00000340)={0x6, 0x0}) ioctl$DRM_IOCTL_AGP_FREE(r2, 0x40206435, &(0x7f00000004c0)={0x81, r5, 0x10000, 0x7}) ioctl$SNDRV_PCM_IOCTL_RESUME(r3, 0x4147, 0x0) mount$fuse(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000040)='fuse\x00', 0x0, &(0x7f0000000140)={{'fd', 0x3d, r4}, 0x2c, {'rootmode', 0x3d, 0x807a}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) 03:28:52 executing program 3: openat$adsp1(0xffffffffffffff9c, &(0x7f0000000180)='/dev/adsp1\x00', 0x0, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) 03:28:52 executing program 2: openat$adsp1(0xffffffffffffff9c, &(0x7f0000000180)='/dev/adsp1\x00', 0x0, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) 03:28:52 executing program 0: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8d, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000280)={0x38, 0x2, 0x0, 0x0, 0x8}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f00000041c0)=[{{&(0x7f0000000780)=@xdp, 0x80, &(0x7f0000000b40)=[{&(0x7f0000000800)=""/55, 0x37}], 0x1}, 0x405}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) write$P9_RGETLOCK(r2, &(0x7f00000003c0)=ANY=[@ANYBLOB="350000194e621100000000000000000700f0000000000000cabccf258f89fc6da8c395aa018d83e0c6356c5aded74dc7e99c74d427ae85f25c5b80b95c85957da97fba0896741c3b4a18e6f44167ddbe0c0570d3438eccb779ee1311dcdfdf829060face36020a87829ad8dc6794ba8425204fd2014fcb7feb8c886459fe1c0d6e02cda33131a6a09c45c7436506c7f9e71402c4c9f4a71128e7727ee3582fe45a858994ce3dab322c7846ef0af200", @ANYRES32, @ANYBLOB="17007573657ac1"], 0x35) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x7e, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000380)}, 0x9000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x4000000000000071, 0x0) r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000340)={0x6, 0x0, 0x0, 0x204f}) ioctl$DRM_IOCTL_AGP_FREE(r2, 0x40206435, &(0x7f00000004c0)={0x81, r5, 0x10000, 0x7}) ioctl$SNDRV_PCM_IOCTL_RESUME(r3, 0x4147, 0x0) mount$fuse(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000040)='fuse\x00', 0x0, &(0x7f0000000140)={{'fd', 0x3d, r4}, 0x2c, {'rootmode', 0x3d, 0x807a}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) [ 763.050808] 0 pages HighMem/MovableOnly [ 763.056038] 338456 pages reserved [ 763.059503] 0 pages cma reserved 03:28:52 executing program 4: openat$adsp1(0xffffffffffffff9c, &(0x7f0000000180)='/dev/adsp1\x00', 0x0, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1) dup(r2) ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f0000000300)={0x2, 0x0, @ioapic={0x0, 0x0, 0x0, 0x7fff, 0x0, [{0x0, 0x2}]}}) 03:28:52 executing program 5: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8d, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000280)={0x38, 0x2, 0x0, 0x0, 0x8}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f00000041c0)=[{{&(0x7f0000000780)=@xdp, 0x80, &(0x7f0000000b40)=[{&(0x7f0000000800)=""/55, 0x37}], 0x1}, 0x405}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) write$P9_RGETLOCK(r2, &(0x7f00000003c0)=ANY=[@ANYBLOB="350000194e621100000000000000000700f0000000000000cabccf258f89fc6da8c395aa018d83e0c6356c5aded74dc7e99c74d427ae85f25c5b80b95c85957da97fba0896741c3b4a18e6f44167ddbe0c0570d3438eccb779ee1311dcdfdf829060face36020a87829ad8dc6794ba8425204fd2014fcb7feb8c886459fe1c0d6e02cda33131a6a09c45c7436506c7f9e71402c4c9f4a71128e7727ee3582fe45a858994ce3dab322c7846ef0af200", @ANYRES32, @ANYBLOB="17007573657ac194ca"], 0x35) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x363) perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x7e, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000380)}, 0x9000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x4000000000000071, 0x0) r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000340)={0x6, 0x0, 0x0, 0x204f}) ioctl$DRM_IOCTL_AGP_FREE(0xffffffffffffffff, 0x40206435, &(0x7f00000004c0)={0x81, r5, 0x10000, 0x7}) ioctl$SNDRV_PCM_IOCTL_RESUME(r3, 0x4147, 0x0) mount$fuse(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000040)='fuse\x00', 0x0, &(0x7f0000000140)={{'fd', 0x3d, r4}, 0x2c, {'rootmode', 0x3d, 0x807a}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) 03:28:52 executing program 0: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8d, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000280)={0x38, 0x2, 0x0, 0x0, 0x8}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f00000041c0)=[{{&(0x7f0000000780)=@xdp, 0x80, &(0x7f0000000b40)=[{&(0x7f0000000800)=""/55, 0x37}], 0x1}, 0x405}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) write$P9_RGETLOCK(r2, &(0x7f00000003c0)=ANY=[@ANYBLOB="350000194e621100000000000000000700f0000000000000cabccf258f89fc6da8c395aa018d83e0c6356c5aded74dc7e99c74d427ae85f25c5b80b95c85957da97fba0896741c3b4a18e6f44167ddbe0c0570d3438eccb779ee1311dcdfdf829060face36020a87829ad8dc6794ba8425204fd2014fcb7feb8c886459fe1c0d6e02cda33131a6a09c45c7436506c7f9e71402c4c9f4a71128e7727ee3582fe45a858994ce3dab322c7846ef0af200", @ANYRES32, @ANYBLOB="17007573657ac1"], 0x35) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x7e, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000380)}, 0x9000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x4000000000000071, 0x0) r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000340)={0x6, 0x0, 0x0, 0x204f}) ioctl$DRM_IOCTL_AGP_FREE(r2, 0x40206435, &(0x7f00000004c0)={0x81, r5, 0x10000, 0x7}) ioctl$SNDRV_PCM_IOCTL_RESUME(r3, 0x4147, 0x0) mount$fuse(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000040)='fuse\x00', 0x0, &(0x7f0000000140)={{'fd', 0x3d, r4}, 0x2c, {'rootmode', 0x3d, 0x807a}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) 03:28:52 executing program 2: openat$adsp1(0xffffffffffffff9c, &(0x7f0000000180)='/dev/adsp1\x00', 0x0, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) 03:28:52 executing program 1: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8d, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000280)={0x38, 0x2, 0x0, 0x0, 0x8}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f00000041c0)=[{{&(0x7f0000000780)=@xdp, 0x80, &(0x7f0000000b40)=[{&(0x7f0000000800)=""/55, 0x37}], 0x1}, 0x405}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) write$P9_RGETLOCK(r2, &(0x7f00000003c0)=ANY=[@ANYBLOB="350000194e621100000000000000000700f0000000000000cabccf258f89fc6da8c395aa018d83e0c6356c5aded74dc7e99c74d427ae85f25c5b80b95c85957da97fba0896741c3b4a18e6f44167ddbe0c0570d3438eccb779ee1311dcdfdf829060face36020a87829ad8dc6794ba8425204fd2014fcb7feb8c886459fe1c0d6e02cda33131a6a09c45c7436506c7f9e71402c4c9f4a71128e7727ee3582fe45a858994ce3dab322c7846ef0af200", @ANYRES32, @ANYBLOB="17007573657ac1"], 0x35) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x363) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x4000000000000071, 0x0) r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000340)={0x6, 0x0, 0x0, 0x204f}) ioctl$DRM_IOCTL_AGP_FREE(r2, 0x40206435, &(0x7f00000004c0)={0x81, r5, 0x10000, 0x7}) ioctl$SNDRV_PCM_IOCTL_RESUME(r3, 0x4147, 0x0) mount$fuse(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000040)='fuse\x00', 0x0, &(0x7f0000000140)={{'fd', 0x3d, r4}, 0x2c, {'rootmode', 0x3d, 0x807a}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) 03:28:52 executing program 3: openat$adsp1(0xffffffffffffff9c, &(0x7f0000000180)='/dev/adsp1\x00', 0x0, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) 03:28:52 executing program 4: openat$adsp1(0xffffffffffffff9c, &(0x7f0000000180)='/dev/adsp1\x00', 0x0, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1) dup(r2) ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f0000000300)={0x2, 0x0, @ioapic={0x0, 0x0, 0x0, 0x7fff, 0x0, [{0x0, 0x2}]}}) 03:28:52 executing program 5: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8d, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000280)={0x38, 0x2, 0x0, 0x0, 0x8}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f00000041c0)=[{{&(0x7f0000000780)=@xdp, 0x80, &(0x7f0000000b40)=[{&(0x7f0000000800)=""/55, 0x37}], 0x1}, 0x405}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) write$P9_RGETLOCK(r2, &(0x7f00000003c0)=ANY=[@ANYBLOB="350000194e621100000000000000000700f0000000000000cabccf258f89fc6da8c395aa018d83e0c6356c5aded74dc7e99c74d427ae85f25c5b80b95c85957da97fba0896741c3b4a18e6f44167ddbe0c0570d3438eccb779ee1311dcdfdf829060face36020a87829ad8dc6794ba8425204fd2014fcb7feb8c886459fe1c0d6e02cda33131a6a09c45c7436506c7f9e71402c4c9f4a71128e7727ee3582fe45a858994ce3dab322c7846ef0af200", @ANYRES32, @ANYBLOB="17007573657ac194ca"], 0x35) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x363) perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x7e, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000380)}, 0x9000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x4000000000000071, 0x0) r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000340)={0x6, 0x0, 0x0, 0x204f}) ioctl$DRM_IOCTL_AGP_FREE(0xffffffffffffffff, 0x40206435, &(0x7f00000004c0)={0x81, r5, 0x10000, 0x7}) ioctl$SNDRV_PCM_IOCTL_RESUME(r3, 0x4147, 0x0) mount$fuse(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000040)='fuse\x00', 0x0, &(0x7f0000000140)={{'fd', 0x3d, r4}, 0x2c, {'rootmode', 0x3d, 0x807a}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) 03:28:52 executing program 0: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8d, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000280)={0x38, 0x2, 0x0, 0x0, 0x8}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f00000041c0)=[{{&(0x7f0000000780)=@xdp, 0x80, &(0x7f0000000b40)=[{&(0x7f0000000800)=""/55, 0x37}], 0x1}, 0x405}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) write$P9_RGETLOCK(r2, &(0x7f00000003c0)=ANY=[@ANYBLOB="350000194e621100000000000000000700f0000000000000cabccf258f89fc6da8c395aa018d83e0c6356c5aded74dc7e99c74d427ae85f25c5b80b95c85957da97fba0896741c3b4a18e6f44167ddbe0c0570d3438eccb779ee1311dcdfdf829060face36020a87829ad8dc6794ba8425204fd2014fcb7feb8c886459fe1c0d6e02cda33131a6a09c45c7436506c7f9e71402c4c9f4a71128e7727ee3582fe45a858994ce3dab322c7846ef0af200", @ANYRES32, @ANYBLOB="17007573657ac1"], 0x35) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x7e, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000380)}, 0x9000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x4000000000000071, 0x0) r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000340)={0x6, 0x0, 0x0, 0x204f}) ioctl$DRM_IOCTL_AGP_FREE(r2, 0x40206435, &(0x7f00000004c0)={0x81, r5, 0x10000, 0x7}) ioctl$SNDRV_PCM_IOCTL_RESUME(r3, 0x4147, 0x0) mount$fuse(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000040)='fuse\x00', 0x0, &(0x7f0000000140)={{'fd', 0x3d, r4}, 0x2c, {'rootmode', 0x3d, 0x807a}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) 03:28:52 executing program 2: openat$adsp1(0xffffffffffffff9c, &(0x7f0000000180)='/dev/adsp1\x00', 0x0, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) 03:28:53 executing program 3: openat$adsp1(0xffffffffffffff9c, &(0x7f0000000180)='/dev/adsp1\x00', 0x0, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) 03:28:53 executing program 4: openat$adsp1(0xffffffffffffff9c, &(0x7f0000000180)='/dev/adsp1\x00', 0x0, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f0000000300)={0x2, 0x0, @ioapic={0x0, 0x0, 0x0, 0x7fff, 0x0, [{0x0, 0x2}]}}) 03:28:53 executing program 0: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8d, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000280)={0x38, 0x2, 0x0, 0x0, 0x8}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f00000041c0)=[{{&(0x7f0000000780)=@xdp, 0x80, &(0x7f0000000b40)=[{&(0x7f0000000800)=""/55, 0x37}], 0x1}, 0x405}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) write$P9_RGETLOCK(r2, &(0x7f00000003c0)=ANY=[@ANYBLOB="350000194e621100000000000000000700f0000000000000cabccf258f89fc6da8c395aa018d83e0c6356c5aded74dc7e99c74d427ae85f25c5b80b95c85957da97fba0896741c3b4a18e6f44167ddbe0c0570d3438eccb779ee1311dcdfdf829060face36020a87829ad8dc6794ba8425204fd2014fcb7feb8c886459fe1c0d6e02cda33131a6a09c45c7436506c7f9e71402c4c9f4a71128e7727ee3582fe45a858994ce3dab322c7846ef0af200", @ANYRES32, @ANYBLOB="17007573657ac1"], 0x35) mkdir(&(0x7f00000000c0)='./file0\x00', 0x363) perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x7e, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000380)}, 0x9000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x4000000000000071, 0x0) r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000340)={0x6, 0x0, 0x0, 0x204f}) ioctl$DRM_IOCTL_AGP_FREE(r2, 0x40206435, &(0x7f00000004c0)={0x81, r5, 0x10000, 0x7}) ioctl$SNDRV_PCM_IOCTL_RESUME(r3, 0x4147, 0x0) mount$fuse(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000040)='fuse\x00', 0x0, &(0x7f0000000140)={{'fd', 0x3d, r4}, 0x2c, {'rootmode', 0x3d, 0x807a}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) 03:28:53 executing program 1: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8d, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000280)={0x38, 0x2, 0x0, 0x0, 0x8}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f00000041c0)=[{{&(0x7f0000000780)=@xdp, 0x80, &(0x7f0000000b40)=[{&(0x7f0000000800)=""/55, 0x37}], 0x1}, 0x405}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) write$P9_RGETLOCK(r2, &(0x7f00000003c0)=ANY=[@ANYBLOB="350000194e621100000000000000000700f0000000000000cabccf258f89fc6da8c395aa018d83e0c6356c5aded74dc7e99c74d427ae85f25c5b80b95c85957da97fba0896741c3b4a18e6f44167ddbe0c0570d3438eccb779ee1311dcdfdf829060face36020a87829ad8dc6794ba8425204fd2014fcb7feb8c886459fe1c0d6e02cda33131a6a09c45c7436506c7f9e71402c4c9f4a71128e7727ee3582fe45a858994ce3dab322c7846ef0af200", @ANYRES32, @ANYBLOB="17007573657ac1"], 0x35) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x363) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x4000000000000071, 0x0) r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000340)={0x6, 0x0, 0x0, 0x204f}) ioctl$DRM_IOCTL_AGP_FREE(r2, 0x40206435, &(0x7f00000004c0)={0x81, r5, 0x10000, 0x7}) ioctl$SNDRV_PCM_IOCTL_RESUME(r3, 0x4147, 0x0) mount$fuse(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000040)='fuse\x00', 0x0, &(0x7f0000000140)={{'fd', 0x3d, r4}, 0x2c, {'rootmode', 0x3d, 0x807a}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) 03:28:53 executing program 5: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8d, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000280)={0x38, 0x2, 0x0, 0x0, 0x8}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f00000041c0)=[{{&(0x7f0000000780)=@xdp, 0x80, &(0x7f0000000b40)=[{&(0x7f0000000800)=""/55, 0x37}], 0x1}, 0x405}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) write$P9_RGETLOCK(r2, &(0x7f00000003c0)=ANY=[@ANYBLOB="350000194e621100000000000000000700f0000000000000cabccf258f89fc6da8c395aa018d83e0c6356c5aded74dc7e99c74d427ae85f25c5b80b95c85957da97fba0896741c3b4a18e6f44167ddbe0c0570d3438eccb779ee1311dcdfdf829060face36020a87829ad8dc6794ba8425204fd2014fcb7feb8c886459fe1c0d6e02cda33131a6a09c45c7436506c7f9e71402c4c9f4a71128e7727ee3582fe45a858994ce3dab322c7846ef0af200", @ANYRES32, @ANYBLOB="17007573657ac194ca"], 0x35) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x363) perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x7e, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000380)}, 0x9000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x4000000000000071, 0x0) r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000340)={0x6, 0x0, 0x0, 0x204f}) ioctl$DRM_IOCTL_AGP_FREE(0xffffffffffffffff, 0x40206435, &(0x7f00000004c0)={0x81, r5, 0x10000, 0x7}) ioctl$SNDRV_PCM_IOCTL_RESUME(r3, 0x4147, 0x0) mount$fuse(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000040)='fuse\x00', 0x0, &(0x7f0000000140)={{'fd', 0x3d, r4}, 0x2c, {'rootmode', 0x3d, 0x807a}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) 03:28:53 executing program 2: openat$adsp1(0xffffffffffffff9c, &(0x7f0000000180)='/dev/adsp1\x00', 0x0, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60) ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) 03:28:53 executing program 2: openat$adsp1(0xffffffffffffff9c, &(0x7f0000000180)='/dev/adsp1\x00', 0x0, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60) ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) 03:28:53 executing program 5: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8d, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000280)={0x38, 0x2, 0x0, 0x0, 0x8}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f00000041c0)=[{{&(0x7f0000000780)=@xdp, 0x80, &(0x7f0000000b40)=[{&(0x7f0000000800)=""/55, 0x37}], 0x1}, 0x405}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) write$P9_RGETLOCK(r2, &(0x7f00000003c0)=ANY=[@ANYBLOB="350000194e621100000000000000000700f0000000000000cabccf258f89fc6da8c395aa018d83e0c6356c5aded74dc7e99c74d427ae85f25c5b80b95c85957da97fba0896741c3b4a18e6f44167ddbe0c0570d3438eccb779ee1311dcdfdf829060face36020a87829ad8dc6794ba8425204fd2014fcb7feb8c886459fe1c0d6e02cda33131a6a09c45c7436506c7f9e71402c4c9f4a71128e7727ee3582fe45a858994ce3dab322c7846ef0af200", @ANYRES32, @ANYBLOB="17007573657ac194ca"], 0x35) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x363) perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x7e, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000380)}, 0x9000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x4000000000000071, 0x0) r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000340)={0x6, 0x0, 0x0, 0x204f}) ioctl$DRM_IOCTL_AGP_FREE(r2, 0x40206435, 0x0) ioctl$SNDRV_PCM_IOCTL_RESUME(r3, 0x4147, 0x0) mount$fuse(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000040)='fuse\x00', 0x0, &(0x7f0000000140)={{'fd', 0x3d, r4}, 0x2c, {'rootmode', 0x3d, 0x807a}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) 03:28:53 executing program 1: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8d, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000280)={0x38, 0x2, 0x0, 0x0, 0x8}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f00000041c0)=[{{&(0x7f0000000780)=@xdp, 0x80, &(0x7f0000000b40)=[{&(0x7f0000000800)=""/55, 0x37}], 0x1}, 0x405}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) write$P9_RGETLOCK(r2, &(0x7f00000003c0)=ANY=[@ANYBLOB="350000194e621100000000000000000700f0000000000000cabccf258f89fc6da8c395aa018d83e0c6356c5aded74dc7e99c74d427ae85f25c5b80b95c85957da97fba0896741c3b4a18e6f44167ddbe0c0570d3438eccb779ee1311dcdfdf829060face36020a87829ad8dc6794ba8425204fd2014fcb7feb8c886459fe1c0d6e02cda33131a6a09c45c7436506c7f9e71402c4c9f4a71128e7727ee3582fe45a858994ce3dab322c7846ef0af200", @ANYRES32, @ANYBLOB="17007573657ac1"], 0x35) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x363) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x4000000000000071, 0x0) r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000340)={0x6, 0x0, 0x0, 0x204f}) ioctl$DRM_IOCTL_AGP_FREE(r2, 0x40206435, &(0x7f00000004c0)={0x81, r5, 0x10000, 0x7}) ioctl$SNDRV_PCM_IOCTL_RESUME(r3, 0x4147, 0x0) mount$fuse(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000040)='fuse\x00', 0x0, &(0x7f0000000140)={{'fd', 0x3d, r4}, 0x2c, {'rootmode', 0x3d, 0x807a}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) 03:28:53 executing program 0: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8d, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000280)={0x38, 0x2, 0x0, 0x0, 0x8}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f00000041c0)=[{{&(0x7f0000000780)=@xdp, 0x80, &(0x7f0000000b40)=[{&(0x7f0000000800)=""/55, 0x37}], 0x1}, 0x405}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) write$P9_RGETLOCK(r2, &(0x7f00000003c0)=ANY=[@ANYBLOB="350000194e621100000000000000000700f0000000000000cabccf258f89fc6da8c395aa018d83e0c6356c5aded74dc7e99c74d427ae85f25c5b80b95c85957da97fba0896741c3b4a18e6f44167ddbe0c0570d3438eccb779ee1311dcdfdf829060face36020a87829ad8dc6794ba8425204fd2014fcb7feb8c886459fe1c0d6e02cda33131a6a09c45c7436506c7f9e71402c4c9f4a71128e7727ee3582fe45a858994ce3dab322c7846ef0af200", @ANYRES32, @ANYBLOB="17007573657ac1"], 0x35) mkdir(&(0x7f00000000c0)='./file0\x00', 0x363) perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x7e, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000380)}, 0x9000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x4000000000000071, 0x0) r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000340)={0x6, 0x0, 0x0, 0x204f}) ioctl$DRM_IOCTL_AGP_FREE(r2, 0x40206435, &(0x7f00000004c0)={0x81, r5, 0x10000, 0x7}) ioctl$SNDRV_PCM_IOCTL_RESUME(r3, 0x4147, 0x0) mount$fuse(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000040)='fuse\x00', 0x0, &(0x7f0000000140)={{'fd', 0x3d, r4}, 0x2c, {'rootmode', 0x3d, 0x807a}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) [ 764.665934] syz-executor.3: page allocation failure: order:0, mode:0x14000c4(GFP_KERNEL|GFP_DMA32), nodemask=(null) [ 764.714401] syz-executor.4: page allocation failure: order:0, mode:0x14000c4(GFP_KERNEL|GFP_DMA32), nodemask=(null) 03:28:53 executing program 2: openat$adsp1(0xffffffffffffff9c, &(0x7f0000000180)='/dev/adsp1\x00', 0x0, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60) ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) [ 764.757203] syz-executor.3 cpuset=/ mems_allowed=0-1 [ 764.771821] syz-executor.4 cpuset=/ mems_allowed=0-1 [ 764.788018] CPU: 1 PID: 3628 Comm: syz-executor.4 Not tainted 4.14.184-syzkaller #0 [ 764.795969] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 764.805344] Call Trace: [ 764.807963] dump_stack+0x1b2/0x283 [ 764.811613] warn_alloc.cold+0x96/0x1af [ 764.815592] ? zone_watermark_ok_safe+0x250/0x250 [ 764.820492] ? wait_for_completion_io+0x10/0x10 [ 764.825196] __alloc_pages_nodemask+0x2129/0x2730 [ 764.830086] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 764.834950] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 764.839845] ? do_raw_spin_unlock+0x164/0x250 [ 764.844377] alloc_pages_current+0xe7/0x1e0 [ 764.848863] kvm_mmu_create+0xd1/0x1c0 [ 764.852772] kvm_arch_vcpu_init+0x282/0x890 [ 764.857097] ? alloc_pages_current+0xef/0x1e0 [ 764.861619] kvm_vcpu_init+0x26d/0x360 [ 764.865518] vmx_create_vcpu+0xf5/0x2950 [ 764.869752] ? __mutex_unlock_slowpath+0x75/0x780 [ 764.874603] ? drop_futex_key_refs.isra.0+0x17/0x80 [ 764.879650] ? alloc_loaded_vmcs+0x240/0x240 [ 764.884091] kvm_vm_ioctl+0x4ae/0x1430 [ 764.888033] ? __lock_acquire+0x655/0x42a0 [ 764.892278] ? kvm_vcpu_release+0xa0/0xa0 [ 764.896447] ? trace_hardirqs_on+0x10/0x10 [ 764.900696] ? trace_hardirqs_on+0x10/0x10 [ 764.905061] ? futex_exit_release+0x60/0x60 [ 764.909536] ? __might_fault+0x104/0x1b0 [ 764.913646] ? lock_acquire+0x170/0x3f0 [ 764.917660] ? kvm_vcpu_release+0xa0/0xa0 [ 764.921825] do_vfs_ioctl+0x75a/0xfe0 [ 764.925644] ? selinux_parse_skb.constprop.0+0x16c0/0x16c0 [ 764.931308] ? ioctl_preallocate+0x1a0/0x1a0 [ 764.935767] ? security_file_ioctl+0x76/0xb0 [ 764.940454] ? security_file_ioctl+0x83/0xb0 [ 764.944881] SyS_ioctl+0x7f/0xb0 [ 764.948262] ? do_vfs_ioctl+0xfe0/0xfe0 [ 764.952261] do_syscall_64+0x1d5/0x640 [ 764.956170] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 764.961417] RIP: 0033:0x45cba9 [ 764.964614] RSP: 002b:00007f761ce6bc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 764.972342] RAX: ffffffffffffffda RBX: 00000000004e85c0 RCX: 000000000045cba9 [ 764.979629] RDX: 0000000000000000 RSI: 000000000000ae41 RDI: 0000000000000005 [ 764.986910] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 764.994203] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 765.001514] R13: 00000000000003a3 R14: 00000000004c652f R15: 00007f761ce6c6d4 [ 765.008952] CPU: 0 PID: 3636 Comm: syz-executor.3 Not tainted 4.14.184-syzkaller #0 [ 765.016789] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 765.026161] Call Trace: [ 765.028768] dump_stack+0x1b2/0x283 [ 765.032420] warn_alloc.cold+0x96/0x1af [ 765.036409] ? zone_watermark_ok_safe+0x250/0x250 [ 765.041283] ? wait_for_completion_io+0x10/0x10 [ 765.045986] __alloc_pages_nodemask+0x2129/0x2730 [ 765.050870] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 765.055758] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 765.060641] ? do_raw_spin_unlock+0x164/0x250 [ 765.065175] alloc_pages_current+0xe7/0x1e0 [ 765.069552] kvm_mmu_create+0xd1/0x1c0 [ 765.073460] kvm_arch_vcpu_init+0x282/0x890 [ 765.077790] ? alloc_pages_current+0xef/0x1e0 [ 765.082296] kvm_vcpu_init+0x26d/0x360 [ 765.086202] vmx_create_vcpu+0xf5/0x2950 [ 765.090288] ? __mutex_unlock_slowpath+0x75/0x780 [ 765.095185] ? drop_futex_key_refs.isra.0+0x17/0x80 [ 765.100242] ? alloc_loaded_vmcs+0x240/0x240 [ 765.104683] kvm_vm_ioctl+0x4ae/0x1430 [ 765.108615] ? __lock_acquire+0x655/0x42a0 [ 765.112907] ? kvm_vcpu_release+0xa0/0xa0 [ 765.117074] ? trace_hardirqs_on+0x10/0x10 [ 765.121342] ? trace_hardirqs_on+0x10/0x10 [ 765.125607] ? futex_exit_release+0x60/0x60 [ 765.129955] ? __might_fault+0x104/0x1b0 [ 765.134038] ? lock_acquire+0x170/0x3f0 [ 765.138029] ? kvm_vcpu_release+0xa0/0xa0 [ 765.142994] do_vfs_ioctl+0x75a/0xfe0 [ 765.146818] ? selinux_parse_skb.constprop.0+0x16c0/0x16c0 [ 765.152465] ? ioctl_preallocate+0x1a0/0x1a0 03:28:54 executing program 1: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8d, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000280)={0x38, 0x2, 0x0, 0x0, 0x8}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f00000041c0)=[{{&(0x7f0000000780)=@xdp, 0x80, &(0x7f0000000b40)=[{&(0x7f0000000800)=""/55, 0x37}], 0x1}, 0x405}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) write$P9_RGETLOCK(r2, &(0x7f00000003c0)=ANY=[@ANYBLOB="350000194e621100000000000000000700f0000000000000cabccf258f89fc6da8c395aa018d83e0c6356c5aded74dc7e99c74d427ae85f25c5b80b95c85957da97fba0896741c3b4a18e6f44167ddbe0c0570d3438eccb779ee1311dcdfdf829060face36020a87829ad8dc6794ba8425204fd2014fcb7feb8c886459fe1c0d6e02cda33131a6a09c45c7436506c7f9e71402c4c9f4a71128e7727ee3582fe45a858994ce3dab322c7846ef0af200", @ANYRES32, @ANYBLOB="17007573657ac194ca"], 0x35) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x363) perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x7e, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000380)}, 0x9000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x4000000000000071, 0x0) r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000340)={0x6, 0x0, 0x0, 0x204f}) ioctl$DRM_IOCTL_AGP_FREE(0xffffffffffffffff, 0x40206435, &(0x7f00000004c0)={0x81, r5, 0x10000, 0x7}) ioctl$SNDRV_PCM_IOCTL_RESUME(r3, 0x4147, 0x0) mount$fuse(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000040)='fuse\x00', 0x0, &(0x7f0000000140)={{'fd', 0x3d, r4}, 0x2c, {'rootmode', 0x3d, 0x807a}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) [ 765.156908] ? security_file_ioctl+0x76/0xb0 [ 765.161343] ? security_file_ioctl+0x83/0xb0 [ 765.165775] SyS_ioctl+0x7f/0xb0 [ 765.169151] ? do_vfs_ioctl+0xfe0/0xfe0 [ 765.173163] do_syscall_64+0x1d5/0x640 [ 765.177081] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 765.182310] RIP: 0033:0x45cba9 [ 765.185517] RSP: 002b:00007f07f91fbc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 765.193536] RAX: ffffffffffffffda RBX: 00000000004e85c0 RCX: 000000000045cba9 [ 765.200836] RDX: 0000000000000000 RSI: 000000000000ae41 RDI: 0000000000000004 [ 765.208123] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 765.215437] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 765.222730] R13: 00000000000003a3 R14: 00000000004c652f R15: 00007f07f91fc6d4 [ 765.498458] Mem-Info: [ 765.501113] active_anon:1012885 inactive_anon:4039 isolated_anon:0 [ 765.501113] active_file:3860 inactive_file:7433 isolated_file:0 [ 765.501113] unevictable:0 dirty:69 writeback:0 unstable:0 [ 765.501113] slab_reclaimable:16022 slab_unreclaimable:138482 [ 765.501113] mapped:58140 shmem:4200 pagetables:29761 bounce:0 [ 765.501113] free:299460 free_pcp:465 free_cma:0 [ 765.556428] Node 0 active_anon:1914360kB inactive_anon:16128kB active_file:24kB inactive_file:8kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:212848kB dirty:8kB writeback:0kB shmem:16772kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 1445888kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 765.598762] Node 1 active_anon:2135980kB inactive_anon:28kB active_file:15416kB inactive_file:29724kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:19712kB dirty:268kB writeback:0kB shmem:28kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no 03:28:54 executing program 3: openat$adsp1(0xffffffffffffff9c, &(0x7f0000000180)='/dev/adsp1\x00', 0x0, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) [ 765.629290] Node 0 DMA free:10400kB min:220kB low:272kB high:324kB active_anon:4344kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:4kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 765.666116] lowmem_reserve[]: 0 2559 2559 2559 2559 [ 765.666144] Node 0 DMA32 free:36268kB min:36296kB low:45368kB high:54440kB active_anon:1910016kB inactive_anon:16128kB active_file:24kB inactive_file:8kB unevictable:0kB writepending:8kB present:3129332kB managed:2623992kB mlocked:0kB kernel_stack:12512kB pagetables:45736kB bounce:0kB free_pcp:664kB local_pcp:436kB free_cma:0kB [ 765.666173] lowmem_reserve[]: 0 0 0 0 0 [ 765.666205] Node 0 Normal free:0kB min:0kB low:0kB high:0kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:0kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 765.666229] lowmem_reserve[]: 0 0 0 0 0 [ 765.666251] Node 1 Normal free:1151996kB min:53592kB low:66988kB high:80384kB active_anon:2135980kB inactive_anon:28kB active_file:15416kB inactive_file:29724kB unevictable:0kB writepending:316kB present:3932160kB managed:3870192kB mlocked:0kB kernel_stack:30080kB pagetables:73156kB bounce:0kB free_pcp:1284kB local_pcp:684kB free_cma:0kB [ 765.666277] lowmem_reserve[]: 0 0 0 0 0 [ 765.666299] Node 0 DMA: 4*4kB (M) 10*8kB (UM) 2*16kB (UM) 5*32kB (UM) 2*64kB (UM) 2*128kB (UM) 0*256kB 1*512kB (M) 1*1024kB (M) 0*2048kB 2*4096kB (ME) = 10400kB [ 765.666381] Node 0 DMA32: 261*4kB (UME) 386*8kB (UME) 64*16kB (UME) 24*32kB (UME) 57*64kB (M) 39*128kB (UME) 27*256kB (UME) 13*512kB (UM) 8*1024kB (ME) 0*2048kB 0*4096kB = 36324kB [ 765.666465] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 765.666519] Node 1 Normal: 507*4kB (UME) 240*8kB (UME) 828*16kB (UM) 110*32kB (UME) 26*64kB (UME) 14*128kB (UME) 12*256kB (ME) 9*512kB (ME) 2*1024kB (M) 6*2048kB (UME) 270*4096kB (M) = 1152108kB [ 765.666612] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 765.666620] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 765.666627] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 765.666634] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 765.666639] 12374 total pagecache pages [ 765.666650] 0 pages in swap cache [ 765.666656] Swap cache stats: add 0, delete 0, find 0/0 [ 765.666660] Free swap = 0kB [ 765.666664] Total swap = 0kB [ 765.666670] 1965979 pages RAM 03:28:55 executing program 4: openat$adsp1(0xffffffffffffff9c, &(0x7f0000000180)='/dev/adsp1\x00', 0x0, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f0000000300)={0x2, 0x0, @ioapic={0x0, 0x0, 0x0, 0x7fff, 0x0, [{0x0, 0x2}]}}) 03:28:55 executing program 5: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8d, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000280)={0x38, 0x2, 0x0, 0x0, 0x8}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f00000041c0)=[{{&(0x7f0000000780)=@xdp, 0x80, &(0x7f0000000b40)=[{&(0x7f0000000800)=""/55, 0x37}], 0x1}, 0x405}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) write$P9_RGETLOCK(r2, &(0x7f00000003c0)=ANY=[@ANYBLOB="350000194e621100000000000000000700f0000000000000cabccf258f89fc6da8c395aa018d83e0c6356c5aded74dc7e99c74d427ae85f25c5b80b95c85957da97fba0896741c3b4a18e6f44167ddbe0c0570d3438eccb779ee1311dcdfdf829060face36020a87829ad8dc6794ba8425204fd2014fcb7feb8c886459fe1c0d6e02cda33131a6a09c45c7436506c7f9e71402c4c9f4a71128e7727ee3582fe45a858994ce3dab322c7846ef0af200", @ANYRES32, @ANYBLOB="17007573657ac194ca"], 0x35) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x363) perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x7e, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000380)}, 0x9000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x4000000000000071, 0x0) r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000340)={0x6, 0x0, 0x0, 0x204f}) ioctl$DRM_IOCTL_AGP_FREE(r2, 0x40206435, 0x0) ioctl$SNDRV_PCM_IOCTL_RESUME(r3, 0x4147, 0x0) mount$fuse(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000040)='fuse\x00', 0x0, &(0x7f0000000140)={{'fd', 0x3d, r4}, 0x2c, {'rootmode', 0x3d, 0x807a}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) 03:28:55 executing program 0: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8d, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000280)={0x38, 0x2, 0x0, 0x0, 0x8}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f00000041c0)=[{{&(0x7f0000000780)=@xdp, 0x80, &(0x7f0000000b40)=[{&(0x7f0000000800)=""/55, 0x37}], 0x1}, 0x405}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) write$P9_RGETLOCK(r2, &(0x7f00000003c0)=ANY=[@ANYBLOB="350000194e621100000000000000000700f0000000000000cabccf258f89fc6da8c395aa018d83e0c6356c5aded74dc7e99c74d427ae85f25c5b80b95c85957da97fba0896741c3b4a18e6f44167ddbe0c0570d3438eccb779ee1311dcdfdf829060face36020a87829ad8dc6794ba8425204fd2014fcb7feb8c886459fe1c0d6e02cda33131a6a09c45c7436506c7f9e71402c4c9f4a71128e7727ee3582fe45a858994ce3dab322c7846ef0af200", @ANYRES32, @ANYBLOB="17007573657ac1"], 0x35) mkdir(&(0x7f00000000c0)='./file0\x00', 0x363) perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x7e, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000380)}, 0x9000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x4000000000000071, 0x0) r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000340)={0x6, 0x0, 0x0, 0x204f}) ioctl$DRM_IOCTL_AGP_FREE(r2, 0x40206435, &(0x7f00000004c0)={0x81, r5, 0x10000, 0x7}) ioctl$SNDRV_PCM_IOCTL_RESUME(r3, 0x4147, 0x0) mount$fuse(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000040)='fuse\x00', 0x0, &(0x7f0000000140)={{'fd', 0x3d, r4}, 0x2c, {'rootmode', 0x3d, 0x807a}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) 03:28:55 executing program 2: openat$adsp1(0xffffffffffffff9c, &(0x7f0000000180)='/dev/adsp1\x00', 0x0, 0x0) r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r0, 0xae60) ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) 03:28:55 executing program 1: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8d, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000280)={0x38, 0x2, 0x0, 0x0, 0x8}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f00000041c0)=[{{&(0x7f0000000780)=@xdp, 0x80, &(0x7f0000000b40)=[{&(0x7f0000000800)=""/55, 0x37}], 0x1}, 0x405}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) write$P9_RGETLOCK(r2, &(0x7f00000003c0)=ANY=[@ANYBLOB="350000194e621100000000000000000700f0000000000000cabccf258f89fc6da8c395aa018d83e0c6356c5aded74dc7e99c74d427ae85f25c5b80b95c85957da97fba0896741c3b4a18e6f44167ddbe0c0570d3438eccb779ee1311dcdfdf829060face36020a87829ad8dc6794ba8425204fd2014fcb7feb8c886459fe1c0d6e02cda33131a6a09c45c7436506c7f9e71402c4c9f4a71128e7727ee3582fe45a858994ce3dab322c7846ef0af200", @ANYRES32, @ANYBLOB="17007573657ac194ca"], 0x35) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x363) perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x7e, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000380)}, 0x9000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x4000000000000071, 0x0) r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000340)={0x6, 0x0, 0x0, 0x204f}) ioctl$DRM_IOCTL_AGP_FREE(0xffffffffffffffff, 0x40206435, &(0x7f00000004c0)={0x81, r5, 0x10000, 0x7}) ioctl$SNDRV_PCM_IOCTL_RESUME(r3, 0x4147, 0x0) mount$fuse(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000040)='fuse\x00', 0x0, &(0x7f0000000140)={{'fd', 0x3d, r4}, 0x2c, {'rootmode', 0x3d, 0x807a}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) [ 765.666674] 0 pages HighMem/MovableOnly [ 765.666678] 338456 pages reserved [ 765.666681] 0 pages cma reserved 03:28:55 executing program 3: openat$adsp1(0xffffffffffffff9c, &(0x7f0000000180)='/dev/adsp1\x00', 0x0, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f0000000300)={0x2, 0x0, @ioapic={0x0, 0x0, 0x0, 0x7fff, 0x0, [{0x0, 0x2}]}}) 03:28:55 executing program 2: openat$adsp1(0xffffffffffffff9c, &(0x7f0000000180)='/dev/adsp1\x00', 0x0, 0x0) r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r0, 0xae60) ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) 03:28:55 executing program 3: r0 = socket$inet(0x2b, 0x1, 0x0) bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e23, @multicast2}, 0x31) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8933, &(0x7f0000000080)={'batadv0\x00'}) 03:28:55 executing program 0: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8d, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000280)={0x38, 0x2, 0x0, 0x0, 0x8}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f00000041c0)=[{{&(0x7f0000000780)=@xdp, 0x80, &(0x7f0000000b40)=[{&(0x7f0000000800)=""/55, 0x37}], 0x1}, 0x405}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x363) perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x7e, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000380)}, 0x9000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x4000000000000071, 0x0) r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000340)={0x6, 0x0, 0x0, 0x204f}) ioctl$DRM_IOCTL_AGP_FREE(r2, 0x40206435, &(0x7f00000004c0)={0x81, r5, 0x10000, 0x7}) ioctl$SNDRV_PCM_IOCTL_RESUME(r3, 0x4147, 0x0) mount$fuse(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000040)='fuse\x00', 0x0, &(0x7f0000000140)={{'fd', 0x3d, r4}, 0x2c, {'rootmode', 0x3d, 0x807a}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) 03:28:55 executing program 5: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8d, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000280)={0x38, 0x2, 0x0, 0x0, 0x8}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f00000041c0)=[{{&(0x7f0000000780)=@xdp, 0x80, &(0x7f0000000b40)=[{&(0x7f0000000800)=""/55, 0x37}], 0x1}, 0x405}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) write$P9_RGETLOCK(r2, &(0x7f00000003c0)=ANY=[@ANYBLOB="350000194e621100000000000000000700f0000000000000cabccf258f89fc6da8c395aa018d83e0c6356c5aded74dc7e99c74d427ae85f25c5b80b95c85957da97fba0896741c3b4a18e6f44167ddbe0c0570d3438eccb779ee1311dcdfdf829060face36020a87829ad8dc6794ba8425204fd2014fcb7feb8c886459fe1c0d6e02cda33131a6a09c45c7436506c7f9e71402c4c9f4a71128e7727ee3582fe45a858994ce3dab322c7846ef0af200", @ANYRES32, @ANYBLOB="17007573657ac194ca"], 0x35) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x363) perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x7e, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000380)}, 0x9000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x4000000000000071, 0x0) r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000340)={0x6, 0x0, 0x0, 0x204f}) ioctl$DRM_IOCTL_AGP_FREE(r2, 0x40206435, 0x0) ioctl$SNDRV_PCM_IOCTL_RESUME(r3, 0x4147, 0x0) mount$fuse(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000040)='fuse\x00', 0x0, &(0x7f0000000140)={{'fd', 0x3d, r4}, 0x2c, {'rootmode', 0x3d, 0x807a}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) 03:28:55 executing program 4: openat$adsp1(0xffffffffffffff9c, &(0x7f0000000180)='/dev/adsp1\x00', 0x0, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f0000000300)={0x2, 0x0, @ioapic={0x0, 0x0, 0x0, 0x7fff, 0x0, [{0x0, 0x2}]}}) 03:28:55 executing program 2: openat$adsp1(0xffffffffffffff9c, &(0x7f0000000180)='/dev/adsp1\x00', 0x0, 0x0) r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r0, 0xae60) ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) 03:28:55 executing program 1: r0 = socket$inet(0x2b, 0x1, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f0000000240)={0x1, 0x0, [{0x7, 0xffffffff, 0xd5d5, 0x0, 0x1ff}]}) bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e23, @multicast2}, 0x31) connect$inet(r0, &(0x7f0000000100)={0x2, 0x4e23, @local}, 0x10) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) dup(r1) ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000080)={'team0\x00'}) 03:28:55 executing program 3: r0 = socket$inet(0x2b, 0x1, 0x0) bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e23, @multicast2}, 0x31) connect$inet(r0, &(0x7f0000000100)={0x2, 0x4e23, @local}, 0x10) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8933, &(0x7f0000000080)={'batadv0\x00'}) 03:28:55 executing program 5: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8d, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000280)={0x38, 0x2, 0x0, 0x0, 0x8}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f00000041c0)=[{{&(0x7f0000000780)=@xdp, 0x80, &(0x7f0000000b40)=[{&(0x7f0000000800)=""/55, 0x37}], 0x1}, 0x405}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) write$P9_RGETLOCK(r2, &(0x7f00000003c0)=ANY=[@ANYBLOB="350000194e621100000000000000000700f0000000000000cabccf258f89fc6da8c395aa018d83e0c6356c5aded74dc7e99c74d427ae85f25c5b80b95c85957da97fba0896741c3b4a18e6f44167ddbe0c0570d3438eccb779ee1311dcdfdf829060face36020a87829ad8dc6794ba8425204fd2014fcb7feb8c886459fe1c0d6e02cda33131a6a09c45c7436506c7f9e71402c4c9f4a71128e7727ee3582fe45a858994ce3dab322c7846ef0af200", @ANYRES32, @ANYBLOB="17007573657ac194ca"], 0x35) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x363) perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x7e, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000380)}, 0x9000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x4000000000000071, 0x0) r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000340)={0x6, 0x0, 0x0, 0x204f}) ioctl$DRM_IOCTL_AGP_FREE(r2, 0x40206435, &(0x7f00000004c0)={0x0, r5, 0x10000, 0x7}) ioctl$SNDRV_PCM_IOCTL_RESUME(r3, 0x4147, 0x0) mount$fuse(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000040)='fuse\x00', 0x0, &(0x7f0000000140)={{'fd', 0x3d, r4}, 0x2c, {'rootmode', 0x3d, 0x807a}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) 03:28:55 executing program 4: openat$adsp1(0xffffffffffffff9c, &(0x7f0000000180)='/dev/adsp1\x00', 0x0, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r2 = dup(0xffffffffffffffff) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f0000000300)={0x2, 0x0, @ioapic={0x0, 0x0, 0x0, 0x7fff, 0x0, [{0x0, 0x2}]}}) 03:28:55 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) 03:28:55 executing program 0: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8d, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000280)={0x38, 0x2, 0x0, 0x0, 0x8}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f00000041c0)=[{{&(0x7f0000000780)=@xdp, 0x80, &(0x7f0000000b40)=[{&(0x7f0000000800)=""/55, 0x37}], 0x1}, 0x405}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x363) perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x7e, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000380)}, 0x9000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x4000000000000071, 0x0) r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000340)={0x6, 0x0, 0x0, 0x204f}) ioctl$DRM_IOCTL_AGP_FREE(r2, 0x40206435, &(0x7f00000004c0)={0x81, r5, 0x10000, 0x7}) ioctl$SNDRV_PCM_IOCTL_RESUME(r3, 0x4147, 0x0) mount$fuse(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000040)='fuse\x00', 0x0, &(0x7f0000000140)={{'fd', 0x3d, r4}, 0x2c, {'rootmode', 0x3d, 0x807a}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) 03:28:55 executing program 3: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8d, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000280)={0x38, 0x2, 0x0, 0x0, 0x8}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f00000041c0)=[{{&(0x7f0000000780)=@xdp, 0x80, &(0x7f0000000b40)=[{&(0x7f0000000800)=""/55, 0x37}], 0x1}, 0x405}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x363) perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x7e, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000380)}, 0x9000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x4000000000000071, 0x0) r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000340)={0x6, 0x0, 0x0, 0x204f}) ioctl$DRM_IOCTL_AGP_FREE(r2, 0x40206435, &(0x7f00000004c0)={0x81, r5, 0x10000, 0x7}) ioctl$SNDRV_PCM_IOCTL_RESUME(r3, 0x4147, 0x0) mount$fuse(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000040)='fuse\x00', 0x0, &(0x7f0000000140)={{'fd', 0x3d, r4}, 0x2c, {'rootmode', 0x3d, 0x807a}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) 03:28:56 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) 03:28:56 executing program 4: openat$adsp1(0xffffffffffffff9c, &(0x7f0000000180)='/dev/adsp1\x00', 0x0, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r2 = dup(0xffffffffffffffff) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f0000000300)={0x2, 0x0, @ioapic={0x0, 0x0, 0x0, 0x7fff, 0x0, [{0x0, 0x2}]}}) 03:28:56 executing program 3: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8d, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000280)={0x38, 0x2, 0x0, 0x0, 0x8}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f00000041c0)=[{{&(0x7f0000000780)=@xdp, 0x80, &(0x7f0000000b40)=[{&(0x7f0000000800)=""/55, 0x37}], 0x1}, 0x405}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x363) perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x7e, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000380)}, 0x9000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x4000000000000071, 0x0) r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000340)={0x6, 0x0, 0x0, 0x204f}) ioctl$DRM_IOCTL_AGP_FREE(r2, 0x40206435, &(0x7f00000004c0)={0x81, r5, 0x10000, 0x7}) ioctl$SNDRV_PCM_IOCTL_RESUME(r3, 0x4147, 0x0) mount$fuse(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000040)='fuse\x00', 0x0, &(0x7f0000000140)={{'fd', 0x3d, r4}, 0x2c, {'rootmode', 0x3d, 0x807a}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) 03:28:56 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) 03:28:56 executing program 5: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8d, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000280)={0x38, 0x2, 0x0, 0x0, 0x8}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f00000041c0)=[{{&(0x7f0000000780)=@xdp, 0x80, &(0x7f0000000b40)=[{&(0x7f0000000800)=""/55, 0x37}], 0x1}, 0x405}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) write$P9_RGETLOCK(r2, &(0x7f00000003c0)=ANY=[@ANYBLOB="350000194e621100000000000000000700f0000000000000cabccf258f89fc6da8c395aa018d83e0c6356c5aded74dc7e99c74d427ae85f25c5b80b95c85957da97fba0896741c3b4a18e6f44167ddbe0c0570d3438eccb779ee1311dcdfdf829060face36020a87829ad8dc6794ba8425204fd2014fcb7feb8c886459fe1c0d6e02cda33131a6a09c45c7436506c7f9e71402c4c9f4a71128e7727ee3582fe45a858994ce3dab322c7846ef0af200", @ANYRES32, @ANYBLOB="17007573657ac194ca"], 0x35) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x363) perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x7e, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000380)}, 0x9000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x4000000000000071, 0x0) r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000340)={0x6, 0x0, 0x0, 0x204f}) ioctl$DRM_IOCTL_AGP_FREE(r2, 0x40206435, &(0x7f00000004c0)={0x0, r5, 0x10000, 0x7}) ioctl$SNDRV_PCM_IOCTL_RESUME(r3, 0x4147, 0x0) mount$fuse(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000040)='fuse\x00', 0x0, &(0x7f0000000140)={{'fd', 0x3d, r4}, 0x2c, {'rootmode', 0x3d, 0x807a}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) 03:28:56 executing program 1: r0 = socket$inet(0x2b, 0x1, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f0000000240)={0x1, 0x0, [{0x7, 0xffffffff, 0xd5d5, 0x0, 0x1ff}]}) bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e23, @multicast2}, 0x31) connect$inet(r0, &(0x7f0000000100)={0x2, 0x4e23, @local}, 0x10) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) dup(r1) ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000080)={'team0\x00'}) 03:28:56 executing program 0: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8d, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000280)={0x38, 0x2, 0x0, 0x0, 0x8}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f00000041c0)=[{{&(0x7f0000000780)=@xdp, 0x80, &(0x7f0000000b40)=[{&(0x7f0000000800)=""/55, 0x37}], 0x1}, 0x405}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x363) perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x7e, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000380)}, 0x9000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x4000000000000071, 0x0) r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000340)={0x6, 0x0, 0x0, 0x204f}) ioctl$DRM_IOCTL_AGP_FREE(r2, 0x40206435, &(0x7f00000004c0)={0x81, r5, 0x10000, 0x7}) ioctl$SNDRV_PCM_IOCTL_RESUME(r3, 0x4147, 0x0) mount$fuse(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000040)='fuse\x00', 0x0, &(0x7f0000000140)={{'fd', 0x3d, r4}, 0x2c, {'rootmode', 0x3d, 0x807a}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) 03:28:56 executing program 3: r0 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000180)='/dev/adsp1\x00', 0x0, 0x0) ioctl$SNDCTL_DSP_SETTRIGGER(0xffffffffffffffff, 0x40045010, &(0x7f00000000c0)=0x10001) ioctl$SNDCTL_DSP_CHANNELS(r0, 0xc0045006, &(0x7f0000000040)=0x27) read$dsp(r0, &(0x7f0000000240)=""/165, 0xa5) getpid() sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x2, 0x0, 0x0, 0x8}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f00000041c0)=[{{0x0, 0x0, &(0x7f0000000b40)=[{0x0}], 0x1, &(0x7f0000000bc0)=""/98, 0x62}}], 0x1, 0x0, 0x0) pause() pipe(&(0x7f0000000300)) openat$audio(0xffffffffffffff9c, &(0x7f0000000100)='/dev/audio\x00', 0x8000, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) fcntl$setpipe(r3, 0x407, 0x0) ioctl$UFFDIO_WAKE(0xffffffffffffffff, 0x8010aa02, &(0x7f00000001c0)={&(0x7f0000ff9000/0x4000)=nil, 0x4000}) vmsplice(0xffffffffffffffff, &(0x7f0000000000)=[{0x0}], 0x1, 0x0) write$P9_RGETLOCK(0xffffffffffffffff, &(0x7f0000000540)=ANY=[], 0x35) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x0, 0x3}, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) [ 767.675697] syz-executor.4: page allocation failure: order:0, mode:0x14000c4(GFP_KERNEL|GFP_DMA32), nodemask=(null) [ 767.725610] syz-executor.4 cpuset=/ mems_allowed=0-1 [ 767.768543] CPU: 0 PID: 3825 Comm: syz-executor.4 Not tainted 4.14.184-syzkaller #0 [ 767.776430] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 767.785822] Call Trace: [ 767.788423] dump_stack+0x1b2/0x283 [ 767.792206] warn_alloc.cold+0x96/0x1af [ 767.796288] ? zone_watermark_ok_safe+0x250/0x250 [ 767.801177] ? wait_for_completion_io+0x10/0x10 [ 767.805866] __alloc_pages_nodemask+0x2129/0x2730 [ 767.810780] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 767.815664] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 767.820729] ? do_raw_spin_unlock+0x164/0x250 [ 767.825251] alloc_pages_current+0xe7/0x1e0 [ 767.829662] kvm_mmu_create+0xd1/0x1c0 [ 767.833580] kvm_arch_vcpu_init+0x282/0x890 [ 767.837919] ? alloc_pages_current+0xef/0x1e0 [ 767.842436] kvm_vcpu_init+0x26d/0x360 [ 767.846352] vmx_create_vcpu+0xf5/0x2950 [ 767.850437] ? __mutex_unlock_slowpath+0x75/0x780 [ 767.855296] ? drop_futex_key_refs.isra.0+0x17/0x80 [ 767.860342] ? alloc_loaded_vmcs+0x240/0x240 [ 767.864781] kvm_vm_ioctl+0x4ae/0x1430 [ 767.868698] ? __lock_acquire+0x655/0x42a0 [ 767.872959] ? kvm_vcpu_release+0xa0/0xa0 [ 767.877321] ? trace_hardirqs_on+0x10/0x10 [ 767.881584] ? trace_hardirqs_on+0x10/0x10 [ 767.885843] ? futex_exit_release+0x60/0x60 [ 767.890324] ? __might_fault+0x104/0x1b0 [ 767.894400] ? lock_acquire+0x170/0x3f0 [ 767.898381] ? kvm_vcpu_release+0xa0/0xa0 [ 767.902539] do_vfs_ioctl+0x75a/0xfe0 [ 767.906353] ? selinux_parse_skb.constprop.0+0x16c0/0x16c0 [ 767.911991] ? ioctl_preallocate+0x1a0/0x1a0 [ 767.916431] ? security_file_ioctl+0x76/0xb0 [ 767.920860] ? security_file_ioctl+0x83/0xb0 [ 767.925292] SyS_ioctl+0x7f/0xb0 [ 767.928672] ? do_vfs_ioctl+0xfe0/0xfe0 [ 767.932674] do_syscall_64+0x1d5/0x640 [ 767.936583] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 767.941838] RIP: 0033:0x45cba9 [ 767.945027] RSP: 002b:00007f761ce6bc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 767.952842] RAX: ffffffffffffffda RBX: 00000000004e85c0 RCX: 000000000045cba9 [ 767.960149] RDX: 0000000000000000 RSI: 000000000000ae41 RDI: 0000000000000005 [ 767.967446] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 767.974744] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 767.982038] R13: 00000000000003a3 R14: 00000000004c652f R15: 00007f761ce6c6d4 03:28:57 executing program 5: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8d, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000280)={0x38, 0x2, 0x0, 0x0, 0x8}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f00000041c0)=[{{&(0x7f0000000780)=@xdp, 0x80, &(0x7f0000000b40)=[{&(0x7f0000000800)=""/55, 0x37}], 0x1}, 0x405}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) write$P9_RGETLOCK(r2, &(0x7f00000003c0)=ANY=[@ANYBLOB="350000194e621100000000000000000700f0000000000000cabccf258f89fc6da8c395aa018d83e0c6356c5aded74dc7e99c74d427ae85f25c5b80b95c85957da97fba0896741c3b4a18e6f44167ddbe0c0570d3438eccb779ee1311dcdfdf829060face36020a87829ad8dc6794ba8425204fd2014fcb7feb8c886459fe1c0d6e02cda33131a6a09c45c7436506c7f9e71402c4c9f4a71128e7727ee3582fe45a858994ce3dab322c7846ef0af200", @ANYRES32, @ANYBLOB="17007573657ac194ca"], 0x35) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x363) perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x7e, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000380)}, 0x9000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x4000000000000071, 0x0) r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000340)={0x6, 0x0, 0x0, 0x204f}) ioctl$DRM_IOCTL_AGP_FREE(r2, 0x40206435, &(0x7f00000004c0)={0x0, r5, 0x10000, 0x7}) ioctl$SNDRV_PCM_IOCTL_RESUME(r3, 0x4147, 0x0) mount$fuse(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000040)='fuse\x00', 0x0, &(0x7f0000000140)={{'fd', 0x3d, r4}, 0x2c, {'rootmode', 0x3d, 0x807a}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) 03:28:57 executing program 2: openat$adsp1(0xffffffffffffff9c, 0x0, 0x0, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) [ 768.132567] warn_alloc_show_mem: 1 callbacks suppressed [ 768.132573] Mem-Info: [ 768.153680] active_anon:1023805 inactive_anon:4040 isolated_anon:0 [ 768.153680] active_file:3863 inactive_file:7443 isolated_file:0 [ 768.153680] unevictable:0 dirty:100 writeback:0 unstable:0 [ 768.153680] slab_reclaimable:16055 slab_unreclaimable:137489 03:28:57 executing program 0: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8d, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000280)={0x38, 0x2, 0x0, 0x0, 0x8}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f00000041c0)=[{{&(0x7f0000000780)=@xdp, 0x80, &(0x7f0000000b40)=[{&(0x7f0000000800)=""/55, 0x37}], 0x1}, 0x405}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) write$P9_RGETLOCK(r2, &(0x7f00000003c0)=ANY=[@ANYBLOB="350000194e621100000000000000000700f0000000000000cabccf258f89fc6da8c395aa018d83e0c6356c5aded74dc7e99c74d427ae85f25c5b80b95c85957da97fba0896741c3b4a18e6f44167ddbe0c0570d3438eccb779ee1311dcdfdf829060face36020a87829ad8dc6794ba8425204fd2014fcb7feb8c886459fe1c0d6e02cda33131a6a09c45c7436506c7f9e71402c4c9f4a71128e7727ee3582fe45a858994ce3dab322c7846ef0af200", @ANYRES32, @ANYBLOB="17007573657ac1"], 0x35) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x363) perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x7e, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000380)}, 0x9000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x4000000000000071, 0x0) r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000340)={0x6, 0x0, 0x0, 0x204f}) ioctl$DRM_IOCTL_AGP_FREE(r2, 0x40206435, &(0x7f00000004c0)={0x81, r5, 0x10000, 0x7}) ioctl$SNDRV_PCM_IOCTL_RESUME(r3, 0x4147, 0x0) mount$fuse(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000040)='fuse\x00', 0x0, &(0x7f0000000140)={{'fd', 0x3d, r4}, 0x2c, {'rootmode', 0x3d, 0x807a}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) 03:28:57 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) [ 768.153680] mapped:58153 shmem:4201 pagetables:29876 bounce:0 [ 768.153680] free:289171 free_pcp:264 free_cma:0 [ 768.201759] Node 0 active_anon:1914360kB inactive_anon:16128kB active_file:32kB inactive_file:0kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:212896kB dirty:8kB writeback:0kB shmem:16772kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 1445888kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no 03:28:57 executing program 2: openat$adsp1(0xffffffffffffff9c, 0x0, 0x0, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) [ 768.462612] Node 1 active_anon:2180860kB inactive_anon:32kB active_file:15420kB inactive_file:29772kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:19716kB dirty:392kB writeback:0kB shmem:32kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 768.536269] Node 0 DMA free:10408kB min:220kB low:272kB high:324kB active_anon:4344kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:4kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 768.635242] lowmem_reserve[]: 0 2559 2559 2559 2559 [ 768.640343] Node 0 DMA32 free:36720kB min:36296kB low:45368kB high:54440kB active_anon:1910016kB inactive_anon:16128kB active_file:32kB inactive_file:0kB unevictable:0kB writepending:8kB present:3129332kB managed:2623992kB mlocked:0kB kernel_stack:12512kB pagetables:45736kB bounce:0kB free_pcp:288kB local_pcp:144kB free_cma:0kB [ 768.734136] lowmem_reserve[]: 0 0 0 0 0 [ 768.745247] Node 0 Normal free:0kB min:0kB low:0kB high:0kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:0kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 768.775916] lowmem_reserve[]: 0 0 0 0 0 [ 768.780143] Node 1 Normal free:1111656kB min:53592kB low:66988kB high:80384kB active_anon:2180960kB inactive_anon:32kB active_file:15420kB inactive_file:29772kB unevictable:0kB writepending:96kB present:3932160kB managed:3870192kB mlocked:0kB kernel_stack:30208kB pagetables:73616kB bounce:0kB free_pcp:1336kB local_pcp:692kB free_cma:0kB [ 768.815787] lowmem_reserve[]: 0 0 0 0 0 [ 768.819972] Node 0 DMA: 4*4kB (M) 11*8kB (UM) 2*16kB (UM) 5*32kB (UM) 2*64kB (UM) 2*128kB (UM) 0*256kB 1*512kB (M) 1*1024kB (M) 0*2048kB 2*4096kB (ME) = 10408kB [ 768.839521] Node 0 DMA32: 327*4kB (UME) 436*8kB (UME) 67*16kB (UM) 23*32kB (UM) 57*64kB (M) 38*128kB (UM) 26*256kB (UM) 14*512kB (UME) 7*1024kB (M) 0*2048kB 0*4096kB = 36108kB [ 768.861267] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 768.876753] Node 1 Normal: 81*4kB (UME) 554*8kB (UME) 1115*16kB (UME) 283*32kB (UME) 99*64kB (UME) 5*128kB (UME) 1*256kB (E) 3*512kB (UME) 1*1024kB (M) 2*2048kB (ME) 260*4096kB (M) = 1110500kB [ 768.899425] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 768.909091] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 768.922933] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 768.941432] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 768.955759] 12387 total pagecache pages [ 768.960087] 0 pages in swap cache [ 768.963781] Swap cache stats: add 0, delete 0, find 0/0 [ 768.969512] Free swap = 0kB [ 768.977476] Total swap = 0kB [ 768.980689] 1965979 pages RAM [ 768.984263] 0 pages HighMem/MovableOnly [ 768.988668] 338456 pages reserved [ 768.997005] 0 pages cma reserved 03:28:58 executing program 4: openat$adsp1(0xffffffffffffff9c, &(0x7f0000000180)='/dev/adsp1\x00', 0x0, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r2 = dup(0xffffffffffffffff) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f0000000300)={0x2, 0x0, @ioapic={0x0, 0x0, 0x0, 0x7fff, 0x0, [{0x0, 0x2}]}}) 03:28:58 executing program 0: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8d, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000280)={0x38, 0x2, 0x0, 0x0, 0x8}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f00000041c0)=[{{&(0x7f0000000780)=@xdp, 0x80, &(0x7f0000000b40)=[{&(0x7f0000000800)=""/55, 0x37}], 0x1}, 0x405}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) write$P9_RGETLOCK(r2, &(0x7f00000003c0)=ANY=[@ANYBLOB="350000194e621100000000000000000700f0000000000000cabccf258f89fc6da8c395aa018d83e0c6356c5aded74dc7e99c74d427ae85f25c5b80b95c85957da97fba0896741c3b4a18e6f44167ddbe0c0570d3438eccb779ee1311dcdfdf829060face36020a87829ad8dc6794ba8425204fd2014fcb7feb8c886459fe1c0d6e02cda33131a6a09c45c7436506c7f9e71402c4c9f4a71128e7727ee3582fe45a858994ce3dab322c7846ef0af200", @ANYRES32, @ANYBLOB="17007573657ac1"], 0x35) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x363) perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x7e, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000380)}, 0x9000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x4000000000000071, 0x0) r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000340)={0x6, 0x0, 0x0, 0x204f}) ioctl$DRM_IOCTL_AGP_FREE(r2, 0x40206435, &(0x7f00000004c0)={0x81, r5, 0x10000, 0x7}) ioctl$SNDRV_PCM_IOCTL_RESUME(r3, 0x4147, 0x0) mount$fuse(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000040)='fuse\x00', 0x0, &(0x7f0000000140)={{'fd', 0x3d, r4}, 0x2c, {'rootmode', 0x3d, 0x807a}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) 03:28:58 executing program 5: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8d, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000280)={0x38, 0x2, 0x0, 0x0, 0x8}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f00000041c0)=[{{&(0x7f0000000780)=@xdp, 0x80, &(0x7f0000000b40)=[{&(0x7f0000000800)=""/55, 0x37}], 0x1}, 0x405}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) write$P9_RGETLOCK(r2, &(0x7f00000003c0)=ANY=[@ANYBLOB="350000194e621100000000000000000700f0000000000000cabccf258f89fc6da8c395aa018d83e0c6356c5aded74dc7e99c74d427ae85f25c5b80b95c85957da97fba0896741c3b4a18e6f44167ddbe0c0570d3438eccb779ee1311dcdfdf829060face36020a87829ad8dc6794ba8425204fd2014fcb7feb8c886459fe1c0d6e02cda33131a6a09c45c7436506c7f9e71402c4c9f4a71128e7727ee3582fe45a858994ce3dab322c7846ef0af200", @ANYRES32, @ANYBLOB="17007573657ac194ca"], 0x35) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x363) perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x7e, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000380)}, 0x9000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x4000000000000071, 0x0) r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000340)={0x6, 0x0, 0x0, 0x204f}) ioctl$DRM_IOCTL_AGP_FREE(r2, 0x40206435, &(0x7f00000004c0)={0x81, 0x0, 0x10000, 0x7}) ioctl$SNDRV_PCM_IOCTL_RESUME(r3, 0x4147, 0x0) mount$fuse(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000040)='fuse\x00', 0x0, &(0x7f0000000140)={{'fd', 0x3d, r4}, 0x2c, {'rootmode', 0x3d, 0x807a}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) 03:28:58 executing program 3: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8d, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000280)={0x38, 0x2, 0x0, 0x0, 0x8}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f00000041c0)=[{{&(0x7f0000000780)=@xdp, 0x80, &(0x7f0000000b40)=[{&(0x7f0000000800)=""/55, 0x37}], 0x1}, 0x405}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) write$P9_RGETLOCK(r2, &(0x7f00000003c0)=ANY=[@ANYBLOB="350000194e621100000000000000000700f0000000000000cabccf258f89fc6da8c395aa018d83e0c6356c5aded74dc7e99c74d427ae85f25c5b80b95c85957da97fba0896741c3b4a18e6f44167ddbe0c0570d3438eccb779ee1311dcdfdf829060face36020a87829ad8dc6794ba8425204fd2014fcb7feb8c886459fe1c0d6e02cda33131a6a09c45c7436506c7f9e71402c4c9f4a71128e7727ee3582fe45a858994ce3dab322c7846ef0af200", @ANYRES32, @ANYBLOB="17007573657ac194ca"], 0x35) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x363) perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x7e, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000380)}, 0x9000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x4000000000000071, 0x0) r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000340)={0x6, 0x0, 0x0, 0x204f}) ioctl$DRM_IOCTL_AGP_FREE(r2, 0x40206435, &(0x7f00000004c0)={0x0, r5, 0x10000, 0x7}) ioctl$SNDRV_PCM_IOCTL_RESUME(r3, 0x4147, 0x0) mount$fuse(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000040)='fuse\x00', 0x0, &(0x7f0000000140)={{'fd', 0x3d, r4}, 0x2c, {'rootmode', 0x3d, 0x807a}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) 03:28:58 executing program 2: openat$adsp1(0xffffffffffffff9c, 0x0, 0x0, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) 03:28:58 executing program 1: r0 = socket$inet(0x2b, 0x1, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f0000000240)={0x1, 0x0, [{0x7, 0xffffffff, 0xd5d5, 0x0, 0x1ff}]}) bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e23, @multicast2}, 0x31) connect$inet(r0, &(0x7f0000000100)={0x2, 0x4e23, @local}, 0x10) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) dup(r1) ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000080)={'team0\x00'}) 03:28:58 executing program 0: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8d, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000280)={0x38, 0x2, 0x0, 0x0, 0x8}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f00000041c0)=[{{&(0x7f0000000780)=@xdp, 0x80, &(0x7f0000000b40)=[{&(0x7f0000000800)=""/55, 0x37}], 0x1}, 0x405}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) write$P9_RGETLOCK(r2, &(0x7f00000003c0)=ANY=[@ANYBLOB="350000194e621100000000000000000700f0000000000000cabccf258f89fc6da8c395aa018d83e0c6356c5aded74dc7e99c74d427ae85f25c5b80b95c85957da97fba0896741c3b4a18e6f44167ddbe0c0570d3438eccb779ee1311dcdfdf829060face36020a87829ad8dc6794ba8425204fd2014fcb7feb8c886459fe1c0d6e02cda33131a6a09c45c7436506c7f9e71402c4c9f4a71128e7727ee3582fe45a858994ce3dab322c7846ef0af200", @ANYRES32, @ANYBLOB="17007573657ac1"], 0x35) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x363) perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x7e, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000380)}, 0x9000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x4000000000000071, 0x0) r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000340)={0x6, 0x0, 0x0, 0x204f}) ioctl$DRM_IOCTL_AGP_FREE(r2, 0x40206435, &(0x7f00000004c0)={0x81, r5, 0x10000, 0x7}) ioctl$SNDRV_PCM_IOCTL_RESUME(r3, 0x4147, 0x0) mount$fuse(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000040)='fuse\x00', 0x0, &(0x7f0000000140)={{'fd', 0x3d, r4}, 0x2c, {'rootmode', 0x3d, 0x807a}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) 03:28:58 executing program 2: openat$adsp1(0xffffffffffffff9c, &(0x7f0000000180)='/dev/adsp1\x00', 0x0, 0x0) r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) 03:28:58 executing program 4: openat$adsp1(0xffffffffffffff9c, &(0x7f0000000180)='/dev/adsp1\x00', 0x0, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f0000000300)={0x2, 0x0, @ioapic={0x0, 0x0, 0x0, 0x7fff, 0x0, [{0x0, 0x2}]}}) 03:28:58 executing program 5: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8d, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000280)={0x38, 0x2, 0x0, 0x0, 0x8}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f00000041c0)=[{{&(0x7f0000000780)=@xdp, 0x80, &(0x7f0000000b40)=[{&(0x7f0000000800)=""/55, 0x37}], 0x1}, 0x405}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) write$P9_RGETLOCK(r2, &(0x7f00000003c0)=ANY=[@ANYBLOB="350000194e621100000000000000000700f0000000000000cabccf258f89fc6da8c395aa018d83e0c6356c5aded74dc7e99c74d427ae85f25c5b80b95c85957da97fba0896741c3b4a18e6f44167ddbe0c0570d3438eccb779ee1311dcdfdf829060face36020a87829ad8dc6794ba8425204fd2014fcb7feb8c886459fe1c0d6e02cda33131a6a09c45c7436506c7f9e71402c4c9f4a71128e7727ee3582fe45a858994ce3dab322c7846ef0af200", @ANYRES32, @ANYBLOB="17007573657ac194ca"], 0x35) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x363) perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x7e, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000380)}, 0x9000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x4000000000000071, 0x0) r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000340)={0x6, 0x0, 0x0, 0x204f}) ioctl$DRM_IOCTL_AGP_FREE(r2, 0x40206435, &(0x7f00000004c0)={0x81, 0x0, 0x10000, 0x7}) ioctl$SNDRV_PCM_IOCTL_RESUME(r3, 0x4147, 0x0) mount$fuse(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000040)='fuse\x00', 0x0, &(0x7f0000000140)={{'fd', 0x3d, r4}, 0x2c, {'rootmode', 0x3d, 0x807a}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) 03:28:58 executing program 3: r0 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000180)='/dev/adsp1\x00', 0x0, 0x0) ioctl$SNDCTL_DSP_SETTRIGGER(0xffffffffffffffff, 0x40045010, &(0x7f00000000c0)=0x10001) ioctl$SNDCTL_DSP_CHANNELS(r0, 0xc0045006, &(0x7f0000000040)=0x27) read$dsp(r0, &(0x7f0000000240)=""/165, 0xa5) r1 = openat$nvme_fabrics(0xffffffffffffff9c, &(0x7f0000000100)='/dev/nvme-fabrics\x00', 0x400, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) dup(r2) ioctl$SNDCTL_DSP_CHANNELS(r0, 0xc0045006, &(0x7f0000000540)=0x7) ioctl$FS_IOC_SETVERSION(r2, 0x40087602, &(0x7f0000000500)=0x8) r3 = syz_genetlink_get_family_id$devlink(&(0x7f00000001c0)='devlink\x00') sendmsg$DEVLINK_CMD_SB_PORT_POOL_GET(r1, &(0x7f00000004c0)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000200)={&(0x7f0000000340)={0x154, r3, 0x400, 0x70bd2c, 0x25dfdbfd, {}, [{{@pci={{0x8, 0x1, 'pci\x00'}, {0x11, 0x2, '0000:00:10.0\x00'}}, {0x8}}, {0x8, 0xb, 0x101}, {0x6, 0x11, 0x3}}, {{@pci={{0x8, 0x1, 'pci\x00'}, {0x11, 0x2, '0000:00:10.0\x00'}}, {0x8, 0x3, 0x1}}, {0x8, 0xb, 0x7}, {0x6, 0x11, 0x346}}, {{@nsim={{0xe, 0x1, 'netdevsim\x00'}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0x3, 0x1}}, {0x8, 0xb, 0x7fff}, {0x6, 0x11, 0x7}}, {{@pci={{0x8, 0x1, 'pci\x00'}, {0x11, 0x2, '0000:00:10.0\x00'}}, {0x8}}, {0x8, 0xb, 0x2}, {0x6, 0x11, 0x401}}, {{@pci={{0x8, 0x1, 'pci\x00'}, {0x11, 0x2, '0000:00:10.0\x00'}}, {0x8, 0x3, 0x1}}, {0x8, 0xb, 0x1e}, {0x6, 0x11, 0x43}}, {{@nsim={{0xe, 0x1, 'netdevsim\x00'}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8}}, {0x8, 0xb, 0x3}, {0x6}}]}, 0x154}, 0x1, 0x0, 0x0, 0x4000001}, 0x20040801) sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x2, 0x0, 0x0, 0x8}, 0x0) r4 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r4, &(0x7f00000041c0)=[{{0x0, 0x0, &(0x7f0000000b40)=[{0x0}], 0x1, &(0x7f0000000bc0)=""/98, 0x62}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000000)=[{0x0}], 0x1, 0x0) write$P9_RGETLOCK(0xffffffffffffffff, &(0x7f0000000540)=ANY=[], 0x35) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x5, 0x0, 0x0, 0x3}, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) 03:28:58 executing program 2: openat$adsp1(0xffffffffffffff9c, &(0x7f0000000180)='/dev/adsp1\x00', 0x0, 0x0) r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) 03:28:58 executing program 4: openat$adsp1(0xffffffffffffff9c, &(0x7f0000000180)='/dev/adsp1\x00', 0x0, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f0000000300)={0x2, 0x0, @ioapic={0x0, 0x0, 0x0, 0x7fff, 0x0, [{0x0, 0x2}]}}) 03:28:58 executing program 2: openat$adsp1(0xffffffffffffff9c, &(0x7f0000000180)='/dev/adsp1\x00', 0x0, 0x0) r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) 03:28:58 executing program 0: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8d, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000280)={0x38, 0x2, 0x0, 0x0, 0x8}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f00000041c0)=[{{&(0x7f0000000780)=@xdp, 0x80, &(0x7f0000000b40)=[{&(0x7f0000000800)=""/55, 0x37}], 0x1}, 0x405}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) write$P9_RGETLOCK(r2, &(0x7f00000003c0)=ANY=[@ANYBLOB="350000194e621100000000000000000700f0000000000000cabccf258f89fc6da8c395aa018d83e0c6356c5aded74dc7e99c74d427ae85f25c5b80b95c85957da97fba0896741c3b4a18e6f44167ddbe0c0570d3438eccb779ee1311dcdfdf829060face36020a87829ad8dc6794ba8425204fd2014fcb7feb8c886459fe1c0d6e02cda33131a6a09c45c7436506c7f9e71402c4c9f4a71128e7727ee3582fe45a858994ce3dab322c7846ef0af200", @ANYRES32, @ANYBLOB="17007573657ac1"], 0x35) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x363) perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x7e, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000380)}, 0x9000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x4000000000000071, 0x0) r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000340)={0x6, 0x0, 0x0, 0x204f}) ioctl$DRM_IOCTL_AGP_FREE(r2, 0x40206435, &(0x7f00000004c0)={0x81, r5, 0x10000, 0x7}) ioctl$SNDRV_PCM_IOCTL_RESUME(r3, 0x4147, 0x0) mount$fuse(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000040)='fuse\x00', 0x0, &(0x7f0000000140)={{'fd', 0x3d, r4}, 0x2c, {'rootmode', 0x3d, 0x807a}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) 03:28:58 executing program 4: openat$adsp1(0xffffffffffffff9c, &(0x7f0000000180)='/dev/adsp1\x00', 0x0, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f0000000300)={0x2, 0x0, @ioapic={0x0, 0x0, 0x0, 0x7fff, 0x0, [{0x0, 0x2}]}}) 03:28:58 executing program 5: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8d, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000280)={0x38, 0x2, 0x0, 0x0, 0x8}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f00000041c0)=[{{&(0x7f0000000780)=@xdp, 0x80, &(0x7f0000000b40)=[{&(0x7f0000000800)=""/55, 0x37}], 0x1}, 0x405}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) write$P9_RGETLOCK(r2, &(0x7f00000003c0)=ANY=[@ANYBLOB="350000194e621100000000000000000700f0000000000000cabccf258f89fc6da8c395aa018d83e0c6356c5aded74dc7e99c74d427ae85f25c5b80b95c85957da97fba0896741c3b4a18e6f44167ddbe0c0570d3438eccb779ee1311dcdfdf829060face36020a87829ad8dc6794ba8425204fd2014fcb7feb8c886459fe1c0d6e02cda33131a6a09c45c7436506c7f9e71402c4c9f4a71128e7727ee3582fe45a858994ce3dab322c7846ef0af200", @ANYRES32, @ANYBLOB="17007573657ac194ca"], 0x35) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x363) perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x7e, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000380)}, 0x9000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x4000000000000071, 0x0) r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000340)={0x6, 0x0, 0x0, 0x204f}) ioctl$DRM_IOCTL_AGP_FREE(r2, 0x40206435, &(0x7f00000004c0)={0x81, 0x0, 0x10000, 0x7}) ioctl$SNDRV_PCM_IOCTL_RESUME(r3, 0x4147, 0x0) mount$fuse(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000040)='fuse\x00', 0x0, &(0x7f0000000140)={{'fd', 0x3d, r4}, 0x2c, {'rootmode', 0x3d, 0x807a}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) 03:28:59 executing program 1: r0 = socket$inet(0x2b, 0x1, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f0000000240)={0x1, 0x0, [{0x7, 0xffffffff, 0xd5d5, 0x0, 0x1ff}]}) bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e23, @multicast2}, 0x31) connect$inet(r0, &(0x7f0000000100)={0x2, 0x4e23, @local}, 0x10) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200)='nl80211\x00') sendmsg$NL80211_CMD_GET_SCAN(r3, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)={0x1c, r4, 0xab9535e9a6578fc1, 0x0, 0x0, {0x5}, [@NL80211_ATTR_WIPHY={0x8}]}, 0x1c}}, 0x0) ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000080)={'team0\x00'}) 03:28:59 executing program 2: openat$adsp1(0xffffffffffffff9c, &(0x7f0000000180)='/dev/adsp1\x00', 0x0, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r0, 0xae60) ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) 03:28:59 executing program 0: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8d, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000280)={0x38, 0x2, 0x0, 0x0, 0x8}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f00000041c0)=[{{&(0x7f0000000780)=@xdp, 0x80, &(0x7f0000000b40)=[{&(0x7f0000000800)=""/55, 0x37}], 0x1}, 0x405}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) write$P9_RGETLOCK(r2, &(0x7f00000003c0)=ANY=[@ANYBLOB="350000194e621100000000000000000700f0000000000000cabccf258f89fc6da8c395aa018d83e0c6356c5aded74dc7e99c74d427ae85f25c5b80b95c85957da97fba0896741c3b4a18e6f44167ddbe0c0570d3438eccb779ee1311dcdfdf829060face36020a87829ad8dc6794ba8425204fd2014fcb7feb8c886459fe1c0d6e02cda33131a6a09c45c7436506c7f9e71402c4c9f4a71128e7727ee3582fe45a858994ce3dab322c7846ef0af200", @ANYRES32, @ANYBLOB="17007573657ac1"], 0x35) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x363) perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x7e, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000380)}, 0x9000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x4000000000000071, 0x0) r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000340)={0x6, 0x0, 0x0, 0x204f}) ioctl$DRM_IOCTL_AGP_FREE(r2, 0x40206435, &(0x7f00000004c0)={0x81, r5, 0x10000, 0x7}) ioctl$SNDRV_PCM_IOCTL_RESUME(r3, 0x4147, 0x0) mount$fuse(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000040)='fuse\x00', 0x0, &(0x7f0000000140)={{'fd', 0x3d, r4}, 0x2c, {'rootmode', 0x3d, 0x807a}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) 03:28:59 executing program 2: openat$adsp1(0xffffffffffffff9c, &(0x7f0000000180)='/dev/adsp1\x00', 0x0, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r0, 0xae60) ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) 03:28:59 executing program 5: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8d, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000280)={0x38, 0x2, 0x0, 0x0, 0x8}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f00000041c0)=[{{&(0x7f0000000780)=@xdp, 0x80, &(0x7f0000000b40)=[{&(0x7f0000000800)=""/55, 0x37}], 0x1}, 0x405}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) write$P9_RGETLOCK(r2, &(0x7f00000003c0)=ANY=[@ANYBLOB="350000194e621100000000000000000700f0000000000000cabccf258f89fc6da8c395aa018d83e0c6356c5aded74dc7e99c74d427ae85f25c5b80b95c85957da97fba0896741c3b4a18e6f44167ddbe0c0570d3438eccb779ee1311dcdfdf829060face36020a87829ad8dc6794ba8425204fd2014fcb7feb8c886459fe1c0d6e02cda33131a6a09c45c7436506c7f9e71402c4c9f4a71128e7727ee3582fe45a858994ce3dab322c7846ef0af200", @ANYRES32, @ANYBLOB="17007573657ac194ca"], 0x35) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x363) perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x7e, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000380)}, 0x9000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x4000000000000071, 0x0) r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000340)={0x6, 0x0, 0x0, 0x204f}) ioctl$DRM_IOCTL_AGP_FREE(r2, 0x40206435, &(0x7f00000004c0)={0x81, r5, 0x0, 0x7}) ioctl$SNDRV_PCM_IOCTL_RESUME(r3, 0x4147, 0x0) mount$fuse(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000040)='fuse\x00', 0x0, &(0x7f0000000140)={{'fd', 0x3d, r4}, 0x2c, {'rootmode', 0x3d, 0x807a}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) [ 770.169827] syz-executor.4: page allocation failure: order:0, mode:0x14000c4(GFP_KERNEL|GFP_DMA32), nodemask=(null) [ 770.192136] syz-executor.4 cpuset=/ mems_allowed=0-1 [ 770.199170] CPU: 1 PID: 4024 Comm: syz-executor.4 Not tainted 4.14.184-syzkaller #0 [ 770.207005] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 770.216374] Call Trace: [ 770.218977] dump_stack+0x1b2/0x283 [ 770.222634] warn_alloc.cold+0x96/0x1af [ 770.226667] ? zone_watermark_ok_safe+0x250/0x250 [ 770.231529] ? wait_for_completion_io+0x10/0x10 [ 770.236218] __alloc_pages_nodemask+0x2129/0x2730 [ 770.241096] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 770.246094] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 770.250972] ? do_raw_spin_unlock+0x164/0x250 [ 770.255494] alloc_pages_current+0xe7/0x1e0 [ 770.259860] kvm_mmu_create+0xd1/0x1c0 [ 770.263775] kvm_arch_vcpu_init+0x282/0x890 [ 770.268206] ? alloc_pages_current+0xef/0x1e0 [ 770.272845] kvm_vcpu_init+0x26d/0x360 [ 770.276761] vmx_create_vcpu+0xf5/0x2950 [ 770.280840] ? __mutex_unlock_slowpath+0x75/0x780 [ 770.285699] ? drop_futex_key_refs.isra.0+0x17/0x80 [ 770.290735] ? alloc_loaded_vmcs+0x240/0x240 [ 770.295172] kvm_vm_ioctl+0x4ae/0x1430 [ 770.299079] ? __lock_acquire+0x655/0x42a0 [ 770.303326] ? kvm_vcpu_release+0xa0/0xa0 [ 770.307482] ? trace_hardirqs_on+0x10/0x10 [ 770.311735] ? trace_hardirqs_on+0x10/0x10 [ 770.315987] ? futex_exit_release+0x60/0x60 [ 770.320344] ? __might_fault+0x104/0x1b0 [ 770.324414] ? lock_acquire+0x170/0x3f0 [ 770.328417] ? kvm_vcpu_release+0xa0/0xa0 [ 770.332588] do_vfs_ioctl+0x75a/0xfe0 [ 770.336406] ? selinux_parse_skb.constprop.0+0x16c0/0x16c0 [ 770.342037] ? ioctl_preallocate+0x1a0/0x1a0 [ 770.346478] ? security_file_ioctl+0x76/0xb0 [ 770.350914] ? security_file_ioctl+0x83/0xb0 [ 770.355333] SyS_ioctl+0x7f/0xb0 [ 770.358703] ? do_vfs_ioctl+0xfe0/0xfe0 [ 770.362697] do_syscall_64+0x1d5/0x640 [ 770.366599] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 770.371812] RIP: 0033:0x45cba9 [ 770.375003] RSP: 002b:00007f761ce6bc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 770.382728] RAX: ffffffffffffffda RBX: 00000000004e85c0 RCX: 000000000045cba9 [ 770.390124] RDX: 0000000000000000 RSI: 000000000000ae41 RDI: 0000000000000005 [ 770.397536] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 770.404822] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 770.412124] R13: 00000000000003a3 R14: 00000000004c652f R15: 00007f761ce6c6d4 03:28:59 executing program 3: r0 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000180)='/dev/adsp1\x00', 0x0, 0x0) ioctl$SNDCTL_DSP_SETTRIGGER(0xffffffffffffffff, 0x40045010, &(0x7f00000000c0)=0x10001) ioctl$SNDCTL_DSP_CHANNELS(r0, 0xc0045006, &(0x7f0000000040)=0x27) read$dsp(r0, &(0x7f0000000240)=""/165, 0xa5) r1 = openat$nvme_fabrics(0xffffffffffffff9c, &(0x7f0000000100)='/dev/nvme-fabrics\x00', 0x400, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) dup(r2) ioctl$SNDCTL_DSP_CHANNELS(r0, 0xc0045006, &(0x7f0000000540)=0x7) ioctl$FS_IOC_SETVERSION(r2, 0x40087602, &(0x7f0000000500)=0x8) r3 = syz_genetlink_get_family_id$devlink(&(0x7f00000001c0)='devlink\x00') sendmsg$DEVLINK_CMD_SB_PORT_POOL_GET(r1, &(0x7f00000004c0)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000200)={&(0x7f0000000340)={0x154, r3, 0x400, 0x70bd2c, 0x25dfdbfd, {}, [{{@pci={{0x8, 0x1, 'pci\x00'}, {0x11, 0x2, '0000:00:10.0\x00'}}, {0x8}}, {0x8, 0xb, 0x101}, {0x6, 0x11, 0x3}}, {{@pci={{0x8, 0x1, 'pci\x00'}, {0x11, 0x2, '0000:00:10.0\x00'}}, {0x8, 0x3, 0x1}}, {0x8, 0xb, 0x7}, {0x6, 0x11, 0x346}}, {{@nsim={{0xe, 0x1, 'netdevsim\x00'}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0x3, 0x1}}, {0x8, 0xb, 0x7fff}, {0x6, 0x11, 0x7}}, {{@pci={{0x8, 0x1, 'pci\x00'}, {0x11, 0x2, '0000:00:10.0\x00'}}, {0x8}}, {0x8, 0xb, 0x2}, {0x6, 0x11, 0x401}}, {{@pci={{0x8, 0x1, 'pci\x00'}, {0x11, 0x2, '0000:00:10.0\x00'}}, {0x8, 0x3, 0x1}}, {0x8, 0xb, 0x1e}, {0x6, 0x11, 0x43}}, {{@nsim={{0xe, 0x1, 'netdevsim\x00'}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8}}, {0x8, 0xb, 0x3}, {0x6}}]}, 0x154}, 0x1, 0x0, 0x0, 0x4000001}, 0x20040801) sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x2, 0x0, 0x0, 0x8}, 0x0) r4 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r4, &(0x7f00000041c0)=[{{0x0, 0x0, &(0x7f0000000b40)=[{0x0}], 0x1, &(0x7f0000000bc0)=""/98, 0x62}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000000)=[{0x0}], 0x1, 0x0) write$P9_RGETLOCK(0xffffffffffffffff, &(0x7f0000000540)=ANY=[], 0x35) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x5, 0x0, 0x0, 0x3}, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) 03:28:59 executing program 2: openat$adsp1(0xffffffffffffff9c, &(0x7f0000000180)='/dev/adsp1\x00', 0x0, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r0, 0xae60) ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) 03:28:59 executing program 0: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8d, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000280)={0x38, 0x2, 0x0, 0x0, 0x8}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f00000041c0)=[{{&(0x7f0000000780)=@xdp, 0x80, &(0x7f0000000b40)=[{&(0x7f0000000800)=""/55, 0x37}], 0x1}, 0x405}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) write$P9_RGETLOCK(r2, &(0x7f00000003c0)=ANY=[@ANYBLOB="350000194e621100000000000000000700f0000000000000cabccf258f89fc6da8c395aa018d83e0c6356c5aded74dc7e99c74d427ae85f25c5b80b95c85957da97fba0896741c3b4a18e6f44167ddbe0c0570d3438eccb779ee1311dcdfdf829060face36020a87829ad8dc6794ba8425204fd2014fcb7feb8c886459fe1c0d6e02cda33131a6a09c45c7436506c7f9e71402c4c9f4a71128e7727ee3582fe45a858994ce3dab322c7846ef0af200", @ANYRES32, @ANYBLOB="17007573657ac1"], 0x35) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x363) perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x7e, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000380)}, 0x9000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x4000000000000071, 0x0) r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000340)={0x6, 0x0, 0x0, 0x204f}) ioctl$DRM_IOCTL_AGP_FREE(r2, 0x40206435, &(0x7f00000004c0)={0x81, r5, 0x10000, 0x7}) ioctl$SNDRV_PCM_IOCTL_RESUME(r3, 0x4147, 0x0) mount$fuse(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000040)='fuse\x00', 0x0, &(0x7f0000000140)={{'fd', 0x3d, r4}, 0x2c, {'rootmode', 0x3d, 0x807a}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) [ 770.429370] Mem-Info: [ 770.432887] active_anon:1024258 inactive_anon:4040 isolated_anon:0 [ 770.432887] active_file:3859 inactive_file:7447 isolated_file:8 [ 770.432887] unevictable:0 dirty:51 writeback:0 unstable:0 [ 770.432887] slab_reclaimable:16145 slab_unreclaimable:138356 [ 770.432887] mapped:58163 shmem:4201 pagetables:29976 bounce:0 [ 770.432887] free:287711 free_pcp:411 free_cma:0 [ 770.508703] Node 0 active_anon:1914360kB inactive_anon:16128kB active_file:4kB inactive_file:4kB unevictable:0kB isolated(anon):0kB isolated(file):32kB mapped:212932kB dirty:16kB writeback:0kB shmem:16772kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 1445888kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes 03:28:59 executing program 5: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8d, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000280)={0x38, 0x2, 0x0, 0x0, 0x8}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f00000041c0)=[{{&(0x7f0000000780)=@xdp, 0x80, &(0x7f0000000b40)=[{&(0x7f0000000800)=""/55, 0x37}], 0x1}, 0x405}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) write$P9_RGETLOCK(r2, &(0x7f00000003c0)=ANY=[@ANYBLOB="350000194e621100000000000000000700f0000000000000cabccf258f89fc6da8c395aa018d83e0c6356c5aded74dc7e99c74d427ae85f25c5b80b95c85957da97fba0896741c3b4a18e6f44167ddbe0c0570d3438eccb779ee1311dcdfdf829060face36020a87829ad8dc6794ba8425204fd2014fcb7feb8c886459fe1c0d6e02cda33131a6a09c45c7436506c7f9e71402c4c9f4a71128e7727ee3582fe45a858994ce3dab322c7846ef0af200", @ANYRES32, @ANYBLOB="17007573657ac194ca"], 0x35) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x363) perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x7e, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000380)}, 0x9000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x4000000000000071, 0x0) r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000340)={0x6, 0x0, 0x0, 0x204f}) ioctl$DRM_IOCTL_AGP_FREE(r2, 0x40206435, &(0x7f00000004c0)={0x81, r5, 0x0, 0x7}) ioctl$SNDRV_PCM_IOCTL_RESUME(r3, 0x4147, 0x0) mount$fuse(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000040)='fuse\x00', 0x0, &(0x7f0000000140)={{'fd', 0x3d, r4}, 0x2c, {'rootmode', 0x3d, 0x807a}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) 03:28:59 executing program 2: openat$adsp1(0xffffffffffffff9c, &(0x7f0000000180)='/dev/adsp1\x00', 0x0, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) [ 770.607779] Node 1 active_anon:2182772kB inactive_anon:32kB active_file:15432kB inactive_file:29784kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:19720kB dirty:288kB writeback:0kB shmem:32kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 770.646593] Node 0 DMA free:10432kB min:220kB low:272kB high:324kB active_anon:4344kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:4kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 770.734766] lowmem_reserve[]: 0 2559 2559 2559 2559 [ 770.740225] Node 0 DMA32 free:36008kB min:36296kB low:45368kB high:54440kB active_anon:1910016kB inactive_anon:16128kB active_file:4kB inactive_file:4kB unevictable:0kB writepending:16kB present:3129332kB managed:2623992kB mlocked:0kB kernel_stack:12512kB pagetables:45736kB bounce:0kB free_pcp:532kB local_pcp:196kB free_cma:0kB [ 770.816001] lowmem_reserve[]: 0 0 0 0 0 [ 770.820366] Node 0 Normal free:0kB min:0kB low:0kB high:0kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:0kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 770.879895] lowmem_reserve[]: 0 0 0 0 0 [ 770.888468] Node 1 Normal free:1099528kB min:53592kB low:66988kB high:80384kB active_anon:2185572kB inactive_anon:32kB active_file:15432kB inactive_file:29784kB unevictable:0kB writepending:420kB present:3932160kB managed:3870192kB mlocked:0kB kernel_stack:30752kB pagetables:74460kB bounce:0kB free_pcp:1028kB local_pcp:744kB free_cma:0kB [ 770.926699] lowmem_reserve[]: 0 0 0 0 0 [ 770.931065] Node 0 DMA: 4*4kB (M) 15*8kB (UM) 2*16kB (UM) 5*32kB (UM) 2*64kB (UM) 2*128kB (UM) 0*256kB 1*512kB (M) 1*1024kB (M) 0*2048kB 2*4096kB (ME) = 10440kB [ 770.966162] Node 0 DMA32: 296*4kB (UME) 466*8kB (UMH) 70*16kB (UME) 23*32kB (UM) 57*64kB (M) 38*128kB (UM) 27*256kB (UME) 13*512kB (UM) 7*1024kB (M) 0*2048kB 0*4096kB = 36016kB [ 770.988883] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 771.017261] syz-executor.2: page allocation failure: order:0, mode:0x14000c4(GFP_KERNEL|GFP_DMA32), nodemask=(null) [ 771.025038] Node 1 [ 771.028212] syz-executor.2 cpuset= [ 771.028312] Normal: [ 771.030474] / mems_allowed=0-1 [ 771.030496] CPU: 1 PID: 4081 Comm: syz-executor.2 Not tainted 4.14.184-syzkaller #0 [ 771.030502] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 771.030507] Call Trace: [ 771.030544] dump_stack+0x1b2/0x283 [ 771.030560] warn_alloc.cold+0x96/0x1af [ 771.036332] 393*4kB [ 771.036412] ? zone_watermark_ok_safe+0x250/0x250 [ 771.040096] (UME) [ 771.047449] ? wait_for_completion_io+0x10/0x10 [ 771.047471] __alloc_pages_nodemask+0x2129/0x2730 [ 771.047499] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 771.047509] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 771.047540] ? do_raw_spin_unlock+0x164/0x250 [ 771.047556] alloc_pages_current+0xe7/0x1e0 [ 771.047571] kvm_mmu_create+0xd1/0x1c0 [ 771.047584] kvm_arch_vcpu_init+0x282/0x890 [ 771.047594] ? alloc_pages_current+0xef/0x1e0 [ 771.047610] kvm_vcpu_init+0x26d/0x360 [ 771.058185] 234*8kB [ 771.059726] vmx_create_vcpu+0xf5/0x2950 [ 771.059742] ? __mutex_unlock_slowpath+0x75/0x780 [ 771.059753] ? drop_futex_key_refs.isra.0+0x17/0x80 [ 771.059765] ? alloc_loaded_vmcs+0x240/0x240 [ 771.059782] kvm_vm_ioctl+0x4ae/0x1430 [ 771.059799] ? __lock_acquire+0x655/0x42a0 [ 771.064253] (UME) [ 771.067396] ? kvm_vcpu_release+0xa0/0xa0 [ 771.067411] ? trace_hardirqs_on+0x10/0x10 [ 771.067427] ? trace_hardirqs_on+0x10/0x10 [ 771.067439] ? futex_exit_release+0x60/0x60 [ 771.067453] ? __might_fault+0x104/0x1b0 [ 771.070136] 642*16kB [ 771.074608] ? lock_acquire+0x170/0x3f0 [ 771.074621] ? kvm_vcpu_release+0xa0/0xa0 [ 771.074633] do_vfs_ioctl+0x75a/0xfe0 [ 771.074648] ? selinux_parse_skb.constprop.0+0x16c0/0x16c0 [ 771.074658] ? ioctl_preallocate+0x1a0/0x1a0 [ 771.074677] ? security_file_ioctl+0x76/0xb0 [ 771.074686] ? security_file_ioctl+0x83/0xb0 [ 771.074696] SyS_ioctl+0x7f/0xb0 [ 771.074704] ? do_vfs_ioctl+0xfe0/0xfe0 [ 771.074719] do_syscall_64+0x1d5/0x640 [ 771.074735] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 771.077774] (UME) [ 771.081538] RIP: 0033:0x45cba9 [ 771.081544] RSP: 002b:00007f7907af5c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 771.081555] RAX: ffffffffffffffda RBX: 00000000004e85c0 RCX: 000000000045cba9 [ 771.081560] RDX: 0000000000000000 RSI: 000000000000ae41 RDI: 0000000000000004 [ 771.081566] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 771.081573] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 771.081579] R13: 00000000000003a3 R14: 00000000004c652f R15: 00007f7907af66d4 [ 771.276371] 331*32kB (UME) 120*64kB (UME) 28*128kB (UME) 10*256kB (UME) 8*512kB (UME) 2*1024kB (UM) 3*2048kB (ME) 257*4096kB (M) = 1103092kB [ 771.289318] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 771.298326] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 771.307285] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 771.316326] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 771.325121] 12405 total pagecache pages 03:29:00 executing program 5: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8d, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000280)={0x38, 0x2, 0x0, 0x0, 0x8}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f00000041c0)=[{{&(0x7f0000000780)=@xdp, 0x80, &(0x7f0000000b40)=[{&(0x7f0000000800)=""/55, 0x37}], 0x1}, 0x405}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) write$P9_RGETLOCK(r2, &(0x7f00000003c0)=ANY=[@ANYBLOB="350000194e621100000000000000000700f0000000000000cabccf258f89fc6da8c395aa018d83e0c6356c5aded74dc7e99c74d427ae85f25c5b80b95c85957da97fba0896741c3b4a18e6f44167ddbe0c0570d3438eccb779ee1311dcdfdf829060face36020a87829ad8dc6794ba8425204fd2014fcb7feb8c886459fe1c0d6e02cda33131a6a09c45c7436506c7f9e71402c4c9f4a71128e7727ee3582fe45a858994ce3dab322c7846ef0af200", @ANYRES32, @ANYBLOB="17007573657ac194ca"], 0x35) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x363) perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x7e, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000380)}, 0x9000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x4000000000000071, 0x0) r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000340)={0x6, 0x0, 0x0, 0x204f}) ioctl$DRM_IOCTL_AGP_FREE(r2, 0x40206435, &(0x7f00000004c0)={0x81, r5, 0x0, 0x7}) ioctl$SNDRV_PCM_IOCTL_RESUME(r3, 0x4147, 0x0) mount$fuse(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000040)='fuse\x00', 0x0, &(0x7f0000000140)={{'fd', 0x3d, r4}, 0x2c, {'rootmode', 0x3d, 0x807a}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) 03:29:00 executing program 0: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8d, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000280)={0x38, 0x2, 0x0, 0x0, 0x8}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f00000041c0)=[{{&(0x7f0000000780)=@xdp, 0x80, &(0x7f0000000b40)=[{&(0x7f0000000800)=""/55, 0x37}], 0x1}, 0x405}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) write$P9_RGETLOCK(r2, &(0x7f00000003c0)=ANY=[@ANYBLOB="350000194e621100000000000000000700f0000000000000cabccf258f89fc6da8c395aa018d83e0c6356c5aded74dc7e99c74d427ae85f25c5b80b95c85957da97fba0896741c3b4a18e6f44167ddbe0c0570d3438eccb779ee1311dcdfdf829060face36020a87829ad8dc6794ba8425204fd2014fcb7feb8c886459fe1c0d6e02cda33131a6a09c45c7436506c7f9e71402c4c9f4a71128e7727ee3582fe45a858994ce3dab322c7846ef0af200", @ANYRES32, @ANYBLOB="17007573657ac1"], 0x35) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x363) perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x7e, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000380)}, 0x9000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x4000000000000071, 0x0) r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000340)={0x6, 0x0, 0x0, 0x204f}) ioctl$DRM_IOCTL_AGP_FREE(r2, 0x40206435, &(0x7f00000004c0)={0x81, r5, 0x10000, 0x7}) ioctl$SNDRV_PCM_IOCTL_RESUME(r3, 0x4147, 0x0) mount$fuse(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000040)='fuse\x00', 0x0, &(0x7f0000000140)={{'fd', 0x3d, r4}, 0x2c, {'rootmode', 0x3d, 0x807a}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) 03:29:00 executing program 1: r0 = socket$inet(0x2b, 0x1, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f0000000240)={0x1, 0x0, [{0x7, 0xffffffff, 0xd5d5, 0x0, 0x1ff}]}) bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e23, @multicast2}, 0x31) connect$inet(r0, &(0x7f0000000100)={0x2, 0x4e23, @local}, 0x10) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200)='nl80211\x00') sendmsg$NL80211_CMD_GET_SCAN(r3, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)={0x1c, r4, 0xab9535e9a6578fc1, 0x0, 0x0, {0x5}, [@NL80211_ATTR_WIPHY={0x8}]}, 0x1c}}, 0x0) ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000080)={'team0\x00'}) 03:29:00 executing program 4: openat$adsp1(0xffffffffffffff9c, &(0x7f0000000180)='/dev/adsp1\x00', 0x0, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ioctl$KVM_SET_IRQCHIP(0xffffffffffffffff, 0x8208ae63, &(0x7f0000000300)={0x2, 0x0, @ioapic={0x0, 0x0, 0x0, 0x7fff, 0x0, [{0x0, 0x2}]}}) 03:29:00 executing program 2: openat$adsp1(0xffffffffffffff9c, &(0x7f0000000180)='/dev/adsp1\x00', 0x0, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60) ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) 03:29:00 executing program 3: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8d, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000280)={0x38, 0x2, 0x0, 0x0, 0x8}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f00000041c0)=[{{&(0x7f0000000780)=@xdp, 0x80, &(0x7f0000000b40)=[{&(0x7f0000000800)=""/55, 0x37}], 0x1}, 0x405}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) write$P9_RGETLOCK(r2, &(0x7f00000003c0)=ANY=[@ANYBLOB="350000194e621100000000000000000700f0000000000000cabccf258f89fc6da8c395aa018d83e0c6356c5aded74dc7e99c74d427ae85f25c5b80b95c85957da97fba0896741c3b4a18e6f44167ddbe0c0570d3438eccb779ee1311dcdfdf829060face36020a87829ad8dc6794ba8425204fd2014fcb7feb8c886459fe1c0d6e02cda33131a6a09c45c7436506c7f9e71402c4c9f4a71128e7727ee3582fe45a858994ce3dab322c7846ef0af200", @ANYRES32, @ANYBLOB="17007573657ac194ca"], 0x35) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x363) perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x7e, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000380)}, 0x9000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x4000000000000071, 0x0) r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000340)={0x6, 0x0, 0x0, 0x204f}) ioctl$DRM_IOCTL_AGP_FREE(r2, 0x40206435, &(0x7f00000004c0)={0x81, 0x0, 0x10000, 0x7}) ioctl$SNDRV_PCM_IOCTL_RESUME(r3, 0x4147, 0x0) mount$fuse(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000040)='fuse\x00', 0x0, &(0x7f0000000140)={{'fd', 0x3d, r4}, 0x2c, {'rootmode', 0x3d, 0x807a}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) [ 771.329145] 0 pages in swap cache [ 771.332781] Swap cache stats: add 0, delete 0, find 0/0 [ 771.338148] Free swap = 0kB [ 771.341315] Total swap = 0kB [ 771.344326] 1965979 pages RAM [ 771.347524] 0 pages HighMem/MovableOnly [ 771.351656] 338456 pages reserved [ 771.355111] 0 pages cma reserved 03:29:00 executing program 4: openat$adsp1(0xffffffffffffff9c, &(0x7f0000000180)='/dev/adsp1\x00', 0x0, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ioctl$KVM_SET_IRQCHIP(0xffffffffffffffff, 0x8208ae63, &(0x7f0000000300)={0x2, 0x0, @ioapic={0x0, 0x0, 0x0, 0x7fff, 0x0, [{0x0, 0x2}]}}) 03:29:00 executing program 2: openat$adsp1(0xffffffffffffff9c, &(0x7f0000000180)='/dev/adsp1\x00', 0x0, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60) ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) 03:29:00 executing program 3: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8d, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000280)={0x38, 0x2, 0x0, 0x0, 0x8}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f00000041c0)=[{{&(0x7f0000000780)=@xdp, 0x80, &(0x7f0000000b40)=[{&(0x7f0000000800)=""/55, 0x37}], 0x1}, 0x405}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) write$P9_RGETLOCK(r2, &(0x7f00000003c0)=ANY=[@ANYBLOB="350000194e621100000000000000000700f0000000000000cabccf258f89fc6da8c395aa018d83e0c6356c5aded74dc7e99c74d427ae85f25c5b80b95c85957da97fba0896741c3b4a18e6f44167ddbe0c0570d3438eccb779ee1311dcdfdf829060face36020a87829ad8dc6794ba8425204fd2014fcb7feb8c886459fe1c0d6e02cda33131a6a09c45c7436506c7f9e71402c4c9f4a71128e7727ee3582fe45a858994ce3dab322c7846ef0af200", @ANYRES32, @ANYBLOB="17007573657ac194ca"], 0x35) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x363) perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x7e, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000380)}, 0x9000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x4000000000000071, 0x0) r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000340)={0x6, 0x0, 0x0, 0x204f}) ioctl$DRM_IOCTL_AGP_FREE(r2, 0x40206435, &(0x7f00000004c0)={0x81, 0x0, 0x10000, 0x7}) ioctl$SNDRV_PCM_IOCTL_RESUME(r3, 0x4147, 0x0) mount$fuse(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000040)='fuse\x00', 0x0, &(0x7f0000000140)={{'fd', 0x3d, r4}, 0x2c, {'rootmode', 0x3d, 0x807a}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) 03:29:00 executing program 4: openat$adsp1(0xffffffffffffff9c, &(0x7f0000000180)='/dev/adsp1\x00', 0x0, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ioctl$KVM_SET_IRQCHIP(0xffffffffffffffff, 0x8208ae63, &(0x7f0000000300)={0x2, 0x0, @ioapic={0x0, 0x0, 0x0, 0x7fff, 0x0, [{0x0, 0x2}]}}) 03:29:00 executing program 5: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8d, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000280)={0x38, 0x2, 0x0, 0x0, 0x8}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f00000041c0)=[{{&(0x7f0000000780)=@xdp, 0x80, &(0x7f0000000b40)=[{&(0x7f0000000800)=""/55, 0x37}], 0x1}, 0x405}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) write$P9_RGETLOCK(r2, &(0x7f00000003c0)=ANY=[@ANYBLOB="350000194e621100000000000000000700f0000000000000cabccf258f89fc6da8c395aa018d83e0c6356c5aded74dc7e99c74d427ae85f25c5b80b95c85957da97fba0896741c3b4a18e6f44167ddbe0c0570d3438eccb779ee1311dcdfdf829060face36020a87829ad8dc6794ba8425204fd2014fcb7feb8c886459fe1c0d6e02cda33131a6a09c45c7436506c7f9e71402c4c9f4a71128e7727ee3582fe45a858994ce3dab322c7846ef0af200", @ANYRES32, @ANYBLOB="17007573657ac194ca"], 0x35) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x363) perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x7e, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000380)}, 0x9000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x4000000000000071, 0x0) r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000340)={0x6, 0x0, 0x0, 0x204f}) ioctl$DRM_IOCTL_AGP_FREE(r2, 0x40206435, &(0x7f00000004c0)={0x81, r5, 0x10000}) ioctl$SNDRV_PCM_IOCTL_RESUME(r3, 0x4147, 0x0) mount$fuse(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000040)='fuse\x00', 0x0, &(0x7f0000000140)={{'fd', 0x3d, r4}, 0x2c, {'rootmode', 0x3d, 0x807a}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) 03:29:00 executing program 0: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8d, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000280)={0x38, 0x2, 0x0, 0x0, 0x8}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f00000041c0)=[{{&(0x7f0000000780)=@xdp, 0x80, &(0x7f0000000b40)=[{&(0x7f0000000800)=""/55, 0x37}], 0x1}, 0x405}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) write$P9_RGETLOCK(r2, &(0x7f00000003c0)=ANY=[@ANYBLOB="350000194e621100000000000000000700f0000000000000cabccf258f89fc6da8c395aa018d83e0c6356c5aded74dc7e99c74d427ae85f25c5b80b95c85957da97fba0896741c3b4a18e6f44167ddbe0c0570d3438eccb779ee1311dcdfdf829060face36020a87829ad8dc6794ba8425204fd2014fcb7feb8c886459fe1c0d6e02cda33131a6a09c45c7436506c7f9e71402c4c9f4a71128e7727ee3582fe45a858994ce3dab322c7846ef0af200", @ANYRES32, @ANYBLOB="17007573657ac1"], 0x35) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x363) perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x7e, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000380)}, 0x9000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x4000000000000071, 0x0) r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000340)={0x6, 0x0, 0x0, 0x204f}) ioctl$DRM_IOCTL_AGP_FREE(r2, 0x40206435, &(0x7f00000004c0)={0x81, r5, 0x10000, 0x7}) ioctl$SNDRV_PCM_IOCTL_RESUME(r3, 0x4147, 0x0) mount$fuse(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000040)='fuse\x00', 0x0, &(0x7f0000000140)={{'fd', 0x3d, r4}, 0x2c, {'rootmode', 0x3d, 0x807a}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) 03:29:00 executing program 2: openat$adsp1(0xffffffffffffff9c, &(0x7f0000000180)='/dev/adsp1\x00', 0x0, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60) ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) 03:29:00 executing program 4: openat$adsp1(0xffffffffffffff9c, &(0x7f0000000180)='/dev/adsp1\x00', 0x0, 0x0) r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) ioctl$KVM_SET_IRQCHIP(r0, 0x8208ae63, &(0x7f0000000300)={0x2, 0x0, @ioapic={0x0, 0x0, 0x0, 0x7fff, 0x0, [{0x0, 0x2}]}}) 03:29:01 executing program 1: r0 = socket$inet(0x2b, 0x1, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f0000000240)={0x1, 0x0, [{0x7, 0xffffffff, 0xd5d5, 0x0, 0x1ff}]}) bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e23, @multicast2}, 0x31) connect$inet(r0, &(0x7f0000000100)={0x2, 0x4e23, @local}, 0x10) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200)='nl80211\x00') sendmsg$NL80211_CMD_GET_SCAN(r3, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)={0x1c, r4, 0xab9535e9a6578fc1, 0x0, 0x0, {0x5}, [@NL80211_ATTR_WIPHY={0x8}]}, 0x1c}}, 0x0) ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000080)={'team0\x00'}) 03:29:01 executing program 2: openat$adsp1(0xffffffffffffff9c, &(0x7f0000000180)='/dev/adsp1\x00', 0x0, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(0xffffffffffffffff) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) 03:29:01 executing program 3: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8d, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000280)={0x38, 