive_file:0kB unevictable:0kB writepending:4kB present:3932160kB managed:3870208kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 339.735322] lowmem_reserve[]: 0 0 0 0 [ 339.739135] Node 0 DMA: 1*4kB (U) 0*8kB 0*16kB 1*32kB (U) 2*64kB (U) 1*128kB (U) 1*256kB (U) 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15908kB [ 339.753874] Node 0 DMA32: 10473*4kB (UME) 2716*8kB (ME) 2693*16kB (UME) 1891*32kB (UME) 827*64kB (UM) 89*128kB (UM) 9*256kB (UME) 4*512kB (ME) 2*1024kB (UE) 3*2048kB (UME) 254*4096kB (M) = 1284468kB [ 339.772518] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 339.783462] Node 1 Normal: 48*4kB (UE) 360*8kB (UME) 279*16kB (UME) 53*32kB (UME) 17*64kB (UME) 12*128kB (UE) 4*256kB (UM) 3*512kB (UE) 2*1024kB (ME) 5*2048kB (UME) 918*4096kB (M) = 3786832kB [ 339.803676] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 339.813366] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 339.822388] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 339.831356] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 339.841072] 23904 total pagecache pages [ 339.845132] 0 pages in swap cache [ 339.848645] Swap cache stats: add 0, delete 0, find 0/0 [ 339.854524] Free swap = 0kB [ 339.857621] Total swap = 0kB [ 339.861005] 1965979 pages RAM [ 339.864516] 0 pages HighMem/MovableOnly [ 339.868480] 333222 pages reserved 04:53:14 executing program 5: socket$inet_udplite(0x2, 0x2, 0x88) ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") r0 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000140)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r0, &(0x7f0000000000)=ANY=[], 0x0) 04:53:14 executing program 2: syz_mount_image$xfs(&(0x7f0000000040)='xfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="6e6f00000000000000072c62696f73697ab1ea1434aeeb8135c9653d30303030303030303030f02c6c6f6764763d2e00ca4f0e96fc1bc728fad1c40ae27986a0d0fe72bdba435bde5bcc4a121e17d1cbeea8b5287e76c6206364f2952c32d7e9adef3a59368b60d3b1328bac521e64e0aab049ec7a5d782c35e97d6a58fa70a2305dd09ae73f320fd0e37e1bfb"]) r0 = openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000180)='/dev/cachefiles\x00', 0x0, 0x0) r1 = getuid() getresgid(&(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)=0x0) lstat(&(0x7f0000000280)='./file0\x00', &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, 0x0}) fstat(0xffffffffffffff9c, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, 0x0}) fstat(0xffffffffffffffff, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x0, 0x0}) mount$fuse(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000140)='fuse\x00', 0x100800c, &(0x7f0000000440)={{'fd', 0x3d, r0}, 0x2c, {'rootmode'}, 0x2c, {'user_id', 0x3d, r1}, 0x2c, {'group_id', 0x3d, r2}, 0x2c, {[{@blksize={'blksize', 0x3d, 0x1000}}, {@max_read={'max_read'}}, {@allow_other='allow_other'}, {@blksize={'blksize', 0x3d, 0x1000}}, {@default_permissions='default_permissions'}, {@default_permissions='default_permissions'}, {@blksize={'blksize', 0x3d, 0xa00}}], [{@pcr={'pcr', 0x3d, 0xf}}, {@uid_eq={'uid', 0x3d, r3}}, {@fowner_eq={'fowner', 0x3d, r4}}, {@rootcontext={'rootcontext', 0x3d, 'unconfined_u'}}, {@rootcontext={'rootcontext', 0x3d, 'sysadm_u'}}, {@uid_eq={'uid', 0x3d, r5}}, {@defcontext={'defcontext', 0x3d, 'root'}}, {@measure='measure'}]}}) pipe2(&(0x7f0000000000)={0xffffffffffffffff}, 0x84000) ioctl$EVIOCGABS0(r6, 0x80184540, &(0x7f00000000c0)=""/53) 04:53:14 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) 04:53:14 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, &(0x7f0000000140)={0x0, @aes256}) 04:53:14 executing program 0: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) inotify_init() mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', 0x0, 0x2001001, 0x0) syz_mount_image$ext4(0x0, &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x100020, &(0x7f0000000040)=ANY=[@ANYBLOB="6a6f75726e616c5f6464763d30783030740b3030303030300104000000000000"]) 04:53:14 executing program 4: syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x28001) write$evdev(0xffffffffffffffff, &(0x7f0000000280)=[{}], 0x12) [ 339.872289] 0 pages cma reserved 04:53:14 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) [ 339.918076] XFS (loop2): unknown mount option [no]. 04:53:14 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, &(0x7f0000000140)={0x0, @aes256}) [ 339.940744] syz-executor.5: vmalloc: allocation failure: 0 bytes, mode:0x14000c0(GFP_KERNEL), nodemask=(null) [ 339.974202] syz-executor.5 cpuset=syz5 mems_allowed=0-1 [ 339.989799] XFS (loop2): unknown mount option [no]. [ 340.010871] CPU: 1 PID: 21349 Comm: syz-executor.5 Not tainted 4.14.131 #25 [ 340.018023] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 340.027398] Call Trace: [ 340.030002] dump_stack+0x138/0x19c [ 340.033648] warn_alloc.cold+0x96/0x1af [ 340.037818] ? zone_watermark_ok_safe+0x2b0/0x2b0 [ 340.042687] ? lock_downgrade+0x6e0/0x6e0 [ 340.046857] ? avc_has_perm+0x2df/0x4b0 [ 340.050848] __vmalloc_node_range+0x3be/0x6a0 [ 340.055483] ? trace_hardirqs_on+0x10/0x10 [ 340.059738] vmalloc+0x46/0x50 [ 340.062919] ? sel_write_load+0x1a0/0x1050 [ 340.067136] sel_write_load+0x1a0/0x1050 [ 340.071181] ? save_trace+0x290/0x290 [ 340.074996] ? sel_read_bool+0x240/0x240 [ 340.079048] ? trace_hardirqs_on+0x10/0x10 [ 340.083283] ? save_trace+0x290/0x290 [ 340.087093] __vfs_write+0x105/0x6b0 [ 340.090792] ? __lock_is_held+0xb6/0x140 [ 340.094845] ? sel_read_bool+0x240/0x240 [ 340.098901] ? kernel_read+0x120/0x120 [ 340.102788] ? __lock_is_held+0xb6/0x140 [ 340.107313] ? check_preemption_disabled+0x3c/0x250 [ 340.112323] ? rcu_lockdep_current_cpu_online+0xf2/0x140 [ 340.118673] ? rcu_read_lock_sched_held+0x110/0x130 [ 340.123682] ? rcu_sync_lockdep_assert+0x6d/0xb0 [ 340.128960] ? __sb_start_write+0x153/0x2f0 [ 340.133786] vfs_write+0x198/0x500 [ 340.137321] SyS_write+0xfd/0x230 [ 340.140775] ? SyS_read+0x230/0x230 [ 340.144382] ? do_syscall_64+0x53/0x640 [ 340.148337] ? SyS_read+0x230/0x230 [ 340.152483] do_syscall_64+0x1e8/0x640 [ 340.156356] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 340.161182] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 340.166369] RIP: 0033:0x4597c9 [ 340.169538] RSP: 002b:00007fbe448e1c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 340.177231] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000004597c9 [ 340.184486] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000004 04:53:15 executing program 4: syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x28001) write$evdev(0xffffffffffffffff, &(0x7f0000000280)=[{}], 0x12) 04:53:15 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, &(0x7f0000000140)={0x0, @aes256}) 04:53:15 executing program 0: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', 0x0, 0x2001001, 0x0) syz_mount_image$ext4(0x0, &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x100020, &(0x7f0000000040)=ANY=[@ANYBLOB="6a6f75726e616c6ca259f23d3078303030303030303030303030303030302c00"]) 04:53:15 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) [ 340.191739] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 340.198994] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fbe448e26d4 [ 340.206544] R13: 00000000004c97d2 R14: 00000000004e0bc8 R15: 00000000ffffffff 04:53:15 executing program 5: socket$inet_udplite(0x2, 0x2, 0x88) ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") r0 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000140)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r0, &(0x7f0000000000)=ANY=[], 0x0) 04:53:15 executing program 2: r0 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/qat_adf_ctl\x00', 0x2000, 0x0) ioctl$SNDRV_RAWMIDI_IOCTL_INFO(r0, 0x810c5701, &(0x7f00000000c0)) syz_mount_image$xfs(&(0x7f0000000040)='xfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000002680)=ANY=[@ANYBLOB='norecovery,biosize=00000000000000000007,logdev=.']) 04:53:15 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) 04:53:15 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, &(0x7f0000000140)={0x0, @aes256}) [ 340.333072] EXT4-fs (sda1): Unrecognized mount option "journall¢Yò=0x0000000000000000" or missing value 04:53:15 executing program 4: syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x28001) write$evdev(0xffffffffffffffff, &(0x7f0000000280)=[{}], 0x12) [ 340.383088] QAT: Invalid ioctl [ 340.387036] syz-executor.5: vmalloc: allocation failure: 0 bytes, mode:0x14000c0(GFP_KERNEL), nodemask=(null) 04:53:15 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) [ 340.425571] syz-executor.5 cpuset=syz5 mems_allowed=0-1 [ 340.437589] XFS (loop2): no-recovery mounts must be read-only. [ 340.456848] EXT4-fs (sda1): Unrecognized mount option "journall¢Yò=0x0000000000000000" or missing value [ 340.467349] CPU: 1 PID: 21385 Comm: syz-executor.5 Not tainted 4.14.131 #25 04:53:15 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, &(0x7f0000000140)={0x0, @aes256}) [ 340.476134] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 340.486108] Call Trace: [ 340.488716] dump_stack+0x138/0x19c [ 340.492390] warn_alloc.cold+0x96/0x1af [ 340.496386] ? zone_watermark_ok_safe+0x2b0/0x2b0 [ 340.501264] ? lock_downgrade+0x6e0/0x6e0 [ 340.501283] ? avc_has_perm+0x2df/0x4b0 [ 340.501297] __vmalloc_node_range+0x3be/0x6a0 [ 340.501309] ? trace_hardirqs_on+0x10/0x10 [ 340.501320] vmalloc+0x46/0x50 [ 340.509474] ? sel_write_load+0x1a0/0x1050 04:53:15 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, &(0x7f0000000140)={0x0, @aes256}) [ 340.509483] sel_write_load+0x1a0/0x1050 [ 340.509496] ? save_trace+0x290/0x290 [ 340.533463] ? sel_read_bool+0x240/0x240 [ 340.537540] ? trace_hardirqs_on+0x10/0x10 [ 340.541971] ? save_trace+0x290/0x290 [ 340.545788] __vfs_write+0x105/0x6b0 [ 340.549504] ? __lock_is_held+0xb6/0x140 [ 340.553748] ? sel_read_bool+0x240/0x240 [ 340.557812] ? kernel_read+0x120/0x120 [ 340.557825] ? __lock_is_held+0xb6/0x140 [ 340.557838] ? check_preemption_disabled+0x3c/0x250 [ 340.565780] ? rcu_lockdep_current_cpu_online+0xf2/0x140 04:53:15 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, &(0x7f0000000140)={0x0, @aes256}) [ 340.565792] ? rcu_read_lock_sched_held+0x110/0x130 [ 340.581631] ? rcu_sync_lockdep_assert+0x6d/0xb0 [ 340.587188] ? __sb_start_write+0x153/0x2f0 [ 340.591536] vfs_write+0x198/0x500 [ 340.595092] SyS_write+0xfd/0x230 [ 340.598826] ? SyS_read+0x230/0x230 [ 340.602472] ? do_syscall_64+0x53/0x640 [ 340.606455] ? SyS_read+0x230/0x230 [ 340.610441] do_syscall_64+0x1e8/0x640 [ 340.614336] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 340.619195] entry_SYSCALL_64_after_hwframe+0x42/0xb7 04:53:15 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, &(0x7f0000000140)={0x0, @aes256}) [ 340.624387] RIP: 0033:0x4597c9 [ 340.627578] RSP: 002b:00007fbe448e1c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 340.635383] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000004597c9 [ 340.642659] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000004 [ 340.650067] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 340.650073] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fbe448e26d4 [ 340.650079] R13: 00000000004c97d2 R14: 00000000004e0bc8 R15: 00000000ffffffff [ 340.657230] warn_alloc_show_mem: 1 callbacks suppressed [ 340.657234] Mem-Info: [ 340.693796] active_anon:121918 inactive_anon:1222 isolated_anon:0 [ 340.693796] active_file:8256 inactive_file:13066 isolated_file:0 [ 340.693796] unevictable:0 dirty:307 writeback:0 unstable:0 [ 340.693796] slab_reclaimable:12122 slab_unreclaimable:108828 [ 340.693796] mapped:59044 shmem:2594 pagetables:1249 bounce:0 04:53:15 executing program 0: r0 = msgget$private(0x0, 0x160) getresuid(&(0x7f0000000100), &(0x7f0000000140), &(0x7f0000000180)=0x0) getresgid(&(0x7f00000001c0)=0x0, &(0x7f0000000200), &(0x7f0000000240)) r3 = getuid() r4 = getgid() r5 = getpid() ioctl$sock_SIOCGPGRP(0xffffffffffffffff, 0x8904, &(0x7f00000027c0)=0x0) r7 = accept4$ax25(0xffffffffffffff9c, &(0x7f0000002700)={{0x3, @rose}, [@null, @bcast, @remote, @netrom, @bcast, @default, @null, @null]}, &(0x7f0000002780)=0x48, 0x80800) r8 = dup(r7) bpf$BPF_GET_MAP_INFO(0xf, &(0x7f00000026c0)={r8, 0x28, &(0x7f00000028c0)}, 0x10) openat$sequencer2(0xffffffffffffff9c, &(0x7f0000002800)='/dev/sequencer2\x00', 0x630000, 0x0) msgctl$IPC_SET(r0, 0x1, &(0x7f00000002c0)={{0x6, r1, r2, r3, r4, 0x118, 0x46}, 0x1, 0x6, 0x8, 0x1, 0x6, 0x62a, r5, r6}) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', 0x0, 0x2001001, 0x0) syz_mount_image$hfs(&(0x7f0000000340)='hfs\x00', &(0x7f0000000380)='./file1\x00', 0x0, 0x5, &(0x7f0000002540)=[{&(0x7f00000003c0)="09c9fb100d916475e6e6a220706909987a9ecf220c0669f1ac99bca0a84127d0bf36bda4f31c84e0a8", 0x29, 0x2}, {&(0x7f0000000400)="fb06e7c9d7fc5eb08c4f13a207aa04a22bf943ddbdfc4410540f822e2c23415262bf6aca6f8275ae722702", 0x2b, 0xffffffffffffffff}, {&(0x7f0000000440)="fc4a89241c072263e33bf8a7d83b0fd470209b58065076e8f3c3fa48211b5a1b5f92fa930f885fe1d23d291c4ccc5c625acd2fa1bc9e46deb3a8bd09d4e3bce22221110d6d1f9bb6bfb0f82473dded7b5ab335daad1d9a6f39bd61f801aa12ac24915cfa71452029e8ff42dec8810b62135fec3bf012bfcf338b64bd6cf5f00061e633f6dc8b032fb8c107094445374dc8cfd854a7399003b00e894fa7b30a7e6d2caaab940fb02de9dd6cbeae82ff624de025af840249d2fa084f75964eb89ea61135cbd4d3ae0f0d76c305aede831221d370bf3c3f94c45bdb87fe86087542458a779e061bcf50fa24ccf21bda", 0xee, 0x3}, {&(0x7f0000000540)="6f5ef02d32f5a3a2e4c89be843f8b50d8119318b3c0a4c539401e6b7d0d8658931a83fbec4dae2ae2dee6fec98d9598371d996bf872300275370ba499e734eefd7204af00858d9546fad93f61d47002c3037fc1b301137682fe9fdae6cf76df65bf548091968d75feace49bc0bc54059a92d08acd5b83e7b52dd12685c17eb3319c17153ad753422d80bb6efb1ac55de1090cf3427f5ec9fa7592b8d20f9eb56fc6484ece5222dea0f7a43bc88bd6d4feb5a8c8b328c7776ccbdf6c314c4c2e8a365d9137543de8e893f69dcf0e5df4eb85ab85ce90d957a5972eed8c43b3f17090ad050c6b2e9b4da2def2fcf073b4db33bad8a50711698c49a779dc12c62048fec8f4339a3f5fbe4d5635f10edf5cb57117e61963b8d1e40b3eba8eeacea61a63ebadacc64db0c8951a5d9d454b80de7619f234ed406deb414b747e9f68ae6d3857c9e6a8cc52b21974e7745e284a3fe5a4f761449ab3c13d977037992f57254330ad3cc52fc746d1ee6483791147518bed98301c040126fbf3e6a5864cb91d09220cba61ed95ad66e3da563f0267492fa93af7ccac2017f3b66841e5368f324ef4377f230c9cf5b8a7c4d9f2e670bf1b22435e40a950bd78ad4f7f2626a8be95b944aed2b8d228979e2871f0f350708cc4dd855530c5f9aeb53c9c92cd5f10e878d44c0a6798b6b5ad3d40bba17ca1b39c39157cff62eeb27f6bf0723af74ddb6ecbb13a019c9a34307a3486cc172b4bdd66cb0f75177fa47234484bf72f715290c86b10cd2dcd6de5afcdeba81bd10b54b319ed213ba8f9b7379499390f8a2acbc7bab4c5a0e53f75a42be88fda5b6247fa06a5ca79f7f7215d7f72a53f302ef87816bb8eb8f05afc2bafc2fa0778c86be47de19a5907554d5b6209c1a461e587d9e5ee36e6d01dfacd643b1e73d6a6652a7efa6452dcb90b7db19b2dffd94dceb9b07561e31ae123183cb1f7f982a200a74882999f8b95838e9440d24c3013abb3d9dbb6980d92147e0bc32bc14b8f20769022ca7e0ff9be23e9f0b434ec97a20fb4e8a75e46b50da04751e0ae581ddbcb53aad4521e596e7f3cef711142e9f25a8b484ba06a92fe47e7c74729acf6a421f488b17e58699061c680a5464d78dd04bb08e86dbb764241329630d2a52ce85f59446862b4ec5b71e381dd18ac8e00511e38887eee87fca428084e044344f360dedc2e41fa8cb951b6e218c8c924567b9435f588b75e2d126c4edf6aa0580501ebdf9d62c43f058b067e69047b646608babba252ee21b2da90bd9aa02a7be7ccb7265c22381b82695cdce98bbc2e604bc34b4d266c51907fdbe9d56de57e453ffe5b393320b2615ab15c192d4cc34f4d7c6859e0717a0a0707a59823d81dbbebcfeddced940178ba04487c38ca6d8bead87dc867d4f3d40452fc57fd6495c299dc6108cf51fd1d4f957de112ed4c555aee6037da1ac61e38722350203c653d40ab24a8f92917d26d6e1e7ff5cf563b42f4ad6ada05f6921262b9d115d302566269fbcee20c60a2ded3fff551bb2df13469c0ed2f185219ac3d950e8ecc38b725de1dab67216de3ed2662ff9befb200a4aad068b8762b06fdd882f93404969b217b195d752d3982756e537e50bd41107012a8fd5ad0b9ded366ae8a4a1fc0277ff5dbf74b5ca5594773d9bd24caf64392817cd73151adbfbe51dca734edf41866f19db5451d9dbf0ff28119158cddf66bfb8d14299e2cde111dab6381e5a8a7bd2f06c15145bed57c10c949fa195ff7a1da06c4bd0b9eceecf512cc42ef3f880ad54cd0a510d061859f80fc213b335f831f4e4423b0751549f18d7773c4fdf3aded87ffc37f9e44a289447f8043d829071c61cca69b3d85ee3099dfbb84efdcdb75bf1b6ad3c41a7c0316fecdad75121b5b015a05970a00fa30b49e5d7f96e944df4e22fb7886d1568bbea64178be93326e29be160a2fa5cba46d8cac9283d3f53d5c4ec122169ccd7e7dd936bce1ab462a637708eb7f7ab50baf36137d95a079c48b0bb2372c3bb26543c726c8202145b87e4ae5c34959815fc1de0069ce67127eafcec1ce1aff76906aa57069347fbcacf7167c934ab01b5ec1ebc96d91efd23b88efe858a3a7d48f76bfdef65bb16278d169bf72f8996629ab797475f12caec826290cc89df81bb9deae78715f7b5b4612734d06b1503d6f74eed1af80634dee488174d611dfc6a60abab437043b70163768713d79a55c58217847adffc3f8e4f95f50b813f79a36acc29a1900cab5494e26e05ea7d87d785b045353701eee7c63d0ac02b459a66811c78ba9d4e1c7b507184db196bf5379ebeed2b6a60f3e570722d72dec9d13da14634bf2cdd6d892982644c7b428ff875f93ac4903540541f94583699e4e4eb500f0e1316eca0a4aa1aa241440c8695763c2936f7f460f5353e57c43b7267fe44f6dbdb26a7301f2d75844fcc508d7f9999eaa16f465eac60a6c43a615b01e6ecd22a90a8e02028b38d3b09237870e8309c0dfaf1dcbb73e701cb654dc401d4fe6d0446ab993ae2baf678aaa884c59f861138c7c99b67ce90b5790eab5c142ce888a6bbfa5ec5ecaf2721f91a432fd72199ca06ceec16a76d798be2002f5b625a21b81a7a5919e0fb9b65aef76f0fcacf2ffb1c9a10b9ff229f347b0c03d77fe648c4f86a3033e2cc0878121180e4b33ef859c799d72df5fb4ca87dc06394897e97c22badfad2b9023bdbe14b3cacdadb9cfe83bdf995c87adf30a18d2303c16761d41215b2eaf169bfedc9d7a887ef3435e70882ab399487d9d22aaf5a75427fda53b5202a1b4291169efabf982daed70ebf041866fa05e31a88a5b89928745d2d04b9bb24a905e4d0357c320dacbbda4e0903eab07c69d86fb1aeccdf9ec524a3088ffc05374258955e00fbe5d9fdf1de73a02c1dc024dfa6125a5a9fedcb49dd17cc0ec4663640f77fadb9ad12014aa41f7fdaf8827d7badadab34988b27431e882fc2e414a3be0870bb6c9792f619f168182c45469c438b68ee8e792aacb4b7b610144fc51b27576f9f9010dacecdd463bdfe9f0f186ae455da2f0eeb455eea3bc90b51d9916c82608018152916a10312a227ec89224ef7475c21c4df16a7043e8f8f684e29abe9e51b1e15fa8872ad970c14049ab02e737f190e710f080cadf084579f268a060bb5eb95a49114006d05be1513108cb4bf897cc390d5cef50cceece185ef2388486604e748929d6e97f195eefb78c8993c07ce6016f8fccbe8621ff08b5426837ab1f6bb537414014ddaff835cfb6d81b05a997363e31ef4cdba99475c3cee9a63f6dfabe81f8765347f86126d70c6dc0532e009bb94ffd37435c860fa20360bb6b7d023a481bcc350197a0c7d58fba58a6ebe7f6d6b90631d3714b166270092bc3610725418b1bded7f7fac7c1e55d0a0651bfca53cc25774905d1bc48cbe408cdd701d5fe50cdf28f009b621f8460af76560af747783385a1d8cfb41cc84bdb4a63ecb308faf46a221d8a0496871c8df65f21ef594e1d137a5023d48e766b9a7859199f2244d0165748a5c849421d7ae89754f2a2e0fabc299b3b8e7cd12c78fa0d4b86f6bb16bf48f8be5774e6a03b8e9f428ea09faff42aa0748d8ede1888705df77e8062d32b3f1e4cb2a20db0055a461503095f4ef5503fa2a9e9f8c841faa1a32a011bb2cb3d2d200416220092308ae78d45c7cb46aed3aabbb725497128164eeb5766e4ddc781f78dd64f9a5bd6484b0c269a660cbdf167f44c0b091038a6aa3596a5d6fd7be6432728b06a7a41691b0601f628fd5b98d4413b25f4c504d1fc90ea6876776f36a559d42076ced371209a886292b6757b3edcac5b74f7ab2d1f8416b9174a1724ad141dd101025a235b7f6dc4467fdb3362866648fc8387ff602f9c362b535f4a4a24c60524b0e81b59f843883383c2f7fdb351500a4372ea28b7841d012be64c09f41091c0a0eecc199988612b6aa841ef334a0f954e9d3080922737ba7974ebf0be2891b5507a0135087f113da22374883f2b526e7b5403a06e1459662f413180e3a2a534b0d9c6daa086f07c7fb9fb458f065ea697027f0f60b71ca14a500dc3623840b919fe1e27be7b24257b0fc69abcc04e77457b31fd724d66bf43acb63727ab14161ec9dfdcd87775e2b297105c06e61256a9d83c179cfe785960e5ccbfab4d98f647f3056da5d0d7afb9c3e546576d34ebe24be5bb68b654a7944e2633045c66b41be39323e63d2cfafacb524b1f9426fcc46361589cfa79a31e67d5fb346bb352f2e547b9b3fbc1ad645920f692e0ba0de297f9e14859017ab2945e6a1d37c1ff70998de1602fb792a304b60026cc6c7d0b14db8f12847ccb5d88324685ba569d9b9dbf2fd9e0445b24d998b07f34942c2da99390675d5f2794eac94cd18148cd4702b8f6535f1f058fba7cc00dc4df2e3ece255dd15b9dbfc5686852ba65a68a353644fdb0005710dbfac48b523050c92977e59cb8214e4f54895c894cba8043d18b803506d19c5c0f735f502120735600b06d09edf42a412fdfc7147238f6a48724bfc95d64c9cef844807876d0971a1e6e41f0c51cb5b5674bcb631c96f790b23a86e1d2031c515595a61a7f0f6586ecc29dc8ba9c142a66d10e7973c00e914e2d8e675a931376fea73c17265a608857d4d1d8a42c62391cab0e8acab36778e163b89479baebc7f03dc33b0668bcc9aaada90208194701b9d7b1ca2e07cd6ec73e604aece6daeca680eac8acceb6ea258afdeebc100b97aa6f23bd768459451449038be3ef80d2ea8ce87cae318b8c40312b608a60504afbdbc470e0af85801d0ae7bed63286f8680757abacca0af51765b6e724e7bad085c7eb82b3e3f5a1433aacee0bc95ef072d9119ba49f18fba7e53bee495037bbad40f44302d655243fd79b1d80de7099fb2b15461ac0df8da7062420807a16041f0617e2b0b789b1083c95f06be94230c53de678335b1e3d0be438093f48c2500e1bccddc593257440ccaf7640308ec6b1772d156f8626a8698a451b65d2fc845ccb66e764cf50b87b6d4287a98bcc2bfd01e155e80f9f59c4c72f214ace5270061670d7977d1cc8bd3dd18f4f351431dd0c22c16e450481d228870d456689e9447c8c1f346011a9df6d44b1da7dcd7fe0db65b6ae30924bdd1e2a5bd4f55a436748f6f5b470310c15de229b903203034fa1ebeb4d4d1c9094e889fa43530dd4709a4ddd660357a682d69580d76932efaa2e886ab74810235ad6db144b5ae0f3eb4c25f31ced6c600e50eb9f3d6865c7662a010207e1f493f255256c791e9e3602638ddfbbc14b04b3fbf3d430d79ae1fee3916a230170b328edc94e21ba38a6ca11b72322b3aeefc88c193edacba4d1c36d6bedfe38f92634adc68d6a7a71ae96788baf5e662abdcd2953a2802f91f4d8dd33ddb80be97f26bd5e07946f413367c874fdfcdf9051844bb90124572fb805ac20ffd70cf4098b5b068c2b535f7b02eb8596916ce642bf509fe1a068dd88908093b27994e8798eb135f8de3cb6da1aef66306a15a973af85a2a406b0bd4a713a83fd6e6139ebb9ced03ab4d743bcdb017c09e31abbd3df053376e11e4fa4656b52faac2cfd8d2180b55190e300ed5ecdec0eef009d246c5e52bef3cc3ddb80c3b8c424a879bca139b1660f9da361a32a9ae1a19d62119eda140baef006f63d6a1f3a99c6b6627a6ae328cbeba810b9ea66455e18a2c3edd5dbc50770aabb7fdbad6bc23bbf46d4f47a629f12775212c7a07eb4536d290dcfbb476beb146cd9bbcea", 0x1000, 