ack+0xc1/0x120 [ 1479.617524] [<000000007c2097d2>] warn_alloc.cold+0x76/0x93 [ 1479.617534] [<00000000de19d6ac>] ? zone_watermark_ok_safe+0x260/0x260 [ 1479.617542] [<00000000298d54b5>] ? avc_has_perm+0x164/0x3a0 [ 1479.617552] [<000000005cb91349>] __vmalloc_node_range+0x368/0x610 [ 1479.617561] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1479.617569] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1479.617578] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1479.617587] [<00000000a2fc1867>] ? task_has_security+0x130/0x270 [ 1479.617593] [<00000000a2870fb6>] vmalloc+0x5c/0x70 [ 1479.617600] [<000000009122b07a>] ? sel_write_load+0x119/0xf60 [ 1479.617606] [<000000009122b07a>] sel_write_load+0x119/0xf60 [ 1479.617613] [<0000000014953e9a>] ? sel_read_bool+0x240/0x240 [ 1479.617622] [<0000000033795d1e>] ? trace_hardirqs_on+0x10/0x10 [ 1479.617629] [<000000008431afd9>] __vfs_write+0x116/0x560 [ 1479.617636] [<0000000014953e9a>] ? sel_read_bool+0x240/0x240 [ 1479.617642] [<00000000b67253ca>] ? __vfs_read+0x550/0x550 [ 1479.617651] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1479.617659] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1479.617668] [<00000000ad48bf15>] ? rcu_read_lock_sched_held+0x10b/0x130 [ 1479.617675] [<00000000a3300644>] ? rcu_sync_lockdep_assert+0x73/0xb0 [ 1479.617683] [<000000003542cfd2>] ? __sb_start_write+0x161/0x310 [ 1479.617690] [<000000006a657c39>] vfs_write+0x185/0x520 [ 1479.617697] [<00000000896b6640>] SyS_write+0x121/0x270 [ 1479.617704] [<0000000039622e10>] ? SyS_read+0x270/0x270 [ 1479.617711] [<00000000207ed57a>] ? do_syscall_64+0x4a/0x5c0 [ 1479.617718] [<0000000039622e10>] ? SyS_read+0x270/0x270 [ 1479.617724] [<000000009049c43c>] do_syscall_64+0x1ad/0x5c0 [ 1479.617734] [<00000000880b3aee>] entry_SYSCALL_64_after_swapgs+0x5d/0xdb [ 1479.617759] Mem-Info: [ 1479.617788] active_anon:188199 inactive_anon:40 isolated_anon:0 [ 1479.617788] active_file:12601 inactive_file:19334 isolated_file:0 [ 1479.617788] unevictable:1 dirty:124 writeback:0 unstable:0 [ 1479.617788] slab_reclaimable:8826 slab_unreclaimable:100439 [ 1479.617788] mapped:59393 shmem:56 pagetables:76206 bounce:0 [ 1479.617788] free:1137182 free_pcp:437 free_cma:0 [ 1479.617806] Node 0 active_anon:752796kB inactive_anon:160kB active_file:50404kB inactive_file:77336kB unevictable:4kB isolated(anon):0kB isolated(file):0kB mapped:237572kB dirty:496kB writeback:0kB shmem:224kB writeback_tmp:0kB unstable:0kB pages_scanned:0 all_unreclaimable? no 22:10:32 executing program 4: socket(0x0, 0x0, 0x8) poll(0x0, 0x0, 0x8000000000000200) creat(&(0x7f00000000c0)='./file0\x00', 0x0) clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r0, &(0x7f0000000300)=ANY=[@ANYBLOB], 0x0) ptrace$setopts(0x4206, 0x0, 0x0, 0x0) wait4(0x0, 0x0, 0x0, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x10000, 0x0, 0x15}) [ 1479.617824] DMA32 free:3012768kB min:4696kB low:7712kB high:10728kB active_anon:8kB inactive_anon:0kB active_file:4kB inactive_file:0kB unevictable:0kB writepending:0kB present:3145324kB managed:3020092kB mlocked:0kB slab_reclaimable:72kB slab_unreclaimable:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:1232kB local_pcp:644kB free_cma:0kB 22:10:32 executing program 0: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) socket(0x0, 0x0, 0x8) poll(0x0, 0x0, 0x8000000000000200) socketpair(0x10, 0x0, 0x0, 0x0) r0 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$TIOCLINUX4(r0, 0x541c, &(0x7f0000000040)) r1 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r2, &(0x7f0000000300)=ANY=[@ANYBLOB], 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x21) wait4(0x0, 0x0, 0x0, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x10000, 0x0, 0x15}) syz_open_pts(0xffffffffffffffff, 0x0) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000540)='/dev/vga_arbiter\x00', 0x511441, 0x0) lowmem_reserve[]: 0 3505 3505 [ 1479.617850] Normal free:1535960kB min:5580kB low:9168kB high:12756kB active_anon:752788kB inactive_anon:160kB active_file:50400kB inactive_file:77336kB unevictable:4kB writepending:496kB present:4718592kB managed:3589316kB mlocked:4kB slab_reclaimable:35232kB slab_unreclaimable:401756kB kernel_stack:96768kB pagetables:304824kB bounce:0kB free_pcp:516kB local_pcp:196kB free_cma:0kB 22:10:32 executing program 1: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x13102000ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket(0x0, 0x0, 0x8) poll(0x0, 0x0, 0x8000000000000200) socketpair(0x10, 0x0, 0xfe, &(0x7f0000000180)) r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$TIOCLINUX4(r1, 0x541c, &(0x7f0000000040)) dup2(r0, 0xffffffffffffffff) r2 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r3, &(0x7f0000000300)=ANY=[], 0x0) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x21) wait4(0x0, 0x0, 0x0, 0x0) syz_open_pts(r0, 0x0) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0xf, &(0x7f00009abffc)=0x5, 0x4) lowmem_reserve[]: 0 0 0 [ 1479.617905] DMA32: 12*4kB (UM) 12*8kB (UME) 7*16kB (UME) 5*32kB (UME) 4*64kB (UM) 6*128kB (UME) 7*256kB (UME) 6*512kB (UME) 4*1024kB (UME) 4*2048kB (UME) 731*4096kB (UM) = 3012768kB Normal: 6*4kB (UME) 10*8kB (UME) 25*16kB (UME) 4*32kB (UME) 57*64kB (ME) 12*128kB (ME) 3*256kB (UE) 3*512kB (U) 4*1024kB (UME) 0*2048kB 372*4096kB (U) = 1535928kB 31988 total pagecache pages [ 1479.617956] 0 pages in swap cache [ 1479.617959] Swap cache stats: add 0, delete 0, find 0/0 [ 1479.617962] Free swap = 0kB [ 1479.617964] Total swap = 0kB [ 1479.617966] 1965979 pages RAM [ 1479.617968] 0 pages HighMem/MovableOnly [ 1479.617970] 313627 pages reserved [ 1479.654431] syz-executor.2: vmalloc: allocation failure: 0 bytes, mode:0x24000c2(GFP_KERNEL|__GFP_HIGHMEM) [ 1479.654442] CPU: 1 PID: 28514 Comm: syz-executor.2 Not tainted 4.9.194+ #0 [ 1479.654457] ffff880124ed7968 ffffffff81b67001 1ffff100249daf2f ffff8801ad4d2f80 [ 1479.654470] ffffffff82aab4e0 0000000000000001 0000000000400000 ffff880124ed7a90 [ 1479.654483] ffffffff815080fc 0000000041b58ab3 ffffffff82e3bc80 ffffffff81431d00 22:10:33 executing program 2: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket(0x0, 0x0, 0x0) poll(0x0, 0x0, 0x0) socketpair(0x10, 0x0, 0xfe, 0x0) fcntl$setown(0xffffffffffffffff, 0x8, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) creat(0x0, 0x0) ioctl$TIOCLINUX4(0xffffffffffffffff, 0x541c, &(0x7f0000000040)) dup2(r0, 0xffffffffffffffff) r1 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r2, &(0x7f0000000300)=ANY=[], 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x21) wait4(0x0, 0x0, 0x0, 0x0) syz_open_pts(0xffffffffffffffff, 0x0) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x0, &(0x7f00009abffc)=0x5, 0x4) 22:10:33 executing program 1: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket(0x0, 0x0, 0x8) poll(0x0, 0x0, 0x8000000000000200) socketpair(0x10, 0x0, 0xfe, &(0x7f0000000180)) r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$TIOCLINUX4(r1, 0x541c, &(0x7f0000000040)) dup2(r0, 0xffffffffffffffff) r2 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r3, &(0x7f0000000300)=ANY=[], 0x0) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x21) wait4(0x0, 0x0, 0x0, 0x0) syz_open_pts(r0, 0x0) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0xf, &(0x7f00009abffc)=0x5, 0x4) [ 1479.654484] Call Trace: [ 1479.654503] [<0000000011681f42>] dump_stack+0xc1/0x120 [ 1479.654519] [<000000007c2097d2>] warn_alloc.cold+0x76/0x93 [ 1479.654531] [<00000000de19d6ac>] ? zone_watermark_ok_safe+0x260/0x260 [ 1479.654541] [<00000000298d54b5>] ? avc_has_perm+0x164/0x3a0 [ 1479.654551] [<000000005cb91349>] __vmalloc_node_range+0x368/0x610 [ 1479.654560] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1479.654568] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1479.654577] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1479.654587] [<00000000a2fc1867>] ? task_has_security+0x130/0x270 [ 1479.654594] [<00000000a2870fb6>] vmalloc+0x5c/0x70 [ 1479.654601] [<000000009122b07a>] ? sel_write_load+0x119/0xf60 [ 1479.654607] [<000000009122b07a>] sel_write_load+0x119/0xf60 [ 1479.654614] [<0000000014953e9a>] ? sel_read_bool+0x240/0x240 [ 1479.654624] [<0000000033795d1e>] ? trace_hardirqs_on+0x10/0x10 [ 1479.654640] [<000000008431afd9>] __vfs_write+0x116/0x560 [ 1479.654650] [<0000000014953e9a>] ? sel_read_bool+0x240/0x240 [ 1479.654658] [<00000000b67253ca>] ? __vfs_read+0x550/0x550 22:10:33 executing program 4: perf_event_open(0x0, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) socket(0x0, 0x0, 0x8) poll(0x0, 0x0, 0x8000000000000200) creat(&(0x7f00000000c0)='./file0\x00', 0x0) clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r0, &(0x7f0000000300)=ANY=[@ANYBLOB], 0x0) ptrace$setopts(0x4206, 0x0, 0x0, 0x0) wait4(0x0, 0x0, 0x0, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x10000, 0x0, 0x15}) 22:10:33 executing program 2: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket(0x0, 0x0, 0x0) poll(0x0, 0x0, 0x0) socketpair(0x10, 0x0, 0xfe, 0x0) fcntl$setown(0xffffffffffffffff, 0x8, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) creat(0x0, 0x0) ioctl$TIOCLINUX4(0xffffffffffffffff, 0x541c, &(0x7f0000000040)) dup2(r0, 0xffffffffffffffff) r1 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r2, &(0x7f0000000300)=ANY=[], 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x21) wait4(0x0, 0x0, 0x0, 0x0) syz_open_pts(0xffffffffffffffff, 0x0) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x0, &(0x7f00009abffc)=0x5, 0x4) [ 1479.654672] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1479.654681] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 22:10:33 executing program 5: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x448, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x13102000ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket(0x5, 0xa, 0x8) poll(0x0, 0x0, 0x8000000000000200) socketpair(0x10, 0x0, 0xfe, 0x0) fcntl$setown(0xffffffffffffffff, 0x8, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = creat(0x0, 0x0) ioctl$TIOCLINUX4(r1, 0x541c, &(0x7f0000000040)) dup2(r0, 0xffffffffffffffff) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r3, &(0x7f0000000300)=ANY=[@ANYBLOB="2422cdb3dbc96a0d7dab17ee1da68e97a75c2d1a34e7ee02004c4ac61b6783adf4b78165e6c18fe6e6e9de0eb40ab9b6372acb8457a07f40768a79fdc462e6b4a93479179acce26e9a881ad88e9bda56bc45b955bd137eb6a10faae485df2055d290b5f5949c6c1ef54dacde"], 0x6c) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x21) wait4(0x0, 0x0, 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x10000, 0x0, 0x15}) syz_open_pts(r0, 0x0) getxattr(&(0x7f0000000240)='./file0\x00', &(0x7f0000000280)=@known='com.apple.system.Security\x00', &(0x7f00000002c0)=""/41, 0x29) accept$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @initdev}, &(0x7f00000001c0)=0x10) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0xf, &(0x7f00009abffc)=0x5, 0x4) r4 = socket(0xa, 0x2, 0x0) getsockopt$sock_cred(r4, 0x1, 0x11, 0x0, &(0x7f0000cab000)) fcntl$getownex(r4, 0x10, &(0x7f0000000500)) openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000540)='/dev/vga_arbiter\x00', 0x511441, 0x0) [ 1479.654689] [<00000000ad48bf15>] ? rcu_read_lock_sched_held+0x10b/0x130 [ 1479.654696] [<00000000a3300644>] ? rcu_sync_lockdep_assert+0x73/0xb0 [ 1479.654705] [<000000003542cfd2>] ? __sb_start_write+0x161/0x310 [ 1479.654712] [<000000006a657c39>] vfs_write+0x185/0x520 22:10:33 executing program 3: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket(0x0, 0x0, 0x8) poll(0x0, 0x0, 0x8000000000000200) r0 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$TIOCLINUX4(r0, 0x541c, &(0x7f0000000040)) r1 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r2, &(0x7f0000000300)=ANY=[@ANYBLOB], 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x21) wait4(0x0, 0x0, 0x0, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x10000, 0x0, 0x15}) syz_open_pts(0xffffffffffffffff, 0x0) 22:10:33 executing program 0: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) socket(0x0, 0x0, 0x8) poll(0x0, 0x0, 0x8000000000000200) socketpair(0x10, 0x0, 0x0, 0x0) r0 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$TIOCLINUX4(r0, 0x541c, &(0x7f0000000040)) r1 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r2, &(0x7f0000000300)=ANY=[@ANYBLOB], 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x21) wait4(0x0, 0x0, 0x0, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x10000, 0x0, 0x15}) syz_open_pts(0xffffffffffffffff, 0x0) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000540)='/dev/vga_arbiter\x00', 0x511441, 0x0) [ 1479.654719] [<00000000896b6640>] SyS_write+0x121/0x270 [ 1479.654726] [<0000000039622e10>] ? SyS_read+0x270/0x270 [ 1479.654734] [<00000000207ed57a>] ? do_syscall_64+0x4a/0x5c0 [ 1479.654741] [<0000000039622e10>] ? SyS_read+0x270/0x270 [ 1479.654747] [<000000009049c43c>] do_syscall_64+0x1ad/0x5c0 [ 1479.654763] [<00000000880b3aee>] entry_SYSCALL_64_after_swapgs+0x5d/0xdb [ 1479.654795] Mem-Info: [ 1479.654818] active_anon:188249 inactive_anon:40 isolated_anon:0 22:10:33 executing program 2: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket(0x0, 0x0, 0x0) poll(0x0, 0x0, 0x0) socketpair(0x10, 0x0, 0xfe, 0x0) fcntl$setown(0xffffffffffffffff, 0x8, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) creat(0x0, 0x0) ioctl$TIOCLINUX4(0xffffffffffffffff, 0x541c, &(0x7f0000000040)) dup2(r0, 0xffffffffffffffff) r1 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r2, &(0x7f0000000300)=ANY=[], 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x21) wait4(0x0, 0x0, 0x0, 0x0) syz_open_pts(0xffffffffffffffff, 0x0) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x0, &(0x7f00009abffc)=0x5, 0x4) [ 1479.654818] active_file:12601 inactive_file:19334 isolated_file:0 [ 1479.654818] unevictable:1 dirty:124 writeback:0 unstable:0 [ 1479.654818] slab_reclaimable:8826 slab_unreclaimable:100439 [ 1479.654818] mapped:59393 shmem:56 pagetables:76206 bounce:0 [ 1479.654818] free:1137182 free_pcp:439 free_cma:0 [ 1479.654834] Node 0 active_anon:752996kB inactive_anon:160kB active_file:50404kB inactive_file:77336kB unevictable:4kB isolated(anon):0kB isolated(file):0kB mapped:237572kB dirty:496kB writeback:0kB shmem:224kB writeback_tmp:0kB unstable:0kB pages_scanned:0 all_unreclaimable? no [ 1479.654852] DMA32 free:3012768kB min:4696kB low:7712kB high:10728kB active_anon:8kB inactive_anon:0kB active_file:4kB inactive_file:0kB unevictable:0kB writepending:0kB present:3145324kB managed:3020092kB mlocked:0kB slab_reclaimable:72kB slab_unreclaimable:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:1232kB local_pcp:644kB free_cma:0kB lowmem_reserve[]: 0 3505 3505 [ 1479.654880] Normal free:1535960kB min:5580kB low:9168kB high:12756kB active_anon:752988kB inactive_anon:160kB active_file:50400kB inactive_file:77336kB unevictable:4kB writepending:496kB present:4718592kB managed:3589316kB mlocked:4kB slab_reclaimable:35232kB slab_unreclaimable:401756kB kernel_stack:96704kB pagetables:304824kB bounce:0kB free_pcp:524kB local_pcp:224kB free_cma:0kB lowmem_reserve[]: 0 0 0 22:10:34 executing program 4: perf_event_open(0x0, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) socket(0x0, 0x0, 0x8) poll(0x0, 0x0, 0x8000000000000200) creat(&(0x7f00000000c0)='./file0\x00', 0x0) clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r0, &(0x7f0000000300)=ANY=[@ANYBLOB], 0x0) ptrace$setopts(0x4206, 0x0, 0x0, 0x0) wait4(0x0, 0x0, 0x0, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x10000, 0x0, 0x15}) [ 1479.654936] DMA32: 12*4kB (UM) 12*8kB (UME) 7*16kB (UME) 5*32kB (UME) 4*64kB (UM) 6*128kB (UME) 7*256kB (UME) 6*512kB (UME) 4*1024kB (UME) 4*2048kB (UME) 731*4096kB (UM) = 3012768kB Normal: 5*4kB (UE) 9*8kB (UE) 24*16kB (UE) 3*32kB (UE) 57*64kB (UME) 12*128kB (ME) 3*256kB (UE) 3*512kB (U) 4*1024kB (UME) 0*2048kB 372*4096kB (U) = 1535868kB 31988 total pagecache pages [ 1479.654988] 0 pages in swap cache [ 1479.654992] Swap cache stats: add 0, delete 0, find 0/0 [ 1479.654994] Free swap = 0kB [ 1479.654996] Total swap = 0kB [ 1479.654998] 1965979 pages RAM 22:10:34 executing program 5: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x13102000ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket(0x0, 0x0, 0x8) poll(0x0, 0x0, 0x8000000000000200) socketpair(0x10, 0x0, 0xfe, &(0x7f0000000180)) fcntl$setown(0xffffffffffffffff, 0x8, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$TIOCLINUX4(r1, 0x541c, &(0x7f0000000040)) r2 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r3, &(0x7f0000000300)=ANY=[], 0x0) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x21) wait4(0x0, 0x0, 0x0, 0x0) syz_open_pts(r0, 0x0) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0xf, &(0x7f00009abffc)=0x5, 0x4) [ 1479.655001] 0 pages HighMem/MovableOnly 22:10:34 executing program 1: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket(0x0, 0x0, 0x8) poll(0x0, 0x0, 0x8000000000000200) socketpair(0x10, 0x0, 0xfe, &(0x7f0000000180)) r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$TIOCLINUX4(r1, 0x541c, &(0x7f0000000040)) dup2(r0, 0xffffffffffffffff) r2 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r3, &(0x7f0000000300)=ANY=[], 0x0) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x21) wait4(0x0, 0x0, 0x0, 0x0) syz_open_pts(r0, 0x0) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0xf, &(0x7f00009abffc)=0x5, 0x4) [ 1479.655003] 313627 pages reserved [ 1481.965669] syz-executor.2: vmalloc: allocation failure: 0 bytes, mode:0x24000c2(GFP_KERNEL|__GFP_HIGHMEM) [ 1481.965679] CPU: 1 PID: 28531 Comm: syz-executor.2 Not tainted 4.9.194+ #0 [ 1481.965696] ffff880124507968 ffffffff81b67001 1ffff100248a0f2f ffff88012bb697c0 [ 1481.965708] ffffffff82aab4e0 0000000000000001 0000000000400000 ffff880124507a90 [ 1481.965720] ffffffff815080fc 0000000041b58ab3 ffffffff82e3bc80 ffffffff81431d00 [ 1481.965722] Call Trace: [ 1481.965739] [<0000000011681f42>] dump_stack+0xc1/0x120 [ 1481.965754] [<000000007c2097d2>] warn_alloc.cold+0x76/0x93 [ 1481.965766] [<00000000de19d6ac>] ? zone_watermark_ok_safe+0x260/0x260 [ 1481.965775] [<00000000298d54b5>] ? avc_has_perm+0x164/0x3a0 [ 1481.965788] [<000000005cb91349>] __vmalloc_node_range+0x368/0x610 [ 1481.965796] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1481.965804] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1481.965813] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1481.965823] [<00000000a2fc1867>] ? task_has_security+0x130/0x270 [ 1481.965831] [<00000000a2870fb6>] vmalloc+0x5c/0x70 [ 1481.965838] [<000000009122b07a>] ? sel_write_load+0x119/0xf60 [ 1481.965845] [<000000009122b07a>] sel_write_load+0x119/0xf60 [ 1481.965852] [<0000000014953e9a>] ? sel_read_bool+0x240/0x240 [ 1481.965862] [<0000000033795d1e>] ? trace_hardirqs_on+0x10/0x10 [ 1481.965871] [<000000008431afd9>] __vfs_write+0x116/0x560 [ 1481.965878] [<0000000014953e9a>] ? sel_read_bool+0x240/0x240 [ 1481.965886] [<00000000b67253ca>] ? __vfs_read+0x550/0x550 [ 1481.965895] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1481.965904] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 ** 18 printk messages dropped ** [ 1481.966177] Normal: 5*4kB (UE) 11*8kB (UME) 27*16kB (UME) 1*32kB (M) 57*64kB (UME) 12*128kB (ME) 2*256kB (E) 3*512kB (U) 4*1024kB (UME) 0*2048kB 372*4096kB (U) = 1535612kB 31993 total pagecache pages [ 1481.966185] 0 pages in swap cache [ 1481.966189] Swap cache stats: add 0, delete 0, find 0/0 [ 1481.966192] Free swap = 0kB [ 1481.966194] Total swap = 0kB [ 1481.966197] 1965979 pages RAM [ 1481.966199] 0 pages HighMem/MovableOnly [ 1481.966202] 313627 pages reserved [ 1481.971851] syz-executor.0: vmalloc: allocation failure: 0 bytes, mode:0x24000c2(GFP_KERNEL|__GFP_HIGHMEM) [ 1481.971858] CPU: 1 PID: 28540 Comm: syz-executor.0 Not tainted 4.9.194+ #0 [ 1481.971870] ffff880112f37968 ffffffff81b67001 1ffff100225e6f2f ffff880132080000 [ 1481.971879] ffffffff82aab4e0 0000000000000001 0000000000400000 ffff880112f37a90 [ 1481.971888] ffffffff815080fc 0000000041b58ab3 ffffffff82e3bc80 ffffffff81431d00 [ 1481.971889] Call Trace: 22:10:35 executing program 4: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket(0x0, 0x0, 0x8) poll(0x0, 0x0, 0x8000000000000200) creat(&(0x7f00000000c0)='./file0\x00', 0x0) clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r0, &(0x7f0000000300)=ANY=[@ANYBLOB], 0x0) ptrace$setopts(0x4206, 0x0, 0x0, 0x0) wait4(0x0, 0x0, 0x0, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x10000, 0x0, 0x15}) [ 1481.971902] [<0000000011681f42>] dump_stack+0xc1/0x120 [ 1481.971912] [<000000007c2097d2>] warn_alloc.cold+0x76/0x93 [ 1481.971920] [<00000000de19d6ac>] ? zone_watermark_ok_safe+0x260/0x260 [ 1481.971927] [<00000000298d54b5>] ? avc_has_perm+0x164/0x3a0 [ 1481.971936] [<000000005cb91349>] __vmalloc_node_range+0x368/0x610 [ 1481.971944] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1481.971950] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1481.971957] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1481.971965] [<00000000a2fc1867>] ? task_has_security+0x130/0x270 [ 1481.971970] [<00000000a2870fb6>] vmalloc+0x5c/0x70 [ 1481.971976] [<000000009122b07a>] ? sel_write_load+0x119/0xf60 [ 1481.971981] [<000000009122b07a>] sel_write_load+0x119/0xf60 [ 1481.971986] [<0000000014953e9a>] ? sel_read_bool+0x240/0x240 [ 1481.971993] [<0000000033795d1e>] ? trace_hardirqs_on+0x10/0x10 22:10:35 executing program 5: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x13102000ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket(0x0, 0x0, 0x8) poll(0x0, 0x0, 0x8000000000000200) socketpair(0x10, 0x0, 0xfe, &(0x7f0000000180)) fcntl$setown(0xffffffffffffffff, 0x8, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$TIOCLINUX4(r1, 0x541c, &(0x7f0000000040)) r2 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r3, &(0x7f0000000300)=ANY=[], 0x0) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x21) wait4(0x0, 0x0, 0x0, 0x0) syz_open_pts(r0, 0x0) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0xf, &(0x7f00009abffc)=0x5, 0x4) [ 1481.971999] [<000000008431afd9>] __vfs_write+0x116/0x560 [ 1481.972004] [<0000000014953e9a>] ? sel_read_bool+0x240/0x240 [ 1481.972009] [<00000000b67253ca>] ? __vfs_read+0x550/0x550 [ 1481.972016] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1481.972023] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1481.972029] [<00000000ad48bf15>] ? rcu_read_lock_sched_held+0x10b/0x130 [ 1481.972035] [<00000000a3300644>] ? rcu_sync_lockdep_assert+0x73/0xb0 [ 1481.972041] [<000000003542cfd2>] ? __sb_start_write+0x161/0x310 [ 1481.972046] [<000000006a657c39>] vfs_write+0x185/0x520 [ 1481.972052] [<00000000896b6640>] SyS_write+0x121/0x270 [ 1481.972057] [<0000000039622e10>] ? SyS_read+0x270/0x270 [ 1481.972063] [<00000000207ed57a>] ? do_syscall_64+0x4a/0x5c0 [ 1481.972069] [<0000000039622e10>] ? SyS_read+0x270/0x270 [ 1481.972074] [<000000009049c43c>] do_syscall_64+0x1ad/0x5c0 [ 1481.972082] [<00000000880b3aee>] entry_SYSCALL_64_after_swapgs+0x5d/0xdb [ 1481.972084] Mem-Info: [ 1481.972104] active_anon:188224 inactive_anon:40 isolated_anon:0 [ 1481.972104] active_file:12606 inactive_file:19334 isolated_file:0 [ 1481.972104] unevictable:1 dirty:127 writeback:0 unstable:0 [ 1481.972104] slab_reclaimable:8834 slab_unreclaimable:100416 [ 1481.972104] mapped:59393 shmem:56 pagetables:76219 bounce:0 [ 1481.972104] free:1137125 free_pcp:521 free_cma:0 22:10:35 executing program 1: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket(0x0, 0x0, 0x8) poll(0x0, 0x0, 0x8000000000000200) socketpair(0x10, 0x0, 0xfe, &(0x7f0000000180)) r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$TIOCLINUX4(r1, 0x541c, &(0x7f0000000040)) dup2(r0, 0xffffffffffffffff) r2 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r3, &(0x7f0000000300)=ANY=[], 0x0) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x21) wait4(0x0, 0x0, 0x0, 0x0) syz_open_pts(r0, 0x0) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0xf, &(0x7f00009abffc)=0x5, 0x4) 22:10:35 executing program 5: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x13102000ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket(0x0, 0x0, 0x8) poll(0x0, 0x0, 0x8000000000000200) socketpair(0x10, 0x0, 0xfe, &(0x7f0000000180)) fcntl$setown(0xffffffffffffffff, 0x8, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$TIOCLINUX4(r1, 0x541c, &(0x7f0000000040)) r2 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r3, &(0x7f0000000300)=ANY=[], 0x0) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x21) wait4(0x0, 0x0, 0x0, 0x0) syz_open_pts(r0, 0x0) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0xf, &(0x7f00009abffc)=0x5, 0x4) ** 6 printk messages dropped ** [ 1481.972231] Normal: 5*4kB (ME) 8*8kB (E) 24*16kB (UE) 13*32kB (UM) 56*64kB (UME) 13*128kB (UME) 3*256kB (UE) 2*512kB (U) 4*1024kB (UME) 0*2048kB 372*4096kB (U) = 1535732kB ** 52 printk messages dropped ** [ 1481.982260] DMA32: 12*4kB (UM) 12*8kB (UME) 7*16kB (UME) 5*32kB (UME) 4*64kB (UM) 6*128kB (UME) 7*256kB (UME) 6*512kB (UME) 4*1024kB (UME) 4*2048kB (UME) 731*4096kB (UM) = 3012768kB Normal: 5*4kB (ME) 8*8kB (E) 24*16kB (UE) 13*32kB (UM) 56*64kB (UME) 13*128kB (UME) 3*256kB (UE) 2*512kB (U) 4*1024kB (UME) 0*2048kB 372*4096kB (U) = 1535732kB 31993 total pagecache pages [ 1481.982493] 0 pages in swap cache [ 1481.982500] Swap cache stats: add 0, delete 0, find 0/0 [ 1481.982512] Free swap = 0kB [ 1481.982514] Total swap = 0kB [ 1481.982559] 1965979 pages RAM [ 1481.982572] 0 pages HighMem/MovableOnly [ 1481.982578] 313627 pages reserved [ 1482.410516] SELinux: policydb magic number 0xb3cd2224 does not match expected magic number 0xf97cff8c [ 1485.215678] warn_alloc: 8 callbacks suppressed [ 1485.215747] syz-executor.4: vmalloc: allocation failure: 0 bytes, mode:0x24000c2(GFP_KERNEL|__GFP_HIGHMEM) [ 1485.215779] CPU: 1 PID: 28606 Comm: syz-executor.4 Not tainted 4.9.194+ #0 [ 1485.215795] ffff880139ca7968 ffffffff81b67001 1ffff10027394f2f ffff88013868df00 [ 1485.215806] ffffffff82aab4e0 0000000000000001 0000000000400000 ffff880139ca7a90 [ 1485.215818] ffffffff815080fc 0000000041b58ab3 ffffffff82e3bc80 ffffffff81431d00 [ 1485.215819] Call Trace: [ 1485.215834] [<0000000011681f42>] dump_stack+0xc1/0x120 [ 1485.215847] [<000000007c2097d2>] warn_alloc.cold+0x76/0x93 [ 1485.215856] [<00000000de19d6ac>] ? zone_watermark_ok_safe+0x260/0x260 [ 1485.215868] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1485.215877] [<000000005cb91349>] __vmalloc_node_range+0x368/0x610 [ 1485.215885] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 22:10:35 executing program 5: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x448, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x13102000ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket(0x0, 0xa, 0x8) poll(0x0, 0x0, 0x8000000000000200) socketpair(0x10, 0x0, 0xfe, &(0x7f0000000180)) fcntl$setown(0xffffffffffffffff, 0x8, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$TIOCLINUX4(r1, 0x541c, &(0x7f0000000040)) dup2(r0, 0xffffffffffffffff) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r3, &(0x7f0000000300)=ANY=[@ANYBLOB="2422cdb3dbc96a0d7dab17ee1da68e97a75c2d1a34e7ee02004c4ac61b6783adf4b78165e6c18fe6e6e9de0eb40ab9b6372acb8457a07f40768a79fdc462e6b4a93479179acce26e9a881ad88e9bda56bc45b955bd137eb6a10faae485df2055d290b5f5949c6c1ef54dacde51e41b3b831d091296afdcea0a3f90167c64236701a6a66a7585617a81295c82c330caf32cb6b5240766739a217b22cf41bbab5aeb327feb5109ed16a6ddd2009b475825c0dd02dbec6e612072ce7fd70ed9305446a8b45b7a9ff355b3cff9707fe8ba6b03c1d1269b59308a"], 0x1) ptrace$setopts(0x4206, r2, 0x0, 0x0) wait4(0x0, 0x0, 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x10000, 0x0, 0x15}) syz_open_pts(r0, 0x0) accept$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @initdev}, &(0x7f00000001c0)=0x10) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0xf, &(0x7f00009abffc)=0x5, 0x4) openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000540)='/dev/vga_arbiter\x00', 0x511441, 0x0) 22:10:35 executing program 4: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket(0x0, 0x0, 0x8) poll(0x0, 0x0, 0x8000000000000200) creat(&(0x7f00000000c0)='./file0\x00', 0x0) clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r0, &(0x7f0000000300)=ANY=[@ANYBLOB], 0x0) ptrace$setopts(0x4206, 0x0, 0x0, 0x0) wait4(0x0, 0x0, 0x0, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x10000, 0x0, 0x15}) [ 1485.215894] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 ** 30 printk messages dropped ** [ 1485.216383] lowmem_reserve[]: 0 0 0 [ 1485.216596] DMA32: 12*4kB (UM) 12*8kB (UME) 7*16kB (UME) 5*32kB (UME) 4*64kB (UM) 6*128kB (UME) 7*256kB (UME) 6*512kB (UME) 4*1024kB (UME) 4*2048kB (UME) 731*4096kB (UM) = 3012768kB Normal: 6*4kB (UE) 23*8kB (UE) 26*16kB (UE) 7*32kB (UME) 50*64kB (UM) 13*128kB (UME) 3*256kB (UE) 1*512kB (U) 4*1024kB (UME) 0*2048kB 372*4096kB (U) = 1534800kB 32000 total pagecache pages [ 1485.216832] 0 pages in swap cache [ 1485.216846] Swap cache stats: add 0, delete 0, find 0/0 [ 1485.216851] Free swap = 0kB [ 1485.216863] Total swap = 0kB [ 1485.216866] 1965979 pages RAM [ 1485.216871] 0 pages HighMem/MovableOnly [ 1485.216892] 313627 pages reserved [ 1485.265962] syz-executor.2: vmalloc: allocation failure: 0 bytes, mode:0x24000c2(GFP_KERNEL|__GFP_HIGHMEM) ** 40 printk messages dropped ** [ 1485.266360] lowmem_reserve[]: 0 0 0 [ 1485.266408] DMA32: 12*4kB (UM) 12*8kB (UME) 7*16kB (UME) 5*32kB (UME) 4*64kB (UM) 6*128kB (UME) 7*256kB (UME) 6*512kB (UME) 4*1024kB (UME) 4*2048kB (UME) 731*4096kB (UM) = 3012768kB Normal: 6*4kB (UE) 23*8kB (UE) 26*16kB (UE) 12*32kB (UME) 50*64kB (UM) 13*128kB (UME) 3*256kB (UE) 1*512kB (U) 4*1024kB (UME) 0*2048kB 372*4096kB (U) = 1534960kB 32000 total pagecache pages [ 1485.266460] 0 pages in swap cache [ 1485.266464] Swap cache stats: add 0, delete 0, find 0/0 [ 1485.266466] Free swap = 0kB [ 1485.266468] Total swap = 0kB [ 1485.266470] 1965979 pages RAM [ 1485.266472] 0 pages HighMem/MovableOnly [ 1485.266474] 313627 pages reserved [ 1485.285889] syz-executor.3: vmalloc: allocation failure: 0 bytes, mode:0x24000c2(GFP_KERNEL|__GFP_HIGHMEM) [ 1485.285896] CPU: 0 PID: 28620 Comm: syz-executor.3 Not tainted 4.9.194+ #0 [ 1485.285909] ffff88011d34f968 ffffffff81b67001 1ffff10023a69f2f ffff88012acdc740 [ 1485.285918] ffffffff82aab4e0 0000000000000001 0000000000400000 ffff88011d34fa90 [ 1485.285927] ffffffff815080fc 0000000041b58ab3 ffffffff82e3bc80 ffffffff81431d00 [ 1485.285929] Call Trace: [ 1485.285942] [<0000000011681f42>] dump_stack+0xc1/0x120 [ 1485.285957] [<000000007c2097d2>] warn_alloc.cold+0x76/0x93 [ 1485.285968] [<00000000de19d6ac>] ? zone_watermark_ok_safe+0x260/0x260 [ 1485.285975] [<00000000298d54b5>] ? avc_has_perm+0x164/0x3a0 [ 1485.285988] [<000000005cb91349>] __vmalloc_node_range+0x368/0x610 [ 1485.285997] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1485.286005] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1485.286012] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1485.286020] [<00000000a2fc1867>] ? task_has_security+0x130/0x270 [ 1485.286027] [<00000000a2870fb6>] vmalloc+0x5c/0x70 [ 1485.286036] [<000000009122b07a>] ? sel_write_load+0x119/0xf60 [ 1485.286042] [<000000009122b07a>] sel_write_load+0x119/0xf60 [ 1485.286048] [<0000000014953e9a>] ? sel_read_bool+0x240/0x240 [ 1485.286056] [<0000000033795d1e>] ? trace_hardirqs_on+0x10/0x10 [ 1485.286063] [<000000008431afd9>] __vfs_write+0x116/0x560 [ 1485.286069] [<0000000014953e9a>] ? sel_read_bool+0x240/0x240 [ 1485.286075] [<00000000b67253ca>] ? __vfs_read+0x550/0x550 [ 1485.286083] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1485.286090] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1485.286098] [<00000000ad48bf15>] ? rcu_read_lock_sched_held+0x10b/0x130 [ 1485.286104] [<00000000a3300644>] ? rcu_sync_lockdep_assert+0x73/0xb0 [ 1485.286111] [<000000003542cfd2>] ? __sb_start_write+0x161/0x310 [ 1485.286118] [<000000006a657c39>] vfs_write+0x185/0x520 [ 1485.286124] [<00000000896b6640>] SyS_write+0x121/0x270 [ 1485.286134] [<0000000039622e10>] ? SyS_read+0x270/0x270 [ 1485.286146] [<00000000207ed57a>] ? do_syscall_64+0x4a/0x5c0 [ 1485.286153] [<0000000039622e10>] ? SyS_read+0x270/0x270 [ 1485.286159] [<000000009049c43c>] do_syscall_64+0x1ad/0x5c0 [ 1485.286167] [<00000000880b3aee>] entry_SYSCALL_64_after_swapgs+0x5d/0xdb [ 1485.286170] Mem-Info: [ 1485.286186] active_anon:188285 inactive_anon:40 isolated_anon:0 [ 1485.286186] active_file:12613 inactive_file:19334 isolated_file:0 [ 1485.286186] unevictable:1 dirty:134 writeback:0 unstable:0 [ 1485.286186] slab_reclaimable:8854 slab_unreclaimable:100385 [ 1485.286186] mapped:59368 shmem:56 pagetables:76274 bounce:0 [ 1485.286186] free:1136924 free_pcp:522 free_cma:0 [ 1485.286198] Node 0 active_anon:753140kB inactive_anon:160kB active_file:50452kB inactive_file:77336kB unevictable:4kB isolated(anon):0kB isolated(file):0kB mapped:237472kB dirty:536kB writeback:0kB shmem:224kB writeback_tmp:0kB unstable:0kB pages_scanned:0 all_unreclaimable? no [ 1485.286220] DMA32 free:3012768kB min:4696kB low:7712kB high:10728kB active_anon:8kB inactive_anon:0kB active_file:4kB inactive_file:0kB unevictable:0kB writepending:0kB present:3145324kB managed:3020092kB mlocked:0kB slab_reclaimable:72kB slab_unreclaimable:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:1232kB local_pcp:588kB free_cma:0kB lowmem_reserve[]: 0 3505 3505 [ 1485.286244] Normal free:1534928kB min:5580kB low:9168kB high:12756kB active_anon:753132kB inactive_anon:160kB active_file:50448kB inactive_file:77336kB unevictable:4kB writepending:536kB present:4718592kB managed:3589316kB mlocked:4kB slab_reclaimable:35344kB slab_unreclaimable:401540kB kernel_stack:96832kB pagetables:305096kB bounce:0kB free_pcp:856kB local_pcp:308kB free_cma:0kB lowmem_reserve[]: 0 0 0 [ 1485.286296] DMA32: 12*4kB (UM) 12*8kB (UME) 7*16kB (UME) 5*32kB (UME) 4*64kB (UM) 6*128kB (UME) 7*256kB (UME) 6*512kB (UME) 4*1024kB (UME) 4*2048kB (UME) 731*4096kB (UM) = 3012768kB Normal: 6*4kB (UE) 23*8kB (UE) 26*16kB (UE) 13*32kB (UME) 50*64kB (UM) 13*128kB (UME) 3*256kB (UE) 1*512kB (U) 4*1024kB (UME) 0*2048kB 372*4096kB (U) = 1534992kB 32000 total pagecache pages [ 