0x2, 0x0, 0x0, 0x8}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f00000041c0)=[{{&(0x7f0000000780)=@xdp, 0x80, &(0x7f0000000b40)=[{&(0x7f0000000800)=""/55, 0x37}], 0x1}, 0x405}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) write$P9_RGETLOCK(r2, &(0x7f00000003c0)=ANY=[@ANYBLOB="350000194e621100000000000000000700f0000000000000cabccf258f89fc6da8c395aa018d83e0c6356c5aded74dc7e99c74d427ae85f25c5b80b95c85957da97fba0896741c3b4a18e6f44167ddbe0c0570d3438eccb779ee1311dcdfdf829060face36020a87829ad8dc6794ba8425204fd2014fcb7feb8c886459fe1c0d6e02cda33131a6a09c45c7436506c7f9e71402c4c9f4a71128e7727ee3582fe45a858994ce3dab322c7846ef0af200", @ANYRES32, @ANYBLOB="17007573657ac194ca"], 0x35) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x363) perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x7e, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000380)}, 0x9000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x4000000000000071, 0x0) r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000340)={0x6, 0x0, 0x0, 0x204f}) ioctl$DRM_IOCTL_AGP_FREE(r2, 0x40206435, &(0x7f00000004c0)={0x81, 0x0, 0x10000, 0x7}) ioctl$SNDRV_PCM_IOCTL_RESUME(r3, 0x4147, 0x0) mount$fuse(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000040)='fuse\x00', 0x0, &(0x7f0000000140)={{'fd', 0x3d, r4}, 0x2c, {'rootmode', 0x3d, 0x807a}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) 03:29:01 executing program 4: openat$adsp1(0xffffffffffffff9c, &(0x7f0000000180)='/dev/adsp1\x00', 0x0, 0x0) r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) ioctl$KVM_SET_IRQCHIP(r0, 0x8208ae63, &(0x7f0000000300)={0x2, 0x0, @ioapic={0x0, 0x0, 0x0, 0x7fff, 0x0, [{0x0, 0x2}]}}) 03:29:01 executing program 5: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8d, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000280)={0x38, 0x2, 0x0, 0x0, 0x8}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f00000041c0)=[{{&(0x7f0000000780)=@xdp, 0x80, &(0x7f0000000b40)=[{&(0x7f0000000800)=""/55, 0x37}], 0x1}, 0x405}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) write$P9_RGETLOCK(r2, &(0x7f00000003c0)=ANY=[@ANYBLOB="350000194e621100000000000000000700f0000000000000cabccf258f89fc6da8c395aa018d83e0c6356c5aded74dc7e99c74d427ae85f25c5b80b95c85957da97fba0896741c3b4a18e6f44167ddbe0c0570d3438eccb779ee1311dcdfdf829060face36020a87829ad8dc6794ba8425204fd2014fcb7feb8c886459fe1c0d6e02cda33131a6a09c45c7436506c7f9e71402c4c9f4a71128e7727ee3582fe45a858994ce3dab322c7846ef0af200", @ANYRES32, @ANYBLOB="17007573657ac194ca"], 0x35) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x363) perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x7e, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000380)}, 0x9000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x4000000000000071, 0x0) r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000340)={0x6, 0x0, 0x0, 0x204f}) ioctl$DRM_IOCTL_AGP_FREE(r2, 0x40206435, &(0x7f00000004c0)={0x81, r5, 0x10000}) ioctl$SNDRV_PCM_IOCTL_RESUME(r3, 0x4147, 0x0) mount$fuse(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000040)='fuse\x00', 0x0, &(0x7f0000000140)={{'fd', 0x3d, r4}, 0x2c, {'rootmode', 0x3d, 0x807a}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) 03:29:01 executing program 0: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8d, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000280)={0x38, 0x2, 0x0, 0x0, 0x8}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f00000041c0)=[{{&(0x7f0000000780)=@xdp, 0x80, &(0x7f0000000b40)=[{&(0x7f0000000800)=""/55, 0x37}], 0x1}, 0x405}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) write$P9_RGETLOCK(r2, &(0x7f00000003c0)=ANY=[@ANYBLOB="350000194e621100000000000000000700f0000000000000cabccf258f89fc6da8c395aa018d83e0c6356c5aded74dc7e99c74d427ae85f25c5b80b95c85957da97fba0896741c3b4a18e6f44167ddbe0c0570d3438eccb779ee1311dcdfdf829060face36020a87829ad8dc6794ba8425204fd2014fcb7feb8c886459fe1c0d6e02cda33131a6a09c45c7436506c7f9e71402c4c9f4a71128e7727ee3582fe45a858994ce3dab322c7846ef0af200", @ANYRES32, @ANYBLOB="17007573657ac1"], 0x35) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x363) perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x7e, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000380)}, 0x9000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x4000000000000071, 0x0) r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000340)={0x6, 0x0, 0x0, 0x204f}) ioctl$DRM_IOCTL_AGP_FREE(r2, 0x40206435, &(0x7f00000004c0)={0x81, r5, 0x10000, 0x7}) ioctl$SNDRV_PCM_IOCTL_RESUME(r3, 0x4147, 0x0) mount$fuse(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000040)='fuse\x00', 0x0, &(0x7f0000000140)={{'fd', 0x3d, r4}, 0x2c, {'rootmode', 0x3d, 0x807a}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) 03:29:01 executing program 4: openat$adsp1(0xffffffffffffff9c, &(0x7f0000000180)='/dev/adsp1\x00', 0x0, 0x0) r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) ioctl$KVM_SET_IRQCHIP(r0, 0x8208ae63, &(0x7f0000000300)={0x2, 0x0, @ioapic={0x0, 0x0, 0x0, 0x7fff, 0x0, [{0x0, 0x2}]}}) 03:29:01 executing program 3: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8d, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000280)={0x38, 0x2, 0x0, 0x0, 0x8}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f00000041c0)=[{{&(0x7f0000000780)=@xdp, 0x80, &(0x7f0000000b40)=[{&(0x7f0000000800)=""/55, 0x37}], 0x1}, 0x405}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) write$P9_RGETLOCK(r2, 0x0, 0x35) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x363) perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x7e, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000380)}, 0x9000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x4000000000000071, 0x0) r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000340)={0x6, 0x0, 0x0, 0x204f}) ioctl$DRM_IOCTL_AGP_FREE(r2, 0x40206435, &(0x7f00000004c0)={0x81, r5, 0x10000, 0x7}) ioctl$SNDRV_PCM_IOCTL_RESUME(r3, 0x4147, 0x0) mount$fuse(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000040)='fuse\x00', 0x0, &(0x7f0000000140)={{'fd', 0x3d, r4}, 0x2c, {'rootmode', 0x3d, 0x807a}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) 03:29:01 executing program 0: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8d, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000280)={0x38, 0x2, 0x0, 0x0, 0x8}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f00000041c0)=[{{&(0x7f0000000780)=@xdp, 0x80, &(0x7f0000000b40)=[{&(0x7f0000000800)=""/55, 0x37}], 0x1}, 0x405}], 0x1, 0x0, 0x0) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) vmsplice(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) write$P9_RGETLOCK(0xffffffffffffffff, &(0x7f00000003c0)=ANY=[@ANYBLOB="350000194e621100000000000000000700f0000000000000cabccf258f89fc6da8c395aa018d83e0c6356c5aded74dc7e99c74d427ae85f25c5b80b95c85957da97fba0896741c3b4a18e6f44167ddbe0c0570d3438eccb779ee1311dcdfdf829060face36020a87829ad8dc6794ba8425204fd2014fcb7feb8c886459fe1c0d6e02cda33131a6a09c45c7436506c7f9e71402c4c9f4a71128e7727ee3582fe45a858994ce3dab322c7846ef0af200", @ANYRES32, @ANYBLOB="17007573657ac1"], 0x35) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x363) perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x7e, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000380)}, 0x9000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x4000000000000071, 0x0) r2 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000340)={0x6, 0x0, 0x0, 0x204f}) ioctl$DRM_IOCTL_AGP_FREE(0xffffffffffffffff, 0x40206435, &(0x7f00000004c0)={0x81, r3, 0x10000, 0x7}) ioctl$SNDRV_PCM_IOCTL_RESUME(0xffffffffffffffff, 0x4147, 0x0) mount$fuse(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000040)='fuse\x00', 0x0, &(0x7f0000000140)={{'fd', 0x3d, r2}, 0x2c, {'rootmode', 0x3d, 0x807a}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) 03:29:01 executing program 5: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8d, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000280)={0x38, 0x2, 0x0, 0x0, 0x8}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f00000041c0)=[{{&(0x7f0000000780)=@xdp, 0x80, &(0x7f0000000b40)=[{&(0x7f0000000800)=""/55, 0x37}], 0x1}, 0x405}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) write$P9_RGETLOCK(r2, &(0x7f00000003c0)=ANY=[@ANYBLOB="350000194e621100000000000000000700f0000000000000cabccf258f89fc6da8c395aa018d83e0c6356c5aded74dc7e99c74d427ae85f25c5b80b95c85957da97fba0896741c3b4a18e6f44167ddbe0c0570d3438eccb779ee1311dcdfdf829060face36020a87829ad8dc6794ba8425204fd2014fcb7feb8c886459fe1c0d6e02cda33131a6a09c45c7436506c7f9e71402c4c9f4a71128e7727ee3582fe45a858994ce3dab322c7846ef0af200", @ANYRES32, @ANYBLOB="17007573657ac194ca"], 0x35) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x363) perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x7e, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000380)}, 0x9000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x4000000000000071, 0x0) r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000340)={0x6, 0x0, 0x0, 0x204f}) ioctl$DRM_IOCTL_AGP_FREE(r2, 0x40206435, &(0x7f00000004c0)={0x81, r5, 0x10000}) ioctl$SNDRV_PCM_IOCTL_RESUME(r3, 0x4147, 0x0) mount$fuse(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000040)='fuse\x00', 0x0, &(0x7f0000000140)={{'fd', 0x3d, r4}, 0x2c, {'rootmode', 0x3d, 0x807a}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) 03:29:01 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f0000000300)={0x2, 0x0, @ioapic={0x0, 0x0, 0x0, 0x7fff, 0x0, [{0x0, 0x2}]}}) 03:29:01 executing program 2: openat$adsp1(0xffffffffffffff9c, &(0x7f0000000180)='/dev/adsp1\x00', 0x0, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(0xffffffffffffffff) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) [ 772.842303] syz-executor.2: page allocation failure: order:0, mode:0x14000c4(GFP_KERNEL|GFP_DMA32), nodemask=(null) [ 772.844465] syz-executor.4: page allocation failure: order:0, mode:0x14000c4(GFP_KERNEL|GFP_DMA32), nodemask=(null) [ 772.888009] syz-executor.2 cpuset=/ mems_allowed=0-1 [ 772.900362] CPU: 1 PID: 4243 Comm: syz-executor.2 Not tainted 4.14.184-syzkaller #0 [ 772.901584] syz-executor.4 cpuset= [ 772.908214] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 772.908220] Call Trace: [ 772.908251] dump_stack+0x1b2/0x283 [ 772.908269] warn_alloc.cold+0x96/0x1af [ 772.908280] ? zone_watermark_ok_safe+0x250/0x250 [ 772.908300] ? wait_for_completion_io+0x10/0x10 [ 772.927661] / [ 772.931610] __alloc_pages_nodemask+0x2129/0x2730 [ 772.947219] mems_allowed=0-1 [ 772.947703] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 772.955669] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 772.960567] ? do_raw_spin_unlock+0x164/0x250 [ 772.965081] alloc_pages_current+0xe7/0x1e0 [ 772.969429] kvm_mmu_create+0xd1/0x1c0 [ 772.973333] kvm_arch_vcpu_init+0x282/0x890 [ 772.977675] ? alloc_pages_current+0xef/0x1e0 [ 772.982193] kvm_vcpu_init+0x26d/0x360 [ 772.986107] vmx_create_vcpu+0xf5/0x2950 [ 772.990189] ? __mutex_unlock_slowpath+0x75/0x780 [ 772.995067] ? drop_futex_key_refs.isra.0+0x17/0x80 [ 773.000106] ? alloc_loaded_vmcs+0x240/0x240 [ 773.004565] kvm_vm_ioctl+0x4ae/0x1430 [ 773.008472] ? __lock_acquire+0x655/0x42a0 [ 773.012772] ? kvm_vcpu_release+0xa0/0xa0 [ 773.016944] ? trace_hardirqs_on+0x10/0x10 [ 773.021206] ? trace_hardirqs_on+0x10/0x10 [ 773.025491] ? futex_exit_release+0x60/0x60 [ 773.029949] ? __might_fault+0x104/0x1b0 [ 773.034066] ? lock_acquire+0x170/0x3f0 [ 773.038062] ? kvm_vcpu_release+0xa0/0xa0 [ 773.042226] do_vfs_ioctl+0x75a/0xfe0 [ 773.046048] ? selinux_parse_skb.constprop.0+0x16c0/0x16c0 [ 773.051697] ? ioctl_preallocate+0x1a0/0x1a0 [ 773.056150] ? security_file_ioctl+0x76/0xb0 [ 773.060585] ? security_file_ioctl+0x83/0xb0 [ 773.065009] SyS_ioctl+0x7f/0xb0 [ 773.068409] ? do_vfs_ioctl+0xfe0/0xfe0 [ 773.072516] do_syscall_64+0x1d5/0x640 [ 773.076461] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 773.081769] RIP: 0033:0x45cba9 [ 773.084957] RSP: 002b:00007f7907af5c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 773.092676] RAX: ffffffffffffffda RBX: 00000000004e85c0 RCX: 000000000045cba9 [ 773.099964] RDX: 0000000000000000 RSI: 000000000000ae41 RDI: 0000000000000005 [ 773.107259] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 773.114644] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 773.121921] R13: 00000000000003a3 R14: 00000000004c652f R15: 00007f7907af66d4 [ 773.129223] CPU: 0 PID: 4242 Comm: syz-executor.4 Not tainted 4.14.184-syzkaller #0 [ 773.137060] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 773.146460] Call Trace: [ 773.149077] dump_stack+0x1b2/0x283 [ 773.152734] warn_alloc.cold+0x96/0x1af [ 773.156734] ? zone_watermark_ok_safe+0x250/0x250 [ 773.161770] ? wait_for_completion_io+0x10/0x10 [ 773.166562] __alloc_pages_nodemask+0x2129/0x2730 [ 773.171449] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 773.176325] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 773.181209] ? do_raw_spin_unlock+0x164/0x250 [ 773.185745] alloc_pages_current+0xe7/0x1e0 [ 773.190113] kvm_mmu_create+0xd1/0x1c0 [ 773.194031] kvm_arch_vcpu_init+0x282/0x890 [ 773.198381] ? alloc_pages_current+0xef/0x1e0 [ 773.203023] kvm_vcpu_init+0x26d/0x360 [ 773.206932] vmx_create_vcpu+0xf5/0x2950 [ 773.211013] ? __mutex_unlock_slowpath+0x75/0x780 [ 773.215868] ? drop_futex_key_refs.isra.0+0x17/0x80 [ 773.220948] ? alloc_loaded_vmcs+0x240/0x240 [ 773.225392] kvm_vm_ioctl+0x4ae/0x1430 [ 773.229302] ? __lock_acquire+0x655/0x42a0 [ 773.233555] ? kvm_vcpu_release+0xa0/0xa0 [ 773.238175] ? trace_hardirqs_on+0x10/0x10 [ 773.242441] ? trace_hardirqs_on+0x10/0x10 [ 773.246699] ? futex_exit_release+0x60/0x60 [ 773.251049] ? __might_fault+0x104/0x1b0 [ 773.255136] ? lock_acquire+0x170/0x3f0 [ 773.259149] ? kvm_vcpu_release+0xa0/0xa0 [ 773.263355] do_vfs_ioctl+0x75a/0xfe0 [ 773.267179] ? selinux_parse_skb.constprop.0+0x16c0/0x16c0 [ 773.272837] ? ioctl_preallocate+0x1a0/0x1a0 [ 773.277285] ? security_file_ioctl+0x76/0xb0 [ 773.281721] ? security_file_ioctl+0x83/0xb0 [ 773.286157] SyS_ioctl+0x7f/0xb0 [ 773.289539] ? do_vfs_ioctl+0xfe0/0xfe0 [ 773.293534] do_syscall_64+0x1d5/0x640 [ 773.297447] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 773.302656] RIP: 0033:0x45cba9 [ 773.305862] RSP: 002b:00007f761ce6bc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 773.313612] RAX: ffffffffffffffda RBX: 00000000004e85c0 RCX: 000000000045cba9 [ 773.320912] RDX: 0000000000000000 RSI: 000000000000ae41 RDI: 0000000000000004 [ 773.328200] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 773.335494] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff 03:29:02 executing program 1: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8d, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000280)={0x38, 0x2, 0x0, 0x0, 0x8}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f00000041c0)=[{{&(0x7f0000000780)=@xdp, 0x80, &(0x7f0000000b40)=[{&(0x7f0000000800)=""/55, 0x37}], 0x1}, 0x405}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) write$P9_RGETLOCK(r2, &(0x7f00000003c0)=ANY=[@ANYBLOB="350000194e621100000000000000000700f0000000000000cabccf258f89fc6da8c395aa018d83e0c6356c5aded74dc7e99c74d427ae85f25c5b80b95c85957da97fba0896741c3b4a18e6f44167ddbe0c0570d3438eccb779ee1311dcdfdf829060face36020a87829ad8dc6794ba8425204fd2014fcb7feb8c886459fe1c0d6e02cda33131a6a09c45c7436506c7f9e71402c4c9f4a71128e7727ee3582fe45a858994ce3dab322c7846ef0af200", @ANYRES32, @ANYBLOB="17007573657ac194ca"], 0x35) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x363) perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x7e, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000380)}, 0x9000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x4000000000000071, 0x0) r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000340)={0x6, 0x0, 0x0, 0x204f}) ioctl$DRM_IOCTL_AGP_FREE(r2, 0x40206435, &(0x7f00000004c0)={0x81, r5, 0x10000}) ioctl$SNDRV_PCM_IOCTL_RESUME(r3, 0x4147, 0x0) mount$fuse(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000040)='fuse\x00', 0x0, &(0x7f0000000140)={{'fd', 0x3d, r4}, 0x2c, {'rootmode', 0x3d, 0x807a}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) 03:29:02 executing program 5: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8d, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000280)={0x38, 0x2, 0x0, 0x0, 0x8}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f00000041c0)=[{{&(0x7f0000000780)=@xdp, 0x80, &(0x7f0000000b40)=[{&(0x7f0000000800)=""/55, 0x37}], 0x1}, 0x405}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) write$P9_RGETLOCK(r2, &(0x7f00000003c0)=ANY=[@ANYBLOB="350000194e621100000000000000000700f0000000000000cabccf258f89fc6da8c395aa018d83e0c6356c5aded74dc7e99c74d427ae85f25c5b80b95c85957da97fba0896741c3b4a18e6f44167ddbe0c0570d3438eccb779ee1311dcdfdf829060face36020a87829ad8dc6794ba8425204fd2014fcb7feb8c886459fe1c0d6e02cda33131a6a09c45c7436506c7f9e71402c4c9f4a71128e7727ee3582fe45a858994ce3dab322c7846ef0af200", @ANYRES32, @ANYBLOB="17007573657ac194ca"], 0x35) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x363) perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x7e, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000380)}, 0x9000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x4000000000000071, 0x0) r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000340)={0x6, 0x0, 0x0, 0x204f}) ioctl$DRM_IOCTL_AGP_FREE(r2, 0x40206435, &(0x7f00000004c0)={0x81, r5, 0x10000, 0x7}) ioctl$SNDRV_PCM_IOCTL_RESUME(0xffffffffffffffff, 0x4147, 0x0) mount$fuse(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000040)='fuse\x00', 0x0, &(0x7f0000000140)={{'fd', 0x3d, r4}, 0x2c, {'rootmode', 0x3d, 0x807a}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) 03:29:02 executing program 3: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8d, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000280)={0x38, 0x2, 0x0, 0x0, 0x8}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f00000041c0)=[{{&(0x7f0000000780)=@xdp, 0x80, &(0x7f0000000b40)=[{&(0x7f0000000800)=""/55, 0x37}], 0x1}, 0x405}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) write$P9_RGETLOCK(r2, 0x0, 0x35) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x363) perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x7e, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000380)}, 0x9000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x4000000000000071, 0x0) r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000340)={0x6, 0x0, 0x0, 0x204f}) ioctl$DRM_IOCTL_AGP_FREE(r2, 0x40206435, &(0x7f00000004c0)={0x81, r5, 0x10000, 0x7}) ioctl$SNDRV_PCM_IOCTL_RESUME(r3, 0x4147, 0x0) mount$fuse(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000040)='fuse\x00', 0x0, &(0x7f0000000140)={{'fd', 0x3d, r4}, 0x2c, {'rootmode', 0x3d, 0x807a}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) 03:29:02 executing program 0: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8d, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000280)={0x38, 0x2, 0x0, 0x0, 0x8}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f00000041c0)=[{{&(0x7f0000000780)=@xdp, 0x80, &(0x7f0000000b40)=[{&(0x7f0000000800)=""/55, 0x37}], 0x1}, 0x405}], 0x1, 0x0, 0x0) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) vmsplice(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) write$P9_RGETLOCK(0xffffffffffffffff, &(0x7f00000003c0)=ANY=[@ANYBLOB="350000194e621100000000000000000700f0000000000000cabccf258f89fc6da8c395aa018d83e0c6356c5aded74dc7e99c74d427ae85f25c5b80b95c85957da97fba0896741c3b4a18e6f44167ddbe0c0570d3438eccb779ee1311dcdfdf829060face36020a87829ad8dc6794ba8425204fd2014fcb7feb8c886459fe1c0d6e02cda33131a6a09c45c7436506c7f9e71402c4c9f4a71128e7727ee3582fe45a858994ce3dab322c7846ef0af200", @ANYRES32, @ANYBLOB="17007573657ac1"], 0x35) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x363) perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x7e, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000380)}, 0x9000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x4000000000000071, 0x0) r2 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000340)={0x6, 0x0, 0x0, 0x204f}) ioctl$DRM_IOCTL_AGP_FREE(0xffffffffffffffff, 0x40206435, &(0x7f00000004c0)={0x81, r3, 0x10000, 0x7}) ioctl$SNDRV_PCM_IOCTL_RESUME(0xffffffffffffffff, 0x4147, 0x0) mount$fuse(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000040)='fuse\x00', 0x0, &(0x7f0000000140)={{'fd', 0x3d, r2}, 0x2c, {'rootmode', 0x3d, 0x807a}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) [ 773.342819] R13: 00000000000003a3 R14: 00000000004c652f R15: 00007f761ce6c6d4 03:29:02 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f0000000300)={0x2, 0x0, @ioapic={0x0, 0x0, 0x0, 0x7fff, 0x0, [{0x0, 0x2}]}}) [ 773.456119] warn_alloc_show_mem: 1 callbacks suppressed [ 773.456124] Mem-Info: [ 773.497620] active_anon:1025886 inactive_anon:4039 isolated_anon:0 [ 773.497620] active_file:3867 inactive_file:7459 isolated_file:0 [ 773.497620] unevictable:0 dirty:76 writeback:0 unstable:0 [ 773.497620] slab_reclaimable:16115 slab_unreclaimable:137971 [ 773.497620] mapped:58132 shmem:4200 pagetables:30019 bounce:0 [ 773.497620] free:286613 free_pcp:326 free_cma:0 03:29:02 executing program 0: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8d, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000280)={0x38, 0x2, 0x0, 0x0, 0x8}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f00000041c0)=[{{&(0x7f0000000780)=@xdp, 0x80, &(0x7f0000000b40)=[{&(0x7f0000000800)=""/55, 0x37}], 0x1}, 0x405}], 0x1, 0x0, 0x0) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) vmsplice(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) write$P9_RGETLOCK(0xffffffffffffffff, &(0x7f00000003c0)=ANY=[@ANYBLOB="350000194e621100000000000000000700f0000000000000cabccf258f89fc6da8c395aa018d83e0c6356c5aded74dc7e99c74d427ae85f25c5b80b95c85957da97fba0896741c3b4a18e6f44167ddbe0c0570d3438eccb779ee1311dcdfdf829060face36020a87829ad8dc6794ba8425204fd2014fcb7feb8c886459fe1c0d6e02cda33131a6a09c45c7436506c7f9e71402c4c9f4a71128e7727ee3582fe45a858994ce3dab322c7846ef0af200", @ANYRES32, @ANYBLOB="17007573657ac1"], 0x35) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x363) perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x7e, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000380)}, 0x9000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x4000000000000071, 0x0) r2 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000340)={0x6, 0x0, 0x0, 0x204f}) ioctl$DRM_IOCTL_AGP_FREE(0xffffffffffffffff, 0x40206435, &(0x7f00000004c0)={0x81, r3, 0x10000, 0x7}) ioctl$SNDRV_PCM_IOCTL_RESUME(0xffffffffffffffff, 0x4147, 0x0) mount$fuse(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000040)='fuse\x00', 0x0, &(0x7f0000000140)={{'fd', 0x3d, r2}, 0x2c, {'rootmode', 0x3d, 0x807a}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) 03:29:02 executing program 3: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8d, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000280)={0x38, 0x2, 0x0, 0x0, 0x8}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f00000041c0)=[{{&(0x7f0000000780)=@xdp, 0x80, &(0x7f0000000b40)=[{&(0x7f0000000800)=""/55, 0x37}], 0x1}, 0x405}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) write$P9_RGETLOCK(r2, 0x0, 0x35) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x363) perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x7e, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000380)}, 0x9000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x4000000000000071, 0x0) r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000340)={0x6, 0x0, 0x0, 0x204f}) ioctl$DRM_IOCTL_AGP_FREE(r2, 0x40206435, &(0x7f00000004c0)={0x81, r5, 0x10000, 0x7}) ioctl$SNDRV_PCM_IOCTL_RESUME(r3, 0x4147, 0x0) mount$fuse(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000040)='fuse\x00', 0x0, &(0x7f0000000140)={{'fd', 0x3d, r4}, 0x2c, {'rootmode', 0x3d, 0x807a}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) 03:29:02 executing program 1: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8d, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000280)={0x38, 0x2, 0x0, 0x0, 0x8}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f00000041c0)=[{{&(0x7f0000000780)=@xdp, 0x80, &(0x7f0000000b40)=[{&(0x7f0000000800)=""/55, 0x37}], 0x1}, 0x405}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) write$P9_RGETLOCK(r2, &(0x7f00000003c0)=ANY=[@ANYBLOB="350000194e621100000000000000000700f0000000000000cabccf258f89fc6da8c395aa018d83e0c6356c5aded74dc7e99c74d427ae85f25c5b80b95c85957da97fba0896741c3b4a18e6f44167ddbe0c0570d3438eccb779ee1311dcdfdf829060face36020a87829ad8dc6794ba8425204fd2014fcb7feb8c886459fe1c0d6e02cda33131a6a09c45c7436506c7f9e71402c4c9f4a71128e7727ee3582fe45a858994ce3dab322c7846ef0af200", @ANYRES32, @ANYBLOB="17007573657ac194ca"], 0x35) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x363) perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x7e, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000380)}, 0x9000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x4000000000000071, 0x0) r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000340)={0x6, 0x0, 0x0, 0x204f}) ioctl$DRM_IOCTL_AGP_FREE(r2, 0x40206435, &(0x7f00000004c0)={0x81, r5, 0x10000}) ioctl$SNDRV_PCM_IOCTL_RESUME(r3, 0x4147, 0x0) mount$fuse(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000040)='fuse\x00', 0x0, &(0x7f0000000140)={{'fd', 0x3d, r4}, 0x2c, {'rootmode', 0x3d, 0x807a}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) 03:29:02 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f0000000300)={0x2, 0x0, @ioapic={0x0, 0x0, 0x0, 0x7fff, 0x0, [{0x0, 0x2}]}}) 03:29:02 executing program 5: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8d, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000280)={0x38, 0x2, 0x0, 0x0, 0x8}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f00000041c0)=[{{&(0x7f0000000780)=@xdp, 0x80, &(0x7f0000000b40)=[{&(0x7f0000000800)=""/55, 0x37}], 0x1}, 0x405}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) write$P9_RGETLOCK(r2, &(0x7f00000003c0)=ANY=[@ANYBLOB="350000194e621100000000000000000700f0000000000000cabccf258f89fc6da8c395aa018d83e0c6356c5aded74dc7e99c74d427ae85f25c5b80b95c85957da97fba0896741c3b4a18e6f44167ddbe0c0570d3438eccb779ee1311dcdfdf829060face36020a87829ad8dc6794ba8425204fd2014fcb7feb8c886459fe1c0d6e02cda33131a6a09c45c7436506c7f9e71402c4c9f4a71128e7727ee3582fe45a858994ce3dab322c7846ef0af200", @ANYRES32, @ANYBLOB="17007573657ac194ca"], 0x35) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x363) perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x7e, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000380)}, 0x9000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x4000000000000071, 0x0) r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000340)={0x6, 0x0, 0x0, 0x204f}) ioctl$DRM_IOCTL_AGP_FREE(r2, 0x40206435, &(0x7f00000004c0)={0x81, r5, 0x10000, 0x7}) ioctl$SNDRV_PCM_IOCTL_RESUME(0xffffffffffffffff, 0x4147, 0x0) mount$fuse(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000040)='fuse\x00', 0x0, &(0x7f0000000140)={{'fd', 0x3d, r4}, 0x2c, {'rootmode', 0x3d, 0x807a}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) [ 773.759856] Node 0 active_anon:1914300kB inactive_anon:16128kB active_file:24kB inactive_file:8kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:213008kB dirty:8kB writeback:0kB shmem:16772kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 1445888kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 773.849945] Node 1 active_anon:2189544kB inactive_anon:28kB active_file:15444kB inactive_file:29828kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:19720kB dirty:296kB writeback:0kB shmem:28kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 773.880385] Node 0 DMA free:10440kB min:220kB low:272kB high:324kB active_anon:4344kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:4kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB 03:29:03 executing program 1: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8d, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000280)={0x38, 0x2, 0x0, 0x0, 0x8}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f00000041c0)=[{{&(0x7f0000000780)=@xdp, 0x80, &(0x7f0000000b40)=[{&(0x7f0000000800)=""/55, 0x37}], 0x1}, 0x405}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) write$P9_RGETLOCK(r2, &(0x7f00000003c0)=ANY=[@ANYBLOB="350000194e621100000000000000000700f0000000000000cabccf258f89fc6da8c395aa018d83e0c6356c5aded74dc7e99c74d427ae85f25c5b80b95c85957da97fba0896741c3b4a18e6f44167ddbe0c0570d3438eccb779ee1311dcdfdf829060face36020a87829ad8dc6794ba8425204fd2014fcb7feb8c886459fe1c0d6e02cda33131a6a09c45c7436506c7f9e71402c4c9f4a71128e7727ee3582fe45a858994ce3dab322c7846ef0af200", @ANYRES32, @ANYBLOB="17007573657ac194ca"], 0x35) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x363) perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x7e, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000380)}, 0x9000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x4000000000000071, 0x0) r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000340)={0x6, 0x0, 0x0, 0x204f}) ioctl$DRM_IOCTL_AGP_FREE(r2, 0x40206435, &(0x7f00000004c0)={0x81, r5, 0x10000}) ioctl$SNDRV_PCM_IOCTL_RESUME(r3, 0x4147, 0x0) mount$fuse(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000040)='fuse\x00', 0x0, &(0x7f0000000140)={{'fd', 0x3d, r4}, 0x2c, {'rootmode', 0x3d, 0x807a}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) [ 774.157545] lowmem_reserve[]: 0 2559 2559 2559 2559 [ 774.165744] Node 0 DMA32 free:36096kB min:36296kB low:45368kB high:54440kB active_anon:1909956kB inactive_anon:16128kB active_file:16kB inactive_file:4kB unevictable:0kB writepending:8kB present:3129332kB managed:2623992kB mlocked:0kB kernel_stack:12512kB pagetables:45736kB bounce:0kB free_pcp:352kB local_pcp:228kB free_cma:0kB [ 774.233504] lowmem_reserve[]: 0 0 0 0 0 [ 774.237683] Node 0 Normal free:0kB min:0kB low:0kB high:0kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:0kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 774.265647] lowmem_reserve[]: 0 0 0 0 0 [ 774.269837] Node 1 Normal free:1099968kB min:53592kB low:66988kB high:80384kB active_anon:2189612kB inactive_anon:28kB active_file:15452kB inactive_file:29856kB unevictable:0kB writepending:432kB present:3932160kB managed:3870192kB mlocked:0kB kernel_stack:30592kB pagetables:74188kB bounce:0kB free_pcp:724kB local_pcp:296kB free_cma:0kB [ 774.302782] lowmem_reserve[]: 0 0 0 0 0 [ 774.306981] Node 0 DMA: 4*4kB (M) 15*8kB (UM) 2*16kB (UM) 5*32kB (UM) 2*64kB (UM) 2*128kB (UM) 0*256kB 1*512kB (M) 1*1024kB (M) 0*2048kB 2*4096kB (ME) = 10440kB [ 774.323129] Node 0 DMA32: 376*4kB (UME) 438*8kB (UME) 70*16kB (UME) 23*32kB (UM) 58*64kB (ME) 39*128kB (UME) 26*256kB (UM) 13*512kB (UM) 7*1024kB (M) 0*2048kB 0*4096kB = 36048kB [ 774.340070] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 774.353282] Node 1 Normal: 241*4kB (UME) 709*8kB (UME) 185*16kB (UME) 308*32kB (UME) 146*64kB (UME) 58*128kB (UME) 32*256kB (UME) 8*512kB (UME) 8*1024kB (UM) 2*2048kB (ME) 254*4096kB (M) = 1101180kB [ 774.371920] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 774.372320] syz-executor.4: [ 774.395910] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 774.407711] page allocation failure: order:0, mode:0x14000c4(GFP_KERNEL|GFP_DMA32), nodemask=(null) [ 774.412993] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 774.440677] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 774.449982] 12414 total pagecache pages [ 774.458808] syz-executor.4 cpuset=/ mems_allowed=0-1 [ 774.463082] 0 pages in swap cache [ 774.470538] Swap cache stats: add 0, delete 0, find 0/0 [ 774.477489] CPU: 1 PID: 4329 Comm: syz-executor.4 Not tainted 4.14.184-syzkaller #0 [ 774.480676] Free swap = 0kB [ 774.485832] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 774.485839] Call Trace: [ 774.485870] dump_stack+0x1b2/0x283 [ 774.485886] warn_alloc.cold+0x96/0x1af [ 774.485897] ? zone_watermark_ok_safe+0x250/0x250 [ 774.485913] ? wait_for_completion_io+0x10/0x10 [ 774.485926] __alloc_pages_nodemask+0x2129/0x2730 [ 774.485948] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 774.485958] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 774.485984] ? do_raw_spin_unlock+0x164/0x250 [ 774.494510] Total swap = 0kB [ 774.499028] alloc_pages_current+0xe7/0x1e0 [ 774.499074] kvm_mmu_create+0xd1/0x1c0 [ 774.499091] kvm_arch_vcpu_init+0x282/0x890 [ 774.501995] 1965979 pages RAM [ 774.505572] ? alloc_pages_current+0xef/0x1e0 [ 774.505589] kvm_vcpu_init+0x26d/0x360 [ 774.505605] vmx_create_vcpu+0xf5/0x2950 [ 774.510114] 0 pages HighMem/MovableOnly [ 774.514881] ? __mutex_unlock_slowpath+0x75/0x780 [ 774.514894] ? drop_futex_key_refs.isra.0+0x17/0x80 [ 774.514907] ? alloc_loaded_vmcs+0x240/0x240 [ 774.514924] kvm_vm_ioctl+0x4ae/0x1430 03:29:03 executing program 2: openat$adsp1(0xffffffffffffff9c, &(0x7f0000000180)='/dev/adsp1\x00', 0x0, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(0xffffffffffffffff) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) 03:29:03 executing program 0: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8d, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000280)={0x38, 0x2, 0x0, 0x0, 0x8}, 0x0) socket$inet6(0xa, 0x2, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) write$P9_RGETLOCK(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="350000194e621100000000000000000700f0000000000000cabccf258f89fc6da8c395aa018d83e0c6356c5aded74dc7e99c74d427ae85f25c5b80b95c85957da97fba0896741c3b4a18e6f44167ddbe0c0570d3438eccb779ee1311dcdfdf829060face36020a87829ad8dc6794ba8425204fd2014fcb7feb8c886459fe1c0d6e02cda33131a6a09c45c7436506c7f9e71402c4c9f4a71128e7727ee3582fe45a858994ce3dab322c7846ef0af200", @ANYRES32, @ANYBLOB="17007573657ac1"], 0x35) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x363) perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x7e, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000380)}, 0x9000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x4000000000000071, 0x0) r3 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000340)={0x6, 0x0, 0x0, 0x204f}) ioctl$DRM_IOCTL_AGP_FREE(r1, 0x40206435, &(0x7f00000004c0)={0x81, r4, 0x10000, 0x7}) ioctl$SNDRV_PCM_IOCTL_RESUME(r2, 0x4147, 0x0) mount$fuse(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000040)='fuse\x00', 0x0, &(0x7f0000000140)={{'fd', 0x3d, r3}, 0x2c, {'rootmode', 0x3d, 0x807a}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) 03:29:03 executing program 5: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8d, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000280)={0x38, 0x2, 0x0, 0x0, 0x8}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f00000041c0)=[{{&(0x7f0000000780)=@xdp, 0x80, &(0x7f0000000b40)=[{&(0x7f0000000800)=""/55, 0x37}], 0x1}, 0x405}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) write$P9_RGETLOCK(r2, &(0x7f00000003c0)=ANY=[@ANYBLOB="350000194e621100000000000000000700f0000000000000cabccf258f89fc6da8c395aa018d83e0c6356c5aded74dc7e99c74d427ae85f25c5b80b95c85957da97fba0896741c3b4a18e6f44167ddbe0c0570d3438eccb779ee1311dcdfdf829060face36020a87829ad8dc6794ba8425204fd2014fcb7feb8c886459fe1c0d6e02cda33131a6a09c45c7436506c7f9e71402c4c9f4a71128e7727ee3582fe45a858994ce3dab322c7846ef0af200", @ANYRES32, @ANYBLOB="17007573657ac194ca"], 0x35) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x363) perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x7e, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000380)}, 0x9000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x4000000000000071, 0x0) r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000340)={0x6, 0x0, 0x0, 0x204f}) ioctl$DRM_IOCTL_AGP_FREE(r2, 0x40206435, &(0x7f00000004c0)={0x81, r5, 0x10000, 0x7}) ioctl$SNDRV_PCM_IOCTL_RESUME(0xffffffffffffffff, 0x4147, 0x0) mount$fuse(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000040)='fuse\x00', 0x0, &(0x7f0000000140)={{'fd', 0x3d, r4}, 0x2c, {'rootmode', 0x3d, 0x807a}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) 03:29:03 executing program 3: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8d, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000280)={0x38, 0x2, 0x0, 0x0, 0x8}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f00000041c0)=[{{&(0x7f0000000780)=@xdp, 0x80, &(0x7f0000000b40)=[{&(0x7f0000000800)=""/55, 0x37}], 0x1}, 0x405}], 0x1, 0x0, 0x0) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) vmsplice(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) write$P9_RGETLOCK(0xffffffffffffffff, &(0x7f00000003c0)=ANY=[@ANYBLOB="350000194e621100000000000000000700f0000000000000cabccf258f89fc6da8c395aa018d83e0c6356c5aded74dc7e99c74d427ae85f25c5b80b95c85957da97fba0896741c3b4a18e6f44167ddbe0c0570d3438eccb779ee1311dcdfdf829060face36020a87829ad8dc6794ba8425204fd2014fcb7feb8c886459fe1c0d6e02cda33131a6a09c45c7436506c7f9e71402c4c9f4a71128e7727ee3582fe45a858994ce3dab322c7846ef0af200", @ANYRES32, @ANYBLOB="17007573657ac1"], 0x35) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x363) perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x7e, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000380)}, 0x9000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x4000000000000071, 0x0) r2 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000340)={0x6, 0x0, 0x0, 0x204f}) ioctl$DRM_IOCTL_AGP_FREE(0xffffffffffffffff, 0x40206435, &(0x7f00000004c0)={0x81, r3, 0x10000, 0x7}) ioctl$SNDRV_PCM_IOCTL_RESUME(0xffffffffffffffff, 0x4147, 0x0) mount$fuse(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000040)='fuse\x00', 0x0, &(0x7f0000000140)={{'fd', 0x3d, r2}, 0x2c, {'rootmode', 0x3d, 0x807a}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) [ 774.514937] ? __lock_acquire+0x655/0x42a0 [ 774.514947] ? kvm_vcpu_release+0xa0/0xa0 [ 774.514958] ? trace_hardirqs_on+0x10/0x10 [ 774.514976] ? trace_hardirqs_on+0x10/0x10 [ 774.521259] 338456 pages reserved [ 774.524663] ? futex_exit_release+0x60/0x60 [ 774.524678] ? __might_fault+0x104/0x1b0 [ 774.524695] ? lock_acquire+0x170/0x3f0 [ 774.534143] 0 pages cma reserved [ 774.534537] ? kvm_vcpu_release+0xa0/0xa0 [ 774.635211] do_vfs_ioctl+0x75a/0xfe0 [ 774.639227] ? selinux_parse_skb.constprop.0+0x16c0/0x16c0 [ 774.644890] ? ioctl_preallocate+0x1a0/0x1a0 [ 774.649361] ? security_file_ioctl+0x76/0xb0 [ 774.653882] ? security_file_ioctl+0x83/0xb0 [ 774.658338] SyS_ioctl+0x7f/0xb0 [ 774.661898] ? do_vfs_ioctl+0xfe0/0xfe0 [ 774.666008] do_syscall_64+0x1d5/0x640 [ 774.670032] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 774.675504] RIP: 0033:0x45cba9 [ 774.678701] RSP: 002b:00007f761ce6bc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 774.686431] RAX: ffffffffffffffda RBX: 00000000004e85c0 RCX: 000000000045cba9 03:29:03 executing program 1: openat$adsp1(0xffffffffffffff9c, &(0x7f0000000180)='/dev/adsp1\x00', 0x0, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(0xffffffffffffffff) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) [ 774.694269] RDX: 0000000000000000 RSI: 000000000000ae41 RDI: 0000000000000004 [ 774.701954] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 774.710431] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 774.717815] R13: 00000000000003a3 R14: 00000000004c652f R15: 00007f761ce6c6d4 [ 774.741711] warn_alloc_show_mem: 1 callbacks suppressed [ 774.741717] Mem-Info: 03:29:03 executing program 3: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8d, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000280)={0x38, 0x2, 0x0, 0x0, 0x8}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f00000041c0)=[{{&(0x7f0000000780)=@xdp, 0x80, &(0x7f0000000b40)=[{&(0x7f0000000800)=""/55, 0x37}], 0x1}, 0x405}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) write$P9_RGETLOCK(r2, &(0x7f00000003c0)=ANY=[@ANYBLOB="350000194e621100000000000000000700f0000000000000cabccf258f89fc6da8c395aa018d83e0c6356c5aded74dc7e99c74d427ae85f25c5b80b95c85957da97fba0896741c3b4a18e6f44167ddbe0c0570d3438eccb779ee1311dcdfdf829060face36020a87829ad8dc6794ba8425204fd2014fcb7feb8c886459fe1c0d6e02cda33131a6a09c45c7436506c7f9e71402c4c9f4a71128e7727ee3582fe45a858994ce3dab322c7846ef0af200", @ANYRES32, @ANYBLOB="17007573657ac194ca"], 0x35) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x363) perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x7e, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000380)}, 0x9000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x4000000000000071, 0x0) r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000340)={0x6, 0x0, 0x0, 0x204f}) ioctl$DRM_IOCTL_AGP_FREE(r2, 0x40206435, &(0x7f00000004c0)={0x81, r5, 0x10000, 0x7}) ioctl$SNDRV_PCM_IOCTL_RESUME(0xffffffffffffffff, 0x4147, 0x0) mount$fuse(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000040)='fuse\x00', 0x0, &(0x7f0000000140)={{'fd', 0x3d, r4}, 0x2c, {'rootmode', 0x3d, 0x807a}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) 03:29:03 executing program 0: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8d, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000280)={0x38, 0x2, 0x0, 0x0, 0x8}, 0x0) socket$inet6(0xa, 0x2, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) write$P9_RGETLOCK(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="350000194e621100000000000000000700f0000000000000cabccf258f89fc6da8c395aa018d83e0c6356c5aded74dc7e99c74d427ae85f25c5b80b95c85957da97fba0896741c3b4a18e6f44167ddbe0c0570d3438eccb779ee1311dcdfdf829060face36020a87829ad8dc6794ba8425204fd2014fcb7feb8c886459fe1c0d6e02cda33131a6a09c45c7436506c7f9e71402c4c9f4a71128e7727ee3582fe45a858994ce3dab322c7846ef0af200", @ANYRES32, @ANYBLOB="17007573657ac1"], 0x35) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x363) perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x7e, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000380)}, 0x9000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x4000000000000071, 0x0) r3 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000340)={0x6, 0x0, 0x0, 0x204f}) ioctl$DRM_IOCTL_AGP_FREE(r1, 0x40206435, &(0x7f00000004c0)={0x81, r4, 0x10000, 0x7}) ioctl$SNDRV_PCM_IOCTL_RESUME(r2, 0x4147, 0x0) mount$fuse(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000040)='fuse\x00', 0x0, &(0x7f0000000140)={{'fd', 0x3d, r3}, 0x2c, {'rootmode', 0x3d, 0x807a}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) 03:29:03 executing program 5: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8d, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000280)={0x38, 0x2, 0x0, 0x0, 0x8}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f00000041c0)=[{{&(0x7f0000000780)=@xdp, 0x80, &(0x7f0000000b40)=[{&(0x7f0000000800)=""/55, 0x37}], 0x1}, 0x405}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) write$P9_RGETLOCK(r2, &(0x7f00000003c0)=ANY=[@ANYBLOB="350000194e621100000000000000000700f0000000000000cabccf258f89fc6da8c395aa018d83e0c6356c5aded74dc7e99c74d427ae85f25c5b80b95c85957da97fba0896741c3b4a18e6f44167ddbe0c0570d3438eccb779ee1311dcdfdf829060face36020a87829ad8dc6794ba8425204fd2014fcb7feb8c886459fe1c0d6e02cda33131a6a09c45c7436506c7f9e71402c4c9f4a71128e7727ee3582fe45a858994ce3dab322c7846ef0af200", @ANYRES32, @ANYBLOB="17007573657ac194ca"], 0x35) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x363) perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x7e, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000380)}, 0x9000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x4000000000000071, 0x0) r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000340)={0x6, 0x0, 0x0, 0x204f}) ioctl$DRM_IOCTL_AGP_FREE(r2, 0x40206435, &(0x7f00000004c0)={0x81, r5, 0x10000, 0x7}) ioctl$SNDRV_PCM_IOCTL_RESUME(r3, 0x4147, 0x0) mount$fuse(0x0, 0x0, &(0x7f0000000040)='fuse\x00', 0x0, &(0x7f0000000140)={{'fd', 0x3d, r4}, 0x2c, {'rootmode', 0x3d, 0x807a}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) [ 774.778831] active_anon:1026453 inactive_anon:4039 isolated_anon:0 [ 774.778831] active_file:3867 inactive_file:7465 isolated_file:3 [ 774.778831] unevictable:0 dirty:123 writeback:0 unstable:0 [ 774.778831] slab_reclaimable:16114 slab_unreclaimable:137893 [ 774.778831] mapped:58176 shmem:4200 pagetables:30056 bounce:0 [ 774.778831] free:286064 free_pcp:282 free_cma:0 [ 774.853727] syz-executor.2: page allocation failure: order:0, mode:0x14000c4(GFP_KERNEL|GFP_DMA32), nodemask=(null) [ 774.894902] syz-executor.2 cpuset=/ mems_allowed=0-1 [ 774.906039] CPU: 1 PID: 4377 Comm: syz-executor.2 Not tainted 4.14.184-syzkaller #0 [ 774.913969] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 774.923341] Call Trace: [ 774.926034] dump_stack+0x1b2/0x283 [ 774.929769] warn_alloc.cold+0x96/0x1af [ 774.933762] ? zone_watermark_ok_safe+0x250/0x250 [ 774.939178] ? wait_for_completion_io+0x10/0x10 [ 774.943965] __alloc_pages_nodemask+0x2129/0x2730 [ 774.948932] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 774.953973] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 774.958882] ? do_raw_spin_unlock+0x164/0x250 [ 774.963552] alloc_pages_current+0xe7/0x1e0 [ 774.967991] kvm_mmu_create+0xd1/0x1c0 [ 774.972345] kvm_arch_vcpu_init+0x282/0x890 [ 774.977595] ? alloc_pages_current+0xef/0x1e0 [ 774.983958] kvm_vcpu_init+0x26d/0x360 [ 774.988050] vmx_create_vcpu+0xf5/0x2950 [ 774.992375] ? __mutex_unlock_slowpath+0x75/0x780 [ 774.997354] ? drop_futex_key_refs.isra.0+0x17/0x80 [ 775.002420] ? alloc_loaded_vmcs+0x240/0x240 [ 775.006855] kvm_vm_ioctl+0x4ae/0x1430 [ 775.010940] ? __lock_acquire+0x655/0x42a0 [ 775.015738] ? kvm_vcpu_release+0xa0/0xa0 [ 775.020175] ? trace_hardirqs_on+0x10/0x10 [ 775.024703] ? trace_hardirqs_on+0x10/0x10 [ 775.028988] ? futex_exit_release+0x60/0x60 [ 775.033348] ? __might_fault+0x104/0x1b0 [ 775.037432] ? lock_acquire+0x170/0x3f0 [ 775.041432] ? kvm_vcpu_release+0xa0/0xa0 [ 775.045692] do_vfs_ioctl+0x75a/0xfe0 [ 775.049622] ? selinux_parse_skb.constprop.0+0x16c0/0x16c0 [ 775.055480] ? ioctl_preallocate+0x1a0/0x1a0 [ 775.059919] ? security_file_ioctl+0x76/0xb0 [ 775.064355] ? security_file_ioctl+0x83/0xb0 [ 775.068814] SyS_ioctl+0x7f/0xb0 [ 775.072210] ? do_vfs_ioctl+0xfe0/0xfe0 [ 775.076205] do_syscall_64+0x1d5/0x640 [ 775.080104] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 775.085300] RIP: 0033:0x45cba9 [ 775.088495] RSP: 002b:00007f7907af5c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 775.096408] RAX: ffffffffffffffda RBX: 00000000004e85c0 RCX: 000000000045cba9 [ 775.103710] RDX: 0000000000000000 RSI: 000000000000ae41 RDI: 0000000000000005 [ 775.111029] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 775.118352] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 775.125644] R13: 00000000000003a3 R14: 00000000004c652f R15: 00007f7907af66d4 [ 775.147192] Node 0 active_anon:1914300kB inactive_anon:16128kB active_file:28kB inactive_file:4kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:213068kB dirty:0kB writeback:8kB shmem:16772kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 1445888kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes 03:29:04 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f0000000300)={0x2, 0x0, @ioapic={0x0, 0x0, 0x0, 0x7fff, 0x0, [{0x0, 0x2}]}}) [ 775.267519] syz-executor.1: page allocation failure: order:0, mode:0x14000c4(GFP_KERNEL|GFP_DMA32), nodemask=(null) [ 775.307315] syz-executor.1 cpuset=/ mems_allowed=0-1 [ 775.315475] Node 1 active_anon:2197180kB inactive_anon:24kB active_file:15460kB inactive_file:29896kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:19728kB dirty:288kB writeback:144kB shmem:28kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 775.349731] CPU: 1 PID: 4404 Comm: syz-executor.1 Not tainted 4.14.184-syzkaller #0 [ 775.357876] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 775.367337] Call Trace: [ 775.369950] dump_stack+0x1b2/0x283 [ 775.373598] warn_alloc.cold+0x96/0x1af [ 775.377595] ? zone_watermark_ok_safe+0x250/0x250 [ 775.382461] ? wait_for_completion_io+0x10/0x10 [ 775.387151] __alloc_pages_nodemask+0x2129/0x2730 [ 775.392035] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 775.396904] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 775.401769] ? do_raw_spin_unlock+0x164/0x250 [ 775.406280] alloc_pages_current+0xe7/0x1e0 [ 775.410775] kvm_mmu_create+0xd1/0x1c0 [ 775.414678] kvm_arch_vcpu_init+0x282/0x890 [ 775.419026] ? alloc_pages_current+0xef/0x1e0 [ 775.423553] kvm_vcpu_init+0x26d/0x360 [ 775.427449] vmx_create_vcpu+0xf5/0x2950 [ 775.431663] ? __mutex_unlock_slowpath+0x75/0x780 [ 775.436550] ? drop_futex_key_refs.isra.0+0x17/0x80 [ 775.441596] ? alloc_loaded_vmcs+0x240/0x240 [ 775.446034] kvm_vm_ioctl+0x4ae/0x1430 [ 775.450660] ? __lock_acquire+0x655/0x42a0 [ 775.454915] ? kvm_vcpu_release+0xa0/0xa0 [ 775.459077] ? trace_hardirqs_on+0x10/0x10 [ 775.463358] ? trace_hardirqs_on+0x10/0x10 [ 775.467644] ? futex_exit_release+0x60/0x60 [ 775.472003] ? __might_fault+0x104/0x1b0 [ 775.476093] ? lock_acquire+0x170/0x3f0 [ 775.480092] ? kvm_vcpu_release+0xa0/0xa0 [ 775.484263] do_vfs_ioctl+0x75a/0xfe0 [ 775.488095] ? selinux_parse_skb.constprop.0+0x16c0/0x16c0 [ 775.493768] ? ioctl_preallocate+0x1a0/0x1a0 [ 775.498235] ? security_file_ioctl+0x76/0xb0 [ 775.502662] ? security_file_ioctl+0x83/0xb0 [ 775.507089] SyS_ioctl+0x7f/0xb0 [ 775.510490] ? do_vfs_ioctl+0xfe0/0xfe0 [ 775.514490] do_syscall_64+0x1d5/0x640 [ 775.518400] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 775.523609] RIP: 0033:0x45cba9 [ 775.526823] RSP: 002b:00007f4b1ca47c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 775.534670] RAX: ffffffffffffffda RBX: 00000000004e85c0 RCX: 000000000045cba9 [ 775.541964] RDX: 0000000000000000 RSI: 000000000000ae41 RDI: 0000000000000005 [ 775.549246] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 775.556557] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 775.563866] R13: 00000000000003a3 R14: 00000000004c652f R15: 00007f4b1ca486d4 [ 775.605267] Node 0 DMA free:10448kB min:220kB low:272kB high:324kB active_anon:4344kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:4kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 775.648190] syz-executor.3: page allocation failure: order:0, mode:0x14000c4(GFP_KERNEL|GFP_DMA32), nodemask=(null) [ 775.657204] lowmem_reserve[]: 0 2559 2559 2559 2559 [ 775.667869] Node 0 DMA32 free:35752kB min:36296kB low:45368kB high:54440kB active_anon:1909956kB inactive_anon:16128kB active_file:28kB inactive_file:4kB unevictable:0kB writepending:8kB present:3129332kB managed:2623992kB mlocked:0kB kernel_stack:12512kB pagetables:45736kB bounce:0kB free_pcp:348kB local_pcp:124kB free_cma:0kB [ 775.674582] syz-executor.3 cpuset= [ 775.702916] lowmem_reserve[]: [ 775.703750] / [ 775.710902] 0 [ 775.715255] mems_allowed=0-1 [ 775.718644] 0 [ 775.720503] CPU: 0 PID: 4434 Comm: syz-executor.3 Not tainted 4.14.184-syzkaller #0 [ 775.723335] 0 [ 775.730269] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 775.730276] Call Trace: [ 775.730306] dump_stack+0x1b2/0x283 [ 775.730324] warn_alloc.cold+0x96/0x1af [ 775.730336] ? zone_watermark_ok_safe+0x250/0x250 [ 775.730356] ? wait_for_completion_io+0x10/0x10 [ 775.743422] 0 [ 775.744131] __alloc_pages_nodemask+0x2129/0x2730 [ 775.747907] 0 [ 775.751754] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 775.751765] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 775.751788] ? do_raw_spin_unlock+0x164/0x250 [ 775.751801] alloc_pages_current+0xe7/0x1e0 [ 775.751817] kvm_mmu_create+0xd1/0x1c0 [ 775.751830] kvm_arch_vcpu_init+0x282/0x890 [ 775.751840] ? alloc_pages_current+0xef/0x1e0 [ 775.751853] kvm_vcpu_init+0x26d/0x360 [ 775.751866] vmx_create_vcpu+0xf5/0x2950 [ 775.751881] ? __mutex_unlock_slowpath+0x75/0x780 [ 775.751891] ? drop_futex_key_refs.isra.0+0x17/0x80 [ 775.751902] ? alloc_loaded_vmcs+0x240/0x240 [ 775.751917] kvm_vm_ioctl+0x4ae/0x1430 [ 775.751928] ? __lock_acquire+0x655/0x42a0 [ 775.751941] ? kvm_vcpu_release+0xa0/0xa0 [ 775.761492] ? trace_hardirqs_on+0x10/0x10 [ 775.761506] ? trace_hardirqs_on+0x10/0x10 [ 775.761518] ? futex_exit_release+0x60/0x60 [ 775.761532] ? __might_fault+0x104/0x1b0 [ 775.761542] ? lock_acquire+0x170/0x3f0 [ 775.761553] ? kvm_vcpu_release+0xa0/0xa0 [ 775.761565] do_vfs_ioctl+0x75a/0xfe0 [ 775.761586] ? selinux_parse_skb.constprop.0+0x16c0/0x16c0 [ 775.764153] Node 0 [ 775.768209] ? ioctl_preallocate+0x1a0/0x1a0 [ 775.768232] ? security_file_ioctl+0x76/0xb0 [ 775.768244] ? security_file_ioctl+0x83/0xb0 [ 775.770276] Normal free:0kB min:0kB low:0kB high:0kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:0kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 775.775028] SyS_ioctl+0x7f/0xb0 [ 775.775040] ? do_vfs_ioctl+0xfe0/0xfe0 [ 775.775053] do_syscall_64+0x1d5/0x640 [ 775.775069] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 775.775078] RIP: 0033:0x45cba9 [ 775.775083] RSP: 002b:00007f07f91fbc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 775.775093] RAX: ffffffffffffffda RBX: 00000000004e85c0 RCX: 000000000045cba9 [ 775.775099] RDX: 0000000000000000 RSI: 000000000000ae41 RDI: 0000000000000004 [ 775.775104] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 775.775109] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 775.775115] R13: 00000000000003a3 R14: 00000000004c652f R15: 00007f07f91fc6d4 [ 775.828139] Mem-Info: [ 775.832884] lowmem_reserve[]: [ 775.837896] active_anon:1026370 inactive_anon:4038 isolated_anon:0 [ 775.837896] active_file:3872 inactive_file:7475 isolated_file:0 [ 775.837896] unevictable:0 dirty:22 writeback:13 unstable:0 [ 775.837896] slab_reclaimable:16119 slab_unreclaimable:138612 [ 775.837896] mapped:57924 shmem:4200 pagetables:30003 bounce:0 [ 775.837896] free:285482 free_pcp:410 free_cma:0 [ 775.844156] 0 [ 775.847361] Node 0 active_anon:1914300kB inactive_anon:16128kB active_file:28kB inactive_file:4kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:213068kB dirty:0kB writeback:8kB shmem:16772kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 1445888kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 775.852247] 0 [ 775.857337] Node 1 active_anon:2191180kB inactive_anon:24kB active_file:15460kB inactive_file:29896kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:18628kB dirty:88kB writeback:44kB shmem:28kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 775.861796] 0 [ 775.875256] Node 0 [ 775.891308] 0 [ 775.896054] DMA free:10448kB min:220kB low:272kB high:324kB active_anon:4344kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:4kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 775.930116] 0 [ 775.948405] lowmem_reserve[]: [ 776.036327] 0 [ 776.107589] Node 1 Normal free:1097444kB min:53592kB low:66988kB high:80384kB active_anon:2190964kB inactive_anon:28kB active_file:15468kB inactive_file:29924kB unevictable:0kB writepending:156kB present:3932160kB managed:3870192kB mlocked:0kB kernel_stack:30368kB pagetables:74012kB bounce:0kB free_pcp:1436kB local_pcp:732kB free_cma:0kB [ 776.123014] 2559 [ 776.155162] lowmem_reserve[]: 0 0 0 0 0 [ 776.158477] 2559 2559 2559 [ 776.162801] Node 0 DMA: 4*4kB (M) 16*8kB (UM) 2*16kB (UM) 5*32kB (UM) 2*64kB (UM) 2*128kB (UM) 0*256kB 1*512kB (M) 1*1024kB (M) 0*2048kB 2*4096kB (ME) = 10448kB [ 776.165091] Node 0 [ 776.181892] Node 0 DMA32: 376*4kB (UME) 431*8kB (UMEH) 73*16kB (UME) 23*32kB (UM) 58*64kB (ME) 39*128kB (UME) 26*256kB (UM) 13*512kB (UM) 7*1024kB (M) 0*2048kB 0*4096kB = 36040kB [ 776.185294] DMA32 free:36040kB min:36296kB low:45368kB high:54440kB active_anon:1909956kB inactive_anon:16128kB active_file:32kB inactive_file:0kB unevictable:0kB writepending:8kB present:3129332kB managed:2623992kB mlocked:0kB kernel_stack:12512kB pagetables:45736kB bounce:0kB free_pcp:500kB local_pcp:248kB free_cma:0kB [ 776.203209] Node 0 [ 776.230316] lowmem_reserve[]: 0 0 0 0 0 [ 776.235197] Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB [ 776.237829] Node 0 Normal free:0kB min:0kB low:0kB high:0kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:0kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 776.245684] 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 776.282760] Node 1 Normal: 381*4kB (UME) 228*8kB (UME) 105*16kB (UME) 243*32kB (UME) 141*64kB (UME) 66*128kB (UME) 35*256kB (UME) 9*512kB (UME) 7*1024kB (UM) 3*2048kB (UME) 254*4096kB (M) = 1097540kB [ 776.282972] lowmem_reserve[]: 0 0 0 0 0 [ 776.305401] Node 1 Normal free:1097436kB min:53592kB low:66988kB high:80384kB active_anon:2190964kB inactive_anon:28kB active_file:15468kB inactive_file:29924kB unevictable:0kB writepending:156kB present:3932160kB managed:3870192kB mlocked:0kB kernel_stack:30304kB pagetables:74012kB bounce:0kB free_pcp:1408kB local_pcp:716kB free_cma:0kB [ 776.309825] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 776.335616] lowmem_reserve[]: 0 0 0 0 0 [ 776.347351] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 776.349061] Node 0 DMA: 4*4kB (M) 16*8kB (UM) 2*16kB (UM) 5*32kB [ 776.358374] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 776.363935] (UM) [ 776.365293] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 776.385072] 12436 total pagecache pages [ 776.385426] 2*64kB (UM) 2*128kB (UM) 0*256kB 1*512kB (M) 1*1024kB (M) 0*2048kB 2*4096kB (ME) = 10448kB [ 776.389317] 0 pages in swap cache [ 776.402973] Swap cache stats: add 0, delete 0, find 0/0 [ 776.404486] Node 0 DMA32: 376*4kB (UME) 431*8kB (UMEH) 73*16kB (UME) 23*32kB (UM) 58*64kB (ME) 39*128kB (UME) 26*256kB (UM) 13*512kB (UM) 7*1024kB (M) 0*2048kB 0*4096kB = 36040kB [ 776.408682] Free swap = 0kB [ 776.428433] Total swap = 0kB [ 776.431087] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 776.432152] 1965979 pages RAM [ 776.446031] 0 pages HighMem/MovableOnly 03:29:05 executing program 4: openat$adsp1(0xffffffffffffff9c, 0x0, 0x0, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f0000000300)={0x2, 0x0, @ioapic={0x0, 0x0, 0x0, 0x7fff, 0x0, [{0x0, 0x2}]}}) 03:29:05 executing program 0: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8d, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000280)={0x38, 0x2, 0x0, 0x0, 0x8}, 0x0) socket$inet6(0xa, 0x2, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) write$P9_RGETLOCK(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="350000194e621100000000000000000700f0000000000000cabccf258f89fc6da8c395aa018d83e0c6356c5aded74dc7e99c74d427ae85f25c5b80b95c85957da97fba0896741c3b4a18e6f44167ddbe0c0570d3438eccb779ee1311dcdfdf829060face36020a87829ad8dc6794ba8425204fd2014fcb7feb8c886459fe1c0d6e02cda33131a6a09c45c7436506c7f9e71402c4c9f4a71128e7727ee3582fe45a858994ce3dab322c7846ef0af200", @ANYRES32, @ANYBLOB="17007573657ac1"], 0x35) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x363) perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x7e, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000380)}, 0x9000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x4000000000000071, 0x0) r3 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000340)={0x6, 0x0, 0x0, 0x204f}) ioctl$DRM_IOCTL_AGP_FREE(r1, 0x40206435, &(0x7f00000004c0)={0x81, r4, 0x10000, 0x7}) ioctl$SNDRV_PCM_IOCTL_RESUME(r2, 0x4147, 0x0) mount$fuse(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000040)='fuse\x00', 0x0, &(0x7f0000000140)={{'fd', 0x3d, r3}, 0x2c, {'rootmode', 0x3d, 0x807a}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) 03:29:05 executing program 5: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8d, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000280)={0x38, 0x2, 0x0, 0x0, 0x8}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f00000041c0)=[{{&(0x7f0000000780)=@xdp, 0x80, &(0x7f0000000b40)=[{&(0x7f0000000800)=""/55, 0x37}], 0x1}, 0x405}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) write$P9_RGETLOCK(r2, &(0x7f00000003c0)=ANY=[@ANYBLOB="350000194e621100000000000000000700f0000000000000cabccf258f89fc6da8c395aa018d83e0c6356c5aded74dc7e99c74d427ae85f25c5b80b95c85957da97fba0896741c3b4a18e6f44167ddbe0c0570d3438eccb779ee1311dcdfdf829060face36020a87829ad8dc6794ba8425204fd2014fcb7feb8c886459fe1c0d6e02cda33131a6a09c45c7436506c7f9e71402c4c9f4a71128e7727ee3582fe45a858994ce3dab322c7846ef0af200", @ANYRES32, @ANYBLOB="17007573657ac194ca"], 0x35) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x363) perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x7e, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000380)}, 0x9000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x4000000000000071, 0x0) r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000340)={0x6, 0x0, 0x0, 0x204f}) ioctl$DRM_IOCTL_AGP_FREE(r2, 0x40206435, &(0x7f00000004c0)={0x81, r5, 0x10000, 0x7}) ioctl$SNDRV_PCM_IOCTL_RESUME(r3, 0x4147, 0x0) mount$fuse(0x0, 0x0, &(0x7f0000000040)='fuse\x00', 0x0, &(0x7f0000000140)={{'fd', 0x3d, r4}, 0x2c, {'rootmode', 0x3d, 0x807a}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) 03:29:05 executing program 1: r0 = socket$inet(0x2b, 0x1, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f0000000240)={0x1, 0x0, [{0x7, 0xffffffff, 0xd5d5, 0x0, 0x1ff}]}) bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e23, @multicast2}, 0x31) connect$inet(r0, &(0x7f0000000100)={0x2, 0x4e23, @local}, 0x10) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200)='nl80211\x00') sendmsg$NL80211_CMD_GET_SCAN(r3, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)={0x1c, r4, 0xab9535e9a6578fc1, 0x0, 0x0, {0x5}, [@NL80211_ATTR_WIPHY={0x8}]}, 0x1c}}, 0x0) socket$nl_route(0x10, 0x3, 0x0) socket$netlink(0x10, 0x3, 0x0) socket(0x10, 0x803, 0x0) ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000080)={'team0\x00'}) 03:29:05 executing program 2: openat$adsp1(0xffffffffffffff9c, &(0x7f0000000180)='/dev/adsp1\x00', 0x0, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1) dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) [ 776.447461] Node 1 Normal: 381*4kB (UME) 108*8kB (UME) 105*16kB (UME) 243*32kB (UME) 141*64kB (UME) 66*128kB (UME) 35*256kB (UME) 9*512kB (UME) 7*1024kB (UM) 3*2048kB (UME) 254*4096kB (M) = 1096580kB [ 776.450471] 338456 pages reserved [ 776.472383] 0 pages cma reserved [ 776.474525] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 776.493944] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 776.516577] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 776.543785] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 776.575960] 12436 total pagecache pages [ 776.585946] 0 pages in swap cache [ 776.596705] Swap cache stats: add 0, delete 0, find 0/0 [ 776.744119] Free swap = 0kB [ 776.767704] syz-executor.4: page allocation failure: order:0, mode:0x14000c4(GFP_KERNEL|GFP_DMA32), nodemask=(null) [ 776.778382] Total swap = 0kB [ 776.779424] syz-executor.4 cpuset=/ mems_allowed=0-1 [ 776.789335] CPU: 1 PID: 4465 Comm: syz-executor.4 Not tainted 4.14.184-syzkaller #0 [ 776.793765] 1965979 pages RAM [ 776.797153] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 776.797163] Call Trace: 03:29:05 executing program 0: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8d, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000280)={0x38, 0x2, 0x0, 0x0, 0x8}, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f00000041c0)=[{{&(0x7f0000000780)=@xdp, 0x80, &(0x7f0000000b40)=[{&(0x7f0000000800)=""/55, 0x37}], 0x1}, 0x405}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) write$P9_RGETLOCK(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="350000194e621100000000000000000700f0000000000000cabccf258f89fc6da8c395aa018d83e0c6356c5aded74dc7e99c74d427ae85f25c5b80b95c85957da97fba0896741c3b4a18e6f44167ddbe0c0570d3438eccb779ee1311dcdfdf829060face36020a87829ad8dc6794ba8425204fd2014fcb7feb8c886459fe1c0d6e02cda33131a6a09c45c7436506c7f9e71402c4c9f4a71128e7727ee3582fe45a858994ce3dab322c7846ef0af200", @ANYRES32, @ANYBLOB="17007573657ac1"], 0x35) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x363) perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x7e, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000380)}, 0x9000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x4000000000000071, 0x0) r3 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000340)={0x6, 0x0, 0x0, 0x204f}) ioctl$DRM_IOCTL_AGP_FREE(r1, 0x40206435, &(0x7f00000004c0)={0x81, r4, 0x10000, 0x7}) ioctl$SNDRV_PCM_IOCTL_RESUME(r2, 0x4147, 0x0) mount$fuse(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000040)='fuse\x00', 0x0, &(0x7f0000000140)={{'fd', 0x3d, r3}, 0x2c, {'rootmode', 0x3d, 0x807a}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) [ 776.797189] dump_stack+0x1b2/0x283 [ 776.797204] warn_alloc.cold+0x96/0x1af [ 776.797217] ? zone_watermark_ok_safe+0x250/0x250 [ 776.802465] syz-executor.2: [ 776.815492] ? wait_for_completion_io+0x10/0x10 [ 776.815514] __alloc_pages_nodemask+0x2129/0x2730 [ 776.815544] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 776.815554] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 776.815577] ? do_raw_spin_unlock+0x164/0x250 [ 776.815592] alloc_pages_current+0xe7/0x1e0 [ 776.815628] kvm_mmu_create+0xd1/0x1c0 [ 776.835810] 0 pages HighMem/MovableOnly [ 776.838327] kvm_arch_vcpu_init+0x282/0x890 [ 776.838341] ? alloc_pages_current+0xef/0x1e0 [ 776.838354] kvm_vcpu_init+0x26d/0x360 [ 776.844988] 338456 pages reserved [ 776.848054] vmx_create_vcpu+0xf5/0x2950 [ 776.848072] ? __mutex_unlock_slowpath+0x75/0x780 [ 776.848083] ? drop_futex_key_refs.isra.0+0x17/0x80 [ 776.848099] ? alloc_loaded_vmcs+0x240/0x240 [ 776.853464] page allocation failure: order:0 [ 776.857466] kvm_vm_ioctl+0x4ae/0x1430 [ 776.857486] ? __lock_acquire+0x655/0x42a0 03:29:05 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f0000000300)={0x2, 0x0, @ioapic={0x0, 0x0, 0x0, 0x7fff, 0x0, [{0x0, 0x2}]}}) [ 776.857497] ? kvm_vcpu_release+0xa0/0xa0 [ 776.857507] ? trace_hardirqs_on+0x10/0x10 [ 776.857521] ? trace_hardirqs_on+0x10/0x10 [ 776.862284] 0 pages cma reserved [ 776.865724] ? futex_exit_release+0x60/0x60 [ 776.865741] ? __might_fault+0x104/0x1b0 [ 776.865755] ? lock_acquire+0x170/0x3f0 [ 776.865768] ? kvm_vcpu_release+0xa0/0xa0 [ 776.865782] do_vfs_ioctl+0x75a/0xfe0 [ 776.871532] , mode:0x14000c4(GFP_KERNEL|GFP_DMA32), nodemask= [ 776.874066] ? selinux_parse_skb.constprop.0+0x16c0/0x16c0 [ 776.874080] ? ioctl_preallocate+0x1a0/0x1a0 [ 776.874106] ? security_file_ioctl+0x76/0xb0 [ 776.882317] (null) [ 776.882463] ? security_file_ioctl+0x83/0xb0 [ 776.891794] syz-executor.2 cpuset= [ 776.894917] SyS_ioctl+0x7f/0xb0 [ 776.894930] ? do_vfs_ioctl+0xfe0/0xfe0 [ 776.894945] do_syscall_64+0x1d5/0x640 [ 776.894961] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 776.904569] / [ 776.908828] RIP: 0033:0x45cba9 [ 776.921029] mems_allowed=0-1 [ 776.921066] RSP: 002b:00007f761ce6bc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 777.015962] RAX: ffffffffffffffda RBX: 00000000004e85c0 RCX: 000000000045cba9 [ 777.023238] RDX: 0000000000000000 RSI: 000000000000ae41 RDI: 0000000000000004 [ 777.030514] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 777.037791] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 777.045069] R13: 00000000000003a3 R14: 00000000004c652f R15: 00007f761ce6c6d4 [ 777.053868] CPU: 0 PID: 4458 Comm: syz-executor.2 Not tainted 4.14.184-syzkaller #0 [ 777.061704] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 777.071087] Call Trace: [ 777.073707] dump_stack+0x1b2/0x283 [ 777.077367] warn_alloc.cold+0x96/0x1af [ 777.081363] ? zone_watermark_ok_safe+0x250/0x250 [ 777.086236] ? wait_for_completion_io+0x10/0x10 [ 777.091040] __alloc_pages_nodemask+0x2129/0x2730 [ 777.095954] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 777.100828] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 777.105711] ? do_raw_spin_unlock+0x164/0x250 [ 777.110360] alloc_pages_current+0xe7/0x1e0 [ 777.114712] kvm_mmu_create+0xd1/0x1c0 [ 777.118653] kvm_arch_vcpu_init+0x282/0x890 [ 777.122995] ? alloc_pages_current+0xef/0x1e0 [ 777.127519] kvm_vcpu_init+0x26d/0x360 [ 777.131438] vmx_create_vcpu+0xf5/0x2950 [ 777.135513] ? __mutex_unlock_slowpath+0x75/0x780 [ 777.140470] ? drop_futex_key_refs.isra.0+0x17/0x80 [ 777.145502] ? alloc_loaded_vmcs+0x240/0x240 [ 777.149936] kvm_vm_ioctl+0x4ae/0x1430 [ 777.153871] ? __lock_acquire+0x655/0x42a0 [ 777.158126] ? kvm_vcpu_release+0xa0/0xa0 [ 777.162295] ? trace_hardirqs_on+0x10/0x10 [ 777.166693] ? trace_hardirqs_on+0x10/0x10 [ 777.170952] ? futex_exit_release+0x60/0x60 [ 777.175294] ? __might_fault+0x104/0x1b0 [ 777.179367] ? lock_acquire+0x170/0x3f0 [ 777.183350] ? kvm_vcpu_release+0xa0/0xa0 [ 777.187507] do_vfs_ioctl+0x75a/0xfe0 [ 777.191467] ? selinux_parse_skb.constprop.0+0x16c0/0x16c0 [ 777.197107] ? ioctl_preallocate+0x1a0/0x1a0 [ 777.201546] ? security_file_ioctl+0x76/0xb0 [ 777.205975] ? security_file_ioctl+0x83/0xb0 [ 777.210402] SyS_ioctl+0x7f/0xb0 [ 777.213794] ? do_vfs_ioctl+0xfe0/0xfe0 [ 777.217784] do_syscall_64+0x1d5/0x640 [ 777.221719] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 777.226920] RIP: 0033:0x45cba9 [ 777.230131] RSP: 002b:00007f7907af5c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 777.237854] RAX: ffffffffffffffda RBX: 00000000004e85c0 RCX: 000000000045cba9 [ 777.245318] RDX: 0000000000000000 RSI: 000000000000ae41 RDI: 0000000000000005 [ 777.252603] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 777.259894] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff 03:29:06 executing program 5: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8d, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000280)={0x38, 0x2, 0x0, 0x0, 0x8}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f00000041c0)=[{{&(0x7f0000000780)=@xdp, 0x80, &(0x7f0000000b40)=[{&(0x7f0000000800)=""/55, 0x37}], 0x1}, 0x405}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) write$P9_RGETLOCK(r2, &(0x7f00000003c0)=ANY=[@ANYBLOB="350000194e621100000000000000000700f0000000000000cabccf258f89fc6da8c395aa018d83e0c6356c5aded74dc7e99c74d427ae85f25c5b80b95c85957da97fba0896741c3b4a18e6f44167ddbe0c0570d3438eccb779ee1311dcdfdf829060face36020a87829ad8dc6794ba8425204fd2014fcb7feb8c886459fe1c0d6e02cda33131a6a09c45c7436506c7f9e71402c4c9f4a71128e7727ee3582fe45a858994ce3dab322c7846ef0af200", @ANYRES32, @ANYBLOB="17007573657ac194ca"], 0x35) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x363) perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x7e, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000380)}, 0x9000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x4000000000000071, 0x0) r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000340)={0x6, 0x0, 0x0, 0x204f}) ioctl$DRM_IOCTL_AGP_FREE(r2, 0x40206435, &(0x7f00000004c0)={0x81, r5, 0x10000, 0x7}) ioctl$SNDRV_PCM_IOCTL_RESUME(r3, 0x4147, 0x0) mount$fuse(0x0, 0x0, &(0x7f0000000040)='fuse\x00', 0x0, &(0x7f0000000140)={{'fd', 0x3d, r4}, 0x2c, {'rootmode', 0x3d, 0x807a}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) 03:29:06 executing program 0: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8d, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000280)={0x38, 0x2, 0x0, 0x0, 0x8}, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f00000041c0)=[{{&(0x7f0000000780)=@xdp, 0x80, &(0x7f0000000b40)=[{&(0x7f0000000800)=""/55, 0x37}], 0x1}, 0x405}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) write$P9_RGETLOCK(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="350000194e621100000000000000000700f0000000000000cabccf258f89fc6da8c395aa018d83e0c6356c5aded74dc7e99c74d427ae85f25c5b80b95c85957da97fba0896741c3b4a18e6f44167ddbe0c0570d3438eccb779ee1311dcdfdf829060face36020a87829ad8dc6794ba8425204fd2014fcb7feb8c886459fe1c0d6e02cda33131a6a09c45c7436506c7f9e71402c4c9f4a71128e7727ee3582fe45a858994ce3dab322c7846ef0af200", @ANYRES32, @ANYBLOB="17007573657ac1"], 0x35) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x363) perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x7e, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000380)}, 0x9000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x4000000000000071, 0x0) r3 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000340)={0x6, 0x0, 0x0, 0x204f}) ioctl$DRM_IOCTL_AGP_FREE(r1, 0x40206435, &(0x7f00000004c0)={0x81, r4, 0x10000, 0x7}) ioctl$SNDRV_PCM_IOCTL_RESUME(r2, 0x4147, 0x0) mount$fuse(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000040)='fuse\x00', 0x0, &(0x7f0000000140)={{'fd', 0x3d, r3}, 0x2c, {'rootmode', 0x3d, 0x807a}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) [ 777.267183] R13: 00000000000003a3 R14: 00000000004c652f R15: 00007f7907af66d4 03:29:06 executing program 1: r0 = socket$inet(0x2b, 0x1, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f0000000240)={0x1, 0x0, [{0x7, 0xffffffff, 0xd5d5, 0x0, 0x1ff}]}) bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e23, @multicast2}, 0x31) connect$inet(r0, &(0x7f0000000100)={0x2, 0x4e23, @local}, 0x10) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200)='nl80211\x00') sendmsg$NL80211_CMD_GET_SCAN(r3, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)={0x1c, r4, 0xab9535e9a6578fc1, 0x0, 0x0, {0x5}, [@NL80211_ATTR_WIPHY={0x8}]}, 0x1c}}, 0x0) socket$nl_route(0x10, 0x3, 0x0) socket$netlink(0x10, 0x3, 0x0) socket(0x10, 0x803, 0x0) ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000080)={'team0\x00'}) [ 777.351563] syz-executor.3: page allocation failure: order:0, mode:0x14000c4(GFP_KERNEL|GFP_DMA32), nodemask=(null) [ 777.377150] syz-executor.3 cpuset=/ mems_allowed=0-1 [ 777.384637] CPU: 0 PID: 4488 Comm: syz-executor.3 Not tainted 4.14.184-syzkaller #0 [ 777.392492] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 777.401859] Call Trace: [ 777.404459] dump_stack+0x1b2/0x283 [ 777.408095] warn_alloc.cold+0x96/0x1af [ 777.412085] ? zone_watermark_ok_safe+0x250/0x250 [ 777.416956] ? wait_for_completion_io+0x10/0x10 [ 777.421661] __alloc_pages_nodemask+0x2129/0x2730 [ 777.426541] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 777.431579] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 777.436453] ? do_raw_spin_unlock+0x164/0x250 [ 777.440969] alloc_pages_current+0xe7/0x1e0 [ 777.445316] kvm_mmu_create+0xd1/0x1c0 [ 777.449228] kvm_arch_vcpu_init+0x282/0x890 [ 777.453576] ? alloc_pages_current+0xef/0x1e0 [ 777.458099] kvm_vcpu_init+0x26d/0x360 [ 777.462021] vmx_create_vcpu+0xf5/0x2950 [ 777.466100] ? __mutex_unlock_slowpath+0x75/0x780 [ 777.470986] ? drop_futex_key_refs.isra.0+0x17/0x80 [ 777.476041] ? alloc_loaded_vmcs+0x240/0x240 [ 777.480471] kvm_vm_ioctl+0x4ae/0x1430 [ 777.484379] ? __lock_acquire+0x655/0x42a0 [ 777.488639] ? kvm_vcpu_release+0xa0/0xa0 [ 777.492818] ? trace_hardirqs_on+0x10/0x10 [ 777.497057] ? trace_hardirqs_on+0x10/0x10 [ 777.501300] ? futex_exit_release+0x60/0x60 [ 777.505624] ? __might_fault+0x104/0x1b0 [ 777.509853] ? lock_acquire+0x170/0x3f0 [ 777.513854] ? kvm_vcpu_release+0xa0/0xa0 [ 777.520019] do_vfs_ioctl+0x75a/0xfe0 [ 777.523848] ? selinux_parse_skb.constprop.0+0x16c0/0x16c0 [ 777.529500] ? ioctl_preallocate+0x1a0/0x1a0 [ 777.533948] ? security_file_ioctl+0x76/0xb0 [ 777.538415] ? security_file_ioctl+0x83/0xb0 [ 777.542858] SyS_ioctl+0x7f/0xb0 [ 777.546238] ? do_vfs_ioctl+0xfe0/0xfe0 [ 777.550262] do_syscall_64+0x1d5/0x640 [ 777.554195] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 777.559532] RIP: 0033:0x45cba9 [ 777.562725] RSP: 002b:00007f07f91fbc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 777.570572] RAX: ffffffffffffffda RBX: 00000000004e85c0 RCX: 000000000045cba9 [ 777.577887] RDX: 0000000000000000 RSI: 000000000000ae41 RDI: 0000000000000004 [ 777.585195] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 777.592490] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 777.599766] R13: 00000000000003a3 R14: 00000000004c652f R15: 00007f07f91fc6d4 03:29:06 executing program 0: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8d, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000280)={0x38, 0x2, 0x0, 0x0, 0x8}, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f00000041c0)=[{{&(0x7f0000000780)=@xdp, 0x80, &(0x7f0000000b40)=[{&(0x7f0000000800)=""/55, 0x37}], 0x1}, 0x405}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) write$P9_RGETLOCK(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="350000194e621100000000000000000700f0000000000000cabccf258f89fc6da8c395aa018d83e0c6356c5aded74dc7e99c74d427ae85f25c5b80b95c85957da97fba0896741c3b4a18e6f44167ddbe0c0570d3438eccb779ee1311dcdfdf829060face36020a87829ad8dc6794ba8425204fd2014fcb7feb8c886459fe1c0d6e02cda33131a6a09c45c7436506c7f9e71402c4c9f4a71128e7727ee3582fe45a858994ce3dab322c7846ef0af200", @ANYRES32, @ANYBLOB="17007573657ac1"], 0x35) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x363) perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x7e, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000380)}, 0x9000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x4000000000000071, 0x0) r3 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000340)={0x6, 0x0, 0x0, 0x204f}) ioctl$DRM_IOCTL_AGP_FREE(r1, 0x40206435, &(0x7f00000004c0)={0x81, r4, 0x10000, 0x7}) ioctl$SNDRV_PCM_IOCTL_RESUME(r2, 0x4147, 0x0) mount$fuse(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000040)='fuse\x00', 0x0, &(0x7f0000000140)={{'fd', 0x3d, r3}, 0x2c, {'rootmode', 0x3d, 0x807a}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) 03:29:06 executing program 4: openat$adsp1(0xffffffffffffff9c, 0x0, 0x0, 0x0) r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f0000000300)={0x2, 0x0, @ioapic={0x0, 0x0, 0x0, 0x7fff, 0x0, [{0x0, 0x2}]}}) [ 777.714353] warn_alloc_show_mem: 2 callbacks suppressed [ 777.714358] Mem-Info: [ 777.722773] active_anon:1027754 inactive_anon:4039 isolated_anon:0 [ 777.722773] active_file:3874 inactive_file:7487 isolated_file:0 [ 777.722773] unevictable:0 dirty:18 writeback:25 unstable:0 [ 777.722773] slab_reclaimable:16088 slab_unreclaimable:138833 [ 777.722773] mapped:57939 shmem:4200 pagetables:30028 bounce:0 [ 777.722773] free:283740 free_pcp:423 free_cma:0 03:29:06 executing program 5: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8d, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000280)={0x38, 0x2, 0x0, 0x0, 0x8}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f00000041c0)=[{{&(0x7f0000000780)=@xdp, 0x80, &(0x7f0000000b40)=[{&(0x7f0000000800)=""/55, 0x37}], 0x1}, 0x405}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) write$P9_RGETLOCK(r2, &(0x7f00000003c0)=ANY=[@ANYBLOB="350000194e621100000000000000000700f0000000000000cabccf258f89fc6da8c395aa018d83e0c6356c5aded74dc7e99c74d427ae85f25c5b80b95c85957da97fba0896741c3b4a18e6f44167ddbe0c0570d3438eccb779ee1311dcdfdf829060face36020a87829ad8dc6794ba8425204fd2014fcb7feb8c886459fe1c0d6e02cda33131a6a09c45c7436506c7f9e71402c4c9f4a71128e7727ee3582fe45a858994ce3dab322c7846ef0af200", @ANYRES32, @ANYBLOB="17007573657ac194ca"], 0x35) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x363) perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x7e, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000380)}, 0x9000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x4000000000000071, 0x0) r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000340)={0x6, 0x0, 0x0, 0x204f}) ioctl$DRM_IOCTL_AGP_FREE(r2, 0x40206435, &(0x7f00000004c0)={0x81, r5, 0x10000, 0x7}) ioctl$SNDRV_PCM_IOCTL_RESUME(r3, 0x4147, 0x0) mount$fuse(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x0, &(0x7f0000000140)={{'fd', 0x3d, r4}, 0x2c, {'rootmode', 0x3d, 0x807a}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) 03:29:06 executing program 3: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8d, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000280)={0x38, 0x2, 0x0, 0x0, 0x8}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f00000041c0)=[{{&(0x7f0000000780)=@xdp, 0x80, &(0x7f0000000b40)=[{&(0x7f0000000800)=""/55, 0x37}], 0x1}, 0x405}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) write$P9_RGETLOCK(r2, 0x0, 0x35) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x363) perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x7e, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000380)}, 0x9000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x4000000000000071, 0x0) r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000340)={0x6, 0x0, 0x0, 0x204f}) ioctl$DRM_IOCTL_AGP_FREE(r2, 0x40206435, &(0x7f00000004c0)={0x81, r5, 0x10000, 0x7}) ioctl$SNDRV_PCM_IOCTL_RESUME(r3, 0x4147, 0x0) mount$fuse(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000040)='fuse\x00', 0x0, &(0x7f0000000140)={{'fd', 0x3d, r4}, 0x2c, {'rootmode', 0x3d, 0x807a}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) [ 777.806021] Node 0 active_anon:1914300kB inactive_anon:16128kB active_file:28kB inactive_file:4kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:213152kB dirty:8kB writeback:0kB shmem:16772kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 1445888kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes 03:29:06 executing program 4: openat$adsp1(0xffffffffffffff9c, 0x0, 0x0, 0x0) r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f0000000300)={0x2, 0x0, @ioapic={0x0, 0x0, 0x0, 0x7fff, 0x0, [{0x0, 0x2}]}}) 03:29:06 executing program 0: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8d, 0x400000008d}, 0x0) getpid() r0 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r0, &(0x7f00000041c0)=[{{&(0x7f0000000780)=@xdp, 0x80, &(0x7f0000000b40)=[{&(0x7f0000000800)=""/55, 0x37}], 0x1}, 0x405}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) write$P9_RGETLOCK(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="350000194e621100000000000000000700f0000000000000cabccf258f89fc6da8c395aa018d83e0c6356c5aded74dc7e99c74d427ae85f25c5b80b95c85957da97fba0896741c3b4a18e6f44167ddbe0c0570d3438eccb779ee1311dcdfdf829060face36020a87829ad8dc6794ba8425204fd2014fcb7feb8c886459fe1c0d6e02cda33131a6a09c45c7436506c7f9e71402c4c9f4a71128e7727ee3582fe45a858994ce3dab322c7846ef0af200", @ANYRES32, @ANYBLOB="17007573657ac1"], 0x35) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x363) perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x7e, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000380)}, 0x9000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x4000000000000071, 0x0) r3 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000340)={0x6, 0x0, 0x0, 0x204f}) ioctl$DRM_IOCTL_AGP_FREE(r1, 0x40206435, &(0x7f00000004c0)={0x81, r4, 0x10000, 0x7}) ioctl$SNDRV_PCM_IOCTL_RESUME(r2, 0x4147, 0x0) mount$fuse(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000040)='fuse\x00', 0x0, &(0x7f0000000140)={{'fd', 0x3d, r3}, 0x2c, {'rootmode', 0x3d, 0x807a}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) [ 777.946551] Node 1 active_anon:2193716kB inactive_anon:28kB active_file:15468kB inactive_file:29944kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:19704kB dirty:264kB writeback:0kB shmem:28kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 778.191789] Node 0 DMA free:10448kB min:220kB low:272kB high:324kB active_anon:4344kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:4kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 778.257550] lowmem_reserve[]: 0 2559 2559 2559 2559 [ 778.278489] Node 0 DMA32 free:36112kB min:36296kB low:45368kB high:54440kB active_anon:1909956kB inactive_anon:16128kB active_file:32kB inactive_file:0kB unevictable:0kB writepending:12kB present:3129332kB managed:2623992kB mlocked:0kB kernel_stack:12512kB pagetables:45736kB bounce:0kB free_pcp:616kB local_pcp:272kB free_cma:0kB [ 778.309432] lowmem_reserve[]: 0 0 0 0 0 [ 778.313645] Node 0 Normal free:0kB min:0kB low:0kB high:0kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:0kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 778.313666] lowmem_reserve[]: 0 0 0 0 0 [ 778.313685] Node 1 Normal free:1091232kB min:53592kB low:66988kB high:80384kB active_anon:2194068kB inactive_anon:24kB active_file:15472kB inactive_file:29984kB unevictable:0kB writepending:60kB present:3932160kB managed:3870192kB mlocked:0kB kernel_stack:30560kB pagetables:74500kB bounce:0kB free_pcp:996kB local_pcp:444kB free_cma:0kB [ 778.313709] lowmem_reserve[]: 0 0 0 0 0 [ 778.313729] Node 0 DMA: 4*4kB (M) 16*8kB (UM) 2*16kB (UM) 5*32kB (UM) 2*64kB (UM) 2*128kB (UM) 0*256kB 1*512kB (M) 1*1024kB (M) 0*2048kB 2*4096kB (ME) = 10448kB [ 778.393987] Node 0 DMA32: 376*4kB (UME) 440*8kB (UMEH) 73*16kB (UME) 24*32kB (UM) 58*64kB (ME) 39*128kB (UME) 26*256kB (UM) 13*512kB (UM) 7*1024kB (M) 0*2048kB 0*4096kB = 36144kB [ 778.423802] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 778.435299] Node 1 Normal: 84*4kB (UME) 265*8kB (UME) 119*16kB (UME) 77*32kB (UME) 86*64kB (UME) 76*128kB (UME) 40*256kB (UME) 14*512kB (UME) 9*1024kB (UM) 3*2048kB (UME) 253*4096kB (M) = 1091112kB [ 778.454462] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 778.463957] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 778.473680] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 778.483510] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 778.492979] 12452 total pagecache pages [ 778.500088] 0 pages in swap cache [ 778.504838] Swap cache stats: add 0, delete 0, find 0/0 [ 778.510296] Free swap = 0kB [ 778.514468] Total swap = 0kB [ 778.517526] 1965979 pages RAM [ 778.520620] 0 pages HighMem/MovableOnly [ 778.525655] 338456 pages reserved 03:29:07 executing program 2: openat$adsp1(0xffffffffffffff9c, &(0x7f0000000180)='/dev/adsp1\x00', 0x0, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1) dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) 03:29:07 executing program 4: openat$adsp1(0xffffffffffffff9c, 0x0, 0x0, 0x0) r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f0000000300)={0x2, 0x0, @ioapic={0x0, 0x0, 0x0, 0x7fff, 0x0, [{0x0, 0x2}]}}) 03:29:07 executing program 5: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8d, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000280)={0x38, 0x2, 0x0, 0x0, 0x8}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f00000041c0)=[{{&(0x7f0000000780)=@xdp, 0x80, &(0x7f0000000b40)=[{&(0x7f0000000800)=""/55, 0x37}], 0x1}, 0x405}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) write$P9_RGETLOCK(r2, &(0x7f00000003c0)=ANY=[@ANYBLOB="350000194e621100000000000000000700f0000000000000cabccf258f89fc6da8c395aa018d83e0c6356c5aded74dc7e99c74d427ae85f25c5b80b95c85957da97fba0896741c3b4a18e6f44167ddbe0c0570d3438eccb779ee1311dcdfdf829060face36020a87829ad8dc6794ba8425204fd2014fcb7feb8c886459fe1c0d6e02cda33131a6a09c45c7436506c7f9e71402c4c9f4a71128e7727ee3582fe45a858994ce3dab322c7846ef0af200", @ANYRES32, @ANYBLOB="17007573657ac194ca"], 0x35) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x363) perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x7e, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000380)}, 0x9000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x4000000000000071, 0x0) r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000340)={0x6, 0x0, 0x0, 0x204f}) ioctl$DRM_IOCTL_AGP_FREE(r2, 0x40206435, &(0x7f00000004c0)={0x81, r5, 0x10000, 0x7}) ioctl$SNDRV_PCM_IOCTL_RESUME(r3, 0x4147, 0x0) mount$fuse(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x0, &(0x7f0000000140)={{'fd', 0x3d, r4}, 0x2c, {'rootmode', 0x3d, 0x807a}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) 03:29:07 executing program 1: r0 = socket$inet(0x2b, 0x1, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f0000000240)={0x1, 0x0, [{0x7, 0xffffffff, 0xd5d5, 0x0, 0x1ff}]}) bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e23, @multicast2}, 0x31) connect$inet(r0, &(0x7f0000000100)={0x2, 0x4e23, @local}, 0x10) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200)='nl80211\x00') sendmsg$NL80211_CMD_GET_SCAN(r3, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)={0x1c, r4, 0xab9535e9a6578fc1, 0x0, 0x0, {0x5}, [@NL80211_ATTR_WIPHY={0x8}]}, 0x1c}}, 0x0) socket$nl_route(0x10, 0x3, 0x0) socket$netlink(0x10, 0x3, 0x0) socket(0x10, 0x803, 0x0) ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000080)={'team0\x00'}) 03:29:07 executing program 3: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8d, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000280)={0x38, 0x2, 0x0, 0x0, 0x8}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f00000041c0)=[{{&(0x7f0000000780)=@xdp, 0x80, &(0x7f0000000b40)=[{&(0x7f0000000800)=""/55, 0x37}], 0x1}, 0x405}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) write$P9_RGETLOCK(r2, 0x0, 0x35) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x363) perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x7e, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000380)}, 0x9000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x4000000000000071, 0x0) r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000340)={0x6, 0x0, 0x0, 0x204f}) ioctl$DRM_IOCTL_AGP_FREE(r2, 0x40206435, &(0x7f00000004c0)={0x81, r5, 0x10000, 0x7}) ioctl$SNDRV_PCM_IOCTL_RESUME(r3, 0x4147, 0x0) mount$fuse(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000040)='fuse\x00', 0x0, &(0x7f0000000140)={{'fd', 0x3d, r4}, 0x2c, {'rootmode', 0x3d, 0x807a}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) 03:29:07 executing program 0: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8d, 0x400000008d}, 0x0) getpid() r0 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r0, &(0x7f00000041c0)=[{{&(0x7f0000000780)=@xdp, 0x80, &(0x7f0000000b40)=[{&(0x7f0000000800)=""/55, 0x37}], 0x1}, 0x405}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) write$P9_RGETLOCK(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="350000194e621100000000000000000700f0000000000000cabccf258f89fc6da8c395aa018d83e0c6356c5aded74dc7e99c74d427ae85f25c5b80b95c85957da97fba0896741c3b4a18e6f44167ddbe0c0570d3438eccb779ee1311dcdfdf829060face36020a87829ad8dc6794ba8425204fd2014fcb7feb8c886459fe1c0d6e02cda33131a6a09c45c7436506c7f9e71402c4c9f4a71128e7727ee3582fe45a858994ce3dab322c7846ef0af200", @ANYRES32, @ANYBLOB="17007573657ac1"], 0x35) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x363) perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x7e, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000380)}, 0x9000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x4000000000000071, 0x0) r3 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000340)={0x6, 0x0, 0x0, 0x204f}) ioctl$DRM_IOCTL_AGP_FREE(r1, 0x40206435, &(0x7f00000004c0)={0x81, r4, 0x10000, 0x7}) ioctl$SNDRV_PCM_IOCTL_RESUME(r2, 0x4147, 0x0) mount$fuse(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000040)='fuse\x00', 0x0, &(0x7f0000000140)={{'fd', 0x3d, r3}, 0x2c, {'rootmode', 0x3d, 0x807a}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) [ 778.529324] 0 pages cma reserved 03:29:07 executing program 4: openat$adsp1(0xffffffffffffff9c, 0x0, 0x0, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) ioctl$KVM_SET_IRQCHIP(r0, 0x8208ae63, &(0x7f0000000300)={0x2, 0x0, @ioapic={0x0, 0x0, 0x0, 0x7fff, 0x0, [{0x0, 0x2}]}}) 03:29:07 executing program 4: openat$adsp1(0xffffffffffffff9c, 0x0, 0x0, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) ioctl$KVM_SET_IRQCHIP(r0, 0x8208ae63, &(0x7f0000000300)={0x2, 0x0, @ioapic={0x0, 0x0, 0x0, 0x7fff, 0x0, [{0x0, 0x2}]}}) 03:29:07 executing program 5: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8d, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000280)={0x38, 0x2, 0x0, 0x0, 0x8}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f00000041c0)=[{{&(0x7f0000000780)=@xdp, 0x80, &(0x7f0000000b40)=[{&(0x7f0000000800)=""/55, 0x37}], 0x1}, 0x405}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) write$P9_RGETLOCK(r2, &(0x7f00000003c0)=ANY=[@ANYBLOB="350000194e621100000000000000000700f0000000000000cabccf258f89fc6da8c395aa018d83e0c6356c5aded74dc7e99c74d427ae85f25c5b80b95c85957da97fba0896741c3b4a18e6f44167ddbe0c0570d3438eccb779ee1311dcdfdf829060face36020a87829ad8dc6794ba8425204fd2014fcb7feb8c886459fe1c0d6e02cda33131a6a09c45c7436506c7f9e71402c4c9f4a71128e7727ee3582fe45a858994ce3dab322c7846ef0af200", @ANYRES32, @ANYBLOB="17007573657ac194ca"], 0x35) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x363) perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x7e, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000380)}, 0x9000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x4000000000000071, 0x0) r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000340)={0x6, 0x0, 0x0, 0x204f}) ioctl$DRM_IOCTL_AGP_FREE(r2, 0x40206435, &(0x7f00000004c0)={0x81, r5, 0x10000, 0x7}) ioctl$SNDRV_PCM_IOCTL_RESUME(r3, 0x4147, 0x0) mount$fuse(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x0, &(0x7f0000000140)={{'fd', 0x3d, r4}, 0x2c, {'rootmode', 0x3d, 0x807a}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) 03:29:07 executing program 3: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8d, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000280)={0x38, 0x2, 0x0, 0x0, 0x8}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f00000041c0)=[{{&(0x7f0000000780)=@xdp, 0x80, &(0x7f0000000b40)=[{&(0x7f0000000800)=""/55, 0x37}], 0x1}, 0x405}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) write$P9_RGETLOCK(r2, &(0x7f00000003c0)=ANY=[@ANYBLOB="350000194e621100000000000000000700f0000000000000cabccf258f89fc6da8c395aa018d83e0c6356c5aded74dc7e99c74d427ae85f25c5b80b95c85957da97fba0896741c3b4a18e6f44167ddbe0c0570d3438eccb779ee1311dcdfdf829060face36020a87829ad8dc6794ba8425204fd2014fcb7feb8c886459fe1c0d6e02cda33131a6a09c45c7436506c7f9e71402c4c9f4a71128e7727ee3582fe45a858994ce3dab322c7846ef0af200", @ANYRES32, @ANYBLOB="17007573657ac194ca"], 0x35) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x363) perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x7e, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000380)}, 0x9000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x4000000000000071, 0x0) r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000340)={0x6, 0x0, 0x0, 0x204f}) ioctl$DRM_IOCTL_AGP_FREE(r2, 0x40206435, &(0x7f00000004c0)={0x81, r5, 0x10000, 0x7}) ioctl$SNDRV_PCM_IOCTL_RESUME(r3, 0x4147, 0x0) mount$fuse(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x0, &(0x7f0000000140)={{'fd', 0x3d, r4}, 0x2c, {'rootmode', 0x3d, 0x807a}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) 03:29:07 executing program 0: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8d, 0x400000008d}, 0x0) getpid() r0 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r0, &(0x7f00000041c0)=[{{&(0x7f0000000780)=@xdp, 0x80, &(0x7f0000000b40)=[{&(0x7f0000000800)=""/55, 0x37}], 0x1}, 0x405}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) write$P9_RGETLOCK(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="350000194e621100000000000000000700f0000000000000cabccf258f89fc6da8c395aa018d83e0c6356c5aded74dc7e99c74d427ae85f25c5b80b95c85957da97fba0896741c3b4a18e6f44167ddbe0c0570d3438eccb779ee1311dcdfdf829060face36020a87829ad8dc6794ba8425204fd2014fcb7feb8c886459fe1c0d6e02cda33131a6a09c45c7436506c7f9e71402c4c9f4a71128e7727ee3582fe45a858994ce3dab322c7846ef0af200", @ANYRES32, @ANYBLOB="17007573657ac1"], 0x35) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x363) perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x7e, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000380)}, 0x9000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x4000000000000071, 0x0) r3 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000340)={0x6, 0x0, 0x0, 0x204f}) ioctl$DRM_IOCTL_AGP_FREE(r1, 0x40206435, &(0x7f00000004c0)={0x81, r4, 0x10000, 0x7}) ioctl$SNDRV_PCM_IOCTL_RESUME(r2, 0x4147, 0x0) mount$fuse(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000040)='fuse\x00', 0x0, &(0x7f0000000140)={{'fd', 0x3d, r3}, 0x2c, {'rootmode', 0x3d, 0x807a}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) [ 778.967050] syz-executor.2: page allocation failure: order:0, mode:0x14000c4(GFP_KERNEL|GFP_DMA32), nodemask=(null) [ 779.005014] syz-executor.2 cpuset=/ mems_allowed=0-1 [ 779.010574] CPU: 1 PID: 4588 Comm: syz-executor.2 Not tainted 4.14.184-syzkaller #0 [ 779.018391] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 779.027763] Call Trace: [ 779.030365] dump_stack+0x1b2/0x283 [ 779.034013] warn_alloc.cold+0x96/0x1af [ 779.038004] ? zone_watermark_ok_safe+0x250/0x250 [ 779.042881] ? wait_for_completion_io+0x10/0x10 [ 779.047585] __alloc_pages_nodemask+0x2129/0x2730 [ 779.052496] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 779.057375] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 779.062288] ? do_raw_spin_unlock+0x164/0x250 [ 779.066816] alloc_pages_current+0xe7/0x1e0 [ 779.071179] kvm_mmu_create+0xd1/0x1c0 [ 779.075105] kvm_arch_vcpu_init+0x282/0x890 [ 779.079464] ? alloc_pages_current+0xef/0x1e0 [ 779.083980] kvm_vcpu_init+0x26d/0x360 [ 779.087894] vmx_create_vcpu+0xf5/0x2950 [ 779.091983] ? __mutex_unlock_slowpath+0x75/0x780 [ 779.096853] ? drop_futex_key_refs.isra.0+0x17/0x80 [ 779.101896] ? alloc_loaded_vmcs+0x240/0x240 [ 779.106335] kvm_vm_ioctl+0x4ae/0x1430 [ 779.110243] ? __lock_acquire+0x655/0x42a0 [ 779.114501] ? kvm_vcpu_release+0xa0/0xa0 [ 779.118668] ? trace_hardirqs_on+0x10/0x10 [ 779.122926] ? trace_hardirqs_on+0x10/0x10 [ 779.127187] ? futex_exit_release+0x60/0x60 [ 779.131536] ? __might_fault+0x104/0x1b0 [ 779.135649] ? lock_acquire+0x170/0x3f0 [ 779.139658] ? kvm_vcpu_release+0xa0/0xa0 [ 779.143821] do_vfs_ioctl+0x75a/0xfe0 [ 779.147643] ? selinux_parse_skb.constprop.0+0x16c0/0x16c0 [ 779.153285] ? ioctl_preallocate+0x1a0/0x1a0 [ 779.157723] ? security_file_ioctl+0x76/0xb0 [ 779.162149] ? security_file_ioctl+0x83/0xb0 [ 779.166577] SyS_ioctl+0x7f/0xb0 [ 779.170064] ? do_vfs_ioctl+0xfe0/0xfe0 [ 779.174088] do_syscall_64+0x1d5/0x640 [ 779.177991] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 779.183185] RIP: 0033:0x45cba9 [ 779.186373] RSP: 002b:00007f7907af5c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 779.194272] RAX: ffffffffffffffda RBX: 00000000004e85c0 RCX: 000000000045cba9 [ 779.201660] RDX: 0000000000000000 RSI: 000000000000ae41 RDI: 0000000000000005 [ 779.209078] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 779.216372] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 779.223663] R13: 00000000000003a3 R14: 00000000004c652f R15: 00007f7907af66d4 [ 779.239280] warn_alloc_show_mem: 2 callbacks suppressed [ 779.239285] Mem-Info: 03:29:08 executing program 4: openat$adsp1(0xffffffffffffff9c, 0x0, 0x0, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) ioctl$KVM_SET_IRQCHIP(r0, 0x8208ae63, &(0x7f0000000300)={0x2, 0x0, @ioapic={0x0, 0x0, 0x0, 0x7fff, 0x0, [{0x0, 0x2}]}}) [ 779.262738] active_anon:1027718 inactive_anon:4039 isolated_anon:0 [ 779.262738] active_file:3879 inactive_file:7500 isolated_file:0 [ 779.262738] unevictable:0 dirty:29 writeback:0 unstable:0 [ 779.262738] slab_reclaimable:16026 slab_unreclaimable:138108 [ 779.262738] mapped:58234 shmem:4200 pagetables:30194 bounce:0 [ 779.262738] free:284275 free_pcp:327 free_cma:0 [ 779.368197] Node 0 active_anon:1914300kB inactive_anon:16128kB active_file:28kB inactive_file:4kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:213224kB dirty:8kB writeback:0kB shmem:16772kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 1445888kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 779.423323] Node 1 active_anon:2193572kB inactive_anon:28kB active_file:15488kB inactive_file:29996kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:18612kB dirty:308kB writeback:0kB shmem:28kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 779.453039] Node 0 DMA free:10448kB min:220kB low:272kB high:324kB active_anon:4344kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:4kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 779.480854] lowmem_reserve[]: 0 2559 2559 2559 2559 [ 779.488238] Node 0 DMA32 free:36096kB min:36296kB low:45368kB high:54440kB active_anon:1909956kB inactive_anon:16128kB active_file:28kB inactive_file:4kB unevictable:0kB writepending:8kB present:3129332kB managed:2623992kB mlocked:0kB kernel_stack:12512kB pagetables:45736kB bounce:0kB free_pcp:608kB local_pcp:332kB free_cma:0kB [ 779.519081] lowmem_reserve[]: 0 0 0 0 0 [ 779.524260] Node 0 Normal free:0kB min:0kB low:0kB high:0kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:0kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 779.551054] lowmem_reserve[]: 0 0 0 0 0 [ 779.555441] Node 1 Normal free:1094372kB min:53592kB low:66988kB high:80384kB active_anon:2194172kB inactive_anon:28kB active_file:15488kB inactive_file:29996kB unevictable:0kB writepending:404kB present:3932160kB managed:3870192kB mlocked:0kB kernel_stack:30496kB pagetables:74592kB bounce:0kB free_pcp:992kB local_pcp:672kB free_cma:0kB [ 779.591948] lowmem_reserve[]: 0 0 0 0 0 [ 779.596003] Node 0 DMA: 4*4kB (M) 16*8kB (UM) 2*16kB (UM) 5*32kB (UM) 2*64kB (UM) 2*128kB (UM) 0*256kB 1*512kB (M) 1*1024kB (M) 0*2048kB 2*4096kB (ME) = 10448kB [ 779.612182] Node 0 DMA32: 376*4kB (UME) 449*8kB (UMEH) 73*16kB (UME) 24*32kB (UM) 58*64kB (ME) 39*128kB (UME) 26*256kB (UM) 13*512kB (UM) 7*1024kB (M) 0*2048kB 0*4096kB = 36216kB [ 779.628835] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 779.641288] Node 1 Normal: 180*4kB (UME) 58*8kB (UME) 98*16kB (ME) 88*32kB (UME) 88*64kB (UME) 93*128kB (UME) 34*256kB (UME) 13*512kB (UME) 11*1024kB (UM) 3*2048kB (UME) 253*4096kB (M) = 1092160kB [ 779.659741] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 779.669787] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 779.679082] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 779.688668] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 779.697942] 12459 total pagecache pages [ 779.702647] 0 pages in swap cache [ 779.706132] Swap cache stats: add 0, delete 0, find 0/0 [ 779.712657] Free swap = 0kB [ 779.715688] Total swap = 0kB [ 779.718698] 1965979 pages RAM 03:29:08 executing program 2: openat$adsp1(0xffffffffffffff9c, &(0x7f0000000180)='/dev/adsp1\x00', 0x0, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1) dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) 03:29:08 executing program 5: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8d, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000280)={0x38, 0x2, 0x0, 0x0, 0x8}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f00000041c0)=[{{&(0x7f0000000780)=@xdp, 0x80, &(0x7f0000000b40)=[{&(0x7f0000000800)=""/55, 0x37}], 0x1}, 0x405}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) write$P9_RGETLOCK(r2, &(0x7f00000003c0)=ANY=[@ANYBLOB="350000194e621100000000000000000700f0000000000000cabccf258f89fc6da8c395aa018d83e0c6356c5aded74dc7e99c74d427ae85f25c5b80b95c85957da97fba0896741c3b4a18e6f44167ddbe0c0570d3438eccb779ee1311dcdfdf829060face36020a87829ad8dc6794ba8425204fd2014fcb7feb8c886459fe1c0d6e02cda33131a6a09c45c7436506c7f9e71402c4c9f4a71128e7727ee3582fe45a858994ce3dab322c7846ef0af200", @ANYRES32, @ANYBLOB="17007573657ac194ca"], 0x35) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x363) perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x7e, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000380)}, 0x9000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x4000000000000071, 0x0) openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000340)={0x6, 0x0, 0x0, 0x204f}) ioctl$DRM_IOCTL_AGP_FREE(r2, 0x40206435, &(0x7f00000004c0)={0x81, r4, 0x10000, 0x7}) ioctl$SNDRV_PCM_IOCTL_RESUME(r3, 0x4147, 0x0) mount$fuse(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000040)='fuse\x00', 0x0, 0x0) 03:29:08 executing program 4: openat$adsp1(0xffffffffffffff9c, 0x0, 0x0, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f0000000300)={0x2, 0x0, @ioapic={0x0, 0x0, 0x0, 0x7fff, 0x0, [{0x0, 0x2}]}}) 03:29:08 executing program 3: r0 = socket$inet(0x2b, 0x1, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f0000000240)={0x1, 0x0, [{0x7, 0xffffffff, 0xd5d5, 0x0, 0x1ff}]}) bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e23, @multicast2}, 0x31) connect$inet(r0, &(0x7f0000000100)={0x2, 0x4e23, @local}, 0x10) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200)='nl80211\x00') sendmsg$NL80211_CMD_GET_SCAN(r3, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)={0x1c, r4, 0xab9535e9a6578fc1, 0x0, 0x0, {0x5}, [@NL80211_ATTR_WIPHY={0x8}]}, 0x1c}}, 0x0) socket$nl_route(0x10, 0x3, 0x0) socket$netlink(0x10, 0x3, 0x0) socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000540)={0x0}}, 0x0) ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000080)={'team0\x00'}) 03:29:08 executing program 1: r0 = socket$inet(0x2b, 0x1, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f0000000240)={0x1, 0x0, [{0x7, 0xffffffff, 0xd5d5, 0x0, 0x1ff}]}) bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e23, @multicast2}, 0x31) connect$inet(r0, &(0x7f0000000100)={0x2, 0x4e23, @local}, 0x10) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200)='nl80211\x00') sendmsg$NL80211_CMD_GET_SCAN(r3, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)={0x1c, r4, 0xab9535e9a6578fc1, 0x0, 0x0, {0x5}, [@NL80211_ATTR_WIPHY={0x8}]}, 0x1c}}, 0x0) r5 = socket$nl_route(0x10, 0x3, 0x0) r6 = socket$netlink(0x10, 0x3, 0x0) r7 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000540)={0x0}}, 0x0) getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000580)=0x14) sendmsg$nl_route(r6, &(0x7f0000000040)={0x0, 