0x1f}, {&(0x7f0000001540)="c9633b0fae0cff49541bcf1abbcbdb9f0d6a006614e30a8590b1c9c35cc44e859f6b72dc3c279f682fc8144d62ac146ccaa2a10e23000f51cc8054fdcf47bf5c49cfd3a540767f881ca4d63d6c138ef74aa58b3ebfc454e30097f7e4adea6fd726930b360e2022b7a8b39f7198b5e2f6fc91910c8fdd2da5ee7ac8e0c560288ed7b079420e18a875acdc6ccea76329fdf6e52f1b8b4749a3f814c6a4296aa37b45e0fa52477c97d3455a49f8ad3c551980290f3038f05e82ebe2df70a28d4575eacd487808b37753de16d49491ffbba920edb524f32452d9d6e3c0d9ac8ea172ff87495f7a5deca492eabcd97b093a7cb04d9dd7c13c9b850b8e75f7e233c2465fa1116d0678b8a67bb32a7cdb7d58abbb78832948c4ae2f615f4e5df74fadf64397d6a282871536bf7fad5285f0b2fa3fec88a9b3fb0683f7c22c5f2acb83bc13e58c0897ddf5f5b3775d2792096fc155681c60797e52ff46b49642124d8dd5ec5edc07c50fa322dc06b03b9f3dfdb549221365f91d1e9287e94c54220177972bf341bfc5e847447353a5bee9c47b2e1cb03a814b4a3f41c4337457e206f10cc86386dd11ee4eebfe904fbffe53ab0f871a880dfa87537ee7e316e5e5b0e7a28dbcf7bf47f88f8f2ea91fcfc3d9fb5759e4139e2e375e3923b6e9ec9fe619c9d92fc2a202b31343e2a92a85bfd87ede36dc3f559b069f362c2db4cf7491693457e668d0817056b45b2ca8639822edb247ce04e70ef9215411e1dbd12a0e0a17663d8321d0ad1a8fba8d9e2bbbb4a02501ee4fd45d584339f1b3ecfc992c19a322b40db424bae74bb9ca52095bdf41416d5ab227c58144f7d4f1939d3d304b39259078ca6c78c7a61b15ce520deeec9b3fecc5f1ebcf9434d3a6c90c00eec29c20bcff508d98864e5b9b37af00376d4139cc0265bfd43a13c5c7507505a820c4fdef557af8cad25ce69a71e16b70fd3cb253a146a266d24f82f574fdaa6e2ad2a29250972d1d3efb318655ae9ac7a6e4331ec9869c759d7e09f689e530ec67d208d22722b6d7ad0a168f859050c8e30fae084a4eea4b560b58a94d53ef6253c3bf302e86d233d9e5917525610cc9abe95d6616a0c1dff342973b9d4af0de97d87f8f460c9b864d006ae5756cd0e6b72a051b6176452386f0737a674ab95d269fac4a4ec93149fdd623ae8c6706d4a9caf1c08bcff1bf40f2da2fc2353c1e25a0e27ec7b9a07d28bfabfe6d6e1a95db06b1a8bac18f1ba829056973c5a1bbe53033158f4778010553b381f84ffcb2e80288a865b24c931b7e1187fb617a83f38127c5d59a43b4caed8b23efe37f756a752d1a50cef84aca19107ddc842ef845e99a8f5b66554689ae553230143aa72374f4b6f849b54bafc6e57ddb78b0125fd1d775de8e6fe4ba10d2afb472a9ac1a83824254726cf618713e8be7679641d5ab7335e65c3c3836549ba7684ca79b71dbde473e290d25b1c1c9a75b0b11f46c39a654265e99516e21ebb70a6123eb36f1bd932d7544f9c070b754d21552e9af9059c7be642a5966689a9d002622373b5d7ceba0ead0d1802903d87d01f96f0800b059900c3f48739b1f83935b572ad06c6ee766d6b2c2d239a186cf987c25ad414334c98b6ea9ab63b6a4952e7942e0e71e82e9eca0bb3af7079f7e927b16560bb7965d896d33dfd54863905640bbc460dcdaed9a1c88ac9fdf1ec02c13caae8f06a5e4bd47c0f0e62edfcfea721a9384d65f804636e97a5d551f3f3103fd444330f30785e23b9a0b611c2cdbaf1d54999edadb9d63a9f77fd82224ba1bc9711873d8bc4c3c3e52ff0baf6c53d7947e88ff147b88c20e88b94a10a412bad26d146e2edf6c464c21e2471f55f5d3b7d8a0576fdbc3d436cf7817749c3b4d8bbe3ec4e4b5e44cf104d6003de422de35f95e98a415a8af8164be11e8f1f08976fbfa8eab72721daab6119f29398acba4596566c7fa51ec328a0bd7bccd8339ef0250fbb5f4025c00c33c1f17f2a07e3450b25da5ab0faef49a1ede1eef4e8ba0e18d316d4c1b369d915ea59307846624e148cb42654e49ad26b9050a99cc74665ba7dfa4938e184447579d4c8ddbc2eed16037c16673d8efe9f650a2a570a6584bc69966a6f9473c3d2dde4d6e3ce4ebffcdec96a55319febaab925c7da65fa39f7b5f73741f512e9782a2c706a330863f9e33c3a6b5960757637ce8339a4b1d7e18185a7bd0cf4cbddeeb7b24dfbade4661ca667894b8f6120660229705083389b01635fe4ba78e47a128cce746e7670f4080185621da65624262e7a47b64b4e16c947f0052e0e6d500667a34998bfb51d942ccd58098ce6b80b8fa354b7e38ddffba8c2693a25b5376c2e11df16e6fe0bfe3292a38fb1c707a91f12d448a2ec4aa7a1b09d668145d34bcde451286c7fe5e79d2571cecb6c79537239500f36f2491a25b4fa596bc49453c9865f0f744d3ca8e457a4650ea7ee9dd6de509006f301595014cd51c8352a09be5d11fb3863f6a49835247b5823344cd5cdfea533bf6b66349201287f8d4020f22b2be6224037c554d0e90a7fdcd76a063f4196edf1546441780ee7587ee86424bd3a6b5dfa1557899a0b2ba49a912fe2bac27ddfe227755d2ec5bd0520174238cfe46235ccd278af1d361f59e0e20c44d870310588082193d6493602c646ef2ce3b7c0fe23de0810f08c36169a020100b8def6bf80fbf0822391bccb9b1b39f0ef0090357d8356e9550faca72d46beb5f1d6b7c2daea5a4990d772a00f270b875140b7a838d5d4e90c3b957cdd26f1caecece8981c28c09eb4475c7a3c766bf71ad60a44cd58b599cad3cd721c720020a1c9fe0fa95cf7f8247d64613279d01cf0d633d50228eba4110facab7a230be8a345dbf941471d7969e89e447e0d9d8d5e0460e3484c2f9c99769c0adb2da0da8ef2725becbe220e8db27d5ee546ac32d3eb60840404d07ab8b58dd5e7e3e29e8bc79ff01a63bbb1f92e7eef77787606d679013ddcb0e0dfa2606598afd94d1a1335eeac3d72d9bff10248f8c21b1e8cbf1b88950f7b346c0f2fb9bb790e1572669869a8efb553afde0d7101f488c9b35ea47ceb25ada2681b6f112dfc011d63614f83c8d07ef6b6de1f7891114fc38d2a505d38c6e2ebdfabae7dc8d4355585cf178c05bef21dd4fe3a4a02dce38ea51475ac9da5a0559de6bdd4432238061f4bc2c99824b8f187f3050972b978a0220fb8b0fc1b978f8aabb43f2b68eb88f2e14979202fa9ca9c417790f27eb5f0f039cba24bef38d432fb28b40acdc17fd6dd5d3b633c6261d496e2e2509f2ef727399e76bf8895a289a2f2b1153d832d8a8373f253955d54f5480a8dc30ff1923fa0770003e6befbf0e664769223c44e44057bacb0a942f572d0dadff2e8d0cb6845f9582ed3f2c7aaa8fb7225d03c214dce45f979f963bcbc6ae6783893ed32d2bcc1f663ce373eedaaf9a20b93246b7475dc846f029afad13dc87431353e39ed57d385409b592e03eced6959831d949c0d6b65d530f876b218d1b1441fc352393d9005bfd3b7130e513450e404dde447741b353d99a622792fa3897f5e5c28e51fec08371b7ba25687afac26b9782e91f8b78b8bd665e120621e544e527462ea33a8e1b1f60492c6d7e6e47e297070eddd2253be74afc7988a57a2e08139c89abce7a1f8bbf1fc3ca85464fed29f5f98e1379e101c709dd7071753f38f1d902e50c758f47c71016604f4a5f7f61bda45857c70514b042865e974a8e4afc1419c48766ef4fcc8ef8ef96cd5ab1089bb4a6ab84544ed0601555d165a677c8c7ef5292ed9fd8ed9ee7561f8cc601c767bbeaa5cc200c779e9281c29d92984192b31ed871a511fe37aad31a361240a82584d13367fb2b365091f1625e63b6491aa43a786006550755475e1d29d3a422545b8d1a738f5653756e11bc236456cce8142ebe0f66adb4c1e3de830c185807bcf9a34a3a4d8b612227065f040bd668d0558e245e0526ec2358cdeefe73873a80a31f1bfaea0b413d980f121e9b151b815956379c0096eca4dbe565e9ac5188749145d767fc6b1ad79ff31a1d71e7772b15f519223a9b79c0b398b4642ccdf18007177d9f788ae471d52eda5e724adf70c140127c85f8a2f37239e9d7f76b62f982ef983d99b576ead7661dbcd64da17b0f4d8d177ddda9f9fb4481e2b87ea9a0702792b826f5ad3cf268fffcbcc51aeb62c25aa50b8bfc37acf8c82bc0cedd26d30bd9a47c39405564b88019649f4d5ea9e467b6553b58b1fb21a985bb66795df6899a10ff9c91d21cf5c6a0b21177507f28ad81af72c942501dabdddd979c832f71f704ff905d61d4c065c7206b3ba69177db9e44021d4160f6ddf59c3dafb2902b4482b214ad5845e6e8023f6fbd5e137c2077f8257c7222ac54205fe8f45ff89a098b759bf91336d51dfddf921417c68f055bd9b325404019eddd89096a614ba06ed2e0a1f98bc6d57ef84953131f2341a598bfd9d310df539c21410952ed4e94664d63d0f51b7b17b317df0a08eba45169b8c858d53ab55dac6daa00429b0a22c76e1844e686696cbac01ba958ac867d9d2100ed06c49d41b35e7c1e83bf43ba895fbabbce829544435776bce3f6ea5a71c8f348c83844fb85dbcb6d3b01055469bc05259b6e07cc864ffc842e68b089763ae8ed3b78293c828ca17a79333b24f5cd8d27115cc312bb3e751f2950a208e39c16fdc70834eef67707c890c078c5ded7ca7b53ae33c35540ace55754ec098b4bd7b96af5b6630fbba762c319ec2ef0afcd4b9bea83dfcfb9762bd1088eb6a970382a5cdcf1bae23655e64e0dba10ca52e63ad64d479f1df9b4f1d9bff070fe73f8ccc55158b4d3f18084d3b73e3f3c90a300166c1ff17138375c8aac43863067e45074d000e1005f68687e99307bb96623e330742dd07b1e54222b57902445020a92049a1f1ed0e68e0d295fc3031c15abe45fdbf277a025a95b8e450056370f575cae40bb7e1b3ac3d8b566e683970b7e6a33a09f62b75c286ce84a4f936ce699ae1f96b388af3ecea6249e9042429c2f96292de129383e52bc66dbf595ca00598a5fbd548c3d7b0d5245fc5b7cac5fd657532cc0b5085b1754273aa5e07b3412232c4ed0dc4811a725424edd87198be7688c86eb7c03c2cd1fb2424299afa021978eeb082fbdad5013af017a85bba800968c319d578102a1918de08496af0e55037c36442495ba3764a36aeb34f2b188a6250b3841b713613de2e7345eb734b5207239187411d0212bbb83464d11a602dd63aba61edee0f27c80452936d7921a4924708e1bad0427bf8377f8fff625a3031ecb6f9d171a3aa22c4da1699cdbee7ff53e2e8f98e12ffc49ddd966a39bdf4d782a586e96fb44cbc35ab7503b606453a4e8fd4bcf625d6b07f26c1602852b803588036d49cae82652aa1b2d64428a355ac66f9487b45dd67ba9957ff584bb280df40198e3b337f1493057cc45a0a89f9098274690d3c852562d8f0f9c805aad92331a562c4595d58ef3d753c1027822e1b6c26d09a53c4752ee6737673dc732f351fdc36d32cc796352095d22d1a6c79ec12094ce89cb325205a5636d7a8aa8b2b0fa9964429f8fb890737780ca6af29bdb6e48fc5e752456cf16240e8480500af619e82d88fcf2344a3af0bd4ad05fba5566895433c7418a3a56f389bdcdf0976b10ac1561f5017e73e7f772eef26855777f438f979e0e596b8dddf93fdb05eb152fa0c7d03ebaa88d6309ce88eb541d790c59ceff64c364f4d670b65f4394c8d2", 0x1000, 0x9}], 0x800, &(0x7f00000025c0)={[{@quiet='quiet'}, {@type={'type', 0x3d, "54d7d712"}}, {@part={'part', 0x3d, 0x5}}, {@dir_umask={'dir_umask', 0x3d, 0xfffffffffffffffd}}, {@gid={'gid', 0x3d, r2}}, {@session={'session', 0x3d, 0x2}}, {@iocharset={'iocharset', 0x3d, 'macroman'}}, {@dir_umask={'dir_umask', 0x3d, 0x3}}], [{@smackfshat={'smackfshat', 0x3d, 'journal_dev'}}, {@smackfshat={'smackfshat', 0x3d, 'journal_dev'}}, {@obj_role={'obj_role', 0x3d, 'journal_dev'}}]}) syz_mount_image$ext4(0x0, &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x100020, &(0x7f0000000040)={[{@journal_dev={'journal_dev'}}]}) [ 340.693796] free:1270928 free_pcp:240 free_cma:0 [ 340.728758] Node 0 active_anon:487884kB inactive_anon:4892kB active_file:32884kB inactive_file:52304kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:236284kB dirty:1264kB writeback:0kB shmem:10380kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 430080kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no 04:53:15 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) [ 340.757921] Node 1 active_anon:0kB inactive_anon:0kB active_file:140kB inactive_file:0kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:4kB writeback:0kB shmem:0kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 340.784823] Node 0 DMA free:15908kB min:216kB low:268kB high:320kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 340.811960] lowmem_reserve[]: 0 2580 2580 2580 [ 340.816651] Node 0 DMA32 free:1285116kB min:36468kB low:45584kB high:54700kB active_anon:483612kB inactive_anon:4892kB active_file:32884kB inactive_file:52304kB unevictable:0kB writepending:1264kB present:3129332kB managed:2644912kB mlocked:0kB kernel_stack:7552kB pagetables:4676kB bounce:0kB free_pcp:696kB local_pcp:428kB free_cma:0kB [ 340.847586] lowmem_reserve[]: 0 0 0 0 [ 340.852048] Node 0 Normal free:0kB min:0kB low:0kB high:0kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:0kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 340.879145] lowmem_reserve[]: 0 0 0 0 [ 340.883621] Node 1 Normal free:3786832kB min:53420kB low:66772kB high:80124kB active_anon:0kB inactive_anon:0kB active_file:140kB inactive_file:0kB unevictable:0kB writepending:4kB present:3932160kB managed:3870208kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 340.913084] QAT: Invalid ioctl [ 340.916601] lowmem_reserve[]: 0 0 0 0 [ 340.920694] Node 0 DMA: 1*4kB (U) 0*8kB 0*16kB 1*32kB (U) 2*64kB (U) 1*128kB (U) 1*256kB (U) 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15908kB [ 340.936128] Node 0 DMA32: 10502*4kB (UME) 2772*8kB (UME) 2712*16kB (UME) 1890*32kB (UME) 827*64kB (UM) 89*128kB (UM) 9*256kB (UME) 4*512kB (ME) 2*1024kB (UE) 5*2048kB (UME) 253*4096kB [ 340.936272] (M) = 1285304kB [ 340.956332] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 340.967380] Node 1 Normal: 48*4kB (UE) 360*8kB (UME) 279*16kB (UME) 53*32kB (UME) 17*64kB (UME) 12*128kB (UE) 4*256kB (UM) 3*512kB (UE) 2*1024kB (ME) 5*2048kB (UME) 918*4096kB (M) = 3786832kB [ 340.985744] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 340.995855] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 341.005221] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 341.014821] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 341.023512] 23928 total pagecache pages 04:53:16 executing program 5: socket$inet_udplite(0x2, 0x2, 0x88) ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") r0 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000140)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r0, &(0x7f0000000000)=ANY=[], 0x0) 04:53:16 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, &(0x7f0000000140)={0x0, @aes256}) 04:53:16 executing program 4: syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x28001) write$evdev(0xffffffffffffffff, &(0x7f0000000280)=[{}], 0x12) 04:53:16 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) 04:53:16 executing program 2: syz_mount_image$xfs(&(0x7f0000000040)='xfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="6e6f7265636f766572792c62696f73697a653d30303030303030303030303030303030303030372c6c6f676465763d2ef127052477ed240f7a1d38ffe3579f9fba36694d51f2bcfe6dcb6ae4ad918151c1dd72f99c68cda9b0f15eb59a9a7b35e8f21b84c698b619af35b3c08a3d647da328501c5f8dada26cdcf93fe4f8a57b5914ae88702c7ab80cdfded1218d7f0345e2b4e971cab2ab2ca060dd5673499c2eacf520db7f84744dac4f1d5293958a810834"]) r0 = openat$selinux_avc_cache_threshold(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/avc/cache_threshold\x00', 0x2, 0x0) setsockopt$netrom_NETROM_IDLE(r0, 0x103, 0x7, &(0x7f00000000c0)=0x9, 0x4) [ 341.027505] 0 pages in swap cache [ 341.031214] Swap cache stats: add 0, delete 0, find 0/0 [ 341.036776] Free swap = 0kB [ 341.039822] Total swap = 0kB [ 341.043545] 1965979 pages RAM [ 341.046750] 0 pages HighMem/MovableOnly [ 341.053892] 333222 pages reserved [ 341.057370] 0 pages cma reserved [ 341.066771] hfs: unable to parse mount options 04:53:16 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, &(0x7f0000000140)={0x0, @aes256}) [ 341.128869] EXT4-fs (sda1): Cannot specify journal on remount [ 341.148882] syz-executor.5: vmalloc: allocation failure: 0 bytes, mode:0x14000c0(GFP_KERNEL), nodemask=(null) [ 341.167764] XFS (loop2): unknown mount option [z¸ ßÞÑ!Eâ´éqʲ«]. 04:53:16 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) [ 341.183673] syz-executor.5 cpuset=syz5 mems_allowed=0-1 [ 341.198897] CPU: 0 PID: 21447 Comm: syz-executor.5 Not tainted 4.14.131 #25 [ 341.206052] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 341.206062] Call Trace: [ 341.218396] dump_stack+0x138/0x19c [ 341.222255] warn_alloc.cold+0x96/0x1af [ 341.226232] ? zone_watermark_ok_safe+0x2b0/0x2b0 [ 341.231142] ? lock_downgrade+0x6e0/0x6e0 [ 341.231158] ? avc_has_perm+0x2df/0x4b0 [ 341.231171] __vmalloc_node_range+0x3be/0x6a0 [ 341.231182] ? trace_hardirqs_on+0x10/0x10 [ 341.231193] vmalloc+0x46/0x50 [ 341.231202] ? sel_write_load+0x1a0/0x1050 [ 341.231210] sel_write_load+0x1a0/0x1050 [ 341.231221] ? save_trace+0x290/0x290 [ 341.231236] ? sel_read_bool+0x240/0x240 [ 341.231247] ? trace_hardirqs_on+0x10/0x10 [ 341.231255] ? save_trace+0x290/0x290 [ 341.231269] __vfs_write+0x105/0x6b0 [ 341.280399] ? __lock_is_held+0xb6/0x140 [ 341.284467] ? sel_read_bool+0x240/0x240 [ 341.288537] ? kernel_read+0x120/0x120 [ 341.292448] ? __lock_is_held+0xb6/0x140 [ 341.296518] ? check_preemption_disabled+0x3c/0x250 [ 341.301618] ? rcu_lockdep_current_cpu_online+0xf2/0x140 [ 341.307078] ? rcu_read_lock_sched_held+0x110/0x130 [ 341.312105] ? rcu_sync_lockdep_assert+0x6d/0xb0 [ 341.316858] ? __sb_start_write+0x153/0x2f0 [ 341.321168] vfs_write+0x198/0x500 [ 341.324692] SyS_write+0xfd/0x230 [ 341.328216] ? SyS_read+0x230/0x230 [ 341.331844] ? do_syscall_64+0x53/0x640 [ 341.335813] ? SyS_read+0x230/0x230 [ 341.339430] do_syscall_64+0x1e8/0x640 [ 341.343300] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 341.348133] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 341.353311] RIP: 0033:0x4597c9 [ 341.356490] RSP: 002b:00007fbe448e1c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 341.364185] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000004597c9 [ 341.371632] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000004 04:53:16 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, &(0x7f0000000140)={0x0, @aes256}) 04:53:16 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) [ 341.379130] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 341.386402] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fbe448e26d4 [ 341.393676] R13: 00000000004c97d2 R14: 00000000004e0bc8 R15: 00000000ffffffff 04:53:16 executing program 4: syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x28001) write$evdev(0xffffffffffffffff, &(0x7f0000000280)=[{}], 0x12) [ 341.439193] hfs: unable to parse mount options [ 341.439242] XFS (loop2): unknown mount option [z¸ ßÞÑ!Eâ´éqʲ«]. 04:53:16 executing program 0: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', 0x0, 0x2001001, 0x0) 04:53:16 executing program 5: socket$inet_udplite(0x2, 0x2, 0x88) ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") r0 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000140)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r0, &(0x7f0000000000)=ANY=[], 0x0) 04:53:16 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) 04:53:16 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, &(0x7f0000000140)={0x0, @aes256}) 04:53:16 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) 04:53:16 executing program 2: syz_mount_image$xfs(&(0x7f0000000040)='xfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000002680)=ANY=[@ANYBLOB='norecovery,biosize=00000000000000000007,logdev=.']) pipe2(&(0x7f0000000000)={0xffffffffffffffff}, 0x4000) bind(r0, &(0x7f00000000c0)=@pptp={0x18, 0x2, {0x1, @remote}}, 0x80) 04:53:16 executing program 4: syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x28001) write$evdev(0xffffffffffffffff, &(0x7f0000000280)=[{}], 0x12) 04:53:16 executing program 0: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mkdir(&(0x7f0000000100)='./file0\x00', 0x1) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', 0x0, 0x2001001, 0x0) syz_mount_image$ext4(0x0, &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x100020, &(0x7f0000000040)={[{@journal_dev={'journal_dev'}}]}) 04:53:16 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, &(0x7f0000000140)={0x0, @aes256}) [ 341.619714] syz-executor.5: vmalloc: allocation failure: 0 bytes, mode:0x14000c0(GFP_KERNEL), nodemask=(null) [ 341.680600] syz-executor.5 cpuset=syz5 mems_allowed=0-1 [ 341.686254] CPU: 1 PID: 21488 Comm: syz-executor.5 Not tainted 4.14.131 #25 [ 341.686262] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 341.686267] Call Trace: [ 341.686286] dump_stack+0x138/0x19c [ 341.686302] warn_alloc.cold+0x96/0x1af [ 341.686316] ? zone_watermark_ok_safe+0x2b0/0x2b0 [ 341.702885] ? lock_downgrade+0x6e0/0x6e0 [ 341.702916] ? avc_has_perm+0x2df/0x4b0 [ 341.702933] __vmalloc_node_range+0x3be/0x6a0 04:53:16 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, &(0x7f0000000140)={0x0, @aes256}) 04:53:16 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, &(0x7f0000000140)={0x0, @aes256}) [ 341.702946] ? trace_hardirqs_on+0x10/0x10 [ 341.702961] vmalloc+0x46/0x50 [ 341.702971] ? sel_write_load+0x1a0/0x1050 [ 341.702979] sel_write_load+0x1a0/0x1050 [ 341.702987] ? save_trace+0x290/0x290 [ 341.703002] ? sel_read_bool+0x240/0x240 [ 341.703012] ? trace_hardirqs_on+0x10/0x10 [ 341.703021] ? save_trace+0x290/0x290 [ 341.703036] __vfs_write+0x105/0x6b0 [ 341.717205] XFS (loop2): no-recovery mounts must be read-only. [ 341.718244] ? __lock_is_held+0xb6/0x140 04:53:16 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, &(0x7f0000000140)={0x0, @aes256}) [ 341.718258] ? sel_read_bool+0x240/0x240 [ 341.718271] ? kernel_read+0x120/0x120 [ 341.718282] ? __lock_is_held+0xb6/0x140 [ 341.718292] ? check_preemption_disabled+0x3c/0x250 [ 341.718305] ? rcu_lockdep_current_cpu_online+0xf2/0x140 [ 341.802325] ? rcu_read_lock_sched_held+0x110/0x130 [ 341.808093] ? rcu_sync_lockdep_assert+0x6d/0xb0 [ 341.812873] ? __sb_start_write+0x153/0x2f0 [ 341.817222] vfs_write+0x198/0x500 [ 341.817235] SyS_write+0xfd/0x230 [ 341.817245] ? SyS_read+0x230/0x230 04:53:16 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) [ 341.828206] ? do_syscall_64+0x53/0x640 [ 341.828221] ? SyS_read+0x230/0x230 [ 341.828234] do_syscall_64+0x1e8/0x640 [ 341.828243] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 341.828260] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 341.828268] RIP: 0033:0x4597c9 [ 341.828275] RSP: 002b:00007fbe448e1c78 EFLAGS: 00000246 [ 341.850197] ORIG_RAX: 0000000000000001 [ 341.850204] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000004597c9 [ 341.850209] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000004 [ 341.850215] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 341.850221] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fbe448e26d4 [ 341.850227] R13: 00000000004c97d2 R14: 00000000004e0bc8 R15: 00000000ffffffff [ 341.884973] warn_alloc_show_mem: 1 callbacks suppressed [ 341.884976] Mem-Info: [ 341.916519] active_anon:121934 inactive_anon:1226 isolated_anon:0 [ 341.916519] active_file:8256 inactive_file:13080 isolated_file:0 [ 341.916519] unevictable:0 dirty:325 writeback:0 unstable:0 [ 341.916519] slab_reclaimable:12121 slab_unreclaimable:108774 [ 341.916519] mapped:59074 shmem:2598 pagetables:1192 bounce:0 [ 341.916519] free:1270737 free_pcp:220 free_cma:0 [ 341.961264] Node 0 active_anon:487736kB inactive_anon:4904kB active_file:32884kB inactive_file:52320kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:236296kB dirty:1296kB writeback:0kB shmem:10392kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 434176kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 341.999149] EXT4-fs (sda1): Cannot specify journal on remount [ 342.025293] Node 1 active_anon:0kB inactive_anon:0kB active_file:140kB inactive_file:0kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:4kB writeback:0kB shmem:0kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 342.075018] Node 0 DMA free:15908kB min:216kB low:268kB high:320kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 342.104836] lowmem_reserve[]: 0 2580 2580 2580 [ 342.116086] XFS (loop2): no-recovery mounts must be read-only. [ 342.119130] Node 0 DMA32 free:1283692kB min:36468kB low:45584kB high:54700kB active_anon:485528kB inactive_anon:4884kB active_file:32888kB inactive_file:52372kB unevictable:0kB writepending:1356kB present:3129332kB managed:2644912kB mlocked:0kB kernel_stack:7584kB pagetables:4676kB bounce:0kB free_pcp:1276kB local_pcp:504kB free_cma:0kB [ 342.158751] lowmem_reserve[]: 0 0 0 0 [ 342.163635] Node 0 Normal free:0kB min:0kB low:0kB high:0kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:0kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 342.195218] lowmem_reserve[]: 0 0 0 0 [ 342.202251] Node 1 Normal free:3786832kB min:53420kB low:66772kB high:80124kB active_anon:0kB inactive_anon:0kB active_file:140kB inactive_file:0kB unevictable:0kB writepending:4kB present:3932160kB managed:3870208kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 342.236821] lowmem_reserve[]: 0 0 0 0 [ 342.243434] Node 0 DMA: 1*4kB (U) 0*8kB 0*16kB 1*32kB (U) 2*64kB (U) 1*128kB (U) 1*256kB (U) 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15908kB [ 342.268177] Node 0 DMA32: 10564*4kB (UME) 2854*8kB (UME) 2742*16kB (UME) 1895*32kB (UME) 827*64kB (UM) 89*128kB (UM) 9*256kB (UME) 4*512kB (ME) 2*1024kB (UE) 4*2048kB (UME) 254*4096kB (M) = 1288896kB [ 342.294043] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 342.305254] Node 1 Normal: 48*4kB (UE) 360*8kB (UME) 279*16kB (UME) 53*32kB (UME) 17*64kB (UME) 12*128kB (UE) 4*256kB (UM) 3*512kB (UE) 2*1024kB (ME) 5*2048kB (UME) 918*4096kB (M) = 3786832kB [ 342.327718] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 342.337699] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 342.347241] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 342.360323] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 342.373585] 23946 total pagecache pages 04:53:17 executing program 5: socket$inet_udplite(0x2, 0x2, 0x88) ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") r0 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000140)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r0, &(0x7f0000000000)=ANY=[], 0x0) 04:53:17 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, &(0x7f0000000140)={0x0, @aes256}) 04:53:17 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) 04:53:17 executing program 4: syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x28001) write$evdev(0xffffffffffffffff, &(0x7f0000000280)=[{}], 0x12) 04:53:17 executing program 0: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', 0x0, 0x2001001, 0x0) r0 = fcntl$getown(0xffffffffffffff9c, 0x9) syz_open_procfs$namespace(r0, &(0x7f0000000100)='ns/pid\x00') syz_mount_image$ext4(0x0, &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x100020, &(0x7f0000000040)={[{@journal_dev={'journal_dev'}}]}) 04:53:17 executing program 2: rename(&(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='./file0\x00') syz_mount_image$xfs(&(0x7f0000000040)='xfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000002680)=ANY=[@ANYBLOB="6e6f7265636f7665726e2c62060073697a653d0030303030bc30372c6c6f676465763d2e00"/48]) [ 342.377572] 0 pages in swap cache [ 342.381824] Swap cache stats: add 0, delete 0, find 0/0 [ 342.387276] Free swap = 0kB [ 342.390961] Total swap = 0kB [ 342.394000] 1965979 pages RAM [ 342.397304] 0 pages HighMem/MovableOnly [ 342.401439] 333222 pages reserved [ 342.404900] 0 pages cma reserved 04:53:17 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) 04:53:17 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, &(0x7f0000000140)={0x0, @aes256}) [ 342.479263] syz-executor.5: vmalloc: allocation failure: 0 bytes, mode:0x14000c0(GFP_KERNEL), nodemask=(null) [ 342.483956] EXT4-fs (sda1): Cannot specify journal on remount [ 342.518308] XFS (loop2): unknown mount option [norecovern]. 