1485.286344] 0 pages in swap cache [ 1485.286347] Swap cache stats: add 0, delete 0, find 0/0 [ 1485.286349] Free swap = 0kB [ 1485.286355] Total swap = 0kB [ 1485.286357] 1965979 pages RAM [ 1485.286359] 0 pages HighMem/MovableOnly [ 1485.286361] 313627 pages reserved [ 1485.313670] syz-executor.0: vmalloc: allocation failure: 0 bytes, mode:0x24000c2(GFP_KERNEL|__GFP_HIGHMEM) [ 1485.313682] CPU: 0 PID: 28618 Comm: syz-executor.0 Not tainted 4.9.194+ #0 [ 1485.313696] ffff88013878f968 ffffffff81b67001 1ffff100270f1f2f ffff88012c68c740 [ 1485.313709] ffffffff82aab4e0 0000000000000001 0000000000400000 ffff88013878fa90 [ 1485.313721] ffffffff815080fc 0000000041b58ab3 ffffffff82e3bc80 ffffffff81431d00 [ 1485.313723] Call Trace: [ 1485.313742] [<0000000011681f42>] dump_stack+0xc1/0x120 [ 1485.313764] [<000000007c2097d2>] warn_alloc.cold+0x76/0x93 [ 1485.313774] [<00000000de19d6ac>] ? zone_watermark_ok_safe+0x260/0x260 [ 1485.313782] [<00000000298d54b5>] ? avc_has_perm+0x164/0x3a0 [ 1485.313792] [<000000005cb91349>] __vmalloc_node_range+0x368/0x610 [ 1485.313802] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1485.313811] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 22:10:36 executing program 3: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket(0x0, 0x0, 0x0) poll(0x0, 0x0, 0x8000000000000200) r0 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$TIOCLINUX4(r0, 0x541c, &(0x7f0000000040)) r1 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r2, &(0x7f0000000300)=ANY=[@ANYBLOB], 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x21) wait4(0x0, 0x0, 0x0, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x10000, 0x0, 0x15}) syz_open_pts(0xffffffffffffffff, 0x0) [ 1485.313819] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1485.313829] [<00000000a2fc1867>] ? task_has_security+0x130/0x270 [ 1485.313836] [<00000000a2870fb6>] vmalloc+0x5c/0x70 [ 1485.313843] [<000000009122b07a>] ? sel_write_load+0x119/0xf60 [ 1485.313850] [<000000009122b07a>] sel_write_load+0x119/0xf60 [ 1485.313857] [<0000000014953e9a>] ? sel_read_bool+0x240/0x240 [ 1485.313866] [<0000000033795d1e>] ? trace_hardirqs_on+0x10/0x10 [ 1485.313874] [<000000008431afd9>] __vfs_write+0x116/0x560 [ 1485.313882] [<0000000014953e9a>] ? sel_read_bool+0x240/0x240 [ 1485.313889] [<00000000b67253ca>] ? __vfs_read+0x550/0x550 [ 1485.313898] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1485.313906] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1485.313915] [<00000000ad48bf15>] ? rcu_read_lock_sched_held+0x10b/0x130 [ 1485.313952] [<00000000a3300644>] ? rcu_sync_lockdep_assert+0x73/0xb0 [ 1485.313962] [<000000003542cfd2>] ? __sb_start_write+0x161/0x310 [ 1485.313972] [<000000006a657c39>] vfs_write+0x185/0x520 [ 1485.313982] [<00000000896b6640>] SyS_write+0x121/0x270 [ 1485.313991] [<0000000039622e10>] ? SyS_read+0x270/0x270 [ 1485.314001] [<00000000207ed57a>] ? do_syscall_64+0x4a/0x5c0 [ 1485.314009] [<0000000039622e10>] ? SyS_read+0x270/0x270 [ 1485.314016] [<000000009049c43c>] do_syscall_64+0x1ad/0x5c0 [ 1485.314025] [<00000000880b3aee>] entry_SYSCALL_64_after_swapgs+0x5d/0xdb [ 1485.314029] Mem-Info: [ 1485.314049] active_anon:188310 inactive_anon:40 isolated_anon:0 [ 1485.314049] active_file:12613 inactive_file:19334 isolated_file:0 [ 1485.314049] unevictable:1 dirty:134 writeback:0 unstable:0 [ 1485.314049] slab_reclaimable:8854 slab_unreclaimable:100443 [ 1485.314049] mapped:59368 shmem:56 pagetables:76274 bounce:0 [ 1485.314049] free:1136845 free_pcp:515 free_cma:0 [ 1485.314064] Node 0 active_anon:753240kB inactive_anon:160kB active_file:50452kB inactive_file:77336kB unevictable:4kB isolated(anon):0kB isolated(file):0kB mapped:237472kB dirty:536kB writeback:0kB shmem:224kB writeback_tmp:0kB unstable:0kB pages_scanned:0 all_unreclaimable? no [ 1485.314095] DMA32 free:3012768kB min:4696kB low:7712kB high:10728kB active_anon:8kB inactive_anon:0kB active_file:4kB inactive_file:0kB unevictable:0kB writepending:0kB present:3145324kB managed:3020092kB mlocked:0kB slab_reclaimable:72kB slab_unreclaimable:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:1232kB local_pcp:588kB free_cma:0kB lowmem_reserve[]: 0 3505 3505 [ 1485.314131] Normal free:1534612kB min:5580kB low:9168kB high:12756kB active_anon:753232kB inactive_anon:160kB active_file:50448kB inactive_file:77336kB unevictable:4kB writepending:536kB present:4718592kB managed:3589316kB mlocked:4kB slab_reclaimable:35344kB slab_unreclaimable:401772kB kernel_stack:96832kB pagetables:305096kB bounce:0kB free_pcp:828kB local_pcp:456kB free_cma:0kB lowmem_reserve[]: 0 0 0 22:10:37 executing program 0: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) socket(0x0, 0x0, 0x8) poll(0x0, 0x0, 0x8000000000000200) socketpair(0x10, 0x0, 0x0, 0x0) r0 = creat(0x0, 0x0) ioctl$TIOCLINUX4(r0, 0x541c, &(0x7f0000000040)) r1 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r2, &(0x7f0000000300)=ANY=[@ANYBLOB], 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x21) wait4(0x0, 0x0, 0x0, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x10000, 0x0, 0x15}) syz_open_pts(0xffffffffffffffff, 0x0) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000540)='/dev/vga_arbiter\x00', 0x511441, 0x0) 22:10:37 executing program 2: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket(0x0, 0x0, 0x0) poll(0x0, 0x0, 0x0) socketpair(0x10, 0x0, 0xfe, 0x0) fcntl$setown(0xffffffffffffffff, 0x8, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) creat(0x0, 0x0) ioctl$TIOCLINUX4(0xffffffffffffffff, 0x541c, &(0x7f0000000040)) dup2(r0, 0xffffffffffffffff) r1 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r2, &(0x7f0000000300)=ANY=[], 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x21) wait4(0x0, 0x0, 0x0, 0x0) syz_open_pts(0xffffffffffffffff, 0x0) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x0, 0x0, 0x0) 22:10:37 executing program 1: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x13102000ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket(0x0, 0x0, 0x0) poll(0x0, 0x0, 0x8000000000000200) socketpair(0x10, 0x0, 0xfe, &(0x7f0000000180)) r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$TIOCLINUX4(r1, 0x541c, &(0x7f0000000040)) dup2(r0, 0xffffffffffffffff) r2 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r3, &(0x7f0000000300)=ANY=[], 0x0) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x21) wait4(0x0, 0x0, 0x0, 0x0) syz_open_pts(r0, 0x0) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0xf, &(0x7f00009abffc)=0x5, 0x4) 22:10:37 executing program 4: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket(0x0, 0x0, 0x8) poll(0x0, 0x0, 0x8000000000000200) creat(&(0x7f00000000c0)='./file0\x00', 0x0) clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r0, &(0x7f0000000300)=ANY=[@ANYBLOB], 0x0) ptrace$setopts(0x4206, 0x0, 0x0, 0x0) wait4(0x0, 0x0, 0x0, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x10000, 0x0, 0x15}) 22:10:37 executing program 5: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x448, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x13102000ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket(0x5, 0xa, 0x8) poll(0x0, 0x0, 0x8000000000000200) socketpair(0x10, 0x0, 0xfe, &(0x7f0000000180)) fcntl$setown(0xffffffffffffffff, 0x8, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$TIOCLINUX4(0xffffffffffffffff, 0x541c, &(0x7f0000000040)) dup2(r0, 0xffffffffffffffff) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r2, &(0x7f0000000300)=ANY=[@ANYBLOB="2422cdb3dbc96a0d7dab17ee1da68e97a75c2d1a34e7ee02004c4ac61b6783adf4b78165e6c18fe6e6e9de0eb40ab9b6372acb8457a07f40768a79fdc462e6b4a93479179acce26e9a881ad88e9bda56bc45b955bd137eb6a10faae485df2055d290b5f5949c6c1ef54dacde51e41b3b831d091296afdcea0a3f90167c64236701a6a66a7585617a81295c82c330caf32cb6b5240766739a217b22cf41bbab5aeb327feb5109ed16a6ddd2009b475825c0dd02dbec6e612072ce7fd70ed9305446a8b45b7a9ff355b3cff9707fe8ba6b03c1d1269b59308a"], 0x1) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x21) wait4(0x0, 0x0, 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x10000, 0x0, 0x15}) syz_open_pts(r0, 0x0) getxattr(&(0x7f0000000240)='./file0\x00', &(0x7f0000000280)=@known='com.apple.system.Security\x00', &(0x7f00000002c0)=""/41, 0x29) accept$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @initdev}, &(0x7f00000001c0)=0x10) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0xf, &(0x7f00009abffc)=0x5, 0x4) r3 = socket(0xa, 0x2, 0x0) getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xa) fcntl$getownex(r3, 0x10, &(0x7f0000000500)) openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000540)='/dev/vga_arbiter\x00', 0x511441, 0x0) [ 1485.314194] DMA32: 12*4kB (UM) 12*8kB (UME) 7*16kB (UME) 5*32kB (UME) 4*64kB (UM) 6*128kB (UME) 7*256kB (UME) 6*512kB (UME) 4*1024kB (UME) 4*2048kB (UME) 731*4096kB (UM) = 3012768kB Normal: 5*4kB (UE) 8*8kB (UE) 26*16kB (UE) 2*32kB (ME) 50*64kB (UM) 13*128kB (UME) 3*256kB (UE) 1*512kB (U) 4*1024kB (UME) 0*2048kB 372*4096kB (U) = 1534516kB 32000 total pagecache pages [ 1485.314248] 0 pages in swap cache [ 1485.314252] Swap cache stats: add 0, delete 0, find 0/0 [ 1485.314254] Free swap = 0kB [ 1485.314256] Total swap = 0kB [ 1485.314259] 1965979 pages RAM [ 1485.314261] 0 pages HighMem/MovableOnly [ 1485.314263] 313627 pages reserved [ 1485.438755] syz-executor.1: vmalloc: allocation failure: 0 bytes, mode:0x24000c2(GFP_KERNEL|__GFP_HIGHMEM) [ 1485.438763] CPU: 1 PID: 28636 Comm: syz-executor.1 Not tainted 4.9.194+ #0 [ 1485.438777] ffff88012b117968 ffffffff81b67001 1ffff10025622f2f ffff88012fb84740 [ 1485.438787] ffffffff82aab4e0 0000000000000001 0000000000400000 ffff88012b117a90 [ 1485.438797] ffffffff815080fc 0000000041b58ab3 ffffffff82e3bc80 ffffffff81431d00 22:10:37 executing program 4: perf_event_open(0x0, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) socket(0x0, 0x0, 0x0) poll(0x0, 0x0, 0x8000000000000200) creat(&(0x7f00000000c0)='./file0\x00', 0x0) clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r0, &(0x7f0000000300)=ANY=[@ANYBLOB], 0x0) ptrace$setopts(0x4206, 0x0, 0x0, 0x0) wait4(0x0, 0x0, 0x0, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x10000, 0x0, 0x15}) [ 1485.438799] Call Trace: [ 1485.438813] [<0000000011681f42>] dump_stack+0xc1/0x120 [ 1485.438824] [<000000007c2097d2>] warn_alloc.cold+0x76/0x93 [ 1485.438834] [<00000000de19d6ac>] ? zone_watermark_ok_safe+0x260/0x260 [ 1485.438841] [<00000000298d54b5>] ? avc_has_perm+0x164/0x3a0 [ 1485.438851] [<000000005cb91349>] __vmalloc_node_range+0x368/0x610 [ 1485.438861] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 22:10:37 executing program 3: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket(0x0, 0x0, 0x0) poll(0x0, 0x0, 0x8000000000000200) r0 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$TIOCLINUX4(r0, 0x541c, &(0x7f0000000040)) r1 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r2, &(0x7f0000000300)=ANY=[@ANYBLOB], 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x21) wait4(0x0, 0x0, 0x0, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x10000, 0x0, 0x15}) syz_open_pts(0xffffffffffffffff, 0x0) 22:10:37 executing program 2: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket(0x0, 0x0, 0x0) poll(0x0, 0x0, 0x0) socketpair(0x10, 0x0, 0xfe, 0x0) fcntl$setown(0xffffffffffffffff, 0x8, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) creat(0x0, 0x0) ioctl$TIOCLINUX4(0xffffffffffffffff, 0x541c, &(0x7f0000000040)) dup2(r0, 0xffffffffffffffff) r1 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r2, &(0x7f0000000300)=ANY=[], 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x21) wait4(0x0, 0x0, 0x0, 0x0) syz_open_pts(0xffffffffffffffff, 0x0) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x0, 0x0, 0x0) [ 1485.438870] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1485.438879] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1485.438889] [<00000000a2fc1867>] ? task_has_security+0x130/0x270 [ 1485.438896] [<00000000a2870fb6>] vmalloc+0x5c/0x70 [ 1485.438903] [<000000009122b07a>] ? sel_write_load+0x119/0xf60 [ 1485.438909] [<000000009122b07a>] sel_write_load+0x119/0xf60 [ 1485.438916] [<0000000014953e9a>] ? sel_read_bool+0x240/0x240 [ 1485.438924] [<0000000033795d1e>] ? trace_hardirqs_on+0x10/0x10 [ 1485.438932] [<000000008431afd9>] __vfs_write+0x116/0x560 [ 1485.438939] [<0000000014953e9a>] ? sel_read_bool+0x240/0x240 22:10:37 executing program 2: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket(0x0, 0x0, 0x0) poll(0x0, 0x0, 0x0) socketpair(0x10, 0x0, 0xfe, 0x0) fcntl$setown(0xffffffffffffffff, 0x8, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) creat(0x0, 0x0) ioctl$TIOCLINUX4(0xffffffffffffffff, 0x541c, &(0x7f0000000040)) dup2(r0, 0xffffffffffffffff) r1 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r2, &(0x7f0000000300)=ANY=[], 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x21) wait4(0x0, 0x0, 0x0, 0x0) syz_open_pts(0xffffffffffffffff, 0x0) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x0, 0x0, 0x0) [ 1485.438949] [<00000000b67253ca>] ? __vfs_read+0x550/0x550 [ 1485.438960] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1485.438970] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1485.438980] [<00000000ad48bf15>] ? rcu_read_lock_sched_held+0x10b/0x130 [ 1485.438987] [<00000000a3300644>] ? rcu_sync_lockdep_assert+0x73/0xb0 [ 1485.438995] [<000000003542cfd2>] ? __sb_start_write+0x161/0x310 [ 1485.439001] [<000000006a657c39>] vfs_write+0x185/0x520 [ 1485.439009] [<00000000896b6640>] SyS_write+0x121/0x270 [ 1485.439016] [<0000000039622e10>] ? SyS_read+0x270/0x270 [ 1485.439024] [<00000000207ed57a>] ? do_syscall_64+0x4a/0x5c0 [ 1485.439031] [<0000000039622e10>] ? SyS_read+0x270/0x270 [ 1485.439038] [<000000009049c43c>] do_syscall_64+0x1ad/0x5c0 22:10:38 executing program 2: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket(0x0, 0x0, 0x0) poll(0x0, 0x0, 0x0) socketpair(0x10, 0x0, 0xfe, 0x0) fcntl$setown(0xffffffffffffffff, 0x8, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) creat(0x0, 0x0) ioctl$TIOCLINUX4(0xffffffffffffffff, 0x541c, &(0x7f0000000040)) dup2(r0, 0xffffffffffffffff) r1 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r2, &(0x7f0000000300)=ANY=[], 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x21) wait4(0x0, 0x0, 0x0, 0x0) syz_open_pts(0xffffffffffffffff, 0x0) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x0, &(0x7f00009abffc), 0x4) 22:10:38 executing program 0: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) socket(0x0, 0x0, 0x8) poll(0x0, 0x0, 0x8000000000000200) socketpair(0x10, 0x0, 0x0, 0x0) r0 = creat(0x0, 0x0) ioctl$TIOCLINUX4(r0, 0x541c, &(0x7f0000000040)) r1 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r2, &(0x7f0000000300)=ANY=[@ANYBLOB], 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x21) wait4(0x0, 0x0, 0x0, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x10000, 0x0, 0x15}) syz_open_pts(0xffffffffffffffff, 0x0) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000540)='/dev/vga_arbiter\x00', 0x511441, 0x0) [ 1485.439047] [<00000000880b3aee>] entry_SYSCALL_64_after_swapgs+0x5d/0xdb [ 1485.439051] Mem-Info: [ 1485.439072] active_anon:188335 inactive_anon:40 isolated_anon:0 [ 1485.439072] active_file:12613 inactive_file:19334 isolated_file:0 [ 1485.439072] unevictable:1 dirty:134 writeback:0 unstable:0 [ 1485.439072] slab_reclaimable:8854 slab_unreclaimable:100427 [ 1485.439072] mapped:59368 shmem:56 pagetables:76311 bounce:0 [ 1485.439072] free:1136822 free_pcp:488 free_cma:0 [ 1485.439088] Node 0 active_anon:753340kB inactive_anon:160kB active_file:50452kB inactive_file:77336kB unevictable:4kB isolated(anon):0kB isolated(file):0kB mapped:237472kB dirty:536kB writeback:0kB shmem:224kB writeback_tmp:0kB unstable:0kB pages_scanned:0 all_unreclaimable? no [ 1485.439112] DMA32 free:3012768kB min:4696kB low:7712kB high:10728kB active_anon:8kB inactive_anon:0kB active_file:4kB inactive_file:0kB unevictable:0kB writepending:0kB present:3145324kB managed:3020092kB mlocked:0kB slab_reclaimable:72kB slab_unreclaimable:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:1232kB local_pcp:644kB free_cma:0kB lowmem_reserve[]: 0 3505 3505 22:10:38 executing program 3: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket(0x0, 0x0, 0x0) poll(0x0, 0x0, 0x8000000000000200) r0 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$TIOCLINUX4(r0, 0x541c, &(0x7f0000000040)) r1 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r2, &(0x7f0000000300)=ANY=[@ANYBLOB], 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x21) wait4(0x0, 0x0, 0x0, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x10000, 0x0, 0x15}) syz_open_pts(0xffffffffffffffff, 0x0) [ 1485.439140] Normal free:1534520kB min:5580kB low:9168kB high:12756kB active_anon:753332kB inactive_anon:160kB active_file:50448kB inactive_file:77336kB unevictable:4kB writepending:536kB present:4718592kB managed:3589316kB mlocked:4kB slab_reclaimable:35344kB slab_unreclaimable:401708kB kernel_stack:96928kB pagetables:305244kB bounce:0kB free_pcp:720kB local_pcp:504kB free_cma:0kB 22:10:38 executing program 2: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket(0x0, 0x0, 0x0) poll(0x0, 0x0, 0x0) socketpair(0x10, 0x0, 0xfe, 0x0) fcntl$setown(0xffffffffffffffff, 0x8, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) creat(0x0, 0x0) ioctl$TIOCLINUX4(0xffffffffffffffff, 0x541c, &(0x7f0000000040)) dup2(r0, 0xffffffffffffffff) r1 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r2, &(0x7f0000000300)=ANY=[], 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x21) wait4(0x0, 0x0, 0x0, 0x0) syz_open_pts(0xffffffffffffffff, 0x0) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x0, &(0x7f00009abffc), 0x4) 22:10:38 executing program 4: perf_event_open(0x0, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) socket(0x0, 0x0, 0x0) poll(0x0, 0x0, 0x8000000000000200) creat(&(0x7f00000000c0)='./file0\x00', 0x0) clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r0, &(0x7f0000000300)=ANY=[@ANYBLOB], 0x0) ptrace$setopts(0x4206, 0x0, 0x0, 0x0) wait4(0x0, 0x0, 0x0, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x10000, 0x0, 0x15}) lowmem_reserve[]: 0 0 0 [ 1485.439210] DMA32: 12*4kB (UM) 12*8kB (UME) 7*16kB (UME) 5*32kB (UME) 4*64kB (UM) 6*128kB (UME) 7*256kB (UME) 6*512kB (UME) 4*1024kB (UME) 4*2048kB (UME) 731*4096kB (UM) = 3012768kB Normal: 4*4kB (E) 7*8kB (UE) 23*16kB (E) 11*32kB (UME) 46*64kB (M) 13*128kB (UME) 3*256kB (UE) 1*512kB (U) 4*1024kB (UME) 0*2048kB 372*4096kB (U) = 1534488kB 32000 total pagecache pages [ 1485.439265] 0 pages in swap cache [ 1485.439269] Swap cache stats: add 0, delete 0, find 0/0 [ 1485.439271] Free swap = 0kB [ 1485.439273] Total swap = 0kB [ 1485.439275] 1965979 pages RAM [ 1485.439277] 0 pages HighMem/MovableOnly [ 1485.439279] 313627 pages reserved [ 1485.850621] SELinux: policydb magic number 0xb3cd2224 does not match expected magic number 0xf97cff8c [ 1485.866525] syz-executor.2: vmalloc: allocation failure: 0 bytes, mode:0x24000c2(GFP_KERNEL|__GFP_HIGHMEM) [ 1485.866536] CPU: 0 PID: 28648 Comm: syz-executor.2 Not tainted 4.9.194+ #0 [ 1485.866553] ffff8801387df968 ffffffff81b67001 1ffff100270fbf2f ffff8801cadfc740 [ 1485.866565] ffffffff82aab4e0 0000000000000001 0000000000400000 ffff8801387dfa90 [ 1485.866578] ffffffff815080fc 0000000041b58ab3 ffffffff82e3bc80 ffffffff81431d00 [ 1485.866579] Call Trace: [ 1485.866595] [<0000000011681f42>] dump_stack+0xc1/0x120 [ 1485.866607] [<000000007c2097d2>] warn_alloc.cold+0x76/0x93 [ 1485.866616] [<00000000de19d6ac>] ? zone_watermark_ok_safe+0x260/0x260 [ 1485.866626] [<00000000298d54b5>] ? avc_has_perm+0x164/0x3a0 [ 1485.866636] [<000000005cb91349>] __vmalloc_node_range+0x368/0x610 [ 1485.866645] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1485.866653] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1485.866662] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1485.866672] [<00000000a2fc1867>] ? task_has_security+0x130/0x270 [ 1485.866679] [<00000000a2870fb6>] vmalloc+0x5c/0x70 [ 1485.866685] [<000000009122b07a>] ? sel_write_load+0x119/0xf60 [ 1485.866692] [<000000009122b07a>] sel_write_load+0x119/0xf60 [ 1485.866699] [<0000000014953e9a>] ? sel_read_bool+0x240/0x240 [ 1485.866708] [<0000000033795d1e>] ? trace_hardirqs_on+0x10/0x10 [ 1485.866715] [<000000008431afd9>] __vfs_write+0x116/0x560 [ 1485.866722] [<0000000014953e9a>] ? sel_read_bool+0x240/0x240 [ 1485.866737] [<00000000b67253ca>] ? __vfs_read+0x550/0x550 [ 1485.866748] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1485.866759] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1485.866769] [<00000000ad48bf15>] ? rcu_read_lock_sched_held+0x10b/0x130 [ 1485.866776] [<00000000a3300644>] ? rcu_sync_lockdep_assert+0x73/0xb0 [ 1485.866784] [<000000003542cfd2>] ? __sb_start_write+0x161/0x310 [ 1485.866791] [<000000006a657c39>] vfs_write+0x185/0x520 [ 1485.866798] [<00000000896b6640>] SyS_write+0x121/0x270 [ 1485.866805] [<0000000039622e10>] ? SyS_read+0x270/0x270 [ 1485.866812] [<00000000207ed57a>] ? do_syscall_64+0x4a/0x5c0 [ 1485.866818] [<0000000039622e10>] ? SyS_read+0x270/0x270 [ 1485.866825] [<000000009049c43c>] do_syscall_64+0x1ad/0x5c0 [ 1485.866834] [<00000000880b3aee>] entry_SYSCALL_64_after_swapgs+0x5d/0xdb [ 1485.866838] Mem-Info: [ 1485.866859] active_anon:188406 inactive_anon:40 isolated_anon:0 [ 1485.866859] active_file:12614 inactive_file:19334 isolated_file:0 [ 1485.866859] unevictable:1 dirty:135 writeback:0 unstable:0 [ 1485.866859] slab_reclaimable:8854 slab_unreclaimable:100483 [ 1485.866859] mapped:59368 shmem:56 pagetables:76381 bounce:0 [ 1485.866859] free:1136524 free_pcp:455 free_cma:0 [ 1485.866876] Node 0 active_anon:753624kB inactive_anon:160kB active_file:50456kB inactive_file:77336kB unevictable:4kB isolated(anon):0kB isolated(file):0kB mapped:237472kB dirty:540kB writeback:0kB shmem:224kB writeback_tmp:0kB unstable:0kB pages_scanned:0 all_unreclaimable? no [ 1485.866896] DMA32 free:3012768kB min:4696kB low:7712kB high:10728kB active_anon:8kB inactive_anon:0kB active_file:4kB inactive_file:0kB unevictable:0kB writepending:0kB present:3145324kB managed:3020092kB mlocked:0kB slab_reclaimable:72kB slab_unreclaimable:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:1232kB local_pcp:588kB free_cma:0kB lowmem_reserve[]: 0 3505 3505 [ 1485.866923] Normal free:1533328kB min:5580kB low:9168kB high:12756kB active_anon:753616kB inactive_anon:160kB active_file:50452kB inactive_file:77336kB unevictable:4kB writepending:540kB present:4718592kB managed:3589316kB mlocked:4kB slab_reclaimable:35344kB slab_unreclaimable:401932kB kernel_stack:97216kB pagetables:305524kB bounce:0kB free_pcp:588kB local_pcp:128kB free_cma:0kB lowmem_reserve[]: 0 0 0 [ 1485.866978] DMA32: 12*4kB (UM) 12*8kB (UME) 7*16kB (UME) 5*32kB (UME) 4*64kB (UM) 6*128kB (UME) 7*256kB (UME) 6*512kB (UME) 4*1024kB (UME) 4*2048kB (UME) 731*4096kB (UM) = 3012768kB Normal: 6*4kB (UME) 7*8kB (ME) 24*16kB (UE) 3*32kB (UME) 40*64kB (M) 12*128kB (ME) 3*256kB (UE) 0*512kB 4*1024kB (UME) 0*2048kB 372*4096kB (U) = 1533232kB 32001 total pagecache pages [ 1485.867042] 0 pages in swap cache [ 1485.867046] Swap cache stats: add 0, delete 0, find 0/0 [ 1485.867049] Free swap = 0kB [ 1485.867051] Total swap = 0kB [ 1485.867053] 1965979 pages RAM [ 1485.867055] 0 pages HighMem/MovableOnly [ 1485.867057] 313627 pages reserved [ 1485.867482] syz-executor.3: vmalloc: allocation failure: 0 bytes, mode:0x24000c2(GFP_KERNEL|__GFP_HIGHMEM) [ 1485.867489] CPU: 1 PID: 28653 Comm: syz-executor.3 Not tainted 4.9.194+ #0 [ 1485.867507] ffff8801387ef968 ffffffff81b67001 1ffff100270fdf2f ffff880136e32f80 [ 1485.867517] ffffffff82aab4e0 0000000000000001 0000000000400000 ffff8801387efa90 [ 1485.867525] ffffffff815080fc 0000000041b58ab3 ffffffff82e3bc80 ffffffff81431d00 [ 1485.867527] Call Trace: [ 1485.867537] [<0000000011681f42>] dump_stack+0xc1/0x120 [ 1485.867545] [<000000007c2097d2>] warn_alloc.cold+0x76/0x93 [ 1485.867551] [<00000000de19d6ac>] ? zone_watermark_ok_safe+0x260/0x260 [ 1485.867557] [<00000000298d54b5>] ? avc_has_perm+0x164/0x3a0 [ 1485.867565] [<000000005cb91349>] __vmalloc_node_range+0x368/0x610 [ 1485.867574] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1485.867582] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1485.867589] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1485.867597] [<00000000a2fc1867>] ? task_has_security+0x130/0x270 [ 1485.867603] [<00000000a2870fb6>] vmalloc+0x5c/0x70 [ 1485.867609] [<000000009122b07a>] ? sel_write_load+0x119/0xf60 [ 1485.867616] [<000000009122b07a>] sel_write_load+0x119/0xf60 [ 1485.867636] [<0000000014953e9a>] ? sel_read_bool+0x240/0x240 [ 1485.867644] [<0000000033795d1e>] ? trace_hardirqs_on+0x10/0x10 [ 1485.867651] [<000000008431afd9>] __vfs_write+0x116/0x560 [ 1485.867657] [<0000000014953e9a>] ? sel_read_bool+0x240/0x240 [ 1485.867662] [<00000000b67253ca>] ? __vfs_read+0x550/0x550 [ 1485.867670] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1485.867677] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1485.867685] [<00000000ad48bf15>] ? rcu_read_lock_sched_held+0x10b/0x130 [ 1485.867691] [<00000000a3300644>] ? rcu_sync_lockdep_assert+0x73/0xb0 [ 1485.867698] [<000000003542cfd2>] ? __sb_start_write+0x161/0x310 [ 1485.867705] [<000000006a657c39>] vfs_write+0x185/0x520 [ 1485.867711] [<00000000896b6640>] SyS_write+0x121/0x270 [ 1485.867718] [<0000000039622e10>] ? SyS_read+0x270/0x270 [ 1485.867724] [<00000000207ed57a>] ? do_syscall_64+0x4a/0x5c0 [ 1485.867730] [<0000000039622e10>] ? SyS_read+0x270/0x270 [ 1485.867736] [<000000009049c43c>] do_syscall_64+0x1ad/0x5c0 [ 1485.867744] [<00000000880b3aee>] entry_SYSCALL_64_after_swapgs+0x5d/0xdb [ 1485.867746] Mem-Info: [ 1485.867767] active_anon:188406 inactive_anon:40 isolated_anon:0 [ 1485.867767] active_file:12614 inactive_file:19334 isolated_file:0 [ 1485.867767] unevictable:1 dirty:135 writeback:0 unstable:0 [ 1485.867767] slab_reclaimable:8854 slab_unreclaimable:100483 [ 1485.867767] mapped:59368 shmem:56 pagetables:76381 bounce:0 [ 1485.867767] free:1136524 free_pcp:455 free_cma:0 [ 1485.867800] Node 0 active_anon:753624kB inactive_anon:160kB active_file:50456kB inactive_file:77336kB unevictable:4kB isolated(anon):0kB isolated(file):0kB mapped:237472kB dirty:540kB writeback:0kB shmem:224kB writeback_tmp:0kB unstable:0kB pages_scanned:0 all_unreclaimable? no [ 1485.867815] DMA32 free:3012768kB min:4696kB low:7712kB high:10728kB active_anon:8kB inactive_anon:0kB active_file:4kB inactive_file:0kB unevictable:0kB writepending:0kB present:3145324kB managed:3020092kB mlocked:0kB slab_reclaimable:72kB slab_unreclaimable:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:1232kB local_pcp:644kB free_cma:0kB lowmem_reserve[]: 0 3505 3505 [ 1485.867839] Normal free:1533328kB min:5580kB low:9168kB high:12756kB active_anon:753616kB inactive_anon:160kB active_file:50452kB inactive_file:77336kB unevictable:4kB writepending:540kB present:4718592kB managed:3589316kB mlocked:4kB slab_reclaimable:35344kB slab_unreclaimable:401932kB kernel_stack:97184kB pagetables:305524kB bounce:0kB free_pcp:588kB local_pcp:460kB free_cma:0kB lowmem_reserve[]: 0 0 0 [ 1485.867890] DMA32: 12*4kB (UM) 12*8kB (UME) 7*16kB (UME) 5*32kB (UME) 4*64kB (UM) 6*128kB (UME) 7*256kB (UME) 6*512kB (UME) 4*1024kB (UME) 4*2048kB (UME) 731*4096kB (UM) = 3012768kB Normal: 6*4kB (UME) 7*8kB (ME) 24*16kB (UE) 4*32kB (UME) 40*64kB (M) 12*128kB (ME) 3*256kB (UE) 0*512kB 4*1024kB (UME) 0*2048kB 372*4096kB (U) = 1533264kB 32001 total pagecache pages [ 1485.867935] 0 pages in swap cache [ 1485.867939] Swap cache stats: add 0, delete 0, find 0/0 [ 1485.867941] Free swap = 0kB [ 1485.867943] Total swap = 0kB [ 1485.867945] 1965979 pages RAM [ 1485.867947] 0 pages HighMem/MovableOnly [ 1485.867948] 313627 pages reserved [ 1485.868463] syz-executor.4: vmalloc: allocation failure: 0 bytes, mode:0x24000c2(GFP_KERNEL|__GFP_HIGHMEM) [ 1485.868485] CPU: 0 PID: 28658 Comm: syz-executor.4 Not tainted 4.9.194+ #0 [ 1485.868499] ffff880139be7968 ffffffff81b67001 1ffff1002737cf2f ffff8801b13d8000 [ 1485.868511] ffffffff82aab4e0 0000000000000001 0000000000400000 ffff880139be7a90 [ 1485.868522] ffffffff815080fc 0000000041b58ab3 ffffffff82e3bc80 ffffffff81431d00 [ 1485.868523] Call Trace: [ 1485.868532] [<0000000011681f42>] dump_stack+0xc1/0x120 [ 1485.868541] [<000000007c2097d2>] warn_alloc.cold+0x76/0x93 [ 1485.868549] [<00000000de19d6ac>] ? zone_watermark_ok_safe+0x260/0x260 [ 1485.868556] [<00000000298d54b5>] ? avc_has_perm+0x164/0x3a0 [ 1485.868565] [<000000005cb91349>] __vmalloc_node_range+0x368/0x610 [ 1485.868582] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1485.868592] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1485.868603] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1485.868612] [<00000000a2fc1867>] ? task_has_security+0x130/0x270 [ 1485.868619] [<00000000a2870fb6>] vmalloc+0x5c/0x70 [ 1485.868626] [<000000009122b07a>] ? sel_write_load+0x119/0xf60 [ 1485.868633] [<000000009122b07a>] sel_write_load+0x119/0xf60 [ 1485.868640] [<0000000014953e9a>] ? sel_read_bool+0x240/0x240 [ 1485.868649] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1485.868656] [<00000000b9229046>] ? retint_kernel+0x2d/0x2d [ 1485.868664] [<0000000033795d1e>] ? trace_hardirqs_on+0x10/0x10 [ 1485.868672] [<000000008431afd9>] __vfs_write+0x116/0x560 [ 1485.868679] [<0000000014953e9a>] ? sel_read_bool+0x240/0x240 [ 1485.868686] [<00000000b67253ca>] ? __vfs_read+0x550/0x550 [ 1485.868694] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1485.868703] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1485.868712] [<00000000ad48bf15>] ? rcu_read_lock_sched_held+0x10b/0x130 [ 1485.868719] [<00000000a3300644>] ? rcu_sync_lockdep_assert+0x73/0xb0 [ 1485.868727] [<000000003542cfd2>] ? __sb_start_write+0x161/0x310 [ 1485.868734] [<000000006a657c39>] vfs_write+0x185/0x520 [ 1485.868741] [<00000000896b6640>] SyS_write+0x121/0x270 [ 1485.868749] [<0000000039622e10>] ? SyS_read+0x270/0x270 [ 1485.868755] [<00000000207ed57a>] ? do_syscall_64+0x4a/0x5c0 [ 1485.868762] [<0000000039622e10>] ? SyS_read+0x270/0x270 [ 1485.868769] [<000000009049c43c>] do_syscall_64+0x1ad/0x5c0 [ 1485.868777] [<00000000880b3aee>] entry_SYSCALL_64_after_swapgs+0x5d/0xdb [ 1485.868835] Mem-Info: [ 1485.868873] active_anon:188406 inactive_anon:40 isolated_anon:0 [ 1485.868873] active_file:12614 inactive_file:19334 isolated_file:0 [ 1485.868873] unevictable:1 dirty:135 writeback:0 unstable:0 [ 1485.868873] slab_reclaimable:8854 slab_unreclaimable:100483 [ 1485.868873] mapped:59368 shmem:56 pagetables:76381 bounce:0 [ 1485.868873] free:1136524 free_pcp:455 free_cma:0 [ 1485.868899] Node 0 active_anon:753624kB inactive_anon:160kB active_file:50456kB inactive_file:77336kB unevictable:4kB isolated(anon):0kB isolated(file):0kB mapped:237472kB dirty:540kB writeback:0kB shmem:224kB writeback_tmp:0kB unstable:0kB pages_scanned:0 all_unreclaimable? no [ 1485.868936] DMA32 free:3012768kB min:4696kB low:7712kB high:10728kB active_anon:8kB inactive_anon:0kB active_file:4kB inactive_file:0kB unevictable:0kB writepending:0kB present:3145324kB managed:3020092kB mlocked:0kB slab_reclaimable:72kB slab_unreclaimable:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:1232kB local_pcp:588kB free_cma:0kB lowmem_reserve[]: 0 3505 3505 [ 1485.869050] Normal free:1533328kB min:5580kB low:9168kB high:12756kB active_anon:753616kB inactive_anon:160kB active_file:50452kB inactive_file:77336kB unevictable:4kB writepending:540kB present:4718592kB managed:3589316kB mlocked:4kB slab_reclaimable:35344kB slab_unreclaimable:401932kB kernel_stack:97184kB pagetables:305524kB bounce:0kB free_pcp:588kB local_pcp:128kB free_cma:0kB lowmem_reserve[]: 0 0 0 [ 1485.869282] DMA32: 12*4kB (UM) 12*8kB (UME) 7*16kB (UME) 5*32kB (UME) 4*64kB (UM) 6*128kB (UME) 7*256kB (UME) 6*512kB (UME) 4*1024kB (UME) 4*2048kB (UME) 731*4096kB (UM) = 3012768kB Normal: 6*4kB (UME) 7*8kB (ME) 24*16kB (UE) 4*32kB (UME) 40*64kB (M) 12*128kB (ME) 3*256kB (UE) 0*512kB 4*1024kB (UME) 0*2048kB 372*4096kB (U) = 1533264kB 32001 total pagecache pages [ 1485.869474] 0 pages in swap cache [ 1485.869483] Swap cache stats: add 0, delete 0, find 0/0 [ 1485.869500] Free swap = 0kB [ 1485.869514] Total swap = 0kB [ 1485.869520] 1965979 pages RAM [ 1485.869533] 0 pages HighMem/MovableOnly [ 1485.869539] 313627 pages reserved [ 1485.871089] syz-executor.1: vmalloc: allocation failure: 0 bytes, mode:0x24000c2(GFP_KERNEL|__GFP_HIGHMEM) [ 1485.871100] CPU: 0 PID: 28663 Comm: syz-executor.1 Not tainted 4.9.194+ #0 [ 1485.871114] ffff880136ed7968 ffffffff81b67001 1ffff10026ddaf2f ffff880139bf0000 [ 1485.871126] ffffffff82aab4e0 0000000000000001 0000000000400000 ffff880136ed7a90 [ 1485.871138] ffffffff815080fc 0000000041b58ab3 ffffffff82e3bc80 ffffffff81431d00 [ 1485.871140] Call Trace: [ 1485.871154] [<0000000011681f42>] dump_stack+0xc1/0x120 [ 1485.871165] [<000000007c2097d2>] warn_alloc.cold+0x76/0x93 [ 1485.871174] [<00000000de19d6ac>] ? zone_watermark_ok_safe+0x260/0x260 [ 1485.871183] [<00000000298d54b5>] ? avc_has_perm+0x164/0x3a0 [ 1485.871192] [<000000005cb91349>] __vmalloc_node_range+0x368/0x610 [ 1485.871214] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1485.871225] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1485.871236] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1485.871247] [<00000000a2fc1867>] ? task_has_security+0x130/0x270 [ 1485.871254] [<00000000a2870fb6>] vmalloc+0x5c/0x70 [ 1485.871262] [<000000009122b07a>] ? sel_write_load+0x119/0xf60 [ 1485.871269] [<000000009122b07a>] sel_write_load+0x119/0xf60 [ 1485.871277] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1485.871283] [<0000000014953e9a>] ? sel_read_bool+0x240/0x240 [ 1485.871291] [<0000000033795d1e>] ? trace_hardirqs_on+0x10/0x10 [ 1485.871299] [<000000008431afd9>] __vfs_write+0x116/0x560 [ 1485.871305] [<0000000014953e9a>] ? sel_read_bool+0x240/0x240 [ 1485.871312] [<00000000b67253ca>] ? __vfs_read+0x550/0x550 22:10:40 executing program 1: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x13102000ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket(0x0, 0x0, 0x0) poll(0x0, 0x0, 