0x30, &(0x7f0000000280)={&(0x7f0000000380)=ANY=[@ANYRES64, @ANYRESDEC, @ANYBLOB="8789490205f180e9b9d88d2e2a657077176aefddcdfd544cde9261fd1feda40d88ec6624f3442eeb138dfe760ca629209258761d77f9945b12c6f50cc350975b0f2154f577e68e6d9a1ad1e7fc3bf6b2741fa959b7ebe1d84dcb7e95c0137f28f8a4b48048bce04ecb3b7ab703ea624da6388c032ef3d8fb1b9ea91a0d87293d9aebc278e2c5bd1759f7e942bba7539a76ab16d09dc98f1a5a8879", @ANYRESOCT=r7, @ANYBLOB="450978156c328a1bbc9eecf2686081c84ec1de259580bdc908dd772da58b783414e706feddf31bb04a632f46f9f09d1de9bc0eff0655a8c6c8834f6dce0ff9f42cb1482de8d1c50b052688c7eaeadfda908fa3e1c55292a77b2624a301024578bdae8d63098d6d285fa2a039b6789d52f39177d0d9bf5ab2e2c269cfb6c45096a3032762a1864a886d11db9f3b71c07f6cd36a16dcad2e7e22cc59fe748d44819cba2bc59242222480ffb6b47b6b108c102aef03016518921e2c040e2e", @ANYRES32, @ANYRES64], 0x3c}}, 0x20000000) sendmsg$nl_route(r5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000300)=ANY=[@ANYBLOB="3c0000001000010400"/20, @ANYRES32=r8, @ANYBLOB="00000000000000001c00128009000100626f6e64000000000c0002800800030003000000e866f57bdf1c1d82ec71"], 0x3c}}, 0x0) ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000080)={'team0\x00'}) 03:29:08 executing program 0: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8d, 0x400000008d}, 0x0) sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x2, 0x0, 0x0, 0x8}, 0x0) r0 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r0, &(0x7f00000041c0)=[{{&(0x7f0000000780)=@xdp, 0x80, &(0x7f0000000b40)=[{&(0x7f0000000800)=""/55, 0x37}], 0x1}, 0x405}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) write$P9_RGETLOCK(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="350000194e621100000000000000000700f0000000000000cabccf258f89fc6da8c395aa018d83e0c6356c5aded74dc7e99c74d427ae85f25c5b80b95c85957da97fba0896741c3b4a18e6f44167ddbe0c0570d3438eccb779ee1311dcdfdf829060face36020a87829ad8dc6794ba8425204fd2014fcb7feb8c886459fe1c0d6e02cda33131a6a09c45c7436506c7f9e71402c4c9f4a71128e7727ee3582fe45a858994ce3dab322c7846ef0af200", @ANYRES32, @ANYBLOB="17007573657ac1"], 0x35) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x363) perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x7e, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000380)}, 0x9000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x4000000000000071, 0x0) r3 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000340)={0x6, 0x0, 0x0, 0x204f}) ioctl$DRM_IOCTL_AGP_FREE(r1, 0x40206435, &(0x7f00000004c0)={0x81, r4, 0x10000, 0x7}) ioctl$SNDRV_PCM_IOCTL_RESUME(r2, 0x4147, 0x0) mount$fuse(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000040)='fuse\x00', 0x0, &(0x7f0000000140)={{'fd', 0x3d, r3}, 0x2c, {'rootmode', 0x3d, 0x807a}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) [ 779.722754] 0 pages HighMem/MovableOnly [ 779.726773] 338456 pages reserved [ 779.730220] 0 pages cma reserved 03:29:08 executing program 3: openat$adsp1(0xffffffffffffff9c, &(0x7f0000000180)='/dev/adsp1\x00', 0x0, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1) dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) 03:29:08 executing program 4: openat$adsp1(0xffffffffffffff9c, 0x0, 0x0, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f0000000300)={0x2, 0x0, @ioapic={0x0, 0x0, 0x0, 0x7fff, 0x0, [{0x0, 0x2}]}}) 03:29:09 executing program 5: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8d, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000280)={0x38, 0x2, 0x0, 0x0, 0x8}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f00000041c0)=[{{&(0x7f0000000780)=@xdp, 0x80, &(0x7f0000000b40)=[{&(0x7f0000000800)=""/55, 0x37}], 0x1}, 0x405}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) write$P9_RGETLOCK(r2, &(0x7f00000003c0)=ANY=[@ANYBLOB="350000194e621100000000000000000700f0000000000000cabccf258f89fc6da8c395aa018d83e0c6356c5aded74dc7e99c74d427ae85f25c5b80b95c85957da97fba0896741c3b4a18e6f44167ddbe0c0570d3438eccb779ee1311dcdfdf829060face36020a87829ad8dc6794ba8425204fd2014fcb7feb8c886459fe1c0d6e02cda33131a6a09c45c7436506c7f9e71402c4c9f4a71128e7727ee3582fe45a858994ce3dab322c7846ef0af200", @ANYRES32, @ANYBLOB="17007573657ac194ca"], 0x35) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x363) perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x7e, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000380)}, 0x9000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x4000000000000071, 0x0) openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000340)={0x6, 0x0, 0x0, 0x204f}) ioctl$DRM_IOCTL_AGP_FREE(r2, 0x40206435, &(0x7f00000004c0)={0x81, r4, 0x10000, 0x7}) ioctl$SNDRV_PCM_IOCTL_RESUME(r3, 0x4147, 0x0) mount$fuse(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000040)='fuse\x00', 0x0, 0x0) 03:29:09 executing program 0: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8d, 0x400000008d}, 0x0) sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x2, 0x0, 0x0, 0x8}, 0x0) r0 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r0, &(0x7f00000041c0)=[{{&(0x7f0000000780)=@xdp, 0x80, &(0x7f0000000b40)=[{&(0x7f0000000800)=""/55, 0x37}], 0x1}, 0x405}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) write$P9_RGETLOCK(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="350000194e621100000000000000000700f0000000000000cabccf258f89fc6da8c395aa018d83e0c6356c5aded74dc7e99c74d427ae85f25c5b80b95c85957da97fba0896741c3b4a18e6f44167ddbe0c0570d3438eccb779ee1311dcdfdf829060face36020a87829ad8dc6794ba8425204fd2014fcb7feb8c886459fe1c0d6e02cda33131a6a09c45c7436506c7f9e71402c4c9f4a71128e7727ee3582fe45a858994ce3dab322c7846ef0af200", @ANYRES32, @ANYBLOB="17007573657ac1"], 0x35) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x363) perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x7e, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000380)}, 0x9000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x4000000000000071, 0x0) r3 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000340)={0x6, 0x0, 0x0, 0x204f}) ioctl$DRM_IOCTL_AGP_FREE(r1, 0x40206435, &(0x7f00000004c0)={0x81, r4, 0x10000, 0x7}) ioctl$SNDRV_PCM_IOCTL_RESUME(r2, 0x4147, 0x0) mount$fuse(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000040)='fuse\x00', 0x0, &(0x7f0000000140)={{'fd', 0x3d, r3}, 0x2c, {'rootmode', 0x3d, 0x807a}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) [ 780.092735] syz-executor.2: page allocation failure: order:0, mode:0x14000c4(GFP_KERNEL|GFP_DMA32), nodemask=(null) [ 780.110820] syz-executor.2 cpuset=/ mems_allowed=0-1 [ 780.121443] CPU: 0 PID: 4677 Comm: syz-executor.2 Not tainted 4.14.184-syzkaller #0 [ 780.129288] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 780.138668] Call Trace: [ 780.141281] dump_stack+0x1b2/0x283 [ 780.144951] warn_alloc.cold+0x96/0x1af [ 780.148950] ? zone_watermark_ok_safe+0x250/0x250 [ 780.153849] ? wait_for_completion_io+0x10/0x10 [ 780.158650] __alloc_pages_nodemask+0x2129/0x2730 [ 780.163537] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 780.168405] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 780.173286] ? do_raw_spin_unlock+0x164/0x250 [ 780.177849] alloc_pages_current+0xe7/0x1e0 [ 780.182194] kvm_mmu_create+0xd1/0x1c0 [ 780.186101] kvm_arch_vcpu_init+0x282/0x890 [ 780.190443] ? alloc_pages_current+0xef/0x1e0 [ 780.194968] kvm_vcpu_init+0x26d/0x360 [ 780.198881] vmx_create_vcpu+0xf5/0x2950 [ 780.202968] ? __mutex_unlock_slowpath+0x75/0x780 [ 780.207834] ? drop_futex_key_refs.isra.0+0x17/0x80 [ 780.213005] ? alloc_loaded_vmcs+0x240/0x240 [ 780.217443] kvm_vm_ioctl+0x4ae/0x1430 [ 780.221361] ? __lock_acquire+0x655/0x42a0 [ 780.225627] ? kvm_vcpu_release+0xa0/0xa0 [ 780.229791] ? trace_hardirqs_on+0x10/0x10 [ 780.234037] ? trace_hardirqs_on+0x10/0x10 [ 780.238282] ? futex_exit_release+0x60/0x60 [ 780.242653] ? __might_fault+0x104/0x1b0 [ 780.246730] ? lock_acquire+0x170/0x3f0 [ 780.250852] ? kvm_vcpu_release+0xa0/0xa0 [ 780.255013] do_vfs_ioctl+0x75a/0xfe0 [ 780.258841] ? selinux_parse_skb.constprop.0+0x16c0/0x16c0 [ 780.264523] ? ioctl_preallocate+0x1a0/0x1a0 [ 780.268971] ? security_file_ioctl+0x76/0xb0 [ 780.273403] ? security_file_ioctl+0x83/0xb0 [ 780.277833] SyS_ioctl+0x7f/0xb0 [ 780.281210] ? do_vfs_ioctl+0xfe0/0xfe0 [ 780.285209] do_syscall_64+0x1d5/0x640 [ 780.289123] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 780.294336] RIP: 0033:0x45cba9 [ 780.297531] RSP: 002b:00007f7907af5c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 780.305288] RAX: ffffffffffffffda RBX: 00000000004e85c0 RCX: 000000000045cba9 [ 780.312575] RDX: 0000000000000000 RSI: 000000000000ae41 RDI: 0000000000000005 [ 780.319863] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 780.327152] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 780.334440] R13: 00000000000003a3 R14: 00000000004c652f R15: 00007f7907af66d4 03:29:09 executing program 4: openat$adsp1(0xffffffffffffff9c, 0x0, 0x0, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f0000000300)={0x2, 0x0, @ioapic={0x0, 0x0, 0x0, 0x7fff, 0x0, [{0x0, 0x2}]}}) [ 780.348899] syz-executor.3: page allocation failure: order:0, mode:0x14000c4(GFP_KERNEL|GFP_DMA32), nodemask=(null) [ 780.376571] syz-executor.3 cpuset=/ mems_allowed=0-1 [ 780.390535] CPU: 0 PID: 4701 Comm: syz-executor.3 Not tainted 4.14.184-syzkaller #0 [ 780.398397] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 780.407797] Call Trace: [ 780.410401] dump_stack+0x1b2/0x283 [ 780.414049] warn_alloc.cold+0x96/0x1af [ 780.418042] ? zone_watermark_ok_safe+0x250/0x250 [ 780.422917] ? wait_for_completion_io+0x10/0x10 [ 780.427614] __alloc_pages_nodemask+0x2129/0x2730 [ 780.432500] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 780.437411] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 780.442287] ? do_raw_spin_unlock+0x164/0x250 [ 780.446806] alloc_pages_current+0xe7/0x1e0 [ 780.451165] kvm_mmu_create+0xd1/0x1c0 [ 780.455079] kvm_arch_vcpu_init+0x282/0x890 [ 780.459506] ? alloc_pages_current+0xef/0x1e0 [ 780.464036] kvm_vcpu_init+0x26d/0x360 [ 780.467974] vmx_create_vcpu+0xf5/0x2950 [ 780.472067] ? __mutex_unlock_slowpath+0x75/0x780 [ 780.476940] ? drop_futex_key_refs.isra.0+0x17/0x80 [ 780.481989] ? alloc_loaded_vmcs+0x240/0x240 [ 780.486488] kvm_vm_ioctl+0x4ae/0x1430 [ 780.490546] ? __lock_acquire+0x655/0x42a0 [ 780.494806] ? kvm_vcpu_release+0xa0/0xa0 [ 780.498986] ? trace_hardirqs_on+0x10/0x10 [ 780.503247] ? trace_hardirqs_on+0x10/0x10 [ 780.507511] ? futex_exit_release+0x60/0x60 [ 780.511851] ? __might_fault+0x104/0x1b0 [ 780.515930] ? lock_acquire+0x170/0x3f0 [ 780.520058] ? kvm_vcpu_release+0xa0/0xa0 [ 780.524247] do_vfs_ioctl+0x75a/0xfe0 [ 780.528113] ? selinux_parse_skb.constprop.0+0x16c0/0x16c0 [ 780.533763] ? ioctl_preallocate+0x1a0/0x1a0 [ 780.538206] ? security_file_ioctl+0x76/0xb0 [ 780.542665] ? security_file_ioctl+0x83/0xb0 [ 780.547096] SyS_ioctl+0x7f/0xb0 [ 780.550469] ? do_vfs_ioctl+0xfe0/0xfe0 [ 780.554450] do_syscall_64+0x1d5/0x640 [ 780.558344] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 780.563546] RIP: 0033:0x45cba9 [ 780.566737] RSP: 002b:00007f07f91fbc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 780.574461] RAX: ffffffffffffffda RBX: 00000000004e85c0 RCX: 000000000045cba9 [ 780.581882] RDX: 0000000000000000 RSI: 000000000000ae41 RDI: 0000000000000005 [ 780.589172] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 03:29:09 executing program 1: r0 = socket$inet(0x2b, 0x1, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f0000000240)={0x1, 0x0, [{0x7, 0xffffffff, 0xd5d5, 0x0, 0x1ff}]}) bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e23, @multicast2}, 0x31) connect$inet(r0, &(0x7f0000000100)={0x2, 0x4e23, @local}, 0x10) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200)='nl80211\x00') sendmsg$NL80211_CMD_GET_SCAN(r3, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)={0x1c, r4, 0xab9535e9a6578fc1, 0x0, 0x0, {0x5}, [@NL80211_ATTR_WIPHY={0x8}]}, 0x1c}}, 0x0) r5 = socket$nl_route(0x10, 0x3, 0x0) r6 = socket$netlink(0x10, 0x3, 0x0) r7 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000540)={0x0}}, 0x0) getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000580)=0x14) sendmsg$nl_route(r6, &(0x7f0000000040)={0x0, 0x30, &(0x7f0000000280)={&(0x7f0000000380)=ANY=[@ANYRES64, @ANYRESDEC, @ANYBLOB="8789490205f180e9b9d88d2e2a657077176aefddcdfd544cde9261fd1feda40d88ec6624f3442eeb138dfe760ca629209258761d77f9945b12c6f50cc350975b0f2154f577e68e6d9a1ad1e7fc3bf6b2741fa959b7ebe1d84dcb7e95c0137f28f8a4b48048bce04ecb3b7ab703ea624da6388c032ef3d8fb1b9ea91a0d87293d9aebc278e2c5bd1759f7e942bba7539a76ab16d09dc98f1a5a8879", @ANYRESOCT=r7, @ANYBLOB="450978156c328a1bbc9eecf2686081c84ec1de259580bdc908dd772da58b783414e706feddf31bb04a632f46f9f09d1de9bc0eff0655a8c6c8834f6dce0ff9f42cb1482de8d1c50b052688c7eaeadfda908fa3e1c55292a77b2624a301024578bdae8d63098d6d285fa2a039b6789d52f39177d0d9bf5ab2e2c269cfb6c45096a3032762a1864a886d11db9f3b71c07f6cd36a16dcad2e7e22cc59fe748d44819cba2bc59242222480ffb6b47b6b108c102aef03016518921e2c040e2e", @ANYRES32, @ANYRES64], 0x3c}}, 0x20000000) sendmsg$nl_route(r5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000300)=ANY=[@ANYBLOB="3c0000001000010400"/20, @ANYRES32=r8, @ANYBLOB="00000000000000001c00128009000100626f6e64000000000c0002800800030003000000e866f57bdf1c1d82ec71"], 0x3c}}, 0x0) ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000080)={'team0\x00'}) [ 780.596458] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 780.603746] R13: 00000000000003a3 R14: 00000000004c652f R15: 00007f07f91fc6d4 [ 780.678659] Mem-Info: [ 780.682516] active_anon:1027812 inactive_anon:4040 isolated_anon:0 [ 780.682516] active_file:3873 inactive_file:7505 isolated_file:6 [ 780.682516] unevictable:0 dirty:58 writeback:5 unstable:0 [ 780.682516] slab_reclaimable:16009 slab_unreclaimable:138164 [ 780.682516] mapped:58239 shmem:4200 pagetables:30154 bounce:0 [ 780.682516] free:284249 free_pcp:455 free_cma:0 [ 780.725928] Node 0 active_anon:1914300kB inactive_anon:16128kB active_file:4kB inactive_file:4kB unevictable:0kB isolated(anon):0kB isolated(file):24kB mapped:213252kB dirty:0kB writeback:0kB shmem:16772kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 1445888kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 780.799227] Node 1 active_anon:2197248kB inactive_anon:32kB active_file:15488kB inactive_file:30016kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:19704kB dirty:332kB writeback:20kB shmem:28kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 780.827899] Node 0 DMA free:10448kB min:220kB low:272kB high:324kB active_anon:4344kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:4kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 780.858942] lowmem_reserve[]: 0 2559 2559 2559 2559 [ 780.865604] Node 0 DMA32 free:36384kB min:36296kB low:45368kB high:54440kB active_anon:1909956kB inactive_anon:16128kB active_file:4kB inactive_file:4kB unevictable:0kB writepending:0kB present:3129332kB managed:2623992kB mlocked:0kB kernel_stack:12512kB pagetables:45736kB bounce:0kB free_pcp:800kB local_pcp:368kB free_cma:0kB [ 780.897566] lowmem_reserve[]: 0 0 0 0 0 [ 780.902758] Node 0 Normal free:0kB min:0kB low:0kB high:0kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:0kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 780.931369] lowmem_reserve[]: 0 0 0 0 0 [ 780.935531] Node 1 Normal free:1091512kB min:53592kB low:66988kB high:80384kB active_anon:2196292kB inactive_anon:32kB active_file:15492kB inactive_file:30016kB unevictable:0kB writepending:312kB present:3932160kB managed:3870192kB mlocked:0kB kernel_stack:30592kB pagetables:74512kB bounce:0kB free_pcp:1520kB local_pcp:788kB free_cma:0kB [ 780.966916] lowmem_reserve[]: 0 0 0 0 0 [ 780.970946] Node 0 DMA: 4*4kB (M) 17*8kB (UM) 2*16kB (UM) 5*32kB (UM) 2*64kB (UM) 2*128kB (UM) 0*256kB 1*512kB (M) 1*1024kB (M) 0*2048kB 2*4096kB (ME) = 10456kB [ 780.987077] Node 0 DMA32: 376*4kB (UME) 473*8kB (UME) 76*16kB (UME) 24*32kB (UM) 58*64kB (ME) 39*128kB (UME) 26*256kB (UM) 13*512kB (UM) 7*1024kB (M) 0*2048kB 0*4096kB = 36456kB [ 781.004236] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 781.016105] Node 1 Normal: 178*4kB (UME) 339*8kB (UME) 49*16kB (UME) 71*32kB (UME) 63*64kB (UME) 51*128kB (UME) 42*256kB (UME) 17*512kB (UME) 12*1024kB (UM) 3*2048kB (UME) 253*4096kB (M) = 1091216kB [ 781.034588] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 781.043879] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 781.052617] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 781.061589] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 781.070180] 12474 total pagecache pages [ 781.074331] 0 pages in swap cache [ 781.077782] Swap cache stats: add 0, delete 0, find 0/0 [ 781.083226] Free swap = 0kB [ 781.086246] Total swap = 0kB [ 781.089277] 1965979 pages RAM [ 781.092508] 0 pages HighMem/MovableOnly [ 781.096512] 338456 pages reserved 03:29:10 executing program 2: openat$adsp1(0xffffffffffffff9c, &(0x7f0000000180)='/dev/adsp1\x00', 0x0, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x0) 03:29:10 executing program 5: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8d, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000280)={0x38, 0x2, 0x0, 0x0, 0x8}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f00000041c0)=[{{&(0x7f0000000780)=@xdp, 0x80, &(0x7f0000000b40)=[{&(0x7f0000000800)=""/55, 0x37}], 0x1}, 0x405}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) write$P9_RGETLOCK(r2, &(0x7f00000003c0)=ANY=[@ANYBLOB="350000194e621100000000000000000700f0000000000000cabccf258f89fc6da8c395aa018d83e0c6356c5aded74dc7e99c74d427ae85f25c5b80b95c85957da97fba0896741c3b4a18e6f44167ddbe0c0570d3438eccb779ee1311dcdfdf829060face36020a87829ad8dc6794ba8425204fd2014fcb7feb8c886459fe1c0d6e02cda33131a6a09c45c7436506c7f9e71402c4c9f4a71128e7727ee3582fe45a858994ce3dab322c7846ef0af200", @ANYRES32, @ANYBLOB="17007573657ac194ca"], 0x35) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x363) perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x7e, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000380)}, 0x9000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x4000000000000071, 0x0) openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000340)={0x6, 0x0, 0x0, 0x204f}) ioctl$DRM_IOCTL_AGP_FREE(r2, 0x40206435, &(0x7f00000004c0)={0x81, r4, 0x10000, 0x7}) ioctl$SNDRV_PCM_IOCTL_RESUME(r3, 0x4147, 0x0) mount$fuse(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000040)='fuse\x00', 0x0, 0x0) 03:29:10 executing program 0: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8d, 0x400000008d}, 0x0) sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x2, 0x0, 0x0, 0x8}, 0x0) r0 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r0, &(0x7f00000041c0)=[{{&(0x7f0000000780)=@xdp, 0x80, &(0x7f0000000b40)=[{&(0x7f0000000800)=""/55, 0x37}], 0x1}, 0x405}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) write$P9_RGETLOCK(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="350000194e621100000000000000000700f0000000000000cabccf258f89fc6da8c395aa018d83e0c6356c5aded74dc7e99c74d427ae85f25c5b80b95c85957da97fba0896741c3b4a18e6f44167ddbe0c0570d3438eccb779ee1311dcdfdf829060face36020a87829ad8dc6794ba8425204fd2014fcb7feb8c886459fe1c0d6e02cda33131a6a09c45c7436506c7f9e71402c4c9f4a71128e7727ee3582fe45a858994ce3dab322c7846ef0af200", @ANYRES32, @ANYBLOB="17007573657ac1"], 0x35) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x363) perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x7e, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000380)}, 0x9000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x4000000000000071, 0x0) r3 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000340)={0x6, 0x0, 0x0, 0x204f}) ioctl$DRM_IOCTL_AGP_FREE(r1, 0x40206435, &(0x7f00000004c0)={0x81, r4, 0x10000, 0x7}) ioctl$SNDRV_PCM_IOCTL_RESUME(r2, 0x4147, 0x0) mount$fuse(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000040)='fuse\x00', 0x0, &(0x7f0000000140)={{'fd', 0x3d, r3}, 0x2c, {'rootmode', 0x3d, 0x807a}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) 03:29:10 executing program 4: openat$adsp1(0xffffffffffffff9c, 0x0, 0x0, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(0xffffffffffffffff) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f0000000300)={0x2, 0x0, @ioapic={0x0, 0x0, 0x0, 0x7fff, 0x0, [{0x0, 0x2}]}}) 03:29:10 executing program 3: r0 = socket$inet(0x2b, 0x1, 0x0) bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e23, @multicast2}, 0x31) connect$inet(r0, &(0x7f0000000100)={0x2, 0x4e23, @local}, 0x10) sendmsg$NL80211_CMD_GET_SCAN(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000600)=ANY=[@ANYRESHEX, @ANYBLOB="1017822974c5e61fc1928db28b617209377500feec623a7c7b88c20e8950263a091f73884a90b1e560cf80d3f91a39795315289b86fe1225e0297ae78fa25e1872aa043d9e3e4057c27299cf2cd6c1ca695c4340a82879c9bffac2d107911a1196423ea505ba26ef227607a432a10a1d2f0cfd09a300193df49f3b5ed73edae8bbe56e07144f5f21a9668dcf08e45986babcf2c03acd6397297fce31169d18c05643d129bad189d479836eb3916fb2a85622c21bfb5d366ea914b9f5da118d6e159331f1f088a17930fe730a0167f55abd780982be339654e0126d1084b91636dd1547dc53cfcc90babd7ca7d50bbe34d12c13a37c2df08e473cc9cf31048d73b040d3180096af6dda4159af311ab79bea3434969981ebb980b76d5ed85c683a5eb0f89c1c6ab016153cd7391e62791d7b66279b743fdd998a6d7be35a914374a30dee5e783867f648ddf9c56ce3e2a8ed464d31e61c03e1ce8aff661fb17111ef15709573c76947eb2e94a54cc3ef2540a1c4e1b342d0d50b2872f75f5c05f31aded2c72ae17e88d9af58d354cbc28a2c4113279b993b6508fb26d473f917017cf3749c42a9cd9117e831891846a6b568b69a4baeafb07500e8a091de0dcb4a99e7bb0c6fa139a8b2e31609c043daa413395044048bf2660c77bfce78fd156c3130e683f24ba72f4230b6fedec592b4568f006f8ec75e6f08e09ff7a02637611e71e584ff2b5923c95885ed2e1e8d354184871a39b4866754cac30833252338604c4cb47b980774ae14a145a250614874e938c9ac9188adeafaf8c489a856ec8bbc1b6236d72411ccaa70dc561f5d895a40b1bd444bb65d8a8eb9c26cef76f3c07070c1f6cc3bc5745b3d8bc891baa887f0135df7ad44e5cfae3c1df672fdf945b3290f71652730a58cfc6b1198d65909437959c53d065eb15496e876b3e43535307fb166dbf1fdd7a1ca52ab34c4805dbf331cc5bc738c8cdab9391b32573cf8a65ba005d49ed3eb078cd233e82bfb5797f15f0c89de2d47ee42ee479b2c958a8141649464ad9bcc9a46c8b3d183cf2823f0215156e3d0ae1062cd9bf686e8f728b8bb40179bd7f27693316653ce8d83e08ce0e235990237834d5ffebc8ca2c8727678a4da2db765c8d4c470297fe0b069cf0be711ece8871c2525ffb9863e5ebbc58c997921436b66a2cecf47dd27189f5f989026666c4e9679a2e1e3920dc92e59b253f4b9919fe33deadd238a6028f5060a43e185bc7ce1ba16e730cc1859808d2fc7a8c45a22a6e85a806f90795f6d4e9e4e4fffb29e206f56fd550d7a66f7a1f2912d334e3baa1903cb595bd27c826165cd69bcc088d708ea031c45b495ce54a6e42f035ebb217f06fc0a5897ddbc870fe2d5aaa9fb5dffec2f38dc46da2a5f1c408b11b8dda0c197b9092558d69da9dcfecfc9b597f36eb9c2cad3ffc29dc033ca1ee8fab8e09a7a1341acee9e9274666af08c9cbf9207723e329d68753fedfc821bdd4ce54e8c0ea3d961a0dc19b77a0496413a2f25964cc28596b01197edc2568e412f183e1a03eb916dddce5e2b5354f8e92a240b5e42f406a9fb99fd245ec3e94a2fc4d384a8c16e19d39251489266da5b0e5c62ec710f015ceaac75a982a24a5634d11e275d6649794001924a39c15056ae551b6a7103d65b1c357bcf85767360cc5c0ffdc5755adf68bb17b4e53e478bbeddf56d86f2414d1b42ec445832092f301bc662d07cbec4cda4a92c4b542915d20df73e7678fa049d4a07cbf9750a054f35f8c910840692e5895383255947eac30c7488384a9e3f5b89554f0fb7f0cda15661451aee864b30bff6b985ef3eab74d47219b5ad6a7da495fa32793b08c377a34c653b5b6a2ef500669efa856149253a283dd3a9d06eeb221d7d4bdfb1320ed475ed4a1e4555bfd301b83e19395eef407a0bb5fa7279640687196b6befcfdba0b83cc595c3942ddc26de07945deb82b3123383644e11e24608caec6d9392c1d630275d9b8fe10d537c8090948f33dd50f6442616ec88d7fcc71ee3b3e394c115f7e93ab9e0fe74bb94135facdcdfae62d6b1dea90868a99614c908d9f7d92ba11ae04ba97da1751048f78839b8c5ac12d6dc490148d61e4d31d9f3f318833779f552bfe60873630a99a5194874bca470a54ec6669281f9dc2b4614528d96266e25775491a670bbddebbb1d7974b056785f4b4936343ae1ff139d9db5f29c6695547816c005015b611d0a144ee5b2bfd5a239957337b0081f5f82df85971927c5fcbbf6ddcf294589cbfa7b1aa867c901432faf14f145185c9435835c013417cfdaf51ef7a66118f77aed845bf88b8f6ea82a7bf8332b096cc922612371a9d1d13f20d75cc5eeedfbfd82cf83aecdc1e66d7deae3313ff2a4403ed71fd5bf4b1c6bfa30b883ca5636271b72dc9c0db8cd7439dd4163db9772e0f3d748f60ca382e77f734dc2dcfafadfa730e33505358e8e8cf04c06674eeabacb9ad290ec96ca3a3342937b89d8b0976b9a4449c7d852e46655954124a9dfd91e1c8da94119b36e6bc42145fa3c119110845cde4b741bdcab6995dec2b2a82243ed27a8a5cc1cdb30c807fb01de8a2b5ff1c6cac5a95ed4cbf110c4a24c622c167f1e5435e8b79fb3bd9b061c3a5ca284dc27705b269b4e340a951c2ab29ad9dab26ce84abe2a465d1d366022040f151a24c107760989e990a289744bf61329f3298d1f702fdcd4e386e526282c6f0bc3a8c26c97e3f90e13c9a7cab1110b79486280b5bca237d4b79c2f39a231e8d0dd50928662ab78ad700939cfa0d590b7bd50e787343478bfb6b66ae3c15ea52203c5cc14c375f6db66b5eb277f2d13bbca6b4b5f2a056e3d8d0f60492f1b53859fcf7b1e7ed80bdcd03c1f203694b6e03ef339caf86c58a4f0654c14cd89ee9051da9aea7b3509ed8efb2755e73754d3fb9faa7da6ec54b7a2f8253110de194e10631f530a4a023e9fb094b1fa8428ade508465ff4dbf9a58e066619501dfff965a2b7d76abe96ca4b12a2c6b005d7089d56f653261c3ec31d7690945170412218acb3cf175e6d0c5e02ff50a78bd0ac131d3e420f3fde45d2156957bd962f488cf2ea483fdc945de0b904f098d10f3adc05f4630ae87ebde56684cc8e75514da729e1db59459595dabc46179b034adf4acbd4ee7fee3be6569b853202ccdffd81e0b10af9dd054affd68dc6a9b04ca02086944fc39137dd48e4a0ce59bf20b8fc09426a35e9518aa8873f19cdf97289adbb4257ba8b91d9500a196083112c28c131ca82c1050fda8b6fd89ad7a984e96ff80b7d1f016a977c1aec735b4e853e8dc6397d0d93831ff1d53bb8ad9ab6cae57bfe639dd123552306062af21e2e07860424d30935f5ac13f9cb875f4a59108b762614b6b532b2a6f77c38a472b77f2ae1441dfccbe85b9e4d3f988f534ecb4d779e7a9adc08cce129f310154ad732d92a9d5d97442896e585d3055ddad18bea10cf12b89b022fab15c3990dc283aa14b7b8604c55a6a9044283ba2cb17a6163c24ea3e2cf4e1f7e6b5fd08ce7fa5e093ef5620def1e18bb39216b592bf84f094488747791c1ff5812a035905ac1571969e815057f336eb20080d0084ad215167b6153e8fae918b1c97ce24bb5ca4fda4041a403323901e38ad9ba3614c9ea78a8b9feb63ac5c690f55399f97ccc87af3c0dcef3165dd04d68426ba16f0a50aad82663837bd0112f521e6ad3001f569961997c3ca9aef39142263cbea9ff6cfac0cf1d3f61dae511600d98114edbaaeb2561a249bfa3c0aecd4d636ff845b21fd55eea0a50838a53c37f4f76a9a15e2f6dcba8c49d1ba77c75daed953df7bd3b208a913890eab69d4b9f23225dd4372ea2e839d04f654e424edb749fe4cb21010a0bde7d8b18c42094d6d52a6dd3920d1791650150dbac217ebc075b5d940e7b478004a2ec35f02d2490df0188738441f38dc8500beea2b95d033806a0959e5d0ecdf2fd833c18d436cc0f4559987a3ef757ba987d8fc4d5f8e117e69595151bae2fc1933e198f9d68bddc8615114aca2ab3b3dcbc84c49c1ebbfd4a451dec0d438bd05f2af4a6b4ed379b2ac127075aec435b4dd50579986e6cec644589cd11dbb85408cd82fefdaaa3aa4eead1c09ec54291224f3c6555e9fbe54295384ba3f6a38124b4571fdb9a40a8b2f537d37958536b7e8e70755f8f7c2ce92d7387da2ed0697ae7f23fae839fcd0cc3457ec25ff393c72d3cfeb068d2ff6e7c6d60ad54b69eef02010b46bf867fe75764f603452807aa65e6b6115f2c66287939210aab912c420a1cbdd5158fd151338f6d3818a41849ca831a76012aeebad3145e9511064663523b9ab77df710fb8a4ba955156f1948a42d415b58f0f9c0bfbbfb3c8d9b398ae69d0e2f34c86effe0f39e5311103db0b157d4c8bfd316087f641a8f539e2b449ebbdcd73c534c570b9c3656f558904f9399a6a635bd3fe5fdd73d83bb402b5636edb7431551b7a22e95630e5380bb8741cf6589d765d9be18d44a6957c3f8cbe715cd5aa883f4610e1de787b0c596988185a5871d05e118bd46e2ac9fbcd6e64f9f9fc87ef94f2c09840de873aa0d1228da8381d5c05d760c2f403e917c33f4a1134e5fbe01e34d492658850ff7005e92c3afd89323f5782d0983cb613033582ef03a7a91afa30fcad8698ed55455ca5db29932b003240f49f0ca8ec3aadda83381206515244d4b8e0a42017e4ad695c8a17ee892f196f5c7ac4cb460f4eca560684dd5312d1b679451c812cef29c8a6593be8dec3b24cb93ee6fe5d415b329e5a284f9599ed59f7b04a60e1d1bef3732407439db755aededaaf94523e856148cab6ddc734503987d781535da75d8a9e6fbc3af252c374c3743b1123d1413faa1d06cce46b4ecefcf639f741c0ba0b44fafb2eb16a5cd397ffb2a2a138024c08c273a92beb930a33fc4a0ceeffb09acecc8380e346b5e95b6d796e8a0c8b3da9527d82e257f0e4847cccd0580229e83300768385aa343798594c94f28901bb5b5b29e49193cd6eab00083dc1ecdaec2c9a350c9f6bd99d08352b2975f3fcf3dbc9d601dd27d10e754c7b32a8156720ae5313189371592c9b8eeb897b71c3ad897d3e73d6e12d9ed5abdaf92dd689e528b177aad02985695a0b65c74a4fb34a7a72369d41cbd8c575b0127888aec5e7dadff1886244759a8b4da9ab714637f4173cdf7f131eb71e43897ff0fb53d30fb41cd06c5cd6c06c25379b5a2d014ffbf46f42bf778932b1840d697c2237ac5c55175992ca15cbc6b54eaf2f213484f3e702c84ef3f62fdd9d6b6512083a3cfb75932ce7050fd9f2e7a7c475b0f1b51409aa30c4d5feb0d8d2b1ae5ea695c4ff4a9fab0b094fe3d261d923525c979ee8699fe6211bc4e0552966d1b7914bf289d3a5a3abc4ffb54933092ad2298f5b4fd62686ccfc346eaa355913b26426c51f718401e35dd30f41c17950644a6b54a141d3490ef8a1b62dcef1174c78fb87acd9b46ac7a61648b06f7de8811c311c0cc43c5910b5ca5a8206e0a4532c9fac59259415519d740cdd648268fea32679592ffce652eaa7193e7b2f6db1802ebf947e3f1b58ae3c7e13890854b6003a2e290648ea338f3e9d39a141c8c84956d9e6552058217329d5fbf07afbb6bd8d6a4aa67d66ff3cb77fc3870faf90f0d027f827fe4665f65994feb83d0fb7508dab85c63c70f41b553961ca690b222d1e7c4373c5d53317a973844d1dd2d23ff7d56f0c516c9f76480ee0d89bc0600"/4096, @ANYRES64, @ANYRESHEX, @ANYRES32, @ANYRESDEC, @ANYRES64], 0x1c}}, 0x2000c000) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000540)=ANY=[@ANYBLOB="3c0000001000850600"/20, @ANYRESOCT, @ANYBLOB="01000000000000001c0012000c000100626f6e64"], 0x3c}}, 0x0) sendmsg$nl_route(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000140)=@newlink={0x3c, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, r4}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @bond={{0x9, 0x1, 'bond\x00'}, {0xc, 0x2, 0x0, 0x1, [@IFLA_BOND_MIIMON={0x8, 0x3, 0x3}]}}}]}, 0x3c}}, 0x0) socket$nl_route(0x10, 0x3, 0x0) socket$netlink(0x10, 0x3, 0x0) r5 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r5, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r5, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8933, &(0x7f0000000080)={'batadv0\x00', r6}) [ 781.099970] 0 pages cma reserved [ 781.158187] netlink: 28 bytes leftover after parsing attributes in process `syz-executor.3'. 03:29:10 executing program 2: openat$adsp1(0xffffffffffffff9c, &(0x7f0000000180)='/dev/adsp1\x00', 0x0, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x0) 03:29:10 executing program 4: openat$adsp1(0xffffffffffffff9c, 0x0, 0x0, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(0xffffffffffffffff) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f0000000300)={0x2, 0x0, @ioapic={0x0, 0x0, 0x0, 0x7fff, 0x0, [{0x0, 0x2}]}}) 03:29:10 executing program 5: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8d, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000280)={0x38, 0x2, 0x0, 0x0, 0x8}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f00000041c0)=[{{&(0x7f0000000780)=@xdp, 0x80, &(0x7f0000000b40)=[{&(0x7f0000000800)=""/55, 0x37}], 0x1}, 0x405}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) write$P9_RGETLOCK(r2, &(0x7f00000003c0)=ANY=[@ANYBLOB="350000194e621100000000000000000700f0000000000000cabccf258f89fc6da8c395aa018d83e0c6356c5aded74dc7e99c74d427ae85f25c5b80b95c85957da97fba0896741c3b4a18e6f44167ddbe0c0570d3438eccb779ee1311dcdfdf829060face36020a87829ad8dc6794ba8425204fd2014fcb7feb8c886459fe1c0d6e02cda33131a6a09c45c7436506c7f9e71402c4c9f4a71128e7727ee3582fe45a858994ce3dab322c7846ef0af200", @ANYRES32, @ANYBLOB="17007573657ac194ca"], 0x35) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x363) perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x7e, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000380)}, 0x9000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x4000000000000071, 0x0) openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000340)={0x6, 0x0, 0x0, 0x204f}) ioctl$DRM_IOCTL_AGP_FREE(r2, 0x40206435, &(0x7f00000004c0)={0x81, r4, 0x10000, 0x7}) ioctl$SNDRV_PCM_IOCTL_RESUME(r3, 0x4147, 0x0) mount$fuse(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000040)='fuse\x00', 0x0, &(0x7f0000000140)={{'fd'}, 0x2c, {'rootmode', 0x3d, 0x807a}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) 03:29:10 executing program 1: r0 = socket$inet(0x2b, 0x1, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f0000000240)={0x1, 0x0, [{0x7, 0xffffffff, 0xd5d5, 0x0, 0x1ff}]}) bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e23, @multicast2}, 0x31) connect$inet(r0, &(0x7f0000000100)={0x2, 0x4e23, @local}, 0x10) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200)='nl80211\x00') sendmsg$NL80211_CMD_GET_SCAN(r3, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)={0x1c, r4, 0xab9535e9a6578fc1, 0x0, 0x0, {0x5}, [@NL80211_ATTR_WIPHY={0x8}]}, 0x1c}}, 0x0) r5 = socket$nl_route(0x10, 0x3, 0x0) r6 = socket$netlink(0x10, 0x3, 0x0) r7 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000540)={0x0}}, 0x0) getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000580)=0x14) sendmsg$nl_route(r6, &(0x7f0000000040)={0x0, 0x30, &(0x7f0000000280)={&(0x7f0000000380)=ANY=[@ANYRES64, @ANYRESDEC, @ANYBLOB="8789490205f180e9b9d88d2e2a657077176aefddcdfd544cde9261fd1feda40d88ec6624f3442eeb138dfe760ca629209258761d77f9945b12c6f50cc350975b0f2154f577e68e6d9a1ad1e7fc3bf6b2741fa959b7ebe1d84dcb7e95c0137f28f8a4b48048bce04ecb3b7ab703ea624da6388c032ef3d8fb1b9ea91a0d87293d9aebc278e2c5bd1759f7e942bba7539a76ab16d09dc98f1a5a8879", @ANYRESOCT=r7, @ANYBLOB="450978156c328a1bbc9eecf2686081c84ec1de259580bdc908dd772da58b783414e706feddf31bb04a632f46f9f09d1de9bc0eff0655a8c6c8834f6dce0ff9f42cb1482de8d1c50b052688c7eaeadfda908fa3e1c55292a77b2624a301024578bdae8d63098d6d285fa2a039b6789d52f39177d0d9bf5ab2e2c269cfb6c45096a3032762a1864a886d11db9f3b71c07f6cd36a16dcad2e7e22cc59fe748d44819cba2bc59242222480ffb6b47b6b108c102aef03016518921e2c040e2e", @ANYRES32, @ANYRES64], 0x3c}}, 0x20000000) sendmsg$nl_route(r5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000300)=ANY=[@ANYBLOB="3c0000001000010400"/20, @ANYRES32=r8, @ANYBLOB="00000000000000001c00128009000100626f6e64000000000c0002800800030003000000e866f57bdf1c1d82ec71"], 0x3c}}, 0x0) ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000080)={'team0\x00'}) 03:29:10 executing program 4: openat$adsp1(0xffffffffffffff9c, 0x0, 0x0, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(0xffffffffffffffff) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f0000000300)={0x2, 0x0, @ioapic={0x0, 0x0, 0x0, 0x7fff, 0x0, [{0x0, 0x2}]}}) 03:29:10 executing program 0: r0 = getpid() sched_setattr(r0, &(0x7f0000000280)={0x38, 0x2, 0x0, 0x0, 0x8}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f00000041c0)=[{{&(0x7f0000000780)=@xdp, 0x80, &(0x7f0000000b40)=[{&(0x7f0000000800)=""/55, 0x37}], 0x1}, 0x405}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) write$P9_RGETLOCK(r2, &(0x7f00000003c0)=ANY=[@ANYBLOB="350000194e621100000000000000000700f0000000000000cabccf258f89fc6da8c395aa018d83e0c6356c5aded74dc7e99c74d427ae85f25c5b80b95c85957da97fba0896741c3b4a18e6f44167ddbe0c0570d3438eccb779ee1311dcdfdf829060face36020a87829ad8dc6794ba8425204fd2014fcb7feb8c886459fe1c0d6e02cda33131a6a09c45c7436506c7f9e71402c4c9f4a71128e7727ee3582fe45a858994ce3dab322c7846ef0af200", @ANYRES32, @ANYBLOB="17007573657ac1"], 0x35) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x363) perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x7e, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000380)}, 0x9000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x4000000000000071, 0x0) r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000340)={0x6, 0x0, 0x0, 0x204f}) ioctl$DRM_IOCTL_AGP_FREE(r2, 0x40206435, &(0x7f00000004c0)={0x81, r5, 0x10000, 0x7}) ioctl$SNDRV_PCM_IOCTL_RESUME(r3, 0x4147, 0x0) mount$fuse(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000040)='fuse\x00', 0x0, &(0x7f0000000140)={{'fd', 0x3d, r4}, 0x2c, {'rootmode', 0x3d, 0x807a}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) 03:29:10 executing program 3: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8d, 0x400000008d}, 0x0) sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x2, 0x0, 0x0, 0x8}, 0x0) r0 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r0, &(0x7f00000041c0)=[{{&(0x7f0000000780)=@xdp, 0x80, &(0x7f0000000b40)=[{&(0x7f0000000800)=""/55, 0x37}], 0x1}, 0x405}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) write$P9_RGETLOCK(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="350000194e621100000000000000000700f0000000000000cabccf258f89fc6da8c395aa018d83e0c6356c5aded74dc7e99c74d427ae85f25c5b80b95c85957da97fba0896741c3b4a18e6f44167ddbe0c0570d3438eccb779ee1311dcdfdf829060face36020a87829ad8dc6794ba8425204fd2014fcb7feb8c886459fe1c0d6e02cda33131a6a09c45c7436506c7f9e71402c4c9f4a71128e7727ee3582fe45a858994ce3dab322c7846ef0af200", @ANYRES32, @ANYBLOB="17007573657ac1"], 0x35) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x363) perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x7e, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000380)}, 0x9000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x4000000000000071, 0x0) r3 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000340)={0x6, 0x0, 0x0, 0x204f}) ioctl$DRM_IOCTL_AGP_FREE(r1, 0x40206435, &(0x7f00000004c0)={0x81, r4, 0x10000, 0x7}) ioctl$SNDRV_PCM_IOCTL_RESUME(r2, 0x4147, 0x0) mount$fuse(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000040)='fuse\x00', 0x0, &(0x7f0000000140)={{'fd', 0x3d, r3}, 0x2c, {'rootmode', 0x3d, 0x807a}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) 03:29:10 executing program 2: openat$adsp1(0xffffffffffffff9c, &(0x7f0000000180)='/dev/adsp1\x00', 0x0, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x0) 03:29:10 executing program 4: openat$adsp1(0xffffffffffffff9c, 0x0, 0x0, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1) dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f0000000300)={0x2, 0x0, @ioapic={0x0, 0x0, 0x0, 0x7fff, 0x0, [{0x0, 0x2}]}}) 03:29:10 executing program 0: r0 = getpid() sched_setattr(r0, &(0x7f0000000280)={0x38, 0x2, 0x0, 0x0, 0x8}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f00000041c0)=[{{&(0x7f0000000780)=@xdp, 0x80, &(0x7f0000000b40)=[{&(0x7f0000000800)=""/55, 0x37}], 0x1}, 0x405}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) write$P9_RGETLOCK(r2, &(0x7f00000003c0)=ANY=[@ANYBLOB="350000194e621100000000000000000700f0000000000000cabccf258f89fc6da8c395aa018d83e0c6356c5aded74dc7e99c74d427ae85f25c5b80b95c85957da97fba0896741c3b4a18e6f44167ddbe0c0570d3438eccb779ee1311dcdfdf829060face36020a87829ad8dc6794ba8425204fd2014fcb7feb8c886459fe1c0d6e02cda33131a6a09c45c7436506c7f9e71402c4c9f4a71128e7727ee3582fe45a858994ce3dab322c7846ef0af200", @ANYRES32, @ANYBLOB="17007573657ac1"], 0x35) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x363) perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x7e, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000380)}, 0x9000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x4000000000000071, 0x0) r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000340)={0x6, 0x0, 0x0, 0x204f}) ioctl$DRM_IOCTL_AGP_FREE(r2, 0x40206435, &(0x7f00000004c0)={0x81, r5, 0x10000, 0x7}) ioctl$SNDRV_PCM_IOCTL_RESUME(r3, 0x4147, 0x0) mount$fuse(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000040)='fuse\x00', 0x0, &(0x7f0000000140)={{'fd', 0x3d, r4}, 0x2c, {'rootmode', 0x3d, 0x807a}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) 03:29:10 executing program 5: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8d, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000280)={0x38, 0x2, 0x0, 0x0, 0x8}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f00000041c0)=[{{&(0x7f0000000780)=@xdp, 0x80, &(0x7f0000000b40)=[{&(0x7f0000000800)=""/55, 0x37}], 0x1}, 0x405}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) write$P9_RGETLOCK(r2, &(0x7f00000003c0)=ANY=[@ANYBLOB="350000194e621100000000000000000700f0000000000000cabccf258f89fc6da8c395aa018d83e0c6356c5aded74dc7e99c74d427ae85f25c5b80b95c85957da97fba0896741c3b4a18e6f44167ddbe0c0570d3438eccb779ee1311dcdfdf829060face36020a87829ad8dc6794ba8425204fd2014fcb7feb8c886459fe1c0d6e02cda33131a6a09c45c7436506c7f9e71402c4c9f4a71128e7727ee3582fe45a858994ce3dab322c7846ef0af200", @ANYRES32, @ANYBLOB="17007573657ac194ca"], 0x35) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x363) perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x7e, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000380)}, 0x9000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x4000000000000071, 0x0) openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000340)={0x6, 0x0, 0x0, 0x204f}) ioctl$DRM_IOCTL_AGP_FREE(r2, 0x40206435, &(0x7f00000004c0)={0x81, r4, 0x10000, 0x7}) ioctl$SNDRV_PCM_IOCTL_RESUME(r3, 0x4147, 0x0) mount$fuse(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000040)='fuse\x00', 0x0, &(0x7f0000000140)={{'fd'}, 0x2c, {'rootmode', 0x3d, 0x807a}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) 03:29:10 executing program 3: openat$adsp1(0xffffffffffffff9c, &(0x7f0000000180)='/dev/adsp1\x00', 0x0, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1) dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) 03:29:10 executing program 4: openat$adsp1(0xffffffffffffff9c, 0x0, 0x0, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1) dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f0000000300)={0x2, 0x0, @ioapic={0x0, 0x0, 0x0, 0x7fff, 0x0, [{0x0, 0x2}]}}) 03:29:11 executing program 3: r0 = socket$inet(0x2b, 0x1, 0x0) bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e23, @multicast2}, 0x31) connect$inet(r0, &(0x7f0000000100)={0x2, 0x4e23, @local}, 0x10) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) dup(r3) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) dup(r4) r5 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) ioctl$SNDRV_PCM_IOCTL_SYNC_PTR(r5, 0xc0884123, &(0x7f0000000040)={0x2, "212f9823cac5c99366aa3b127684d427e7a3d599a90f66278cb2500e819060290b2a0846a4c27a58720e9ef78e2d8678d367001471513d9360ee46901a260aac", {0xffff, 0x20}}) 03:29:11 executing program 0: r0 = getpid() sched_setattr(r0, &(0x7f0000000280)={0x38, 0x2, 0x0, 0x0, 0x8}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f00000041c0)=[{{&(0x7f0000000780)=@xdp, 0x80, &(0x7f0000000b40)=[{&(0x7f0000000800)=""/55, 0x37}], 0x1}, 0x405}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) write$P9_RGETLOCK(r2, &(0x7f00000003c0)=ANY=[@ANYBLOB="350000194e621100000000000000000700f0000000000000cabccf258f89fc6da8c395aa018d83e0c6356c5aded74dc7e99c74d427ae85f25c5b80b95c85957da97fba0896741c3b4a18e6f44167ddbe0c0570d3438eccb779ee1311dcdfdf829060face36020a87829ad8dc6794ba8425204fd2014fcb7feb8c886459fe1c0d6e02cda33131a6a09c45c7436506c7f9e71402c4c9f4a71128e7727ee3582fe45a858994ce3dab322c7846ef0af200", @ANYRES32, @ANYBLOB="17007573657ac1"], 0x35) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x363) perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x7e, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000380)}, 0x9000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x4000000000000071, 0x0) r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000340)={0x6, 0x0, 0x0, 0x204f}) ioctl$DRM_IOCTL_AGP_FREE(r2, 0x40206435, &(0x7f00000004c0)={0x81, r5, 0x10000, 0x7}) ioctl$SNDRV_PCM_IOCTL_RESUME(r3, 0x4147, 0x0) mount$fuse(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000040)='fuse\x00', 0x0, &(0x7f0000000140)={{'fd', 0x3d, r4}, 0x2c, {'rootmode', 0x3d, 0x807a}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) [ 782.207282] syz-executor.4: page allocation failure: order:0, mode:0x14000c4(GFP_KERNEL|GFP_DMA32), nodemask=(null) [ 782.239322] syz-executor.4 cpuset=/ mems_allowed=0-1 [ 782.248228] CPU: 0 PID: 4989 Comm: syz-executor.4 Not tainted 4.14.184-syzkaller #0 [ 782.256080] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 782.265447] Call Trace: [ 782.268047] dump_stack+0x1b2/0x283 [ 782.271725] warn_alloc.cold+0x96/0x1af [ 782.275710] ? zone_watermark_ok_safe+0x250/0x250 [ 782.280581] ? wait_for_completion_io+0x10/0x10 [ 782.285285] __alloc_pages_nodemask+0x2129/0x2730 [ 782.290159] ? _raw_spin_unlock_irq+0x5a/0x90 [ 782.294801] ? __schedule+0x8ae/0x1d70 [ 782.298714] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 782.303572] ? retint_kernel+0x2d/0x2d [ 782.307476] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 782.312253] ? retint_kernel+0x2d/0x2d [ 782.316162] alloc_pages_current+0xe7/0x1e0 [ 782.320504] kvm_mmu_create+0xd1/0x1c0 [ 782.324404] kvm_arch_vcpu_init+0x282/0x890 [ 782.328734] ? alloc_pages_current+0xef/0x1e0 [ 782.333242] kvm_vcpu_init+0x26d/0x360 [ 782.337202] vmx_create_vcpu+0xf5/0x2950 [ 782.341293] ? __mutex_unlock_slowpath+0x75/0x780 [ 782.346164] ? drop_futex_key_refs.isra.0+0x17/0x80 [ 782.351214] ? alloc_loaded_vmcs+0x240/0x240 [ 782.355663] kvm_vm_ioctl+0x4ae/0x1430 [ 782.359573] ? __lock_acquire+0x655/0x42a0 [ 782.363843] ? kvm_vcpu_release+0xa0/0xa0 [ 782.368033] ? trace_hardirqs_on+0x10/0x10 [ 782.372289] ? trace_hardirqs_on+0x10/0x10 [ 782.376550] ? futex_exit_release+0x60/0x60 [ 782.380964] ? __might_fault+0x104/0x1b0 [ 782.385054] ? lock_acquire+0x170/0x3f0 [ 782.389134] ? kvm_vcpu_release+0xa0/0xa0 [ 782.393307] do_vfs_ioctl+0x75a/0xfe0 [ 782.397156] ? selinux_parse_skb.constprop.0+0x16c0/0x16c0 [ 782.402805] ? ioctl_preallocate+0x1a0/0x1a0 [ 782.407251] ? security_file_ioctl+0x76/0xb0 [ 782.411738] ? security_file_ioctl+0x83/0xb0 [ 782.416186] SyS_ioctl+0x7f/0xb0 [ 782.419575] ? do_vfs_ioctl+0xfe0/0xfe0 [ 782.423571] do_syscall_64+0x1d5/0x640 [ 782.427490] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 782.432701] RIP: 0033:0x45cba9 [ 782.435902] RSP: 002b:00007f761ce6bc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 782.443718] RAX: ffffffffffffffda RBX: 00000000004e85c0 RCX: 000000000045cba9 [ 782.451011] RDX: 0000000000000000 RSI: 000000000000ae41 RDI: 0000000000000004 [ 782.458298] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 782.465725] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 782.473147] R13: 00000000000003a3 R14: 00000000004c652f R15: 00007f761ce6c6d4 03:29:11 executing program 5: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8d, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000280)={0x38, 0x2, 0x0, 0x0, 0x8}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f00000041c0)=[{{&(0x7f0000000780)=@xdp, 0x80, &(0x7f0000000b40)=[{&(0x7f0000000800)=""/55, 0x37}], 0x1}, 0x405}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) write$P9_RGETLOCK(r2, &(0x7f00000003c0)=ANY=[@ANYBLOB="350000194e621100000000000000000700f0000000000000cabccf258f89fc6da8c395aa018d83e0c6356c5aded74dc7e99c74d427ae85f25c5b80b95c85957da97fba0896741c3b4a18e6f44167ddbe0c0570d3438eccb779ee1311dcdfdf829060face36020a87829ad8dc6794ba8425204fd2014fcb7feb8c886459fe1c0d6e02cda33131a6a09c45c7436506c7f9e71402c4c9f4a71128e7727ee3582fe45a858994ce3dab322c7846ef0af200", @ANYRES32, @ANYBLOB="17007573657ac194ca"], 0x35) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x363) perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x7e, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000380)}, 0x9000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x4000000000000071, 0x0) openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000340)={0x6, 0x0, 0x0, 0x204f}) ioctl$DRM_IOCTL_AGP_FREE(r2, 0x40206435, &(0x7f00000004c0)={0x81, r4, 0x10000, 0x7}) ioctl$SNDRV_PCM_IOCTL_RESUME(r3, 0x4147, 0x0) mount$fuse(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000040)='fuse\x00', 0x0, &(0x7f0000000140)={{'fd'}, 0x2c, {'rootmode', 0x3d, 0x807a}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) 03:29:11 executing program 1: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8d, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000280)={0x38, 0x2, 0x0, 0x0, 0x8}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f00000041c0)=[{{&(0x7f0000000780)=@xdp, 0x80, &(0x7f0000000b40)=[{&(0x7f0000000800)=""/55, 0x37}], 0x1}, 0x405}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) write$P9_RGETLOCK(r2, &(0x7f00000003c0)=ANY=[@ANYBLOB="350000194e621100000000000000000700f0000000000000cabccf258f89fc6da8c395aa018d83e0c6356c5aded74dc7e99c74d427ae85f25c5b80b95c85957da97fba0896741c3b4a18e6f44167ddbe0c0570d3438eccb779ee1311dcdfdf829060face36020a87829ad8dc6794ba8425204fd2014fcb7feb8c886459fe1c0d6e02cda33131a6a09c45c7436506c7f9e71402c4c9f4a71128e7727ee3582fe45a858994ce3dab322c7846ef0af200", @ANYRES32, @ANYBLOB="17007573657ac194ca"], 0x35) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x363) perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x7e, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000380)}, 0x9000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x4000000000000071, 0x0) openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000340)={0x6, 0x0, 0x0, 0x204f}) ioctl$DRM_IOCTL_AGP_FREE(r2, 0x40206435, &(0x7f00000004c0)={0x81, r4, 0x10000, 0x7}) ioctl$SNDRV_PCM_IOCTL_RESUME(r3, 0x4147, 0x0) mount$fuse(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000040)='fuse\x00', 0x0, &(0x7f0000000140)={{'fd'}, 0x2c, {'rootmode', 0x3d, 0x807a}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) 03:29:11 executing program 3: r0 = socket$inet(0x2b, 0x1, 0x0) bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e23, @multicast2}, 0x31) connect$inet(r0, &(0x7f0000000100)={0x2, 0x4e23, @local}, 0x10) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) dup(r3) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) dup(r4) r5 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) ioctl$SNDRV_PCM_IOCTL_SYNC_PTR(r5, 0xc0884123, &(0x7f0000000040)={0x2, "212f9823cac5c99366aa3b127684d427e7a3d599a90f66278cb2500e819060290b2a0846a4c27a58720e9ef78e2d8678d367001471513d9360ee46901a260aac", {0xffff, 0x20}}) 03:29:11 executing program 2: r0 = getpid() sched_setattr(r0, &(0x7f0000000280)={0x38, 0x2, 0x0, 0x0, 0x8}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f00000041c0)=[{{&(0x7f0000000780)=@xdp, 0x80, &(0x7f0000000b40)=[{&(0x7f0000000800)=""/55, 0x37}], 0x1}, 0x405}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) write$P9_RGETLOCK(r2, &(0x7f00000003c0)=ANY=[@ANYBLOB="350000194e621100000000000000000700f0000000000000cabccf258f89fc6da8c395aa018d83e0c6356c5aded74dc7e99c74d427ae85f25c5b80b95c85957da97fba0896741c3b4a18e6f44167ddbe0c0570d3438eccb779ee1311dcdfdf829060face36020a87829ad8dc6794ba8425204fd2014fcb7feb8c886459fe1c0d6e02cda33131a6a09c45c7436506c7f9e71402c4c9f4a71128e7727ee3582fe45a858994ce3dab322c7846ef0af200", @ANYRES32, @ANYBLOB="17007573657ac1"], 0x35) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x363) perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x7e, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000380)}, 0x9000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x4000000000000071, 0x0) r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000340)={0x6, 0x0, 0x0, 0x204f}) ioctl$DRM_IOCTL_AGP_FREE(r2, 0x40206435, &(0x7f00000004c0)={0x81, r5, 0x10000, 0x7}) ioctl$SNDRV_PCM_IOCTL_RESUME(r3, 0x4147, 0x0) mount$fuse(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000040)='fuse\x00', 0x0, &(0x7f0000000140)={{'fd', 0x3d, r4}, 0x2c, {'rootmode', 0x3d, 0x807a}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) 03:29:11 executing program 0: prlimit64(0x0, 0x0, &(0x7f00000001c0)={0x8d, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000280)={0x38, 0x2, 0x0, 0x0, 0x8}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f00000041c0)=[{{&(0x7f0000000780)=@xdp, 0x80, &(0x7f0000000b40)=[{&(0x7f0000000800)=""/55, 0x37}], 0x1}, 0x405}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) write$P9_RGETLOCK(r2, &(0x7f00000003c0)=ANY=[@ANYBLOB="350000194e621100000000000000000700f0000000000000cabccf258f89fc6da8c395aa018d83e0c6356c5aded74dc7e99c74d427ae85f25c5b80b95c85957da97fba0896741c3b4a18e6f44167ddbe0c0570d3438eccb779ee1311dcdfdf829060face36020a87829ad8dc6794ba8425204fd2014fcb7feb8c886459fe1c0d6e02cda33131a6a09c45c7436506c7f9e71402c4c9f4a71128e7727ee3582fe45a858994ce3dab322c7846ef0af200", @ANYRES32, @ANYBLOB="17007573657ac1"], 0x35) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x363) perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x7e, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000380)}, 0x9000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x4000000000000071, 0x0) r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000340)={0x6, 0x0, 0x0, 0x204f}) ioctl$DRM_IOCTL_AGP_FREE(r2, 0x40206435, &(0x7f00000004c0)={0x81, r5, 0x10000, 0x7}) ioctl$SNDRV_PCM_IOCTL_RESUME(r3, 0x4147, 0x0) mount$fuse(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000040)='fuse\x00', 0x0, &(0x7f0000000140)={{'fd', 0x3d, r4}, 0x2c, {'rootmode', 0x3d, 0x807a}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) [ 782.580148] warn_alloc_show_mem: 1 callbacks suppressed [ 782.580156] Mem-Info: [ 782.599442] active_anon:1030010 inactive_anon:4039 isolated_anon:0 [ 782.599442] active_file:3882 inactive_file:7515 isolated_file:0 [ 782.599442] unevictable:0 dirty:69 writeback:12 unstable:0 [ 782.599442] slab_reclaimable:15983 slab_unreclaimable:137470 [ 782.599442] mapped:58248 shmem:4200 pagetables:30350 bounce:0 03:29:11 executing program 3: r0 = socket$inet(0x2b, 0x1, 0x0) bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e23, @multicast2}, 0x31) connect$inet(r0, &(0x7f0000000100)={0x2, 0x4e23, @local}, 0x10) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) dup(r3) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) dup(r4) r5 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) ioctl$SNDRV_PCM_IOCTL_SYNC_PTR(r5, 0xc0884123, &(0x7f0000000040)={0x2, "212f9823cac5c99366aa3b127684d427e7a3d599a90f66278cb2500e819060290b2a0846a4c27a58720e9ef78e2d8678d367001471513d9360ee46901a260aac", {0xffff, 0x20}}) [ 782.599442] free:282493 free_pcp:357 free_cma:0 [ 782.638772] Node 0 active_anon:1914300kB inactive_anon:16128kB active_file:36kB inactive_file:0kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:213300kB dirty:12kB writeback:0kB shmem:16772kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 1445888kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes 03:29:11 executing program 3: r0 = socket$inet(0x2b, 0x1, 0x0) bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e23, @multicast2}, 0x31) connect$inet(r0, &(0x7f0000000100)={0x2, 0x4e23, @local}, 0x10) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) dup(r3) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) dup(r4) r5 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) 03:29:11 executing program 1: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8d, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000280)={0x38, 0x2, 0x0, 0x0, 0x8}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f00000041c0)=[{{&(0x7f0000000780)=@xdp, 0x80, &(0x7f0000000b40)=[{&(0x7f0000000800)=""/55, 0x37}], 0x1}, 0x405}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) write$P9_RGETLOCK(r2, &(0x7f00000003c0)=ANY=[@ANYBLOB="350000194e621100000000000000000700f0000000000000cabccf258f89fc6da8c395aa018d83e0c6356c5aded74dc7e99c74d427ae85f25c5b80b95c85957da97fba0896741c3b4a18e6f44167ddbe0c0570d3438eccb779ee1311dcdfdf829060face36020a87829ad8dc6794ba8425204fd2014fcb7feb8c886459fe1c0d6e02cda33131a6a09c45c7436506c7f9e71402c4c9f4a71128e7727ee3582fe45a858994ce3dab322c7846ef0af200", @ANYRES32, @ANYBLOB="17007573657ac194ca"], 0x35) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x363) perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x7e, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000380)}, 0x9000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x4000000000000071, 0x0) openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000340)={0x6, 0x0, 0x0, 0x204f}) ioctl$DRM_IOCTL_AGP_FREE(r2, 0x40206435, &(0x7f00000004c0)={0x81, r4, 0x10000, 0x7}) ioctl$SNDRV_PCM_IOCTL_RESUME(r3, 0x4147, 0x0) mount$fuse(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000040)='fuse\x00', 0x0, &(0x7f0000000140)={{'fd'}, 0x2c, {'rootmode', 0x3d, 0x807a}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) 03:29:12 executing program 0: prlimit64(0x0, 0x0, &(0x7f00000001c0)={0x8d, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000280)={0x38, 0x2, 0x0, 0x0, 0x8}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f00000041c0)=[{{&(0x7f0000000780)=@xdp, 0x80, &(0x7f0000000b40)=[{&(0x7f0000000800)=""/55, 0x37}], 0x1}, 0x405}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) write$P9_RGETLOCK(r2, &(0x7f00000003c0)=ANY=[@ANYBLOB="350000194e621100000000000000000700f0000000000000cabccf258f89fc6da8c395aa018d83e0c6356c5aded74dc7e99c74d427ae85f25c5b80b95c85957da97fba0896741c3b4a18e6f44167ddbe0c0570d3438eccb779ee1311dcdfdf829060face36020a87829ad8dc6794ba8425204fd2014fcb7feb8c886459fe1c0d6e02cda33131a6a09c45c7436506c7f9e71402c4c9f4a71128e7727ee3582fe45a858994ce3dab322c7846ef0af200", @ANYRES32, @ANYBLOB="17007573657ac1"], 0x35) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x363) perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x7e, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000380)}, 0x9000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x4000000000000071, 0x0) r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000340)={0x6, 0x0, 0x0, 0x204f}) ioctl$DRM_IOCTL_AGP_FREE(r2, 0x40206435, &(0x7f00000004c0)={0x81, r5, 0x10000, 0x7}) ioctl$SNDRV_PCM_IOCTL_RESUME(r3, 0x4147, 0x0) mount$fuse(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000040)='fuse\x00', 0x0, &(0x7f0000000140)={{'fd', 0x3d, r4}, 0x2c, {'rootmode', 0x3d, 0x807a}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) [ 782.935839] Node 1 active_anon:2206740kB inactive_anon:28kB active_file:15492kB inactive_file:30060kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:19692kB dirty:364kB writeback:48kB shmem:28kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 783.034293] Node 0 DMA free:10440kB min:220kB low:272kB high:324kB active_anon:4344kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:4kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 783.061811] lowmem_reserve[]: 0 2559 2559 2559 2559 [ 783.068346] Node 0 DMA32 free:36260kB min:36296kB low:45368kB high:54440kB active_anon:1909956kB inactive_anon:16128kB active_file:36kB inactive_file:0kB unevictable:0kB writepending:16kB present:3129332kB managed:2623992kB mlocked:0kB kernel_stack:12512kB pagetables:45736kB bounce:0kB free_pcp:736kB local_pcp:228kB free_cma:0kB [ 783.102268] lowmem_reserve[]: 0 0 0 0 0 [ 783.107127] Node 0 Normal free:0kB min:0kB low:0kB high:0kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:0kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 783.308993] lowmem_reserve[]: 0 0 0 0 0 [ 783.313896] Node 1 Normal free:1080920kB min:53592kB low:66988kB high:80384kB active_anon:2208652kB inactive_anon:32kB active_file:15512kB inactive_file:30076kB unevictable:0kB writepending:496kB present:3932160kB managed:3870192kB mlocked:0kB kernel_stack:30944kB pagetables:75540kB bounce:0kB free_pcp:1096kB local_pcp:376kB free_cma:0kB [ 783.365009] lowmem_reserve[]: 0 0 0 0 0 [ 783.369423] Node 0 DMA: 4*4kB (M) 15*8kB (UM) 2*16kB (UM) 5*32kB (UM) 2*64kB (UM) 2*128kB (UM) 0*256kB 1*512kB (M) 1*1024kB (M) 0*2048kB 2*4096kB (ME) = 10440kB [ 783.386570] Node 0 DMA32: 375*4kB (UM) 457*8kB (UM) 75*16kB (UM) 25*32kB (UME) 58*64kB (ME) 38*128kB (UM) 26*256kB (UM) 13*512kB (UM) 7*1024kB (M) 0*2048kB 0*4096kB = 36212kB [ 783.411744] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 783.432768] Node 1 Normal: 69*4kB (UME) 159*8kB (UME) 328*16kB (UME) 59*32kB (UME) 36*64kB (UME) 23*128kB (UME) 27*256kB (UME) 23*512kB (UME) 14*1024kB (UM) 5*2048kB (UME) 250*4096kB (M) = 1081196kB [ 783.452621] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 783.467788] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 783.479850] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 783.489738] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 783.501490] 12488 total pagecache pages [ 783.505563] 0 pages in swap cache [ 783.509017] Swap cache stats: add 0, delete 0, find 0/0 03:29:12 executing program 4: openat$adsp1(0xffffffffffffff9c, 0x0, 0x0, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1) dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f0000000300)={0x2, 0x0, @ioapic={0x0, 0x0, 0x0, 0x7fff, 0x0, [{0x0, 0x2}]}}) 03:29:12 executing program 2: r0 = socket$inet(0x2b, 0x1, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f0000000240)={0x1, 0x0, [{0x7, 0xffffffff, 0xd5d5, 0x0, 0x1ff}]}) bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e23, @multicast2}, 0x31) connect$inet(r0, &(0x7f0000000100)={0x2, 0x4e23, @local}, 0x10) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200)='nl80211\x00') sendmsg$NL80211_CMD_GET_SCAN(r3, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)={0x1c, r4, 0xab9535e9a6578fc1, 0x0, 0x0, {0x5}, [@NL80211_ATTR_WIPHY={0x8}]}, 0x1c}}, 0x0) r5 = socket$nl_route(0x10, 0x3, 0x0) r6 = socket$netlink(0x10, 0x3, 0x0) r7 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000540)={0x0}}, 0x0) getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000580)=0x14) sendmsg$nl_route(r6, &(0x7f0000000040)={0x0, 0x30, &(0x7f0000000280)={&(0x7f0000000380)=ANY=[@ANYRES64, @ANYRESDEC, @ANYBLOB="8789490205f180e9b9d88d2e2a657077176aefddcdfd544cde9261fd1feda40d88ec6624f3442eeb138dfe760ca629209258761d77f9945b12c6f50cc350975b0f2154f577e68e6d9a1ad1e7fc3bf6b2741fa959b7ebe1d84dcb7e95c0137f28f8a4b48048bce04ecb3b7ab703ea624da6388c032ef3d8fb1b9ea91a0d87293d9aebc278e2c5bd1759f7e942bba7539a76ab16d09dc98f1a5a8879", @ANYRESOCT=r7, @ANYBLOB="450978156c328a1bbc9eecf2686081c84ec1de259580bdc908dd772da58b783414e706feddf31bb04a632f46f9f09d1de9bc0eff0655a8c6c8834f6dce0ff9f42cb1482de8d1c50b052688c7eaeadfda908fa3e1c55292a77b2624a301024578bdae8d63098d6d285fa2a039b6789d52f39177d0d9bf5ab2e2c269cfb6c45096a3032762a1864a886d11db9f3b71c07f6cd36a16dcad2e7e22cc59fe748d44819cba2bc59242222480ffb6b47b6b108c102aef03016518921e2c040e2e", @ANYRES32, @ANYRES64], 0x3c}}, 0x20000000) sendmsg$nl_route(r5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000300)=ANY=[@ANYBLOB="3c0000001000010400"/20, @ANYRES32=r8, @ANYBLOB="00000000000000001c00128009000100626f6e64000000000c0002800800030003000000e866f57bdf1c1d82ec71"], 0x3c}}, 0x0) ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000080)={'team0\x00', 0x0}) sendmsg$NL80211_CMD_GET_INTERFACE(r2, &(0x7f0000000180)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000140)={&(0x7f00000000c0)={0x30, r4, 0x404, 0x70bd28, 0x25dfdbfe, {}, [@NL80211_ATTR_IFINDEX={0x8, 0x3, r8}, @NL80211_ATTR_IFINDEX={0x8, 0x3, r9}, @NL80211_ATTR_WDEV={0xc, 0x99, {0x406, 0xffffffffffffffff}}]}, 0x30}, 0x1, 0x0, 0x0, 0x20008040}, 0x20040080) 03:29:12 executing program 5: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8d, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000280)={0x38, 0x2, 0x0, 0x0, 0x8}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f00000041c0)=[{{&(0x7f0000000780)=@xdp, 0x80, &(0x7f0000000b40)=[{&(0x7f0000000800)=""/55, 0x37}], 0x1}, 0x405}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) write$P9_RGETLOCK(r2, &(0x7f00000003c0)=ANY=[@ANYBLOB="350000194e621100000000000000000700f0000000000000cabccf258f89fc6da8c395aa018d83e0c6356c5aded74dc7e99c74d427ae85f25c5b80b95c85957da97fba0896741c3b4a18e6f44167ddbe0c0570d3438eccb779ee1311dcdfdf829060face36020a87829ad8dc6794ba8425204fd2014fcb7feb8c886459fe1c0d6e02cda33131a6a09c45c7436506c7f9e71402c4c9f4a71128e7727ee3582fe45a858994ce3dab322c7846ef0af200", @ANYRES32, @ANYBLOB="17007573657ac194ca"], 0x35) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x363) perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x7e, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000380)}, 0x9000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x4000000000000071, 0x0) r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000340)={0x6, 0x0, 0x0, 0x204f}) ioctl$DRM_IOCTL_AGP_FREE(r2, 0x40206435, &(0x7f00000004c0)={0x81, r5, 0x10000, 0x7}) ioctl$SNDRV_PCM_IOCTL_RESUME(r3, 0x4147, 0x0) mount$fuse(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000040)='fuse\x00', 0x0, &(0x7f0000000140)={{'fd', 0x3d, r4}, 0x2c, {'rootmode'}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) 03:29:12 executing program 1: r0 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000180)='/dev/adsp1\x00', 0x0, 0x0) ioctl$SNDCTL_DSP_SETTRIGGER(0xffffffffffffffff, 0x40045010, &(0x7f00000000c0)=0x10001) ioctl$SNDCTL_DSP_CHANNELS(r0, 0xc0045006, &(0x7f0000000040)=0x27) read$dsp(r0, &(0x7f0000000240)=""/165, 0xa5) getpid() r1 = socket$inet6(0xa, 0x0, 0x0) recvmmsg(r1, &(0x7f00000041c0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write$P9_RGETLOCK(0xffffffffffffffff, 0x0, 0x35) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x0, 0x1}, 0x0) 03:29:12 executing program 3: r0 = socket$inet(0x2b, 0x1, 0x0) bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e23, @multicast2}, 0x31) connect$inet(r0, &(0x7f0000000100)={0x2, 0x4e23, @local}, 0x10) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) dup(r3) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) dup(r4) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) 03:29:12 executing program 0: prlimit64(0x0, 0x0, &(0x7f00000001c0)={0x8d, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000280)={0x38, 0x2, 0x0, 0x0, 0x8}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f00000041c0)=[{{&(0x7f0000000780)=@xdp, 0x80, &(0x7f0000000b40)=[{&(0x7f0000000800)=""/55, 0x37}], 0x1}, 0x405}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) write$P9_RGETLOCK(r2, &(0x7f00000003c0)=ANY=[@ANYBLOB="350000194e621100000000000000000700f0000000000000cabccf258f89fc6da8c395aa018d83e0c6356c5aded74dc7e99c74d427ae85f25c5b80b95c85957da97fba0896741c3b4a18e6f44167ddbe0c0570d3438eccb779ee1311dcdfdf829060face36020a87829ad8dc6794ba8425204fd2014fcb7feb8c886459fe1c0d6e02cda33131a6a09c45c7436506c7f9e71402c4c9f4a71128e7727ee3582fe45a858994ce3dab322c7846ef0af200", @ANYRES32, @ANYBLOB="17007573657ac1"], 0x35) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x363) perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x7e, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000380)}, 0x9000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x4000000000000071, 0x0) r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000340)={0x6, 0x0, 0x0, 0x204f}) ioctl$DRM_IOCTL_AGP_FREE(r2, 0x40206435, &(0x7f00000004c0)={0x81, r5, 0x10000, 0x7}) ioctl$SNDRV_PCM_IOCTL_RESUME(r3, 0x4147, 0x0) mount$fuse(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000040)='fuse\x00', 0x0, &(0x7f0000000140)={{'fd', 0x3d, r4}, 0x2c, {'rootmode', 0x3d, 0x807a}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) [ 783.515866] Free swap = 0kB [ 783.518903] Total swap = 0kB [ 783.522859] 1965979 pages RAM [ 783.525964] 0 pages HighMem/MovableOnly [ 783.529919] 338456 pages reserved [ 783.535578] 0 pages cma reserved 03:29:12 executing program 3: r0 = socket$inet(0x2b, 0x1, 0x0) bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e23, @multicast2}, 0x31) connect$inet(r0, &(0x7f0000000100)={0x2, 0x4e23, @local}, 0x10) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) dup(r3) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) dup(r4) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) 03:29:12 executing program 5: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8d, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000280)={0x38, 0x2, 0x0, 0x0, 0x8}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f00000041c0)=[{{&(0x7f0000000780)=@xdp, 0x80, &(0x7f0000000b40)=[{&(0x7f0000000800)=""/55, 0x37}], 0x1}, 0x405}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) write$P9_RGETLOCK(r2, &(0x7f00000003c0)=ANY=[@ANYBLOB="350000194e621100000000000000000700f0000000000000cabccf258f89fc6da8c395aa018d83e0c6356c5aded74dc7e99c74d427ae85f25c5b80b95c85957da97fba0896741c3b4a18e6f44167ddbe0c0570d3438eccb779ee1311dcdfdf829060face36020a87829ad8dc6794ba8425204fd2014fcb7feb8c886459fe1c0d6e02cda33131a6a09c45c7436506c7f9e71402c4c9f4a71128e7727ee3582fe45a858994ce3dab322c7846ef0af200", @ANYRES32, @ANYBLOB="17007573657ac194ca"], 0x35) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x363) perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x7e, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000380)}, 0x9000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x4000000000000071, 0x0) r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000340)={0x6, 0x0, 0x0, 0x204f}) ioctl$DRM_IOCTL_AGP_FREE(r2, 0x40206435, &(0x7f00000004c0)={0x81, r5, 0x10000, 0x7}) ioctl$SNDRV_PCM_IOCTL_RESUME(r3, 0x4147, 0x0) mount$fuse(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000040)='fuse\x00', 0x0, &(0x7f0000000140)={{'fd', 0x3d, r4}, 0x2c, {'rootmode'}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) 03:29:12 executing program 0: prlimit64(0x0, 0xe, 0x0, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000280)={0x38, 0x2, 0x0, 0x0, 0x8}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f00000041c0)=[{{&(0x7f0000000780)=@xdp, 0x80, &(0x7f0000000b40)=[{&(0x7f0000000800)=""/55, 0x37}], 0x1}, 0x405}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) write$P9_RGETLOCK(r2, &(0x7f00000003c0)=ANY=[@ANYBLOB="350000194e621100000000000000000700f0000000000000cabccf258f89fc6da8c395aa018d83e0c6356c5aded74dc7e99c74d427ae85f25c5b80b95c85957da97fba0896741c3b4a18e6f44167ddbe0c0570d3438eccb779ee1311dcdfdf829060face36020a87829ad8dc6794ba8425204fd2014fcb7feb8c886459fe1c0d6e02cda33131a6a09c45c7436506c7f9e71402c4c9f4a71128e7727ee3582fe45a858994ce3dab322c7846ef0af200", @ANYRES32, @ANYBLOB="17007573657ac1"], 0x35) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x363) perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x7e, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000380)}, 0x9000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x4000000000000071, 0x0) r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000340)={0x6, 0x0, 0x0, 0x204f}) ioctl$DRM_IOCTL_AGP_FREE(r2, 0x40206435, &(0x7f00000004c0)={0x81, r5, 0x10000, 0x7}) ioctl$SNDRV_PCM_IOCTL_RESUME(r3, 0x4147, 0x0) mount$fuse(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000040)='fuse\x00', 0x0, &(0x7f0000000140)={{'fd', 0x3d, r4}, 0x2c, {'rootmode', 0x3d, 0x807a}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) 03:29:12 executing program 3: r0 = socket$inet(0x2b, 0x1, 0x0) bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e23, @multicast2}, 0x31) connect$inet(r0, &(0x7f0000000100)={0x2, 0x4e23, @local}, 0x10) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) dup(r3) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) dup(r4) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) 03:29:13 executing program 1: r0 = socket$inet(0x2b, 0x1, 0x0) bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e23, @multicast2}, 0x31) connect$inet(r0, &(0x7f0000000100)={0x2, 0x4e23, @local}, 0x10) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) dup(r3) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) dup(r4) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) 03:29:13 executing program 2: r0 = socket$inet(0x2b, 0x1, 0x0) bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e23, @multicast2}, 0x31) connect$inet(r0, &(0x7f0000000100)={0x2, 0x4e23, @local}, 0x10) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) dup(r3) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) dup(r4) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) [ 783.959079] syz-executor.4: page allocation failure: order:0, mode:0x14000c4(GFP_KERNEL|GFP_DMA32), nodemask=(null) [ 784.006310] syz-executor.4 cpuset=/ mems_allowed=0-1 [ 784.022231] CPU: 0 PID: 5105 Comm: syz-executor.4 Not tainted 4.14.184-syzkaller #0 [ 784.030087] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 784.039456] Call Trace: [ 784.042064] dump_stack+0x1b2/0x283 [ 784.045708] warn_alloc.cold+0x96/0x1af [ 784.049719] ? zone_watermark_ok_safe+0x250/0x250 [ 784.054590] ? wait_for_completion_io+0x10/0x10 [ 784.059281] __alloc_pages_nodemask+0x2129/0x2730 [ 784.064177] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 784.069044] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 784.073932] ? do_raw_spin_unlock+0x164/0x250 [ 784.078450] alloc_pages_current+0xe7/0x1e0 [ 784.082799] kvm_mmu_create+0xd1/0x1c0 [ 784.086737] kvm_arch_vcpu_init+0x282/0x890 [ 784.091086] ? alloc_pages_current+0xef/0x1e0 [ 784.095623] kvm_vcpu_init+0x26d/0x360 [ 784.099564] vmx_create_vcpu+0xf5/0x2950 [ 784.103663] ? __mutex_unlock_slowpath+0x75/0x780 [ 784.108532] ? drop_futex_key_refs.isra.0+0x17/0x80 [ 784.113568] ? alloc_loaded_vmcs+0x240/0x240 [ 784.118015] kvm_vm_ioctl+0x4ae/0x1430 [ 784.121935] ? __lock_acquire+0x655/0x42a0 [ 784.126214] ? kvm_vcpu_release+0xa0/0xa0 [ 784.130495] ? trace_hardirqs_on+0x10/0x10 [ 784.134769] ? trace_hardirqs_on+0x10/0x10 [ 784.139204] ? futex_exit_release+0x60/0x60 [ 784.143543] ? __might_fault+0x104/0x1b0 [ 784.147640] ? lock_acquire+0x170/0x3f0 [ 784.151626] ? kvm_vcpu_release+0xa0/0xa0 [ 784.155788] do_vfs_ioctl+0x75a/0xfe0 [ 784.159727] ? selinux_parse_skb.constprop.0+0x16c0/0x16c0 [ 784.165373] ? ioctl_preallocate+0x1a0/0x1a0 [ 784.169923] ? security_file_ioctl+0x76/0xb0 [ 784.174409] ? security_file_ioctl+0x83/0xb0 [ 784.178840] SyS_ioctl+0x7f/0xb0 [ 784.182215] ? do_vfs_ioctl+0xfe0/0xfe0 [ 784.186201] do_syscall_64+0x1d5/0x640 [ 784.190103] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 784.195330] RIP: 0033:0x45cba9 [ 784.198535] RSP: 002b:00007f761ce6bc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 784.206259] RAX: ffffffffffffffda RBX: 00000000004e85c0 RCX: 000000000045cba9 [ 784.213573] RDX: 0000000000000000 RSI: 000000000000ae41 RDI: 0000000000000004 [ 784.220861] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 784.228156] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 784.235634] R13: 00000000000003a3 R14: 00000000004c652f R15: 00007f761ce6c6d4 [ 784.276265] Mem-Info: [ 784.278749] active_anon:1031019 inactive_anon:4039 isolated_anon:0 [ 784.278749] active_file:3885 inactive_file:7524 isolated_file:0 [ 784.278749] unevictable:0 dirty:83 writeback:0 unstable:0 [ 784.278749] slab_reclaimable:15961 slab_unreclaimable:136816 [ 784.278749] mapped:58264 shmem:4200 pagetables:30339 bounce:0 [ 784.278749] free:282049 free_pcp:459 free_cma:0 [ 784.324748] Node 0 active_anon:1914300kB inactive_anon:16128kB active_file:28kB inactive_file:8kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:213332kB dirty:8kB writeback:0kB shmem:16772kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 1445888kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 784.356422] Node 1 active_anon:2210376kB inactive_anon:28kB active_file:15512kB inactive_file:30088kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:19724kB dirty:324kB writeback:0kB shmem:28kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 784.388090] Node 0 DMA free:10432kB min:220kB low:272kB high:324kB active_anon:4344kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:4kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 784.415934] lowmem_reserve[]: 0 2559 2559 2559 2559 [ 784.421913] Node 0 DMA32 free:36172kB min:36296kB low:45368kB high:54440kB active_anon:1909956kB inactive_anon:16128kB active_file:28kB inactive_file:8kB unevictable:0kB writepending:8kB present:3129332kB managed:2623992kB mlocked:0kB kernel_stack:12512kB pagetables:45736kB bounce:0kB free_pcp:852kB local_pcp:228kB free_cma:0kB [ 784.452025] lowmem_reserve[]: 0 0 0 0 0 [ 784.456167] Node 0 Normal free:0kB min:0kB low:0kB high:0kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:0kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 784.492674] lowmem_reserve[]: 0 0 0 0 0 [ 784.496741] Node 1 Normal free:1079100kB min:53592kB low:66988kB high:80384kB active_anon:2209976kB inactive_anon:28kB active_file:15512kB inactive_file:30088kB unevictable:0kB writepending:472kB present:3932160kB managed:3870192kB mlocked:0kB kernel_stack:31104kB pagetables:75616kB bounce:0kB free_pcp:944kB local_pcp:692kB free_cma:0kB [ 784.528750] lowmem_reserve[]: 0 0 0 0 0 [ 784.534920] Node 0 DMA: 4*4kB (M) 14*8kB (UM) 2*16kB (UM) 5*32kB (UM) 2*64kB (UM) 2*128kB (UM) 0*256kB 1*512kB (M) 1*1024kB (M) 0*2048kB 2*4096kB (ME) = 10432kB [ 784.550187] Node 0 DMA32: 375*4kB (UM) 451*8kB (UM) 75*16kB (UM) 25*32kB (UME) 58*64kB (ME) 38*128kB (UM) 26*256kB (UM) 13*512kB (UM) 7*1024kB (M) 0*2048kB 0*4096kB = 36164kB [ 784.567405] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 784.578917] Node 1 Normal: 126*4kB (UME) 364*8kB (UME) 242*16kB (UME) 63*32kB (UME) 41*64kB (UME) 23*128kB (UME) 25*256kB (UME) 23*512kB (UME) 14*1024kB (UM) 5*2048kB (UME) 250*4096kB (M) = 1081624kB [ 784.597825] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 784.608030] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 784.618086] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB 03:29:13 executing program 4: openat$adsp1(0xffffffffffffff9c, 0x0, 0x0, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x0) ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f0000000300)={0x2, 0x0, @ioapic={0x0, 0x0, 0x0, 0x7fff, 0x0, [{0x0, 0x2}]}}) 03:29:13 executing program 0: prlimit64(0x0, 0xe, 0x0, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000280)={0x38, 0x2, 0x0, 0x0, 0x8}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f00000041c0)=[{{&(0x7f0000000780)=@xdp, 0x80, &(0x7f0000000b40)=[{&(0x7f0000000800)=""/55, 0x37}], 0x1}, 0x405}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) write$P9_RGETLOCK(r2, &(0x7f00000003c0)=ANY=[@ANYBLOB="350000194e621100000000000000000700f0000000000000cabccf258f89fc6da8c395aa018d83e0c6356c5aded74dc7e99c74d427ae85f25c5b80b95c85957da97fba0896741c3b4a18e6f44167ddbe0c0570d3438eccb779ee1311dcdfdf829060face36020a87829ad8dc6794ba8425204fd2014fcb7feb8c886459fe1c0d6e02cda33131a6a09c45c7436506c7f9e71402c4c9f4a71128e7727ee3582fe45a858994ce3dab322c7846ef0af200", @ANYRES32, @ANYBLOB="17007573657ac1"], 0x35) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x363) perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x7e, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000380)}, 0x9000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x4000000000000071, 0x0) r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000340)={0x6, 0x0, 0x0, 0x204f}) ioctl$DRM_IOCTL_AGP_FREE(r2, 0x40206435, &(0x7f00000004c0)={0x81, r5, 0x10000, 0x7}) ioctl$SNDRV_PCM_IOCTL_RESUME(r3, 0x4147, 0x0) mount$fuse(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000040)='fuse\x00', 0x0, &(0x7f0000000140)={{'fd', 0x3d, r4}, 0x2c, {'rootmode', 0x3d, 0x807a}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) 03:29:13 executing program 3: r0 = socket$inet(0x2b, 0x1, 0x0) bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e23, @multicast2}, 0x31) connect$inet(r0, &(0x7f0000000100)={0x2, 0x4e23, @local}, 0x10) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) dup(r3) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)) r4 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) 03:29:13 executing program 2: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8d, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000280)={0x38, 0x2, 0x0, 0x0, 0x8}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f00000041c0)=[{{&(0x7f0000000780)=@xdp, 0x80, &(0x7f0000000b40)=[{&(0x7f0000000800)=""/55, 0x37}], 0x1}, 0x405}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) write$P9_RGETLOCK(r2, &(0x7f00000003c0)=ANY=[@ANYBLOB="350000194e621100000000000000000700f0000000000000cabccf258f89fc6da8c395aa018d83e0c6356c5aded74dc7e99c74d427ae85f25c5b80b95c85957da97fba0896741c3b4a18e6f44167ddbe0c0570d3438eccb779ee1311dcdfdf829060face36020a87829ad8dc6794ba8425204fd2014fcb7feb8c886459fe1c0d6e02cda33131a6a09c45c7436506c7f9e71402c4c9f4a71128e7727ee3582fe45a858994ce3dab322c7846ef0af200", @ANYRES32, @ANYBLOB="17007573657ac194ca"], 0x35) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x363) perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x7e, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000380)}, 0x9000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x4000000000000071, 0x0) r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000340)={0x6, 0x0, 0x0, 0x204f}) ioctl$DRM_IOCTL_AGP_FREE(r2, 0x40206435, &(0x7f00000004c0)={0x81, r5, 0x10000, 0x7}) ioctl$SNDRV_PCM_IOCTL_RESUME(r3, 0x4147, 0x0) mount$fuse(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000040)='fuse\x00', 0x0, &(0x7f0000000140)={{'fd', 0x3d, r4}, 0x2c, {'rootmode'}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) 03:29:13 executing program 5: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8d, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000280)={0x38, 0x2, 0x0, 0x0, 0x8}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f00000041c0)=[{{&(0x7f0000000780)=@xdp, 0x80, &(0x7f0000000b40)=[{&(0x7f0000000800)=""/55, 0x37}], 0x1}, 0x405}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) write$P9_RGETLOCK(r2, &(0x7f00000003c0)=ANY=[@ANYBLOB="350000194e621100000000000000000700f0000000000000cabccf258f89fc6da8c395aa018d83e0c6356c5aded74dc7e99c74d427ae85f25c5b80b95c85957da97fba0896741c3b4a18e6f44167ddbe0c0570d3438eccb779ee1311dcdfdf829060face36020a87829ad8dc6794ba8425204fd2014fcb7feb8c886459fe1c0d6e02cda33131a6a09c45c7436506c7f9e71402c4c9f4a71128e7727ee3582fe45a858994ce3dab322c7846ef0af200", @ANYRES32, @ANYBLOB="17007573657ac194ca"], 0x35) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x363) perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x7e, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000380)}, 0x9000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x4000000000000071, 0x0) r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000340)={0x6, 0x0, 0x0, 0x204f}) ioctl$DRM_IOCTL_AGP_FREE(r2, 0x40206435, &(0x7f00000004c0)={0x81, r5, 0x10000, 0x7}) ioctl$SNDRV_PCM_IOCTL_RESUME(r3, 0x4147, 0x0) mount$fuse(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000040)='fuse\x00', 0x0, &(0x7f0000000140)={{'fd', 0x3d, r4}, 0x2c, {'rootmode'}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) [ 784.627779] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 784.636998] 12496 total pagecache pages [ 784.641018] 0 pages in swap cache [ 784.645308] Swap cache stats: add 0, delete 0, find 0/0 [ 784.650687] Free swap = 0kB [ 784.655485] Total swap = 0kB [ 784.658521] 1965979 pages RAM [ 784.662518] 0 pages HighMem/MovableOnly [ 784.666528] 338456 pages reserved [ 784.669980] 0 pages cma reserved 03:29:13 executing program 3: r0 = socket$inet(0x2b, 0x1, 0x0) bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e23, @multicast2}, 0x31) connect$inet(r0, &(0x7f0000000100)={0x2, 0x4e23, @local}, 0x10) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) dup(r3) r4 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) 03:29:13 executing program 1: r0 = socket$inet(0x2b, 0x1, 0x0) bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e23, @multicast2}, 0x31) connect$inet(r0, &(0x7f0000000100)={0x2, 0x4e23, @local}, 0x10) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) dup(r3) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) dup(r4) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) 03:29:14 executing program 2: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8d, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000280)={0x38, 0x2, 0x0, 0x0, 0x8}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f00000041c0)=[{{&(0x7f0000000780)=@xdp, 0x80, &(0x7f0000000b40)=[{&(0x7f0000000800)=""/55, 0x37}], 0x1}, 0x405}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) write$P9_RGETLOCK(r2, &(0x7f00000003c0)=ANY=[@ANYBLOB="350000194e621100000000000000000700f0000000000000cabccf258f89fc6da8c395aa018d83e0c6356c5aded74dc7e99c74d427ae85f25c5b80b95c85957da97fba0896741c3b4a18e6f44167ddbe0c0570d3438eccb779ee1311dcdfdf829060face36020a87829ad8dc6794ba8425204fd2014fcb7feb8c886459fe1c0d6e02cda33131a6a09c45c7436506c7f9e71402c4c9f4a71128e7727ee3582fe45a858994ce3dab322c7846ef0af200", @ANYRES32, @ANYBLOB="17007573657ac194ca"], 0x35) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x363) perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x7e, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000380)}, 0x9000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x4000000000000071, 0x0) r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000340)={0x6, 0x0, 0x0, 0x204f}) ioctl$DRM_IOCTL_AGP_FREE(r2, 0x40206435, &(0x7f00000004c0)={0x81, r5, 0x10000, 0x7}) ioctl$SNDRV_PCM_IOCTL_RESUME(r3, 0x4147, 0x0) mount$fuse(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000040)='fuse\x00', 0x0, &(0x7f0000000140)={{'fd', 0x3d, r4}, 0x2c, {'rootmode'}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) 03:29:14 executing program 5: openat$adsp1(0xffffffffffffff9c, 0x0, 0x0, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1) dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f0000000300)={0x2, 0x0, @ioapic={0x0, 0x0, 0x0, 0x7fff, 0x0, [{0x0, 0x2}]}}) 03:29:14 executing program 3: r0 = socket$inet(0x2b, 0x1, 0x0) bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e23, @multicast2}, 0x31) connect$inet(r0, &(0x7f0000000100)={0x2, 0x4e23, @local}, 0x10) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)) r3 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) 03:29:14 executing program 0: prlimit64(0x0, 0xe, 0x0, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000280)={0x38, 0x2, 0x0, 0x0, 0x8}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f00000041c0)=[{{&(0x7f0000000780)=@xdp, 0x80, &(0x7f0000000b40)=[{&(0x7f0000000800)=""/55, 0x37}], 0x1}, 0x405}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) write$P9_RGETLOCK(r2, &(0x7f00000003c0)=ANY=[@ANYBLOB="350000194e621100000000000000000700f0000000000000cabccf258f89fc6da8c395aa018d83e0c6356c5aded74dc7e99c74d427ae85f25c5b80b95c85957da97fba0896741c3b4a18e6f44167ddbe0c0570d3438eccb779ee1311dcdfdf829060face36020a87829ad8dc6794ba8425204fd2014fcb7feb8c886459fe1c0d6e02cda33131a6a09c45c7436506c7f9e71402c4c9f4a71128e7727ee3582fe45a858994ce3dab322c7846ef0af200", @ANYRES32, @ANYBLOB="17007573657ac1"], 0x35) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x363) perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x7e, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000380)}, 0x9000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x4000000000000071, 0x0) r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000340)={0x6, 0x0, 0x0, 0x204f}) ioctl$DRM_IOCTL_AGP_FREE(r2, 0x40206435, &(0x7f00000004c0)={0x81, r5, 0x10000, 0x7}) ioctl$SNDRV_PCM_IOCTL_RESUME(r3, 0x4147, 0x0) mount$fuse(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000040)='fuse\x00', 0x0, &(0x7f0000000140)={{'fd', 0x3d, r4}, 0x2c, {'rootmode', 0x3d, 0x807a}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) 03:29:14 executing program 4: openat$adsp1(0xffffffffffffff9c, 0x0, 0x0, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x0) ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f0000000300)={0x2, 0x0, @ioapic={0x0, 0x0, 0x0, 0x7fff, 0x0, [{0x0, 0x2}]}}) 03:29:14 executing program 3: r0 = socket$inet(0x2b, 0x1, 0x0) bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e23, @multicast2}, 0x31) connect$inet(r0, &(0x7f0000000100)={0x2, 0x4e23, @local}, 0x10) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) 03:29:14 executing program 5: openat$adsp1(0xffffffffffffff9c, 0x0, 0x0, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x0) ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f0000000300)={0x2, 0x0, @ioapic={0x0, 0x0, 0x0, 0x7fff, 0x0, [{0x0, 0x2}]}}) 03:29:14 executing program 0: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x0, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000280)={0x38, 0x2, 0x0, 0x0, 0x8}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f00000041c0)=[{{&(0x7f0000000780)=@xdp, 0x80, &(0x7f0000000b40)=[{&(0x7f0000000800)=""/55, 0x37}], 0x1}, 0x405}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) write$P9_RGETLOCK(r2, &(0x7f00000003c0)=ANY=[@ANYBLOB="350000194e621100000000000000000700f0000000000000cabccf258f89fc6da8c395aa018d83e0c6356c5aded74dc7e99c74d427ae85f25c5b80b95c85957da97fba0896741c3b4a18e6f44167ddbe0c0570d3438eccb779ee1311dcdfdf829060face36020a87829ad8dc6794ba8425204fd2014fcb7feb8c886459fe1c0d6e02cda33131a6a09c45c7436506c7f9e71402c4c9f4a71128e7727ee3582fe45a858994ce3dab322c7846ef0af200", @ANYRES32, @ANYBLOB="17007573657ac1"], 0x35) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x363) perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x7e, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000380)}, 0x9000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x4000000000000071, 0x0) r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000340)={0x6, 0x0, 0x0, 0x204f}) ioctl$DRM_IOCTL_AGP_FREE(r2, 0x40206435, &(0x7f00000004c0)={0x81, r5, 0x10000, 0x7}) ioctl$SNDRV_PCM_IOCTL_RESUME(r3, 0x4147, 0x0) mount$fuse(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000040)='fuse\x00', 0x0, &(0x7f0000000140)={{'fd', 0x3d, r4}, 0x2c, {'rootmode', 0x3d, 0x807a}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) 03:29:14 executing program 4: openat$adsp1(0xffffffffffffff9c, 0x0, 0x0, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x0) ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f0000000300)={0x2, 0x0, @ioapic={0x0, 0x0, 0x0, 0x7fff, 0x0, [{0x0, 0x2}]}}) 03:29:14 executing program 2: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8d, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000280)={0x38, 0x2, 0x0, 0x0, 0x8}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f00000041c0)=[{{&(0x7f0000000780)=@xdp, 0x80, &(0x7f0000000b40)=[{&(0x7f0000000800)=""/55, 0x37}], 0x1}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) write$P9_RGETLOCK(r2, &(0x7f00000003c0)=ANY=[@ANYBLOB="350000194e621100000000000000000700f0000000000000cabccf258f89fc6da8c395aa018d83e0c6356c5aded74dc7e99c74d427ae85f25c5b80b95c85957da97fba0896741c3b4a18e6f44167ddbe0c0570d3438eccb779ee1311dcdfdf829060face36020a87829ad8dc6794ba8425204fd2014fcb7feb8c886459fe1c0d6e02cda33131a6a09c45c7436506c7f9e71402c4c9f4a71128e7727ee3582fe45a858994ce3dab322c7846ef0af200", @ANYRES32, @ANYBLOB="17007573657ac194cad3358c9a7cd054617b"], 0x35) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x363) perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x7e, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000380)}, 0x9000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x4000000000000071, 0x0) r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000340)={0x6, 0x0, 0x0, 0x204f}) ioctl$DRM_IOCTL_AGP_FREE(r2, 0x40206435, &(0x7f00000004c0)={0x81, r5, 0x10000, 0x7}) ioctl$SNDRV_PCM_IOCTL_RESUME(r3, 0x4147, 0x0) mount$fuse(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000040)='fuse\x00', 0x0, &(0x7f0000000140)={{'fd', 0x3d, r4}, 0x2c, {'rootmode', 0x3d, 0x807a}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) 03:29:14 executing program 3: r0 = socket$inet(0x2b, 0x1, 0x0) bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e23, @multicast2}, 0x31) connect$inet(r0, &(0x7f0000000100)={0x2, 0x4e23, @local}, 0x10) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) dup(r1) r2 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) 03:29:14 executing program 1: r0 = socket$inet(0x2b, 0x1, 0x0) bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e23, @multicast2}, 0x31) connect$inet(r0, &(0x7f0000000100)={0x2, 0x4e23, @local}, 0x10) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) dup(r3) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) dup(r4) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) 03:29:14 executing program 5: r0 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000180)='/dev/adsp1\x00', 0x0, 0x0) ioctl$SNDCTL_DSP_SETTRIGGER(0xffffffffffffffff, 0x40045010, &(0x7f00000000c0)=0x10001) ioctl$SNDCTL_DSP_CHANNELS(r0, 0xc0045006, &(0x7f0000000040)=0x27) read$dsp(r0, &(0x7f0000000240)=""/165, 0xa5) getpid() r1 = socket$inet6(0xa, 0x0, 0x0) recvmmsg(r1, &(0x7f00000041c0)=[{{0x0, 0x0, &(0x7f0000000b40)=[{0x0}], 0x1}, 0x405}], 0x1, 0x0, 0x0) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) write$P9_RGETLOCK(0xffffffffffffffff, &(0x7f0000000540)=ANY=[@ANYBLOB="3500000000aa190000000000000000070000000000000000cabccf258f89fc6d85a8c395aa018d83e0c6356c5aded74dc7e99c74d427ae852bf95b80b95c85957da97fba0896741c3b4a18e6934167ddbe0c0570d3438eccb779ee1311dcdfdf829060face36020a87829ad8dc6794ba8425204fd2014fcb7feb8c886459fe1c0d6e02cda33131a6a09c45c7436506c7f9e71402c4c9f4a71128e772", @ANYRES32, @ANYBLOB="17007573657ac194cad3358c9a7cd054617bc8b1d205eee7a0e984836bfd5fba125d7268e76862aa234a1f6197078906cb5b496f982709eeef450a8f0eec706c907c2cc7dc5995552b9d08270c29cbb3000c901c6c5a7e3cdc975d7dce4c127d55aaf92fe29dfe2c341ad786dbeda9dbbbd17594b42e4a0c69ae17d4861b1575970fc3a8a1b29e593822032b48dc23b3221718bddefb863aa2dc61224abf93ffdcc9"], 0x35) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) 03:29:14 executing program 3: r0 = socket$inet(0x2b, 0x1, 0x0) bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e23, @multicast2}, 0x31) connect$inet(r0, &(0x7f0000000100)={0x2, 0x4e23, @local}, 0x10) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) 03:29:14 executing program 4: openat$adsp1(0xffffffffffffff9c, 0x0, 0x0, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ioctl$KVM_SET_IRQCHIP(0xffffffffffffffff, 0x8208ae63, &(0x7f0000000300)={0x2, 0x0, @ioapic={0x0, 0x0, 0x0, 0x7fff, 0x0, [{0x0, 0x2}]}}) 03:29:14 executing program 0: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x0, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000280)={0x38, 0x2, 0x0, 0x0, 0x8}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f00000041c0)=[{{&(0x7f0000000780)=@xdp, 0x80, &(0x7f0000000b40)=[{&(0x7f0000000800)=""/55, 0x37}], 0x1}, 0x405}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) write$P9_RGETLOCK(r2, &(0x7f00000003c0)=ANY=[@ANYBLOB="350000194e621100000000000000000700f0000000000000cabccf258f89fc6da8c395aa018d83e0c6356c5aded74dc7e99c74d427ae85f25c5b80b95c85957da97fba0896741c3b4a18e6f44167ddbe0c0570d3438eccb779ee1311dcdfdf829060face36020a87829ad8dc6794ba8425204fd2014fcb7feb8c886459fe1c0d6e02cda33131a6a09c45c7436506c7f9e71402c4c9f4a71128e7727ee3582fe45a858994ce3dab322c7846ef0af200", @ANYRES32, @ANYBLOB="17007573657ac1"], 0x35) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x363) perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x7e, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000380)}, 0x9000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x4000000000000071, 0x0) r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000340)={0x6, 0x0, 0x0, 0x204f}) ioctl$DRM_IOCTL_AGP_FREE(r2, 0x40206435, &(0x7f00000004c0)={0x81, r5, 0x10000, 0x7}) ioctl$SNDRV_PCM_IOCTL_RESUME(r3, 0x4147, 0x0) mount$fuse(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000040)='fuse\x00', 0x0, &(0x7f0000000140)={{'fd', 0x3d, r4}, 0x2c, {'rootmode', 0x3d, 0x807a}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) 03:29:14 executing program 2: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8d, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000280)={0x38, 0x2, 0x0, 0x0, 0x8}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f00000041c0)=[{{&(0x7f0000000780)=@xdp, 0x80, &(0x7f0000000b40)=[{0x0}], 0x1}, 0x405}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) write$P9_RGETLOCK(r2, &(0x7f00000003c0)=ANY=[@ANYBLOB="350000194e621100000000000000000700f0000000000000cabccf258f89fc6da8c395aa018d83e0c6356c5aded74dc7e99c74d427ae85f25c5b80b95c85957da97fba0896741c3b4a18e6f44167ddbe0c0570d3438eccb779ee1311dcdfdf829060face36020a87829ad8dc6794ba8425204fd2014fcb7feb8c886459fe1c0d6e02cda33131a6a09c45c7436506c7f9e71402c4c9f4a71128e7727ee3582fe45a858994ce3dab322c7846ef0af200", @ANYRES32, @ANYBLOB="17007573657ac194cad3358c9a7cd054617b"], 0x35) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x363) perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x7e, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000380)}, 0x9000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x4000000000000071, 0x0) r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000340)={0x6, 0x0, 0x0, 0x204f}) ioctl$DRM_IOCTL_AGP_FREE(r2, 0x40206435, &(0x7f00000004c0)={0x81, r5, 0x10000, 0x7}) ioctl$SNDRV_PCM_IOCTL_RESUME(r3, 0x4147, 0x0) mount$fuse(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000040)='fuse\x00', 0x0, &(0x7f0000000140)={{'fd', 0x3d, r4}, 0x2c, {'rootmode', 0x3d, 0x807a}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) 03:29:14 executing program 3: r0 = socket$inet(0x2b, 0x1, 0x0) bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e23, @multicast2}, 0x31) connect$inet(r0, &(0x7f0000000100)={0x2, 0x4e23, @local}, 0x10) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) 03:29:15 executing program 4: openat$adsp1(0xffffffffffffff9c, 0x0, 0x0, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ioctl$KVM_SET_IRQCHIP(0xffffffffffffffff, 0x8208ae63, &(0x7f0000000300)={0x2, 0x0, @ioapic={0x0, 0x0, 0x0, 0x7fff, 0x0, [{0x0, 0x2}]}}) 03:29:15 executing program 3: r0 = socket$inet(0x2b, 0x1, 0x0) bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e23, @multicast2}, 0x31) connect$inet(r0, &(0x7f0000000100)={0x2, 0x4e23, @local}, 0x10) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) 03:29:15 executing program 2: r0 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000180)='/dev/adsp1\x00', 0x0, 0x0) ioctl$SNDCTL_DSP_SETTRIGGER(0xffffffffffffffff, 0x40045010, &(0x7f00000000c0)=0x10001) ioctl$SNDCTL_DSP_CHANNELS(r0, 0xc0045006, &(0x7f0000000040)=0x27) read$dsp(r0, &(0x7f0000000240)=""/165, 0xa5) getpid() r1 = socket$inet6(0xa, 0x0, 0x0) recvmmsg(r1, &(0x7f00000041c0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write$P9_RGETLOCK(0xffffffffffffffff, 0x0, 0x35) sched_setattr(0x0, 0x0, 0x0) 03:29:15 executing program 0: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x0, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000280)={0x38, 0x2, 0x0, 0x0, 0x8}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f00000041c0)=[{{&(0x7f0000000780)=@xdp, 0x80, &(0x7f0000000b40)=[{&(0x7f0000000800)=""/55, 0x37}], 0x1}, 0x405}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) write$P9_RGETLOCK(r2, &(0x7f00000003c0)=ANY=[@ANYBLOB="350000194e621100000000000000000700f0000000000000cabccf258f89fc6da8c395aa018d83e0c6356c5aded74dc7e99c74d427ae85f25c5b80b95c85957da97fba0896741c3b4a18e6f44167ddbe0c0570d3438eccb779ee1311dcdfdf829060face36020a87829ad8dc6794ba8425204fd2014fcb7feb8c886459fe1c0d6e02cda33131a6a09c45c7436506c7f9e71402c4c9f4a71128e7727ee3582fe45a858994ce3dab322c7846ef0af200", @ANYRES32, @ANYBLOB="17007573657ac1"], 0x35) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x363) perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x7e, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000380)}, 0x9000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x4000000000000071, 0x0) r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000340)={0x6, 0x0, 0x0, 0x204f}) ioctl$DRM_IOCTL_AGP_FREE(r2, 0x40206435, &(0x7f00000004c0)={0x81, r5, 0x10000, 0x7}) ioctl$SNDRV_PCM_IOCTL_RESUME(r3, 0x4147, 0x0) mount$fuse(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000040)='fuse\x00', 0x0, &(0x7f0000000140)={{'fd', 0x3d, r4}, 0x2c, {'rootmode', 0x3d, 0x807a}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) 03:29:15 executing program 3: r0 = socket$inet(0x2b, 0x1, 0x0) bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e23, @multicast2}, 0x31) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) [ 786.402436] syz-executor.4: page allocation failure: order:0, mode:0x14000c4(GFP_KERNEL|GFP_DMA32), nodemask=(null) [ 786.413876] syz-executor.4 cpuset=/ mems_allowed=0-1 [ 786.433438] CPU: 1 PID: 5357 Comm: syz-executor.4 Not tainted 4.14.184-syzkaller #0 [ 786.441305] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 786.450682] Call Trace: [ 786.453291] dump_stack+0x1b2/0x283 [ 786.456941] warn_alloc.cold+0x96/0x1af [ 786.460940] ? zone_watermark_ok_safe+0x250/0x250 [ 786.465824] ? wait_for_completion_io+0x10/0x10 [ 786.470564] __alloc_pages_nodemask+0x2129/0x2730 [ 786.475533] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 786.480547] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 786.485462] ? do_raw_spin_unlock+0x164/0x250 [ 786.490109] alloc_pages_current+0xe7/0x1e0 [ 786.494454] kvm_mmu_create+0xd1/0x1c0 [ 786.498361] kvm_arch_vcpu_init+0x282/0x890 [ 786.502710] ? alloc_pages_current+0xef/0x1e0 [ 786.507218] kvm_vcpu_init+0x26d/0x360 [ 786.511118] vmx_create_vcpu+0xf5/0x2950 [ 786.515196] ? __mutex_unlock_slowpath+0x75/0x780 [ 786.520062] ? drop_futex_key_refs.isra.0+0x17/0x80 [ 786.525135] ? alloc_loaded_vmcs+0x240/0x240 [ 786.529563] kvm_vm_ioctl+0x4ae/0x1430 [ 786.533479] ? __lock_acquire+0x655/0x42a0 [ 786.537741] ? kvm_vcpu_release+0xa0/0xa0 [ 786.541910] ? trace_hardirqs_on+0x10/0x10 [ 786.546170] ? trace_hardirqs_on+0x10/0x10 [ 786.550429] ? futex_exit_release+0x60/0x60 [ 786.554785] ? __might_fault+0x104/0x1b0 [ 786.558867] ? lock_acquire+0x170/0x3f0 [ 786.562851] ? kvm_vcpu_release+0xa0/0xa0 [ 786.567027] do_vfs_ioctl+0x75a/0xfe0 [ 786.570955] ? selinux_parse_skb.constprop.0+0x16c0/0x16c0 [ 786.576594] ? ioctl_preallocate+0x1a0/0x1a0 [ 786.581130] ? security_file_ioctl+0x76/0xb0 [ 786.585547] ? security_file_ioctl+0x83/0xb0 [ 786.589974] SyS_ioctl+0x7f/0xb0 [ 786.593348] ? do_vfs_ioctl+0xfe0/0xfe0 [ 786.597333] do_syscall_64+0x1d5/0x640 [ 786.601395] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 786.606588] RIP: 0033:0x45cba9 [ 786.609789] RSP: 002b:00007f761ce6bc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 786.617514] RAX: ffffffffffffffda RBX: 00000000004e85c0 RCX: 000000000045cba9 [ 786.624918] RDX: 0000000000000000 RSI: 000000000000ae41 RDI: 0000000000000004 [ 786.632205] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 786.639624] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 786.646941] R13: 00000000000003a3 R14: 00000000004c652f R15: 00007f761ce6c6d4 [ 786.694838] Mem-Info: [ 786.697479] active_anon:1034377 inactive_anon:4039 isolated_anon:0 [ 786.697479] active_file:3889 inactive_file:7529 isolated_file:0 [ 786.697479] unevictable:0 dirty:31 writeback:0 unstable:0 [ 786.697479] slab_reclaimable:15985 slab_unreclaimable:136391 [ 786.697479] mapped:58271 shmem:4200 pagetables:30435 bounce:0 [ 786.697479] free:279078 free_pcp:382 free_cma:0 03:29:15 executing program 1: r0 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000180)='/dev/adsp1\x00', 0x0, 0x0) ioctl$SNDCTL_DSP_SETTRIGGER(0xffffffffffffffff, 0x40045010, &(0x7f00000000c0)=0x10001) ioctl$SNDCTL_DSP_CHANNELS(r0, 0xc0045006, &(0x7f0000000040)=0x27) read$dsp(r0, &(0x7f0000000240)=""/165, 0xa5) getpid() r1 = socket$inet6(0xa, 0x0, 0x0) recvmmsg(r1, &(0x7f00000041c0)=[{{0x0, 0x0, &(0x7f0000000b40)=[{0x0}], 0x1}, 0x405}], 0x1, 0x0, 0x0) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) write$P9_RGETLOCK(0xffffffffffffffff, &(0x7f0000000540)=ANY=[@ANYBLOB="3500000000aa190000000000000000070000000000000000cabccf258f89fc6d85a8c395aa018d83e0c6356c5aded74dc7e99c74d427ae852bf95b80b95c85957da97fba0896741c3b4a18e6934167ddbe0c0570d3438eccb779ee1311dcdfdf829060face36020a87829ad8dc6794ba8425204fd2014fcb7feb8c886459fe1c0d6e02cda33131a6a09c45c7436506c7f9e71402c4c9f4a71128e7727ee3", @ANYRES32, @ANYBLOB="17007573657ac194cad3358c9a7cd054617bc8b1d205eee7a0e984836bfd5fba125d7268e76862aa234a1f6197078906cb5b496f982709eeef450a8f0eec706c907c2cc7dc5995552b9d08270c29cbb3000c901c6c5a7e3cdc975d7dce4c127d55aaf92fe29dfe2c341ad786dbeda9dbbbd17594b42e4a0c69ae17d4861b1575970fc3a8a1b29e593822032b48dc23b3221718bddefb863aa2dc61224abf93ffdcc9"], 0x35) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) 03:29:15 executing program 5: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8d, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000280)={0x38, 0x2, 0x0, 0x0, 0x8}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f00000041c0)=[{{&(0x7f0000000780)=@xdp, 0x80, &(0x7f0000000b40)=[{0x0}], 0x1}, 0x405}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) write$P9_RGETLOCK(r2, &(0x7f00000003c0)=ANY=[@ANYBLOB="350000194e621100000000000000000700f0000000000000cabccf258f89fc6da8c395aa018d83e0c6356c5aded74dc7e99c74d427ae85f25c5b80b95c85957da97fba0896741c3b4a18e6f44167ddbe0c0570d3438eccb779ee1311dcdfdf829060face36020a87829ad8dc6794ba8425204fd2014fcb7feb8c886459fe1c0d6e02cda33131a6a09c45c7436506c7f9e71402c4c9f4a71128e7727ee3582fe45a858994ce3dab322c7846ef0af200", @ANYRES32, @ANYBLOB="17007573657ac194cad3358c9a7cd054617b"], 0x35) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x363) perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x7e, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000380)}, 0x9000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x4000000000000071, 0x0) r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000340)={0x6, 0x0, 0x0, 0x204f}) ioctl$DRM_IOCTL_AGP_FREE(r2, 0x40206435, &(0x7f00000004c0)={0x81, r5, 0x10000, 0x7}) ioctl$SNDRV_PCM_IOCTL_RESUME(r3, 0x4147, 0x0) mount$fuse(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000040)='fuse\x00', 0x0, &(0x7f0000000140)={{'fd', 0x3d, r4}, 0x2c, {'rootmode', 0x3d, 0x807a}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) 03:29:15 executing program 3: r0 = socket$inet(0x2b, 0x1, 0x0) bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e23, @multicast2}, 0x31) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) 03:29:15 executing program 2: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8d, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000280)={0x38, 0x2, 0x0, 0x0, 0x8}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f00000041c0)=[{{&(0x7f0000000780)=@xdp, 0x80, &(0x7f0000000b40)}, 