04:53:17 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) 04:53:17 executing program 4: syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x28001) write$evdev(0xffffffffffffffff, &(0x7f0000000280)=[{}], 0x12) [ 342.532115] syz-executor.5 cpuset=syz5 mems_allowed=0-1 [ 342.587116] CPU: 1 PID: 21543 Comm: syz-executor.5 Not tainted 4.14.131 #25 [ 342.594526] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 342.604119] Call Trace: [ 342.604142] dump_stack+0x138/0x19c [ 342.604156] warn_alloc.cold+0x96/0x1af [ 342.604166] ? zone_watermark_ok_safe+0x2b0/0x2b0 [ 342.604181] ? lock_downgrade+0x6e0/0x6e0 [ 342.604196] ? avc_has_perm+0x2df/0x4b0 [ 342.627979] __vmalloc_node_range+0x3be/0x6a0 [ 342.632528] ? trace_hardirqs_on+0x10/0x10 04:53:17 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, &(0x7f0000000140)={0x0, @aes256}) [ 342.636978] vmalloc+0x46/0x50 [ 342.640282] ? sel_write_load+0x1a0/0x1050 [ 342.644765] sel_write_load+0x1a0/0x1050 [ 342.648948] ? save_trace+0x290/0x290 [ 342.652771] ? sel_read_bool+0x240/0x240 [ 342.656977] ? trace_hardirqs_on+0x10/0x10 [ 342.656995] ? save_trace+0x290/0x290 [ 342.657009] __vfs_write+0x105/0x6b0 [ 342.657018] ? __lock_is_held+0xb6/0x140 [ 342.666455] ? sel_read_bool+0x240/0x240 [ 342.666469] ? kernel_read+0x120/0x120 04:53:17 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, &(0x7f0000000140)={0x0, @aes256}) [ 342.684139] ? __lock_is_held+0xb6/0x140 [ 342.688219] ? check_preemption_disabled+0x3c/0x250 [ 342.693789] ? rcu_lockdep_current_cpu_online+0xf2/0x140 [ 342.699827] ? rcu_read_lock_sched_held+0x110/0x130 [ 342.705135] ? rcu_sync_lockdep_assert+0x6d/0xb0 [ 342.710613] ? __sb_start_write+0x153/0x2f0 [ 342.715107] vfs_write+0x198/0x500 [ 342.718657] SyS_write+0xfd/0x230 [ 342.722533] ? SyS_read+0x230/0x230 [ 342.726563] ? do_syscall_64+0x53/0x640 [ 342.730539] ? SyS_read+0x230/0x230 [ 342.734258] do_syscall_64+0x1e8/0x640 [ 342.738312] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 342.743338] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 342.748672] RIP: 0033:0x4597c9 [ 342.752014] RSP: 002b:00007fbe448e1c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 342.760118] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000004597c9 [ 342.767439] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000004 [ 342.774869] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 04:53:17 executing program 5: socket$inet_udplite(0x2, 0x2, 0x88) ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") r0 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000140)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r0, &(0x7f0000000000)=ANY=[], 0x0) 04:53:17 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) [ 342.782363] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fbe448e26d4 [ 342.789738] R13: 00000000004c97d2 R14: 00000000004e0bc8 R15: 00000000ffffffff [ 342.826419] syz-executor.5: vmalloc: allocation failure: 0 bytes, mode:0x14000c0(GFP_KERNEL), nodemask=(null) 04:53:17 executing program 4: syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x28001) write$evdev(0xffffffffffffffff, &(0x7f0000000280)=[{}], 0x12) 04:53:17 executing program 2: syz_mount_image$xfs(&(0x7f0000000040)='xfs\x00', &(0x7f0000000000)='./file0\x00', 0x8001, 0x0, 0x0, 0x2, &(0x7f0000000140)=ANY=[@ANYPTR64=&(0x7f0000000100)=ANY=[@ANYRES32=0x0, @ANYRES32], @ANYRESHEX, @ANYBLOB="61651bbd7105afd3ab3a0657760afb086676085ecc86e041164388f23b4bd5e00ffde44a3239106caf5db50eccb2164af7083634d29ef238c744aaf27af097f5218e57b6adb3f9b28fe5b047801cbc3fac1515bef9573aa8e21f57e13979809b9d13110535650fc4f36aaa94112bc7b38ef34f4481169ad0397b793ef967370cc61329c687f236ac2aa9d2a6eecbb1693d48a8a773d60449b9dba3f2d1b0595fd5eb0bb3d000ccba45f593938694c1c028b5adbbec44960550"]) r0 = openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000080)='/dev/btrfs-control\x00', 0x101040, 0x0) accept4$x25(r0, 0x0, &(0x7f00000000c0), 0x800) getsockopt$netrom_NETROM_T4(r0, 0x103, 0x6, &(0x7f0000000240)=0x20, &(0x7f0000000280)=0x4) [ 342.847180] EXT4-fs (sda1): Cannot specify journal on remount [ 342.863331] syz-executor.5 cpuset=syz5 mems_allowed=0-1 [ 342.902689] CPU: 1 PID: 21566 Comm: syz-executor.5 Not tainted 4.14.131 #25 [ 342.909951] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 342.919418] Call Trace: [ 342.922229] dump_stack+0x138/0x19c [ 342.925990] warn_alloc.cold+0x96/0x1af [ 342.930033] ? zone_watermark_ok_safe+0x2b0/0x2b0 [ 342.935626] ? lock_downgrade+0x6e0/0x6e0 [ 342.939823] ? avc_has_perm+0x2df/0x4b0 [ 342.943828] __vmalloc_node_range+0x3be/0x6a0 [ 342.948350] ? trace_hardirqs_on+0x10/0x10 [ 342.952729] vmalloc+0x46/0x50 [ 342.955947] ? sel_write_load+0x1a0/0x1050 [ 342.961507] sel_write_load+0x1a0/0x1050 [ 342.965574] ? save_trace+0x290/0x290 [ 342.969444] ? sel_read_bool+0x240/0x240 [ 342.973522] ? trace_hardirqs_on+0x10/0x10 [ 342.977764] ? save_trace+0x290/0x290 [ 342.981569] __vfs_write+0x105/0x6b0 [ 342.985409] ? __lock_is_held+0xb6/0x140 [ 342.989680] ? sel_read_bool+0x240/0x240 [ 342.994719] ? kernel_read+0x120/0x120 [ 342.998851] ? __lock_is_held+0xb6/0x140 [ 343.004614] ? check_preemption_disabled+0x3c/0x250 [ 343.010228] ? rcu_lockdep_current_cpu_online+0xf2/0x140 [ 343.015901] ? rcu_read_lock_sched_held+0x110/0x130 [ 343.021441] ? rcu_sync_lockdep_assert+0x6d/0xb0 [ 343.026203] ? __sb_start_write+0x153/0x2f0 [ 343.030528] vfs_write+0x198/0x500 [ 343.034261] SyS_write+0xfd/0x230 [ 343.037898] ? SyS_read+0x230/0x230 [ 343.041702] ? do_syscall_64+0x53/0x640 [ 343.046374] ? SyS_read+0x230/0x230 [ 343.050189] do_syscall_64+0x1e8/0x640 [ 343.054509] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 343.060946] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 343.066842] RIP: 0033:0x4597c9 [ 343.070287] RSP: 002b:00007fbe448e1c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 343.078008] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000004597c9 [ 343.085665] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000004 [ 343.093976] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 343.101684] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fbe448e26d4 [ 343.112257] R13: 00000000004c97d2 R14: 00000000004e0bc8 R15: 00000000ffffffff [ 343.121267] warn_alloc_show_mem: 1 callbacks suppressed [ 343.121271] Mem-Info: [ 343.129375] active_anon:121491 inactive_anon:1219 isolated_anon:0 [ 343.129375] active_file:8257 inactive_file:13102 isolated_file:0 [ 343.129375] unevictable:0 dirty:352 writeback:0 unstable:0 04:53:18 executing program 0: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', 0x0, 0x2001001, 0x0) syz_mount_image$ext4(0x0, &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x100020, &(0x7f0000000040)={[{@journal_dev={'journal_dev'}}]}) r0 = dup(0xffffffffffffff9c) getsockopt$inet_sctp_SCTP_I_WANT_MAPPED_V4_ADDR(r0, 0x84, 0xc, &(0x7f0000000100), &(0x7f0000000140)=0x4) 04:53:18 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) 04:53:18 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, &(0x7f0000000140)={0x0, @aes256}) [ 343.129375] slab_reclaimable:12122 slab_unreclaimable:108723 [ 343.129375] mapped:59069 shmem:2594 pagetables:1218 bounce:0 [ 343.129375] free:1270892 free_pcp:201 free_cma:0 [ 343.178572] Node 0 active_anon:485876kB inactive_anon:4876kB active_file:32888kB inactive_file:52420kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:236276kB dirty:1404kB writeback:0kB shmem:10376kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 438272kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 343.209355] Node 1 active_anon:0kB inactive_anon:0kB active_file:140kB inactive_file:0kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:4kB writeback:0kB shmem:0kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 343.236015] Node 0 DMA free:15908kB min:216kB low:268kB high:320kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 343.263813] lowmem_reserve[]: 0 2580 2580 2580 [ 343.268508] Node 0 DMA32 free:1282844kB min:36468kB low:45584kB high:54700kB active_anon:485872kB inactive_anon:4880kB active_file:32888kB inactive_file:52420kB unevictable:0kB writepending:1404kB present:3129332kB managed:2644912kB mlocked:0kB kernel_stack:7584kB pagetables:4700kB bounce:0kB free_pcp:1316kB local_pcp:632kB free_cma:0kB [ 343.299004] lowmem_reserve[]: 0 0 0 0 04:53:18 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, &(0x7f0000000140)={0x0, @aes256}) [ 343.303169] Node 0 Normal free:0kB min:0kB low:0kB high:0kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:0kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 343.343951] lowmem_reserve[]: 0 0 0 0 04:53:18 executing program 4: syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x28001) write$evdev(0xffffffffffffffff, &(0x7f0000000280)=[{}], 0x12) [ 343.347961] Node 1 Normal free:3786832kB min:53420kB low:66772kB high:80124kB active_anon:0kB inactive_anon:0kB active_file:140kB inactive_file:0kB unevictable:0kB writepending:4kB present:3932160kB managed:3870208kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB 04:53:18 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) [ 343.399449] lowmem_reserve[]: 0 0 0 0 [ 343.409474] Node 0 DMA: 1*4kB (U) 0*8kB 0*16kB 1*32kB (U) 2*64kB (U) 1*128kB (U) 1*256kB (U) 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15908kB 04:53:18 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) 04:53:18 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, &(0x7f0000000140)={0x0, @aes256}) [ 343.446684] Node 0 DMA32: 10347*4kB (UME) 2849*8kB (UME) 2723*16kB (UME) 1872*32kB (UME) 827*64kB (UM) 89*128kB (UM) 9*256kB (UME) 4*512kB (ME) 2*1024kB (UE) 4*2048kB (UME) 253*4096kB (M) = 1282852kB [ 343.474854] XFS (loop2): Invalid superblock magic number [ 343.477663] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 343.532662] Node 1 Normal: 48*4kB (UE) 360*8kB (UME) 279*16kB (UME) 53*32kB (UME) 17*64kB (UME) 12*128kB (UE) 4*256kB (UM) 3*512kB (UE) 2*1024kB (ME) 5*2048kB (UME) 918*4096kB (M) = 3786832kB [ 343.572181] EXT4-fs (sda1): Cannot specify journal on remount [ 343.607443] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 343.623361] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 343.632983] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 343.642709] XFS (loop2): Invalid superblock magic number [ 343.664763] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 343.675490] 23946 total pagecache pages [ 343.679841] 0 pages in swap cache [ 343.686577] Swap cache stats: add 0, delete 0, find 0/0 [ 343.692408] Free swap = 0kB [ 343.695440] Total swap = 0kB [ 343.698802] 1965979 pages RAM [ 343.706589] 0 pages HighMem/MovableOnly [ 343.711134] 333222 pages reserved 04:53:18 executing program 5: socket$inet_udplite(0x2, 0x2, 0x88) ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") r0 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000140)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r0, &(0x7f0000000000)=ANY=[], 0x0) 04:53:18 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) 04:53:18 executing program 4: syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x28001) write$evdev(0xffffffffffffffff, &(0x7f0000000280)=[{}], 0x12) 04:53:18 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, &(0x7f0000000140)={0x0, @aes256}) [ 343.711139] 0 pages cma reserved [ 343.719536] EXT4-fs (sda1): Cannot specify journal on remount 04:53:18 executing program 0: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', 0x0, 0x2001001, 0x0) r0 = syz_open_dev$usbmon(&(0x7f0000000100)='/dev/usbmon#\x00', 0x1, 0x2440c0) getsockopt$inet_sctp6_SCTP_GET_PEER_ADDRS(0xffffffffffffff9c, 0x84, 0x6c, &(0x7f0000000140)={0x0, 0x38, "0a19177250470f80ef4e3b17afc43c7bca41002448a309bcc28022b6650147b305947d223e648f4c995c7b27f369bf5767b00932de4cb8c7"}, &(0x7f0000000180)=0x40) getsockopt$inet_sctp_SCTP_DEFAULT_SNDINFO(r0, 0x84, 0x22, &(0x7f00000001c0)={0x7fff, 0x8209, 0x6, 0x2, r1}, &(0x7f0000000200)=0x10) syz_mount_image$ext4(0x0, &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x100020, &(0x7f0000000040)={[{@journal_dev={'journal_dev'}}]}) 04:53:18 executing program 2: syz_mount_image$xfs(&(0x7f0000000040)='xfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000002680)=ANY=[@ANYBLOB='norecovery,biosize=00000000000000000007,logdev=.']) syz_mount_image$nfs4(&(0x7f0000000000)='nfs4\x00', &(0x7f00000000c0)='./file0\x00', 0xaf, 0x9, &(0x7f0000000740)=[{&(0x7f0000000100)="fb8e4028e834138df97b8607b6be78400c7e956f9500fc711015575b9182b60a8ab9c9ae858c3824ca4e808fab886b3f345e29bf4dc972063bcea99ac29ce055b0be43dea5e1ad6ca0cdcc26a1ed70dde79b07b91da0bb6ba9672e4ccebea1ed4d81d4a6f852810f701e19e711801c04581a8ff2f273de56c3d9306ac81d418f7706361979", 0x85, 0x8}, {&(0x7f00000001c0), 0x0, 0x8}, {&(0x7f0000000200)="6fa24adef431", 0x6, 0x4}, {&(0x7f0000000240)="b8cec2eaee8b0e0ec97b706b4349433d9d7ad01e9f4636fef1141cf936c53707bb1317379eb45f5e84361fe4cf29365c8ee709b52f1008a9f4a59dffaa471cf28c6e6f7a8272a76a01d0afd9632ae7d0744fb70bded8f147bec06b21cb71047bb0ccc498ce16a76257a6086fb27c1022a3c799dc85f15ad49e86188f615347dc2c61851d1ffd1d7e0d4375d181a5b213faf35e8d21ad7da23e27b1c703d318d8b206da106654dc68b7d8cbba0ce0b50b7462532768de87e4076369695c6f182deef13e3ea27dade28b9b28c45036adac7f4729c9", 0xd4, 0x2}, {&(0x7f0000000340)="7a4d2d3e8d0908ed3b2df8cb5461bee197e1d17b0e1657474c5d01f6e822b95f6b32695810fdc1ceb5cd5759aba64889cfc60a9d4572aa06892e997e89ff607191fa9afff1f1962c5f044f8eb61bad54c90f4c84315ef6bbfa56f69599d704d1bcf7e12f6bc29dacfd20d9a41ad5bc582bf2f98b9d09263fa8f5fbb0a1d239dd76ed8df06ec3abfce2b5b17ee0137029a96a74187751b4167d7371087912b006dd5abe2fe1236f81dfd11884e169604641450e0f3320c266d6924bc2b22cde6052b700b354121ab9d3eb7c16a01a2968932a736d449898", 0xd7, 0x6}, {&(0x7f0000000440)="cfacc7d11866b19ab58b3c5b7c6c81608e6a1f28d4b025ac8360d43e9fefbdf7e2f6b9470740376549f6ae553aded28a811b8302b96d72eb32c73b05a0fe06230a59a334c2262ccc5935ed2d0b6e97b5efe00058a3473fab047aeb5688c20212d594578d67f7ebc64750fedbb0a8eea718488312169e580b81891fd2e3a6518f4b181de651dcfb37940f35fe03cd", 0x8e, 0x100}, {&(0x7f0000000500)="cdc80d4e48ffcdd559ae7a2b9565ce436ccb102d34040a791d42a420bf31cb8ee993c99b28ebaf70f43069606fa27bd48a69ecb432d3d08daf3294d607901abec92c25b0f0dac27987065ff18861019ba28f3de9483ab6c482dcb8c37d9ed027a4c92598acddc4d460864a34052eee1e105c307f8a549c0d2f963e5f43e23a09783391102db6510b07781ecb736fb0dc8732a180d15b1dfc016db4785ff91a3b2ac4d7175cd3dc1df93b481e561b911f79c6432d90e108b6dfefc56584e9cd9b8f1f819eccb5f076fa1e583d7071d03631e9421d69036b4e9d3a9ae58e3b1477", 0xe0, 0x1}, {&(0x7f0000000600)="a97a7f9296b050a3a860f9bcb6179d37071070e3f9ee625ff2527fe06d36f5ebef34779e6dc023e5a2a29c7edaa6a1aa741de37d403532aa40ee72553fc7b28e0ada8fd49fbbbf23bc2516f2ceebb6a1ca1d48f979acf3d3daca466342aac76ca79281ee8cb736fcdd5b752a468a94f49836df3151eb13ff0ac2e13833e4f9dc88fe6052a5506d0d94d2a0abdb492bbdd8448a30b4a81ea640d226daa4f093ceaebe3574991d73c35e79f9136329b298ba6b4eb963da82a3d19fed0834cb940d4ada61bf6b78134e2d55e497c3937273f74662cf7392c45f29b8293af066466997858bb6977eeb9a67501a", 0xeb, 0x1}, {&(0x7f0000000700)="643e801120", 0x5, 0x100}], 0x100820, &(0x7f0000000840)='xfs\x00') 04:53:18 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) [ 343.798106] syz-executor.5: vmalloc: allocation failure: 0 bytes, mode:0x14000c0(GFP_KERNEL), nodemask=(null) [ 343.810881] syz-executor.5 cpuset=syz5 mems_allowed=0-1 [ 343.823928] CPU: 0 PID: 21644 Comm: syz-executor.5 Not tainted 4.14.131 #25 [ 343.831213] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 343.831218] Call Trace: [ 343.831238] dump_stack+0x138/0x19c 04:53:18 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, &(0x7f0000000140)={0x0, @aes256}) 04:53:18 executing program 5: socket$inet_udplite(0x2, 0x2, 0x88) ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") r0 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000140)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r0, &(0x7f0000000000)=ANY=[], 0x0) 04:53:18 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) [ 343.831252] warn_alloc.cold+0x96/0x1af [ 343.831262] ? zone_watermark_ok_safe+0x2b0/0x2b0 [ 343.831275] ? lock_downgrade+0x6e0/0x6e0 [ 343.831289] ? avc_has_perm+0x2df/0x4b0 [ 343.831304] __vmalloc_node_range+0x3be/0x6a0 [ 343.831315] ? trace_hardirqs_on+0x10/0x10 [ 343.831327] vmalloc+0x46/0x50 [ 343.831334] ? sel_write_load+0x1a0/0x1050 [ 343.831342] sel_write_load+0x1a0/0x1050 [ 343.831350] ? save_trace+0x290/0x290 [ 343.831364] ? sel_read_bool+0x240/0x240 04:53:18 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) 04:53:18 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, &(0x7f0000000140)={0x0, @aes256}) [ 343.831374] ? trace_hardirqs_on+0x10/0x10 [ 343.831385] ? save_trace+0x290/0x290 [ 343.831404] __vfs_write+0x105/0x6b0 [ 343.831414] ? __lock_is_held+0xb6/0x140 [ 343.831425] ? sel_read_bool+0x240/0x240 [ 343.831434] ? kernel_read+0x120/0x120 [ 343.831442] ? __lock_is_held+0xb6/0x140 [ 343.831452] ? check_preemption_disabled+0x3c/0x250 [ 343.831466] ? rcu_lockdep_current_cpu_online+0xf2/0x140 [ 343.831476] ? rcu_read_lock_sched_held+0x110/0x130 [ 343.831486] ? rcu_sync_lockdep_assert+0x6d/0xb0 [ 343.831494] ? __sb_start_write+0x153/0x2f0 [ 343.831504] vfs_write+0x198/0x500 [ 343.831515] SyS_write+0xfd/0x230 [ 343.831526] ? SyS_read+0x230/0x230 [ 343.831535] ? do_syscall_64+0x53/0x640 [ 343.831545] ? SyS_read+0x230/0x230 [ 343.831555] do_syscall_64+0x1e8/0x640 [ 343.831563] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 343.831576] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 343.831583] RIP: 0033:0x4597c9 [ 343.831589] RSP: 002b:00007fbe448e1c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 04:53:18 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) 04:53:18 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) 04:53:18 executing program 4: syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x28001) write$evdev(0xffffffffffffffff, &(0x7f0000000280)=[{}], 0x12) 04:53:18 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) [ 343.831598] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000004597c9 [ 343.831603] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000004 [ 343.831608] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 343.831613] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fbe448e26d4 [ 343.831619] R13: 00000000004c97d2 R14: 00000000004e0bc8 R15: 00000000ffffffff [ 343.894490] syz-executor.5: [ 344.035872] vmalloc: allocation failure: 0 bytes, mode:0x14000c0(GFP_KERNEL), nodemask=(null) [ 344.097320] XFS (loop2): no-recovery mounts must be read-only. [ 344.127579] syz-executor.5 cpuset=syz5 mems_allowed=0-1 [ 344.149949] EXT4-fs (sda1): Cannot specify journal on remount [ 344.176884] CPU: 0 PID: 21653 Comm: syz-executor.5 Not tainted 4.14.131 #25 [ 344.184326] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 344.193714] Call Trace: [ 344.196321] dump_stack+0x138/0x19c [ 344.200082] warn_alloc.cold+0x96/0x1af [ 344.204071] ? zone_watermark_ok_safe+0x2b0/0x2b0 [ 344.209019] ? lock_downgrade+0x6e0/0x6e0 [ 344.213271] ? avc_has_perm+0x2df/0x4b0 [ 344.217429] __vmalloc_node_range+0x3be/0x6a0 [ 344.221941] ? trace_hardirqs_on+0x10/0x10 [ 344.226307] vmalloc+0x46/0x50 [ 344.229512] ? sel_write_load+0x1a0/0x1050 [ 344.233846] sel_write_load+0x1a0/0x1050 [ 344.238456] ? save_trace+0x290/0x290 [ 344.242420] ? sel_read_bool+0x240/0x240 [ 344.246510] ? trace_hardirqs_on+0x10/0x10 [ 344.250772] ? save_trace+0x290/0x290 [ 344.257178] __vfs_write+0x105/0x6b0 [ 344.260908] ? __lock_is_held+0xb6/0x140 [ 344.264988] ? sel_read_bool+0x240/0x240 [ 344.269153] ? kernel_read+0x120/0x120 [ 344.273055] ? __lock_is_held+0xb6/0x140 [ 344.277215] ? check_preemption_disabled+0x3c/0x250 [ 344.282253] ? rcu_lockdep_current_cpu_online+0xf2/0x140 [ 344.287717] ? rcu_read_lock_sched_held+0x110/0x130 [ 344.293018] ? rcu_sync_lockdep_assert+0x6d/0xb0 [ 344.298959] ? __sb_start_write+0x153/0x2f0 [ 344.303493] vfs_write+0x198/0x500 [ 344.307031] SyS_write+0xfd/0x230 [ 344.310590] ? SyS_read+0x230/0x230 [ 344.314474] ? do_syscall_64+0x53/0x640 [ 344.318442] ? SyS_read+0x230/0x230 [ 344.322116] do_syscall_64+0x1e8/0x640 [ 344.326129] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 344.331431] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 344.336614] RIP: 0033:0x4597c9 [ 344.339793] RSP: 002b:00007fbe448e1c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 344.347808] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000004597c9 [ 344.357941] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000004 [ 344.366571] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 344.374134] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fbe448e26d4 [ 344.386953] R13: 00000000004c97d2 R14: 00000000004e0bc8 R15: 00000000ffffffff [ 344.404770] warn_alloc_show_mem: 1 callbacks suppressed [ 344.404774] Mem-Info: [ 344.416233] active_anon:121378 inactive_anon:1223 isolated_anon:0 [ 344.416233] active_file:8258 inactive_file:13117 isolated_file:0 [ 344.416233] unevictable:0 dirty:365 writeback:0 unstable:0 [ 344.416233] slab_reclaimable:12122 slab_unreclaimable:109103 [ 344.416233] mapped:59052 shmem:2595 pagetables:1183 bounce:0 [ 344.416233] free:1270996 free_pcp:285 free_cma:0 [ 344.454948] Node 0 active_anon:483384kB inactive_anon:4892kB active_file:32892kB inactive_file:52480kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:236092kB dirty:1468kB writeback:0kB shmem:10380kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 434176kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 344.484942] Node 1 active_anon:0kB inactive_anon:0kB active_file:140kB inactive_file:0kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:4kB writeback:0kB shmem:0kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 344.484949] Node 0 DMA free:15908kB min:216kB low:268kB high:320kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 344.484969] lowmem_reserve[]: 0 2580 2580 2580 [ 344.484987] Node 0 DMA32 free:1283840kB min:36468kB low:45584kB high:54700kB active_anon:483384kB inactive_anon:4892kB active_file:32892kB inactive_file:52480kB unevictable:0kB writepending:1468kB present:3129332kB managed:2644912kB mlocked:0kB kernel_stack:7392kB pagetables:4512kB bounce:0kB free_pcp:1344kB local_pcp:632kB free_cma:0kB [ 344.485009] lowmem_reserve[]: 0 0 0 0 [ 344.485026] Node 0 Normal free:0kB min:0kB low:0kB high:0kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:0kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 344.485045] lowmem_reserve[]: 0 0 0 0 [ 344.485063] Node 1 Normal free:3786832kB min:53420kB low:66772kB high:80124kB active_anon:0kB inactive_anon:0kB active_file:140kB inactive_file:0kB unevictable:0kB writepending:4kB present:3932160kB managed:3870208kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 344.485082] lowmem_reserve[]: 0 0 0 0 [ 344.485099] Node 0 DMA: 1*4kB (U) 0*8kB 0*16kB 1*32kB (U) 2*64kB (U) 1*128kB (U) 1*256kB (U) 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15908kB 04:53:19 executing program 0: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', 0x0, 0x2001001, 0x0) r0 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x408000) getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, &(0x7f0000000180)={{{@in6=@remote, @in6=@empty, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@dev}, 0x0, @in6}}, &(0x7f0000000280)=0xe8) fstat(0xffffffffffffff9c, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) fchownat(r0, &(0x7f0000000140)='./file0\x00', r1, r2, 0x100) setsockopt$inet_sctp6_SCTP_DISABLE_FRAGMENTS(r0, 0x84, 0x8, &(0x7f0000000340), 0x4) syz_mount_image$ext4(0x0, &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x100020, &(0x7f0000000040)={[{@journal_dev={'journal_dev'}}]}) 04:53:19 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, &(0x7f0000000140)={0x0, @aes256}) 04:53:19 executing program 2: syz_mount_image$xfs(&(0x7f0000000040)='xfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x1000, &(0x7f0000002680)=ANY=[@ANYBLOB='norecovery,biosize=00000000000000000007,logdev=.']) r0 = syz_open_dev$radio(&(0x7f0000000000)='/dev/radio#\x00', 0x2, 0x2) ioctl$KVM_SIGNAL_MSI(r0, 0x4020aea5, &(0x7f00000000c0)={0x5, 0x3000, 0x9, 0xfffffffffffff801, 0xfffffffffffffffa}) ioctl$EXT4_IOC_ALLOC_DA_BLKS(r0, 0x660c) 04:53:19 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) 04:53:19 executing program 4: syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x28001) write$evdev(0xffffffffffffffff, &(0x7f0000000280)=[{}], 0x12) 04:53:19 executing program 5: socket$inet_udplite(0x2, 0x2, 0x88) ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") r0 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000140)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r0, &(0x7f0000000000)=ANY=[], 0x0) [ 344.485174] Node 0 DMA32: 10254*4kB (UME) 2784*8kB (UME) 2699*16kB (UME) 1893*32kB (UME) 827*64kB (UM) 89*128kB (UM) 9*256kB (UME) 4*512kB (ME) 2*1024kB (UE) 3*2048kB (UME) 254*4096kB (M) = 1284296kB [ 344.485260] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB [ 344.538688] = 0kB [ 344.538695] Node 1 Normal: 48*4kB (UE) 360*8kB (UME) 279*16kB (UME) 53*32kB (UME) 17*64kB (UME) 12*128kB (UE) 4*256kB (UM) 3*512kB (UE) 2*1024kB (ME) 5*2048kB (UME) 918*4096kB (M) = 3786832kB [ 344.538785] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 344.538791] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 344.538798] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 344.538803] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 344.538808] 23972 total pagecache pages [ 344.538819] 0 pages in swap cache 04:53:19 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, &(0x7f0000000140)={0x0, @aes256}) 04:53:19 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) 04:53:19 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, &(0x7f0000000140)={0x0, @aes256}) [ 344.538825] Swap cache stats: add 0, delete 0, find 0/0 [ 344.538828] Free swap = 0kB [ 344.538831] Total swap = 0kB [ 344.538836] 1965979 pages RAM [ 344.538839] 0 pages HighMem/MovableOnly [ 344.538843] 333222 pages reserved [ 344.538846] 0 pages cma reserved [ 344.734643] syz-executor.5: [ 344.766412] vmalloc: allocation failure: 0 bytes, mode:0x14000c0(GFP_KERNEL), nodemask=(null) 04:53:19 executing program 4: syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x28001) write$evdev(0xffffffffffffffff, &(0x7f0000000280)=[{}], 0x12) [ 344.849366] syz-executor.5 cpuset=syz5 mems_allowed=0-1 [ 344.900774] CPU: 0 PID: 21701 Comm: syz-executor.5 Not tainted 4.14.131 #25 [ 344.907930] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 344.917500] Call Trace: [ 344.920132] dump_stack+0x138/0x19c [ 344.924371] warn_alloc.cold+0x96/0x1af [ 344.928461] ? zone_watermark_ok_safe+0x2b0/0x2b0 [ 344.933844] ? lock_downgrade+0x6e0/0x6e0 [ 344.938120] ? avc_has_perm+0x2df/0x4b0 [ 344.942553] __vmalloc_node_range+0x3be/0x6a0 [ 344.947086] ? trace_hardirqs_on+0x10/0x10 [ 344.951346] vmalloc+0x46/0x50 [ 344.954834] ? sel_write_load+0x1a0/0x1050 [ 344.959072] sel_write_load+0x1a0/0x1050 [ 344.959085] ? save_trace+0x290/0x290 [ 344.959103] ? sel_read_bool+0x240/0x240 [ 344.959113] ? trace_hardirqs_on+0x10/0x10 [ 344.959124] ? save_trace+0x290/0x290 [ 344.959138] __vfs_write+0x105/0x6b0 [ 344.971035] EXT4-fs (sda1): Cannot specify journal on remount [ 344.972252] ? __lock_is_held+0xb6/0x140 [ 344.972268] ? sel_read_bool+0x240/0x240 [ 344.972282] ? kernel_read+0x120/0x120 [ 344.972302] ? __lock_is_held+0xb6/0x140 [ 344.999442] ? check_preemption_disabled+0x3c/0x250 [ 344.999460] ? rcu_lockdep_current_cpu_online+0xf2/0x140 [ 345.007592] ? rcu_read_lock_sched_held+0x110/0x130 [ 345.007605] ? rcu_sync_lockdep_assert+0x6d/0xb0 [ 345.007616] ? __sb_start_write+0x153/0x2f0 [ 345.007629] vfs_write+0x198/0x500 [ 345.007641] SyS_write+0xfd/0x230 [ 345.041929] ? SyS_read+0x230/0x230 [ 345.045580] ? do_syscall_64+0x53/0x640 04:53:19 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) 04:53:19 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) [ 345.049862] ? SyS_read+0x230/0x230 [ 345.053553] do_syscall_64+0x1e8/0x640 [ 345.057472] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 345.063633] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 345.068926] RIP: 0033:0x4597c9 [ 345.072210] RSP: 002b:00007fbe448e1c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 345.080189] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000004597c9 [ 345.087701] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000004 [ 345.095624] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 345.095630] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fbe448e26d4 [ 345.095634] R13: 00000000004c97d2 R14: 00000000004e0bc8 R15: 00000000ffffffff 04:53:20 executing program 0: r0 = syz_open_dev$dspn(&(0x7f0000000100)='/dev/dsp#\x00', 0x4, 0x0) getsockopt$inet_mreqn(0xffffffffffffff9c, 0x0, 0x27, &(0x7f0000000680)={@remote, @broadcast, 0x0}, &(0x7f00000006c0)=0xc) sendto(r0, &(0x7f0000000140)="74fa2174f4e805dc7e29dfe228a413ed30f3e2d5b595cc152b510bb2d8c991ff6a4458ecb7ca6ddb304378df98bf80301fa4674dec1e0001061f5e81b46bd1c13fd3150203c77393627ae7b30afcca2564ad7bcd82558d9dd36fed04798aef387b3258e0a4a72fa4d6e62dfeb12b53c3b8d2a11b07097edad7441d80374e92d0df817cb6e4efc5", 0x87, 0x40000, &(0x7f0000000700)=@ll={0x11, 0x1c, r1, 0x1, 0x100}, 0x80) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', 0x0, 0x2001001, 0x0) syz_mount_image$ext4(0x0, &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x100020, &(0x7f0000000040)={[{@journal_dev={'journal_dev'}}]}) 04:53:20 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) 04:53:20 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, &(0x7f0000000140)={0x0, @aes256}) 04:53:20 executing program 5: socket$inet_udplite(0x2, 0x2, 0x88) ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") r0 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000140)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r0, &(0x7f0000000000)=ANY=[], 0x0) 04:53:20 executing program 2: syz_mount_image$xfs(&(0x7f0000000040)='xfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x380, 0x0, 0x0, &(0x7f0000002680)=ANY=[@ANYBLOB='norecovery,biosize=00000000000000000007,logdev=.']) 04:53:20 executing program 4: syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x28001) write$evdev(0xffffffffffffffff, &(0x7f0000000280)=[{}], 0x12) 04:53:20 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) 04:53:20 executing program 2: syz_mount_image$xfs(&(0x7f0000000040)='xfs\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000002680)=ANY=[@ANYBLOB='norecovery,biosize=00000000000000000007,logdev=.']) utime(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)={0x6, 0xfffffffffffffffc}) [ 345.238750] syz-executor.5: vmalloc: allocation failure: 0 bytes, mode:0x14000c0(GFP_KERNEL), nodemask=(null) [ 345.255820] syz-executor.5 cpuset=syz5 mems_allowed=0-1 [ 345.269477] CPU: 1 PID: 21745 Comm: syz-executor.5 Not tainted 4.14.131 #25 [ 345.277269] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 04:53:20 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) 04:53:20 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) [ 345.288318] Call Trace: [ 345.291080] dump_stack+0x138/0x19c [ 345.295761] warn_alloc.cold+0x96/0x1af [ 345.300216] ? zone_watermark_ok_safe+0x2b0/0x2b0 [ 345.305540] ? lock_downgrade+0x6e0/0x6e0 [ 345.309735] ? avc_has_perm+0x2df/0x4b0 [ 345.313746] __vmalloc_node_range+0x3be/0x6a0 [ 345.319492] ? trace_hardirqs_on+0x10/0x10 [ 345.324266] vmalloc+0x46/0x50 [ 345.327589] ? sel_write_load+0x1a0/0x1050 [ 345.331847] sel_write_load+0x1a0/0x1050 04:53:20 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) 04:53:20 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) [ 345.336126] ? save_trace+0x290/0x290 [ 345.340075] ? sel_read_bool+0x240/0x240 [ 345.344243] ? trace_hardirqs_on+0x10/0x10 [ 345.349401] ? save_trace+0x290/0x290 [ 345.353666] __vfs_write+0x105/0x6b0 [ 345.357483] ? __lock_is_held+0xb6/0x140 [ 345.362172] ? sel_read_bool+0x240/0x240 [ 345.366336] ? kernel_read+0x120/0x120 [ 345.370242] ? __lock_is_held+0xb6/0x140 [ 345.374322] ? check_preemption_disabled+0x3c/0x250 [ 345.379647] ? rcu_lockdep_current_cpu_online+0xf2/0x140 [ 345.385219] ? rcu_read_lock_sched_held+0x110/0x130 [ 345.390435] ? rcu_sync_lockdep_assert+0x6d/0xb0 [ 345.396749] ? __sb_start_write+0x153/0x2f0 [ 345.402239] vfs_write+0x198/0x500 [ 345.407795] SyS_write+0xfd/0x230 [ 345.407806] ? SyS_read+0x230/0x230 [ 345.407816] ? do_syscall_64+0x53/0x640 [ 345.407827] ? SyS_read+0x230/0x230 [ 345.407838] do_syscall_64+0x1e8/0x640 [ 345.407851] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 345.414909] XFS (loop2): no-recovery mounts must be read-only. [ 345.415715] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 345.415725] RIP: 0033:0x4597c9 [ 345.415730] RSP: 002b:00007fbe448e1c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 345.415740] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000004597c9 [ 345.415750] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000004 [ 345.439172] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 345.439179] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fbe448e26d4 [ 345.439184] R13: 00000000004c97d2 R14: 00000000004e0bc8 R15: 00000000ffffffff [ 345.456191] warn_alloc_show_mem: 1 callbacks suppressed [ 345.456195] Mem-Info: [ 345.464194] active_anon:121391 inactive_anon:1222 isolated_anon:0 [ 345.464194] active_file:8258 inactive_file:13129 isolated_file:0 [ 345.464194] unevictable:0 dirty:377 writeback:0 unstable:0 [ 345.464194] slab_reclaimable:12138 slab_unreclaimable:108925 [ 345.464194] mapped:59073 shmem:2594 pagetables:1162 bounce:0 [ 345.464194] free:1271276 free_pcp:164 free_cma:0 [ 345.494476] Node 0 active_anon:485564kB inactive_anon:4888kB active_file:32892kB inactive_file:52516kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:236292kB dirty:1504kB writeback:0kB shmem:10376kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 436224kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 345.539447] Node 1 active_anon:0kB inactive_anon:0kB active_file:140kB inactive_file:0kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:4kB writeback:0kB shmem:0kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 345.598427] Node 0 DMA free:15908kB min:216kB low:268kB high:320kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 345.628992] lowmem_reserve[]: 0 2580 2580 2580 [ 345.634183] Node 0 DMA32 free:1283528kB min:36468kB low:45584kB high:54700kB active_anon:485632kB inactive_anon:4888kB active_file:32892kB inactive_file:52516kB unevictable:0kB writepending:1504kB present:3129332kB managed:2644912kB mlocked:0kB kernel_stack:7584kB pagetables:4648kB bounce:0kB free_pcp:1148kB local_pcp:432kB free_cma:0kB [ 345.683943] lowmem_reserve[]: 0 0 0 0 [ 345.688638] Node 0 Normal free:0kB min:0kB low:0kB high:0kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:0kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 345.716100] lowmem_reserve[]: 0 0 0 0 [ 345.717701] EXT4-fs (sda1): Cannot specify journal on remount [ 345.725147] Node 1 Normal free:3786832kB min:53420kB low:66772kB high:80124kB active_anon:0kB inactive_anon:0kB active_file:140kB inactive_file:0kB unevictable:0kB writepending:4kB present:3932160kB managed:3870208kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 345.758980] lowmem_reserve[]: 0 0 0 0 [ 345.763392] Node 0 DMA: 1*4kB (U) 0*8kB 0*16kB 1*32kB (U) 2*64kB (U) 1*128kB (U) 1*256kB (U) 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15908kB [ 345.787605] Node 0 DMA32: 10376*4kB (UME) 2786*8kB (UME) 2792*16kB (UME) 1872*32kB (UME) 827*64kB (UM) 89*128kB (UM) 9*256kB (UME) 4*512kB (ME) 2*1024kB (UE) 2*2048kB (UE) 254*4096kB (M) = 1283568kB [ 345.808073] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 345.822321] Node 1 Normal: 48*4kB (UE) 360*8kB (UME) 279*16kB (UME) 53*32kB (UME) 17*64kB (UME) 12*128kB (UE) 4*256kB (UM) 3*512kB (UE) 2*1024kB (ME) 5*2048kB (UME) 918*4096kB (M) = 3786832kB [ 345.843501] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 345.853769] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 345.862807] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 345.873142] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 345.882587] 23989 total pagecache pages 04:53:20 executing program 0: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) r0 = syz_open_dev$vcsn(&(0x7f0000000340)='/dev/vcs#\x00', 0x8, 0x4000) r1 = syz_genetlink_get_family_id$SEG6(&(0x7f0000000180)='SEG6\x00') ioctl$VT_ACTIVATE(r0, 0x5606, 0xfffffffffffffffc) sendmsg$SEG6_CMD_GET_TUNSRC(r0, &(0x7f0000000280)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x70, r1, 0x302ff01edd398d0a, 0x70bd28, 0x25dfdbfb, {}, [@SEG6_ATTR_SECRET={0x10, 0x4, [0x0, 0x9, 0xfff]}, @SEG6_ATTR_DSTLEN={0x8, 0x2, 0x1680000000000}, @SEG6_ATTR_SECRET={0x8, 0x4, [0x80]}, @SEG6_ATTR_SECRET={0x18, 0x4, [0x7fffffff, 0x6461, 0xfff, 0x100000000, 0x4]}, @SEG6_ATTR_SECRET={0xc, 0x4, [0xffffffff, 0x60]}, @SEG6_ATTR_DSTLEN={0x8, 0x2, 0x1}, @SEG6_ATTR_ALGID={0x8, 0x6, 0x80}, @SEG6_ATTR_HMACKEYID={0x8, 0x3, 0xc3c3}]}, 0x70}, 0x1, 0x0, 0x0, 0x804}, 0x404c800) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', 0x0, 0x2001001, 0x0) syz_mount_image$ext4(0x0, &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x100020, &(0x7f0000000040)={[{@journal_dev={'journal_dev'}}]}) 04:53:20 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) 04:53:20 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, &(0x7f0000000140)={0x0, @aes256}) 04:53:20 executing program 5: socket$inet_udplite(0x2, 0x2, 0x88) ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") r0 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000140)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r0, &(0x7f0000000000)=ANY=[], 0x0) 04:53:20 executing program 4: syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x28001) write$evdev(0xffffffffffffffff, &(0x7f0000000280)=[{}], 0x12) 04:53:20 executing program 2: syz_mount_image$xfs(&(0x7f0000000040)='xfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000002680)=ANY=[@ANYBLOB='norecovery,biosize=00000000000000000007,logdev=.']) 04:53:20 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) [ 345.887835] 0 pages in swap cache [ 345.892249] Swap cache stats: add 0, delete 0, find 0/0 [ 345.897710] Free swap = 0kB [ 345.905918] Total swap = 0kB [ 345.909053] 1965979 pages RAM [ 345.916852] 0 pages HighMem/MovableOnly [ 345.921180] 333222 pages reserved [ 345.924966] 0 pages cma reserved 04:53:20 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, &(0x7f0000000140)={0x0, @aes256}) [ 346.036325] syz-executor.5: vmalloc: allocation failure: 0 bytes, mode:0x14000c0(GFP_KERNEL), nodemask=(null) [ 346.038608] XFS (loop2): no-recovery mounts must be read-only. [ 346.066831] EXT4-fs (sda1): Cannot specify journal on remount 04:53:21 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) 04:53:21 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, &(0x7f0000000140)={0x0, @aes256}) [ 346.083217] syz-executor.5 cpuset=syz5 mems_allowed=0-1 [ 346.089371] CPU: 1 PID: 21795 Comm: syz-executor.5 Not tainted 4.14.131 #25 [ 346.096786] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 346.106564] Call Trace: [ 346.109406] dump_stack+0x138/0x19c [ 346.113209] warn_alloc.cold+0x96/0x1af [ 346.117218] ? zone_watermark_ok_safe+0x2b0/0x2b0 [ 346.122202] ? lock_downgrade+0x6e0/0x6e0 [ 346.126380] ? avc_has_perm+0x2df/0x4b0 [ 346.126397] __vmalloc_node_range+0x3be/0x6a0 04:53:21 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) [ 346.135081] ? trace_hardirqs_on+0x10/0x10 [ 346.135098] vmalloc+0x46/0x50 [ 346.135109] ? sel_write_load+0x1a0/0x1050 [ 346.135117] sel_write_load+0x1a0/0x1050 [ 346.135127] ? save_trace+0x290/0x290 [ 346.155863] ? sel_read_bool+0x240/0x240 [ 346.159942] ? trace_hardirqs_on+0x10/0x10 [ 346.164632] ? save_trace+0x290/0x290 [ 346.168487] __vfs_write+0x105/0x6b0 [ 346.172218] ? __lock_is_held+0xb6/0x140 [ 346.176309] ? sel_read_bool+0x240/0x240 [ 346.180549] ? kernel_read+0x120/0x120 04:53:21 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, &(0x7f0000000140)={0x0, @aes256}) [ 346.180561] ? __lock_is_held+0xb6/0x140 [ 346.180571] ? check_preemption_disabled+0x3c/0x250 [ 346.180584] ? rcu_lockdep_current_cpu_online+0xf2/0x140 [ 346.180595] ? rcu_read_lock_sched_held+0x110/0x130 [ 346.205141] ? rcu_sync_lockdep_assert+0x6d/0xb0 [ 346.209922] ? __sb_start_write+0x153/0x2f0 [ 346.214750] vfs_write+0x198/0x500 [ 346.218399] SyS_write+0xfd/0x230 [ 346.222312] ? SyS_read+0x230/0x230 [ 346.227824] ? do_syscall_64+0x53/0x640 [ 346.227838] ? SyS_read+0x230/0x230 [ 346.227850] do_syscall_64+0x1e8/0x640 [ 346.227858] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 346.227872] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 346.236398] RIP: 0033:0x4597c9 [ 346.236404] RSP: 002b:00007fbe448e1c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 346.236415] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000004597c9 [ 346.236421] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000004 [ 346.236427] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 346.236434] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fbe448e26d4 [ 346.236440] R13: 00000000004c97d2 R14: 00000000004e0bc8 R15: 00000000ffffffff [ 346.348971] XFS (loop2): no-recovery mounts must be read-only. [ 346.371627] EXT4-fs (sda1): Cannot specify journal on remount 04:53:21 executing program 0: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', 0x0, 0x10000, 0x0) syz_mount_image$ext4(0x0, &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x100020, &(0x7f0000000040)={[{@journal_dev={'journal_dev'}}]}) 04:53:21 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) 04:53:21 executing program 5: socket$inet_udplite(0x2, 0x2, 0x88) ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") r0 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000140)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r0, &(0x7f0000000000)=ANY=[], 0x0) 04:53:21 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, &(0x7f0000000140)={0x0, @aes256}) 04:53:21 executing program 4: syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x28001) write$evdev(0xffffffffffffffff, &(0x7f0000000280)=[{}], 0x12) 04:53:21 executing program 2: syz_mount_image$xfs(&(0x7f0000000040)='xfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000002680)=ANY=[@ANYBLOB='norecovery,biosize=00000000000000000007,logdev=.']) socket(0x2, 0x806, 0xe32) [ 346.517056] syz-executor.5: vmalloc: allocation failure: 0 bytes, mode:0x14000c0(GFP_KERNEL), nodemask=(null) [ 346.556711] XFS (loop2): no-recovery mounts must be read-only. 04:53:21 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, &(0x7f0000000140)={0x0, @aes256}) 04:53:21 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) [ 346.565411] syz-executor.5 cpuset=syz5 mems_allowed=0-1 [ 346.585097] CPU: 1 PID: 21832 Comm: syz-executor.5 Not tainted 4.14.131 #25 [ 346.592419] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 346.602915] Call Trace: [ 346.605676] dump_stack+0x138/0x19c [ 346.609462] warn_alloc.cold+0x96/0x1af [ 346.614551] ? zone_watermark_ok_safe+0x2b0/0x2b0 [ 346.619672] ? lock_downgrade+0x6e0/0x6e0 [ 346.624957] ? avc_has_perm+0x2df/0x4b0 [ 346.629079] __vmalloc_node_range+0x3be/0x6a0 [ 346.633859] ? trace_hardirqs_on+0x10/0x10 [ 346.638308] vmalloc+0x46/0x50 [ 346.641752] ? sel_write_load+0x1a0/0x1050 [ 346.646049] sel_write_load+0x1a0/0x1050 [ 346.650109] ? save_trace+0x290/0x290 [ 346.654372] ? sel_read_bool+0x240/0x240 [ 346.658442] ? trace_hardirqs_on+0x10/0x10 [ 346.664285] ? save_trace+0x290/0x290 [ 346.669509] __vfs_write+0x105/0x6b0 [ 346.687797] ? __lock_is_held+0xb6/0x140 [ 346.692449] ? sel_read_bool+0x240/0x240 [ 346.697503] ? kernel_read+0x120/0x120 [ 346.702136] ? __lock_is_held+0xb6/0x140 [ 346.706297] ? check_preemption_disabled+0x3c/0x250 [ 346.711405] ? rcu_lockdep_current_cpu_online+0xf2/0x140 [ 346.717137] ? rcu_read_lock_sched_held+0x110/0x130 [ 346.722442] ? rcu_sync_lockdep_assert+0x6d/0xb0 [ 346.727340] ? __sb_start_write+0x153/0x2f0 [ 346.731674] vfs_write+0x198/0x500 [ 346.735522] SyS_write+0xfd/0x230 [ 346.739358] ? SyS_read+0x230/0x230 [ 346.742992] ? do_syscall_64+0x53/0x640 [ 346.747289] ? SyS_read+0x230/0x230 [ 346.751046] do_syscall_64+0x1e8/0x640 [ 346.755078] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 346.760038] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 346.765287] RIP: 0033:0x4597c9 [ 346.768471] RSP: 002b:00007fbe448e1c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 346.777267] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000004597c9 [ 346.784803] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000004 [ 346.793092] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 346.802883] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fbe448e26d4 [ 346.810737] R13: 00000000004c97d2 R14: 00000000004e0bc8 R15: 00000000ffffffff [ 346.819737] warn_alloc_show_mem: 1 callbacks suppressed [ 346.819742] Mem-Info: [ 346.828365] active_anon:121932 inactive_anon:1222 isolated_anon:0 [ 346.828365] active_file:8258 inactive_file:13146 isolated_file:0 [ 346.828365] unevictable:0 dirty:394 writeback:0 unstable:0 [ 346.828365] slab_reclaimable:12145 slab_unreclaimable:108928 [ 346.828365] mapped:59069 shmem:2594 pagetables:1191 bounce:0 [ 346.828365] free:1270909 free_pcp:218 free_cma:0 [ 346.863051] Node 0 active_anon:485608kB inactive_anon:4888kB active_file:32892kB inactive_file:52584kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:236276kB dirty:1572kB writeback:0kB shmem:10376kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 438272kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no 04:53:21 executing program 4: syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x28001) write$evdev(0xffffffffffffffff, &(0x7f0000000280)=[{}], 0x12) 04:53:21 executing program 2: syz_mount_image$xfs(&(0x7f0000000040)='xfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x100, 0x0, 0x0, &(0x7f0000002680)=ANY=[@ANYPTR=&(0x7f0000000280)=ANY=[@ANYBLOB="8c899eaa033deb2c1fc0ca4042c5dc1d253c0a493bf2f67ac6c46a6882f2414896d5a181e2709be12b89936c443ec82430b1f0c2fc1eae5b118fdcda54c2d0e60d54da060a9d3e9840fb3968b5c8b155c4a35fcc844ad8cf990089b01e4ccd2638c3681c86bf3752e868e03d947ae93af1d8cfb742f7e397c946bca5516198902914da181bb4b5b9c2375a027828fa654d63e99a19a2fa2f54422a7b418b4f47b257316676fc793999de46feb96524436a13efcd8831c4f040f961fa45dd2b12d61fc6fa4d899f423cd1fab112c6a15e086d3dd8210c1a6b288b69c4b8fa012797932afebc760d0184d4e568b200cfffc2b126158d02b5e43598328462fff21c2be0269810bb4a4b0a5700000000000000000093a256c76f5e308b"]]) r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/sys/net/ipv4/vs/lblc_expiration\x00', 0x2, 0x0) ioctl$TCGETA(r0, 0x5405, &(0x7f0000000200)) r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/hwrng\x00', 0x2, 0x0) ioctl$PIO_CMAP(r1, 0x4b71, &(0x7f0000000100)={0x142f11f4, 0x1, 0x2, 0x8, 0x2, 0x9}) r2 = semget$private(0x0, 0x4, 0x560) semctl$SETALL(r2, 0x0, 0x11, &(0x7f0000000000)=[0x3, 0x8]) getsockopt$netrom_NETROM_N2(r1, 0x103, 0x3, &(0x7f0000000140)=0x7, &(0x7f0000000180)=0x4) 04:53:21 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) [ 346.863068] Node 1 active_anon:0kB inactive_anon:0kB active_file:140kB inactive_file:0kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:4kB writeback:0kB shmem:0kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 346.863075] Node 0 [ 346.931553] DMA free:15908kB min:216kB low:268kB high:320kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB 04:53:21 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, &(0x7f0000000140)={0x0, @aes256}) [ 347.070497] lowmem_reserve[]: 0 2580 2580 2580 04:53:22 executing program 0: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) syz_open_dev$cec(&(0x7f0000000100)='/dev/cec#\x00', 0x0, 0x2) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', 0x0, 0x2001001, 0x0) syz_mount_image$ext4(0x0, &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x100020, &(0x7f0000000040)={[{@journal_dev={'journal_dev'}}]}) 04:53:22 executing program 2: r0 = socket$inet_dccp(0x2, 0x6, 0x0) connect(r0, &(0x7f00000000c0)=@un=@file={0x0, './file0\x00'}, 0x80) syz_mount_image$xfs(&(0x7f0000000040)='xfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000002680)=ANY=[@ANYBLOB='norecovery,biosize=00000000000000000007,logdev=.']) [ 347.110744] Node 0 DMA32 free:1282748kB min:36468kB low:45584kB high:54700kB active_anon:485520kB inactive_anon:4872kB active_file:32892kB inactive_file:52612kB unevictable:0kB writepending:1600kB present:3129332kB managed:2644912kB mlocked:0kB kernel_stack:7488kB pagetables:4616kB bounce:0kB free_pcp:1332kB local_pcp:604kB free_cma:0kB [ 347.191334] EXT4-fs (sda1): Cannot specify journal on remount [ 347.197300] lowmem_reserve[]: 0 0 0 0 [ 347.211643] Node 0 Normal free:0kB min:0kB low:0kB high:0kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:0kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 347.242912] lowmem_reserve[]: 0 0 0 0 [ 347.247007] Node 1 Normal free:3786832kB min:53420kB low:66772kB high:80124kB active_anon:0kB inactive_anon:0kB active_file:140kB inactive_file:0kB unevictable:0kB writepending:4kB present:3932160kB managed:3870208kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 347.253089] XFS (loop2): no-recovery mounts must be read-only. [ 347.286954] lowmem_reserve[]: 0 0 0 0 [ 347.291134] Node 0 DMA: 1*4kB (U) 0*8kB 0*16kB 1*32kB (U) 2*64kB (U) 1*128kB (U) 1*256kB (U) 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15908kB [ 347.306309] Node 0 DMA32: 10314*4kB (UME) 2806*8kB (UME) 2718*16kB (UME) 1882*32kB (UME) 827*64kB (UM) 89*128kB (UM) 9*256kB (UME) 4*512kB (ME) 2*1024kB (UE) 4*2048kB (UME) 253*4096kB (M) = 1282616kB [ 347.325271] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 347.357904] XFS (loop2): no-recovery mounts must be read-only. [ 347.358874] Node 1 Normal: 48*4kB (UE) 360*8kB (UME) 279*16kB (UME) 53*32kB (UME) 17*64kB (UME) 12*128kB (UE) 4*256kB (UM) 3*512kB (UE) 2*1024kB (ME) 5*2048kB (UME) 918*4096kB (M) = 3786832kB [ 347.383897] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 347.393230] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB 04:53:22 executing program 5: socket$inet_udplite(0x2, 0x2, 0x88) ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") r0 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000140)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r0, &(0x7f0000000000)=ANY=[], 0x0) 04:53:22 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) 04:53:22 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, &(0x7f0000000140)={0x0, @aes256}) 04:53:22 executing program 4: syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x28001) write$evdev(0xffffffffffffffff, &(0x7f0000000280)=[{}], 0x12) 04:53:22 executing program 0: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) r0 = openat$null(0xffffffffffffff9c, &(0x7f0000000040)='/dev/null\x00', 0x4000, 0x0) ioctl$RTC_PLL_GET(r0, 0x80207011, &(0x7f0000000080)) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000100)={0x0, r0, 0x1, 0x2}, 0x14) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', 0x0, 0x2001001, 0x0) ioctl$FS_IOC_GETFSMAP(r0, 0xc0c0583b, &(0x7f0000000140)={0x0, 0x0, 0x5, 0x0, [], [{0x7, 0x81, 0x1, 0x4, 0x3ff}, {0x526, 0x400000000000000, 0x3ff, 0x9, 0x9, 0x3}], [[], [], [], [], []]}) 04:53:22 executing program 2: [ 347.402543] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 347.412035] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 347.420691] 24007 total pagecache pages [ 347.424673] 0 pages in swap cache [ 347.428125] Swap cache stats: add 0, delete 0, find 0/0 [ 347.433560] Free swap = 0kB [ 347.436577] Total swap = 0kB [ 347.436584] 1965979 pages RAM [ 347.436587] 0 pages HighMem/MovableOnly [ 347.436591] 333222 pages reserved [ 347.436595] 0 pages cma reserved 04:53:22 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, &(0x7f0000000140)={0x0, @aes256}) 04:53:22 executing program 2: openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x2000, 0x8) syz_mount_image$xfs(&(0x7f0000000040)='xfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000002680)=ANY=[@ANYBLOB='norecovery,biosize=00000000000000000007,logdev=.']) 