0x8000000000000200) socketpair(0x10, 0x0, 0xfe, &(0x7f0000000180)) r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$TIOCLINUX4(r1, 0x541c, &(0x7f0000000040)) dup2(r0, 0xffffffffffffffff) r2 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r3, &(0x7f0000000300)=ANY=[], 0x0) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x21) wait4(0x0, 0x0, 0x0, 0x0) syz_open_pts(r0, 0x0) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0xf, &(0x7f00009abffc)=0x5, 0x4) 22:10:40 executing program 2: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket(0x0, 0x0, 0x0) poll(0x0, 0x0, 0x0) socketpair(0x10, 0x0, 0xfe, 0x0) fcntl$setown(0xffffffffffffffff, 0x8, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) creat(0x0, 0x0) ioctl$TIOCLINUX4(0xffffffffffffffff, 0x541c, &(0x7f0000000040)) dup2(r0, 0xffffffffffffffff) r1 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r2, &(0x7f0000000300)=ANY=[], 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x21) wait4(0x0, 0x0, 0x0, 0x0) syz_open_pts(0xffffffffffffffff, 0x0) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x0, &(0x7f00009abffc), 0x4) 22:10:40 executing program 5: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x448, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x13102000ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket(0x0, 0xa, 0x8) poll(0x0, 0x0, 0x8000000000000200) socketpair(0x10, 0x0, 0xfe, &(0x7f0000000180)) fcntl$setown(0xffffffffffffffff, 0x8, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$TIOCLINUX4(r1, 0x541c, &(0x7f0000000040)) dup2(r0, 0xffffffffffffffff) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r3, &(0x7f0000000300)=ANY=[@ANYBLOB="2422cdb3dbc96a0d7dab17ee1da68e97a75c2d1a34e7ee02004c4ac61b6783adf4b78165e6c18fe6e6e9de0eb40ab9b6372acb8457a07f40768a79fdc462e6b4a93479179acce26e9a881ad88e9bda56bc45b955bd137eb6a10faae485df2055d290b5f5949c6c1ef54dacde51e41b3b831d091296afdcea0a3f90167c64236701a6a66a7585617a81295c82c330caf32cb6b5240766739a217b22cf41bbab5aeb327feb5109ed16a6ddd2009b475825c0dd02dbec6e612072ce7fd70ed9305446a8b45b7a9ff355b3cff9707fe8ba6b03c1d1269b59308a"], 0x1) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x21) wait4(0x0, 0x0, 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x10000, 0x0, 0x15}) accept$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @initdev}, &(0x7f00000001c0)=0x10) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0xf, &(0x7f00009abffc)=0x5, 0x4) openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000540)='/dev/vga_arbiter\x00', 0x511441, 0x0) 22:10:40 executing program 0: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) socket(0x0, 0x0, 0x8) poll(0x0, 0x0, 0x8000000000000200) socketpair(0x10, 0x0, 0x0, 0x0) r0 = creat(0x0, 0x0) ioctl$TIOCLINUX4(r0, 0x541c, &(0x7f0000000040)) r1 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r2, &(0x7f0000000300)=ANY=[@ANYBLOB], 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x21) wait4(0x0, 0x0, 0x0, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x10000, 0x0, 0x15}) syz_open_pts(0xffffffffffffffff, 0x0) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000540)='/dev/vga_arbiter\x00', 0x511441, 0x0) 22:10:40 executing program 3: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket(0x0, 0x0, 0x8) poll(0x0, 0x0, 0x0) r0 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$TIOCLINUX4(r0, 0x541c, &(0x7f0000000040)) r1 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r2, &(0x7f0000000300)=ANY=[@ANYBLOB], 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x21) wait4(0x0, 0x0, 0x0, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x10000, 0x0, 0x15}) syz_open_pts(0xffffffffffffffff, 0x0) 22:10:40 executing program 4: perf_event_open(0x0, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) socket(0x0, 0x0, 0x0) poll(0x0, 0x0, 0x8000000000000200) creat(&(0x7f00000000c0)='./file0\x00', 0x0) clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r0, &(0x7f0000000300)=ANY=[@ANYBLOB], 0x0) ptrace$setopts(0x4206, 0x0, 0x0, 0x0) wait4(0x0, 0x0, 0x0, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x10000, 0x0, 0x15}) [ 1485.871322] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1485.871331] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1485.871340] [<00000000ad48bf15>] ? rcu_read_lock_sched_held+0x10b/0x130 [ 1485.871348] [<00000000a3300644>] ? rcu_sync_lockdep_assert+0x73/0xb0 [ 1485.871355] [<000000003542cfd2>] ? __sb_start_write+0x161/0x310 [ 1485.871362] [<000000006a657c39>] vfs_write+0x185/0x520 [ 1485.871381] [<00000000896b6640>] SyS_write+0x121/0x270 22:10:40 executing program 3: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket(0x0, 0x0, 0x8) poll(0x0, 0x0, 0x0) r0 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$TIOCLINUX4(r0, 0x541c, &(0x7f0000000040)) r1 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r2, &(0x7f0000000300)=ANY=[@ANYBLOB], 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x21) wait4(0x0, 0x0, 0x0, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x10000, 0x0, 0x15}) syz_open_pts(0xffffffffffffffff, 0x0) 22:10:40 executing program 2: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x448, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x13102000ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket(0x0, 0xa, 0x0) poll(0x0, 0x0, 0x8000000000000200) socketpair(0x0, 0x0, 0xfe, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$TIOCLINUX4(r1, 0x541c, &(0x7f0000000040)) dup2(r0, 0xffffffffffffffff) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r3, &(0x7f0000000300)=ANY=[@ANYBLOB="2422cdb3dbc96a0d7dab17ee1da68e97a75c2d1a34e7ee02004c4ac61b6783adf4b78165e6c18fe6e6e9de0eb40ab9b6372acb8457a07f40768a79fdc462e6b4a93479179acce26e9a881ad88e9bda56bc45b955bd137eb6a10faae485df2055d290b5f5949c6c1ef54dacde"], 0x6c) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x21) wait4(0x0, 0x0, 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x10000, 0x0, 0x15}) syz_open_pts(r0, 0x0) getxattr(&(0x7f0000000240)='./file0\x00', &(0x7f0000000280)=@known='com.apple.system.Security\x00', &(0x7f00000002c0)=""/41, 0x29) accept$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @initdev}, &(0x7f00000001c0)=0x10) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0xf, &(0x7f00009abffc)=0x5, 0x4) r4 = socket(0xa, 0x2, 0x0) getsockopt$sock_cred(r4, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xa) fcntl$getownex(r4, 0x10, &(0x7f0000000500)) openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000540)='/dev/vga_arbiter\x00', 0x511441, 0x0) [ 1485.871390] [<0000000039622e10>] ? SyS_read+0x270/0x270 [ 1485.871398] [<00000000207ed57a>] ? do_syscall_64+0x4a/0x5c0 [ 1485.871405] [<0000000039622e10>] ? SyS_read+0x270/0x270 [ 1485.871413] [<000000009049c43c>] do_syscall_64+0x1ad/0x5c0 [ 1485.871423] [<00000000880b3aee>] entry_SYSCALL_64_after_swapgs+0x5d/0xdb [ 1485.871427] Mem-Info: [ 1485.871447] active_anon:188406 inactive_anon:40 isolated_anon:0 [ 1485.871447] active_file:12614 inactive_file:19334 isolated_file:0 [ 1485.871447] unevictable:1 dirty:135 writeback:0 unstable:0 [ 1485.871447] slab_reclaimable:8854 slab_unreclaimable:100483 [ 1485.871447] mapped:59368 shmem:56 pagetables:76381 bounce:0 [ 1485.871447] free:1136524 free_pcp:454 free_cma:0 [ 1485.871463] Node 0 active_anon:753624kB inactive_anon:160kB active_file:50456kB inactive_file:77336kB unevictable:4kB isolated(anon):0kB isolated(file):0kB mapped:237472kB dirty:540kB writeback:0kB shmem:224kB writeback_tmp:0kB unstable:0kB pages_scanned:0 all_unreclaimable? no [ 1485.871484] DMA32 free:3012768kB min:4696kB low:7712kB high:10728kB active_anon:8kB inactive_anon:0kB active_file:4kB inactive_file:0kB unevictable:0kB writepending:0kB present:3145324kB managed:3020092kB mlocked:0kB slab_reclaimable:72kB slab_unreclaimable:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:1232kB local_pcp:588kB free_cma:0kB 22:10:40 executing program 1: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x13102000ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket(0x0, 0x0, 0x0) poll(0x0, 0x0, 0x8000000000000200) socketpair(0x10, 0x0, 0xfe, &(0x7f0000000180)) r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$TIOCLINUX4(r1, 0x541c, &(0x7f0000000040)) dup2(r0, 0xffffffffffffffff) r2 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r3, &(0x7f0000000300)=ANY=[], 0x0) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x21) wait4(0x0, 0x0, 0x0, 0x0) syz_open_pts(r0, 0x0) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0xf, &(0x7f00009abffc)=0x5, 0x4) 22:10:40 executing program 5: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x448, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x13102000ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket(0x0, 0xa, 0x8) poll(0x0, 0x0, 0x8000000000000200) socketpair(0x10, 0x0, 0xfe, &(0x7f0000000180)) fcntl$setown(0xffffffffffffffff, 0x8, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$TIOCLINUX4(r1, 0x541c, &(0x7f0000000040)) dup2(r0, 0xffffffffffffffff) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r3, &(0x7f0000000300)=ANY=[@ANYBLOB="2422cdb3dbc96a0d7dab17ee1da68e97a75c2d1a34e7ee02004c4ac61b6783adf4b78165e6c18fe6e6e9de0eb40ab9b6372acb8457a07f40768a79fdc462e6b4a93479179acce26e9a881ad88e9bda56bc45b955bd137eb6a10faae485df2055d290b5f5949c6c1ef54dacde51e41b3b831d091296afdcea0a3f90167c64236701a6a66a7585617a81295c82c330caf32cb6b5240766739a217b22cf41bbab5aeb327feb5109ed16a6ddd2009b475825c0dd02dbec6e612072ce7fd70ed9305446a8b45b7a9ff355b3cff9707fe8ba6b03c1d1269b59308a"], 0x1) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x21) wait4(0x0, 0x0, 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x10000, 0x0, 0x15}) accept$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @initdev}, &(0x7f00000001c0)=0x10) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0xf, &(0x7f00009abffc)=0x5, 0x4) openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000540)='/dev/vga_arbiter\x00', 0x511441, 0x0) lowmem_reserve[]: 0 3505 3505 [ 1485.871524] Normal free:1533328kB min:5580kB low:9168kB high:12756kB active_anon:753616kB inactive_anon:160kB active_file:50452kB inactive_file:77336kB unevictable:4kB writepending:540kB present:4718592kB managed:3589316kB mlocked:4kB slab_reclaimable:35344kB slab_unreclaimable:401932kB kernel_stack:97152kB pagetables:305524kB bounce:0kB free_pcp:580kB local_pcp:128kB free_cma:0kB 22:10:40 executing program 0: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) socket(0x0, 0x0, 0x8) poll(0x0, 0x0, 0x8000000000000200) socketpair(0x10, 0x0, 0x0, 0x0) creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$TIOCLINUX4(0xffffffffffffffff, 0x541c, &(0x7f0000000040)) r0 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r1, &(0x7f0000000300)=ANY=[@ANYBLOB], 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x21) wait4(0x0, 0x0, 0x0, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x10000, 0x0, 0x15}) syz_open_pts(0xffffffffffffffff, 0x0) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000540)='/dev/vga_arbiter\x00', 0x511441, 0x0) lowmem_reserve[]: 0 0 0 [ 1485.871592] DMA32: 12*4kB (UM) 12*8kB (UME) 7*16kB (UME) 5*32kB (UME) 4*64kB (UM) 6*128kB (UME) 7*256kB (UME) 6*512kB (UME) 4*1024kB (UME) 4*2048kB (UME) 731*4096kB (UM) = 3012768kB Normal: 6*4kB (UME) 7*8kB (ME) 24*16kB (UE) 4*32kB (UME) 40*64kB (M) 12*128kB (ME) 3*256kB (UE) 0*512kB 4*1024kB (UME) 0*2048kB 372*4096kB (U) = 1533264kB 22:10:40 executing program 4: perf_event_open(0x0, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) socket(0x0, 0x0, 0x8) poll(0x0, 0x0, 0x0) creat(&(0x7f00000000c0)='./file0\x00', 0x0) clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r0, &(0x7f0000000300)=ANY=[@ANYBLOB], 0x0) ptrace$setopts(0x4206, 0x0, 0x0, 0x0) wait4(0x0, 0x0, 0x0, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x10000, 0x0, 0x15}) 32001 total pagecache pages [ 1485.871639] 0 pages in swap cache [ 1485.871644] Swap cache stats: add 0, delete 0, find 0/0 [ 1485.871646] Free swap = 0kB [ 1485.871648] Total swap = 0kB [ 1485.871650] 1965979 pages RAM [ 1485.871652] 0 pages HighMem/MovableOnly [ 1485.871654] 313627 pages reserved [ 1486.020676] syz-executor.0: vmalloc: allocation failure: 0 bytes, mode:0x24000c2(GFP_KERNEL|__GFP_HIGHMEM) [ 1486.020684] CPU: 1 PID: 28675 Comm: syz-executor.0 Not tainted 4.9.194+ #0 [ 1486.020697] ffff880136e1f968 ffffffff81b67001 1ffff10026dc3f2f ffff8801390daf80 [ 1486.020707] ffffffff82aab4e0 0000000000000001 0000000000400000 ffff880136e1fa90 [ 1486.020716] ffffffff815080fc 0000000041b58ab3 ffffffff82e3bc80 ffffffff81431d00 [ 1486.020718] Call Trace: [ 1486.020731] [<0000000011681f42>] dump_stack+0xc1/0x120 [ 1486.020742] [<000000007c2097d2>] warn_alloc.cold+0x76/0x93 [ 1486.020751] [<00000000de19d6ac>] ? zone_watermark_ok_safe+0x260/0x260 [ 1486.020758] [<00000000298d54b5>] ? avc_has_perm+0x164/0x3a0 [ 1486.020767] [<000000005cb91349>] __vmalloc_node_range+0x368/0x610 [ 1486.020777] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1486.020785] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1486.020793] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 22:10:41 executing program 4: perf_event_open(0x0, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) socket(0x0, 0x0, 0x8) poll(0x0, 0x0, 0x0) creat(&(0x7f00000000c0)='./file0\x00', 0x0) clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r0, &(0x7f0000000300)=ANY=[@ANYBLOB], 0x0) ptrace$setopts(0x4206, 0x0, 0x0, 0x0) wait4(0x0, 0x0, 0x0, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x10000, 0x0, 0x15}) 22:10:41 executing program 2: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x448, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x13102000ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket(0x0, 0xa, 0x0) poll(0x0, 0x0, 0x8000000000000200) socketpair(0x0, 0x0, 0xfe, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$TIOCLINUX4(r1, 0x541c, &(0x7f0000000040)) dup2(r0, 0xffffffffffffffff) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r3, &(0x7f0000000300)=ANY=[@ANYBLOB="2422cdb3dbc96a0d7dab17ee1da68e97a75c2d1a34e7ee02004c4ac61b6783adf4b78165e6c18fe6e6e9de0eb40ab9b6372acb8457a07f40768a79fdc462e6b4a93479179acce26e9a881ad88e9bda56bc45b955bd137eb6a10faae485df2055d290b5f5949c6c1ef54dacde"], 0x6c) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x21) wait4(0x0, 0x0, 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x10000, 0x0, 0x15}) syz_open_pts(r0, 0x0) getxattr(&(0x7f0000000240)='./file0\x00', &(0x7f0000000280)=@known='com.apple.system.Security\x00', &(0x7f00000002c0)=""/41, 0x29) accept$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @initdev}, &(0x7f00000001c0)=0x10) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0xf, &(0x7f00009abffc)=0x5, 0x4) r4 = socket(0xa, 0x2, 0x0) getsockopt$sock_cred(r4, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xa) fcntl$getownex(r4, 0x10, &(0x7f0000000500)) openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000540)='/dev/vga_arbiter\x00', 0x511441, 0x0) [ 1486.020802] [<00000000a2fc1867>] ? task_has_security+0x130/0x270 22:10:41 executing program 5: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x448, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x13102000ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket(0x0, 0xa, 0x8) poll(0x0, 0x0, 0x8000000000000200) socketpair(0x10, 0x0, 0xfe, &(0x7f0000000180)) fcntl$setown(0xffffffffffffffff, 0x8, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$TIOCLINUX4(r1, 0x541c, &(0x7f0000000040)) dup2(r0, 0xffffffffffffffff) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r3, &(0x7f0000000300)=ANY=[@ANYBLOB="2422cdb3dbc96a0d7dab17ee1da68e97a75c2d1a34e7ee02004c4ac61b6783adf4b78165e6c18fe6e6e9de0eb40ab9b6372acb8457a07f40768a79fdc462e6b4a93479179acce26e9a881ad88e9bda56bc45b955bd137eb6a10faae485df2055d290b5f5949c6c1ef54dacde51e41b3b831d091296afdcea0a3f90167c64236701a6a66a7585617a81295c82c330caf32cb6b5240766739a217b22cf41bbab5aeb327feb5109ed16a6ddd2009b475825c0dd02dbec6e612072ce7fd70ed9305446a8b45b7a9ff355b3cff9707fe8ba6b03c1d1269b59308a"], 0x1) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x21) wait4(0x0, 0x0, 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x10000, 0x0, 0x15}) accept$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @initdev}, &(0x7f00000001c0)=0x10) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0xf, &(0x7f00009abffc)=0x5, 0x4) openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000540)='/dev/vga_arbiter\x00', 0x511441, 0x0) ** 80 printk messages dropped ** [ 1490.307330] Normal free:1527440kB min:5580kB low:9168kB high:12756kB active_anon:755648kB inactive_anon:160kB active_file:50532kB inactive_file:77336kB unevictable:4kB writepending:648kB present:4718592kB managed:3589316kB mlocked:4kB slab_reclaimable:35376kB slab_unreclaimable:402680kB kernel_stack:97664kB pagetables:307556kB bounce:0kB free_pcp:888kB local_pcp:652kB free_cma:0kB lowmem_reserve[]: 0 0 0 [ 1490.307385] DMA32: 12*4kB (UM) 12*8kB (UME) 7*16kB (UME) 5*32kB (UME) 4*64kB (UM) 6*128kB (UME) 7*256kB (UME) 6*512kB (UME) 4*1024kB (UME) 4*2048kB (UME) 731*4096kB (UM) = 3012768kB 22:10:41 executing program 4: perf_event_open(0x0, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) socket(0x0, 0x0, 0x8) poll(0x0, 0x0, 0x0) creat(&(0x7f00000000c0)='./file0\x00', 0x0) clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r0, &(0x7f0000000300)=ANY=[@ANYBLOB], 0x0) ptrace$setopts(0x4206, 0x0, 0x0, 0x0) wait4(0x0, 0x0, 0x0, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x10000, 0x0, 0x15}) ** 49 printk messages dropped ** [ 1490.385675] Normal free:1526716kB min:5580kB low:9168kB high:12756kB active_anon:755948kB inactive_anon:160kB active_file:50532kB inactive_file:77336kB unevictable:4kB writepending:648kB present:4718592kB managed:3589316kB mlocked:4kB slab_reclaimable:35376kB slab_unreclaimable:402808kB kernel_stack:97856kB pagetables:307704kB bounce:0kB free_pcp:488kB local_pcp:296kB free_cma:0kB lowmem_reserve[]: 0 0 0 [ 1490.385733] DMA32: 12*4kB (UM) 12*8kB (UME) 7*16kB (UME) 5*32kB (UME) 4*64kB (UM) 6*128kB (UME) 7*256kB (UME) 6*512kB (UME) 4*1024kB (UME) 4*2048kB (UME) 731*4096kB (UM) = 3012768kB Normal: 5*4kB (UE) 5*8kB (ME) 22*16kB (UE) 2*32kB (ME) 6*64kB (UM) 13*128kB (UME) 2*256kB (E) 0*512kB 2*1024kB (ME) 1*2048kB (U) 371*4096kB (U) = 1526748kB 32021 total pagecache pages [ 1490.385785] 0 pages in swap cache [ 1490.385789] Swap cache stats: add 0, delete 0, find 0/0 [ 1490.385791] Free swap = 0kB [ 1490.385793] Total swap = 0kB [ 1490.385795] 1965979 pages RAM [ 1490.385797] 0 pages HighMem/MovableOnly [ 1490.385798] 313627 pages reserved [ 1490.780958] SELinux: policydb magic number 0xb3cd2224 does not match expected magic number 0xf97cff8c [ 1490.793756] syz-executor.0: vmalloc: allocation failure: 0 bytes, mode:0x24000c2(GFP_KERNEL|__GFP_HIGHMEM) [ 1490.793771] CPU: 0 PID: 28910 Comm: syz-executor.0 Not tainted 4.9.194+ #0 [ 1490.793789] ffff88013addf968 ffffffff81b67001 1ffff100275bbf2f ffff88013add0000 [ 1490.793803] ffffffff82aab4e0 0000000000000001 0000000000400000 ffff88013addfa90 22:10:42 executing program 4: perf_event_open(0x0, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) socket(0x0, 0x0, 0x8) poll(0x0, 0x0, 0x8000000000000200) creat(0x0, 0x0) clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r0, &(0x7f0000000300)=ANY=[@ANYBLOB], 0x0) ptrace$setopts(0x4206, 0x0, 0x0, 0x0) wait4(0x0, 0x0, 0x0, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x10000, 0x0, 0x15}) [ 1490.793818] ffffffff815080fc 0000000041b58ab3 ffffffff82e3bc80 ffffffff81431d00 [ 1490.793820] Call Trace: [ 1490.793841] [<0000000011681f42>] dump_stack+0xc1/0x120 [ 1490.793860] [<000000007c2097d2>] warn_alloc.cold+0x76/0x93 [ 1490.793870] [<00000000de19d6ac>] ? zone_watermark_ok_safe+0x260/0x260 [ 1490.793883] [<00000000298d54b5>] ? avc_has_perm+0x164/0x3a0 [ 1490.793898] [<000000005cb91349>] __vmalloc_node_range+0x368/0x610 [ 1490.793912] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1490.793922] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1490.793933] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1490.793948] [<00000000a2fc1867>] ? task_has_security+0x130/0x270 [ 1490.793954] [<00000000a2870fb6>] vmalloc+0x5c/0x70 [ 1490.793962] [<000000009122b07a>] ? sel_write_load+0x119/0xf60 [ 1490.793968] [<000000009122b07a>] sel_write_load+0x119/0xf60 [ 1490.793975] [<0000000014953e9a>] ? sel_read_bool+0x240/0x240 [ 1490.793984] [<0000000033795d1e>] ? trace_hardirqs_on+0x10/0x10 [ 1490.793992] [<000000008431afd9>] __vfs_write+0x116/0x560 [ 1490.793998] [<0000000014953e9a>] ? sel_read_bool+0x240/0x240 [ 1490.794005] [<00000000b67253ca>] ? __vfs_read+0x550/0x550 [ 1490.794013] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1490.794022] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1490.794030] [<00000000ad48bf15>] ? rcu_read_lock_sched_held+0x10b/0x130 [ 1490.794037] [<00000000a3300644>] ? rcu_sync_lockdep_assert+0x73/0xb0 [ 1490.794045] [<000000003542cfd2>] ? __sb_start_write+0x161/0x310 [ 1490.794057] [<000000006a657c39>] vfs_write+0x185/0x520 [ 1490.794067] [<00000000896b6640>] SyS_write+0x121/0x270 [ 1490.794077] [<0000000039622e10>] ? SyS_read+0x270/0x270 [ 1490.794089] [<00000000207ed57a>] ? do_syscall_64+0x4a/0x5c0 [ 1490.794096] [<0000000039622e10>] ? SyS_read+0x270/0x270 [ 1490.794102] [<000000009049c43c>] do_syscall_64+0x1ad/0x5c0 [ 1490.794113] [<00000000880b3aee>] entry_SYSCALL_64_after_swapgs+0x5d/0xdb [ 1490.794139] Mem-Info: [ 1490.794164] active_anon:188960 inactive_anon:40 isolated_anon:0 [ 1490.794164] active_file:12635 inactive_file:19334 isolated_file:0 [ 1490.794164] unevictable:1 dirty:163 writeback:0 unstable:0 [ 1490.794164] slab_reclaimable:8866 slab_unreclaimable:100649 [ 1490.794164] mapped:59368 shmem:56 pagetables:76901 bounce:0 [ 1490.794164] free:1134904 free_pcp:548 free_cma:0 [ 1490.794186] Node 0 active_anon:755840kB inactive_anon:160kB active_file:50540kB inactive_file:77336kB unevictable:4kB isolated(anon):0kB isolated(file):0kB mapped:237472kB dirty:652kB writeback:0kB shmem:224kB writeback_tmp:0kB unstable:0kB pages_scanned:0 all_unreclaimable? no [ 1490.794233] DMA32 free:3012768kB min:4696kB low:7712kB high:10728kB active_anon:8kB inactive_anon:0kB active_file:4kB inactive_file:0kB unevictable:0kB writepending:0kB present:3145324kB managed:3020092kB mlocked:0kB slab_reclaimable:72kB slab_unreclaimable:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:1232kB local_pcp:588kB free_cma:0kB lowmem_reserve[]: 0 3505 3505 [ 1490.794262] Normal free:1526848kB min:5580kB low:9168kB high:12756kB active_anon:755832kB inactive_anon:160kB active_file:50536kB inactive_file:77336kB unevictable:4kB writepending:652kB present:4718592kB managed:3589316kB mlocked:4kB slab_reclaimable:35392kB slab_unreclaimable:402596kB kernel_stack:97856kB pagetables:307604kB bounce:0kB free_pcp:960kB local_pcp:508kB free_cma:0kB lowmem_reserve[]: 0 0 0 [ 1490.794328] DMA32: 12*4kB (UM) 12*8kB (UME) 7*16kB (UME) 5*32kB (UME) 4*64kB (UM) 6*128kB (UME) 7*256kB (UME) 6*512kB (UME) 4*1024kB (UME) 4*2048kB (UME) 731*4096kB (UM) = 3012768kB Normal: 4*4kB (E) 6*8kB (UME) 22*16kB (UE) 17*32kB (UME) 6*64kB (UM) 12*128kB (ME) 3*256kB (UE) 1*512kB (U) 3*1024kB (UME) 0*2048kB 371*4096kB (U) = 1526848kB 32022 total pagecache pages [ 1490.794380] 0 pages in swap cache [ 1490.794383] Swap cache stats: add 0, delete 0, find 0/0 [ 1490.794393] Free swap = 0kB [ 1490.794395] Total swap = 0kB [ 1490.794397] 1965979 pages RAM [ 1490.794400] 0 pages HighMem/MovableOnly [ 1490.794402] 313627 pages reserved [ 1490.794539] syz-executor.2: vmalloc: allocation failure: 0 bytes, mode:0x24000c2(GFP_KERNEL|__GFP_HIGHMEM) [ 1490.794549] CPU: 0 PID: 28911 Comm: syz-executor.2 Not tainted 4.9.194+ #0 [ 1490.794565] ffff88013adef968 ffffffff81b67001 1ffff100275bdf2f ffff88013add2f80 [ 1490.794578] ffffffff82aab4e0 0000000000000001 0000000000400000 ffff88013adefa90 [ 1490.794591] ffffffff815080fc 0000000041b58ab3 ffffffff82e3bc80 ffffffff81431d00 [ 1490.794593] Call Trace: [ 1490.794604] [<0000000011681f42>] dump_stack+0xc1/0x120 [ 1490.794617] [<000000007c2097d2>] warn_alloc.cold+0x76/0x93 [ 1490.794626] [<00000000de19d6ac>] ? zone_watermark_ok_safe+0x260/0x260 [ 1490.794637] [<00000000298d54b5>] ? avc_has_perm+0x164/0x3a0 [ 1490.794646] [<000000005cb91349>] __vmalloc_node_range+0x368/0x610 [ 1490.794655] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1490.794663] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1490.794671] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1490.794680] [<00000000a2fc1867>] ? task_has_security+0x130/0x270 [ 1490.794687] [<00000000a2870fb6>] vmalloc+0x5c/0x70 22:10:42 executing program 4: perf_event_open(0x0, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) socket(0x0, 0x0, 0x8) poll(0x0, 0x0, 0x8000000000000200) creat(0x0, 0x0) clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r0, &(0x7f0000000300)=ANY=[@ANYBLOB], 0x0) ptrace$setopts(0x4206, 0x0, 0x0, 0x0) wait4(0x0, 0x0, 0x0, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x10000, 0x0, 0x15}) [ 1490.794693] [<000000009122b07a>] ? sel_write_load+0x119/0xf60 [ 1490.794700] [<000000009122b07a>] sel_write_load+0x119/0xf60 [ 1490.794707] [<0000000014953e9a>] ? sel_read_bool+0x240/0x240 [ 1490.794716] [<0000000033795d1e>] ? trace_hardirqs_on+0x10/0x10 [ 1490.794722] [<000000008431afd9>] __vfs_write+0x116/0x560 [ 1490.794729] [<0000000014953e9a>] ? sel_read_bool+0x240/0x240 [ 1490.794735] [<00000000b67253ca>] ? __vfs_read+0x550/0x550 [ 1490.794743] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1490.794752] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1490.794760] [<00000000ad48bf15>] ? rcu_read_lock_sched_held+0x10b/0x130 [ 1490.794767] [<00000000a3300644>] ? rcu_sync_lockdep_assert+0x73/0xb0 [ 1490.794775] [<000000003542cfd2>] ? __sb_start_write+0x161/0x310 [ 1490.794782] [<000000006a657c39>] vfs_write+0x185/0x520 [ 1490.794789] [<00000000896b6640>] SyS_write+0x121/0x270 [ 1490.794795] [<0000000039622e10>] ? SyS_read+0x270/0x270 [ 1490.794803] [<00000000207ed57a>] ? do_syscall_64+0x4a/0x5c0 [ 1490.794809] [<0000000039622e10>] ? SyS_read+0x270/0x270 [ 1490.794816] [<000000009049c43c>] do_syscall_64+0x1ad/0x5c0 [ 1490.794824] [<00000000880b3aee>] entry_SYSCALL_64_after_swapgs+0x5d/0xdb [ 1490.794827] Mem-Info: [ 1490.794847] active_anon:188960 inactive_anon:40 isolated_anon:0 [ 1490.794847] active_file:12635 inactive_file:19334 isolated_file:0 [ 1490.794847] unevictable:1 dirty:163 writeback:0 unstable:0 [ 1490.794847] slab_reclaimable:8866 slab_unreclaimable:100649 [ 1490.794847] mapped:59368 shmem:56 pagetables:76901 bounce:0 [ 1490.794847] free:1134904 free_pcp:548 free_cma:0 [ 1490.794862] Node 0 active_anon:755840kB inactive_anon:160kB active_file:50540kB inactive_file:77336kB unevictable:4kB isolated(anon):0kB isolated(file):0kB mapped:237472kB dirty:652kB writeback:0kB shmem:224kB writeback_tmp:0kB unstable:0kB pages_scanned:0 all_unreclaimable? no [ 1490.794880] DMA32 free:3012768kB min:4696kB low:7712kB high:10728kB active_anon:8kB inactive_anon:0kB active_file:4kB inactive_file:0kB unevictable:0kB writepending:0kB present:3145324kB managed:3020092kB mlocked:0kB slab_reclaimable:72kB slab_unreclaimable:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:1232kB local_pcp:588kB free_cma:0kB lowmem_reserve[]: 0 3505 3505 [ 1490.794905] Normal free:1526848kB min:5580kB low:9168kB high:12756kB active_anon:755832kB inactive_anon:160kB active_file:50536kB inactive_file:77336kB unevictable:4kB writepending:652kB present:4718592kB managed:3589316kB mlocked:4kB slab_reclaimable:35392kB slab_unreclaimable:402596kB kernel_stack:97856kB pagetables:307604kB bounce:0kB free_pcp:960kB local_pcp:508kB free_cma:0kB lowmem_reserve[]: 0 0 0 [ 1490.794958] DMA32: 12*4kB (UM) 12*8kB (UME) 7*16kB (UME) 5*32kB (UME) 4*64kB (UM) 6*128kB (UME) 7*256kB (UME) 6*512kB (UME) 4*1024kB (UME) 4*2048kB (UME) 731*4096kB (UM) = 3012768kB Normal: 4*4kB (E) 6*8kB (UME) 22*16kB (UE) 17*32kB (UME) 6*64kB (UM) 12*128kB (ME) 3*256kB (UE) 1*512kB (U) 3*1024kB (UME) 0*2048kB 371*4096kB (U) = 1526848kB 32022 total pagecache pages [ 1490.795006] 0 pages in swap cache [ 1490.795009] Swap cache stats: add 0, delete 0, find 0/0 [ 1490.795011] Free swap = 0kB [ 1490.795013] Total swap = 0kB [ 1490.795015] 1965979 pages RAM [ 1490.795017] 0 pages HighMem/MovableOnly [ 1490.795019] 313627 pages reserved [ 1490.940181] syz-executor.1: vmalloc: allocation failure: 0 bytes, mode:0x24000c2(GFP_KERNEL|__GFP_HIGHMEM) [ 1490.940204] CPU: 0 PID: 28925 Comm: syz-executor.1 Not tainted 4.9.194+ #0 [ 1490.940219] ffff8801355c7968 ffffffff81b67001 1ffff10026ab8f2f ffff880132dfdf00 [ 1490.940230] ffffffff82aab4e0 0000000000000001 0000000000400000 ffff8801355c7a90 [ 1490.940242] ffffffff815080fc 0000000041b58ab3 ffffffff82e3bc80 ffffffff81431d00 [ 1490.940244] Call Trace: [ 1490.940264] [<0000000011681f42>] dump_stack+0xc1/0x120 [ 1490.940282] [<000000007c2097d2>] warn_alloc.cold+0x76/0x93 [ 1490.940294] [<00000000de19d6ac>] ? zone_watermark_ok_safe+0x260/0x260 [ 1490.940305] [<00000000298d54b5>] ? avc_has_perm+0x164/0x3a0 [ 1490.940319] [<00000000b9229046>] ? retint_kernel+0x2d/0x2d [ 1490.940332] [<000000005cb91349>] __vmalloc_node_range+0x368/0x610 [ 1490.940342] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1490.940350] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1490.940359] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1490.940370] [<00000000a2fc1867>] ? task_has_security+0x130/0x270 [ 1490.940382] [<00000000a2870fb6>] vmalloc+0x5c/0x70 [ 1490.940393] [<000000009122b07a>] ? sel_write_load+0x119/0xf60 [ 1490.940401] [<000000009122b07a>] sel_write_load+0x119/0xf60 [ 1490.940412] [<0000000014953e9a>] ? sel_read_bool+0x240/0x240 [ 1490.940422] [<00000000c0218928>] ? trace_hardirqs_on_caller+0x385/0x5a0 [ 1490.940429] [<000000007028393f>] ? mark_held_locks+0xb1/0x100 [ 1490.940437] [<000000008431afd9>] __vfs_write+0x116/0x560 [ 1490.940444] [<0000000014953e9a>] ? sel_read_bool+0x240/0x240 [ 1490.940451] [<00000000b67253ca>] ? __vfs_read+0x550/0x550 [ 1490.940459] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1490.940467] [<00000000b9229046>] ? retint_kernel+0x2d/0x2d [ 1490.940477] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1490.940485] [<0000000072e3fb80>] ? __sb_start_write+0x21c/0x310 [ 1490.940493] [<000000003542cfd2>] ? __sb_start_write+0x161/0x310 [ 1490.940500] [<000000006a657c39>] vfs_write+0x185/0x520 [ 1490.940508] [<00000000896b6640>] SyS_write+0x121/0x270 [ 1490.940516] [<0000000039622e10>] ? SyS_read+0x270/0x270 [ 1490.940524] [<00000000207ed57a>] ? do_syscall_64+0x4a/0x5c0 [ 1490.940531] [<0000000039622e10>] ? SyS_read+0x270/0x270 [ 1490.940538] [<000000009049c43c>] do_syscall_64+0x1ad/0x5c0 [ 1490.940547] [<00000000880b3aee>] entry_SYSCALL_64_after_swapgs+0x5d/0xdb [ 1490.941536] Mem-Info: [ 1490.941576] active_anon:188960 inactive_anon:40 isolated_anon:0 [ 1490.941576] active_file:12635 inactive_file:19334 isolated_file:0 [ 1490.941576] unevictable:1 dirty:163 writeback:0 unstable:0 [ 1490.941576] slab_reclaimable:8866 slab_unreclaimable:100611 [ 1490.941576] mapped:59368 shmem:56 pagetables:76864 bounce:0 [ 1490.941576] free:1135051 free_pcp:554 free_cma:0 [ 1490.941608] Node 0 active_anon:755840kB inactive_anon:160kB active_file:50540kB inactive_file:77336kB unevictable:4kB isolated(anon):0kB isolated(file):0kB mapped:237472kB dirty:652kB writeback:0kB shmem:224kB writeback_tmp:0kB unstable:0kB pages_scanned:0 all_unreclaimable? no [ 1490.941638] DMA32 free:3012768kB min:4696kB low:7712kB high:10728kB active_anon:8kB inactive_anon:0kB active_file:4kB inactive_file:0kB unevictable:0kB writepending:0kB present:3145324kB managed:3020092kB mlocked:0kB slab_reclaimable:72kB slab_unreclaimable:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:1232kB local_pcp:588kB free_cma:0kB lowmem_reserve[]: 0 3505 3505 [ 1490.941735] Normal free:1527436kB min:5580kB low:9168kB high:12756kB active_anon:755832kB inactive_anon:160kB active_file:50536kB inactive_file:77336kB unevictable:4kB writepending:652kB present:4718592kB managed:3589316kB mlocked:4kB slab_reclaimable:35392kB slab_unreclaimable:402444kB kernel_stack:97600kB pagetables:307456kB bounce:0kB free_pcp:988kB local_pcp:704kB free_cma:0kB lowmem_reserve[]: 0 0 0 [ 1490.942135] DMA32: 12*4kB (UM) 12*8kB (UME) 7*16kB (UME) 5*32kB (UME) 4*64kB (UM) 6*128kB (UME) 7*256kB (UME) 6*512kB (UME) 4*1024kB (UME) 4*2048kB (UME) 731*4096kB (UM) = 3012768kB Normal: 5*4kB (UE) 5*8kB (UE) 23*16kB (UME) 31*32kB (UME) 8*64kB (UM) 12*128kB (ME) 3*256kB (UE) 1*512kB (U) 3*1024kB (UME) 0*2048kB 371*4096kB (U) = 1527436kB 32022 total pagecache pages [ 1490.942435] 0 pages in swap cache [ 1490.942459] Swap cache stats: add 0, delete 0, find 0/0 [ 1490.942475] Free swap = 0kB [ 1490.942497] Total swap = 0kB [ 1490.942515] 1965979 pages RAM 22:10:43 executing program 3: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket(0x0, 0x0, 0x8) poll(0x0, 0x0, 0x0) r0 = creat(0x0, 0x0) ioctl$TIOCLINUX4(r0, 0x541c, &(0x7f0000000040)) r1 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r2, &(0x7f0000000300)=ANY=[@ANYBLOB], 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x21) wait4(0x0, 0x0, 0x0, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x10000, 0x0, 0x15}) syz_open_pts(0xffffffffffffffff, 0x0) 22:10:43 executing program 1: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x13102000ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket(0x0, 0x0, 0x0) poll(0x0, 0x0, 0x0) socketpair(0x10, 0x0, 0xfe, &(0x7f0000000180)) r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$TIOCLINUX4(r1, 0x541c, &(0x7f0000000040)) dup2(r0, 0xffffffffffffffff) r2 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r3, &(0x7f0000000300)=ANY=[], 0x0) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x21) wait4(0x0, 0x0, 0x0, 0x0) syz_open_pts(r0, 0x0) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0xf, &(0x7f00009abffc)=0x5, 0x4) 22:10:43 executing program 4: perf_event_open(0x0, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) socket(0x0, 0x0, 0x8) poll(0x0, 0x0, 