0x405}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) write$P9_RGETLOCK(r2, &(0x7f00000003c0)=ANY=[@ANYBLOB="350000194e621100000000000000000700f0000000000000cabccf258f89fc6da8c395aa018d83e0c6356c5aded74dc7e99c74d427ae85f25c5b80b95c85957da97fba0896741c3b4a18e6f44167ddbe0c0570d3438eccb779ee1311dcdfdf829060face36020a87829ad8dc6794ba8425204fd2014fcb7feb8c886459fe1c0d6e02cda33131a6a09c45c7436506c7f9e71402c4c9f4a71128e7727ee3582fe45a858994ce3dab322c7846ef0af200", @ANYRES32, @ANYBLOB="17007573657ac194cad3358c9a7cd054617b"], 0x35) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x363) perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x7e, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000380)}, 0x9000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x4000000000000071, 0x0) r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000340)={0x6, 0x0, 0x0, 0x204f}) ioctl$DRM_IOCTL_AGP_FREE(r2, 0x40206435, &(0x7f00000004c0)={0x81, r5, 0x10000, 0x7}) ioctl$SNDRV_PCM_IOCTL_RESUME(r3, 0x4147, 0x0) mount$fuse(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000040)='fuse\x00', 0x0, &(0x7f0000000140)={{'fd', 0x3d, r4}, 0x2c, {'rootmode', 0x3d, 0x807a}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) 03:29:15 executing program 0: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000280)={0x38, 0x2, 0x0, 0x0, 0x8}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f00000041c0)=[{{&(0x7f0000000780)=@xdp, 0x80, &(0x7f0000000b40)=[{&(0x7f0000000800)=""/55, 0x37}], 0x1}, 0x405}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) write$P9_RGETLOCK(r2, &(0x7f00000003c0)=ANY=[@ANYBLOB="350000194e621100000000000000000700f0000000000000cabccf258f89fc6da8c395aa018d83e0c6356c5aded74dc7e99c74d427ae85f25c5b80b95c85957da97fba0896741c3b4a18e6f44167ddbe0c0570d3438eccb779ee1311dcdfdf829060face36020a87829ad8dc6794ba8425204fd2014fcb7feb8c886459fe1c0d6e02cda33131a6a09c45c7436506c7f9e71402c4c9f4a71128e7727ee3582fe45a858994ce3dab322c7846ef0af200", @ANYRES32, @ANYBLOB="17007573657ac1"], 0x35) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x363) perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x7e, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000380)}, 0x9000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x4000000000000071, 0x0) r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000340)={0x6, 0x0, 0x0, 0x204f}) ioctl$DRM_IOCTL_AGP_FREE(r2, 0x40206435, &(0x7f00000004c0)={0x81, r5, 0x10000, 0x7}) ioctl$SNDRV_PCM_IOCTL_RESUME(r3, 0x4147, 0x0) mount$fuse(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000040)='fuse\x00', 0x0, &(0x7f0000000140)={{'fd', 0x3d, r4}, 0x2c, {'rootmode', 0x3d, 0x807a}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) [ 786.749253] Node 0 active_anon:1914300kB inactive_anon:16128kB active_file:28kB inactive_file:4kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:213360kB dirty:8kB writeback:0kB shmem:16772kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 1445888kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes 03:29:15 executing program 3: r0 = socket$inet(0x2b, 0x1, 0x0) bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e23, @multicast2}, 0x31) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) [ 786.835093] Node 1 active_anon:2223408kB inactive_anon:28kB active_file:15528kB inactive_file:30112kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:19724kB dirty:116kB writeback:0kB shmem:28kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 786.867663] Node 0 DMA free:10448kB min:220kB low:272kB high:324kB active_anon:4344kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:4kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 786.902380] lowmem_reserve[]: 0 2559 2559 2559 2559 [ 786.908752] Node 0 DMA32 free:36348kB min:36296kB low:45368kB high:54440kB active_anon:1909956kB inactive_anon:16128kB active_file:28kB inactive_file:4kB unevictable:0kB writepending:8kB present:3129332kB managed:2623992kB mlocked:0kB kernel_stack:12512kB pagetables:45736kB bounce:0kB free_pcp:308kB local_pcp:176kB free_cma:0kB 03:29:16 executing program 3: r0 = socket$inet(0x2b, 0x1, 0x0) connect$inet(r0, &(0x7f0000000100)={0x2, 0x4e23, @local}, 0x10) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) [ 787.251579] lowmem_reserve[]: 0 0 0 0 0 [ 787.260603] Node 0 Normal free:0kB min:0kB low:0kB high:0kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:0kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 787.289367] lowmem_reserve[]: 0 0 0 0 0 [ 787.294778] Node 1 Normal free:1065460kB min:53592kB low:66988kB high:80384kB active_anon:2223676kB inactive_anon:24kB active_file:15528kB inactive_file:30136kB unevictable:0kB writepending:364kB present:3932160kB managed:3870192kB mlocked:0kB kernel_stack:31200kB pagetables:76212kB bounce:0kB free_pcp:1320kB local_pcp:684kB free_cma:0kB [ 787.326175] lowmem_reserve[]: 0 0 0 0 0 [ 787.330369] Node 0 DMA: 4*4kB (M) 16*8kB (UM) 2*16kB (UM) 5*32kB (UM) 2*64kB (UM) 2*128kB (UM) 0*256kB 1*512kB (M) 1*1024kB (M) 0*2048kB 2*4096kB (ME) = 10448kB [ 787.352890] Node 0 DMA32: 306*4kB (UM) 488*8kB (UME) 76*16kB (UM) 24*32kB (UM) 58*64kB (ME) 39*128kB (UME) 26*256kB (UM) 13*512kB (UM) 7*1024kB (M) 0*2048kB 0*4096kB = 36296kB [ 787.372008] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 787.396132] Node 1 Normal: 245*4kB (UME) 399*8kB (UME) 260*16kB (UME) 114*32kB (UME) 39*64kB (UME) 24*128kB (UME) 23*256kB (UM) 20*512kB (UM) 13*1024kB (UME) 4*2048kB (UME) 247*4096kB (M) = 1066892kB [ 787.414774] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 787.429657] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 787.442001] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB 03:29:16 executing program 4: openat$adsp1(0xffffffffffffff9c, 0x0, 0x0, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ioctl$KVM_SET_IRQCHIP(0xffffffffffffffff, 0x8208ae63, 0x0) 03:29:16 executing program 2: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8d, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000280)={0x38, 0x2, 0x0, 0x0, 0x8}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f00000041c0)=[{{&(0x7f0000000780)=@xdp, 0x80, &(0x7f0000000b40)}, 0x405}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) write$P9_RGETLOCK(r2, &(0x7f00000003c0)=ANY=[@ANYBLOB="350000194e621100000000000000000700f0000000000000cabccf258f89fc6da8c395aa018d83e0c6356c5aded74dc7e99c74d427ae85f25c5b80b95c85957da97fba0896741c3b4a18e6f44167ddbe0c0570d3438eccb779ee1311dcdfdf829060face36020a87829ad8dc6794ba8425204fd2014fcb7feb8c886459fe1c0d6e02cda33131a6a09c45c7436506c7f9e71402c4c9f4a71128e7727ee3582fe45a858994ce3dab322c7846ef0af200", @ANYRES32, @ANYBLOB="17007573657ac194cad3358c9a7cd054617b"], 0x35) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x363) perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x7e, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000380)}, 0x9000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x4000000000000071, 0x0) r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000340)={0x6, 0x0, 0x0, 0x204f}) ioctl$DRM_IOCTL_AGP_FREE(r2, 0x40206435, &(0x7f00000004c0)={0x81, r5, 0x10000, 0x7}) ioctl$SNDRV_PCM_IOCTL_RESUME(r3, 0x4147, 0x0) mount$fuse(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000040)='fuse\x00', 0x0, &(0x7f0000000140)={{'fd', 0x3d, r4}, 0x2c, {'rootmode', 0x3d, 0x807a}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) 03:29:16 executing program 0: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000280)={0x38, 0x2, 0x0, 0x0, 0x8}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f00000041c0)=[{{&(0x7f0000000780)=@xdp, 0x80, &(0x7f0000000b40)=[{&(0x7f0000000800)=""/55, 0x37}], 0x1}, 0x405}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) write$P9_RGETLOCK(r2, &(0x7f00000003c0)=ANY=[@ANYBLOB="350000194e621100000000000000000700f0000000000000cabccf258f89fc6da8c395aa018d83e0c6356c5aded74dc7e99c74d427ae85f25c5b80b95c85957da97fba0896741c3b4a18e6f44167ddbe0c0570d3438eccb779ee1311dcdfdf829060face36020a87829ad8dc6794ba8425204fd2014fcb7feb8c886459fe1c0d6e02cda33131a6a09c45c7436506c7f9e71402c4c9f4a71128e7727ee3582fe45a858994ce3dab322c7846ef0af200", @ANYRES32, @ANYBLOB="17007573657ac1"], 0x35) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x363) perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x7e, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000380)}, 0x9000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x4000000000000071, 0x0) r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000340)={0x6, 0x0, 0x0, 0x204f}) ioctl$DRM_IOCTL_AGP_FREE(r2, 0x40206435, &(0x7f00000004c0)={0x81, r5, 0x10000, 0x7}) ioctl$SNDRV_PCM_IOCTL_RESUME(r3, 0x4147, 0x0) mount$fuse(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000040)='fuse\x00', 0x0, &(0x7f0000000140)={{'fd', 0x3d, r4}, 0x2c, {'rootmode', 0x3d, 0x807a}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) 03:29:16 executing program 5: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8d, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000280)={0x38, 0x2, 0x0, 0x0, 0x8}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f00000041c0)=[{{&(0x7f0000000780)=@xdp, 0x80, &(0x7f0000000b40)}, 0x405}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) write$P9_RGETLOCK(r2, &(0x7f00000003c0)=ANY=[@ANYBLOB="350000194e621100000000000000000700f0000000000000cabccf258f89fc6da8c395aa018d83e0c6356c5aded74dc7e99c74d427ae85f25c5b80b95c85957da97fba0896741c3b4a18e6f44167ddbe0c0570d3438eccb779ee1311dcdfdf829060face36020a87829ad8dc6794ba8425204fd2014fcb7feb8c886459fe1c0d6e02cda33131a6a09c45c7436506c7f9e71402c4c9f4a71128e7727ee3582fe45a858994ce3dab322c7846ef0af200", @ANYRES32, @ANYBLOB="17007573657ac194cad3358c9a7cd054617b"], 0x35) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x363) perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x7e, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000380)}, 0x9000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x4000000000000071, 0x0) r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000340)={0x6, 0x0, 0x0, 0x204f}) ioctl$DRM_IOCTL_AGP_FREE(r2, 0x40206435, &(0x7f00000004c0)={0x81, r5, 0x10000, 0x7}) ioctl$SNDRV_PCM_IOCTL_RESUME(r3, 0x4147, 0x0) mount$fuse(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000040)='fuse\x00', 0x0, &(0x7f0000000140)={{'fd', 0x3d, r4}, 0x2c, {'rootmode', 0x3d, 0x807a}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) 03:29:16 executing program 1: r0 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000180)='/dev/adsp1\x00', 0x0, 0x0) ioctl$SNDCTL_DSP_SETTRIGGER(0xffffffffffffffff, 0x40045010, &(0x7f00000000c0)=0x10001) ioctl$SNDCTL_DSP_CHANNELS(r0, 0xc0045006, &(0x7f0000000040)=0x27) read$dsp(r0, &(0x7f0000000240)=""/165, 0xa5) r1 = getpid() sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x2, 0x0, 0x0, 0x8}, 0x0) r2 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r2, &(0x7f00000041c0)=[{{0x0, 0x0, &(0x7f0000000b40)=[{0x0}], 0x1, &(0x7f0000000bc0)=""/98, 0x62}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000000)=[{0x0}], 0x1, 0x0) write$P9_RGETLOCK(0xffffffffffffffff, &(0x7f0000000540)=ANY=[], 0x35) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x0, 0x3}, 0x0) r5 = socket$inet_udplite(0x2, 0x2, 0x88) getsockopt$sock_cred(r5, 0x1, 0x11, &(0x7f0000000240)={0x0, 0x0}, &(0x7f0000000280)=0x5) setuid(r6) keyctl$get_persistent(0x16, r6, 0xfffffffffffffffb) lstat(&(0x7f0000006140)='./file0\x00', &(0x7f0000000a40)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) sendmmsg$unix(r4, &(0x7f0000006240)=[{&(0x7f0000000100)=@abs={0x1, 0x0, 0x4e22}, 0x6e, &(0x7f00000001c0)=[{&(0x7f0000000340)="a686de93d5d4b75f0b1b1feed30b3f21a460c05f32a0d970e2dbb0a24fb652a3bd429995aa28d155a7241a48461694965e92ae9f326c05cab1b5e9ea6c442b27eddff347f931a5458a311b94fffc948f94a417e27fd24cec31734276cbf89b706ff91bf0644342959d3d2b12bcdd7102811a29dac574eac366bff4b90be974e87d9af9aef95e98b5327513e687d988445367ac9bbe061ec430750e1b326c8c7c5d4e8b153ca7364c3761ab02d708f0151921899b81a65cf385c3ec36786eda67165322294bd2c3395b3cc721", 0xcc}, {&(0x7f0000000c40)="b9224c3f82dd15a85442ee009e8e950155a6f6157436c14ce24b908f896e81d9091aaa3e06fa23e2be90f6b2498c97776c42f7fc066c98dac10eb1a9ede3880694660ff1672ba3c9eb790b15491f1fc1792c20fee675c3f7664610f7077e74434c3a6a660a87b8e086f5d4b0ef47d5be70d311f26718d40846bfbaca1c3df295c97d28b8657430ca81ae1f281395d7acc4991620932c496eee82b7a9f28a80f1cc9335eb97d3de32f722109f83c8eedd159998bce727134f7f8adf4d5cf650358967b1d77a8a9384d0c597ab9577e06216d2cb10cf2979ed96b01df1c8cca207e70d464a6041c1bd632694eeb24bb19a3ada737034940236eac79bd925dac6f84d57fb17de89fa57263a614050be22be021fcacba737ecfa500574c6010006c6cc2d7343479b103c545a9060ce880a1409a22f6b7a032b45f64cc9fc823e8088326bef5bb01b505c96e6abb6fd4899d5690ec11aee09f1202616d553a9dd1b8b36af39f7b590b34067071b71bba9758f622971b899f759a7b42a0a2e66a59bd397f8b55b325b710f347e378a83b3fcbe3b505cbc8e392b8fd59cce0efc1ed5f851255976523406b951ca3259f8a9dc24ae0f2dca96c0a434da1c3d58e5995c853ba84838ef532ddd013474cab9a0227722695bf8d0ac30d80e01e12caa920b6ff7baeaad90a276661f09f393bdc1681377e12836aea483565ba151a6ab8fbdb31b55034d36a87fc59da9bc54e50e4eae76e751aa113d21af8a9b4d48c82a46671169cb668aae56b02ac61390f86e8d83231bb98980eed15d73b6069237d7781f2d2a2ccaec205f1ecaba390075f018e79e868d18a782de8ab8d2adcdafaadd52f7b64d43f804b24662141674e13edf70322cc5ad2d77dd968bf897a5df3d827fa90c6878b3bdda1837aadc53bafd1c08158ff5bcc8ca36321ee528256e0bb991254b41c4e731031709e1b2172d1ce04e25712440eb152b6c0061c13ad86dec295e187637524ea12b29aecc2ca0bb58cd584d9ab051c45c739cbbff9007ac36ecf54b21c06d0076b1862e2af4c2813fcf080dda7ddad91165e8d6b2e61d3eb235a6accdc00a8dd67b786b40d46e996dd24db412ea7549f8fe507df7184b3544d81628bfcc35a4c1f1752246e3bfa88c5d39dd7a9b90049cec6148b8dc5c9b757590696519ca41ac358307a5b8dee972b3f9a09b615fee574ae666945eda3ce9663f9a9e6ba1a2da04c41913fe8bd169e071c282f57be4fe024bd7db1874e804ac9ea6700c493eb332f01c59652ee9518c21d877e27bde02d06400a65e913b864f7304eba5d71926cc18ca9c256d07e0229fe66630cdd951292ddf345bf548a716fe5e68d9d19f5593741bd37de34efc4e52d0d10f2facf5555633dd32d13b8ef0c60ea9cc0bc2d390f2d4458343046a723c5107aff998904c4e543c2613977a90f562842cb1e09362301b30ab8ffa626144d4776381aec1b197b6c4266ecb1fa87a96ec013ea227f933c447b1b96dad664171218f78667dd0f3564ff175cb188417238b0a3e066abbf554db759ec4aeec56b8a014bd4e9807d7d4ae50489b9d8d09fceed10adeb4f5f3a2bb7a6d29ea5f4e9145afa8c352659f1162db29d2397a493d290ca4d19428c95f68d386026b28c7572ff0fb1a9b27e8f7af903da7097fb64ea36403dbfdcd8b9d001c4faa2324d5001d9328b5a3df9fc6974bd04b5ad8d9ed2a5e347f1fb43e4453169ad4b9da43c30c9651ae35e18b0bc1b2ba66cda55bbb4885cc09c42c0032879830ee44a480bbca719742f4f2751afab48efc958fbd7d15efe0fcaf9a2d016c6942f4e69f0219a36f41dc4d93c4f25509187b23c17abb0cc9b122daea5f64e264e2c79877f615463dc69a16c4b433554f5def59a3b263318e90ee1703ff1d4b1173b59b2091f2a166e44f6c5391a83af9b351f955992479aaa194ca117318a91deab56deb411ce7631b02dd0473eaba06afb10200870d5d7a546ab4c787e5f42284b52f7358c4d9b91040bdf570813cc46ffc77fb912d71fa32a8501f2f8daf8d7aaf5b021f52af02525b25e3341ffcdb58381062bf746cbe3503b968f8b2c5231d392bcc9b5be3a54233826b8c195cc8ff9f805780b3d055d404e126fee471f09c0cf2ef7ed29ec463cfda282da79119d3b63eb7a96b60a18abe0e0dbc114068bc6f1f347623aee3c83226dd79625c61b2ea0be4fe6af3740f9770c1af986f385714ca76924cca3b75a678301e3d97b4a070b75e859fe152009a2a0899fab69853c76195f4ba122b26213b66583b445fa9ed459083161f534778b29c6ec153c9f316b23e291087fa59624561c7383e18e8095ee8812e1e260643fb10c8ba9b73745d184472a99cd6e1d13ba81dd7d76aed9c394797e3ce18c07bfbb3494cf6da881de8ceb431412f49cab027f4ddddf728173d65ff0e23b9e106501985ef9a6a0543985ff404231581886858795b8eeef556b4750ac4678776d65c4bcbf4ede2ca6ac748afb0a4cc70702cc91dad75af98a58ba93d2237a1a0619d65c62dc3e0c3f6db13b8c6ff89572e9dadd3535d10b31648f922a081e363e8e66521cc78f7366bc44fa80b0144224479fbcd714b2a9e25ba2531dad1974439d37863a5d5c7a2e414371a50117994f48ca02293ae4495e9571e130aa9f328d6bb6967c4a58653908c47aa26856130940b778ec4cb6b4417d82df935da391d334da5c5a99d20df808054fdc86be4c01c07b0431d0af863cd00cba7a3372dc5f9d43ac668e94a1f88bdcb393849b3672cce8d5b8446aa2b827282f22ddce2c313db243f9efac7ac96027e81e7713fbbbe0bc30440f64a1b07441f6c517f7780364ff03e6e7d13a424c90c39e47d78c734cccdcc08b85cdf4166597520aad674c0905b57cd3aef5ff3a8abfbec258afdc544d185c3091c18d4599a872484358c1096966099767a4adfe3e3540546c416e654727f7d947796b6c345037961d549036b77e03e62e737911439f8d09f34671f620020f4bea97ee09cbda37bf19b37a30148b262fb6ab4b51ece42c2ee72254eb334cbc42558715f758bb29d9a94f8a056bb0ffdfd22800f8d6a79c47150e095646be25d5e3d9196df06f3df1b6b7eeb25a1aaf9b65dc0c463f585b9cf5e4e005f2c760ac79237641941e1588b912b1ac83d4fae4d3ac1dec19c937a2835450874a25c7eb6e2d10b7e84ac9f0d7882b7ced37e9fb36aa7344bb6c909276049bbdf6cc715d86aafde6c60f008fc3df3c3e71619c3e2417ac7101a8bb64ff3a025e7843935c563079c58a8b91fa506904ddfcac11f2d0e5fb0334d9eab3a06bdf46910f1ef876cd0fe54eea7bc8cbd9a723120676c605fe25eff73f6a745d14675cd892456edfa8dc23a525b2f713f950485292ee3d4829f59f45484a20448cad450d59c0f73af81fcae406fc3a5515a0bb4d40144bb5cc436ae1d96b3e1bdd9719b232d5a289c483b34bf454a5bb68ab30ec811b8240122a6cefa560458af600a8c4734593e4c4718e377002eacf7340969c7f11c911b23c4acc36767babb25379157021a1a9251990bbad26eb4456992ad3a4cfa9f9663525f7c4c1883ce948a6712f189981638a8fff35a0036ed591df6a5d5b05ff8f36da9a5993abb646ac251429a606d0ec4ec4a0248679813067c49272233fd72fa091bda8f2b5e61c49c11e30ab7694915a3d09f9f1d23ba3d0ce5a87e6e022b919a0b8ed2253454f2673ffe2820c93fa148b77494a07db992d6d024575f464ded366e363f80b96f05dad60aed37ffed56f8f47c7908d79059606ab06e1389be8e65df0345b587bb37af7e335295bc5113887bb197f7892ac145e97c628f425f2d5d742d8fe47fc2d5edb42ebccf61a3e2be64717548a08f5262533eaa30c4f30265e62539eea0d246e83d348b1774027a984f5e6002fcb25b7cf2a054ff3d9ba1de04847e43be94dbcefe9097aa38302c4359535b678402bab92b120ca8e759db9c9d84ac295e84edb84a6daf9d43975d0cae8bfe25cbe67e3300a0f1e79a2fed8588dd7d719cde1b7b1ea6a5d916ce7d788dc7799ca3e01893709082bd22117e615a99a8c77d6c751c79acbe57d8b209fdfbfb96ce632817d97d59c10b624307b163422ae4941edf7a5a09591cc34de946de2855e4874abde4a4982a1a465f9d8a469328b30f9585c3705ba0f6805abde35386bfd173222d69cfe5a0b2f59eaf12fb7259dcc9cf9f8fcf0dd35089cf2268afd05d012315c75a17e212915100fdd613e81379916a64a338f04d1edf45efb0a555e9de40fbddfabc3e794673393829b6e61141bfd624f7a01ffb7d9b85d6d69d49cfdafa4948ea960f48bcab5ad7fb3db057b317e50c4601606c4bf42e71be139eb35921938d577f3b8940b8665b09d016f3b8e1f11d0f8a02ba0b79ebc9f8405b4b31b70671c9b66ba0446f7a20dcf5dae0fd6a386a80a661191bd45bba7d54b499dfb4d78a6cc14e5d1e4fcc20b3a394365233cdeb691c17b92f19263051b4aca9c3f79b9a28a17d3d568ebd5704216e54b3464be6cec7ae5094645c036e2ae5b04c6d4ca16a6befc9a22111f5c87225abf42665896c67f8066af296e767868f12d7965ba670b3266d199d7706909eee51167028ef9d65041a127ea8f9f1538cf1eb09ebcbce54a703d7dd6eabcfb4ea0b719978ab5c2e0fd4359886c1b4db4dde9a6c811b0d7402af3ddcc9e24b032c2e4e9dcf37fd1953dfa95f8d193b6cb3f8f84269476084ac91303ef69357e44d8c542b677bcb8b0b52fe4232feab683118ef6b3d6d10b0df01f8a61bcacd7dbf9e0ac693d46f5a4e16d9759cbe792f504165ff25f29693b2090074aff7580201def863a190d4d971eba1b5add9ce3fa2ba0139b100eb090dfe535f07acb92f311d46a21317b9ce465654250b36e5cc9a0af8945edf565f4a6c72a6e2bd5d07d3ac2eb8e3681a172a46a2552b0ff0c409f40e1d3e3e07c5290368aef9474aa9b173a7f575d5017a0d42306687bee5b8f4d3d8612d0d9435901e60711c333f847c4000808faf3c2af49d83319a52fe5674bc7e94c7e17b42cec1c9d34798bc263429a76a0c10ea1b4753380dfe31921b602e5163652a4ee02ce431aa5c642c23802c8a63a60d8050d2cb71762ea738adcd2bcc4f096238090451c6377b5cb5917a73d8c590340d30ab5c9d7d7df168174d9998530f7d6a7fa20bc2334c97fc298703584a0c6bf3f7fffdfe2fe56e0af6b65bff8cf0f80f1063b1a40710b7a9e4325b9bf256c08beec419783f2800ec147a63d44c13ddce246f8bc5ce45e82bbfad987530ffdf85b8796541cd60601212a1b26105434f2a697548966e75deb285fa5b27dc09a75b1e7f591d8ede4bfbf653756b438f9d767eb764d1eebe8bdf530ca8192448fcd442852483bd758a5d2535c8ae4c22fa1b2bf497bf952663c4230269e2e41e3449734838b460bbae1f4c390bc003107cc4118860f0af138fd0806d779e7a53039052fa3e62d9a34eb8b9146c36752e75612754a9a8df21fe5b23b93fc545fb659047de3ae94cf92f37027015df59e19ea910dfe8396660c8f595459b37688a0d97bd5e4c6a4f4d8703af227f46c2926df0a088303cf4c23d5358820a876707bc841a6361f4d606bc1fdafd22c6d86067706af0bcc09409f67dabb3852a672183371c3b4800618dbf187b0112989a22967237c27adaf1c4b86314f19a15029518299b5516fd4348441d543ffc94d8ddf4b0691dd2b8243a987a2d1499177e5a496cbdd40c8add24a4587a5e", 0x1000}], 0x2, &(0x7f00000004c0)=[@cred={{0x1c, 0x1, 0x2, {0xffffffffffffffff}}}, @cred={{0x1c}}, @cred={{0x1c, 0x1, 0x2, {r1}}}, @rights={{0x20, 0x1, 0x1, [r4, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0x80, 0x4000000}, {&(0x7f0000000540)=@file={0x0, './file0\x00'}, 0x6e, &(0x7f00000009c0)=[{&(0x7f00000005c0)="ab8207254411a7f67f3963496802eb6a323f278a0e48a6734bb625dbf3c2005b57fcee677496212ef817cd508eab38cecf4c64db07708495f91c1cebe4d36467479eb1082fb17c138de7e4ef56e361cb466d9353588ce5f5f4e34c24a30af49e060a9464915d10748e14", 0x6a}, {&(0x7f0000000640)="90a543e4c18f8f81479f38ffc43fe821b5f94fa6af00aa200a5406fdf4024f3474f75b33a4cf55633af6d1e6b4c7a7b84a2f33816c9d3cfb3d9ec85a95bf594c478b465e9af1001dc31ad3ed1f1639634e084d61c3012edaede383378692531d701726aeb3de5870310357ec2dd4877f12ce3e342a5c22148a707b96ffc003a77596720aae45c8a8eb404e378831baebae30329f52ad3d5ae094b697dd6f774132907e00", 0xa4}, {&(0x7f0000000700)="398bf6cb147573f44b546f94820c3ec7b7bf5b7f33d3a6393c2bc128173e904b81a27d0fd1e070ab9947f4cce2e6c02f918afc9136139eaaee2714d96883364bbe1fe9eb64d6a00f9e37cbe339fbea86ac85108b52ba36429924d72654950dca2a3ad79a1667e131ef0b0c278890eb01147a918f44f96b93116c0a3a671307", 0x7f}, {&(0x7f0000001c40)="d619e947e210fa0e5bf70ce1a28f8ff17a98f840c4587cfa10d82c8e9eb91b9a41641aaab28e77a06207878d959abce17c280c93a957a39a3df7c5b6b94fcb66c8310f186b8a00a0ff2a392665f47465a04c9bfd1d8d8c565b83a06b243ad089fcda14067899e0099d6499e0ee1e4d77908303cbc2fb7c55777ecf713aaf49e51bb8f90dcf9f76434f3cb08a3ac868a70d5fcd5f97f6c6ecdc7e0c7f734d9047296dd7253def59f7e9c183bb3e9b0fad91c4c1b95450539b6c2f67afb10eb79b1d16b3426e2efc6592c05c70a87a5c66156825c720081289a2fd226186f9ce52f95b4177952a049a7f2e2342fd81604c69cfb1e4b770dc28d9dc74ec6cf272990f8aac61e54f6676d451d8191b3601d1bc6400cd3738f35bdaa164a034fb1b74e66f7c45646763709817e2c0f330162b0ecf784191571f1de346c8161d17e25b1a7bed4b7cca0d9deae4a7c661da59206cc5251268a0fff7fb33ce087bc92f6a36870063a5d6d8bc8addf03da820776e52576fd45fc4e06b50fbff8ae00ce2674b7da31904254a85a2d842d1a0159d2d68523f8c61ed0f8d6afef08fe3aaf96bfefa8da1e71609952a11a869a288d700c2bf6d9728e464f06af370c884e68750fcc84cf37440ff83cd0b8114ed0bee4b52b4f322bab0608de4921417efe205523129dd98bc6b5d811d240a61283db92ad22c2ee8b1d256c6c2976db38e7e24dd5c3bb0228f51b8d1f4bcc3341bfd7c6e2a469e4b0bd4767b503cd50f64d956eabc203aa1ddd570be3f139d4f27e1812cff3929b287fe8c3a97edacf08a1e6beec525375a7280622c446cd7b418329173eb5e7558df8e3717d752f7ae15b583303a560d082262ae5aee081471970bbaa9022ec8c5bc22d1e994b66b8ff7c3bab8d26c012262d6654373d78995259ced5e9057114c71a8c0887c688efc206c7b665e786aaa17618e0fb7a3245684570f9ab89af8ab2f746d6419cb7dcda37212d3dad7c5e63108ee025403d35ee7d15e17d3ff930feff09676019d7dbbc437f10a044cc2c3c131f4b0c9951d4ee0578913b2fe89758f83573a0029a37eaeb984e298a9516bd70ac93f884653ac4f9e2cb5a21df40572e2ec24005c6c7443d3999985dd890d79083a083bacac7e8ac13f6b52e2e85aaaef5e12bc62752448f6337a8741b0bfdc8c990c69ba2fa972ea6ad4be7609eeca4fa93c08b85943a68acba1fe97bf5ba745050b69b06b12e416873f943a23444116bd89fb53a9496cb380a0197e732d2d20926a0077765fbf0eeec9884bae927981f3498a3ceea6ac07f807da7ea38e177f45ab6c232eefd67a8ce82c848bd24a16588a4286aca01fb3c24622b8fe9e820730f741090925ee1be0642a49ab25aa12743efd538eb46ac939a995771998353975384e446f1dd062645a5c43d923b1d1be5eaeba2400f9dac3880d3fa0708c9818824ba993460786b947a205417a503cfa3432f80ed793d6ee297def1169467165ba2f8271597f321fec4e790044bdda961e9b4fc49b608f147095307aa5c507717c36c7c39e62012006a7b52a629132535ca4d76dbd2896c8c70f6e98993f82209df9cbec744123f9f6e89ce3cb2f1ec055483ebfd0eb3b004460cfdc0019b2d4fc9d99a3d02aeedf7fd94231fb2bb95a2a57ad68017e2afcb4efbfa52012dbad38b562f006d83e7ae3664fd6821d4e961dfd63d143a55aabc63e398dad34f970479256f744abd95dc575ea7ebac053f0c5adad9900e9a9d3b3d12b6b0efc1055e81687e9b3505828c900a7c38b40f5c1f2a0dd4090894cc8c3d3c7eef0843fe07602d310a85809747b2306ebcfe4f9fd314ec87636b81959931f68eb72823e3e4f380657f6a9f1eec22911fe0059dce76758ad3e3590713c2338103cc175b18a5fb3b89ea5f3eaa3c66f1fa609281d4271a6da467257e7e4b8b0f821016d5b71dca2f784bd5b554c6ae404740a7b2ca621fa653f3048dbbd7fd471a95cd46927fc02f5bc49922aa65326492a86f078c4915e12bdebc75e6967c18a020d87c4c6c4e48657daebe9ffba2af8ae6f70bc18b6f00ea59791a4e0787b26aa7ec7225a00cd6975b65a2c994001627dcec3f2826c9b3c9f64f82b7a7644e917abda53bdf13d240d580ed8725cfe7fbee490f059e024042d95bb48600247a335da0a86a02d16cecc160a1535f4475e993807ddc922fcae732f5c1a4f963421a46dd715f13e3b57ee6451997e84ddca8d9684f77d3ca3c6bac2c0e29b833942a93339cf1436acc7ca0f98f5cc99671234ed93330f391ad8b8977fb672b0060f8f32a240a08e1a39204df8102e86bef172713d6890a4d5b1cf17934a7eca5af66dba7ce1e6d6a36bbebf6267c70bf8d5b566376a87c34bc7911dd9a69b3c84a0eeef8e61f5fb5922b11fede764101debed9340db206a9b52447f71b4b00f29c391edf290591181dc83e7ba8b9bc8155ef1da9d8877a23e8d3a60f15b70f90fdd62978098ef1f053e0dca52d8ab54b975e44265357d149ea5258b830b8c611ba4a0d1c03e280e42140b06d4352cc6521e265228a0a39e90e8127170b6dc732dd40cce3177255c79f3f31f08b9e0c580b2db64c0c8da9eecd457d70d254c4fb049d889a6d9df93c38c7a0a1be8ac9c2afcceea28fac2b513ec57535b60b89f605502b92d73aa110d2a8010a0f33296b6f1df742ca072ee579170d96752a44deeaa63f5b07cb7c8aa2ca77909820ca7db58f6c79763493e83e2a04f319f8b001c35972a18c2ca3b7bea6c84077d6d0a5b2aaa170dd0d39cd69f940806d1a014093eed5aefb2b7c361200fa0d5bd1f95139dce0d1999b25476c10ccbc2770a703abfbac543c4847a97fbd7cc8b98ae96423964521045294e32c32ad428bb3f6ddebb836c072bf9619bf57f117483c5b75ac914108dd8f4181de7ab9dabb4aea7ecfd9dee7483a17107059e6c9d0af6ddd6aba3cfc0b4e4c0991858eb4b822f24ae985eb6b87db917c3f92d66af80814bcf6e2e687900b90398f12235537bebf44060d6d870c928d884e00362699055fffef98e0996f696a6c0815add2bf08a66b85b5eb6891ddfad4545f6c272e5d681187b41e8ed2db85b8f64ef685ba40545ea858c2f97ac9af5064ef13844fd38f21250232a5e27fbe4133481eb3b7a2e7319eb5d4d58ad5feed6f7ec8c1935575f067caf2bc27f568c743137a3ea5487798b81574aef006f56bf35816f3389830245f026f130cb88d0412819b17326d533373129f2b405408370e3e218bc8dcc5d59cb4fc348289595b3df75f0c52492ee7aecb706a1e7ea76f5a0cf6628467dc405ded73a76ec26e0ff426690c70e0306bb39422467afd4eaffa6e2aac4f7d6e89a93dac3eb359257bce884b0713ce29def703feea7a10efc18a3f7f66b80423e1266b3ff791467b8c096517418460483d40ac8c081bc530f9ab3a063960bb60a1993bf1f7f64bccb819d1d03e7be3586caf105e8c2cdc07ce8096f0a5008403042b96fb42a5961ade25da24c99fc9d9848150a509d0838090f944522df6d10e565f85f89edca9cb67f46d053dfbd82460969715fa77a4800b91baa4125f6fb62d28148efae393ff3385f84b20ebe899f37dc1b3eb3fa0604baaead202ee030305ee14837c388a1172205ece8ea5da1d59b47263e76ffebf7b5c3804aaee5b9a68b48fad19f543b6038026c91de33b6b783c0a41bfffb67bddbd60ff12976a446401f8c526991fe06ad2a7b0b660465b5a41d00e2eee4972d4d3cf9f93436f33c670480ccc79bba2ce3c440a2ab1a272e3bb05427831a856fbe5f03ef7e0f23db2e77d98874667dec28f29fece6c63064a27749789c387b7fc4ae03cd84690a04f4f85a7ee87bd1596d0a3fc3863cfc80901991e07e5231e58de5bf0bddeffc9b92d61ea04734aff88a6a71701369d4c940c3afe9a7cc77e1fc76094239b53f9bc14b515f8d60d5d765a88306e62a3ce6e85eb1e09b482e45412998c9af46b09bf05b067965afdf1a383c99e99b5c544a1bbb2fa0e52276770e0e92061d42bca8514b72e8becc8c5f28ed666a9e355e4427e393e9d10faafa96b9719f1b6135fba7a9b2d4e788cca8e6f4888217feaadb786a114058aa146eea8f4238983361be81f3e1480b847a4b0dc22dbf1dc6256d291e0a22b3b111afcdb32a68e928de2d0d13ebca14a9fa84b124f0cafd8215df14719b413849507c920b9d63e3bdafcaf87d3b35ae2f903867495f74096606fa7434e70120f778e9fc6501ab43c87a0fe743190af4e60bf17cdf59d852e273d0a55a97a05d9a434aac2acd077cc974ee5d00e22f4d6397f97e197af1016e3c0a8cc633132c4edcbde0d4b3d40e275b7f9f5713db39fdf611a3e37632c64ddff9b1faaba4829eb8eeae7e5f7857ab41b9437b451c6b81d9f6bede6271c3a088c611c3ab1a6206cd457bd22e8b619a9830c670d341221103e25a1a6b7f5da5016dd7c2e766ceee8c86579415b662482f08bdc0a2d4c8fac13773d7782d953a08fc05a7325748f67b300e8d0ddba4d76db1b623efaa77ef1249b13944099b9fdf62edb12feac67b67d65bc0161941a2c856fea0c305d33650fda70e160467487353e7f8602a19455ddd74614393abfca36efef501af9cda235cae3d08acc66bf7b6bf3b6b9c257955ca517fcfd7e775bda2487fe30b07da866b3c4b17b4ceac2e1766a7787f67c8e25ca782e7fe5a0b733102e7451b8ffda74ac8209739100ba8eb983137912e6be284f663ef5422c2e871cfcf9bf2d8319742591fef72e22b75817df364ece9e263d56cc7219b26033c4a116322387b38dd32eeffd915b69e81808f77506e8a5157440cf3e41bc60e41f1c8de3c4d15ae08c4c3f07db012b6924ac4ec6187f73f72cf4605dd966f52e259477890f124d456a41d74f8ab11031c9495490cc1ba21e9a80322d9606ad19b870ba085167292244dcbe3432e18eb7d41c010e11cafe8a53a8de946ae37c807f447c9416baf94916aa0a120605ad16acc8c0818b460ae8af00fd9a6f1d4a59804c9aa0680451ffe07ee414acc5afd55d113e4c11c5557571876daaffa717e772695a1dc26aff8004aa607f7f0656105e865eae8661207e6a3afc9cbda018b1a8f2fb13c2b773a5d5f634f3b413695938dcc6770f88c1c7b436d26276b3c561ad2815f22b14f81dbe2efe6b8230a630dc81145764e8658f6be06a1d3e73c111d21d8a252896b8062fa288326aa68a507f2ec7482bfecce9cb7422369d45c546fd6c60909cc09d03530aea876a136f719f41df392f3f7f11ad1774c005946aa33e204688b2fd3bd0444c36fa236056b3f734af3065404fe197be2e199a57647f43a0162e5a916701f19120516dbe93fc50c9c7a218a622ac49ff8ad7dc438c78220ef7cb38fa472f83b2954e24191b40786b6f895ccfcacf65ac8045b8c6e23535471d7e99453a555fe278dde1743e5d25e1ff5ccf66c0cd675abe99aa3ed08cf03dd66998541356395e0b8759245f941daca9b4e61a5cd04aedf332723b7f438dc0db07277d31287b88f85dbf6186a6d8079fadf897a32dd8365d6e4132e7d940fb05660064b2da2bede9edbe4f3e4fdb652103381f44e04585e17d7486c5117d7c287665bf08311f5d631954c00d1d6edc92af5f2af6da5a2f8cf449da473422b573f2b0e2bd52309d15061b6f8c82bc25954d615812a011137a78a6845465d085187411c020dc3dd6c5f91ac5c0992b82763eadce9883f661eef9c862ecb990d852c6b455fb8cfe114f0598ec7555b17", 0x1000}, {&(0x7f0000000780)="6db18e1afc5e03b44c132c3c13263b0f085f20fac13d0b337377ec64146452f3997df8dfe2e86d3b16e04ada192861607b8afd777617cb4af57457d55c0c", 0x3e}, {&(0x7f00000007c0)="34cb26736e86a94a37defd0a85d11b9381a4d4f2ef29ff81200cc54bc0ceccc7cf2a2bfe923f7f4d748f91022255218e827b7c848a5cc74a753465f9fa98bd730e32d15287aa79dd700d732d678e3babbb52ad68a89a590dde00dfe33e3280f3776cc77f1cfe9dd2a21aa3584cebdc45738b4f9588b1f24e00b13c5370ce8eb16621932aaba5389dc815e90365acde4295e3252a945d51f30e4c38497dd4462deb9fc40600d633ee01ccdf58c13030f3ad1eb9ee0e9590d27e47bfb70018206336798a472d144aa039fb376080f52c112bb5d2dd6b0139b9b853a086072d901407799cdca2d7b0a9bb6c2766764afc0a099d11f2e8ff482456a5", 0xfa}, {&(0x7f0000002c40)="49ebc3a64e9c6f24949082bdf777c5d8c086bf6c2d0750c750c83bfe3e64b3031a9e174077fe9cf74ab56ea473603723aa631f6d2429528b7156c33246eeb1f8ee4b8d9b58f0286d25ffb45244384360931efea872c7b20afc3cbed6b1e83ec8b6f0e178bf008c9bd0bd100216dcec94b1aa5406ff255604f8f5b53c109a1d522c755677510fb46b6dc421cb94c1eca9d0d5d9df09df72c886892b81c5cb3c13982ed3909a3c84416ba6be442524fad1e42f37b0fc959b38962233c0d7b9a883b723df6052c0b2be53333546c07216f62b264b385a835b978fcb426864be91b4570bad3c2cc60985f66a7f00165cf10d48499321cb56093b34840cb34e244ec96026e593490330e1848576f0efb3dca3ff8e4a7b7630b1607e2357d8180fe2c2172e374d872965537b9ddc673a518bef1323fd383b393ca82abe2d5b0887c58a1744e0184c0711c0c787370e0c601612596ad68a12cf07f4b71a730b27a145397c8d53c9cfe53639b446749dd4bc6d10e34a71864db2f0b69b51dd1dc7629dba60797a7e32fdb89684456945ce13bc7273bbf7d1f4d5991132b73956308ebb856743e30cb15c671d4263fa39f5f233ca4f44e9253e02e51e9b7984be2309622d52d7a7a3787cb29ad568c54e642f06935ffc966bb0e84963b1a133e68213e2e584dd8c6dcc852e00d02c93585167233e9399a19161575a67d6e978cb3860d9c654763433e6d156df6f2285d993a7e57ffa54d3044d3812c6725703beafa7b3f4c362c5c406bd5ec5ab1e5c530f798fd8ee2859ed206594668d35563008c158b980272a76d417dc1358d47a99826ffe0f87214d7e293ef01008ecdedc6683f460fd1c10242782f49c843ad76b83ec7a06c03bfa80d11fac8602ef45b20288c088aefb8ae984eaaa3b6c0af6517eff85481e80e69ea8858929ed4877b0337f0babbe01564fc21d42bf10e60a7e8f74ef4fa365ec55d46367645a013aab2134bae9bb31bca925cb9db5dbab7b9b9b109d14d7a6dea6c8cf80aa8f8ba4d5e881823208b674e77a6553b728d26dc8a76ebdb3ba5ebd964d3f4eb58afbae58248e7bbc6c662a3bcee599c60d952e9ef03331bdf68b2731c98209ec01a3e25d923b2a9ca2d9b526c5fff666f9a79dc330c69ddf1b0f9b20476254ed90ed87c111a12ee6e39c6486b429ea8ad00c366c8cf9cfa1031449f5cddd5310986587c8bed1395f366db597825a2074967fdccd904226f4ee48988655d9e272c0dc12f07a65af9134f88982a936722824df577f048e77d3abab33c522c192d5fa9a65ffd9438a9c8cfe9833a6b94551b12456841149916515948c691fca11fada84f23220d4ad6bddf62fbb3a0a9d1cabce9e0e678f449e342cb7095b16823907b9c943fe38cbfe8d522511a4816505f0f9d073e8a5f4f6ee008768bd1376866e62299e5763f324f79d6b6ef2b45c90198435a44a5859ca00568b693eb403343f925352a8536084959d2e9fae7b1cdf54c6f1478c98cf8a993944660f0e63a7082c8d1fd613ac22bca87c68a57663241a2346d92935dfc180852dc6dd0f91c17449d86ecc66c02317374730c723bdc2331d3e1b6fa35133b40a7102cf942092cc993e8c754337ea56b40c9e43b39e8e911c2f226a093d9db98de5aae73e9dff5e7a0f5f415d47f8fbd62207ddfed5eba97434e86ed75311bed97dc27296ca4e3d8f01bc0705a98f8126b9b3eb13669535b2ef751f9ada6ea7d87700dbe6909f0bf080a0962717f299be153cf30651ee43fe0a47428480e97e74f0cd962eaa524d68a903f2f451b2f744504a8500d3876d78e1b81246b3978ae3f33fd15a19b791533056d9054214fbbcffb135dc69dfe0ba2eef634667382a7444f76e2f26ab6af99cdac80fcad8400d20bfcb62c58b7a75f5358d93c76681793ecaa7f32bee20c87c6a67a4f14b27aac1fcab76d59e56a3e7c8a2fe23b6ae3e6910b2d110bf66167ad0569a40f30c69313601c5fb193a6a5d6f53122352faf2d4530098a12f7b19de41c398f021391e139ad3d2c96e0c94e79c5910fe4a0c44ccefe5300f6d50313cf2baa736897e7371ff1c920b61ce195d91ff2ef998d719ac0e8dce86267248a26adbce2b0e66305a21374d0fb57e6370852f0efbc39ecc8438fd86db4b89a8fde38bcc210ce816a79787dc7f5c77a4ecba4d8459664683ae6f1496faad0c5fab018dc0b1908db99f2d496e76c485306298e51ea37640b3c65bc8b7157198a9fd2c272e44f58a4f85e978d33417a43a6c8580bc05b8d8c875ded342e834eda3134c9981b8be04ece7317f04844473556dc7c2c06ff1a1b314ffb0afaa1531aaf68f1b0282b954dddd178cceb06586585d07692624d92d51d04045646d0346c8893382ff35dffa775a79c964bdbb53c2f20776a25970a767e4f1a965943eb8e403b4021a33168254749313a2f3438b8f4cac960bdaeb93f07541943d25d7fa0ca6d2d53719504de3b8f0c22c5c1843a26b0d73196be59c4cda425fd54d6d308ec3b1e27607f699c1d46137d27184bfbd916cbbdedddfe665d9192d522bbcec7861f4c0f713db8c00379a837b2c305ffcd5ca9b672e586805ba7a14da0e82b506d0f9bffd103d3456efba6119a6586fa2f140b0a817c3697b1d1b172326827f4e3e5f7ad26ffcfd2912fbdea6ca55adce5c26924c1842a2f72bb98b98bb1598a3ac46cc04d46baea06549db1a8e8acf5f9959d5823bad2d98d54c46b37a1b5e2233251633ff64e64d119ba20befe7783bfe17c74965b7593941016df552dd84d02c59ab67ee811b68638f677f03eae19faca5b326d1e254ec65276523615a590660a346d6ffe754c52677078f576042577bf9e5f88a13422137b988635bd83121e42ea5633ba503b0e6ae1428445a01172a1dc2e0c1143a65b0b992463fc2b6fcaf4b14f2685c535864f6ac39b3f9d64a0a6122ba90ebf5390ec46809a19f790266b098c7769589c326f2c8238f8ce5268b0008bac0af09b98fec403c642f016d867c0cd1b5ffda1012a4f896809d276c098ce3d438b580ac982692d953d7b558d0e9e644dda6fc41247528015d4145fa3b9264707b151e75fc2d00f18b2734cd8bc1871a78c6fdb2814d1f7bca1f56cba7b4e21cecd82c5c2ce4de8b40dd8b8c88979980086aa3416ac006f139c533f197ef1a1b5990352f67133f12943494d72fc8a836e025bf3203f2f51588e7b2b70dc9ca6ab02c3924056cdc74929d28cc8bfef91bd8858a9c9b011d451faf9a23285ad1ffd4e20ce7a19013a867fc3e04cc2d37f5f64368aff9c45c868aca5103a94656efddfc4cc999f833d211ae067c1ddf983c0addcfad29d0f0c521e541e40fdac903ac13e1640585c81691c01aa9d86d760fb05a70de1bc6beb1c124ed92da415beab19c64b32a40f623536d168860c983f7afc5b6b8461ba1bf09b2d38a226b51159c46abb6bc394f3683124816f4fb8f75adb06c0d2f5d47a749fbca250d3b699fdde1411ace997146fd4a6d942a22865119ea013e580a8aa9e1edace7b21ae4b1c2aa61cffbf658c207d168df3864f4ef8607319b78432ece9d64942d31054be3e30dbe947e4aa57030e70ae6dd24fdc9ce977a4ac0a878cc5c0ad926e353485fd231becb9e08f66f23a37fc77dd4c2c080ef4a7077090f1793489ceba97f5308d74b2fcdd65ee7bee0e3d1b2a6ef1c55d632c17340a0888a325305817603d7224f4dff0667b2344c9e52062513b43d04a8afc3c8121aae0c7092d845c69a4e3723ebbf2198ae0dfe7477219dddee33c34704f4c9a9d67aaa1c29b720e9838313e2a5ffc47caf25435e83b53a3aba32c7aa2509d1a9855ddfc36939d416fcb55025b769fbf97099acd74b6950a21a0d1e9eb7f254bec72ff2e424b676200df6bf0799969a65eae3dd8096467cd1985ec158beec864423f7b6044ccca4729dd46f04a47c2dc87934baf5d1311feeb91fc3a9e0c040e29ec56f8f87b2b29abf41eaa2fbf3a62e9f34b8a9e79761be7dd350c97673298ca5fa2f34579516b797ef1c50b61eb284b61ba34c2820ccb352b5332e977d33bfcc7470a5939bde7c715acd821057c6df1c151a285a1f91806f1eafa8dae99a0884f854fc39762f80e5b412e6b596655826c31509af97a472fe90457b8c9ab9e5f43497c9c67acae334dd10bf93cd8dc2dda88b5823a6d5ff82bf8ef1b15329956d744728a068c41404bedfdb8b8a0e57719cee9fdd1211418d0c66aa969585c1b8225ad0c4dd4392fd05bebb036b1c94b5ea825ffaad173fa404a684bd51ddb507a9ed90542169e822adfb080375a8bf945a7bc84c63c09f0112821f70b2ac8a0f217eb5bff63f5b5858fda4ebfa8fd953e5c3bafc1bddd420115ad5a33a4bb0b94915a656cf497ca22e95fa2a456e1fe56701019d37ce7aab867523815197f6b284b907e05651d1fe359941ec2bfc7e653ca557b07978037a3a2964fc5a176e58e87125028003e4c8cef1e167a588a3fef41cf77b01f30443a5350131250d6e683e565ea69a4124c6066890ab5a7118cdb2157b9a7821ba008ab44381060d2e4a68dadf5ea41cd8d7a50fdbf0b8badccaba139a2fc67b795208678e9e549c28067e0d817723d9ac90c52f516ab72d33cfb796d2f262bb31c5c14cc2afcd14f30e6007ac161b969bc3b8e74b8482ce8cdb4b0870458e5b241bea572111d51f2e1d731de402207abd55523839896bac1d24bbf8c91f0f985a6877f7b4973fb9560945c9e870733ceacadf18f36c3da0369497c9acecd2a0e2db648754e6b18a92179b6c4ece41a96b4f1b8b1aa0ae1a112b6c798a3900440af1c2df79022c0e9a43d5cb2c0a6213384464dd2458a289b7a3109259bc643f80b71997675590322e9d2e29738d92b88bf35ff6eb20e3a9c38a0c8b7e7e734e93dafa35ff0edf1a3d8c3d58a81679f59215cd0cc49a47e62a43659135feef258bf7874de9c48bc13ed41eb64c105f46612d64ef1c2404adc3eb1c88bc181c96d73cd541bbec239d226766805c4cbc45f00ed681df903d8ff29b9ab82a52ec1b195b51aa999eae173b012274a8d90aa25fe2fac5e3ab1f2d91ca0b13fbf7136207c9bbfccecf0e2d643f7e8cbda762a296602732fa20b3d46f408ca5c49588b3e1ef7064d64549f3a8df81271dcd56bbc38fd76c8bca8f701fec9363b8b28ee0ab7ed13bfbcc4d392a33aa223981795b9d63ee67ca749106627f078fc847e736334a9e3a805fa4534200b8b6e82805e1e1af4d13c1adc4b017959f30c6ab5c0d64126983773db8da5c4844136cd4d0444cc9733c212b0a5d7f79319508218f7c6fcd3e32091fb2b63e12b48a93b602d4ed59e868b48f4d2ec033f116324d04638a066265204232721502427b2f575a405cdea466ec155d3c6ad57ce21ad56e77467bc31902e69d6bda5a767916cf6ec4f3be6a2c9a52588ae2f614bca46e5483f4684a8864384848340fd88d8a1ed0bff3cdf80d6686fd41fc1cd6507e1f63946757ace9e2c834a6e3cf4838bce02c237699d7bce85813d5cef3e7f26dac297ad6ade7f87d60e9bd8e92097766d92c4b35fdb60bc467796b5de62c7341491ad3c4145aa3fe092ee70fa849ef003b84d200136292a6beffdae7daca65a3bbc9e7bd4636a2fa723856c8b202eefe0854c75c809d84242657ca05c8c2ce4d6d19db360fa8ed3e4e39a4a154445e9f6a35c8c1d4aa638aaca969594fa50e46f7f5828c07f050bd45c17bccee5c65a4c4069057e9fc4d8604ecf6fd218ec1f9a2a5ed1a5613a474cb", 0x1000}, {&(0x7f00000008c0)="a82d25f993ca008c138887b34acdc8af3febab7806f4fabb7a0b53f12513975f00ac61cc03b5b6b0585767ad68e50c34519895a5a6b4a8fcc80eb4fa8a231fa9639c339d3b6554a33ed98c7a1f5827427d88728ba8fb457ec843715a97704fd7f16790cb774e895dd173cba39d8e7a889aa5046f793b3414f1f985dbd295deaadb72e91ba4ebb034eb4754c3b1dd9d289c4d0d8588ef66c2717739d8efb2a7ba6901e832fa768d7794b2c16c8ae357435b16baa08ce8ff462ebb9951715f81fdafebfb50c7c8b73e25", 0xc9}], 0x8, &(0x7f0000004740)=[@cred={{0x1c, 0x1, 0x2, {r1}}}, @rights={{0x34, 0x1, 0x1, [r2, r3, r3, 0xffffffffffffffff, 0xffffffffffffffff, r3, 0xffffffffffffffff, 0xffffffffffffffff, r4]}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0xee00}}}, @cred={{0x1c}}, @rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}], 0xd8, 0x20000000}, {&(0x7f0000004840)=@abs={0x0, 0x0, 0x4e23}, 0x6e, &(0x7f00000049c0)=[{&(0x7f00000048c0)="eac517e5dbcf7753bd8702d8636c5ef67dbd246c1ab2d462d73ca6f85f86dbc1c753df4d379330801c686b7f71490fd8fc03565f2e1ff0c3c01c2d19d2f5c3bf370ea9e977dbf05d39cebf01bf2ef029428fee4418467cb52eb3cb3d5246ec32311e0f5ba28c1ba605a5532cec16e179f5da3b6dc3f5246d7fb04ee34b7b962b94338dae3ad5964e1d40b17b116ec9bef5ae089f8771e74fbea45f0f4c4b2e14cc5b13a40388ba3bb1a108d09bdbd6f412283346b0b701c46e6b709ac748de273083e98d65ab4095127b4523eefec8f6aca33a3d3c9eb3920d6972dd90a11767c08876b700df46d492abe22d349e7a26f35f", 0xf2}], 0x1, 0x0, 0x0, 0x4000000}, {&(0x7f0000004a00)=@file={0x1, './file0\x00'}, 0x6e, &(0x7f0000004b40)=[{&(0x7f0000004a80)="509ef486ac412f25f3f9341e319c7e0098caa359561d81d1abf4dd2c57046d52d1a71739b5f14b58ed0621524ae23b365e76d7ce7bab5b9bffdf2006aa29fa6bf728b24668b33388ae69", 0x4a}, {&(0x7f0000004b00)="4219ed37cba968fa02b5d53465246b933ae9c4d167e233", 0x17}], 0x2, &(0x7f0000004bc0)=[@rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, r4]}}, @rights={{0x18, 0x1, 0x1, [r2, 0xffffffffffffffff]}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, r2]}}], 0x48, 0x200408b5}, {&(0x7f0000004c40)=@file={0x0, './file0\x00'}, 0x6e, &(0x7f0000004e00)=[{&(0x7f0000004cc0)="b46f93aa2192150c895e02df70f9", 0xe}, {&(0x7f0000004d00)="643f138df6431d0c66a809fb3d783376c89c617d9a4d01fd36c2bc3a7e9a0942dfaee130c55faa244a55f9a899c87d63c76ecd2e253100d8fdd511d95b72ee3bffbe291ef7af95797de6cff3329f6366778623c1802234e1e07982445972ecdf839206927209ef41f4134145c7c7eb191dbad12bff263ff0bf2b10daf5553032e5669e7b9cde6c85f5d58204b245cba1a99fdb916cbbd655be83e4501f78d9d059066ea92e60c76749814cb7faa43ac9", 0xb0}, {&(0x7f0000004dc0)="d35fd3c48ca1cc41de8737b2a320e5bcd025638717d458df2e22489c5c3748c703624ff02b9144e7dea24616090a425e6a887732c556ecb30847", 0x3a}], 0x3, &(0x7f0000004e40)=[@cred={{0x1c}}], 0x20, 0x400c800}, {&(0x7f0000004e80)=@abs={0x0, 0x0, 0x4e23}, 0x6e, &(0x7f0000005140)=[{&(0x7f0000004f00)="962b6143e5deb5bd0edecab4fe285f5618ab60197a003d6bacfd9b2a4cb5108ace2cbc5d7c3a1c0e60f1ee560579e8a4e8014ea98b145858308040447bc1a939c8aa2e6b70594dff550a53cb3554a542c329497b175427f72ad4159a8ac67d41fe23ad8ad91c2fa1402c552a0778af2243d1d054f8bb6ff5e33918c3cf47cc764ae5", 0x82}, {&(0x7f0000004fc0)="8b6d1f4b566dc24c4f28f338fffc354a60d88551e27345f1598f3b49428e891d304b2186b8c5a76541984a0ebbd18da3dd933cb3ea5dba678365a63bafa11a984ff430f696b5ae27e2f4e10c8290f771243d75941cf545ffeeb5251eac0bebbf99f1a9b3d4d95a7d3d5bea8ca1b577c3", 0x70}, {&(0x7f0000005040)="f577ad371eaf36b861a3f9b989e43f062d2311b04388fef746322cfde0014f9f5c0d066937f0cc53551793b4d04c5ccf7b5015451794a6da07101be66730409a7983c124f3b96312cc5826d0e1f55fc9d31d4bdbe17102a5212962087ee6e74847b9ae0d3faed13b2d0929eab2af8078ab3448e403cf446eae5dc3bdb4b431083edf9cc5bfa10a50f777d2cbb3d67a9cbac5066d5b6675c0eb80567bd163c750820616a161563fce107cdccd78ee269aa8bd0e5f1fb986b6414fc8de94c2a6a11d5bd69b55842900152a", 0xca}], 0x3, &(0x7f0000005180)=[@rights={{0x18, 0x1, 0x1, [r2, 0xffffffffffffffff]}}], 0x18, 0x80}, {&(0x7f00000051c0)=@file={0x0, './file0\x00'}, 0x6e, &(0x7f0000005440)=[{&(0x7f0000005240)="674ac84ddb61d4789920819a1aeb781036ac6bf0fcf5aa1757ecfc27ec0905f054080bdcefdc5840fdcc4551f9eae4082266f8d2cc167ceb41f8eb91ad4e2d1bbc4852c60b0364dfcabc61ce9d085c664d3b68338c995710f0efe4d3a4dc116839c1f05f893c191f9185a228566ddc01a1a71f1e4087083885f2402c7ebf3497035ab9efd2cf1b9c49f4178413c59e7e4345020c5daee8c084d821983e87545fc6f97601f0ead4f4b43341f5d305d1c8124dd5c1ff110b5ae37cc103d17c8f89f9e294dd6af866933ed4fd8b094af546ff418bcd48f887d744923bfd73fe4f84d2dcfcc1d219", 0xe6}, {&(0x7f0000005340)="b36e72", 0x3}, {&(0x7f0000005380)="581ad9effbbaa7738ea8c53c5f4a153aea3bf14c30c2cae380f5feab47f7a8cb67a24a1554e32d1994cb57706f43f7454ce8bfd464ec84e605815420d938e7f26851e466dbc0bffa1f7ccca33569cde9cda9991d31435f8ce187fb19865931876a9b6fe04bd2624213e6681d177ae21d4670a49023fe73fbe2c6ad43c6f097ecda1545d10ba6af3cd3ce432cf76d", 0x8e}], 0x3, &(0x7f0000005480)=[@rights={{0x1c, 0x1, 0x1, [r3, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0x20, 0x800}, {&(0x7f00000054c0)=@file={0x1, './file0\x00'}, 0x6e, &(0x7f00000057c0)=[{&(0x7f0000005540)="3a88dd17eee649ed9a71969fad575a6db0bdd1c147f10a2f33e306f2cb8f3410dc383e01ae923cdfc8bd7541ec936aed96df1def808fc8f093389286f234577f0c10a906b6c4ed92bfb6e1dff88f67adc975dd2ec5617d3680373c2bba0ac9564300ab26d5f278e798d626f3e5259f36ded7072b1fffee4de44b5071744254e550e05af1ba7b8fe73b76246ead1ccc600800", 0x92}, {&(0x7f0000005600)="b50abce7ec0db7f1060f0c57a6e55383e5563aa42fbcff3423b4531fce4f6d7cbae140f770c561103003f2ff90be3be28b75874f47724b8d7f8b57fdec46fea448e596c41c46e1e3ca527cc4de424526f0c9520d2fc5a7355a5f82000ddf257a61e92ff8", 0x64}, {&(0x7f0000005680)="8bf4758f8dd926ff9590602064e57b7d6afe5bf80aca86e12c9832ed6b3047a8a3ccf9b9d4c820c4daf72c922025fd21245e5fc85b07785000d219b2e134072ac40b9ddd803cf0cbb02207c2787c833ddf0b8da06cd39b9ea694195f902e0a1325a058b10b03963312c05df74e03", 0x6e}, {&(0x7f0000005700)="3fffe40fef26b3c53ebb39fa5e0ffebd0087030cec56595c926e4293ddb5279791d5d99ed4b8b683a7f146f6444b99217d1002b7964c6265faaf3414d21fc4855857132bf0cd042fea0f1095d7babab4ab9b06e118b58f58ab44414a9f18dcb9c9002f48a2b0099d01971a6c03e48c19cc8adef67689864dc6f9d2dc125de9b69a44252597576061b8e650f9b786d78b870f0d61fe886d7bef26958228e167d7850a13", 0xa3}], 0x4, 0x0, 0x0, 0x40000}, {&(0x7f0000005800)=@abs={0x1, 0x0, 0x4e22}, 0x6e, &(0x7f0000005d40)=[{&(0x7f0000005880)="e1dc3f00ecd16327b7dc70deb6377b65a8bc3447cb907fd65d071717e85492f0bd70874656992f25e9ff8dac9d3cd9807c47dc139dc8284aea", 0x39}, {&(0x7f00000058c0)="81b4d026ceb86b7f0d096fddc4dd241cef90db55f6d650d850db1d4ef0d546021e83f770a0fb9127ee1ee229dcd7e92483017a2564a75cef10e1e947db6f7a7139b0fdd7244328882bd97895c412c3e231306b50fed9cf4faf9b13d717a3f7a7d2a7e6bbcb9fdf54e279dee943d48f46f9298d9b118d1e0daf510fa2936a842de8d291907291a8e52c92dee516ee3b5882e0beeaca4fefc6a79ccb0beada45b7f28b7fb6b6bafb40da2edbb06b04285d2f1d05488af197da770aa4815483afc368ee1ab1b5ace6f9712ddeb47319c4cf875478741bc4a7927cb0afa56dddcd3a30c366410cdd1693c9cc9d5ffbd76800", 0xf0}, {&(0x7f00000059c0)="e25f4964fcd6e37255257f8feecd012155fde645380ba792af2c1722b8ddece417cf71856438e2d18fa19ed451af10b5d8761a35b0a1abe2959ef0a75fb500b7ff9a64072f056f5ad3f48df9f0e6fb7efd6343b2e98f7db485e6810394d0c9df08eb49e3813937dc0ec8d7d320d97f347711a219ce34bf8a398adde2b2e1cc05f6ba88a06757ee663543a067fd898c0742c2a91ef3e74e25c85817127673df17dc29940fb9e8e3282b477be9eb8c96b3ddaf50a747d9d38c990f19c555c788633a706b669647bc47913fc4b06d9f7abc1e2443bb9809bfad558af28547ded4f2ff3dcf7870d767a3673ac1dfbea16467d65ed25febb7a2480706ce95", 0xfc}, {&(0x7f0000005ac0)="7aec19986425a02bca25cd77c78f96c90add4936ce6f1099fd137a735f2ec00c6b41bc6b007629791c", 0x29}, {&(0x7f0000005b00)="08b2140c26c5f40f7272369b09886c127c8b892b755e", 0x16}, {&(0x7f0000005b40)="014120823f9db50890b447f0756f21ab5ec8349444d2823a972dc07cfa4540564fb1b8c89f0f6b718448a1f0adc156c9f18aa914a1ecedf4c2b1b4d52a4e627a69a9510d7a0ed1e00036d93ca6f24bb08f853a18420c2cc4eafe04b26be91f982f", 0x61}, {&(0x7f0000005bc0)="0037d3894c2771b73b1f521d3b936078ec3e0b5d1a1cf8e7b1b77e9f57e2edaaa43d07c197fcae442ed950bf490f25a58b66cf0ba9962c15ceac42516be9196241bf0f1f6e1a6f646591e6b5a503b64cba557619619e5f4e31254d98068783ad32e14c85883f0ae031a714d83f547cdb3629f5d4f6ac9c1194cfe111457ab41a52972a36c71ddbbe21eea26471a3072d8f20efe58f07", 0x96}, {&(0x7f0000005c80)="899ba1ee23e5417766394dad4fef6c813bab3e2bcede807d1706b64f72b02a4fbed41d82423a8ab9c3627007984f1579e08a7862f74467f4b631244e712cb9bf1f", 0x41}, {&(0x7f0000005d00)="d35c", 0x2}], 0x9, &(0x7f0000005ec0)=[@rights={{0x24, 0x1, 0x1, [r2, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x28, 0x1, 0x1, [r3, 0xffffffffffffffff, 0xffffffffffffffff, r4, 0xffffffffffffffff, r4]}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, r3, 0xffffffffffffffff]}}, @rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, r2, 0xffffffffffffffff, r4, r4]}}], 0xc0, 0x4040004}, {&(0x7f0000005f80)=@abs={0x0, 0x0, 0x4e23}, 0x6e, &(0x7f0000006100)=[{&(0x7f0000006000)="67d47040469d8fc6fc031c63fc3cd80f391caaaef7e7d2c5e8156073ee4fa70cd4fdd90dd0fa4252c681f7e1e4f201a6e297002e2bafd394b48f36d18afd1a7e768996652931d2a0e3b13774bb4a5f12a2f89b4b84454e8f796543e3bde0ffb6e28c04bc546f98a69bcb54d85f11b85c072262c41c27b86f5c6c93f6e8c3460848a35e90ebf6e7a7ed1ef798ca7e7f2e8e6bbbd137bf7f77b87cda34c122f4cb25975046786ed520ef0f3654213679e6b83dee04ede2df59197deac8a8cf1ac0dd20c6ba077dab61d6ff9f7ff361f4e5c9ae5ad886c3421d06", 0xd9}], 0x1, &(0x7f0000006200)=[@cred={{0x1c, 0x1, 0x2, {0x0, r6, r7}}}, @rights={{0x14, 0x1, 0x1, [r4]}}], 0x38, 0xec69cc7196891af4}], 0xa, 0x4000841) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) 03:29:16 executing program 3: r0 = socket$inet(0x2b, 0x1, 0x0) connect$inet(r0, &(0x7f0000000100)={0x2, 0x4e23, @local}, 0x10) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) [ 787.451029] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 787.460007] 12506 total pagecache pages [ 787.464450] 0 pages in swap cache [ 787.468004] Swap cache stats: add 0, delete 0, find 0/0 [ 787.474001] Free swap = 0kB [ 787.477035] Total swap = 0kB [ 787.480110] 1965979 pages RAM [ 787.483299] 0 pages HighMem/MovableOnly [ 787.487276] 338456 pages reserved [ 787.490725] 0 pages cma reserved 03:29:16 executing program 3: r0 = socket$inet(0x2b, 0x1, 0x0) connect$inet(r0, &(0x7f0000000100)={0x2, 0x4e23, @local}, 0x10) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) 03:29:16 executing program 4: openat$adsp1(0xffffffffffffff9c, 0x0, 0x0, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ioctl$KVM_SET_IRQCHIP(0xffffffffffffffff, 0x8208ae63, 0x0) 03:29:16 executing program 3: bind$inet(0xffffffffffffffff, &(0x7f0000000000)={0x2, 0x4e23, @multicast2}, 0x31) connect$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x4e23, @local}, 0x10) r0 = dup(0xffffffffffffffff) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) 03:29:16 executing program 2: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8d, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000280)={0x38, 0x2, 0x0, 0x0, 0x8}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f00000041c0)=[{{&(0x7f0000000780)=@xdp, 0x80, &(0x7f0000000b40)}, 0x405}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) write$P9_RGETLOCK(r2, &(0x7f00000003c0)=ANY=[@ANYBLOB="350000194e621100000000000000000700f0000000000000cabccf258f89fc6da8c395aa018d83e0c6356c5aded74dc7e99c74d427ae85f25c5b80b95c85957da97fba0896741c3b4a18e6f44167ddbe0c0570d3438eccb779ee1311dcdfdf829060face36020a87829ad8dc6794ba8425204fd2014fcb7feb8c886459fe1c0d6e02cda33131a6a09c45c7436506c7f9e71402c4c9f4a71128e7727ee3582fe45a858994ce3dab322c7846ef0af200", @ANYRES32, @ANYBLOB="17007573657ac194cad3358c9a7cd054617b"], 0x35) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x363) perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x7e, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000380)}, 0x9000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x4000000000000071, 0x0) r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000340)={0x6, 0x0, 0x0, 0x204f}) ioctl$DRM_IOCTL_AGP_FREE(r2, 0x40206435, &(0x7f00000004c0)={0x81, r5, 0x10000, 0x7}) ioctl$SNDRV_PCM_IOCTL_RESUME(r3, 0x4147, 0x0) mount$fuse(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000040)='fuse\x00', 0x0, &(0x7f0000000140)={{'fd', 0x3d, r4}, 0x2c, {'rootmode', 0x3d, 0x807a}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) 03:29:16 executing program 0: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000280)={0x38, 0x2, 0x0, 0x0, 0x8}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f00000041c0)=[{{&(0x7f0000000780)=@xdp, 0x80, &(0x7f0000000b40)=[{&(0x7f0000000800)=""/55, 0x37}], 0x1}, 0x405}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) write$P9_RGETLOCK(r2, &(0x7f00000003c0)=ANY=[@ANYBLOB="350000194e621100000000000000000700f0000000000000cabccf258f89fc6da8c395aa018d83e0c6356c5aded74dc7e99c74d427ae85f25c5b80b95c85957da97fba0896741c3b4a18e6f44167ddbe0c0570d3438eccb779ee1311dcdfdf829060face36020a87829ad8dc6794ba8425204fd2014fcb7feb8c886459fe1c0d6e02cda33131a6a09c45c7436506c7f9e71402c4c9f4a71128e7727ee3582fe45a858994ce3dab322c7846ef0af200", @ANYRES32, @ANYBLOB="17007573657ac1"], 0x35) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x363) perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x7e, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000380)}, 0x9000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x4000000000000071, 0x0) r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000340)={0x6, 0x0, 0x0, 0x204f}) ioctl$DRM_IOCTL_AGP_FREE(r2, 0x40206435, &(0x7f00000004c0)={0x81, r5, 0x10000, 0x7}) ioctl$SNDRV_PCM_IOCTL_RESUME(r3, 0x4147, 0x0) mount$fuse(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000040)='fuse\x00', 0x0, &(0x7f0000000140)={{'fd', 0x3d, r4}, 0x2c, {'rootmode', 0x3d, 0x807a}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) 03:29:16 executing program 4: openat$adsp1(0xffffffffffffff9c, 0x0, 0x0, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ioctl$KVM_SET_IRQCHIP(0xffffffffffffffff, 0x8208ae63, 0x0) 03:29:17 executing program 5: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8d, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000280)={0x38, 0x2, 0x0, 0x0, 0x8}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f00000041c0)=[{{&(0x7f0000000780)=@xdp, 0x80, 0x0}, 0x405}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) write$P9_RGETLOCK(r2, &(0x7f00000003c0)=ANY=[@ANYBLOB="350000194e621100000000000000000700f0000000000000cabccf258f89fc6da8c395aa018d83e0c6356c5aded74dc7e99c74d427ae85f25c5b80b95c85957da97fba0896741c3b4a18e6f44167ddbe0c0570d3438eccb779ee1311dcdfdf829060face36020a87829ad8dc6794ba8425204fd2014fcb7feb8c886459fe1c0d6e02cda33131a6a09c45c7436506c7f9e71402c4c9f4a71128e7727ee3582fe45a858994ce3dab322c7846ef0af200", @ANYRES32, @ANYBLOB="17007573657ac194cad3358c9a7cd054617b"], 0x35) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x363) perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x7e, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000380)}, 0x9000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x4000000000000071, 0x0) r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000340)={0x6, 0x0, 0x0, 0x204f}) ioctl$DRM_IOCTL_AGP_FREE(r2, 0x40206435, &(0x7f00000004c0)={0x81, r5, 0x10000, 0x7}) ioctl$SNDRV_PCM_IOCTL_RESUME(r3, 0x4147, 0x0) mount$fuse(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000040)='fuse\x00', 0x0, &(0x7f0000000140)={{'fd', 0x3d, r4}, 0x2c, {'rootmode', 0x3d, 0x807a}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) 03:29:17 executing program 1: r0 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000180)='/dev/adsp1\x00', 0x0, 0x0) ioctl$SNDCTL_DSP_SETTRIGGER(0xffffffffffffffff, 0x40045010, &(0x7f00000000c0)=0x10001) ioctl$SNDCTL_DSP_CHANNELS(r0, 0xc0045006, &(0x7f0000000040)=0x27) read$dsp(r0, &(0x7f0000000240)=""/165, 0xa5) r1 = getpid() sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x2, 0x0, 0x0, 0x8}, 0x0) r2 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r2, &(0x7f00000041c0)=[{{0x0, 0x0, &(0x7f0000000b40)=[{0x0}], 0x1, &(0x7f0000000bc0)=""/98, 0x62}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000000)=[{0x0}], 0x1, 0x0) write$P9_RGETLOCK(0xffffffffffffffff, &(0x7f0000000540)=ANY=[], 0x35) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x0, 0x3}, 0x0) r5 = socket$inet_udplite(0x2, 0x2, 0x88) getsockopt$sock_cred(r5, 0x1, 0x11, &(0x7f0000000240)={0x0, 0x0}, &(0x7f0000000280)=0x5) setuid(r6) keyctl$get_persistent(0x16, r6, 0xfffffffffffffffb) lstat(&(0x7f0000006140)='./file0\x00', &(0x7f0000000a40)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) sendmmsg$unix(r4, &(0x7f0000006240)=[{&(0x7f0000000100)=@abs={0x1, 0x0, 0x4e22}, 0x6e, &(0x7f00000001c0)=[{&(0x7f0000000340)="a686de93d5d4b75f0b1b1feed30b3f21a460c05f32a0d970e2dbb0a24fb652a3bd429995aa28d155a7241a48461694965e92ae9f326c05cab1b5e9ea6c442b27eddff347f931a5458a311b94fffc948f94a417e27fd24cec31734276cbf89b706ff91bf0644342959d3d2b12bcdd7102811a29dac574eac366bff4b90be974e87d9af9aef95e98b5327513e687d988445367ac9bbe061ec430750e1b326c8c7c5d4e8b153ca7364c3761ab02d708f0151921899b81a65cf385c3ec36786eda67165322294bd2c3395b3cc721", 0xcc}, {&(0x7f0000000c40)="b9224c3f82dd15a85442ee009e8e950155a6f6157436c14ce24b908f896e81d9091aaa3e06fa23e2be90f6b2498c97776c42f7fc066c98dac10eb1a9ede3880694660ff1672ba3c9eb790b15491f1fc1792c20fee675c3f7664610f7077e74434c3a6a660a87b8e086f5d4b0ef47d5be70d311f26718d40846bfbaca1c3df295c97d28b8657430ca81ae1f281395d7acc4991620932c496eee82b7a9f28a80f1cc9335eb97d3de32f722109f83c8eedd159998bce727134f7f8adf4d5cf650358967b1d77a8a9384d0c597ab9577e06216d2cb10cf2979ed96b01df1c8cca207e70d464a6041c1bd632694eeb24bb19a3ada737034940236eac79bd925dac6f84d57fb17de89fa57263a614050be22be021fcacba737ecfa500574c6010006c6cc2d7343479b103c545a9060ce880a1409a22f6b7a032b45f64cc9fc823e8088326bef5bb01b505c96e6abb6fd4899d5690ec11aee09f1202616d553a9dd1b8b36af39f7b590b34067071b71bba9758f622971b899f759a7b42a0a2e66a59bd397f8b55b325b710f347e378a83b3fcbe3b505cbc8e392b8fd59cce0efc1ed5f851255976523406b951ca3259f8a9dc24ae0f2dca96c0a434da1c3d58e5995c853ba84838ef532ddd013474cab9a0227722695bf8d0ac30d80e01e12caa920b6ff7baeaad90a276661f09f393bdc1681377e12836aea483565ba151a6ab8fbdb31b55034d36a87fc59da9bc54e50e4eae76e751aa113d21af8a9b4d48c82a46671169cb668aae56b02ac61390f86e8d83231bb98980eed15d73b6069237d7781f2d2a2ccaec205f1ecaba390075f018e79e868d18a782de8ab8d2adcdafaadd52f7b64d43f804b24662141674e13edf70322cc5ad2d77dd968bf897a5df3d827fa90c6878b3bdda1837aadc53bafd1c08158ff5bcc8ca36321ee528256e0bb991254b41c4e731031709e1b2172d1ce04e25712440eb152b6c0061c13ad86dec295e187637524ea12b29aecc2ca0bb58cd584d9ab051c45c739cbbff9007ac36ecf54b21c06d0076b1862e2af4c2813fcf080dda7ddad91165e8d6b2e61d3eb235a6accdc00a8dd67b786b40d46e996dd24db412ea7549f8fe507df7184b3544d81628bfcc35a4c1f1752246e3bfa88c5d39dd7a9b90049cec6148b8dc5c9b757590696519ca41ac358307a5b8dee972b3f9a09b615fee574ae666945eda3ce9663f9a9e6ba1a2da04c41913fe8bd169e071c282f57be4fe024bd7db1874e804ac9ea6700c493eb332f01c59652ee9518c21d877e27bde02d06400a65e913b864f7304eba5d71926cc18ca9c256d07e0229fe66630cdd951292ddf345bf548a716fe5e68d9d19f5593741bd37de34efc4e52d0d10f2facf5555633dd32d13b8ef0c60ea9cc0bc2d390f2d4458343046a723c5107aff998904c4e543c2613977a90f562842cb1e09362301b30ab8ffa626144d4776381aec1b197b6c4266ecb1fa87a96ec013ea227f933c447b1b96dad664171218f78667dd0f3564ff175cb188417238b0a3e066abbf554db759ec4aeec56b8a014bd4e9807d7d4ae50489b9d8d09fceed10adeb4f5f3a2bb7a6d29ea5f4e9145afa8c352659f1162db29d2397a493d290ca4d19428c95f68d386026b28c7572ff0fb1a9b27e8f7af903da7097fb64ea36403dbfdcd8b9d001c4faa2324d5001d9328b5a3df9fc6974bd04b5ad8d9ed2a5e347f1fb43e4453169ad4b9da43c30c9651ae35e18b0bc1b2ba66cda55bbb4885cc09c42c0032879830ee44a480bbca719742f4f2751afab48efc958fbd7d15efe0fcaf9a2d016c6942f4e69f0219a36f41dc4d93c4f25509187b23c17abb0cc9b122daea5f64e264e2c79877f615463dc69a16c4b433554f5def59a3b263318e90ee1703ff1d4b1173b59b2091f2a166e44f6c5391a83af9b351f955992479aaa194ca117318a91deab56deb411ce7631b02dd0473eaba06afb10200870d5d7a546ab4c787e5f42284b52f7358c4d9b91040bdf570813cc46ffc77fb912d71fa32a8501f2f8daf8d7aaf5b021f52af02525b25e3341ffcdb58381062bf746cbe3503b968f8b2c5231d392bcc9b5be3a54233826b8c195cc8ff9f805780b3d055d404e126fee471f09c0cf2ef7ed29ec463cfda282da79119d3b63eb7a96b60a18abe0e0dbc114068bc6f1f347623aee3c83226dd79625c61b2ea0be4fe6af3740f9770c1af986f385714ca76924cca3b75a678301e3d97b4a070b75e859fe152009a2a0899fab69853c76195f4ba122b26213b66583b445fa9ed459083161f534778b29c6ec153c9f316b23e291087fa59624561c7383e18e8095ee8812e1e260643fb10c8ba9b73745d184472a99cd6e1d13ba81dd7d76aed9c394797e3ce18c07bfbb3494cf6da881de8ceb431412f49cab027f4ddddf728173d65ff0e23b9e106501985ef9a6a0543985ff404231581886858795b8eeef556b4750ac4678776d65c4bcbf4ede2ca6ac748afb0a4cc70702cc91dad75af98a58ba93d2237a1a0619d65c62dc3e0c3f6db13b8c6ff89572e9dadd3535d10b31648f922a081e363e8e66521cc78f7366bc44fa80b0144224479fbcd714b2a9e25ba2531dad1974439d37863a5d5c7a2e414371a50117994f48ca02293ae4495e9571e130aa9f328d6bb6967c4a58653908c47aa26856130940b778ec4cb6b4417d82df935da391d334da5c5a99d20df808054fdc86be4c01c07b0431d0af863cd00cba7a3372dc5f9d43ac668e94a1f88bdcb393849b3672cce8d5b8446aa2b827282f22ddce2c313db243f9efac7ac96027e81e7713fbbbe0bc30440f64a1b07441f6c517f7780364ff03e6e7d13a424c90c39e47d78c734cccdcc08b85cdf4166597520aad674c0905b57cd3aef5ff3a8abfbec258afdc544d185c3091c18d4599a872484358c1096966099767a4adfe3e3540546c416e654727f7d947796b6c345037961d549036b77e03e62e737911439f8d09f34671f620020f4bea97ee09cbda37bf19b37a30148b262fb6ab4b51ece42c2ee72254eb334cbc42558715f758bb29d9a94f8a056bb0ffdfd22800f8d6a79c47150e095646be25d5e3d9196df06f3df1b6b7eeb25a1aaf9b65dc0c463f585b9cf5e4e005f2c760ac79237641941e1588b912b1ac83d4fae4d3ac1dec19c937a2835450874a25c7eb6e2d10b7e84ac9f0d7882b7ced37e9fb36aa7344bb6c909276049bbdf6cc715d86aafde6c60f008fc3df3c3e71619c3e2417ac7101a8bb64ff3a025e7843935c563079c58a8b91fa506904ddfcac11f2d0e5fb0334d9eab3a06bdf46910f1ef876cd0fe54eea7bc8cbd9a723120676c605fe25eff73f6a745d14675cd892456edfa8dc23a525b2f713f950485292ee3d4829f59f45484a20448cad450d59c0f73af81fcae406fc3a5515a0bb4d40144bb5cc436ae1d96b3e1bdd9719b232d5a289c483b34bf454a5bb68ab30ec811b8240122a6cefa560458af600a8c4734593e4c4718e377002eacf7340969c7f11c911b23c4acc36767babb25379157021a1a9251990bbad26eb4456992ad3a4cfa9f9663525f7c4c1883ce948a6712f189981638a8fff35a0036ed591df6a5d5b05ff8f36da9a5993abb646ac251429a606d0ec4ec4a0248679813067c49272233fd72fa091bda8f2b5e61c49c11e30ab7694915a3d09f9f1d23ba3d0ce5a87e6e022b919a0b8ed2253454f2673ffe2820c93fa148b77494a07db992d6d024575f464ded366e363f80b96f05dad60aed37ffed56f8f47c7908d79059606ab06e1389be8e65df0345b587bb37af7e335295bc5113887bb197f7892ac145e97c628f425f2d5d742d8fe47fc2d5edb42ebccf61a3e2be64717548a08f5262533eaa30c4f30265e62539eea0d246e83d348b1774027a984f5e6002fcb25b7cf2a054ff3d9ba1de04847e43be94dbcefe9097aa38302c4359535b678402bab92b120ca8e759db9c9d84ac295e84edb84a6daf9d43975d0cae8bfe25cbe67e3300a0f1e79a2fed8588dd7d719cde1b7b1ea6a5d916ce7d788dc7799ca3e01893709082bd22117e615a99a8c77d6c751c79acbe57d8b209fdfbfb96ce632817d97d59c10b624307b163422ae4941edf7a5a09591cc34de946de2855e4874abde4a4982a1a465f9d8a469328b30f9585c3705ba0f6805abde35386bfd173222d69cfe5a0b2f59eaf12fb7259dcc9cf9f8fcf0dd35089cf2268afd05d012315c75a17e212915100fdd613e81379916a64a338f04d1edf45efb0a555e9de40fbddfabc3e794673393829b6e61141bfd624f7a01ffb7d9b85d6d69d49cfdafa4948ea960f48bcab5ad7fb3db057b317e50c4601606c4bf42e71be139eb35921938d577f3b8940b8665b09d016f3b8e1f11d0f8a02ba0b79ebc9f8405b4b31b70671c9b66ba0446f7a20dcf5dae0fd6a386a80a661191bd45bba7d54b499dfb4d78a6cc14e5d1e4fcc20b3a394365233cdeb691c17b92f19263051b4aca9c3f79b9a28a17d3d568ebd5704216e54b3464be6cec7ae5094645c036e2ae5b04c6d4ca16a6befc9a22111f5c87225abf42665896c67f8066af296e767868f12d7965ba670b3266d199d7706909eee51167028ef9d65041a127ea8f9f1538cf1eb09ebcbce54a703d7dd6eabcfb4ea0b719978ab5c2e0fd4359886c1b4db4dde9a6c811b0d7402af3ddcc9e24b032c2e4e9dcf37fd1953dfa95f8d193b6cb3f8f84269476084ac91303ef69357e44d8c542b677bcb8b0b52fe4232feab683118ef6b3d6d10b0df01f8a61bcacd7dbf9e0ac693d46f5a4e16d9759cbe792f504165ff25f29693b2090074aff7580201def863a190d4d971eba1b5add9ce3fa2ba0139b100eb090dfe535f07acb92f311d46a21317b9ce465654250b36e5cc9a0af8945edf565f4a6c72a6e2bd5d07d3ac2eb8e3681a172a46a2552b0ff0c409f40e1d3e3e07c5290368aef9474aa9b173a7f575d5017a0d42306687bee5b8f4d3d8612d0d9435901e60711c333f847c4000808faf3c2af49d83319a52fe5674bc7e94c7e17b42cec1c9d34798bc263429a76a0c10ea1b4753380dfe31921b602e5163652a4ee02ce431aa5c642c23802c8a63a60d8050d2cb71762ea738adcd2bcc4f096238090451c6377b5cb5917a73d8c590340d30ab5c9d7d7df168174d9998530f7d6a7fa20bc2334c97fc298703584a0c6bf3f7fffdfe2fe56e0af6b65bff8cf0f80f1063b1a40710b7a9e4325b9bf256c08beec419783f2800ec147a63d44c13ddce246f8bc5ce45e82bbfad987530ffdf85b8796541cd60601212a1b26105434f2a697548966e75deb285fa5b27dc09a75b1e7f591d8ede4bfbf653756b438f9d767eb764d1eebe8bdf530ca8192448fcd442852483bd758a5d2535c8ae4c22fa1b2bf497bf952663c4230269e2e41e3449734838b460bbae1f4c390bc003107cc4118860f0af138fd0806d779e7a53039052fa3e62d9a34eb8b9146c36752e75612754a9a8df21fe5b23b93fc545fb659047de3ae94cf92f37027015df59e19ea910dfe8396660c8f595459b37688a0d97bd5e4c6a4f4d8703af227f46c2926df0a088303cf4c23d5358820a876707bc841a6361f4d606bc1fdafd22c6d86067706af0bcc09409f67dabb3852a672183371c3b4800618dbf187b0112989a22967237c27adaf1c4b86314f19a15029518299b5516fd4348441d543ffc94d8ddf4b0691dd2b8243a987a2d1499177e5a496cbdd40c8add24a4587a5e", 0x1000}], 0x2, &(0x7f00000004c0)=[@cred={{0x1c, 0x1, 0x2, {0xffffffffffffffff}}}, @cred={{0x1c}}, @cred={{0x1c, 0x1, 0x2, {r1}}}, @rights={{0x20, 0x1, 0x1, [r4, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0x80, 0x4000000}, {&(0x7f0000000540)=@file={0x0, './file0\x00'}, 0x6e, &(0x7f00000009c0)=[{&(0x7f00000005c0)="ab8207254411a7f67f3963496802eb6a323f278a0e48a6734bb625dbf3c2005b57fcee677496212ef817cd508eab38cecf4c64db07708495f91c1cebe4d36467479eb1082fb17c138de7e4ef56e361cb466d9353588ce5f5f4e34c24a30af49e060a9464915d10748e14", 0x6a}, {&(0x7f0000000640)="90a543e4c18f8f81479f38ffc43fe821b5f94fa6af00aa200a5406fdf4024f3474f75b33a4cf55633af6d1e6b4c7a7b84a2f33816c9d3cfb3d9ec85a95bf594c478b465e9af1001dc31ad3ed1f1639634e084d61c3012edaede383378692531d701726aeb3de5870310357ec2dd4877f12ce3e342a5c22148a707b96ffc003a77596720aae45c8a8eb404e378831baebae30329f52ad3d5ae094b697dd6f774132907e00", 0xa4}, {&(0x7f0000000700)="398bf6cb147573f44b546f94820c3ec7b7bf5b7f33d3a6393c2bc128173e904b81a27d0fd1e070ab9947f4cce2e6c02f918afc9136139eaaee2714d96883364bbe1fe9eb64d6a00f9e37cbe339fbea86ac85108b52ba36429924d72654950dca2a3ad79a1667e131ef0b0c278890eb01147a918f44f96b93116c0a3a671307", 0x7f}, {&(0x7f0000001c40)="d619e947e210fa0e5bf70ce1a28f8ff17a98f840c4587cfa10d82c8e9eb91b9a41641aaab28e77a06207878d959abce17c280c93a957a39a3df7c5b6b94fcb66c8310f186b8a00a0ff2a392665f47465a04c9bfd1d8d8c565b83a06b243ad089fcda14067899e0099d6499e0ee1e4d77908303cbc2fb7c55777ecf713aaf49e51bb8f90dcf9f76434f3cb08a3ac868a70d5fcd5f97f6c6ecdc7e0c7f734d9047296dd7253def59f7e9c183bb3e9b0fad91c4c1b95450539b6c2f67afb10eb79b1d16b3426e2efc6592c05c70a87a5c66156825c720081289a2fd226186f9ce52f95b4177952a049a7f2e2342fd81604c69cfb1e4b770dc28d9dc74ec6cf272990f8aac61e54f6676d451d8191b3601d1bc6400cd3738f35bdaa164a034fb1b74e66f7c45646763709817e2c0f330162b0ecf784191571f1de346c8161d17e25b1a7bed4b7cca0d9deae4a7c661da59206cc5251268a0fff7fb33ce087bc92f6a36870063a5d6d8bc8addf03da820776e52576fd45fc4e06b50fbff8ae00ce2674b7da31904254a85a2d842d1a0159d2d68523f8c61ed0f8d6afef08fe3aaf96bfefa8da1e71609952a11a869a288d700c2bf6d9728e464f06af370c884e68750fcc84cf37440ff83cd0b8114ed0bee4b52b4f322bab0608de4921417efe205523129dd98bc6b5d811d240a61283db92ad22c2ee8b1d256c6c2976db38e7e24dd5c3bb0228f51b8d1f4bcc3341bfd7c6e2a469e4b0bd4767b503cd50f64d956eabc203aa1ddd570be3f139d4f27e1812cff3929b287fe8c3a97edacf08a1e6beec525375a7280622c446cd7b418329173eb5e7558df8e3717d752f7ae15b583303a560d082262ae5aee081471970bbaa9022ec8c5bc22d1e994b66b8ff7c3bab8d26c012262d6654373d78995259ced5e9057114c71a8c0887c688efc206c7b665e786aaa17618e0fb7a3245684570f9ab89af8ab2f746d6419cb7dcda37212d3dad7c5e63108ee025403d35ee7d15e17d3ff930feff09676019d7dbbc437f10a044cc2c3c131f4b0c9951d4ee0578913b2fe89758f83573a0029a37eaeb984e298a9516bd70ac93f884653ac4f9e2cb5a21df40572e2ec24005c6c7443d3999985dd890d79083a083bacac7e8ac13f6b52e2e85aaaef5e12bc62752448f6337a8741b0bfdc8c990c69ba2fa972ea6ad4be7609eeca4fa93c08b85943a68acba1fe97bf5ba745050b69b06b12e416873f943a23444116bd89fb53a9496cb380a0197e732d2d20926a0077765fbf0eeec9884bae927981f3498a3ceea6ac07f807da7ea38e177f45ab6c232eefd67a8ce82c848bd24a16588a4286aca01fb3c24622b8fe9e820730f741090925ee1be0642a49ab25aa12743efd538eb46ac939a995771998353975384e446f1dd062645a5c43d923b1d1be5eaeba2400f9dac3880d3fa0708c9818824ba993460786b947a205417a503cfa3432f80ed793d6ee297def1169467165ba2f8271597f321fec4e790044bdda961e9b4fc49b608f147095307aa5c507717c36c7c39e62012006a7b52a629132535ca4d76dbd2896c8c70f6e98993f82209df9cbec744123f9f6e89ce3cb2f1ec055483ebfd0eb3b004460cfdc0019b2d4fc9d99a3d02aeedf7fd94231fb2bb95a2a57ad68017e2afcb4efbfa52012dbad38b562f006d83e7ae3664fd6821d4e961dfd63d143a55aabc63e398dad34f970479256f744abd95dc575ea7ebac053f0c5adad9900e9a9d3b3d12b6b0efc1055e81687e9b3505828c900a7c38b40f5c1f2a0dd4090894cc8c3d3c7eef0843fe07602d310a85809747b2306ebcfe4f9fd314ec87636b81959931f68eb72823e3e4f380657f6a9f1eec22911fe0059dce76758ad3e3590713c2338103cc175b18a5fb3b89ea5f3eaa3c66f1fa609281d4271a6da467257e7e4b8b0f821016d5b71dca2f784bd5b554c6ae404740a7b2ca621fa653f3048dbbd7fd471a95cd46927fc02f5bc49922aa65326492a86f078c4915e12bdebc75e6967c18a020d87c4c6c4e48657daebe9ffba2af8ae6f70bc18b6f00ea59791a4e0787b26aa7ec7225a00cd6975b65a2c994001627dcec3f2826c9b3c9f64f82b7a7644e917abda53bdf13d240d580ed8725cfe7fbee490f059e024042d95bb48600247a335da0a86a02d16cecc160a1535f4475e993807ddc922fcae732f5c1a4f963421a46dd715f13e3b57ee6451997e84ddca8d9684f77d3ca3c6bac2c0e29b833942a93339cf1436acc7ca0f98f5cc99671234ed93330f391ad8b8977fb672b0060f8f32a240a08e1a39204df8102e86bef172713d6890a4d5b1cf17934a7eca5af66dba7ce1e6d6a36bbebf6267c70bf8d5b566376a87c34bc7911dd9a69b3c84a0eeef8e61f5fb5922b11fede764101debed9340db206a9b52447f71b4b00f29c391edf290591181dc83e7ba8b9bc8155ef1da9d8877a23e8d3a60f15b70f90fdd62978098ef1f053e0dca52d8ab54b975e44265357d149ea5258b830b8c611ba4a0d1c03e280e42140b06d4352cc6521e265228a0a39e90e8127170b6dc732dd40cce3177255c79f3f31f08b9e0c580b2db64c0c8da9eecd457d70d254c4fb049d889a6d9df93c38c7a0a1be8ac9c2afcceea28fac2b513ec57535b60b89f605502b92d73aa110d2a8010a0f33296b6f1df742ca072ee579170d96752a44deeaa63f5b07cb7c8aa2ca77909820ca7db58f6c79763493e83e2a04f319f8b001c35972a18c2ca3b7bea6c84077d6d0a5b2aaa170dd0d39cd69f940806d1a014093eed5aefb2b7c361200fa0d5bd1f95139dce0d1999b25476c10ccbc2770a703abfbac543c4847a97fbd7cc8b98ae96423964521045294e32c32ad428bb3f6ddebb836c072bf9619bf57f117483c5b75ac914108dd8f4181de7ab9dabb4aea7ecfd9dee7483a17107059e6c9d0af6ddd6aba3cfc0b4e4c0991858eb4b822f24ae985eb6b87db917c3f92d66af80814bcf6e2e687900b90398f12235537bebf44060d6d870c928d884e00362699055fffef98e0996f696a6c0815add2bf08a66b85b5eb6891ddfad4545f6c272e5d681187b41e8ed2db85b8f64ef685ba40545ea858c2f97ac9af5064ef13844fd38f21250232a5e27fbe4133481eb3b7a2e7319eb5d4d58ad5feed6f7ec8c1935575f067caf2bc27f568c743137a3ea5487798b81574aef006f56bf35816f3389830245f026f130cb88d0412819b17326d533373129f2b405408370e3e218bc8dcc5d59cb4fc348289595b3df75f0c52492ee7aecb706a1e7ea76f5a0cf6628467dc405ded73a76ec26e0ff426690c70e0306bb39422467afd4eaffa6e2aac4f7d6e89a93dac3eb359257bce884b0713ce29def703feea7a10efc18a3f7f66b80423e1266b3ff791467b8c096517418460483d40ac8c081bc530f9ab3a063960bb60a1993bf1f7f64bccb819d1d03e7be3586caf105e8c2cdc07ce8096f0a5008403042b96fb42a5961ade25da24c99fc9d9848150a509d0838090f944522df6d10e565f85f89edca9cb67f46d053dfbd82460969715fa77a4800b91baa4125f6fb62d28148efae393ff3385f84b20ebe899f37dc1b3eb3fa0604baaead202ee030305ee14837c388a1172205ece8ea5da1d59b47263e76ffebf7b5c3804aaee5b9a68b48fad19f543b6038026c91de33b6b783c0a41bfffb67bddbd60ff12976a446401f8c526991fe06ad2a7b0b660465b5a41d00e2eee4972d4d3cf9f93436f33c670480ccc79bba2ce3c440a2ab1a272e3bb05427831a856fbe5f03ef7e0f23db2e77d98874667dec28f29fece6c63064a27749789c387b7fc4ae03cd84690a04f4f85a7ee87bd1596d0a3fc3863cfc80901991e07e5231e58de5bf0bddeffc9b92d61ea04734aff88a6a71701369d4c940c3afe9a7cc77e1fc76094239b53f9bc14b515f8d60d5d765a88306e62a3ce6e85eb1e09b482e45412998c9af46b09bf05b067965afdf1a383c99e99b5c544a1bbb2fa0e52276770e0e92061d42bca8514b72e8becc8c5f28ed666a9e355e4427e393e9d10faafa96b9719f1b6135fba7a9b2d4e788cca8e6f4888217feaadb786a114058aa146eea8f4238983361be81f3e1480b847a4b0dc22dbf1dc6256d291e0a22b3b111afcdb32a68e928de2d0d13ebca14a9fa84b124f0cafd8215df14719b413849507c920b9d63e3bdafcaf87d3b35ae2f903867495f74096606fa7434e70120f778e9fc6501ab43c87a0fe743190af4e60bf17cdf59d852e273d0a55a97a05d9a434aac2acd077cc974ee5d00e22f4d6397f97e197af1016e3c0a8cc633132c4edcbde0d4b3d40e275b7f9f5713db39fdf611a3e37632c64ddff9b1faaba4829eb8eeae7e5f7857ab41b9437b451c6b81d9f6bede6271c3a088c611c3ab1a6206cd457bd22e8b619a9830c670d341221103e25a1a6b7f5da5016dd7c2e766ceee8c86579415b662482f08bdc0a2d4c8fac13773d7782d953a08fc05a7325748f67b300e8d0ddba4d76db1b623efaa77ef1249b13944099b9fdf62edb12feac67b67d65bc0161941a2c856fea0c305d33650fda70e160467487353e7f8602a19455ddd74614393abfca36efef501af9cda235cae3d08acc66bf7b6bf3b6b9c257955ca517fcfd7e775bda2487fe30b07da866b3c4b17b4ceac2e1766a7787f67c8e25ca782e7fe5a0b733102e7451b8ffda74ac8209739100ba8eb983137912e6be284f663ef5422c2e871cfcf9bf2d8319742591fef72e22b75817df364ece9e263d56cc7219b26033c4a116322387b38dd32eeffd915b69e81808f77506e8a5157440cf3e41bc60e41f1c8de3c4d15ae08c4c3f07db012b6924ac4ec6187f73f72cf4605dd966f52e259477890f124d456a41d74f8ab11031c9495490cc1ba21e9a80322d9606ad19b870ba085167292244dcbe3432e18eb7d41c010e11cafe8a53a8de946ae37c807f447c9416baf94916aa0a120605ad16acc8c0818b460ae8af00fd9a6f1d4a59804c9aa0680451ffe07ee414acc5afd55d113e4c11c5557571876daaffa717e772695a1dc26aff8004aa607f7f0656105e865eae8661207e6a3afc9cbda018b1a8f2fb13c2b773a5d5f634f3b413695938dcc6770f88c1c7b436d26276b3c561ad2815f22b14f81dbe2efe6b8230a630dc81145764e8658f6be06a1d3e73c111d21d8a252896b8062fa288326aa68a507f2ec7482bfecce9cb7422369d45c546fd6c60909cc09d03530aea876a136f719f41df392f3f7f11ad1774c005946aa33e204688b2fd3bd0444c36fa236056b3f734af3065404fe197be2e199a57647f43a0162e5a916701f19120516dbe93fc50c9c7a218a622ac49ff8ad7dc438c78220ef7cb38fa472f83b2954e24191b40786b6f895ccfcacf65ac8045b8c6e23535471d7e99453a555fe278dde1743e5d25e1ff5ccf66c0cd675abe99aa3ed08cf03dd66998541356395e0b8759245f941daca9b4e61a5cd04aedf332723b7f438dc0db07277d31287b88f85dbf6186a6d8079fadf897a32dd8365d6e4132e7d940fb05660064b2da2bede9edbe4f3e4fdb652103381f44e04585e17d7486c5117d7c287665bf08311f5d631954c00d1d6edc92af5f2af6da5a2f8cf449da473422b573f2b0e2bd52309d15061b6f8c82bc25954d615812a011137a78a6845465d085187411c020dc3dd6c5f91ac5c0992b82763eadce9883f661eef9c862ecb990d852c6b455fb8cfe114f0598ec7555b17", 0x1000}, {&(0x7f0000000780)="6db18e1afc5e03b44c132c3c13263b0f085f20fac13d0b337377ec64146452f3997df8dfe2e86d3b16e04ada192861607b8afd777617cb4af57457d55c0c", 0x3e}, {&(0x7f00000007c0)="34cb26736e86a94a37defd0a85d11b9381a4d4f2ef29ff81200cc54bc0ceccc7cf2a2bfe923f7f4d748f91022255218e827b7c848a5cc74a753465f9fa98bd730e32d15287aa79dd700d732d678e3babbb52ad68a89a590dde00dfe33e3280f3776cc77f1cfe9dd2a21aa3584cebdc45738b4f9588b1f24e00b13c5370ce8eb16621932aaba5389dc815e90365acde4295e3252a945d51f30e4c38497dd4462deb9fc40600d633ee01ccdf58c13030f3ad1eb9ee0e9590d27e47bfb70018206336798a472d144aa039fb376080f52c112bb5d2dd6b0139b9b853a086072d901407799cdca2d7b0a9bb6c2766764afc0a099d11f2e8ff482456a5", 0xfa}, {&(0x7f0000002c40)="49ebc3a64e9c6f24949082bdf777c5d8c086bf6c2d0750c750c83bfe3e64b3031a9e174077fe9cf74ab56ea473603723aa631f6d2429528b7156c33246eeb1f8ee4b8d9b58f0286d25ffb45244384360931efea872c7b20afc3cbed6b1e83ec8b6f0e178bf008c9bd0bd100216dcec94b1aa5406ff255604f8f5b53c109a1d522c755677510fb46b6dc421cb94c1eca9d0d5d9df09df72c886892b81c5cb3c13982ed3909a3c84416ba6be442524fad1e42f37b0fc959b38962233c0d7b9a883b723df6052c0b2be53333546c07216f62b264b385a835b978fcb426864be91b4570bad3c2cc60985f66a7f00165cf10d48499321cb56093b34840cb34e244ec96026e593490330e1848576f0efb3dca3ff8e4a7b7630b1607e2357d8180fe2c2172e374d872965537b9ddc673a518bef1323fd383b393ca82abe2d5b0887c58a1744e0184c0711c0c787370e0c601612596ad68a12cf07f4b71a730b27a145397c8d53c9cfe53639b446749dd4bc6d10e34a71864db2f0b69b51dd1dc7629dba60797a7e32fdb89684456945ce13bc7273bbf7d1f4d5991132b73956308ebb856743e30cb15c671d4263fa39f5f233ca4f44e9253e02e51e9b7984be2309622d52d7a7a3787cb29ad568c54e642f06935ffc966bb0e84963b1a133e68213e2e584dd8c6dcc852e00d02c93585167233e9399a19161575a67d6e978cb3860d9c654763433e6d156df6f2285d993a7e57ffa54d3044d3812c6725703beafa7b3f4c362c5c406bd5ec5ab1e5c530f798fd8ee2859ed206594668d35563008c158b980272a76d417dc1358d47a99826ffe0f87214d7e293ef01008ecdedc6683f460fd1c10242782f49c843ad76b83ec7a06c03bfa80d11fac8602ef45b20288c088aefb8ae984eaaa3b6c0af6517eff85481e80e69ea8858929ed4877b0337f0babbe01564fc21d42bf10e60a7e8f74ef4fa365ec55d46367645a013aab2134bae9bb31bca925cb9db5dbab7b9b9b109d14d7a6dea6c8cf80aa8f8ba4d5e881823208b674e77a6553b728d26dc8a76ebdb3ba5ebd964d3f4eb58afbae58248e7bbc6c662a3bcee599c60d952e9ef03331bdf68b2731c98209ec01a3e25d923b2a9ca2d9b526c5fff666f9a79dc330c69ddf1b0f9b20476254ed90ed87c111a12ee6e39c6486b429ea8ad00c366c8cf9cfa1031449f5cddd5310986587c8bed1395f366db597825a2074967fdccd904226f4ee48988655d9e272c0dc12f07a65af9134f88982a936722824df577f048e77d3abab33c522c192d5fa9a65ffd9438a9c8cfe9833a6b94551b12456841149916515948c691fca11fada84f23220d4ad6bddf62fbb3a0a9d1cabce9e0e678f449e342cb7095b16823907b9c943fe38cbfe8d522511a4816505f0f9d073e8a5f4f6ee008768bd1376866e62299e5763f324f79d6b6ef2b45c90198435a44a5859ca00568b693eb403343f925352a8536084959d2e9fae7b1cdf54c6f1478c98cf8a993944660f0e63a7082c8d1fd613ac22bca87c68a57663241a2346d92935dfc180852dc6dd0f91c17449d86ecc66c02317374730c723bdc2331d3e1b6fa35133b40a7102cf942092cc993e8c754337ea56b40c9e43b39e8e911c2f226a093d9db98de5aae73e9dff5e7a0f5f415d47f8fbd62207ddfed5eba97434e86ed75311bed97dc27296ca4e3d8f01bc0705a98f8126b9b3eb13669535b2ef751f9ada6ea7d87700dbe6909f0bf080a0962717f299be153cf30651ee43fe0a47428480e97e74f0cd962eaa524d68a903f2f451b2f744504a8500d3876d78e1b81246b3978ae3f33fd15a19b791533056d9054214fbbcffb135dc69dfe0ba2eef634667382a7444f76e2f26ab6af99cdac80fcad8400d20bfcb62c58b7a75f5358d93c76681793ecaa7f32bee20c87c6a67a4f14b27aac1fcab76d59e56a3e7c8a2fe23b6ae3e6910b2d110bf66167ad0569a40f30c69313601c5fb193a6a5d6f53122352faf2d4530098a12f7b19de41c398f021391e139ad3d2c96e0c94e79c5910fe4a0c44ccefe5300f6d50313cf2baa736897e7371ff1c920b61ce195d91ff2ef998d719ac0e8dce86267248a26adbce2b0e66305a21374d0fb57e6370852f0efbc39ecc8438fd86db4b89a8fde38bcc210ce816a79787dc7f5c77a4ecba4d8459664683ae6f1496faad0c5fab018dc0b1908db99f2d496e76c485306298e51ea37640b3c65bc8b7157198a9fd2c272e44f58a4f85e978d33417a43a6c8580bc05b8d8c875ded342e834eda3134c9981b8be04ece7317f04844473556dc7c2c06ff1a1b314ffb0afaa1531aaf68f1b0282b954dddd178cceb06586585d07692624d92d51d04045646d0346c8893382ff35dffa775a79c964bdbb53c2f20776a25970a767e4f1a965943eb8e403b4021a33168254749313a2f3438b8f4cac960bdaeb93f07541943d25d7fa0ca6d2d53719504de3b8f0c22c5c1843a26b0d73196be59c4cda425fd54d6d308ec3b1e27607f699c1d46137d27184bfbd916cbbdedddfe665d9192d522bbcec7861f4c0f713db8c00379a837b2c305ffcd5ca9b672e586805ba7a14da0e82b506d0f9bffd103d3456efba6119a6586fa2f140b0a817c3697b1d1b172326827f4e3e5f7ad26ffcfd2912fbdea6ca55adce5c26924c1842a2f72bb98b98bb1598a3ac46cc04d46baea06549db1a8e8acf5f9959d5823bad2d98d54c46b37a1b5e2233251633ff64e64d119ba20befe7783bfe17c74965b7593941016df552dd84d02c59ab67ee811b68638f677f03eae19faca5b326d1e254ec65276523615a590660a346d6ffe754c52677078f576042577bf9e5f88a13422137b988635bd83121e42ea5633ba503b0e6ae1428445a01172a1dc2e0c1143a65b0b992463fc2b6fcaf4b14f2685c535864f6ac39b3f9d64a0a6122ba90ebf5390ec46809a19f790266b098c7769589c326f2c8238f8ce5268b0008bac0af09b98fec403c642f016d867c0cd1b5ffda1012a4f896809d276c098ce3d438b580ac982692d953d7b558d0e9e644dda6fc41247528015d4145fa3b9264707b151e75fc2d00f18b2734cd8bc1871a78c6fdb2814d1f7bca1f56cba7b4e21cecd82c5c2ce4de8b40dd8b8c88979980086aa3416ac006f139c533f197ef1a1b5990352f67133f12943494d72fc8a836e025bf3203f2f51588e7b2b70dc9ca6ab02c3924056cdc74929d28cc8bfef91bd8858a9c9b011d451faf9a23285ad1ffd4e20ce7a19013a867fc3e04cc2d37f5f64368aff9c45c868aca5103a94656efddfc4cc999f833d211ae067c1ddf983c0addcfad29d0f0c521e541e40fdac903ac13e1640585c81691c01aa9d86d760fb05a70de1bc6beb1c124ed92da415beab19c64b32a40f623536d168860c983f7afc5b6b8461ba1bf09b2d38a226b51159c46abb6bc394f3683124816f4fb8f75adb06c0d2f5d47a749fbca250d3b699fdde1411ace997146fd4a6d942a22865119ea013e580a8aa9e1edace7b21ae4b1c2aa61cffbf658c207d168df3864f4ef8607319b78432ece9d64942d31054be3e30dbe947e4aa57030e70ae6dd24fdc9ce977a4ac0a878cc5c0ad926e353485fd231becb9e08f66f23a37fc77dd4c2c080ef4a7077090f1793489ceba97f5308d74b2fcdd65ee7bee0e3d1b2a6ef1c55d632c17340a0888a325305817603d7224f4dff0667b2344c9e52062513b43d04a8afc3c8121aae0c7092d845c69a4e3723ebbf2198ae0dfe7477219dddee33c34704f4c9a9d67aaa1c29b720e9838313e2a5ffc47caf25435e83b53a3aba32c7aa2509d1a9855ddfc36939d416fcb55025b769fbf97099acd74b6950a21a0d1e9eb7f254bec72ff2e424b676200df6bf0799969a65eae3dd8096467cd1985ec158beec864423f7b6044ccca4729dd46f04a47c2dc87934baf5d1311feeb91fc3a9e0c040e29ec56f8f87b2b29abf41eaa2fbf3a62e9f34b8a9e79761be7dd350c97673298ca5fa2f34579516b797ef1c50b61eb284b61ba34c2820ccb352b5332e977d33bfcc7470a5939bde7c715acd821057c6df1c151a285a1f91806f1eafa8dae99a0884f854fc39762f80e5b412e6b596655826c31509af97a472fe90457b8c9ab9e5f43497c9c67acae334dd10bf93cd8dc2dda88b5823a6d5ff82bf8ef1b15329956d744728a068c41404bedfdb8b8a0e57719cee9fdd1211418d0c66aa969585c1b8225ad0c4dd4392fd05bebb036b1c94b5ea825ffaad173fa404a684bd51ddb507a9ed90542169e822adfb080375a8bf945a7bc84c63c09f0112821f70b2ac8a0f217eb5bff63f5b5858fda4ebfa8fd953e5c3bafc1bddd420115ad5a33a4bb0b94915a656cf497ca22e95fa2a456e1fe56701019d37ce7aab867523815197f6b284b907e05651d1fe359941ec2bfc7e653ca557b07978037a3a2964fc5a176e58e87125028003e4c8cef1e167a588a3fef41cf77b01f30443a5350131250d6e683e565ea69a4124c6066890ab5a7118cdb2157b9a7821ba008ab44381060d2e4a68dadf5ea41cd8d7a50fdbf0b8badccaba139a2fc67b795208678e9e549c28067e0d817723d9ac90c52f516ab72d33cfb796d2f262bb31c5c14cc2afcd14f30e6007ac161b969bc3b8e74b8482ce8cdb4b0870458e5b241bea572111d51f2e1d731de402207abd55523839896bac1d24bbf8c91f0f985a6877f7b4973fb9560945c9e870733ceacadf18f36c3da0369497c9acecd2a0e2db648754e6b18a92179b6c4ece41a96b4f1b8b1aa0ae1a112b6c798a3900440af1c2df79022c0e9a43d5cb2c0a6213384464dd2458a289b7a3109259bc643f80b71997675590322e9d2e29738d92b88bf35ff6eb20e3a9c38a0c8b7e7e734e93dafa35ff0edf1a3d8c3d58a81679f59215cd0cc49a47e62a43659135feef258bf7874de9c48bc13ed41eb64c105f46612d64ef1c2404adc3eb1c88bc181c96d73cd541bbec239d226766805c4cbc45f00ed681df903d8ff29b9ab82a52ec1b195b51aa999eae173b012274a8d90aa25fe2fac5e3ab1f2d91ca0b13fbf7136207c9bbfccecf0e2d643f7e8cbda762a296602732fa20b3d46f408ca5c49588b3e1ef7064d64549f3a8df81271dcd56bbc38fd76c8bca8f701fec9363b8b28ee0ab7ed13bfbcc4d392a33aa223981795b9d63ee67ca749106627f078fc847e736334a9e3a805fa4534200b8b6e82805e1e1af4d13c1adc4b017959f30c6ab5c0d64126983773db8da5c4844136cd4d0444cc9733c212b0a5d7f79319508218f7c6fcd3e32091fb2b63e12b48a93b602d4ed59e868b48f4d2ec033f116324d04638a066265204232721502427b2f575a405cdea466ec155d3c6ad57ce21ad56e77467bc31902e69d6bda5a767916cf6ec4f3be6a2c9a52588ae2f614bca46e5483f4684a8864384848340fd88d8a1ed0bff3cdf80d6686fd41fc1cd6507e1f63946757ace9e2c834a6e3cf4838bce02c237699d7bce85813d5cef3e7f26dac297ad6ade7f87d60e9bd8e92097766d92c4b35fdb60bc467796b5de62c7341491ad3c4145aa3fe092ee70fa849ef003b84d200136292a6beffdae7daca65a3bbc9e7bd4636a2fa723856c8b202eefe0854c75c809d84242657ca05c8c2ce4d6d19db360fa8ed3e4e39a4a154445e9f6a35c8c1d4aa638aaca969594fa50e46f7f5828c07f050bd45c17bccee5c65a4c4069057e9fc4d8604ecf6fd218ec1f9a2a5ed1a5613a474cb", 0x1000}, {&(0x7f00000008c0)="a82d25f993ca008c138887b34acdc8af3febab7806f4fabb7a0b53f12513975f00ac61cc03b5b6b0585767ad68e50c34519895a5a6b4a8fcc80eb4fa8a231fa9639c339d3b6554a33ed98c7a1f5827427d88728ba8fb457ec843715a97704fd7f16790cb774e895dd173cba39d8e7a889aa5046f793b3414f1f985dbd295deaadb72e91ba4ebb034eb4754c3b1dd9d289c4d0d8588ef66c2717739d8efb2a7ba6901e832fa768d7794b2c16c8ae357435b16baa08ce8ff462ebb9951715f81fdafebfb50c7c8b73e25", 0xc9}], 0x8, &(0x7f0000004740)=[@cred={{0x1c, 0x1, 0x2, {r1}}}, @rights={{0x34, 0x1, 0x1, [r2, r3, r3, 0xffffffffffffffff, 0xffffffffffffffff, r3, 0xffffffffffffffff, 0xffffffffffffffff, r4]}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0xee00}}}, @cred={{0x1c}}, @rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}], 0xd8, 0x20000000}, {&(0x7f0000004840)=@abs={0x0, 0x0, 0x4e23}, 0x6e, &(0x7f00000049c0)=[{&(0x7f00000048c0)="eac517e5dbcf7753bd8702d8636c5ef67dbd246c1ab2d462d73ca6f85f86dbc1c753df4d379330801c686b7f71490fd8fc03565f2e1ff0c3c01c2d19d2f5c3bf370ea9e977dbf05d39cebf01bf2ef029428fee4418467cb52eb3cb3d5246ec32311e0f5ba28c1ba605a5532cec16e179f5da3b6dc3f5246d7fb04ee34b7b962b94338dae3ad5964e1d40b17b116ec9bef5ae089f8771e74fbea45f0f4c4b2e14cc5b13a40388ba3bb1a108d09bdbd6f412283346b0b701c46e6b709ac748de273083e98d65ab4095127b4523eefec8f6aca33a3d3c9eb3920d6972dd90a11767c08876b700df46d492abe22d349e7a26f35f", 0xf2}], 0x1, 0x0, 0x0, 0x4000000}, {&(0x7f0000004a00)=@file={0x1, './file0\x00'}, 0x6e, &(0x7f0000004b40)=[{&(0x7f0000004a80)="509ef486ac412f25f3f9341e319c7e0098caa359561d81d1abf4dd2c57046d52d1a71739b5f14b58ed0621524ae23b365e76d7ce7bab5b9bffdf2006aa29fa6bf728b24668b33388ae69", 0x4a}, {&(0x7f0000004b00)="4219ed37cba968fa02b5d53465246b933ae9c4d167e233", 0x17}], 0x2, &(0x7f0000004bc0)=[@rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, r4]}}, @rights={{0x18, 0x1, 0x1, [r2, 0xffffffffffffffff]}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, r2]}}], 0x48, 0x200408b5}, {&(0x7f0000004c40)=@file={0x0, './file0\x00'}, 0x6e, &(0x7f0000004e00)=[{&(0x7f0000004cc0)="b46f93aa2192150c895e02df70f9", 0xe}, {&(0x7f0000004d00)="643f138df6431d0c66a809fb3d783376c89c617d9a4d01fd36c2bc3a7e9a0942dfaee130c55faa244a55f9a899c87d63c76ecd2e253100d8fdd511d95b72ee3bffbe291ef7af95797de6cff3329f6366778623c1802234e1e07982445972ecdf839206927209ef41f4134145c7c7eb191dbad12bff263ff0bf2b10daf5553032e5669e7b9cde6c85f5d58204b245cba1a99fdb916cbbd655be83e4501f78d9d059066ea92e60c76749814cb7faa43ac9", 0xb0}, {&(0x7f0000004dc0)="d35fd3c48ca1cc41de8737b2a320e5bcd025638717d458df2e22489c5c3748c703624ff02b9144e7dea24616090a425e6a887732c556ecb30847", 0x3a}], 0x3, &(0x7f0000004e40)=[@cred={{0x1c}}], 0x20, 0x400c800}, {&(0x7f0000004e80)=@abs={0x0, 0x0, 0x4e23}, 0x6e, &(0x7f0000005140)=[{&(0x7f0000004f00)="962b6143e5deb5bd0edecab4fe285f5618ab60197a003d6bacfd9b2a4cb5108ace2cbc5d7c3a1c0e60f1ee560579e8a4e8014ea98b145858308040447bc1a939c8aa2e6b70594dff550a53cb3554a542c329497b175427f72ad4159a8ac67d41fe23ad8ad91c2fa1402c552a0778af2243d1d054f8bb6ff5e33918c3cf47cc764ae5", 0x82}, {&(0x7f0000004fc0)="8b6d1f4b566dc24c4f28f338fffc354a60d88551e27345f1598f3b49428e891d304b2186b8c5a76541984a0ebbd18da3dd933cb3ea5dba678365a63bafa11a984ff430f696b5ae27e2f4e10c8290f771243d75941cf545ffeeb5251eac0bebbf99f1a9b3d4d95a7d3d5bea8ca1b577c3", 0x70}, {&(0x7f0000005040)="f577ad371eaf36b861a3f9b989e43f062d2311b04388fef746322cfde0014f9f5c0d066937f0cc53551793b4d04c5ccf7b5015451794a6da07101be66730409a7983c124f3b96312cc5826d0e1f55fc9d31d4bdbe17102a5212962087ee6e74847b9ae0d3faed13b2d0929eab2af8078ab3448e403cf446eae5dc3bdb4b431083edf9cc5bfa10a50f777d2cbb3d67a9cbac5066d5b6675c0eb80567bd163c750820616a161563fce107cdccd78ee269aa8bd0e5f1fb986b6414fc8de94c2a6a11d5bd69b55842900152a", 0xca}], 0x3, &(0x7f0000005180)=[@rights={{0x18, 0x1, 0x1, [r2, 0xffffffffffffffff]}}], 0x18, 0x80}, {&(0x7f00000051c0)=@file={0x0, './file0\x00'}, 0x6e, &(0x7f0000005440)=[{&(0x7f0000005240)="674ac84ddb61d4789920819a1aeb781036ac6bf0fcf5aa1757ecfc27ec0905f054080bdcefdc5840fdcc4551f9eae4082266f8d2cc167ceb41f8eb91ad4e2d1bbc4852c60b0364dfcabc61ce9d085c664d3b68338c995710f0efe4d3a4dc116839c1f05f893c191f9185a228566ddc01a1a71f1e4087083885f2402c7ebf3497035ab9efd2cf1b9c49f4178413c59e7e4345020c5daee8c084d821983e87545fc6f97601f0ead4f4b43341f5d305d1c8124dd5c1ff110b5ae37cc103d17c8f89f9e294dd6af866933ed4fd8b094af546ff418bcd48f887d744923bfd73fe4f84d2dcfcc1d219", 0xe6}, {&(0x7f0000005340)="b36e72", 0x3}, {&(0x7f0000005380)="581ad9effbbaa7738ea8c53c5f4a153aea3bf14c30c2cae380f5feab47f7a8cb67a24a1554e32d1994cb57706f43f7454ce8bfd464ec84e605815420d938e7f26851e466dbc0bffa1f7ccca33569cde9cda9991d31435f8ce187fb19865931876a9b6fe04bd2624213e6681d177ae21d4670a49023fe73fbe2c6ad43c6f097ecda1545d10ba6af3cd3ce432cf76d", 0x8e}], 0x3, &(0x7f0000005480)=[@rights={{0x1c, 0x1, 0x1, [r3, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0x20, 0x800}, {&(0x7f00000054c0)=@file={0x1, './file0\x00'}, 0x6e, &(0x7f00000057c0)=[{&(0x7f0000005540)="3a88dd17eee649ed9a71969fad575a6db0bdd1c147f10a2f33e306f2cb8f3410dc383e01ae923cdfc8bd7541ec936aed96df1def808fc8f093389286f234577f0c10a906b6c4ed92bfb6e1dff88f67adc975dd2ec5617d3680373c2bba0ac9564300ab26d5f278e798d626f3e5259f36ded7072b1fffee4de44b5071744254e550e05af1ba7b8fe73b76246ead1ccc600800", 0x92}, {&(0x7f0000005600)="b50abce7ec0db7f1060f0c57a6e55383e5563aa42fbcff3423b4531fce4f6d7cbae140f770c561103003f2ff90be3be28b75874f47724b8d7f8b57fdec46fea448e596c41c46e1e3ca527cc4de424526f0c9520d2fc5a7355a5f82000ddf257a61e92ff8", 0x64}, {&(0x7f0000005680)="8bf4758f8dd926ff9590602064e57b7d6afe5bf80aca86e12c9832ed6b3047a8a3ccf9b9d4c820c4daf72c922025fd21245e5fc85b07785000d219b2e134072ac40b9ddd803cf0cbb02207c2787c833ddf0b8da06cd39b9ea694195f902e0a1325a058b10b03963312c05df74e03", 0x6e}, {&(0x7f0000005700)="3fffe40fef26b3c53ebb39fa5e0ffebd0087030cec56595c926e4293ddb5279791d5d99ed4b8b683a7f146f6444b99217d1002b7964c6265faaf3414d21fc4855857132bf0cd042fea0f1095d7babab4ab9b06e118b58f58ab44414a9f18dcb9c9002f48a2b0099d01971a6c03e48c19cc8adef67689864dc6f9d2dc125de9b69a44252597576061b8e650f9b786d78b870f0d61fe886d7bef26958228e167d7850a13", 0xa3}], 0x4, 0x0, 0x0, 0x40000}, {&(0x7f0000005800)=@abs={0x1, 0x0, 0x4e22}, 0x6e, &(0x7f0000005d40)=[{&(0x7f0000005880)="e1dc3f00ecd16327b7dc70deb6377b65a8bc3447cb907fd65d071717e85492f0bd70874656992f25e9ff8dac9d3cd9807c47dc139dc8284aea", 0x39}, {&(0x7f00000058c0)="81b4d026ceb86b7f0d096fddc4dd241cef90db55f6d650d850db1d4ef0d546021e83f770a0fb9127ee1ee229dcd7e92483017a2564a75cef10e1e947db6f7a7139b0fdd7244328882bd97895c412c3e231306b50fed9cf4faf9b13d717a3f7a7d2a7e6bbcb9fdf54e279dee943d48f46f9298d9b118d1e0daf510fa2936a842de8d291907291a8e52c92dee516ee3b5882e0beeaca4fefc6a79ccb0beada45b7f28b7fb6b6bafb40da2edbb06b04285d2f1d05488af197da770aa4815483afc368ee1ab1b5ace6f9712ddeb47319c4cf875478741bc4a7927cb0afa56dddcd3a30c366410cdd1693c9cc9d5ffbd76800", 0xf0}, {&(0x7f00000059c0)="e25f4964fcd6e37255257f8feecd012155fde645380ba792af2c1722b8ddece417cf71856438e2d18fa19ed451af10b5d8761a35b0a1abe2959ef0a75fb500b7ff9a64072f056f5ad3f48df9f0e6fb7efd6343b2e98f7db485e6810394d0c9df08eb49e3813937dc0ec8d7d320d97f347711a219ce34bf8a398adde2b2e1cc05f6ba88a06757ee663543a067fd898c0742c2a91ef3e74e25c85817127673df17dc29940fb9e8e3282b477be9eb8c96b3ddaf50a747d9d38c990f19c555c788633a706b669647bc47913fc4b06d9f7abc1e2443bb9809bfad558af28547ded4f2ff3dcf7870d767a3673ac1dfbea16467d65ed25febb7a2480706ce95", 0xfc}, {&(0x7f0000005ac0)="7aec19986425a02bca25cd77c78f96c90add4936ce6f1099fd137a735f2ec00c6b41bc6b007629791c", 0x29}, {&(0x7f0000005b00)="08b2140c26c5f40f7272369b09886c127c8b892b755e", 0x16}, {&(0x7f0000005b40)="014120823f9db50890b447f0756f21ab5ec8349444d2823a972dc07cfa4540564fb1b8c89f0f6b718448a1f0adc156c9f18aa914a1ecedf4c2b1b4d52a4e627a69a9510d7a0ed1e00036d93ca6f24bb08f853a18420c2cc4eafe04b26be91f982f", 0x61}, {&(0x7f0000005bc0)="0037d3894c2771b73b1f521d3b936078ec3e0b5d1a1cf8e7b1b77e9f57e2edaaa43d07c197fcae442ed950bf490f25a58b66cf0ba9962c15ceac42516be9196241bf0f1f6e1a6f646591e6b5a503b64cba557619619e5f4e31254d98068783ad32e14c85883f0ae031a714d83f547cdb3629f5d4f6ac9c1194cfe111457ab41a52972a36c71ddbbe21eea26471a3072d8f20efe58f07", 0x96}, {&(0x7f0000005c80)="899ba1ee23e5417766394dad4fef6c813bab3e2bcede807d1706b64f72b02a4fbed41d82423a8ab9c3627007984f1579e08a7862f74467f4b631244e712cb9bf1f", 0x41}, {&(0x7f0000005d00)="d35c", 0x2}], 0x9, &(0x7f0000005ec0)=[@rights={{0x24, 0x1, 0x1, [r2, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x28, 0x1, 0x1, [r3, 0xffffffffffffffff, 0xffffffffffffffff, r4, 0xffffffffffffffff, r4]}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, r3, 0xffffffffffffffff]}}, @rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, r2, 0xffffffffffffffff, r4, r4]}}], 0xc0, 0x4040004}, {&(0x7f0000005f80)=@abs={0x0, 0x0, 0x4e23}, 0x6e, &(0x7f0000006100)=[{&(0x7f0000006000)="67d47040469d8fc6fc031c63fc3cd80f391caaaef7e7d2c5e8156073ee4fa70cd4fdd90dd0fa4252c681f7e1e4f201a6e297002e2bafd394b48f36d18afd1a7e768996652931d2a0e3b13774bb4a5f12a2f89b4b84454e8f796543e3bde0ffb6e28c04bc546f98a69bcb54d85f11b85c072262c41c27b86f5c6c93f6e8c3460848a35e90ebf6e7a7ed1ef798ca7e7f2e8e6bbbd137bf7f77b87cda34c122f4cb25975046786ed520ef0f3654213679e6b83dee04ede2df59197deac8a8cf1ac0dd20c6ba077dab61d6ff9f7ff361f4e5c9ae5ad886c3421d06", 0xd9}], 0x1, &(0x7f0000006200)=[@cred={{0x1c, 0x1, 0x2, {0x0, r6, r7}}}, @rights={{0x14, 0x1, 0x1, [r4]}}], 0x38, 0xec69cc7196891af4}], 0xa, 0x4000841) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) 03:29:17 executing program 3: bind$inet(0xffffffffffffffff, &(0x7f0000000000)={0x2, 0x4e23, @multicast2}, 0x31) connect$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x4e23, @local}, 0x10) r0 = dup(0xffffffffffffffff) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) 03:29:17 executing program 4: openat$adsp1(0xffffffffffffff9c, 0x0, 0x0, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ioctl$KVM_SET_IRQCHIP(0xffffffffffffffff, 0x8208ae63, &(0x7f0000000300)={0x0, 0x0, @ioapic={0x0, 0x0, 0x0, 0x7fff, 0x0, [{0x0, 0x2}]}}) 03:29:17 executing program 3: bind$inet(0xffffffffffffffff, &(0x7f0000000000)={0x2, 0x4e23, @multicast2}, 0x31) connect$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x4e23, @local}, 0x10) r0 = dup(0xffffffffffffffff) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) 03:29:17 executing program 2: r0 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000180)='/dev/adsp1\x00', 0x0, 0x0) ioctl$SNDCTL_DSP_SETTRIGGER(0xffffffffffffffff, 0x40045010, &(0x7f00000000c0)=0x10001) ioctl$SNDCTL_DSP_CHANNELS(r0, 0xc0045006, &(0x7f0000000040)=0x27) read$dsp(r0, &(0x7f0000000240)=""/165, 0xa5) getpid() r1 = socket$inet6(0xa, 0x0, 0x0) recvmmsg(r1, &(0x7f00000041c0)=[{{0x0, 0x0, &(0x7f0000000b40)=[{0x0}], 0x1}, 0x405}], 0x1, 0x0, 0x0) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) write$P9_RGETLOCK(0xffffffffffffffff, &(0x7f0000000540)=ANY=[@ANYBLOB="3500000000aa190000000000000000070000000000000000cabccf258f89fc6d85a8c395aa018d83e0c6356c5aded74dc7e99c74d427ae852bf95b80b95c85957da97fba0896741c3b4a18e6934167ddbe0c0570d3438eccb779ee1311dcdfdf829060face36020a87829ad8dc6794ba8425204fd2014fcb7feb8c886459fe1c0d6e02cda33131a6a09c45c7436506c7f9e71402c4c9f4a71128e7727e", @ANYRES32, @ANYBLOB="17007573657ac194cad3358c9a7cd054617bc8b1d205eee7a0e984836bfd5fba125d7268e76862aa234a1f6197078906cb5b496f982709eeef450a8f0eec706c907c2cc7dc5995552b9d08270c29cbb3000c901c6c5a7e3cdc975d7dce4c127d55aaf92fe29dfe2c341ad786dbeda9dbbbd17594b42e4a0c69ae17d4861b1575970fc3a8a1b29e593822032b48dc23b3221718bddefb863aa2dc61224abf93ffdcc9"], 0x35) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) 03:29:17 executing program 5: r0 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000180)='/dev/adsp1\x00', 0x0, 0x0) ioctl$SNDCTL_DSP_SETTRIGGER(0xffffffffffffffff, 0x40045010, &(0x7f00000000c0)=0x10001) ioctl$SNDCTL_DSP_CHANNELS(r0, 0xc0045006, &(0x7f0000000040)=0x27) read$dsp(r0, &(0x7f0000000240)=""/165, 0xa5) getpid() r1 = socket$inet6(0xa, 0x0, 0x0) recvmmsg(r1, &(0x7f00000041c0)=[{{0x0, 0x0, &(0x7f0000000b40)=[{0x0}], 0x1}, 0x405}], 0x1, 0x0, 0x0) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) write$P9_RGETLOCK(0xffffffffffffffff, &(0x7f0000000540)=ANY=[@ANYBLOB="3500000000aa190000000000000000070000000000000000cabccf258f89fc6d85a8c395aa018d83e0c6356c5aded74dc7e99c74d427ae852bf95b80b95c85957da97fba0896741c3b4a18e6934167ddbe0c0570d3438eccb779ee1311dcdfdf829060face36020a87829ad8dc6794ba8425204fd2014fcb7feb8c886459fe1c0d6e02cda33131a6a09c45c7436506c7f9e71402c4c9f4a71128e7727e", @ANYRES32, @ANYBLOB="17007573657ac194cad3358c9a7cd054617bc8b1d205eee7a0e984836bfd5fba125d7268e76862aa234a1f6197078906cb5b496f982709eeef450a8f0eec706c907c2cc7dc5995552b9d08270c29cbb3000c901c6c5a7e3cdc975d7dce4c127d55aaf92fe29dfe2c341ad786dbeda9dbbbd17594b42e4a0c69ae17d4861b1575970fc3a8a1b29e593822032b48dc23b3221718bddefb863aa2dc61224abf93ffdcc9"], 0x35) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) 03:29:17 executing program 0: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8d, 0x400000008d}, 0x0) getpid() sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x2, 0x0, 0x0, 0x8}, 0x0) r0 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r0, &(0x7f00000041c0)=[{{&(0x7f0000000780)=@xdp, 0x80, &(0x7f0000000b40)=[{&(0x7f0000000800)=""/55, 0x37}], 0x1}, 0x405}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) write$P9_RGETLOCK(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="350000194e621100000000000000000700f0000000000000cabccf258f89fc6da8c395aa018d83e0c6356c5aded74dc7e99c74d427ae85f25c5b80b95c85957da97fba0896741c3b4a18e6f44167ddbe0c0570d3438eccb779ee1311dcdfdf829060face36020a87829ad8dc6794ba8425204fd2014fcb7feb8c886459fe1c0d6e02cda33131a6a09c45c7436506c7f9e71402c4c9f4a71128e7727ee3582fe45a858994ce3dab322c7846ef0af200", @ANYRES32, @ANYBLOB="17007573657ac1"], 0x35) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x363) perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x7e, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000380)}, 0x9000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x4000000000000071, 0x0) r3 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000340)={0x6, 0x0, 0x0, 0x204f}) ioctl$DRM_IOCTL_AGP_FREE(r1, 0x40206435, &(0x7f00000004c0)={0x81, r4, 0x10000, 0x7}) ioctl$SNDRV_PCM_IOCTL_RESUME(r2, 0x4147, 0x0) mount$fuse(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000040)='fuse\x00', 0x0, &(0x7f0000000140)={{'fd', 0x3d, r3}, 0x2c, {'rootmode', 0x3d, 0x807a}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) 03:29:17 executing program 3: r0 = socket$inet(0x2b, 0x0, 0x0) bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e23, @multicast2}, 0x31) connect$inet(r0, &(0x7f0000000100)={0x2, 0x4e23, @local}, 0x10) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) 03:29:17 executing program 1: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8d, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000280)={0x38, 0x2, 0x0, 0x0, 0x8}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f00000041c0)=[{{&(0x7f0000000780)=@xdp, 0x80, 0x0}, 0x405}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) write$P9_RGETLOCK(r2, &(0x7f00000003c0)=ANY=[@ANYBLOB="350000194e621100000000000000000700f0000000000000cabccf258f89fc6da8c395aa018d83e0c6356c5aded74dc7e99c74d427ae85f25c5b80b95c85957da97fba0896741c3b4a18e6f44167ddbe0c0570d3438eccb779ee1311dcdfdf829060face36020a87829ad8dc6794ba8425204fd2014fcb7feb8c886459fe1c0d6e02cda33131a6a09c45c7436506c7f9e71402c4c9f4a71128e7727ee3582fe45a858994ce3dab322c7846ef0af200", @ANYRES32, @ANYBLOB="17007573657ac194cad3358c9a7cd054617b"], 0x35) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x363) perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x7e, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000380)}, 0x9000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x4000000000000071, 0x0) r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000340)={0x6, 0x0, 0x0, 0x204f}) ioctl$DRM_IOCTL_AGP_FREE(r2, 0x40206435, &(0x7f00000004c0)={0x81, r5, 0x10000, 0x7}) ioctl$SNDRV_PCM_IOCTL_RESUME(r3, 0x4147, 0x0) mount$fuse(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000040)='fuse\x00', 0x0, &(0x7f0000000140)={{'fd', 0x3d, r4}, 0x2c, {'rootmode', 0x3d, 0x807a}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) 03:29:17 executing program 4: openat$adsp1(0xffffffffffffff9c, 0x0, 0x0, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ioctl$KVM_SET_IRQCHIP(0xffffffffffffffff, 0x8208ae63, &(0x7f0000000300)={0x0, 0x0, @ioapic={0x0, 0x0, 0x0, 0x7fff, 0x0, [{0x0, 0x2}]}}) 03:29:17 executing program 3: r0 = socket$inet(0x2b, 0x0, 0x0) bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e23, @multicast2}, 0x31) connect$inet(r0, &(0x7f0000000100)={0x2, 0x4e23, @local}, 0x10) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) 03:29:17 executing program 4: openat$adsp1(0xffffffffffffff9c, 0x0, 0x0, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ioctl$KVM_SET_IRQCHIP(0xffffffffffffffff, 0x8208ae63, &(0x7f0000000300)={0x0, 0x0, @ioapic={0x0, 0x0, 0x0, 0x7fff, 0x0, [{0x0, 0x2}]}}) 03:29:17 executing program 3: r0 = socket$inet(0x2b, 0x0, 0x0) bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e23, @multicast2}, 0x31) connect$inet(r0, &(0x7f0000000100)={0x2, 0x4e23, @local}, 0x10) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) 03:29:17 executing program 5: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8d, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000280)={0x38, 0x2, 0x0, 0x0, 0x8}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f00000041c0)=[{{0x0, 0x0, &(0x7f0000000b40)=[{&(0x7f0000000800)=""/55, 0x37}], 0x1}, 0x405}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) write$P9_RGETLOCK(r2, &(0x7f00000003c0)=ANY=[@ANYBLOB="350000194e621100000000000000000700f0000000000000cabccf258f89fc6da8c395aa018d83e0c6356c5aded74dc7e99c74d427ae85f25c5b80b95c85957da97fba0896741c3b4a18e6f44167ddbe0c0570d3438eccb779ee1311dcdfdf829060face36020a87829ad8dc6794ba8425204fd2014fcb7feb8c886459fe1c0d6e02cda33131a6a09c45c7436506c7f9e71402c4c9f4a71128e7727ee3582fe45a858994ce3dab322c7846ef0af200", @ANYRES32, @ANYBLOB="17007573657ac194cad3358c9a7cd054617b"], 0x35) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x363) perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x7e, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000380)}, 0x9000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x4000000000000071, 0x0) r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000340)={0x6, 0x0, 0x0, 0x204f}) ioctl$DRM_IOCTL_AGP_FREE(r2, 0x40206435, &(0x7f00000004c0)={0x81, r5, 0x10000, 0x7}) ioctl$SNDRV_PCM_IOCTL_RESUME(r3, 0x4147, 0x0) mount$fuse(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000040)='fuse\x00', 0x0, &(0x7f0000000140)={{'fd', 0x3d, r4}, 0x2c, {'rootmode', 0x3d, 0x807a}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) 03:29:17 executing program 1: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8d, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000280)={0x38, 0x2, 0x0, 0x0, 0x8}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f00000041c0)=[{{&(0x7f0000000780)=@xdp, 0x80, 0x0}, 0x405}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) write$P9_RGETLOCK(r2, &(0x7f00000003c0)=ANY=[@ANYBLOB="350000194e621100000000000000000700f0000000000000cabccf258f89fc6da8c395aa018d83e0c6356c5aded74dc7e99c74d427ae85f25c5b80b95c85957da97fba0896741c3b4a18e6f44167ddbe0c0570d3438eccb779ee1311dcdfdf829060face36020a87829ad8dc6794ba8425204fd2014fcb7feb8c886459fe1c0d6e02cda33131a6a09c45c7436506c7f9e71402c4c9f4a71128e7727ee3582fe45a858994ce3dab322c7846ef0af200", @ANYRES32, @ANYBLOB="17007573657ac194cad3358c9a7cd054617b"], 0x35) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x363) perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x7e, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000380)}, 0x9000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x4000000000000071, 0x0) r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000340)={0x6, 0x0, 0x0, 0x204f}) ioctl$DRM_IOCTL_AGP_FREE(r2, 0x40206435, &(0x7f00000004c0)={0x81, r5, 0x10000, 0x7}) ioctl$SNDRV_PCM_IOCTL_RESUME(r3, 0x4147, 0x0) mount$fuse(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000040)='fuse\x00', 0x0, &(0x7f0000000140)={{'fd', 0x3d, r4}, 0x2c, {'rootmode', 0x3d, 0x807a}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) 03:29:17 executing program 0: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8d, 0x400000008d}, 0x0) getpid() sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x2, 0x0, 0x0, 0x8}, 0x0) r0 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r0, &(0x7f00000041c0)=[{{&(0x7f0000000780)=@xdp, 0x80, &(0x7f0000000b40)=[{&(0x7f0000000800)=""/55, 0x37}], 0x1}, 0x405}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) write$P9_RGETLOCK(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="350000194e621100000000000000000700f0000000000000cabccf258f89fc6da8c395aa018d83e0c6356c5aded74dc7e99c74d427ae85f25c5b80b95c85957da97fba0896741c3b4a18e6f44167ddbe0c0570d3438eccb779ee1311dcdfdf829060face36020a87829ad8dc6794ba8425204fd2014fcb7feb8c886459fe1c0d6e02cda33131a6a09c45c7436506c7f9e71402c4c9f4a71128e7727ee3582fe45a858994ce3dab322c7846ef0af200", @ANYRES32, @ANYBLOB="17007573657ac1"], 0x35) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x363) perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x7e, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000380)}, 0x9000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x4000000000000071, 0x0) r3 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000340)={0x6, 0x0, 0x0, 0x204f}) ioctl$DRM_IOCTL_AGP_FREE(r1, 0x40206435, &(0x7f00000004c0)={0x81, r4, 0x10000, 0x7}) ioctl$SNDRV_PCM_IOCTL_RESUME(r2, 0x4147, 0x0) mount$fuse(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000040)='fuse\x00', 0x0, &(0x7f0000000140)={{'fd', 0x3d, r3}, 0x2c, {'rootmode', 0x3d, 0x807a}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) 03:29:17 executing program 2: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8d, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000280)={0x38, 0x2, 0x0, 0x0, 0x8}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f00000041c0)=[{{0x0, 0x0, &(0x7f0000000b40)=[{&(0x7f0000000800)=""/55, 0x37}], 0x1}, 0x405}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) write$P9_RGETLOCK(r2, &(0x7f00000003c0)=ANY=[@ANYBLOB="350000194e621100000000000000000700f0000000000000cabccf258f89fc6da8c395aa018d83e0c6356c5aded74dc7e99c74d427ae85f25c5b80b95c85957da97fba0896741c3b4a18e6f44167ddbe0c0570d3438eccb779ee1311dcdfdf829060face36020a87829ad8dc6794ba8425204fd2014fcb7feb8c886459fe1c0d6e02cda33131a6a09c45c7436506c7f9e71402c4c9f4a71128e7727ee3582fe45a858994ce3dab322c7846ef0af200", @ANYRES32, @ANYBLOB="17007573657ac194cad3358c9a7cd054617b"], 0x35) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x363) perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x7e, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000380)}, 0x9000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x4000000000000071, 0x0) r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000340)={0x6, 0x0, 0x0, 0x204f}) ioctl$DRM_IOCTL_AGP_FREE(r2, 0x40206435, &(0x7f00000004c0)={0x81, r5, 0x10000, 