04:53:22 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) [ 347.500738] syz-executor.5: vmalloc: allocation failure: 0 bytes, mode:0x14000c0(GFP_KERNEL), nodemask=(null) 04:53:22 executing program 4: syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x28001) write$evdev(0xffffffffffffffff, &(0x7f0000000280)=[{}], 0x12) 04:53:22 executing program 0: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/sequencer\x00', 0x0, 0x0) ioctl$TIOCSPTLCK(r0, 0x40045431, &(0x7f0000000140)) ioctl$FITRIM(r0, 0xc0185879, &(0x7f0000000040)={0x2, 0x7, 0x10001}) mount$bpf(0x20000000, &(0x7f00000002c0)='./file0\x00', 0x0, 0x23, 0x0) epoll_create1(0x80000) syz_mount_image$ext4(0x0, &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x100020, &(0x7f0000000180)=ANY=[@ANYBLOB="6a6f75726e616c5f6469763d3078303042303030303030303030303030302c00c89b6c73127240f215d4318bdc7b800670abf24eafba2b5d2e6a418da79e3eb3817237db4d5e55ed68dfef3a5da9f9adb968715c925991cc5c13fd6f5f4b8c13795a655cc5d66c3ff56158345bc83ed7e6267ff7c645da4b6be70fc5fca64c9b1a9fb6be4e3ce96808c7569b25e47fb7f126f257ff8f4e3d2d117ba308edd190ec04549a989c6fae56f357e620784c95dc3f78587921d1a79b5ce605191a6f891be14863d1ecffeea9cbd938b480c91db1030c75a33a8da9eda073a769b86370b2512fa6a2c238b309036b34"]) [ 347.573140] syz-executor.5 cpuset=syz5 mems_allowed=0-1 [ 347.582770] CPU: 1 PID: 21898 Comm: syz-executor.5 Not tainted 4.14.131 #25 [ 347.590014] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 347.599375] Call Trace: [ 347.601976] dump_stack+0x138/0x19c [ 347.605621] warn_alloc.cold+0x96/0x1af [ 347.609613] ? zone_watermark_ok_safe+0x2b0/0x2b0 [ 347.614480] ? lock_downgrade+0x6e0/0x6e0 [ 347.618677] ? avc_has_perm+0x2df/0x4b0 [ 347.622665] __vmalloc_node_range+0x3be/0x6a0 [ 347.627169] ? trace_hardirqs_on+0x10/0x10 [ 347.631420] vmalloc+0x46/0x50 [ 347.634618] ? sel_write_load+0x1a0/0x1050 [ 347.638865] sel_write_load+0x1a0/0x1050 [ 347.642935] ? save_trace+0x290/0x290 [ 347.646749] ? sel_read_bool+0x240/0x240 [ 347.649395] XFS (loop2): no-recovery mounts must be read-only. [ 347.650818] ? trace_hardirqs_on+0x10/0x10 [ 347.650832] ? save_trace+0x290/0x290 [ 347.650845] __vfs_write+0x105/0x6b0 [ 347.650854] ? __lock_is_held+0xb6/0x140 [ 347.650865] ? sel_read_bool+0x240/0x240 [ 347.650874] ? kernel_read+0x120/0x120 [ 347.650885] ? __lock_is_held+0xb6/0x140 [ 347.684890] ? check_preemption_disabled+0x3c/0x250 [ 347.690631] ? rcu_lockdep_current_cpu_online+0xf2/0x140 [ 347.696070] ? rcu_read_lock_sched_held+0x110/0x130 [ 347.701101] ? rcu_sync_lockdep_assert+0x6d/0xb0 [ 347.706106] ? __sb_start_write+0x153/0x2f0 [ 347.710423] vfs_write+0x198/0x500 [ 347.714039] SyS_write+0xfd/0x230 [ 347.717496] ? SyS_read+0x230/0x230 [ 347.721126] ? do_syscall_64+0x53/0x640 [ 347.725083] ? SyS_read+0x230/0x230 [ 347.728949] do_syscall_64+0x1e8/0x640 [ 347.732823] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 347.737658] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 347.742863] RIP: 0033:0x4597c9 [ 347.746085] RSP: 002b:00007fbe448e1c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 347.754383] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000004597c9 [ 347.761641] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000004 04:53:22 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, &(0x7f0000000140)={0x0, @aes256}) 04:53:22 executing program 5: socket$inet_udplite(0x2, 0x2, 0x88) ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") r0 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000140)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r0, &(0x7f0000000000)=ANY=[], 0x0) 04:53:22 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) [ 347.768895] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 347.776148] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fbe448e26d4 [ 347.783401] R13: 00000000004c97d2 R14: 00000000004e0bc8 R15: 00000000ffffffff 04:53:22 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, &(0x7f0000000140)={0x0, @aes256}) 04:53:22 executing program 2: 04:53:22 executing program 4: syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x28001) write$evdev(0xffffffffffffffff, &(0x7f0000000280)=[{}], 0x12) 04:53:22 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) 04:53:22 executing program 2: 04:53:22 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, &(0x7f0000000140)={0x0, @aes256}) [ 347.929407] syz-executor.5: vmalloc: allocation failure: 0 bytes, mode:0x14000c0(GFP_KERNEL), nodemask=(null) [ 347.964844] syz-executor.5 cpuset=syz5 mems_allowed=0-1 [ 347.990652] CPU: 0 PID: 21933 Comm: syz-executor.5 Not tainted 4.14.131 #25 [ 347.997792] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 347.997798] Call Trace: [ 347.997817] dump_stack+0x138/0x19c [ 347.997830] warn_alloc.cold+0x96/0x1af [ 348.017457] ? zone_watermark_ok_safe+0x2b0/0x2b0 [ 348.022338] ? lock_downgrade+0x6e0/0x6e0 [ 348.026642] ? avc_has_perm+0x2df/0x4b0 [ 348.030640] __vmalloc_node_range+0x3be/0x6a0 [ 348.030655] ? trace_hardirqs_on+0x10/0x10 [ 348.030672] vmalloc+0x46/0x50 [ 348.030681] ? sel_write_load+0x1a0/0x1050 [ 348.030692] sel_write_load+0x1a0/0x1050 [ 348.030701] ? save_trace+0x290/0x290 [ 348.030717] ? sel_read_bool+0x240/0x240 [ 348.030727] ? trace_hardirqs_on+0x10/0x10 [ 348.030736] ? save_trace+0x290/0x290 [ 348.030749] __vfs_write+0x105/0x6b0 [ 348.070746] ? __lock_is_held+0xb6/0x140 [ 348.074821] ? sel_read_bool+0x240/0x240 [ 348.078899] ? kernel_read+0x120/0x120 [ 348.082875] ? __lock_is_held+0xb6/0x140 [ 348.082886] ? check_preemption_disabled+0x3c/0x250 [ 348.082900] ? rcu_lockdep_current_cpu_online+0xf2/0x140 [ 348.091954] ? rcu_read_lock_sched_held+0x110/0x130 [ 348.091963] ? rcu_sync_lockdep_assert+0x6d/0xb0 [ 348.091972] ? __sb_start_write+0x153/0x2f0 [ 348.091985] vfs_write+0x198/0x500 [ 348.091997] SyS_write+0xfd/0x230 [ 348.092007] ? SyS_read+0x230/0x230 [ 348.092017] ? do_syscall_64+0x53/0x640 [ 348.092033] ? SyS_read+0x230/0x230 [ 348.092043] do_syscall_64+0x1e8/0x640 [ 348.092051] ? trace_hardirqs_off_thunk+0x1a/0x1c 04:53:23 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, &(0x7f0000000140)={0x0, @aes256}) 04:53:23 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, &(0x7f0000000140)={0x0, @aes256}) [ 348.092066] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 348.143724] RIP: 0033:0x4597c9 [ 348.146911] RSP: 002b:00007fbe448e1c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 348.154641] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000004597c9 [ 348.161919] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000004 [ 348.169203] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 348.176756] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fbe448e26d4 [ 348.184216] R13: 00000000004c97d2 R14: 00000000004e0bc8 R15: 00000000ffffffff [ 348.234589] warn_alloc_show_mem: 1 callbacks suppressed [ 348.234593] Mem-Info: [ 348.247519] active_anon:120874 inactive_anon:1221 isolated_anon:0 [ 348.247519] active_file:8258 inactive_file:13162 isolated_file:0 [ 348.247519] unevictable:0 dirty:410 writeback:0 unstable:0 [ 348.247519] slab_reclaimable:12146 slab_unreclaimable:108897 [ 348.247519] mapped:59055 shmem:2594 pagetables:1148 bounce:0 [ 348.247519] free:1272045 free_pcp:272 free_cma:0 [ 348.289065] Node 0 active_anon:483444kB inactive_anon:4888kB active_file:32892kB inactive_file:52668kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:236092kB dirty:1660kB writeback:0kB shmem:10376kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 434176kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 348.318124] Node 1 active_anon:0kB inactive_anon:0kB active_file:140kB inactive_file:0kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:4kB writeback:0kB shmem:0kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 348.343964] Node 0 DMA free:15908kB min:216kB low:268kB high:320kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 348.343988] lowmem_reserve[]: 0 2580 2580 2580 [ 348.344011] Node 0 DMA32 free:1285072kB min:36468kB low:45584kB high:54700kB active_anon:483520kB inactive_anon:4888kB active_file:32892kB inactive_file:52672kB unevictable:0kB writepending:1660kB present:3129332kB managed:2644912kB mlocked:0kB kernel_stack:7392kB pagetables:4508kB bounce:0kB free_pcp:1200kB local_pcp:600kB free_cma:0kB [ 348.344036] lowmem_reserve[]: [ 348.377713] 0 0 0 0 04:53:23 executing program 0: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', 0x0, 0x2001001, 0x0) syz_mount_image$ext4(0x0, &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x100020, &(0x7f0000000040)=ANY=[@ANYBLOB='journaX_dev=0x0000000000000000,\x00']) 04:53:23 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, &(0x7f0000000140)={0x0, @aes256}) [ 348.415423] Node 0 Normal free:0kB min:0kB low:0kB high:0kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:0kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 348.464451] lowmem_reserve[]: 0 0 0 0 [ 348.468405] Node 1 Normal free:3786832kB min:53420kB low:66772kB high:80124kB active_anon:0kB inactive_anon:0kB active_file:140kB inactive_file:0kB unevictable:0kB writepending:4kB present:3932160kB managed:3870208kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 348.496575] lowmem_reserve[]: 0 0 0 0 [ 348.500836] Node 0 DMA: 1*4kB (U) 0*8kB 0*16kB 1*32kB (U) 2*64kB (U) 1*128kB (U) 1*256kB (U) 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15908kB [ 348.517271] Node 0 DMA32: 10463*4kB (UME) 2717*8kB (ME) 2692*16kB (ME) 1880*32kB (UME) 827*64kB (UM) 89*128kB (UM) 9*256kB (UME) 4*512kB (ME) 2*1024kB (UE) 3*2048kB (UME) 254*4096kB (M) = 1284068kB [ 348.537415] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 348.547064] EXT4-fs (sda1): Unrecognized mount option "journaX_dev=0x0000000000000000" or missing value [ 348.554667] Node 1 Normal: 48*4kB (UE) 360*8kB (UME) 279*16kB (UME) 53*32kB (UME) 17*64kB (UME) 12*128kB (UE) 4*256kB (UM) 3*512kB (UE) 2*1024kB (ME) 5*2048kB (UME) 918*4096kB (M) = 3786832kB [ 348.582153] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 348.591232] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 348.599865] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 348.608767] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB 04:53:23 executing program 5: socket$inet_udplite(0x2, 0x2, 0x88) ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") r0 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000140)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r0, &(0x7f0000000000)=ANY=[], 0x0) 04:53:23 executing program 4: syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x28001) write$evdev(0xffffffffffffffff, &(0x7f0000000280)=[{}], 0x12) 04:53:23 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) 04:53:23 executing program 2: 04:53:23 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, &(0x7f0000000140)={0x0, @aes256}) [ 348.617366] 24021 total pagecache pages [ 348.621407] 0 pages in swap cache [ 348.624871] Swap cache stats: add 0, delete 0, find 0/0 [ 348.630328] Free swap = 0kB [ 348.633348] Total swap = 0kB [ 348.636355] 1965979 pages RAM [ 348.639450] 0 pages HighMem/MovableOnly [ 348.643507] 333222 pages reserved [ 348.646962] 0 pages cma reserved [ 348.657190] EXT4-fs (sda1): Unrecognized mount option "journaX_dev=0x0000000000000000" or missing value 04:53:23 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) 04:53:23 executing program 2: 04:53:23 executing program 0: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', 0x0, 0x2001001, 0x0) syz_mount_image$ext4(0x0, &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x100020, &(0x7f0000000040)=ANY=[@ANYBLOB="6af36e95d8616c5f6465763d307830303030303030303b30303030303030ac00"]) 04:53:23 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, &(0x7f0000000140)={0x0, @aes256}) [ 348.722501] syz-executor.5: vmalloc: allocation failure: 0 bytes, mode:0x14000c0(GFP_KERNEL), nodemask=(null) [ 348.744129] syz-executor.5 cpuset=syz5 mems_allowed=0-1 [ 348.749665] CPU: 0 PID: 21981 Comm: syz-executor.5 Not tainted 4.14.131 #25 [ 348.757471] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 348.767003] Call Trace: [ 348.769590] dump_stack+0x138/0x19c [ 348.773225] warn_alloc.cold+0x96/0x1af [ 348.777209] ? zone_watermark_ok_safe+0x2b0/0x2b0 [ 348.782045] ? lock_downgrade+0x6e0/0x6e0 [ 348.786434] ? avc_has_perm+0x2df/0x4b0 [ 348.790770] __vmalloc_node_range+0x3be/0x6a0 [ 348.795261] ? trace_hardirqs_on+0x10/0x10 [ 348.799486] vmalloc+0x46/0x50 [ 348.802717] ? sel_write_load+0x1a0/0x1050 [ 348.806949] sel_write_load+0x1a0/0x1050 [ 348.811001] ? save_trace+0x290/0x290 [ 348.814993] ? sel_read_bool+0x240/0x240 [ 348.819064] ? trace_hardirqs_on+0x10/0x10 [ 348.823512] ? save_trace+0x290/0x290 [ 348.827390] __vfs_write+0x105/0x6b0 [ 348.831089] ? __lock_is_held+0xb6/0x140 [ 348.835134] ? sel_read_bool+0x240/0x240 [ 348.839217] ? kernel_read+0x120/0x120 [ 348.843264] ? __lock_is_held+0xb6/0x140 [ 348.847311] ? check_preemption_disabled+0x3c/0x250 [ 348.852319] ? rcu_lockdep_current_cpu_online+0xf2/0x140 [ 348.857773] ? rcu_read_lock_sched_held+0x110/0x130 [ 348.862775] ? rcu_sync_lockdep_assert+0x6d/0xb0 [ 348.867533] ? __sb_start_write+0x153/0x2f0 [ 348.871853] vfs_write+0x198/0x500 [ 348.875394] SyS_write+0xfd/0x230 [ 348.878845] ? SyS_read+0x230/0x230 [ 348.882485] ? do_syscall_64+0x53/0x640 [ 348.886454] ? SyS_read+0x230/0x230 [ 348.890075] do_syscall_64+0x1e8/0x640 [ 348.894033] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 348.898862] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 348.904043] RIP: 0033:0x4597c9 [ 348.907239] RSP: 002b:00007fbe448e1c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 348.914936] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000004597c9 04:53:23 executing program 5: socket$inet_udplite(0x2, 0x2, 0x88) ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") r0 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000140)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r0, &(0x7f0000000000)=ANY=[], 0x0) 04:53:23 executing program 4: syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x28001) write$evdev(0xffffffffffffffff, &(0x7f0000000280)=[{}], 0x12) [ 348.922224] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000004 [ 348.929479] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 348.936762] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fbe448e26d4 [ 348.944411] R13: 00000000004c97d2 R14: 00000000004e0bc8 R15: 00000000ffffffff 04:53:24 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, &(0x7f0000000140)={0x0, @aes256}) 04:53:24 executing program 2: [ 349.078212] syz-executor.5: vmalloc: allocation failure: 0 bytes, mode:0x14000c0(GFP_KERNEL), nodemask=(null) [ 349.115476] EXT4-fs (sda1): Unrecognized mount option "jón•Øal_dev=0x00000000;0000000¬" or missing value 04:53:24 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) [ 349.129418] syz-executor.5 cpuset=syz5 mems_allowed=0-1 04:53:24 executing program 2: [ 349.165695] CPU: 1 PID: 21995 Comm: syz-executor.5 Not tainted 4.14.131 #25 [ 349.172943] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 349.182759] Call Trace: [ 349.185364] dump_stack+0x138/0x19c [ 349.189017] warn_alloc.cold+0x96/0x1af [ 349.193008] ? zone_watermark_ok_safe+0x2b0/0x2b0 [ 349.197873] ? lock_downgrade+0x6e0/0x6e0 [ 349.202046] ? avc_has_perm+0x2df/0x4b0 [ 349.206041] __vmalloc_node_range+0x3be/0x6a0 [ 349.210554] ? trace_hardirqs_on+0x10/0x10 04:53:24 executing program 2: 04:53:24 executing program 2: [ 349.215170] vmalloc+0x46/0x50 [ 349.218449] ? sel_write_load+0x1a0/0x1050 [ 349.222794] sel_write_load+0x1a0/0x1050 [ 349.222807] ? save_trace+0x290/0x290 [ 349.222821] ? sel_read_bool+0x240/0x240 [ 349.222831] ? trace_hardirqs_on+0x10/0x10 [ 349.222840] ? save_trace+0x290/0x290 [ 349.222857] __vfs_write+0x105/0x6b0 [ 349.230707] ? __lock_is_held+0xb6/0x140 [ 349.230718] ? sel_read_bool+0x240/0x240 [ 349.230731] ? kernel_read+0x120/0x120 [ 349.230741] ? __lock_is_held+0xb6/0x140 04:53:24 executing program 2: [ 349.230753] ? check_preemption_disabled+0x3c/0x250 [ 349.230766] ? rcu_lockdep_current_cpu_online+0xf2/0x140 [ 349.230778] ? rcu_read_lock_sched_held+0x110/0x130 [ 349.281222] ? rcu_sync_lockdep_assert+0x6d/0xb0 [ 349.286340] ? __sb_start_write+0x153/0x2f0 [ 349.291541] vfs_write+0x198/0x500 [ 349.291553] SyS_write+0xfd/0x230 [ 349.291564] ? SyS_read+0x230/0x230 [ 349.291573] ? do_syscall_64+0x53/0x640 [ 349.291585] ? SyS_read+0x230/0x230 [ 349.298600] do_syscall_64+0x1e8/0x640 04:53:24 executing program 2: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f0000000140)='./file0\x00', 0x0, 0x2001003, 0x0) syz_mount_image$ext4(0x0, &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x100020, 0x0) [ 349.313950] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 349.318842] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 349.324142] RIP: 0033:0x4597c9 [ 349.327340] RSP: 002b:00007fbe448e1c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 349.335410] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000004597c9 [ 349.342899] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000004 [ 349.350282] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 349.350307] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fbe448e26d4 [ 349.350313] R13: 00000000004c97d2 R14: 00000000004e0bc8 R15: 00000000ffffffff [ 349.403694] warn_alloc_show_mem: 1 callbacks suppressed [ 349.403698] Mem-Info: [ 349.406162] EXT4-fs (sda1): re-mounted. Opts: [ 349.409312] active_anon:121389 inactive_anon:1218 isolated_anon:0 [ 349.409312] active_file:8259 inactive_file:13175 isolated_file:0 [ 349.409312] unevictable:0 dirty:425 writeback:0 unstable:0 [ 349.409312] slab_reclaimable:12147 slab_unreclaimable:109636 [ 349.409312] mapped:59062 shmem:2595 pagetables:1208 bounce:0 [ 349.409312] free:1269491 free_pcp:244 free_cma:0 [ 349.452127] Node 0 active_anon:485556kB inactive_anon:4872kB active_file:32896kB inactive_file:52700kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:236348kB dirty:1696kB writeback:0kB shmem:10380kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 436224kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 349.483609] Node 1 active_anon:0kB inactive_anon:0kB active_file:140kB inactive_file:0kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:4kB writeback:0kB shmem:0kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 349.509515] Node 0 DMA free:15908kB min:216kB low:268kB high:320kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 349.540575] lowmem_reserve[]: 0 2580 2580 2580 [ 349.545330] Node 0 DMA32 free:1277964kB min:36468kB low:45584kB high:54700kB active_anon:485556kB inactive_anon:4872kB active_file:32896kB inactive_file:52700kB unevictable:0kB writepending:1696kB present:3129332kB managed:2644912kB mlocked:0kB kernel_stack:7584kB pagetables:4684kB bounce:0kB free_pcp:1196kB local_pcp:528kB free_cma:0kB [ 349.583722] lowmem_reserve[]: 0 0 0 0 [ 349.587878] Node 0 Normal free:0kB min:0kB low:0kB high:0kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:0kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB 04:53:24 executing program 0: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', 0x0, 0x2001001, 0x0) syz_mount_image$ext4(0x0, &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x100020, &(0x7f0000000040)=ANY=[@ANYBLOB="58b0cf6ffcff0b3e3d4be217f87fb843aa9a0cdd8d044cffff"]) 04:53:24 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, &(0x7f0000000140)={0x0, @aes256}) [ 349.616990] lowmem_reserve[]: 0 0 0 0 [ 349.624700] EXT4-fs (sda1): re-mounted. Opts: [ 349.625236] Node 1 Normal free:3786832kB min:53420kB low:66772kB high:80124kB active_anon:0kB inactive_anon:0kB active_file:140kB inactive_file:0kB unevictable:0kB writepending:4kB present:3932160kB managed:3870208kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 349.663553] lowmem_reserve[]: 0 0 0 0 [ 349.668967] Node 0 DMA: 1*4kB (U) 0*8kB 0*16kB 1*32kB (U) 2*64kB (U) 1*128kB (U) 1*256kB (U) 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15908kB [ 349.687688] Node 0 DMA32: 10298*4kB (UME) 2925*8kB (UME) 2711*16kB (UME) 1739*32kB (UME) 827*64kB (UM) 89*128kB (UM) 9*256kB (UME) 4*512kB (ME) 2*1024kB (UE) 4*2048kB (UME) 253*4096kB (M) = 1278816kB [ 349.705987] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 349.718059] Node 1 Normal: 48*4kB (UE) 360*8kB (UME) 279*16kB (UME) 53*32kB (UME) 17*64kB (UME) 12*128kB (UE) 4*256kB (UM) 3*512kB (UE) 2*1024kB (ME) 5*2048kB (UME) 918*4096kB (M) = 3786832kB [ 349.737752] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 349.752217] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 349.763038] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 349.772263] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 349.782419] 24030 total pagecache pages [ 349.786609] 0 pages in swap cache [ 349.791010] Swap cache stats: add 0, delete 0, find 0/0 [ 349.796413] Free swap = 0kB [ 349.799423] Total swap = 0kB [ 349.814539] 1965979 pages RAM 04:53:24 executing program 5: socket$inet_udplite(0x2, 0x2, 0x88) ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") r0 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000140)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r0, &(0x7f0000000000)=ANY=[], 0x0) 04:53:24 executing program 4: syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x28001) write$evdev(0xffffffffffffffff, &(0x7f0000000280)=[{}], 0x12) 04:53:24 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) 04:53:24 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, &(0x7f0000000140)={0x0, @aes256}) 04:53:24 executing program 2: syz_mount_image$xfs(&(0x7f0000000400)='xfs\x00', &(0x7f0000000440)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)={[{@sysvgroups='sysvgroups'}]}) [ 349.817688] 0 pages HighMem/MovableOnly [ 349.827065] 333222 pages reserved [ 349.831260] 0 pages cma reserved [ 349.847293] EXT4-fs (sda1): Unrecognized mount option "X°Ïoüÿ >=Kâø¸Cªš ÝLÿÿ" or missing value 04:53:24 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, &(0x7f0000000140)={0x0, @aes256}) [ 349.923218] syz-executor.5: vmalloc: allocation failure: 0 bytes, mode:0x14000c0(GFP_KERNEL), nodemask=(null) [ 349.949885] syz-executor.5 cpuset=syz5 mems_allowed=0-1 [ 349.963690] CPU: 0 PID: 22053 Comm: syz-executor.5 Not tainted 4.14.131 #25 [ 349.971710] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 