0x8000000000000200) creat(0x0, 0x0) clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r0, &(0x7f0000000300)=ANY=[@ANYBLOB], 0x0) ptrace$setopts(0x4206, 0x0, 0x0, 0x0) wait4(0x0, 0x0, 0x0, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x10000, 0x0, 0x15}) [ 1490.942537] 0 pages HighMem/MovableOnly [ 1490.942550] 313627 pages reserved [ 1490.977520] syz-executor.4: vmalloc: allocation failure: 0 bytes, mode:0x24000c2(GFP_KERNEL|__GFP_HIGHMEM) [ 1490.977542] CPU: 1 PID: 28929 Comm: syz-executor.4 Not tainted 4.9.194+ #0 [ 1490.977557] ffff880133e47968 ffffffff81b67001 1ffff100267c8f2f ffff880132908000 [ 1490.977567] ffffffff82aab4e0 0000000000000001 0000000000400000 ffff880133e47a90 [ 1490.977579] ffffffff815080fc 0000000041b58ab3 ffffffff82e3bc80 ffffffff81431d00 [ 1490.977581] Call Trace: [ 1490.977599] [<0000000011681f42>] dump_stack+0xc1/0x120 [ 1490.977616] [<000000007c2097d2>] warn_alloc.cold+0x76/0x93 [ 1490.977627] [<00000000de19d6ac>] ? zone_watermark_ok_safe+0x260/0x260 [ 1490.977639] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1490.977650] [<000000005cb91349>] __vmalloc_node_range+0x368/0x610 [ 1490.977658] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1490.977666] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1490.977673] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1490.977685] [<00000000a2fc1867>] ? task_has_security+0x130/0x270 22:10:44 executing program 1: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x13102000ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket(0x0, 0x0, 0x0) poll(0x0, 0x0, 0x0) socketpair(0x10, 0x0, 0xfe, &(0x7f0000000180)) r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$TIOCLINUX4(r1, 0x541c, &(0x7f0000000040)) dup2(r0, 0xffffffffffffffff) r2 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r3, &(0x7f0000000300)=ANY=[], 0x0) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x21) wait4(0x0, 0x0, 0x0, 0x0) syz_open_pts(r0, 0x0) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0xf, &(0x7f00009abffc)=0x5, 0x4) 22:10:44 executing program 0: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) socket(0x0, 0x0, 0x8) poll(0x0, 0x0, 0x8000000000000200) socketpair(0x10, 0x0, 0x0, 0x0) creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$TIOCLINUX4(0xffffffffffffffff, 0x541c, 0x0) r0 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r1, &(0x7f0000000300)=ANY=[@ANYBLOB], 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x21) wait4(0x0, 0x0, 0x0, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x10000, 0x0, 0x15}) syz_open_pts(0xffffffffffffffff, 0x0) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000540)='/dev/vga_arbiter\x00', 0x511441, 0x0) [ 1490.977691] [<00000000a2870fb6>] vmalloc+0x5c/0x70 [ 1490.977697] [<000000009122b07a>] ? sel_write_load+0x119/0xf60 22:10:44 executing program 3: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket(0x0, 0x0, 0x8) poll(0x0, 0x0, 0x0) r0 = creat(0x0, 0x0) ioctl$TIOCLINUX4(r0, 0x541c, &(0x7f0000000040)) r1 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r2, &(0x7f0000000300)=ANY=[@ANYBLOB], 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x21) wait4(0x0, 0x0, 0x0, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x10000, 0x0, 0x15}) syz_open_pts(0xffffffffffffffff, 0x0) [ 1490.977703] [<000000009122b07a>] sel_write_load+0x119/0xf60 [ 1490.977710] [<0000000014953e9a>] ? sel_read_bool+0x240/0x240 [ 1490.977718] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1490.977727] [<00000000b9229046>] ? retint_kernel+0x2d/0x2d [ 1490.977735] [<0000000033795d1e>] ? trace_hardirqs_on+0x10/0x10 [ 1490.977743] [<000000008431afd9>] __vfs_write+0x116/0x560 [ 1490.977749] [<0000000014953e9a>] ? sel_read_bool+0x240/0x240 [ 1490.977756] [<00000000b67253ca>] ? __vfs_read+0x550/0x550 [ 1490.977764] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1490.977772] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1490.977780] [<00000000ad48bf15>] ? rcu_read_lock_sched_held+0x10b/0x130 [ 1490.977787] [<00000000a3300644>] ? rcu_sync_lockdep_assert+0x73/0xb0 [ 1490.977795] [<000000003542cfd2>] ? __sb_start_write+0x161/0x310 [ 1490.977801] [<000000006a657c39>] vfs_write+0x185/0x520 [ 1490.977808] [<00000000896b6640>] SyS_write+0x121/0x270 [ 1490.977815] [<0000000039622e10>] ? SyS_read+0x270/0x270 [ 1490.977823] [<00000000207ed57a>] ? do_syscall_64+0x4a/0x5c0 [ 1490.977829] [<0000000039622e10>] ? SyS_read+0x270/0x270 [ 1490.977835] [<000000009049c43c>] do_syscall_64+0x1ad/0x5c0 22:10:44 executing program 1: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x13102000ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket(0x0, 0x0, 0x0) poll(0x0, 0x0, 0x0) socketpair(0x10, 0x0, 0xfe, &(0x7f0000000180)) r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$TIOCLINUX4(r1, 0x541c, &(0x7f0000000040)) dup2(r0, 0xffffffffffffffff) r2 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r3, &(0x7f0000000300)=ANY=[], 0x0) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x21) wait4(0x0, 0x0, 0x0, 0x0) syz_open_pts(r0, 0x0) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0xf, &(0x7f00009abffc)=0x5, 0x4) 22:10:44 executing program 2: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x13102000ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket(0x0, 0x0, 0x0) poll(0x0, 0x0, 0x8000000000000200) socketpair(0x10, 0x0, 0xfe, &(0x7f0000000180)) r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$TIOCLINUX4(r1, 0x541c, &(0x7f0000000040)) dup2(r0, 0xffffffffffffffff) r2 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r3, &(0x7f0000000300)=ANY=[], 0x0) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x21) wait4(0x0, 0x0, 0x0, 0x0) syz_open_pts(r0, 0x0) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0xf, &(0x7f00009abffc)=0x5, 0x4) [ 1490.977843] [<00000000880b3aee>] entry_SYSCALL_64_after_swapgs+0x5d/0xdb [ 1490.977857] Mem-Info: 22:10:44 executing program 5: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x448, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x13102000ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket(0x0, 0xa, 0x0) poll(0x0, 0x0, 0x8000000000000200) socketpair(0x0, 0x0, 0xfe, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$TIOCLINUX4(r1, 0x541c, &(0x7f0000000040)) dup2(r0, 0xffffffffffffffff) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r3, &(0x7f0000000300)=ANY=[@ANYBLOB="2422cdb3dbc96a0d7dab17ee1da68e97a75c2d1a34e7ee02004c4ac61b6783adf4b78165e6c18fe6e6e9de0eb40ab9b6372acb8457a07f40768a79fdc462e6b4a93479179acce26e9a881ad88e9bda56bc45b955bd137eb6a10faae485df2055d290b5f5949c6c1ef54dacde"], 0x6c) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x21) wait4(0x0, 0x0, 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x10000, 0x0, 0x15}) syz_open_pts(r0, 0x0) getxattr(&(0x7f0000000240)='./file0\x00', &(0x7f0000000280)=@known='com.apple.system.Security\x00', &(0x7f00000002c0)=""/41, 0x29) accept$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @initdev}, &(0x7f00000001c0)=0x10) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0xf, &(0x7f00009abffc)=0x5, 0x4) r4 = socket(0xa, 0x2, 0x0) getsockopt$sock_cred(r4, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xa) fcntl$getownex(r4, 0x10, &(0x7f0000000500)) openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000540)='/dev/vga_arbiter\x00', 0x511441, 0x0) 22:10:44 executing program 3: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket(0x0, 0x0, 0x8) poll(0x0, 0x0, 0x0) r0 = creat(0x0, 0x0) ioctl$TIOCLINUX4(r0, 0x541c, &(0x7f0000000040)) r1 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r2, &(0x7f0000000300)=ANY=[@ANYBLOB], 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x21) wait4(0x0, 0x0, 0x0, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x10000, 0x0, 0x15}) syz_open_pts(0xffffffffffffffff, 0x0) 22:10:44 executing program 4: perf_event_open(0x0, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) socket(0x0, 0x0, 0x8) poll(0x0, 0x0, 0x8000000000000200) creat(&(0x7f00000000c0)='./file0\x00', 0x0) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r0, &(0x7f0000000300)=ANY=[@ANYBLOB], 0x0) ptrace$setopts(0x4206, 0x0, 0x0, 0x0) wait4(0x0, 0x0, 0x0, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x10000, 0x0, 0x15}) [ 1490.977891] active_anon:188960 inactive_anon:40 isolated_anon:0 [ 1490.977891] active_file:12635 inactive_file:19334 isolated_file:0 [ 1490.977891] unevictable:1 dirty:163 writeback:0 unstable:0 [ 1490.977891] slab_reclaimable:8866 slab_unreclaimable:100611 [ 1490.977891] mapped:59368 shmem:56 pagetables:76864 bounce:0 [ 1490.977891] free:1135051 free_pcp:549 free_cma:0 [ 1490.977940] Node 0 active_anon:755840kB inactive_anon:160kB active_file:50540kB inactive_file:77336kB unevictable:4kB isolated(anon):0kB isolated(file):0kB mapped:237472kB dirty:652kB writeback:0kB shmem:224kB writeback_tmp:0kB unstable:0kB pages_scanned:0 all_unreclaimable? no 22:10:44 executing program 1: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x13102000ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket(0x0, 0x0, 0x0) poll(0x0, 0x0, 0x8000000000000200) socketpair(0x0, 0x0, 0xfe, &(0x7f0000000180)) r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$TIOCLINUX4(r1, 0x541c, &(0x7f0000000040)) dup2(r0, 0xffffffffffffffff) r2 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r3, &(0x7f0000000300)=ANY=[], 0x0) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x21) wait4(0x0, 0x0, 0x0, 0x0) syz_open_pts(r0, 0x0) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0xf, &(0x7f00009abffc)=0x5, 0x4) [ 1490.977970] DMA32 free:3012768kB min:4696kB low:7712kB high:10728kB active_anon:8kB inactive_anon:0kB active_file:4kB inactive_file:0kB unevictable:0kB writepending:0kB present:3145324kB managed:3020092kB mlocked:0kB slab_reclaimable:72kB slab_unreclaimable:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:1232kB local_pcp:644kB free_cma:0kB lowmem_reserve[]: 0 3505 3505 [ 1490.978098] Normal free:1527436kB min:5580kB low:9168kB high:12756kB active_anon:755832kB inactive_anon:160kB active_file:50536kB inactive_file:77336kB unevictable:4kB writepending:652kB present:4718592kB managed:3589316kB mlocked:4kB slab_reclaimable:35392kB slab_unreclaimable:402444kB kernel_stack:97536kB pagetables:307456kB bounce:0kB free_pcp:964kB local_pcp:272kB free_cma:0kB 22:10:44 executing program 1: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x13102000ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket(0x0, 0x0, 0x0) poll(0x0, 0x0, 0x8000000000000200) socketpair(0x0, 0x0, 0xfe, &(0x7f0000000180)) r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$TIOCLINUX4(r1, 0x541c, &(0x7f0000000040)) dup2(r0, 0xffffffffffffffff) r2 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r3, &(0x7f0000000300)=ANY=[], 0x0) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x21) wait4(0x0, 0x0, 0x0, 0x0) syz_open_pts(r0, 0x0) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0xf, &(0x7f00009abffc)=0x5, 0x4) lowmem_reserve[]: 0 0 0 [ 1490.978480] DMA32: 12*4kB (UM) 12*8kB (UME) 7*16kB (UME) 5*32kB (UME) 4*64kB (UM) 6*128kB (UME) 7*256kB (UME) 6*512kB (UME) 4*1024kB (UME) 4*2048kB (UME) 731*4096kB (UM) = 3012768kB 22:10:44 executing program 0: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) socket(0x0, 0x0, 0x8) poll(0x0, 0x0, 0x8000000000000200) socketpair(0x10, 0x0, 0x0, 0x0) creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$TIOCLINUX4(0xffffffffffffffff, 0x541c, 0x0) r0 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r1, &(0x7f0000000300)=ANY=[@ANYBLOB], 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x21) wait4(0x0, 0x0, 0x0, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x10000, 0x0, 0x15}) syz_open_pts(0xffffffffffffffff, 0x0) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000540)='/dev/vga_arbiter\x00', 0x511441, 0x0) 22:10:44 executing program 3: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket(0x0, 0x0, 0x8) poll(0x0, 0x0, 0x0) creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$TIOCLINUX4(0xffffffffffffffff, 0x541c, &(0x7f0000000040)) r0 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r1, &(0x7f0000000300)=ANY=[@ANYBLOB], 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x21) wait4(0x0, 0x0, 0x0, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x10000, 0x0, 0x15}) syz_open_pts(0xffffffffffffffff, 0x0) Normal: 5*4kB (UE) 5*8kB (UE) 23*16kB (UME) 33*32kB (UME) 8*64kB (UM) 12*128kB (ME) 3*256kB (UE) 1*512kB (U) 3*1024kB (UME) 0*2048kB 371*4096kB (U) = 1527500kB 32022 total pagecache pages [ 1490.978800] 0 pages in swap cache [ 1490.978828] Swap cache stats: add 0, delete 0, find 0/0 [ 1490.978840] Free swap = 0kB [ 1490.978848] Total swap = 0kB [ 1490.978865] 1965979 pages RAM [ 1490.978886] 0 pages HighMem/MovableOnly [ 1490.978898] 313627 pages reserved [ 1491.088370] syz-executor.2: vmalloc: allocation failure: 0 bytes, mode:0x24000c2(GFP_KERNEL|__GFP_HIGHMEM) [ 1491.088378] CPU: 1 PID: 28941 Comm: syz-executor.2 Not tainted 4.9.194+ #0 [ 1491.088393] ffff88013899f968 ffffffff81b67001 1ffff10027133f2f ffff88012f62df00 22:10:45 executing program 2: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x13102000ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket(0x0, 0x0, 0x0) poll(0x0, 0x0, 0x8000000000000200) socketpair(0x10, 0x0, 0xfe, &(0x7f0000000180)) r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$TIOCLINUX4(r1, 0x541c, &(0x7f0000000040)) dup2(r0, 0xffffffffffffffff) r2 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r3, &(0x7f0000000300)=ANY=[], 0x0) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x21) wait4(0x0, 0x0, 0x0, 0x0) syz_open_pts(r0, 0x0) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0xf, &(0x7f00009abffc)=0x5, 0x4) [ 1491.088403] ffffffff82aab4e0 0000000000000001 0000000000400000 ffff88013899fa90 [ 1491.088416] ffffffff815080fc 0000000041b58ab3 ffffffff82e3bc80 ffffffff81431d00 [ 1491.088417] Call Trace: [ 1491.088435] [<0000000011681f42>] dump_stack+0xc1/0x120 [ 1491.088451] [<000000007c2097d2>] warn_alloc.cold+0x76/0x93 [ 1491.088463] [<00000000de19d6ac>] ? zone_watermark_ok_safe+0x260/0x260 [ 1491.088472] [<00000000298d54b5>] ? avc_has_perm+0x164/0x3a0 [ 1491.088484] [<000000005cb91349>] __vmalloc_node_range+0x368/0x610 [ 1491.088493] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1491.088501] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1491.088510] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1491.088519] [<00000000a2fc1867>] ? task_has_security+0x130/0x270 [ 1491.088526] [<00000000a2870fb6>] vmalloc+0x5c/0x70 [ 1491.088532] [<000000009122b07a>] ? sel_write_load+0x119/0xf60 [ 1491.088538] [<000000009122b07a>] sel_write_load+0x119/0xf60 [ 1491.088545] [<0000000014953e9a>] ? sel_read_bool+0x240/0x240 22:10:45 executing program 1: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x13102000ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket(0x0, 0x0, 0x0) poll(0x0, 0x0, 0x8000000000000200) socketpair(0x0, 0x0, 0xfe, &(0x7f0000000180)) r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$TIOCLINUX4(r1, 0x541c, &(0x7f0000000040)) dup2(r0, 0xffffffffffffffff) r2 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r3, &(0x7f0000000300)=ANY=[], 0x0) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x21) wait4(0x0, 0x0, 0x0, 0x0) syz_open_pts(r0, 0x0) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0xf, &(0x7f00009abffc)=0x5, 0x4) 22:10:45 executing program 4: perf_event_open(0x0, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) socket(0x0, 0x0, 0x8) poll(0x0, 0x0, 0x8000000000000200) creat(&(0x7f00000000c0)='./file0\x00', 0x0) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r0, &(0x7f0000000300)=ANY=[@ANYBLOB], 0x0) ptrace$setopts(0x4206, 0x0, 0x0, 0x0) wait4(0x0, 0x0, 0x0, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x10000, 0x0, 0x15}) 22:10:45 executing program 5: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x448, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x13102000ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket(0x0, 0xa, 0x0) poll(0x0, 0x0, 0x8000000000000200) socketpair(0x0, 0x0, 0xfe, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$TIOCLINUX4(r1, 0x541c, &(0x7f0000000040)) dup2(r0, 0xffffffffffffffff) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r3, &(0x7f0000000300)=ANY=[@ANYBLOB="2422cdb3dbc96a0d7dab17ee1da68e97a75c2d1a34e7ee02004c4ac61b6783adf4b78165e6c18fe6e6e9de0eb40ab9b6372acb8457a07f40768a79fdc462e6b4a93479179acce26e9a881ad88e9bda56bc45b955bd137eb6a10faae485df2055d290b5f5949c6c1ef54dacde"], 0x6c) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x21) wait4(0x0, 0x0, 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x10000, 0x0, 0x15}) syz_open_pts(r0, 0x0) getxattr(&(0x7f0000000240)='./file0\x00', &(0x7f0000000280)=@known='com.apple.system.Security\x00', &(0x7f00000002c0)=""/41, 0x29) accept$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @initdev}, &(0x7f00000001c0)=0x10) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0xf, &(0x7f00009abffc)=0x5, 0x4) r4 = socket(0xa, 0x2, 0x0) getsockopt$sock_cred(r4, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xa) fcntl$getownex(r4, 0x10, &(0x7f0000000500)) openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000540)='/dev/vga_arbiter\x00', 0x511441, 0x0) [ 1491.088553] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1491.088562] [<00000000b9229046>] ? retint_kernel+0x2d/0x2d [ 1491.088571] [<0000000033795d1e>] ? trace_hardirqs_on+0x10/0x10 [ 1491.088578] [<000000008431afd9>] __vfs_write+0x116/0x560 [ 1491.088585] [<0000000014953e9a>] ? sel_read_bool+0x240/0x240 [ 1491.088591] [<00000000b67253ca>] ? __vfs_read+0x550/0x550 [ 1491.088600] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1491.088608] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1491.088617] [<00000000ad48bf15>] ? rcu_read_lock_sched_held+0x10b/0x130 ** 15 printk messages dropped ** [ 1491.088768] lowmem_reserve[]: 0 0 0 22:10:46 executing program 2: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x13102000ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket(0x0, 0x0, 0x0) poll(0x0, 0x0, 0x8000000000000200) socketpair(0x10, 0x0, 0xfe, &(0x7f0000000180)) r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$TIOCLINUX4(r1, 0x541c, &(0x7f0000000040)) dup2(r0, 0xffffffffffffffff) r2 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r3, &(0x7f0000000300)=ANY=[], 0x0) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x21) wait4(0x0, 0x0, 0x0, 0x0) syz_open_pts(r0, 0x0) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0xf, &(0x7f00009abffc)=0x5, 0x4) 22:10:46 executing program 1: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x13102000ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket(0x0, 0x0, 0x0) poll(0x0, 0x0, 0x8000000000000200) socketpair(0x10, 0x0, 0x0, &(0x7f0000000180)) r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$TIOCLINUX4(r1, 0x541c, &(0x7f0000000040)) dup2(r0, 0xffffffffffffffff) r2 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r3, &(0x7f0000000300)=ANY=[], 0x0) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x21) wait4(0x0, 0x0, 0x0, 0x0) syz_open_pts(r0, 0x0) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0xf, &(0x7f00009abffc)=0x5, 0x4) ** 51 printk messages dropped ** [ 1491.132461] lowmem_reserve[]: 0 0 0 [ 1491.132514] DMA32: 12*4kB (UM) 12*8kB (UME) 7*16kB (UME) 5*32kB (UME) 4*64kB (UM) 6*128kB (UME) 7*256kB (UME) 6*512kB (UME) 4*1024kB (UME) 4*2048kB (UME) 731*4096kB (UM) = 3012768kB Normal: 4*4kB (E) 6*8kB (UME) 23*16kB (UME) 6*32kB (UME) 1*64kB (M) 12*128kB (ME) 3*256kB (UE) 1*512kB (U) 3*1024kB (UME) 0*2048kB 371*4096kB (U) = 1526192kB 32022 total pagecache pages [ 1491.132571] 0 pages in swap cache [ 1491.132575] Swap cache stats: add 0, delete 0, find 0/0 [ 1491.132578] Free swap = 0kB [ 1491.132580] Total swap = 0kB [ 1491.132582] 1965979 pages RAM [ 1491.132583] 0 pages HighMem/MovableOnly [ 1491.132585] 313627 pages reserved [ 1491.575310] SELinux: policydb magic number 0xb3cd2224 does not match expected magic number 0xf97cff8c [ 1491.598607] syz-executor.1: vmalloc: allocation failure: 0 bytes, mode:0x24000c2(GFP_KERNEL|__GFP_HIGHMEM) [ 1491.598619] CPU: 0 PID: 28964 Comm: syz-executor.1 Not tainted 4.9.194+ #0 [ 1491.598639] ffff88013ae47968 ffffffff81b67001 1ffff100275c8f2f ffff880128ad97c0 [ 1491.598652] ffffffff82aab4e0 0000000000000001 0000000000400000 ffff88013ae47a90 22:10:46 executing program 4: perf_event_open(0x0, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) socket(0x0, 0x0, 0x8) poll(0x0, 0x0, 0x8000000000000200) creat(&(0x7f00000000c0)='./file0\x00', 0x0) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r0, &(0x7f0000000300)=ANY=[@ANYBLOB], 0x0) ptrace$setopts(0x4206, 0x0, 0x0, 0x0) wait4(0x0, 0x0, 0x0, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x10000, 0x0, 0x15}) [ 1491.598665] ffffffff815080fc 0000000041b58ab3 ffffffff82e3bc80 ffffffff81431d00 ** 36 printk messages dropped ** [ 1491.599069] lowmem_reserve[]: 0 0 0 [ 1491.599117] DMA32: 12*4kB (UM) 12*8kB (UME) 7*16kB (UME) 5*32kB (UME) 4*64kB (UM) 6*128kB (UME) 7*256kB (UME) 6*512kB (UME) 4*1024kB (UME) 4*2048kB (UME) 731*4096kB (UM) = 3012768kB Normal: 4*4kB (E) 4*8kB (E) 20*16kB (E) 4*32kB (UE) 1*64kB (U) 11*128kB (ME) 2*256kB (E) 1*512kB (U) 3*1024kB (UME) 0*2048kB 371*4096kB (U) = 1525680kB 32022 total pagecache pages [ 1491.599169] 0 pages in swap cache [ 1491.599173] Swap cache stats: add 0, delete 0, find 0/0 [ 1491.599175] Free swap = 0kB 22:10:46 executing program 2: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x448, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x13102000ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket(0x0, 0xa, 0x8) poll(0x0, 0x0, 0x8000000000000200) r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$TIOCLINUX4(r1, 0x541c, &(0x7f0000000040)) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r3, &(0x7f0000000300)=ANY=[@ANYBLOB="2422cdb3dbc96a0d7dab17ee1da68e97a75c2d1a34e7ee02004c4ac61b6783adf4b78165e6c18fe6e6e9de0eb40ab9b6372acb8457a07f40768a79fdc462e6b4a93479179acce26e9a881ad88e9bda56bc45b955bd137eb6a10faae485df2055d290b5f5949c6c1ef54dacde51e41b3b831d091296afdcea0a3f90167c64236701a6a66a7585617a81295c82c330caf32cb6b5240766739a217b22cf41bbab5aeb327feb5109ed16a6ddd2009b475825c0dd02dbec6e612072ce7fd70ed9305446a8b45b7a9ff355b3cff9707fe8ba6b03c1d1269b59308a"], 0x1) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x21) wait4(0x0, 0x0, 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x10000, 0x0, 0x15}) getxattr(&(0x7f0000000240)='./file0\x00', &(0x7f0000000280)=@known='com.apple.system.Security\x00', &(0x7f00000002c0)=""/41, 0x29) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0xf, &(0x7f00009abffc)=0x5, 0x4) openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000540)='/dev/vga_arbiter\x00', 0x511441, 0x0) ** 45 printk messages dropped ** [ 1491.600201] lowmem_reserve[]: 0 0 0 22:10:46 executing program 1: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x13102000ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket(0x0, 0x0, 0x0) poll(0x0, 0x0, 0x8000000000000200) socketpair(0x10, 0x0, 0x0, &(0x7f0000000180)) r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$TIOCLINUX4(r1, 0x541c, &(0x7f0000000040)) dup2(r0, 0xffffffffffffffff) r2 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r3, &(0x7f0000000300)=ANY=[], 0x0) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x21) wait4(0x0, 0x0, 0x0, 0x0) syz_open_pts(r0, 0x0) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0xf, &(0x7f00009abffc)=0x5, 0x4) [ 1491.600251] DMA32: 12*4kB (UM) 12*8kB (UME) 7*16kB (UME) 5*32kB (UME) 4*64kB (UM) 6*128kB (UME) 7*256kB (UME) 6*512kB (UME) 4*1024kB (UME) 4*2048kB (UME) 731*4096kB (UM) = 3012768kB ** 105 printk messages dropped ** [ 1495.510543] lowmem_reserve[]: 0 0 0 [ 1495.510638] DMA32: 12*4kB (UM) 12*8kB (UME) 7*16kB (UME) 5*32kB (UME) 4*64kB (UM) 6*128kB (UME) 7*256kB (UME) 6*512kB (UME) 4*1024kB (UME) 4*2048kB (UME) 731*4096kB (UM) = 3012768kB Normal: 5*4kB (ME) 4*8kB (ME) 21*16kB (ME) 6*32kB (UE) 1*64kB (M) 8*128kB (UME) 2*256kB (E) 1*512kB (U) 2*1024kB (ME) 0*2048kB 371*4096kB (U) = 1524356kB 32027 total pagecache pages [ 1495.510701] 0 pages in swap cache [ 1495.510706] Swap cache stats: add 0, delete 0, find 0/0 [ 1495.510709] Free swap = 0kB [ 1495.510711] Total swap = 0kB [ 1495.510713] 1965979 pages RAM [ 1495.510715] 0 pages HighMem/MovableOnly [ 1495.510717] 313627 pages reserved [ 1495.510845] syz-executor.0: vmalloc: allocation failure: 0 bytes, mode:0x24000c2(GFP_KERNEL|__GFP_HIGHMEM) [ 1495.510854] CPU: 1 PID: 29079 Comm: syz-executor.0 Not tainted 4.9.194+ #0 [ 1495.510870] ffff88012dc1f968 ffffffff81b67001 1ffff10025b83f2f ffff880129ee17c0 [ 1495.510883] ffffffff82aab4e0 0000000000000001 0000000000400000 ffff88012dc1fa90 [ 1495.510896] ffffffff815080fc 0000000041b58ab3 ffffffff82e3bc80 ffffffff81431d00 [ 1495.510898] Call Trace: [ 1495.510908] [<0000000011681f42>] dump_stack+0xc1/0x120 [ 1495.510918] [<000000007c2097d2>] warn_alloc.cold+0x76/0x93 [ 1495.510926] [<00000000de19d6ac>] ? zone_watermark_ok_safe+0x260/0x260 [ 1495.510934] [<00000000298d54b5>] ? avc_has_perm+0x164/0x3a0 [ 1495.510942] [<000000005cb91349>] __vmalloc_node_range+0x368/0x610 [ 1495.510951] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1495.510959] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1495.510967] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1495.510975] [<00000000a2fc1867>] ? task_has_security+0x130/0x270 [ 1495.510982] [<00000000a2870fb6>] vmalloc+0x5c/0x70 [ 1495.510988] [<000000009122b07a>] ? sel_write_load+0x119/0xf60 [ 1495.510994] [<000000009122b07a>] sel_write_load+0x119/0xf60 [ 1495.511001] [<0000000014953e9a>] ? sel_read_bool+0x240/0x240 [ 1495.511009] [<0000000033795d1e>] ? trace_hardirqs_on+0x10/0x10 [ 1495.511016] [<000000008431afd9>] __vfs_write+0x116/0x560 [ 1495.511022] [<0000000014953e9a>] ? sel_read_bool+0x240/0x240 [ 1495.511029] [<00000000b67253ca>] ? __vfs_read+0x550/0x550 22:10:47 executing program 4: perf_event_open(0x0, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) socket(0x0, 0x0, 0x8) poll(0x0, 0x0, 0x8000000000000200) creat(&(0x7f00000000c0)='./file0\x00', 0x0) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = openat$selinux_load(0xffffffffffffff9c, 0x0, 0x2, 0x0) write$selinux_load(r0, &(0x7f0000000300)=ANY=[@ANYBLOB], 0x0) ptrace$setopts(0x4206, 0x0, 0x0, 0x0) wait4(0x0, 0x0, 0x0, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x10000, 0x0, 0x15}) [ 1495.511037] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1495.511045] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1495.511053] [<00000000ad48bf15>] ? rcu_read_lock_sched_held+0x10b/0x130 [ 1495.511060] [<00000000a3300644>] ? rcu_sync_lockdep_assert+0x73/0xb0 [ 1495.511067] [<000000003542cfd2>] ? __sb_start_write+0x161/0x310 [ 1495.511074] [<000000006a657c39>] vfs_write+0x185/0x520 [ 1495.511081] [<00000000896b6640>] SyS_write+0x121/0x270 [ 1495.511088] [<0000000039622e10>] ? SyS_read+0x270/0x270 [ 1495.511095] [<00000000207ed57a>] ? do_syscall_64+0x4a/0x5c0 [ 1495.511102] [<0000000039622e10>] ? SyS_read+0x270/0x270 [ 1495.511108] [<000000009049c43c>] do_syscall_64+0x1ad/0x5c0 [ 1495.511117] [<00000000880b3aee>] entry_SYSCALL_64_after_swapgs+0x5d/0xdb [ 1495.511119] Mem-Info: [ 1495.511139] active_anon:189162 inactive_anon:37 isolated_anon:0 [ 1495.511139] active_file:12640 inactive_file:19334 isolated_file:0 [ 1495.511139] unevictable:1 dirty:170 writeback:0 unstable:0 [ 1495.511139] slab_reclaimable:8872 slab_unreclaimable:100707 [ 1495.511139] mapped:59395 shmem:56 pagetables:77105 bounce:0 [ 1495.511139] free:1134289 free_pcp:529 free_cma:0 [ 1495.511157] Node 0 active_anon:756648kB inactive_anon:148kB active_file:50560kB inactive_file:77336kB unevictable:4kB isolated(anon):0kB isolated(file):0kB mapped:237580kB dirty:680kB writeback:0kB shmem:224kB writeback_tmp:0kB unstable:0kB pages_scanned:0 all_unreclaimable? no [ 1495.511176] DMA32 free:3012768kB min:4696kB low:7712kB high:10728kB active_anon:8kB inactive_anon:0kB active_file:4kB inactive_file:0kB unevictable:0kB writepending:0kB present:3145324kB managed:3020092kB mlocked:0kB slab_reclaimable:72kB slab_unreclaimable:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:1232kB local_pcp:644kB free_cma:0kB lowmem_reserve[]: 0 3505 3505 [ 1495.511202] Normal free:1524388kB min:5580kB low:9168kB high:12756kB active_anon:756640kB inactive_anon:148kB active_file:50556kB inactive_file:77336kB unevictable:4kB writepending:680kB present:4718592kB managed:3589316kB mlocked:4kB slab_reclaimable:35416kB slab_unreclaimable:402828kB kernel_stack:98176kB pagetables:308420kB bounce:0kB free_pcp:884kB local_pcp:184kB free_cma:0kB lowmem_reserve[]: 0 0 0 [ 1495.511254] DMA32: 12*4kB (UM) 12*8kB (UME) 7*16kB (UME) 5*32kB (UME) 4*64kB (UM) 6*128kB (UME) 7*256kB (UME) 6*512kB (UME) 4*1024kB (UME) 4*2048kB (UME) 731*4096kB (UM) = 3012768kB Normal: 5*4kB (ME) 4*8kB (ME) 21*16kB (ME) 6*32kB (UE) 1*64kB (M) 8*128kB (UME) 2*256kB (E) 1*512kB (U) 2*1024kB (ME) 0*2048kB 371*4096kB (U) = 1524356kB 32027 total pagecache pages [ 1495.511302] 0 pages in swap cache [ 1495.511306] Swap cache stats: add 0, delete 0, find 0/0 [ 1495.511308] Free swap = 0kB [ 1495.511310] Total swap = 0kB [ 1495.511313] 1965979 pages RAM [ 1495.511315] 0 pages HighMem/MovableOnly [ 1495.511317] 313627 pages reserved [ 1495.704866] syz-executor.4: vmalloc: allocation failure: 0 bytes, mode:0x24000c2(GFP_KERNEL|__GFP_HIGHMEM) [ 1495.704879] CPU: 0 PID: 29092 Comm: syz-executor.4 Not tainted 4.9.194+ #0 [ 1495.704896] ffff88013af5f968 ffffffff81b67001 1ffff100275ebf2f ffff8801a2684740 [ 1495.704909] ffffffff82aab4e0 0000000000000001 0000000000400000 ffff88013af5fa90 [ 1495.704921] ffffffff815080fc 0000000041b58ab3 ffffffff82e3bc80 ffffffff81431d00 [ 1495.704923] Call Trace: [ 1495.704939] [<0000000011681f42>] dump_stack+0xc1/0x120 [ 1495.704953] [<000000007c2097d2>] warn_alloc.cold+0x76/0x93 [ 1495.704963] [<00000000de19d6ac>] ? zone_watermark_ok_safe+0x260/0x260 [ 1495.704971] [<00000000298d54b5>] ? avc_has_perm+0x164/0x3a0 [ 1495.704981] [<000000005cb91349>] __vmalloc_node_range+0x368/0x610 [ 1495.704990] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1495.705004] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1495.705016] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1495.705030] [<00000000a2fc1867>] ? task_has_security+0x130/0x270 [ 1495.705037] [<00000000a2870fb6>] vmalloc+0x5c/0x70 [ 1495.705046] [<000000009122b07a>] ? sel_write_load+0x119/0xf60 [ 1495.705052] [<000000009122b07a>] sel_write_load+0x119/0xf60 [ 1495.705059] [<0000000014953e9a>] ? sel_read_bool+0x240/0x240 [ 1495.705069] [<0000000033795d1e>] ? trace_hardirqs_on+0x10/0x10 [ 1495.705076] [<000000008431afd9>] __vfs_write+0x116/0x560 [ 1495.705083] [<0000000014953e9a>] ? sel_read_bool+0x240/0x240 [ 1495.705090] [<00000000b67253ca>] ? __vfs_read+0x550/0x550 [ 1495.705099] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1495.705107] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1495.705124] [<00000000ad48bf15>] ? rcu_read_lock_sched_held+0x10b/0x130 [ 1495.705134] [<00000000a3300644>] ? rcu_sync_lockdep_assert+0x73/0xb0 [ 1495.705143] [<000000003542cfd2>] ? __sb_start_write+0x161/0x310 [ 1495.705149] [<000000006a657c39>] vfs_write+0x185/0x520 [ 1495.705157] [<00000000896b6640>] SyS_write+0x121/0x270 [ 1495.705164] [<0000000039622e10>] ? SyS_read+0x270/0x270 [ 1495.705172] [<00000000207ed57a>] ? do_syscall_64+0x4a/0x5c0 [ 1495.705179] [<0000000039622e10>] ? SyS_read+0x270/0x270 [ 1495.705186] [<000000009049c43c>] do_syscall_64+0x1ad/0x5c0 [ 1495.705196] [<00000000880b3aee>] entry_SYSCALL_64_after_swapgs+0x5d/0xdb [ 1495.705217] Mem-Info: [ 1495.705241] active_anon:189212 inactive_anon:37 isolated_anon:0 [ 1495.705241] active_file:12640 inactive_file:19334 isolated_file:0 [ 1495.705241] unevictable:1 dirty:170 writeback:0 unstable:0 [ 1495.705241] slab_reclaimable:8872 slab_unreclaimable:100758 [ 1495.705241] mapped:59395 shmem:56 pagetables:77142 bounce:0 [ 1495.705241] free:1134266 free_pcp:430 free_cma:0 [ 1495.705255] Node 0 active_anon:756848kB inactive_anon:148kB active_file:50560kB inactive_file:77336kB unevictable:4kB isolated(anon):0kB isolated(file):0kB mapped:237580kB dirty:680kB writeback:0kB shmem:224kB writeback_tmp:0kB unstable:0kB pages_scanned:0 all_unreclaimable? no [ 1495.705276] DMA32 free:3012768kB min:4696kB low:7712kB high:10728kB active_anon:8kB inactive_anon:0kB active_file:4kB inactive_file:0kB unevictable:0kB writepending:0kB present:3145324kB managed:3020092kB mlocked:0kB slab_reclaimable:72kB slab_unreclaimable:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:1232kB local_pcp:588kB free_cma:0kB lowmem_reserve[]: 0 3505 3505 22:10:48 executing program 0: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) socket(0x0, 0x0, 0x8) poll(0x0, 0x0, 0x8000000000000200) socketpair(0x10, 0x0, 0x0, 0x0) creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$TIOCLINUX4(0xffffffffffffffff, 0x541c, 0x0) r0 = gettid() clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r1, &(0x7f0000000300)=ANY=[@ANYBLOB], 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x21) wait4(0x0, 0x0, 0x0, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x10000, 0x0, 0x15}) syz_open_pts(0xffffffffffffffff, 0x0) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000540)='/dev/vga_arbiter\x00', 0x511441, 0x0) [ 1495.705303] Normal free:1524296kB min:5580kB low:9168kB high:12756kB active_anon:756840kB inactive_anon:148kB active_file:50556kB inactive_file:77336kB unevictable:4kB writepending:680kB present:4718592kB managed:3589316kB mlocked:4kB slab_reclaimable:35416kB slab_unreclaimable:403032kB kernel_stack:98112kB pagetables:308568kB bounce:0kB free_pcp:488kB local_pcp:184kB free_cma:0kB lowmem_reserve[]: 0 0 0 22:10:48 executing program 3: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket(0x0, 0x0, 0x8) poll(0x0, 0x0, 0x0) creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$TIOCLINUX4(0xffffffffffffffff, 0x541c, 0x0) r0 