0x7}) ioctl$SNDRV_PCM_IOCTL_RESUME(r3, 0x4147, 0x0) mount$fuse(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000040)='fuse\x00', 0x0, &(0x7f0000000140)={{'fd', 0x3d, r4}, 0x2c, {'rootmode', 0x3d, 0x807a}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) 03:29:17 executing program 3: r0 = socket$inet(0x2b, 0x1, 0x0) bind$inet(0xffffffffffffffff, &(0x7f0000000000)={0x2, 0x4e23, @multicast2}, 0x31) connect$inet(r0, &(0x7f0000000100)={0x2, 0x4e23, @local}, 0x10) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) 03:29:17 executing program 4: openat$adsp1(0xffffffffffffff9c, 0x0, 0x0, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ioctl$KVM_SET_IRQCHIP(0xffffffffffffffff, 0x8208ae63, &(0x7f0000000300)={0x2, 0x0, @ioapic={0x0, 0x0, 0x0, 0x0, 0x0, [{0x0, 0x2}]}}) 03:29:17 executing program 3: r0 = socket$inet(0x2b, 0x1, 0x0) bind$inet(0xffffffffffffffff, &(0x7f0000000000)={0x2, 0x4e23, @multicast2}, 0x31) connect$inet(r0, &(0x7f0000000100)={0x2, 0x4e23, @local}, 0x10) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) 03:29:18 executing program 3: r0 = socket$inet(0x2b, 0x1, 0x0) bind$inet(0xffffffffffffffff, &(0x7f0000000000)={0x2, 0x4e23, @multicast2}, 0x31) connect$inet(r0, &(0x7f0000000100)={0x2, 0x4e23, @local}, 0x10) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) 03:29:18 executing program 1: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8d, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000280)={0x38, 0x2, 0x0, 0x0, 0x8}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f00000041c0)=[{{&(0x7f0000000780)=@xdp, 0x80, 0x0}, 0x405}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) write$P9_RGETLOCK(r2, &(0x7f00000003c0)=ANY=[@ANYBLOB="350000194e621100000000000000000700f0000000000000cabccf258f89fc6da8c395aa018d83e0c6356c5aded74dc7e99c74d427ae85f25c5b80b95c85957da97fba0896741c3b4a18e6f44167ddbe0c0570d3438eccb779ee1311dcdfdf829060face36020a87829ad8dc6794ba8425204fd2014fcb7feb8c886459fe1c0d6e02cda33131a6a09c45c7436506c7f9e71402c4c9f4a71128e7727ee3582fe45a858994ce3dab322c7846ef0af200", @ANYRES32, @ANYBLOB="17007573657ac194cad3358c9a7cd054617b"], 0x35) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x363) perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x7e, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000380)}, 0x9000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x4000000000000071, 0x0) r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000340)={0x6, 0x0, 0x0, 0x204f}) ioctl$DRM_IOCTL_AGP_FREE(r2, 0x40206435, &(0x7f00000004c0)={0x81, r5, 0x10000, 0x7}) ioctl$SNDRV_PCM_IOCTL_RESUME(r3, 0x4147, 0x0) mount$fuse(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000040)='fuse\x00', 0x0, &(0x7f0000000140)={{'fd', 0x3d, r4}, 0x2c, {'rootmode', 0x3d, 0x807a}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) 03:29:18 executing program 5: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8d, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000280)={0x38, 0x2, 0x0, 0x0, 0x8}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f00000041c0)=[{{0x0, 0x0, &(0x7f0000000b40)=[{&(0x7f0000000800)=""/55, 0x37}], 0x1}, 0x405}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) write$P9_RGETLOCK(r2, &(0x7f00000003c0)=ANY=[@ANYBLOB="350000194e621100000000000000000700f0000000000000cabccf258f89fc6da8c395aa018d83e0c6356c5aded74dc7e99c74d427ae85f25c5b80b95c85957da97fba0896741c3b4a18e6f44167ddbe0c0570d3438eccb779ee1311dcdfdf829060face36020a87829ad8dc6794ba8425204fd2014fcb7feb8c886459fe1c0d6e02cda33131a6a09c45c7436506c7f9e71402c4c9f4a71128e7727ee3582fe45a858994ce3dab322c7846ef0af200", @ANYRES32, @ANYBLOB="17007573657ac194cad3358c9a7cd054617b"], 0x35) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x363) perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x7e, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000380)}, 0x9000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x4000000000000071, 0x0) r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000340)={0x6, 0x0, 0x0, 0x204f}) ioctl$DRM_IOCTL_AGP_FREE(r2, 0x40206435, &(0x7f00000004c0)={0x81, r5, 0x10000, 0x7}) ioctl$SNDRV_PCM_IOCTL_RESUME(r3, 0x4147, 0x0) mount$fuse(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000040)='fuse\x00', 0x0, &(0x7f0000000140)={{'fd', 0x3d, r4}, 0x2c, {'rootmode', 0x3d, 0x807a}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) 03:29:18 executing program 0: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8d, 0x400000008d}, 0x0) getpid() sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x2, 0x0, 0x0, 0x8}, 0x0) r0 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r0, &(0x7f00000041c0)=[{{&(0x7f0000000780)=@xdp, 0x80, &(0x7f0000000b40)=[{&(0x7f0000000800)=""/55, 0x37}], 0x1}, 0x405}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) write$P9_RGETLOCK(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="350000194e621100000000000000000700f0000000000000cabccf258f89fc6da8c395aa018d83e0c6356c5aded74dc7e99c74d427ae85f25c5b80b95c85957da97fba0896741c3b4a18e6f44167ddbe0c0570d3438eccb779ee1311dcdfdf829060face36020a87829ad8dc6794ba8425204fd2014fcb7feb8c886459fe1c0d6e02cda33131a6a09c45c7436506c7f9e71402c4c9f4a71128e7727ee3582fe45a858994ce3dab322c7846ef0af200", @ANYRES32, @ANYBLOB="17007573657ac1"], 0x35) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x363) perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x7e, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000380)}, 0x9000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x4000000000000071, 0x0) r3 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000340)={0x6, 0x0, 0x0, 0x204f}) ioctl$DRM_IOCTL_AGP_FREE(r1, 0x40206435, &(0x7f00000004c0)={0x81, r4, 0x10000, 0x7}) ioctl$SNDRV_PCM_IOCTL_RESUME(r2, 0x4147, 0x0) mount$fuse(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000040)='fuse\x00', 0x0, &(0x7f0000000140)={{'fd', 0x3d, r3}, 0x2c, {'rootmode', 0x3d, 0x807a}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) 03:29:18 executing program 2: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8d, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000280)={0x38, 0x2, 0x0, 0x0, 0x8}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f00000041c0)=[{{0x0, 0x0, &(0x7f0000000b40)=[{&(0x7f0000000800)=""/55, 0x37}], 0x1}, 0x405}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) write$P9_RGETLOCK(r2, &(0x7f00000003c0)=ANY=[@ANYBLOB="350000194e621100000000000000000700f0000000000000cabccf258f89fc6da8c395aa018d83e0c6356c5aded74dc7e99c74d427ae85f25c5b80b95c85957da97fba0896741c3b4a18e6f44167ddbe0c0570d3438eccb779ee1311dcdfdf829060face36020a87829ad8dc6794ba8425204fd2014fcb7feb8c886459fe1c0d6e02cda33131a6a09c45c7436506c7f9e71402c4c9f4a71128e7727ee3582fe45a858994ce3dab322c7846ef0af200", @ANYRES32, @ANYBLOB="17007573657ac194cad3358c9a7cd054617b"], 0x35) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x363) perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x7e, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000380)}, 0x9000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x4000000000000071, 0x0) r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000340)={0x6, 0x0, 0x0, 0x204f}) ioctl$DRM_IOCTL_AGP_FREE(r2, 0x40206435, &(0x7f00000004c0)={0x81, r5, 0x10000, 0x7}) ioctl$SNDRV_PCM_IOCTL_RESUME(r3, 0x4147, 0x0) mount$fuse(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000040)='fuse\x00', 0x0, &(0x7f0000000140)={{'fd', 0x3d, r4}, 0x2c, {'rootmode', 0x3d, 0x807a}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) 03:29:18 executing program 3: r0 = socket$inet(0x2b, 0x1, 0x0) bind$inet(r0, 0x0, 0x0) connect$inet(r0, &(0x7f0000000100)={0x2, 0x4e23, @local}, 0x10) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) 03:29:18 executing program 3: r0 = socket$inet(0x2b, 0x1, 0x0) bind$inet(r0, 0x0, 0x0) connect$inet(r0, &(0x7f0000000100)={0x2, 0x4e23, @local}, 0x10) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) [ 789.227060] syz-executor.4: page allocation failure: order:0, mode:0x14000c4(GFP_KERNEL|GFP_DMA32), nodemask=(null) [ 789.262820] syz-executor.4 cpuset=/ mems_allowed=0-1 03:29:18 executing program 2: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8d, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000280)={0x38, 0x2, 0x0, 0x0, 0x8}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f00000041c0)=[{{0x0, 0x0, &(0x7f0000000b40)=[{&(0x7f0000000800)=""/55, 0x37}], 0x1}, 0x405}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) write$P9_RGETLOCK(r2, &(0x7f00000003c0)=ANY=[@ANYBLOB="350000194e621100000000000000000700f0000000000000cabccf258f89fc6da8c395aa018d83e0c6356c5aded74dc7e99c74d427ae85f25c5b80b95c85957da97fba0896741c3b4a18e6f44167ddbe0c0570d3438eccb779ee1311dcdfdf829060face36020a87829ad8dc6794ba8425204fd2014fcb7feb8c886459fe1c0d6e02cda33131a6a09c45c7436506c7f9e71402c4c9f4a71128e7727ee3582fe45a858994ce3dab322c7846ef0af200", @ANYRES32, @ANYBLOB="17007573657ac194cad3358c9a7cd054617b"], 0x35) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x363) perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x7e, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000380)}, 0x9000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x4000000000000071, 0x0) r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000340)={0x6, 0x0, 0x0, 0x204f}) ioctl$DRM_IOCTL_AGP_FREE(r2, 0x40206435, &(0x7f00000004c0)={0x81, r5, 0x10000, 0x7}) ioctl$SNDRV_PCM_IOCTL_RESUME(r3, 0x4147, 0x0) mount$fuse(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000040)='fuse\x00', 0x0, &(0x7f0000000140)={{'fd', 0x3d, r4}, 0x2c, {'rootmode', 0x3d, 0x807a}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) [ 789.503545] CPU: 0 PID: 5591 Comm: syz-executor.4 Not tainted 4.14.184-syzkaller #0 [ 789.511397] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 789.520765] Call Trace: [ 789.523411] dump_stack+0x1b2/0x283 [ 789.527074] warn_alloc.cold+0x96/0x1af [ 789.531073] ? zone_watermark_ok_safe+0x250/0x250 [ 789.535952] ? wait_for_completion_io+0x10/0x10 [ 789.540643] __alloc_pages_nodemask+0x2129/0x2730 [ 789.545518] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 789.550384] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 789.555259] ? do_raw_spin_unlock+0x164/0x250 [ 789.559779] alloc_pages_current+0xe7/0x1e0 [ 789.564123] kvm_mmu_create+0xd1/0x1c0 [ 789.568037] kvm_arch_vcpu_init+0x282/0x890 [ 789.572377] ? alloc_pages_current+0xef/0x1e0 [ 789.576885] kvm_vcpu_init+0x26d/0x360 [ 789.580829] vmx_create_vcpu+0xf5/0x2950 [ 789.584934] ? __mutex_unlock_slowpath+0x75/0x780 [ 789.589789] ? drop_futex_key_refs.isra.0+0x17/0x80 [ 789.594817] ? alloc_loaded_vmcs+0x240/0x240 [ 789.599280] kvm_vm_ioctl+0x4ae/0x1430 [ 789.603216] ? __lock_acquire+0x655/0x42a0 [ 789.607472] ? kvm_vcpu_release+0xa0/0xa0 [ 789.611643] ? trace_hardirqs_on+0x10/0x10 [ 789.615901] ? trace_hardirqs_on+0x10/0x10 [ 789.620165] ? futex_exit_release+0x60/0x60 [ 789.624530] ? __might_fault+0x104/0x1b0 [ 789.628623] ? lock_acquire+0x170/0x3f0 [ 789.632605] ? kvm_vcpu_release+0xa0/0xa0 [ 789.636762] do_vfs_ioctl+0x75a/0xfe0 [ 789.640583] ? selinux_parse_skb.constprop.0+0x16c0/0x16c0 [ 789.646260] ? ioctl_preallocate+0x1a0/0x1a0 [ 789.650698] ? security_file_ioctl+0x76/0xb0 [ 789.655119] ? security_file_ioctl+0x83/0xb0 [ 789.659564] SyS_ioctl+0x7f/0xb0 [ 789.662934] ? do_vfs_ioctl+0xfe0/0xfe0 [ 789.666921] do_syscall_64+0x1d5/0x640 [ 789.672229] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 789.677436] RIP: 0033:0x45cba9 [ 789.680634] RSP: 002b:00007f761ce6bc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 789.688462] RAX: ffffffffffffffda RBX: 00000000004e85c0 RCX: 000000000045cba9 [ 789.695772] RDX: 0000000000000000 RSI: 000000000000ae41 RDI: 0000000000000004 03:29:18 executing program 1: r0 = socket$inet(0x2b, 0x1, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$tipc(&(0x7f0000000080)='TIPC\x00') sendmsg$TIPC_CMD_SHOW_STATS(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)={0x1c, r3, 0x1}, 0x1c}}, 0x0) sendmsg$TIPC_CMD_GET_MEDIA_NAMES(r1, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x1c, r3, 0x400, 0x70bd2d, 0x25dfdbfd, {}, ["", "", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x4000044}, 0x20000095) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = dup(r4) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) r6 = socket$nl_generic(0x10, 0x3, 0x10) r7 = syz_genetlink_get_family_id$tipc(&(0x7f0000000080)='TIPC\x00') sendmsg$TIPC_CMD_SHOW_STATS(r6, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)={0x1c, r7, 0x1}, 0x1c}}, 0x0) ioctl$TCGETS2(r5, 0x802c542a, &(0x7f0000000440)) sendmsg$TIPC_CMD_GET_REMOTE_MNG(r5, &(0x7f00000002c0)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000280)={&(0x7f0000000240)={0x1c, r7, 0x300, 0x70bd2d, 0x25dfdbfc, {}, ["", "", "", "", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x200008c1}, 0x24044005) bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e23, @multicast2}, 0x31) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r9 = dup(r8) ioctl$PERF_EVENT_IOC_ENABLE(r9, 0x8912, 0x400200) sendmsg$IPCTNL_MSG_TIMEOUT_DEFAULT_GET(r9, &(0x7f0000000400)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f00000003c0)={&(0x7f0000000340)=ANY=[@ANYBLOB="800000000408010400000000000000000a00000206000240809b00000900010073797a30000000004400048008000740000c910007ff080002407fffffff080007407f074000000001080008400000040108000740000000050800084000000007080004400000050d0900010073797a3100000000050003001100"], 0x80}, 0x1, 0x0, 0x0, 0x4000}, 0x881) connect$inet(r0, &(0x7f0000000100)={0x2, 0x4e23, @local}, 0x10) 03:29:18 executing program 0: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8d, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, 0x0, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f00000041c0)=[{{&(0x7f0000000780)=@xdp, 0x80, &(0x7f0000000b40)=[{&(0x7f0000000800)=""/55, 0x37}], 0x1}, 0x405}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) write$P9_RGETLOCK(r2, &(0x7f00000003c0)=ANY=[@ANYBLOB="350000194e621100000000000000000700f0000000000000cabccf258f89fc6da8c395aa018d83e0c6356c5aded74dc7e99c74d427ae85f25c5b80b95c85957da97fba0896741c3b4a18e6f44167ddbe0c0570d3438eccb779ee1311dcdfdf829060face36020a87829ad8dc6794ba8425204fd2014fcb7feb8c886459fe1c0d6e02cda33131a6a09c45c7436506c7f9e71402c4c9f4a71128e7727ee3582fe45a858994ce3dab322c7846ef0af200", @ANYRES32, @ANYBLOB="17007573657ac1"], 0x35) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x363) perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x7e, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000380)}, 0x9000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x4000000000000071, 0x0) r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000340)={0x6, 0x0, 0x0, 0x204f}) ioctl$DRM_IOCTL_AGP_FREE(r2, 0x40206435, &(0x7f00000004c0)={0x81, r5, 0x10000, 0x7}) ioctl$SNDRV_PCM_IOCTL_RESUME(r3, 0x4147, 0x0) mount$fuse(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000040)='fuse\x00', 0x0, &(0x7f0000000140)={{'fd', 0x3d, r4}, 0x2c, {'rootmode', 0x3d, 0x807a}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) [ 789.703059] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 789.710455] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 789.717797] R13: 00000000000003a3 R14: 00000000004c652f R15: 00007f761ce6c6d4 [ 789.820551] Mem-Info: [ 789.823675] active_anon:1037799 inactive_anon:4040 isolated_anon:0 [ 789.823675] active_file:3894 inactive_file:7536 isolated_file:0 [ 789.823675] unevictable:0 dirty:88 writeback:0 unstable:0 [ 789.823675] slab_reclaimable:16008 slab_unreclaimable:136521 [ 789.823675] mapped:58280 shmem:4201 pagetables:30641 bounce:0 [ 789.823675] free:275349 free_pcp:235 free_cma:0 [ 789.867076] Node 0 active_anon:1914300kB inactive_anon:16128kB active_file:32kB inactive_file:4kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:213400kB dirty:12kB writeback:0kB shmem:16772kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 1445888kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 789.896362] Node 1 active_anon:2236996kB inactive_anon:32kB active_file:15544kB inactive_file:30140kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:19720kB dirty:340kB writeback:0kB shmem:32kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 789.930624] Node 0 DMA free:10448kB min:220kB low:272kB high:324kB active_anon:4344kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:4kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 789.958384] lowmem_reserve[]: 0 2559 2559 2559 2559 [ 789.969840] Node 0 DMA32 free:35844kB min:36296kB low:45368kB high:54440kB active_anon:1909956kB inactive_anon:16128kB active_file:32kB inactive_file:4kB unevictable:0kB writepending:12kB present:3129332kB managed:2623992kB mlocked:0kB kernel_stack:12512kB pagetables:45736kB bounce:0kB free_pcp:388kB local_pcp:164kB free_cma:0kB [ 790.006380] lowmem_reserve[]: 0 0 0 0 0 [ 790.010455] Node 0 Normal free:0kB min:0kB low:0kB high:0kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:0kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 790.045777] lowmem_reserve[]: 0 0 0 0 0 [ 790.058793] Node 1 Normal free:1051732kB min:53592kB low:66988kB high:80384kB active_anon:2239316kB inactive_anon:32kB active_file:15552kB inactive_file:30164kB unevictable:0kB writepending:436kB present:3932160kB managed:3870192kB mlocked:0kB kernel_stack:31552kB pagetables:76892kB bounce:0kB free_pcp:456kB local_pcp:172kB free_cma:0kB [ 790.105584] lowmem_reserve[]: 0 0 0 0 0 [ 790.109731] Node 0 DMA: 4*4kB (M) 16*8kB (UM) 2*16kB (UM) 5*32kB (UM) 2*64kB (UM) 2*128kB (UM) 0*256kB 1*512kB (M) 1*1024kB (M) 0*2048kB 2*4096kB (ME) = 10448kB [ 790.159561] Node 0 DMA32: 307*4kB (UME) 480*8kB (UMEH) 78*16kB (UM) 24*32kB (UM) 58*64kB (ME) 38*128kB (UM) 26*256kB (UM) 13*512kB (UM) 7*1024kB (M) 0*2048kB 0*4096kB = 36140kB [ 790.190607] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 790.215834] Node 1 Normal: 118*4kB (UME) 61*8kB (UE) 70*16kB (UME) 312*32kB (UME) 70*64kB (UME) 10*128kB (UME) 4*256kB (UM) 15*512kB (UM) 14*1024kB (UME) 3*2048kB (UE) 245*4096kB (M) = 1050528kB [ 790.270236] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 790.290372] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 790.299623] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 790.310043] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB 03:29:19 executing program 3: r0 = socket$inet(0x2b, 0x1, 0x0) bind$inet(r0, 0x0, 0x0) connect$inet(r0, &(0x7f0000000100)={0x2, 0x4e23, @local}, 0x10) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) 03:29:19 executing program 5: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8d, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000280)={0x38, 0x2, 0x0, 0x0, 0x8}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f00000041c0)=[{{0x0, 0x0, &(0x7f0000000b40)=[{&(0x7f0000000800)=""/55, 0x37}], 0x1}, 0x405}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) write$P9_RGETLOCK(r2, &(0x7f00000003c0)=ANY=[@ANYBLOB="350000194e621100000000000000000700f0000000000000cabccf258f89fc6da8c395aa018d83e0c6356c5aded74dc7e99c74d427ae85f25c5b80b95c85957da97fba0896741c3b4a18e6f44167ddbe0c0570d3438eccb779ee1311dcdfdf829060face36020a87829ad8dc6794ba8425204fd2014fcb7feb8c886459fe1c0d6e02cda33131a6a09c45c7436506c7f9e71402c4c9f4a71128e7727ee3582fe45a858994ce3dab322c7846ef0af200", @ANYRES32, @ANYBLOB="17007573657ac194cad3358c9a7cd054617b"], 0x35) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x363) perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x7e, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000380)}, 0x9000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x4000000000000071, 0x0) r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000340)={0x6, 0x0, 0x0, 0x204f}) ioctl$DRM_IOCTL_AGP_FREE(r2, 0x40206435, &(0x7f00000004c0)={0x81, r5, 0x10000, 0x7}) ioctl$SNDRV_PCM_IOCTL_RESUME(r3, 0x4147, 0x0) mount$fuse(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000040)='fuse\x00', 0x0, &(0x7f0000000140)={{'fd', 0x3d, r4}, 0x2c, {'rootmode', 0x3d, 0x807a}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) 03:29:19 executing program 4: openat$adsp1(0xffffffffffffff9c, 0x0, 0x0, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ioctl$KVM_SET_IRQCHIP(0xffffffffffffffff, 0x8208ae63, &(0x7f0000000300)={0x2, 0x0, @ioapic={0x0, 0x0, 0x0, 0x0, 0x0, [{0x0, 0x2}]}}) 03:29:19 executing program 2: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8d, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000280)={0x38, 0x2, 0x0, 0x0, 0x8}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f00000041c0)=[{{0x0, 0x0, &(0x7f0000000b40)=[{&(0x7f0000000800)=""/55, 0x37}], 0x1}, 0x405}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) write$P9_RGETLOCK(r2, &(0x7f00000003c0)=ANY=[@ANYBLOB="350000194e621100000000000000000700f0000000000000cabccf258f89fc6da8c395aa018d83e0c6356c5aded74dc7e99c74d427ae85f25c5b80b95c85957da97fba0896741c3b4a18e6f44167ddbe0c0570d3438eccb779ee1311dcdfdf829060face36020a87829ad8dc6794ba8425204fd2014fcb7feb8c886459fe1c0d6e02cda33131a6a09c45c7436506c7f9e71402c4c9f4a71128e7727ee3582fe45a858994ce3dab322c7846ef0af200", @ANYRES32, @ANYBLOB="17007573657ac194cad3358c9a7cd054617b"], 0x35) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x363) perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x7e, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000380)}, 0x9000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x4000000000000071, 0x0) r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000340)={0x6, 0x0, 0x0, 0x204f}) ioctl$DRM_IOCTL_AGP_FREE(r2, 0x40206435, &(0x7f00000004c0)={0x81, r5, 0x10000, 0x7}) ioctl$SNDRV_PCM_IOCTL_RESUME(r3, 0x4147, 0x0) mount$fuse(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000040)='fuse\x00', 0x0, &(0x7f0000000140)={{'fd', 0x3d, r4}, 0x2c, {'rootmode', 0x3d, 0x807a}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) 03:29:19 executing program 0: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8d, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, 0x0, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f00000041c0)=[{{&(0x7f0000000780)=@xdp, 0x80, &(0x7f0000000b40)=[{&(0x7f0000000800)=""/55, 0x37}], 0x1}, 0x405}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) write$P9_RGETLOCK(r2, &(0x7f00000003c0)=ANY=[@ANYBLOB="350000194e621100000000000000000700f0000000000000cabccf258f89fc6da8c395aa018d83e0c6356c5aded74dc7e99c74d427ae85f25c5b80b95c85957da97fba0896741c3b4a18e6f44167ddbe0c0570d3438eccb779ee1311dcdfdf829060face36020a87829ad8dc6794ba8425204fd2014fcb7feb8c886459fe1c0d6e02cda33131a6a09c45c7436506c7f9e71402c4c9f4a71128e7727ee3582fe45a858994ce3dab322c7846ef0af200", @ANYRES32, @ANYBLOB="17007573657ac1"], 0x35) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x363) perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x7e, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000380)}, 0x9000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x4000000000000071, 0x0) r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000340)={0x6, 0x0, 0x0, 0x204f}) ioctl$DRM_IOCTL_AGP_FREE(r2, 0x40206435, &(0x7f00000004c0)={0x81, r5, 0x10000, 0x7}) ioctl$SNDRV_PCM_IOCTL_RESUME(r3, 0x4147, 0x0) mount$fuse(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000040)='fuse\x00', 0x0, &(0x7f0000000140)={{'fd', 0x3d, r4}, 0x2c, {'rootmode', 0x3d, 0x807a}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) [ 790.319659] 12520 total pagecache pages [ 790.324273] 0 pages in swap cache [ 790.327748] Swap cache stats: add 0, delete 0, find 0/0 [ 790.334079] Free swap = 0kB [ 790.337139] Total swap = 0kB [ 790.340137] 1965979 pages RAM [ 790.344726] 0 pages HighMem/MovableOnly [ 790.348714] 338456 pages reserved [ 790.353071] 0 pages cma reserved 03:29:19 executing program 3: r0 = socket$inet(0x2b, 0x1, 0x0) bind$inet(r0, &(0x7f0000000000)={0x2, 0x0, @multicast2}, 0x31) connect$inet(r0, &(0x7f0000000100)={0x2, 0x4e23, @local}, 0x10) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) 03:29:19 executing program 4: openat$adsp1(0xffffffffffffff9c, 0x0, 0x0, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ioctl$KVM_SET_IRQCHIP(0xffffffffffffffff, 0x8208ae63, &(0x7f0000000300)={0x2, 0x0, @ioapic={0x0, 0x0, 0x0, 0x0, 0x0, [{0x0, 0x2}]}}) 03:29:19 executing program 3: r0 = socket$inet(0x2b, 0x1, 0x0) bind$inet(r0, &(0x7f0000000000)={0x2, 0x0, @multicast2}, 0x31) connect$inet(r0, &(0x7f0000000100)={0x2, 0x4e23, @local}, 0x10) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) 03:29:19 executing program 2: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8d, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000280)={0x38, 0x2, 0x0, 0x0, 0x8}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f00000041c0)=[{{0x0, 0x0, &(0x7f0000000b40)=[{&(0x7f0000000800)=""/55, 0x37}], 0x1}, 0x405}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) write$P9_RGETLOCK(r2, &(0x7f00000003c0)=ANY=[@ANYBLOB="350000194e621100000000000000000700f0000000000000cabccf258f89fc6da8c395aa018d83e0c6356c5aded74dc7e99c74d427ae85f25c5b80b95c85957da97fba0896741c3b4a18e6f44167ddbe0c0570d3438eccb779ee1311dcdfdf829060face36020a87829ad8dc6794ba8425204fd2014fcb7feb8c886459fe1c0d6e02cda33131a6a09c45c7436506c7f9e71402c4c9f4a71128e7727ee3582fe45a858994ce3dab322c7846ef0af200", @ANYRES32, @ANYBLOB="17007573657ac194cad3358c9a7cd054617b"], 0x35) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x363) perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x7e, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000380)}, 0x9000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x4000000000000071, 0x0) r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000340)={0x6, 0x0, 0x0, 0x204f}) ioctl$DRM_IOCTL_AGP_FREE(r2, 0x40206435, &(0x7f00000004c0)={0x81, r5, 0x10000, 0x7}) ioctl$SNDRV_PCM_IOCTL_RESUME(r3, 0x4147, 0x0) mount$fuse(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000040)='fuse\x00', 0x0, &(0x7f0000000140)={{'fd', 0x3d, r4}, 0x2c, {'rootmode', 0x3d, 0x807a}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) 03:29:19 executing program 3: r0 = socket$inet(0x2b, 0x1, 0x0) bind$inet(r0, &(0x7f0000000000)={0x2, 0x0, @multicast2}, 0x31) connect$inet(r0, &(0x7f0000000100)={0x2, 0x4e23, @local}, 0x10) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) 03:29:19 executing program 1: openat$adsp1(0xffffffffffffff9c, 0x0, 0x0, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ioctl$KVM_SET_IRQCHIP(0xffffffffffffffff, 0x8208ae63, &(0x7f0000000300)={0x2, 0x0, @ioapic={0x0, 0x0, 0x0, 0x0, 0x0, [{0x0, 0x2}]}}) 03:29:19 executing program 5: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8d, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000280)={0x38, 0x2, 0x0, 0x0, 0x8}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f00000041c0), 0x0, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) write$P9_RGETLOCK(r2, &(0x7f00000003c0)=ANY=[@ANYBLOB="350000194e621100000000000000000700f0000000000000cabccf258f89fc6da8c395aa018d83e0c6356c5aded74dc7e99c74d427ae85f25c5b80b95c85957da97fba0896741c3b4a18e6f44167ddbe0c0570d3438eccb779ee1311dcdfdf829060face36020a87829ad8dc6794ba8425204fd2014fcb7feb8c886459fe1c0d6e02cda33131a6a09c45c7436506c7f9e71402c4c9f4a71128e7727ee3582fe45a858994ce3dab322c7846ef0af200", @ANYRES32, @ANYBLOB="17007573657ac194cad3358c9a7cd054617b"], 0x35) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x363) perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x7e, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000380)}, 0x9000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x4000000000000071, 0x0) r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000340)={0x6, 0x0, 0x0, 0x204f}) ioctl$DRM_IOCTL_AGP_FREE(r2, 0x40206435, &(0x7f00000004c0)={0x81, r5, 0x10000, 0x7}) ioctl$SNDRV_PCM_IOCTL_RESUME(r3, 0x4147, 0x0) mount$fuse(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000040)='fuse\x00', 0x0, &(0x7f0000000140)={{'fd', 0x3d, r4}, 0x2c, {'rootmode', 0x3d, 0x807a}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) 03:29:19 executing program 0: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8d, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, 0x0, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f00000041c0)=[{{&(0x7f0000000780)=@xdp, 0x80, &(0x7f0000000b40)=[{&(0x7f0000000800)=""/55, 0x37}], 0x1}, 0x405}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) write$P9_RGETLOCK(r2, &(0x7f00000003c0)=ANY=[@ANYBLOB="350000194e621100000000000000000700f0000000000000cabccf258f89fc6da8c395aa018d83e0c6356c5aded74dc7e99c74d427ae85f25c5b80b95c85957da97fba0896741c3b4a18e6f44167ddbe0c0570d3438eccb779ee1311dcdfdf829060face36020a87829ad8dc6794ba8425204fd2014fcb7feb8c886459fe1c0d6e02cda33131a6a09c45c7436506c7f9e71402c4c9f4a71128e7727ee3582fe45a858994ce3dab322c7846ef0af200", @ANYRES32, @ANYBLOB="17007573657ac1"], 0x35) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x363) perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x7e, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000380)}, 0x9000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x4000000000000071, 0x0) r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000340)={0x6, 0x0, 0x0, 0x204f}) ioctl$DRM_IOCTL_AGP_FREE(r2, 0x40206435, &(0x7f00000004c0)={0x81, r5, 0x10000, 0x7}) ioctl$SNDRV_PCM_IOCTL_RESUME(r3, 0x4147, 0x0) mount$fuse(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000040)='fuse\x00', 0x0, &(0x7f0000000140)={{'fd', 0x3d, r4}, 0x2c, {'rootmode', 0x3d, 0x807a}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) 03:29:19 executing program 3: r0 = socket$inet(0x2b, 0x1, 0x0) bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e23, @multicast2}, 0x31) connect$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x4e23, @local}, 0x10) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) 03:29:19 executing program 4: openat$adsp1(0xffffffffffffff9c, 0x0, 0x0, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ioctl$KVM_SET_IRQCHIP(0xffffffffffffffff, 0x8208ae63, &(0x7f0000000300)={0x2, 0x0, @ioapic={0x0, 0x0, 0x0, 0x7fff}}) 03:29:20 executing program 5: r0 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000180)='/dev/adsp1\x00', 0x0, 0x0) ioctl$SNDCTL_DSP_SETTRIGGER(0xffffffffffffffff, 0x40045010, &(0x7f00000000c0)=0x10001) ioctl$SNDCTL_DSP_CHANNELS(r0, 0xc0045006, &(0x7f0000000040)=0x27) read$dsp(r0, &(0x7f0000000240)=""/165, 0xa5) getpid() r1 = socket$inet6(0xa, 0x0, 0x0) recvmmsg(r1, 0x0, 0x0, 0x0, 0x0) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write$P9_RGETLOCK(0xffffffffffffffff, &(0x7f0000000540)=ANY=[@ANYBLOB="3500000000aa190000000000000000070000000000000000cabccf258f89fc6d85a8c395aa018d83e0c6356c5aded74dc7e99c74d427ae852bf95b80b95c85957da97fba0896741c3b4a18e6934167ddbe0c0570d3438eccb779ee1311dcdfdf829060face36020a87829ad8dc6794ba8425204fd2014fcb7feb8c886459fe1c0d6e02cda33131a6a09c45c7436506c7f9e71402c4c9f4a71128e7727ee3582fe45a85", @ANYRES32, @ANYBLOB="17007573657ac194cad3358c9a7cd054617bc8b1d205eee7a0e984836bfd5fba125d7268e76862aa234a1f6197078906cb5b496f982709eeef450a8f0eec706c907c2cc7dc5995552b9d08270c29cbb3000c901c6c5a7e3cdc975d7dce4c127d55aaf92fe29dfe2c341ad786dbeda9dbbbd17594b42e4a0c69ae17d4861b1575970fc3a8a1b29e593822032b48dc23b3221718bddefb863aa2dc61224abf93ffdcc9"], 0x35) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) 03:29:20 executing program 2: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8d, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000280)={0x38, 0x2, 0x0, 0x0, 0x8}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f00000041c0)=[{{0x0, 0x0, &(0x7f0000000b40)=[{&(0x7f0000000800)=""/55, 0x37}], 0x1}, 0x405}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) write$P9_RGETLOCK(r2, &(0x7f00000003c0)=ANY=[@ANYBLOB="350000194e621100000000000000000700f0000000000000cabccf258f89fc6da8c395aa018d83e0c6356c5aded74dc7e99c74d427ae85f25c5b80b95c85957da97fba0896741c3b4a18e6f44167ddbe0c0570d3438eccb779ee1311dcdfdf829060face36020a87829ad8dc6794ba8425204fd2014fcb7feb8c886459fe1c0d6e02cda33131a6a09c45c7436506c7f9e71402c4c9f4a71128e7727ee3582fe45a858994ce3dab322c7846ef0af200", @ANYRES32, @ANYBLOB="17007573657ac194cad3358c9a7cd054617b"], 0x35) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x363) perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x7e, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000380)}, 0x9000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x4000000000000071, 0x0) r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000340)={0x6, 0x0, 0x0, 0x204f}) ioctl$DRM_IOCTL_AGP_FREE(r2, 0x40206435, &(0x7f00000004c0)={0x81, r5, 0x10000, 0x7}) ioctl$SNDRV_PCM_IOCTL_RESUME(r3, 0x4147, 0x0) mount$fuse(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000040)='fuse\x00', 0x0, &(0x7f0000000140)={{'fd', 0x3d, r4}, 0x2c, {'rootmode', 0x3d, 0x807a}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) 03:29:20 executing program 0: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8d, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000280)={0x38, 0x0, 0x0, 0x0, 0x8}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f00000041c0)=[{{&(0x7f0000000780)=@xdp, 0x80, &(0x7f0000000b40)=[{&(0x7f0000000800)=""/55, 0x37}], 0x1}, 0x405}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) write$P9_RGETLOCK(r2, &(0x7f00000003c0)=ANY=[@ANYBLOB="350000194e621100000000000000000700f0000000000000cabccf258f89fc6da8c395aa018d83e0c6356c5aded74dc7e99c74d427ae85f25c5b80b95c85957da97fba0896741c3b4a18e6f44167ddbe0c0570d3438eccb779ee1311dcdfdf829060face36020a87829ad8dc6794ba8425204fd2014fcb7feb8c886459fe1c0d6e02cda33131a6a09c45c7436506c7f9e71402c4c9f4a71128e7727ee3582fe45a858994ce3dab322c7846ef0af200", @ANYRES32, @ANYBLOB="17007573657ac1"], 0x35) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x363) perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x7e, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000380)}, 0x9000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x4000000000000071, 0x0) r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000340)={0x6, 0x0, 0x0, 0x204f}) ioctl$DRM_IOCTL_AGP_FREE(r2, 0x40206435, &(0x7f00000004c0)={0x81, r5, 0x10000, 0x7}) ioctl$SNDRV_PCM_IOCTL_RESUME(r3, 0x4147, 0x0) mount$fuse(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000040)='fuse\x00', 0x0, &(0x7f0000000140)={{'fd', 0x3d, r4}, 0x2c, {'rootmode', 0x3d, 0x807a}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) 03:29:20 executing program 1: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8d, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000280)={0x38, 0x2, 0x0, 0x0, 0x8}, 0x0) socket$inet6(0xa, 0x2, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f00000041c0)=[{{&(0x7f0000000780)=@xdp, 0x80, &(0x7f0000000b40)=[{&(0x7f0000000800)=""/55, 0x37}], 0x1}, 0x405}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) write$P9_RGETLOCK(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="350000194e621100000000000000000700f0000000000000cabccf258f89fc6da8c395aa018d83e0c6356c5aded74dc7e99c74d427ae85f25c5b80b95c85957da97fba0896741c3b4a18e6f44167ddbe0c0570d3438eccb779ee1311dcdfdf829060face36020a87829ad8dc6794ba8425204fd2014fcb7feb8c886459fe1c0d6e02cda33131a6a09c45c7436506c7f9e71402c4c9f4a71128e7727ee3582fe45a858994ce3dab322c7846ef0af200", @ANYRES32, @ANYBLOB="17007573657ac194cad3358c9a7cd054617b"], 0x35) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x363) perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x7e, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000380)}, 0x9000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x4000000000000071, 0x0) r3 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000340)={0x6, 0x0, 0x0, 0x204f}) ioctl$DRM_IOCTL_AGP_FREE(r1, 0x40206435, &(0x7f00000004c0)={0x81, r4, 0x10000, 0x7}) ioctl$SNDRV_PCM_IOCTL_RESUME(r2, 0x4147, 0x0) mount$fuse(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000040)='fuse\x00', 0x0, &(0x7f0000000140)={{'fd', 0x3d, r3}, 0x2c, {'rootmode', 0x3d, 0x807a}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) 03:29:20 executing program 3: r0 = socket$inet(0x2b, 0x1, 0x0) bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e23, @multicast2}, 0x31) connect$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x4e23, @local}, 0x10) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) 03:29:20 executing program 4: openat$adsp1(0xffffffffffffff9c, 0x0, 0x0, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ioctl$KVM_SET_IRQCHIP(0xffffffffffffffff, 0x8208ae63, &(0x7f0000000300)={0x2, 0x0, @ioapic={0x0, 0x0, 0x0, 0x7fff}}) 03:29:20 executing program 3: r0 = socket$inet(0x2b, 0x1, 0x0) bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e23, @multicast2}, 0x31) connect$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x4e23, @local}, 0x10) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) 03:29:20 executing program 1: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8d, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000280)={0x38, 0x2, 0x0, 0x0, 0x8}, 0x0) r1 = socket$inet6(0xa, 0x0, 0x0) recvmmsg(r1, &(0x7f00000041c0)=[{{&(0x7f0000000780)=@xdp, 0x80, &(0x7f0000000b40)=[{&(0x7f0000000800)=""/55, 0x37}], 0x1}, 0x405}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) write$P9_RGETLOCK(r2, &(0x7f00000003c0)=ANY=[@ANYBLOB="350000194e621100000000000000000700f0000000000000cabccf258f89fc6da8c395aa018d83e0c6356c5aded74dc7e99c74d427ae85f25c5b80b95c85957da97fba0896741c3b4a18e6f44167ddbe0c0570d3438eccb779ee1311dcdfdf829060face36020a87829ad8dc6794ba8425204fd2014fcb7feb8c886459fe1c0d6e02cda33131a6a09c45c7436506c7f9e71402c4c9f4a71128e7727ee3582fe45a858994ce3dab322c7846ef0af200", @ANYRES32, @ANYBLOB="17007573657ac194cad3358c9a7cd054617b"], 0x35) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x363) perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x7e, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000380)}, 0x9000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x4000000000000071, 0x0) r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000340)={0x6, 0x0, 0x0, 0x204f}) ioctl$DRM_IOCTL_AGP_FREE(r2, 0x40206435, &(0x7f00000004c0)={0x81, r5, 0x10000, 0x7}) ioctl$SNDRV_PCM_IOCTL_RESUME(r3, 0x4147, 0x0) mount$fuse(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000040)='fuse\x00', 0x0, &(0x7f0000000140)={{'fd', 0x3d, r4}, 0x2c, {'rootmode', 0x3d, 0x807a}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) 03:29:20 executing program 0: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8d, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000280)={0x38, 0x0, 0x0, 0x0, 0x8}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f00000041c0)=[{{&(0x7f0000000780)=@xdp, 0x80, &(0x7f0000000b40)=[{&(0x7f0000000800)=""/55, 0x37}], 0x1}, 0x405}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) write$P9_RGETLOCK(r2, &(0x7f00000003c0)=ANY=[@ANYBLOB="350000194e621100000000000000000700f0000000000000cabccf258f89fc6da8c395aa018d83e0c6356c5aded74dc7e99c74d427ae85f25c5b80b95c85957da97fba0896741c3b4a18e6f44167ddbe0c0570d3438eccb779ee1311dcdfdf829060face36020a87829ad8dc6794ba8425204fd2014fcb7feb8c886459fe1c0d6e02cda33131a6a09c45c7436506c7f9e71402c4c9f4a71128e7727ee3582fe45a858994ce3dab322c7846ef0af200", @ANYRES32, @ANYBLOB="17007573657ac1"], 0x35) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x363) perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x7e, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000380)}, 0x9000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x4000000000000071, 0x0) r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000340)={0x6, 0x0, 0x0, 0x204f}) ioctl$DRM_IOCTL_AGP_FREE(r2, 0x40206435, &(0x7f00000004c0)={0x81, r5, 0x10000, 0x7}) ioctl$SNDRV_PCM_IOCTL_RESUME(r3, 0x4147, 0x0) mount$fuse(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000040)='fuse\x00', 0x0, &(0x7f0000000140)={{'fd', 0x3d, r4}, 0x2c, {'rootmode', 0x3d, 0x807a}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) 03:29:20 executing program 2: r0 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000180)='/dev/adsp1\x00', 0x0, 0x0) ioctl$SNDCTL_DSP_SETTRIGGER(0xffffffffffffffff, 0x40045010, &(0x7f00000000c0)=0x10001) ioctl$SNDCTL_DSP_CHANNELS(r0, 0xc0045006, &(0x7f0000000040)=0x27) read$dsp(r0, &(0x7f0000000240)=""/165, 0xa5) getpid() r1 = socket$inet6(0xa, 0x0, 0x0) recvmmsg(r1, &(0x7f00000041c0)=[{{0x0, 0x0, &(0x7f0000000b40)=[{0x0}], 0x1}, 0x405}], 0x1, 0x0, 0x0) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) write$P9_RGETLOCK(0xffffffffffffffff, &(0x7f0000000540)=ANY=[@ANYBLOB="3500000000aa190000000000000000070000000000000000cabccf258f89fc6d85a8c395aa018d83e0c6356c5aded74dc7e99c74d427ae852bf95b80b95c85957da97fba0896741c3b4a18e6934167ddbe0c0570d3438eccb779ee1311dcdfdf829060face36020a87829ad8dc6794ba8425204fd2014fcb7feb8c", @ANYRES32, @ANYBLOB="17007573657ac194cad3358c9a7cd054617bc8b1d205eee7a0e984836bfd5fba125d7268e76862aa234a1f6197078906cb5b496f982709eeef450a8f0eec706c907c2cc7dc5995552b9d08270c29cbb3000c901c6c5a7e3cdc975d7dce4c127d55aaf92fe29dfe2c341ad786dbeda9dbbbd17594b42e4a0c69ae17d4861b1575970fc3a8a1b29e593822032b48dc23b3221718bddefb863aa2dc61224abf93ffdcc9"], 0x35) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) 03:29:20 executing program 3: r0 = socket$inet(0x2b, 0x1, 0x0) bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e23, @multicast2}, 0x31) connect$inet(r0, 0x0, 0x0) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) 03:29:20 executing program 5: r0 = socket$inet(0x2b, 0x1, 0x0) bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e23, @multicast2}, 0x31) connect$inet(r0, &(0x7f0000000100)={0x2, 0x4e23, @local}, 0x10) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) setsockopt$bt_BT_DEFER_SETUP(r2, 0x112, 0x7, &(0x7f0000000040)=0x1, 0x4) [ 791.450629] syz-executor.4: page allocation failure: order:0, mode:0x14000c4(GFP_KERNEL|GFP_DMA32), nodemask=(null) 03:29:20 executing program 3: r0 = socket$inet(0x2b, 0x1, 0x0) bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e23, @multicast2}, 0x31) connect$inet(r0, 0x0, 0x0) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) [ 791.512101] syz-executor.4 cpuset=/ mems_allowed=0-1 [ 791.521828] CPU: 1 PID: 5800 Comm: syz-executor.4 Not tainted 4.14.184-syzkaller #0 [ 791.529687] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 791.539417] Call Trace: [ 791.542024] dump_stack+0x1b2/0x283 [ 791.545665] warn_alloc.cold+0x96/0x1af [ 791.549658] ? zone_watermark_ok_safe+0x250/0x250 [ 791.554522] ? wait_for_completion_io+0x10/0x10 [ 791.559217] __alloc_pages_nodemask+0x2129/0x2730 [ 791.564087] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 791.569072] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 791.573953] ? do_raw_spin_unlock+0x164/0x250 [ 791.578478] alloc_pages_current+0xe7/0x1e0 [ 791.582831] kvm_mmu_create+0xd1/0x1c0 [ 791.586765] kvm_arch_vcpu_init+0x282/0x890 [ 791.591108] ? alloc_pages_current+0xef/0x1e0 [ 791.595640] kvm_vcpu_init+0x26d/0x360 [ 791.599551] vmx_create_vcpu+0xf5/0x2950 [ 791.603639] ? __mutex_unlock_slowpath+0x75/0x780 [ 791.608542] ? drop_futex_key_refs.isra.0+0x17/0x80 [ 791.613588] ? alloc_loaded_vmcs+0x240/0x240 [ 791.618025] kvm_vm_ioctl+0x4ae/0x1430 [ 791.622091] ? __lock_acquire+0x655/0x42a0 [ 791.626347] ? kvm_vcpu_release+0xa0/0xa0 [ 791.630528] ? trace_hardirqs_on+0x10/0x10 [ 791.634783] ? trace_hardirqs_on+0x10/0x10 [ 791.639032] ? futex_exit_release+0x60/0x60 [ 791.643392] ? __might_fault+0x104/0x1b0 [ 791.647481] ? lock_acquire+0x170/0x3f0 [ 791.651473] ? kvm_vcpu_release+0xa0/0xa0 [ 791.655665] do_vfs_ioctl+0x75a/0xfe0 [ 791.659643] ? selinux_parse_skb.constprop.0+0x16c0/0x16c0 [ 791.665340] ? ioctl_preallocate+0x1a0/0x1a0 [ 791.669782] ? security_file_ioctl+0x76/0xb0 [ 791.674364] ? security_file_ioctl+0x83/0xb0 [ 791.678806] SyS_ioctl+0x7f/0xb0 [ 791.682221] ? do_vfs_ioctl+0xfe0/0xfe0 [ 791.686233] do_syscall_64+0x1d5/0x640 [ 791.690179] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 791.695409] RIP: 0033:0x45cba9 [ 791.698603] RSP: 002b:00007f761ce6bc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 791.706318] RAX: ffffffffffffffda RBX: 00000000004e85c0 RCX: 000000000045cba9 [ 791.713739] RDX: 0000000000000000 RSI: 000000000000ae41 RDI: 0000000000000004 [ 791.721029] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 791.728322] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 791.735627] R13: 00000000000003a3 R14: 00000000004c652f R15: 00007f761ce6c6d4 [ 791.757367] Mem-Info: 03:29:20 executing program 1: r0 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000180)='/dev/adsp1\x00', 0x0, 0x0) ioctl$SNDCTL_DSP_SETTRIGGER(0xffffffffffffffff, 0x40045010, &(0x7f00000000c0)=0x10001) ioctl$SNDCTL_DSP_CHANNELS(r0, 0xc0045006, &(0x7f0000000040)=0x27) read$dsp(r0, &(0x7f0000000240)=""/165, 0xa5) syz_open_dev$sndctrl(&(0x7f0000000100)='/dev/snd/controlC#\x00', 0xfffffffffffff800, 0x404180) getpid() sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x2, 0x0, 0x0, 0x8}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f00000041c0)=[{{0x0, 0x0, &(0x7f0000000b40)=[{0x0}], 0x1, &(0x7f0000000bc0)=""/98, 0x62}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000000)=[{0x0}], 0x1, 0x0) write$P9_RGETLOCK(0xffffffffffffffff, &(0x7f0000000540)=ANY=[], 0x35) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x0, 0x3}, 0x0) ioctl$RTC_PLL_GET(r2, 0x80207011, &(0x7f0000000140)) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) ioctl$VIDIOC_SUBDEV_DV_TIMINGS_CAP(r3, 0xc0905664, &(0x7f0000000340)={0x0, 0x0, [], @raw_data=[0x7fff, 0xfffffff9, 0x6, 0x1ff, 0x0, 0x6, 0xfffffff7, 0x5, 0x100, 0x6, 0x7, 0xffe00000, 0x67, 0x9, 0x2, 0x8, 0x0, 0x6, 0xffff, 0x8, 0xfff, 0x400, 0x76, 0x81, 0x1f, 0x4, 0x3, 0x401, 0x7fff, 0x4, 0x8001, 0x4]}) 03:29:20 executing program 0: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8d, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000280)={0x38, 0x0, 0x0, 0x0, 0x8}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f00000041c0)=[{{&(0x7f0000000780)=@xdp, 0x80, &(0x7f0000000b40)=[{&(0x7f0000000800)=""/55, 0x37}], 0x1}, 0x405}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) write$P9_RGETLOCK(r2, &(0x7f00000003c0)=ANY=[@ANYBLOB="350000194e621100000000000000000700f0000000000000cabccf258f89fc6da8c395aa018d83e0c6356c5aded74dc7e99c74d427ae85f25c5b80b95c85957da97fba0896741c3b4a18e6f44167ddbe0c0570d3438eccb779ee1311dcdfdf829060face36020a87829ad8dc6794ba8425204fd2014fcb7feb8c886459fe1c0d6e02cda33131a6a09c45c7436506c7f9e71402c4c9f4a71128e7727ee3582fe45a858994ce3dab322c7846ef0af200", @ANYRES32, @ANYBLOB="17007573657ac1"], 0x35) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x363) perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x7e, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000380)}, 0x9000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x4000000000000071, 0x0) r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000340)={0x6, 0x0, 0x0, 0x204f}) ioctl$DRM_IOCTL_AGP_FREE(r2, 0x40206435, &(0x7f00000004c0)={0x81, r5, 0x10000, 0x7}) ioctl$SNDRV_PCM_IOCTL_RESUME(r3, 0x4147, 0x0) mount$fuse(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000040)='fuse\x00', 0x0, &(0x7f0000000140)={{'fd', 0x3d, r4}, 0x2c, {'rootmode', 0x3d, 0x807a}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) [ 791.791632] active_anon:1039835 inactive_anon:4041 isolated_anon:0 [ 791.791632] active_file:3896 inactive_file:7544 isolated_file:0 [ 791.791632] unevictable:0 dirty:63 writeback:0 unstable:0 [ 791.791632] slab_reclaimable:16011 slab_unreclaimable:136512 [ 791.791632] mapped:58289 shmem:4201 pagetables:30670 bounce:0 [ 791.791632] free:272702 free_pcp:352 free_cma:0 03:29:20 executing program 5: r0 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000180)='/dev/adsp1\x00', 0x0, 0x0) ioctl$SNDCTL_DSP_SETTRIGGER(0xffffffffffffffff, 0x40045010, &(0x7f00000000c0)=0x10001) ioctl$SNDCTL_DSP_CHANNELS(r0, 0xc0045006, &(0x7f0000000040)=0x27) read$dsp(r0, &(0x7f0000000240)=""/165, 0xa5) getpid() r1 = socket$inet6(0xa, 0x0, 0x0) recvmmsg(r1, &(0x7f00000041c0)=[{{0x0, 0x0, &(0x7f0000000b40)=[{0x0}], 0x1}, 0x405}], 0x1, 0x0, 0x0) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) write$P9_RGETLOCK(0xffffffffffffffff, &(0x7f0000000540)=ANY=[@ANYBLOB="3500000000aa190000000000000000070000000000000000cabccf258f89fc6d85a8c395aa018d83e0c6356c5aded74dc7e99c74d427ae852bf95b80b95c85957da97fba0896741c3b4a18e6934167ddbe0c", @ANYRES32, @ANYBLOB="17007573657ac194cad3358c9a7cd054617bc8b1d205eee7a0e984836bfd5fba125d7268e76862aa234a1f6197078906cb5b496f982709eeef450a8f0eec706c907c2cc7dc5995552b9d08270c29cbb3000c901c6c5a7e3cdc975d7dce4c127d55aaf92fe29dfe2c341ad786dbeda9dbbbd17594b42e4a0c69ae17d4861b1575970fc3a8a1b29e593822032b48dc23b3221718bddefb863aa2dc61224abf93ffdcc9"], 0x35) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) 03:29:20 executing program 2 (fault-call:19 fault-nth:0): prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8d, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000280)={0x38, 0x2, 0x0, 0x0, 0x8}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f00000041c0)=[{{&(0x7f0000000780)=@xdp, 0x80, &(0x7f0000000b40)=[{&(0x7f0000000800)=""/55, 0x37}], 0x1}, 0x405}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) write$P9_RGETLOCK(r2, &(0x7f00000003c0)=ANY=[@ANYBLOB="350000194e621100000000000000000700f0000000000000cabccf258f89fc6da8c395aa018d83e0c6356c5aded74dc7e99c74d427ae85f25c5b80b95c85957da97fba0896741c3b4a18e6f44167ddbe0c0570d3438eccb779ee1311dcdfdf829060face36020a87829ad8dc6794ba8425204fd2014fcb7feb8c886459fe1c0d6e02cda33131a6a09c45c7436506c7f9e71402c4c9f4a71128e7727ee3582fe45a858994ce3dab322c7846ef0af200", @ANYRES32, @ANYBLOB="17007573657ac194ca"], 0x35) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x363) perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x7e, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000380)}, 0x9000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x4000000000000071, 0x0) r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000340)={0x6, 0x0, 0x0, 0x204f}) ioctl$DRM_IOCTL_AGP_FREE(r2, 0x40206435, &(0x7f00000004c0)={0x81, r5, 0x10000, 0x7}) ioctl$SNDRV_PCM_IOCTL_RESUME(r3, 0x4147, 0x0) mount$fuse(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000040)='fuse\x00', 0x0, &(0x7f0000000140)={{'fd', 0x3d, r4}, 0x2c, {'rootmode', 0x3d, 0x807a}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) [ 791.931569] Node 0 active_anon:1914300kB inactive_anon:16128kB active_file:28kB inactive_file:8kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:213428kB dirty:8kB writeback:0kB shmem:16772kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 1445888kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 791.967067] Node 1 active_anon:2245440kB inactive_anon:36kB active_file:15556kB inactive_file:30168kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:19728kB dirty:344kB writeback:0kB shmem:32kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 791.996612] Node 0 DMA free:10448kB min:220kB low:272kB high:324kB active_anon:4344kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:4kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 792.025931] lowmem_reserve[]: 0 2559 2559 2559 2559 [ 792.042343] Node 0 DMA32 free:36036kB min:36296kB low:45368kB high:54440kB active_anon:1909956kB inactive_anon:16128kB active_file:28kB inactive_file:8kB unevictable:0kB writepending:8kB present:3129332kB managed:2623992kB mlocked:0kB kernel_stack:12512kB pagetables:45736kB bounce:0kB free_pcp:432kB local_pcp:200kB free_cma:0kB [ 792.096272] FAULT_INJECTION: forcing a failure. [ 792.096272] name failslab, interval 1, probability 0, space 0, times 0 [ 792.107879] CPU: 0 PID: 5892 Comm: syz-executor.2 Not tainted 4.14.184-syzkaller #0 [ 792.115722] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 792.125094] Call Trace: [ 792.127701] dump_stack+0x1b2/0x283 [ 792.131472] should_fail.cold+0x10a/0x154 [ 792.135670] should_failslab+0xd6/0x130 [ 792.139674] __kmalloc_track_caller+0x2bc/0x400 [ 792.144368] ? strndup_user+0x5b/0xf0 [ 792.148252] memdup_user+0x22/0xa0 [ 792.151956] strndup_user+0x5b/0xf0 [ 792.155620] ? copy_mnt_ns+0x8a0/0x8a0 [ 792.159537] SyS_mount+0x39/0x120 [ 792.163016] ? copy_mnt_ns+0x8a0/0x8a0 [ 792.166949] do_syscall_64+0x1d5/0x640 [ 792.170853] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 792.176051] RIP: 0033:0x45cba9 [ 792.179246] RSP: 002b:00007f7907a92c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 792.186978] RAX: ffffffffffffffda RBX: 00000000004f8040 RCX: 000000000045cba9 [ 792.194426] RDX: 0000000020000040 RSI: 00000000200002c0 RDI: 0000000000000000 [ 792.201763] RBP: 000000000078c0e0 R08: 0000000020000140 R09: 0000000000000000 [ 792.209086] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000009 [ 792.216372] R13: 000000000000078d R14: 00000000004ca7b9 R15: 00007f7907a936d4 [ 792.255677] lowmem_reserve[]: 0 0 0 0 0 [ 792.261007] Node 0 Normal free:0kB min:0kB low:0kB high:0kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:0kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 792.297134] lowmem_reserve[]: 0 0 0 0 0 [ 792.301580] Node 1 Normal free:1040300kB min:53592kB low:66988kB high:80384kB active_anon:2246852kB inactive_anon:32kB active_file:15560kB inactive_file:30184kB unevictable:0kB writepending:396kB present:3932160kB managed:3870192kB mlocked:0kB kernel_stack:31552kB pagetables:77064kB bounce:0kB free_pcp:1208kB local_pcp:708kB free_cma:0kB [ 792.339045] lowmem_reserve[]: 0 0 0 0 0 [ 792.343402] Node 0 DMA: 4*4kB (M) 16*8kB (UM) 2*16kB (UM) 5*32kB (UM) 2*64kB (UM) 2*128kB (UM) 0*256kB 1*512kB (M) 1*1024kB (M) 0*2048kB 2*4096kB (ME) = 10448kB [ 792.359992] Node 0 DMA32: 307*4kB (UME) 446*8kB (UMEH) 79*16kB (UM) 24*32kB (UM) 58*64kB (ME) 38*128kB (UM) 26*256kB (UM) 13*512kB (UM) 7*1024kB (M) 0*2048kB 0*4096kB = 35884kB [ 792.377060] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 792.388319] Node 1 Normal: 173*4kB (UME) 289*8kB (UME) 103*16kB (UME) 252*32kB (UME) 56*64kB (UME) 6*128kB (UME) 2*256kB (UM) 10*512kB (UM) 14*1024kB (UME) 3*2048kB (UE) 244*4096kB (M) = 1042604kB [ 792.406723] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 792.416071] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 792.424997] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 792.434584] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 792.443561] 12526 total pagecache pages [ 792.447756] 0 pages in swap cache [ 792.451781] Swap cache stats: add 0, delete 0, find 0/0 03:29:21 executing program 4: openat$adsp1(0xffffffffffffff9c, 0x0, 0x0, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ioctl$KVM_SET_IRQCHIP(0xffffffffffffffff, 0x8208ae63, &(0x7f0000000300)={0x2, 0x0, @ioapic={0x0, 0x0, 0x0, 0x7fff}}) 03:29:21 executing program 3: r0 = socket$inet(0x2b, 0x1, 0x0) bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e23, @multicast2}, 0x31) connect$inet(r0, 0x0, 0x0) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) 03:29:21 executing program 1: r0 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000180)='/dev/adsp1\x00', 0x0, 0x0) ioctl$SNDCTL_DSP_SETTRIGGER(0xffffffffffffffff, 0x40045010, &(0x7f00000000c0)=0x10001) ioctl$SNDCTL_DSP_CHANNELS(r0, 0xc0045006, &(0x7f0000000040)=0x27) read$dsp(r0, &(0x7f0000000240)=""/165, 0xa5) syz_open_dev$sndctrl(&(0x7f0000000100)='/dev/snd/controlC#\x00', 0xfffffffffffff800, 0x404180) getpid() sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x2, 0x0, 0x0, 0x8}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f00000041c0)=[{{0x0, 0x0, &(0x7f0000000b40)=[{0x0}], 0x1, &(0x7f0000000bc0)=""/98, 0x62}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000000)=[{0x0}], 0x1, 0x0) write$P9_RGETLOCK(0xffffffffffffffff, &(0x7f0000000540)=ANY=[], 0x35) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x0, 0x3}, 0x0) ioctl$RTC_PLL_GET(r2, 0x80207011, &(0x7f0000000140)) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) ioctl$VIDIOC_SUBDEV_DV_TIMINGS_CAP(r3, 0xc0905664, &(0x7f0000000340)={0x0, 0x0, [], @raw_data=[0x7fff, 0xfffffff9, 0x6, 0x1ff, 0x0, 0x6, 0xfffffff7, 0x5, 0x100, 0x6, 0x7, 0xffe00000, 0x67, 0x9, 0x2, 0x8, 0x0, 0x6, 0xffff, 0x8, 0xfff, 0x400, 0x76, 0x81, 0x1f, 0x4, 0x3, 0x401, 0x7fff, 0x4, 0x8001, 0x4]}) 03:29:21 executing program 0: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8d, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000280)={0x38, 0x2}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f00000041c0)=[{{&(0x7f0000000780)=@xdp, 0x80, &(0x7f0000000b40)=[{&(0x7f0000000800)=""/55, 0x37}], 0x1}, 0x405}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) write$P9_RGETLOCK(r2, &(0x7f00000003c0)=ANY=[@ANYBLOB="350000194e621100000000000000000700f0000000000000cabccf258f89fc6da8c395aa018d83e0c6356c5aded74dc7e99c74d427ae85f25c5b80b95c85957da97fba0896741c3b4a18e6f44167ddbe0c0570d3438eccb779ee1311dcdfdf829060face36020a87829ad8dc6794ba8425204fd2014fcb7feb8c886459fe1c0d6e02cda33131a6a09c45c7436506c7f9e71402c4c9f4a71128e7727ee3582fe45a858994ce3dab322c7846ef0af200", @ANYRES32, @ANYBLOB="17007573657ac1"], 0x35) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x363) perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x7e, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000380)}, 0x9000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x4000000000000071, 0x0) r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000340)={0x6, 0x0, 0x0, 0x204f}) ioctl$DRM_IOCTL_AGP_FREE(r2, 0x40206435, &(0x7f00000004c0)={0x81, r5, 0x10000, 0x7}) ioctl$SNDRV_PCM_IOCTL_RESUME(r3, 0x4147, 0x0) mount$fuse(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000040)='fuse\x00', 0x0, &(0x7f0000000140)={{'fd', 0x3d, r4}, 0x2c, {'rootmode', 0x3d, 0x807a}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) 03:29:21 executing program 2: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8d, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000280)={0x38, 0x2, 0x0, 0x0, 0x8, 0x0, 0x0, 0x2, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f00000041c0)=[{{&(0x7f0000000780)=@xdp, 0x80, &(0x7f0000000b40)=[{&(0x7f0000000800)=""/55, 0x37}], 0x1}, 0x405}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) write$P9_RGETLOCK(r2, &(0x7f00000003c0)=ANY=[@ANYBLOB="350000194e621100000000000000000700f0000000000000cabccf258f89fc6da8c395aa018d83e0c6356c5aded74dc7e99c74d427ae85f25c5b80b95c85957da97fba0896741c3b4a18e6f44167ddbe0c0570d3438eccb779ee1311dcdfdf829060face36020a87829ad8dc6794ba8425204fd2014fcb7feb8c886459fe1c0d6e02cda33131a6a09c45c7436506c7f9e71402c4c9f4a71128e7727ee3582fe45a858994ce3dab322c7846ef0af200", @ANYRES32, @ANYBLOB="17007573657ac194ca"], 0x35) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) mkdir(&(0x7f0000000180)='./file0\x00', 0x3a7) perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x7e, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000380)}, 0x9000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x4000000000000071, 0x0) openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000140)={0xf3, 0x0, 0x1, 0x3}) ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000340)={0x6, r4, 0x10001, 0x204f}) ioctl$DRM_IOCTL_AGP_FREE(r2, 0x40206435, &(0x7f00000004c0)={0x81, r5, 0x10000, 0x7}) ioctl$SNDRV_PCM_IOCTL_RESUME(r3, 0x4147, 0x0) 03:29:21 executing program 5 (fault-call:4 fault-nth:0): openat$adsp1(0xffffffffffffff9c, &(0x7f0000000180)='/dev/adsp1\x00', 0x0, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) [ 792.457686] Free swap = 0kB [ 792.461000] Total swap = 0kB [ 792.465715] 1965979 pages RAM [ 792.469040] 0 pages HighMem/MovableOnly [ 792.474660] 338456 pages reserved [ 792.478225] 0 pages cma reserved [ 792.547287] FAULT_INJECTION: forcing a failure. [ 792.547287] name failslab, interval 1, probability 0, space 0, times 0 03:29:21 executing program 3: r0 = socket$inet(0x2b, 0x1, 0x0) bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e23, @multicast2}, 0x31) connect$inet(r0, &(0x7f0000000100)={0x2, 0x0, @local}, 0x10) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) [ 792.610494] CPU: 1 PID: 5917 Comm: syz-executor.5 Not tainted 4.14.184-syzkaller #0 [ 792.618362] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 792.627737] Call Trace: [ 792.630354] dump_stack+0x1b2/0x283 [ 792.634007] should_fail.cold+0x10a/0x154 [ 792.638182] should_failslab+0xd6/0x130 [ 792.642171] kmem_cache_alloc+0x28e/0x3c0 [ 792.646347] vmx_create_vcpu+0x86/0x2950 [ 792.650428] ? __mutex_unlock_slowpath+0x75/0x780 [ 792.655289] ? alloc_loaded_vmcs+0x240/0x240 [ 792.659717] ? _kstrtoul+0x110/0x110 [ 792.663470] kvm_vm_ioctl+0x4ae/0x1430 [ 792.667370] ? __lock_acquire+0x655/0x42a0 [ 792.671625] ? kvm_vcpu_release+0xa0/0xa0 [ 792.675797] ? trace_hardirqs_on+0x10/0x10 [ 792.680050] ? __fdget_pos+0xa6/0xc0 [ 792.683837] ? fsnotify+0x897/0x1110 [ 792.687562] ? __vfs_write+0xec/0x630 [ 792.691455] ? proc_tid_io_accounting+0x20/0x20 [ 792.696145] ? SyS_write+0x1b7/0x210 [ 792.699887] ? kvm_vcpu_release+0xa0/0xa0 [ 792.704055] do_vfs_ioctl+0x75a/0xfe0 [ 792.707878] ? selinux_parse_skb.constprop.0+0x16c0/0x16c0 [ 792.713555] ? ioctl_preallocate+0x1a0/0x1a0 [ 792.718000] ? security_file_ioctl+0x76/0xb0 [ 792.722432] ? security_file_ioctl+0x83/0xb0 [ 792.726862] SyS_ioctl+0x7f/0xb0 [ 792.730263] ? do_vfs_ioctl+0xfe0/0xfe0 [ 792.734272] do_syscall_64+0x1d5/0x640 [ 792.738202] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 792.743410] RIP: 0033:0x45cba9 [ 792.746612] RSP: 002b:00007ffa78a6ac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 792.754448] RAX: ffffffffffffffda RBX: 00000000004e85c0 RCX: 000000000045cba9 [ 792.761788] RDX: 0000000000000000 RSI: 000000000000ae41 RDI: 0000000000000005 [ 792.769081] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 792.776375] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000006 [ 792.783668] R13: 00000000000003a3 R14: 00000000004c652f R15: 00007ffa78a6b6d4 03:29:22 executing program 2: prlimit64(0x0, 0x5, &(0x7f00000001c0)={0x8d, 0xa183}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000280)={0x38, 0x2, 0x0, 0x0, 0x8}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f00000041c0)=[{{&(0x7f0000000780)=@xdp, 0x80, &(0x7f0000000300)=[{&(0x7f0000000540)=""/60, 0x3c}], 0x1}, 0x405}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000480)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) write$P9_RGETLOCK(r2, &(0x7f00000003c0)=ANY=[@ANYBLOB="350000194e621100000000000000000700f0000000000000cabccf258f89fc6da8c395aa018d83e0c6356c5aded74dc7e99c74d427ae85f25c5b80b95c85957da97fba0896741c3b4a18e6f44167ddbe0c0570d3438eccb779ee1311dcdfdf829060face36020a87829ad8dc6794ba8425204fd2014fcb7feb8c886459fe1c0d6e02cda33131a6a09c45c7436506c7f9e71402c4c9f4a71128e7727ee3582fe45a858994ce3dab322e7846ef0af200", @ANYRES32, @ANYBLOB="176ba6630b3f05a0df"], 0x35) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x124) perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x9, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000380)}, 0x9000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x4000000000000071, 0x0) r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000340)={0x6, 0x0, 0x0, 0x204f}) ioctl$DRM_IOCTL_AGP_FREE(r2, 0x40206435, &(0x7f00000004c0)={0x81, r5, 0x10000, 0x7}) ioctl$SNDRV_PCM_IOCTL_RESUME(r3, 0x4147, 0x0) mount$fuse(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000040)='fuse\x00', 0x0, &(0x7f0000000140)={{'fd', 0x3d, r4}, 0x2c, {'rootmode', 0x3d, 0x807a}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) 03:29:22 executing program 3: r0 = socket$inet(0x2b, 0x1, 0x0) bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e23, @multicast2}, 0x31) connect$inet(r0, &(0x7f0000000100)={0x2, 0x0, @local}, 0x10) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) 03:29:22 executing program 1: openat$adsp1(0xffffffffffffff9c, 0x0, 0x0, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ioctl$KVM_SET_IRQCHIP(0xffffffffffffffff, 0x8208ae63, &(0x7f0000000300)={0x2, 0x0, @ioapic={0x0, 0x0, 0x0, 0x7fff}}) 03:29:22 executing program 0: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8d, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000280)={0x38, 0x2}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f00000041c0)=[{{&(0x7f0000000780)=@xdp, 0x80, &(0x7f0000000b40)=[{&(0x7f0000000800)=""/55, 0x37}], 0x1}, 0x405}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) write$P9_RGETLOCK(r2, &(0x7f00000003c0)=ANY=[@ANYBLOB="350000194e621100000000000000000700f0000000000000cabccf258f89fc6da8c395aa018d83e0c6356c5aded74dc7e99c74d427ae85f25c5b80b95c85957da97fba0896741c3b4a18e6f44167ddbe0c0570d3438eccb779ee1311dcdfdf829060face36020a87829ad8dc6794ba8425204fd2014fcb7feb8c886459fe1c0d6e02cda33131a6a09c45c7436506c7f9e71402c4c9f4a71128e7727ee3582fe45a858994ce3dab322c7846ef0af200", @ANYRES32, @ANYBLOB="17007573657ac1"], 0x35) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x363) perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x7e, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000380)}, 0x9000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x4000000000000071, 0x0) r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000340)={0x6, 0x0, 0x0, 0x204f}) ioctl$DRM_IOCTL_AGP_FREE(r2, 0x40206435, &(0x7f00000004c0)={0x81, r5, 0x10000, 0x7}) ioctl$SNDRV_PCM_IOCTL_RESUME(r3, 0x4147, 0x0) mount$fuse(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000040)='fuse\x00', 0x0, &(0x7f0000000140)={{'fd', 0x3d, r4}, 0x2c, {'rootmode', 0x3d, 0x807a}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) 03:29:22 executing program 3: r0 = socket$inet(0x2b, 0x1, 0x0) bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e23, @multicast2}, 0x31) connect$inet(r0, &(0x7f0000000100)={0x2, 0x0, @local}, 0x10) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) 03:29:22 executing program 5 (fault-call:4 fault-nth:1): openat$adsp1(0xffffffffffffff9c, &(0x7f0000000180)='/dev/adsp1\x00', 0x0, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) 03:29:22 executing program 4: openat$adsp1(0xffffffffffffff9c, 0x0, 0x0, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ioctl$KVM_SET_IRQCHIP(0xffffffffffffffff, 0x8208ae63, &(0x7f0000000300)={0x2, 0x0, @ioapic={0x0, 0x0, 0x0, 0x7fff}}) 03:29:22 executing program 1 (fault-call:3 fault-nth:0): openat$adsp1(0xffffffffffffff9c, 0x0, 0x0, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ioctl$KVM_SET_IRQCHIP(0xffffffffffffffff, 0x8208ae63, &(0x7f0000000300)={0x2, 0x0, @ioapic={0x0, 0x0, 0x0, 0x7fff}}) 03:29:22 executing program 3: r0 = socket$inet(0x2b, 0x1, 0x0) bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e23, @multicast2}, 0x31) connect$inet(r0, &(0x7f0000000100)={0x2, 0x4e23, @local}, 0x10) r1 = dup(0xffffffffffffffff) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) 03:29:22 executing program 2: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8d, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000280)={0x38, 0x2, 0x0, 0x0, 0x8}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f00000041c0)=[{{&(0x7f0000000780)=@xdp, 0x80, &(0x7f0000000b40)=[{&(0x7f0000000800)=""/55, 0x37}], 0x1}, 0x405}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) write$P9_RGETLOCK(r2, &(0x7f00000003c0)=ANY=[@ANYBLOB="350000194e621100000000000000000700f0000000000000cabccf258f89fc6da8c395aa018d83e0c6356c5aded74dc7e99c74d427ae85f25c5b80b95c85957da97fba0896741c3b4a18e6f44167ddbe0c0570d3438eccb779ee1311dcdfdf829060face36020a87829ad8dc6794ba8425204fd2014fcb7feb8c886459fe140d6e02cda33131a6a09c45c7436506c7f9e71402c4c9f4a71128e7727ee3582fe45a858994ce3dab322c7846ef0af200", @ANYRES32, @ANYBLOB="17007583c99f73657a"], 0x35) mkdir(&(0x7f00000000c0)='./file0\x00', 0x363) perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x7e, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000380)}, 0x9000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x4000000000000071, 0x0) r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000340)={0x6, 0x0, 0x0, 0x204f}) ioctl$DRM_IOCTL_AGP_FREE(r2, 0x40206435, &(0x7f00000004c0)={0x81, r5, 0x10000, 0x7}) ioctl$SNDRV_PCM_IOCTL_RESUME(r3, 0x4147, 0x0) mount$fuse(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000040)='fuse\x00', 0x0, &(0x7f0000000140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r4, @ANYBLOB=',rootmode=00000000000000000100172,user_id=', @ANYRESDEC=0x0, @ANYBLOB="2c83726f75705f69643d", @ANYRESDEC=0x0, @ANYBLOB=',\x00']) [ 793.242822] FAULT_INJECTION: forcing a failure. [ 793.242822] name fail_page_alloc, interval 1, probability 0, space 0, times 1 [ 793.254669] CPU: 0 PID: 5972 Comm: syz-executor.5 Not tainted 4.14.184-syzkaller #0 [ 793.262511] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 793.271879] Call Trace: [ 793.274484] dump_stack+0x1b2/0x283 [ 793.278127] should_fail.cold+0x10a/0x154 [ 793.282288] __alloc_pages_nodemask+0x22b/0x2730 [ 793.287055] ? __lock_acquire+0x655/0x42a0 [ 793.291305] ? __lock_acquire+0x655/0x42a0 [ 793.295554] ? trace_hardirqs_on+0x10/0x10 [ 793.299801] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 793.304658] ? trace_hardirqs_on+0x10/0x10 [ 793.309015] ? deref_stack_reg+0x8a/0xc0 [ 793.313087] ? __read_once_size_nocheck.constprop.0+0x10/0x10 [ 793.319172] ? lock_acquire+0x170/0x3f0 [ 793.323163] ? kvm_vm_ioctl+0x43d/0x1430 [ 793.327239] cache_grow_begin+0x91/0x410 [ 793.331313] cache_alloc_refill+0x28c/0x360 [ 793.335670] kmem_cache_alloc+0x333/0x3c0 [ 793.339953] vmx_create_vcpu+0x86/0x2950 [ 793.344038] ? __mutex_unlock_slowpath+0x75/0x780 [ 793.348901] ? alloc_loaded_vmcs+0x240/0x240 [ 793.353318] ? _kstrtoul+0x110/0x110 [ 793.357048] kvm_vm_ioctl+0x4ae/0x1430 [ 793.360964] ? __lock_acquire+0x655/0x42a0 [ 793.365213] ? kvm_vcpu_release+0xa0/0xa0 [ 793.369386] ? trace_hardirqs_on+0x10/0x10 [ 793.373635] ? __fdget_pos+0xa6/0xc0 [ 793.377374] ? fsnotify+0x897/0x1110 [ 793.381096] ? __vfs_write+0xec/0x630 [ 793.384906] ? proc_tid_io_accounting+0x20/0x20 [ 793.389580] ? SyS_write+0x1b7/0x210 [ 793.393318] ? kvm_vcpu_release+0xa0/0xa0 [ 793.397558] do_vfs_ioctl+0x75a/0xfe0 [ 793.401369] ? selinux_parse_skb.constprop.0+0x16c0/0x16c0 [ 793.407009] ? ioctl_preallocate+0x1a0/0x1a0 [ 793.411548] ? security_file_ioctl+0x76/0xb0 [ 793.415985] ? security_file_ioctl+0x83/0xb0 [ 793.420442] SyS_ioctl+0x7f/0xb0 [ 793.423817] ? do_vfs_ioctl+0xfe0/0xfe0 [ 793.427816] do_syscall_64+0x1d5/0x640 [ 793.431749] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 793.436945] RIP: 0033:0x45cba9 03:29:22 executing program 3: r0 = socket$inet(0x2b, 0x1, 0x0) bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e23, @multicast2}, 0x31) connect$inet(r0, &(0x7f0000000100)={0x2, 0x4e23, @local}, 0x10) r1 = dup(0xffffffffffffffff) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) [ 793.440132] RSP: 002b:00007ffa78a6ac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 793.447891] RAX: ffffffffffffffda RBX: 00000000004e85c0 RCX: 000000000045cba9 [ 793.455195] RDX: 0000000000000000 RSI: 000000000000ae41 RDI: 0000000000000005 [ 793.462469] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 793.469793] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000006 [ 793.477074] R13: 00000000000003a3 R14: 00000000004c652f R15: 00007ffa78a6b6d4 03:29:22 executing program 0: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8d, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000280)={0x38, 0x2}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f00000041c0)=[{{&(0x7f0000000780)=@xdp, 0x80, &(0x7f0000000b40)=[{&(0x7f0000000800)=""/55, 0x37}], 0x1}, 0x405}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) write$P9_RGETLOCK(r2, &(0x7f00000003c0)=ANY=[@ANYBLOB="350000194e621100000000000000000700f0000000000000cabccf258f89fc6da8c395aa018d83e0c6356c5aded74dc7e99c74d427ae85f25c5b80b95c85957da97fba0896741c3b4a18e6f44167ddbe0c0570d3438eccb779ee1311dcdfdf829060face36020a87829ad8dc6794ba8425204fd2014fcb7feb8c886459fe1c0d6e02cda33131a6a09c45c7436506c7f9e71402c4c9f4a71128e7727ee3582fe45a858994ce3dab322c7846ef0af200", @ANYRES32, @ANYBLOB="17007573657ac1"], 0x35) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x363) perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x7e, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000380)}, 0x9000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x4000000000000071, 0x0) r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000340)={0x6, 0x0, 0x0, 0x204f}) ioctl$DRM_IOCTL_AGP_FREE(r2, 0x40206435, &(0x7f00000004c0)={0x81, r5, 0x10000, 0x7}) ioctl$SNDRV_PCM_IOCTL_RESUME(r3, 0x4147, 0x0) mount$fuse(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000040)='fuse\x00', 0x0, &(0x7f0000000140)={{'fd', 0x3d, r4}, 0x2c, {'rootmode', 0x3d, 0x807a}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) [ 793.547766] FAULT_INJECTION: forcing a failure. [ 793.547766] name failslab, interval 1, probability 0, space 0, times 0 [ 793.595772] CPU: 0 PID: 5997 Comm: syz-executor.1 Not tainted 4.14.184-syzkaller #0 [ 793.603635] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 793.612995] Call Trace: [ 793.615586] dump_stack+0x1b2/0x283 [ 793.619232] should_fail.cold+0x10a/0x154 [ 793.623391] should_failslab+0xd6/0x130 [ 793.627400] kmem_cache_alloc+0x28e/0x3c0 [ 793.631573] vmx_create_vcpu+0x86/0x2950 [ 793.635640] ? __mutex_unlock_slowpath+0x75/0x780 [ 793.640495] ? alloc_loaded_vmcs+0x240/0x240 [ 793.644907] ? _kstrtoul+0x110/0x110 [ 793.648687] kvm_vm_ioctl+0x4ae/0x1430 [ 793.652585] ? __lock_acquire+0x655/0x42a0 [ 793.656833] ? kvm_vcpu_release+0xa0/0xa0 [ 793.661001] ? trace_hardirqs_on+0x10/0x10 [ 793.665240] ? __fdget_pos+0xa6/0xc0 [ 793.668959] ? fsnotify+0x897/0x1110 [ 793.672698] ? __vfs_write+0xec/0x630 [ 793.676510] ? proc_tid_io_accounting+0x20/0x20 [ 793.681183] ? SyS_write+0x1b7/0x210 [ 793.684901] ? kvm_vcpu_release+0xa0/0xa0 [ 793.689049] do_vfs_ioctl+0x75a/0xfe0 [ 793.692882] ? selinux_parse_skb.constprop.0+0x16c0/0x16c0 [ 793.698590] ? ioctl_preallocate+0x1a0/0x1a0 [ 793.703022] ? security_file_ioctl+0x76/0xb0 [ 793.707429] ? security_file_ioctl+0x83/0xb0 [ 793.711833] SyS_ioctl+0x7f/0xb0 [ 793.715189] ? do_vfs_ioctl+0xfe0/0xfe0 [ 793.719172] do_syscall_64+0x1d5/0x640 [ 793.723080] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 793.728265] RIP: 0033:0x45cba9 [ 793.731464] RSP: 002b:00007f4b1ca47c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 793.739172] RAX: ffffffffffffffda RBX: 00000000004e85c0 RCX: 000000000045cba9 03:29:22 executing program 3: r0 = socket$inet(0x2b, 0x1, 0x0) bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e23, @multicast2}, 0x31) connect$inet(r0, &(0x7f0000000100)={0x2, 0x4e23, @local}, 0x10) r1 = dup(0xffffffffffffffff) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) 03:29:22 executing program 4: r0 = socket$inet(0x2b, 0x1, 0x0) bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e23, @multicast2}, 0x31) connect$inet(r0, &(0x7f0000000100)={0x2, 0x4e23, @local}, 0x10) r1 = dup(0xffffffffffffffff) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) [ 793.746433] RDX: 0000000000000000 RSI: 000000000000ae41 RDI: 0000000000000004 [ 793.753695] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 793.760972] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000005 [ 793.768259] R13: 00000000000003a3 R14: 00000000004c652f R15: 00007f4b1ca486d4 03:29:22 executing program 3: r0 = socket$inet(0x2b, 0x1, 0x0) bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e23, @multicast2}, 0x31) connect$inet(r0, &(0x7f0000000100)={0x2, 0x4e23, @local}, 0x10) dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) 03:29:22 executing program 3: r0 = socket$inet(0x2b, 0x1, 0x0) bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e23, @multicast2}, 0x31) connect$inet(r0, &(0x7f0000000100)={0x2, 0x4e23, @local}, 0x10) dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) 03:29:23 executing program 3: r0 = socket$inet(0x2b, 0x1, 0x0) bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e23, @multicast2}, 0x31) connect$inet(r0, &(0x7f0000000100)={0x2, 0x4e23, @local}, 0x10) dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) 03:29:23 executing program 5: openat$adsp1(0xffffffffffffff9c, &(0x7f0000000180)='/dev/adsp1\x00', 0x0, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) r4 = openat$ocfs2_control(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ocfs2_control\x00', 0x80, 0x0) ioctl$IOC_PR_CLEAR(r4, 0x401070cd, &(0x7f00000000c0)={0x6}) ioctl$EVIOCGUNIQ(r3, 0x80404508, &(0x7f0000000040)=""/39) ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r5 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r6 = dup(r5) ioctl$PERF_EVENT_IOC_ENABLE(r6, 0x8912, 0x400200) 03:29:23 executing program 0: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8d, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000280)={0x38, 0x2, 0x0, 0x0, 0x8}, 0x0) r1 = socket$inet6(0xa, 0x0, 0x0) recvmmsg(r1, &(0x7f00000041c0)=[{{&(0x7f0000000780)=@xdp, 0x80, &(0x7f0000000b40)=[{&(0x7f0000000800)=""/55, 0x37}], 0x1}, 0x405}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) write$P9_RGETLOCK(r2, &(0x7f00000003c0)=ANY=[@ANYBLOB="350000194e621100000000000000000700f0000000000000cabccf258f89fc6da8c395aa018d83e0c6356c5aded74dc7e99c74d427ae85f25c5b80b95c85957da97fba0896741c3b4a18e6f44167ddbe0c0570d3438eccb779ee1311dcdfdf829060face36020a87829ad8dc6794ba8425204fd2014fcb7feb8c886459fe1c0d6e02cda33131a6a09c45c7436506c7f9e71402c4c9f4a71128e7727ee3582fe45a858994ce3dab322c7846ef0af200", @ANYRES32, @ANYBLOB="17007573657ac1"], 0x35) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x363) perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x7e, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000380)}, 0x9000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x4000000000000071, 0x0) r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000340)={0x6, 0x0, 0x0, 0x204f}) ioctl$DRM_IOCTL_AGP_FREE(r2, 0x40206435, &(0x7f00000004c0)={0x81, r5, 0x10000, 0x7}) ioctl$SNDRV_PCM_IOCTL_RESUME(r3, 0x4147, 0x0) mount$fuse(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000040)='fuse\x00', 0x0, &(0x7f0000000140)={{'fd', 0x3d, r4}, 0x2c, {'rootmode', 0x3d, 0x807a}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) 03:29:23 executing program 3: r0 = socket$inet(0x2b, 0x1, 0x0) bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e23, @multicast2}, 0x31) connect$inet(r0, &(0x7f0000000100)={0x2, 0x4e23, @local}, 0x10) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x0) 03:29:23 executing program 2: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8d, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000280)={0x38, 0x2, 0x0, 0x0, 0x8}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f00000041c0)=[{{&(0x7f0000000780)=@xdp, 0x80, &(0x7f0000000b40)=[{&(0x7f0000000800)=""/55, 0x37}], 0x1}, 0x405}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) write$P9_RGETLOCK(r2, &(0x7f00000003c0)=ANY=[@ANYBLOB="350000194e621100000000000000000700f0000000000000cabccf258f89fc6da8c395aa018d83e0c6356c5aded74dc7e99c74d427ae85f25c5b80b95c85957da97fba0896741c3b4a18e6f44167ddbe0c0570d3438eccb779ee1311dcdfdf829060face36020a87829ad8dc6794ba8425204fd2014fcb7feb8c886459fe1c0d6e02cda33131a6a09c45c7436506c7f9e71402c4c9f4a71128e7727ee3582fe45a858994ce3dab322c7846ef0af200", @ANYRES32, @ANYBLOB="17007573657ac194ca"], 0x35) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x363) perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x7e, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000380)}, 0x9000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x4000000000000071, 0x0) r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000480)='/dev/fuse\x00', 0x2, 0x0) ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000340)={0x6, 0x0, 0x0, 0x204f}) ioctl$DRM_IOCTL_AGP_FREE(r2, 0x40206435, &(0x7f00000004c0)={0x81, r5, 0x10000, 0x7}) ioctl$SNDRV_PCM_IOCTL_RESUME(r3, 0x4147, 0x0) mount$fuse(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000040)='fuse\x00', 0x0, &(0x7f0000000140)={{'fd', 0x3d, r4}, 0x2c, {'rootmode', 0x3d, 0x807a}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) 03:29:23 executing program 1 (fault-call:3 fault-nth:1): openat$adsp1(0xffffffffffffff9c, 0x0, 0x0, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ioctl$KVM_SET_IRQCHIP(0xffffffffffffffff, 0x8208ae63, &(0x7f0000000300)={0x2, 0x0, @ioapic={0x0, 0x0, 0x0, 0x7fff}}) 03:29:23 executing program 3: r0 = socket$inet(0x2b, 0x1, 0x0) bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e23, @multicast2}, 0x31) connect$inet(r0, &(0x7f0000000100)={0x2, 0x4e23, @local}, 0x10) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x0) [ 794.426111] FAULT_INJECTION: forcing a failure. [ 794.426111] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 794.437960] CPU: 1 PID: 6064 Comm: syz-executor.1 Not tainted 4.14.184-syzkaller #0 [ 794.445774] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 794.455141] Call Trace: [ 794.457753] dump_stack+0x1b2/0x283 [ 794.461549] should_fail.cold+0x10a/0x154 [ 794.465729] __alloc_pages_nodemask+0x22b/0x2730 [ 794.470604] ? __lock_acquire+0x655/0x42a0 [ 794.474864] ? __lock_acquire+0x655/0x42a0 [ 794.479107] ? trace_hardirqs_on+0x10/0x10 [ 794.483356] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 794.488207] ? trace_hardirqs_on+0x10/0x10 [ 794.492473] ? deref_stack_reg+0x8a/0xc0 [ 794.496538] ? __read_once_size_nocheck.constprop.0+0x10/0x10 [ 794.502429] ? lock_acquire+0x170/0x3f0 [ 794.506410] ? kvm_vm_ioctl+0x43d/0x1430 [ 794.510478] cache_grow_begin+0x91/0x410 [ 794.514562] cache_alloc_refill+0x28c/0x360 [ 794.519186] kmem_cache_alloc+0x333/0x3c0 [ 794.523355] vmx_create_vcpu+0x86/0x2950 [ 794.527419] ? __mutex_unlock_slowpath+0x75/0x780 [ 794.532267] ? alloc_loaded_vmcs+0x240/0x240 [ 794.536673] ? _kstrtoul+0x110/0x110 [ 794.540407] kvm_vm_ioctl+0x4ae/0x1430 [ 794.544411] ? __lock_acquire+0x655/0x42a0 [ 794.548674] ? kvm_vcpu_release+0xa0/0xa0 [ 794.552838] ? trace_hardirqs_on+0x10/0x10 [ 794.557064] ? __fdget_pos+0xa6/0xc0 [ 794.560787] ? fsnotify+0x897/0x1110 [ 794.564499] ? __vfs_write+0xec/0x630 [ 794.568304] ? proc_tid_io_accounting+0x20/0x20 [ 794.573157] ? SyS_write+0x1b7/0x210 [ 794.576881] ? kvm_vcpu_release+0xa0/0xa0 [ 794.581038] do_vfs_ioctl+0x75a/0xfe0 [ 794.584846] ? selinux_parse_skb.constprop.0+0x16c0/0x16c0 [ 794.590474] ? ioctl_preallocate+0x1a0/0x1a0 [ 794.594895] ? security_file_ioctl+0x76/0xb0 [ 794.599311] ? security_file_ioctl+0x83/0xb0 [ 794.603740] SyS_ioctl+0x7f/0xb0 [ 794.607100] ? do_vfs_ioctl+0xfe0/0xfe0 [ 794.611082] do_syscall_64+0x1d5/0x640 [ 794.614989] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 794.620326] RIP: 0033:0x45cba9 [ 794.623514] RSP: 002b:00007f4b1ca47c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 794.631226] RAX: ffffffffffffffda RBX: 00000000004e85c0 RCX: 000000000045cba9 [ 794.638513] RDX: 0000000000000000 RSI: 000000000000ae41 RDI: 0000000000000004 [ 794.645882] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 794.653186] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000005 [ 794.660472] R13: 00000000000003a3 R14: 00000000004c652f R15: 00007f4b1ca486d4 03:29:23 executing program 2: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8d, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000280)={0x38, 0x2, 0x0, 0x0, 0x8}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f00000041c0)=[{{&(0x7f0000000780)=@xdp, 0x80, &(0x7f0000000b40)=[{&(0x7f0000000800)=""/55, 0x37}], 0x1}, 0x405}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) write$P9_RGETLOCK(r2, &(0x7f0000000640)=ANY=[@ANYBLOB="350000194e621100000097c7c068a22aebb6b574c95026b7322100000000000700f0000000000000cabccf258f89fc6da8c395aa018d83e0c6356c5aded74dc7e99c74d427ae85f25c5b80b95c85957da97fba0896741c3b4a18e6f44167ddbe0c0570d3438eccb779ee1311dcdfdf829060face36020a87829ad8dc6794ba8425204fd2014fcb7feb8c886459fe1c0d6e02cda33131a6a09c45c7436506c7f9e71402c4c9f4a71128e7727ee3582fe45a858994ce3dab322c7846ef0af200", @ANYRES32, @ANYRES64], 0x35) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) mkdir(&(0x7f0000000480)='./file0\x00', 0x33d) perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x7e, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000380)}, 0x9000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x4000000000000071, 0x0) r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000340)={0x6, 0x0, 0x0, 0x204f}) ioctl$DRM_IOCTL_AGP_FREE(r2, 0x40206435, &(0x7f00000004c0)={0x81, r5, 0x10000, 0x7}) ioctl$SNDRV_PCM_IOCTL_RESUME(r3, 0x4147, 0x0) mount$fuse(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000040)='fuse\x00', 0x0, &(0x7f0000000140)={{'fd', 0x3d, r4}, 0x2c, {'rootmode', 0x3d, 0x807a}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) 03:29:23 executing program 3: r0 = socket$inet(0x2b, 0x1, 0x0) bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e23, @multicast2}, 0x31) connect$inet(r0, &(0x7f0000000100)={0x2, 0x4e23, @local}, 0x10) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x0) 03:29:24 executing program 4: r0 = socket$inet(0x2b, 0x1, 0x0) bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e23, @multicast2}, 0x31) connect$inet(r0, &(0x7f0000000100)={0x2, 0x4e23, @local}, 0x10) r1 = dup(0xffffffffffffffff) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) 03:29:24 executing program 0: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8d, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000280)={0x38, 0x2, 0x0, 0x0, 0x8}, 0x0) r1 = socket$inet6(0xa, 0x0, 0x0) recvmmsg(r1, &(0x7f00000041c0)=[{{&(0x7f0000000780)=@xdp, 0x80, &(0x7f0000000b40)=[{&(0x7f0000000800)=""/55, 0x37}], 0x1}, 0x405}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) write$P9_RGETLOCK(r2, &(0x7f00000003c0)=ANY=[@ANYBLOB="350000194e621100000000000000000700f0000000000000cabccf258f89fc6da8c395aa018d83e0c6356c5aded74dc7e99c74d427ae85f25c5b80b95c85957da97fba0896741c3b4a18e6f44167ddbe0c0570d3438eccb779ee1311dcdfdf829060face36020a87829ad8dc6794ba8425204fd2014fcb7feb8c886459fe1c0d6e02cda33131a6a09c45c7436506c7f9e71402c4c9f4a71128e7727ee3582fe45a858994ce3dab322c7846ef0af200", @ANYRES32, @ANYBLOB="17007573657ac1"], 0x35) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x363) perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x7e, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000380)}, 0x9000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x4000000000000071, 0x0) r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000340)={0x6, 0x0, 0x0, 0x204f}) ioctl$DRM_IOCTL_AGP_FREE(r2, 0x40206435, &(0x7f00000004c0)={0x81, r5, 0x10000, 0x7}) ioctl$SNDRV_PCM_IOCTL_RESUME(r3, 0x4147, 0x0) mount$fuse(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000040)='fuse\x00', 0x0, &(0x7f0000000140)={{'fd', 0x3d, r4}, 0x2c, {'rootmode', 0x3d, 0x807a}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) 03:29:24 executing program 3: r0 = socket$inet(0x2b, 0x1, 0x0) bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e23, @multicast2}, 0x31) connect$inet(r0, &(0x7f0000000100)={0x2, 0x4e23, @local}, 0x10) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x0) 03:29:24 executing program 2: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8d, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000280)={0x38, 0x2, 0x0, 0x0, 0x8}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f00000041c0)=[{{&(0x7f0000000780)=@xdp, 0x80, &(0x7f0000000b40)=[{&(0x7f0000000800)=""/55, 0x37}], 0x1}, 0x405}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) write$P9_RGETLOCK(r2, &(0x7f00000003c0)=ANY=[@ANYBLOB="350000194e621100000000000000000700f0000000000000cabccf258f89fc6da8c395aa018d83e0c6356c5aded74dc7e99c74d427ae85f25c5b80b95c85957da97fba0896741c3b4a18e6f44167ddbe0c0570d3438eccb779ee1311dcdfdf829060face36020a87829ad8dc6794ba8425204fd2014fcb7feb8c886459fe1c0d6e02cda33131a6a09c45c7436506c7f9e71402c4c9f4a71128e7727ee3582fe45a858994ce3dab322c7846ef0af200", @ANYRES32, @ANYBLOB="17007573657ac194ca"], 0x35) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x363) perf_event_open(&(0x7f0000000500)={0x2, 0x70, 0x7e, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000380)}, 0x9000, 0x0, 0xff, 0x0, 0x0, 0x0, 0xfffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x4000000000000071, 0x0) r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000340)={0x6, 0x0, 0x0, 0x204f}) ioctl$DRM_IOCTL_AGP_FREE(r2, 0x40206435, &(0x7f00000004c0)={0x81, r5, 0x10000, 0x7}) ioctl$SNDRV_PCM_IOCTL_RESUME(r3, 0x4147, 0x0) mount$fuse(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000200)='fuse\x00', 0x0, &(0x7f0000000140)={{'fd', 0x3d, r4}, 0x2c, {'rootmode', 0x3d, 0xc000}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) [ 795.006188] syz-executor.5: page allocation failure: order:0, mode:0x14000c4(GFP_KERNEL|GFP_DMA32), nodemask=(null) [ 795.067730] syz-executor.5 cpuset=/ mems_allowed=0-1 [ 795.088022] CPU: 0 PID: 6088 Comm: syz-executor.5 Not tainted 4.14.184-syzkaller #0 [ 795.096016] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 795.105380] Call Trace: [ 795.107977] dump_stack+0x1b2/0x283 [ 795.111636] warn_alloc.cold+0x96/0x1af [ 795.115658] ? zone_watermark_ok_safe+0x250/0x250 [ 795.120669] ? wait_for_completion_io+0x10/0x10 [ 795.125356] __alloc_pages_nodemask+0x2129/0x2730 [ 795.130228] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 795.135135] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 795.140023] ? do_raw_spin_unlock+0x164/0x250 [ 795.144549] alloc_pages_current+0xe7/0x1e0 [ 795.149037] kvm_mmu_create+0xd1/0x1c0 [ 795.152947] kvm_arch_vcpu_init+0x282/0x890 [ 795.157287] ? alloc_pages_current+0xef/0x1e0 [ 795.161798] kvm_vcpu_init+0x26d/0x360 [ 795.165702] vmx_create_vcpu+0xf5/0x2950 [ 795.169777] ? __mutex_unlock_slowpath+0x75/0x780 [ 795.174631] ? drop_futex_key_refs.isra.0+0x17/0x80 [ 795.179678] ? alloc_loaded_vmcs+0x240/0x240 [ 795.184187] kvm_vm_ioctl+0x4ae/0x1430 [ 795.188087] ? __lock_acquire+0x655/0x42a0 [ 795.192337] ? kvm_vcpu_release+0xa0/0xa0 [ 795.196496] ? trace_hardirqs_on+0x10/0x10 [ 795.200758] ? trace_hardirqs_on+0x10/0x10 [ 795.205079] ? unix_listen+0x290/0x290 [ 795.208980] ? futex_exit_release+0x60/0x60 [ 795.213309] ? __might_fault+0x104/0x1b0 [ 795.217382] ? lock_acquire+0x170/0x3f0 [ 795.221366] ? kvm_vcpu_release+0xa0/0xa0 [ 795.225528] do_vfs_ioctl+0x75a/0xfe0 [ 795.229337] ? selinux_parse_skb.constprop.0+0x16c0/0x16c0 [ 795.234970] ? ioctl_preallocate+0x1a0/0x1a0 [ 795.239403] ? security_file_ioctl+0x76/0xb0 [ 795.243823] ? security_file_ioctl+0x83/0xb0 [ 795.248243] SyS_ioctl+0x7f/0xb0 [ 795.251614] ? do_vfs_ioctl+0xfe0/0xfe0 [ 795.255591] do_syscall_64+0x1d5/0x640 [ 795.259511] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 795.264704] RIP: 0033:0x45cba9 [ 795.267889] RSP: 002b:00007ffa78a49c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 795.275595] RAX: ffffffffffffffda RBX: 00000000004e85c0 RCX: 000000000045cba9 [ 795.282888] RDX: 0000000000000000 RSI: 000000000000ae41 RDI: 0000000000000005 [ 795.290288] RBP: 000000000078bfa0 R08: 0000000000000000 R09: 0000000000000000 [ 795.297574] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 795.304881] R13: 00000000000003a3 R14: 00000000004c652f R15: 00007ffa78a4a6d4 [ 795.404238] Mem-Info: [ 795.406907] active_anon:1041165 inactive_anon:4040 isolated_anon:0 [ 795.406907] active_file:3901 inactive_file:7562 isolated_file:0 [ 795.406907] unevictable:0 dirty:6 writeback:0 unstable:0 [ 795.406907] slab_reclaimable:16083 slab_unreclaimable:137711 [ 795.406907] mapped:58262 shmem:4201 pagetables:30740 bounce:0 [ 795.406907] free:270420 free_pcp:341 free_cma:0 [ 795.469437] Node 0 active_anon:1914300kB inactive_anon:16128kB active_file:28kB inactive_file:4kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:213540kB dirty:0kB writeback:0kB shmem:16772kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 1445888kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 795.520594] Node 1 active_anon:2250860kB inactive_anon:32kB active_file:15576kB inactive_file:30244kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:19708kB dirty:0kB writeback:0kB shmem:32kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 795.560188] Node 0 DMA free:10448kB min:220kB low:272kB high:324kB active_anon:4344kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:4kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 795.588439] lowmem_reserve[]: 0 2559 2559 2559 2559 [ 795.595426] Node 0 DMA32 free:35952kB min:36296kB low:45368kB high:54440kB active_anon:1909956kB inactive_anon:16128kB active_file:28kB inactive_file:4kB unevictable:0kB writepending:0kB present:3129332kB managed:2623992kB mlocked:0kB kernel_stack:12512kB pagetables:45736kB bounce:0kB free_pcp:388kB local_pcp:200kB free_cma:0kB [ 795.625360] lowmem_reserve[]: 0 0 0 0 0 [ 795.629507] Node 0 Normal free:0kB min:0kB low:0kB high:0kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:0kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 795.655639] lowmem_reserve[]: 0 0 0 0 0 [ 795.659659] Node 1 Normal free:1035900kB min:53592kB low:66988kB high:80384kB active_anon:2250072kB inactive_anon:28kB active_file:15576kB inactive_file:30252kB unevictable:0kB writepending:28kB present:3932160kB managed:3870192kB mlocked:0kB kernel_stack:31424kB pagetables:77052kB bounce:0kB free_pcp:1320kB local_pcp:712kB free_cma:0kB [ 795.694287] lowmem_reserve[]: 0 0 0 0 0 [ 795.698438] Node 0 DMA: 4*4kB (M) 13*8kB (UM) 4*16kB (UM) 5*32kB (UM) 2*64kB (UM) 2*128kB (UM) 0*256kB 1*512kB (M) 1*1024kB (M) 0*2048kB 2*4096kB (ME) = 10456kB [ 795.714911] Node 0 DMA32: 336*4kB (UME) 466*8kB (UMH) 84*16kB (UME) 25*32kB (UME) 55*64kB (ME) 38*128kB (UME) 26*256kB (UME) 13*512kB (UM) 7*1024kB (ME) 0*2048kB 0*4096kB = 36080kB [ 795.732130] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 795.743605] Node 1 Normal: 111*4kB (UME) 124*8kB (UME) 223*16kB (UME) 36*32kB (UME) 31*64kB (UE) 15*128kB (UME) 22*256kB (UM) 12*512kB (UM) 10*1024kB (UE) 4*2048kB (UME) 243*4096kB (M) = 1035596kB [ 795.762308] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 795.772946] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 795.782420] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 795.791969] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 795.800559] 12546 total pagecache pages [ 795.805371] 0 pages in swap cache [ 795.808830] Swap cache stats: add 0, delete 0, find 0/0 [ 795.815451] Free swap = 0kB [ 795.818601] Total swap = 0kB 03:29:24 executing program 5: openat$adsp1(0xffffffffffffff9c, &(0x7f0000000180)='/dev/adsp1\x00', 0x0, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x1) r5 = socket$inet_icmp_raw(0x2, 0x3, 0x1) dup(r5) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) dup(r6) ioctl$sock_inet_SIOCGIFPFLAGS(r6, 0x8935, &(0x7f0000000040)={'veth0\x00', 0x10000}) 03:29:24 executing program 0: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8d, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000280)={0x38, 0x2, 0x0, 0x0, 0x8}, 0x0) r1 = socket$inet6(0xa, 0x0, 0x0) recvmmsg(r1, &(0x7f00000041c0)=[{{&(0x7f0000000780)=@xdp, 0x80, &(0x7f0000000b40)=[{&(0x7f0000000800)=""/55, 0x37}], 0x1}, 0x405}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) write$P9_RGETLOCK(r2, &(0x7f00000003c0)=ANY=[@ANYBLOB="350000194e621100000000000000000700f0000000000000cabccf258f89fc6da8c395aa018d83e0c6356c5aded74dc7e99c74d427ae85f25c5b80b95c85957da97fba0896741c3b4a18e6f44167ddbe0c0570d3438eccb779ee1311dcdfdf829060face36020a87829ad8dc6794ba8425204fd2014fcb7feb8c886459fe1c0d6e02cda33131a6a09c45c7436506c7f9e71402c4c9f4a71128e7727ee3582fe45a858994ce3dab322c7846ef0af200", @ANYRES32, @ANYBLOB="17007573657ac1"], 0x35) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x363) perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x7e, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000380)}, 0x9000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x4000000000000071, 0x0) r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000340)={0x6, 0x0, 0x0, 0x204f}) ioctl$DRM_IOCTL_AGP_FREE(r2, 0x40206435, &(0x7f00000004c0)={0x81, r5, 0x10000, 0x7}) ioctl$SNDRV_PCM_IOCTL_RESUME(r3, 0x4147, 0x0) mount$fuse(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000040)='fuse\x00', 0x0, &(0x7f0000000140)={{'fd', 0x3d, r4}, 0x2c, {'rootmode', 0x3d, 0x807a}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) 03:29:24 executing program 3: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8d, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000280)={0x38, 0x2, 0x0, 0x0, 0x8}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f00000041c0)=[{{&(0x7f0000000780)=@xdp, 0x80, &(0x7f0000000b40)=[{&(0x7f0000000800)=""/55, 0x37}], 0x1}, 0x405}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) write$P9_RGETLOCK(r2, &(0x7f0000000640)=ANY=[@ANYBLOB="350000194e621100000097c7c068a22aebb6b574c95026b7322100000000000700f0000000000000cabccf258f89fc6da8c395aa018d83e0c6356c5aded74dc7e99c74d427ae85f25c5b80b95c85957da97fba0896741c3b4a18e6f44167ddbe0c0570d3438eccb779ee1311dcdfdf829060face36020a87829ad8dc6794ba8425204fd2014fcb7feb8c886459fe1c0d6e02cda33131a6a09c45c7436506c7f9e71402c4c9f4a71128e7727ee3582fe45a858994ce3dab322c7846ef0af200", @ANYRES32, @ANYRES64], 0x35) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) mkdir(&(0x7f0000000480)='./file0\x00', 0x33d) perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x7e, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000380)}, 0x9000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x4000000000000071, 0x0) r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000340)={0x6, 0x0, 0x0, 0x204f}) ioctl$DRM_IOCTL_AGP_FREE(r2, 0x40206435, &(0x7f00000004c0)={0x81, r5, 0x10000, 0x7}) ioctl$SNDRV_PCM_IOCTL_RESUME(r3, 0x4147, 0x0) mount$fuse(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000040)='fuse\x00', 0x0, &(0x7f0000000140)={{'fd', 0x3d, r4}, 0x2c, {'rootmode', 0x3d, 0x807a}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) 03:29:24 executing program 2: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8d, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000280)={0x38, 0x2, 0x0, 0x0, 0x8}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f00000041c0)=[{{&(0x7f0000000780)=@xdp, 0x80, &(0x7f0000000b40)=[{&(0x7f0000000800)=""/55, 0x37}], 0x1}, 0x405}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) write$P9_RGETLOCK(r2, &(0x7f00000003c0)=ANY=[@ANYBLOB="350000194e621100000000000000000700f0000000000000cabccf258f89fc6da8c395aa018d83e0c6356c5aded74dc7e99c74d427ae85f25c5b80b95c85957da97fba0896741c3b4a18e6f44167ddbe0c0570d3438eccb779ee1311dcdfdf829060face36020a87829ad8dc6794ba8425204fd2014fcb7feb8c886459fe1c0d6e02cda33131a6a09c45c7436506c7f9e71402c4c9f4a71128e7727ee3582fe45a858994ce3dab322c7846ef0af200", @ANYRES32, @ANYBLOB="17007573657ac194ca"], 0x35) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x363) perf_event_open(&(0x7f0000000200)={0x1, 0x70, 0x6, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, @perf_config_ext={0x2, 0xc37}, 0x9000, 0x0, 0x0, 0x9, 0x0, 0x0, 0xfff8}, 0x0, 0x0, 0xffffffffffffffff, 0xa) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x4000000000000071, 0x0) r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000340)={0x6, 0x0, 0x0, 0x204f}) ioctl$DRM_IOCTL_AGP_FREE(r2, 0x40206435, &(0x7f00000004c0)={0x81, r5, 0x10001, 0x7}) ioctl$SNDRV_PCM_IOCTL_RESUME(r3, 0x4147, 0x0) mount$fuse(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000040)='fuse\x00', 0x0, &(0x7f0000000140)={{'fd', 0x3d, r4}, 0x2c, {'rootmode', 0x3d, 0x807a}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) 03:29:24 executing program 1 (fault-call:3 fault-nth:2): openat$adsp1(0xffffffffffffff9c, 0x0, 0x0, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ioctl$KVM_SET_IRQCHIP(0xffffffffffffffff, 0x8208ae63, &(0x7f0000000300)={0x2, 0x0, @ioapic={0x0, 0x0, 0x0, 0x7fff}}) 03:29:24 executing program 4: r0 = socket$inet(0x2b, 0x1, 0x0) bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e23, @multicast2}, 0x31) connect$inet(r0, &(0x7f0000000100)={0x2, 0x4e23, @local}, 0x10) r1 = dup(0xffffffffffffffff) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) [ 795.822544] 1965979 pages RAM [ 795.825643] 0 pages HighMem/MovableOnly [ 795.829771] 338456 pages reserved [ 795.834890] 0 pages cma reserved [ 795.916050] FAULT_INJECTION: forcing a failure. [ 795.916050] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 795.927917] CPU: 0 PID: 6152 Comm: syz-executor.1 Not tainted 4.14.184-syzkaller #0 [ 795.936775] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 795.946165] Call Trace: [ 795.948804] dump_stack+0x1b2/0x283 [ 795.952498] should_fail.cold+0x10a/0x154 [ 795.956685] __alloc_pages_nodemask+0x22b/0x2730 [ 795.961484] ? trace_hardirqs_on+0x10/0x10 [ 795.965742] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 795.970612] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 795.975481] ? trace_hardirqs_on+0x10/0x10 [ 795.979748] ? __read_once_size_nocheck.constprop.0+0x10/0x10 [ 795.985676] ? ____cache_alloc_node+0x153/0x1c0 [ 795.990379] ? lock_acquire+0x170/0x3f0 [ 795.994384] cache_grow_begin+0x91/0x410 [ 795.998481] ? do_raw_spin_unlock+0x164/0x250 [ 796.003009] ____cache_alloc_node+0x16d/0x1c0 [ 796.007534] ? check_preemption_disabled+0x35/0x240 [ 796.012577] kmem_cache_alloc+0x1e5/0x3c0 [ 796.016732] vmx_create_vcpu+0x86/0x2950 [ 796.020830] ? __mutex_unlock_slowpath+0x75/0x780 [ 796.025700] ? alloc_loaded_vmcs+0x240/0x240 [ 796.030130] ? _kstrtoul+0x110/0x110 [ 796.033874] kvm_vm_ioctl+0x4ae/0x1430 [ 796.037765] ? __lock_acquire+0x655/0x42a0 [ 796.042004] ? kvm_vcpu_release+0xa0/0xa0 [ 796.046175] ? trace_hardirqs_on+0x10/0x10 [ 796.050433] ? __fdget_pos+0xa6/0xc0 [ 796.054157] ? fsnotify+0x897/0x1110 [ 796.057877] ? __vfs_write+0xec/0x630 [ 796.061687] ? proc_tid_io_accounting+0x20/0x20 [ 796.066409] ? SyS_write+0x1b7/0x210 [ 796.070157] ? kvm_vcpu_release+0xa0/0xa0 [ 796.074320] do_vfs_ioctl+0x75a/0xfe0 [ 796.078147] ? selinux_parse_skb.constprop.0+0x16c0/0x16c0 [ 796.083790] ? ioctl_preallocate+0x1a0/0x1a0 [ 796.088227] ? security_file_ioctl+0x76/0xb0 [ 796.092769] ? security_file_ioctl+0x83/0xb0 [ 796.097197] SyS_ioctl+0x7f/0xb0 [ 796.100577] ? do_vfs_ioctl+0xfe0/0xfe0 [ 796.104583] do_syscall_64+0x1d5/0x640 [ 796.108645] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 796.113890] RIP: 0033:0x45cba9 03:29:25 executing program 2: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8d, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000280)={0x38, 0x2, 0x0, 0x0, 0x8}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f00000041c0)=[{{&(0x7f0000000780)=@xdp, 0x80, &(0x7f0000000b40)=[{&(0x7f0000000800)=""/55, 0x37}], 0x1}, 0x405}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) write$P9_RGETLOCK(r2, &(0x7f00000003c0)=ANY=[@ANYBLOB="350000194e621100000000000000000700f0000000000000cabccf258f89fc6da8c395aa018d83e0c6356c5aded74dc7e99c74d427ae85f25c5b80b95c85957da97fba0896741c3b4a18e6f44167ddbe0c0570d3438eccb779ee1311dcdfdf829060face36020a87829ad8dc6794ba8425204fd2014fcb7feb8c886459fe1c0d6e02cda33131a6a09c45c7436506c7f9e71402c4c9f4a71128e7727ee3582fe45a858994ce3dab322c7846ef0af200", @ANYRES32, @ANYBLOB="17007573657ac194ca"], 0x35) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x363) perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x7e, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000380)}, 0x9000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x4000000000000071, 0x0) openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000340)={0x6, 0x0, 0x0, 0x204f}) ioctl$DRM_IOCTL_AGP_FREE(r2, 0x40206435, &(0x7f00000004c0)={0x81, r4, 0x10000, 0x7}) ioctl$SNDRV_PCM_IOCTL_RESUME(r3, 0x4147, 0x0) mount$fuse(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000040)='fuse\x00', 0xc00, &(0x7f0000000840)=ANY=[@ANYBLOB='fd=', @ANYRESHEX, @ANYBLOB=',rootmode=00000000000000000060000,user_id=', @ANYRESDEC=0x0, @ANYBLOB="2c67726f75705fe3643d7411f8a085a8fcf42bd5918eee2ec4084a1db44008e0f2db8db4aee7c1b520bd85dd684018689ac566dc1959e880616fe3c1de86803325b7b73f56beec1ea24b009c5b18e365931ef3372685c2a4ee99f0c1e311af89b279541e7d30471b33f8c09a6d45cfaf20b4becf37396e87d67ead45b7a7d2e2adbcacde586390e861307266a78ef718942c9dfdbb210d41e357dc5cfb8ddb5e520d39deba8b107bc670981a3d6620f44491c6afb9c88507c9e028eb1ec610221f32eef65d77a4e7562c002a2ca801aa70c6159d2ad01638d031ce93202e634fb922b2c19e5b4475aa726a772f2fcc1bccee809a8182f50502c7e64654", @ANYRESDEC=0x0, @ANYBLOB=',default_permissions,blksize=0x0000000000000400,\x00']) [ 796.117089] RSP: 002b:00007f4b1ca47c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 796.124807] RAX: ffffffffffffffda RBX: 00000000004e85c0 RCX: 000000000045cba9 [ 796.132084] RDX: 0000000000000000 RSI: 000000000000ae41 RDI: 0000000000000004 [ 796.139470] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 796.146771] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000005 [ 796.154057] R13: 00000000000003a3 R14: 00000000004c652f R15: 00007f4b1ca486d4 03:29:25 executing program 3: r0 = socket$inet(0x2b, 0x1, 0x0) bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e23, @multicast2}, 0x31) connect$inet(r0, &(0x7f0000000100)={0x2, 0x4e23, @local}, 0x10) dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) 03:29:25 executing program 0: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8d, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000280)={0x38, 0x2, 0x0, 0x0, 0x8}, 0x0) socket$inet6(0xa, 0x2, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f00000041c0)=[{{&(0x7f0000000780)=@xdp, 