349.981165] Call Trace: [ 349.981187] dump_stack+0x138/0x19c [ 349.981206] warn_alloc.cold+0x96/0x1af [ 349.981217] ? zone_watermark_ok_safe+0x2b0/0x2b0 [ 349.981232] ? lock_downgrade+0x6e0/0x6e0 [ 349.981250] ? avc_has_perm+0x2df/0x4b0 [ 349.981266] __vmalloc_node_range+0x3be/0x6a0 [ 349.991817] ? trace_hardirqs_on+0x10/0x10 [ 349.991831] vmalloc+0x46/0x50 [ 349.991841] ? sel_write_load+0x1a0/0x1050 04:53:24 executing program 4: syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x28001) write$evdev(0xffffffffffffffff, &(0x7f0000000280)=[{}], 0x12) [ 349.991851] sel_write_load+0x1a0/0x1050 [ 349.991861] ? save_trace+0x290/0x290 [ 349.991883] ? sel_read_bool+0x240/0x240 [ 349.991893] ? trace_hardirqs_on+0x10/0x10 [ 349.991902] ? save_trace+0x290/0x290 [ 349.991917] __vfs_write+0x105/0x6b0 [ 349.991926] ? __lock_is_held+0xb6/0x140 [ 349.991934] ? sel_read_bool+0x240/0x240 [ 349.991943] ? kernel_read+0x120/0x120 [ 349.991950] ? __lock_is_held+0xb6/0x140 [ 349.991963] ? check_preemption_disabled+0x3c/0x250 [ 350.066312] XFS (loop2): Invalid superblock magic number [ 350.067692] ? rcu_lockdep_current_cpu_online+0xf2/0x140 [ 350.079232] ? rcu_read_lock_sched_held+0x110/0x130 [ 350.084273] ? rcu_sync_lockdep_assert+0x6d/0xb0 [ 350.089940] ? __sb_start_write+0x153/0x2f0 [ 350.094533] vfs_write+0x198/0x500 [ 350.098072] SyS_write+0xfd/0x230 [ 350.101883] ? SyS_read+0x230/0x230 [ 350.106325] ? do_syscall_64+0x53/0x640 [ 350.110316] ? SyS_read+0x230/0x230 [ 350.114022] do_syscall_64+0x1e8/0x640 [ 350.117916] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 350.122777] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 350.127979] RIP: 0033:0x4597c9 [ 350.131152] RSP: 002b:00007fbe448e1c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 350.138859] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000004597c9 [ 350.146149] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000004 [ 350.153413] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 350.160764] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fbe448e26d4 04:53:25 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) 04:53:25 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, &(0x7f0000000140)={0x0, @aes256}) 04:53:25 executing program 0: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) r0 = accept4(0xffffffffffffffff, &(0x7f0000000100)=@xdp, &(0x7f0000000180)=0x80, 0x80800) semget$private(0x0, 0x6, 0x480) accept4$inet6(r0, &(0x7f00000001c0)={0xa, 0x0, 0x0, @local}, &(0x7f0000000200)=0x1c, 0x800) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', 0x0, 0x2001001, 0x0) syz_mount_image$ext4(0x0, &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x100020, &(0x7f0000000040)={[{@journal_dev={'journal_dev'}}]}) 04:53:25 executing program 5: socket$inet_udplite(0x2, 0x2, 0x88) ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") r0 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000140)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r0, &(0x7f0000000000)=ANY=[], 0x0) [ 350.168139] R13: 00000000004c97d2 R14: 00000000004e0bc8 R15: 00000000ffffffff 04:53:25 executing program 4: syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x28001) write$evdev(0xffffffffffffffff, &(0x7f0000000280)=[{}], 0x12) 04:53:25 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) [ 350.242139] syz-executor.5: vmalloc: allocation failure: 0 bytes, mode:0x14000c0(GFP_KERNEL), nodemask=(null) [ 350.290319] syz-executor.5 cpuset=syz5 mems_allowed=0-1 [ 350.297474] CPU: 1 PID: 22075 Comm: syz-executor.5 Not tainted 4.14.131 #25 [ 350.305865] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 350.315229] Call Trace: [ 350.317828] dump_stack+0x138/0x19c [ 350.321555] warn_alloc.cold+0x96/0x1af [ 350.325682] ? zone_watermark_ok_safe+0x2b0/0x2b0 [ 350.330648] ? lock_downgrade+0x6e0/0x6e0 [ 350.334789] ? avc_has_perm+0x2df/0x4b0 [ 350.338802] __vmalloc_node_range+0x3be/0x6a0 [ 350.343292] ? trace_hardirqs_on+0x10/0x10 [ 350.347524] vmalloc+0x46/0x50 [ 350.351060] ? sel_write_load+0x1a0/0x1050 [ 350.355283] sel_write_load+0x1a0/0x1050 [ 350.359454] ? save_trace+0x290/0x290 [ 350.363253] ? sel_read_bool+0x240/0x240 [ 350.367319] ? trace_hardirqs_on+0x10/0x10 [ 350.371558] ? save_trace+0x290/0x290 [ 350.375348] __vfs_write+0x105/0x6b0 [ 350.379213] ? __lock_is_held+0xb6/0x140 [ 350.383284] ? sel_read_bool+0x240/0x240 [ 350.387331] ? kernel_read+0x120/0x120 [ 350.391378] ? __lock_is_held+0xb6/0x140 [ 350.395423] ? check_preemption_disabled+0x3c/0x250 [ 350.400441] ? rcu_lockdep_current_cpu_online+0xf2/0x140 [ 350.405887] ? rcu_read_lock_sched_held+0x110/0x130 [ 350.411103] ? rcu_sync_lockdep_assert+0x6d/0xb0 [ 350.415845] ? __sb_start_write+0x153/0x2f0 [ 350.420174] vfs_write+0x198/0x500 [ 350.423710] SyS_write+0xfd/0x230 [ 350.427158] ? SyS_read+0x230/0x230 [ 350.430769] ? do_syscall_64+0x53/0x640 [ 350.434733] ? SyS_read+0x230/0x230 [ 350.438371] do_syscall_64+0x1e8/0x640 [ 350.442243] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 350.447083] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 350.452265] RIP: 0033:0x4597c9 [ 350.455440] RSP: 002b:00007fbe448e1c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 350.463306] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000004597c9 [ 350.470659] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000004 [ 350.478041] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 04:53:25 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) 04:53:25 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, &(0x7f0000000140)={0x0, @aes256}) [ 350.485902] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fbe448e26d4 [ 350.493165] R13: 00000000004c97d2 R14: 00000000004e0bc8 R15: 00000000ffffffff [ 350.504830] warn_alloc_show_mem: 1 callbacks suppressed [ 350.504834] Mem-Info: [ 350.514695] active_anon:120941 inactive_anon:1218 isolated_anon:0 [ 350.514695] active_file:8259 inactive_file:13192 isolated_file:0 [ 350.514695] unevictable:0 dirty:442 writeback:0 unstable:0 [ 350.514695] slab_reclaimable:12148 slab_unreclaimable:109576 04:53:25 executing program 2: perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x3, 0x306, &(0x7f0000001fd8)=ANY=[@ANYBLOB="8800000000000000"], &(0x7f0000000000)='PL \x00L\xf7\xd1*\xf1\x1c\xe9%7\xb5\xe3\x19\x1ef\xde]N\xc1\x8eL-\xf0\x14\x84\xa8mw\x84/bIF\xea\xe3\x10yL\x8c\x96\xff\x14f#.%\x95\x119\xbd\xa5\xd2\x99\x0eR?\x8e\xc3\b\x0f\xfc\x12$\xd8\xdcL\x84\xa9\xc8\xe8\xab1Wh\x06qU#\xfat\x9e\x86\x15\xc6\x10I\xb8\xb1\xbej\xa7t\a\x02\xccZ\xdd', 0x5, 0xc3, &(0x7f000000cf3d)=""/195}, 0x48) [ 350.514695] mapped:59069 shmem:2594 pagetables:1205 bounce:0 [ 350.514695] free:1270362 free_pcp:326 free_cma:0 [ 350.552085] Node 0 active_anon:483744kB inactive_anon:4880kB active_file:32896kB inactive_file:52768kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:236276kB dirty:1764kB writeback:0kB shmem:10376kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 434176kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no 04:53:25 executing program 4: syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x28001) write$evdev(0xffffffffffffffff, &(0x7f0000000280)=[{}], 0x12) [ 350.580888] Node 1 active_anon:0kB inactive_anon:0kB active_file:140kB inactive_file:0kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:4kB writeback:0kB shmem:0kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no 04:53:25 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) 04:53:25 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, &(0x7f0000000140)={0x0, @aes256}) [ 350.669783] Node 0 DMA free:15908kB min:216kB low:268kB high:320kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB 04:53:25 executing program 2: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/sequencer\x00', 0x0, 0x0) ioctl$TIOCSPTLCK(r0, 0x40045431, &(0x7f0000000140)) ioctl$FITRIM(r0, 0xc0185879, &(0x7f0000000040)={0x2, 0x7, 0x10001}) mount$bpf(0x20000000, &(0x7f00000002c0)='./file0\x00', 0x0, 0x23, 0x0) epoll_create1(0x80000) syz_mount_image$ext4(0x0, &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x100020, &(0x7f0000000180)=ANY=[@ANYBLOB="6a6f75726e616c5f6469763d3078303042303030303030303030303030302c00c89b6c73127240f215d4318bdc7b800670abf24eafba2b5d2e6a418da79e3eb3817237db4d5e55ed68dfef3a5da9f9adb968715c925991cc5c13fd6f5f4b8c13795a655cc5d66c3ff56158345bc83ed7e6267ff7c645da4b6be70fc5fca64c9b1a9fb6be4e3ce96808c7569b25e47fb7f126f257ff8f4e3d2d117ba308edd190ec04549a989c6fae56f357e620784c95dc3f78587921d1a79b5ce605191a6f891be14863d1ecffeea9cbd938b480c91db1030c75a33a8da9eda073a769b86370b2512fa6a2c238b309036b34"]) 04:53:25 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, &(0x7f0000000140)={0x0, @aes256}) [ 350.743481] EXT4-fs: 1 callbacks suppressed [ 350.743487] EXT4-fs (sda1): Cannot specify journal on remount [ 350.800009] lowmem_reserve[]: 0 2580 2580 2580 [ 350.807008] Node 0 DMA32 free:1276392kB min:36468kB low:45584kB high:54700kB active_anon:485596kB inactive_anon:4880kB active_file:32896kB inactive_file:52768kB unevictable:0kB writepending:1764kB present:3129332kB managed:2644912kB mlocked:0kB kernel_stack:7584kB pagetables:4968kB bounce:0kB free_pcp:1236kB local_pcp:524kB free_cma:0kB [ 350.838173] lowmem_reserve[]: 0 0 0 0 [ 350.843512] Node 0 Normal free:0kB min:0kB low:0kB high:0kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:0kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 350.878561] lowmem_reserve[]: 0 0 0 0 [ 350.886434] Node 1 Normal free:3786832kB min:53420kB low:66772kB high:80124kB active_anon:0kB inactive_anon:0kB active_file:140kB inactive_file:0kB unevictable:0kB writepending:4kB present:3932160kB managed:3870208kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 350.916958] lowmem_reserve[]: 0 0 0 0 [ 350.921618] Node 0 DMA: 1*4kB (U) 0*8kB 0*16kB 1*32kB (U) 2*64kB (U) 1*128kB (U) 1*256kB (U) 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15908kB 04:53:25 executing program 0: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) r0 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000100)='/dev/vcs\x00', 0x8000, 0x0) sendmsg(r0, &(0x7f00000016c0)={0x0, 0x0, &(0x7f0000000340)=[{&(0x7f0000000140)="dd5d0c363914561e934af6f72d30fb25cf3ecd2c40f151ada3448c86d647d825e837d1d631f105a186fed58f2407e98a643cd4478757d626a28d79d30486bde1864911ef44eae9b3b79c207a1817cefdfcc53f2d3c07659d2d0a949d258a43a005e76bb89c87df071c", 0x69}, {&(0x7f00000001c0)="5e297a6184cad870b38eccfca5c92a8960652f40720ea5c94f18d0c660548db7955c8b", 0x23}, {&(0x7f0000000200)="76fd0c2e472627b44fb13d2530fd3dd01cdff1c248c1de8da0875700e012f69b285ef5ba625f94bfa2bb7a08f93b3ef7d2e90efdd3e9636218a6", 0x3a}, {&(0x7f0000000240)="ea200fb9a64d1927c3b0bc19e704a035fd37c8699299f3c524139550ef6280e35a75a42ce2bb82b4d11d80f059d262177f508739ce36f531c33227b5f033185a97a8d2be656b94dd94f67a7176eef376d5713a25dcf23d979e49bee342452484c18df1fe277157d685597825c7e6239737c8924e4feb9044a8b68f91cd6d9d232c8fdc3d69d66563354893db99d391399fa4982225335621d52648ebdc01f677428eaeb245f15008a825cef42a9986c2f604be58825e530273665d2c9b3bb295d5e3354759d253840578e9aacf09cb3d081475211dc4974957129d85572471b7b2a88c99366354", 0xe7}], 0x4, &(0x7f0000000380)=[{0x1010, 0x110, 0xfffffffffffffff7, "33e80c3bf63453e93a0081085d3afd10a3477edb631862b4f867c52464c9e9f107119ef3f54966446b30a81be128751c2bef19e3378311d28d3b4598dcda2ee7d77cc85f41d5692a69d04358c74e66c8d1d985eb20c9661047c24807de75d39fd11b84514bfe2253b47d81e9b09765956520a51a52a0e05323c749acc00f8172233249c69d0d41eff585d4a7c25d9959e43622aff3024166e5509906008a9c12767d2c84f7803f8b09cacfb708dd71c463178404c519b2cfc224d91b60796085e436f7f18ea7fb5e193182112633d905dfd9347aa500df313021f8931b1ff4248b44bb063ba19864c2e7d7c83ace54a25d242a347761a63baae26811bc99134535bd425ca1c7cf7299ac504fb1cb6f0e77c2b409e0bf5fdc49a02fc17b6ce0c660bb18453bb8a6194a54f28cf59f3fe6fe3659c41ba99918819161a558b245540eed37dbc2c423982a8e1b578f77028ddc92df27f3017825a471c97f96be2150d7ceac6e4f82e10d39cba93327ee2f7aedea43480207180a5755b27e207801f82e59e6c92ee7f1d0b6a4aba421653b632ea5e61be31dfe9ac2579d54f749976890d967e6e21ab73299feaa30afd348017e0b5bc17a71f1b57afd40a52842034db7a1af234d83fcf514e7a99ba9517887f63b0d7c4a07ccc3443dc8bad9b98129f1701edc313492ac9ece442523f75d5efbf1a7f14fce7d31375421776dd2f17ad5b446ff5bc04d833ca15aaaa06b4c583785c5ea8170bcf90b1f6f47547024f16ccac5286f3decfa18fb3505a4b0b43999b4401ebe256375231592fba06ac05caa957fb0d7b82ff13df348144de54b7bb762710d8c11ffa66e18bb1ced2c3b3675e9cdd55c47ebb325257a27ba93cfc49856a90f87b137da74fff00efc10e0368c8bde3891684c833bff7193a796952ce7483c1e4d3fba7e0bfb3c877e504c13e0f70528f14d47676b06af64a25e12684115c588b0482afff4e20589a683731a1d025da6c09cc4a632fbe6f13d8dd8696e5cbb01c32ed620bd5e936aaa2ac49cba4002aa8a8bf7c14919e48b187312655f141f11df729a78fd37d544afbf0ad3db28759e728e5986fb070b2955de9754915ab80b180e8f10a815bcba2400f0308f2e7654917cced52b8e30957a2d7603cba1456a294e6e1d1b108f502599d53f7d55bb7bc05689255dfadeccc9f50c1e81d5caf7127ef3dad4a50504ae612a8039f9be13d45b839853bf686de85c3bb2f82af2ad95bc23345455e7f5949a5a3080b09ce5c82dcb812f678be5ae3cf7de6de650f9e22b81cd159ca5ca46eceaa31a1e24fee371d8e50d2753cbfe80dd29a5c01ff8296972ecd934864623c4aeea36ed84140a925564cb9e152d77d5fe6005604a5fadd8a71cfbe579076a3e8606c25526e9e9b4ff8dc56802b5cfe68ef242a05be5c78926b919e66ddcd5afdca33ec6fb012c97a43476a8688417f8c189de37e9ef106344d3833cac346c582c4ef5407d068e1503a4f751b1660c9d88e66c9dabc15c5d3f1312f4480a4ffb576773e97e769fbbfb0deb6036b24882f7d13125470a4a3d88c17a7e714b9eba6fe2d2c7d425b76001307b2e4fa56ffaba6105fee4408390558fb8c206bddd0c4da77dbe5261eb81b63c30895b8ba648d4f4e5c0cf5a0a2ba3ee96c1622c4f6e99a273ed9727b2111cbec15db0f3af9168a2068b2cb110e21846fdc84440f83ab7521273967b40141d9811545c40daf3884640e0fd0bc6416dca63bbad123e580b8aebe398dcc8f95ce21c6d79209dff6b6d4ffe737329a3330b8901ef80051bf96eea47c84c320ff091bfc94b103ae8171db8044fab4a579699167c320e088a12df8b3bdda98cd40a77cf6a2de9c244c19babb04141346536c0028bbb5b90d13942276e47354d531f892cf77f607e6260b67b93fb5de93a34f945c0a5e6725356d3f9a6c3b999a3c484c885a7c72a350f003d8ad2ed344770aa4638e974a65f2a4a907c5376bd5166801ee95880eb53101849c2297bb05a9ed24dc0da80247c88514aa03b8fb1945100e9758d2b215c8c1b773de4aaa5a6ecf064c6625e55da12a19cc59f000c947b6c0666362c9d33ecb07c04212b37644971edf849f0db352408f7dcc5c53992c39c31eea05b4f353678713cdd7b0749c7727ec137bf0c88a3858c73fd56e501884032dccdee01e3459f2f0940f2b6a5fbcac6450f6ed4e9d24e0a3d195a3ea0bb61372ca9aae306eb1740d69b8b8233f1065d48719728484b83f0d19a2af634f2fb2905418b421ec47be383530fbe740c386f9ad354105a059f7d779527f58e6eaaa2ae45bcde33dc350ae296d41dde7747c074ba141f57840441ba90600338ec68fbf79ef6112e4697e73b3eafd4fd64797466f3a77b42ba8402c739c837ac688932837223031b4db97791aa85cd3a55cb7e5bc12be6903f5fe24c639c0aa7d6671fb36bd2590f3c179f800522916223342e0c241338ebda6a6ecf660dadeea07afb4984f039af2909c8c737d0f0dc815a5d941af0c9e9d8aa650863908c240889cf2fb5e750742aa911b8240e39fd488609771dc529b8365713c5848007d43d0d1e2285ea625d30132e0848df9cab6a1e1ce43fe802ef91d7fad9b26385df150d73d6680f9793b69b826445c3ce2a3f7cfd198547a63c8daec2acd0861eaf05cb01baab0e3c2778bea4cc23df7e8b278527d4bd4d47f0136871e78c23a9285646b2ee5e7c59e0f32fb582fcc5c63af9eef3b7522ec74a716e052e718c02f3869170f4c7720adcf93617fe2522036ba5ae4ad769e47659ef46603b4b442991be1d512622ec61f5917ce9b53997e37b511ca0092812328459cd94f3f7c373f8e2411d878d0f674804232c974a16674bc0ed3ad5c9a86cc20173a90456e86442dc6acfeabf3b4d56044fe74ab2093679146c4f328e0ac26216c66eb0b931a2b5694eed40a3baf81568b35c35f1bce451452b066813601f866528f0f4cd81715f479c0dbd3f8f1d38680213d854baac4c5194cfaa9575973a19420e80bb2ac5576b7258ca08872aecdbbcb7039f862c1a79cb1011297ff80f7682fbbd2661803aec5eb2d07ea1543307533f0c720f569a2eb38f238686c4a464e40050adf2f9b83522f43442954d8cc654f1593e2f000f2bf52b4448d7cd0f7c76adac261ab17216475c8f944718538ef929f70f6923a1d97f920b3a4143e5fad23779163dcfd0e34d133eff3940781b4008d3a2cbc0d87157a8112f095122cc06eb666082c3d0d5f370adf8ccc4ba7b7805548a2322ba0d5ac69116a6cc8cb5e79b4be6bdb10de0341fba04e719ff7ab54774d24b94c6e9985b1153dca5d37fd682c2429eab85cc40748a584d10488f2eef27c5be5ef3b9a53028ad0978f5e2ce0b7768e1deb4d521c48492e6eac2e42bfb338ef4270dde75e9768f31406043ef823c84a65a692797ee96fb8bdd2822a58a449cc20dea580943f1b88091e50a022cf26ff7ef6ca8a189f8321d1a7a3fe64845147c1d3835333b7a7be9d1da3a8900c1e05ddf05da2db0d75385ff45cd2043d08ca5a5d8f73d1c1adddc372bbcffe0b61ab89179e88b6ef08793223714b055333fdc77c8bfd604666dc784b2e7206f795fa5be4769e14b708339e64a58e405108963ed697e20cbda926f26b300dcb35198b3b5e1d75f81e87d789c5d099f9cd5e3ca38022a813d48cd366b73cc0fa93e37464376070620e820bb25a9f7ac6ecdd9aaea6c7206163e33c50f11bc393345102a003a5d8890f064fa5f7c45ca18be809f5af3202553528f5449008853dbb46530a9905bcbb58c308846a8139f2473f868f8a0952dff02f71a124350129a58c60e21548766c68280d6b8f9e81dda80ac1c444001784c1f6dca5833bd4e67036fd9d488aa8dfd4401a6d5ac97f18ca0480c7758d1eb3ed9564b9475c8c9dd69320cdf9237a90e9abb31103e7ffb0c53c57052bf2c77aff4774b38871b150002263895adebb30b47fcbb544b06d979aea95fb4ea3c95269447504962c106912b2a3ad503b0dab06022aac3b4ad2ad3c3bbbb558e616a6abb2ac15d962f4019b212b39a1b503ec03d820daf86b4d4e24b09f71fb4ceb0174ff272ddf2b0e312ce4f9c7ac05fe3b40f0bf77f8b89c28dbd6932e40e95241aa69730871563e115ff7c31ad3b2740e0583aa854c4b6d0c7aefff9f69229b7dd0968d65cc67f96626712a3eec4e10ab7584f0763a271403a5f162401dbfab88e748cf9cc9bc8f49543618bd11a62c5fdde06588c3c5eb882f5f897e6b2fd93048d754106199c192e1046a3769ef0c08239653474b61a530d7a2c3ff7389c7a9bc61a4d161a41abed7c4ab4ddfb61b66fe21291c6786e635b157f4371cae0272d8730cd958ed4079a590b88658f17ed6c79194695168204d71dd0d012cd41ccf58d3d59d67fb48de0ee7b4d343d1acf5bf14f4df872478474588f8a7c59f255a52d0506bf97a7244e41f0c83e889619209a89d8bd35d6b5f39b323d05f8e12bbe467e31ab80683d1426701e14bc6d160d971f338d90b400b7f9cab434d7bc6489ad8fa61c20d35f0ffef54270fe98499ffec48d805372ee633b11fd0f60cbf748ea1d5e191fdba4854a8a175f5f648aa9f26eeb751265e1b315e2bc7ef23fb6188c334f5915903a6ce826a128427eb2203415bcea1ab9c08d27793f430bccefc27a547877c5c9b4abd3884e947e9e63fd1c9dd347ff381b2c9a988ff5de73add5ddac6ac583c7d567cbee53cb1b58dd6b2e2d067a2c8061a7e36682e1367a56c7c3c5adbc5de0606e0a29b06349774f67b1bf4d98567bc0e1a55fce0c61b5c9c3d23d88d4138848879b902537670cfd9ca1e95952c67021d2f8a0a5b27b1ebcad68ebd23a7f3c67e11ed60841b6d3918ce0f141e658aa3b00cfe2c6ad7526d7d238597ccabdd1cdb3caac64d085157ca20bbb3e2dd0f5b6ab19f614f73eafb0989271a17f313685bcb3d78cbd6f44800653e29deaa3e26861ef7d6f25f4837e314023f601d9f37be02f478ff7a5331f0e5334871410e657e96be11c3451f95cbb880b718269b01b289fca6704251583471182b71ae9050314c2f78a298e372dd789156a6e0ff3cd5e8d256aa958a4708cdb3639a7243b4acb5f63d506c9af5c6ae070341f1646ae72ee86dc21d1f6fd902cf83a64d7b0edda9b4920e8ffc4121681fed668d901693c2b5a3cc96e1725abd56404014277e45d06df01ef178e3a85cc6e7ee726ce0a7add810534ca698b36c7af81e9bd831484b1efe8d68283c81fca3ac8c19ae68a2a7c1c1703c74481c9228652ef11424625425428bec3dabaaaa7127ad5d4f444f79ce1359d8d58d04b226a2ed756e62a21eff0dc849f9b02c685848e1e52e0f68fd20e912c930b91165073b086b5d9aa74aae37c67b30abccd9df951a8e870f555deae521bcd9a995a7f168bc5f5581356399ddac8d01c5d6e65709bd7f58e8b4e9fda57e98d19e01f46758b7cd3f1a6e34149a35de90ebdfcc02b904f375fa832f1018b18847bcf91809d5a4ed8d7d3d5eb2ecae8edc0b977e4a46f002e8c5cc163e9de9f8762c12fb35445d5a0f52d03d5bb501b3d1ced0258402a87c818dfb04c5aab1d48f5fa69b2d3e8ab688876eee15f623cae20304ffc756bdec91df21eae6152324dd1ea79de17d21e3d5bc730894b2978b990075407ab5a657759c9e1b6688b90cbc0765b9300644146f5c63c984194b1bc4a063836f4a4ad13bdc748f7f83192583028e3b8c76ae7c88ee1c67198bb07526adec96fcd3d6e58828d"}, {0x38, 0x10b, 0x1, "9d9e1b0f4cf2a590ca7d332ccb2096bdfc7b15c62ec55b4a0d5023b150025b3eb9"}, {0x30, 0x10f, 0x3, "423c7664704fd1d62bd1414990091c10314840a0358f4813130e36dd12e03657"}, {0x10, 0x88, 0xffffffffffffffe1}, {0x18, 0x101, 0x2, "32a01fb9ed"}, {0xd8, 0x6, 0x6, "55c96e53bb284064a8c0ada8c83992e84fc312e33e13226074cca560dbd9e7f2fef117fa6474bd803433acb15d4737da438fb6f88d68ce4a51f660e86b78b480ac20a698f38bc5149890de3cddb90bac9ddd5bb7d0c1b857a31f054643ca12e88b0f5170a4be9e755e1a4781cde8b7dd623128427938e0ceb416204ff21d808905cd53b85ee2889c834bd434014fc1bc4eb09ea8d0c949cd77db37da54da03b2fb16e296b8f0819033e99ac95696faf7eca3269d04b70b4afae61016a935df20ad1f"}, {0x110, 0x117, 0x9, "219b93f3c32b3e1ac37cbaa838f4544dd6ba0982f028112be427c265290377ac3bb66e28b7151c124a38107b1c020c5bdf6d3c9573b5e6918040f910d7a086b6d380bfcf9a964670529505cc9d4eb67daa69f4c9e11fae6b44d4409e3ae5f09b36e0783435cbd6c4ede5923ea56ef5ed239502b73708cfec775b76476ed1b4b88f9bc0be8a21a14da96eaedbe151b47de1951de39274b6bc0b032a6cd5a099196ef916b2bd5013853f510421db247f4a977e425496a77f2346f0db8a131c85009a2e0aef9fc661958341a90c00551353293bacaa2734a879805e3855d9993852936e543e44f8f1dd1e2ef985324c7eefd3ff4a3ba70baa6b6f94fce89ea2"}, {0x88, 0x13a, 0x7, "5e5b45658dfd36c89168d1611baecb8fe58b6ea9b52401155e9730a48ec62d3a311a68f6f481abd807d704e5b39031d979fe6bc62a52300d307097d42d13d60c4d4ef95b45abd0d616bc36340ae518467d6646162d57d38ddcb1346a16aef77f58e3767b4dc627f3d3d397f835bfd5378d39c52ea3de"}], 0x1310}, 0x72472b31ab9ef3ac) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', 0x0, 0x2001001, 0x0) syz_mount_image$ext4(0x0, &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x100020, &(0x7f0000000040)={[{@journal_dev={'journal_dev'}}]}) syz_mount_image$nfs(&(0x7f0000001700)='nfs\x00', &(0x7f0000001740)='./file0\x00', 0x100000000, 0x6, &(0x7f0000001a00)=[{&(0x7f0000001780)="84a1ff5c461a270632568799fb1f258be1a145", 0x13, 0x7}, {&(0x7f00000017c0)="670deab40f85550ed030a8dfb51c97265e78b1afbf25dc0a7c6e6b13e38a9cbf6cf9890e07bea490335031e2465848058f5f4a421690f8f89f7e955d803cc954496181ddcd6ee44d9400bdbbb7289dd933ece5a775cb9db4c37a00104ffaa5943df46059e6f8c8b16231371853242012ba569c592e59e685ecff56ef614a2bbb705ce52bb2aa9bdf8f4a016e01cff189da2d3691844865ac3a69d9420f9145f3dd019996ab898cb344cd6c6a0980", 0xae, 0x6}, {&(0x7f0000001880)="9e3b6a7b2d8e965fa15c7c41931e41be0c7af3f901dd61fc8aad1548090e470955c73affbe6b", 0x26, 0x7}, {&(0x7f00000018c0)="b0044120293afb596ec3a453195ac4e18b0e9e4c623b1eaac63ae40825e1c1cc6e3cbd6070d13d7bda6d7c16d3877354f27df3b4f34afcf4c6aa96ec256612d6d328f62df690c20c092cd16dab3e0d166738eae810580d14e54fc6d9cdfec29b6374aeec3091120d77ab103d8dddda89b385fea89264982c7e000f4dcf1dfd7addc03289e723b45ea90a00eec00629c0350966e74ddc048b6de3c27a58c88c3bb5d4ae08f31ed7806daa2ea6421c988f8bdeb0e5f61acf624a4ca9", 0xbb, 0xffff}, {&(0x7f0000001980)="eb90ba2d384ae3d57b81f55460f5db101689e90c5fd43b6b9c103eb48e206fcf5460", 0x22, 0x8}, {&(0x7f00000019c0)="23a97cc439a9b401fc9fd109b466e23e3d4721830cb2cf7f1a6a0ceedc8c86d28acddb08fefd9c66d50bd26f2bf9d85d", 0x30, 0x1}], 0x10000, &(0x7f0000001ac0)='posix_acl_access\x00') prctl$PR_SET_SECCOMP(0x16, 0x3, &(0x7f0000001b40)={0x6, &(0x7f0000001b00)=[{0x3, 0x401, 0xfffffffffffffff9, 0x2}, {0x4, 0xcb0, 0x8, 0x5}, {0x585, 0xe186, 0x1c00, 0x2}, {0x100, 0x3ff, 0x5, 0x967}, {0x200, 0x80000001, 0x7b99}, {0x4, 0x16b, 0x7fffffff, 0xf783}]}) [ 350.943876] Node 0 DMA32: 10298*4kB (UME) 2846*8kB (UME) 2750*16kB (UME) 1726*32kB (UME) 827*64kB (UM) 89*128kB (UM) 9*256kB (UME) 4*512kB (ME) 2*1024kB (UE) 4*2048kB (UME) 253*4096kB (M) = 1278392kB [ 350.976081] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 350.996819] Node 1 Normal: 48*4kB (UE) 360*8kB (UME) 279*16kB (UME) 53*32kB (UME) 17*64kB (UME) 12*128kB (UE) 4*256kB (UM) 3*512kB (UE) 2*1024kB (ME) 5*2048kB (UME) 918*4096kB (M) = 3786832kB [ 351.014388] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 351.023472] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 351.032140] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 351.041148] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB 04:53:26 executing program 5: socket$inet_udplite(0x2, 0x2, 0x88) ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") r0 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000140)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r0, &(0x7f0000000000)=ANY=[], 0x0) 04:53:26 executing program 4: syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x28001) write$evdev(0xffffffffffffffff, &(0x7f0000000280)=[{}], 0x12) 04:53:26 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) 04:53:26 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, &(0x7f0000000140)={0x0, @aes256}) 04:53:26 executing program 2: socket$inet_udplite(0x2, 0x2, 0x88) ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") r0 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000140)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r0, &(0x7f0000000000)=ANY=[], 0x0) [ 