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r1, &(0x7f0000000300)=ANY=[@ANYBLOB], 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x21) wait4(0x0, 0x0, 0x0, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x10000, 0x0, 0x15}) syz_open_pts(0xffffffffffffffff, 0x0) 22:10:48 executing program 4: perf_event_open(0x0, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) socket(0x0, 0x0, 0x8) poll(0x0, 0x0, 0x8000000000000200) creat(&(0x7f00000000c0)='./file0\x00', 0x0) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = openat$selinux_load(0xffffffffffffff9c, 0x0, 0x2, 0x0) write$selinux_load(r0, &(0x7f0000000300)=ANY=[@ANYBLOB], 0x0) ptrace$setopts(0x4206, 0x0, 0x0, 0x0) wait4(0x0, 0x0, 0x0, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x10000, 0x0, 0x15}) [ 1495.705359] DMA32: 12*4kB (UM) 12*8kB (UME) 7*16kB (UME) 5*32kB (UME) 4*64kB (UM) 6*128kB (UME) 7*256kB (UME) 6*512kB (UME) 4*1024kB (UME) 4*2048kB (UME) 731*4096kB (UM) = 3012768kB Normal: 4*4kB (E) 5*8kB (UME) 21*16kB (ME) 5*32kB (UME) 1*64kB (U) 7*128kB (ME) 2*256kB (E) 1*512kB (U) 2*1024kB (ME) 0*2048kB 371*4096kB (U) = 1524200kB 32027 total pagecache pages [ 1495.705412] 0 pages in swap cache [ 1495.705416] Swap cache stats: add 0, delete 0, find 0/0 [ 1495.705418] Free swap = 0kB [ 1495.705420] Total swap = 0kB [ 1495.705423] 1965979 pages RAM [ 1495.705425] 0 pages HighMem/MovableOnly [ 1495.705427] 313627 pages reserved [ 1495.829205] syz-executor.5: vmalloc: allocation failure: 0 bytes, mode:0x24000c2(GFP_KERNEL|__GFP_HIGHMEM) [ 1495.829216] CPU: 0 PID: 29098 Comm: syz-executor.5 Not tainted 4.9.194+ #0 22:10:48 executing program 3: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket(0x0, 0x0, 0x8) poll(0x0, 0x0, 0x0) creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$TIOCLINUX4(0xffffffffffffffff, 0x541c, 0x0) r0 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r1, &(0x7f0000000300)=ANY=[@ANYBLOB], 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x21) wait4(0x0, 0x0, 0x0, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x10000, 0x0, 0x15}) syz_open_pts(0xffffffffffffffff, 0x0) [ 1495.829234] ffff88013a1df968 ffffffff81b67001 1ffff1002743bf2f ffff880128724740 [ 1495.829246] ffffffff82aab4e0 0000000000000001 0000000000400000 ffff88013a1dfa90 [ 1495.829259] ffffffff815080fc 0000000041b58ab3 ffffffff82e3bc80 ffffffff81431d00 [ 1495.829260] Call Trace: [ 1495.829280] [<0000000011681f42>] dump_stack+0xc1/0x120 [ 1495.829308] [<000000007c2097d2>] warn_alloc.cold+0x76/0x93 [ 1495.829319] [<00000000de19d6ac>] ? zone_watermark_ok_safe+0x260/0x260 [ 1495.829329] [<00000000298d54b5>] ? avc_has_perm+0x164/0x3a0 [ 1495.829342] [<000000005cb91349>] __vmalloc_node_range+0x368/0x610 [ 1495.829355] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 22:10:48 executing program 3: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket(0x0, 0x0, 0x8) poll(0x0, 0x0, 0x0) creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$TIOCLINUX4(0xffffffffffffffff, 0x541c, 0x0) r0 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r1, &(0x7f0000000300)=ANY=[@ANYBLOB], 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x21) wait4(0x0, 0x0, 0x0, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x10000, 0x0, 0x15}) syz_open_pts(0xffffffffffffffff, 0x0) [ 1495.829366] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1495.829378] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1495.829392] [<00000000a2fc1867>] ? task_has_security+0x130/0x270 [ 1495.829401] [<00000000a2870fb6>] vmalloc+0x5c/0x70 [ 1495.829411] [<000000009122b07a>] ? sel_write_load+0x119/0xf60 [ 1495.829419] [<000000009122b07a>] sel_write_load+0x119/0xf60 [ 1495.829427] [<0000000014953e9a>] ? sel_read_bool+0x240/0x240 [ 1495.829437] [<0000000033795d1e>] ? trace_hardirqs_on+0x10/0x10 [ 1495.829444] [<000000008431afd9>] __vfs_write+0x116/0x560 [ 1495.829452] [<0000000014953e9a>] ? sel_read_bool+0x240/0x240 [ 1495.829459] [<00000000b67253ca>] ? __vfs_read+0x550/0x550 [ 1495.829468] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1495.829476] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1495.829486] [<00000000ad48bf15>] ? rcu_read_lock_sched_held+0x10b/0x130 [ 1495.829494] [<00000000a3300644>] ? rcu_sync_lockdep_assert+0x73/0xb0 [ 1495.829502] [<000000003542cfd2>] ? __sb_start_write+0x161/0x310 [ 1495.829509] [<000000006a657c39>] vfs_write+0x185/0x520 [ 1495.829516] [<00000000896b6640>] SyS_write+0x121/0x270 [ 1495.829524] [<0000000039622e10>] ? SyS_read+0x270/0x270 [ 1495.829532] [<00000000207ed57a>] ? do_syscall_64+0x4a/0x5c0 [ 1495.829539] [<0000000039622e10>] ? SyS_read+0x270/0x270 [ 1495.829545] [<000000009049c43c>] do_syscall_64+0x1ad/0x5c0 [ 1495.829556] [<00000000880b3aee>] entry_SYSCALL_64_after_swapgs+0x5d/0xdb [ 1495.829559] Mem-Info: [ 1495.829579] active_anon:189240 inactive_anon:40 isolated_anon:0 [ 1495.829579] active_file:12643 inactive_file:19334 isolated_file:0 [ 1495.829579] unevictable:1 dirty:173 writeback:0 unstable:0 [ 1495.829579] slab_reclaimable:8872 slab_unreclaimable:100750 22:10:48 executing program 5: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x448, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x13102000ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket(0x0, 0xa, 0x8) poll(0x0, 0x0, 0x8000000000000200) socketpair(0x10, 0x0, 0xfe, &(0x7f0000000180)) r0 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$TIOCLINUX4(r0, 0x541c, &(0x7f0000000040)) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r2, &(0x7f0000000300)=ANY=[@ANYBLOB="2422cdb3dbc96a0d7dab17ee1da68e97a75c2d1a34e7ee02004c4ac61b6783adf4b78165e6c18fe6e6e9de0eb40ab9b6372acb8457a07f40768a79fdc462e6b4a93479179acce26e9a881ad88e9bda56bc45b955bd137eb6a10faae485df2055d290b5f5949c6c1ef54dacde51e41b3b831d091296afdcea0a3f90167c64236701a6a66a7585617a81295c82c330caf32cb6b5240766739a217b22cf41bbab5aeb327feb5109ed16a6ddd2009b475825c0dd02dbec6e612072ce7fd70ed9305446a8b45b7a9ff355b3cff9707fe8ba6b03c1d1269b59308a"], 0x1) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x21) wait4(0x0, 0x0, 0x0, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x10000, 0x0, 0x15}) getxattr(&(0x7f0000000240)='./file0\x00', &(0x7f0000000280)=@known='com.apple.system.Security\x00', &(0x7f00000002c0)=""/41, 0x29) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0xf, &(0x7f00009abffc)=0x5, 0x4) openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000540)='/dev/vga_arbiter\x00', 0x511441, 0x0) 22:10:48 executing program 4: perf_event_open(0x0, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) socket(0x0, 0x0, 0x8) poll(0x0, 0x0, 0x8000000000000200) creat(&(0x7f00000000c0)='./file0\x00', 0x0) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = openat$selinux_load(0xffffffffffffff9c, 0x0, 0x2, 0x0) write$selinux_load(r0, &(0x7f0000000300)=ANY=[@ANYBLOB], 0x0) ptrace$setopts(0x4206, 0x0, 0x0, 0x0) wait4(0x0, 0x0, 0x0, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x10000, 0x0, 0x15}) 22:10:48 executing program 0: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) socket(0x0, 0x0, 0x8) poll(0x0, 0x0, 0x8000000000000200) socketpair(0x10, 0x0, 0x0, 0x0) creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$TIOCLINUX4(0xffffffffffffffff, 0x541c, 0x0) r0 = gettid() clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r1, &(0x7f0000000300)=ANY=[@ANYBLOB], 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x21) wait4(0x0, 0x0, 0x0, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x10000, 0x0, 0x15}) syz_open_pts(0xffffffffffffffff, 0x0) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000540)='/dev/vga_arbiter\x00', 0x511441, 0x0) 22:10:48 executing program 3: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket(0x0, 0x0, 0x8) poll(0x0, 0x0, 0x0) creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$TIOCLINUX4(0xffffffffffffffff, 0x541c, &(0x7f0000000040)) r0 = gettid() clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r1, &(0x7f0000000300)=ANY=[@ANYBLOB], 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x21) wait4(0x0, 0x0, 0x0, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x10000, 0x0, 0x15}) syz_open_pts(0xffffffffffffffff, 0x0) [ 1495.829579] mapped:59368 shmem:56 pagetables:77164 bounce:0 [ 1495.829579] free:1134211 free_pcp:429 free_cma:0 [ 1495.829594] Node 0 active_anon:756960kB inactive_anon:160kB active_file:50572kB inactive_file:77336kB unevictable:4kB isolated(anon):0kB isolated(file):0kB mapped:237472kB dirty:692kB writeback:0kB shmem:224kB writeback_tmp:0kB unstable:0kB pages_scanned:0 all_unreclaimable? no [ 1495.829613] DMA32 free:3012768kB min:4696kB low:7712kB high:10728kB active_anon:8kB inactive_anon:0kB active_file:4kB inactive_file:0kB unevictable:0kB writepending:0kB present:3145324kB managed:3020092kB mlocked:0kB slab_reclaimable:72kB slab_unreclaimable:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:1232kB local_pcp:588kB free_cma:0kB lowmem_reserve[]: 0 3505 3505 [ 1495.829644] Normal free:1524076kB min:5580kB low:9168kB high:12756kB active_anon:756952kB inactive_anon:160kB active_file:50568kB inactive_file:77336kB unevictable:4kB writepending:692kB present:4718592kB managed:3589316kB mlocked:4kB slab_reclaimable:35416kB slab_unreclaimable:403000kB kernel_stack:98176kB pagetables:308656kB bounce:0kB free_pcp:484kB local_pcp:268kB free_cma:0kB lowmem_reserve[]: 0 0 0 [ 1495.829705] DMA32: 12*4kB (UM) 12*8kB (UME) 7*16kB (UME) 5*32kB (UME) 4*64kB (UM) 6*128kB (UME) 7*256kB (UME) 6*512kB (UME) 4*1024kB (UME) 4*2048kB (UME) 731*4096kB (UM) = 3012768kB Normal: 5*4kB (ME) 5*8kB (UME) 21*16kB (ME) 2*32kB (UM) 1*64kB (U) 6*128kB (ME) 2*256kB (E) 1*512kB (U) 2*1024kB (ME) 0*2048kB 371*4096kB (U) = 1523980kB 32030 total pagecache pages [ 1495.829758] 0 pages in swap cache [ 1495.829762] Swap cache stats: add 0, delete 0, find 0/0 [ 1495.829765] Free swap = 0kB [ 1495.829767] Total swap = 0kB [ 1495.829769] 1965979 pages RAM [ 1495.829771] 0 pages HighMem/MovableOnly [ 1495.829773] 313627 pages reserved [ 1495.981286] syz-executor.1: vmalloc: allocation failure: 0 bytes, mode:0x24000c2(GFP_KERNEL|__GFP_HIGHMEM) [ 1495.981296] CPU: 0 PID: 29102 Comm: syz-executor.1 Not tainted 4.9.194+ #0 [ 1495.981311] ffff8801372ff968 ffffffff81b67001 1ffff10026e5ff2f ffff880122b617c0 [ 1495.981321] ffffffff82aab4e0 0000000000000001 0000000000400000 ffff8801372ffa90 [ 1495.981331] ffffffff815080fc 0000000041b58ab3 ffffffff82e3bc80 ffffffff81431d00 [ 1495.981333] Call Trace: [ 1495.981352] [<0000000011681f42>] dump_stack+0xc1/0x120 [ 1495.981363] [<000000007c2097d2>] warn_alloc.cold+0x76/0x93 [ 1495.981372] [<00000000de19d6ac>] ? zone_watermark_ok_safe+0x260/0x260 [ 1495.981380] [<00000000298d54b5>] ? avc_has_perm+0x164/0x3a0 [ 1495.981390] [<000000005cb91349>] __vmalloc_node_range+0x368/0x610 [ 1495.981400] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1495.981408] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1495.981417] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1495.981426] [<00000000a2fc1867>] ? task_has_security+0x130/0x270 [ 1495.981433] [<00000000a2870fb6>] vmalloc+0x5c/0x70 [ 1495.981440] [<000000009122b07a>] ? sel_write_load+0x119/0xf60 [ 1495.981446] [<000000009122b07a>] sel_write_load+0x119/0xf60 [ 1495.981453] [<0000000014953e9a>] ? sel_read_bool+0x240/0x240 [ 1495.981463] [<0000000033795d1e>] ? trace_hardirqs_on+0x10/0x10 [ 1495.981470] [<000000008431afd9>] __vfs_write+0x116/0x560 [ 1495.981477] [<0000000014953e9a>] ? sel_read_bool+0x240/0x240 [ 1495.981483] [<00000000b67253ca>] ? __vfs_read+0x550/0x550 [ 1495.981499] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1495.981507] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1495.981518] [<00000000ad48bf15>] ? rcu_read_lock_sched_held+0x10b/0x130 [ 1495.981526] [<00000000a3300644>] ? rcu_sync_lockdep_assert+0x73/0xb0 [ 1495.981535] [<000000003542cfd2>] ? __sb_start_write+0x161/0x310 [ 1495.981542] [<000000006a657c39>] vfs_write+0x185/0x520 [ 1495.981550] [<00000000896b6640>] SyS_write+0x121/0x270 [ 1495.981561] [<0000000039622e10>] ? SyS_read+0x270/0x270 [ 1495.981573] [<00000000207ed57a>] ? do_syscall_64+0x4a/0x5c0 [ 1495.981586] [<0000000039622e10>] ? SyS_read+0x270/0x270 [ 1495.981593] [<000000009049c43c>] do_syscall_64+0x1ad/0x5c0 [ 1495.981603] [<00000000880b3aee>] entry_SYSCALL_64_after_swapgs+0x5d/0xdb [ 1495.981607] Mem-Info: [ 1495.981632] active_anon:189279 inactive_anon:40 isolated_anon:0 [ 1495.981632] active_file:12643 inactive_file:19334 isolated_file:0 [ 1495.981632] unevictable:1 dirty:173 writeback:0 unstable:0 [ 1495.981632] slab_reclaimable:8880 slab_unreclaimable:100750 [ 1495.981632] mapped:59368 shmem:56 pagetables:77203 bounce:0 [ 1495.981632] free:1134188 free_pcp:418 free_cma:0 [ 1495.981652] Node 0 active_anon:757116kB inactive_anon:160kB active_file:50572kB inactive_file:77336kB unevictable:4kB isolated(anon):0kB isolated(file):0kB mapped:237472kB dirty:692kB writeback:0kB shmem:224kB writeback_tmp:0kB unstable:0kB pages_scanned:0 all_unreclaimable? no [ 1495.981681] DMA32 free:3012768kB min:4696kB low:7712kB high:10728kB active_anon:8kB inactive_anon:0kB active_file:4kB inactive_file:0kB unevictable:0kB writepending:0kB present:3145324kB managed:3020092kB mlocked:0kB slab_reclaimable:72kB slab_unreclaimable:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:1232kB local_pcp:588kB free_cma:0kB lowmem_reserve[]: 0 3505 3505 [ 1495.981714] Normal free:1523984kB min:5580kB low:9168kB high:12756kB active_anon:757108kB inactive_anon:160kB active_file:50568kB inactive_file:77336kB unevictable:4kB writepending:692kB present:4718592kB managed:3589316kB mlocked:4kB slab_reclaimable:35448kB slab_unreclaimable:403000kB kernel_stack:98048kB pagetables:308812kB bounce:0kB free_pcp:440kB local_pcp:172kB free_cma:0kB lowmem_reserve[]: 0 0 0 [ 1495.981783] DMA32: 12*4kB (UM) 12*8kB (UME) 7*16kB (UME) 5*32kB (UME) 4*64kB (UM) 6*128kB (UME) 7*256kB (UME) 6*512kB (UME) 4*1024kB (UME) 4*2048kB (UME) 731*4096kB (UM) = 3012768kB Normal: 4*4kB (E) 4*8kB (UE) 20*16kB (E) 5*32kB (U) 2*64kB (UM) 5*128kB (ME) 2*256kB (E) 1*512kB (U) 2*1024kB (ME) 0*2048kB 371*4096kB (U) = 1523984kB 32030 total pagecache pages [ 1495.981869] 0 pages in swap cache [ 1495.981875] Swap cache stats: add 0, delete 0, find 0/0 [ 1495.981878] Free swap = 0kB 22:10:49 executing program 2: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x448, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x13102000ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket(0x0, 0xa, 0x8) poll(0x0, 0x0, 0x8000000000000200) socketpair(0x10, 0x0, 0xfe, &(0x7f0000000180)) r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$TIOCLINUX4(0xffffffffffffffff, 0x541c, &(0x7f0000000040)) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r2, &(0x7f0000000300)=ANY=[@ANYBLOB="2422cdb3dbc96a0d7dab17ee1da68e97a75c2d1a34e7ee02004c4ac61b6783adf4b78165e6c18fe6e6e9de0eb40ab9b6372acb8457a07f40768a79fdc462e6b4a93479179acce26e9a881ad88e9bda56bc45b955bd137eb6a10faae485df2055d290b5f5949c6c1ef54dacde51e41b3b831d091296afdcea0a3f90167c64236701a6a66a7585617a81295c82c330caf32cb6b5240766739a217b22cf41bbab5aeb327feb5109ed16a6ddd2009b475825c0dd02dbec6e612072ce7fd70ed9305446a8b45b7a9ff355b3cff9707fe8ba6b03c1d1269b59308a"], 0x1) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x21) wait4(0x0, 0x0, 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x10000, 0x0, 0x15}) getxattr(&(0x7f0000000240)='./file0\x00', &(0x7f0000000280)=@known='com.apple.system.Security\x00', &(0x7f00000002c0)=""/41, 0x29) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0xf, &(0x7f00009abffc)=0x5, 0x4) openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000540)='/dev/vga_arbiter\x00', 0x511441, 0x0) [ 1495.981880] Total swap = 0kB [ 1495.981883] 1965979 pages RAM [ 1495.981887] 0 pages HighMem/MovableOnly [ 1495.981889] 313627 pages reserved [ 1496.493464] syz-executor.4: vmalloc: allocation failure: 0 bytes, mode:0x24000c2(GFP_KERNEL|__GFP_HIGHMEM) [ 1496.493475] CPU: 0 PID: 29112 Comm: syz-executor.4 Not tainted 4.9.194+ #0 [ 1496.493500] ffff880198b77968 ffffffff81b67001 1ffff1003316ef2f ffff8801334917c0 [ 1496.493514] ffffffff82aab4e0 0000000000000001 0000000000400000 ffff880198b77a90 [ 1496.493528] ffffffff815080fc 0000000041b58ab3 ffffffff82e3bc80 ffffffff81431d00 [ 1496.493530] Call Trace: [ 1496.493548] [<0000000011681f42>] dump_stack+0xc1/0x120 [ 1496.493562] [<000000007c2097d2>] warn_alloc.cold+0x76/0x93 [ 1496.493572] [<00000000de19d6ac>] ? zone_watermark_ok_safe+0x260/0x260 [ 1496.493582] [<00000000298d54b5>] ? avc_has_perm+0x164/0x3a0 22:10:49 executing program 1: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x13102000ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket(0x0, 0x0, 0x0) poll(0x0, 0x0, 0x8000000000000200) socketpair(0x10, 0x0, 0x0, &(0x7f0000000180)) r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$TIOCLINUX4(r1, 0x541c, &(0x7f0000000040)) dup2(r0, 0xffffffffffffffff) r2 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r3, &(0x7f0000000300)=ANY=[], 0x0) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x21) wait4(0x0, 0x0, 0x0, 0x0) syz_open_pts(r0, 0x0) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0xf, &(0x7f00009abffc)=0x5, 0x4) 22:10:49 executing program 3: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket(0x0, 0x0, 0x8) poll(0x0, 0x0, 0x0) creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$TIOCLINUX4(0xffffffffffffffff, 0x541c, &(0x7f0000000040)) r0 = gettid() clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r1, &(0x7f0000000300)=ANY=[@ANYBLOB], 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x21) wait4(0x0, 0x0, 0x0, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x10000, 0x0, 0x15}) syz_open_pts(0xffffffffffffffff, 0x0) 22:10:49 executing program 4: perf_event_open(0x0, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) socket(0x0, 0x0, 0x8) poll(0x0, 0x0, 0x8000000000000200) creat(&(0x7f00000000c0)='./file0\x00', 0x0) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(0xffffffffffffffff, &(0x7f0000000300)=ANY=[@ANYBLOB], 0x0) ptrace$setopts(0x4206, 0x0, 0x0, 0x0) wait4(0x0, 0x0, 0x0, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x10000, 0x0, 0x15}) 22:10:49 executing program 0: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) socket(0x0, 0x0, 0x8) poll(0x0, 0x0, 0x8000000000000200) socketpair(0x10, 0x0, 0x0, 0x0) creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$TIOCLINUX4(0xffffffffffffffff, 0x541c, 0x0) r0 = gettid() clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r1, &(0x7f0000000300)=ANY=[@ANYBLOB], 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x21) wait4(0x0, 0x0, 0x0, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x10000, 0x0, 0x15}) syz_open_pts(0xffffffffffffffff, 0x0) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000540)='/dev/vga_arbiter\x00', 0x511441, 0x0) [ 1496.493595] [<000000005cb91349>] __vmalloc_node_range+0x368/0x610 [ 1496.493607] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1496.493615] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1496.493630] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1496.493641] [<00000000a2fc1867>] ? task_has_security+0x130/0x270 [ 1496.493648] [<00000000a2870fb6>] vmalloc+0x5c/0x70 22:10:49 executing program 3: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket(0x0, 0x0, 0x8) poll(0x0, 0x0, 0x0) creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$TIOCLINUX4(0xffffffffffffffff, 0x541c, &(0x7f0000000040)) r0 = gettid() clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r1, &(0x7f0000000300)=ANY=[@ANYBLOB], 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x21) wait4(0x0, 0x0, 0x0, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x10000, 0x0, 0x15}) syz_open_pts(0xffffffffffffffff, 0x0) [ 1496.493655] [<000000009122b07a>] ? sel_write_load+0x119/0xf60 [ 1496.493662] [<000000009122b07a>] sel_write_load+0x119/0xf60 [ 1496.493670] [<0000000014953e9a>] ? sel_read_bool+0x240/0x240 [ 1496.493682] [<0000000033795d1e>] ? trace_hardirqs_on+0x10/0x10 [ 1496.493692] [<000000008431afd9>] __vfs_write+0x116/0x560 [ 1496.493700] [<0000000014953e9a>] ? sel_read_bool+0x240/0x240 [ 1496.493707] [<00000000b67253ca>] ? __vfs_read+0x550/0x550 [ 1496.493716] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1496.493725] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1496.493735] [<00000000ad48bf15>] ? rcu_read_lock_sched_held+0x10b/0x130 [ 1496.493744] [<00000000a3300644>] ? rcu_sync_lockdep_assert+0x73/0xb0 [ 1496.493753] [<000000003542cfd2>] ? __sb_start_write+0x161/0x310 [ 1496.493761] [<000000006a657c39>] vfs_write+0x185/0x520 [ 1496.493768] [<00000000896b6640>] SyS_write+0x121/0x270 [ 1496.493776] [<0000000039622e10>] ? SyS_read+0x270/0x270 [ 1496.493784] [<00000000207ed57a>] ? do_syscall_64+0x4a/0x5c0 [ 1496.493792] [<0000000039622e10>] ? SyS_read+0x270/0x270 [ 1496.493799] [<000000009049c43c>] do_syscall_64+0x1ad/0x5c0 [ 1496.493810] [<00000000880b3aee>] entry_SYSCALL_64_after_swapgs+0x5d/0xdb [ 1496.493813] Mem-Info: [ 1496.493832] active_anon:189236 inactive_anon:40 isolated_anon:0 [ 1496.493832] active_file:12643 inactive_file:19334 isolated_file:0 [ 1496.493832] unevictable:1 dirty:174 writeback:0 unstable:0 [ 1496.493832] slab_reclaimable:8880 slab_unreclaimable:100781 [ 1496.493832] mapped:59368 shmem:56 pagetables:77160 bounce:0 [ 1496.493832] free:1134197 free_pcp:478 free_cma:0 22:10:50 executing program 3: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket(0x0, 0x0, 0x8) poll(0x0, 0x0, 0x0) creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$TIOCLINUX4(0xffffffffffffffff, 0x541c, &(0x7f0000000040)) r0 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = openat$selinux_load(0xffffffffffffff9c, 0x0, 0x2, 0x0) write$selinux_load(r1, &(0x7f0000000300)=ANY=[@ANYBLOB], 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x21) wait4(0x0, 0x0, 0x0, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x10000, 0x0, 0x15}) syz_open_pts(0xffffffffffffffff, 0x0) 22:10:50 executing program 2: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x448, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x13102000ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket(0x5, 0xa, 0x8) poll(0x0, 0x0, 0x8000000000000200) socketpair(0x10, 0x0, 0xfe, &(0x7f0000000180)) fcntl$setown(0xffffffffffffffff, 0x8, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$TIOCLINUX4(0xffffffffffffffff, 0x541c, 0x0) dup2(r0, 0xffffffffffffffff) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r2, &(0x7f0000000300)=ANY=[@ANYBLOB="2422cdb3dbc96a0d7dab17ee1da68e97a75c2d1a34e7ee02004c4ac61b6783adf4b78165e6c18fe6e6e9de0eb40ab9b6372acb8457a07f40768a79fdc462e6b4a93479179acce26e9a881ad88e9bda56bc45b955bd137eb6a10faae485df2055d290b5f5949c6c1ef54dacde51e41b3b831d091296afdcea0a3f90167c64236701a6a66a7585617a81295c82c330caf32cb6b5240766739a217b22cf41bbab5aeb327feb5109ed16a6ddd2009b475825c0dd02dbec6e612072ce7fd70ed9305446a8b45b7a9ff355b3cff9707fe8ba6b03c1d1269b59308a"], 0x1) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x21) wait4(0x0, 0x0, 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x10000, 0x0, 0x15}) syz_open_pts(r0, 0x0) stat(&(0x7f0000000140)='./file0\x00', 0x0) getxattr(&(0x7f0000000240)='./file0\x00', &(0x7f0000000280)=@known='com.apple.system.Security\x00', &(0x7f00000002c0)=""/41, 0x29) accept$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @initdev}, &(0x7f00000001c0)=0x10) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) bind$inet(0xffffffffffffffff, &(0x7f0000000080)={0x2, 0x4e22, @empty}, 0x10) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0xf, &(0x7f00009abffc)=0x5, 0x4) r3 = socket(0xa, 0x2, 0x0) getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xa) openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000540)='/dev/vga_arbiter\x00', 0x511441, 0x0) [ 1496.493848] Node 0 active_anon:756944kB inactive_anon:160kB active_file:50572kB inactive_file:77336kB unevictable:4kB isolated(anon):0kB isolated(file):0kB mapped:237472kB dirty:696kB writeback:0kB shmem:224kB writeback_tmp:0kB unstable:0kB pages_scanned:0 all_unreclaimable? no [ 1496.493868] DMA32 free:3012768kB min:4696kB low:7712kB high:10728kB active_anon:8kB inactive_anon:0kB active_file:4kB inactive_file:0kB unevictable:0kB writepending:0kB present:3145324kB managed:3020092kB mlocked:0kB slab_reclaimable:72kB slab_unreclaimable:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:1232kB local_pcp:588kB free_cma:0kB lowmem_reserve[]: 0 3505 3505 [ 1496.493897] Normal free:1524020kB min:5580kB low:9168kB high:12756kB active_anon:756936kB inactive_anon:160kB active_file:50568kB inactive_file:77336kB unevictable:4kB writepending:696kB present:4718592kB managed:3589316kB mlocked:4kB slab_reclaimable:35448kB slab_unreclaimable:403124kB kernel_stack:97952kB pagetables:308640kB bounce:0kB free_pcp:680kB local_pcp:236kB free_cma:0kB lowmem_reserve[]: 0 0 0 [ 1496.493958] DMA32: 12*4kB (UM) 12*8kB (UME) 7*16kB (UME) 5*32kB (UME) 4*64kB (UM) 6*128kB (UME) 7*256kB (UME) 6*512kB (UME) 4*1024kB (UME) 4*2048kB (UME) 731*4096kB (UM) = 3012768kB Normal: 5*4kB (UE) 4*8kB (UE) 22*16kB (UME) 4*32kB (UM) 3*64kB (UM) 4*128kB (ME) 2*256kB (E) 1*512kB (U) 2*1024kB (ME) 0*2048kB 371*4096kB (U) = 1523924kB 32030 total pagecache pages [ 1496.494014] 0 pages in swap cache [ 1496.494019] Swap cache stats: add 0, delete 0, find 0/0 [ 1496.494021] Free swap = 0kB [ 1496.494024] Total swap = 0kB [ 1496.494026] 1965979 pages RAM [ 1496.494028] 0 pages HighMem/MovableOnly [ 1496.494030] 313627 pages reserved [ 1496.555990] syz-executor.5: vmalloc: allocation failure: 0 bytes, mode:0x24000c2(GFP_KERNEL|__GFP_HIGHMEM) [ 1496.555998] CPU: 1 PID: 29117 Comm: syz-executor.5 Not tainted 4.9.194+ #0 [ 1496.556009] ffff880124897968 ffffffff81b67001 1ffff10024912f2f ffff88013370c740 [ 1496.556016] ffffffff82aab4e0 0000000000000001 0000000000400000 ffff880124897a90 [ 1496.556024] ffffffff815080fc 0000000041b58ab3 ffffffff82e3bc80 ffffffff81431d00 [ 1496.556025] Call Trace: [ 1496.556040] [<0000000011681f42>] dump_stack+0xc1/0x120 [ 1496.556052] [<000000007c2097d2>] warn_alloc.cold+0x76/0x93 [ 1496.556060] [<00000000de19d6ac>] ? zone_watermark_ok_safe+0x260/0x260 [ 1496.556074] [<00000000298d54b5>] ? avc_has_perm+0x164/0x3a0 [ 1496.556083] [<000000005cb91349>] __vmalloc_node_range+0x368/0x610 [ 1496.556092] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1496.556099] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1496.556106] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1496.556117] [<00000000a2fc1867>] ? task_has_security+0x130/0x270 [ 1496.556123] [<00000000a2870fb6>] vmalloc+0x5c/0x70 [ 1496.556130] [<000000009122b07a>] ? sel_write_load+0x119/0xf60 [ 1496.556136] [<000000009122b07a>] sel_write_load+0x119/0xf60 [ 1496.556142] [<0000000014953e9a>] ? sel_read_bool+0x240/0x240 [ 1496.556153] [<0000000033795d1e>] ? trace_hardirqs_on+0x10/0x10 [ 1496.556161] [<000000008431afd9>] __vfs_write+0x116/0x560 [ 1496.556167] [<0000000014953e9a>] ? sel_read_bool+0x240/0x240 [ 1496.556173] [<00000000b67253ca>] ? __vfs_read+0x550/0x550 [ 1496.556181] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1496.556189] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1496.556198] [<00000000ad48bf15>] ? rcu_read_lock_sched_held+0x10b/0x130 [ 1496.556206] [<00000000a3300644>] ? rcu_sync_lockdep_assert+0x73/0xb0 [ 1496.556214] [<000000003542cfd2>] ? __sb_start_write+0x161/0x310 [ 1496.556221] [<000000006a657c39>] vfs_write+0x185/0x520 [ 1496.556227] [<00000000896b6640>] SyS_write+0x121/0x270 [ 1496.556234] [<0000000039622e10>] ? SyS_read+0x270/0x270 [ 1496.556242] [<00000000207ed57a>] ? do_syscall_64+0x4a/0x5c0 [ 1496.556248] [<0000000039622e10>] ? SyS_read+0x270/0x270 [ 1496.556254] [<000000009049c43c>] do_syscall_64+0x1ad/0x5c0 [ 1496.556264] [<00000000880b3aee>] entry_SYSCALL_64_after_swapgs+0x5d/0xdb [ 1496.556267] Mem-Info: [ 1496.556283] active_anon:189261 inactive_anon:40 isolated_anon:0 [ 1496.556283] active_file:12643 inactive_file:19334 isolated_file:0 [ 1496.556283] unevictable:1 dirty:174 writeback:0 unstable:0 [ 1496.556283] slab_reclaimable:8880 slab_unreclaimable:100832 [ 1496.556283] mapped:59368 shmem:56 pagetables:77160 bounce:0 [ 1496.556283] free:1134102 free_pcp:524 free_cma:0 [ 1496.556296] Node 0 active_anon:757044kB inactive_anon:160kB active_file:50572kB inactive_file:77336kB unevictable:4kB isolated(anon):0kB isolated(file):0kB mapped:237472kB dirty:696kB writeback:0kB shmem:224kB writeback_tmp:0kB unstable:0kB pages_scanned:0 all_unreclaimable? no [ 1496.556312] DMA32 free:3012768kB min:4696kB low:7712kB high:10728kB active_anon:8kB inactive_anon:0kB active_file:4kB inactive_file:0kB unevictable:0kB writepending:0kB present:3145324kB managed:3020092kB mlocked:0kB slab_reclaimable:72kB slab_unreclaimable:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:1232kB local_pcp:644kB free_cma:0kB lowmem_reserve[]: 0 3505 3505 [ 1496.556335] Normal free:1523640kB min:5580kB low:9168kB high:12756kB active_anon:757036kB inactive_anon:160kB active_file:50568kB inactive_file:77336kB unevictable:4kB writepending:696kB present:4718592kB managed:3589316kB mlocked:4kB slab_reclaimable:35448kB slab_unreclaimable:403328kB kernel_stack:97984kB pagetables:308640kB bounce:0kB free_pcp:864kB local_pcp:636kB free_cma:0kB lowmem_reserve[]: 0 0 0 [ 1496.556383] DMA32: 12*4kB (UM) 12*8kB (UME) 7*16kB (UME) 5*32kB (UME) 4*64kB (UM) 6*128kB (UME) 7*256kB (UME) 6*512kB (UME) 4*1024kB (UME) 4*2048kB (UME) 731*4096kB (UM) = 3012768kB Normal: 4*4kB (E) 3*8kB (E) 21*16kB (ME) 7*32kB (UM) 2*64kB (UM) 4*128kB (ME) 3*256kB (UE) 0*512kB 2*1024kB (ME) 0*2048kB 371*4096kB (U) = 1523672kB 32030 total pagecache pages [ 1496.556428] 0 pages in swap cache [ 1496.556431] Swap cache stats: add 0, delete 0, find 0/0 [ 1496.556433] Free swap = 0kB [ 1496.556435] Total swap = 0kB [ 1496.556436] 1965979 pages RAM [ 1496.556438] 0 pages HighMem/MovableOnly [ 1496.556440] 313627 pages reserved [ 1496.849752] syz-executor.5: vmalloc: allocation failure: 0 bytes, mode:0x24000c2(GFP_KERNEL|__GFP_HIGHMEM) [ 1496.849793] CPU: 0 PID: 29125 Comm: syz-executor.5 Not tainted 4.9.194+ #0 [ 1496.849810] ffff88012b5ff968 ffffffff81b67001 1ffff100256bff2f ffff88012dad0000 [ 1496.849822] ffffffff82aab4e0 0000000000000001 0000000000400000 ffff88012b5ffa90 [ 1496.849835] ffffffff815080fc 0000000041b58ab3 ffffffff82e3bc80 ffffffff81431d00 [ 1496.849838] Call Trace: [ 1496.849858] [<0000000011681f42>] dump_stack+0xc1/0x120 [ 1496.849871] [<000000007c2097d2>] warn_alloc.cold+0x76/0x93 [ 1496.849881] [<00000000de19d6ac>] ? zone_watermark_ok_safe+0x260/0x260 [ 1496.849889] [<00000000298d54b5>] ? avc_has_perm+0x164/0x3a0 [ 1496.849901] [<000000007028393f>] ? mark_held_locks+0xb1/0x100 [ 1496.849912] [<00000000c0218928>] ? trace_hardirqs_on_caller+0x385/0x5a0 [ 1496.849921] [<00000000b9229046>] ? retint_kernel+0x2d/0x2d [ 1496.849929] [<00000000c0218928>] ? trace_hardirqs_on_caller+0x385/0x5a0 [ 1496.849938] [<000000005cb91349>] __vmalloc_node_range+0x368/0x610 [ 1496.849945] [<00000000b9229046>] ? retint_kernel+0x2d/0x2d [ 1496.849953] [<00000000a2870fb6>] vmalloc+0x5c/0x70 [ 1496.849960] [<000000009122b07a>] ? sel_write_load+0x119/0xf60 [ 1496.849967] [<000000009122b07a>] sel_write_load+0x119/0xf60 [ 1496.849974] [<0000000014953e9a>] ? sel_read_bool+0x240/0x240 [ 1496.849984] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1496.849991] [<00000000b9229046>] ? retint_kernel+0x2d/0x2d [ 1496.849998] [<000000007028393f>] ? mark_held_locks+0xb1/0x100 [ 1496.850006] [<000000008431afd9>] __vfs_write+0x116/0x560 [ 1496.850013] [<0000000014953e9a>] ? sel_read_bool+0x240/0x240 [ 1496.850020] [<00000000b67253ca>] ? __vfs_read+0x550/0x550 [ 1496.850029] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1496.850036] [<00000000b9229046>] ? retint_kernel+0x2d/0x2d [ 1496.850045] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1496.850053] [<0000000072e3fb80>] ? __sb_start_write+0x21c/0x310 [ 1496.850061] [<000000003542cfd2>] ? __sb_start_write+0x161/0x310 [ 1496.850068] [<000000006a657c39>] vfs_write+0x185/0x520 [ 1496.850076] [<00000000896b6640>] SyS_write+0x121/0x270 [ 1496.850083] [<0000000039622e10>] ? SyS_read+0x270/0x270 [ 1496.850090] [<0000000039622e10>] ? SyS_read+0x270/0x270 [ 1496.850098] [<000000009049c43c>] do_syscall_64+0x1ad/0x5c0 [ 1496.850107] [<00000000880b3aee>] entry_SYSCALL_64_after_swapgs+0x5d/0xdb [ 1496.850142] Mem-Info: [ 1496.850205] active_anon:189298 inactive_anon:40 isolated_anon:0 [ 1496.850205] active_file:12645 inactive_file:19334 isolated_file:0 [ 1496.850205] unevictable:1 dirty:176 writeback:0 unstable:0 [ 1496.850205] slab_reclaimable:8880 slab_unreclaimable:100686 [ 1496.850205] mapped:59368 shmem:56 pagetables:77208 bounce:0 [ 1496.850205] free:1134078 free_pcp:509 free_cma:0 [ 1496.850242] Node 0 active_anon:757192kB inactive_anon:160kB active_file:50580kB inactive_file:77336kB unevictable:4kB isolated(anon):0kB isolated(file):0kB mapped:237472kB dirty:704kB writeback:0kB shmem:224kB writeback_tmp:0kB unstable:0kB pages_scanned:0 all_unreclaimable? no [ 1496.850303] DMA32 free:3012768kB min:4696kB low:7712kB high:10728kB active_anon:8kB inactive_anon:0kB active_file:4kB inactive_file:0kB unevictable:0kB writepending:0kB present:3145324kB managed:3020092kB mlocked:0kB slab_reclaimable:72kB slab_unreclaimable:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:1232kB local_pcp:588kB free_cma:0kB lowmem_reserve[]: 0 3505 3505 [ 1496.850379] Normal free:1523544kB min:5580kB low:9168kB high:12756kB active_anon:757184kB inactive_anon:160kB active_file:50576kB inactive_file:77336kB unevictable:4kB writepending:704kB present:4718592kB managed:3589316kB mlocked:4kB slab_reclaimable:35448kB slab_unreclaimable:402744kB kernel_stack:98080kB pagetables:308832kB bounce:0kB free_pcp:804kB local_pcp:340kB free_cma:0kB lowmem_reserve[]: 0 0 0 [ 1496.850726] DMA32: 12*4kB (UM) 12*8kB (UME) 7*16kB (UME) 5*32kB (UME) 4*64kB (UM) 6*128kB (UME) 7*256kB (UME) 6*512kB (UME) 4*1024kB (UME) 4*2048kB (UME) 731*4096kB (UM) = 3012768kB Normal: 6*4kB (UME) 4*8kB (UE) 22*16kB (UME) 3*32kB (UM) 2*64kB (UM) 4*128kB (UE) 3*256kB (UE) 0*512kB 2*1024kB (ME) 0*2048kB 371*4096kB (U) = 1523576kB 32032 total pagecache pages [ 1496.851029] 0 pages in swap cache [ 1496.851037] Swap cache stats: add 0, delete 0, find 0/0 [ 1496.851049] Free swap = 0kB [ 1496.851051] Total swap = 0kB [ 1496.851076] 1965979 pages RAM [ 1496.851088] 0 pages HighMem/MovableOnly [ 1496.851090] 313627 pages reserved [ 1497.143127] syz-executor.1: vmalloc: allocation failure: 0 bytes, mode:0x24000c2(GFP_KERNEL|__GFP_HIGHMEM) [ 1497.143137] CPU: 1 PID: 29136 Comm: syz-executor.1 Not tainted 4.9.194+ #0 [ 1497.143153] ffff88013a347968 ffffffff81b67001 1ffff10027468f2f ffff8801336717c0 [ 1497.143165] ffffffff82aab4e0 0000000000000001 0000000000400000 ffff88013a347a90 [ 1497.143177] ffffffff815080fc 0000000041b58ab3 ffffffff82e3bc80 ffffffff81431d00 [ 1497.143178] Call Trace: [ 1497.143197] [<0000000011681f42>] dump_stack+0xc1/0x120 [ 1497.143211] [<000000007c2097d2>] warn_alloc.cold+0x76/0x93 [ 1497.143221] [<00000000de19d6ac>] ? zone_watermark_ok_safe+0x260/0x260 [ 1497.143230] [<00000000298d54b5>] ? avc_has_perm+0x164/0x3a0 [ 1497.143239] [<000000005cb91349>] __vmalloc_node_range+0x368/0x610 [ 1497.143249] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1497.143257] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1497.143265] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1497.143274] [<00000000a2fc1867>] ? task_has_security+0x130/0x270 [ 1497.143281] [<00000000a2870fb6>] vmalloc+0x5c/0x70 [ 1497.143288] [<000000009122b07a>] ? sel_write_load+0x119/0xf60 [ 1497.143294] [<000000009122b07a>] sel_write_load+0x119/0xf60 [ 1497.143301] [<0000000014953e9a>] ? sel_read_bool+0x240/0x240 [ 1497.143310] [<0000000033795d1e>] ? trace_hardirqs_on+0x10/0x10 [ 1497.143318] [<000000008431afd9>] __vfs_write+0x116/0x560 [ 1497.143330] [<0000000014953e9a>] ? sel_read_bool+0x240/0x240 [ 1497.143336] [<00000000b67253ca>] ? __vfs_read+0x550/0x550 [ 1497.143344] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1497.143353] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1497.143361] [<00000000ad48bf15>] ? rcu_read_lock_sched_held+0x10b/0x130 [ 1497.143368] [<00000000a3300644>] ? rcu_sync_lockdep_assert+0x73/0xb0 [ 1497.143376] [<000000003542cfd2>] ? __sb_start_write+0x161/0x310 [ 1497.143382] [<000000006a657c39>] vfs_write+0x185/0x520 [ 1497.143390] [<00000000896b6640>] SyS_write+0x121/0x270 [ 1497.143397] [<0000000039622e10>] ? SyS_read+0x270/0x270 [ 1497.143405] [<00000000207ed57a>] ? do_syscall_64+0x4a/0x5c0 [ 1497.143412] [<0000000039622e10>] ? SyS_read+0x270/0x270 [ 1497.143419] [<000000009049c43c>] do_syscall_64+0x1ad/0x5c0 [ 1497.143429] [<00000000880b3aee>] entry_SYSCALL_64_after_swapgs+0x5d/0xdb [ 1497.143500] Mem-Info: [ 1497.143531] active_anon:189352 inactive_anon:40 isolated_anon:0 [ 1497.143531] active_file:12646 inactive_file:19334 isolated_file:0 [ 1497.143531] unevictable:1 dirty:177 writeback:0 unstable:0 [ 1497.143531] slab_reclaimable:8880 slab_unreclaimable:100795 [ 1497.143531] mapped:59372 shmem:56 pagetables:77266 bounce:0 [ 1497.143531] free:1133889 free_pcp:493 free_cma:0 [ 1497.143547] Node 0 active_anon:757408kB inactive_anon:160kB active_file:50584kB inactive_file:77336kB unevictable:4kB isolated(anon):0kB isolated(file):0kB mapped:237488kB dirty:708kB writeback:0kB shmem:224kB writeback_tmp:0kB unstable:0kB pages_scanned:0 all_unreclaimable? no [ 1497.143565] DMA32 free:3012768kB min:4696kB low:7712kB high:10728kB active_anon:8kB inactive_anon:0kB active_file:4kB inactive_file:0kB unevictable:0kB writepending:0kB present:3145324kB managed:3020092kB mlocked:0kB slab_reclaimable:72kB slab_unreclaimable:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:1232kB local_pcp:644kB free_cma:0kB lowmem_reserve[]: 0 3505 3505 [ 1497.143593] Normal free:1522788kB min:5580kB low:9168kB high:12756kB active_anon:757400kB inactive_anon:160kB active_file:50580kB inactive_file:77336kB unevictable:4kB writepending:708kB present:4718592kB managed:3589316kB mlocked:4kB slab_reclaimable:35448kB slab_unreclaimable:403180kB kernel_stack:98112kB pagetables:309064kB bounce:0kB free_pcp:740kB local_pcp:456kB free_cma:0kB lowmem_reserve[]: 0 0 0 [ 1497.143648] DMA32: 12*4kB (UM) 12*8kB (UME) 7*16kB (UME) 5*32kB (UME) 4*64kB (UM) 6*128kB (UME) 7*256kB (UME) 6*512kB (UME) 4*1024kB (UME) 4*2048kB (UME) 731*4096kB (UM) = 3012768kB Normal: 5*4kB (UE) 4*8kB (UE) 21*16kB (UE) 9*32kB (U) 1*64kB (U) 3*128kB (E) 4*256kB (UME) 2*512kB (UM) 2*1024kB (UE) 1*2048kB (U) 370*4096kB (U) = 1522788kB 32033 total pagecache pages [ 1497.143700] 0 pages in swap cache [ 1497.143704] Swap cache stats: add 0, delete 0, find 0/0 [ 1497.143707] Free swap = 0kB [ 1497.143709] Total swap = 0kB [ 1497.143711] 1965979 pages RAM [ 1497.143713] 0 pages HighMem/MovableOnly [ 1497.143715] 313627 pages reserved [ 1501.368991] warn_alloc: 15 callbacks suppressed [ 1501.369008] syz-executor.2: vmalloc: allocation failure: 0 bytes, mode:0x24000c2(GFP_KERNEL|__GFP_HIGHMEM) [ 1501.369018] CPU: 0 PID: 29267 Comm: syz-executor.2 Not tainted 4.9.194+ #0 [ 1501.369035] ffff88013454f968 ffffffff81b67001 1ffff100268a9f2f ffff8801337e97c0 [ 1501.369049] ffffffff82aab4e0 0000000000000001 0000000000400000 ffff88013454fa90 [ 1501.369061] ffffffff815080fc 0000000041b58ab3 ffffffff82e3bc80 ffffffff81431d00 [ 1501.369063] Call Trace: [ 1501.369078] [<0000000011681f42>] dump_stack+0xc1/0x120 [ 1501.369092] [<000000007c2097d2>] warn_alloc.cold+0x76/0x93 [ 1501.369103] [<00000000de19d6ac>] ? zone_watermark_ok_safe+0x260/0x260 [ 1501.369123] [<00000000298d54b5>] ? avc_has_perm+0x164/0x3a0 [ 1501.369136] [<000000005cb91349>] __vmalloc_node_range+0x368/0x610 [ 1501.369150] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1501.369159] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1501.369168] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 22:10:52 executing program 5: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x448, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x13102000ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket(0x5, 0xa, 0x8) poll(0x0, 0x0, 0x8000000000000200) socketpair(0x10, 0x0, 0xfe, 0x0) fcntl$setown(0xffffffffffffffff, 0x8, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$TIOCLINUX4(r1, 0x541c, &(0x7f0000000040)) dup2(r0, 0xffffffffffffffff) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r3, &(0x7f0000000300)=ANY=[@ANYBLOB="2422cdb3dbc96a0d7dab17ee1da68e97a75c2d1a34e7ee02004c4ac61b6783adf4b78165e6c18fe6e6e9de0eb40ab9b6372acb8457a07f40768a79fdc462e6b4a93479179acce26e9a881ad88e9bda56bc45b955bd137eb6a10faae485df2055d290b5f5949c6c1ef54dacde51e41b3b831d091296afdcea0a3f90167c64236701a6a66a7585617a81295c82c330caf32cb6b5240766739a217b22cf41bbab5aeb327feb5109ed16a6ddd2009b475825c0dd02dbec6e612072ce7fd70ed9305446a8b45b7a9ff355b3cff9707fe8ba6b03c1d1269b59308a"], 0x1) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x21) wait4(0x0, 0x0, 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x10000, 0x0, 0x15}) syz_open_pts(r0, 0x0) getxattr(&(0x7f0000000240)='./file0\x00', &(0x7f0000000280)=@known='com.apple.system.Security\x00', &(0x7f00000002c0)=""/41, 0x29) accept$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @initdev}, &(0x7f00000001c0)=0x10) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0xf, &(0x7f00009abffc)=0x5, 0x4) r4 = socket(0xa, 0x2, 0x0) getsockopt$sock_cred(r4, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xa) fcntl$getownex(r4, 0x10, &(0x7f0000000500)) openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000540)='/dev/vga_arbiter\x00', 0x511441, 0x0) 22:10:52 executing program 1: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x13102000ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket(0x0, 0x0, 0x0) poll(0x0, 0x0, 0x8000000000000200) socketpair(0x10, 0x0, 0xfe, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$TIOCLINUX4(r1, 0x541c, &(0x7f0000000040)) dup2(r0, 0xffffffffffffffff) r2 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r3, &(0x7f0000000300)=ANY=[], 0x0) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x21) wait4(0x0, 0x0, 0x0, 0x0) syz_open_pts(r0, 0x0) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0xf, &(0x7f00009abffc)=0x5, 0x4) 22:10:52 executing program 0: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) socket(0x0, 0x0, 0x8) poll(0x0, 0x0, 0x8000000000000200) socketpair(0x10, 0x0, 0x0, 0x0) creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$TIOCLINUX4(0xffffffffffffffff, 0x541c, 0x0) r0 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = openat$selinux_load(0xffffffffffffff9c, 0x0, 0x2, 0x0) write$selinux_load(r1, &(0x7f0000000300)=ANY=[@ANYBLOB], 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x21) wait4(0x0, 0x0, 0x0, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x10000, 0x0, 0x15}) syz_open_pts(0xffffffffffffffff, 0x0) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000540)='/dev/vga_arbiter\x00', 0x511441, 0x0) 22:10:52 executing program 4: perf_event_open(0x0, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) socket(0x0, 0x0, 0x8) poll(0x0, 0x0, 0x8000000000000200) creat(&(0x7f00000000c0)='./file0\x00', 0x0) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(0xffffffffffffffff, &(0x7f0000000300)=ANY=[@ANYBLOB], 0x0) ptrace$setopts(0x4206, 0x0, 0x0, 0x0) wait4(0x0, 0x0, 0x0, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x10000, 0x0, 0x15}) 22:10:52 executing program 3: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket(0x0, 0x0, 0x8) poll(0x0, 0x0, 0x0) creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$TIOCLINUX4(0xffffffffffffffff, 0x541c, &(0x7f0000000040)) r0 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = openat$selinux_load(0xffffffffffffff9c, 0x0, 0x2, 0x0) write$selinux_load(r1, &(0x7f0000000300)=ANY=[@ANYBLOB], 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x21) wait4(0x0, 0x0, 0x0, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x10000, 0x0, 0x15}) syz_open_pts(0xffffffffffffffff, 0x0) [ 1501.369179] [<00000000a2fc1867>] ? task_has_security+0x130/0x270 [ 1501.369186] [<00000000a2870fb6>] vmalloc+0x5c/0x70 [ 1501.369194] [<000000009122b07a>] ? sel_write_load+0x119/0xf60 [ 1501.369201] [<000000009122b07a>] sel_write_load+0x119/0xf60 [ 1501.369208] [<0000000014953e9a>] ? sel_read_bool+0x240/0x240 [ 1501.369218] [<0000000033795d1e>] ? trace_hardirqs_on+0x10/0x10 [ 1501.369226] [<000000008431afd9>] __vfs_write+0x116/0x560 22:10:52 executing program 3: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket(0x0, 0x0, 0x8) poll(0x0, 0x0, 0x0) creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$TIOCLINUX4(0xffffffffffffffff, 0x541c, &(0x7f0000000040)) r0 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = openat$selinux_load(0xffffffffffffff9c, 0x0, 0x2, 0x0) write$selinux_load(r1, &(0x7f0000000300)=ANY=[@ANYBLOB], 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x21) wait4(0x0, 0x0, 0x0, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x10000, 0x0, 0x15}) syz_open_pts(0xffffffffffffffff, 0x0) [ 1501.369233] [<0000000014953e9a>] ? sel_read_bool+0x240/0x240 [ 1501.369241] [<00000000b67253ca>] ? __vfs_read+0x550/0x550 [ 1501.369250] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1501.369259] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1501.369269] [<00000000ad48bf15>] ? rcu_read_lock_sched_held+0x10b/0x130 22:10:52 executing program 1: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x13102000ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket(0x0, 0x0, 0x0) poll(0x0, 0x0, 0x8000000000000200) socketpair(0x10, 0x0, 0xfe, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$TIOCLINUX4(r1, 0x541c, &(0x7f0000000040)) dup2(r0, 0xffffffffffffffff) r2 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r3, &(0x7f0000000300)=ANY=[], 0x0) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x21) wait4(0x0, 0x0, 0x0, 0x0) syz_open_pts(r0, 0x0) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0xf, &(0x7f00009abffc)=0x5, 0x4) [ 1501.369277] [<00000000a3300644>] ? rcu_sync_lockdep_assert+0x73/0xb0 [ 1501.369295] [<000000003542cfd2>] ? __sb_start_write+0x161/0x310 [ 1501.369305] [<000000006a657c39>] vfs_write+0x185/0x520 [ 1501.369313] [<00000000896b6640>] SyS_write+0x121/0x270 [ 1501.369322] [<0000000039622e10>] ? SyS_read+0x270/0x270 [ 1501.369332] [<00000000207ed57a>] ? do_syscall_64+0x4a/0x5c0 [ 1501.369340] [<0000000039622e10>] ? SyS_read+0x270/0x270 22:10:52 executing program 3: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket(0x0, 0x0, 0x8) poll(0x0, 0x0, 0x0) creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$TIOCLINUX4(0xffffffffffffffff, 0x541c, &(0x7f0000000040)) r0 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(0xffffffffffffffff, &(0x7f0000000300)=ANY=[@ANYBLOB], 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x21) wait4(0x0, 0x0, 0x0, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x10000, 0x0, 0x15}) syz_open_pts(0xffffffffffffffff, 0x0) 22:10:52 executing program 1: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x13102000ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket(0x0, 0x0, 0x0) poll(0x0, 0x0, 0x8000000000000200) socketpair(0x10, 0x0, 0xfe, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$TIOCLINUX4(r1, 0x541c, &(0x7f0000000040)) dup2(r0, 0xffffffffffffffff) r2 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r3, &(0x7f0000000300)=ANY=[], 0x0) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x21) wait4(0x0, 0x0, 0x0, 0x0) syz_open_pts(r0, 0x0) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0xf, &(0x7f00009abffc)=0x5, 0x4) [ 1501.369347] [<000000009049c43c>] do_syscall_64+0x1ad/0x5c0 [ 1501.369358] [<00000000880b3aee>] entry_SYSCALL_64_after_swapgs+0x5d/0xdb [ 1501.369362] Mem-Info: [ 1501.369381] active_anon:189386 inactive_anon:40 isolated_anon:0 [ 1501.369381] active_file:12652 inactive_file:19334 isolated_file:0 [ 1501.369381] unevictable:1 dirty:85 writeback:0 unstable:0 [ 1501.369381] slab_reclaimable:8880 slab_unreclaimable:100829 [ 1501.369381] mapped:59393 shmem:56 pagetables:77335 bounce:0 [ 1501.369381] free:1133749 free_pcp:406 free_cma:0 [ 1501.369398] Node 0 active_anon:757544kB inactive_anon:160kB active_file:50608kB inactive_file:77336kB unevictable:4kB isolated(anon):0kB isolated(file):0kB mapped:237572kB dirty:340kB writeback:0kB shmem:224kB writeback_tmp:0kB unstable:0kB pages_scanned:0 all_unreclaimable? no [ 1501.369423] DMA32 free:3012768kB min:4696kB low:7712kB high:10728kB active_anon:8kB inactive_anon:0kB active_file:4kB inactive_file:0kB unevictable:0kB writepending:0kB present:3145324kB managed:3020092kB mlocked:0kB slab_reclaimable:72kB slab_unreclaimable:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:1232kB local_pcp:588kB free_cma:0kB 22:10:52 executing program 3: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket(0x0, 0x0, 0x8) poll(0x0, 0x0, 0x0) creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$TIOCLINUX4(0xffffffffffffffff, 0x541c, &(0x7f0000000040)) r0 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(0xffffffffffffffff, &(0x7f0000000300)=ANY=[@ANYBLOB], 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x21) wait4(0x0, 0x0, 0x0, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x10000, 0x0, 0x15}) syz_open_pts(0xffffffffffffffff, 0x0) 22:10:52 executing program 4: perf_event_open(0x0, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) socket(0x0, 0x0, 0x8) poll(0x0, 0x0, 0x8000000000000200) creat(&(0x7f00000000c0)='./file0\x00', 0x0) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(0xffffffffffffffff, &(0x7f0000000300)=ANY=[@ANYBLOB], 0x0) ptrace$setopts(0x4206, 0x0, 0x0, 0x0) wait4(0x0, 0x0, 0x0, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x10000, 0x0, 0x15}) lowmem_reserve[]: 0 3505 3505 [ 1501.369454] Normal free:1522228kB min:5580kB low:9168kB high:12756kB active_anon:757536kB inactive_anon:160kB active_file:50604kB inactive_file:77336kB unevictable:4kB writepending:340kB present:4718592kB managed:3589316kB mlocked:4kB slab_reclaimable:35448kB slab_unreclaimable:403316kB kernel_stack:98336kB pagetables:309340kB bounce:0kB free_pcp:380kB local_pcp:136kB free_cma:0kB lowmem_reserve[]: 0 0 0 [ 1501.369516] DMA32: 12*4kB (UM) 12*8kB (UME) 7*16kB (UME) 5*32kB (UME) 4*64kB (UM) 6*128kB (UME) 7*256kB (UME) 6*512kB (UME) 4*1024kB (UME) 4*2048kB (UME) 731*4096kB (UM) = 3012768kB Normal: 37*4kB (ME) 10*8kB (ME) 21*16kB (ME) 24*32kB (UM) 2*64kB (U) 3*128kB (E) 3*256kB (UE) 2*512kB (UM) 1*1024kB (E) 1*2048kB (U) 370*4096kB (U) = 1522228kB 32039 total pagecache pages [ 1501.369575] 0 pages in swap cache [ 1501.369579] Swap cache stats: add 0, delete 0, find 0/0 [ 1501.369581] Free swap = 0kB [ 1501.369584] Total swap = 0kB [ 1501.369586] 1965979 pages RAM [ 1501.369589] 0 pages HighMem/MovableOnly [ 1501.369591] 313627 pages reserved [ 1501.379586] syz-executor.3: vmalloc: allocation failure: 0 bytes, mode:0x24000c2(GFP_KERNEL|__GFP_HIGHMEM) [ 1501.379595] CPU: 0 PID: 29266 Comm: syz-executor.3 Not tainted 4.9.194+ #0 [ 1501.379609] ffff88012752f968 ffffffff81b67001 1ffff10024ea5f2f ffff8801337edf00 [ 1501.379620] ffffffff82aab4e0 0000000000000001 0000000000400000 ffff88012752fa90 [ 1501.379631] ffffffff815080fc 0000000041b58ab3 ffffffff82e3bc80 ffffffff81431d00 [ 1501.379633] Call Trace: [ 1501.379647] [<0000000011681f42>] dump_stack+0xc1/0x120 [ 1501.379658] [<000000007c2097d2>] warn_alloc.cold+0x76/0x93 [ 1501.379667] [<00000000de19d6ac>] ? zone_watermark_ok_safe+0x260/0x260 [ 1501.379676] [<00000000298d54b5>] ? avc_has_perm+0x164/0x3a0 [ 1501.379686] [<000000005cb91349>] __vmalloc_node_range+0x368/0x610 [ 1501.379697] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1501.379708] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1501.379720] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1501.379730] [<00000000a2fc1867>] ? task_has_security+0x130/0x270 [ 1501.379738] [<00000000a2870fb6>] vmalloc+0x5c/0x70 [ 1501.379745] [<000000009122b07a>] ? sel_write_load+0x119/0xf60 [ 1501.379752] [<000000009122b07a>] sel_write_load+0x119/0xf60 [ 1501.379760] [<0000000014953e9a>] ? sel_read_bool+0x240/0x240 [ 1501.379770] [<0000000033795d1e>] ? trace_hardirqs_on+0x10/0x10 [ 1501.379777] [<000000008431afd9>] __vfs_write+0x116/0x560 [ 1501.379785] [<0000000014953e9a>] ? sel_read_bool+0x240/0x240 [ 1501.379792] [<00000000b67253ca>] ? __vfs_read+0x550/0x550 [ 1501.379802] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1501.379811] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1501.379820] [<00000000ad48bf15>] ? rcu_read_lock_sched_held+0x10b/0x130 [ 1501.379829] [<00000000a3300644>] ? rcu_sync_lockdep_assert+0x73/0xb0 [ 1501.379837] [<000000003542cfd2>] ? __sb_start_write+0x161/0x310 [ 1501.379845] [<000000006a657c39>] vfs_write+0x185/0x520 [ 1501.379853] [<00000000896b6640>] SyS_write+0x121/0x270 [ 1501.379861] [<0000000039622e10>] ? SyS_read+0x270/0x270 [ 1501.379870] [<00000000207ed57a>] ? do_syscall_64+0x4a/0x5c0 [ 1501.379878] [<0000000039622e10>] ? SyS_read+0x270/0x270 [ 1501.379885] [<000000009049c43c>] do_syscall_64+0x1ad/0x5c0 [ 1501.379896] [<00000000880b3aee>] entry_SYSCALL_64_after_swapgs+0x5d/0xdb [ 1501.379899] Mem-Info: [ 1501.379920] active_anon:189386 inactive_anon:40 isolated_anon:0 [ 1501.379920] active_file:12652 inactive_file:19334 isolated_file:0 [ 1501.379920] unevictable:1 dirty:85 writeback:0 unstable:0 [ 1501.379920] slab_reclaimable:8880 slab_unreclaimable:100829 [ 1501.379920] mapped:59368 shmem:56 pagetables:77335 bounce:0 [ 1501.379920] free:1133749 free_pcp:408 free_cma:0 [ 1501.379935] Node 0 active_anon:757544kB inactive_anon:160kB active_file:50608kB inactive_file:77336kB unevictable:4kB isolated(anon):0kB isolated(file):0kB mapped:237472kB dirty:340kB writeback:0kB shmem:224kB writeback_tmp:0kB unstable:0kB pages_scanned:0 all_unreclaimable? no [ 1501.379954] DMA32 free:3012768kB min:4696kB low:7712kB high:10728kB active_anon:8kB inactive_anon:0kB active_file:4kB inactive_file:0kB unevictable:0kB writepending:0kB present:3145324kB managed:3020092kB mlocked:0kB slab_reclaimable:72kB slab_unreclaimable:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:1232kB local_pcp:588kB free_cma:0kB lowmem_reserve[]: 0 3505 3505 [ 1501.379984] Normal free:1522228kB min:5580kB low:9168kB high:12756kB active_anon:757536kB inactive_anon:160kB active_file:50604kB inactive_file:77336kB unevictable:4kB writepending:340kB present:4718592kB managed:3589316kB mlocked:4kB slab_reclaimable:35448kB slab_unreclaimable:403316kB kernel_stack:98208kB pagetables:309340kB bounce:0kB free_pcp:396kB local_pcp:80kB free_cma:0kB lowmem_reserve[]: 0 0 0 [ 1501.380045] DMA32: 12*4kB (UM) 12*8kB (UME) 7*16kB (UME) 5*32kB (UME) 4*64kB (UM) 6*128kB (UME) 7*256kB (UME) 6*512kB (UME) 4*1024kB (UME) 4*2048kB (UME) 731*4096kB (UM) = 3012768kB Normal: 37*4kB (ME) 10*8kB (ME) 21*16kB (ME) 28*32kB (UM) 2*64kB (U) 3*128kB (E) 3*256kB (UE) 2*512kB (UM) 1*1024kB (E) 1*2048kB (U) 370*4096kB (U) = 1522356kB 32039 total pagecache pages [ 1501.380104] 0 pages in swap cache [ 1501.380109] Swap cache stats: add 0, delete 0, find 0/0 [ 1501.380111] Free swap = 0kB [ 1501.380113] Total swap = 0kB [ 1501.380116] 1965979 pages RAM [ 1501.380118] 0 pages HighMem/MovableOnly [ 1501.380120] 313627 pages reserved [ 1501.421960] syz-executor.0: vmalloc: allocation failure: 0 bytes, mode:0x24000c2(GFP_KERNEL|__GFP_HIGHMEM) [ 1501.421969] CPU: 0 PID: 29264 Comm: syz-executor.0 Not tainted 4.9.194+ #0 [ 1501.421984] ffff880124f07968 ffffffff81b67001 1ffff100249e0f2f ffff880133af5f00 [ 1501.422012] ffffffff82aab4e0 0000000000000001 0000000000400000 ffff880124f07a90 [ 1501.422025] ffffffff815080fc 0000000041b58ab3 ffffffff82e3bc80 ffffffff81431d00 [ 1501.422027] Call Trace: [ 1501.422043] [<0000000011681f42>] dump_stack+0xc1/0x120 [ 1501.422057] [<000000007c2097d2>] warn_alloc.cold+0x76/0x93 [ 1501.422067] [<00000000de19d6ac>] ? zone_watermark_ok_safe+0x260/0x260 [ 1501.422077] [<00000000298d54b5>] ? avc_has_perm+0x164/0x3a0 [ 1501.422086] [<000000005cb91349>] __vmalloc_node_range+0x368/0x610 [ 1501.422096] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1501.422105] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1501.422114] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1501.422124] [<00000000a2fc1867>] ? task_has_security+0x130/0x270 [ 1501.422132] [<00000000a2870fb6>] vmalloc+0x5c/0x70 [ 1501.422139] [<000000009122b07a>] ? sel_write_load+0x119/0xf60 [ 1501.422146] [<000000009122b07a>] sel_write_load+0x119/0xf60 [ 1501.422154] [<0000000014953e9a>] ? sel_read_bool+0x240/0x240 [ 1501.422163] [<0000000033795d1e>] ? trace_hardirqs_on+0x10/0x10 [ 1501.422177] [<000000008431afd9>] __vfs_write+0x116/0x560 [ 1501.422185] [<0000000014953e9a>] ? sel_read_bool+0x240/0x240 [ 1501.422192] [<00000000b67253ca>] ? __vfs_read+0x550/0x550 [ 1501.422204] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1501.422214] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1501.422226] [<00000000ad48bf15>] ? rcu_read_lock_sched_held+0x10b/0x130 22:10:53 executing program 2: r0 = socket$inet(0x2, 0x3, 0x1c) ioctl(r0, 0x201000008912, &(0x7f0000000000)="0815b5055e0bcfe87b3071") [ 1501.422235] [<00000000a3300644>] ? rcu_sync_lockdep_assert+0x73/0xb0 [ 1501.422244] [<000000003542cfd2>] ? __sb_start_write+0x161/0x310 [ 1501.422252] [<000000006a657c39>] vfs_write+0x185/0x520 [ 1501.422260] [<00000000896b6640>] SyS_write+0x121/0x270 [ 1501.422267] [<0000000039622e10>] ? SyS_read+0x270/0x270 [ 1501.422276] [<00000000207ed57a>] ? do_syscall_64+0x4a/0x5c0 [ 1501.422284] [<0000000039622e10>] ? SyS_read+0x270/0x270 [ 1501.422290] [<000000009049c43c>] do_syscall_64+0x1ad/0x5c0 [ 1501.422299] [<00000000880b3aee>] entry_SYSCALL_64_after_swapgs+0x5d/0xdb [ 1501.422326] Mem-Info: [ 1501.422349] active_anon:189386 inactive_anon:40 isolated_anon:0 [ 1501.422349] active_file:12652 inactive_file:19334 isolated_file:0 [ 1501.422349] unevictable:1 dirty:85 writeback:0 unstable:0 [ 1501.422349] slab_reclaimable:8880 slab_unreclaimable:100827 [ 1501.422349] mapped:59368 shmem:56 pagetables:77298 bounce:0 [ 1501.422349] free:1133711 free_pcp:518 free_cma:0 [ 1501.422368] Node 0 active_anon:757544kB inactive_anon:160kB active_file:50608kB inactive_file:77336kB unevictable:4kB isolated(anon):0kB isolated(file):0kB mapped:237472kB dirty:340kB writeback:0kB shmem:224kB writeback_tmp:0kB unstable:0kB pages_scanned:0 all_unreclaimable? no [ 1501.422392] DMA32 free:3012768kB min:4696kB low:7712kB high:10728kB active_anon:8kB inactive_anon:0kB active_file:4kB inactive_file:0kB unevictable:0kB writepending:0kB present:3145324kB managed:3020092kB mlocked:0kB slab_reclaimable:72kB slab_unreclaimable:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:1232kB local_pcp:588kB free_cma:0kB lowmem_reserve[]: 0 3505 3505 [ 1501.422421] Normal free:1522076kB min:5580kB low:9168kB high:12756kB active_anon:757536kB inactive_anon:160kB active_file:50604kB inactive_file:77336kB unevictable:4kB writepending:340kB present:4718592kB managed:3589316kB mlocked:4kB slab_reclaimable:35448kB slab_unreclaimable:403308kB kernel_stack:98176kB pagetables:309192kB bounce:0kB free_pcp:840kB local_pcp:196kB free_cma:0kB lowmem_reserve[]: 0 0 0 [ 1501.422481] DMA32: 12*4kB (UM) 12*8kB (UME) 7*16kB (UME) 5*32kB (UME) 4*64kB (UM) 6*128kB (UME) 7*256kB (UME) 6*512kB (UME) 4*1024kB (UME) 4*2048kB (UME) 731*4096kB (UM) = 3012768kB Normal: 7*4kB (UME) 10*8kB (ME) 21*16kB (ME) 25*32kB (UM) 2*64kB (U) 3*128kB (E) 3*256kB (UE) 2*512kB (UM) 1*1024kB (E) 1*2048kB (U) 370*4096kB (U) = 1522140kB 32039 total pagecache pages [ 1501.422537] 0 pages in swap cache [ 1501.422541] Swap cache stats: add 0, delete 0, find 0/0 [ 1501.422544] Free swap = 0kB [ 1501.422546] Total swap = 0kB [ 1501.422549] 1965979 pages RAM [ 1501.422551] 0 pages HighMem/MovableOnly [ 1501.422553] 313627 pages reserved [ 1501.493379] syz-executor.4: vmalloc: allocation failure: 0 bytes, mode:0x24000c2(GFP_KERNEL|__GFP_HIGHMEM) [ 1501.493389] CPU: 0 PID: 29282 Comm: syz-executor.4 Not tainted 4.9.194+ #0 [ 1501.493403] ffff88013a507968 ffffffff81b67001 1ffff100274a0f2f ffff88012caeaf80 [ 1501.493414] ffffffff82aab4e0 0000000000000001 0000000000400000 ffff88013a507a90 [ 1501.493426] ffffffff815080fc 0000000041b58ab3 ffffffff82e3bc80 ffffffff81431d00 [ 1501.493427] Call Trace: [ 1501.493444] [<0000000011681f42>] dump_stack+0xc1/0x120 [ 1501.493460] [<000000007c2097d2>] warn_alloc.cold+0x76/0x93 [ 1501.493470] [<00000000de19d6ac>] ? zone_watermark_ok_safe+0x260/0x260 [ 1501.493479] [<00000000298d54b5>] ? avc_has_perm+0x164/0x3a0 [ 1501.493491] [<000000005cb91349>] __vmalloc_node_range+0x368/0x610 [ 1501.493504] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1501.493514] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1501.493522] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1501.493531] [<00000000a2fc1867>] ? task_has_security+0x130/0x270 [ 1501.493538] [<00000000a2870fb6>] vmalloc+0x5c/0x70 [ 1501.493544] [<000000009122b07a>] ? sel_write_load+0x119/0xf60 [ 1501.493551] [<000000009122b07a>] sel_write_load+0x119/0xf60 [ 1501.493558] [<0000000014953e9a>] ? sel_read_bool+0x240/0x240 [ 1501.493566] [<0000000033795d1e>] ? trace_hardirqs_on+0x10/0x10 [ 1501.493573] [<000000008431afd9>] __vfs_write+0x116/0x560 [ 1501.493579] [<0000000014953e9a>] ? sel_read_bool+0x240/0x240 [ 1501.493586] [<00000000b67253ca>] ? __vfs_read+0x550/0x550 [ 1501.493595] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1501.493602] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1501.493611] [<00000000ad48bf15>] ? rcu_read_lock_sched_held+0x10b/0x130 [ 1501.493618] [<00000000a3300644>] ? rcu_sync_lockdep_assert+0x73/0xb0 [ 1501.493626] [<000000003542cfd2>] ? __sb_start_write+0x161/0x310 [ 1501.493633] [<000000006a657c39>] vfs_write+0x185/0x520 [ 1501.493640] [<00000000896b6640>] SyS_write+0x121/0x270 [ 1501.493647] [<0000000039622e10>] ? SyS_read+0x270/0x270 [ 1501.493654] [<00000000207ed57a>] ? do_syscall_64+0x4a/0x5c0 [ 1501.493661] [<0000000039622e10>] ? SyS_read+0x270/0x270 [ 1501.493668] [<000000009049c43c>] do_syscall_64+0x1ad/0x5c0 [ 1501.493677] [<00000000880b3aee>] entry_SYSCALL_64_after_swapgs+0x5d/0xdb [ 1501.493681] Mem-Info: [ 1501.493701] active_anon:189386 inactive_anon:40 isolated_anon:0 [ 1501.493701] active_file:12652 inactive_file:19334 isolated_file:0 [ 1501.493701] unevictable:1 dirty:85 writeback:0 unstable:0 [ 1501.493701] slab_reclaimable:8880 slab_unreclaimable:100769 [ 1501.493701] mapped:59393 shmem:56 pagetables:77298 bounce:0 [ 1501.493701] free:1133825 free_pcp:504 free_cma:0 [ 1501.493720] Node 0 active_anon:757544kB inactive_anon:160kB active_file:50608kB inactive_file:77336kB unevictable:4kB isolated(anon):0kB isolated(file):0kB mapped:237572kB dirty:340kB writeback:0kB shmem:224kB writeback_tmp:0kB unstable:0kB pages_scanned:0 all_unreclaimable? no [ 1501.493739] DMA32 free:3012768kB min:4696kB low:7712kB high:10728kB active_anon:8kB inactive_anon:0kB active_file:4kB inactive_file:0kB unevictable:0kB writepending:0kB present:3145324kB managed:3020092kB mlocked:0kB slab_reclaimable:72kB slab_unreclaimable:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:1232kB local_pcp:588kB free_cma:0kB lowmem_reserve[]: 0 3505 3505 [ 1501.493766] Normal free:1522532kB min:5580kB low:9168kB high:12756kB active_anon:757536kB inactive_anon:160kB active_file:50604kB inactive_file:77336kB unevictable:4kB writepending:340kB present:4718592kB managed:3589316kB mlocked:4kB slab_reclaimable:35448kB slab_unreclaimable:403076kB kernel_stack:98144kB pagetables:309192kB bounce:0kB free_pcp:784kB local_pcp:304kB free_cma:0kB lowmem_reserve[]: 0 0 0 [ 1501.493821] DMA32: 12*4kB (UM) 12*8kB (UME) 7*16kB (UME) 5*32kB (UME) 4*64kB (UM) 6*128kB (UME) 7*256kB (UME) 6*512kB (UME) 4*1024kB (UME) 4*2048kB (UME) 731*4096kB (UM) = 3012768kB Normal: 30*4kB (UME) 12*8kB (UME) 22*16kB (ME) 33*32kB (UM) 2*64kB (U) 3*128kB (E) 3*256kB (UE) 2*512kB (UM) 1*1024kB (E) 1*2048kB (U) 370*4096kB (U) = 1522520kB 32039 total pagecache pages [ 1501.493872] 0 pages in swap cache [ 1501.493877] Swap cache stats: add 0, delete 0, find 0/0 [ 1501.493879] Free swap = 0kB [ 1501.493881] Total swap = 0kB [ 1501.493883] 1965979 pages RAM [ 1501.493885] 0 pages HighMem/MovableOnly [ 1501.493887] 313627 pages reserved [ 1501.572300] syz-executor.1: vmalloc: allocation failure: 0 bytes, mode:0x24000c2(GFP_KERNEL|__GFP_HIGHMEM) [ 1501.572310] CPU: 0 PID: 29293 Comm: syz-executor.1 Not tainted 4.9.194+ #0 [ 1501.572324] ffff88012752f968 ffffffff81b67001 1ffff10024ea5f2f ffff880129bd2f80 [ 1501.572336] ffffffff82aab4e0 0000000000000001 0000000000400000 ffff88012752fa90 [ 1501.572346] ffffffff815080fc 0000000041b58ab3 ffffffff82e3bc80 ffffffff81431d00 [ 1501.572348] Call Trace: [ 1501.572363] [<0000000011681f42>] dump_stack+0xc1/0x120 [ 1501.572376] [<000000007c2097d2>] warn_alloc.cold+0x76/0x93 [ 1501.572385] [<00000000de19d6ac>] ? zone_watermark_ok_safe+0x260/0x260 [ 1501.572393] [<00000000298d54b5>] ? avc_has_perm+0x164/0x3a0 [ 1501.572404] [<000000005cb91349>] __vmalloc_node_range+0x368/0x610 [ 1501.572415] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1501.572424] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1501.572433] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1501.572443] [<00000000a2fc1867>] ? task_has_security+0x130/0x270 [ 1501.572459] [<00000000a2870fb6>] vmalloc+0x5c/0x70 [ 1501.572468] [<000000009122b07a>] ? sel_write_load+0x119/0xf60 [ 1501.572475] [<000000009122b07a>] sel_write_load+0x119/0xf60 [ 1501.572484] [<0000000014953e9a>] ? sel_read_bool+0x240/0x240 [ 1501.572493] [<0000000033795d1e>] ? trace_hardirqs_on+0x10/0x10 [ 1501.572501] [<000000008431afd9>] __vfs_write+0x116/0x560 [ 1501.572508] [<0000000014953e9a>] ? sel_read_bool+0x240/0x240 [ 1501.572515] [<00000000b67253ca>] ? __vfs_read+0x550/0x550 [ 1501.572525] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1501.572534] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1501.572543] [<00000000ad48bf15>] ? rcu_read_lock_sched_held+0x10b/0x130 [ 1501.572551] [<00000000a3300644>] ? rcu_sync_lockdep_assert+0x73/0xb0 [ 1501.572560] [<000000003542cfd2>] ? __sb_start_write+0x161/0x310 [ 1501.572567] [<000000006a657c39>] vfs_write+0x185/0x520 [ 1501.572575] [<00000000896b6640>] SyS_write+0x121/0x270 [ 1501.572593] [<0000000039622e10>] ? SyS_read+0x270/0x270 [ 1501.572603] [<00000000207ed57a>] ? do_syscall_64+0x4a/0x5c0 [ 1501.572612] [<0000000039622e10>] ? SyS_read+0x270/0x270 [ 1501.572619] [<000000009049c43c>] do_syscall_64+0x1ad/0x5c0 [ 1501.572631] [<00000000880b3aee>] entry_SYSCALL_64_after_swapgs+0x5d/0xdb [ 1501.572635] Mem-Info: [ 1501.572658] active_anon:189436 inactive_anon:40 isolated_anon:0 [ 1501.572658] active_file:12652 inactive_file:19334 isolated_file:0 [ 1501.572658] unevictable:1 dirty:85 writeback:0 unstable:0 [ 1501.572658] slab_reclaimable:8880 slab_unreclaimable:100769 [ 1501.572658] mapped:59393 shmem:56 pagetables:77335 bounce:0 [ 1501.572658] free:1133759 free_pcp:446 free_cma:0 [ 1501.572674] Node 0 active_anon:757744kB inactive_anon:160kB active_file:50608kB inactive_file:77336kB unevictable:4kB isolated(anon):0kB isolated(file):0kB mapped:237572kB dirty:340kB writeback:0kB shmem:224kB writeback_tmp:0kB unstable:0kB pages_scanned:0 all_unreclaimable? no [ 1501.572693] DMA32 free:3012768kB min:4696kB low:7712kB high:10728kB active_anon:8kB inactive_anon:0kB active_file:4kB inactive_file:0kB unevictable:0kB writepending:0kB present:3145324kB managed:3020092kB mlocked:0kB slab_reclaimable:72kB slab_unreclaimable:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:1232kB local_pcp:588kB free_cma:0kB lowmem_reserve[]: 0 3505 3505 [ 1501.572723] Normal free:1522268kB min:5580kB low:9168kB high:12756kB active_anon:757736kB inactive_anon:160kB active_file:50604kB inactive_file:77336kB unevictable:4kB writepending:340kB present:4718592kB managed:3589316kB mlocked:4kB slab_reclaimable:35448kB slab_unreclaimable:403076kB kernel_stack:98432kB pagetables:309340kB bounce:0kB free_pcp:552kB local_pcp:228kB free_cma:0kB lowmem_reserve[]: 0 0 0 [ 1501.572783] DMA32: 12*4kB (UM) 12*8kB (UME) 7*16kB (UME) 