0x80, &(0x7f0000000b40)=[{&(0x7f0000000800)=""/55, 0x37}], 0x1}, 0x405}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) write$P9_RGETLOCK(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="350000194e621100000000000000000700f0000000000000cabccf258f89fc6da8c395aa018d83e0c6356c5aded74dc7e99c74d427ae85f25c5b80b95c85957da97fba0896741c3b4a18e6f44167ddbe0c0570d3438eccb779ee1311dcdfdf829060face36020a87829ad8dc6794ba8425204fd2014fcb7feb8c886459fe1c0d6e02cda33131a6a09c45c7436506c7f9e71402c4c9f4a71128e7727ee3582fe45a858994ce3dab322c7846ef0af200", @ANYRES32, @ANYBLOB="17007573657ac1"], 0x35) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x363) perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x7e, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000380)}, 0x9000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x4000000000000071, 0x0) r3 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000340)={0x6, 0x0, 0x0, 0x204f}) ioctl$DRM_IOCTL_AGP_FREE(r1, 0x40206435, &(0x7f00000004c0)={0x81, r4, 0x10000, 0x7}) ioctl$SNDRV_PCM_IOCTL_RESUME(r2, 0x4147, 0x0) mount$fuse(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000040)='fuse\x00', 0x0, &(0x7f0000000140)={{'fd', 0x3d, r3}, 0x2c, {'rootmode', 0x3d, 0x807a}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) 03:29:25 executing program 5: openat$adsp1(0xffffffffffffff9c, &(0x7f0000000180)='/dev/adsp1\x00', 0x0, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) accept4(r3, &(0x7f0000000080)=@ipx, &(0x7f0000000100)=0x80, 0x80000) r4 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r5 = dup(r4) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) dup(r6) dup3(r5, r6, 0x80000) 03:29:25 executing program 3 (fault-call:4 fault-nth:0): r0 = socket$inet(0x2b, 0x1, 0x0) bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e23, @multicast2}, 0x31) connect$inet(r0, &(0x7f0000000100)={0x2, 0x4e23, @local}, 0x10) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) 03:29:25 executing program 2: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8d, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000280)={0x38, 0x2, 0x0, 0x0, 0x8}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f00000041c0)=[{{&(0x7f0000000780)=@xdp, 0x80, &(0x7f0000000b40)=[{&(0x7f0000000800)=""/55, 0x37}], 0x1}, 0x405}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) write$P9_RGETLOCK(r2, &(0x7f00000003c0)=ANY=[@ANYBLOB="350000194e621100000000000000000700f0000000000000cabccf258f89fc6da8c395aa018d83e0c6356c5aded74dc7e99c74d427ae85f25c5b80b95c85957da97fba0896741c3b4a18e6f44167ddbe0c0570d3438eccb779ee1311dcdfdf829060face36020a87829ad8dc6794ba8425204fd2014fcb7feb8c886459fe1c0d6e02cda33131a6a09c45c7436506c7f9e71402c4c9f4a71128e7727ee3582fe45a858994ce3dab322c7846ef0af200", @ANYRES32, @ANYBLOB="17007573657ac194ca"], 0x35) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x363) perf_event_open(&(0x7f0000000200)={0x5, 0x70, 0x7e, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000, 0x0, @perf_bp={&(0x7f0000000380)}, 0x9000, 0x0, 0x0, 0x1, 0x0, 0x0, 0xfffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x4000000000000071, 0x0) r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000340)={0x6, 0x0, 0x0, 0x204f}) ioctl$DRM_IOCTL_AGP_FREE(r2, 0x40206435, &(0x7f00000004c0)={0x81, r5, 0x10000, 0x7}) ioctl$SNDRV_PCM_IOCTL_RESUME(r3, 0x4147, 0x0) mount$fuse(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000040)='fuse\x00', 0x0, &(0x7f0000000140)={{'fd', 0x3d, r4}, 0x2c, {'rootmode', 0x3d, 0x807a}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) 03:29:25 executing program 0: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8d, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000280)={0x38, 0x2, 0x0, 0x0, 0x8}, 0x0) socket$inet6(0xa, 0x2, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f00000041c0)=[{{&(0x7f0000000780)=@xdp, 0x80, &(0x7f0000000b40)=[{&(0x7f0000000800)=""/55, 0x37}], 0x1}, 0x405}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) write$P9_RGETLOCK(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="350000194e621100000000000000000700f0000000000000cabccf258f89fc6da8c395aa018d83e0c6356c5aded74dc7e99c74d427ae85f25c5b80b95c85957da97fba0896741c3b4a18e6f44167ddbe0c0570d3438eccb779ee1311dcdfdf829060face36020a87829ad8dc6794ba8425204fd2014fcb7feb8c886459fe1c0d6e02cda33131a6a09c45c7436506c7f9e71402c4c9f4a71128e7727ee3582fe45a858994ce3dab322c7846ef0af200", @ANYRES32, @ANYBLOB="17007573657ac1"], 0x35) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x363) perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x7e, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000380)}, 0x9000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x4000000000000071, 0x0) r3 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000340)={0x6, 0x0, 0x0, 0x204f}) ioctl$DRM_IOCTL_AGP_FREE(r1, 0x40206435, &(0x7f00000004c0)={0x81, r4, 0x10000, 0x7}) ioctl$SNDRV_PCM_IOCTL_RESUME(r2, 0x4147, 0x0) mount$fuse(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000040)='fuse\x00', 0x0, &(0x7f0000000140)={{'fd', 0x3d, r3}, 0x2c, {'rootmode', 0x3d, 0x807a}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) [ 796.636876] FAULT_INJECTION: forcing a failure. [ 796.636876] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 796.676292] syz-executor.5: page allocation failure: order:0, mode:0x14000c4(GFP_KERNEL|GFP_DMA32), nodemask=(null) [ 796.691833] CPU: 1 PID: 6215 Comm: syz-executor.3 Not tainted 4.14.184-syzkaller #0 [ 796.699712] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 796.709083] Call Trace: [ 796.711690] dump_stack+0x1b2/0x283 [ 796.713632] syz-executor.5 cpuset= [ 796.715334] should_fail.cold+0x10a/0x154 [ 796.720385] / [ 796.723078] __alloc_pages_nodemask+0x22b/0x2730 [ 796.727320] mems_allowed=0-1 [ 796.729588] ? lock_acquire+0x170/0x3f0 [ 796.729599] ? lock_downgrade+0x6e0/0x6e0 [ 796.729616] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 796.729751] ? is_bpf_text_address+0xa3/0x120 [ 796.750244] ? kernel_text_address+0x6e/0xe0 [ 796.754685] ? __lock_acquire+0x655/0x42a0 [ 796.758950] ? __lock_acquire+0x655/0x42a0 [ 796.763236] alloc_pages_vma+0xc1/0x4b0 [ 796.767240] wp_page_copy+0x1f5/0x1bc0 [ 796.771177] ? add_mm_counter_fast.part.0+0x30/0x30 [ 796.776231] ? __lock_acquire+0x655/0x42a0 [ 796.780497] do_wp_page+0x244/0x1dc0 [ 796.784220] ? __handle_mm_fault+0x1890/0x3670 [ 796.789024] ? finish_mkwrite_fault+0x5e0/0x5e0 [ 796.793718] __handle_mm_fault+0x1e90/0x3670 [ 796.798139] ? vm_insert_mixed_mkwrite+0x30/0x30 [ 796.802914] handle_mm_fault+0x306/0x794 [ 796.806984] __do_page_fault+0x578/0xb50 [ 796.811091] ? mm_fault_error+0x2c0/0x2c0 [ 796.815257] ? do_page_fault+0x60/0x4f2 [ 796.819344] page_fault+0x25/0x50 [ 796.822811] RIP: 0010:copy_user_generic_unrolled+0x89/0xc0 [ 796.828433] RSP: 0018:ffff88819159fad8 EFLAGS: 00010206 [ 796.833809] RAX: ffffed10322b3f71 RBX: 0000000000000028 RCX: 0000000000000005 [ 796.841093] RDX: 0000000000000000 RSI: ffff88819159fb60 RDI: 000000000073e058 [ 796.848413] RBP: ffff88819159fb60 R08: 0000000000006f6c R09: ffffed10322b3f71 [ 796.855693] R10: ffffed10322b3f70 R11: ffff88819159fb87 R12: 000000000073e058 [ 796.862989] R13: 00007ffffffff000 R14: 000000000073e080 R15: dffffc0000000000 [ 796.870309] _copy_to_user+0xaa/0xd0 [ 796.874056] inet_gifconf+0x1c2/0x2f0 [ 796.877857] ? check_lifetime+0x720/0x720 [ 796.882120] ? __might_fault+0x177/0x1b0 [ 796.886195] ? check_lifetime+0x720/0x720 [ 796.890435] dev_ioctl+0x324/0xcb0 [ 796.893997] ? dev_ifsioc+0x7e0/0x7e0 [ 796.898149] ? tcp_ioctl+0x39f/0x620 [ 796.901882] ? tcp_poll+0xc80/0xc80 [ 796.905525] ? inet_ioctl+0xd8/0x190 [ 796.909257] ? sock_do_ioctl+0x8c/0xa0 [ 796.913154] sock_do_ioctl+0x8c/0xa0 [ 796.916882] sock_ioctl+0x28d/0x450 [ 796.920519] ? selinux_file_ioctl+0x3f7/0x560 [ 796.925020] ? dlci_ioctl_set+0x30/0x30 [ 796.928997] do_vfs_ioctl+0x75a/0xfe0 [ 796.932803] ? selinux_parse_skb.constprop.0+0x16c0/0x16c0 [ 796.938431] ? ioctl_preallocate+0x1a0/0x1a0 [ 796.943208] ? security_file_ioctl+0x76/0xb0 [ 796.947643] ? security_file_ioctl+0x83/0xb0 [ 796.952088] SyS_ioctl+0x7f/0xb0 [ 796.955469] ? do_vfs_ioctl+0xfe0/0xfe0 [ 796.959461] do_syscall_64+0x1d5/0x640 [ 796.963371] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 796.968572] RIP: 0033:0x45cba9 [ 796.971777] RSP: 002b:00007f07f91fbc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 796.979506] RAX: ffffffffffffffda RBX: 00000000004ea600 RCX: 000000000045cba9 03:29:26 executing program 4 (fault-call:6 fault-nth:0): r0 = socket$inet(0x2b, 0x1, 0x0) bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e23, @multicast2}, 0x31) connect$inet(r0, &(0x7f0000000100)={0x2, 0x4e23, @local}, 0x10) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000080)={'team0\x00'}) [ 796.986785] RDX: 0000000000400200 RSI: 0000000000008912 RDI: 0000000000000004 [ 796.994078] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 797.001371] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000005 [ 797.008667] R13: 0000000000000424 R14: 00000000004c7009 R15: 00007f07f91fc6d4 [ 797.015972] CPU: 0 PID: 6205 Comm: syz-executor.5 Not tainted 4.14.184-syzkaller #0 [ 797.023806] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 797.033191] Call Trace: [ 797.035820] dump_stack+0x1b2/0x283 [ 797.039477] warn_alloc.cold+0x96/0x1af [ 797.043472] ? zone_watermark_ok_safe+0x250/0x250 [ 797.048345] ? wait_for_completion_io+0x10/0x10 [ 797.053045] __alloc_pages_nodemask+0x2129/0x2730 [ 797.057939] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 797.062806] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 797.067695] ? do_raw_spin_unlock+0x164/0x250 [ 797.072214] alloc_pages_current+0xe7/0x1e0 [ 797.076570] kvm_mmu_create+0xd1/0x1c0 [ 797.080477] kvm_arch_vcpu_init+0x282/0x890 [ 797.084812] ? alloc_pages_current+0xef/0x1e0 [ 797.089316] kvm_vcpu_init+0x26d/0x360 [ 797.093225] vmx_create_vcpu+0xf5/0x2950 [ 797.097303] ? __mutex_unlock_slowpath+0x75/0x780 [ 797.102155] ? drop_futex_key_refs.isra.0+0x17/0x80 [ 797.107222] ? alloc_loaded_vmcs+0x240/0x240 [ 797.111643] kvm_vm_ioctl+0x4ae/0x1430 [ 797.115584] ? __lock_acquire+0x655/0x42a0 [ 797.119838] ? kvm_vcpu_release+0xa0/0xa0 [ 797.123994] ? trace_hardirqs_on+0x10/0x10 [ 797.128239] ? trace_hardirqs_on+0x10/0x10 [ 797.132475] ? check_preemption_disabled+0x35/0x240 [ 797.137502] ? futex_exit_release+0x60/0x60 [ 797.141826] ? finish_task_switch+0x178/0x610 [ 797.146321] ? __might_fault+0x104/0x1b0 [ 797.150400] ? lock_acquire+0x170/0x3f0 [ 797.154382] ? kvm_vcpu_release+0xa0/0xa0 [ 797.158552] do_vfs_ioctl+0x75a/0xfe0 [ 797.162387] ? selinux_parse_skb.constprop.0+0x16c0/0x16c0 [ 797.168059] ? ioctl_preallocate+0x1a0/0x1a0 [ 797.172491] ? security_file_ioctl+0x76/0xb0 [ 797.176913] ? security_file_ioctl+0x83/0xb0 [ 797.181345] SyS_ioctl+0x7f/0xb0 [ 797.184708] ? do_vfs_ioctl+0xfe0/0xfe0 [ 797.188698] do_syscall_64+0x1d5/0x640 [ 797.192615] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 797.197803] RIP: 0033:0x45cba9 [ 797.200992] RSP: 002b:00007ffa78a49c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 797.208743] RAX: ffffffffffffffda RBX: 00000000004e85c0 RCX: 000000000045cba9 [ 797.216040] RDX: 0000000000000000 RSI: 000000000000ae41 RDI: 0000000000000005 [ 797.223320] RBP: 000000000078bfa0 R08: 0000000000000000 R09: 0000000000000000 [ 797.230600] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 797.237883] R13: 00000000000003a3 R14: 00000000004c652f R15: 00007ffa78a4a6d4 [ 797.246726] syz-executor.1: page allocation failure: order:0, mode:0x14000c4(GFP_KERNEL|GFP_DMA32), nodemask=(null) 03:29:26 executing program 0: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8d, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000280)={0x38, 0x2, 0x0, 0x0, 0x8}, 0x0) socket$inet6(0xa, 0x2, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f00000041c0)=[{{&(0x7f0000000780)=@xdp, 0x80, &(0x7f0000000b40)=[{&(0x7f0000000800)=""/55, 0x37}], 0x1}, 0x405}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) write$P9_RGETLOCK(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="350000194e621100000000000000000700f0000000000000cabccf258f89fc6da8c395aa018d83e0c6356c5aded74dc7e99c74d427ae85f25c5b80b95c85957da97fba0896741c3b4a18e6f44167ddbe0c0570d3438eccb779ee1311dcdfdf829060face36020a87829ad8dc6794ba8425204fd2014fcb7feb8c886459fe1c0d6e02cda33131a6a09c45c7436506c7f9e71402c4c9f4a71128e7727ee3582fe45a858994ce3dab322c7846ef0af200", @ANYRES32, @ANYBLOB="17007573657ac1"], 0x35) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x363) perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x7e, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000380)}, 0x9000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x4000000000000071, 0x0) r3 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000340)={0x6, 0x0, 0x0, 0x204f}) ioctl$DRM_IOCTL_AGP_FREE(r1, 0x40206435, &(0x7f00000004c0)={0x81, r4, 0x10000, 0x7}) ioctl$SNDRV_PCM_IOCTL_RESUME(r2, 0x4147, 0x0) mount$fuse(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000040)='fuse\x00', 0x0, &(0x7f0000000140)={{'fd', 0x3d, r3}, 0x2c, {'rootmode', 0x3d, 0x807a}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) 03:29:26 executing program 2: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8d, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000280)={0x38, 0x2, 0x0, 0x0, 0x8}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f00000041c0)=[{{&(0x7f0000000780)=@xdp, 0x80, &(0x7f0000000b40)=[{&(0x7f0000000800)=""/55, 0x37}], 0x1}, 0x405}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) write$P9_RGETLOCK(r2, &(0x7f00000003c0)=ANY=[@ANYBLOB="350000194e621100000000000000000700f0000000000000cabccf258f89fc6da8c395aa018d83e0c6356c5aded74dc7e99c74d427ae8585957da97fba0896741c3b4a18e6f44167ddbe0c0570d3438eccb779ee1311dcdfdf829060face36020a87829ad8dc6794ba8425204fd2014fcb7feb8c886459fe1c0d6e02cda33131a6a09c45c7436506c7f9e71402c4c9f4a71128e7727ee3582fe45a858994ce3dab322c7846ef0af200", @ANYRES32, @ANYBLOB="17007573657ac194ca"], 0x35) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x7e, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000380)}, 0x9000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x4000000000000071, 0x0) r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000340)={0x6, 0x0, 0x0, 0x204f}) ioctl$DRM_IOCTL_AGP_FREE(r2, 0x40206435, &(0x7f00000004c0)={0x81, r5, 0x10000, 0x7}) ioctl$SNDRV_PCM_IOCTL_RESUME(r3, 0x4147, 0x0) mount$fuse(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000040)='fuse\x00', 0x0, &(0x7f0000000140)={{'fd', 0x3d, r4}, 0x2c, {'rootmode', 0x3d, 0x807a}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) [ 797.384020] syz-executor.1 cpuset=/ mems_allowed=0-1 [ 797.403063] CPU: 0 PID: 6152 Comm: syz-executor.1 Not tainted 4.14.184-syzkaller #0 [ 797.410913] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 797.420318] Call Trace: [ 797.422925] dump_stack+0x1b2/0x283 [ 797.426586] warn_alloc.cold+0x96/0x1af [ 797.430575] ? zone_watermark_ok_safe+0x250/0x250 [ 797.435446] ? wait_for_completion_io+0x10/0x10 [ 797.440146] __alloc_pages_nodemask+0x2129/0x2730 [ 797.445024] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 797.449913] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 797.454805] alloc_pages_current+0xe7/0x1e0 [ 797.459173] kvm_mmu_create+0xd1/0x1c0 [ 797.463073] kvm_arch_vcpu_init+0x282/0x890 [ 797.467415] ? alloc_pages_current+0xef/0x1e0 [ 797.472074] kvm_vcpu_init+0x26d/0x360 [ 797.475990] vmx_create_vcpu+0xf5/0x2950 [ 797.480083] ? __mutex_unlock_slowpath+0x75/0x780 [ 797.484952] ? alloc_loaded_vmcs+0x240/0x240 [ 797.489379] ? _kstrtoul+0x110/0x110 [ 797.493118] kvm_vm_ioctl+0x4ae/0x1430 [ 797.497031] ? __lock_acquire+0x655/0x42a0 [ 797.501286] ? kvm_vcpu_release+0xa0/0xa0 [ 797.505478] ? trace_hardirqs_on+0x10/0x10 [ 797.509745] ? __fdget_pos+0xa6/0xc0 [ 797.513488] ? fsnotify+0x897/0x1110 [ 797.517332] ? __vfs_write+0xec/0x630 [ 797.521156] ? proc_tid_io_accounting+0x20/0x20 [ 797.525844] ? SyS_write+0x1b7/0x210 [ 797.529712] ? kvm_vcpu_release+0xa0/0xa0 [ 797.533875] do_vfs_ioctl+0x75a/0xfe0 [ 797.537699] ? selinux_parse_skb.constprop.0+0x16c0/0x16c0 [ 797.543342] ? ioctl_preallocate+0x1a0/0x1a0 [ 797.547793] ? security_file_ioctl+0x76/0xb0 [ 797.552222] ? security_file_ioctl+0x83/0xb0 [ 797.556666] SyS_ioctl+0x7f/0xb0 [ 797.560048] ? do_vfs_ioctl+0xfe0/0xfe0 [ 797.564036] do_syscall_64+0x1d5/0x640 [ 797.567947] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 797.573158] RIP: 0033:0x45cba9 [ 797.576356] RSP: 002b:00007f4b1ca47c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 797.584093] RAX: ffffffffffffffda RBX: 00000000004e85c0 RCX: 000000000045cba9 [ 797.591379] RDX: 0000000000000000 RSI: 000000000000ae41 RDI: 0000000000000004 [ 797.598676] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 797.605993] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000005 [ 797.613288] R13: 00000000000003a3 R14: 00000000004c652f R15: 00007f4b1ca486d4 [ 797.725450] Mem-Info: [ 797.730098] active_anon:1041913 inactive_anon:4040 isolated_anon:0 [ 797.730098] active_file:3902 inactive_file:7574 isolated_file:0 [ 797.730098] unevictable:0 dirty:66 writeback:48 unstable:0 [ 797.730098] slab_reclaimable:16086 slab_unreclaimable:138587 [ 797.730098] mapped:58333 shmem:4201 pagetables:30957 bounce:0 [ 797.730098] free:268569 free_pcp:286 free_cma:0 [ 797.771519] Node 0 active_anon:1914300kB inactive_anon:16128kB active_file:24kB inactive_file:8kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:213604kB dirty:8kB writeback:0kB shmem:16772kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 1445888kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 797.813114] Node 1 active_anon:2253452kB inactive_anon:32kB active_file:15584kB inactive_file:30288kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:19728kB dirty:256kB writeback:192kB shmem:32kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 797.852728] Node 0 DMA free:10456kB min:220kB low:272kB high:324kB active_anon:4344kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:4kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 797.887918] lowmem_reserve[]: 0 2559 2559 2559 2559 [ 797.894472] Node 0 DMA32 free:36100kB min:36296kB low:45368kB high:54440kB active_anon:1909956kB inactive_anon:16128kB active_file:28kB inactive_file:4kB unevictable:0kB writepending:8kB present:3129332kB managed:2623992kB mlocked:0kB kernel_stack:12512kB pagetables:45736kB bounce:0kB free_pcp:452kB local_pcp:208kB free_cma:0kB [ 797.931476] lowmem_reserve[]: 0 0 0 0 0 [ 797.935865] Node 0 Normal free:0kB min:0kB low:0kB high:0kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:0kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 797.974344] lowmem_reserve[]: 0 0 0 0 0 [ 797.978681] Node 1 Normal free:1029564kB min:53592kB low:66988kB high:80384kB active_anon:2252324kB inactive_anon:32kB active_file:15584kB inactive_file:30328kB unevictable:0kB writepending:172kB present:3932160kB managed:3870192kB mlocked:0kB kernel_stack:31616kB pagetables:77496kB bounce:0kB free_pcp:848kB local_pcp:556kB free_cma:0kB [ 798.010489] lowmem_reserve[]: 0 0 0 0 0 [ 798.015573] Node 0 DMA: 4*4kB (M) 12*8kB (UM) 4*16kB (UM) 5*32kB (UM) 2*64kB (UM) 2*128kB (UM) 0*256kB 1*512kB (M) 1*1024kB (M) 0*2048kB 2*4096kB (ME) = 10448kB [ 798.031688] Node 0 DMA32: 351*4kB (UME) 460*8kB (UMEH) 85*16kB (UME) 24*32kB (UM) 57*64kB (ME) 38*128kB (UME) 26*256kB (UME) 13*512kB (UM) 7*1024kB (ME) 0*2048kB 0*4096kB = 36204kB [ 798.048180] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 798.060516] Node 1 Normal: 213*4kB (UM) 102*8kB (UME) 125*16kB (UME) 63*32kB (UME) 22*64kB (ME) 39*128kB (UME) 19*256kB (UM) 11*512kB (UM) 11*1024kB (UME) 3*2048kB (UE) 242*4096kB (M) = 1031220kB [ 798.078983] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 798.088769] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 798.098177] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 798.107661] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 798.116944] 12570 total pagecache pages [ 798.120983] 0 pages in swap cache [ 798.125490] Swap cache stats: add 0, delete 0, find 0/0 03:29:27 executing program 1: openat$adsp1(0xffffffffffffff9c, 0x0, 0x0, 0x0) getsockopt$IP_VS_SO_GET_DAEMON(0xffffffffffffffff, 0x0, 0x487, &(0x7f0000000040), &(0x7f0000000080)=0x30) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r3 = dup(r2) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ioctl$KVM_SET_IRQCHIP(0xffffffffffffffff, 0x8208ae63, &(0x7f0000000300)={0x2, 0x0, @ioapic={0x0, 0x0, 0x0, 0x7fff, 0x0, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x1}]}}) 03:29:27 executing program 0: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8d, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000280)={0x38, 0x2, 0x0, 0x0, 0x8}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, 0x0, 0x0, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) write$P9_RGETLOCK(r2, &(0x7f00000003c0)=ANY=[@ANYBLOB="350000194e621100000000000000000700f0000000000000cabccf258f89fc6da8c395aa018d83e0c6356c5aded74dc7e99c74d427ae85f25c5b80b95c85957da97fba0896741c3b4a18e6f44167ddbe0c0570d3438eccb779ee1311dcdfdf829060face36020a87829ad8dc6794ba8425204fd2014fcb7feb8c886459fe1c0d6e02cda33131a6a09c45c7436506c7f9e71402c4c9f4a71128e7727ee3582fe45a858994ce3dab322c7846ef0af200", @ANYRES32, @ANYBLOB="17007573657ac1"], 0x35) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x363) perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x7e, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000380)}, 0x9000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x4000000000000071, 0x0) r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000340)={0x6, 0x0, 0x0, 0x204f}) ioctl$DRM_IOCTL_AGP_FREE(r2, 0x40206435, &(0x7f00000004c0)={0x81, r5, 0x10000, 0x7}) ioctl$SNDRV_PCM_IOCTL_RESUME(r3, 0x4147, 0x0) mount$fuse(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000040)='fuse\x00', 0x0, &(0x7f0000000140)={{'fd', 0x3d, r4}, 0x2c, {'rootmode', 0x3d, 0x807a}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) 03:29:27 executing program 2: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8d, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000280)={0x38, 0x2, 0x0, 0x0, 0x8}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f00000041c0)=[{{&(0x7f0000000780)=@xdp, 0x80, &(0x7f0000000b40)=[{&(0x7f0000000800)=""/55, 0x37}], 0x1}, 0x405}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) write$P9_RGETLOCK(r2, &(0x7f00000003c0)=ANY=[@ANYBLOB="350000194e621100000000000000000700f0000000000000cabccf258f89fc6da8c395aa018d83e0e6356c5aded74dc7e99c74d427ae85f25c5b80b95c85957da97fba0896741c3b4a18e6f44167ddbe0c0570d3438eccb779ee1311dcdfdf829060face36020a87829ad8dc6794ba8425204fd2014fcb02cda33131a6a09c45c7436506c7f9e71402c4c9f4a71128e7727ee3582fe45a858994ce3dab322c7846ef0af200", @ANYRES32, @ANYBLOB="17007573657ac194ca"], 0x35) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x363) perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x7e, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000380)}, 0x9000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x4000000000000071, 0x0) r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000340)={0x6, 0x0, 0x0, 0x204f}) ioctl$DRM_IOCTL_AGP_FREE(r2, 0x40206435, &(0x7f00000004c0)={0x81, r5, 0x10000, 0x7}) ioctl$SNDRV_PCM_IOCTL_RESUME(r3, 0x4147, 0x0) mount$fuse(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000040)='fuse\x00', 0x0, &(0x7f0000000140)={{'fd', 0x3d, r4}, 0x2c, {'rootmode', 0x3d, 0x807a}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) 03:29:27 executing program 3: r0 = socket$inet(0x2b, 0x1, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$sock_kcm_SIOCKCMCLONE(r2, 0x89e2, &(0x7f0000000040)={r4}) r6 = socket(0xa, 0x1, 0x0) close(r6) r7 = socket$inet6_sctp(0xa, 0x10000000005, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r7, 0x84, 0x6e, &(0x7f0000000180)=[@in6={0xa, 0x0, 0x0, @remote, 0x9}], 0x1c) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r7, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [0x0]}, &(0x7f000095dffc)=0x8) sendmmsg$inet_sctp(r6, &(0x7f0000002cc0)=[{0x0, 0x29e, 0x0, 0x0, &(0x7f00000016c0)=[@sndinfo={0x20, 0x84, 0x2, {0x0, 0x4, 0x0, 0x0, r8}}], 0x20}], 0x1, 0x0) getsockopt$inet_sctp_SCTP_DELAYED_SACK(r5, 0x84, 0x10, &(0x7f0000000080)=@sack_info={r8, 0x7, 0x5}, &(0x7f00000000c0)=0xc) bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e23, @multicast2}, 0x31) connect$inet(r0, &(0x7f0000000100)={0x2, 0x4e23, @local}, 0x10) r9 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r9, 0x8912, 0x400200) 03:29:27 executing program 5: openat$adsp1(0xffffffffffffff9c, &(0x7f0000000180)='/dev/adsp1\x00', 0x0, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl$KVM_DEASSIGN_DEV_IRQ(r1, 0x4040ae75, &(0x7f0000000040)={0x7, 0x0, 0x1000, 0x100}) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) 03:29:27 executing program 4: r0 = socket$inet(0x2b, 0x1, 0x0) bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e23, @multicast2}, 0x31) connect$inet(r0, &(0x7f0000000100)={0x2, 0x4e23, @local}, 0x10) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = socket$inet6_icmp(0xa, 0x2, 0x3a) r4 = gettid() ptrace$setopts(0x4206, r4, 0x0, 0x0) tkill(r4, 0x2) ptrace$setregs(0xd, r4, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r4, 0x0, 0x0) ioctl$sock_SIOCSPGRP(r3, 0x8902, &(0x7f00000000c0)=r4) ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000080)={'team0\x00'}) [ 798.130880] Free swap = 0kB [ 798.135090] Total swap = 0kB [ 798.138196] 1965979 pages RAM [ 798.144275] 0 pages HighMem/MovableOnly [ 798.149326] 338456 pages reserved [ 798.154700] 0 pages cma reserved 03:29:27 executing program 2: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8d, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000280)={0x38, 0x2, 0x0, 0x0, 0x8}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f00000041c0)=[{{&(0x7f0000000780)=@xdp, 0x80, &(0x7f0000000b40)=[{&(0x7f0000000800)=""/55, 0x37}], 0x1}, 0x405}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) write$P9_RGETLOCK(r2, &(0x7f00000003c0)=ANY=[@ANYBLOB="350000194e621100000000000000000700f0000000000000cabccf258f89fc6da8c395aa018d83e0c6356c5aded74dc7e99c74d427ae85f25c5b80b95c85957da97fba0896741c3b4a18e6f44167ddbe0c0570d3438eccb779ee1311dcdfdf829060face36020a87829ad8dc6794ba8425204fd2014fcb7feb8c886459fe1c0d6e02cda33131a6a09c45c7436506c7f9e71402c4c9f4a71128e7727ee3582fe45a858994ce3dab322c7846ef0af200", @ANYRES32, @ANYBLOB="1700f57300100694f8"], 0x35) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x363) perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x80, 0x0, 0x9, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000380)}, 0x9000, 0xfffffffffffffc00, 0x0, 0x5, 0x0, 0x20, 0xfffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x4000000000000071, 0x0) r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000340)={0x6, 0x0, 0x0, 0x204f}) ioctl$DRM_IOCTL_AGP_FREE(r2, 0x40206435, &(0x7f00000004c0)={0x81, r5, 0x10000, 0x7}) ioctl$SNDRV_PCM_IOCTL_RESUME(r3, 0x4147, 0x0) mount$fuse(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000040)='fuse\x00', 0x0, &(0x7f0000000500)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r4, @ANYBLOB="2c726f6f746d6f64653d30303030303137322c757365725f69643d000000000000000000000000000000cc275885e2a4d7d3f34655a0f91f00a71c11d72bc9337c0532c46a5c901171272d89f5ab3f875ef96f6093a28d22c58128818d1ee1237639fcf4757c9641ba0467e87717822ab6fb47107db46b759b9d025078dce83bfc02f72f03ca98c33469d9d2e19e929d4f541b8d30da8747e0ae03fb77b55b1964cce1bad98c89b2ba069944945e78cd3824f17d1371573c71db04d002c5", @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0, @ANYBLOB=',\x00']) 03:29:27 executing program 0: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8d, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000280)={0x38, 0x2, 0x0, 0x0, 0x8}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, 0x0, 0x0, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) write$P9_RGETLOCK(r2, &(0x7f00000003c0)=ANY=[@ANYBLOB="350000194e621100000000000000000700f0000000000000cabccf258f89fc6da8c395aa018d83e0c6356c5aded74dc7e99c74d427ae85f25c5b80b95c85957da97fba0896741c3b4a18e6f44167ddbe0c0570d3438eccb779ee1311dcdfdf829060face36020a87829ad8dc6794ba8425204fd2014fcb7feb8c886459fe1c0d6e02cda33131a6a09c45c7436506c7f9e71402c4c9f4a71128e7727ee3582fe45a858994ce3dab322c7846ef0af200", @ANYRES32, @ANYBLOB="17007573657ac1"], 0x35) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x363) perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x7e, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000380)}, 0x9000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x4000000000000071, 0x0) r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000340)={0x6, 0x0, 0x0, 0x204f}) ioctl$DRM_IOCTL_AGP_FREE(r2, 0x40206435, &(0x7f00000004c0)={0x81, r5, 0x10000, 0x7}) ioctl$SNDRV_PCM_IOCTL_RESUME(r3, 0x4147, 0x0) mount$fuse(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000040)='fuse\x00', 0x0, &(0x7f0000000140)={{'fd', 0x3d, r4}, 0x2c, {'rootmode', 0x3d, 0x807a}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) 03:29:27 executing program 4: r0 = socket$inet(0x2b, 0x1, 0x0) bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e23, @multicast2}, 0x31) connect$inet(r0, &(0x7f0000000100)={0x2, 0x4e23, @multicast1}, 0x44) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000080)={'team0\x00'}) 03:29:27 executing program 3: r0 = socket$inet(0x2b, 0x1, 0x0) bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e23, @multicast2}, 0x31) connect$inet(r0, &(0x7f0000000100)={0x2, 0x4e23, @local}, 0x10) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) syz_open_pts(r3, 0x2000) r4 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) r5 = dup(r4) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) 03:29:27 executing program 1: openat$adsp1(0xffffffffffffff9c, 0x0, 0x0, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ioctl$KVM_SET_IRQCHIP(0xffffffffffffffff, 0x8208ae63, &(0x7f0000000300)={0x2, 0x0, @ioapic={0x0, 0x0, 0x0, 0x8003, 0x0, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0xff}, {}, {0x0, 0x3}, {}, {}, {0x0, 0x1}]}}) 03:29:27 executing program 5: openat$adsp1(0xffffffffffffff9c, &(0x7f0000000180)='/dev/adsp1\x00', 0x0, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) getsockopt$netlink(r3, 0x10e, 0xe, &(0x7f00000001c0)=""/201, &(0x7f00000000c0)=0xc9) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r4 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r5 = dup(r4) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r7 = dup(r6) ioctl$PERF_EVENT_IOC_ENABLE(r7, 0x8912, 0x400200) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r9 = dup(r8) ioctl$PERF_EVENT_IOC_ENABLE(r9, 0x8912, 0x400200) ioctl$FS_IOC_FSGETXATTR(r9, 0x801c581f, &(0x7f0000000080)={0x6, 0xfffffffc, 0x4, 0xad, 0x8e6c}) ioctl$RTC_PLL_GET(r7, 0x80207011, &(0x7f0000000040)) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) 03:29:27 executing program 0: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8d, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000280)={0x38, 0x2, 0x0, 0x0, 0x8}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, 0x0, 0x0, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) write$P9_RGETLOCK(r2, &(0x7f00000003c0)=ANY=[@ANYBLOB="350000194e621100000000000000000700f0000000000000cabccf258f89fc6da8c395aa018d83e0c6356c5aded74dc7e99c74d427ae85f25c5b80b95c85957da97fba0896741c3b4a18e6f44167ddbe0c0570d3438eccb779ee1311dcdfdf829060face36020a87829ad8dc6794ba8425204fd2014fcb7feb8c886459fe1c0d6e02cda33131a6a09c45c7436506c7f9e71402c4c9f4a71128e7727ee3582fe45a858994ce3dab322c7846ef0af200", @ANYRES32, @ANYBLOB="17007573657ac1"], 0x35) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x363) perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x7e, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000380)}, 0x9000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x4000000000000071, 0x0) r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000340)={0x6, 0x0, 0x0, 0x204f}) ioctl$DRM_IOCTL_AGP_FREE(r2, 0x40206435, &(0x7f00000004c0)={0x81, r5, 0x10000, 0x7}) ioctl$SNDRV_PCM_IOCTL_RESUME(r3, 0x4147, 0x0) mount$fuse(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000040)='fuse\x00', 0x0, &(0x7f0000000140)={{'fd', 0x3d, r4}, 0x2c, {'rootmode', 0x3d, 0x807a}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) 03:29:27 executing program 4: r0 = socket$inet(0x2b, 0x1, 0x0) bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e23, @multicast2}, 0x31) r1 = dup(0xffffffffffffffff) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) dup(r2) ioctl$VIDIOC_TRY_EXT_CTRLS(r1, 0xc0205649, &(0x7f0000000180)={0x9e0000, 0x7fffffff, 0x2, r2, 0x0, &(0x7f0000000140)={0x980915, 0x6, [], @p_u32=&(0x7f00000000c0)=0xf82}}) socket$nl_route(0x10, 0x3, 0x0) socket$netlink(0x10, 0x3, 0x0) r4 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)=ANY=[@ANYBLOB="3c0000001000850600"/20, @ANYRES32=r5, @ANYBLOB="01000000000000001c0012000c000100626f6e6456e33ec2b6e889019263ac797192613d4d79caf5c12a249b0144a89f1738d7b1c36feeaec7ade8ae3c5f63aaa16aa1b4f54d2115a0eb92cb8acf"], 0x3c}}, 0x8000) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)=ANY=[@ANYBLOB="180000001400000428bd7000fbabdf250a0024feda1c1b5e694fada1f0e715224887cafb00485f0bf39b020a6094731ee1e9514cfe52a2432c36d38d2a5603d2bf10a87cf014f9f8a3001fbcce5ab3b198404c1957bdfa4bcaec12c26e38be6723e9a92bc45b2e88f36f646d954fa7c2b08ce2cebef357d4c15c94bd410e8b26af92a036", @ANYRES32=0x0], 0x18}}, 0x0) ioctl$sock_ipv6_tunnel_SIOCADDPRL(r3, 0x89f5, &(0x7f0000000240)={'syztnl1\x00', &(0x7f00000001c0)={'sit0\x00', r5, 0x4, 0x81, 0x6, 0x22, 0x74, @private2={0xfc, 0x2, [], 0x1}, @mcast2, 0x7, 0x1, 0x0, 0xa9}}) connect$inet(r0, &(0x7f0000000100)={0x2, 0x4e23, @local}, 0x10) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r7 = dup(r6) ioctl$PERF_EVENT_IOC_ENABLE(r7, 0x8912, 0x400200) ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000080)={'team0\x00'}) 03:29:27 executing program 3: r0 = socket$inet(0x2b, 0x1, 0x0) bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e23, @multicast2}, 0x31) connect$inet(r0, &(0x7f0000000100)={0x2, 0x4e23, @local}, 0x10) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) readlinkat(r3, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080)=""/13, 0xd) 03:29:27 executing program 2: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8d, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000280)={0x38, 0x2, 0x0, 0x5, 0x8}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f00000041c0)=[{{&(0x7f0000000780)=@xdp, 0x80, &(0x7f0000000b40)=[{&(0x7f0000000800)=""/55, 0x37}], 0x1}, 0x405}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x363) perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x7e, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000380)}, 0x9000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x4000000000000071, 0x0) r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000340)={0x6, 0x0, 0x0, 0x204f}) ioctl$DRM_IOCTL_AGP_FREE(r2, 0x40206435, &(0x7f00000004c0)={0x81, r5, 0x10000, 0x7}) ioctl$SNDRV_PCM_IOCTL_RESUME(r3, 0x4147, 0x0) mount$fuse(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000040)='fuse\x00', 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r4, @ANYBLOB=',rootmode=00000000000000000100172,user_id=', @ANYRESDEC=0x0, @ANYBLOB="08000080738c1700891a76022d1793a4faf07100009e30d28102b2f687359fedc84abd94a86be936a176530a7edcc5615deb0e1c365c4187ff", @ANYRESDEC=0x0, @ANYBLOB=',\x00']) 03:29:27 executing program 1: openat$adsp1(0xffffffffffffff9c, 0x0, 0x0, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ioctl$KVM_ASSIGN_SET_INTX_MASK(r3, 0x4040aea4, &(0x7f0000000040)={0xffff, 0x1, 0xd3, 0x1, 0xd000000}) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r4 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r5 = dup(r4) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) ioctl$KVM_SET_IRQCHIP(0xffffffffffffffff, 0x8208ae63, &(0x7f0000000300)={0x2, 0x0, @ioapic={0x0, 0x0, 0x0, 0x7fff}}) 03:29:28 executing program 0: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8d, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000280)={0x38, 0x2, 0x0, 0x0, 0x8}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f00000041c0), 0x0, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) write$P9_RGETLOCK(r2, &(0x7f00000003c0)=ANY=[@ANYBLOB="350000194e621100000000000000000700f0000000000000cabccf258f89fc6da8c395aa018d83e0c6356c5aded74dc7e99c74d427ae85f25c5b80b95c85957da97fba0896741c3b4a18e6f44167ddbe0c0570d3438eccb779ee1311dcdfdf829060face36020a87829ad8dc6794ba8425204fd2014fcb7feb8c886459fe1c0d6e02cda33131a6a09c45c7436506c7f9e71402c4c9f4a71128e7727ee3582fe45a858994ce3dab322c7846ef0af200", @ANYRES32, @ANYBLOB="17007573657ac1"], 0x35) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x363) perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x7e, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000380)}, 0x9000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x4000000000000071, 0x0) r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000340)={0x6, 0x0, 0x0, 0x204f}) ioctl$DRM_IOCTL_AGP_FREE(r2, 0x40206435, &(0x7f00000004c0)={0x81, r5, 0x10000, 0x7}) ioctl$SNDRV_PCM_IOCTL_RESUME(r3, 0x4147, 0x0) mount$fuse(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000040)='fuse\x00', 0x0, &(0x7f0000000140)={{'fd', 0x3d, r4}, 0x2c, {'rootmode', 0x3d, 0x807a}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) 03:29:28 executing program 3: r0 = socket$inet(0x2b, 0x1, 0x0) bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e22, @multicast2}, 0x10) connect$inet(r0, &(0x7f0000000100)={0x2, 0x4e23, @local}, 0x10) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) [ 798.987090] syz-executor.5: page allocation failure: order:0, mode:0x14000c4(GFP_KERNEL|GFP_DMA32), nodemask=(null) [ 799.006940] syz-executor.5 cpuset=/ mems_allowed=0-1 [ 799.027568] CPU: 0 PID: 6375 Comm: syz-executor.5 Not tainted 4.14.184-syzkaller #0 [ 799.035451] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 799.044831] Call Trace: [ 799.047446] dump_stack+0x1b2/0x283 [ 799.051099] warn_alloc.cold+0x96/0x1af [ 799.055084] ? zone_watermark_ok_safe+0x250/0x250 [ 799.060070] ? wait_for_completion_io+0x10/0x10 [ 799.064857] __alloc_pages_nodemask+0x2129/0x2730 [ 799.069746] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 799.074622] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 799.079511] ? do_raw_spin_unlock+0x164/0x250 [ 799.084036] alloc_pages_current+0xe7/0x1e0 [ 799.088385] kvm_mmu_create+0xd1/0x1c0 [ 799.092299] kvm_arch_vcpu_init+0x282/0x890 [ 799.096638] ? alloc_pages_current+0xef/0x1e0 [ 799.101154] kvm_vcpu_init+0x26d/0x360 [ 799.105054] vmx_create_vcpu+0xf5/0x2950 [ 799.109217] ? __mutex_unlock_slowpath+0x75/0x780 [ 799.114080] ? drop_futex_key_refs.isra.0+0x17/0x80 [ 799.119124] ? alloc_loaded_vmcs+0x240/0x240 [ 799.123553] kvm_vm_ioctl+0x4ae/0x1430 [ 799.127484] ? __lock_acquire+0x655/0x42a0 [ 799.131742] ? kvm_vcpu_release+0xa0/0xa0 [ 799.135901] ? trace_hardirqs_on+0x10/0x10 [ 799.140152] ? trace_hardirqs_on+0x10/0x10 [ 799.144395] ? futex_exit_release+0x60/0x60 [ 799.148843] ? __might_fault+0x104/0x1b0 [ 799.153434] ? lock_acquire+0x170/0x3f0 [ 799.157407] ? kvm_vcpu_release+0xa0/0xa0 [ 799.161560] do_vfs_ioctl+0x75a/0xfe0 [ 799.165367] ? selinux_parse_skb.constprop.0+0x16c0/0x16c0 [ 799.171004] ? ioctl_preallocate+0x1a0/0x1a0 [ 799.175420] ? security_file_ioctl+0x76/0xb0 [ 799.179967] ? security_file_ioctl+0x83/0xb0 [ 799.184399] SyS_ioctl+0x7f/0xb0 [ 799.187762] ? do_vfs_ioctl+0xfe0/0xfe0 [ 799.191746] do_syscall_64+0x1d5/0x640 [ 799.195651] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 799.200844] RIP: 0033:0x45cba9 [ 799.204038] RSP: 002b:00007ffa78a6ac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 799.211766] RAX: ffffffffffffffda RBX: 00000000004e85c0 RCX: 000000000045cba9 [ 799.219053] RDX: 0000000000000000 RSI: 000000000000ae41 RDI: 0000000000000005 [ 799.226333] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 799.233615] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 799.240916] R13: 00000000000003a3 R14: 00000000004c652f R15: 00007ffa78a6b6d4 03:29:28 executing program 2: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8d, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000280)={0x38, 0x2, 0x0, 0x0, 0x8}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f00000041c0)=[{{&(0x7f0000000780)=@xdp, 0x80, &(0x7f0000000b40)=[{&(0x7f0000000800)=""/55, 0x37}], 0x1}, 0x405}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500)}], 0x1, 0x4) write$P9_RGETLOCK(r2, &(0x7f00000003c0)=ANY=[@ANYBLOB="350000194e621100000000000000000700f0000000000000cabccf258f89fc6da8c395aa018d83e0c6356c5aded74dc7e99c74d427ae85f25c5b80b95c85957da97fba0896741c3b4a18e6f44167ddbe0c0570d3438eccb779ee1311dcdfdf829060face36020a87829ad8dc6794ba8425204fd2014fcb7feb8c886459fe1c0d6e02cda33131a6a09c45c7436506c7f9e71402c4c9f4a71128e7727ee3582fe45a858994ce3dab322c7846ef0af200", @ANYRES32, @ANYBLOB="17007573657ac194ca"], 0x35) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x363) perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x7e, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000380)}, 0x9000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x4000000000000071, 0x0) r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000340)={0x6, 0x0, 0x0, 0x204f}) ioctl$DRM_IOCTL_AGP_FREE(r2, 0x40206435, &(0x7f00000004c0)={0x81, r5, 0x10000, 0x7}) ioctl$SNDRV_PCM_IOCTL_RESUME(r3, 0x4147, 0x0) mount$fuse(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000040)='fuse\x00', 0x0, &(0x7f0000000140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r4, @ANYBLOB=',rootmode=00000000000000000100172,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0, @ANYBLOB='\x00\x00']) 03:29:28 executing program 0: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8d, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000280)={0x38, 0x2, 0x0, 0x0, 0x8}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f00000041c0), 0x0, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) write$P9_RGETLOCK(r2, &(0x7f00000003c0)=ANY=[@ANYBLOB="350000194e621100000000000000000700f0000000000000cabccf258f89fc6da8c395aa018d83e0c6356c5aded74dc7e99c74d427ae85f25c5b80b95c85957da97fba0896741c3b4a18e6f44167ddbe0c0570d3438eccb779ee1311dcdfdf829060face36020a87829ad8dc6794ba8425204fd2014fcb7feb8c886459fe1c0d6e02cda33131a6a09c45c7436506c7f9e71402c4c9f4a71128e7727ee3582fe45a858994ce3dab322c7846ef0af200", @ANYRES32, @ANYBLOB="17007573657ac1"], 0x35) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x363) perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x7e, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000380)}, 0x9000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x4000000000000071, 0x0) r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000340)={0x6, 0x0, 0x0, 0x204f}) ioctl$DRM_IOCTL_AGP_FREE(r2, 0x40206435, &(0x7f00000004c0)={0x81, r5, 0x10000, 0x7}) ioctl$SNDRV_PCM_IOCTL_RESUME(r3, 0x4147, 0x0) mount$fuse(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000040)='fuse\x00', 0x0, &(0x7f0000000140)={{'fd', 0x3d, r4}, 0x2c, {'rootmode', 0x3d, 0x807a}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) [ 799.300582] warn_alloc_show_mem: 1 callbacks suppressed [ 799.300588] Mem-Info: [ 799.349795] active_anon:1042182 inactive_anon:4039 isolated_anon:0 [ 799.349795] active_file:3905 inactive_file:7585 isolated_file:3 [ 799.349795] unevictable:0 dirty:39 writeback:0 unstable:0 [ 799.349795] slab_reclaimable:16123 slab_unreclaimable:137743 [ 799.349795] mapped:58351 shmem:4200 pagetables:30957 bounce:0 [ 799.349795] free:268840 free_pcp:318 free_cma:0 03:29:28 executing program 3: r0 = socket$inet(0x2b, 0x1, 0x0) bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e23, @multicast2}, 0x31) connect$inet(r0, &(0x7f0000000100)={0x2, 0x4e23, @local}, 0x10) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) dup(r1) r2 = inotify_init1(0x800) r3 = dup(r2) r4 = socket$inet(0x2, 0x4000000000000001, 0x0) ioctl$sock_SIOCADDDLCI(0xffffffffffffffff, 0x8980, 0x0) setsockopt$inet_tcp_int(r4, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x2000000000000074, 0x25d) bind$inet(r4, &(0x7f0000000080)={0x2, 0x4e22, @dev={0xac, 0x14, 0x14, 0x15}}, 0x10) epoll_create1(0x0) sendto$inet(r4, 0x0, 0x0, 0x200407fd, &(0x7f0000000040)={0x2, 0x4e23, @local}, 0x10) setsockopt$inet_tcp_TCP_CONGESTION(r4, 0x6, 0xd, &(0x7f0000000000)='westwood\x00', 0x11) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) socket$packet(0x11, 0x0, 0x300) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) sendto$inet(r3, &(0x7f0000000140)="96308519645fa77278aa7f9284d6bcf8a4cb310679830c403a55ea1ac203cda28b436affa40d1d517a41a562aed41e13b869730d36ce3902ff60239562feb289231981f324bfc42cecf399f12ef959fd7a9dbb96a5074ce2c8d858a89cd43e94d7a966d00f24e5764f6b5754dc98bea83576788ef59b29690975bd9bc37b6d6dcc34d27e874992d612a079e72c5b6c187d1237c2837c90f39056126610d7092a9f01706762b98dd3eafd4a5f211a2d6c0cf372e64b07735e0dbae7d5b14515e8df732b92c6c0760f000596077c4033311e14d9ebb2b6feb5fb981ebe67ebc99fd0361c79b81e821c7336bc486ae5bdbecdc2a0fbe5", 0xf5, 0x40, &(0x7f0000000040)={0x2, 0x4e22, @multicast2}, 0x10) [ 799.395651] Node 0 active_anon:1914300kB inactive_anon:16128kB active_file:20kB inactive_file:0kB unevictable:0kB isolated(anon):0kB isolated(file):12kB mapped:213676kB dirty:4kB writeback:0kB shmem:16772kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 1445888kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes 03:29:28 executing program 2: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8d, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000280)={0x38, 0x2, 0x0, 0x0, 0x8}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f00000041c0)=[{{&(0x7f0000000780)=@xdp, 0x80, &(0x7f0000000b40)=[{&(0x7f0000000500)=""/66, 0x42}], 0x1}, 0x405}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) write$P9_RGETLOCK(r2, &(0x7f00000003c0)=ANY=[@ANYBLOB="350000194e621100000000000000000700f0000000000000cabccf258f89fc6da8c395aa018d83e0c6356c5aded74dc7e99c74d427ae85f25c5b80b95c85957da97fba0896741c3b4a18e6f44167ddbe0c0570d3438eccb779ee1311dcdfdf829060face36020a87829ad8dc6794ba8425204fd2014fcb7feb8c886459fe1c0d6e02cda33131a6a09c45c7436506c7f9e71402c4c9f4a71128e7727ee3582fe45a858994ce3dab322c7846ef0af200", @ANYRES32, @ANYBLOB="17007573657ac194ca"], 0x35) sched_setattr(r0, &(0x7f0000000080)={0x38, 0x1, 0x1, 0x1, 0x7, 0x47, 0x2, 0x0, 0x8001}, 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x363) perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x7e, 0x0, 0x20, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_bp={&(0x7f0000000380)}, 0x9000, 0x0, 0x0, 0x2, 0x0, 0x0, 0xfffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x4000000000000071, 0x0) openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000340)={0x6, 0x0, 0x0, 0x204f}) ioctl$DRM_IOCTL_AGP_FREE(r2, 0x40206435, &(0x7f00000004c0)={0x81, r4, 0x10000, 0x7}) ioctl$SNDRV_PCM_IOCTL_RESUME(r3, 0x4147, 0x0) mount$fuse(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000140)='fuse\x00', 0x180000, &(0x7f0000000180)=ANY=[]) [ 799.542531] Node 1 active_anon:2254828kB inactive_anon:28kB active_file:15600kB inactive_file:30340kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:19728kB dirty:152kB writeback:0kB shmem:28kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 799.578412] Node 0 DMA free:10440kB min:220kB low:272kB high:324kB active_anon:4344kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:4kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 799.633434] syz-executor.1: page allocation failure: order:0, mode:0x14000c4(GFP_KERNEL|GFP_DMA32), nodemask=(null) [ 799.644815] syz-executor.1 cpuset=/ mems_allowed=0-1 [ 799.664234] CPU: 0 PID: 6412 Comm: syz-executor.1 Not tainted 4.14.184-syzkaller #0 [ 799.672134] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 799.681507] Call Trace: [ 799.684137] dump_stack+0x1b2/0x283 [ 799.687783] warn_alloc.cold+0x96/0x1af [ 799.691768] ? zone_watermark_ok_safe+0x250/0x250 [ 799.696629] ? wait_for_completion_io+0x10/0x10 [ 799.702051] __alloc_pages_nodemask+0x2129/0x2730 [ 799.706932] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 799.711951] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 799.716842] ? do_raw_spin_unlock+0x164/0x250 [ 799.721369] alloc_pages_current+0xe7/0x1e0 [ 799.725720] kvm_mmu_create+0xd1/0x1c0 [ 799.729639] kvm_arch_vcpu_init+0x282/0x890 [ 799.733989] ? alloc_pages_current+0xef/0x1e0 [ 799.738515] kvm_vcpu_init+0x26d/0x360 [ 799.742422] vmx_create_vcpu+0xf5/0x2950 [ 799.746498] ? __mutex_unlock_slowpath+0x75/0x780 [ 799.751359] ? drop_futex_key_refs.isra.0+0x17/0x80 [ 799.756394] ? alloc_loaded_vmcs+0x240/0x240 [ 799.760825] kvm_vm_ioctl+0x4ae/0x1430 [ 799.764726] ? __lock_acquire+0x655/0x42a0 [ 799.768989] ? kvm_vcpu_release+0xa0/0xa0 [ 799.773169] ? trace_hardirqs_on+0x10/0x10 [ 799.777439] ? trace_hardirqs_on+0x10/0x10 [ 799.781811] ? unix_listen+0x290/0x290 [ 799.785721] ? futex_exit_release+0x60/0x60 [ 799.790159] ? __might_fault+0x104/0x1b0 [ 799.794243] ? lock_acquire+0x170/0x3f0 [ 799.798242] ? kvm_vcpu_release+0xa0/0xa0 [ 799.802416] do_vfs_ioctl+0x75a/0xfe0 [ 799.806235] ? selinux_parse_skb.constprop.0+0x16c0/0x16c0 [ 799.811897] ? ioctl_preallocate+0x1a0/0x1a0 [ 799.816340] ? security_file_ioctl+0x76/0xb0 [ 799.820775] ? security_file_ioctl+0x83/0xb0 [ 799.825206] SyS_ioctl+0x7f/0xb0 [ 799.828603] ? do_vfs_ioctl+0xfe0/0xfe0 [ 799.832598] do_syscall_64+0x1d5/0x640 [ 799.836506] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 799.841706] RIP: 0033:0x45cba9 [ 799.844902] RSP: 002b:00007f4b1ca47c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 799.852656] RAX: ffffffffffffffda RBX: 00000000004e85c0 RCX: 000000000045cba9 [ 799.859960] RDX: 0000000000000000 RSI: 000000000000ae41 RDI: 0000000000000004 [ 799.867257] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 799.874543] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 799.881838] R13: 00000000000003a3 R14: 00000000004c652f R15: 00007f4b1ca486d4 [ 799.913688] syz-executor.5: page allocation failure: order:0, mode:0x14000c4(GFP_KERNEL|GFP_DMA32), nodemask=(null) [ 799.926163] lowmem_reserve[]: 0 2559 2559 2559 2559 [ 799.935965] Node 0 DMA32 free:35960kB min:36296kB low:45368kB high:54440kB active_anon:1909956kB inactive_anon:16128kB active_file:20kB inactive_file:0kB unevictable:0kB writepending:4kB present:3129332kB managed:2623992kB mlocked:0kB kernel_stack:12512kB pagetables:45736kB bounce:0kB free_pcp:512kB local_pcp:176kB free_cma:0kB [ 799.976219] syz-executor.5 cpuset=/ mems_allowed=0-1 [ 799.988721] CPU: 0 PID: 6462 Comm: syz-executor.5 Not tainted 4.14.184-syzkaller #0 [ 799.996572] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 800.005951] Call Trace: [ 800.008567] dump_stack+0x1b2/0x283 [ 800.012233] warn_alloc.cold+0x96/0x1af [ 800.016232] ? zone_watermark_ok_safe+0x250/0x250 [ 800.021100] ? wait_for_completion_io+0x10/0x10 [ 800.025795] __alloc_pages_nodemask+0x2129/0x2730 [ 800.030702] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 800.035568] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 800.040462] ? do_raw_spin_unlock+0x164/0x250 [ 800.045018] alloc_pages_current+0xe7/0x1e0 [ 800.049372] kvm_mmu_create+0xd1/0x1c0 [ 800.053271] kvm_arch_vcpu_init+0x282/0x890 [ 800.057600] ? alloc_pages_current+0xef/0x1e0 [ 800.062129] kvm_vcpu_init+0x26d/0x360 [ 800.066029] vmx_create_vcpu+0xf5/0x2950 [ 800.070245] ? __mutex_unlock_slowpath+0x75/0x780 [ 800.075111] ? drop_futex_key_refs.isra.0+0x17/0x80 [ 800.080150] ? alloc_loaded_vmcs+0x240/0x240 [ 800.084588] kvm_vm_ioctl+0x4ae/0x1430 [ 800.088525] ? __lock_acquire+0x655/0x42a0 [ 800.092778] ? kvm_vcpu_release+0xa0/0xa0 [ 800.096944] ? trace_hardirqs_on+0x10/0x10 [ 800.101191] ? trace_hardirqs_on+0x10/0x10 [ 800.105425] ? unix_listen+0x290/0x290 [ 800.109319] ? futex_exit_release+0x60/0x60 [ 800.113657] ? __might_fault+0x104/0x1b0 [ 800.117750] ? lock_acquire+0x170/0x3f0 [ 800.121736] ? kvm_vcpu_release+0xa0/0xa0 [ 800.125896] do_vfs_ioctl+0x75a/0xfe0 [ 800.129735] ? selinux_parse_skb.constprop.0+0x16c0/0x16c0 [ 800.135385] ? ioctl_preallocate+0x1a0/0x1a0 [ 800.139858] ? security_file_ioctl+0x76/0xb0 [ 800.144281] ? security_file_ioctl+0x83/0xb0 [ 800.148874] SyS_ioctl+0x7f/0xb0 [ 800.152261] ? do_vfs_ioctl+0xfe0/0xfe0 [ 800.156254] do_syscall_64+0x1d5/0x640 [ 800.160160] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 800.165358] RIP: 0033:0x45cba9 [ 800.167865] lowmem_reserve[]: [ 800.168648] RSP: 002b:00007ffa78a28c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 800.172773] 0 [ 800.179524] RAX: ffffffffffffffda RBX: 00000000004e85c0 RCX: 000000000045cba9 [ 800.179535] 0 [ 800.181349] RDX: 0000000000000000 RSI: 000000000000ae41 RDI: 0000000000000005 [ 800.181356] RBP: 000000000078c040 R08: 0000000000000000 R09: 0000000000000000 [ 800.181361] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 800.181367] R13: 00000000000003a3 R14: 00000000004c652f R15: 00007ffa78a296d4 [ 800.228152] 0 0 0 [ 800.230483] Node 0 Normal free:0kB min:0kB low:0kB high:0kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:0kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 800.262055] lowmem_reserve[]: 0 0 0 0 0 [ 800.266100] Node 1 Normal free:1029536kB min:53592kB low:66988kB high:80384kB active_anon:2253692kB inactive_anon:28kB active_file:15600kB inactive_file:30376kB unevictable:0kB writepending:368kB present:3932160kB managed:3870192kB mlocked:0kB kernel_stack:31552kB pagetables:77536kB bounce:0kB free_pcp:1164kB local_pcp:700kB free_cma:0kB [ 800.297858] lowmem_reserve[]: 0 0 0 0 0 [ 800.303365] Node 0 DMA: 4*4kB (M) 12*8kB (UM) 4*16kB (UM) 5*32kB (UM) 2*64kB (UM) 2*128kB (UM) 0*256kB 1*512kB (M) 1*1024kB (M) 0*2048kB 2*4096kB (ME) = 10448kB [ 800.318872] Node 0 DMA32: 338*4kB (ME) 460*8kB (UMEH) 86*16kB (UME) 24*32kB (UM) 57*64kB (ME) 38*128kB (UME) 26*256kB (UME) 13*512kB (UM) 7*1024kB (ME) 0*2048kB 0*4096kB = 36168kB [ 800.335229] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 800.346103] Node 1 Normal: 249*4kB (UM) 199*8kB (UME) 81*16kB (UME) 54*32kB (UME) 16*64kB (UME) 16*128kB (UME) 27*256kB (UM) 10*512kB (UM) 9*1024kB (UE) 4*2048kB (UE) 242*4096kB (M) = 1029356kB [ 800.363757] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 800.372851] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 800.381576] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 800.390630] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 800.399329] 12586 total pagecache pages [ 800.403395] 0 pages in swap cache [ 800.406840] Swap cache stats: add 0, delete 0, find 0/0 [ 800.412434] Free swap = 0kB 03:29:29 executing program 5: openat$adsp1(0xffffffffffffff9c, &(0x7f0000000180)='/dev/adsp1\x00', 0x0, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r3 = dup(r2) r4 = syz_open_dev$vcsn(&(0x7f0000000040)='/dev/vcs#\x00', 0x2, 0x100) setsockopt$inet_sctp6_SCTP_AUTO_ASCONF(r4, 0x84, 0x1e, &(0x7f0000000080)=0x9, 0x4) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) 03:29:29 executing program 0: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8d, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000280)={0x38, 0x2, 0x0, 0x0, 0x8}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f00000041c0), 0x0, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) write$P9_RGETLOCK(r2, &(0x7f00000003c0)=ANY=[@ANYBLOB="350000194e621100000000000000000700f0000000000000cabccf258f89fc6da8c395aa018d83e0c6356c5aded74dc7e99c74d427ae85f25c5b80b95c85957da97fba0896741c3b4a18e6f44167ddbe0c0570d3438eccb779ee1311dcdfdf829060face36020a87829ad8dc6794ba8425204fd2014fcb7feb8c886459fe1c0d6e02cda33131a6a09c45c7436506c7f9e71402c4c9f4a71128e7727ee3582fe45a858994ce3dab322c7846ef0af200", @ANYRES32, @ANYBLOB="17007573657ac1"], 0x35) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x363) perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x7e, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000380)}, 0x9000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x4000000000000071, 0x0) r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000340)={0x6, 0x0, 0x0, 0x204f}) ioctl$DRM_IOCTL_AGP_FREE(r2, 0x40206435, &(0x7f00000004c0)={0x81, r5, 0x10000, 0x7}) ioctl$SNDRV_PCM_IOCTL_RESUME(r3, 0x4147, 0x0) mount$fuse(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000040)='fuse\x00', 0x0, &(0x7f0000000140)={{'fd', 0x3d, r4}, 0x2c, {'rootmode', 0x3d, 0x807a}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) 03:29:29 executing program 3: r0 = socket$inet(0x2b, 0x80000, 0x0) bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e23, @multicast2}, 0x31) connect$inet(r0, &(0x7f0000000100)={0x2, 0x4e23, @local}, 0x10) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) mq_timedsend(r1, &(0x7f0000000080)="e172a9c7b65cac1dd2094f458e19a281e3f3679f1a5fc4f11985f781a681ba81f0a48302f811506e67709ea1e54d03a88dfb38fcc1cf268e96115afd1724c9162dd9", 0x42, 0x7d, 0x0) r2 = syz_open_dev$vcsn(&(0x7f0000000040)='/dev/vcs#\x00', 0x3f, 0x82000) ioctl$VIDIOC_G_FMT(r2, 0xc0d05604, &(0x7f0000000140)={0x6, @raw_data="697853680a243fb60c06b0e7f67f4213ad5880523e0e76f98fbbfdefac087ae819523afd138b7052c13217ed7e2c61333e730518a62994a1f1489e64bf9040ad9b34370547401a640e396cf596d6a6c227cfeff57da9864ff8915c41b0f0b89fd64b597f3fe344cb43fd7b5feb4e822fc6c03ba9e6e186ee9d788cfd729439c02c7362f986c8c73df85286f49466084a7cf506f935201faece3f5199009868ed3695a4a385a3ff5a659678e14f40378a6d42a536522867467918c4f23fe75a3ae3dd60621040e4dd"}) 03:29:29 executing program 4: r0 = socket$inet(0x2b, 0x1, 0x0) bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e23, @multicast2}, 0x31) connect$inet(r0, &(0x7f0000000100)={0x2, 0x4e23, @local}, 0x10) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)) ioctl$VIDIOC_EXPBUF(r0, 0xc0405610, &(0x7f0000000180)={0x1, 0x7f, 0x3b9, 0x80800, 0xffffffffffffffff}) r2 = dup(r1) pipe(&(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$SIOCPNDELRESOURCE(r4, 0x89ef, &(0x7f0000000140)=0xfffff400) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) pwrite64(r0, &(0x7f0000000240)="3dee54cbf9c6135b8b6722dd793cf4dd7628582324c3d4fcf9c4ad9075a53bef1946cfb4442dfd4aad2a90ad81469fb7b07a5971db6a626af94d46ed86a2766166bd408a8378fe3db3ccfd2a9de188fc8bae2ad371458e955be344cf18c0fd0658f664d48532864d30999d2aaa2bf85e2d14d8a13d7570872700a0e5206e10a1dc0cc40f1d571e5ab6e96106c28665d155049d4fb7c71527887e85ccf9170fdb83b51b3386aa22e409752f62a5a88405bbfaccce0f6723922c5f868d55398707184fbd", 0xc3, 0xffffffff) ioctl$SNDRV_SEQ_IOCTL_UNSUBSCRIBE_PORT(r3, 0x40505331, &(0x7f00000001c0)={{0x3, 0x9}, {0x80, 0x58}, 0x101, 0x4, 0x8}) ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000080)={'team0\x00'}) 03:29:29 executing program 2: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8d, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000280)={0x38, 0x2, 0x0, 0x0, 0x8}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f00000041c0)=[{{&(0x7f0000000780)=@xdp, 0x80, &(0x7f0000000b40)=[{&(0x7f0000000800)=""/55, 0x37}], 0x1}, 0x405}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) write$P9_RGETLOCK(r2, &(0x7f00000003c0)=ANY=[@ANYBLOB="350000194e621100000000000000000700f0000000000000cabccf258f89fc6da8c395aa018d83e0c6356c5aded74dc7e99c74d427ae85f25c5b80b95c85957da97fba0896741c3b4a18e6f44167ddbe0c0570d3438eccb779ee1311dcdfdf829060face36020a87829ad8dc6794ba8425204fd2014fcb7feb8c886459fe1c0d6e02cda33131a6a09c45c7436506c7f9e71402c4c9f4a71128e7727ee3582fe45a858994ce3dab322c7846ef0af200", @ANYRES32, @ANYBLOB="17007573657ac194ca"], 0x35) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x363) perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x7e, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000380)}, 0x9000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x4000000000000071, 0x0) r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000340)={0x6, 0x0, 0x0, 0x204f}) ioctl$DRM_IOCTL_AGP_FREE(r2, 0x40206435, &(0x7f00000004c0)={0x81, r5, 0x10000, 0x7}) ioctl$SNDRV_PCM_IOCTL_RESUME(r3, 0x4147, 0x0) mount$fuse(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000040)='fuse\x00', 0x0, &(0x7f0000000500)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r4, @ANYBLOB=',rootmode=00000000000000000100172,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0, @ANYBLOB="2c288e74b49df11088d763163cb9e01214c8eb93211f612a1804cdb0d62df71662e31e0af3ff7dbf98e9c37a24b99d200beee7722a0916fb3ef3b7ce084f343dcc10ebcbbee6117e81c23e1f3715eb47d71a"]) 03:29:29 executing program 1: openat$adsp1(0xffffffffffffff9c, 0x0, 0x0, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = dup(0xffffffffffffffff) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) getsockopt$inet_sctp_SCTP_NODELAY(r3, 0x84, 0x3, &(0x7f0000000180), &(0x7f00000001c0)=0x4) ioctl$PPPIOCGUNIT(r2, 0x80047456, &(0x7f0000000040)) r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0) r5 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r6 = syz_open_dev$mouse(&(0x7f0000000080)='/dev/input/mouse#\x00', 0x0, 0x400000) ioctl$SNDRV_CTL_IOCTL_CARD_INFO(r6, 0x81785501, &(0x7f00000000c0)=""/130) dup(r5) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r8 = dup(r7) ioctl$PERF_EVENT_IOC_ENABLE(r8, 0x8912, 0x400200) ioctl$PERF_EVENT_IOC_ENABLE(r8, 0x8912, 0x100000000) ioctl$KVM_SET_IRQCHIP(0xffffffffffffffff, 0x8208ae63, &(0x7f0000000300)={0x2, 0x0, @ioapic={0x6000, 0x80000, 0x0, 0x7fff, 0x0, [{}, {0x0, 0x0, 0xff}]}}) [ 800.415460] Total swap = 0kB [ 800.418585] 1965979 pages RAM [ 800.421799] 0 pages HighMem/MovableOnly [ 800.425775] 338456 pages reserved [ 800.429229] 0 pages cma reserved 03:29:29 executing program 3: r0 = socket$inet(0x2b, 0x1, 0x0) bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e23, @multicast2}, 0x31) connect$inet(r0, &(0x7f0000000100)={0x2, 0x4e23, @local}, 0x10) r1 = dup(r0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ioctl$GIO_CMAP(r3, 0x4b70, &(0x7f0000000040)) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) 03:29:29 executing program 2: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8d, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000140)={0x38, 0x2, 0x10000002, 0x0, 0x3b}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f00000041c0)=[{{&(0x7f0000000780)=@xdp, 0x80, &(0x7f0000000b40)=[{&(0x7f0000000800)=""/55, 0x37}], 0x1}, 0x405}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) write$P9_RGETLOCK(r2, &(0x7f00000003c0)=ANY=[@ANYBLOB="350000194e621100000000000000000700f0000000000000cabccf258f89fc6da8c395aa018d83e0c6356c5aded74dc7e99c74d427ae85f25c5b80b95c85957da97fba0896741c3b4a18e6f44167ddbe0c0570d3438eccb779ee1311dcdfdf829060face36020a87829ad8dc6794ba8425204fd2014fcb7feb8c886459fe1c0d6e02cda33131a6a09c45c7436506c7f9e71402c4c9f4a71128e7727ee3582fe45a858994ce3dab322c7846ef0af200", @ANYRES32, @ANYBLOB="17007573657ac194ca"], 0x35) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x363) perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x7e, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000380)}, 0x9000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x4000000000000071, 0x0) r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000340)={0x806, 0x0, 0x0, 0x204f}) ioctl$DRM_IOCTL_AGP_FREE(r2, 0x40206435, &(0x7f00000004c0)={0x81, r5, 0x10000, 0x7}) ioctl$SNDRV_PCM_IOCTL_RESUME(r3, 0x4147, 0x0) mount$fuse(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000040)='fuse\x00', 0x0, &(0x7f0000000840)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r4, @ANYBLOB="2c726f6f746d6f64653d303030303030303030303030303030303031303039e2502c757365725f69643dd8c7af245557b6d7aad2e694fa4ad807c5cdab64e7a427638df13816f6550a5a8c91ffade8f2b92cf418a2a4df3e86b72f2bc765f4a17feb402346ddba9eb250cbd4d1910f761d8db20942a1cb4899a93bb71f0ae98227c6ea949e8ca6ea415030ec169027ab2527af76a0aed4d0624bfcea029e4158c1b5322282a975378ae2257f197b4b7aff31425de1c2c143ed67a3ca5b27ef45649f15b4f6e5e59cf32e2e3d7410e1e534ecdfa0cef43598667eca906986d5bc758d5b29ff2572b3a77efe78e00cb0522aa479155c6d1b19b33f61369184e0510289f7dfd2b58dafd09b", @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0, @ANYBLOB="28cf91cfc7066e8b8103a859dd58a16ffa6301"]) 03:29:29 executing program 0: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8d, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000280)={0x38, 0x2, 0x0, 0x0, 0x8}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f00000041c0)=[{{0x0, 0x0, &(0x7f0000000b40)=[{&(0x7f0000000800)=""/55, 0x37}], 0x1}, 0x405}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) write$P9_RGETLOCK(r2, &(0x7f00000003c0)=ANY=[@ANYBLOB="350000194e621100000000000000000700f0000000000000cabccf258f89fc6da8c395aa018d83e0c6356c5aded74dc7e99c74d427ae85f25c5b80b95c85957da97fba0896741c3b4a18e6f44167ddbe0c0570d3438eccb779ee1311dcdfdf829060face36020a87829ad8dc6794ba8425204fd2014fcb7feb8c886459fe1c0d6e02cda33131a6a09c45c7436506c7f9e71402c4c9f4a71128e7727ee3582fe45a858994ce3dab322c7846ef0af200", @ANYRES32, @ANYBLOB="17007573657ac1"], 0x35) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x363) perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x7e, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000380)}, 0x9000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x4000000000000071, 0x0) r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000340)={0x6, 0x0, 0x0, 0x204f}) ioctl$DRM_IOCTL_AGP_FREE(r2, 0x40206435, &(0x7f00000004c0)={0x81, r5, 0x10000, 0x7}) ioctl$SNDRV_PCM_IOCTL_RESUME(r3, 0x4147, 0x0) mount$fuse(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000040)='fuse\x00', 0x0, &(0x7f0000000140)={{'fd', 0x3d, r4}, 0x2c, {'rootmode', 0x3d, 0x807a}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) [ 800.710452] syz-executor.5: page allocation failure: order:0, mode:0x14000c4(GFP_KERNEL|GFP_DMA32), nodemask=(null) [ 800.743295] syz-executor.5 cpuset=/ mems_allowed=0-1 [ 800.744186] syz-executor.1: [ 800.759470] CPU: 0 PID: 6505 Comm: syz-executor.5 Not tainted 4.14.184-syzkaller #0 [ 800.770491] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 800.779887] Call Trace: [ 800.782524] dump_stack+0x1b2/0x283 [ 800.786183] warn_alloc.cold+0x96/0x1af [ 800.790209] ? zone_watermark_ok_safe+0x250/0x250 [ 800.795223] ? wait_for_completion_io+0x10/0x10 [ 800.799950] __alloc_pages_nodemask+0x2129/0x2730 [ 800.804832] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 800.809700] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 800.814575] ? do_raw_spin_unlock+0x164/0x250 [ 800.819105] alloc_pages_current+0xe7/0x1e0 [ 800.823447] kvm_mmu_create+0xd1/0x1c0 [ 800.827387] kvm_arch_vcpu_init+0x282/0x890 [ 800.831735] ? alloc_pages_current+0xef/0x1e0 [ 800.836244] kvm_vcpu_init+0x26d/0x360 [ 800.840142] vmx_create_vcpu+0xf5/0x2950 [ 800.844221] ? __mutex_unlock_slowpath+0x75/0x780 [ 800.849127] ? drop_futex_key_refs.isra.0+0x17/0x80 [ 800.854166] ? alloc_loaded_vmcs+0x240/0x240 [ 800.858678] kvm_vm_ioctl+0x4ae/0x1430 [ 800.862576] ? __lock_acquire+0x655/0x42a0 [ 800.866812] ? kvm_vcpu_release+0xa0/0xa0 [ 800.870979] ? trace_hardirqs_on+0x10/0x10 [ 800.875225] ? trace_hardirqs_on+0x10/0x10 [ 800.879464] ? futex_exit_release+0x60/0x60 [ 800.883788] ? __might_fault+0x104/0x1b0 [ 800.887855] ? lock_acquire+0x170/0x3f0 [ 800.891826] ? kvm_vcpu_release+0xa0/0xa0 [ 800.895973] do_vfs_ioctl+0x75a/0xfe0 [ 800.899773] ? selinux_parse_skb.constprop.0+0x16c0/0x16c0 [ 800.905424] ? ioctl_preallocate+0x1a0/0x1a0 [ 800.909847] ? security_file_ioctl+0x76/0xb0 [ 800.914253] ? security_file_ioctl+0x83/0xb0 [ 800.918672] SyS_ioctl+0x7f/0xb0 [ 800.922033] ? do_vfs_ioctl+0xfe0/0xfe0 [ 800.926002] do_syscall_64+0x1d5/0x640 [ 800.929898] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 800.935088] RIP: 0033:0x45cba9 [ 800.938270] RSP: 002b:00007ffa78a6ac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 800.945999] RAX: ffffffffffffffda RBX: 00000000004e85c0 RCX: 000000000045cba9 [ 800.953271] RDX: 0000000000000000 RSI: 000000000000ae41 RDI: 0000000000000005 [ 800.960560] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 800.967892] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 800.975176] R13: 00000000000003a3 R14: 00000000004c652f R15: 00007ffa78a6b6d4 [ 800.986980] page allocation failure: order:0, mode:0x14000c4(GFP_KERNEL|GFP_DMA32), nodemask=(null) [ 801.022852] syz-executor.1 cpuset=/ mems_allowed=0-1 [ 801.029774] CPU: 1 PID: 6498 Comm: syz-executor.1 Not tainted 4.14.184-syzkaller #0 [ 801.037602] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 801.046971] Call Trace: [ 801.049583] dump_stack+0x1b2/0x283 [ 801.053238] warn_alloc.cold+0x96/0x1af [ 801.057230] ? zone_watermark_ok_safe+0x250/0x250 [ 801.062118] ? wait_for_completion_io+0x10/0x10 [ 801.066823] __alloc_pages_nodemask+0x2129/0x2730 [ 801.071743] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 801.076645] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 801.081551] ? do_raw_spin_unlock+0x164/0x250 [ 801.086097] alloc_pages_current+0xe7/0x1e0 [ 801.090580] kvm_mmu_create+0xd1/0x1c0 [ 801.094489] kvm_arch_vcpu_init+0x282/0x890 [ 801.098941] ? alloc_pages_current+0xef/0x1e0 [ 801.103502] kvm_vcpu_init+0x26d/0x360 [ 801.107414] vmx_create_vcpu+0xf5/0x2950 [ 801.111640] ? __mutex_unlock_slowpath+0x75/0x780 [ 801.114207] warn_alloc_show_mem: 2 callbacks suppressed [ 801.114211] Mem-Info: [ 801.116497] ? drop_futex_key_refs.isra.0+0x17/0x80 [ 801.116516] ? alloc_loaded_vmcs+0x240/0x240 [ 801.116534] kvm_vm_ioctl+0x4ae/0x1430 [ 801.116554] ? __lock_acquire+0x655/0x42a0 [ 801.122920] active_anon:1042220 inactive_anon:4039 isolated_anon:0 [ 801.122920] active_file:3906 inactive_file:7604 isolated_file:0 [ 801.122920] unevictable:0 dirty:42 writeback:31 unstable:0 [ 801.122920] slab_reclaimable:16176 slab_unreclaimable:138545 [ 801.122920] mapped:58368 shmem:4200 pagetables:31004 bounce:0 03:29:30 executing program 3: r0 = socket$inet(0x2b, 0x1, 0x0) bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x19}}, 0x10) connect$inet(r0, &(0x7f0000000100)={0x2, 0x4e23, @local}, 0x10) dup(r0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dlm_plock\x00', 0x28880, 0x0) openat$null(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/null\x00', 0xc2140, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) perf_event_open$cgroup(&(0x7f0000000180)={0x2, 0x70, 0x8, 0x1, 0x20, 0x1f, 0x0, 0x3, 0x8a908, 0x2, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x6, 0x1, @perf_bp={&(0x7f0000000140), 0x6}, 0x1108, 0xffff, 0x1000, 0x5, 0x8, 0x5, 0x8}, 0xffffffffffffffff, 0x7, 0xffffffffffffffff, 0x1) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r6 = dup(r5) ioctl$PERF_EVENT_IOC_ENABLE(r6, 0x8912, 0x400200) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0xfffffffffffffffa) [ 801.122920] free:267979 free_pcp:348 free_cma:0 [ 801.124354] ? kvm_vcpu_release+0xa0/0xa0 [ 801.124370] ? trace_hardirqs_on+0x10/0x10 [ 801.124386] ? trace_hardirqs_on+0x10/0x10 [ 801.124403] ? futex_exit_release+0x60/0x60 [ 801.129772] Node 0 active_anon:1914300kB inactive_anon:16128kB active_file:24kB inactive_file:8kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:213744kB dirty:4kB writeback:8kB shmem:16772kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 1445888kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 801.133828] ? __might_fault+0x104/0x1b0 [ 801.133843] ? lock_acquire+0x170/0x3f0 [ 801.133856] ? kvm_vcpu_release+0xa0/0xa0 [ 801.133868] do_vfs_ioctl+0x75a/0xfe0 [ 801.133884] ? selinux_parse_skb.constprop.0+0x16c0/0x16c0 [ 801.133894] ? ioctl_preallocate+0x1a0/0x1a0 [ 801.133914] ? security_file_ioctl+0x76/0xb0 [ 801.133923] ? security_file_ioctl+0x83/0xb0 [ 801.133937] SyS_ioctl+0x7f/0xb0 03:29:30 executing program 3: r0 = socket$inet(0x2b, 0x1, 0x0) bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e23, @multicast2}, 0x31) connect$inet(r0, &(0x7f0000000100)={0x2, 0x4e23, @local}, 0x10) r1 = dup(r0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) sendto$inet(r3, &(0x7f0000000180)="29b12e3e8b84a7226a4be048422523f0bca02702f0d33bc379654a3158513bcd73f4e0c841adcab0fb4152edec321aaec2976ba326331ed6f190a71b20b7a3624df711c1ad9f3787add9c0a0932f8683fa5d85e448310aa368bc759c671d0f750a773806d1449a4bda65e961e1b9bfd91548699e54fe475ef74550002ce80533ceaab168c70f117abc402d6761a884b88d58d149cb3004f0fab93ff4d25303d108adbe25e2d4c0782f48160449e0", 0x5a, 0x6008000, &(0x7f0000000140)={0x2, 0x4e26, @remote}, 0xfffffffffffffe9c) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) [ 801.152268] Node 1 active_anon:2254580kB inactive_anon:28kB active_file:15600kB inactive_file:30408kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:19728kB dirty:164kB writeback:116kB shmem:28kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 801.176232] ? do_vfs_ioctl+0xfe0/0xfe0 [ 801.176252] do_syscall_64+0x1d5/0x640 [ 801.176270] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 801.176280] RIP: 0033:0x45cba9 [ 801.176285] RSP: 002b:00007f4b1ca47c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 801.176296] RAX: ffffffffffffffda RBX: 00000000004e85c0 RCX: 000000000045cba9 [ 801.176302] RDX: 0000000000000000 RSI: 000000000000ae41 RDI: 0000000000000007 [ 801.176308] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 801.176312] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 801.176318] R13: 00000000000003a3 R14: 00000000004c652f R15: 00007f4b1ca486d4 03:29:30 executing program 1: openat$adsp1(0xffffffffffffff9c, 0x0, 0x0, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = dup(0xffffffffffffffff) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = socket$nl_route(0x10, 0x3, 0x0) r4 = socket$netlink(0x10, 0x3, 0x0) r5 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r5, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r5, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000700)=ANY=[@ANYBLOB="3c00000010008506000000000000000000000000a9ca38c92d8791e4f8ecd5387c9f92ca3c0ebd11e50a7a4333cb2d7f9e9abd7e1f0aeeaacbd3d3dad5bcac06af33c826a14f96294ac2c2773788fee90542c4452756dea487a2647dd75f79127822c994d7b4d28e609349aec463d06e119421ffd121c065c8a0ab6c1e3033dbd0e6007a351085489523d5f454031c7b52959434884c535550ee5dffaeb2e4184f5a6ae1632d0611fa29bc7ac399b91813e0a860ad76abf8d332a2377e7b5c4a02311ecaecf6e4fbb67a2aa2a3d5c51d77354dec76886d440da8ba3ea52041b2d4f6f1c9c262d20568a9cd8645a6ba6917f9b47e31aa0ce3d6", @ANYRES32=r6, @ANYBLOB="0100000c00010062076e640000000000ffffffff"], 0x3c}}, 0x0) sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000140)=@newlink={0x3c, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, r6}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @bond={{0x9, 0x1, 'bond\x00'}, {0xc, 0x2, 0x0, 0x1, [@IFLA_BOND_MIIMON={0x8, 0x3, 0x3}]}}}]}, 0x3c}}, 0x0) setsockopt$packet_drop_memb(r2, 0x107, 0x2, &(0x7f00000000c0)={r6, 0x1, 0x6, @local}, 0x10) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r7 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r8 = dup(r7) ioctl$PERF_EVENT_IOC_ENABLE(r8, 0x8912, 0x400200) ioctl$KVM_SET_IRQCHIP(0xffffffffffffffff, 0x8208ae63, &(0x7f0000000300)={0x2, 0x0, @pic={0x4, 0x40, 0x81, 0x5, 0x50, 0x0, 0x8, 0xaf, 0xea, 0x1f, 0x9, 0xf8, 0x0, 0x20, 0x0, 0x1}}) r9 = open(&(0x7f0000000040)='./file0\x00', 0x90002, 0x10) ioctl$DRM_IOCTL_AUTH_MAGIC(r9, 0x40046411, &(0x7f0000000080)=0xeb64) [ 801.369267] Node 0 DMA free:10448kB min:220kB low:272kB high:324kB active_anon:4344kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:4kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 801.398040] lowmem_reserve[]: 0 2559 2559 2559 2559 [ 801.403719] Node 0 DMA32 free:36088kB min:36296kB low:45368kB high:54440kB active_anon:1909956kB inactive_anon:16128kB active_file:28kB inactive_file:4kB unevictable:0kB writepending:8kB present:3129332kB managed:2623992kB mlocked:0kB kernel_stack:12512kB pagetables:45736kB bounce:0kB free_pcp:548kB local_pcp:176kB free_cma:0kB [ 801.512918] netlink: 28 bytes leftover after parsing attributes in process `syz-executor.1'. [ 801.523942] lowmem_reserve[]: 0 0 0 0 0 [ 801.540475] Node 0 Normal free:0kB min:0kB low:0kB high:0kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:0kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 801.582259] syz-executor.5: page allocation failure: order:0, mode:0x14000c4(GFP_KERNEL|GFP_DMA32), nodemask=(null) [ 801.617616] syz-executor.5 cpuset=/ mems_allowed=0-1 [ 801.630181] CPU: 0 PID: 6515 Comm: syz-executor.5 Not tainted 4.14.184-syzkaller #0 [ 801.638038] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 801.647415] Call Trace: [ 801.650030] dump_stack+0x1b2/0x283 [ 801.653693] warn_alloc.cold+0x96/0x1af [ 801.657693] ? zone_watermark_ok_safe+0x250/0x250 [ 801.662580] ? wait_for_completion_io+0x10/0x10 [ 801.667270] __alloc_pages_nodemask+0x2129/0x2730 [ 801.672266] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 801.677136] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 801.682010] ? do_raw_spin_unlock+0x164/0x250 [ 801.686524] alloc_pages_current+0xe7/0x1e0 [ 801.690874] kvm_mmu_create+0xd1/0x1c0 [ 801.694931] kvm_arch_vcpu_init+0x282/0x890 [ 801.699285] ? alloc_pages_current+0xef/0x1e0 [ 801.703804] kvm_vcpu_init+0x26d/0x360 [ 801.707712] vmx_create_vcpu+0xf5/0x2950 [ 801.711908] ? __mutex_unlock_slowpath+0x75/0x780 [ 801.716783] ? drop_futex_key_refs.isra.0+0x17/0x80 [ 801.721836] ? alloc_loaded_vmcs+0x240/0x240 [ 801.726275] kvm_vm_ioctl+0x4ae/0x1430 [ 801.730197] ? __lock_acquire+0x655/0x42a0 [ 801.734465] ? kvm_vcpu_release+0xa0/0xa0 [ 801.738659] ? trace_hardirqs_on+0x10/0x10 [ 801.742926] ? trace_hardirqs_on+0x10/0x10 [ 801.747177] ? check_preemption_disabled+0x35/0x240 [ 801.752218] ? futex_exit_release+0x60/0x60 [ 801.756563] ? finish_task_switch+0x178/0x610 [ 801.761103] ? __might_fault+0x104/0x1b0 [ 801.765190] ? lock_acquire+0x170/0x3f0 [ 801.769187] ? kvm_vcpu_release+0xa0/0xa0 [ 801.773357] do_vfs_ioctl+0x75a/0xfe0 [ 801.777178] ? selinux_parse_skb.constprop.0+0x16c0/0x16c0 [ 801.782856] ? ioctl_preallocate+0x1a0/0x1a0 [ 801.787342] ? security_file_ioctl+0x76/0xb0 [ 801.791790] ? security_file_ioctl+0x83/0xb0 [ 801.796214] SyS_ioctl+0x7f/0xb0 [ 801.799604] ? do_vfs_ioctl+0xfe0/0xfe0 [ 801.800069] syz-executor.1: [ 801.803636] do_syscall_64+0x1d5/0x640 [ 801.803657] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 801.803668] RIP: 0033:0x45cba9 [ 801.803673] RSP: 002b:00007ffa78a49c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 801.803683] RAX: ffffffffffffffda RBX: 00000000004e85c0 RCX: 000000000045cba9 [ 801.803688] RDX: 0000000000000000 RSI: 000000000000ae41 RDI: 0000000000000005 [ 801.803692] RBP: 000000000078bfa0 R08: 0000000000000000 R09: 0000000000000000 [ 801.803697] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 801.803702] R13: 00000000000003a3 R14: 00000000004c652f R15: 00007ffa78a4a6d4 [ 801.810670] lowmem_reserve[]: [ 801.839309] page allocation failure: order:0 [ 801.842506] 0 [ 801.850826] , mode:0x14000c4(GFP_KERNEL|GFP_DMA32), nodemask= [ 801.857826] 0 [ 801.875658] (null) [ 801.881038] 0 [ 801.884668] syz-executor.1 cpuset= [ 801.886327] 0 [ 801.886550] / [ 801.890478] 0 [ 801.894922] mems_allowed=0-1 [ 801.896815] CPU: 1 PID: 6582 Comm: syz-executor.1 Not tainted 4.14.184-syzkaller #0 [ 801.900203] Node 1 [ 801.907647] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 801.907653] Call Trace: [ 801.907681] dump_stack+0x1b2/0x283 [ 801.907696] warn_alloc.cold+0x96/0x1af [ 801.907707] ? zone_watermark_ok_safe+0x250/0x250 [ 801.907733] ? wait_for_completion_io+0x10/0x10 [ 801.907748] __alloc_pages_nodemask+0x2129/0x2730 [ 801.907771] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 801.907782] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 801.907807] ? do_raw_spin_unlock+0x164/0x250 [ 801.914954] Normal free:1028480kB min:53592kB low:66988kB high:80384kB active_anon:2254836kB inactive_anon:28kB active_file:15604kB inactive_file:30408kB unevictable:0kB writepending:52kB present:3932160kB managed:3870192kB mlocked:0kB kernel_stack:31744kB pagetables:77684kB bounce:0kB free_pcp:872kB local_pcp:144kB free_cma:0kB [ 801.919443] alloc_pages_current+0xe7/0x1e0 [ 801.919462] kvm_mmu_create+0xd1/0x1c0 [ 801.919478] kvm_arch_vcpu_init+0x282/0x890 [ 801.927480] lowmem_reserve[]: [ 801.929688] ? alloc_pages_current+0xef/0x1e0 [ 801.929706] kvm_vcpu_init+0x26d/0x360 [ 801.929722] vmx_create_vcpu+0xf5/0x2950 [ 801.937223] 0 [ 801.939279] ? __mutex_unlock_slowpath+0x75/0x780 [ 801.939292] ? drop_futex_key_refs.isra.0+0x17/0x80 [ 801.939307] ? alloc_loaded_vmcs+0x240/0x240 [ 801.946458] 0 [ 801.949008] kvm_vm_ioctl+0x4ae/0x1430 [ 801.949028] ? __lock_acquire+0x655/0x42a0 [ 801.956259] 0 [ 801.958398] ? kvm_vcpu_release+0xa0/0xa0 [ 801.958421] ? trace_hardirqs_on+0x10/0x10 [ 801.989959] 0 [ 801.992132] ? trace_hardirqs_on+0x10/0x10 [ 801.992147] ? futex_exit_release+0x60/0x60 [ 801.992162] ? __might_fault+0x104/0x1b0 [ 801.992174] ? lock_acquire+0x170/0x3f0 [ 801.999294] 0 [ 802.000502] ? kvm_vcpu_release+0xa0/0xa0 [ 802.000515] do_vfs_ioctl+0x75a/0xfe0 [ 802.000530] ? selinux_parse_skb.constprop.0+0x16c0/0x16c0 [ 802.000543] ? ioctl_preallocate+0x1a0/0x1a0 [ 802.008156] ? security_file_ioctl+0x76/0xb0 [ 802.008168] ? security_file_ioctl+0x83/0xb0 [ 802.013428] Node 0 [ 802.016119] SyS_ioctl+0x7f/0xb0 [ 802.016131] ? do_vfs_ioctl+0xfe0/0xfe0 [ 802.016150] do_syscall_64+0x1d5/0x640 [ 802.018166] DMA: [ 802.022817] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 802.022830] RIP: 0033:0x45cba9 [ 802.022835] RSP: 002b:00007f4b1ca26c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 802.022845] RAX: ffffffffffffffda RBX: 00000000004e85c0 RCX: 000000000045cba9 [ 802.022850] RDX: 0000000000000000 RSI: 000000000000ae41 RDI: 0000000000000004 [ 802.022855] RBP: 000000000078bfa0 R08: 0000000000000000 R09: 0000000000000000 [ 802.022859] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 802.022864] R13: 00000000000003a3 R14: 00000000004c652f R15: 00007f4b1ca276d4 [ 802.066086] netlink: 28 bytes leftover after parsing attributes in process `syz-executor.1'. [ 802.076545] 4*4kB (M) 12*8kB (UM) 4*16kB (UM) 5*32kB (UM) 2*64kB (UM) 2*128kB (UM) 0*256kB 1*512kB (M) 1*1024kB (M) 0*2048kB 2*4096kB (ME) = 10448kB [ 802.193714] Node 0 DMA32: 338*4kB (ME) 480*8kB (UMEH) 86*16kB (UME) 24*32kB (UM) 57*64kB (ME) 38*128kB (UME) 26*256kB (UME) 13*512kB (UM) 7*1024kB (ME) 0*2048kB 0*4096kB = 36328kB [ 802.210741] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 802.221958] Node 1 Normal: 235*4kB (UME) 163*8kB (UME) 213*16kB (UME) 87*32kB (UME) 31*64kB (UME) 17*128kB (UME) 17*256kB (UM) 10*512kB (UM) 10*1024kB (UME) 5*2048kB (UME) 241*4096kB (M) = 1029684kB [ 802.241133] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 802.250158] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 802.259836] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB 03:29:31 executing program 5: openat$adsp1(0xffffffffffffff9c, &(0x7f0000000180)='/dev/adsp1\x00', 0x0, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60) r2 = msgget$private(0x0, 0x2f) msgctl$IPC_RMID(r2, 0x0) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) 03:29:31 executing program 2: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8d, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000280)={0x38, 0x2, 0x0, 0x0, 0x8}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f00000041c0)=[{{&(0x7f0000000780)=@xdp, 0x80, &(0x7f0000000b40)=[{&(0x7f0000000800)=""/55, 0x37}], 0x1}, 0x405}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) write$P9_RGETLOCK(r2, &(0x7f00000003c0)=ANY=[@ANYBLOB="350000194e621100000000000000000700f0000000000000cabccf258f89fc6da8c395aa018d83e0c6356c5aded74dc7e99c74d427ae85f25c5b80b95c85957da97fba0896741c3b4a18e6f44167ddbe0c0570d3438eccb779ee1311dcdfdf829060face36020a87829ad8dc6794ba8425204fd2014fcb7feb8c886459fe1c0d6e02cda33131a6a09c45c7436506c7f9e71402c4c9f4a71128e7727ee3582fe45a858994ce3dab322c7846ef0af200", @ANYRES32, @ANYBLOB="17007573657ac194ca"], 0x35) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x363) perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x7e, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x70, 0xffffffffffff0000}, 0x9000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x4000000000000071, 0x0) r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000340)={0x6, 0x0, 0x0, 0x204f}) ioctl$DRM_IOCTL_AGP_FREE(r2, 0x40206435, &(0x7f00000004c0)={0x81, r5, 0x10000, 0x7}) ioctl$SNDRV_PCM_IOCTL_RESUME(r3, 0x4147, 0x0) mount$fuse(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000040)='fuse\x00', 0x0, &(0x7f0000000140)={{'fd', 0x3d, r4}, 0x2c, {'rootmode', 0x3d, 0x807a}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) 03:29:31 executing program 0: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8d, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000280)={0x38, 0x2, 0x0, 0x0, 0x8}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f00000041c0)=[{{0x0, 0x0, &(0x7f0000000b40)=[{&(0x7f0000000800)=""/55, 0x37}], 0x1}, 0x405}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) write$P9_RGETLOCK(r2, &(0x7f00000003c0)=ANY=[@ANYBLOB="350000194e621100000000000000000700f0000000000000cabccf258f89fc6da8c395aa018d83e0c6356c5aded74dc7e99c74d427ae85f25c5b80b95c85957da97fba0896741c3b4a18e6f44167ddbe0c0570d3438eccb779ee1311dcdfdf829060face36020a87829ad8dc6794ba8425204fd2014fcb7feb8c886459fe1c0d6e02cda33131a6a09c45c7436506c7f9e71402c4c9f4a71128e7727ee3582fe45a858994ce3dab322c7846ef0af200", @ANYRES32, @ANYBLOB="17007573657ac1"], 0x35) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x363) perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x7e, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000380)}, 0x9000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x4000000000000071, 0x0) r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000340)={0x6, 0x0, 0x0, 0x204f}) ioctl$DRM_IOCTL_AGP_FREE(r2, 0x40206435, &(0x7f00000004c0)={0x81, r5, 0x10000, 0x7}) ioctl$SNDRV_PCM_IOCTL_RESUME(r3, 0x4147, 0x0) mount$fuse(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000040)='fuse\x00', 0x0, &(0x7f0000000140)={{'fd', 0x3d, r4}, 0x2c, {'rootmode', 0x3d, 0x807a}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) 03:29:31 executing program 4: r0 = socket$inet(0x2b, 0x1, 0x0) bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e23, @multicast2}, 0x31) connect$inet(r0, &(0x7f0000000100)={0x2, 0x4e23, @local}, 0x10) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000140)='l2tp\x00') r6 = socket$inet_udplite(0x2, 0x2, 0x88) sendmsg$L2TP_CMD_TUNNEL_CREATE(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000280)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="230900000000000000000100000005000700000000000800090000000000060002000100000008000a000000000008001700", @ANYRES16=r6], 0x3c}}, 0x0) sendmsg$L2TP_CMD_TUNNEL_CREATE(r3, &(0x7f00000002c0)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000280)={&(0x7f0000000240)={0x30, r5, 0x4, 0x70bd29, 0x25dfdbfb, {}, [@L2TP_ATTR_PEER_SESSION_ID={0x8, 0xc, 0x4}, @L2TP_ATTR_IP6_SADDR={0x14, 0x1f, @dev={0xfe, 0x80, [], 0x3b}}]}, 0x30}, 0x1, 0x0, 0x0, 0x4000014}, 0x40000) r7 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r7, 0x8912, 0x400200) ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000080)={'team0\x00'}) select(0x40, &(0x7f00000000c0)={0x1ea6, 0x8001, 0x1, 0x3, 0x6, 0x1aae, 0x6, 0x7}, &(0x7f0000000140)={0x1, 0x4, 0xc9, 0x8, 0x4, 0x6, 0x6e, 0x4}, &(0x7f0000000180)={0x101, 0x1, 0x6, 0x7, 0x3e, 0x3, 0x3, 0x4}, &(0x7f00000001c0)={0x77359400}) 03:29:31 executing program 3: r0 = socket$inet(0x2b, 0x1, 0x0) bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e23, @multicast2}, 0x31) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r0) write$cgroup_devices(r2, &(0x7f0000000140)=ANY=[@ANYBLOB="62202a3a2e20dd13934266fd2e2f736c49b997078cf7ae65651a3f93416f62a88d4bf78d8be906df9631bf041e51"], 0x9) r3 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) request_key(&(0x7f00000000c0)='ceph\x00', &(0x7f0000000180)={'syz', 0x0}, &(0x7f00000001c0)='/\xae\\.\x00', 0xfffffffffffffffb) setsockopt$inet_sctp_SCTP_AUTH_CHUNK(r3, 0x84, 0x15, &(0x7f0000000040)={0xc}, 0x1) connect$inet(r0, &(0x7f0000000100)={0x2, 0x4e23, @local}, 0x10) setsockopt$nfc_llcp_NFC_LLCP_MIUX(r3, 0x118, 0x1, &(0x7f0000000080)=0xff, 0x4) r4 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) 03:29:31 executing program 1: openat$adsp1(0xffffffffffffff9c, 0x0, 0x0, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = socket(0xa, 0x1, 0x0) close(r3) r4 = socket$inet6_sctp(0xa, 0x10000000005, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r4, 0x84, 0x6e, &(0x7f0000000180)=[@in6={0xa, 0x0, 0x0, @remote, 0x9}], 0x1c) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r4, 0x84, 0x1d, &(0x7f0000000080)=ANY=[@ANYBLOB="4a8c555d62899abc85c7c2235ad5a5dc9ba2fe9c79a1", @ANYRES32=0x0], &(0x7f000095dffc)=0x8) sendmmsg$inet_sctp(r3, &(0x7f0000002cc0)=[{0x0, 0x29e, 0x0, 0x0, &(0x7f00000016c0)=[@sndinfo={0x20, 0x84, 0x2, {0x0, 0x4, 0x0, 0x0, r5}}], 0x20}], 0x1, 0x0) setsockopt$inet_sctp6_SCTP_AUTH_DELETE_KEY(r2, 0x84, 0x19, &(0x7f0000000040)={r5, 0x7}, 0x8) ioctl$KVM_SET_IRQCHIP(0xffffffffffffffff, 0x8208ae63, &(0x7f0000000300)={0x2, 0x0, @ioapic={0x0, 0x0, 0x0, 0x7fff, 0x0, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0xff}]}}) [ 802.269548] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 802.279855] 12605 total pagecache pages [ 802.283967] 0 pages in swap cache [ 802.287423] Swap cache stats: add 0, delete 0, find 0/0 [ 802.293088] Free swap = 0kB [ 802.296121] Total swap = 0kB [ 802.299246] 1965979 pages RAM [ 802.302442] 0 pages HighMem/MovableOnly [ 802.306411] 338456 pages reserved [ 802.310032] 0 pages cma reserved 03:29:31 executing program 3: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ioctl$RNDZAPENTCNT(r1, 0x5204, &(0x7f0000000040)=0x5) r2 = socket$inet(0x2b, 0x1, 0x0) r3 = syz_genetlink_get_family_id$tipc(&(0x7f0000000200)='TIPC\x00') sendmsg$TIPC_CMD_GET_LINKS(r1, &(0x7f00000001c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)={0x24, r3, 0x400, 0x70bd28, 0x25dfdbfd, {{}, {}, {0x8}}, [""]}, 0x24}, 0x1, 0x0, 0x0, 0x20040800}, 0x40804) bind$inet(r2, &(0x7f0000000000)={0x2, 0x4e23, @multicast2}, 0x31) connect$inet(r2, &(0x7f0000000100)={0x2, 0x4e23, @local}, 0x10) r4 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) [ 802.446884] l2tp_core: tunl 0: fd 10 wrong protocol, got 136, expected 115 03:29:31 executing program 0: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8d, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000280)={0x38, 0x2, 0x0, 0x0, 0x8}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f00000041c0)=[{{0x0, 0x0, &(0x7f0000000b40)=[{&(0x7f0000000800)=""/55, 0x37}], 0x1}, 0x405}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) write$P9_RGETLOCK(r2, &(0x7f00000003c0)=ANY=[@ANYBLOB="350000194e621100000000000000000700f0000000000000cabccf258f89fc6da8c395aa018d83e0c6356c5aded74dc7e99c74d427ae85f25c5b80b95c85957da97fba0896741c3b4a18e6f44167ddbe0c0570d3438eccb779ee1311dcdfdf829060face36020a87829ad8dc6794ba8425204fd2014fcb7feb8c886459fe1c0d6e02cda33131a6a09c45c7436506c7f9e71402c4c9f4a71128e7727ee3582fe45a858994ce3dab322c7846ef0af200", @ANYRES32, @ANYBLOB="17007573657ac1"], 0x35) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x363) perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x7e, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000380)}, 0x9000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x4000000000000071, 0x0) r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000340)={0x6, 0x0, 0x0, 0x204f}) ioctl$DRM_IOCTL_AGP_FREE(r2, 0x40206435, &(0x7f00000004c0)={0x81, r5, 0x10000, 0x7}) ioctl$SNDRV_PCM_IOCTL_RESUME(r3, 0x4147, 0x0) mount$fuse(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000040)='fuse\x00', 0x0, &(0x7f0000000140)={{'fd', 0x3d, r4}, 0x2c, {'rootmode', 0x3d, 0x807a}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) 03:29:31 executing program 2: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8d, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000280)={0x38, 0x2, 0x0, 0x0, 0x8}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000000d40)=[{{&(0x7f0000000500)=@ethernet={0x0, @remote}, 0x80, &(0x7f0000000900)=[{&(0x7f0000000580)=""/195, 0xc3}, {&(0x7f0000000680)=""/83, 0x53}, {&(0x7f0000000700)=""/196, 0xc4}, {&(0x7f0000000480)=""/49, 0x31}, {&(0x7f0000000800)=""/209, 0xd1}], 0x5, &(0x7f0000000980)=""/87, 0x57}, 0x3}, {{&(0x7f0000000a00)=@generic, 0x80, &(0x7f0000000c80)=[{&(0x7f0000000a80)=""/45, 0x2d}, {&(0x7f0000000ac0)=""/245, 0xf5}, {&(0x7f0000000bc0)=""/13, 0xd}, {&(0x7f0000000c00)=""/70, 0x46}], 0x4}, 0x7}], 0x2, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) write$P9_RGETLOCK(r2, &(0x7f00000003c0)=ANY=[@ANYBLOB="350000194e621100000000000000000700f0000000000000cabccf258f89fc6da8c395aa018d83e0c6356c5aded74dc7e99c74d427ae85f25c5b80b95c85957da97fba0896741c3b4a18e6f44167ddbe0c0570d3438eccb779ee1311dcdfdf829060face36020a87829ad8dc6794ba8425204fd2014fcb7feb8c886459fe1c0d6e02cda33131a6a09c45c7436506c7f9e71402c4c9f4a71128e7727ee3582fe45a858994ce3dab322c7846ef0af200", @ANYRES32, @ANYBLOB="17007573657ac194ca"], 0x35) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x363) perf_event_open(&(0x7f0000000cc0)={0x2, 0x70, 0x7e, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000380)}, 0x2b140, 0xfffffffffffffffe, 0x0, 0x0, 0x81, 0x10000000, 0xfffc}, 0x0, 0x0, 0xffffffffffffffff, 0x1) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x4000000000000071, 0x0) r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000340)={0x6, 0x0, 0x0, 0x204f}) ioctl$DRM_IOCTL_AGP_FREE(r2, 0x40206435, &(0x7f00000004c0)={0x81, r5, 0x10000, 0x7}) ioctl$SNDRV_PCM_IOCTL_RESUME(r3, 0x4147, 0x0) mount$fuse(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000040)='fuse\x00', 0x0, &(0x7f0000000140)={{'fd', 0x3d, r4}, 0x2c, {'rootmode', 0x3d, 0x807a}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) 03:29:31 executing program 1: openat$adsp1(0xffffffffffffff9c, 0x0, 0x0, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ioctl$KVM_SET_IRQCHIP(0xffffffffffffffff, 0x8208ae63, &(0x7f0000000300)={0x2, 0x0, @ioapic={0x0, 0x0, 0x0, 0x7fff}}) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = dup(r4) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) ioctl$KVM_GET_PIT2(r5, 0x8070ae9f, &(0x7f0000000040)) 03:29:31 executing program 3: r0 = socket$inet(0x2b, 0x1, 0x0) bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e23, @multicast2}, 0x31) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) write$ppp(r3, &(0x7f0000000340)="d9088f34672e182084f7d0d64902db50abad51c4eb75cbdad8d0f405a816e0162bcc137d6ff91f129524d75f405a4d8e2c1b6c098ade02f3b9b5e51b86a6ae8a7a6df9290433d697ec8689deaedfae4d61141b285304964cd2019aef1c103838dc4ef9b13d111aa6d09c7c8823981e891c3849991560dfe3d1e265ce3dc81d7d57e778f7476651c11861ed6004d7b8abcc34f6d80f835974fb11816449274eb184483dbdbaebffe60ab8b49316d71a1a60f108abb5d99d39773f286f6c377ba2ec5883c46291e0b21b4f4f586fb3d23ef9fa519e45ee8942b59cc13a73b4bffaea604df8fc2f7cdcfda402855f4de90b742c7fdb195e3f255658fbd53fb53acf3da61a29dcf6550fbabe7daf26047b4ce857cbf32c2eb67c62740ba3ac122e9c569e85f8e28d4c01a3990676b37416092e57c0d6099d498cc0e51a3c5a2573699fa6606a154dc646526bc2e5cd470f9a0634dda8d11ff60c434ad4e4be69e5dbb8a1446f14c3c560c529e7b8dcc6289189315bddc9d9e6a77dc79d3f8f9e818b7cf0d8adbf3af07e0af77b296d23d9c2a0013f0a94f382e12b48dbd79627b34838d9c3709f5362061c7185616bd33d75ba6ef5ff9e792091ef4668922ad5066a33e1d48c40a94790cd30f1c4c58cbbb4e912dd32e0db5fac79426354b55851567a296348cac6a51a854d75da86a31034ccfc794dc33d91ac9555ef03f0e3a2ab8ad95dbe606fbd2e6b302f4789316788b27cb076f907161eb8daf3e56e711041b53ead0f7c06ca7a4d55754eae6e9a92ea557f681fad46c50e798a9a9a4fd15cf7560dd0bd013507e8aa8c1b5b660be3c8861bc5bd6a8879fed52a655d49b7e9a2966845d6ea3f7a0413211de79aba918909652fe5df9d9d30b92e8fcfbddd535e9daecbd6e9eb7bcc5527dd9add2caea6e8fa638cc12ea934ef1301cf1cae542f992a433e6a8a6e68b4268ab64474145c5301167435a03507b761a171a40c1ac4b31f3310b91ff02d6bce8b2b495f22a37c7ae9ed208c197332fe2e8ce30a139b61092498329c780d66a2682b6d041d8b710273cb233ba02b07b2be01d555957c0ab93338c3249c6449e905da0bfd039c93851298fea8346e94a09b7e04d453e136411308d9b9326d0833639941af0a3b06dcf2fd064980170e90e9026d6885f3384d7b979c8a436910fee9e8835b46897631262efd278b60e480ccd19635498ae2b0f7bb127a43377c84516ad8969f406e8994738d66a1ef0fb6cd301536102f0f0247bd32e041373630e204e5c60bab1f74b7682076ac60e69181030d47cb5506530fb052078015f7d5e048dfb6b5880d42fc623477cdb93c99e5f39c202db6a1c315d93996655eee703d679936954b1f91e90df6619db7caaa5e29add5dc137b2a3924dd9e9711ee5c6c5266a6aa14da6c9d171a14c7c0e93d398fdeb53df64ee1a1c72e2a5811b0681e923f4b0f04720958ad585413e2ccdc14dbe17531e47120c5bbdf8e7665605865283ab9bd66be6821ef67863374d15ce8bcea982a349f4fa6b9a320cece8ce9168c13a235816c8511b929481f995913efcc8a2ee51fe6359295ec2c93bc8f2b0afe391fe7c53b58a9fed130321d2b62f3c27b1a4bddee7d069b3e07b4f7655e653bcba82165ae7722f504f8eebac1d1ca32d542bd61b8ef31b99d275f57ec02ede80ef10f5270cc107a39cc06553f5c322affc8594bf15218e6a1af7be0da5a807fae2da9361cd1a9f477d7c61f8d7e3ffa45ed9433f9eb68d2f8722df2dea8443b565c7bc50ddfb6fb5287d28624f02c8800bad5433f1daa08a1897c7ce773f47d04f31291f76555d76763310f7351d9c29e5a0fc323a51a11cd49827fb158085d3b0319ae5e5a0de648f902a8648ee549324e551f6fe301548bdf949917398756c008249b36131bcaf5444cd5804bebece2a81f3f3aa0bed4dec6ad69825feefbca8ecb78a4f9cd903e219b275c2baa0fd28c001d074f6083b8049e3b518ffc3572855552bae17b0de4be1fc3874e61d3a4509b5ab32a0fbf7f4761ffb9abb94e8d1ccb3493df1e2fe0298843d8b9d4831d587bf102678722f47c0483da90c60bc09f09c7d485c6a54d439e8a97a88b96b6be5db939638edcd4b80efd4f708224c15099b3a7b1538849a5d2148460ab528321b182181d8f0903d39cc95c05380b3fb543e2863b80de806f43b916cc67909e31a9b4550d3e8f6dcdc2207fb0b973f934a62f540cb211736a004c2a1081b533181795d8987feb84df0af005d1e04befdc622f8c0dfa1c68539f7dd750c9660cfeff727cd8db49f44d55fc3d9ede2a37f1ac9149924e1629f1a87946963acf70fc723c986ab4ad1fb486fb80c253e4c88ff2bf86283ec70aeb786f983a4be6cd9cbaf5a1609b1e2eb28cabac9ddb7475dad108e0c4e439079fe0bb12a977447d723bb26925750a5b74e5186fe2b70da2051db74aac665853279a2fe6cd5241250c7df745db2005ad013a03e9fce3563ed8240c305c5992d4c373d0cf1aa258667fb252a2d96af1afa8fcbf177149ba439274214e2897c9d50a29dc268e2f38d4990034359e22228dfb4f1e14964c15bd4868c585fe01b66634ed509fbeabfe618e689f1abcdfab83a05ddff46f4cd711aedd24748f93d27257662ee1315ae006c520a24d36169ca5e4cf87f1cbcecd591f8ff7d8d2af42ad265dc84e17617d8547b5d03764a41b5fab715ad24ff476d28aaad197a550fda6215deb89660b86331daf62a2877ccaa79e8590a91f900beff137f008bc2a90627a880cf7988abd1d941a0ca99e99c2ffb509621a00a442d348ebe0ab37b5b42bf69c414319f1899aa3222506ab2f1e5cf163ebbee202c4c77b5e37d9c1e805c3ccc5c1524ad088a7da32d736401bd8da36c32c7b89682f7432b44531c0084b1a38ebd578ecf56612bf847689d54b8c45d98d036ced9af0d8dd61d5bafc446f652c85e7c69f2d02d41b01a12913dad66f75313cc022e36c4ffa410f516d44285156b5e140a0c1cff9c331f541049897a50f21c2341a3c999649a8a6ddcd15960be99de653595c6cff03d3e40416611d107046dc79088a5ab12b7609ddea75178660f89b6a5304278eea1f83691691d5dcb01262bc69b1fb62954d3b709da3e51d471b5de073869d09ee64b4c9e3061fdeb877c6abd5c3c1afca26639ff7b5c3b4a82e4ff955cf153f4585834b60e4d569b2f11c0397feba198d62a84d4573390ad561fb2509c9d0618170ff9874df17b85078715f2ebe456278e3129c1a7a2378baf1d5d6f3cee6a2b0e41d6ba7cb64bf00505ab72ff9986b3076cf22ef2e9eb4df0974d1bf2ebffc56d5a6b1db01f271a0306ee4aaf66bdaf92732fd82a6af9ae2450156627a4aec024ce4e9bb5ef4d14d15cc53895a04626de4801ed9cd6da1cfeb485164521033977edd45ffefa3915b07b17c9f6f19b467c858e305cdc851fdc0e69b2407ece81acb91c6bc95f9b8e440ed0ab62b16d66c0e9312fde9032d43dff394164ab8c083389a72863949c9edce0d29ae40dfbc99e63c867926b4453b81c5dd0c524808649a5dc74412146e2503019eedcba29fe9161c299c5d8af6c69e7b820f1d31d7c8f00530ca0f1ad890650a1bb615b9c1987279bcc2054291405d7009e9ebdcda7c858cb036dd7ad8811d0cd67a35a12e8d919055215bf75b5c419374a9b9943b8e557d7a520e8b8f17cac757d384f63b5a8eae679ae0c5bf366283b9b4329d460dd15e72195b80e55d0fc08abf92ef7ca0487ea5f207792cbc238eb849f06dc3e6e46e566a6612472fd25735eb542bee946d38da896f55d01742ce51a9a24335b609f26cbedc3c3d833a80087e9156e62a2a1cfe0be5e64f6dc6818dcc8525da07615098aa948f124e05130dd0b0e10268291568881d453267d32166851b40e28f7eea53e89637248c17fbcd686704737f6e77473d5b997567c16d54a3145a8cbe6c8033bb713a3a09295ae4340a7fc7250460a2d3af2d61f3ed467da1531fa8264c3c5dc3e2e3fb08070846cdab9ba600e0248365f9912207d11761a68f74e6b311dcf039f6c4a94c78452a7363d2229e37a3c2ed8c1961f012f0d121a4e577ab5a262347b1981638a8c1b178f99515291f6d79ec3cd33bd732e5b358a634a061beb3257157c7797d17dabeb2e15b9d3ab5075e85081af250a4a31664ab5182c33b1e13dc7ce0f50186267847157d3d5ce80775126d761e828491e282c87e59330f13d85dffb634643a190be8d0e793be88802a6518365efd96567760e1e47880466e15582bafa03a1950c1d59fd0a7abe861f020b0e735e472b31fd455501e3f103434dd36147db654cc2480baeac69b527e7d1cbe9e7d19fcbd712fecca03ffc076e7dc1d791a2f0116f5be800fb88e62d3b58478271e7ccee5159815b4ff405da768967a67b6260870042d482f5efdd03b794dc3ed8b48c8fb5448a53b9a12a4676ed20764a9c6fb2da6e7da657eea2517e9288943d973a8b2ab9d54d3119bb5d0a35666145459e3095fe9f9d5c231f113d58168b223bb118c8377471deaf2b82f5a6d109831bd18fb779b5ae6ac1072a3b8f3a13b1657843fdbabe45c8a0eba5a20d09252d42d420e507472451ea1b1b506e0d72c7357f2f363fc5594ce782ddeea90785f653055cb42cb8ccf78e5b820f884adfcc6e3086afa6419d486b19e541fcd5ced6b6f647b31b12b3b7b485b0f3f19c385824338e298aaa694f228eceb2912acd1ed822d0a8e2211ef322c1529fe04224fe0ee51679b10fe639e3679b6bb4cbc9cb436779c4e7d9d89336db8a4e5c430f0ce78945d141888d5eeca7d03f6ea87fef6b5a2ac2f5fc86c609e72463b1dff6858960d79cff906828ccb2683dbcb0c844ce17cee7f5638fad3f1bf39369ce7891c267044afef5ee088d30ee14ccb4612ff9c003bffe64969bc21957b1de686718944adea1c1b80d292073795eb6a8cb773bf1935b7d441fa86aa7b33475da4ce290713f567f7a912a6dd55d7265da750aa8b32b0a64457f2cf847f8b64f3ab6ab009d46c30ee1d0e93b404ccfc7564a3fd4d0a81b110e156306eb813668d447b6fef0047fdfa2f846f8a5c336d3fd0f8eabd5d44ca699239537aa9165142480acf83d9a46b7006896f789b2a812ab4c289f93f123d3ae1a60f86976ad66b34f18127e99771a3cdbbc844a2ec811bd8ada72344b8dece034e714049fb20b5890518f37314dc1c29cb6c2115592358971a9859ad02375009be11ee9edc0853f32b011ac69287940a383b319927cfb1049eaf24967472f81ebcdd590e872f10b9d15ac7975584a422e47b6089034d244b2f38847253d1f781febdb81e20be75ad662b1c71c4d30ca853953b7b1f89ae72f8270c1073df61cc6b4497f02a598e0fcb0bbb17b528ed6242e587b4d9f8748bdc27c8054b078bd5c91e0558bcbf9eb07bfb818de52c966c6c65ebc9d9e4f9df18a9b2fe51bb703f4e26203f6214446c4450ddb0c04020fd60b1805993a7c9a1ae3b254f1c70f7407f6f289994ae2f267ba692643977560e6758addbb73733599f61e5a21b499cdf48042454e20645a15bf1df06dc628463f5775d2c720ecc86768745fd0136ed0c5cf8824a135e45a87708e9c1481336b3a8f58aa45928c4efa76179b6140f251e3ea6f3d57fecffa2d3164482aa8dface0c865b5c0572b70faf86fd74c7b44c118282eda7c4214c8da3c646fd414dd77a0dc9e33cfaeccafaf947a80bf01b0b067c445475b1bb71388e1e9851bf633d41553e5279", 0x1000) r4 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$KVM_INTERRUPT(r4, 0x4004ae86, &(0x7f0000000040)=0x7924cecd) bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000000080)={r4, &(0x7f0000000140)="7b7e3ffa033ed28cae3e2ecd927f31ad6ea07e6f30e19677411087d2ca910dfc37282b925d54b8eb3585b69510ae568b117ac6dcfeaf500d27d7c297d37a5da820fab52d27ca3ecdb574183d68de479d43e029d178befa985fa2dc949a016615f4efd641ce27dd9a73dc6716db7ad75d650ef0496615061ec4c3f20408483910d93cd0d1db34e7e1d0ea08b659dd23d91a1ec65336a77a4b15ec294d242462c0eb4a1751d519548b38970117fd9173c4977cdf80d6b999c20a0d47ac997099668841490bf59cd8bbb0fa073c33d31462", &(0x7f0000000240)=""/214}, 0x20) connect$inet(r0, &(0x7f0000000100)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$IP_VS_SO_SET_STOPDAEMON(0xffffffffffffffff, 0x0, 0x48c, &(0x7f00000000c0)={0x2, 'bridge_slave_1\x00', 0x1}, 0x18) r5 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) [ 802.690576] syz-executor.5: page allocation failure: order:0, mode:0x14000c4(GFP_KERNEL|GFP_DMA32), nodemask=(null) [ 802.701892] syz-executor.5 cpuset=/ mems_allowed=0-1 [ 802.707666] CPU: 0 PID: 6683 Comm: syz-executor.5 Not tainted 4.14.184-syzkaller #0 [ 802.715479] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 802.724860] Call Trace: [ 802.727521] dump_stack+0x1b2/0x283 [ 802.731182] warn_alloc.cold+0x96/0x1af [ 802.735182] ? zone_watermark_ok_safe+0x250/0x250 [ 802.740062] ? wait_for_completion_io+0x10/0x10 [ 802.744776] __alloc_pages_nodemask+0x2129/0x2730 [ 802.749672] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 802.754577] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 802.759460] ? do_raw_spin_unlock+0x164/0x250 [ 802.764003] alloc_pages_current+0xe7/0x1e0 [ 802.768354] kvm_mmu_create+0xd1/0x1c0 [ 802.772491] kvm_arch_vcpu_init+0x282/0x890 [ 802.776844] ? alloc_pages_current+0xef/0x1e0 [ 802.781366] kvm_vcpu_init+0x26d/0x360 [ 802.785273] vmx_create_vcpu+0xf5/0x2950 [ 802.789490] ? __mutex_unlock_slowpath+0x75/0x780 [ 802.794354] ? drop_futex_key_refs.isra.0+0x17/0x80 [ 802.799414] ? alloc_loaded_vmcs+0x240/0x240 [ 802.803854] kvm_vm_ioctl+0x4ae/0x1430 [ 802.807814] ? __lock_acquire+0x655/0x42a0 [ 802.812074] ? kvm_vcpu_release+0xa0/0xa0 [ 802.816241] ? trace_hardirqs_on+0x10/0x10 [ 802.820499] ? trace_hardirqs_on+0x10/0x10 [ 802.824830] ? newque+0x448/0x610 [ 802.828320] ? futex_exit_release+0x60/0x60 [ 802.832670] ? __might_fault+0x104/0x1b0 [ 802.836789] ? lock_acquire+0x170/0x3f0 [ 802.840815] ? kvm_vcpu_release+0xa0/0xa0 [ 802.844990] do_vfs_ioctl+0x75a/0xfe0 [ 802.848826] ? selinux_parse_skb.constprop.0+0x16c0/0x16c0 [ 802.854470] ? ioctl_preallocate+0x1a0/0x1a0 [ 802.858914] ? security_file_ioctl+0x76/0xb0 [ 802.863350] ? security_file_ioctl+0x83/0xb0 [ 802.867795] SyS_ioctl+0x7f/0xb0 [ 802.871214] ? do_vfs_ioctl+0xfe0/0xfe0 [ 802.875222] do_syscall_64+0x1d5/0x640 [ 802.879153] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 802.884383] RIP: 0033:0x45cba9 [ 802.887576] RSP: 002b:00007ffa78a49c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 802.895451] RAX: ffffffffffffffda RBX: 00000000004e85c0 RCX: 000000000045cba9 [ 802.902740] RDX: 0000000000000000 RSI: 000000000000ae41 RDI: 0000000000000005 [ 802.910027] RBP: 000000000078bfa0 R08: 0000000000000000 R09: 0000000000000000 [ 802.917318] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 802.924635] R13: 00000000000003a3 R14: 00000000004c652f R15: 00007ffa78a4a6d4 [ 802.947204] warn_alloc_show_mem: 3 callbacks suppressed [ 802.947209] Mem-Info: [ 802.955750] active_anon:1042491 inactive_anon:4039 isolated_anon:0 [ 802.955750] active_file:3908 inactive_file:7617 isolated_file:0 [ 802.955750] unevictable:0 dirty:8 writeback:0 unstable:0 [ 802.955750] slab_reclaimable:16172 slab_unreclaimable:137700 [ 802.955750] mapped:58385 shmem:4200 pagetables:30977 bounce:0 [ 802.955750] free:268421 free_pcp:419 free_cma:0 [ 802.968740] syz-executor.1: [ 803.020152] Node 0 active_anon:1914300kB inactive_anon:16128kB active_file:32kB inactive_file:0kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:213848kB dirty:0kB writeback:16kB shmem:16772kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 1445888kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 803.182813] l2tp_core: tunl 0: sockfd_lookup(fd=10) returned -9 03:29:32 executing program 3: r0 = socket$inet(0x2b, 0x1, 0x0) bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e23, @multicast2}, 0x31) connect$inet(r0, &(0x7f0000000100)={0x2, 0x4e23, @local}, 0x10) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = dup(r3) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r6 = dup(r5) ioctl$PERF_EVENT_IOC_ENABLE(r6, 0x8912, 0x400200) write$binfmt_misc(r6, &(0x7f0000000380)=ANY=[@ANYBLOB="73797a31bda800ca0f40e5409474d0193fdf0dca48a6ed22b700d9a8717769a0ae06579f9f3f3d1adabcec1d2fc22f4282e7b960bd37bb7d171d2505370cdc90973e4b34e89ef5d9cf743c611063c9d4b117e80bd2e214dab4"], 0x59) getsockopt$bt_hci(r2, 0x0, 0x2, &(0x7f0000000180)=""/95, &(0x7f0000000200)=0x5f) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) sendmsg$AUDIT_USER_AVC(r2, &(0x7f0000000340)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000300)={&(0x7f0000000280)=ANY=[@ANYBLOB="780000005304120026bd7000fedbdf25730000d66ab34bea266814c18d863935dc4f88d9f737f70e7b55acd23c94c3ec0a60c9bb260f2aa4f67322a9c7f1ed84ed8f1bcb47a60d217e182f45a8d5fe5816fa01009402c4f03b00000000a4fbfa373bbe9c853f41dea94ab117bdccc66b5b77afa0ba986600"], 0x78}, 0x1, 0x0, 0x0, 0x200000c0}, 0x0) ioctl$VIDIOC_G_AUDOUT(r4, 0x80345631, &(0x7f0000000140)) r7 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r7, 0x8912, 0x400200) ioctl$FBIOPAN_DISPLAY(r7, 0x4606, &(0x7f0000000040)={0x20, 0x140, 0x0, 0x30, 0x10000, 0x101, 0x20, 0x1, {0x5, 0x20, 0x1}, {0x6, 0x104, 0x4}, {0x4, 0x1000, 0x401}, {0x8003ff, 0xbd1}, 0x3, 0x1, 0xc79, 0x80000000, 0x0, 0x0, 0x10f, 0x0, 0x4, 0xd1b4, 0x7, 0x3, 0x0, 0x100, 0x2, 0xb}) ioctl$KDGKBDIACR(0xffffffffffffffff, 0x4b4a, &(0x7f0000000480)=""/134) [ 803.259548] page allocation failure: order:0, mode:0x14000c4(GFP_KERNEL|GFP_DMA32), nodemask=(null) [ 803.311462] syz-executor.1 cpuset=/ mems_allowed=0-1 [ 803.326130] CPU: 1 PID: 6706 Comm: syz-executor.1 Not tainted 4.14.184-syzkaller #0 [ 803.334100] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 803.343467] Call Trace: [ 803.346074] dump_stack+0x1b2/0x283 [ 803.346100] Node 1 active_anon:2255904kB inactive_anon:24kB active_file:15608kB inactive_file:30480kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:19728kB dirty:184kB writeback:0kB shmem:28kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 803.349729] warn_alloc.cold+0x96/0x1af [ 803.349742] ? zone_watermark_ok_safe+0x250/0x250 [ 803.349761] ? wait_for_completion_io+0x10/0x10 [ 803.349783] __alloc_pages_nodemask+0x2129/0x2730 [ 803.377605] Node 0 [ 803.381308] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 803.381320] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 803.381344] ? do_raw_spin_unlock+0x164/0x250 [ 803.381377] alloc_pages_current+0xe7/0x1e0 [ 803.381391] kvm_mmu_create+0xd1/0x1c0 [ 803.381407] kvm_arch_vcpu_init+0x282/0x890 [ 803.386530] DMA free:10440kB min:220kB low:272kB high:324kB active_anon:4344kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:4kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 803.390924] ? alloc_pages_current+0xef/0x1e0 [ 803.390939] kvm_vcpu_init+0x26d/0x360 [ 803.390953] vmx_create_vcpu+0xf5/0x2950 [ 803.390967] ? __mutex_unlock_slowpath+0x75/0x780 [ 803.396078] lowmem_reserve[]: [ 803.398029] ? drop_futex_key_refs.isra.0+0x17/0x80 [ 803.398044] ? alloc_loaded_vmcs+0x240/0x240 [ 803.398060] kvm_vm_ioctl+0x4ae/0x1430 [ 803.403330] 0 [ 803.407750] ? __lock_acquire+0x655/0x42a0 [ 803.407764] ? kvm_vcpu_release+0xa0/0xa0 [ 803.407774] ? trace_hardirqs_on+0x10/0x10 [ 803.407789] ? trace_hardirqs_on+0x10/0x10 [ 803.412690] 2559 [ 803.417668] ? futex_exit_release+0x60/0x60 [ 803.417684] ? __might_fault+0x104/0x1b0 [ 803.417697] ? lock_acquire+0x170/0x3f0 [ 803.422060] 2559 [ 803.425917] ? kvm_vcpu_release+0xa0/0xa0 [ 803.425933] do_vfs_ioctl+0x75a/0xfe0 [ 803.425959] ? selinux_parse_skb.constprop.0+0x16c0/0x16c0 [ 803.452146] 2559 [ 803.456228] ? ioctl_preallocate+0x1a0/0x1a0 [ 803.456252] ? security_file_ioctl+0x76/0xb0 [ 803.456265] ? security_file_ioctl+0x83/0xb0 [ 803.460430] 2559 [ 803.464216] SyS_ioctl+0x7f/0xb0 [ 803.464228] ? do_vfs_ioctl+0xfe0/0xfe0 [ 803.464242] do_syscall_64+0x1d5/0x640 [ 803.464261] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 803.464272] RIP: 0033:0x45cba9 [ 803.464282] RSP: 002b:00007f4b1ca26c78 EFLAGS: 00000246 [ 803.472215] ORIG_RAX: 0000000000000010 [ 803.472222] RAX: ffffffffffffffda RBX: 00000000004e85c0 RCX: 000000000045cba9 [ 803.472227] RDX: 0000000000000000 RSI: 000000000000ae41 RDI: 0000000000000004 [ 803.472232] RBP: 000000000078bfa0 R08: 0000000000000000 R09: 0000000000000000 [ 803.472237] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 803.472242] R13: 00000000000003a3 R14: 00000000004c652f R15: 00007f4b1ca276d4 [ 803.625913] Node 0 DMA32 free:36308kB min:36296kB low:45368kB high:54440kB active_anon:1909956kB inactive_anon:16128kB active_file:28kB inactive_file:4kB unevictable:0kB writepending:8kB present:3129332kB managed:2623992kB mlocked:0kB kernel_stack:12512kB pagetables:45736kB bounce:0kB free_pcp:436kB local_pcp:188kB free_cma:0kB [ 803.656064] lowmem_reserve[]: 0 0 0 0 0 [ 803.660237] Node 0 Normal free:0kB min:0kB low:0kB high:0kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:0kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 803.687108] lowmem_reserve[]: 0 0 0 0 0 [ 803.696101] Node 1 Normal free:1024424kB min:53592kB low:66988kB high:80384kB active_anon:2256004kB inactive_anon:24kB active_file:15608kB inactive_file:30480kB unevictable:0kB writepending:184kB present:3932160kB managed:3870192kB mlocked:0kB kernel_stack:31808kB pagetables:78072kB bounce:0kB free_pcp:1184kB local_pcp:592kB free_cma:0kB [ 803.735711] lowmem_reserve[]: 0 0 0 0 0 [ 803.739994] Node 0 DMA: 4*4kB (M) 11*8kB (UM) 4*16kB (UM) 5*32kB (UM) 2*64kB (UM) 2*128kB (UM) 0*256kB 1*512kB (M) 1*1024kB (M) 0*2048kB 2*4096kB (ME) = 10440kB [ 803.767724] Node 0 DMA32: 335*4kB (ME) 497*8kB (UMH) 84*16kB (UM) 24*32kB (UM) 56*64kB (ME) 38*128kB (UME) 26*256kB (UME) 13*512kB (UM) 7*1024kB (ME) 0*2048kB 0*4096kB = 36356kB [ 803.789613] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 803.806990] Node 1 Normal: 178*4kB (UME) 108*8kB (UME) 89*16kB (UME) 80*32kB (UME) 39*64kB (UME) 35*128kB (UME) 19*256kB (UM) 15*512kB (UM) 9*1024kB (UE) 6*2048kB (UME) 239*4096kB (M) = 1025528kB [ 803.825274] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 803.834247] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 803.843000] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 803.851984] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 803.860565] 12614 total pagecache pages [ 803.864949] 0 pages in swap cache 03:29:32 executing program 2: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8d, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000280)={0x38, 0x2, 0x0, 0x0, 0x8}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f00000041c0)=[{{&(0x7f0000000780)=@xdp, 0x80, &(0x7f0000000b40)=[{&(0x7f0000000800)=""/55, 0x37}], 0x1}, 0x405}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) write$P9_RGETLOCK(r2, &(0x7f00000003c0)=ANY=[@ANYBLOB="350000194e621100000000000000000700f0000000000000cabccf258f89fc6da8c395aa018d83e0c6356c5aded74dc7e99c74d427ae85f25c5b80b95c85957da97fba0896741c3b4a18e6f44167ddbe0c0570d3438eccb779ee1311dcdfdf829060face36020a87829ad8dc6794ba8425204fd2014fcb7feb8c886459fe1c0d6e02cda33131a6a09c45c7436506c7f9e71402c4c9f4a71128e7727ee3582fe45a858994ce3dab322c7846ef0af200", @ANYRES32, @ANYBLOB="17007573657ac194ca"], 0x35) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) mkdir(&(0x7f0000000480)='./file0\x00', 0x10d) perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x7e, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={&(0x7f0000000380)}, 0x9000, 0x6, 0xfffffffe, 0x0, 0x0, 0x0, 0xfffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x4000000000000071, 0x0) r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000340)={0x6, 0x0, 0x0, 0x204f}) ioctl$DRM_IOCTL_AGP_FREE(r2, 0x40206435, &(0x7f00000004c0)={0x81, r5, 0x10000, 0x7}) ioctl$SNDRV_PCM_IOCTL_RESUME(r3, 0x4147, 0x0) mount$fuse(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000040)='fuse\x00', 0x0, &(0x7f0000000140)={{'fd', 0x3d, r4}, 0x2c, {'rootmode', 0x3d, 0x807a}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) 03:29:32 executing program 0: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8d, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000280)={0x38, 0x2, 0x0, 0x0, 0x8}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f00000041c0)=[{{&(0x7f0000000780)=@xdp, 0x80, 0x0}, 0x405}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) write$P9_RGETLOCK(r2, &(0x7f00000003c0)=ANY=[@ANYBLOB="350000194e621100000000000000000700f0000000000000cabccf258f89fc6da8c395aa018d83e0c6356c5aded74dc7e99c74d427ae85f25c5b80b95c85957da97fba0896741c3b4a18e6f44167ddbe0c0570d3438eccb779ee1311dcdfdf829060face36020a87829ad8dc6794ba8425204fd2014fcb7feb8c886459fe1c0d6e02cda33131a6a09c45c7436506c7f9e71402c4c9f4a71128e7727ee3582fe45a858994ce3dab322c7846ef0af200", @ANYRES32, @ANYBLOB="17007573657ac1"], 0x35) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x363) perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x7e, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000380)}, 0x9000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x4000000000000071, 0x0) r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000340)={0x6, 0x0, 0x0, 0x204f}) ioctl$DRM_IOCTL_AGP_FREE(r2, 0x40206435, &(0x7f00000004c0)={0x81, r5, 0x10000, 0x7}) ioctl$SNDRV_PCM_IOCTL_RESUME(r3, 0x4147, 0x0) mount$fuse(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000040)='fuse\x00', 0x0, &(0x7f0000000140)={{'fd', 0x3d, r4}, 0x2c, {'rootmode', 0x3d, 0x807a}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) 03:29:32 executing program 3: r0 = socket$inet(0x2b, 0x1, 0x0) bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e23, @multicast2}, 0x10) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) ioctl$PPPIOCGNPMODE(r2, 0xc008744c, &(0x7f0000000080)={0x2f, 0x2}) r3 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ioctl$UFFDIO_API(r3, 0xc018aa3f, &(0x7f0000000000)={0xaa, 0x7}) 03:29:32 executing program 4: r0 = socket$inet(0x2b, 0x1, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000140)='/dev/full\x00', 0x400200, 0x0) ioctl$TIOCL_GETSHIFTSTATE(r2, 0x541c, &(0x7f0000000180)={0x6, 0x9}) r3 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) bind$inet(r3, &(0x7f0000000000)={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x10}}, 0x10) connect$inet(r0, &(0x7f0000000100)={0x2, 0x4e23, @local}, 0x10) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = dup(r4) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) r6 = syz_genetlink_get_family_id$tipc2(&(0x7f00000000c0)='TIPCv2\x00') r7 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$TIPC_NL_BEARER_ENABLE(r7, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000580)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r6, @ANYBLOB="6ffe000000000000000004007379573100000000"], 0x28}}, 0x0) sendmsg$TIPC_NL_MEDIA_SET(r5, &(0x7f0000000300)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f00000002c0)={&(0x7f0000000200)={0x94, r6, 0x800, 0x70bd2a, 0x25dfdbfd, {}, [@TIPC_NLA_PUBL={0x44, 0x3, 0x0, 0x1, [@TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0x4}, @TIPC_NLA_PUBL_TYPE={0x8}, @TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0x1}, @TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x3}, @TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0x7ff}, @TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x8}, @TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x1}, @TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0xfffffe01}]}, @TIPC_NLA_MON={0x24, 0x9, 0x0, 0x1, [@TIPC_NLA_MON_REF={0x8, 0x2, 0x42}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x1}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x1}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x80}]}, @TIPC_NLA_BEARER={0x18, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x7}, @TIPC_NLA_BEARER_PROP={0xc, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1b}]}]}]}, 0x94}, 0x1, 0x0, 0x0, 0x4000000}, 0x20000001) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) openat$ashmem(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ashmem\x00', 0x4f1800, 0x0) r9 = dup(r8) ioctl$PERF_EVENT_IOC_ENABLE(r9, 0x8912, 0x400200) ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000080)={'team0\x00'}) 03:29:32 executing program 1: openat$adsp1(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$VIDIOC_QUERY_EXT_CTRL(0xffffffffffffffff, 0xc0e85667, &(0x7f0000000040)={0x40000000, 0x8, "e27b30dab4f7ad5b545cc039da3861d7aacfda32d50c42a280b901d88ceaacf4", 0x184, 0x6, 0x200, 0x219fc125, 0x1, 0x2, 0x76c8, 0x7fff, [0x8, 0xd1, 0x5, 0x5]}) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ioctl$KVM_SET_IRQCHIP(0xffffffffffffffff, 0x8208ae63, &(0x7f0000000300)={0x2, 0x0, @ioapic={0x0, 0x0, 0x0, 0x7fff}}) ioctl$VIDIOC_G_EXT_CTRLS(r3, 0xc0205647, &(0x7f0000000180)={0xa10000, 0x0, 0x0, r1, 0x0, &(0x7f0000000140)={0x9d0901, 0x6, [], @value64=0x7}}) ioctl$VHOST_VSOCK_SET_RUNNING(r4, 0x4004af61, &(0x7f00000001c0)) [ 803.868462] Swap cache stats: add 0, delete 0, find 0/0 [ 803.878866] Free swap = 0kB [ 803.882028] Total swap = 0kB [ 803.885051] 1965979 pages RAM [ 803.888383] 0 pages HighMem/MovableOnly [ 803.892613] 338456 pages reserved [ 803.896075] 0 pages cma reserved [ 804.000172] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.4'. 