351.049714] 24049 total pagecache pages [ 351.053750] 0 pages in swap cache [ 351.057204] Swap cache stats: add 0, delete 0, find 0/0 [ 351.062913] Free swap = 0kB [ 351.065924] Total swap = 0kB [ 351.068928] 1965979 pages RAM [ 351.072078] 0 pages HighMem/MovableOnly [ 351.076091] 333222 pages reserved [ 351.079540] 0 pages cma reserved 04:53:26 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) 04:53:26 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, &(0x7f0000000140)={0x0, @aes256}) [ 351.136581] EXT4-fs (sda1): Cannot specify journal on remount [ 351.139538] syz-executor.5: vmalloc: allocation failure: 0 bytes, mode:0x14000c0(GFP_KERNEL), nodemask=(null) [ 351.173317] syz-executor.5 cpuset=syz5 mems_allowed=0-1 [ 351.188086] CPU: 0 PID: 22140 Comm: syz-executor.5 Not tainted 4.14.131 #25 [ 351.195237] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 351.204600] Call Trace: [ 351.207202] dump_stack+0x138/0x19c [ 351.210851] warn_alloc.cold+0x96/0x1af [ 351.214833] ? zone_watermark_ok_safe+0x2b0/0x2b0 [ 351.220041] ? lock_downgrade+0x6e0/0x6e0 [ 351.224213] ? avc_has_perm+0x2df/0x4b0 [ 351.228205] __vmalloc_node_range+0x3be/0x6a0 [ 351.232727] ? trace_hardirqs_on+0x10/0x10 [ 351.237076] vmalloc+0x46/0x50 [ 351.240288] ? sel_write_load+0x1a0/0x1050 [ 351.244517] sel_write_load+0x1a0/0x1050 [ 351.248811] ? save_trace+0x290/0x290 [ 351.252698] ? sel_read_bool+0x240/0x240 [ 351.256907] ? trace_hardirqs_on+0x10/0x10 [ 351.261343] ? save_trace+0x290/0x290 [ 351.265144] __vfs_write+0x105/0x6b0 [ 351.268948] ? __lock_is_held+0xb6/0x140 [ 351.272997] ? sel_read_bool+0x240/0x240 [ 351.277070] ? kernel_read+0x120/0x120 [ 351.281131] ? __lock_is_held+0xb6/0x140 [ 351.285285] ? check_preemption_disabled+0x3c/0x250 [ 351.290293] ? rcu_lockdep_current_cpu_online+0xf2/0x140 [ 351.295754] ? rcu_read_lock_sched_held+0x110/0x130 [ 351.300897] ? rcu_sync_lockdep_assert+0x6d/0xb0 [ 351.305646] ? __sb_start_write+0x153/0x2f0 [ 351.309955] vfs_write+0x198/0x500 [ 351.313484] SyS_write+0xfd/0x230 [ 351.316943] ? SyS_read+0x230/0x230 [ 351.320831] ? do_syscall_64+0x53/0x640 [ 351.324805] ? SyS_read+0x230/0x230 [ 351.328419] do_syscall_64+0x1e8/0x640 [ 351.332825] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 351.338556] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 351.343748] RIP: 0033:0x4597c9 [ 351.348419] RSP: 002b:00007fbe448e1c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 351.356117] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000004597c9 [ 351.363411] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000004 [ 351.370674] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 351.377930] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fbe448e26d4 04:53:26 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) 04:53:26 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, &(0x7f0000000140)={0x0, @aes256}) [ 351.385187] R13: 00000000004c97d2 R14: 00000000004e0bc8 R15: 00000000ffffffff 04:53:26 executing program 4: syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x28001) write$evdev(0xffffffffffffffff, &(0x7f0000000280)=[{}], 0x12) [ 351.412795] syz-executor.2: vmalloc: allocation failure: 0 bytes, mode:0x14000c0(GFP_KERNEL), nodemask=(null) 04:53:26 executing program 5: socket$inet_udplite(0x2, 0x2, 0x88) ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") r0 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000140)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r0, &(0x7f0000000000)=ANY=[], 0x0) [ 351.454244] syz-executor.2 cpuset=syz2 mems_allowed=0-1 [ 351.483980] CPU: 0 PID: 22137 Comm: syz-executor.2 Not tainted 4.14.131 #25 [ 351.491127] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 351.500488] Call Trace: [ 351.500513] dump_stack+0x138/0x19c [ 351.500527] warn_alloc.cold+0x96/0x1af [ 351.500537] ? zone_watermark_ok_safe+0x2b0/0x2b0 [ 351.500552] ? lock_downgrade+0x6e0/0x6e0 [ 351.500566] ? avc_has_perm+0x2df/0x4b0 [ 351.500581] __vmalloc_node_range+0x3be/0x6a0 [ 351.500595] vmalloc+0x46/0x50 [ 351.500602] ? sel_write_load+0x1a0/0x1050 [ 351.500613] sel_write_load+0x1a0/0x1050 [ 351.536674] ? save_trace+0x290/0x290 [ 351.536691] ? sel_read_bool+0x240/0x240 [ 351.536704] ? trace_hardirqs_on+0x10/0x10 [ 351.548608] ? save_trace+0x290/0x290 [ 351.554700] EXT4-fs (sda1): Cannot specify journal on remount [ 351.556630] __vfs_write+0x105/0x6b0 [ 351.556644] ? __lock_is_held+0xb6/0x140 [ 351.556658] ? sel_read_bool+0x240/0x240 [ 351.574384] ? kernel_read+0x120/0x120 [ 351.574397] ? __lock_is_held+0xb6/0x140 [ 351.574407] ? check_preemption_disabled+0x3c/0x250 [ 351.574418] ? rcu_lockdep_current_cpu_online+0xf2/0x140 [ 351.574428] ? rcu_read_lock_sched_held+0x110/0x130 [ 351.574437] ? rcu_sync_lockdep_assert+0x6d/0xb0 [ 351.574447] ? __sb_start_write+0x153/0x2f0 [ 351.574457] vfs_write+0x198/0x500 [ 351.574469] SyS_write+0xfd/0x230 [ 351.574478] ? SyS_read+0x230/0x230 [ 351.574488] ? do_syscall_64+0x53/0x640 [ 351.574497] ? SyS_read+0x230/0x230 [ 351.574507] do_syscall_64+0x1e8/0x640 [ 351.574515] ? trace_hardirqs_off_thunk+0x1a/0x1c 04:53:26 executing program 0: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) r0 = memfd_create(&(0x7f00000001c0)='-B\xd5NI\xc5j\xbappp\xf0\b\x84\xa2m\x00:)\x00\xbb\x8d\xac\xacva}knh#\xcb)\x0f\xc8\xc0:\x9cc\x10d\xee\xa9\x8bCc\xad\x89\x9ck\xde\xc5\xe96\xddU\xa9=\xcdJx\xaa\x8f~\xb90a\xa9\xb2\x04K\x98\x93?\x88Q\xf7\xd6\x1d\xa1\xce\x8b\x19\xea\xef\xe3\xab\xb6\xa5$4\xd6\xfe7\x0f\xe7\xd9$\xce \xabN\xae\xc9\xbd\xd3g@\xe1\'s\x0e\x90\xf2\xcdr\xb8(', 0x0) pwrite64(r0, &(0x7f000003bfff)='/', 0x1, 0x0) r1 = shmget(0x0, 0x2000, 0x40, &(0x7f0000000000/0x2000)=nil) shmctl$SHM_INFO(r1, 0xe, &(0x7f0000001040)=""/4096) mmap(&(0x7f0000001000/0x1000)=nil, 0x1000, 0x4, 0x11, r0, 0x0) symlink(&(0x7f0000001000)='./file0\x00', &(0x7f0000000080)='./file0\x00') r2 = openat$dlm_control(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dlm-control\x00', 0x100, 0x0) ioctl$SG_SET_DEBUG(r2, 0x227e, &(0x7f0000000140)=0x1) listxattr(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', 0x0, 0x2001001, 0x0) syz_mount_image$ext4(0x0, &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x100020, &(0x7f0000000040)=ANY=[@ANYBLOB="6a6f0e88daf138fe17d675726e616c5f6465763d307830303030303030303030"]) 04:53:26 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, &(0x7f0000000140)={0x0, @aes256}) 04:53:26 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) 04:53:26 executing program 4: syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x28001) write$evdev(0xffffffffffffffff, &(0x7f0000000280)=[{}], 0x12) [ 351.574532] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 351.574541] RIP: 0033:0x4597c9 [ 351.574546] RSP: 002b:00007f945827dc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 351.574556] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000004597c9 [ 351.574561] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000004 [ 351.574567] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 351.574572] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f945827e6d4 [ 351.574579] R13: 00000000004c97d2 R14: 00000000004e0bc8 R15: 00000000ffffffff 04:53:26 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) [ 351.611420] warn_alloc_show_mem: 1 callbacks suppressed [ 351.611425] Mem-Info: [ 351.630841] active_anon:121969 inactive_anon:1223 isolated_anon:0 [ 351.630841] active_file:8259 inactive_file:13208 isolated_file:0 [ 351.630841] unevictable:0 dirty:461 writeback:0 unstable:0 [ 351.630841] slab_reclaimable:12148 slab_unreclaimable:109548 [ 351.630841] mapped:59078 shmem:2591 pagetables:1212 bounce:0 [ 351.630841] free:1269297 free_pcp:290 free_cma:0 [ 351.637782] Node 0 active_anon:487876kB inactive_anon:4892kB active_file:32896kB inactive_file:52832kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:236312kB dirty:1840kB writeback:0kB shmem:10364kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 438272kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 351.787092] Node 1 active_anon:0kB inactive_anon:0kB active_file:140kB inactive_file:0kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:4kB writeback:0kB shmem:0kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 351.833041] Node 0 DMA free:15908kB min:216kB low:268kB high:320kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 351.873732] lowmem_reserve[]: 0 2580 2580 2580 [ 351.878875] Node 0 DMA32 free:1278656kB min:36468kB low:45584kB high:54700kB active_anon:485616kB inactive_anon:4892kB active_file:32896kB inactive_file:52832kB unevictable:0kB writepending:1840kB present:3129332kB managed:2644912kB mlocked:0kB kernel_stack:7456kB pagetables:4700kB bounce:0kB free_pcp:928kB local_pcp:468kB free_cma:0kB [ 351.916586] lowmem_reserve[]: 0 0 0 0 [ 351.930170] Node 0 Normal free:0kB min:0kB low:0kB high:0kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:0kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 351.965867] lowmem_reserve[]: 0 0 0 0 [ 351.969753] Node 1 Normal free:3786832kB min:53420kB low:66772kB high:80124kB active_anon:0kB inactive_anon:0kB active_file:140kB inactive_file:0kB unevictable:0kB writepending:4kB present:3932160kB managed:3870208kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 352.012385] lowmem_reserve[]: 0 0 0 0 [ 352.016318] Node 0 DMA: 1*4kB (U) 0*8kB 0*16kB 1*32kB (U) 2*64kB (U) 1*128kB (U) 1*256kB (U) 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15908kB [ 352.036449] EXT4-fs (sda1): Unrecognized mount option "joˆÚñ8þÖurnal_dev=0x0000000000" or missing value [ 352.047345] Node 0 DMA32: 10296*4kB (UME) 2799*8kB (UME) 2747*16kB (UME) 1725*32kB (UME) 827*64kB (UM) 89*128kB (UM) 9*256kB (UME) 4*512kB (ME) 2*1024kB (UE) 2*2048kB (UE) 254*4096kB (M) = 1277928kB [ 352.065603] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 352.077356] Node 1 Normal: 48*4kB (UE) 360*8kB (UME) 279*16kB (UME) 53*32kB (UME) 17*64kB (UME) 12*128kB (UE) 4*256kB (UM) 3*512kB (UE) 2*1024kB (ME) 5*2048kB (UME) 918*4096kB (M) = 3786832kB [ 352.096455] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 352.105656] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 352.114419] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 352.123547] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 352.132279] 24067 total pagecache pages 04:53:27 executing program 2: socket$inet_udplite(0x2, 0x2, 0x88) ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") r0 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000140)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r0, &(0x7f0000000000)=ANY=[], 0x0) 04:53:27 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) 04:53:27 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, &(0x7f0000000140)={0x0, @aes256}) 04:53:27 executing program 4: syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x28001) write$evdev(0xffffffffffffffff, &(0x7f0000000280)=[{}], 0x12) [ 352.136734] 0 pages in swap cache [ 352.140251] Swap cache stats: add 0, delete 0, find 0/0 [ 352.145786] Free swap = 0kB [ 352.148798] Total swap = 0kB [ 352.151857] 1965979 pages RAM [ 352.155077] 0 pages HighMem/MovableOnly [ 352.159926] 333222 pages reserved [ 352.163858] 0 pages cma reserved [ 352.167395] syz-executor.5: vmalloc: allocation failure: 0 bytes, mode:0x14000c0(GFP_KERNEL), nodemask=(null) 04:53:27 executing program 0: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', 0x0, 0x2001001, 0x0) r0 = dup(0xffffffffffffffff) accept4$packet(r0, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000140)=0x14, 0x80800) syz_mount_image$ext4(0x0, &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x100020, &(0x7f0000000040)={[{@journal_dev={'journal_dev'}}]}) 04:53:27 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) [ 352.208141] syz-executor.5 cpuset=syz5 mems_allowed=0-1 [ 352.250541] CPU: 1 PID: 22172 Comm: syz-executor.5 Not tainted 4.14.131 #25 [ 352.259542] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 352.268907] Call Trace: [ 352.271545] dump_stack+0x138/0x19c [ 352.275203] warn_alloc.cold+0x96/0x1af [ 352.279198] ? zone_watermark_ok_safe+0x2b0/0x2b0 [ 352.284232] ? lock_downgrade+0x6e0/0x6e0 [ 352.288396] ? avc_has_perm+0x2df/0x4b0 [ 352.292384] __vmalloc_node_range+0x3be/0x6a0 [ 352.296886] vmalloc+0x46/0x50 [ 352.300243] ? sel_write_load+0x1a0/0x1050 [ 352.304470] sel_write_load+0x1a0/0x1050 [ 352.309361] ? save_trace+0x290/0x290 [ 352.313159] ? sel_read_bool+0x240/0x240 [ 352.317280] ? trace_hardirqs_on+0x10/0x10 [ 352.321504] ? save_trace+0x290/0x290 [ 352.325288] __vfs_write+0x105/0x6b0 [ 352.329446] ? __lock_is_held+0xb6/0x140 [ 352.333498] ? sel_read_bool+0x240/0x240 [ 352.337548] ? kernel_read+0x120/0x120 [ 352.341430] ? __lock_is_held+0xb6/0x140 [ 352.345474] ? check_preemption_disabled+0x3c/0x250 [ 352.350474] ? rcu_lockdep_current_cpu_online+0xf2/0x140 [ 352.355905] ? rcu_read_lock_sched_held+0x110/0x130 [ 352.360902] ? rcu_sync_lockdep_assert+0x6d/0xb0 [ 352.365642] ? __sb_start_write+0x153/0x2f0 [ 352.370088] vfs_write+0x198/0x500 [ 352.373802] SyS_write+0xfd/0x230 [ 352.377249] ? SyS_read+0x230/0x230 [ 352.380857] ? do_syscall_64+0x53/0x640 [ 352.385059] ? SyS_read+0x230/0x230 [ 352.388735] do_syscall_64+0x1e8/0x640 [ 352.393754] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 352.398601] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 352.403862] RIP: 0033:0x4597c9 [ 352.407047] RSP: 002b:00007fbe448e1c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 352.415088] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000004597c9 [ 352.422883] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000004 [ 352.430154] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 352.437409] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fbe448e26d4 04:53:27 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, &(0x7f0000000140)={0x0, @aes256}) 04:53:27 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) 04:53:27 executing program 5: socket$inet_udplite(0x2, 0x2, 0x88) ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") r0 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000140)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r0, &(0x7f0000000000)=ANY=[], 0x0) 04:53:27 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) 04:53:27 executing program 4: syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x28001) write$evdev(0xffffffffffffffff, &(0x7f0000000280)=[{}], 0x12) [ 352.444667] R13: 00000000004c97d2 R14: 00000000004e0bc8 R15: 00000000ffffffff [ 352.459578] syz-executor.2: vmalloc: allocation failure: 0 bytes, mode:0x14000c0(GFP_KERNEL), nodemask=(null) 04:53:27 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) [ 352.524800] syz-executor.2 cpuset=syz2 mems_allowed=0-1 [ 352.543170] EXT4-fs (sda1): Cannot specify journal on remount [ 352.564805] CPU: 0 PID: 22204 Comm: syz-executor.2 Not tainted 4.14.131 #25 [ 352.573277] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 352.583817] Call Trace: [ 352.586989] dump_stack+0x138/0x19c [ 352.590654] warn_alloc.cold+0x96/0x1af [ 352.594644] ? zone_watermark_ok_safe+0x2b0/0x2b0 [ 352.599600] ? lock_downgrade+0x6e0/0x6e0 [ 352.604229] ? avc_has_perm+0x2df/0x4b0 [ 352.608316] __vmalloc_node_range+0x3be/0x6a0 [ 352.612999] vmalloc+0x46/0x50 [ 352.613012] ? sel_write_load+0x1a0/0x1050 [ 352.613019] sel_write_load+0x1a0/0x1050 [ 352.613032] ? save_trace+0x290/0x290 [ 352.620484] ? sel_read_bool+0x240/0x240 [ 352.620499] ? trace_hardirqs_on+0x10/0x10 [ 352.620508] ? save_trace+0x290/0x290 [ 352.620521] __vfs_write+0x105/0x6b0 [ 352.620530] ? __lock_is_held+0xb6/0x140 [ 352.620539] ? sel_read_bool+0x240/0x240 [ 352.620548] ? kernel_read+0x120/0x120 [ 352.620557] ? __lock_is_held+0xb6/0x140 [ 352.620570] ? check_preemption_disabled+0x3c/0x250 [ 352.665583] ? rcu_lockdep_current_cpu_online+0xf2/0x140 [ 352.671105] ? rcu_read_lock_sched_held+0x110/0x130 [ 352.676108] ? rcu_sync_lockdep_assert+0x6d/0xb0 [ 352.680848] ? __sb_start_write+0x153/0x2f0 [ 352.685153] vfs_write+0x198/0x500 [ 352.688695] SyS_write+0xfd/0x230 [ 352.692132] ? SyS_read+0x230/0x230 [ 352.695743] ? do_syscall_64+0x53/0x640 [ 352.699699] ? SyS_read+0x230/0x230 [ 352.703328] do_syscall_64+0x1e8/0x640 [ 352.707195] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 352.712124] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 352.717306] RIP: 0033:0x4597c9 [ 352.720486] RSP: 002b:00007f945827dc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 352.728182] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000004597c9 [ 352.735445] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000004 [ 352.742833] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 352.750096] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f945827e6d4 [ 352.757436] R13: 00000000004c97d2 R14: 00000000004e0bc8 R15: 00000000ffffffff [ 352.766930] warn_alloc_show_mem: 1 callbacks suppressed [ 352.766934] Mem-Info: [ 352.774928] active_anon:121903 inactive_anon:1230 isolated_anon:0 [ 352.774928] active_file:8260 inactive_file:13215 isolated_file:0 [ 352.774928] unevictable:0 dirty:69 writeback:0 unstable:0 [ 352.774928] slab_reclaimable:12149 slab_unreclaimable:109461 [ 352.774928] mapped:59028 shmem:2594 pagetables:1177 bounce:0 [ 352.774928] free:1269515 free_pcp:145 free_cma:0 [ 352.810212] Node 0 active_anon:487612kB inactive_anon:4920kB active_file:32900kB inactive_file:52860kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:236112kB dirty:272kB writeback:0kB shmem:10376kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 438272kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 352.840558] Node 1 active_anon:0kB inactive_anon:0kB active_file:140kB inactive_file:0kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:4kB writeback:0kB shmem:0kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 352.866707] Node 0 DMA free:15908kB min:216kB low:268kB high:320kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 352.894278] lowmem_reserve[]: 0 2580 2580 2580 [ 352.899886] Node 0 DMA32 free:1278772kB min:36468kB low:45584kB high:54700kB active_anon:485492kB inactive_anon:4920kB active_file:32900kB inactive_file:52860kB unevictable:0kB writepending:272kB present:3129332kB managed:2644912kB mlocked:0kB kernel_stack:7520kB pagetables:4708kB bounce:0kB free_pcp:644kB local_pcp:220kB free_cma:0kB [ 352.934409] lowmem_reserve[]: 0 0 0 0 [ 352.938378] Node 0 Normal free:0kB min:0kB low:0kB high:0kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:0kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 352.968072] lowmem_reserve[]: 0 0 0 0 [ 352.972197] Node 1 Normal free:3786832kB min:53420kB low:66772kB high:80124kB active_anon:0kB inactive_anon:0kB active_file:140kB inactive_file:0kB unevictable:0kB writepending:4kB present:3932160kB managed:3870208kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 353.004907] lowmem_reserve[]: 0 0 0 0 [ 353.005880] EXT4-fs (sda1): Cannot specify journal on remount [ 353.009579] Node 0 DMA: 1*4kB (U) 0*8kB 0*16kB 1*32kB (U) 2*64kB (U) 1*128kB (U) 1*256kB (U) 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15908kB [ 353.034860] Node 0 DMA32: 10389*4kB (UME) 2782*8kB (UME) 2751*16kB (UME) 1730*32kB (UME) 827*64kB (UM) 89*128kB (UM) 9*256kB (UME) 4*512kB (ME) 2*1024kB (UE) 2*2048kB (UE) 254*4096kB (M) = 1278388kB [ 353.053026] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 353.063850] Node 1 Normal: 48*4kB (UE) 360*8kB (UME) 279*16kB (UME) 53*32kB (UME) 17*64kB (UME) 12*128kB (UE) 4*256kB (UM) 3*512kB (UE) 2*1024kB (ME) 5*2048kB (UME) 918*4096kB (M) = 3786832kB [ 353.081345] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 353.090253] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 353.098848] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 353.107728] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 353.116633] 24078 total pagecache pages [ 353.120678] 0 pages in swap cache 04:53:28 executing program 2: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', 0x0, 0x2001001, 0x0) syz_mount_image$ext4(0x0, &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x100020, &(0x7f0000000040)={[{@journal_dev={'journal_dev'}}]}) r0 = dup(0xffffffffffffff9c) getsockopt$inet_sctp_SCTP_I_WANT_MAPPED_V4_ADDR(r0, 0x84, 0xc, &(0x7f0000000100), &(0x7f0000000140)=0x4) 04:53:28 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) 04:53:28 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, &(0x7f0000000140)={0x0, @aes256}) 04:53:28 executing program 4: syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x28001) write$evdev(0xffffffffffffffff, &(0x7f0000000280)=[{}], 0x12) 04:53:28 executing program 0: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) r0 = creat(&(0x7f0000000100)='./file0\x00', 0x102) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffff9c, &(0x7f0000000180)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000140)={0xffffffffffffffff}, 0x0, 0x8}}, 0x20) write$RDMA_USER_CM_CMD_NOTIFY(r0, &(0x7f00000001c0)={0xf, 0x8, 0xfa00, {r1, 0x7}}, 0x10) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', 0x0, 0x2001001, 0x0) syz_mount_image$ext4(0x0, &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x100020, &(0x7f0000000040)={[{@journal_dev={'journal_dev'}}]}) [ 353.124131] Swap cache stats: add 0, delete 0, find 0/0 [ 353.129481] Free swap = 0kB [ 353.132557] Total swap = 0kB [ 353.135715] 1965979 pages RAM [ 353.138809] 0 pages HighMem/MovableOnly [ 353.142831] 333222 pages reserved [ 353.146272] 0 pages cma reserved [ 353.149659] syz-executor.5: vmalloc: allocation failure: 0 bytes, mode:0x14000c0(GFP_KERNEL), nodemask=(null) 04:53:28 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, &(0x7f0000000140)={0x0, @aes256}) [ 353.179417] syz-executor.5 cpuset=syz5 mems_allowed=0-1 [ 353.179514] EXT4-fs (sda1): Cannot specify journal on remount [ 353.222965] CPU: 1 PID: 22227 Comm: syz-executor.5 Not tainted 4.14.131 #25 [ 353.230120] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 353.239481] Call Trace: [ 353.242097] dump_stack+0x138/0x19c [ 353.245745] warn_alloc.cold+0x96/0x1af [ 353.249727] ? zone_watermark_ok_safe+0x2b0/0x2b0 [ 353.254572] ? lock_downgrade+0x6e0/0x6e0 [ 353.254591] ? avc_has_perm+0x2df/0x4b0 [ 353.254608] __vmalloc_node_range+0x3be/0x6a0 [ 353.262717] vmalloc+0x46/0x50 [ 353.262729] ? sel_write_load+0x1a0/0x1050 [ 353.262737] sel_write_load+0x1a0/0x1050 [ 353.262748] ? save_trace+0x290/0x290 [ 353.262763] ? sel_read_bool+0x240/0x240 [ 353.262772] ? trace_hardirqs_on+0x10/0x10 [ 353.262781] ? save_trace+0x290/0x290 [ 353.262793] __vfs_write+0x105/0x6b0 [ 353.262801] ? __lock_is_held+0xb6/0x140 [ 353.262809] ? sel_read_bool+0x240/0x240 [ 353.262818] ? kernel_read+0x120/0x120 [ 353.262826] ? __lock_is_held+0xb6/0x140 [ 353.262836] ? check_preemption_disabled+0x3c/0x250 [ 353.262850] ? rcu_lockdep_current_cpu_online+0xf2/0x140 [ 353.262861] ? rcu_read_lock_sched_held+0x110/0x130 [ 353.262870] ? rcu_sync_lockdep_assert+0x6d/0xb0 [ 353.262878] ? __sb_start_write+0x153/0x2f0 [ 353.262889] vfs_write+0x198/0x500 [ 353.342468] SyS_write+0xfd/0x230 [ 353.345909] ? SyS_read+0x230/0x230 [ 353.349516] ? do_syscall_64+0x53/0x640 [ 353.353474] ? SyS_read+0x230/0x230 [ 353.357099] do_syscall_64+0x1e8/0x640 [ 353.360970] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 353.366565] entry_SYSCALL_64_after_hwframe+0x42/0xb7 04:53:28 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) [ 353.371750] RIP: 0033:0x4597c9 [ 353.374918] RSP: 002b:00007fbe448e1c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 353.382627] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000004597c9 [ 353.389880] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000004 [ 353.397147] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 353.404424] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fbe448e26d4 [ 353.411709] R13: 00000000004c97d2 R14: 00000000004e0bc8 R15: 00000000ffffffff 04:53:28 executing program 5: socket$inet_udplite(0x2, 0x2, 0x88) ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") r0 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000140)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r0, &(0x7f0000000000)=ANY=[], 0x0) 04:53:28 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, &(0x7f0000000140)={0x0, @aes256}) 04:53:28 executing program 