5*32kB (UME) 4*64kB (UM) 6*128kB (UME) 7*256kB (UME) 6*512kB (UME) 4*1024kB (UME) 4*2048kB (UME) 731*4096kB (UM) = 3012768kB Normal: 11*4kB (ME) 12*8kB (UME) 23*16kB (UME) 22*32kB (UM) 2*64kB (U) 3*128kB (E) 3*256kB (UE) 2*512kB (UM) 1*1024kB (E) 1*2048kB (U) 370*4096kB (U) = 1522108kB 32039 total pagecache pages [ 1501.575492] 0 pages in swap cache [ 1501.575498] Swap cache stats: add 0, delete 0, find 0/0 [ 1501.575500] Free swap = 0kB [ 1501.575504] Total swap = 0kB [ 1501.575507] 1965979 pages RAM [ 1501.575509] 0 pages HighMem/MovableOnly [ 1501.575512] 313627 pages reserved [ 1502.315911] SELinux: policydb magic number 0xb3cd2224 does not match expected magic number 0xf97cff8c [ 1502.326685] syz-executor.3: vmalloc: allocation failure: 0 bytes, mode:0x24000c2(GFP_KERNEL|__GFP_HIGHMEM) [ 1502.326699] CPU: 1 PID: 29313 Comm: syz-executor.3 Not tainted 4.9.194+ #0 [ 1502.326718] ffff88012ddef968 ffffffff81b67001 1ffff10025bbdf2f ffff88012cd2af80 [ 1502.326731] ffffffff82aab4e0 0000000000000001 0000000000400000 ffff88012ddefa90 [ 1502.326744] ffffffff815080fc 0000000041b58ab3 ffffffff82e3bc80 ffffffff81431d00 [ 1502.326746] Call Trace: [ 1502.326763] [<0000000011681f42>] dump_stack+0xc1/0x120 [ 1502.326778] [<000000007c2097d2>] warn_alloc.cold+0x76/0x93 [ 1502.326788] [<00000000de19d6ac>] ? zone_watermark_ok_safe+0x260/0x260 [ 1502.326798] [<00000000298d54b5>] ? avc_has_perm+0x164/0x3a0 [ 1502.326808] [<000000005cb91349>] __vmalloc_node_range+0x368/0x610 [ 1502.326818] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1502.326827] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1502.326836] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1502.326846] [<00000000a2fc1867>] ? task_has_security+0x130/0x270 [ 1502.326853] [<00000000a2870fb6>] vmalloc+0x5c/0x70 [ 1502.326860] [<000000009122b07a>] ? sel_write_load+0x119/0xf60 [ 1502.326867] [<000000009122b07a>] sel_write_load+0x119/0xf60 [ 1502.326874] [<0000000014953e9a>] ? sel_read_bool+0x240/0x240 [ 1502.326883] [<0000000033795d1e>] ? trace_hardirqs_on+0x10/0x10 [ 1502.326891] [<000000008431afd9>] __vfs_write+0x116/0x560 [ 1502.326899] [<0000000014953e9a>] ? sel_read_bool+0x240/0x240 [ 1502.326906] [<00000000b67253ca>] ? __vfs_read+0x550/0x550 [ 1502.326915] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1502.326924] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1502.326933] [<00000000ad48bf15>] ? rcu_read_lock_sched_held+0x10b/0x130 [ 1502.326940] [<00000000a3300644>] ? rcu_sync_lockdep_assert+0x73/0xb0 [ 1502.326949] [<000000003542cfd2>] ? __sb_start_write+0x161/0x310 [ 1502.326956] [<000000006a657c39>] vfs_write+0x185/0x520 [ 1502.326963] [<00000000896b6640>] SyS_write+0x121/0x270 [ 1502.326971] [<0000000039622e10>] ? SyS_read+0x270/0x270 [ 1502.326980] [<00000000207ed57a>] ? do_syscall_64+0x4a/0x5c0 [ 1502.326987] [<0000000039622e10>] ? SyS_read+0x270/0x270 [ 1502.326995] [<000000009049c43c>] do_syscall_64+0x1ad/0x5c0 [ 1502.327006] [<00000000880b3aee>] entry_SYSCALL_64_after_swapgs+0x5d/0xdb [ 1502.327010] Mem-Info: [ 1502.327030] active_anon:189507 inactive_anon:40 isolated_anon:0 [ 1502.327030] active_file:12654 inactive_file:19334 isolated_file:0 [ 1502.327030] unevictable:1 dirty:96 writeback:0 unstable:0 [ 1502.327030] slab_reclaimable:8880 slab_unreclaimable:100643 [ 1502.327030] mapped:59368 shmem:56 pagetables:77411 bounce:0 [ 1502.327030] free:1133606 free_pcp:471 free_cma:0 [ 1502.327046] Node 0 active_anon:758028kB inactive_anon:160kB active_file:50616kB inactive_file:77336kB unevictable:4kB isolated(anon):0kB isolated(file):0kB mapped:237472kB dirty:384kB writeback:0kB shmem:224kB writeback_tmp:0kB unstable:0kB pages_scanned:0 all_unreclaimable? no [ 1502.327072] DMA32 free:3012768kB min:4696kB low:7712kB high:10728kB active_anon:8kB inactive_anon:0kB active_file:4kB inactive_file:0kB unevictable:0kB writepending:0kB present:3145324kB managed:3020092kB mlocked:0kB slab_reclaimable:72kB slab_unreclaimable:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:1232kB local_pcp:644kB free_cma:0kB lowmem_reserve[]: 0 3505 3505 [ 1502.327100] Normal free:1521656kB min:5580kB low:9168kB high:12756kB active_anon:758020kB inactive_anon:160kB active_file:50612kB inactive_file:77336kB unevictable:4kB writepending:384kB present:4718592kB managed:3589316kB mlocked:4kB slab_reclaimable:35448kB slab_unreclaimable:402572kB kernel_stack:98592kB pagetables:309644kB bounce:0kB free_pcp:652kB local_pcp:296kB free_cma:0kB lowmem_reserve[]: 0 0 0 [ 1502.327155] DMA32: 12*4kB (UM) 12*8kB (UME) 7*16kB (UME) 5*32kB (UME) 4*64kB (UM) 6*128kB (UME) 7*256kB (UME) 6*512kB (UME) 4*1024kB (UME) 4*2048kB (UME) 731*4096kB (UM) = 3012768kB Normal: 4*4kB (E) 5*8kB (UME) 22*16kB (UME) 11*32kB (UM) 5*64kB (UM) 5*128kB (UME) 3*256kB (UE) 1*512kB (U) 1*1024kB (E) 1*2048kB (U) 370*4096kB (U) = 1521592kB 32042 total pagecache pages [ 1502.327207] 0 pages in swap cache [ 1502.327212] Swap cache stats: add 0, delete 0, find 0/0 [ 1502.327214] Free swap = 0kB [ 1502.327216] Total swap = 0kB [ 1502.327219] 1965979 pages RAM [ 1502.327221] 0 pages HighMem/MovableOnly [ 1502.327223] 313627 pages reserved [ 1502.327380] syz-executor.1: vmalloc: allocation failure: 0 bytes, mode:0x24000c2(GFP_KERNEL|__GFP_HIGHMEM) [ 1502.327464] CPU: 0 PID: 29315 Comm: syz-executor.1 Not tainted 4.9.194+ #0 [ 1502.327481] ffff88012752f968 ffffffff81b67001 1ffff10024ea5f2f ffff880128aaaf80 [ 1502.327496] ffffffff82aab4e0 0000000000000001 0000000000400000 ffff88012752fa90 [ 1502.327509] ffffffff815080fc 0000000041b58ab3 ffffffff82e3bc80 ffffffff81431d00 [ 1502.327511] Call Trace: [ 1502.327524] [<0000000011681f42>] dump_stack+0xc1/0x120 [ 1502.327533] [<000000007c2097d2>] warn_alloc.cold+0x76/0x93 [ 1502.327542] [<00000000de19d6ac>] ? zone_watermark_ok_safe+0x260/0x260 [ 1502.327550] [<00000000298d54b5>] ? avc_has_perm+0x164/0x3a0 [ 1502.327559] [<000000002ca6a874>] ? mutex_lock_nested+0x6cc/0x920 [ 1502.327568] [<000000005cb91349>] __vmalloc_node_range+0x368/0x610 [ 1502.327577] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1502.327586] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1502.327596] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1502.327604] [<00000000a2fc1867>] ? task_has_security+0x130/0x270 [ 1502.327612] [<00000000a2870fb6>] vmalloc+0x5c/0x70 [ 1502.327619] [<000000009122b07a>] ? sel_write_load+0x119/0xf60 [ 1502.327626] [<000000009122b07a>] sel_write_load+0x119/0xf60 [ 1502.327633] [<0000000014953e9a>] ? sel_read_bool+0x240/0x240 [ 1502.327641] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1502.327649] [<00000000b9229046>] ? retint_kernel+0x2d/0x2d [ 1502.327658] [<0000000033795d1e>] ? trace_hardirqs_on+0x10/0x10 [ 1502.327667] [<000000008431afd9>] __vfs_write+0x116/0x560 [ 1502.327674] [<0000000014953e9a>] ? sel_read_bool+0x240/0x240 [ 1502.327681] [<00000000b67253ca>] ? __vfs_read+0x550/0x550 [ 1502.327691] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1502.327700] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1502.327709] [<00000000ad48bf15>] ? rcu_read_lock_sched_held+0x10b/0x130 [ 1502.327717] [<00000000a3300644>] ? rcu_sync_lockdep_assert+0x73/0xb0 [ 1502.327726] [<000000003542cfd2>] ? __sb_start_write+0x161/0x310 [ 1502.327734] [<000000006a657c39>] vfs_write+0x185/0x520 [ 1502.327742] [<00000000896b6640>] SyS_write+0x121/0x270 [ 1502.327749] [<0000000039622e10>] ? SyS_read+0x270/0x270 [ 1502.327758] [<00000000207ed57a>] ? do_syscall_64+0x4a/0x5c0 [ 1502.327766] [<0000000039622e10>] ? SyS_read+0x270/0x270 [ 1502.327773] [<000000009049c43c>] do_syscall_64+0x1ad/0x5c0 22:10:55 executing program 5: r0 = socket$inet6(0xa, 0x80003, 0x6b) ioctl(r0, 0x1000008912, &(0x7f00000001c0)="0815b5055e0bcfe87b3071") r1 = socket$inet(0x2, 0x802, 0x0) setsockopt$inet_opts(r1, 0x0, 0x4, &(0x7f00006cdffb)="8907040000", 0x5) sendmmsg(r1, &(0x7f0000005c00)=[{{&(0x7f00000000c0)=@in={0x2, 0x4e20, @multicast1}, 0x80, 0x0}}], 0x1, 0xa00) 22:10:55 executing program 0: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) socket(0x0, 0x0, 0x8) poll(0x0, 0x0, 0x8000000000000200) socketpair(0x10, 0x0, 0x0, 0x0) creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$TIOCLINUX4(0xffffffffffffffff, 0x541c, 0x0) r0 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = openat$selinux_load(0xffffffffffffff9c, 0x0, 0x2, 0x0) write$selinux_load(r1, &(0x7f0000000300)=ANY=[@ANYBLOB], 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x21) wait4(0x0, 0x0, 0x0, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x10000, 0x0, 0x15}) syz_open_pts(0xffffffffffffffff, 0x0) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000540)='/dev/vga_arbiter\x00', 0x511441, 0x0) 22:10:55 executing program 1: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x13102000ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket(0x0, 0x0, 0x0) poll(0x0, 0x0, 0x8000000000000200) socketpair(0x10, 0x0, 0xfe, &(0x7f0000000180)) r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = creat(0x0, 0x0) ioctl$TIOCLINUX4(r1, 0x541c, &(0x7f0000000040)) dup2(r0, 0xffffffffffffffff) r2 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r3, &(0x7f0000000300)=ANY=[], 0x0) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x21) wait4(0x0, 0x0, 0x0, 0x0) syz_open_pts(r0, 0x0) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0xf, &(0x7f00009abffc)=0x5, 0x4) 22:10:55 executing program 3: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket(0x0, 0x0, 0x8) poll(0x0, 0x0, 0x0) creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$TIOCLINUX4(0xffffffffffffffff, 0x541c, &(0x7f0000000040)) r0 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(0xffffffffffffffff, &(0x7f0000000300)=ANY=[@ANYBLOB], 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x21) wait4(0x0, 0x0, 0x0, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x10000, 0x0, 0x15}) syz_open_pts(0xffffffffffffffff, 0x0) 22:10:55 executing program 4: perf_event_open(0x0, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) socket(0x0, 0x0, 0x8) poll(0x0, 0x0, 0x8000000000000200) creat(&(0x7f00000000c0)='./file0\x00', 0x0) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r0, 0x0, 0x0) ptrace$setopts(0x4206, 0x0, 0x0, 0x0) wait4(0x0, 0x0, 0x0, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x10000, 0x0, 0x15}) 22:10:55 executing program 2: r0 = socket$inet6(0xa, 0x80003, 0x6b) ioctl(r0, 0x1000008912, &(0x7f00000001c0)="0815b5055e0bcfe87b3071") bpf$PROG_LOAD(0x5, &(0x7f000000d000)={0xa, 0x3, &(0x7f0000008000)=@framed={{0xffffff85, 0x0, 0x0, 0x0, 0x22, 0x7}}, &(0x7f0000014ff5)='syzka\x00\x00\x00\x05\x00\xf3', 0x2, 0x1000, &(0x7f0000014000)=""/4096}, 0x48) 22:10:55 executing program 3: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket(0x0, 0x0, 0x8) poll(0x0, 0x0, 0x0) creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$TIOCLINUX4(0xffffffffffffffff, 0x541c, &(0x7f0000000040)) r0 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r1, 0x0, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x21) wait4(0x0, 0x0, 0x0, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x10000, 0x0, 0x15}) syz_open_pts(0xffffffffffffffff, 0x0) [ 1502.327782] [<00000000880b3aee>] entry_SYSCALL_64_after_swapgs+0x5d/0xdb [ 1502.327806] Mem-Info: [ 1502.327839] active_anon:189507 inactive_anon:40 isolated_anon:0 [ 1502.327839] active_file:12654 inactive_file:19334 isolated_file:0 [ 1502.327839] unevictable:1 dirty:96 writeback:0 unstable:0 [ 1502.327839] slab_reclaimable:8880 slab_unreclaimable:100643 [ 1502.327839] mapped:59368 shmem:56 pagetables:77411 bounce:0 [ 1502.327839] free:1133606 free_pcp:471 free_cma:0 22:10:55 executing program 1: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x13102000ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket(0x0, 0x0, 0x0) poll(0x0, 0x0, 0x8000000000000200) socketpair(0x10, 0x0, 0xfe, &(0x7f0000000180)) r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = creat(0x0, 0x0) ioctl$TIOCLINUX4(r1, 0x541c, &(0x7f0000000040)) dup2(r0, 0xffffffffffffffff) r2 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r3, &(0x7f0000000300)=ANY=[], 0x0) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x21) wait4(0x0, 0x0, 0x0, 0x0) syz_open_pts(r0, 0x0) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0xf, &(0x7f00009abffc)=0x5, 0x4) 22:10:55 executing program 2: r0 = socket$inet6(0xa, 0x80003, 0x6b) ioctl(r0, 0x1000008912, &(0x7f00000001c0)="0815b5055e0bcfe87b3071") r1 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000000)={0x0, 0x3}, 0x4) [ 1502.327868] Node 0 active_anon:758028kB inactive_anon:160kB active_file:50616kB inactive_file:77336kB unevictable:4kB isolated(anon):0kB isolated(file):0kB mapped:237472kB dirty:384kB writeback:0kB shmem:224kB writeback_tmp:0kB unstable:0kB pages_scanned:0 all_unreclaimable? no [ 1502.327906] DMA32 free:3012768kB min:4696kB low:7712kB high:10728kB active_anon:8kB inactive_anon:0kB active_file:4kB inactive_file:0kB unevictable:0kB writepending:0kB present:3145324kB managed:3020092kB mlocked:0kB slab_reclaimable:72kB slab_unreclaimable:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:1232kB local_pcp:588kB free_cma:0kB 22:10:55 executing program 5: r0 = socket$inet6(0xa, 0x80003, 0x6b) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0815b5055e2bcfe87b3071") unshare(0x6c060000) socket$inet_tcp(0x2, 0x1, 0x0) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl$sock_inet_SIOCSIFADDR(r1, 0x8916, &(0x7f0000000100)={'lo\x00', {0x2, 0x0, @local}}) r2 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r2, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10) sendto$inet(r2, 0x0, 0x0, 0x200007fd, &(0x7f00000008c0)={0x2, 0x0, @local}, 0x10) shutdown(r2, 0x0) 22:10:55 executing program 3: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket(0x0, 0x0, 0x8) poll(0x0, 0x0, 0x0) creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$TIOCLINUX4(0xffffffffffffffff, 0x541c, &(0x7f0000000040)) r0 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r1, 0x0, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x21) wait4(0x0, 0x0, 0x0, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x10000, 0x0, 0x15}) syz_open_pts(0xffffffffffffffff, 0x0) lowmem_reserve[]: 0 3505 3505 [ 1502.327980] Normal free:1521656kB min:5580kB low:9168kB high:12756kB active_anon:758020kB inactive_anon:160kB active_file:50612kB inactive_file:77336kB unevictable:4kB writepending:384kB present:4718592kB managed:3589316kB mlocked:4kB slab_reclaimable:35448kB slab_unreclaimable:402572kB kernel_stack:98592kB pagetables:309644kB bounce:0kB free_pcp:652kB local_pcp:356kB free_cma:0kB 22:10:55 executing program 1: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x13102000ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket(0x0, 0x0, 0x0) poll(0x0, 0x0, 0x8000000000000200) socketpair(0x10, 0x0, 0xfe, &(0x7f0000000180)) r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = creat(0x0, 0x0) ioctl$TIOCLINUX4(r1, 0x541c, &(0x7f0000000040)) dup2(r0, 0xffffffffffffffff) r2 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r3, &(0x7f0000000300)=ANY=[], 0x0) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x21) wait4(0x0, 0x0, 0x0, 0x0) syz_open_pts(r0, 0x0) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0xf, &(0x7f00009abffc)=0x5, 0x4) lowmem_reserve[]: 0 0 0 [ 1502.328277] DMA32: 12*4kB (UM) 12*8kB (UME) 7*16kB (UME) 5*32kB (UME) 4*64kB (UM) 6*128kB (UME) 7*256kB (UME) 6*512kB (UME) 4*1024kB (UME) 4*2048kB (UME) 731*4096kB (UM) = 3012768kB Normal: 4*4kB (E) 5*8kB (UME) 22*16kB (UME) 11*32kB (UM) 5*64kB (UM) 5*128kB (UME) 3*256kB (UE) 1*512kB (U) 1*1024kB (E) 1*2048kB (U) 370*4096kB (U) = 1521592kB 32042 total pagecache pages 22:10:55 executing program 2: r0 = socket$inet6(0xa, 0x80003, 0x6b) ioctl(r0, 0x1000008912, &(0x7f00000001c0)="0815b5055e0bcfe87b3071") r1 = socket$inet_tcp(0x2, 0x1, 0x0) getsockopt$inet_tcp_int(r1, 0x6, 0x6ca, 0x0, &(0x7f00000000c0)=0xffffffffffffffe4) [ 1502.328597] 0 pages in swap cache [ 1502.328616] Swap cache stats: add 0, delete 0, find 0/0 [ 1502.328629] Free swap = 0kB [ 1502.328631] Total swap = 0kB [ 1502.328665] 1965979 pages RAM [ 1502.328681] 0 pages HighMem/MovableOnly [ 1502.328710] 313627 pages reserved [ 1502.328857] syz-executor.4: vmalloc: allocation failure: 0 bytes, mode:0x24000c2(GFP_KERNEL|__GFP_HIGHMEM) 22:10:55 executing program 0: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) socket(0x0, 0x0, 0x8) poll(0x0, 0x0, 0x8000000000000200) socketpair(0x10, 0x0, 0x0, 0x0) creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$TIOCLINUX4(0xffffffffffffffff, 0x541c, 0x0) r0 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = openat$selinux_load(0xffffffffffffff9c, 0x0, 0x2, 0x0) write$selinux_load(r1, &(0x7f0000000300)=ANY=[@ANYBLOB], 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x21) wait4(0x0, 0x0, 0x0, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x10000, 0x0, 0x15}) syz_open_pts(0xffffffffffffffff, 0x0) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000540)='/dev/vga_arbiter\x00', 0x511441, 0x0) 22:10:55 executing program 3: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket(0x0, 0x0, 0x8) poll(0x0, 0x0, 0x0) creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$TIOCLINUX4(0xffffffffffffffff, 0x541c, &(0x7f0000000040)) r0 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r1, 0x0, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x21) wait4(0x0, 0x0, 0x0, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x10000, 0x0, 0x15}) syz_open_pts(0xffffffffffffffff, 0x0) 22:10:55 executing program 1: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x13102000ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket(0x0, 0x0, 0x0) poll(0x0, 0x0, 0x8000000000000200) socketpair(0x10, 0x0, 0xfe, &(0x7f0000000180)) r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$TIOCLINUX4(0xffffffffffffffff, 0x541c, &(0x7f0000000040)) dup2(r0, 0xffffffffffffffff) r1 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r2, &(0x7f0000000300)=ANY=[], 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x21) wait4(0x0, 0x0, 0x0, 0x0) syz_open_pts(r0, 0x0) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0xf, &(0x7f00009abffc)=0x5, 0x4) 22:10:55 executing program 4: perf_event_open(0x0, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) socket(0x0, 0x0, 0x8) poll(0x0, 0x0, 0x8000000000000200) creat(&(0x7f00000000c0)='./file0\x00', 0x0) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r0, 0x0, 0x0) ptrace$setopts(0x4206, 0x0, 0x0, 0x0) wait4(0x0, 0x0, 0x0, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x10000, 0x0, 0x15}) [ 1502.328867] CPU: 1 PID: 29325 Comm: syz-executor.4 Not tainted 4.9.194+ #0 [ 1502.328884] ffff8801374e7968 ffffffff81b67001 1ffff10026e9cf2f ffff88019e2e2f80 [ 1502.328914] ffffffff82aab4e0 0000000000000001 0000000000400000 ffff8801374e7a90 22:10:55 executing program 3: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket(0x0, 0x0, 0x8) poll(0x0, 0x0, 0x0) creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$TIOCLINUX4(0xffffffffffffffff, 0x541c, &(0x7f0000000040)) r0 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r1, &(0x7f0000000300)=ANY=[], 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x21) wait4(0x0, 0x0, 0x0, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x10000, 0x0, 0x15}) syz_open_pts(0xffffffffffffffff, 0x0) [ 1502.328927] ffffffff815080fc 0000000041b58ab3 ffffffff82e3bc80 ffffffff81431d00 [ 1502.328928] Call Trace: [ 1502.328942] [<0000000011681f42>] dump_stack+0xc1/0x120 [ 1502.328953] [<000000007c2097d2>] warn_alloc.cold+0x76/0x93 [ 1502.328963] [<00000000de19d6ac>] ? zone_watermark_ok_safe+0x260/0x260 [ 1502.328972] [<00000000298d54b5>] ? avc_has_perm+0x164/0x3a0 [ 1502.328982] [<000000005cb91349>] __vmalloc_node_range+0x368/0x610 22:10:56 executing program 2: r0 = socket$inet6(0xa, 0x80003, 0x6b) ioctl(r0, 0x1000008912, &(0x7f00000001c0)="0815b5055e0bcfe87b3071") r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x1, 0x3, &(0x7f0000001fd8)=ANY=[@ANYBLOB="850000002a00000084000000000000009500000000000000"], &(0x7f0000000180)='EP\xd4\x00\x1f\x91\xeb/W\xb72$C0%\x03\x9c0\x96\xb2\fkC\x93H\xbfh\x9c\b`\x857\xd6\">c\xad\xc0bO\xba\xe2\xe1\t5\x9d\xcei\"2L\xcc\x13\x16\vh\xca\xe6C\x06\x97%\x9d\xd5-\x1fs\xe1j\xdc5\x92\xd0)%\xdf\xfa\xe8^\x9c\xd29\x8clg\xc8\x7f\xb5\xb1&\x02\xf1E\xb4\x84\xbeE\x91)f\xe8\xb7\xe2\xf6`i\xc5m\xd7l\x1d\xc1\x12\x01<:kM\xe9\x99\xcd\xcd\xc8\x85Z\xee47\xdc\xc8u\x80\xcf\xbeTo\xbb\xfb\xc0\xebV\xd8\xbb\xbe\xa2\x90J|s\xc2'}, 0x48) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000740)={r1, 0xc0, &(0x7f0000000380)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, 0x10) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000300)={r2}, 0xc) [ 1502.328991] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 22:10:56 executing program 1: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x13102000ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket(0x0, 0x0, 0x0) poll(0x0, 0x0, 0x8000000000000200) socketpair(0x10, 0x0, 0xfe, &(0x7f0000000180)) r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$TIOCLINUX4(0xffffffffffffffff, 0x541c, &(0x7f0000000040)) dup2(r0, 0xffffffffffffffff) r1 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r2, &(0x7f0000000300)=ANY=[], 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x21) wait4(0x0, 0x0, 0x0, 0x0) syz_open_pts(r0, 0x0) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0xf, &(0x7f00009abffc)=0x5, 0x4) 22:10:56 executing program 3: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket(0x0, 0x0, 0x8) poll(0x0, 0x0, 0x0) creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$TIOCLINUX4(0xffffffffffffffff, 0x541c, &(0x7f0000000040)) r0 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r1, &(0x7f0000000300)=ANY=[], 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x21) wait4(0x0, 0x0, 0x0, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x10000, 0x0, 0x15}) syz_open_pts(0xffffffffffffffff, 0x0) [ 1502.328999] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1502.329006] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1502.329016] [<00000000a2fc1867>] ? task_has_security+0x130/0x270 [ 1502.329023] [<00000000a2870fb6>] vmalloc+0x5c/0x70 [ 1502.329031] [<000000009122b07a>] ? sel_write_load+0x119/0xf60 [ 1502.329038] [<000000009122b07a>] sel_write_load+0x119/0xf60 [ 1502.329046] [<0000000014953e9a>] ? sel_read_bool+0x240/0x240 [ 1502.329055] [<0000000033795d1e>] ? trace_hardirqs_on+0x10/0x10 [ 1502.329063] [<000000008431afd9>] __vfs_write+0x116/0x560 [ 1502.329071] [<0000000014953e9a>] ? sel_read_bool+0x240/0x240 [ 1502.329078] [<00000000b67253ca>] ? __vfs_read+0x550/0x550 [ 1502.329087] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1502.329096] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1502.329105] [<00000000ad48bf15>] ? rcu_read_lock_sched_held+0x10b/0x130 [ 1502.329113] [<00000000a3300644>] ? rcu_sync_lockdep_assert+0x73/0xb0 [ 1502.329121] [<000000003542cfd2>] ? __sb_start_write+0x161/0x310 [ 1502.329129] [<000000006a657c39>] vfs_write+0x185/0x520 [ 1502.329136] [<00000000896b6640>] SyS_write+0x121/0x270 [ 1502.329143] [<0000000039622e10>] ? SyS_read+0x270/0x270 [ 1502.329151] [<00000000207ed57a>] ? do_syscall_64+0x4a/0x5c0 22:10:56 executing program 5: r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00008feff0)={&(0x7f00000002c0)=ANY=[@ANYBLOB="020d0000100000000000000000000000030006000000000002000000e00000010000000000000000080012000200020000010000000000003000000003030000ff3f567b00000000000000000000000000000000f9000001ac1405bb000000000000000000000000030005000000000002000000e00000010000000000000000b0cbb9c0814c269aaf5972e92605d01ce86893dca70a486bf332259c253d46b9e9a11d062868e3c3696ce69e5d0000dd32d10fba6a469549ef36deff6535934bd9d2754ea44a05005e002b158eee6b7349411bcd6e6bf05ff5a5270f3a912deb94806631ad7455094542c131"], 0x80}}, 0x0) 22:10:56 executing program 1: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x13102000ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket(0x0, 0x0, 0x0) poll(0x0, 0x0, 0x8000000000000200) socketpair(0x10, 0x0, 0xfe, &(0x7f0000000180)) r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$TIOCLINUX4(0xffffffffffffffff, 0x541c, &(0x7f0000000040)) dup2(r0, 0xffffffffffffffff) r1 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r2, &(0x7f0000000300)=ANY=[], 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x21) wait4(0x0, 0x0, 0x0, 0x0) syz_open_pts(r0, 0x0) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0xf, &(0x7f00009abffc)=0x5, 0x4) 22:10:56 executing program 3: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket(0x0, 0x0, 0x8) poll(0x0, 0x0, 0x0) creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$TIOCLINUX4(0xffffffffffffffff, 0x541c, &(0x7f0000000040)) r0 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r1, &(0x7f0000000300)=ANY=[], 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x21) wait4(0x0, 0x0, 0x0, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x10000, 0x0, 0x15}) syz_open_pts(0xffffffffffffffff, 0x0) [ 1502.329158] [<0000000039622e10>] ? SyS_read+0x270/0x270 22:10:56 executing program 2: r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000240)={{{@in=@multicast1, @in6=@remote, 0x0, 0x0, 0x0, 0x0, 0x2}, {}, {}, 0x0, 0x0, 0x1}, {{@in=@multicast2, 0x0, 0x33}, 0x0, @in6=@empty}}, 0xe8) connect$inet6(r0, &(0x7f0000000a40)={0xa, 0x0, 0x0, @remote, 0x6}, 0x1c) sendmmsg(r0, &(0x7f0000000000)=[{{0x0, 0x0, 0x0}}, {{&(0x7f0000000580)=@in={0x2, 0x4e21, @multicast2}, 0x80, 0x0}}], 0x2, 0x0) [ 1502.329165] [<000000009049c43c>] do_syscall_64+0x1ad/0x5c0 [ 1502.329175] [<00000000880b3aee>] entry_SYSCALL_64_after_swapgs+0x5d/0xdb 22:10:56 executing program 0: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) socket(0x0, 0x0, 0x8) poll(0x0, 0x0, 0x8000000000000200) socketpair(0x10, 0x0, 0x0, 0x0) creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$TIOCLINUX4(0xffffffffffffffff, 0x541c, 0x0) r0 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(0xffffffffffffffff, &(0x7f0000000300)=ANY=[@ANYBLOB], 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x21) wait4(0x0, 0x0, 0x0, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x10000, 0x0, 0x15}) syz_open_pts(0xffffffffffffffff, 0x0) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000540)='/dev/vga_arbiter\x00', 0x511441, 0x0) [ 1502.329178] Mem-Info: [ 1502.329196] active_anon:189507 inactive_anon:40 isolated_anon:0 [ 1502.329196] active_file:12654 inactive_file:19334 isolated_file:0 [ 1502.329196] unevictable:1 dirty:96 writeback:0 unstable:0 [ 1502.329196] slab_reclaimable:8880 slab_unreclaimable:100643 [ 1502.329196] mapped:59368 shmem:56 pagetables:77411 bounce:0 [ 1502.329196] free:1133606 free_pcp:471 free_cma:0 22:10:56 executing program 4: perf_event_open(0x0, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) socket(0x0, 0x0, 0x8) poll(0x0, 0x0, 0x8000000000000200) creat(&(0x7f00000000c0)='./file0\x00', 0x0) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r0, 0x0, 0x0) ptrace$setopts(0x4206, 0x0, 0x0, 0x0) wait4(0x0, 0x0, 0x0, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x10000, 0x0, 0x15}) 22:10:56 executing program 1: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x13102000ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket(0x0, 0x0, 0x0) poll(0x0, 0x0, 0x8000000000000200) socketpair(0x10, 0x0, 0xfe, &(0x7f0000000180)) r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$TIOCLINUX4(r1, 0x541c, 0x0) dup2(r0, 0xffffffffffffffff) r2 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r3, &(0x7f0000000300)=ANY=[], 0x0) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x21) wait4(0x0, 0x0, 0x0, 0x0) syz_open_pts(r0, 0x0) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0xf, &(0x7f00009abffc)=0x5, 0x4) [ 1502.329212] Node 0 active_anon:758028kB inactive_anon:160kB active_file:50616kB inactive_file:77336kB unevictable:4kB isolated(anon):0kB isolated(file):0kB mapped:237472kB dirty:384kB writeback:0kB shmem:224kB writeback_tmp:0kB unstable:0kB pages_scanned:0 all_unreclaimable? no 22:10:56 executing program 3: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket(0x0, 0x0, 0x8) poll(0x0, 0x0, 0x0) creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$TIOCLINUX4(0xffffffffffffffff, 0x541c, &(0x7f0000000040)) r0 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r1, &(0x7f0000000300)=ANY=[@ANYBLOB], 0x0) ptrace$setopts(0xffffffffffffffff, r0, 0x0, 0x0) tkill(r0, 0x21) wait4(0x0, 0x0, 0x0, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x10000, 0x0, 0x15}) syz_open_pts(0xffffffffffffffff, 0x0) 22:10:56 executing program 2: r0 = socket$inet6(0xa, 0x800000000000002, 0x0) sendto$inet6(r0, 0x0, 0x0, 0x0, &(0x7f0000000040)={0xa, 0x4e33, 0x0, @mcast2}, 0x1c) [ 1502.329238] DMA32 free:3012768kB min:4696kB low:7712kB high:10728kB active_anon:8kB inactive_anon:0kB active_file:4kB inactive_file:0kB unevictable:0kB writepending:0kB present:3145324kB managed:3020092kB mlocked:0kB slab_reclaimable:72kB slab_unreclaimable:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:1232kB local_pcp:644kB free_cma:0kB 22:10:56 executing program 5: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000200)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'vet\x00\x00\x00\x00\x00D\x00\x00\x00\xbdh\x00', 0x43732e5398416f1a}) ioctl$TUNSETTXFILTER(r0, 0x400454d1, &(0x7f0000000000)={0x0, 0x1, [@random="1993060783f1"]}) lowmem_reserve[]: 0 3505 3505 [ 1502.329266] Normal free:1521656kB min:5580kB low:9168kB high:12756kB active_anon:758020kB inactive_anon:160kB active_file:50612kB inactive_file:77336kB unevictable:4kB writepending:384kB present:4718592kB managed:3589316kB mlocked:4kB slab_reclaimable:35448kB slab_unreclaimable:402572kB kernel_stack:98624kB pagetables:309644kB bounce:0kB free_pcp:652kB local_pcp:296kB free_cma:0kB 22:10:57 executing program 1: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x13102000ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket(0x0, 0x0, 0x0) poll(0x0, 0x0, 0x8000000000000200) socketpair(0x10, 0x0, 0xfe, &(0x7f0000000180)) r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$TIOCLINUX4(r1, 0x541c, 0x0) dup2(r0, 0xffffffffffffffff) r2 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r3, &(0x7f0000000300)=ANY=[], 0x0) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x21) wait4(0x0, 0x0, 0x0, 0x0) syz_open_pts(r0, 0x0) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0xf, &(0x7f00009abffc)=0x5, 0x4) lowmem_reserve[]: 0 0 0 [ 1502.329325] DMA32: 12*4kB (UM) 12*8kB (UME) 7*16kB (UME) 5*32kB (UME) 4*64kB (UM) 6*128kB (UME) 7*256kB (UME) 6*512kB (UME) 4*1024kB (UME) 4*2048kB (UME) 731*4096kB (UM) = 3012768kB 22:10:57 executing program 2: r0 = openat$null(0xffffffffffffff9c, &(0x7f0000000100)='/dev/null\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000000)={0x1000000002, 0x70, 0x800000000000013, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) fsetxattr$security_capability(r0, &(0x7f00000001c0)='security.capability\x00', &(0x7f0000000200)=@v3={0x3000000, [{}, {0x0, 0x16}]}, 0x18, 0x0) 22:10:57 executing program 3: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket(0x0, 0x0, 0x8) poll(0x0, 0x0, 0x0) creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$TIOCLINUX4(0xffffffffffffffff, 0x541c, &(0x7f0000000040)) r0 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r1, &(0x7f0000000300)=ANY=[@ANYBLOB], 0x0) ptrace$setopts(0xffffffffffffffff, r0, 0x0, 0x0) tkill(r0, 0x21) wait4(0x0, 0x0, 0x0, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x10000, 0x0, 0x15}) syz_open_pts(0xffffffffffffffff, 0x0) Normal: 4*4kB (E) 5*8kB (UME) 22*16kB (UME) 10*32kB (UM) 5*64kB (UM) 5*128kB (UME) 3*256kB (UE) 1*512kB (U) 1*1024kB (E) 1*2048kB (U) 370*4096kB (U) = 1521560kB 32042 total pagecache pages [ 1502.329387] 0 pages in swap cache [ 1502.329391] Swap cache stats: add 0, delete 0, find 0/0 [ 1502.329394] Free swap = 0kB [ 1502.329396] Total swap = 0kB [ 1502.329398] 1965979 pages RAM 22:10:57 executing program 5: r0 = socket$nl_route(0x10, 0x3, 0x0) socket$netlink(0x10, 0x3, 0x0) r1 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route_sched(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000003c0)=ANY=[@ANYBLOB="38000000240007050000000000a2a30005000000", @ANYRES32=r2, @ANYBLOB="20000000ffffffff000000000900010068667363000000000800020000000000"], 0x38}}, 0x0) [ 1502.329401] 0 pages HighMem/MovableOnly [ 1502.329404] 313627 pages reserved [ 1502.329615] syz-executor.0: vmalloc: allocation failure: 0 bytes, mode:0x24000c2(GFP_KERNEL|__GFP_HIGHMEM) 22:10:57 executing program 0: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) socket(0x0, 0x0, 0x8) poll(0x0, 0x0, 0x8000000000000200) socketpair(0x10, 0x0, 0x0, 0x0) creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$TIOCLINUX4(0xffffffffffffffff, 0x541c, 0x0) r0 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(0xffffffffffffffff, &(0x7f0000000300)=ANY=[@ANYBLOB], 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x21) wait4(0x0, 0x0, 0x0, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x10000, 0x0, 0x15}) syz_open_pts(0xffffffffffffffff, 0x0) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000540)='/dev/vga_arbiter\x00', 0x511441, 0x0) [ 1502.329626] CPU: 1 PID: 29331 Comm: syz-executor.0 Not tainted 4.9.194+ #0 22:10:57 executing program 3: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket(0x0, 0x0, 0x8) poll(0x0, 0x0, 0x0) creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$TIOCLINUX4(0xffffffffffffffff, 0x541c, &(0x7f0000000040)) r0 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r1, &(0x7f0000000300)=ANY=[@ANYBLOB], 0x0) ptrace$setopts(0xffffffffffffffff, r0, 0x0, 0x0) tkill(r0, 0x21) wait4(0x0, 0x0, 0x0, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x10000, 0x0, 0x15}) syz_open_pts(0xffffffffffffffff, 0x0) [ 1502.329654] ffff880125a8f968 ffffffff81b67001 1ffff10024b51f2f ffff8801983b97c0 [ 1502.329667] ffffffff82aab4e0 0000000000000001 0000000000400000 ffff880125a8fa90 [ 1502.329680] ffffffff815080fc 0000000041b58ab3 ffffffff82e3bc80 ffffffff81431d00 22:10:57 executing program 5: [ 1502.329682] Call Trace: [ 