03:29:33 executing program 3: r0 = socket$inet(0x2b, 0x1, 0x0) bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e23, @multicast2}, 0x31) connect$inet(r0, &(0x7f0000000100)={0x2, 0x4e23, @local}, 0x10) r1 = dup(r0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) getsockname$inet(r3, &(0x7f0000000040)={0x2, 0x0, @empty}, &(0x7f0000000080)=0x10) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x7fff) 03:29:33 executing program 1: openat$adsp1(0xffffffffffffff9c, 0x0, 0x0, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r2 = dup(0xffffffffffffffff) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) ioctl$KVM_SET_IRQCHIP(0xffffffffffffffff, 0x8208ae63, &(0x7f0000000300)={0x2, 0x0, @ioapic={0x0, 0x0, 0x0, 0x7fff, 0x0, [{}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, [], 0x40}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x4}]}}) 03:29:33 executing program 0: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8d, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000280)={0x38, 0x2, 0x0, 0x0, 0x8}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f00000041c0)=[{{&(0x7f0000000780)=@xdp, 0x80, 0x0}, 0x405}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) write$P9_RGETLOCK(r2, &(0x7f00000003c0)=ANY=[@ANYBLOB="350000194e621100000000000000000700f0000000000000cabccf258f89fc6da8c395aa018d83e0c6356c5aded74dc7e99c74d427ae85f25c5b80b95c85957da97fba0896741c3b4a18e6f44167ddbe0c0570d3438eccb779ee1311dcdfdf829060face36020a87829ad8dc6794ba8425204fd2014fcb7feb8c886459fe1c0d6e02cda33131a6a09c45c7436506c7f9e71402c4c9f4a71128e7727ee3582fe45a858994ce3dab322c7846ef0af200", @ANYRES32, @ANYBLOB="17007573657ac1"], 0x35) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x363) perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x7e, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000380)}, 0x9000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x4000000000000071, 0x0) r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000340)={0x6, 0x0, 0x0, 0x204f}) ioctl$DRM_IOCTL_AGP_FREE(r2, 0x40206435, &(0x7f00000004c0)={0x81, r5, 0x10000, 0x7}) ioctl$SNDRV_PCM_IOCTL_RESUME(r3, 0x4147, 0x0) mount$fuse(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000040)='fuse\x00', 0x0, &(0x7f0000000140)={{'fd', 0x3d, r4}, 0x2c, {'rootmode', 0x3d, 0x807a}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) 03:29:33 executing program 3: r0 = socket$inet(0x2b, 0x1, 0x0) bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e23, @multicast2}, 0x31) connect$inet(r0, &(0x7f0000000100)={0x2, 0x4e23, @local}, 0x10) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = syz_init_net_socket$netrom(0x6, 0x5, 0x0) ioctl$sock_inet_SIOCSIFADDR(r2, 0x8916, &(0x7f0000000040)={'ip_vti0\x00', {0x2, 0x4e21, @multicast1}}) 03:29:33 executing program 2: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8d, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000280)={0x38, 0x2}, 0x0) r1 = socket$inet6(0xa, 0x80000, 0x0) recvmmsg(r1, &(0x7f00000041c0)=[{{&(0x7f0000000780)=@xdp, 0x80, &(0x7f0000000b40)=[{&(0x7f0000000800)=""/55, 0x37}], 0x1}, 0x405}], 0x1, 0x40000140, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x363) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x7e, 0x0, 0x0, 0x7, 0x0, 0x82, 0x145, 0x1c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffff8, 0x33}, 0xd108, 0x100000000000000, 0x1, 0x0, 0x0, 0x10000000, 0xfffc}, r0, 0x9, 0xffffffffffffffff, 0x8) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x4000000000000071, 0x0) r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) syz_open_dev$midi(&(0x7f0000000200)='/dev/midi#\x00', 0x7ff, 0x410040) ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000340)={0x6, 0x0, 0x0, 0x204f}) ioctl$DRM_IOCTL_AGP_FREE(r2, 0x40206435, &(0x7f00000004c0)={0x81, r5, 0x10000, 0x7}) ioctl$SNDRV_PCM_IOCTL_RESUME(r3, 0x4147, 0x0) mount$fuse(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000040)='fuse\x00', 0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="63b903b30fce8405743f77179cc4132131b3ab860c95202e0a218c82618a4689d5b5c49b24315ff97cf8766be9a62548f072e067c6860e0df3a95700cb6447d3478238962d9ea0e917cf2e341b0a35d9330549cc7e7db818f4d101ccf9da4dd9d5d3faa53264f18bdb1061c165485465e3670f65b014d14e0ddc4cf0897a98ce4e0b5e55206f0051c41420dd89896f9801f29662f573949378f8f01bda2019555706b80575e34ec1dd35", @ANYRESHEX=r4, @ANYBLOB=',rootm]de=00100\x00\x00\x00\x00\x00\x00\x00\x00 \x00\x00', @ANYRESDEC=0x0, @ANYBLOB="73f5000000000000643d", @ANYRESDEC=0x0, @ANYBLOB="2c0000000000000000000000000002008c5ee61236db8387d588e568ded1eb59bfd2bebda29df3a2740d4d7731121dce7ce683d2d78583c300a026b1da5ecf49c9dbefc76cce5b5f1968941b986a1662b683047060f28eabfa4023cac10050f7867dc90303d7ae9c52d100834c5bf0765f2526150005385680a4b12272af66024511b580e5d4f34847304b3266d0d78bf1c65d1fcf3c4a4be918d8d9661d15d4b7bbff8de28cb38cc75d39d9e9890708897ab620e23c165f588900180ed5fd0d93acccf26b58c1ad8d28515bff0bc1993ad1ac190502ed9278f46a3d5d9ce380057c1c2680a4f9ae4fcac4231a3d279b2f58628aa6b481e8f3fbe9effcb793575405a8404ea27a0aa10af1cd"]) 03:29:33 executing program 1: openat$adsp1(0xffffffffffffff9c, 0x0, 0x0, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) r4 = openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000040)='/dev/cachefiles\x00', 0xa002, 0x0) ioctl$TIOCOUTQ(r4, 0x5411, &(0x7f0000000080)) ioctl$KVM_SET_IRQCHIP(0xffffffffffffffff, 0x8208ae63, &(0x7f0000000300)={0x2, 0x0, @ioapic={0x0, 0x0, 0x0, 0x7fff}}) 03:29:33 executing program 3: r0 = socket$inet(0x2b, 0x1, 0x0) bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e23, @multicast2}, 0x31) connect$inet(r0, &(0x7f0000000140)={0x2, 0x4f23, @local}, 0x10) r1 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/net/ipv4/vs/sloppy_tcp\x00', 0x2, 0x0) write$RDMA_USER_CM_CMD_RESOLVE_IP(r1, &(0x7f0000000080)={0x3, 0x40, 0xfa00, {{0xa, 0x4e24, 0x5, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}, {0xa, 0x4e24, 0x3, @loopback, 0x800}, 0xffffffffffffffff, 0x8}}, 0x48) r2 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) 03:29:33 executing program 0: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8d, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000280)={0x38, 0x2, 0x0, 0x0, 0x8}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f00000041c0)=[{{&(0x7f0000000780)=@xdp, 0x80, 0x0}, 0x405}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) write$P9_RGETLOCK(r2, &(0x7f00000003c0)=ANY=[@ANYBLOB="350000194e621100000000000000000700f0000000000000cabccf258f89fc6da8c395aa018d83e0c6356c5aded74dc7e99c74d427ae85f25c5b80b95c85957da97fba0896741c3b4a18e6f44167ddbe0c0570d3438eccb779ee1311dcdfdf829060face36020a87829ad8dc6794ba8425204fd2014fcb7feb8c886459fe1c0d6e02cda33131a6a09c45c7436506c7f9e71402c4c9f4a71128e7727ee3582fe45a858994ce3dab322c7846ef0af200", @ANYRES32, @ANYBLOB="17007573657ac1"], 0x35) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x363) perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x7e, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000380)}, 0x9000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x4000000000000071, 0x0) r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000340)={0x6, 0x0, 0x0, 0x204f}) ioctl$DRM_IOCTL_AGP_FREE(r2, 0x40206435, &(0x7f00000004c0)={0x81, r5, 0x10000, 0x7}) ioctl$SNDRV_PCM_IOCTL_RESUME(r3, 0x4147, 0x0) mount$fuse(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000040)='fuse\x00', 0x0, &(0x7f0000000140)={{'fd', 0x3d, r4}, 0x2c, {'rootmode', 0x3d, 0x807a}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) 03:29:33 executing program 1: openat$adsp1(0xffffffffffffff9c, 0x0, 0x0, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r3 = dup(r2) ioctl$MON_IOCG_STATS(0xffffffffffffffff, 0x80089203, &(0x7f0000000040)) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ioctl$KVM_SET_IRQCHIP(0xffffffffffffffff, 0x8208ae63, &(0x7f0000000300)={0x2, 0x0, @ioapic={0x0, 0x0, 0x0, 0x7fff, 0x0, [{0x0, 0x0, 0x0, [], 0x4}, {}, {}, {}, {}, {0x0, 0x1}]}}) 03:29:33 executing program 2: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8d, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000280)={0x38, 0x2, 0x0, 0x0, 0x8}, 0x0) r1 = socket$inet6(0xa, 0xa, 0xffff70a8) recvmmsg(r1, &(0x7f00000041c0)=[{{&(0x7f0000000780)=@xdp, 0x80, &(0x7f0000000b40)=[{&(0x7f0000000800)=""/55, 0x37}], 0x1}, 0x405}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) write$P9_RGETLOCK(r2, &(0x7f0000000500)=ANY=[@ANYBLOB="350000194e621100000000000000000700f0000000000000cabccf258f89fc6da8c395aa018d83e0c6356c5aded74dc7e99c74d427ae85f25c5b80b95c85957da97fba0896741c3b4a18e6f44167ddbe0c0570d3438eccb779ee1311dcdfdf829060face36020a87829ad8dc6794ba8425204fd2014fcb7feb8c886459fe1c0d6e02cda33131a6a09c45c7436506c7f9e71402c4c9f4a71128e7727ee3582fe45a858994ce3dab322c7846ef0af200", @ANYRES32, @ANYBLOB="17008d73657ac194cae088b02d122b2200"/30], 0x35) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x363) perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x7e, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000380)}, 0x9000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x4000000000000071, 0x0) r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000340)={0x6, 0x0, 0x0, 0x204f}) ioctl$DRM_IOCTL_AGP_FREE(r2, 0x40206435, &(0x7f00000004c0)={0x81, r5, 0x10000, 0x7}) ioctl$SNDRV_PCM_IOCTL_RESUME(r3, 0x4147, 0x0) mount$fuse(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000040)='fuse\x00', 0x0, &(0x7f0000000140)={{'fd', 0x3d, r4}, 0x2c, {'rootmode', 0x3d, 0x807a}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) 03:29:34 executing program 0: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8d, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000280)={0x38, 0x2, 0x0, 0x0, 0x8}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f00000041c0)=[{{&(0x7f0000000780)=@xdp, 0x80, &(0x7f0000000b40)}, 0x405}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) write$P9_RGETLOCK(r2, &(0x7f00000003c0)=ANY=[@ANYBLOB="350000194e621100000000000000000700f0000000000000cabccf258f89fc6da8c395aa018d83e0c6356c5aded74dc7e99c74d427ae85f25c5b80b95c85957da97fba0896741c3b4a18e6f44167ddbe0c0570d3438eccb779ee1311dcdfdf829060face36020a87829ad8dc6794ba8425204fd2014fcb7feb8c886459fe1c0d6e02cda33131a6a09c45c7436506c7f9e71402c4c9f4a71128e7727ee3582fe45a858994ce3dab322c7846ef0af200", @ANYRES32, @ANYBLOB="17007573657ac1"], 0x35) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x363) perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x7e, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000380)}, 0x9000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x4000000000000071, 0x0) r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000340)={0x6, 0x0, 0x0, 0x204f}) ioctl$DRM_IOCTL_AGP_FREE(r2, 0x40206435, &(0x7f00000004c0)={0x81, r5, 0x10000, 0x7}) ioctl$SNDRV_PCM_IOCTL_RESUME(r3, 0x4147, 0x0) mount$fuse(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000040)='fuse\x00', 0x0, &(0x7f0000000140)={{'fd', 0x3d, r4}, 0x2c, {'rootmode', 0x3d, 0x807a}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) 03:29:34 executing program 2: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8d, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000280)={0x38, 0x2, 0x0, 0x0, 0x8}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f00000041c0)=[{{&(0x7f0000000780)=@xdp, 0x80, &(0x7f0000000b40)=[{&(0x7f0000000800)=""/55, 0x37}], 0x1}, 0x405}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) write$P9_RGETLOCK(r2, &(0x7f00000003c0)=ANY=[@ANYBLOB="350000194e7f0400000000000000000700f0000000000000cabccf258f89fc6da8c395aa018d83e0c6356c5aded74dc7e99c74d427ae85f65c5b80b95c85957da97fba0896741c3b4a18e6f44167ddbe0c0570d3438eccb779ee1311dcd1df829060face36020a87829ad8dc6794ba8425204fd2014fcb7feb8c886459fe1c0d6e02cda33131a6a09c45c7436506c7f9e71402c4c9f4a71128e7727ee3582fe45a858994ce3dab322c7846ef0af200", @ANYRES32, @ANYBLOB="17007573657ac194ca"], 0x35) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x363) perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x7e, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000380)}, 0x9000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x4000000000000071, 0x0) r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000340)={0x6, 0x0, 0x0, 0x204f}) ioctl$DRM_IOCTL_AGP_FREE(r2, 0x40206435, &(0x7f00000004c0)={0x81, r5, 0x10000, 0x7}) ioctl$SNDRV_PCM_IOCTL_RESUME(r3, 0x4147, 0x0) mount$fuse(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000040)='fuse\x00', 0x0, &(0x7f0000000140)=ANY=[@ANYBLOB="0000f8", @ANYRESHEX=r4, @ANYBLOB=',rootmode=00000000000000000100172,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0, @ANYBLOB=',\x00']) 03:29:34 executing program 4: r0 = socket$inet(0x2b, 0x1, 0x0) bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e23, @multicast2}, 0x31) connect$inet(r0, &(0x7f0000000100)={0x2, 0xe23, @local}, 0x10) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) sendmsg$NFQNL_MSG_VERDICT_BATCH(r3, &(0x7f0000000200)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000240)=ANY=[@ANYBLOB="54000000030301080000000000000000050000000800034000000cca0c000200fffffffc79902a02d8aeac5cf005000001400c000200fffffffc000000070800034000000001080003400000a8d408000340000100000800034000000003b292c852b673e5c0851f912c1129f65196949ffd88f11e238daad3be1180ea0e20ad5b2bcc20ff70026b3472427f"], 0x54}, 0x1, 0x0, 0x0, 0x850}, 0xc040) r4 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000080)={'team0\x00'}) 03:29:34 executing program 1: openat$adsp1(0xffffffffffffff9c, 0x0, 0x0, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) socket$inet_icmp(0x2, 0x2, 0x1) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) dup(r3) fcntl$setsig(r3, 0xa, 0x35) r4 = dup(r2) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r6 = dup(r5) ioctl$PERF_EVENT_IOC_ENABLE(r6, 0x8912, 0x400200) ioctl$USBDEVFS_RESETEP(r6, 0x80045503, &(0x7f0000000080)={0xa, 0x1}) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$KVM_SET_IRQCHIP(0xffffffffffffffff, 0x8208ae63, &(0x7f0000000300)={0x2, 0x0, @ioapic={0x0, 0x0, 0x0, 0x7fff}}) 03:29:34 executing program 0: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8d, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000280)={0x38, 0x2, 0x0, 0x0, 0x8}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f00000041c0)=[{{&(0x7f0000000780)=@xdp, 0x80, &(0x7f0000000b40)}, 0x405}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) write$P9_RGETLOCK(r2, &(0x7f00000003c0)=ANY=[@ANYBLOB="350000194e621100000000000000000700f0000000000000cabccf258f89fc6da8c395aa018d83e0c6356c5aded74dc7e99c74d427ae85f25c5b80b95c85957da97fba0896741c3b4a18e6f44167ddbe0c0570d3438eccb779ee1311dcdfdf829060face36020a87829ad8dc6794ba8425204fd2014fcb7feb8c886459fe1c0d6e02cda33131a6a09c45c7436506c7f9e71402c4c9f4a71128e7727ee3582fe45a858994ce3dab322c7846ef0af200", @ANYRES32, @ANYBLOB="17007573657ac1"], 0x35) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x363) perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x7e, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000380)}, 0x9000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x4000000000000071, 0x0) r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000340)={0x6, 0x0, 0x0, 0x204f}) ioctl$DRM_IOCTL_AGP_FREE(r2, 0x40206435, &(0x7f00000004c0)={0x81, r5, 0x10000, 0x7}) ioctl$SNDRV_PCM_IOCTL_RESUME(r3, 0x4147, 0x0) mount$fuse(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000040)='fuse\x00', 0x0, &(0x7f0000000140)={{'fd', 0x3d, r4}, 0x2c, {'rootmode', 0x3d, 0x807a}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) 03:29:34 executing program 2: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8d, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000280)={0x38, 0x2, 0x0, 0x0, 0x8}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000000480)=[{{&(0x7f0000000780)=@xdp, 0x80, &(0x7f0000000b40)=[{&(0x7f0000000500)=""/64, 0x40}], 0x1}, 0x405}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000480), 0x0) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) write$P9_RGETLOCK(r2, &(0x7f00000003c0)=ANY=[@ANYBLOB="350000194e621100000000000000000700f0000000000000cabccf258f89fc6da8c395aa018d83e0c6356c5aded74dc7e99c74d427ae85f25c5b80b95c85957da97fba0896741c3b4a18e6f44167ddbe0c0570d3438eccb779ee1311dcdfdf829060face36020a87829ad8dc6794ba8425204fd2014fcb7feb8c886459fe1c0d6e02cda33131a6a09c45c7436506c7f9e71402c4c9f4a71128e7727ee3582fe45a858994ce3dab322c7846ef0af200", @ANYRES32, @ANYBLOB="17007573657ac194ca"], 0x35) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x363) perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x7e, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000380)}, 0x9000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x4000000000000071, 0x0) r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000340)={0x6, 0x0, 0x0, 0x204f}) ioctl$DRM_IOCTL_AGP_FREE(r2, 0x40206435, &(0x7f00000004c0)={0x81, r5, 0x10000, 0x7}) ioctl$SNDRV_PCM_IOCTL_RESUME(r3, 0x4147, 0x0) mount$fuse(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000040)='fuse\x00', 0x0, &(0x7f0000000140)={{'fd', 0x3d, r4}, 0x2c, {'rootmode', 0x3d, 0x807a}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) 03:29:34 executing program 0: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8d, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000280)={0x38, 0x2, 0x0, 0x0, 0x8}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f00000041c0)=[{{&(0x7f0000000780)=@xdp, 0x80, &(0x7f0000000b40)}, 0x405}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) write$P9_RGETLOCK(r2, &(0x7f00000003c0)=ANY=[@ANYBLOB="350000194e621100000000000000000700f0000000000000cabccf258f89fc6da8c395aa018d83e0c6356c5aded74dc7e99c74d427ae85f25c5b80b95c85957da97fba0896741c3b4a18e6f44167ddbe0c0570d3438eccb779ee1311dcdfdf829060face36020a87829ad8dc6794ba8425204fd2014fcb7feb8c886459fe1c0d6e02cda33131a6a09c45c7436506c7f9e71402c4c9f4a71128e7727ee3582fe45a858994ce3dab322c7846ef0af200", @ANYRES32, @ANYBLOB="17007573657ac1"], 0x35) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x363) perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x7e, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000380)}, 0x9000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x4000000000000071, 0x0) r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000340)={0x6, 0x0, 0x0, 0x204f}) ioctl$DRM_IOCTL_AGP_FREE(r2, 0x40206435, &(0x7f00000004c0)={0x81, r5, 0x10000, 0x7}) ioctl$SNDRV_PCM_IOCTL_RESUME(r3, 0x4147, 0x0) mount$fuse(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000040)='fuse\x00', 0x0, &(0x7f0000000140)={{'fd', 0x3d, r4}, 0x2c, {'rootmode', 0x3d, 0x807a}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) [ 805.559313] syz-executor.1: page allocation failure: order:0, mode:0x14000c4(GFP_KERNEL|GFP_DMA32), nodemask=(null) [ 805.583158] syz-executor.1 cpuset=/ mems_allowed=0-1 [ 805.588487] CPU: 1 PID: 6900 Comm: syz-executor.1 Not tainted 4.14.184-syzkaller #0 [ 805.596341] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 805.605717] Call Trace: [ 805.608349] dump_stack+0x1b2/0x283 [ 805.612002] warn_alloc.cold+0x96/0x1af [ 805.615995] ? zone_watermark_ok_safe+0x250/0x250 [ 805.620872] ? wait_for_completion_io+0x10/0x10 [ 805.625586] __alloc_pages_nodemask+0x2129/0x2730 [ 805.630473] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 805.635347] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 805.640339] ? do_raw_spin_unlock+0x164/0x250 [ 805.644847] alloc_pages_current+0xe7/0x1e0 [ 805.649191] kvm_mmu_create+0xd1/0x1c0 [ 805.653093] kvm_arch_vcpu_init+0x282/0x890 [ 805.657426] ? alloc_pages_current+0xef/0x1e0 [ 805.662144] kvm_vcpu_init+0x26d/0x360 [ 805.666064] vmx_create_vcpu+0xf5/0x2950 [ 805.670150] ? __mutex_unlock_slowpath+0x75/0x780 [ 805.675009] ? drop_futex_key_refs.isra.0+0x17/0x80 [ 805.680045] ? alloc_loaded_vmcs+0x240/0x240 [ 805.684472] kvm_vm_ioctl+0x4ae/0x1430 [ 805.688375] ? __lock_acquire+0x655/0x42a0 [ 805.692788] ? kvm_vcpu_release+0xa0/0xa0 [ 805.696963] ? trace_hardirqs_on+0x10/0x10 [ 805.701228] ? trace_hardirqs_on+0x10/0x10 [ 805.705496] ? futex_exit_release+0x60/0x60 [ 805.709841] ? __might_fault+0x104/0x1b0 [ 805.713919] ? lock_acquire+0x170/0x3f0 [ 805.717909] ? kvm_vcpu_release+0xa0/0xa0 [ 805.722154] do_vfs_ioctl+0x75a/0xfe0 [ 805.725995] ? selinux_parse_skb.constprop.0+0x16c0/0x16c0 [ 805.731640] ? ioctl_preallocate+0x1a0/0x1a0 [ 805.736079] ? security_file_ioctl+0x76/0xb0 [ 805.740515] ? security_file_ioctl+0x83/0xb0 [ 805.744955] SyS_ioctl+0x7f/0xb0 [ 805.748339] ? do_vfs_ioctl+0xfe0/0xfe0 [ 805.752421] do_syscall_64+0x1d5/0x640 03:29:34 executing program 2: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8d, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000280)={0x38, 0x2, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x2000400}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f00000041c0)=[{{&(0x7f0000000780)=@xdp, 0x80, &(0x7f0000000b40)=[{&(0x7f0000000800)=""/55, 0x37}], 0x1}, 0x405}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) write$P9_RGETLOCK(r2, &(0x7f00000005c0)=ANY=[@ANYBLOB="350000194e6211000004000000000007006d88c395aa018d83e0c6356c5aded74dc7e99c74d427ae85f25c5b80b95c85957da97fba0896741c3b4a18e6f44167ddbe0c0570d3438eccb779ee1311dcdfdf829060face36020a87829a886459fe1c0d6e02cda33131a6a09c45c7436506c7f9e71402c4c9f4a71128e7727ee3582fe45a858994ce3dab322c7846ba1df20000000000000000000000000000000000494a62b4513eca3d8960f3e048efb93781277c80d8219a1b98b4b7f27f40957903da381ddf1f83dacb0a78e9544f52ac4c5af56b9a59", @ANYRES32, @ANYBLOB="17007573657ac194ca"], 0x35) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x363) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x400000000000006e, 0x3c000) r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) inotify_rm_watch(0xffffffffffffffff, 0x0) ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000340)={0x6, 0x0, 0x0, 0x204f}) ioctl$DRM_IOCTL_AGP_FREE(r2, 0x40206435, &(0x7f00000004c0)={0x81, r5, 0x10000, 0x7}) ioctl$SNDRV_PCM_IOCTL_RESUME(r3, 0x4147, 0x0) mount$fuse(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000040)='fuse\x00', 0x0, &(0x7f0000000500)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r4, @ANYBLOB="2c726f6f746d6f6465f9ffa96ec5cd9452365e8fa38d331c28ffff301b160e6cd95893aec8ba36c7fea8671a114bc00207f1bde4a1942b5557f1285074338dc3f9c6be41330d67d60dc5519fcfd83e42cf9de9ebd105eb2889f3b6cea70013fd55c852ca3f050c4bbfb1f01b99050055f7", @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0, @ANYBLOB=',\x00']) [ 805.756346] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 805.761551] RIP: 0033:0x45cba9 [ 805.764754] RSP: 002b:00007f4b1ca47c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 805.772484] RAX: ffffffffffffffda RBX: 00000000004e85c0 RCX: 000000000045cba9 [ 805.779773] RDX: 0000000000000000 RSI: 000000000000ae41 RDI: 0000000000000004 [ 805.787067] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 805.794497] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 805.801795] R13: 00000000000003a3 R14: 00000000004c652f R15: 00007f4b1ca486d4 [ 805.863081] warn_alloc_show_mem: 1 callbacks suppressed [ 805.863087] Mem-Info: [ 805.871328] active_anon:1044418 inactive_anon:4039 isolated_anon:0 [ 805.871328] active_file:3909 inactive_file:7627 isolated_file:0 [ 805.871328] unevictable:0 dirty:48 writeback:0 unstable:0 [ 805.871328] slab_reclaimable:16257 slab_unreclaimable:137772 [ 805.871328] mapped:58131 shmem:4200 pagetables:30991 bounce:0 [ 805.871328] free:266491 free_pcp:292 free_cma:0 03:29:35 executing program 3: r0 = socket$inet(0x2b, 0x1, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) bind$inet(r2, &(0x7f0000000080)={0x2, 0x4e21, @rand_addr=0x64010101}, 0x64) connect$inet(r0, &(0x7f0000000100)={0x2, 0x4e23, @local}, 0x10) dup(r0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = dup(r3) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x2a, &(0x7f0000000000)=0x9, 0x4) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ptrace$setregs(0xd, 0x0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, 0x0, 0x0, 0x0) r5 = gettid() ptrace$setopts(0x4206, r5, 0x0, 0x0) tkill(r5, 0x2) ptrace$setregs(0xd, r5, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r5, 0x0, 0x0) shmctl$IPC_SET(0x0, 0x1, &(0x7f00000001c0)={{0x3, 0x0, 0x0, 0x0, 0x0, 0x31, 0x7}, 0x4, 0x9, 0xe929, 0x8, 0x0, r5, 0x1}) [ 805.924018] Node 0 active_anon:1914300kB inactive_anon:16128kB active_file:28kB inactive_file:4kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:213896kB dirty:8kB writeback:0kB shmem:16772kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 1445888kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes 03:29:35 executing program 0: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8d, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000280)={0x38, 0x2, 0x0, 0x0, 0x8}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f00000041c0)=[{{&(0x7f0000000780)=@xdp, 0x80, &(0x7f0000000b40)=[{0x0}], 0x1}, 0x405}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) write$P9_RGETLOCK(r2, &(0x7f00000003c0)=ANY=[@ANYBLOB="350000194e621100000000000000000700f0000000000000cabccf258f89fc6da8c395aa018d83e0c6356c5aded74dc7e99c74d427ae85f25c5b80b95c85957da97fba0896741c3b4a18e6f44167ddbe0c0570d3438eccb779ee1311dcdfdf829060face36020a87829ad8dc6794ba8425204fd2014fcb7feb8c886459fe1c0d6e02cda33131a6a09c45c7436506c7f9e71402c4c9f4a71128e7727ee3582fe45a858994ce3dab322c7846ef0af200", @ANYRES32, @ANYBLOB="17007573657ac1"], 0x35) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x363) perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x7e, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000380)}, 0x9000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x4000000000000071, 0x0) r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000340)={0x6, 0x0, 0x0, 0x204f}) ioctl$DRM_IOCTL_AGP_FREE(r2, 0x40206435, &(0x7f00000004c0)={0x81, r5, 0x10000, 0x7}) ioctl$SNDRV_PCM_IOCTL_RESUME(r3, 0x4147, 0x0) mount$fuse(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000040)='fuse\x00', 0x0, &(0x7f0000000140)={{'fd', 0x3d, r4}, 0x2c, {'rootmode', 0x3d, 0x807a}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) 03:29:35 executing program 4: r0 = socket$inet(0x2b, 0x1, 0x0) bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e23, @multicast2}, 0x31) connect$inet(r0, &(0x7f0000000100)={0x2, 0x4e23, @local}, 0x10) sysinfo(&(0x7f00000007c0)=""/154) r1 = syz_open_procfs(0x0, &(0x7f0000000180)='net/nf_conntrack\x00') preadv(r1, &(0x7f0000000480), 0x100000000000022c, 0x0) lseek(r1, 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) mmap$snddsp(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000000, 0x4000010, r3, 0x8000) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = dup(r4) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r7 = dup(r6) ioctl$PERF_EVENT_IOC_ENABLE(r7, 0x8912, 0x400200) setsockopt$inet_udp_int(r7, 0x11, 0x0, &(0x7f00000000c0)=0x80000000, 0x4) ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000080)={'team0\x00'}) 03:29:35 executing program 2: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8d, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000280)={0x38, 0x2, 0x0, 0x0, 0x8}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f00000041c0)=[{{&(0x7f0000000780)=@xdp, 0x80, &(0x7f0000000b40)=[{&(0x7f0000000800)=""/55, 0x37}], 0x1}, 0x405}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) write$P9_RGETLOCK(r2, &(0x7f00000003c0)=ANY=[@ANYBLOB="350000194e621100000000000000000700f0000000000000cabccf258f89fc6da8c395aa018d83e0c6356c5aded74dc7e99c74d427ae85f25c5b80b95c85957da97fba0896741c3b4a18e6f44167ddbe0c0570d3438eccb779ee1311dcdfdf829060face36020a87829ad8dc6794ba8425204fd2014fcb7feb8c886459fe1c0d6e02cda33131a6a09c45c7436506c7f9e71402c4c9f4a71128e7727ee3582fe45a858994ce3dab322c7846ef0af200", @ANYRES32, @ANYBLOB="17007573657ac194ca"], 0x35) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x6, 0x1, 0x0, 0xf15, 0x0, 0x6, 0x7, 0x2}, 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x363) perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x7e, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000380)}, 0x9000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x4000000000000071, 0x0) r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000340)={0x6, 0x0, 0x0, 0x204f}) ioctl$DRM_IOCTL_AGP_FREE(r2, 0x40206435, &(0x7f00000004c0)={0x81, r5, 0x10000, 0x7}) ioctl$SNDRV_PCM_IOCTL_RESUME(r3, 0x4147, 0x0) mount$fuse(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000040)='fuse\x00', 0x0, &(0x7f0000000140)={{'fd', 0x3d, r4}, 0x2c, {'rootmode', 0x3d, 0x807a}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) [ 806.117542] Node 1 active_anon:2263264kB inactive_anon:28kB active_file:15616kB inactive_file:30520kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:18604kB dirty:312kB writeback:0kB shmem:28kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no 03:29:35 executing program 3: r0 = socket$inet(0x2b, 0x1, 0x0) bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e23, @multicast2}, 0x31) connect$inet(r0, &(0x7f0000000100)={0x2, 0x4e23, @local}, 0x10) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) setsockopt$inet_sctp_SCTP_RESET_STREAMS(r2, 0x84, 0x77, &(0x7f00000001c0)={0x0, 0x4870, 0x6, [0x1ff, 0x5, 0x3ff, 0x5, 0xff, 0x3]}, 0x14) ioctl$SCSI_IOCTL_PROBE_HOST(r2, 0x5385, &(0x7f0000000200)={0xe, ""/14}) r3 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) r4 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000240)='/dev/sequencer2\x00', 0x60200, 0x0) sendmsg$IPCTNL_MSG_CT_GET_STATS(r4, &(0x7f0000000180)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000140)={&(0x7f00000000c0)={0x14, 0x5, 0x1, 0x301, 0x0, 0x0, {0xd, 0x0, 0xa}, ["", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x40051}, 0x4040) [ 806.196932] Node 0 DMA free:10440kB min:220kB low:272kB high:324kB active_anon:4344kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:4kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 806.426819] lowmem_reserve[]: 0 2559 2559 2559 2559 03:29:35 executing program 2: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8d, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000280)={0x38, 0x2, 0x10000014, 0x0, 0x8, 0x0, 0x5, 0x0, 0x8}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f00000041c0)=[{{&(0x7f0000000780)=@xdp, 0x80, &(0x7f0000000b40)=[{&(0x7f0000000800)=""/55, 0x37}], 0x1}, 0x405}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) write$P9_RGETLOCK(r2, &(0x7f00000003c0)=ANY=[@ANYBLOB="350000194e621100000000000000000700f0000000000000cabccf258f89fc6da8c395aa018d83e0c6356c5aded74dc7e99c74d427ae85f25c5b80b95c85957da97fba0896741c3b4a18e6f44167ddbe0c0570d3438eccb779ee1311dcdfdf829060face36020a87829ad8dc6794ba8425204fd2014fcb7feb8c886459fe1c0d6e02cda33131a6a09c45c7436506c7f9e71402c4c9f4a71128e7727ee3582fe45a858994ce3dab322c7846ef0af200", @ANYRES32, @ANYBLOB="17007573657ac194ca"], 0x35) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x363) perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x7e, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000380)}, 0x9000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x4000000000000071, 0x0) r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000340)={0x6, 0x0, 0x0, 0x204f}) ioctl$DRM_IOCTL_AGP_FREE(r2, 0x40206435, &(0x7f00000004c0)={0x81, r5, 0x10000, 0x7}) ioctl$SNDRV_PCM_IOCTL_RESUME(r3, 0x4147, 0x0) mount$fuse(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000040)='fuse\x00', 0x0, &(0x7f0000000140)={{'fd', 0x3d, r4}, 0x2c, {'rootmode', 0x3d, 0x807a}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) 03:29:35 executing program 3: r0 = socket$inet(0x2b, 0x1, 0x0) bind$inet(0xffffffffffffffff, &(0x7f0000000000)={0x2, 0x4e26, @local}, 0x10) connect$inet(r0, &(0x7f0000000100)={0x2, 0x4e23, @local}, 0x10) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) [ 806.532784] Node 0 DMA32 free:36068kB min:36296kB low:45368kB high:54440kB active_anon:1909956kB inactive_anon:16128kB active_file:28kB inactive_file:4kB unevictable:0kB writepending:8kB present:3129332kB managed:2623992kB mlocked:0kB kernel_stack:12512kB pagetables:45736kB bounce:0kB free_pcp:392kB local_pcp:260kB free_cma:0kB [ 806.677227] lowmem_reserve[]: 0 0 0 0 0 [ 806.699401] Node 0 Normal free:0kB min:0kB low:0kB high:0kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:0kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 806.813709] lowmem_reserve[]: 0 0 0 0 0 [ 806.829388] Node 1 Normal free:1002460kB min:53592kB low:66988kB high:80384kB active_anon:2280764kB inactive_anon:28kB active_file:15616kB inactive_file:30520kB unevictable:0kB writepending:312kB present:3932160kB managed:3870192kB mlocked:0kB kernel_stack:32064kB pagetables:78460kB bounce:0kB free_pcp:592kB local_pcp:384kB free_cma:0kB [ 806.958125] lowmem_reserve[]: 0 0 0 0 0 [ 806.966953] Node 0 DMA: 4*4kB (M) 11*8kB (UM) 4*16kB (UM) 5*32kB (UM) 2*64kB (UM) 2*128kB (UM) 0*256kB 1*512kB (M) 1*1024kB (M) 0*2048kB 2*4096kB (ME) = 10440kB [ 807.008187] Node 0 DMA32: 335*4kB (ME) 454*8kB (UM) 85*16kB (UM) 24*32kB (UM) 56*64kB (ME) 38*128kB (UME) 26*256kB (UME) 13*512kB (UM) 7*1024kB (ME) 0*2048kB 0*4096kB = 36028kB [ 807.032683] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 807.065478] Node 1 Normal: 93*4kB (UME) 172*8kB (UME) 35*16kB (UME) 117*32kB (UME) 33*64kB (UME) 18*128kB (UME) 4*256kB (UM) 10*512kB (UM) 10*1024kB (UME) 5*2048kB (UME) 236*4096kB (M) = 1003748kB [ 807.112676] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 807.136589] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 807.160174] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 807.174211] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 807.185421] 12625 total pagecache pages [ 807.189585] 0 pages in swap cache [ 807.197838] Swap cache stats: add 0, delete 0, find 0/0 [ 807.210463] Free swap = 0kB [ 807.220324] Total swap = 0kB [ 807.227036] 1965979 pages RAM [ 807.238113] 0 pages HighMem/MovableOnly [ 807.248585] 338456 pages reserved [ 807.259823] 0 pages cma reserved 03:29:36 executing program 1: openat$adsp1(0xffffffffffffff9c, 0x0, 0x0, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) sendmsg$IPCTNL_MSG_CT_GET_STATS_CPU(r3, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x14, 0x4, 0x1, 0x3, 0x0, 0x0, {0x5, 0x0, 0x8}, ["", "", "", "", "", "", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x4000040}, 0x4000000) ioctl$KVM_SET_IRQCHIP(0xffffffffffffffff, 0x8208ae63, &(0x7f0000000300)={0x2, 0x0, @ioapic={0x0, 0x0, 0x0, 0x7fff, 0x0, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x40}]}}) r4 = syz_open_dev$mouse(&(0x7f0000000140)='/dev/input/mouse#\x00', 0x7, 0x644c0) ioctl$TUNGETFILTER(r4, 0x801054db, &(0x7f0000000540)=""/4096) r5 = syz_open_dev$vcsn(&(0x7f0000000180)='/dev/vcs#\x00', 0x0, 0x311800) write$RDMA_USER_CM_CMD_CREATE_ID(r3, &(0x7f0000000200)={0x0, 0x18, 0xfa00, {0x0, &(0x7f00000001c0)={0xffffffffffffffff}, 0x106, 0x2}}, 0x20) write$RDMA_USER_CM_CMD_BIND_IP(r5, &(0x7f0000000240)={0x2, 0x28, 0xfa00, {0x0, {0xa, 0x4e21, 0x9, @local, 0x1ff}, r6}}, 0x30) 03:29:36 executing program 0: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8d, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000280)={0x38, 0x2, 0x0, 0x0, 0x8}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f00000041c0)=[{{&(0x7f0000000780)=@xdp, 0x80, &(0x7f0000000b40)=[{0x0}], 0x1}, 0x405}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) write$P9_RGETLOCK(r2, &(0x7f00000003c0)=ANY=[@ANYBLOB="350000194e621100000000000000000700f0000000000000cabccf258f89fc6da8c395aa018d83e0c6356c5aded74dc7e99c74d427ae85f25c5b80b95c85957da97fba0896741c3b4a18e6f44167ddbe0c0570d3438eccb779ee1311dcdfdf829060face36020a87829ad8dc6794ba8425204fd2014fcb7feb8c886459fe1c0d6e02cda33131a6a09c45c7436506c7f9e71402c4c9f4a71128e7727ee3582fe45a858994ce3dab322c7846ef0af200", @ANYRES32, @ANYBLOB="17007573657ac1"], 0x35) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x363) perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x7e, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000380)}, 0x9000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x4000000000000071, 0x0) r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000340)={0x6, 0x0, 0x0, 0x204f}) ioctl$DRM_IOCTL_AGP_FREE(r2, 0x40206435, &(0x7f00000004c0)={0x81, r5, 0x10000, 0x7}) ioctl$SNDRV_PCM_IOCTL_RESUME(r3, 0x4147, 0x0) mount$fuse(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000040)='fuse\x00', 0x0, &(0x7f0000000140)={{'fd', 0x3d, r4}, 0x2c, {'rootmode', 0x3d, 0x807a}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) 03:29:36 executing program 3: r0 = socket$inet(0x2b, 0x1, 0x0) bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e23, @multicast2}, 0x31) connect$inet(r0, &(0x7f0000000100)={0x2, 0x4e23, @local}, 0x10) dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x200) 03:29:36 executing program 2: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8d, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000280)={0x38, 0x2, 0x0, 0x0, 0x8}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f00000041c0)=[{{&(0x7f0000000780)=@xdp, 0x80, &(0x7f0000000b40)=[{&(0x7f0000000800)=""/55, 0x37}], 0x1}, 0x405}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) write$P9_RGETLOCK(r2, &(0x7f00000003c0)=ANY=[@ANYBLOB="350000194e621100000000000000000700f0000000000000cabccf258f89fc6da8c395aa018d83e0c6356c5aded74dc7e99c74d427ae85f25c5b80b95c85957da97fba0896741c3b4a18e6f44167ddbe0c0570d3438eccb779ee1311dcdfdf829060face36020a87829ad8dc6794ba8425204fd2014fcb7feb8c886459fe1c0d6e02cda33131a6a09c45c7436506c7f9e71402c4c9f4a71128e7727ee3582fe45a858994ce3dab322c7846ef0af200", @ANYRES32, @ANYBLOB="17007573657ac194ca"], 0x35) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3, 0x7, 0x0, 0x0, 0x20000}, 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x363) perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x7e, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000380)}, 0x9000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x4000000000000071, 0x0) r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000340)={0x6, 0x0, 0x0, 0x204f}) ioctl$DRM_IOCTL_AGP_FREE(r2, 0x40206435, &(0x7f00000004c0)={0x81, r5, 0x10000, 0x7}) ioctl$SNDRV_PCM_IOCTL_RESUME(r3, 0x4147, 0x0) mount$fuse(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000040)='fuse\x00', 0x0, &(0x7f0000000500)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r4, @ANYBLOB=',rootmode=00000000000000000100172,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0, @ANYBLOB="2c003e134c0dfc1e2cb3eb422b1b5b99d372b406e5b93e283fe0bc4c49f4de1f18c80326b01572048f4a1f16969cd23a6a7964f7858a00621b3a765508bd06ceba2012438c067e0693ce013e902e09b84063ac1f2213b15ed81fa3e6f091a6697be40414007d63a946cb902a96ba9ce9d9af008e7ca7aa499a7d4e0167c36e5d0192f4c034489f8b231f7546d408bf9233627f5f75b42cbdc1b24b843267aaaec85c448e85e3"]) 03:29:36 executing program 5: openat$adsp1(0xffffffffffffff9c, &(0x7f0000000180)='/dev/adsp1\x00', 0x0, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ioctl$GIO_CMAP(r3, 0x4b70, &(0x7f0000000500)) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = dup(r4) fgetxattr(r4, &(0x7f0000000040)=@known='com.apple.FinderInfo\x00', &(0x7f0000000080)=""/89, 0x59) r6 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r7 = dup(r6) r8 = syz_genetlink_get_family_id$tipc2(&(0x7f00000000c0)='TIPCv2\x00') r9 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$TIPC_NL_BEARER_ENABLE(r9, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000640)={0x120, r8, 0xc573de0d27bdfe6f, 0x70bd2a, 0x0, {0x4}, [@TIPC_NLA_NODE={0x10c, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x3e, 0x4, {'gcm(aes)\x00', 0x16, "5d9e5a19996498b7bb62dd9dcbe9bf6fd059363f206f"}}, @TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_ID={0x6d, 0x3, "eff9f49606d59cac5410025602c1857a67cc665809278eca5f6a46ad5c0c7d2b816ac4b40a4dd75c03ba1590af337e7fa15dbd7bb705f6a8ae72d3d9efc0ddc2fad59b1b737adc632a3a6b6529e6553c1f26fec1b0ccb6c3d0d651d2a03938803285b78f0e187703fd"}, @TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "069ae7e877def3d332e230aafc3c8743efb842787b31c00699ff307e6ec57161aec89d75"}}, @TIPC_NLA_NODE_UP={0x4}]}]}, 0x120}}, 0x5) sendmsg$FOU_CMD_ADD(0xffffffffffffffff, &(0x7f0000000600)={&(0x7f0000000540)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f00000005c0)={&(0x7f0000000580)={0x18, 0x0, 0x200, 0x70bd28, 0x25dfdbfd, {}, [@FOU_ATTR_REMCSUM_NOPARTIAL={0x4}]}, 0x18}, 0x1, 0x0, 0x0, 0x4881}, 0x4) sendmsg$TIPC_NL_MEDIA_SET(r5, &(0x7f0000000480)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000140)={&(0x7f00000009c0)={0x258, 0x0, 0x1, 0x70bd2c, 0x25dfdbfe, {}, [@TIPC_NLA_MEDIA={0x58, 0x5, 0x0, 0x1, [@TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'udp\x00'}, @TIPC_NLA_MEDIA_PROP={0x44, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x1}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x6}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x8000}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x4}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1b}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x404cfa7a}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x7250}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x1}]}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'udp\x00'}]}, @TIPC_NLA_MON={0x3c, 0x9, 0x0, 0x1, [@TIPC_NLA_MON_REF={0x8, 0x2, 0x1}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x8}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x80}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x8}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x8}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x5}, @TIPC_NLA_MON_REF={0x8, 0x2, 0xffffffff}]}, @TIPC_NLA_BEARER={0x80, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_UDP_OPTS={0x38, 0x4, {{0x20, 0x1, @in6={0xa, 0x4e23, 0x2, @loopback, 0x4}}, {0x14, 0x2, @in={0x2, 0x4e21, @multicast1}}}}, @TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x4}, @TIPC_NLA_BEARER_NAME={0x17, 0x1, @l2={'ib', 0x3a, 'veth1_virt_wifi\x00'}}, @TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x2}, @TIPC_NLA_BEARER_DOMAIN={0x8}, @TIPC_NLA_BEARER_PROP={0xc, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x44}]}, @TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x4}]}, @TIPC_NLA_SOCK={0x20, 0x2, 0x0, 0x1, [@TIPC_NLA_SOCK_CON={0x14, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_NODE={0x8, 0x2, 0xfff}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x7fff}]}, @TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0x377400}]}, @TIPC_NLA_BEARER={0x94, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x100}, @TIPC_NLA_BEARER_UDP_OPTS={0x2c, 0x4, {{0x14, 0x1, @in={0x2, 0x4e24, @multicast1}}, {0x14, 0x2, @in={0x2, 0x4e21, @local}}}}, @TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz0\x00'}, @TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x200}, @TIPC_NLA_BEARER_PROP={0x44, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0xfffffffc}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x4}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x4}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0xfb69}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x7}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x9}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x5}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x4}]}]}, @TIPC_NLA_BEARER={0x28, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_NAME={0xc, 0x1, @l2={'ib', 0x3a, 'hsr0\x00'}}, @TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0xffff}, @TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x6}, @TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x10001}]}, @TIPC_NLA_NET={0x14, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_ID={0x8, 0x1, 0x1}, @TIPC_NLA_NET_ADDR={0x8, 0x2, 0x2}]}, @TIPC_NLA_LINK={0x40, 0x4, 0x0, 0x1, [@TIPC_NLA_LINK_PROP={0xc, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0xfffffffe}]}, @TIPC_NLA_LINK_PROP={0x24, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x80000001}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x9}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x8}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x4}]}, @TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz0\x00'}]}]}, 0x258}, 0x1, 0x0, 0x0, 0x20000000}, 0x400) ioctl$PERF_EVENT_IOC_ENABLE(r7, 0x8912, 0x400200) 03:29:36 executing program 3: r0 = socket$inet(0x2b, 0xa, 0xd0) bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e23, @multicast2}, 0x31) connect$inet(r0, &(0x7f0000000100)={0x2, 0x4e23, @local}, 0x10) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) getsockopt$inet_IP_XFRM_POLICY(r3, 0x0, 0x11, &(0x7f0000000140)={{{@in=@multicast1, @in, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@initdev}, 0x0, @in6=@ipv4={[], [], @empty}}}, &(0x7f0000000080)=0xe8) r5 = getegid() lchown(&(0x7f0000000000)='./file0\x00', 0x0, r5) write$FUSE_ENTRY(r1, &(0x7f0000000240)={0x90, 0x0, 0x8, {0x0, 0x1, 0x100000000, 0x79, 0x200, 0x40, {0x2, 0x5, 0x2, 0x1, 0x4, 0x1, 0x0, 0xfffffffa, 0xfffffffc, 0x10001, 0x3, r4, r5, 0x8, 0x8}}}, 0x90) 03:29:36 executing program 2: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8d, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000280)={0x38, 0x2, 0x0, 0x0, 0x8}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f00000041c0)=[{{&(0x7f0000000780)=@xdp, 0x80, &(0x7f0000000b40)=[{&(0x7f0000000800)=""/55, 0x37}], 0x1}, 0x405}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) write$P9_RGETLOCK(r2, &(0x7f00000003c0)=ANY=[@ANYBLOB="350000194e621100000000000000000700f0000000000000cabccf258f89fc6da8c395aa018d83e0c6356c5aded74dc7e99c74d427ae85f25c5b80b95c85957da97fba0896741c3b4a18e6f44167ddbe0c0570d3438eccb779ee1311dcdfdf829060face36020a87829ad8dc6794ba8425204fd2014fcb7feb8c886459fe1c0d6e02cda33131a6a09c45c7436506c7f9e71402c4c9f4a71128e7727ee3582fe45a858994ce3dab322c7846ef0af200", @ANYRES32, @ANYBLOB="17007573657ac194ca"], 0x35) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x363) perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x7e, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000380)}, 0x9000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x4000000000000071, 0x0) r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000340)={0x6, 0x0, 0x0, 0x204f}) ioctl$DRM_IOCTL_AGP_FREE(r2, 0x40206435, &(0x7f00000004c0)={0x81, r5, 0x10000, 0x7}) ioctl$SNDRV_PCM_IOCTL_RESUME(r3, 0x4147, 0x0) mount$fuse(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000040)='fuse\x00', 0x0, &(0x7f0000000140)=ANY=[@ANYBLOB="0046ec", @ANYRESHEX=r4, @ANYBLOB=',rootmode=00000000000000000100172,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0, @ANYBLOB=',\x00']) [ 807.752744] syz-executor.1: page allocation failure: order:0, mode:0x14000c4(GFP_KERNEL|GFP_DMA32), nodemask=(null) [ 807.821175] syz-executor.1 cpuset=/ mems_allowed=0-1 [ 807.826403] CPU: 1 PID: 7019 Comm: syz-executor.1 Not tainted 4.14.184-syzkaller #0 [ 807.834204] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 807.843568] Call Trace: [ 807.846194] dump_stack+0x1b2/0x283 [ 807.849835] warn_alloc.cold+0x96/0x1af [ 807.853817] ? zone_watermark_ok_safe+0x250/0x250 [ 807.858699] ? wait_for_completion_io+0x10/0x10 [ 807.863385] __alloc_pages_nodemask+0x2129/0x2730 [ 807.868246] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 807.873098] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 807.877960] ? do_raw_spin_unlock+0x164/0x250 [ 807.882470] alloc_pages_current+0xe7/0x1e0 [ 807.884972] syz-executor.5: [ 807.886801] kvm_mmu_create+0xd1/0x1c0 [ 807.886817] kvm_arch_vcpu_init+0x282/0x890 [ 807.886835] ? alloc_pages_current+0xef/0x1e0 [ 807.886849] kvm_vcpu_init+0x26d/0x360 [ 807.906546] vmx_create_vcpu+0xf5/0x2950 [ 807.910627] ? __mutex_unlock_slowpath+0x75/0x780 [ 807.912989] page allocation failure: order:0 [ 807.915498] ? drop_futex_key_refs.isra.0+0x17/0x80 [ 807.915518] ? alloc_loaded_vmcs+0x240/0x240 [ 807.915534] kvm_vm_ioctl+0x4ae/0x1430 [ 807.915551] ? __lock_acquire+0x655/0x42a0 [ 807.915561] ? kvm_vcpu_release+0xa0/0xa0 [ 807.915572] ? trace_hardirqs_on+0x10/0x10 [ 807.915586] ? trace_hardirqs_on+0x10/0x10 [ 807.915615] ? futex_exit_release+0x60/0x60 [ 807.931404] , mode:0x14000c4(GFP_KERNEL|GFP_DMA32), nodemask= [ 807.933327] ? __might_fault+0x104/0x1b0 [ 807.933343] ? lock_acquire+0x170/0x3f0 [ 807.933354] ? kvm_vcpu_release+0xa0/0xa0 [ 807.933366] do_vfs_ioctl+0x75a/0xfe0 [ 807.954921] (null) [ 807.960453] ? selinux_parse_skb.constprop.0+0x16c0/0x16c0 [ 807.960468] ? ioctl_preallocate+0x1a0/0x1a0 [ 807.960489] ? security_file_ioctl+0x76/0xb0 [ 807.960498] ? security_file_ioctl+0x83/0xb0 [ 807.960512] SyS_ioctl+0x7f/0xb0 [ 807.981819] syz-executor.5 cpuset= [ 807.984307] ? do_vfs_ioctl+0xfe0/0xfe0 [ 807.984325] do_syscall_64+0x1d5/0x640 [ 807.984344] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 807.984356] RIP: 0033:0x45cba9 [ 808.000681] / [ 808.000942] RSP: 002b:00007f4b1ca47c78 EFLAGS: 00000246 [ 808.009500] mems_allowed=0-1 [ 808.012326] ORIG_RAX: 0000000000000010 [ 808.012335] RAX: ffffffffffffffda RBX: 00000000004e85c0 RCX: 000000000045cba9 [ 808.012340] RDX: 0000000000000000 RSI: 000000000000ae41 RDI: 0000000000000004 [ 808.012345] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 808.012349] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 808.012354] R13: 00000000000003a3 R14: 00000000004c652f R15: 00007f4b1ca486d4 [ 808.240951] CPU: 0 PID: 7015 Comm: syz-executor.5 Not tainted 4.14.184-syzkaller #0 [ 808.248808] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 808.258178] Call Trace: [ 808.259644] syz-executor.5: page allocation failure: order:0 [ 808.260772] dump_stack+0x1b2/0x283 [ 808.260788] warn_alloc.cold+0x96/0x1af [ 808.274184] ? zone_watermark_ok_safe+0x250/0x250 [ 808.275362] , mode:0x14000c4(GFP_KERNEL|GFP_DMA32), nodemask=(null) [ 808.279083] ? wait_for_completion_io+0x10/0x10 [ 808.290197] __alloc_pages_nodemask+0x2129/0x2730 [ 808.295080] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 808.299935] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 808.304819] ? do_raw_spin_unlock+0x164/0x250 [ 808.309324] alloc_pages_current+0xe7/0x1e0 [ 808.313658] kvm_mmu_create+0xd1/0x1c0 [ 808.315526] syz-executor.5 cpuset= [ 808.317544] kvm_arch_vcpu_init+0x282/0x890 [ 808.317546] / mems_allowed=0-1 [ 808.321083] ? alloc_pages_current+0xef/0x1e0 [ 808.321097] kvm_vcpu_init+0x26d/0x360 [ 808.321127] vmx_create_vcpu+0xf5/0x2950 [ 808.321141] ? __mutex_unlock_slowpath+0x75/0x780 [ 808.321150] ? drop_futex_key_refs.isra.0+0x17/0x80 [ 808.321163] ? alloc_loaded_vmcs+0x240/0x240 [ 808.321177] kvm_vm_ioctl+0x4ae/0x1430 [ 808.321188] ? __lock_acquire+0x655/0x42a0 [ 808.321201] ? kvm_vcpu_release+0xa0/0xa0 [ 808.367651] ? trace_hardirqs_on+0x10/0x10 [ 808.371897] ? trace_hardirqs_on+0x10/0x10 [ 808.376140] ? futex_exit_release+0x60/0x60 [ 808.380469] ? __might_fault+0x104/0x1b0 [ 808.384542] ? lock_acquire+0x170/0x3f0 [ 808.388529] ? kvm_vcpu_release+0xa0/0xa0 [ 808.392683] do_vfs_ioctl+0x75a/0xfe0 [ 808.396492] ? selinux_parse_skb.constprop.0+0x16c0/0x16c0 [ 808.402123] ? ioctl_preallocate+0x1a0/0x1a0 [ 808.406553] ? security_file_ioctl+0x76/0xb0 [ 808.410967] ? security_file_ioctl+0x83/0xb0 [ 808.415379] SyS_ioctl+0x7f/0xb0 [ 808.418776] ? do_vfs_ioctl+0xfe0/0xfe0 [ 808.422763] do_syscall_64+0x1d5/0x640 [ 808.426659] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 808.431851] RIP: 0033:0x45cba9 [ 808.435044] RSP: 002b:00007ffa78a6ac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 808.442859] RAX: ffffffffffffffda RBX: 00000000004e85c0 RCX: 000000000045cba9 [ 808.450149] RDX: 0000000000000000 RSI: 000000000000ae41 RDI: 0000000000000005 [ 808.457442] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 808.464721] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 808.472017] R13: 00000000000003a3 R14: 00000000004c652f R15: 00007ffa78a6b6d4 [ 808.495464] CPU: 1 PID: 7055 Comm: syz-executor.5 Not tainted 4.14.184-syzkaller #0 [ 808.503313] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 808.512679] Call Trace: [ 808.515286] dump_stack+0x1b2/0x283 [ 808.518934] warn_alloc.cold+0x96/0x1af [ 808.522920] ? zone_watermark_ok_safe+0x250/0x250 [ 808.527783] ? wait_for_completion_io+0x10/0x10 [ 808.532463] __alloc_pages_nodemask+0x2129/0x2730 [ 808.537327] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 808.542188] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 808.547141] ? do_raw_spin_unlock+0x164/0x250 [ 808.551806] alloc_pages_current+0xe7/0x1e0 [ 808.556166] kvm_mmu_create+0xd1/0x1c0 [ 808.560079] kvm_arch_vcpu_init+0x282/0x890 [ 808.564428] ? alloc_pages_current+0xef/0x1e0 [ 808.568958] kvm_vcpu_init+0x26d/0x360 [ 808.572861] vmx_create_vcpu+0xf5/0x2950 [ 808.576935] ? __mutex_unlock_slowpath+0x75/0x780 [ 808.581791] ? alloc_loaded_vmcs+0x240/0x240 [ 808.586207] kvm_vm_ioctl+0x4ae/0x1430 [ 808.590104] ? __lock_acquire+0x655/0x42a0 [ 808.594381] ? kvm_vcpu_release+0xa0/0xa0 [ 808.598672] ? trace_hardirqs_on+0x10/0x10 [ 808.602933] ? trace_hardirqs_on+0x10/0x10 [ 808.607194] ? lock_acquire+0x170/0x3f0 [ 808.611208] ? __might_fault+0x104/0x1b0 [ 808.615309] ? lock_acquire+0x170/0x3f0 [ 808.619309] ? kvm_vcpu_release+0xa0/0xa0 [ 808.623476] do_vfs_ioctl+0x75a/0xfe0 [ 808.627296] ? selinux_parse_skb.constprop.0+0x16c0/0x16c0 [ 808.632935] ? ioctl_preallocate+0x1a0/0x1a0 [ 808.637365] ? security_file_ioctl+0x76/0xb0 [ 808.641886] ? security_file_ioctl+0x83/0xb0 [ 808.646319] SyS_ioctl+0x7f/0xb0 [ 808.649691] ? do_vfs_ioctl+0xfe0/0xfe0 [ 808.653684] do_syscall_64+0x1d5/0x640 [ 808.657595] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 808.662830] RIP: 0033:0x45cba9 [ 808.666028] RSP: 002b:00007ffa78a28c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 808.673741] RAX: ffffffffffffffda RBX: 00000000004e85c0 RCX: 000000000045cba9 [ 808.681068] RDX: 0000000000000000 RSI: 000000000000ae41 RDI: 0000000000000005 [ 808.688359] RBP: 000000000078c040 R08: 0000000000000000 R09: 0000000000000000 [ 808.695788] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 808.703075] R13: 00000000000003a3 R14: 00000000004c652f R15: 00007ffa78a296d4 [ 808.721155] Mem-Info: [ 808.723632] active_anon:1052732 inactive_anon:4040 isolated_anon:0 [ 808.723632] active_file:3915 inactive_file:7637 isolated_file:0 [ 808.723632] unevictable:0 dirty:7 writeback:0 unstable:0 [ 808.723632] slab_reclaimable:16194 slab_unreclaimable:138196 [ 808.723632] mapped:58143 shmem:4201 pagetables:31035 bounce:0 [ 808.723632] free:257560 free_pcp:494 free_cma:0 [ 808.801161] Node 0 active_anon:1914300kB inactive_anon:16128kB active_file:28kB inactive_file:4kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:213944kB dirty:8kB writeback:0kB shmem:16772kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 1445888kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 808.851158] Node 1 active_anon:2296628kB inactive_anon:32kB active_file:15632kB inactive_file:30544kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:18628kB dirty:20kB writeback:0kB shmem:32kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 808.921277] Node 0 DMA free:10440kB min:220kB low:272kB high:324kB active_anon:4344kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:4kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 808.973560] lowmem_reserve[]: 0 2559 2559 2559 2559 [ 808.985456] Node 0 DMA32 free:35988kB min:36296kB low:45368kB high:54440kB active_anon:1909956kB inactive_anon:16128kB active_file:28kB inactive_file:4kB unevictable:0kB writepending:8kB present:3129332kB managed:2623992kB mlocked:0kB kernel_stack:12512kB pagetables:45736kB bounce:0kB free_pcp:508kB local_pcp:264kB free_cma:0kB [ 809.046503] lowmem_reserve[]: 0 0 0 0 0 [ 809.055332] Node 0 Normal free:0kB min:0kB low:0kB high:0kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:0kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 809.118175] lowmem_reserve[]: 0 0 0 0 0 [ 809.126985] Node 1 Normal free:985964kB min:53592kB low:66988kB high:80384kB active_anon:2296632kB inactive_anon:28kB active_file:15632kB inactive_file:30576kB unevictable:0kB writepending:52kB present:3932160kB managed:3870192kB mlocked:0kB kernel_stack:31872kB pagetables:78376kB bounce:0kB free_pcp:1060kB local_pcp:508kB free_cma:0kB [ 809.183697] lowmem_reserve[]: 0 0 0 0 0 [ 809.187847] Node 0 DMA: 4*4kB (M) 12*8kB (UM) 4*16kB (UM) 5*32kB (UM) 2*64kB (UM) 2*128kB (UM) 0*256kB 1*512kB (M) 1*1024kB (M) 0*2048kB 2*4096kB (ME) = 10448kB [ 809.204036] Node 0 DMA32: 335*4kB (ME) 471*8kB (UMH) 86*16kB (UM) 24*32kB (UM) 56*64kB (ME) 38*128kB (UME) 26*256kB (UME) 13*512kB (UM) 7*1024kB (ME) 0*2048kB 0*4096kB = 36180kB [ 809.225315] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 809.236322] Node 1 Normal: 82*4kB (UME) 299*8kB (UME) 36*16kB (UME) 62*32kB (UME) 34*64kB (UME) 16*128kB (UME) 3*256kB (U) 10*512kB (UM) 10*1024kB (UME) 5*2048kB (UME) 232*4096kB (M) = 986144kB [ 809.255159] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 809.264976] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 809.274549] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 809.284256] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 809.294164] 12640 total pagecache pages [ 809.298400] 0 pages in swap cache [ 809.304014] Swap cache stats: add 0, delete 0, find 0/0 [ 809.309697] Free swap = 0kB [ 809.315277] Total swap = 0kB [ 809.318406] 1965979 pages RAM [ 809.324249] 0 pages HighMem/MovableOnly [ 809.328352] 338456 pages reserved 03:29:38 executing program 3: r0 = socket$inet(0x2b, 0x1, 0x0) bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e23, @multicast2}, 0x31) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)) r3 = dup(0xffffffffffffffff) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) connect$inet(r3, &(0x7f00000000c0)={0x2, 0x4e22, @initdev={0xac, 0x1e, 0xfe, 0x0}}, 0x2) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = dup(r4) openat$bsg(0xffffffffffffff9c, &(0x7f0000000140)='/dev/bsg\x00', 0x2a0800, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x3) ioctl$KVM_RUN(r5, 0xae80, 0x0) r6 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r6, 0x8912, 0x400200) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r8 = dup(r7) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400202) ioctl$KVM_SET_DEVICE_ATTR(r8, 0x4018aee1, &(0x7f0000000100)={0x0, 0xc0, 0xffffffffffffff80, &(0x7f0000000080)=0x3}) 03:29:38 executing program 0: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8d, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000280)={0x38, 0x2, 0x0, 0x0, 0x8}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f00000041c0)=[{{&(0x7f0000000780)=@xdp, 0x80, &(0x7f0000000b40)=[{0x0}], 0x1}, 0x405}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) write$P9_RGETLOCK(r2, &(0x7f00000003c0)=ANY=[@ANYBLOB="350000194e621100000000000000000700f0000000000000cabccf258f89fc6da8c395aa018d83e0c6356c5aded74dc7e99c74d427ae85f25c5b80b95c85957da97fba0896741c3b4a18e6f44167ddbe0c0570d3438eccb779ee1311dcdfdf829060face36020a87829ad8dc6794ba8425204fd2014fcb7feb8c886459fe1c0d6e02cda33131a6a09c45c7436506c7f9e71402c4c9f4a71128e7727ee3582fe45a858994ce3dab322c7846ef0af200", @ANYRES32, @ANYBLOB="17007573657ac1"], 0x35) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x363) perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x7e, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000380)}, 0x9000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x4000000000000071, 0x0) r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000340)={0x6, 0x0, 0x0, 0x204f}) ioctl$DRM_IOCTL_AGP_FREE(r2, 0x40206435, &(0x7f00000004c0)={0x81, r5, 0x10000, 0x7}) ioctl$SNDRV_PCM_IOCTL_RESUME(r3, 0x4147, 0x0) mount$fuse(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000040)='fuse\x00', 0x0, &(0x7f0000000140)={{'fd', 0x3d, r4}, 0x2c, {'rootmode', 0x3d, 0x807a}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) 03:29:38 executing program 2: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8d, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000280)={0x38, 0x2, 0x0, 0x0, 0x8}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f00000041c0)=[{{&(0x7f0000000780)=@xdp, 0x80, &(0x7f0000000b40)=[{&(0x7f0000000800)=""/55, 0x37}], 0x1}, 0x405}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) write$P9_RGETLOCK(r2, &(0x7f00000003c0)=ANY=[@ANYBLOB="350000194e621100000000000000000700f0000000000000cabccf258f89fc6da8c395aa018d83e0c6356c5aded74dc7e99c74d427ae85f25c5b80b95c85957da97fba0896741c3b4a18e6f44167ddbe0c0570d3438eccb779ee1311dcdfdf829060face36020a87829ad8dc6794ba8425204fd2014fcb7feb8c886459fe1c0d6e02cda33131a6a09c45c7436506c7f9e71402c4c9f4a71128e7727ee3582fe45a858994ce3dab322c7846ef0af200", @ANYRES32, @ANYBLOB="17007573657ac194ca"], 0x35) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x363) perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x7e, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000380)}, 0x9000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x4000000000000071, 0x0) r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000340)={0x6, 0x0, 0x0, 0x204f}) ioctl$DRM_IOCTL_AGP_FREE(r2, 0x40206435, &(0x7f00000004c0)={0x81, r5, 0x10000, 0x7}) ioctl$SNDRV_PCM_IOCTL_RESUME(r3, 0x4147, 0x0) mount$fuse(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000040)='fuse\x00', 0x0, &(0x7f0000000140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r4, @ANYBLOB=',rootmode=00000000000000000100172,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0, @ANYBLOB='l\x00']) 03:29:38 executing program 5: openat$adsp1(0xffffffffffffff9c, &(0x7f0000000180)='/dev/adsp1\x00', 0x0, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) ioctl$FBIOGETCMAP(r2, 0x4604, &(0x7f0000000140)={0x7abfea10, 0x4, &(0x7f0000000040)=[0x0, 0x0, 0x0, 0x0], &(0x7f0000000080)=[0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f00000000c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000100)=[0x0, 0x0, 0x0, 0x0]}) r3 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60) ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) socket$inet_icmp_raw(0x2, 0x3, 0x1) r4 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) [ 809.333833] 0 pages cma reserved 03:29:38 executing program 4: r0 = socket$inet(0x2b, 0x1, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) bind$inet(r2, &(0x7f0000000000)={0x2, 0x4e23, @multicast2}, 0x10) connect$inet(r0, &(0x7f0000000100)={0x2, 0x4e23, @local}, 0x10) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000080)={'team0\x00'}) 03:29:38 executing program 1: openat$adsp1(0xffffffffffffff9c, 0x0, 0x0, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) r4 = syz_genetlink_get_family_id$wireguard(&(0x7f0000000080)='wireguard\x00') r5 = socket$nl_route(0x10, 0x3, 0x0) r6 = socket$netlink(0x10, 0x3, 0x0) r7 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r7, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r6, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000005c0)=ANY=[@ANYBLOB="3c0000001000850600"/20, @ANYRES32=r8, @ANYBLOB="01000000000000001c0012000c000100626f6e64"], 0x3c}}, 0x0) sendmsg$nl_route(r5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000140)=@newlink={0x3c, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, r8}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @bond={{0x9, 0x1, 'bond\x00'}, {0xc, 0x2, 0x0, 0x1, [@IFLA_BOND_MIIMON={0x8, 0x3, 0x3}]}}}]}, 0x3c}}, 0x0) sendmsg$WG_CMD_GET_DEVICE(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f00000000c0)={&(0x7f0000000540)={0x3e8, r4, 0x100, 0x70bd2a, 0x25dfdbfc, {}, [@WGDEVICE_A_PEERS={0xdc, 0x8, 0x0, 0x1, [{0x88, 0x0, 0x0, 0x1, [@WGPEER_A_ENDPOINT4={0x14, 0x4, {0x2, 0x4e23, @empty}}, @WGPEER_A_FLAGS={0x8}, @WGPEER_A_FLAGS={0x8, 0x3, 0x7}, @WGPEER_A_PERSISTENT_KEEPALIVE_INTERVAL={0x6}, @WGPEER_A_PROTOCOL_VERSION={0x8}, @WGPEER_A_PERSISTENT_KEEPALIVE_INTERVAL={0x6, 0x5, 0x6}, @WGPEER_A_PRESHARED_KEY={0x24, 0x2, "e79d49abe01955ebdb872b960f3d00d24c82a7e32646a4a6bfc71b96105da78b"}, @WGPEER_A_PRESHARED_KEY={0x24, 0x2, "135623a5c3eeaf6f6fc614b3986ebdb67a11b97e96bf46d8b3750022f0aee775"}]}, {0x20, 0x0, 0x0, 0x1, [@WGPEER_A_ENDPOINT4={0x14, 0x4, {0x2, 0x4e23, @remote}}, @WGPEER_A_PERSISTENT_KEEPALIVE_INTERVAL={0x6, 0x5, 0x7}]}, {0x30, 0x0, 0x0, 0x1, [@WGPEER_A_PUBLIC_KEY={0x24, 0x1, @c_g='\xf4M\xa3g\xa8\x8e\xe6VO\x02\x02\x11Eg\'\b/\\\xeb\xee\x8b\x1b\xf5\xebs74\x1bE\x9b9\"'}, @WGPEER_A_PROTOCOL_VERSION={0x8}]}]}, @WGDEVICE_A_PRIVATE_KEY={0x24, 0x3, @c='\xa0\xcb\x87\x9aG\xf5\xbcdL\x0ei?\xa6\xd01\xc7J\x15S\xb6\xe9\x01\xb9\xff/Q\x8cx\x04/\xb5B'}, @WGDEVICE_A_IFINDEX={0x8, 0x1, r8}, @WGDEVICE_A_IFNAME={0x14, 0x2, 'wg2\x00'}, @WGDEVICE_A_FWMARK={0x8, 0x7, 0x9}, @WGDEVICE_A_PEERS={0x2b0, 0x8, 0x0, 0x1, [{0x6c, 0x0, 0x0, 0x1, [@WGPEER_A_PUBLIC_KEY={0x24, 0x1, @a_g='\x97\\\x9d\x81\xc9\x83\xc8 \x9e\xe7\x81%K\x89\x9f\x8e\xd9%\xae\x9f\t#\xc20xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = socket$nl_route(0x10, 0x3, 0x0) r4 = socket$netlink(0x10, 0x3, 0x0) r5 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r5, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r5, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000005c0)=ANY=[@ANYBLOB="3c0000001000850600"/20, @ANYRES32=r6, @ANYBLOB="01000000000000001c0012000c000100626f6e64"], 0x3c}}, 0x0) sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000140)=@newlink={0x3c, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, r6}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @bond={{0x9, 0x1, 'bond\x00'}, {0xc, 0x2, 0x0, 0x1, [@IFLA_BOND_MIIMON={0x8, 0x3, 0x3}]}}}]}, 0x3c}}, 0x0) getsockopt$inet_IP_IPSEC_POLICY(r0, 0x0, 0x10, &(0x7f0000000140)={{{@in=@private, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@empty}}}, &(0x7f0000000080)=0xe8) setsockopt$inet_IP_IPSEC_POLICY(r2, 0x0, 0x10, &(0x7f0000000240)={{{@in6=@private2, @in=@local, 0x4e20, 0x5, 0x4e21, 0x4, 0xa, 0x80, 0x30, 0x6, r6, r7}, {0x800, 0x100000001, 0x3, 0xd144, 0x800, 0x5, 0x3f, 0x2}, {0xfffffffffffffffe, 0x60000000, 0x1, 0x7f}, 0x9, 0x6e6bbc, 0x2, 0x0, 0x3, 0x3}, {{@in6=@dev={0xfe, 0x80, [], 0xb}, 0x4d5, 0xff}, 0xa, @in=@loopback, 0x3503, 0x4, 0x2, 0x5, 0x7, 0x200, 0x3}}, 0xe8) connect$inet(r0, &(0x7f0000000100)={0x2, 0x4e23, @local}, 0x10) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r9 = dup(r8) ioctl$PERF_EVENT_IOC_ENABLE(r9, 0x8912, 0x400200) r10 = dup(r9) ioctl$PERF_EVENT_IOC_ENABLE(r10, 0x8912, 0x400200) [ 809.677967] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.1'. 03:29:38 executing program 0: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8d, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000280)={0x38, 0x2, 0x0, 0x0, 0x8}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f00000041c0)=[{{&(0x7f0000000780)=@xdp, 0x80, &(0x7f0000000b40)=[{&(0x7f0000000800)=""/55, 0x37}], 0x1}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) write$P9_RGETLOCK(r2, &(0x7f00000003c0)=ANY=[@ANYBLOB="350000194e621100000000000000000700f0000000000000cabccf258f89fc6da8c395aa018d83e0c6356c5aded74dc7e99c74d427ae85f25c5b80b95c85957da97fba0896741c3b4a18e6f44167ddbe0c0570d3438eccb779ee1311dcdfdf829060face36020a87829ad8dc6794ba8425204fd2014fcb7feb8c886459fe1c0d6e02cda33131a6a09c45c7436506c7f9e71402c4c9f4a71128e7727ee3582fe45a858994ce3dab322c7846ef0af200", @ANYRES32, @ANYBLOB="17007573657ac1"], 0x35) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x363) perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x7e, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000380)}, 0x9000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x4000000000000071, 0x0) r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000340)={0x6, 0x0, 0x0, 0x204f}) ioctl$DRM_IOCTL_AGP_FREE(r2, 0x40206435, &(0x7f00000004c0)={0x81, r5, 0x10000, 0x7}) ioctl$SNDRV_PCM_IOCTL_RESUME(r3, 0x4147, 0x0) mount$fuse(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000040)='fuse\x00', 0x0, &(0x7f0000000140)={{'fd', 0x3d, r4}, 0x2c, {'rootmode', 0x3d, 0x807a}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) 03:29:38 executing program 2: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8d, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000280)={0x38, 0x2, 0x0, 0x0, 0x8}, 0x0) r1 = socket$inet6(0xa, 0x3, 0xfffffffc) recvmmsg(r1, &(0x7f00000041c0)=[{{&(0x7f0000000780)=@xdp, 0x80, &(0x7f0000000b40)=[{&(0x7f0000000800)=""/55, 0x37}], 0x1}, 0x405}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) write$P9_RGETLOCK(r2, &(0x7f00000003c0)=ANY=[@ANYBLOB="350000194e621100000000000000000700f0000000000000cabccf258f89fc6da8c395aa018d83e0c6356c5aded74dc7e99c74d427ae85f25c5b80b95c85957da97fba0896741c3b4a18e6f44167ddbe0c0570d3438eccb779ee1311dcdfdf829060face36020a87829ad8dc6794ba8425204fd2014fcb7feb8c886459fe1c0d6e02cda33131a6a09c45c7436506c7f9e71402c4c9f4a71128e7727ee3582fe45a858994ce3dab322c7846ef0af200", @ANYRES32, @ANYBLOB="17007573657ac194ca"], 0x35) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x363) perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x7e, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000380)}, 0x9000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x4000000000000071, 0x0) r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000340)={0x6, 0x0, 0x0, 0x204f}) ioctl$DRM_IOCTL_AGP_FREE(r2, 0x40206435, &(0x7f00000004c0)={0x81, r5, 0x10000, 0x7}) ioctl$SNDRV_PCM_IOCTL_RESUME(r3, 0x4147, 0x0) mount$fuse(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000040)='fuse\x00', 0x0, &(0x7f0000000140)={{'fd', 0x3d, r4}, 0x2c, {'rootmode', 0x3d, 0x807a}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) 03:29:39 executing program 2: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8d, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000280)={0x38, 0x2, 0x0, 0x0, 0x8}, 0x0) socket$inet6(0xa, 0x2, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f00000041c0)=[{{&(0x7f0000000780)=@xdp, 0x80, &(0x7f0000000b40)=[{&(0x7f0000000500)=""/55, 0x37}], 0x1}, 0x405}], 0x1, 0xe223bbbae5496d06, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) write$P9_RGETLOCK(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="350000194e621100000000000000000700f0000000000000cabccf258f89fc6da8c395aa018d83e0c6356c5aded74dc7e99c74d427ae85f25c5b80b95c85957da97fba0896741c3b4a18e6f44167ddbe0c0570d3438eccb779ee1311dcdfdf829060face36020a87829ad8dc6794ba8425204fd2014fcb7feb8c886459fe1c0d6e02cda33131a6a09c45c7436506c7f9e71402c4c9f4a71128e7727ee3582fe45a858994ce3dab322c7846ef0af200", @ANYRES32, @ANYBLOB="17007573657ac194ca"], 0x35) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x363) perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x7e, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000380)}, 0x9000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x4000000000000071, 0x0) r3 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000340)={0x6, 0x0, 0x0, 0x204f}) ioctl$DRM_IOCTL_AGP_FREE(r1, 0x40206435, &(0x7f00000004c0)={0x81, r4, 0x10000, 0x7}) ioctl$SNDRV_PCM_IOCTL_RESUME(r2, 0x4147, 0x0) mount$fuse(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000040)='fuse\x00', 0x0, &(0x7f0000000140)={{'fd', 0x3d, r3}, 0x2c, {'rootmode', 0x3d, 0x807a}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) [ 809.971351] IPv6: ADDRCONF(NETDEV_UP): bond27: link is not ready [ 809.983797] syz-executor.5: page allocation failure: order:0, mode:0x14000c4(GFP_KERNEL|GFP_DMA32), nodemask=(null) 03:29:39 executing program 0: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8d, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000280)={0x38, 0x2, 0x0, 0x0, 0x8}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f00000041c0)=[{{&(0x7f0000000780)=@xdp, 0x80, &(0x7f0000000b40)=[{&(0x7f0000000800)=""/55, 0x37}], 0x1}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) write$P9_RGETLOCK(r2, &(0x7f00000003c0)=ANY=[@ANYBLOB="350000194e621100000000000000000700f0000000000000cabccf258f89fc6da8c395aa018d83e0c6356c5aded74dc7e99c74d427ae85f25c5b80b95c85957da97fba0896741c3b4a18e6f44167ddbe0c0570d3438eccb779ee1311dcdfdf829060face36020a87829ad8dc6794ba8425204fd2014fcb7feb8c886459fe1c0d6e02cda33131a6a09c45c7436506c7f9e71402c4c9f4a71128e7727ee3582fe45a858994ce3dab322c7846ef0af200", @ANYRES32, @ANYBLOB="17007573657ac1"], 0x35) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x363) perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x7e, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000380)}, 0x9000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x4000000000000071, 0x0) r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000340)={0x6, 0x0, 0x0, 0x204f}) ioctl$DRM_IOCTL_AGP_FREE(r2, 0x40206435, &(0x7f00000004c0)={0x81, r5, 0x10000, 0x7}) ioctl$SNDRV_PCM_IOCTL_RESUME(r3, 0x4147, 0x0) mount$fuse(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000040)='fuse\x00', 0x0, &(0x7f0000000140)={{'fd', 0x3d, r4}, 0x2c, {'rootmode', 0x3d, 0x807a}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) [ 810.038263] 8021q: adding VLAN 0 to HW filter on device bond27 [ 810.060229] syz-executor.5 cpuset=/ mems_allowed=0-1 [ 810.069520] CPU: 1 PID: 7076 Comm: syz-executor.5 Not tainted 4.14.184-syzkaller #0 [ 810.069597] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.3'. [ 810.077392] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 810.077398] Call Trace: [ 810.077420] dump_stack+0x1b2/0x283 [ 810.077438] warn_alloc.cold+0x96/0x1af [ 810.077448] ? zone_watermark_ok_safe+0x250/0x250 [ 810.077464] ? wait_for_completion_io+0x10/0x10 [ 810.077478] __alloc_pages_nodemask+0x2129/0x2730 [ 810.077501] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 810.077511] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 810.077534] ? do_raw_spin_unlock+0x164/0x250 [ 810.077549] alloc_pages_current+0xe7/0x1e0 [ 810.077564] kvm_mmu_create+0xd1/0x1c0 [ 810.077579] kvm_arch_vcpu_init+0x282/0x890 [ 810.147574] ? alloc_pages_current+0xef/0x1e0 [ 810.152109] kvm_vcpu_init+0x26d/0x360 [ 810.156027] vmx_create_vcpu+0xf5/0x2950 [ 810.160119] ? __mutex_unlock_slowpath+0x75/0x780 [ 810.164983] ? drop_futex_key_refs.isra.0+0x17/0x80 [ 810.170057] ? alloc_loaded_vmcs+0x240/0x240 [ 810.174503] kvm_vm_ioctl+0x4ae/0x1430 [ 810.178421] ? __lock_acquire+0x655/0x42a0 [ 810.182683] ? kvm_vcpu_release+0xa0/0xa0 [ 810.186859] ? trace_hardirqs_on+0x10/0x10 [ 810.191126] ? trace_hardirqs_on+0x10/0x10 [ 810.195390] ? futex_exit_release+0x60/0x60 [ 810.199741] ? __might_fault+0x104/0x1b0 [ 810.203857] ? lock_acquire+0x170/0x3f0 [ 810.207854] ? kvm_vcpu_release+0xa0/0xa0 [ 810.212026] do_vfs_ioctl+0x75a/0xfe0 [ 810.215855] ? selinux_parse_skb.constprop.0+0x16c0/0x16c0 [ 810.221508] ? ioctl_preallocate+0x1a0/0x1a0 [ 810.225957] ? security_file_ioctl+0x76/0xb0 [ 810.230413] ? security_file_ioctl+0x83/0xb0 [ 810.234846] SyS_ioctl+0x7f/0xb0 [ 810.238225] ? do_vfs_ioctl+0xfe0/0xfe0 [ 810.242219] do_syscall_64+0x1d5/0x640 [ 810.246132] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 810.251355] RIP: 0033:0x45cba9 [ 810.254577] RSP: 002b:00007ffa78a6ac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 810.262314] RAX: ffffffffffffffda RBX: 00000000004e85c0 RCX: 000000000045cba9 [ 810.269603] RDX: 0000000000000000 RSI: 000000000000ae41 RDI: 0000000000000008 [ 810.276895] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 810.284200] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 810.291530] R13: 00000000000003a3 R14: 00000000004c652f R15: 00007ffa78a6b6d4 [ 810.327455] warn_alloc_show_mem: 2 callbacks suppressed [ 810.327460] Mem-Info: [ 810.335587] active_anon:1055466 inactive_anon:4040 isolated_anon:0 [ 810.335587] active_file:3916 inactive_file:7647 isolated_file:0 [ 810.335587] unevictable:0 dirty:53 writeback:0 unstable:0 [ 810.335587] slab_reclaimable:16164 slab_unreclaimable:138030 [ 810.335587] mapped:58438 shmem:4201 pagetables:31241 bounce:0 [ 810.335587] free:254701 free_pcp:361 free_cma:0 03:29:39 executing program 2: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8d, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000280)={0x38, 0x2, 0x0, 0x0, 0x8}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f00000041c0)=[{{&(0x7f0000000780)=@xdp, 0x80, &(0x7f0000000b40)=[{&(0x7f0000000800)=""/55, 0x37}], 0x1}, 0x405}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) write$P9_RGETLOCK(r2, &(0x7f00000003c0)=ANY=[@ANYRESOCT, @ANYRESHEX=r0, @ANYBLOB="17007573657ac194ca"], 0x35) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x363) perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x7e, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000380)}, 0x9000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x4000000000000071, 0x0) r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000340)={0x6, 0x0, 0x0, 0x204f}) ioctl$DRM_IOCTL_AGP_FREE(r2, 0x40206435, &(0x7f00000004c0)={0x81, r5, 0x10000, 0x7}) ioctl$SNDRV_PCM_IOCTL_RESUME(r3, 0x4147, 0x0) mount$fuse(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000040)='fuse\x00', 0x0, &(0x7f0000000140)={{'fd', 0x3d, r4}, 0x2c, {'rootmode', 0x3d, 0x807a}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) 03:29:39 executing program 0: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8d, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000280)={0x38, 0x2, 0x0, 0x0, 0x8}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f00000041c0)=[{{&(0x7f0000000780)=@xdp, 0x80, &(0x7f0000000b40)=[{&(0x7f0000000800)=""/55, 0x37}], 0x1}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) write$P9_RGETLOCK(r2, &(0x7f00000003c0)=ANY=[@ANYBLOB="350000194e621100000000000000000700f0000000000000cabccf258f89fc6da8c395aa018d83e0c6356c5aded74dc7e99c74d427ae85f25c5b80b95c85957da97fba0896741c3b4a18e6f44167ddbe0c0570d3438eccb779ee1311dcdfdf829060face36020a87829ad8dc6794ba8425204fd2014fcb7feb8c886459fe1c0d6e02cda33131a6a09c45c7436506c7f9e71402c4c9f4a71128e7727ee3582fe45a858994ce3dab322c7846ef0af200", @ANYRES32, @ANYBLOB="17007573657ac1"], 0x35) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x363) perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x7e, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000380)}, 0x9000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x4000000000000071, 0x0) r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000340)={0x6, 0x0, 0x0, 0x204f}) ioctl$DRM_IOCTL_AGP_FREE(r2, 0x40206435, &(0x7f00000004c0)={0x81, r5, 0x10000, 0x7}) ioctl$SNDRV_PCM_IOCTL_RESUME(r3, 0x4147, 0x0) mount$fuse(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000040)='fuse\x00', 0x0, &(0x7f0000000140)={{'fd', 0x3d, r4}, 0x2c, {'rootmode', 0x3d, 0x807a}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) [ 810.372912] Node 0 active_anon:1914300kB inactive_anon:16128kB active_file:32kB inactive_file:0kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:213988kB dirty:8kB writeback:0kB shmem:16772kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 1445888kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 810.409434] Node 1 active_anon:2307564kB inactive_anon:32kB active_file:15632kB inactive_file:30588kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:18664kB dirty:204kB writeback:0kB shmem:32kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 810.459484] Node 0 DMA free:10432kB min:220kB low:272kB high:324kB active_anon:4344kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:4kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 810.496913] lowmem_reserve[]: 0 2559 2559 2559 2559 [ 810.503006] Node 0 DMA32 free:36076kB min:36296kB low:45368kB high:54440kB active_anon:1909956kB inactive_anon:16128kB active_file:32kB inactive_file:0kB unevictable:0kB writepending:8kB present:3129332kB managed:2623992kB mlocked:0kB kernel_stack:12512kB pagetables:45736kB bounce:0kB free_pcp:588kB local_pcp:268kB free_cma:0kB [ 810.535433] lowmem_reserve[]: 0 0 0 0 0 [ 810.539473] Node 0 Normal free:0kB min:0kB low:0kB high:0kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:0kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 810.553068] IPv6: ADDRCONF(NETDEV_UP): bond5: link is not ready [ 810.574174] lowmem_reserve[]: 0 0 0 0 0 [ 810.578190] Node 1 Normal free:972928kB min:53592kB low:66988kB high:80384kB active_anon:2307964kB inactive_anon:32kB active_file:15632kB inactive_file:30588kB unevictable:0kB writepending:352kB present:3932160kB managed:3870192kB mlocked:0kB kernel_stack:32736kB pagetables:79372kB bounce:0kB free_pcp:280kB local_pcp:100kB free_cma:0kB [ 810.601664] 8021q: adding VLAN 0 to HW filter on device bond5 03:29:39 executing program 2: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8d, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000280)={0x38, 0x2, 0x0, 0x0, 0x8}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f00000041c0)=[{{&(0x7f0000000780)=@xdp, 0x80, &(0x7f0000000b40)=[{&(0x7f0000000800)=""/55, 0x37}], 0x1}, 0x405}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) write$P9_RGETLOCK(r2, &(0x7f0000000840)=ANY=[@ANYBLOB="350000194e621100000000000000000700f0000000000000cafccf258f89fc6da8c395aa018d83e0c6356c5aded74d5c85957da97fba0896741cfdf018e6f44167ddbe0c0570d3438eccb779ee1311f228e80d4ed19ca8f43ffe11dcdfdf829060face36020a87829ad8dc6794ba8425204fd2014fcb7feb8c886459fe1c0d6e02cda33131a6a09c45c7435206c7f9e71402c4c9f4a71128e7727ee3582fe45a85892bfcb7290a87fe45d1a0a8669b2a10cebe27565a4bffeac247850e79f85286277ed08671d5626c92ccae5bd76c5fa9551b8c2a992d991b5b174ddc995dc7fd05b8dda1f10834ef1594cd4cca1f0a9f075a0c103d14b05f612f00c123f9dfe57a", @ANYBLOB="4e5c0e627445dbf562ab69428575436c03956974510b915e231bb8e7be87c4c0709e05b254b44aa6f84aadb7c799aedc656c5751d89e7e03d3f161a23ae445e3a6fba71c36f1f0a7bb93fab8b255deb8b193a1e8579a77e522412b5a31199672ccdcf07a7d16c66ebd066aac3204ecd7663ca73498daebf53d1f6331b54f2d9342c080c5d49ce02c3fb98480cbbd77665b3eeb24fa3058e6f8bcebb9d1e3f5fb7639a8f65263ab8ddc726840422b82e67b504b45da77800aad6546aa2cfb47ecdab1eedc53897a3cc1578919e656b2a0671292d39536a37ce08275f8a77926bdc92ab48e9821faede6f745582d65b664e7f0e52d953974243cfb49343434f4", @ANYBLOB="17007573657ac194ca"], 0x35) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x363) perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x7e, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000380)}, 0x9000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x4000000000000071, 0x0) r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000340)={0x6, 0x0, 0x0, 0x204f}) ioctl$DRM_IOCTL_AGP_FREE(r2, 0x40206435, &(0x7f00000004c0)={0x81, r5, 0x10000, 0x7}) ioctl$SNDRV_PCM_IOCTL_RESUME(r3, 0x4147, 0x0) mount$fuse(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000040)='fuse\x00', 0x0, &(0x7f0000000140)={{'fd', 0x3d, r4}, 0x2c, {'rootmode', 0x3d, 0x807a}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) 03:29:39 executing program 4: r0 = socket$inet(0x2b, 0x1, 0x0) bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e23, @multicast2}, 0x31) connect$inet(r0, &(0x7f0000000100)={0x2, 0x4e23, @local}, 0x10) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) arch_prctl$ARCH_MAP_VDSO_32(0x2002, 0x101) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000080)={'team0\x00'}) [ 810.787238] lowmem_reserve[]: 0 0 0 0 0 [ 810.806303] Node 0 DMA: 4*4kB (M) 10*8kB (UM) 4*16kB (UM) 5*32kB (UM) 2*64kB (UM) 2*128kB (UM) 0*256kB 1*512kB (M) 1*1024kB (M) 0*2048kB 2*4096kB (ME) = 10432kB [ 810.882446] Node 0 DMA32: 335*4kB (ME) 456*8kB (UM) 86*16kB (UM) 24*32kB (UM) 56*64kB (ME) 38*128kB (UME) 26*256kB (UME) 13*512kB (UM) 7*1024kB (ME) 0*2048kB 0*4096kB = 36060kB [ 810.904053] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 810.951568] Node 1 Normal: 99*4kB (ME) 294*8kB (UME) 82*16kB (UME) 55*32kB (UME) 34*64kB (UME) 44*128kB (UME) 11*256kB (UM) 14*512kB (UM) 11*1024kB (UME) 7*2048kB (UME) 226*4096kB (M) = 974908kB [ 811.107590] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 811.122363] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 811.150285] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 811.186377] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 811.199430] 12652 total pagecache pages [ 811.216691] 0 pages in swap cache [ 811.254030] Swap cache stats: add 0, delete 0, find 0/0 [ 811.265864] Free swap = 0kB [ 811.275700] Total swap = 0kB [ 811.280338] syz-executor.5: page allocation failure: order:0, mode:0x14000c4(GFP_KERNEL|GFP_DMA32), nodemask=(null) [ 811.297831] 1965979 pages RAM [ 811.301277] 0 pages HighMem/MovableOnly [ 811.302453] syz-executor.5 cpuset=/ mems_allowed=0-1 [ 811.305613] 338456 pages reserved [ 811.310686] CPU: 0 PID: 7275 Comm: syz-executor.5 Not tainted 4.14.184-syzkaller #0 [ 811.318875] 0 pages cma reserved [ 811.321819] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 811.321825] Call Trace: [ 811.321850] dump_stack+0x1b2/0x283 [ 811.321865] warn_alloc.cold+0x96/0x1af [ 811.321876] ? zone_watermark_ok_safe+0x250/0x250 [ 811.321894] ? wait_for_completion_io+0x10/0x10 [ 811.321908] __alloc_pages_nodemask+0x2129/0x2730 [ 811.321933] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 811.364087] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 811.368973] ? do_raw_spin_unlock+0x164/0x250 [ 811.373477] alloc_pages_current+0xe7/0x1e0 [ 811.377929] kvm_mmu_create+0xd1/0x1c0 [ 811.381824] kvm_arch_vcpu_init+0x282/0x890 [ 811.386201] ? alloc_pages_current+0xef/0x1e0 [ 811.390745] kvm_vcpu_init+0x26d/0x360 [ 811.394655] vmx_create_vcpu+0xf5/0x2950 [ 811.398724] ? __mutex_unlock_slowpath+0x75/0x780 [ 811.403632] ? drop_futex_key_refs.isra.0+0x17/0x80 [ 811.408681] ? alloc_loaded_vmcs+0x240/0x240 [ 811.413122] kvm_vm_ioctl+0x4ae/0x1430 [ 811.417024] ? __lock_acquire+0x655/0x42a0 [ 811.421389] ? kvm_vcpu_release+0xa0/0xa0 [ 811.425593] ? trace_hardirqs_on+0x10/0x10 [ 811.429832] ? trace_hardirqs_on+0x10/0x10 [ 811.434076] ? futex_exit_release+0x60/0x60 [ 811.438424] ? __might_fault+0x104/0x1b0 [ 811.442570] ? lock_acquire+0x170/0x3f0 [ 811.446563] ? kvm_vcpu_release+0xa0/0xa0 [ 811.450735] do_vfs_ioctl+0x75a/0xfe0 [ 811.454546] ? selinux_parse_skb.constprop.0+0x16c0/0x16c0 [ 811.460246] ? ioctl_preallocate+0x1a0/0x1a0 [ 811.464706] ? security_file_ioctl+0x76/0xb0 [ 811.469134] ? security_file_ioctl+0x83/0xb0 [ 811.473553] SyS_ioctl+0x7f/0xb0 [ 811.476934] ? do_vfs_ioctl+0xfe0/0xfe0 [ 811.480915] do_syscall_64+0x1d5/0x640 [ 811.484819] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 811.490011] RIP: 0033:0x45cba9 [ 811.493194] RSP: 002b:00007ffa78a07c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 811.500920] RAX: ffffffffffffffda RBX: 00000000004e85c0 RCX: 000000000045cba9 [ 811.508243] RDX: 0000000000000000 RSI: 000000000000ae41 RDI: 0000000000000008 [ 811.515577] RBP: 000000000078c0e0 R08: 0000000000000000 R09: 0000000000000000 [ 811.523025] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 811.530446] R13: 00000000000003a3 R14: 00000000004c652f R15: 00007ffa78a086d4 [ 811.539163] Mem-Info: [ 811.542657] active_anon:1055393 inactive_anon:4039 isolated_anon:0 [ 811.542657] active_file:3917 inactive_file:7656 isolated_file:0 [ 811.542657] unevictable:0 dirty:29 writeback:0 unstable:0 [ 811.542657] slab_reclaimable:16137 slab_unreclaimable:137504 [ 811.542657] mapped:58174 shmem:4200 pagetables:31125 bounce:0 [ 811.542657] free:255504 free_pcp:483 free_cma:0 [ 811.576941] Node 0 active_anon:1914300kB inactive_anon:16128kB active_file:24kB inactive_file:8kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:214044kB dirty:8kB writeback:0kB shmem:16772kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 1445888kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 811.605152] Node 1 active_anon:2307272kB inactive_anon:28kB active_file:15644kB inactive_file:30616kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:18664kB dirty:120kB writeback:0kB shmem:28kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 811.633106] Node 0 DMA free:10416kB min:220kB low:272kB high:324kB active_anon:4344kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:4kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 811.659701] lowmem_reserve[]: 0 2559 2559 2559 2559 [ 811.665235] Node 0 DMA32 free:36124kB min:36296kB low:45368kB high:54440kB active_anon:1909956kB inactive_anon:16128kB active_file:24kB inactive_file:8kB unevictable:0kB writepending:8kB present:3129332kB managed:2623992kB mlocked:0kB kernel_stack:12512kB pagetables:45736kB bounce:0kB free_pcp:584kB local_pcp:304kB free_cma:0kB [ 811.694714] lowmem_reserve[]: 0 0 0 0 0 [ 811.698738] Node 0 Normal free:0kB min:0kB low:0kB high:0kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:0kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 811.724158] lowmem_reserve[]: 0 0 0 0 0 [ 811.728355] Node 1 Normal free:975508kB min:53592kB low:66988kB high:80384kB active_anon:2307172kB inactive_anon:28kB active_file:15644kB inactive_file:30616kB unevictable:0kB writepending:124kB present:3932160kB managed:3870192kB mlocked:0kB kernel_stack:32064kB pagetables:78612kB bounce:0kB free_pcp:1460kB local_pcp:728kB free_cma:0kB [ 811.758733] lowmem_reserve[]: 0 0 0 0 0 [ 811.762845] Node 0 DMA: 4*4kB (M) 8*8kB (UM) 4*16kB (UM) 5*32kB (UM) 2*64kB (UM) 2*128kB (UM) 0*256kB 1*512kB (M) 1*1024kB (M) 0*2048kB 2*4096kB (ME) = 10416kB [ 811.777502] Node 0 DMA32: 335*4kB (ME) 467*8kB (UM) 86*16kB (UM) 24*32kB (UM) 56*64kB (ME) 38*128kB (UME) 26*256kB (UME) 13*512kB (UM) 7*1024kB (ME) 0*2048kB 0*4096kB = 36148kB [ 811.794370] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 811.805404] Node 1 Normal: 110*4kB (UME) 92*8kB (UME) 131*16kB (UME) 65*32kB (UME) 27*64kB (UME) 31*128kB (UME) 10*256kB (UM) 12*512kB (UM) 15*1024kB (UME) 7*2048kB (UME) 226*4096kB (M) = 975144kB [ 811.823402] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 811.832450] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 811.841132] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB 03:29:40 executing program 0: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8d, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000280)={0x38, 0x2, 0x0, 0x0, 0x8}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f00000041c0)=[{{&(0x7f0000000780)=@xdp, 0x80, &(0x7f0000000b40)=[{&(0x7f0000000800)=""/55, 0x37}], 0x1}, 0x405}], 0x1, 0x0, 0x0) pipe(0x0) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) vmsplice(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) write$P9_RGETLOCK(0xffffffffffffffff, &(0x7f00000003c0)=ANY=[@ANYBLOB="350000194e621100000000000000000700f0000000000000cabccf258f89fc6da8c395aa018d83e0c6356c5aded74dc7e99c74d427ae85f25c5b80b95c85957da97fba0896741c3b4a18e6f44167ddbe0c0570d3438eccb779ee1311dcdfdf829060face36020a87829ad8dc6794ba8425204fd2014fcb7feb8c886459fe1c0d6e02cda33131a6a09c45c7436506c7f9e71402c4c9f4a71128e7727ee3582fe45a858994ce3dab322c7846ef0af200", @ANYRES32, @ANYBLOB="17007573657ac1"], 0x35) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x363) perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x7e, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000380)}, 0x9000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x4000000000000071, 0x0) r2 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000340)={0x6, 0x0, 0x0, 0x204f}) ioctl$DRM_IOCTL_AGP_FREE(0xffffffffffffffff, 0x40206435, &(0x7f00000004c0)={0x81, r3, 0x10000, 0x7}) ioctl$SNDRV_PCM_IOCTL_RESUME(0xffffffffffffffff, 0x4147, 0x0) mount$fuse(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000040)='fuse\x00', 0x0, &(0x7f0000000140)={{'fd', 0x3d, r2}, 0x2c, {'rootmode', 0x3d, 0x807a}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) 03:29:40 executing program 3: r0 = socket$inet(0x2b, 0x1, 0x0) bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e23, @multicast2}, 0x10) connect$inet(r0, &(0x7f0000000100)={0x2, 0x4e23, @local}, 0x10) r1 = dup(r0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) sendmsg$RDMA_NLDEV_CMD_GET_CHARDEV(r3, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x3c, 0x140f, 0x0, 0x70bd28, 0x25dfdbfc, "", [@RDMA_NLDEV_ATTR_PORT_INDEX={0x8}, @RDMA_NLDEV_ATTR_CHARDEV_TYPE={0xb, 0x45, 'smc_ib\x00'}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x2}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8, 0x3, 0x1}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8, 0x3, 0x3}]}, 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x4040) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) 03:29:40 executing program 2: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8d, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000280)={0x38, 0x2, 0x0, 0x0, 0x8}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f00000041c0)=[{{&(0x7f0000000780)=@xdp, 0x80, &(0x7f0000000b40)=[{&(0x7f0000000800)=""/55, 0x37}], 0x1}, 0x405}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) write$P9_RGETLOCK(r2, &(0x7f00000003c0)=ANY=[@ANYBLOB="350000194e621100000000000000000700f0000000000000cabccf258f89fc6da8c395aa018d83e0c6356c5aded74dc7e99c74d427ae85f25c5b80b95c85957da97fba0896741c3b4a18e6f44167ddbe0c0570d3438eccb779ee1311dcdfdf829060face36020a87829ad8dc6794ba8425204fd2014fcb7feb8c886459fe1c0d6e02cda33131a6a09c45c7436506c7f9e71402c4c9f4a71128e7727ee3582fe45a858994ce3dab322c7846ef0af200", @ANYRES32, @ANYBLOB="17007573657ac194ca"], 0x35) sched_setattr(0x0, &(0x7f0000000480)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x363) perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x7e, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000380)}, 0x9000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x4000000000000071, 0x0) r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000340)={0x6, 0x0, 0x0, 0x204f}) ioctl$DRM_IOCTL_AGP_FREE(r2, 0x40206435, &(0x7f00000004c0)={0x81, r5, 0x10000, 0x7}) ioctl$SNDRV_PCM_IOCTL_RESUME(r3, 0x4147, 0x0) mount$fuse(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000040)='fuse\x00', 0x0, &(0x7f0000000140)=ANY=[@ANYBLOB="6670be", @ANYRESHEX=r4, @ANYBLOB=',rootmode=00000000000000000100172,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0, @ANYBLOB=',\x00']) 03:29:40 executing program 1: openat$adsp1(0xffffffffffffff9c, 0x0, 0x0, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r3 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000040)='/dev/sequencer2\x00', 0x101000, 0x0) ioctl$PPPIOCATTACH(r3, 0x4004743d, &(0x7f0000000080)=0x1) r4 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$KVM_SET_IRQCHIP(0xffffffffffffffff, 0x8208ae63, &(0x7f0000000300)={0x2, 0x0, @ioapic={0x0, 0x0, 0x0, 0x7fff}}) 03:29:40 executing program 4: r0 = socket$inet(0x2b, 0x1, 0x0) bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e23, @multicast2}, 0x31) socket$inet_dccp(0x2, 0x6, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) setsockopt$IP6T_SO_SET_REPLACE(0xffffffffffffffff, 0x29, 0x40, &(0x7f0000000140)=@filter={'filter\x00', 0xe, 0x4, 0x3f8, 0xffffffff, 0x0, 0x238, 0x0, 0xffffffff, 0xffffffff, 0x328, 0x328, 0x328, 0xffffffff, 0x4, &(0x7f00000000c0), {[{{@uncond, 0x0, 0x138, 0x168, 0x0, {}, [@common=@srh1={{0x90, 'srh\x00'}, {0xc, 0x9, 0x12, 0x1, 0xefa4, @remote, @loopback, @loopback, [0xffffff00, 0xff, 0xffffff00, 0xffffff00], [0xffffff, 0x0, 0xffffff00, 0xff], [0xff, 0x0, 0xff000000, 0xff], 0x12, 0x338f}}]}, @common=@inet=@SET2={0x30, 'SET\x00', 0x2, {{0x0, 0x6, 0x5}, {0x3, 0x5, 0x2}, 0x1, 0xd5}}}, {{@uncond, 0x0, 0xa8, 0xd0}, @REJECT={0x28, 'REJECT\x00', 0x0, {0x6}}}, {{@uncond, 0x0, 0xa8, 0xf0}, @common=@unspec=@LED={0x48, 'LED\x00', 0x0, {'syz1\x00', 0x0, 0xffffffff, {0x5f8b38f5}}}}], {{[], 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x458) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = socket$inet_udplite(0x2, 0x2, 0x88) connect$inet(r3, &(0x7f0000000100)={0x2, 0x4e20, @local}, 0x10) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = dup(r4) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000080)={'team0\x00'}) [ 811.850003] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 811.858733] 12659 total pagecache pages [ 811.862835] 0 pages in swap cache [ 811.866287] Swap cache stats: add 0, delete 0, find 0/0 [ 811.871751] Free swap = 0kB [ 811.874781] Total swap = 0kB [ 811.877829] 1965979 pages RAM [ 811.880972] 0 pages HighMem/MovableOnly [ 811.885023] 338456 pages reserved [ 811.888513] 0 pages cma reserved 03:29:41 executing program 3: r0 = socket$inet(0x2b, 0x1, 0x0) bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e23, @multicast2}, 0x10) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = socket$nl_route(0x10, 0x3, 0x0) r4 = socket$netlink(0x10, 0x3, 0x0) r5 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r5, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r5, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000005c0)=ANY=[@ANYBLOB="3c0000001000850600"/20, @ANYRES32=r6, @ANYBLOB="01000000000000001c0012000c000100626f6e64"], 0x3c}}, 0x0) sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000140)=@newlink={0x3c, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, r6}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @bond={{0x9, 0x1, 'bond\x00'}, {0xc, 0x2, 0x0, 0x1, [@IFLA_BOND_MIIMON={0x8, 0x3, 0x3}]}}}]}, 0x3c}}, 0x0) ioctl$sock_ipv6_tunnel_SIOCCHGPRL(r2, 0x89f7, &(0x7f0000000000)={'ip6tnl0\x00', &(0x7f0000000080)={'ip6tnl0\x00', r6, 0x2f, 0x3, 0xff, 0x1000, 0x20, @local, @dev={0xfe, 0x80, [], 0xc}, 0x700, 0x700, 0xec6, 0xfffffffe}}) setsockopt$inet_mreqn(r0, 0x0, 0x20, &(0x7f0000000140)={@private=0xa010102, @loopback, r7}, 0xc) connect$inet(r0, &(0x7f0000000100)={0x2, 0x4e23, @local}, 0x10) r8 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r8, 0x8912, 0x400200) 03:29:41 executing program 4: r0 = socket$inet(0x2b, 0x1, 0x0) bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e23, @local}, 0x10) connect$inet(r0, &(0x7f0000000100)={0x2, 0x4e23, @local}, 0x10) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000080)={'team0\x00'}) 03:29:41 executing program 0: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8d, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000280)={0x38, 0x2, 0x0, 0x0, 0x8}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f00000041c0)=[{{&(0x7f0000000780)=@xdp, 0x80, &(0x7f0000000b40)=[{&(0x7f0000000800)=""/55, 0x37}], 0x1}, 0x405}], 0x1, 0x0, 0x0) pipe(0x0) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) vmsplice(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) write$P9_RGETLOCK(0xffffffffffffffff, &(0x7f00000003c0)=ANY=[@ANYBLOB="350000194e621100000000000000000700f0000000000000cabccf258f89fc6da8c395aa018d83e0c6356c5aded74dc7e99c74d427ae85f25c5b80b95c85957da97fba0896741c3b4a18e6f44167ddbe0c0570d3438eccb779ee1311dcdfdf829060face36020a87829ad8dc6794ba8425204fd2014fcb7feb8c886459fe1c0d6e02cda33131a6a09c45c7436506c7f9e71402c4c9f4a71128e7727ee3582fe45a858994ce3dab322c7846ef0af200", @ANYRES32, @ANYBLOB="17007573657ac1"], 0x35) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x363) perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x7e, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000380)}, 0x9000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x4000000000000071, 0x0) r2 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000340)={0x6, 0x0, 0x0, 0x204f}) ioctl$DRM_IOCTL_AGP_FREE(0xffffffffffffffff, 0x40206435, &(0x7f00000004c0)={0x81, r3, 0x10000, 0x7}) ioctl$SNDRV_PCM_IOCTL_RESUME(0xffffffffffffffff, 0x4147, 0x0) mount$fuse(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000040)='fuse\x00', 0x0, &(0x7f0000000140)={{'fd', 0x3d, r2}, 0x2c, {'rootmode', 0x3d, 0x807a}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) 03:29:41 executing program 5: openat$adsp1(0xffffffffffffff9c, &(0x7f0000000180)='/dev/adsp1\x00', 0x0, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$batadv(&(0x7f0000000000)='batadv\x00') sendmsg$BATADV_CMD_GET_MCAST_FLAGS(r3, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f00000002c0)={0x1c, r4, 0x301, 0x0, 0x0, {0xc}, [@BATADV_ATTR_MESH_IFINDEX={0x8}]}, 0x1c}}, 0x0) r5 = socket$nl_route(0x10, 0x3, 0x0) r6 = socket$netlink(0x10, 0x3, 0x0) r7 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r7, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r6, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000005c0)=ANY=[@ANYBLOB="3c0000001000850600"/20, @ANYRES32=r8, @ANYBLOB="01000000128d0c5220384d94a261fd008779000c"], 0x3c}}, 0x0) sendmsg$nl_route(r5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000140)=@newlink={0x3c, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, r8}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @bond={{0x9, 0x1, 'bond\x00'}, {0xc, 0x2, 0x0, 0x1, [@IFLA_BOND_MIIMON={0x8, 0x3, 0x3}]}}}]}, 0x3c}}, 0x0) sendmsg$BATADV_CMD_SET_MESH(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x54, r4, 0x300, 0x70bd26, 0x25dfdbfd, {}, [@BATADV_ATTR_BONDING_ENABLED={0x5, 0x2d, 0x1}, @BATADV_ATTR_FRAGMENTATION_ENABLED={0x5, 0x30, 0x1}, @BATADV_ATTR_BRIDGE_LOOP_AVOIDANCE_ENABLED={0x5, 0x2e, 0x1}, @BATADV_ATTR_GW_MODE={0x5}, @BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r8}, @BATADV_ATTR_DISTRIBUTED_ARP_TABLE_ENABLED={0x5}, @BATADV_ATTR_GW_MODE={0x5}, @BATADV_ATTR_ISOLATION_MASK={0x8, 0x2c, 0x6}]}, 0x54}, 0x1, 0x0, 0x0, 0x1}, 0x20048800) r9 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r9, 0x8912, 0x400200) 03:29:41 executing program 2: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8d, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000280)={0x38, 0x2, 0x0, 0x0, 0x8}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f00000041c0)=[{{&(0x7f0000000780)=@xdp, 0x80, &(0x7f0000000b40)=[{&(0x7f0000000800)=""/55, 0x37}], 0x1}, 0x405}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000), 0x0, 0x0) write$P9_RGETLOCK(r2, &(0x7f00000003c0)=ANY=[@ANYBLOB="350000194e621100000000000000000700f0000000000000cabccfa9743599daa44cd4dee514c342c670258f89fc6da8c395aa018d83e0c6356c5aded74dc7e99c74d427ae85f25c5b80b95c85957da97fba0896741c3b4a18e6f44167ddbe0c0570d3438eccb779ee1311dcdfdf829060face36020a87829ad8dc6794ba8425204fd2014fcb7feb8c886459fe1c0d6e02cda33131a6a09c45c7436506c7f9e714e4", @ANYRES32, @ANYBLOB="17007573657ac194ca"], 0x35) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x363) perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x7e, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000380)}, 0x9000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x4000000000000071, 0x0) r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000340)={0x6, 0x0, 0x0, 0x204f}) ioctl$DRM_IOCTL_AGP_FREE(r2, 0x40206435, &(0x7f00000004c0)={0x81, r5, 0x10000, 0x7}) ioctl$SNDRV_PCM_IOCTL_RESUME(r3, 0x4147, 0x0) mount$fuse(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000040)='fuse\x00', 0x0, &(0x7f0000000140)={{'fd', 0x3d, r4}, 0x2c, {'rootmode', 0x3d, 0x807a}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) [ 812.164579] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.3'. 