2: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) getresuid(&(0x7f0000000600)=0x0, &(0x7f0000000640), &(0x7f0000000680)) getresuid(&(0x7f00000006c0), &(0x7f0000000700), &(0x7f0000000740)=0x0) r2 = getuid() fstat(0xffffffffffffffff, &(0x7f0000000780)={0x0, 0x0, 0x0, 0x0, 0x0}) syz_mount_image$ext4(&(0x7f0000000100)='ext2\x00', &(0x7f0000000140)='./file0\x00', 0x1, 0x5, &(0x7f0000000580)=[{&(0x7f0000000180)="55796ef31726fc544aecd24a2dfd2b77fb382b5486141d20c053d31f0c49b819171880cc328ea6f4148d83a789eeae7b9cf76f11ada84fb38e0f6fa0a167c8dae81f148e9186a8c75e3f5f601a4f8d9d42ed34d92a23142e275226679021ec9dcc082f7d5b8e36cad0796a2cbbe5a5543ef939ff8c2f3cd51d9e0fb8886dab2a10976c80de7503bd35c721dfd7fc266a56ab99a15b8f96c17a8fefec4789f744d4c3cdad1fbf4199a643b993ae5f3ad01b864b9fc77749b169b44c1423f2a421e72c2243f0ef43987535800103bb41", 0xcf, 0xfffffffffffff7df}, {&(0x7f0000000280)="61f073f3a50d40741434c1ef3c0fa1bdb0425c456195af6b63e80abeca432409dd84ac9d5eeed9720e7a1c61985243233e5f2cf0bfe013b9496cdb9004d6a23a288b960bcc7cb1cbef326e15184c3e6027440078abf525251618c9409dfc0da094d057179d4835900e1a5ef13d873c6c", 0x70, 0x3cb3}, {&(0x7f0000000300)="c3e31193c96c1c048114f3d9ed2206a569749e5f02c20613194846022ebd4ada4056faa202b8f9aa1a36caf0afc8c1ca927c2f00b06424ca1b9fbb7ab5219f5e36305f287ff2890435b19b6a80e6ab7e705838d34dc787daf43952008aa92f23fd65d2fc09bfb4a08351d49b3b7950b2dae33e960c44cae398761cf747b1b8f831671845ea56d3f48ab6fa2ede367f097e1d982cddb58afa828d845cd5aa2f1ef1fbcadcf78340249977fe5284d6b35a30cc206ab0e1d47b6a61b63624af9f18e6f0fcbe8c730e7adb033405e2fdd66e58d61fee4f78f3cb0bae3e50b92e370c6f42baef0cd5f0aea6598d6e5cbf20d8ae69", 0xf2, 0x4}, {&(0x7f0000000400)="69931b4d682f5ed1b41427475fb753baece4a8712a859aef172efd65149a192ff8102c0441a81ac38a35f23221cf50cb335f5e82faefd981356b8725a941e85895d2c25fc1766919460b3e7050068c92f688da8f43b22506fd8f9e88e00dd992d2f4899e5911cf929f7f8bf9b558a9c791055b300704bd5ac836", 0x7a, 0x8}, {&(0x7f0000000480)="8fcdd53a057feeaf00dda6c5cd378ec386b364c8902dfbef9ddf67c92ecf1bf50da6c77f920e9f4097281bcafd14f1c662472982c9ef5f8aa10d968b31a05e6a93859e249d2ba3e235d4b6c504c7208c48e359689f8f5c7e66313f8e77c9bce1f26df3228bc6bdabe38f503fece77118eeb264edf026487ee478a04f32360f3c09f9d245cadfa3f28daf7345fc3c4469420629c88591f624f83766a78ca8129bff9df1de06169fc5b96826f1aaa5e5abaadb1b37b0be3310c89619762247fcc05885749ac330767e420b1bf6005985a1cb63d1791f67a7", 0xd7, 0xc1cc}], 0x100028, &(0x7f0000000800)={[{@test_dummy_encryption='test_dummy_encryption'}, {@init_itable_val={'init_itable', 0x3d, 0x7fff}}], [{@uid_eq={'uid', 0x3d, r0}}, {@uid_gt={'uid>', r1}}, {@dont_appraise='dont_appraise'}, {@uid_eq={'uid', 0x3d, r2}}, {@dont_appraise='dont_appraise'}, {@uid_gt={'uid>', r3}}]}) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', 0x0, 0x2001001, 0x0) syz_mount_image$ext4(0x0, &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x100020, &(0x7f0000000040)={[{@journal_dev={'journal_dev'}}]}) [ 353.431244] EXT4-fs (sda1): Cannot specify journal on remount 04:53:28 executing program 4: syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x28001) write$evdev(0xffffffffffffffff, &(0x7f0000000280)=[{}], 0x12) 04:53:28 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, &(0x7f0000000140)={0x0, @aes256}) [ 353.502136] syz-executor.5: vmalloc: allocation failure: 0 bytes, mode:0x14000c0(GFP_KERNEL), nodemask=(null) 04:53:28 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) 04:53:28 executing program 0: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', 0x0, 0x2001001, 0x0) syz_mount_image$ext4(0x0, &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x100020, &(0x7f0000000040)=ANY=[@ANYBLOB="5662a97a6e0d89485300000400000000"]) 04:53:28 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, &(0x7f0000000140)={0x0, @aes256}) 04:53:28 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) [ 353.602861] syz-executor.5 cpuset=syz5 mems_allowed=0-1 [ 353.632419] CPU: 0 PID: 22263 Comm: syz-executor.5 Not tainted 4.14.131 #25 [ 353.639566] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 353.639572] Call Trace: [ 353.639590] dump_stack+0x138/0x19c [ 353.639605] warn_alloc.cold+0x96/0x1af [ 353.651569] ? zone_watermark_ok_safe+0x2b0/0x2b0 [ 353.659141] ? lock_downgrade+0x6e0/0x6e0 [ 353.668115] ? avc_has_perm+0x2df/0x4b0 [ 353.672110] __vmalloc_node_range+0x3be/0x6a0 [ 353.676625] ? trace_hardirqs_on+0x10/0x10 [ 353.680868] vmalloc+0x46/0x50 [ 353.684069] ? sel_write_load+0x1a0/0x1050 [ 353.684079] sel_write_load+0x1a0/0x1050 [ 353.684092] ? save_trace+0x290/0x290 [ 353.684110] ? sel_read_bool+0x240/0x240 04:53:28 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) [ 353.684120] ? trace_hardirqs_on+0x10/0x10 [ 353.684130] ? save_trace+0x290/0x290 [ 353.696205] __vfs_write+0x105/0x6b0 [ 353.696218] ? __lock_is_held+0xb6/0x140 [ 353.696231] ? sel_read_bool+0x240/0x240 [ 353.696241] ? kernel_read+0x120/0x120 [ 353.696250] ? __lock_is_held+0xb6/0x140 [ 353.696262] ? check_preemption_disabled+0x3c/0x250 [ 353.716113] ? rcu_lockdep_current_cpu_online+0xf2/0x140 [ 353.716127] ? rcu_read_lock_sched_held+0x110/0x130 [ 353.716138] ? rcu_sync_lockdep_assert+0x6d/0xb0 [ 353.716147] ? __sb_start_write+0x153/0x2f0 [ 353.716160] vfs_write+0x198/0x500 [ 353.724082] SyS_write+0xfd/0x230 [ 353.724095] ? SyS_read+0x230/0x230 [ 353.724106] ? do_syscall_64+0x53/0x640 [ 353.724117] ? SyS_read+0x230/0x230 [ 353.724129] do_syscall_64+0x1e8/0x640 [ 353.724140] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 353.756212] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 353.756223] RIP: 0033:0x4597c9 [ 353.756229] RSP: 002b:00007fbe448e1c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 353.756240] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000004597c9 04:53:28 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, &(0x7f0000000140)={0x0, @aes256}) 04:53:28 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, &(0x7f0000000140)={0x0, @aes256}) [ 353.756246] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000004 [ 353.756252] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 353.756258] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fbe448e26d4 [ 353.756262] R13: 00000000004c97d2 R14: 00000000004e0bc8 R15: 00000000ffffffff [ 353.806270] warn_alloc_show_mem: 1 callbacks suppressed [ 353.806273] Mem-Info: [ 353.849322] EXT4-fs (sda1): Unrecognized mount option "Vb©zn ‰HS" or missing value [ 353.889348] active_anon:121431 inactive_anon:1226 isolated_anon:0 [ 353.889348] active_file:8260 inactive_file:13228 isolated_file:0 [ 353.889348] unevictable:0 dirty:99 writeback:0 unstable:0 [ 353.889348] slab_reclaimable:12151 slab_unreclaimable:109357 [ 353.889348] mapped:59073 shmem:2594 pagetables:1184 bounce:0 [ 353.889348] free:1270006 free_pcp:247 free_cma:0 [ 353.945763] Node 0 active_anon:485624kB inactive_anon:4904kB active_file:32900kB inactive_file:52912kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:236192kB dirty:392kB writeback:0kB shmem:10376kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 434176kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 353.952621] EXT4-fs (sda1): Cannot specify journal on remount [ 353.982306] Node 1 active_anon:0kB inactive_anon:0kB active_file:140kB inactive_file:0kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:4kB writeback:0kB shmem:0kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 354.008479] Node 0 DMA free:15908kB min:216kB low:268kB high:320kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 354.035115] lowmem_reserve[]: 0 2580 2580 2580 [ 354.039740] Node 0 DMA32 free:1277444kB min:36468kB low:45584kB high:54700kB active_anon:485556kB inactive_anon:4916kB active_file:32900kB inactive_file:52940kB unevictable:0kB writepending:424kB present:3129332kB managed:2644912kB mlocked:0kB kernel_stack:7552kB pagetables:4564kB bounce:0kB free_pcp:1340kB local_pcp:640kB free_cma:0kB [ 354.069907] lowmem_reserve[]: 0 0 0 0 [ 354.074779] Node 0 Normal free:0kB min:0kB low:0kB high:0kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:0kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 354.103308] lowmem_reserve[]: 0 0 0 0 [ 354.107246] Node 1 Normal free:3786832kB min:53420kB low:66772kB high:80124kB active_anon:0kB inactive_anon:0kB active_file:140kB inactive_file:0kB unevictable:0kB writepending:4kB present:3932160kB managed:3870208kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 354.135145] lowmem_reserve[]: 0 0 0 0 [ 354.139055] Node 0 DMA: 1*4kB (U) 0*8kB 0*16kB 1*32kB (U) 2*64kB (U) 1*128kB (U) 1*256kB (U) 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15908kB [ 354.152928] Node 0 DMA32: 10296*4kB (UME) 2767*8kB (UME) 2777*16kB (UME) 1731*32kB (UME) 827*64kB (UM) 89*128kB (UM) 9*256kB (UME) 4*512kB (ME) 2*1024kB (UE) 4*2048kB (UME) 253*4096kB (M) = 1278344kB [ 354.171187] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 354.182429] Node 1 Normal: 48*4kB (UE) 360*8kB (UME) 279*16kB (UME) 53*32kB (UME) 17*64kB (UME) 12*128kB (UE) 4*256kB (UM) 3*512kB (UE) 2*1024kB (ME) 5*2048kB (UME) 918*4096kB (M) = 3786832kB [ 354.199831] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 354.209088] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 354.217746] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 354.228180] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB 04:53:29 executing program 5: socket$inet_udplite(0x2, 0x2, 0x88) ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") r0 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000140)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r0, &(0x7f0000000000)=ANY=[], 0x0) 04:53:29 executing program 4: syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x28001) write$evdev(0xffffffffffffffff, &(0x7f0000000280)=[{}], 0x12) 04:53:29 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) 04:53:29 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, &(0x7f0000000140)={0x0, @aes256}) 04:53:29 executing program 0: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) r0 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000040)='/dev/sequencer2\x00', 0x20000, 0x0) inotify_add_watch(r0, &(0x7f0000000180)='./file0\x00', 0x98772990dd6d64df) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', 0x0, 0x2001001, 0x0) getsockopt$inet_IP_IPSEC_POLICY(r0, 0x0, 0x10, &(0x7f0000000500)={{{@in6=@empty, @in=@multicast1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@dev}, 0x0, @in6}}, &(0x7f0000000600)=0xe8) accept4$netrom(r0, &(0x7f0000000780)={{0x3, @bcast}, [@null, @null, @netrom, @netrom, @rose, @bcast, @netrom, @null]}, &(0x7f0000000380)=0x48, 0x80000) syz_mount_image$reiserfs(&(0x7f00000001c0)='reiserfs\x00', &(0x7f0000000200)='./file0\x00', 0x7fffffff, 0x4, &(0x7f0000000480)=[{&(0x7f0000000240)="4dc49e133ab6024b78e5476b8a3836277c55e4f08b8573c30ae949ef74dd2d302b975f29cc79428bf92d77efd2b52078a5bc0124c6637e90354b6f6d6ad4248520e5a4b2f03f451a825e75c6b1927db1793bdc68b85440f3fd633550", 0x5c, 0x8}, {&(0x7f00000002c0)="a859fc41137947b91ba70a2c098451cfd0e768685356484aa2e3a40b8689c93d581f1b515efb27bb7c10d12b7e3828afe819d9c620da2ebe5ea2ff3f144bbb460bc41bf66dcdb01869bf9952f4aabeb8418d0cc2cda9d4c273fa2fb20380325449cbab7d405cdc2431904748e8271ea6bdadfc73dd41f2ac394ce00ee81562c7ff119a9ebb54a68e408e719c63b9ec916579ef11926331", 0x97, 0x40}, {&(0x7f0000000380), 0x0, 0x1ff}, {&(0x7f00000003c0)="c8c5b1334af28517cf5bdbb444d4639ed26646f3a2d2ab25504d056134fda8ea6f0384a514702bf0706eb94c0f5199905b506827cebd38bca70ab27cfe07c61ef9d246d80daa354e55687bbec5ddaaf86eb99e0242095ad14f5697260dc92e97b8abb328b6dadf3ee12f8f8c4c2bd24cb813fd188b8ead27609b112df038e643be6ac753c465aeaa2e0da4d776c3664299d0f6b1e1e6d258a29567da365509af7f", 0xa1, 0x7a3f}], 0x2, &(0x7f0000000640)={[{@conv='conv'}, {@tails_off='tails=off'}, {@balloc_test4='block-allocator=test4'}, {@jdev={'jdev', 0x3d, './file0'}}, {@user_xattr='user_xattr'}, {@hash_tea='hash=tea'}, {@usrjquota_file='usrjquota=syz'}, {@commit={'commit', 0x3d, 0xc3ca}}, {@usrquota='usrquota'}], [{@rootcontext={'rootcontext', 0x3d, 'staff_u'}}, {@func={'func', 0x3d, 'BPRM_CHECK'}}, {@rootcontext={'rootcontext', 0x3d, 'user_u'}}, {@smackfshat={'smackfshat'}}, {@mask={'mask', 0x3d, 'MAY_APPEND'}}, {@obj_role={'obj_role', 0x3d, '/dev/sequencer2\x00'}}, {@hash='hash'}, {@fowner_gt={'fowner>', r1}}]}) syz_mount_image$ext4(0x0, &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x100020, &(0x7f0000000100)=ANY=[@ANYBLOB="6a6f75726e610469d71fcadc9f5565763d3078303030303030303030303030303030302c0000000000000000000085961385358e090941848b4a2bb8953814a01518ee2b75d5d415329f6a00dff8cbb7998c2d4e45648088669b23c1e53a8b0cb3c63e76048f9379ab5f132e3b80c6052905e72c51240a91"]) 04:53:29 executing program 2: openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, &(0x7f0000000140)={0x0, @aes256}) [ 354.244815] 24093 total pagecache pages [ 354.248872] 0 pages in swap cache [ 354.254752] Swap cache stats: add 0, delete 0, find 0/0 [ 354.260266] Free swap = 0kB [ 354.263273] Total swap = 0kB [ 354.266449] 1965979 pages RAM [ 354.269534] 0 pages HighMem/MovableOnly [ 354.273541] 333222 pages reserved [ 354.276983] 0 pages cma reserved 04:53:29 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, &(0x7f0000000140)={0x0, @aes256}) 04:53:29 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) 04:53:29 executing program 2: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) [ 354.358963] syz-executor.5: vmalloc: allocation failure: 0 bytes, mode:0x14000c0(GFP_KERNEL), nodemask=(null) 04:53:29 executing program 4: syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x28001) write$evdev(0xffffffffffffffff, &(0x7f0000000280)=[{}], 0x12) 04:53:29 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) 04:53:29 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, &(0x7f0000000140)={0x0, @aes256}) [ 354.402842] syz-executor.5 cpuset=syz5 mems_allowed=0-1 [ 354.447345] ================================================================== [ 354.451371] CPU: 1 PID: 22327 Comm: syz-executor.5 Not tainted 4.14.131 #25 [ 354.454994] BUG: KASAN: global-out-of-bounds in strscpy+0x20e/0x2c0 [ 354.462079] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 354.468479] Read of size 8 at addr ffffffff8677b9f8 by task syz-executor.0/22334 [ 354.477812] Call Trace: [ 354.485321] [ 354.487895] dump_stack+0x138/0x19c [ 354.493108] warn_alloc.cold+0x96/0x1af [ 354.497080] ? zone_watermark_ok_safe+0x2b0/0x2b0 [ 354.502083] ? lock_downgrade+0x6e0/0x6e0 [ 354.506226] ? avc_has_perm+0x2df/0x4b0 [ 354.510192] __vmalloc_node_range+0x3be/0x6a0 [ 354.514676] ? trace_hardirqs_on+0x10/0x10 [ 354.518900] vmalloc+0x46/0x50 [ 354.522078] ? sel_write_load+0x1a0/0x1050 [ 354.526415] sel_write_load+0x1a0/0x1050 [ 354.530478] ? save_trace+0x290/0x290 [ 354.534293] ? sel_read_bool+0x240/0x240 [ 354.538341] ? trace_hardirqs_on+0x10/0x10 [ 354.542562] ? save_trace+0x290/0x290 [ 354.546441] __vfs_write+0x105/0x6b0 [ 354.550142] ? __lock_is_held+0xb6/0x140 [ 354.554190] ? sel_read_bool+0x240/0x240 [ 354.558236] ? kernel_read+0x120/0x120 [ 354.562109] ? __lock_is_held+0xb6/0x140 [ 354.566156] ? check_preemption_disabled+0x3c/0x250 [ 354.571174] ? rcu_lockdep_current_cpu_online+0xf2/0x140 [ 354.576613] ? rcu_read_lock_sched_held+0x110/0x130 [ 354.581702] ? rcu_sync_lockdep_assert+0x6d/0xb0 [ 354.586531] ? __sb_start_write+0x153/0x2f0 [ 354.590847] vfs_write+0x198/0x500 [ 354.594468] SyS_write+0xfd/0x230 [ 354.597929] ? SyS_read+0x230/0x230 [ 354.601553] ? do_syscall_64+0x53/0x640 [ 354.605526] ? SyS_read+0x230/0x230 [ 354.609139] do_syscall_64+0x1e8/0x640 [ 354.613108] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 354.617948] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 354.623485] RIP: 0033:0x4597c9 [ 354.626677] RSP: 002b:00007fbe448e1c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 354.634544] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000004597c9 [ 354.641800] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000004 [ 354.649065] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 354.656324] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fbe448e26d4 [ 354.663595] R13: 00000000004c97d2 R14: 00000000004e0bc8 R15: 00000000ffffffff [ 354.670875] CPU: 0 PID: 22334 Comm: syz-executor.0 Not tainted 4.14.131 #25 [ 354.677982] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 354.687341] Call Trace: [ 354.689948] dump_stack+0x138/0x19c [ 354.693586] ? strscpy+0x20e/0x2c0 [ 354.697135] print_address_description.cold+0x5/0x1dc [ 354.702337] ? strscpy+0x20e/0x2c0 [ 354.705887] kasan_report.cold+0xa9/0x2af [ 354.710055] __asan_report_load8_noabort+0x14/0x20 [ 354.715002] strscpy+0x20e/0x2c0 [ 354.718383] prepare_error_buf+0x94/0x1aa0 [ 354.722623] ? save_trace+0x290/0x290 [ 354.726433] ? __lock_acquire+0x5f9/0x45e0 [ 354.730684] ? scnprintf_le_key+0x600/0x600 [ 354.735016] ? __lock_acquire+0x5f9/0x45e0 [ 354.739244] __reiserfs_warning+0x9f/0xb0 [ 354.739254] ? reiserfs_printk+0xd0/0xd0 [ 354.739272] ? trace_hardirqs_on+0x10/0x10 [ 354.739287] reiserfs_parse_options+0xa16/0x1820 [ 354.756448] ? reiserfs_sync_fs+0xe0/0xe0 [ 354.760610] ? trace_hardirqs_on+0x10/0x10 [ 354.764905] ? workqueue_sysfs_register+0x3c0/0x3c0 [ 354.770631] ? lockdep_init_map+0x9/0x10 [ 354.774710] ? debug_mutex_init+0x2d/0x5a [ 354.778867] reiserfs_fill_super+0x461/0x2b20 [ 354.783377] ? finish_unfinished+0x1010/0x1010 [ 354.787976] ? snprintf+0xa5/0xd0 [ 354.791440] ? set_blocksize+0x270/0x300 [ 354.795513] ? ns_test_super+0x50/0x50 [ 354.799451] mount_bdev+0x2be/0x370 [ 354.803081] ? finish_unfinished+0x1010/0x1010 [ 354.807682] get_super_block+0x35/0x40 [ 354.811581] mount_fs+0x97/0x2a1 [ 354.814968] vfs_kern_mount.part.0+0x5e/0x3d0 [ 354.819468] do_mount+0x417/0x27d0 [ 354.823004] ? copy_mount_options+0x5c/0x2f0 [ 354.823014] ? rcu_read_lock_sched_held+0x110/0x130 [ 354.823025] ? copy_mount_string+0x40/0x40 [ 354.823039] ? copy_mount_options+0x1fe/0x2f0 [ 354.823051] SyS_mount+0xab/0x120 [ 354.823059] ? copy_mnt_ns+0x8c0/0x8c0 [ 354.823071] do_syscall_64+0x1e8/0x640 [ 354.823080] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 354.823098] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 354.823111] RIP: 0033:0x45c21a [ 354.865681] RSP: 002b:00007fca12012a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 354.873483] RAX: ffffffffffffffda RBX: 00007fca12012b40 RCX: 000000000045c21a [ 354.880778] RDX: 00007fca12012ae0 RSI: 0000000020000200 RDI: 00007fca12012b00 [ 354.888041] RBP: 0000000000000004 R08: 00007fca12012b40 R09: 00007fca12012ae0 [ 354.895314] R10: 0000000000000002 R11: 0000000000000206 R12: 0000000000000004 [ 354.902596] R13: 00000000004c885f R14: 00000000004df470 R15: 00000000ffffffff [ 354.909891] [ 354.911511] The buggy address belongs to the variable: [ 354.916807] __func__.31301+0x798/0x3a60 [ 354.920856] [ 354.922476] Memory state around the buggy address: [ 354.927382] ffffffff8677b880: fa fa fa fa 07 fa fa fa fa fa fa fa 00 02 fa fa [ 354.934859] ffffffff8677b900: fa fa fa fa 00 02 fa fa fa fa fa fa 06 fa fa fa [ 354.942331] >ffffffff8677b980: fa fa fa fa 07 fa fa fa fa fa fa fa 00 00 00 02 [ 354.949678] ^ [ 354.956938] ffffffff8677ba00: fa fa fa fa 00 03 fa fa fa fa fa fa 00 00 03 fa [ 354.964292] ffffffff8677ba80: fa fa fa fa 00 03 fa fa fa fa fa fa 00 03 fa fa [ 354.971644] ================================================================== [ 354.979015] Disabling lock debugging due to kernel taint [ 354.984631] Kernel panic - not syncing: panic_on_warn set ... [ 354.984631] 04:53:29 executing program 5: socket$inet_udplite(0x2, 0x2, 0x88) ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") r0 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000140)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r0, &(0x7f0000000000)=ANY=[], 0x0) 04:53:29 executing program 1: r0 = memfd_create(&(0x7f0000000240)='queue1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x100000000000001) r1 = dup2(0xffffffffffffffff, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x26, 0x0, 0xfffffffffffffffe, 0x0, @tick, {}, {}, @raw32={[0x7ff, 0x9, 0x5]}}], 0x30) 04:53:29 executing program 3: openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, &(0x7f0000000140)={0x0, @aes256}) [ 354.992011] CPU: 0 PID: 22334 Comm: syz-executor.0 Tainted: G B 4.14.131 #25 [ 354.998096] kobject: 'loop5' (ffff8880a4b201e0): kobject_uevent_env [ 355.000318] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 355.000322] Call Trace: [ 355.000337] dump_stack+0x138/0x19c [ 355.000347] ? strscpy+0x20e/0x2c0 [ 355.000354] panic+0x1f2/0x426 [ 355.000360] ? add_taint.cold+0x16/0x16 [ 355.000373] kasan_end_report+0x47/0x4f [ 355.000383] kasan_report.cold+0x130/0x2af 04:53:29 executing program 2: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) r0 = syz_open_dev$radio(&(0x7f0000000100)='/dev/radio#\x00', 0x3, 0x2) openat$rtc(0xffffffffffffff9c, &(0x7f0000000140)='/dev/rtc0\x00', 0x800, 0x0) fcntl$notify(r0, 0x402, 0x10) r1 = socket$inet6(0xa, 0x40000080806, 0x0) setsockopt$inet6_int(r1, 0x29, 0x42, &(0x7f00000000c0), 0x3df) bind$inet6(r1, &(0x7f000047b000)={0xa, 0x4e20}, 0x1c) listen(r1, 0x4000000020000000) r2 = socket$inet6(0xa, 0x6, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) connect$inet6(r2, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) r3 = accept4(r1, 0x0, 0x0, 0x0) sendmmsg(r3, &(0x7f0000003d40)=[{{0x0, 0x0, 0x0}}], 0x4000000000000d0, 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', 0x0, 0x2001001, 0x0) syz_mount_image$ext4(0x0, &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x100020, &(0x7f0000000040)=ANY=[@ANYBLOB="6a6f75726e616c5f6465003d3078303030303030303030553bd365ac30303030"]) ioctl$PPPIOCGUNIT(r0, 0x80047456, &(0x7f0000000180)) [ 355.012276] kobject: 'loop5' (ffff8880a4b201e0): fill_kobj_path: path = '/devices/virtual/block/loop5' [ 355.016180] __asan_report_load8_noabort+0x14/0x20 [ 355.016192] strscpy+0x20e/0x2c0 [ 355.028158] syz-executor.5: [ 355.029183] prepare_error_buf+0x94/0x1aa0 [ 355.029199] ? save_trace+0x290/0x290 [ 355.033621] vmalloc: allocation failure: 0 bytes [ 355.037146] ? __lock_acquire+0x5f9/0x45e0 [ 355.037156] ? scnprintf_le_key+0x600/0x600 [ 355.037168] ? __lock_acquire+0x5f9/0x45e0 [ 355.043335] , mode:0x14000c0(GFP_KERNEL), nodemask= [ 355.050819] __reiserfs_warning+0x9f/0xb0 [ 355.050827] ? reiserfs_printk+0xd0/0xd0 [ 355.050840] ? trace_hardirqs_on+0x10/0x10 [ 355.050849] reiserfs_parse_options+0xa16/0x1820 [ 355.050860] ? reiserfs_sync_fs+0xe0/0xe0 [ 355.050867] ? trace_hardirqs_on+0x10/0x10 [ 355.050906] ? workqueue_sysfs_register+0x3c0/0x3c0 [ 355.059882] kobject: 'loop2' (ffff8880a4a460a0): kobject_uevent_env [ 355.062169] ? lockdep_init_map+0x9/0x10 [ 355.062177] ? debug_mutex_init+0x2d/0x5a [ 355.062188] reiserfs_fill_super+0x461/0x2b20 [ 355.062198] ? finish_unfinished+0x1010/0x1010 [ 355.062212] ? snprintf+0xa5/0xd0 [ 355.062223] ? set_blocksize+0x270/0x300 [ 355.062235] ? ns_test_super+0x50/0x50 [ 355.070095] kobject: 'loop2' (ffff8880a4a460a0): fill_kobj_path: path = '/devices/virtual/block/loop2' [ 355.070282] mount_bdev+0x2be/0x370 [ 355.077163] (null) [ 355.079242] ? finish_unfinished+0x1010/0x1010 [ 355.079253] get_super_block+0x35/0x40 [ 355.079262] mount_fs+0x97/0x2a1 [ 355.079273] vfs_kern_mount.part.0+0x5e/0x3d0 [ 355.099389] syz-executor.5 cpuset= [ 355.101160] do_mount+0x417/0x27d0 [ 355.101170] ? copy_mount_options+0x5c/0x2f0 [ 355.101182] ? rcu_read_lock_sched_held+0x110/0x130 [ 355.101192] ? copy_mount_string+0x40/0x40 [ 355.101201] ? copy_mount_options+0x1fe/0x2f0 [ 355.101211] SyS_mount+0xab/0x120 [ 355.101218] ? copy_mnt_ns+0x8c0/0x8c0 [ 355.101227] do_syscall_64+0x1e8/0x640 [ 355.101234] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 355.101246] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 355.101253] RIP: 0033:0x45c21a [ 355.101257] RSP: 002b:00007fca12012a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 355.101264] RAX: ffffffffffffffda RBX: 00007fca12012b40 RCX: 000000000045c21a [ 355.101268] RDX: 00007fca12012ae0 RSI: 0000000020000200 RDI: 00007fca12012b00 [ 355.101277] RBP: 0000000000000004 R08: 00007fca12012b40 R09: 00007fca12012ae0 [ 355.101280] R10: 0000000000000002 R11: 0000000000000206 R12: 0000000000000004 [ 355.101284] R13: 00000000004c885f R14: 00000000004df470 R15: 00000000ffffffff [ 355.102780] Kernel Offset: disabled [ 355.288736] Rebooting in 86400 seconds..