03:29:41 executing program 0: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8d, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000280)={0x38, 0x2, 0x0, 0x0, 0x8}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f00000041c0)=[{{&(0x7f0000000780)=@xdp, 0x80, &(0x7f0000000b40)=[{&(0x7f0000000800)=""/55, 0x37}], 0x1}, 0x405}], 0x1, 0x0, 0x0) pipe(0x0) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) vmsplice(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) write$P9_RGETLOCK(0xffffffffffffffff, &(0x7f00000003c0)=ANY=[@ANYBLOB="350000194e621100000000000000000700f0000000000000cabccf258f89fc6da8c395aa018d83e0c6356c5aded74dc7e99c74d427ae85f25c5b80b95c85957da97fba0896741c3b4a18e6f44167ddbe0c0570d3438eccb779ee1311dcdfdf829060face36020a87829ad8dc6794ba8425204fd2014fcb7feb8c886459fe1c0d6e02cda33131a6a09c45c7436506c7f9e71402c4c9f4a71128e7727ee3582fe45a858994ce3dab322c7846ef0af200", @ANYRES32, @ANYBLOB="17007573657ac1"], 0x35) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x363) perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x7e, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000380)}, 0x9000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x4000000000000071, 0x0) r2 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000340)={0x6, 0x0, 0x0, 0x204f}) ioctl$DRM_IOCTL_AGP_FREE(0xffffffffffffffff, 0x40206435, &(0x7f00000004c0)={0x81, r3, 0x10000, 0x7}) ioctl$SNDRV_PCM_IOCTL_RESUME(0xffffffffffffffff, 0x4147, 0x0) mount$fuse(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000040)='fuse\x00', 0x0, &(0x7f0000000140)={{'fd', 0x3d, r2}, 0x2c, {'rootmode', 0x3d, 0x807a}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) [ 812.284742] syz-executor.5: page allocation failure: order:0, mode:0x14000c4(GFP_KERNEL|GFP_DMA32), nodemask=(null) [ 812.322051] IPv6: ADDRCONF(NETDEV_UP): bond6: link is not ready [ 812.325848] syz-executor.1: [ 812.334294] syz-executor.5 cpuset= [ 812.335423] page allocation failure: order:0 [ 812.340807] / [ 812.343664] , mode:0x14000c4(GFP_KERNEL|GFP_DMA32), nodemask=(null) [ 812.349572] 8021q: adding VLAN 0 to HW filter on device bond6 [ 812.360290] syz-executor.1 cpuset=/ mems_allowed=0-1 [ 812.365707] mems_allowed=0-1 [ 812.365770] CPU: 1 PID: 7430 Comm: syz-executor.5 Not tainted 4.14.184-syzkaller #0 [ 812.376620] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 812.385991] Call Trace: [ 812.388620] dump_stack+0x1b2/0x283 [ 812.392255] warn_alloc.cold+0x96/0x1af [ 812.396260] ? zone_watermark_ok_safe+0x250/0x250 [ 812.401159] ? wait_for_completion_io+0x10/0x10 [ 812.405845] __alloc_pages_nodemask+0x2129/0x2730 [ 812.410883] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 812.415754] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 812.420789] ? do_raw_spin_unlock+0x164/0x250 [ 812.425295] alloc_pages_current+0xe7/0x1e0 [ 812.429628] kvm_mmu_create+0xd1/0x1c0 [ 812.433535] kvm_arch_vcpu_init+0x282/0x890 [ 812.437876] ? alloc_pages_current+0xef/0x1e0 [ 812.442414] kvm_vcpu_init+0x26d/0x360 [ 812.446320] vmx_create_vcpu+0xf5/0x2950 [ 812.450408] ? __mutex_unlock_slowpath+0x75/0x780 [ 812.455267] ? drop_futex_key_refs.isra.0+0x17/0x80 [ 812.460310] ? alloc_loaded_vmcs+0x240/0x240 [ 812.464736] kvm_vm_ioctl+0x4ae/0x1430 [ 812.468654] ? __lock_acquire+0x655/0x42a0 [ 812.472927] ? kvm_vcpu_release+0xa0/0xa0 [ 812.477093] ? trace_hardirqs_on+0x10/0x10 [ 812.481351] ? trace_hardirqs_on+0x10/0x10 [ 812.485635] ? futex_exit_release+0x60/0x60 [ 812.490109] ? __might_fault+0x104/0x1b0 [ 812.494192] ? lock_acquire+0x170/0x3f0 [ 812.498184] ? kvm_vcpu_release+0xa0/0xa0 [ 812.502339] do_vfs_ioctl+0x75a/0xfe0 [ 812.506151] ? selinux_parse_skb.constprop.0+0x16c0/0x16c0 [ 812.511791] ? ioctl_preallocate+0x1a0/0x1a0 [ 812.516228] ? security_file_ioctl+0x76/0xb0 [ 812.520654] ? security_file_ioctl+0x83/0xb0 [ 812.525099] SyS_ioctl+0x7f/0xb0 [ 812.528498] ? do_vfs_ioctl+0xfe0/0xfe0 [ 812.532488] do_syscall_64+0x1d5/0x640 [ 812.536385] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 812.542538] RIP: 0033:0x45cba9 [ 812.545733] RSP: 002b:00007ffa78a6ac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 812.553457] RAX: ffffffffffffffda RBX: 00000000004e85c0 RCX: 000000000045cba9 [ 812.560742] RDX: 0000000000000000 RSI: 000000000000ae41 RDI: 0000000000000005 [ 812.568022] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 812.575310] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 812.582609] R13: 00000000000003a3 R14: 00000000004c652f R15: 00007ffa78a6b6d4 [ 812.590052] CPU: 0 PID: 7378 Comm: syz-executor.1 Not tainted 4.14.184-syzkaller #0 [ 812.597891] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 812.607263] Call Trace: [ 812.607285] dump_stack+0x1b2/0x283 [ 812.607300] warn_alloc.cold+0x96/0x1af [ 812.607312] ? zone_watermark_ok_safe+0x250/0x250 [ 812.607331] ? wait_for_completion_io+0x10/0x10 [ 812.607347] __alloc_pages_nodemask+0x2129/0x2730 [ 812.607374] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 812.607386] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 812.607410] ? do_raw_spin_unlock+0x164/0x250 [ 812.646069] alloc_pages_current+0xe7/0x1e0 [ 812.650619] kvm_mmu_create+0xd1/0x1c0 [ 812.654527] kvm_arch_vcpu_init+0x282/0x890 [ 812.658879] ? alloc_pages_current+0xef/0x1e0 [ 812.663386] kvm_vcpu_init+0x26d/0x360 [ 812.667291] vmx_create_vcpu+0xf5/0x2950 [ 812.671376] ? __mutex_unlock_slowpath+0x75/0x780 [ 812.676234] ? drop_futex_key_refs.isra.0+0x17/0x80 [ 812.681272] ? alloc_loaded_vmcs+0x240/0x240 [ 812.685698] kvm_vm_ioctl+0x4ae/0x1430 [ 812.689598] ? __lock_acquire+0x655/0x42a0 [ 812.693857] ? kvm_vcpu_release+0xa0/0xa0 [ 812.698031] ? trace_hardirqs_on+0x10/0x10 [ 812.702282] ? trace_hardirqs_on+0x10/0x10 [ 812.706535] ? futex_exit_release+0x60/0x60 [ 812.710880] ? __might_fault+0x104/0x1b0 [ 812.714961] ? lock_acquire+0x170/0x3f0 [ 812.718956] ? kvm_vcpu_release+0xa0/0xa0 [ 812.723117] do_vfs_ioctl+0x75a/0xfe0 [ 812.726967] ? selinux_parse_skb.constprop.0+0x16c0/0x16c0 [ 812.732725] ? ioctl_preallocate+0x1a0/0x1a0 [ 812.737172] ? security_file_ioctl+0x76/0xb0 [ 812.741856] ? security_file_ioctl+0x83/0xb0 [ 812.746274] SyS_ioctl+0x7f/0xb0 [ 812.749769] ? do_vfs_ioctl+0xfe0/0xfe0 [ 812.753755] do_syscall_64+0x1d5/0x640 [ 812.757656] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 812.762843] RIP: 0033:0x45cba9 [ 812.764557] Mem-Info: [ 812.766023] RSP: 002b:00007f4b1ca47c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 812.766041] RAX: ffffffffffffffda RBX: 00000000004e85c0 RCX: 000000000045cba9 [ 812.766047] RDX: 0000000000000000 RSI: 000000000000ae41 RDI: 0000000000000004 [ 812.766052] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 812.766061] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 812.768674] active_anon:1055498 inactive_anon:4038 isolated_anon:0 [ 812.768674] active_file:3918 inactive_file:7661 isolated_file:0 [ 812.768674] unevictable:0 dirty:20 writeback:0 unstable:0 [ 812.768674] slab_reclaimable:16103 slab_unreclaimable:137153 [ 812.768674] mapped:58186 shmem:4200 pagetables:31216 bounce:0 03:29:41 executing program 1: openat$adsp1(0xffffffffffffff9c, 0x0, 0x0, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r3 = dup(r2) ioctl$EXT4_IOC_SWAP_BOOT(r3, 0x6611) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ioctl$KVM_SET_IRQCHIP(0xffffffffffffffff, 0x8208ae63, &(0x7f0000000300)={0x2, 0x0, @ioapic={0x0, 0x0, 0x0, 0x7fff}}) 03:29:41 executing program 2: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8d, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000280)={0x38, 0x2, 0x0, 0x0, 0x8}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f00000041c0)=[{{&(0x7f0000000780)=@xdp, 0x80, &(0x7f0000000b40)=[{&(0x7f0000000800)=""/55, 0x37}], 0x1}, 0x405}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) write$P9_RGETLOCK(r2, &(0x7f00000003c0)=ANY=[@ANYBLOB="350000194e621100000000000000000700f0000000000000cabccf258f89fc6da8c395aa018d83e0c6356c5aded74dc7e99c74d427ae85f25c5b80b95c85957da97fba0896741c3b4a18e6f44167ddbe0c0570d3438e6ff7de0dfac1b92edf829060face36020a87829ad8dc6794ba8425204fd2014fcb7feb8c8864cb2f35fe5d12ca9772f690c39d7c373359fe1c0d6e02cda3000800009c45c7436506c7f9e71402c4c9f4a71128e7727ee3582f", @ANYRES32, @ANYBLOB="17007573657ac194ca"], 0x35) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x363) perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x7e, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000380)}, 0x9000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x4000000000000071, 0x0) r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000340)={0x6, 0x0, 0x0, 0x204f}) ioctl$DRM_IOCTL_AGP_FREE(r2, 0x40206435, &(0x7f00000004c0)={0x81, r5, 0x10000, 0x7}) ioctl$SNDRV_PCM_IOCTL_RESUME(r3, 0x4147, 0x0) mount$fuse(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000040)='fuse\x00', 0x0, &(0x7f0000000140)={{'fd', 0x3d, r4}, 0x2c, {'rootmode', 0x3d, 0x807a}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) 03:29:41 executing program 0: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8d, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000280)={0x38, 0x2, 0x0, 0x0, 0x8}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f00000041c0)=[{{&(0x7f0000000780)=@xdp, 0x80, &(0x7f0000000b40)=[{&(0x7f0000000800)=""/55, 0x37}], 0x1}, 0x405}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) write$P9_RGETLOCK(r2, &(0x7f00000003c0)=ANY=[@ANYBLOB="350000194e621100000000000000000700f0000000000000cabccf258f89fc6da8c395aa018d83e0c6356c5aded74dc7e99c74d427ae85f25c5b80b95c85957da97fba0896741c3b4a18e6f44167ddbe0c0570d3438eccb779ee1311dcdfdf829060face36020a87829ad8dc6794ba8425204fd2014fcb7feb8c886459fe1c0d6e02cda33131a6a09c45c7436506c7f9e71402c4c9f4a71128e7727ee3582fe45a858994ce3dab322c7846ef0af200", @ANYRES32, @ANYBLOB="17007573657ac1"], 0x35) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x363) perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x7e, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000380)}, 0x9000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x4000000000000071, 0x0) r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000340)={0x6, 0x0, 0x0, 0x204f}) ioctl$DRM_IOCTL_AGP_FREE(r2, 0x40206435, &(0x7f00000004c0)={0x81, r5, 0x10000, 0x7}) ioctl$SNDRV_PCM_IOCTL_RESUME(r3, 0x4147, 0x0) mount$fuse(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000040)='fuse\x00', 0x0, &(0x7f0000000140)={{'fd', 0x3d, r4}, 0x2c, {'rootmode', 0x3d, 0x807a}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) [ 812.768674] free:255471 free_pcp:364 free_cma:0 [ 812.776173] R13: 00000000000003a3 R14: 00000000004c652f R15: 00007f4b1ca486d4 [ 812.831338] netlink: 28 bytes leftover after parsing attributes in process `syz-executor.5'. [ 812.939602] Node 0 active_anon:1914300kB inactive_anon:16128kB active_file:28kB inactive_file:4kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:214056kB dirty:8kB writeback:0kB shmem:16772kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 1445888kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 812.979197] Node 1 active_anon:2308492kB inactive_anon:24kB active_file:15644kB inactive_file:30640kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:19588kB dirty:172kB writeback:0kB shmem:28kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no 03:29:42 executing program 2: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8d, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000280)={0x38, 0x2, 0x0, 0x0, 0x8}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f00000041c0)=[{{&(0x7f0000000780)=@xdp, 0x80, &(0x7f0000000b40)=[{&(0x7f0000000800)=""/55, 0x37}], 0x1}, 0x405}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) write$P9_RGETLOCK(r2, &(0x7f0000000500)=ANY=[@ANYBLOB="350000194e621100000000000000000700f0000000000000cabccf258f89fc6da8c395aa018d83e0c6356c5aded74dc7e99c74d427ae85f25c5b80b95c85957da97fba0896741c3b4a18e6f44167ddbe0c0570d3438eccb779ee1311dcdfdf829060face36020a87829ad8dc6794ba8425204fd2014fcb7feb8c88b21ab8182c9b35bac7d5dba2158bd9fe6459fe1c0d6e02cda33131a6a09c45c7436506c7f9e71402c4c9f4a71128e7727ee3582fe45a858994ce3dab322c7846ef0af200", @ANYRES32, @ANYBLOB="17007573657ac194ca"], 0x35) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x363) perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x7e, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000380)}, 0x9000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x4000000000000071, 0x0) r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000340)={0x6, 0x0, 0x0, 0x204f}) ioctl$DRM_IOCTL_AGP_FREE(r2, 0x40206435, &(0x7f00000004c0)={0x81, r5, 0x10000, 0x7}) ioctl$SNDRV_PCM_IOCTL_RESUME(r3, 0x4147, 0x0) mount$fuse(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000040)='fuse\x00', 0x0, &(0x7f0000000140)={{'fd', 0x3d, r4}, 0x2c, {'rootmode', 0x3d, 0x807a}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) 03:29:42 executing program 4: r0 = socket$inet(0x2b, 0x3, 0x9) bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e23, @multicast2}, 0x31) connect$inet(r0, &(0x7f0000000100)={0x2, 0x4e23, @local}, 0x10) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000080)={'team0\x00'}) 03:29:42 executing program 0: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8d, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000280)={0x38, 0x2, 0x0, 0x0, 0x8}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f00000041c0)=[{{&(0x7f0000000780)=@xdp, 0x80, &(0x7f0000000b40)=[{&(0x7f0000000800)=""/55, 0x37}], 0x1}, 0x405}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) write$P9_RGETLOCK(r2, &(0x7f00000003c0)=ANY=[@ANYBLOB="350000194e621100000000000000000700f0000000000000cabccf258f89fc6da8c395aa018d83e0c6356c5aded74dc7e99c74d427ae85f25c5b80b95c85957da97fba0896741c3b4a18e6f44167ddbe0c0570d3438eccb779ee1311dcdfdf829060face36020a87829ad8dc6794ba8425204fd2014fcb7feb8c886459fe1c0d6e02cda33131a6a09c45c7436506c7f9e71402c4c9f4a71128e7727ee3582fe45a858994ce3dab322c7846ef0af200", @ANYRES32, @ANYBLOB="17007573657ac1"], 0x35) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x363) perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x7e, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000380)}, 0x9000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x4000000000000071, 0x0) r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000340)={0x6, 0x0, 0x0, 0x204f}) ioctl$DRM_IOCTL_AGP_FREE(r2, 0x40206435, &(0x7f00000004c0)={0x81, r5, 0x10000, 0x7}) ioctl$SNDRV_PCM_IOCTL_RESUME(r3, 0x4147, 0x0) mount$fuse(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000040)='fuse\x00', 0x0, &(0x7f0000000140)={{'fd', 0x3d, r4}, 0x2c, {'rootmode', 0x3d, 0x807a}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) [ 813.285803] Node 0 DMA free:10408kB min:220kB low:272kB high:324kB active_anon:4344kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:4kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB 03:29:42 executing program 3: r0 = socket$inet(0x2b, 0x1, 0x0) bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e23, @multicast2}, 0x31) connect$inet(r0, &(0x7f0000000100)={0x2, 0x4e23, @local}, 0x10) r1 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vcsa\x00', 0xc0000, 0x0) ioctl$sock_inet_sctp_SIOCINQ(r1, 0x541b, &(0x7f0000000080)) r2 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) [ 813.348688] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.3'. [ 813.367930] lowmem_reserve[]: 0 2559 2559 2559 2559 [ 813.385728] Node 0 DMA32 free:35832kB min:36296kB low:45368kB high:54440kB active_anon:1909956kB inactive_anon:16128kB active_file:16kB inactive_file:4kB unevictable:0kB writepending:8kB present:3129332kB managed:2623992kB mlocked:0kB kernel_stack:12512kB pagetables:45736kB bounce:0kB free_pcp:668kB local_pcp:372kB free_cma:0kB 03:29:42 executing program 4: r0 = socket$inet(0x2b, 0x1, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) ioctl$VIDIOC_S_SELECTION(r2, 0xc040565f, &(0x7f00000000c0)={0x1, 0x100, 0x7, {0x6, 0x1ff, 0x6134, 0x2}}) bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e23, @multicast2}, 0x31) connect$inet(r0, &(0x7f0000000100)={0x2, 0x4e23, @local}, 0x10) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) setsockopt$inet6_group_source_req(r4, 0x29, 0x2e, &(0x7f0000000140)={0x0, {{0xa, 0x4e24, 0x4, @private2={0xfc, 0x2, [], 0x1}, 0xa086}}, {{0xa, 0x4e23, 0x80000001, @loopback, 0x1f}}}, 0x108) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r6 = dup(r5) ioctl$PERF_EVENT_IOC_ENABLE(r6, 0x8912, 0x400200) ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000080)={'team0\x00'}) 03:29:42 executing program 2: r0 = getpid() sched_setattr(r0, &(0x7f0000000280)={0x38, 0x2, 0x0, 0x0, 0x8, 0x0, 0x80000000}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f00000041c0)=[{{&(0x7f0000000780)=@xdp, 0x80, &(0x7f0000000b40)=[{&(0x7f0000000800)=""/55, 0x37}], 0x1}, 0x405}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) write$P9_RGETLOCK(r2, &(0x7f00000003c0)=ANY=[@ANYBLOB="350000194e621100000000000000000700f0000000000000cabccf258f89fc6da8c395aa018d83e0c6356c5aded74dc7e99c74d427ae85f25c5b80b95c85957da97fba0896741c3b4a18e6f44167ddbe0c0570d3438eccb779ee1311dcdfdf829060face36020a87829ad8dc6794ba8425204fd2014fcb7feb8c886459fe1c0d6e02cda33131a6a09c45c7436506c7f9e71402c4c9f4a71128e7727ee3582fe45a858994ce3dab322c7846ef0af200", @ANYRES32, @ANYBLOB="17007573657ac194ca"], 0x35) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x363) perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x7e, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000380)}, 0x9000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x4000000000000071, 0x0) r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000340)={0x6, 0x0, 0x0, 0x204f}) ioctl$DRM_IOCTL_AGP_FREE(r2, 0x40206435, &(0x7f00000004c0)={0x81, r5, 0x10000, 0x7}) ioctl$SNDRV_PCM_IOCTL_RESUME(r3, 0x4147, 0x0) mount$fuse(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000040)='fuse\x00', 0x0, &(0x7f0000000140)={{'fd', 0x3d, r4}, 0x2c, {'rootmode', 0x3d, 0x807a}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) [ 813.607973] lowmem_reserve[]: 0 0 0 0 0 [ 813.629456] Node 0 Normal free:0kB min:0kB low:0kB high:0kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:0kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 813.660747] syz-executor.1: page allocation failure: order:0, mode:0x14000c4(GFP_KERNEL|GFP_DMA32), nodemask=(null) [ 813.690941] syz-executor.1 cpuset=/ mems_allowed=0-1 [ 813.699682] CPU: 1 PID: 7492 Comm: syz-executor.1 Not tainted 4.14.184-syzkaller #0 [ 813.707524] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 813.717124] Call Trace: [ 813.719730] dump_stack+0x1b2/0x283 [ 813.723404] warn_alloc.cold+0x96/0x1af [ 813.727408] ? zone_watermark_ok_safe+0x250/0x250 [ 813.732406] ? wait_for_completion_io+0x10/0x10 [ 813.737107] __alloc_pages_nodemask+0x2129/0x2730 [ 813.741996] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 813.746863] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 813.751751] ? do_raw_spin_unlock+0x164/0x250 [ 813.756280] alloc_pages_current+0xe7/0x1e0 [ 813.760636] kvm_mmu_create+0xd1/0x1c0 [ 813.764555] kvm_arch_vcpu_init+0x282/0x890 [ 813.768898] ? alloc_pages_current+0xef/0x1e0 [ 813.773413] kvm_vcpu_init+0x26d/0x360 [ 813.777325] vmx_create_vcpu+0xf5/0x2950 [ 813.781406] ? __mutex_unlock_slowpath+0x75/0x780 [ 813.786263] ? drop_futex_key_refs.isra.0+0x17/0x80 [ 813.791307] ? alloc_loaded_vmcs+0x240/0x240 [ 813.795751] kvm_vm_ioctl+0x4ae/0x1430 [ 813.799663] ? __lock_acquire+0x655/0x42a0 [ 813.803921] ? kvm_vcpu_release+0xa0/0xa0 [ 813.808093] ? trace_hardirqs_on+0x10/0x10 [ 813.812354] ? trace_hardirqs_on+0x10/0x10 [ 813.816613] ? futex_exit_release+0x60/0x60 [ 813.820957] ? __might_fault+0x104/0x1b0 [ 813.825043] ? lock_acquire+0x170/0x3f0 [ 813.829032] ? kvm_vcpu_release+0xa0/0xa0 [ 813.833205] do_vfs_ioctl+0x75a/0xfe0 [ 813.837033] ? selinux_parse_skb.constprop.0+0x16c0/0x16c0 [ 813.842684] ? ioctl_preallocate+0x1a0/0x1a0 [ 813.847147] ? security_file_ioctl+0x76/0xb0 [ 813.851593] ? security_file_ioctl+0x83/0xb0 [ 813.856027] SyS_ioctl+0x7f/0xb0 [ 813.859415] ? do_vfs_ioctl+0xfe0/0xfe0 [ 813.863432] do_syscall_64+0x1d5/0x640 [ 813.867349] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 813.872557] RIP: 0033:0x45cba9 [ 813.875759] RSP: 002b:00007f4b1ca47c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 813.883487] RAX: ffffffffffffffda RBX: 00000000004e85c0 RCX: 000000000045cba9 [ 813.890777] RDX: 0000000000000000 RSI: 000000000000ae41 RDI: 0000000000000004 [ 813.898066] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 813.905400] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 813.912691] R13: 00000000000003a3 R14: 00000000004c652f R15: 00007f4b1ca486d4 [ 813.927983] lowmem_reserve[]: 0 0 0 0 0 [ 813.932902] Node 1 Normal free:969708kB min:53592kB low:66988kB high:80384kB active_anon:2312264kB inactive_anon:24kB active_file:15652kB inactive_file:30672kB unevictable:0kB writepending:368kB present:3932160kB managed:3870192kB mlocked:0kB kernel_stack:32832kB pagetables:79592kB bounce:0kB free_pcp:792kB local_pcp:680kB free_cma:0kB [ 813.963877] lowmem_reserve[]: 0 0 0 0 0 [ 813.968422] Node 0 DMA: 4*4kB (M) 7*8kB (UM) 4*16kB (UM) 5*32kB (UM) 2*64kB (UM) 2*128kB (UM) 0*256kB 1*512kB (M) 1*1024kB (M) 0*2048kB 2*4096kB (ME) = 10408kB [ 814.027404] Node 0 DMA32: 408*4kB (ME) 431*8kB (UME) 91*16kB (UME) 25*32kB (UME) 56*64kB (ME) 38*128kB (UME) 26*256kB (UME) 13*512kB (UM) 7*1024kB (ME) 0*2048kB 0*4096kB = 36264kB [ 814.081284] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 814.101485] Node 1 Normal: 144*4kB (UME) 278*8kB (UME) 8*16kB (UME) 16*32kB (UME) 55*64kB (UME) 54*128kB (UME) 18*256kB (UM) 18*512kB (UM) 9*1024kB (UE) 6*2048kB (UME) 225*4096kB (M) = 970800kB [ 814.119381] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 814.128546] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 814.137284] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 814.146316] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 814.155659] 12675 total pagecache pages [ 814.159657] 0 pages in swap cache [ 814.164253] Swap cache stats: add 0, delete 0, find 0/0 [ 814.169643] Free swap = 0kB [ 814.174294] Total swap = 0kB [ 814.177607] 1965979 pages RAM [ 814.180979] 0 pages HighMem/MovableOnly [ 814.187026] 338456 pages reserved [ 814.190850] 0 pages cma reserved [ 814.213626] warn_alloc_show_mem: 1 callbacks suppressed [ 814.213631] Mem-Info: [ 814.225896] active_anon:1056467 inactive_anon:4040 isolated_anon:0 03:29:43 executing program 5: openat$adsp1(0xffffffffffffff9c, &(0x7f0000000180)='/dev/adsp1\x00', 0x0, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$SIOCX25GCALLUSERDATA(r4, 0x89e4, &(0x7f00000001c0)={0x2c, "bf143c51123134c0b38b2654433230bf9b9e212f109e973b8abfeec5d081cf02d2bfa5ad8d4e1cfc71fa3617a900fbe5a66c14436b3611a22f478c69a4acd7c15fd4ee66661fdfe5b7af388981472eb960f56c7ed60dca328e20b728cb6de2f6c48235c1039082f7ab2c37653753840b65ffd3fa9860d3f037c91b67dbf7ce30"}) r5 = dup(r2) ioctl$VIDIOC_S_EXT_CTRLS(0xffffffffffffffff, 0xc0205648, &(0x7f00000000c0)={0xf000000, 0xfffff001, 0x3, r2, 0x0, &(0x7f0000000080)={0x9909d0, 0x100, [], @string=&(0x7f0000000040)=0x80}}) ioctl$SNDCTL_DSP_SETFRAGMENT(r6, 0xc004500a, &(0x7f0000000100)=0xffc00000) lsetxattr$trusted_overlay_origin(&(0x7f0000000140)='./file1\x00', &(0x7f0000000280)='trusted.overlay.origin\x00', &(0x7f00000002c0)='y\x00', 0x60, 0x1) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) 03:29:43 executing program 3: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ioctl$SNDRV_TIMER_IOCTL_TREAD(r1, 0x40045402, &(0x7f0000000140)) r2 = socket$inet(0x2b, 0x1, 0x0) bind$inet(r2, &(0x7f0000000000)={0x2, 0x4e23, @multicast2}, 0x31) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r6 = dup(r5) ioctl$PERF_EVENT_IOC_ENABLE(r6, 0x8912, 0x400200) ioctl$sock_inet_SIOCADDRT(r6, 0x890b, &(0x7f0000000080)={0x0, {0x2, 0x4e21, @remote}, {0x2, 0x4e20, @broadcast}, {0x2, 0x4e21, @broadcast}, 0x200, 0x0, 0x0, 0x0, 0x80, &(0x7f0000000040)='veth0_virt_wifi\x00', 0x7fff, 0x2d7, 0x7}) connect$inet(r2, &(0x7f0000000100)={0x2, 0x4e23, @local}, 0x10) r7 = dup(r2) openat$md(0xffffffffffffff9c, &(0x7f0000000180)='/dev/md0\x00', 0x602, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r7, 0x8912, 0x400200) 03:29:43 executing program 0: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8d, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000280)={0x38, 0x2, 0x0, 0x0, 0x8}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f00000041c0)=[{{&(0x7f0000000780)=@xdp, 0x80, &(0x7f0000000b40)=[{&(0x7f0000000800)=""/55, 0x37}], 0x1}, 0x405}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) write$P9_RGETLOCK(r2, &(0x7f00000003c0)=ANY=[@ANYBLOB="350000194e621100000000000000000700f0000000000000cabccf258f89fc6da8c395aa018d83e0c6356c5aded74dc7e99c74d427ae85f25c5b80b95c85957da97fba0896741c3b4a18e6f44167ddbe0c0570d3438eccb779ee1311dcdfdf829060face36020a87829ad8dc6794ba8425204fd2014fcb7feb8c886459fe1c0d6e02cda33131a6a09c45c7436506c7f9e71402c4c9f4a71128e7727ee3582fe45a858994ce3dab322c7846ef0af200", @ANYRES32, @ANYBLOB="17007573657ac1"], 0x35) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x363) perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x7e, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000380)}, 0x9000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x4000000000000071, 0x0) r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000340)={0x6, 0x0, 0x0, 0x204f}) ioctl$DRM_IOCTL_AGP_FREE(r2, 0x40206435, &(0x7f00000004c0)={0x81, r5, 0x10000, 0x7}) ioctl$SNDRV_PCM_IOCTL_RESUME(r3, 0x4147, 0x0) mount$fuse(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000040)='fuse\x00', 0x0, &(0x7f0000000140)={{'fd', 0x3d, r4}, 0x2c, {'rootmode', 0x3d, 0x807a}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) [ 814.225896] active_file:3918 inactive_file:7673 isolated_file:3 [ 814.225896] unevictable:0 dirty:27 writeback:0 unstable:0 [ 814.225896] slab_reclaimable:16020 slab_unreclaimable:137005 [ 814.225896] mapped:58202 shmem:4201 pagetables:31243 bounce:0 [ 814.225896] free:254988 free_pcp:386 free_cma:0 [ 814.311554] Node 0 active_anon:1914300kB inactive_anon:16128kB active_file:16kB inactive_file:4kB unevictable:0kB isolated(anon):0kB isolated(file):12kB mapped:214116kB dirty:8kB writeback:0kB shmem:16772kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 1445888kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 814.358530] Node 1 active_anon:2311868kB inactive_anon:32kB active_file:15656kB inactive_file:30688kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:18692kB dirty:100kB writeback:0kB shmem:32kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 814.392620] Node 0 DMA free:10408kB min:220kB low:272kB high:324kB active_anon:4344kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:4kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 814.424655] lowmem_reserve[]: 0 2559 2559 2559 2559 [ 814.429748] Node 0 DMA32 free:36264kB min:36296kB low:45368kB high:54440kB active_anon:1909956kB inactive_anon:16128kB active_file:16kB inactive_file:4kB unevictable:0kB writepending:8kB present:3129332kB managed:2623992kB mlocked:0kB kernel_stack:12512kB pagetables:45736kB bounce:0kB free_pcp:332kB local_pcp:144kB free_cma:0kB [ 814.468003] lowmem_reserve[]: 0 0 0 0 0 [ 814.472369] Node 0 Normal free:0kB min:0kB low:0kB high:0kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:0kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 814.554144] lowmem_reserve[]: 0 0 0 0 0 [ 814.577524] Node 1 Normal free:972660kB min:53592kB low:66988kB high:80384kB active_anon:2311868kB inactive_anon:32kB active_file:15656kB inactive_file:30688kB unevictable:0kB writepending:204kB present:3932160kB managed:3870192kB mlocked:0kB kernel_stack:32384kB pagetables:79232kB bounce:0kB free_pcp:1152kB local_pcp:520kB free_cma:0kB [ 814.584430] syz-executor.5: page allocation failure: order:0, mode:0x14000c4(GFP_KERNEL|GFP_DMA32), nodemask=(null) [ 814.623512] syz-executor.5 cpuset=/ mems_allowed=0-1 [ 814.629066] CPU: 0 PID: 7612 Comm: syz-executor.5 Not tainted 4.14.184-syzkaller #0 [ 814.636905] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 814.646279] Call Trace: [ 814.648882] dump_stack+0x1b2/0x283 [ 814.652527] warn_alloc.cold+0x96/0x1af [ 814.656527] ? zone_watermark_ok_safe+0x250/0x250 [ 814.661257] lowmem_reserve[]: 0 0 [ 814.661504] ? wait_for_completion_io+0x10/0x10 [ 814.661522] __alloc_pages_nodemask+0x2129/0x2730 [ 814.669724] 0 [ 814.674514] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 814.674526] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 814.674550] ? do_raw_spin_unlock+0x164/0x250 [ 814.674565] alloc_pages_current+0xe7/0x1e0 [ 814.674579] kvm_mmu_create+0xd1/0x1c0 [ 814.674591] kvm_arch_vcpu_init+0x282/0x890 [ 814.674601] ? alloc_pages_current+0xef/0x1e0 [ 814.674613] kvm_vcpu_init+0x26d/0x360 [ 814.674626] vmx_create_vcpu+0xf5/0x2950 [ 814.674641] ? __mutex_unlock_slowpath+0x75/0x780 [ 814.674655] ? drop_futex_key_refs.isra.0+0x17/0x80 [ 814.692760] 0 [ 814.694984] ? alloc_loaded_vmcs+0x240/0x240 [ 814.695005] kvm_vm_ioctl+0x4ae/0x1430 [ 814.699180] 0 [ 814.703244] ? __lock_acquire+0x655/0x42a0 [ 814.703259] ? kvm_vcpu_release+0xa0/0xa0 [ 814.703270] ? trace_hardirqs_on+0x10/0x10 [ 814.703283] ? trace_hardirqs_on+0x10/0x10 [ 814.703294] ? futex_exit_release+0x60/0x60 [ 814.703307] ? __might_fault+0x104/0x1b0 [ 814.703318] ? lock_acquire+0x170/0x3f0 [ 814.703327] ? kvm_vcpu_release+0xa0/0xa0 [ 814.703337] do_vfs_ioctl+0x75a/0xfe0 [ 814.703351] ? selinux_parse_skb.constprop.0+0x16c0/0x16c0 [ 814.703360] ? ioctl_preallocate+0x1a0/0x1a0 [ 814.703380] ? security_file_ioctl+0x76/0xb0 [ 814.703388] ? security_file_ioctl+0x83/0xb0 [ 814.703397] SyS_ioctl+0x7f/0xb0 [ 814.703404] ? do_vfs_ioctl+0xfe0/0xfe0 [ 814.703416] do_syscall_64+0x1d5/0x640 [ 814.703444] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 814.716057] RIP: 0033:0x45cba9 [ 814.716063] RSP: 002b:00007ffa78a6ac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 814.727257] Node 0 [ 814.727774] RAX: ffffffffffffffda RBX: 00000000004e85c0 RCX: 000000000045cba9 [ 814.727781] RDX: 0000000000000000 RSI: 000000000000ae41 RDI: 0000000000000005 [ 814.727786] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 814.727796] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 814.735359] DMA: [ 814.736090] R13: 00000000000003a3 R14: 00000000004c652f R15: 00007ffa78a6b6d4 [ 814.863374] 4*4kB (M) 7*8kB (UM) 4*16kB (UM) 5*32kB (UM) 2*64kB (UM) 2*128kB (UM) 0*256kB 1*512kB (M) 1*1024kB (M) 0*2048kB 2*4096kB (ME) = 10408kB [ 814.878706] Node 0 DMA32: 408*4kB (ME) 430*8kB (UME) 91*16kB (UME) 25*32kB (UME) 56*64kB (ME) 38*128kB (UME) 26*256kB (UME) 13*512kB (UM) 7*1024kB (ME) 0*2048kB 0*4096kB = 36256kB [ 814.895132] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 814.906164] Node 1 Normal: 264*4kB (UME) 540*8kB (UME) 99*16kB (UME) 26*32kB (UME) 50*64kB (UME) 46*128kB (UME) 18*256kB (UM) 18*512kB (UM) 9*1024kB (UE) 6*2048kB (UME) 225*4096kB (M) = 973808kB [ 814.923934] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 814.933036] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 814.941860] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 814.950768] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 814.959475] 12682 total pagecache pages [ 814.963705] 0 pages in swap cache [ 814.967204] Swap cache stats: add 0, delete 0, find 0/0 [ 814.972686] Free swap = 0kB [ 814.975703] Total swap = 0kB 03:29:44 executing program 3: r0 = socket$inet(0x2b, 0x1, 0x0) bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e23, @broadcast}, 0x10) connect$inet(r0, &(0x7f0000000100)={0x2, 0x4e23, @local}, 0x10) r1 = dup(r0) r2 = socket$nl_route(0x10, 0x3, 0x0) r3 = socket$netlink(0x10, 0x3, 0x0) r4 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) r6 = dup(0xffffffffffffffff) ioctl$PERF_EVENT_IOC_ENABLE(r6, 0x8912, 0x400200) sendto$inet(r6, &(0x7f00000002c0)="f7f20778528cb6cad40ae4d1b9b915882e5ec67c29ca682edac299ea7c770d404605c55a8d7107eb6dcf9970a54960822eaed95f319e8152fabce335f1ab3a85ab26e16bb83a689e1b9ed52ef87a7be6f0757a1d93fbd10fb2a8210e737951854e694bbab8166481a89a2362d7d9c622e8f0e047721289582bdd37488f60e49baf8d7d17a8826870c27cc206bac94d9b38a9689eb8b3", 0x96, 0x40005, &(0x7f00000000c0)={0x2, 0x4e23, @empty}, 0x10) sendmsg$nl_route(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYBLOB="3c0000001000850600"/20, @ANYRES32=r5, @ANYBLOB="01000000bbc86faa449da399ddb14bbbdf0000c895f4060192537100f31c001200"], 0x3c}}, 0x0) sendmsg$nl_route(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000140)=@newlink={0x3c, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, r5}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @bond={{0x9, 0x1, 'bond\x00'}, {0xc, 0x2, 0x0, 0x1, [@IFLA_BOND_MIIMON={0x8, 0x3, 0x3}]}}}]}, 0x3c}}, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r8 = dup(r7) ioctl$PERF_EVENT_IOC_ENABLE(r8, 0x8912, 0x400200) ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_POOL(r8, 0x4058534c, &(0x7f0000000240)={0x4, 0x3ff, 0x81, 0x80000001, 0x0, 0xd87}) setsockopt$inet_pktinfo(r0, 0x0, 0x8, &(0x7f0000000040)={r5, @broadcast, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0xc) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) 03:29:44 executing program 2: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8d, 0x400000008d}, 0x0) sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x2, 0x0, 0x0, 0x8}, 0x0) r0 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r0, &(0x7f00000041c0)=[{{&(0x7f0000000780)=@xdp, 0x80, &(0x7f0000000b40)=[{&(0x7f0000000800)=""/45, 0x2d}], 0x1}, 0x405}], 0x1, 0x10000, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000400)="4b9ca9806e405852ffaa7b6a36cea5a0699766266f84e52627ccdc5dee68b7371f320a5e2ac5d33ede9a551aaf578f9be2e2d47f4316a9aca6f53236c907201b6da87e1e5d88a078fb89d1f657afa79fc08b1b9db3697f00000000000000e6b909c79ac878c2f786cffef74c0b3b419131d33a57dae2aa93341a606adddc6da7ff2fac43d482969e0ad089c6c65769", 0x8f) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) write$P9_RGETLOCK(r1, &(0x7f0000000500)=ANY=[@ANYBLOB="350000194e62110000000000000000070000000000000000cabccf258f89fc6da8c395aa018d83e0c6356c5aded74dc7e99c74d427ae85f25c5b80b95c85957ca97fba0896741c3b4a18e6f44167ddbe0c0570d3438eccb779ee1311dcdfdf829060face36020a87829ad8dc6794ba8425204fd2014fcb7feb8c886459fe1c0d6e02cda33131a6a09c45c7436506c7f9e71402c4c9f4a71128e7727ee3582fe45a858994ce3dab322c7846ef0af200ad3c7260e937b3bcb745abaed0aba0c701a33884edb90e61f016a0333081d3e66669e233c323fcbe789d9d", @ANYRES32, @ANYBLOB="17007573657ac194ca"], 0x35) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x363) perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x7e, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f00000003c0)}, 0x9000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x4000000000000071, 0x0) r3 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000340)={0x6, 0x0, 0x0, 0x204f}) ioctl$DRM_IOCTL_AGP_FREE(r1, 0x40206435, &(0x7f00000004c0)={0xffffffff, r4, 0x1, 0x9}) ioctl$SNDRV_PCM_IOCTL_RESUME(r2, 0x4147, 0x0) mount$fuse(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000040)='fuse\x00', 0x0, &(0x7f0000000600)=ANY=[@ANYBLOB="632b86e0d55e66643d00000000000000", @ANYRESHEX=r3, @ANYRES16, @ANYBLOB="1a3c122aa5e35b3480179166caa87d548f0a5b46940345a39641c005f9eab414b918bb7f9b5ce4f99511234be921b1a0dad182de6bfc36e2c21bb207905c15d598b1ff381c69f7aa4405c08bcda16738fc882d8e5f8524ba32e4532a536a5d5beb6dc6ccb3072554396a182403edcdad543cfeeac856e3be94ac63595fee9cb71958cd1967115d61ec2e9cf286d2212d7d477d76dd91f24a324ab560b2", @ANYRESHEX, @ANYRES16, @ANYRESDEC]) 03:29:44 executing program 0: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8d, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000280)={0x38, 0x2, 0x0, 0x0, 0x8}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f00000041c0)=[{{&(0x7f0000000780)=@xdp, 0x80, &(0x7f0000000b40)=[{&(0x7f0000000800)=""/55, 0x37}], 0x1}, 0x405}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) write$P9_RGETLOCK(r2, &(0x7f00000003c0)=ANY=[@ANYBLOB="350000194e621100000000000000000700f0000000000000cabccf258f89fc6da8c395aa018d83e0c6356c5aded74dc7e99c74d427ae85f25c5b80b95c85957da97fba0896741c3b4a18e6f44167ddbe0c0570d3438eccb779ee1311dcdfdf829060face36020a87829ad8dc6794ba8425204fd2014fcb7feb8c886459fe1c0d6e02cda33131a6a09c45c7436506c7f9e71402c4c9f4a71128e7727ee3582fe45a858994ce3dab322c7846ef0af200", @ANYRES32, @ANYBLOB="17007573657ac1"], 0x35) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x363) perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x7e, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000380)}, 0x9000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x4000000000000071, 0x0) r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000340)={0x6, 0x0, 0x0, 0x204f}) ioctl$DRM_IOCTL_AGP_FREE(r2, 0x40206435, &(0x7f00000004c0)={0x81, r5, 0x10000, 0x7}) ioctl$SNDRV_PCM_IOCTL_RESUME(r3, 0x4147, 0x0) mount$fuse(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000040)='fuse\x00', 0x0, &(0x7f0000000140)={{'fd', 0x3d, r4}, 0x2c, {'rootmode', 0x3d, 0x807a}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) [ 814.978868] 1965979 pages RAM [ 814.982098] 0 pages HighMem/MovableOnly [ 814.986109] 338456 pages reserved [ 814.989627] 0 pages cma reserved 03:29:44 executing program 4: r0 = socket$inet(0x2b, 0x1, 0x0) bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e23, @multicast2}, 0x31) connect$inet(r0, &(0x7f0000000100)={0x2, 0x4e23, @local}, 0x10) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) ioctl$SCSI_IOCTL_DOORLOCK(r2, 0x5380) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000080)={'team0\x00'}) 03:29:44 executing program 5: openat$adsp1(0xffffffffffffff9c, &(0x7f0000000180)='/dev/adsp1\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ioctl$EVIOCGKEY(r1, 0x80404518, &(0x7f0000000040)=""/104) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60) ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) r4 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r5 = dup(r4) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) [ 815.075968] netlink: 28 bytes leftover after parsing attributes in process `syz-executor.3'. 03:29:44 executing program 2: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8d, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000280)={0x38, 0x2, 0x0, 0x0, 0x8}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f00000041c0)=[{{&(0x7f0000000780)=@xdp, 0x80, &(0x7f0000000b40)=[{&(0x7f0000000800)=""/55, 0x37}], 0x1}, 0x405}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) write$P9_RGETLOCK(r2, &(0x7f0000000580)=ANY=[@ANYBLOB="350000194e621100000000000000000700f0000000000000cabccf258f89fc6da8c395aa018d83e0c6356c5aded74dc7e99c74d427ae85f25c5b80b95c85957da97fba0896741c3b4a18e6f44167ddbe0c0570d3438eccb779ee1311dcdfdf829060face36020a87829ad8dc6794ba8425204fd2014fcb7feb8c886459fe1c0d6e02cda33131a6a09c45c7436506c7f9e71402c4c9f4a71128e7727ee3582fe45a858994ce3dab322c7846ef0af200e1643b2427610ca7c63e4ad69274374df135dc93f869dc8698a99bc66fa9d76dd278e33dac6b462c30fab77794cf1b3104459d79d28e06905c38d72e7db54fb2ff582edcb9341672d278d626f75b1eeb4e872e79104bed1d4f1cc1ce6b5e039bfd53d9e66384cf2d2698db0584dcd08e019bf6255e27729f145a94ead225ef48d8596ab61ae365ccd069ba6b12ee52188fe82b1be885cdd649d8a95d6e21f865fae8cd0fd9dcb04fa93dba8c5a69a2e99f2420b0c62ad3e4c8154011ec48b2cc3b5bc77959ca9ea429354e", @ANYRES32, @ANYBLOB="17007573657ac194ca"], 0x35) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x10000001, 0x0, 0x3}, 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x363) perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x7e, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000380)}, 0x9000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x4000000000000071, 0x0) r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000340)={0x6, 0x0, 0x0, 0x204f}) ioctl$DRM_IOCTL_AGP_FREE(r2, 0x40206435, &(0x7f00000004c0)={0x81, r5, 0x10000, 0x7}) ioctl$SNDRV_PCM_IOCTL_RESUME(r3, 0x4147, 0x0) mount$fuse(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000040)='fuse\x00', 0x0, &(0x7f0000000140)={{'fd', 0x3d, r4}, 0x2c, {'rootmode', 0x3d, 0x807a}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) 03:29:44 executing program 0: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8d, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000280)={0x38, 0x2, 0x0, 0x0, 0x8}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f00000041c0)=[{{&(0x7f0000000780)=@xdp, 0x80, &(0x7f0000000b40)=[{&(0x7f0000000800)=""/55, 0x37}], 0x1}, 0x405}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) write$P9_RGETLOCK(r2, &(0x7f00000003c0)=ANY=[@ANYBLOB="350000194e621100000000000000000700f0000000000000cabccf258f89fc6da8c395aa018d83e0c6356c5aded74dc7e99c74d427ae85f25c5b80b95c85957da97fba0896741c3b4a18e6f44167ddbe0c0570d3438eccb779ee1311dcdfdf829060face36020a87829ad8dc6794ba8425204fd2014fcb7feb8c886459fe1c0d6e02cda33131a6a09c45c7436506c7f9e71402c4c9f4a71128e7727ee3582fe45a858994ce3dab322c7846ef0af200", @ANYRES32, @ANYBLOB="17007573657ac1"], 0x35) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x363) perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x7e, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000380)}, 0x9000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x4000000000000071, 0x0) r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000340)={0x6, 0x0, 0x0, 0x204f}) ioctl$DRM_IOCTL_AGP_FREE(r2, 0x40206435, &(0x7f00000004c0)={0x81, r5, 0x10000, 0x7}) ioctl$SNDRV_PCM_IOCTL_RESUME(r3, 0x4147, 0x0) mount$fuse(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000040)='fuse\x00', 0x0, &(0x7f0000000140)={{'fd', 0x3d, r4}, 0x2c, {'rootmode', 0x3d, 0x807a}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) 03:29:44 executing program 1: openat$adsp1(0xffffffffffffff9c, 0x0, 0x0, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r3 = dup(r2) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = dup(r4) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) r6 = socket$inet6_tcp(0xa, 0x1, 0x0) r7 = fcntl$dupfd(r6, 0x406, r6) setsockopt$EBT_SO_SET_ENTRIES(r7, 0x0, 0x80, &(0x7f0000000080)=@nat={'nat\x00', 0x19, 0x1, 0x238, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f0000000480)=ANY=[@ANYBLOB="0000000000000000000000040000000000000000005fa924f024bf343c10000000000000d8028dbad800000000feffffff00000005000000000000000010000000000000ecffffff000000000000000000000000b8d800000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000006053e17600000000000000feffff060000000003000000000000000800696662f1e415c4954747d294f3e0e305a1ee61938021b0354bc8fbe3098cac60d1763ee9cbde516471021a9733cb8dcf45ab10a9c7687d7ac9c566ed3b3fc63e8a6d4badc8e87f715d507e579b553a9197995bcad3e048df19c53661920ce0000534f523ea7a951add7f3c"]}, 0x182) r8 = creat(&(0x7f0000000180)='./bus\x00', 0x0) setxattr$trusted_overlay_redirect(&(0x7f0000000100)='./bus\x00', &(0x7f0000000140)='trusted.overlay.redirect\x00', &(0x7f00000001c0)='./bus\x00', 0x6, 0x0) ioctl$DRM_IOCTL_MODE_LIST_LESSEES(r8, 0xc01064c7, &(0x7f00000000c0)={0x1, 0x0, &(0x7f0000000080)=[0x0]}) ioctl$DRM_IOCTL_MODE_REVOKE_LEASE(r7, 0xc00464c9, &(0x7f0000000040)={r9}) ioctl$DRM_IOCTL_MODE_REVOKE_LEASE(r5, 0xc00464c9, &(0x7f0000000040)={r9}) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ioctl$KVM_SET_IRQCHIP(0xffffffffffffffff, 0x8208ae63, &(0x7f0000000300)={0x2, 0x0, @ioapic={0x0, 0x0, 0x0, 0x7fff}}) [ 815.263553] netlink: 28 bytes leftover after parsing attributes in process `syz-executor.3'. [ 815.267060] syz-executor.5: page allocation failure: order:0, mode:0x14000c4(GFP_KERNEL|GFP_DMA32), nodemask=(null) [ 815.335431] syz-executor.5 cpuset=/ mems_allowed=0-1 [ 815.365069] CPU: 0 PID: 7653 Comm: syz-executor.5 Not tainted 4.14.184-syzkaller #0 [ 815.372924] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 815.382386] Call Trace: [ 815.384987] dump_stack+0x1b2/0x283 [ 815.388702] warn_alloc.cold+0x96/0x1af [ 815.392689] ? zone_watermark_ok_safe+0x250/0x250 [ 815.399139] ? wait_for_completion_io+0x10/0x10 [ 815.403837] __alloc_pages_nodemask+0x2129/0x2730 [ 815.408722] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 815.413590] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 815.418470] ? do_raw_spin_unlock+0x164/0x250 [ 815.423015] alloc_pages_current+0xe7/0x1e0 [ 815.427387] kvm_mmu_create+0xd1/0x1c0 [ 815.431303] kvm_arch_vcpu_init+0x282/0x890 [ 815.435649] ? alloc_pages_current+0xef/0x1e0 [ 815.440158] kvm_vcpu_init+0x26d/0x360 [ 815.444061] vmx_create_vcpu+0xf5/0x2950 [ 815.448142] ? __mutex_unlock_slowpath+0x75/0x780 [ 815.453007] ? drop_futex_key_refs.isra.0+0x17/0x80 [ 815.458074] ? alloc_loaded_vmcs+0x240/0x240 [ 815.462524] kvm_vm_ioctl+0x4ae/0x1430 [ 815.466443] ? __lock_acquire+0x655/0x42a0 [ 815.470868] ? kvm_vcpu_release+0xa0/0xa0 [ 815.475032] ? trace_hardirqs_on+0x10/0x10 [ 815.479283] ? trace_hardirqs_on+0x10/0x10 [ 815.483530] ? futex_exit_release+0x60/0x60 [ 815.487876] ? __might_fault+0x104/0x1b0 [ 815.492096] ? lock_acquire+0x170/0x3f0 [ 815.496092] ? kvm_vcpu_release+0xa0/0xa0 [ 815.500263] do_vfs_ioctl+0x75a/0xfe0 [ 815.504083] ? selinux_parse_skb.constprop.0+0x16c0/0x16c0 [ 815.509767] ? ioctl_preallocate+0x1a0/0x1a0 [ 815.514226] ? security_file_ioctl+0x76/0xb0 [ 815.518685] ? security_file_ioctl+0x83/0xb0 [ 815.523114] SyS_ioctl+0x7f/0xb0 [ 815.526521] ? do_vfs_ioctl+0xfe0/0xfe0 [ 815.530511] do_syscall_64+0x1d5/0x640 [ 815.534502] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 815.539737] RIP: 0033:0x45cba9 [ 815.542928] RSP: 002b:00007ffa78a6ac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 815.550647] RAX: ffffffffffffffda RBX: 00000000004e85c0 RCX: 000000000045cba9 [ 815.557960] RDX: 0000000000000000 RSI: 000000000000ae41 RDI: 0000000000000008 [ 815.565262] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 815.572690] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 815.579989] R13: 00000000000003a3 R14: 00000000004c652f R15: 00007ffa78a6b6d4 03:29:44 executing program 0: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8d, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000280)={0x38, 0x2, 0x0, 0x0, 0x8}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f00000041c0)=[{{&(0x7f0000000780)=@xdp, 0x80, &(0x7f0000000b40)=[{&(0x7f0000000800)=""/55, 0x37}], 0x1}, 0x405}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) write$P9_RGETLOCK(r2, &(0x7f00000003c0)=ANY=[@ANYBLOB="350000194e621100000000000000000700f0000000000000cabccf258f89fc6da8c395aa018d83e0c6356c5aded74dc7e99c74d427ae85f25c5b80b95c85957da97fba0896741c3b4a18e6f44167ddbe0c0570d3438eccb779ee1311dcdfdf829060face36020a87829ad8dc6794ba8425204fd2014fcb7feb8c886459fe1c0d6e02cda33131a6a09c45c7436506c7f9e71402c4c9f4a71128e7727ee3582fe45a858994ce3dab322c7846ef0af200", @ANYRES32, @ANYBLOB="17007573657ac1"], 0x35) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x363) perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x7e, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000380)}, 0x9000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x4000000000000071, 0x0) r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000340)={0x6, 0x0, 0x0, 0x204f}) ioctl$DRM_IOCTL_AGP_FREE(r2, 0x40206435, &(0x7f00000004c0)={0x81, r5, 0x10000, 0x7}) ioctl$SNDRV_PCM_IOCTL_RESUME(r3, 0x4147, 0x0) mount$fuse(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000040)='fuse\x00', 0x0, &(0x7f0000000140)={{'fd', 0x3d, r4}, 0x2c, {'rootmode', 0x3d, 0x807a}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) 03:29:44 executing program 3: r0 = socket$inet(0x2b, 0x1, 0x0) bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e23, @multicast2}, 0x31) connect$inet(r0, &(0x7f0000000100)={0x2, 0x4e23, @local}, 0x10) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = socket(0xa, 0x1, 0x0) close(r3) r4 = socket$inet6_sctp(0xa, 0x10000000005, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r4, 0x84, 0x6e, &(0x7f0000000180)=[@in6={0xa, 0x0, 0x0, @remote, 0x9}], 0x1c) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r4, 0x84, 0x1d, &(0x7f0000000200)=ANY=[@ANYBLOB="01000b8984d68816d4fa0528ec1c182eed1eaef22a368dcf46488921a1e64124ee1ebc89a11f80ecf85055247aed8f9f4562530cb959fb6c95e1c9acfc35ad5eeb0bf7b60f51feee546153e666786b4a7ac4d32151b8952eacb336088455549d898cdbd6be498b3613759a04863eed4a2e0938002db9f20e9f10942edc162685d13b5ebcd51a11379d20ad34e0e3f5281b666099f22b751c926331929f906c02f5f320b85806a80a3c15eaf50b93030f752ea04dcb4e14cf806b08be40881dad94a019b24f3c57083dd76116d17472f654eabdf69b6c71f0bce81273038a0efc04690386f45955b706313796090d05eade0e6dc5bd323a254af025b800658a16b4", @ANYRES32=0x0], &(0x7f000095dffc)=0x8) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r7 = dup(r6) ioctl$PERF_EVENT_IOC_ENABLE(r7, 0x8912, 0x400200) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) dup(r8) sendmmsg$inet_sctp(r3, &(0x7f0000002cc0)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000140)=ANY=[@ANYBLOB="00000000a2b30400"/17, @ANYRESHEX=r8], 0x20}], 0x1, 0x0) getsockopt$inet_sctp_SCTP_DEFAULT_PRINFO(r2, 0x84, 0x72, &(0x7f0000000040)={r5, 0x400, 0x30}, &(0x7f0000000080)=0xc) r9 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r9, 0x8912, 0x400200) 03:29:44 executing program 2: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8d, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000280)={0x38, 0x2, 0x0, 0x0, 0x8}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f00000041c0)=[{{&(0x7f0000000780)=@xdp, 0x80, &(0x7f0000000b40)=[{&(0x7f0000000800)=""/55, 0x37}], 0x1}, 0x405}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000840)="e6dfcb9745ba3e24504bff420106c6b2f901000000812aa4e1ffffff0000001920c226d0f5c7000400001990c396b1b94d6ee478bfdbdc7d8fe3648ce888032117c56ca83b13398976ae4a0b77145dc6afc29f856261ff40ed41eff330ece7d84c625b768d02f1266499d77afcc84a3a11d677d8075f90419ffe69ac6f013594d188e3bb1e2dbf3fe3ddbfb0898f1b274de013c9aa5ce437a4e53185334e744c7e826383e5e0b6ae31a73928ba9576e358f408f5e48c8dd20201ee3e401e7a6d95876b8ab9ac20e2234815b81434d092e04fa2c3d4094f988181c0f7c26e7e2698b726389ba2fd41b04b9487027d7c327277eca442a5703e97386747d67eafdf279d1d601593bc32e498bc412668bde1cb088cedf530ca60629cff1d73602bbf53414274539af66f4b890f2f3aced2b9d07e9c5f771817d304daf045a833f66c0212a9090359a672e905f58d57118f9aceda40e18573480da7e5a7e5ad0676d50e8cd974ad31f978a5060f44352030a24d32e20732b00c7992b4b5c9defedc2e01cd128cbb652b314d72abff6ff278f14bdeb327a7674c607b0c6a8b21680779fc2b06dea7f180226955f295fadd0fe820989ec38e65a89df8762711a0ad0e48f429c40466106bbe3135ac8c31", 0xffffffffffffffd6) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) write$P9_RGETLOCK(r2, &(0x7f00000003c0)=ANY=[@ANYBLOB="350000194e621100000000000000000700f0000000000000cabccf258f89fc6da8c395aa018d83e0c6356c5aded74dc7e99c74d427ae85f25c5b80b95c85957da97fba0896741c3b4a18e6f44167ddbe0c0570d3438eccb779ee1311dcdfdf829060face36020a87829ad8dc6794ba8425204fd2014fcb7feb8c886459fe1c0d6e02cda33131a6a09c45c7436506c7f9e71402c4c9f4a71128e7727ee3582fe45a858994ce3dab322c7846ef0af200", @ANYRES32, @ANYBLOB="17007573657ac194ca"], 0x35) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x363) perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x7e, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000380)}, 0x9000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x4000000000000071, 0x0) r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000340)={0x6, 0x0, 0x0, 0x204f}) ioctl$DRM_IOCTL_AGP_FREE(r2, 0x40206435, &(0x7f00000004c0)={0x81, r5, 0x10000, 0x7}) ioctl$SNDRV_PCM_IOCTL_RESUME(r3, 0x4147, 0x0) mount$fuse(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000040)='fuse\x00', 0x0, &(0x7f0000000140)={{'fd', 0x3d, r4}, 0x2c, {'rootmode', 0x3d, 0x807a}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) [ 815.736500] warn_alloc_show_mem: 1 callbacks suppressed [ 815.736505] Mem-Info: [ 815.745308] active_anon:1056523 inactive_anon:4039 isolated_anon:0 [ 815.745308] active_file:3920 inactive_file:7683 isolated_file:0 [ 815.745308] unevictable:0 dirty:41 writeback:25 unstable:0 [ 815.745308] slab_reclaimable:15962 slab_unreclaimable:136680 [ 815.745308] mapped:58201 shmem:4200 pagetables:31268 bounce:0 [ 815.745308] free:255024 free_pcp:427 free_cma:0 [ 815.768163] syz-executor.1: [ 815.803979] Node 0 active_anon:1914300kB inactive_anon:16128kB active_file:24kB inactive_file:8kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:214152kB dirty:8kB writeback:0kB shmem:16772kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 1445888kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 815.817316] page allocation failure: order:0 03:29:44 executing program 0: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8d, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000280)={0x38, 0x2, 0x0, 0x0, 0x8}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f00000041c0)=[{{&(0x7f0000000780)=@xdp, 0x80, &(0x7f0000000b40)=[{&(0x7f0000000800)=""/55, 0x37}], 0x1}, 0x405}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, 0x0, 0x0) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) write$P9_RGETLOCK(r2, &(0x7f00000003c0)=ANY=[@ANYBLOB="350000194e621100000000000000000700f0000000000000cabccf258f89fc6da8c395aa018d83e0c6356c5aded74dc7e99c74d427ae85f25c5b80b95c85957da97fba0896741c3b4a18e6f44167ddbe0c0570d3438eccb779ee1311dcdfdf829060face36020a87829ad8dc6794ba8425204fd2014fcb7feb8c886459fe1c0d6e02cda33131a6a09c45c7436506c7f9e71402c4c9f4a71128e7727ee3582fe45a858994ce3dab322c7846ef0af200", @ANYRES32, @ANYBLOB="17007573657ac1"], 0x35) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x363) perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x7e, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000380)}, 0x9000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x4000000000000071, 0x0) r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000340)={0x6, 0x0, 0x0, 0x204f}) ioctl$DRM_IOCTL_AGP_FREE(r2, 0x40206435, &(0x7f00000004c0)={0x81, r5, 0x10000, 0x7}) ioctl$SNDRV_PCM_IOCTL_RESUME(r3, 0x4147, 0x0) mount$fuse(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000040)='fuse\x00', 0x0, &(0x7f0000000140)={{'fd', 0x3d, r4}, 0x2c, {'rootmode', 0x3d, 0x807a}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) [ 815.837046] Node 1 active_anon:2312292kB inactive_anon:28kB active_file:15656kB inactive_file:30724kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:19652kB dirty:156kB writeback:100kB shmem:28kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no 03:29:44 executing program 4: r0 = socket$inet(0x2b, 0x1, 0x0) bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e23, @multicast2}, 0x31) connect$inet(r0, &(0x7f0000000100)={0x2, 0x4e23, @local}, 0x10) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r2, 0x84, 0x76, &(0x7f00000000c0)={0x0, 0x3}, &(0x7f0000000140)=0x8) getsockopt$inet_sctp_SCTP_PEER_AUTH_CHUNKS(r4, 0x84, 0x1a, &(0x7f0000000180)=ANY=[@ANYRES32=r5, @ANYBLOB="00100000f740cdba02a846e356de3a8980c229208f71f38524aa2da62988f0cde9db6b12215776c3bf862e4fd5eb8465a435a8bce92baa00fdd036eb86fbc8ebef578fc3fc5d8f327cc396aa3f8356bb170b5e65b29c4eae99190babe40b14e2ae8ac5b72c3121d6f5a37cca73f5b3cd7f8466b07cb2a1e6a4eb74644f07ed4451bdb4cfb0b635ec542b4e8257459aa637de27df6f00412155d49faa4a8c1f71c0270eb3b7a0f96ef95a1639cbc17770a2159de3e0988f0c308e5ca1dc980c9de42d5554afbe528595dfbe8426f90836ad6860ecd4e94b7156bcd941eb95431657bc0769fdb5d8755f05ca12c57368d9c3fa3084622e7e8c02e1b09a95da70f934261ff1dbab244e94a05c30d662784ca4ab34e82c59e783ccf0922251bebcc89884f7f436c8184483eba0b1f422555f97bbde2f2e8b639a91bdbe193c41f0c3f4471b4ca671e35720c7aed18fc902ba128a37baed494d5d575436217ddbc89c0a17306c95c0570e980e164e46955c2b512b38270f458c8cded67da6ef804990e27bac868f932931411734125f7e4c8806fd7e6e1f3af3a77b05b2dc766cb41a81452f61d3d27e0da2a747a9c96caf318d953e4ebfc09a351c6578181140c11d4cfb7727e0a1d55c91987b62318a38a5a7cad6d3da787538a2745954eed7324877f1b6776e6160c6af0cca93c950013f7d77768bea3e83b6861d58fa35433efed5a2c33fbc5950dd3abb5464f82e4e1dfeffa94e8f4bae8d47f41f2623fdf5207cff078de23d727cfd6b0e379a30c374b3583f21cfd73030ca548dd79c150a41177da1e0c06fb57627811c84bfa10ba367fc33c8454713561eb55e1ae09ac8b387e52c2ffbba044f059e388cffb864485f3437c0de88467cb9c5b53fd637624506bd3d5a7e85094c130d26529174e6eec68a3796b23a9427027802ba0e27693be095c07bccaf6d6f6a12aff260cc28cb26e0abe2fd21801827ad532cb5dd4e5dbb534c6b80e19690d99830ec0dc50d41a2b3abf4d98287794705fccb6a1ece89625b99868a1065c964f1f7b09a887d6a279ed02678af82b69a4fb61520e8c2c2678b2a2d2ce4ad7c119d5724bcacb3e0147286a3d84c66806b965d30fd05cc334b5353580de1d1446c0579361f2c33a288dcecdb762eafc838d7adfacddd461b30bac23dd7a84c8f359466534b04efce3c4702030f3ffcb758d81cb15e2f9b40ca87ed0f746a95a8f77be6357c59e76d5fbcce5989e23ed14097c0894bbc80fdcd56286d88f6cdc9675977a9622b97fa01e5ec6ce5e11f9a0ad12763938237da35e1d6de089592b4efb14a928410e27cc51750aec5190cc5c4a1332dcd286932e2574c40a3553019263dfc9ac11209a089f47a5bb00d6e7566563f206c5755efbd4e3a3b8703b4c8917b185c49b6a7d586e1cab9c17db7e0cf16cd6d1c4ea3feaf5600a4f8f6bc255de2f98081cf1a4f58a5daeaeec61acae189b568647dc900db8b996644ada8f718e7f98eba35aa73fe22272ed1831a73b8c55a680d5274ab933f545a3cd6f45fd5036b764acf1dc392a745ad7b5a5ed3ad8e8f9c968903c471ff87be5d5f1d3673ac3d14e0ad4d9a3f73d57d5b22f7dd9d07a109327179636c6649b197fc5e3c3d4fcf5ab90f3034560d78f845b927971ef53113bf6c6dae77a2c6addb9a58471b2655e6059f259fd669aa1c251cecb06a4dcb2a2d4dc46a62f2474b68c9691163fc2d32e63271c86719172ac9e9d1e9dfdb7dd3d12457105dc64ef9e1b95a81828da9d09453451b7af4e5ec751c2bb64194362683b3f1876a475c97682eed22f37e082e39441ac9df5b39fec6790fe3d2b00eaf5dd02dd5a2a4105bcc8456f3621275c32e71bf6cb3878073e9cb27f0fc15b364ad89be0dcf97a9b23e364c7e65af75f4f18bbc9c4a6465cc0abf8c8fae8c188c5e0d92844ebdd5719129d66f7004b24b484a691736f7a25f0ac3e089cdd1dc3a19ace199ee93cbe35f2c6764e3173dc135661401405941bfdf46c49713ea499d38002a61ee184a4fa092495d2c85487c17af3ba9f679a6d5ecd852b01f38d7b416a0dfef26c4781e87bbc4e32b5082478314ba2326304bd02ea69baaa9238679ef662f3f1f9087a02196b339435685dfff691e58f54a3233db01546453aaf13c53cb2d7afd51d3ed8207d01a678b26ba376630b79fbbf521b174f3b1c326acd556a277fc202b9bdc53f6923621cf4bcfc16670b6c91d00c1683afabd4aa232e21b83617cbaeec207779d94b86b1471fd1a555e45ee9a506a30f5171b95331c9243958a6cf34a085dc3c6e4ea72a80c9a5c785cea2929a8c337abf3b8f9266d16c9114b45a3d05ee60db3baf970c75f976fc31fdfbb15c19d66799f1f2a3d7f4b13aa11a74094b47e96d4a59a9a7f61946d55c3bd0834c6c6aaff65f6ebbb21df061b74aca87d380335090fc55c5c4cb862633a1f62fc41d3417f9961eacd59b5b9fd77268a6fe2e3cc8de2d8f9797e40881f9b864c9788cd59492ed22e756a454c6c1796fbbcf70ecd3448708aa890f6db786b04e4a86ef80a6eb83b6833b55307fbd092a9e7075eea1a8557aef1589207c86bdf16385665c624e072129ea21cf41977ce7d1817e17bc3bb7d4af372c635619fdc71a0da3823a253d54da23bf4b10cdcc98c4a31b9991d180a9a9d6156d75d5f69c82c48ced6d3a9b79b80586a6a894eff8e3a8474488e9f56cb6fea9b88887effcc234447b234a3b70e242c0d202dd0ef7764c7ffd3b3f804ce9f3271d7cf465b0ba661be3d23645426b30bbfa1ffd9127bdda657f0806ed6fa9e0669296f32aba44bdd43c71593dd973996666443fc29b22edfa0ffa8e37c78288e8f1bcdffb880cc2fc12a9124f6c24216b640b380899f97e6285fa2a65a5776f282f587160e10a191e3e720e568a8625da696bb6891c85cc7f5b4ce51e38beb7a3968c21ff6c3f5b7350485c42e7a356a48f937078a6f9ed877fb795e24c9977ea18512726c18b04bf3e2cf270e273b30c59263db9d2d448e5c3ff4bdbb60735d725be1c37c85826be22d8dcfdb304772b7f94f5a7f9564089bc56909cb86e65019d1db40181c8ffbedae424be9f8fd52051fea0539ed8f2bbbe447ed0fcc7f2246627f73be89c8cff8f5ebcf8d37eb327606623c39a614032584220ed6fd334d6738fde9023c23a0de03e33968fc67b5cf7b75b4d67b0331ebf6810f04a5f6d006298422b73e74cb461a9fc80dbaf874a1392d743f4c344ac596cf2cbf7624d7830b047189be655e9027c49992157856f89d6934be8b48a5c6edf6e642c4f41abf0ad1dacb8d0a2f08744d303cb0e5a03337dfe9a965a5d884c3e75ebea7f975f36894bd5321f76b31c1294c8c9933ddca0d9da86e2810bf19282b3fb2b7b7320c3efd67bf459b3d98caf72f25ee16c7656d2b746d638ce055fcb2e47ecd89da7a7f642e71b7ebc9cec0a6dc1b692803443348aabe30347177b06abf96dc6bc48866bec676d9c8c74f5e381c3ab10774d3533f49ff08ba8168150ef56a2a994109d365cc0466eee2daf82ed9a956559db8f187fd783dc098e96ca23a05d7e7033e58f97481f9c04ae4209a391d28d104f133fa73991c06739ffa12a497adec6a4b71808980e6aef288e9fa24527281e37882e417ed6665bc4e11969a94311ce27f68d014d809698c6cdc81d47d7b5b5a7f0306fa8cf96daa2fb158c9a9643f74bc003697697595660316e8de2100beafb5a7e91e5deb0820cbd46783a3038cb5d25223abb90fbaf4a6390d93e714155ec9c7a78f301c0c91f2671cdbbb1169502f278d2237621bc2e5dbc1e05fb338d1d3b187ee9d109063c4481ecaa5b3e8ca8957a5b5c36f7c275447d779e7d20c3157eb425cf4bb672407431bf47dae0e79cfb417bbce82749caef5e5ea26b19d513a582ee561686e8aa84402f95f8fa76e6f9432a01a0739ae472bb78b33032aed22285e326110247c2f2b0ea9059d4a186771a7b9fc61ebfe698ac9a0dc82e06371aeadba2f94e9d477aaf7d02186c0e91c766ce753110743c0324bfe97fce6ec5ef41ca68fdb3b5582eeeb8579734c61840326be3901c5b4c4ce7a6684a2d8e0aee97576e49ec05afdd342a75445d741bbba1872ddc2499948906efa991c5984523b87e23701b481e29d1f4f58dc2fd5689aa1721d3a4b15053f98588ca0b29d870f103688dc3b9f85cd397f8858282b39686fdb10957cc224ee95ab64d890b3d8260014ded32e95507f868a319f041870555302a18ff900effe7341e3947573e7fb28841f5a62c99960da63b7b08b17d09f86a09d4d313d4b4e201d638893eca2b73ef1d04e79b05eb1eb4d679ec7b254e0efd50c29d874da6848495b0c111d6ba6baa6c2b6e25414778033cb75c3e937d77ab2201e77c4cca683a027762478dba473e42414a9f0b0626c50d67eff244457699d9f50261f751d2708ad4a783e957f76c0db407464aed7731113710c24512e72f65c93904944f7f79519d62950c49fd205d8427f98abde2b022cb5ffd9ed224f60eca18d205d63719ccbb337aed96f952e6c8ae57ac75e0941bdcb156e9ebea779ac1d433eb66dab5a804608ded22286ccc619b547968c7138aef08e6305fcd2b92398c7d4ce5d126e9f47fdcde017e4841fae21eb680bda2e524ce5a59a751d60e73a1d48a55b413916ef825fc9588e24b02db1f6866918c5d04b521c44486c02604d76cdf7362bd21f74cf1e9d973ce390744edfb8f65dc5f76986e1d2826288293653914af961a7e469c6fe4265bcdc1b8fa81f08cea0e330cfe5930d0e448dec5dc2f01b67ed9f54006c214da28acbaec4cc564b83c62ca5f862dfaf3c387321c63fdeef77784f93f3d47ed3ffe8a28a466708f33bc8191bd9bf45c731862517e0863fcaf7ddc3fe12a15dce09c9df3b28f6100e49e8ea101814bcb1ff2dcf2f313fa94941c48de396acc35813348b176c774011f815ff9f5888c399eb95638e10b2fdd705870b550775e09f8cde09bbd819a972eead6a4bce1c6668828901be6ac4262b006467cf05ea6db4ababa53c22daa315dfdac9923f1bbcc739339eb92cf0d5e41b157d9e61fe2b43445c4ad58fe2c64c7ec15d71248d4074f199de738a743dde2b37405a6ddd6eddfb0781e38c00ecf1245d19577081979dc9055a2a4ccdf36e29ec036cc4bb874a4c0015dc650e21a207b5553e1bb2c0023c7796f48638a6bf93cc2139b716ce856ae3fa2a041b53566faa43c457dd0b554eb208c0020b34ae77dcef8f3f529bea3a16ab3ac0d036a13648b341fd37e6b537a7682f62476c2d365196358856aa3b28bf080fa496ed81bc53d7fef0bbfdf1cb0a911fa8b6bc38098d2ed6c8a84c626bf16ea60ea85ddc0307b3c054e16203efeccbab49f9770ce38a791e827df5d5fdb1f58ca4e58c8534412233e473882b5b2458c280619011c1395b109a1eeedf4e05f9b76f7387625654c36e2cc5042715fe80e39c64b1245fed60a46ff16d575875b88d9476dc49b85a8a8d3f1278e3fb5beebc00d4a548335e7408d9d04aef2bedb688db43535d86efbd4fbee0ffd0b74e606253330658ced9d5ca0e3a50573f20080a4365f09c1c58c48bc099e951e8f20c307d95654db7178fac8b561f71122bcd98692214034e5b0dbe75d260aa2ec80209fdb1ec9d8fd69cb4ae1f84884002562dfcb992eff463f78e976806e6739ce1cf4f838665f90ce6cbd36e8efdda6d94d786b0a9f80022a808950e6f7de990084e2c4d7354b9c606c662b2af6ccdce28f3a15908c0"], &(0x7f00000011c0)=0x1008) ioctl$SCSI_IOCTL_TEST_UNIT_READY(r4, 0x2) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000080)={'team0\x00'}) 03:29:44 executing program 2: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8d, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000280)={0x38, 0x2, 0x0, 0x0, 0x8}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f00000041c0)=[{{&(0x7f0000000780)=@xdp, 0x80, &(0x7f0000000b40)=[{&(0x7f0000000800)=""/55, 0x37}], 0x1}, 0x405}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) write$P9_RGETLOCK(r2, &(0x7f00000003c0)=ANY=[@ANYBLOB="350000194e621100000000000000000700f0000000000000cabccf258f89fc6da8c395aa018d83e0c6356c5aded74dc7e99c74d427ae85f25c5b80b95c85957da97fba0896741c3b4a18e6f44167ddbe0c0570d3438eccb779ee1311dcdfdf829060face36020a87829ad8dc6794ba8425204fd2014fcb7feb8c886459fe1c0d6e02cda33131a6a09c45c7436506c7f9e71402c4c9f4a71128e7727ee3582fe45a858994ce3dab322c7846ef0af200", @ANYRES32, @ANYBLOB="17007573657ac194ca"], 0x35) sched_setattr(0x0, &(0x7f0000000480)={0x38, 0x2, 0x1, 0x0, 0x10001}, 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x363) perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x7e, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000380)}, 0x9000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x4000000000000071, 0x0) openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000340)={0x6, 0x0, 0x0, 0x204f}) ioctl$DRM_IOCTL_AGP_FREE(r2, 0x40206435, &(0x7f00000004c0)={0x81, r4, 0x10000, 0x7}) ioctl$SNDRV_PCM_IOCTL_RESUME(r3, 0x4147, 0x0) mount$fuse(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000040)='fuse\x00', 0x280000, &(0x7f0000000840)=ANY=[]) [ 815.909401] , mode:0x14000c4(GFP_KERNEL|GFP_DMA32), nodemask=(null) [ 815.950365] syz-executor.1 cpuset=/ mems_allowed=0-1 [ 815.970328] CPU: 1 PID: 7716 Comm: syz-executor.1 Not tainted 4.14.184-syzkaller #0 [ 815.978223] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 815.987595] Call Trace: [ 815.990213] dump_stack+0x1b2/0x283 [ 815.994124] warn_alloc.cold+0x96/0x1af [ 815.997048] Node 0 [ 815.998117] ? zone_watermark_ok_safe+0x250/0x250 [ 815.998139] ? wait_for_completion_io+0x10/0x10 [ 815.998154] __alloc_pages_nodemask+0x2129/0x2730 [ 816.006542] DMA free:10408kB min:220kB low:272kB high:324kB active_anon:4344kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:4kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 816.009965] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 816.009979] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 816.010001] ? do_raw_spin_unlock+0x164/0x250 [ 816.038656] lowmem_reserve[]: [ 816.040645] alloc_pages_current+0xe7/0x1e0 [ 816.040668] kvm_mmu_create+0xd1/0x1c0 [ 816.056495] 0 [ 816.058125] kvm_arch_vcpu_init+0x282/0x890 [ 816.058139] ? alloc_pages_current+0xef/0x1e0 [ 816.058153] kvm_vcpu_init+0x26d/0x360 [ 816.066729] syz-executor.5: [ 816.068259] vmx_create_vcpu+0xf5/0x2950 [ 816.068277] ? __mutex_unlock_slowpath+0x75/0x780 [ 816.068289] ? drop_futex_key_refs.isra.0+0x17/0x80 [ 816.068302] ? alloc_loaded_vmcs+0x240/0x240 [ 816.079790] 2559 [ 816.081165] kvm_vm_ioctl+0x4ae/0x1430 [ 816.081182] ? __lock_acquire+0x655/0x42a0 [ 816.081193] ? kvm_vcpu_release+0xa0/0xa0 [ 816.081203] ? trace_hardirqs_on+0x10/0x10 [ 816.081219] ? trace_hardirqs_on+0x10/0x10 [ 816.081232] ? futex_exit_release+0x60/0x60 [ 816.081248] ? __might_fault+0x104/0x1b0 [ 816.091364] 2559 [ 816.093211] ? lock_acquire+0x170/0x3f0 [ 816.093231] ? kvm_vcpu_release+0xa0/0xa0 [ 816.101881] 2559 [ 816.102684] do_vfs_ioctl+0x75a/0xfe0 [ 816.102702] ? selinux_parse_skb.constprop.0+0x16c0/0x16c0 [ 816.102712] ? ioctl_preallocate+0x1a0/0x1a0 [ 816.102733] ? security_file_ioctl+0x76/0xb0 [ 816.105012] page allocation failure: order:0 [ 816.108686] ? security_file_ioctl+0x83/0xb0 [ 816.108698] SyS_ioctl+0x7f/0xb0 [ 816.108707] ? do_vfs_ioctl+0xfe0/0xfe0 [ 816.108721] do_syscall_64+0x1d5/0x640 [ 816.108738] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 816.108747] RIP: 0033:0x45cba9 [ 816.108752] RSP: 002b:00007f4b1ca47c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 816.114312] 2559 [ 816.117176] RAX: ffffffffffffffda RBX: 00000000004e85c0 RCX: 000000000045cba9 [ 816.117183] RDX: 0000000000000000 RSI: 000000000000ae41 RDI: 0000000000000004 [ 816.117189] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 816.117195] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 816.117202] R13: 00000000000003a3 R14: 00000000004c652f R15: 00007f4b1ca486d4 03:29:45 executing program 0: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8d, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000280)={0x38, 0x2, 0x0, 0x0, 0x8}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f00000041c0)=[{{&(0x7f0000000780)=@xdp, 0x80, &(0x7f0000000b40)=[{&(0x7f0000000800)=""/55, 0x37}], 0x1}, 0x405}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, 0x0, 0x0) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) write$P9_RGETLOCK(r2, &(0x7f00000003c0)=ANY=[@ANYBLOB="350000194e621100000000000000000700f0000000000000cabccf258f89fc6da8c395aa018d83e0c6356c5aded74dc7e99c74d427ae85f25c5b80b95c85957da97fba0896741c3b4a18e6f44167ddbe0c0570d3438eccb779ee1311dcdfdf829060face36020a87829ad8dc6794ba8425204fd2014fcb7feb8c886459fe1c0d6e02cda33131a6a09c45c7436506c7f9e71402c4c9f4a71128e7727ee3582fe45a858994ce3dab322c7846ef0af200", @ANYRES32, @ANYBLOB="17007573657ac1"], 0x35) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x363) perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x7e, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000380)}, 0x9000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x4000000000000071, 0x0) r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000340)={0x6, 0x0, 0x0, 0x204f}) ioctl$DRM_IOCTL_AGP_FREE(r2, 0x40206435, &(0x7f00000004c0)={0x81, r5, 0x10000, 0x7}) ioctl$SNDRV_PCM_IOCTL_RESUME(r3, 0x4147, 0x0) mount$fuse(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000040)='fuse\x00', 0x0, &(0x7f0000000140)={{'fd', 0x3d, r4}, 0x2c, {'rootmode', 0x3d, 0x807a}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) [ 816.272528] , mode:0x14000c4(GFP_KERNEL|GFP_DMA32), nodemask=(null) [ 816.294521] syz-executor.5 cpuset=/ mems_allowed=0-1 [ 816.316552] CPU: 0 PID: 7768 Comm: syz-executor.5 Not tainted 4.14.184-syzkaller #0 [ 816.324404] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 816.333895] Call Trace: [ 816.336497] dump_stack+0x1b2/0x283 [ 816.340144] warn_alloc.cold+0x96/0x1af [ 816.344147] ? zone_watermark_ok_safe+0x250/0x250 [ 816.349012] ? wait_for_completion_io+0x10/0x10 [ 816.353738] __alloc_pages_nodemask+0x2129/0x2730 [ 816.358648] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 816.363513] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 816.368407] ? do_raw_spin_unlock+0x164/0x250 [ 816.372942] alloc_pages_current+0xe7/0x1e0 [ 816.377281] kvm_mmu_create+0xd1/0x1c0 [ 816.381180] kvm_arch_vcpu_init+0x282/0x890 [ 816.385517] ? alloc_pages_current+0xef/0x1e0 [ 816.390047] kvm_vcpu_init+0x26d/0x360 [ 816.393956] vmx_create_vcpu+0xf5/0x2950 [ 816.398033] ? __mutex_unlock_slowpath+0x75/0x780 [ 816.402888] ? alloc_loaded_vmcs+0x240/0x240 [ 816.407314] kvm_vm_ioctl+0x4ae/0x1430 [ 816.411394] ? __lock_acquire+0x655/0x42a0 [ 816.415667] ? kvm_vcpu_release+0xa0/0xa0 [ 816.419834] ? trace_hardirqs_on+0x10/0x10 [ 816.424097] ? trace_hardirqs_on+0x10/0x10 [ 816.428357] ? lock_acquire+0x170/0x3f0 [ 816.432343] ? __might_fault+0x104/0x1b0 [ 816.436439] ? lock_acquire+0x170/0x3f0 [ 816.440444] ? kvm_vcpu_release+0xa0/0xa0 [ 816.444613] do_vfs_ioctl+0x75a/0xfe0 [ 816.448440] ? selinux_parse_skb.constprop.0+0x16c0/0x16c0 [ 816.454095] ? ioctl_preallocate+0x1a0/0x1a0 [ 816.458622] ? security_file_ioctl+0x76/0xb0 [ 816.463096] ? security_file_ioctl+0x83/0xb0 [ 816.467532] SyS_ioctl+0x7f/0xb0 03:29:45 executing program 1: openat$adsp1(0xffffffffffffff9c, 0x0, 0x0, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) pipe(&(0x7f0000000040)) pipe2(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x84800) ioctl$KVM_GET_SREGS(r1, 0x8138ae83, &(0x7f0000000080)) r3 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) r4 = syz_open_dev$tty1(0xc, 0x4, 0x1) r5 = syz_genetlink_get_family_id$tipc2(&(0x7f00000000c0)='TIPCv2\x00') r6 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$TIPC_NL_BEARER_ENABLE(r6, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000580)={0x28, r5, 0xc573de0d27bdfe6f, 0x0, 0x0, {0x4}, [@TIPC_NLA_BEARER={0x14, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz1\x00'}]}]}, 0x28}}, 0x0) sendmsg$TIPC_NL_BEARER_ADD(r2, &(0x7f0000000280)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000240)={&(0x7f0000000540)={0x258, r5, 0x0, 0x70bd25, 0x25dfdbff, {}, [@TIPC_NLA_MON={0xc, 0x9, 0x0, 0x1, [@TIPC_NLA_MON_REF={0x8, 0x2, 0xffff}]}, @TIPC_NLA_MEDIA={0x98, 0x5, 0x0, 0x1, [@TIPC_NLA_MEDIA_PROP={0x44, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x1ff}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x2}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x14}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x17}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0xd}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x450}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x401}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x5fc1}]}, @TIPC_NLA_MEDIA_PROP={0x2c, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x4}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0xfffffffb}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x8}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x7ff}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x7}]}, @TIPC_NLA_MEDIA_PROP={0x24, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x5}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x1}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0xfff}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x98}]}]}, @TIPC_NLA_BEARER={0xb0, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x3e}, @TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz2\x00'}, @TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz2\x00'}, @TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz0\x00'}, @TIPC_NLA_BEARER_UDP_OPTS={0x38, 0x4, {{0x20, 0x1, @in6={0xa, 0x4e21, 0x1f, @mcast1, 0x5}}, {0x14, 0x2, @in={0x2, 0x4e20, @remote}}}}, @TIPC_NLA_BEARER_PROP={0x3c, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_WIN={0x8}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x80000000}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x16}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x7}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x8}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x1ff}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x3ff}]}]}, @TIPC_NLA_MEDIA={0x10, 0x5, 0x0, 0x1, [@TIPC_NLA_MEDIA_PROP={0x4}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'udp\x00'}]}, @TIPC_NLA_BEARER={0x90, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_UDP_OPTS={0x38, 0x4, {{0x14, 0x1, @in={0x2, 0x4e23, @private=0xa010101}}, {0x20, 0x2, @in6={0xa, 0x4e22, 0x3, @private1, 0x1}}}}, @TIPC_NLA_BEARER_NAME={0x11, 0x1, @l2={'eth', 0x3a, 'macvlan1\x00'}}, @TIPC_NLA_BEARER_UDP_OPTS={0x38, 0x4, {{0x14, 0x1, @in={0x2, 0x4e24, @empty}}, {0x20, 0x2, @in6={0xa, 0x4e23, 0xd673, @empty, 0x2}}}}, @TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x18}]}, @TIPC_NLA_MON={0x1c, 0x9, 0x0, 0x1, [@TIPC_NLA_MON_REF={0x8, 0x2, 0x5}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x7}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x4}]}, @TIPC_NLA_MON={0x34, 0x9, 0x0, 0x1, [@TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0xa0e}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x40}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x9}, @TIPC_NLA_MON_REF={0x8, 0x2, 0xec9}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x1f}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x10001}]}]}, 0x258}, 0x1, 0x0, 0x0, 0x40044}, 0x800) ioctl$VT_RESIZEX(r4, 0x560a, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x5}) ioctl$KVM_SET_IRQCHIP(0xffffffffffffffff, 0x8208ae63, &(0x7f0000000300)={0x2, 0x0, @ioapic={0x0, 0x0, 0x0, 0x7fff}}) [ 816.470916] ? do_vfs_ioctl+0xfe0/0xfe0 [ 816.474907] do_syscall_64+0x1d5/0x640 [ 816.478916] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 816.478927] RIP: 0033:0x45cba9 [ 816.478933] RSP: 002b:00007ffa78a28c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 816.478946] RAX: ffffffffffffffda RBX: 00000000004e85c0 RCX: 000000000045cba9 [ 816.478952] RDX: 0000000000000000 RSI: 000000000000ae41 RDI: 0000000000000008 [ 816.478959] RBP: 000000000078c040 R08: 0000000000000000 R09: 0000000000000000 [ 816.478964] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 816.478970] R13: 00000000000003a3 R14: 00000000004c652f R15: 00007ffa78a296d4 03:29:45 executing program 5: openat$adsp1(0xffffffffffffff9c, &(0x7f0000000180)='/dev/adsp1\x00', 0x0, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ioctl$VIDIOC_S_FBUF(r3, 0x4030560b, &(0x7f0000000140)={0x0, 0x1a, &(0x7f0000000040)="b5514fc3a46d3fb9104ac2d53ea61f9dd0d9b1f3e20179028fe042409ef65916bbe90fdf101127ee748be0be16f4b7effbd75cb679aa9cfe0f3e520e3a7c4e8e1fbeca3b3a034792c46c361a81174d3ed6f458b55430540ed0f3ad88f7d4cc770fc25b8f321a5033a9002ba0b2d33d18e96cb26e9f8af8157c88f940dd7ec94c29b5228f21bb27dfccf7d4f8d559c61efe0e88cafb49085785f1181512744e020de29de5921c476527943047b6c228250320e45ff2892f246aa65c29bf97bd53d8920947531e65fad7568f1a7126f74635b667eea5ec8aac3f97fd9493a6e3353e3040d51f1c5ed6a58e36b4237a3a24fda05c78c218494735bd", {0x0, 0x0, 0x3131354f, 0x7, 0x80, 0x7, 0x1, 0xee24}}) 03:29:45 executing program 2: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8d, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000280)={0x38, 0x2, 0x0, 0x0, 0x8}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f00000041c0)=[{{&(0x7f0000000780)=@xdp, 0x80, &(0x7f0000000b40)=[{&(0x7f0000000800)=""/55, 0x37}], 0x1}, 0x405}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) write$P9_RGETLOCK(r2, &(0x7f00000003c0)=ANY=[@ANYBLOB="350000194e621100000000000000000700f0000000000000cabccf258f89fc6da8c395aa018d83e0c6356c5aded74dc7e99c74d427ae85f25c5b80b95c85957da97fba0896741c3b4a18e6f44167ddbe0c0570d3438eccb779ee1311dcdfdf829060face36020a87829ad8dc6794ba8425204fd2014fcb7feb8c886459fe1c0d6e02cda33131a6a09c45c7436506c7f9e71402c4c9f4a71128e7727ee3582fe45a858994ce3dab322c7846ef0af200", @ANYRES32, @ANYBLOB="17007573657ac194ca"], 0x35) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x363) perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x7e, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000380)}, 0x9000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x4000000000000071, 0x0) r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000340)={0x6, 0x0, 0x0, 0x204f}) ioctl$DRM_IOCTL_AGP_FREE(r2, 0x40206435, &(0x7f00000004c0)={0x81, r5, 0x10000, 0x7}) ioctl$SNDRV_PCM_IOCTL_RESUME(r3, 0x4147, 0x0) mount$fuse(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000040)='fuse\x00', 0x0, &(0x7f0000000140)={{'fd', 0x3d, r4}, 0x2c, {'rootmode', 0x3d, 0x807a}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) 03:29:45 executing program 0: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8d, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000280)={0x38, 0x2, 0x0, 0x0, 0x8}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f00000041c0)=[{{&(0x7f0000000780)=@xdp, 0x80, &(0x7f0000000b40)=[{&(0x7f0000000800)=""/55, 0x37}], 0x1}, 0x405}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, 0x0, 0x0) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) write$P9_RGETLOCK(r2, &(0x7f00000003c0)=ANY=[@ANYBLOB="350000194e621100000000000000000700f0000000000000cabccf258f89fc6da8c395aa018d83e0c6356c5aded74dc7e99c74d427ae85f25c5b80b95c85957da97fba0896741c3b4a18e6f44167ddbe0c0570d3438eccb779ee1311dcdfdf829060face36020a87829ad8dc6794ba8425204fd2014fcb7feb8c886459fe1c0d6e02cda33131a6a09c45c7436506c7f9e71402c4c9f4a71128e7727ee3582fe45a858994ce3dab322c7846ef0af200", @ANYRES32, @ANYBLOB="17007573657ac1"], 0x35) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x363) perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x7e, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000380)}, 0x9000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x4000000000000071, 0x0) r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000340)={0x6, 0x0, 0x0, 0x204f}) ioctl$DRM_IOCTL_AGP_FREE(r2, 0x40206435, &(0x7f00000004c0)={0x81, r5, 0x10000, 0x7}) ioctl$SNDRV_PCM_IOCTL_RESUME(r3, 0x4147, 0x0) mount$fuse(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000040)='fuse\x00', 0x0, &(0x7f0000000140)={{'fd', 0x3d, r4}, 0x2c, {'rootmode', 0x3d, 0x807a}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) 03:29:45 executing program 3: r0 = socket$inet(0x2b, 0x1, 0x0) bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e23, @multicast2}, 0x31) connect$inet(r0, &(0x7f0000000100)={0x2, 0x4e22, @local}, 0x10) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ftruncate(r0, 0x8) [ 816.623678] Node 0 DMA32 free:35980kB min:36296kB low:45368kB high:54440kB active_anon:1909956kB inactive_anon:16128kB active_file:28kB inactive_file:4kB unevictable:0kB writepending:0kB present:3129332kB managed:2623992kB mlocked:0kB kernel_stack:12512kB pagetables:45736kB bounce:0kB free_pcp:364kB local_pcp:160kB free_cma:0kB [ 816.623707] lowmem_reserve[]: 0 0 0 0 0 [ 816.623728] Node 0 Normal free:0kB min:0kB low:0kB high:0kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:0kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 816.623749] lowmem_reserve[]: 0 0 0 0 0 [ 816.623765] Node 1 Normal free:975292kB min:53592kB low:66988kB high:80384kB active_anon:2312036kB inactive_anon:32kB active_file:15660kB inactive_file:30740kB unevictable:0kB writepending:0kB present:3932160kB managed:3870192kB mlocked:0kB kernel_stack:32640kB pagetables:79552kB bounce:0kB free_pcp:972kB local_pcp:500kB free_cma:0kB [ 816.623790] lowmem_reserve[]: 0 0 0 0 0 [ 816.623807] Node 0 DMA: 4*4kB (M) 6*8kB (UM) 4*16kB (UM) 5*32kB (UM) 2*64kB (UM) 2*128kB (UM) 0*256kB 1*512kB (M) 1*1024kB (M) 0*2048kB 2*4096kB (ME) = 10400kB [ 816.623877] Node 0 DMA32: 369*4kB (ME) 407*8kB (UME) 93*16kB (UME) 25*32kB (UME) 56*64kB (ME) 38*128kB (UME) 26*256kB (UME) 13*512kB (UM) 7*1024kB (ME) 0*2048kB 0*4096kB = 35948kB [ 816.623945] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 816.624000] Node 1 Normal: 217*4kB (UME) 490*8kB (UME) 198*16kB (UME) 46*32kB (UME) 38*64kB (UME) 49*128kB (UME) 19*256kB (UM) 18*512kB (UM) 9*1024kB (UE) 6*2048kB (UME) 225*4096kB (M) = 975316kB [ 816.624176] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 816.624182] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 816.624188] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 816.624193] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 816.624197] 12689 total pagecache pages [ 816.624206] 0 pages in swap cache [ 816.624213] Swap cache stats: add 0, delete 0, find 0/0 [ 816.624217] Free swap = 0kB [ 816.624221] Total swap = 0kB [ 816.624227] 1965979 pages RAM [ 816.624230] 0 pages HighMem/MovableOnly [ 816.624233] 338456 pages reserved [ 816.624236] 0 pages cma reserved [ 816.657642] syz-executor.1: page allocation failure: order:0, mode:0x14000c4(GFP_KERNEL|GFP_DMA32), nodemask=(null) [ 816.657667] syz-executor.1 cpuset=/ mems_allowed=0-1 [ 816.657688] CPU: 1 PID: 7795 Comm: syz-executor.1 Not tainted 4.14.184-syzkaller #0 [ 816.657694] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 816.657699] Call Trace: [ 816.657718] dump_stack+0x1b2/0x283 [ 816.657734] warn_alloc.cold+0x96/0x1af [ 816.657745] ? zone_watermark_ok_safe+0x250/0x250 [ 816.657762] ? wait_for_completion_io+0x10/0x10 [ 816.657776] __alloc_pages_nodemask+0x2129/0x2730 [ 816.657802] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 816.657812] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 816.657835] ? do_raw_spin_unlock+0x164/0x250 [ 816.657849] alloc_pages_current+0xe7/0x1e0 [ 816.657863] kvm_mmu_create+0xd1/0x1c0 [ 816.657876] kvm_arch_vcpu_init+0x282/0x890 [ 816.657885] ? alloc_pages_current+0xef/0x1e0 [ 816.657897] kvm_vcpu_init+0x26d/0x360 [ 816.657911] vmx_create_vcpu+0xf5/0x2950 [ 816.657924] ? __mutex_unlock_slowpath+0x75/0x780 [ 816.657934] ? drop_futex_key_refs.isra.0+0x17/0x80 [ 816.657946] ? alloc_loaded_vmcs+0x240/0x240 [ 816.657961] kvm_vm_ioctl+0x4ae/0x1430 [ 816.657972] ? __lock_acquire+0x655/0x42a0 [ 816.657982] ? kvm_vcpu_release+0xa0/0xa0 [ 816.657994] ? trace_hardirqs_on+0x10/0x10 [ 816.658009] ? trace_hardirqs_on+0x10/0x10 [ 816.658019] ? futex_exit_release+0x60/0x60 [ 816.658031] ? __might_fault+0x104/0x1b0 [ 816.658042] ? lock_acquire+0x170/0x3f0 [ 816.658052] ? kvm_vcpu_release+0xa0/0xa0 [ 816.658062] do_vfs_ioctl+0x75a/0xfe0 [ 816.658076] ? selinux_parse_skb.constprop.0+0x16c0/0x16c0 [ 816.658086] ? ioctl_preallocate+0x1a0/0x1a0 [ 816.658105] ? security_file_ioctl+0x76/0xb0 [ 816.658115] ? security_file_ioctl+0x83/0xb0 [ 816.658126] SyS_ioctl+0x7f/0xb0 [ 816.658134] ? do_vfs_ioctl+0xfe0/0xfe0 [ 816.658147] do_syscall_64+0x1d5/0x640 [ 816.658173] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 816.658181] RIP: 0033:0x45cba9 [ 816.658186] RSP: 002b:00007f4b1ca47c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 816.658197] RAX: ffffffffffffffda RBX: 00000000004e85c0 RCX: 000000000045cba9 [ 816.658201] RDX: 0000000000000000 RSI: 000000000000ae41 RDI: 0000000000000008 [ 816.658207] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 816.658212] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 816.658219] R13: 00000000000003a3 R14: 00000000004c652f R15: 00007f4b1ca486d4 [ 816.735014] ================================================================== [ 816.735141] BUG: KASAN: slab-out-of-bounds in bit_putcs+0xa8a/0xc00 [ 816.735151] Read of size 1 at addr ffff88808fa11e64 by task syz-executor.1/7804 [ 816.735154] [ 816.735165] CPU: 0 PID: 7804 Comm: syz-executor.1 Not tainted 4.14.184-syzkaller #0 [ 816.735172] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 816.735176] Call Trace: [ 816.735191] dump_stack+0x1b2/0x283 [ 816.735202] ? bit_putcs+0xa8a/0xc00 [ 816.735217] print_address_description.cold+0x54/0x1dc [ 816.735229] ? bit_putcs+0xa8a/0xc00 [ 816.735239] kasan_report.cold+0xa9/0x2b9 [ 816.735251] bit_putcs+0xa8a/0xc00 [ 816.735288] ? bit_cursor+0x1660/0x1660 [ 816.735305] ? fb_get_color_depth+0x5a/0x70 [ 816.735319] ? bit_cursor+0x1660/0x1660 [ 816.735329] fbcon_putcs+0x3bb/0x480 [ 816.735415] do_update_region+0x34b/0x5b0 [ 816.735433] ? con_get_trans_old+0x200/0x200 [ 816.735451] redraw_screen+0x562/0x760 [ 816.735464] ? set_palette+0x130/0x130 [ 816.735480] vc_do_resize+0xbe0/0xde0 [ 816.735500] ? vc_init+0x430/0x430 [ 816.735536] vt_ioctl+0x1a64/0x1f20 [ 816.735549] ? complete_change_console+0x350/0x350 [ 816.735558] ? avc_ss_reset+0x100/0x100 [ 816.735569] ? __lock_acquire+0x655/0x42a0 [ 816.735583] ? __lock_acquire+0x655/0x42a0 [ 816.735594] ? tty_jobctrl_ioctl+0x3b/0xbf0 [ 816.735627] ? complete_change_console+0x350/0x350 [ 816.735676] tty_ioctl+0x6c9/0x1220 [ 816.735689] ? tty_vhangup+0x30/0x30 [ 816.735701] ? trace_hardirqs_on+0x10/0x10 [ 816.735721] ? tty_vhangup+0x30/0x30 [ 816.735731] do_vfs_ioctl+0x75a/0xfe0 [ 816.735743] ? selinux_parse_skb.constprop.0+0x16c0/0x16c0 [ 816.735753] ? ioctl_preallocate+0x1a0/0x1a0 [ 816.735773] ? security_file_ioctl+0x76/0xb0 [ 816.735783] ? security_file_ioctl+0x83/0xb0 [ 816.735793] SyS_ioctl+0x7f/0xb0 [ 816.735800] ? do_vfs_ioctl+0xfe0/0xfe0 [ 816.735813] do_syscall_64+0x1d5/0x640 [ 816.735830] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 816.735838] RIP: 0033:0x45cba9 [ 816.735843] RSP: 002b:00007f4b1ca26c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 816.735853] RAX: ffffffffffffffda RBX: 00000000004f3d80 RCX: 000000000045cba9 [ 816.735859] RDX: 0000000020000000 RSI: 000000000000560a RDI: 000000000000000a [ 816.735865] RBP: 000000000078bfa0 R08: 0000000000000000 R09: 0000000000000000 [ 816.735871] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 816.735876] R13: 0000000000000682 R14: 00000000004c9910 R15: 00007f4b1ca276d4 [ 816.735892] [ 816.735897] Allocated by task 29900: [ 816.735908] kasan_kmalloc.part.0+0x4f/0xd0 [ 816.735916] __kmalloc+0x15a/0x400 [ 816.735922] fbcon_set_font+0x2f8/0x7c0 [ 816.735930] con_font_op+0xb73/0xf70 [ 816.735938] vt_ioctl+0x736/0x1f20 [ 816.735946] tty_ioctl+0x6c9/0x1220 [ 816.735953] do_vfs_ioctl+0x75a/0xfe0 [ 816.735958] SyS_ioctl+0x7f/0xb0 [ 816.735966] do_syscall_64+0x1d5/0x640 [ 816.735974] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 816.735977] [ 816.735980] Freed by task 28844: [ 816.735988] kasan_slab_free+0xaf/0x190 [ 816.735995] kfree+0xcb/0x260 [ 816.736004] skb_free_head+0x83/0xa0 [ 816.736013] skb_release_data+0x57e/0x7d0 [ 816.736021] skb_release_all+0x46/0x60 [ 816.736028] consume_skb+0xa7/0x330 [ 816.736079] netlink_broadcast_filtered+0x2b3/0x9d0 [ 816.736088] kobject_uevent_env+0x819/0xc50 [ 816.736126] device_del+0x642/0xa80 [ 816.736134] device_unregister+0x11/0x30 [ 816.736143] bdi_unregister+0x406/0x5d0 [ 816.736150] bdi_put+0x127/0x160 [ 816.736160] generic_shutdown_super+0x2aa/0x370 [ 816.736168] kill_anon_super+0x38/0x50 [ 816.736176] deactivate_locked_super+0x6c/0xd0 [ 816.736184] deactivate_super+0x7f/0xa0 [ 816.736192] cleanup_mnt+0xad/0x140 [ 816.736201] task_work_run+0x113/0x190 [ 816.736209] exit_to_usermode_loop+0x1ad/0x200 [ 816.736217] do_syscall_64+0x4a3/0x640 [ 816.736226] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 816.736229] [ 816.736236] The buggy address belongs to the object at ffff88808fa11d00 [ 816.736236] which belongs to the cache kmalloc-512 of size 512 [ 816.736243] The buggy address is located 356 bytes inside of [ 816.736243] 512-byte region [ffff88808fa11d00, ffff88808fa11f00) [ 816.736246] The buggy address belongs to the page: [ 816.736255] page:ffffea00023e8440 count:1 mapcount:0 mapping:ffff88808fa11080 index:0xffff88808fa11300 [ 816.736264] flags: 0xfffe0000000100(slab) [ 816.736286] raw: 00fffe0000000100 ffff88808fa11080 ffff88808fa11300 0000000100000003 [ 816.736297] raw: ffffea00023fcd20 ffffea0002524ce0 ffff8880aa800940 0000000000000000 [ 816.736301] page dumped because: kasan: bad access detected [ 816.736303] [ 816.736306] Memory state around the buggy address: [ 816.736314] ffff88808fa11d00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 816.736321] ffff88808fa11d80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 816.736328] >ffff88808fa11e00: 00 00 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 816.736332] ^ [ 816.736339] ffff88808fa11e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 816.736346] ffff88808fa11f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 816.736350] ================================================================== [ 816.736354] Disabling lock debugging due to kernel taint [ 816.740580] Kernel panic - not syncing: panic_on_warn set ... [ 816.740580] [ 816.740592] CPU: 0 PID: 7804 Comm: syz-executor.1 Tainted: G B 4.14.184-syzkaller #0 [ 816.740598] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 816.740601] Call Trace: [ 816.740618] dump_stack+0x1b2/0x283 [ 816.740630] panic+0x1f9/0x42d [ 816.740639] ? add_taint.cold+0x16/0x16 [ 816.740647] ? preempt_schedule_common+0x4a/0xc0 [ 816.740657] ? bit_putcs+0xa8a/0xc00 [ 816.740666] ? ___preempt_schedule+0x16/0x18 [ 816.740676] ? bit_putcs+0xa8a/0xc00 [ 816.740687] kasan_end_report+0x43/0x49 [ 816.740697] kasan_report.cold+0x12f/0x2b9 [ 816.740706] bit_putcs+0xa8a/0xc00 [ 816.740723] ? bit_cursor+0x1660/0x1660 [ 816.740736] ? fb_get_color_depth+0x5a/0x70 [ 816.740748] ? bit_cursor+0x1660/0x1660 [ 816.740756] fbcon_putcs+0x3bb/0x480 [ 816.740769] do_update_region+0x34b/0x5b0 [ 816.740780] ? con_get_trans_old+0x200/0x200 [ 816.740795] redraw_screen+0x562/0x760 [ 816.740805] ? set_palette+0x130/0x130 [ 816.740818] vc_do_resize+0xbe0/0xde0 [ 816.740832] ? vc_init+0x430/0x430 [ 816.740854] vt_ioctl+0x1a64/0x1f20 [ 816.740867] ? complete_change_console+0x350/0x350 [ 816.740877] ? avc_ss_reset+0x100/0x100 [ 816.740886] ? __lock_acquire+0x655/0x42a0 [ 816.740899] ? __lock_acquire+0x655/0x42a0 [ 816.740908] ? tty_jobctrl_ioctl+0x3b/0xbf0 [ 816.740918] ? complete_change_console+0x350/0x350 [ 816.740929] tty_ioctl+0x6c9/0x1220 [ 816.740939] ? tty_vhangup+0x30/0x30 [ 816.740949] ? trace_hardirqs_on+0x10/0x10 [ 816.740965] ? tty_vhangup+0x30/0x30 [ 816.740975] do_vfs_ioctl+0x75a/0xfe0 [ 816.740986] ? selinux_parse_skb.constprop.0+0x16c0/0x16c0 [ 816.740996] ? ioctl_preallocate+0x1a0/0x1a0 [ 816.741012] ? security_file_ioctl+0x76/0xb0 [ 816.741022] ? security_file_ioctl+0x83/0xb0 [ 816.741031] SyS_ioctl+0x7f/0xb0 [ 816.741039] ? do_vfs_ioctl+0xfe0/0xfe0 [ 816.741048] do_syscall_64+0x1d5/0x640 [ 816.741061] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 816.741067] RIP: 0033:0x45cba9 [ 816.741072] RSP: 002b:00007f4b1ca26c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 816.741082] RAX: ffffffffffffffda RBX: 00000000004f3d80 RCX: 000000000045cba9 [ 816.741087] RDX: 0000000020000000 RSI: 000000000000560a RDI: 000000000000000a [ 816.741092] RBP: 000000000078bfa0 R08: 0000000000000000 R09: 0000000000000000 [ 816.741096] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 816.741102] R13: 0000000000000682 R14: 00000000004c9910 R15: 00007f4b1ca276d4 [ 816.742516] Kernel Offset: disabled [ 817.953936] Rebooting in 86400 seconds..