1502.329697] [<0000000011681f42>] dump_stack+0xc1/0x120 [ 1502.329707] [<000000007c2097d2>] warn_alloc.cold+0x76/0x93 22:10:57 executing program 4: perf_event_open(0x0, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) socket(0x0, 0x0, 0x8) poll(0x0, 0x0, 0x8000000000000200) creat(&(0x7f00000000c0)='./file0\x00', 0x0) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r0, &(0x7f0000000300)=ANY=[], 0x0) ptrace$setopts(0x4206, 0x0, 0x0, 0x0) wait4(0x0, 0x0, 0x0, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x10000, 0x0, 0x15}) 22:10:57 executing program 2: [ 1502.329717] [<00000000de19d6ac>] ? zone_watermark_ok_safe+0x260/0x260 [ 1502.329727] [<00000000298d54b5>] ? avc_has_perm+0x164/0x3a0 [ 1502.329737] [<000000005cb91349>] __vmalloc_node_range+0x368/0x610 [ 1502.329747] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 22:10:57 executing program 3: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket(0x0, 0x0, 0x8) poll(0x0, 0x0, 0x0) creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$TIOCLINUX4(0xffffffffffffffff, 0x541c, &(0x7f0000000040)) r0 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r1, &(0x7f0000000300)=ANY=[@ANYBLOB], 0x0) ptrace$setopts(0x4206, 0x0, 0x0, 0x0) tkill(r0, 0x21) wait4(0x0, 0x0, 0x0, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x10000, 0x0, 0x15}) syz_open_pts(0xffffffffffffffff, 0x0) [ 1502.329756] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1502.329765] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1502.329774] [<00000000a2fc1867>] ? task_has_security+0x130/0x270 22:10:57 executing program 2: [ 1502.329781] [<00000000a2870fb6>] vmalloc+0x5c/0x70 22:10:57 executing program 5: [ 1502.329788] [<000000009122b07a>] ? sel_write_load+0x119/0xf60 [ 1502.329795] [<000000009122b07a>] sel_write_load+0x119/0xf60 [ 1502.329802] [<0000000014953e9a>] ? sel_read_bool+0x240/0x240 [ 1502.329812] [<0000000033795d1e>] ? trace_hardirqs_on+0x10/0x10 [ 1502.329820] [<000000008431afd9>] __vfs_write+0x116/0x560 [ 1502.329827] [<0000000014953e9a>] ? sel_read_bool+0x240/0x240 [ 1502.329834] [<00000000b67253ca>] ? __vfs_read+0x550/0x550 [ 1502.329843] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1502.329852] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1502.329861] [<00000000ad48bf15>] ? rcu_read_lock_sched_held+0x10b/0x130 [ 1502.329869] [<00000000a3300644>] ? rcu_sync_lockdep_assert+0x73/0xb0 [ 1502.329877] [<000000003542cfd2>] ? __sb_start_write+0x161/0x310 [ 1502.329885] [<000000006a657c39>] vfs_write+0x185/0x520 [ 1502.329893] [<00000000896b6640>] SyS_write+0x121/0x270 [ 1502.329900] [<0000000039622e10>] ? SyS_read+0x270/0x270 [ 1502.329908] [<00000000207ed57a>] ? do_syscall_64+0x4a/0x5c0 [ 1502.329915] [<0000000039622e10>] ? SyS_read+0x270/0x270 [ 1502.329922] [<000000009049c43c>] do_syscall_64+0x1ad/0x5c0 [ 1502.329932] [<00000000880b3aee>] entry_SYSCALL_64_after_swapgs+0x5d/0xdb [ 1502.329935] Mem-Info: [ 1502.329954] active_anon:189507 inactive_anon:40 isolated_anon:0 [ 1502.329954] active_file:12654 inactive_file:19334 isolated_file:0 [ 1502.329954] unevictable:1 dirty:96 writeback:0 unstable:0 [ 1502.329954] slab_reclaimable:8880 slab_unreclaimable:100643 [ 1502.329954] mapped:59368 shmem:56 pagetables:77411 bounce:0 [ 1502.329954] free:1133606 free_pcp:471 free_cma:0 [ 1502.329968] Node 0 active_anon:758028kB inactive_anon:160kB active_file:50616kB inactive_file:77336kB unevictable:4kB isolated(anon):0kB isolated(file):0kB mapped:237472kB dirty:384kB writeback:0kB shmem:224kB writeback_tmp:0kB unstable:0kB pages_scanned:0 all_unreclaimable? no [ 1502.329994] DMA32 free:3012768kB min:4696kB low:7712kB high:10728kB active_anon:8kB inactive_anon:0kB active_file:4kB inactive_file:0kB unevictable:0kB writepending:0kB present:3145324kB managed:3020092kB mlocked:0kB slab_reclaimable:72kB slab_unreclaimable:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:1232kB local_pcp:644kB free_cma:0kB lowmem_reserve[]: 0 3505 3505 [ 1502.330023] Normal free:1521656kB min:5580kB low:9168kB high:12756kB active_anon:758020kB inactive_anon:160kB active_file:50612kB inactive_file:77336kB unevictable:4kB writepending:384kB present:4718592kB managed:3589316kB mlocked:4kB slab_reclaimable:35448kB slab_unreclaimable:402572kB kernel_stack:98528kB pagetables:309644kB bounce:0kB free_pcp:652kB local_pcp:296kB free_cma:0kB lowmem_reserve[]: 0 0 0 [ 1502.330087] DMA32: 12*4kB (UM) 12*8kB (UME) 7*16kB (UME) 5*32kB (UME) 4*64kB (UM) 6*128kB (UME) 7*256kB (UME) 6*512kB (UME) 4*1024kB (UME) 4*2048kB (UME) 731*4096kB (UM) = 3012768kB Normal: 4*4kB (E) 5*8kB (UME) 22*16kB (UME) 13*32kB (UM) 5*64kB (UM) 5*128kB (UME) 3*256kB (UE) 1*512kB (U) 1*1024kB (E) 1*2048kB (U) 370*4096kB (U) = 1521656kB 32042 total pagecache pages [ 1502.330147] 0 pages in swap cache [ 1502.330151] Swap cache stats: add 0, delete 0, find 0/0 [ 1502.330154] Free swap = 0kB [ 1502.330156] Total swap = 0kB [ 1502.330159] 1965979 pages RAM [ 1502.330161] 0 pages HighMem/MovableOnly [ 1502.330163] 313627 pages reserved [ 1502.574241] syz-executor.4: vmalloc: allocation failure: 0 bytes, mode:0x24000c2(GFP_KERNEL|__GFP_HIGHMEM) [ 1502.574252] CPU: 1 PID: 29347 Comm: syz-executor.4 Not tainted 4.9.194+ #0 [ 1502.574273] ffff880130707968 ffffffff81b67001 1ffff100260e0f2f ffff880129f68000 [ 1502.574286] ffffffff82aab4e0 0000000000000001 0000000000400000 ffff880130707a90 [ 1502.574298] ffffffff815080fc 0000000041b58ab3 ffffffff82e3bc80 ffffffff81431d00 [ 1502.574300] Call Trace: [ 1502.574316] [<0000000011681f42>] dump_stack+0xc1/0x120 [ 1502.574330] [<000000007c2097d2>] warn_alloc.cold+0x76/0x93 [ 1502.574340] [<00000000de19d6ac>] ? zone_watermark_ok_safe+0x260/0x260 [ 1502.574351] [<00000000298d54b5>] ? avc_has_perm+0x164/0x3a0 [ 1502.574360] [<000000005cb91349>] __vmalloc_node_range+0x368/0x610 [ 1502.574370] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1502.574378] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1502.574387] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1502.574397] [<00000000a2fc1867>] ? task_has_security+0x130/0x270 [ 1502.574404] [<00000000a2870fb6>] vmalloc+0x5c/0x70 [ 1502.574411] [<000000009122b07a>] ? sel_write_load+0x119/0xf60 [ 1502.574417] [<000000009122b07a>] sel_write_load+0x119/0xf60 [ 1502.574424] [<0000000014953e9a>] ? sel_read_bool+0x240/0x240 [ 1502.574434] [<0000000033795d1e>] ? trace_hardirqs_on+0x10/0x10 [ 1502.574441] [<000000008431afd9>] __vfs_write+0x116/0x560 [ 1502.574448] [<0000000014953e9a>] ? sel_read_bool+0x240/0x240 [ 1502.574455] [<00000000b67253ca>] ? __vfs_read+0x550/0x550 [ 1502.574464] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1502.574472] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1502.574482] [<00000000ad48bf15>] ? rcu_read_lock_sched_held+0x10b/0x130 [ 1502.574489] [<00000000a3300644>] ? rcu_sync_lockdep_assert+0x73/0xb0 [ 1502.574497] [<000000003542cfd2>] ? __sb_start_write+0x161/0x310 [ 1502.574504] [<000000006a657c39>] vfs_write+0x185/0x520 [ 1502.574511] [<00000000896b6640>] SyS_write+0x121/0x270 [ 1502.574518] [<0000000039622e10>] ? SyS_read+0x270/0x270 [ 1502.574526] [<00000000207ed57a>] ? do_syscall_64+0x4a/0x5c0 [ 1502.574533] [<0000000039622e10>] ? SyS_read+0x270/0x270 [ 1502.574540] [<000000009049c43c>] do_syscall_64+0x1ad/0x5c0 [ 1502.574550] [<00000000880b3aee>] entry_SYSCALL_64_after_swapgs+0x5d/0xdb [ 1502.574553] Mem-Info: [ 1502.574574] active_anon:189614 inactive_anon:40 isolated_anon:0 [ 1502.574574] active_file:12657 inactive_file:19334 isolated_file:0 [ 1502.574574] unevictable:1 dirty:99 writeback:0 unstable:0 [ 1502.574574] slab_reclaimable:8876 slab_unreclaimable:100689 [ 1502.574574] mapped:59368 shmem:56 pagetables:77521 bounce:0 [ 1502.574574] free:1133375 free_pcp:418 free_cma:0 [ 1502.574593] Node 0 active_anon:758456kB inactive_anon:160kB active_file:50628kB inactive_file:77336kB unevictable:4kB isolated(anon):0kB isolated(file):0kB mapped:237472kB dirty:396kB writeback:0kB shmem:224kB writeback_tmp:0kB unstable:0kB pages_scanned:0 all_unreclaimable? no [ 1502.574612] DMA32 free:3012768kB min:4696kB low:7712kB high:10728kB active_anon:8kB inactive_anon:0kB active_file:4kB inactive_file:0kB unevictable:0kB writepending:0kB present:3145324kB managed:3020092kB mlocked:0kB slab_reclaimable:72kB slab_unreclaimable:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:1232kB local_pcp:644kB free_cma:0kB lowmem_reserve[]: 0 3505 3505 [ 1502.574656] Normal free:1520732kB min:5580kB low:9168kB high:12756kB active_anon:758448kB inactive_anon:160kB active_file:50624kB inactive_file:77336kB unevictable:4kB writepending:396kB present:4718592kB managed:3589316kB mlocked:4kB slab_reclaimable:35432kB slab_unreclaimable:402756kB kernel_stack:98560kB pagetables:310084kB bounce:0kB free_pcp:440kB local_pcp:176kB free_cma:0kB lowmem_reserve[]: 0 0 0 [ 1502.574714] DMA32: 12*4kB (UM) 12*8kB (UME) 7*16kB (UME) 5*32kB (UME) 4*64kB (UM) 6*128kB (UME) 7*256kB (UME) 6*512kB (UME) 4*1024kB (UME) 4*2048kB (UME) 731*4096kB (UM) = 3012768kB Normal: 5*4kB (UE) 3*8kB (E) 21*16kB (E) 1*32kB (U) 0*64kB 4*128kB (UE) 3*256kB (UE) 1*512kB (U) 1*1024kB (E) 1*2048kB (U) 370*4096kB (U) = 1520796kB 32044 total pagecache pages [ 1502.574766] 0 pages in swap cache [ 1502.574770] Swap cache stats: add 0, delete 0, find 0/0 [ 1502.574772] Free swap = 0kB [ 1502.574774] Total swap = 0kB [ 1502.574777] 1965979 pages RAM [ 1502.574779] 0 pages HighMem/MovableOnly [ 1502.574781] 313627 pages reserved [ 1502.996646] SELinux: policydb magic number 0xb3cd2224 does not match expected magic number 0xf97cff8c [ 1506.845477] SELinux: policydb magic number 0xb3cd2224 does not match expected magic number 0xf97cff8c [ 1506.846896] warn_alloc: 13 callbacks suppressed [ 1506.846912] syz-executor.4: vmalloc: allocation failure: 0 bytes, mode:0x24000c2(GFP_KERNEL|__GFP_HIGHMEM) [ 1506.846925] CPU: 1 PID: 29457 Comm: syz-executor.4 Not tainted 4.9.194+ #0 [ 1506.846943] ffff88013b1cf968 ffffffff81b67001 1ffff10027639f2f ffff8801a0c84740 [ 1506.846956] ffffffff82aab4e0 0000000000000001 0000000000400000 ffff88013b1cfa90 [ 1506.846968] ffffffff815080fc 0000000041b58ab3 ffffffff82e3bc80 ffffffff81431d00 [ 1506.846970] Call Trace: [ 1506.846989] [<0000000011681f42>] dump_stack+0xc1/0x120 [ 1506.846999] [<000000007c2097d2>] warn_alloc.cold+0x76/0x93 [ 1506.847009] [<00000000de19d6ac>] ? zone_watermark_ok_safe+0x260/0x260 [ 1506.847019] [<00000000298d54b5>] ? avc_has_perm+0x164/0x3a0 [ 1506.847033] [<000000005cb91349>] __vmalloc_node_range+0x368/0x610 [ 1506.847046] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1506.847055] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1506.847065] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1506.847075] [<00000000a2fc1867>] ? task_has_security+0x130/0x270 [ 1506.847082] [<00000000a2870fb6>] vmalloc+0x5c/0x70 [ 1506.847089] [<000000009122b07a>] ? sel_write_load+0x119/0xf60 [ 1506.847095] [<000000009122b07a>] sel_write_load+0x119/0xf60 [ 1506.847103] [<0000000014953e9a>] ? sel_read_bool+0x240/0x240 [ 1506.847112] [<0000000033795d1e>] ? trace_hardirqs_on+0x10/0x10 [ 1506.847119] [<000000008431afd9>] __vfs_write+0x116/0x560 [ 1506.847126] [<0000000014953e9a>] ? sel_read_bool+0x240/0x240 [ 1506.847133] [<00000000b67253ca>] ? __vfs_read+0x550/0x550 [ 1506.847142] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1506.847151] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1506.847160] [<00000000ad48bf15>] ? rcu_read_lock_sched_held+0x10b/0x130 [ 1506.847168] [<00000000a3300644>] ? rcu_sync_lockdep_assert+0x73/0xb0 [ 1506.847176] [<000000003542cfd2>] ? __sb_start_write+0x161/0x310 [ 1506.847183] [<000000006a657c39>] vfs_write+0x185/0x520 [ 1506.847191] [<00000000896b6640>] SyS_write+0x121/0x270 [ 1506.847198] [<0000000039622e10>] ? SyS_read+0x270/0x270 [ 1506.847206] [<00000000207ed57a>] ? do_syscall_64+0x4a/0x5c0 [ 1506.847213] [<0000000039622e10>] ? SyS_read+0x270/0x270 [ 1506.847220] [<000000009049c43c>] do_syscall_64+0x1ad/0x5c0 [ 1506.847230] [<00000000880b3aee>] entry_SYSCALL_64_after_swapgs+0x5d/0xdb [ 1506.847234] Mem-Info: [ 1506.847252] active_anon:189690 inactive_anon:40 isolated_anon:0 [ 1506.847252] active_file:12662 inactive_file:19334 isolated_file:0 [ 1506.847252] unevictable:1 dirty:115 writeback:0 unstable:0 [ 1506.847252] slab_reclaimable:8876 slab_unreclaimable:100636 [ 1506.847252] mapped:59368 shmem:56 pagetables:77578 bounce:0 [ 1506.847252] free:1133145 free_pcp:529 free_cma:0 [ 1506.847267] Node 0 active_anon:758760kB inactive_anon:160kB active_file:50648kB inactive_file:77336kB unevictable:4kB isolated(anon):0kB isolated(file):0kB mapped:237472kB dirty:460kB writeback:0kB shmem:224kB writeback_tmp:0kB unstable:0kB pages_scanned:0 all_unreclaimable? no [ 1506.847287] DMA32 free:3012768kB min:4696kB low:7712kB high:10728kB active_anon:8kB inactive_anon:0kB active_file:4kB inactive_file:0kB unevictable:0kB writepending:0kB present:3145324kB managed:3020092kB mlocked:0kB slab_reclaimable:72kB slab_unreclaimable:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:1232kB local_pcp:644kB free_cma:0kB lowmem_reserve[]: 0 3505 3505 [ 1506.847319] Normal free:1519812kB min:5580kB low:9168kB high:12756kB active_anon:758752kB inactive_anon:160kB active_file:50644kB inactive_file:77336kB unevictable:4kB writepending:460kB present:4718592kB managed:3589316kB mlocked:4kB slab_reclaimable:35432kB slab_unreclaimable:402544kB kernel_stack:98624kB pagetables:310312kB bounce:0kB free_pcp:884kB local_pcp:324kB free_cma:0kB lowmem_reserve[]: 0 0 0 [ 1506.847382] DMA32: 12*4kB (UM) 12*8kB (UME) 7*16kB (UME) 5*32kB (UME) 4*64kB (UM) 6*128kB (UME) 7*256kB (UME) 6*512kB (UME) 4*1024kB (UME) 4*2048kB (UME) 731*4096kB (UM) = 3012768kB Normal: 5*4kB (ME) 4*8kB (UE) 21*16kB (E) 6*32kB (U) 2*64kB (U) 4*128kB (UE) 2*256kB (E) 1*512kB (M) 2*1024kB (ME) 2*2048kB (UM) 369*4096kB (U) = 1519812kB 32049 total pagecache pages [ 1506.847436] 0 pages in swap cache [ 1506.847440] Swap cache stats: add 0, delete 0, find 0/0 [ 1506.847442] Free swap = 0kB [ 1506.847444] Total swap = 0kB [ 1506.847447] 1965979 pages RAM [ 1506.847449] 0 pages HighMem/MovableOnly [ 1506.847451] 313627 pages reserved [ 1506.848262] syz-executor.1: vmalloc: allocation failure: 0 bytes, mode:0x24000c2(GFP_KERNEL|__GFP_HIGHMEM) [ 1506.848287] CPU: 0 PID: 29466 Comm: syz-executor.1 Not tainted 4.9.194+ #0 [ 1506.848305] ffff880130e27968 ffffffff81b67001 1ffff100261c4f2f ffff8801300b8000 [ 1506.848318] ffffffff82aab4e0 0000000000000001 0000000000400000 ffff880130e27a90 [ 1506.848331] ffffffff815080fc 0000000041b58ab3 ffffffff82e3bc80 ffffffff81431d00 [ 1506.848334] Call Trace: [ 1506.848347] [<0000000011681f42>] dump_stack+0xc1/0x120 [ 1506.848360] [<000000007c2097d2>] warn_alloc.cold+0x76/0x93 [ 1506.848372] [<00000000de19d6ac>] ? zone_watermark_ok_safe+0x260/0x260 [ 1506.848380] [<00000000298d54b5>] ? avc_has_perm+0x164/0x3a0 [ 1506.848390] [<000000005cb91349>] __vmalloc_node_range+0x368/0x610 [ 1506.848400] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1506.848408] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1506.848417] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1506.848427] [<00000000a2fc1867>] ? task_has_security+0x130/0x270 [ 1506.848433] [<00000000a2870fb6>] vmalloc+0x5c/0x70 [ 1506.848440] [<000000009122b07a>] ? sel_write_load+0x119/0xf60 [ 1506.848446] [<000000009122b07a>] sel_write_load+0x119/0xf60 [ 1506.848455] [<000000007028393f>] ? mark_held_locks+0xb1/0x100 [ 1506.848462] [<0000000014953e9a>] ? sel_read_bool+0x240/0x240 [ 1506.848470] [<00000000c0218928>] ? trace_hardirqs_on_caller+0x385/0x5a0 [ 1506.848480] [<00000000442ab0de>] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 1506.848489] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1506.848497] [<00000000b9229046>] ? retint_kernel+0x2d/0x2d [ 1506.848505] [<000000008431afd9>] __vfs_write+0x116/0x560 [ 1506.848511] [<0000000014953e9a>] ? sel_read_bool+0x240/0x240 [ 1506.848518] [<00000000b67253ca>] ? __vfs_read+0x550/0x550 [ 1506.848527] [<000000008fb09bfa>] ? __sanitizer_cov_trace_pc+0x48/0x50 [ 1506.848536] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1506.848545] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1506.848554] [<00000000ad48bf15>] ? rcu_read_lock_sched_held+0x10b/0x130 [ 1506.848562] [<00000000a3300644>] ? rcu_sync_lockdep_assert+0x73/0xb0 [ 1506.848570] [<000000003542cfd2>] ? __sb_start_write+0x161/0x310 [ 1506.848577] [<000000006a657c39>] vfs_write+0x185/0x520 [ 1506.848584] [<00000000896b6640>] SyS_write+0x121/0x270 [ 1506.848591] [<0000000039622e10>] ? SyS_read+0x270/0x270 [ 1506.848597] [<00000000207ed57a>] ? do_syscall_64+0x4a/0x5c0 [ 1506.848605] [<0000000039622e10>] ? SyS_read+0x270/0x270 [ 1506.848630] [<000000009049c43c>] do_syscall_64+0x1ad/0x5c0 [ 1506.848641] [<00000000880b3aee>] entry_SYSCALL_64_after_swapgs+0x5d/0xdb [ 1506.848660] Mem-Info: [ 1506.848723] active_anon:189690 inactive_anon:40 isolated_anon:0 [ 1506.848723] active_file:12662 inactive_file:19334 isolated_file:0 [ 1506.848723] unevictable:1 dirty:115 writeback:0 unstable:0 [ 1506.848723] slab_reclaimable:8876 slab_unreclaimable:100636 [ 1506.848723] mapped:59368 shmem:56 pagetables:77578 bounce:0 [ 1506.848723] free:1133145 free_pcp:538 free_cma:0 [ 1506.848752] Node 0 active_anon:758760kB inactive_anon:160kB active_file:50648kB inactive_file:77336kB unevictable:4kB isolated(anon):0kB isolated(file):0kB mapped:237472kB dirty:460kB writeback:0kB shmem:224kB writeback_tmp:0kB unstable:0kB pages_scanned:0 all_unreclaimable? no [ 1506.848784] DMA32 free:3012768kB min:4696kB low:7712kB high:10728kB active_anon:8kB inactive_anon:0kB active_file:4kB inactive_file:0kB unevictable:0kB writepending:0kB present:3145324kB managed:3020092kB mlocked:0kB slab_reclaimable:72kB slab_unreclaimable:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:1232kB local_pcp:588kB free_cma:0kB lowmem_reserve[]: 0 3505 3505 [ 1506.848874] Normal free:1519812kB min:5580kB low:9168kB high:12756kB active_anon:758752kB inactive_anon:160kB active_file:50644kB inactive_file:77336kB unevictable:4kB writepending:460kB present:4718592kB managed:3589316kB mlocked:4kB slab_reclaimable:35432kB slab_unreclaimable:402544kB kernel_stack:98624kB pagetables:310312kB bounce:0kB free_pcp:916kB local_pcp:560kB free_cma:0kB lowmem_reserve[]: 0 0 0 [ 1506.849105] DMA32: 12*4kB (UM) 12*8kB (UME) 7*16kB (UME) 5*32kB (UME) 4*64kB (UM) 6*128kB (UME) 7*256kB (UME) 6*512kB (UME) 4*1024kB (UME) 4*2048kB (UME) 731*4096kB (UM) = 3012768kB Normal: 5*4kB (ME) 4*8kB (UE) 21*16kB (E) 6*32kB (U) 2*64kB (U) 4*128kB (UE) 2*256kB (E) 1*512kB (M) 2*1024kB (ME) 2*2048kB (UM) 369*4096kB (U) = 1519812kB 32049 total pagecache pages [ 1506.849351] 0 pages in swap cache [ 1506.849364] Swap cache stats: add 0, delete 0, find 0/0 [ 1506.849371] Free swap = 0kB [ 1506.849382] Total swap = 0kB [ 1506.849385] 1965979 pages RAM [ 1506.849390] 0 pages HighMem/MovableOnly [ 1506.849401] 313627 pages reserved [ 1506.850141] syz-executor.3: vmalloc: allocation failure: 0 bytes, mode:0x24000c2(GFP_KERNEL|__GFP_HIGHMEM) [ 1506.850152] CPU: 0 PID: 29482 Comm: syz-executor.3 Not tainted 4.9.194+ #0 [ 1506.850174] ffff88013758f968 ffffffff81b67001 1ffff10026eb1f2f ffff88019e872f80 [ 1506.850194] ffffffff82aab4e0 0000000000000001 0000000000400000 ffff88013758fa90 [ 1506.850206] ffffffff815080fc 0000000041b58ab3 ffffffff82e3bc80 ffffffff81431d00 [ 1506.850207] Call Trace: [ 1506.850220] [<0000000011681f42>] dump_stack+0xc1/0x120 [ 1506.850230] [<000000007c2097d2>] warn_alloc.cold+0x76/0x93 [ 1506.850240] [<00000000de19d6ac>] ? zone_watermark_ok_safe+0x260/0x260 [ 1506.850249] [<00000000298d54b5>] ? avc_has_perm+0x164/0x3a0 [ 1506.850259] [<000000005cb91349>] __vmalloc_node_range+0x368/0x610 [ 1506.850269] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1506.850278] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1506.850287] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1506.850296] [<00000000a2fc1867>] ? task_has_security+0x130/0x270 [ 1506.850303] [<00000000a2870fb6>] vmalloc+0x5c/0x70 [ 1506.850310] [<000000009122b07a>] ? sel_write_load+0x119/0xf60 [ 1506.850317] [<000000009122b07a>] sel_write_load+0x119/0xf60 [ 1506.850325] [<0000000014953e9a>] ? sel_read_bool+0x240/0x240 [ 1506.850335] [<0000000033795d1e>] ? trace_hardirqs_on+0x10/0x10 [ 1506.850342] [<000000008431afd9>] __vfs_write+0x116/0x560 [ 1506.850349] [<0000000014953e9a>] ? sel_read_bool+0x240/0x240 [ 1506.850356] [<00000000b67253ca>] ? __vfs_read+0x550/0x550 [ 1506.850364] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1506.850373] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1506.850381] [<00000000ad48bf15>] ? rcu_read_lock_sched_held+0x10b/0x130 [ 1506.850389] [<00000000a3300644>] ? rcu_sync_lockdep_assert+0x73/0xb0 [ 1506.850397] [<000000003542cfd2>] ? __sb_start_write+0x161/0x310 [ 1506.850404] [<000000006a657c39>] vfs_write+0x185/0x520 [ 1506.850412] [<00000000896b6640>] SyS_write+0x121/0x270 [ 1506.850419] [<0000000039622e10>] ? SyS_read+0x270/0x270 [ 1506.850427] [<00000000207ed57a>] ? do_syscall_64+0x4a/0x5c0 [ 1506.850434] [<0000000039622e10>] ? SyS_read+0x270/0x270 [ 1506.850440] [<000000009049c43c>] do_syscall_64+0x1ad/0x5c0 [ 1506.850449] [<00000000880b3aee>] entry_SYSCALL_64_after_swapgs+0x5d/0xdb [ 1506.850452] Mem-Info: [ 1506.850472] active_anon:189690 inactive_anon:40 isolated_anon:0 [ 1506.850472] active_file:12662 inactive_file:19334 isolated_file:0 [ 1506.850472] unevictable:1 dirty:115 writeback:0 unstable:0 [ 1506.850472] slab_reclaimable:8876 slab_unreclaimable:100636 [ 1506.850472] mapped:59368 shmem:56 pagetables:77578 bounce:0 [ 1506.850472] free:1133145 free_pcp:534 free_cma:0 [ 1506.850487] Node 0 active_anon:758760kB inactive_anon:160kB active_file:50648kB inactive_file:77336kB unevictable:4kB isolated(anon):0kB isolated(file):0kB mapped:237472kB dirty:460kB writeback:0kB shmem:224kB writeback_tmp:0kB unstable:0kB pages_scanned:0 all_unreclaimable? no [ 1506.850506] DMA32 free:3012768kB min:4696kB low:7712kB high:10728kB active_anon:8kB inactive_anon:0kB active_file:4kB inactive_file:0kB unevictable:0kB writepending:0kB present:3145324kB managed:3020092kB mlocked:0kB slab_reclaimable:72kB slab_unreclaimable:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:1232kB local_pcp:588kB free_cma:0kB lowmem_reserve[]: 0 3505 3505 [ 1506.850532] Normal free:1519812kB min:5580kB low:9168kB high:12756kB active_anon:758752kB inactive_anon:160kB active_file:50644kB inactive_file:77336kB unevictable:4kB writepending:460kB present:4718592kB managed:3589316kB mlocked:4kB slab_reclaimable:35432kB slab_unreclaimable:402544kB kernel_stack:98592kB pagetables:310312kB bounce:0kB free_pcp:904kB local_pcp:560kB free_cma:0kB lowmem_reserve[]: 0 0 0 [ 1506.850592] DMA32: 12*4kB (UM) 12*8kB (UME) 7*16kB (UME) 5*32kB (UME) 4*64kB (UM) 6*128kB (UME) 7*256kB (UME) 6*512kB (UME) 4*1024kB (UME) 4*2048kB (UME) 731*4096kB (UM) = 3012768kB Normal: 5*4kB (ME) 4*8kB (UE) 21*16kB (E) 7*32kB (U) 2*64kB (U) 4*128kB (UE) 2*256kB (E) 1*512kB (M) 2*1024kB (ME) 2*2048kB (UM) 369*4096kB (U) = 1519844kB 32049 total pagecache pages [ 1506.850648] 0 pages in swap cache [ 1506.850652] Swap cache stats: add 0, delete 0, find 0/0 [ 1506.850654] Free swap = 0kB [ 1506.850656] Total swap = 0kB [ 1506.850658] 1965979 pages RAM [ 1506.850660] 0 pages HighMem/MovableOnly [ 1506.850662] 313627 pages reserved [ 1506.850724] syz-executor.0: vmalloc: allocation failure: 0 bytes, mode:0x24000c2(GFP_KERNEL|__GFP_HIGHMEM) [ 1506.850734] CPU: 1 PID: 29481 Comm: syz-executor.0 Not tainted 4.9.194+ #0 [ 1506.850751] ffff8801347c7968 ffffffff81b67001 1ffff100268f8f2f ffff8801b12fc740 [ 1506.850764] ffffffff82aab4e0 0000000000000001 0000000000400000 ffff8801347c7a90 [ 1506.850776] ffffffff815080fc 0000000041b58ab3 ffffffff82e3bc80 ffffffff81431d00 [ 1506.850778] Call Trace: [ 1506.850787] [<0000000011681f42>] dump_stack+0xc1/0x120 [ 1506.850799] [<000000007c2097d2>] warn_alloc.cold+0x76/0x93 [ 1506.850808] [<00000000de19d6ac>] ? zone_watermark_ok_safe+0x260/0x260 [ 1506.850814] [<00000000298d54b5>] ? avc_has_perm+0x164/0x3a0 [ 1506.850823] [<000000005cb91349>] __vmalloc_node_range+0x368/0x610 [ 1506.850831] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1506.850838] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1506.850847] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1506.850855] [<00000000a2fc1867>] ? task_has_security+0x130/0x270 [ 1506.850861] [<00000000a2870fb6>] vmalloc+0x5c/0x70 [ 1506.850866] [<000000009122b07a>] ? sel_write_load+0x119/0xf60 [ 1506.850872] [<000000009122b07a>] sel_write_load+0x119/0xf60 [ 1506.850879] [<0000000014953e9a>] ? sel_read_bool+0x240/0x240 [ 1506.850887] [<0000000033795d1e>] ? trace_hardirqs_on+0x10/0x10 [ 1506.850893] [<000000008431afd9>] __vfs_write+0x116/0x560 [ 1506.850900] [<0000000014953e9a>] ? sel_read_bool+0x240/0x240 [ 1506.850906] [<00000000b67253ca>] ? __vfs_read+0x550/0x550 [ 1506.850914] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1506.850922] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1506.850931] [<00000000ad48bf15>] ? rcu_read_lock_sched_held+0x10b/0x130 [ 1506.850938] [<00000000a3300644>] ? rcu_sync_lockdep_assert+0x73/0xb0 [ 1506.850945] [<000000003542cfd2>] ? __sb_start_write+0x161/0x310 [ 1506.850952] [<000000006a657c39>] vfs_write+0x185/0x520 [ 1506.850959] [<00000000896b6640>] SyS_write+0x121/0x270 [ 1506.850966] [<0000000039622e10>] ? SyS_read+0x270/0x270 [ 1506.850974] [<00000000207ed57a>] ? do_syscall_64+0x4a/0x5c0 [ 1506.850981] [<0000000039622e10>] ? SyS_read+0x270/0x270 [ 1506.850987] [<000000009049c43c>] do_syscall_64+0x1ad/0x5c0 [ 1506.850996] [<00000000880b3aee>] entry_SYSCALL_64_after_swapgs+0x5d/0xdb [ 1506.850998] Mem-Info: [ 1506.851015] active_anon:189690 inactive_anon:40 isolated_anon:0 [ 1506.851015] active_file:12662 inactive_file:19334 isolated_file:0 [ 1506.851015] unevictable:1 dirty:115 writeback:0 unstable:0 [ 1506.851015] slab_reclaimable:8876 slab_unreclaimable:100636 [ 1506.851015] mapped:59368 shmem:56 pagetables:77578 bounce:0 [ 1506.851015] free:1133145 free_pcp:534 free_cma:0 [ 1506.851028] Node 0 active_anon:758760kB inactive_anon:160kB active_file:50648kB inactive_file:77336kB unevictable:4kB isolated(anon):0kB isolated(file):0kB mapped:237472kB dirty:460kB writeback:0kB shmem:224kB writeback_tmp:0kB unstable:0kB pages_scanned:0 all_unreclaimable? no [ 1506.851045] DMA32 free:3012768kB min:4696kB low:7712kB high:10728kB active_anon:8kB inactive_anon:0kB active_file:4kB inactive_file:0kB unevictable:0kB writepending:0kB present:3145324kB managed:3020092kB mlocked:0kB slab_reclaimable:72kB slab_unreclaimable:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:1232kB local_pcp:644kB free_cma:0kB lowmem_reserve[]: 0 3505 3505 22:11:00 executing program 1: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x13102000ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket(0x0, 0x0, 0x0) poll(0x0, 0x0, 0x8000000000000200) socketpair(0x10, 0x0, 0xfe, &(0x7f0000000180)) r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$TIOCLINUX4(r1, 0x541c, 0x0) dup2(r0, 0xffffffffffffffff) r2 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r3, &(0x7f0000000300)=ANY=[], 0x0) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x21) wait4(0x0, 0x0, 0x0, 0x0) syz_open_pts(r0, 0x0) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0xf, &(0x7f00009abffc)=0x5, 0x4) 22:11:00 executing program 3: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket(0x0, 0x0, 0x8) poll(0x0, 0x0, 0x0) creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$TIOCLINUX4(0xffffffffffffffff, 0x541c, &(0x7f0000000040)) r0 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r1, &(0x7f0000000300)=ANY=[@ANYBLOB], 0x0) ptrace$setopts(0x4206, 0x0, 0x0, 0x0) tkill(r0, 0x21) wait4(0x0, 0x0, 0x0, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x10000, 0x0, 0x15}) syz_open_pts(0xffffffffffffffff, 0x0) 22:11:00 executing program 2: 22:11:00 executing program 5: 22:11:00 executing program 0: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) socket(0x0, 0x0, 0x8) poll(0x0, 0x0, 0x8000000000000200) socketpair(0x10, 0x0, 0x0, 0x0) creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$TIOCLINUX4(0xffffffffffffffff, 0x541c, 0x0) r0 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(0xffffffffffffffff, &(0x7f0000000300)=ANY=[@ANYBLOB], 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x21) wait4(0x0, 0x0, 0x0, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x10000, 0x0, 0x15}) syz_open_pts(0xffffffffffffffff, 0x0) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000540)='/dev/vga_arbiter\x00', 0x511441, 0x0) 22:11:00 executing program 4: perf_event_open(0x0, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) socket(0x0, 0x0, 0x8) poll(0x0, 0x0, 0x8000000000000200) creat(&(0x7f00000000c0)='./file0\x00', 0x0) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r0, &(0x7f0000000300)=ANY=[], 0x0) ptrace$setopts(0xffffffffffffffff, 0x0, 0x0, 0x0) wait4(0x0, 0x0, 0x0, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x10000, 0x0, 0x15}) 22:11:00 executing program 2: [ 1506.851071] Normal free:1519812kB min:5580kB low:9168kB high:12756kB active_anon:758752kB inactive_anon:160kB active_file:50644kB inactive_file:77336kB unevictable:4kB writepending:460kB present:4718592kB managed:3589316kB mlocked:4kB slab_reclaimable:35432kB slab_unreclaimable:402544kB kernel_stack:98560kB pagetables:310312kB bounce:0kB free_pcp:904kB local_pcp:344kB free_cma:0kB 22:11:00 executing program 5: 22:11:00 executing program 3: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket(0x0, 0x0, 0x8) poll(0x0, 0x0, 0x0) creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$TIOCLINUX4(0xffffffffffffffff, 0x541c, &(0x7f0000000040)) r0 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r1, &(0x7f0000000300)=ANY=[@ANYBLOB], 0x0) ptrace$setopts(0x4206, 0x0, 0x0, 0x0) tkill(r0, 0x21) wait4(0x0, 0x0, 0x0, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x10000, 0x0, 0x15}) syz_open_pts(0xffffffffffffffff, 0x0) 22:11:00 executing program 1: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x13102000ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket(0x0, 0x0, 0x0) poll(0x0, 0x0, 0x8000000000000200) socketpair(0x10, 0x0, 0xfe, &(0x7f0000000180)) r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$TIOCLINUX4(r1, 0x541c, &(0x7f0000000040)) dup2(0xffffffffffffffff, 0xffffffffffffffff) r2 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r3, &(0x7f0000000300)=ANY=[], 0x0) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x21) wait4(0x0, 0x0, 0x0, 0x0) syz_open_pts(r0, 0x0) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0xf, &(0x7f00009abffc)=0x5, 0x4) lowmem_reserve[]: 0 0 0 [ 1506.851130] DMA32: 12*4kB (UM) 12*8kB (UME) 7*16kB (UME) 5*32kB (UME) 4*64kB (UM) 6*128kB (UME) 7*256kB (UME) 6*512kB (UME) 4*1024kB (UME) 4*2048kB (UME) 731*4096kB (UM) = 3012768kB Normal: 5*4kB (ME) 4*8kB (UE) 21*16kB (E) 8*32kB (U) 2*64kB (U) 4*128kB (UE) 2*256kB (E) 1*512kB (M) 2*1024kB (ME) 2*2048kB (UM) 369*4096kB (U) = 1519876kB 22:11:00 executing program 5: 32049 total pagecache pages [ 1506.851184] 0 pages in swap cache [ 1506.851189] Swap cache stats: add 0, delete 0, find 0/0 [ 1506.851191] Free swap = 0kB 22:11:00 executing program 3: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket(0x0, 0x0, 0x8) poll(0x0, 0x0, 0x0) creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$TIOCLINUX4(0xffffffffffffffff, 0x541c, &(0x7f0000000040)) r0 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r1, &(0x7f0000000300)=ANY=[@ANYBLOB], 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(0x0, 0x21) wait4(0x0, 0x0, 0x0, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x10000, 0x0, 0x15}) syz_open_pts(0xffffffffffffffff, 0x0) [ 1506.851193] Total swap = 0kB 22:11:00 executing program 2: [ 1506.851195] 1965979 pages RAM [ 1506.851197] 0 pages HighMem/MovableOnly [ 1506.851199] 313627 pages reserved [ 1507.096458] syz-executor.2: vmalloc: allocation failure: 0 bytes, mode:0x24000c2(GFP_KERNEL|__GFP_HIGHMEM) [ 1507.096480] CPU: 1 PID: 29491 Comm: syz-executor.2 Not tainted 4.9.194+ #0 [ 1507.096496] ffff88012b9ff968 ffffffff81b67001 1ffff1002573ff2f ffff8801344cc740 22:11:00 executing program 5: [ 1507.096507] ffffffff82aab4e0 0000000000000001 0000000000400000 ffff88012b9ffa90 [ 1507.096519] ffffffff815080fc 0000000041b58ab3 ffffffff82e3bc80 ffffffff81431d00 22:11:00 executing program 2: [ 1507.096521] Call Trace: [ 1507.096538] [<0000000011681f42>] dump_stack+0xc1/0x120 [ 1507.096559] [<000000007c2097d2>] warn_alloc.cold+0x76/0x93 [ 1507.096570] [<00000000de19d6ac>] ? zone_watermark_ok_safe+0x260/0x260 22:11:00 executing program 3: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket(0x0, 0x0, 0x8) poll(0x0, 0x0, 0x0) creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$TIOCLINUX4(0xffffffffffffffff, 0x541c, &(0x7f0000000040)) r0 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r1, &(0x7f0000000300)=ANY=[@ANYBLOB], 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(0x0, 0x21) wait4(0x0, 0x0, 0x0, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x10000, 0x0, 0x15}) syz_open_pts(0xffffffffffffffff, 0x0) [ 1507.096583] [<00000000c0218928>] ? trace_hardirqs_on_caller+0x385/0x5a0 [ 1507.096594] [<00000000442ab0de>] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 1507.096603] [<000000005cb91349>] __vmalloc_node_range+0x368/0x610 22:11:00 executing program 0: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) socket(0x0, 0x0, 0x8) poll(0x0, 0x0, 0x8000000000000200) socketpair(0x10, 0x0, 0x0, 0x0) creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$TIOCLINUX4(0xffffffffffffffff, 0x541c, 0x0) r0 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r1, 0x0, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x21) wait4(0x0, 0x0, 0x0, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x10000, 0x0, 0x15}) syz_open_pts(0xffffffffffffffff, 0x0) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000540)='/dev/vga_arbiter\x00', 0x511441, 0x0) [ 1507.096609] [<00000000a2870fb6>] vmalloc+0x5c/0x70 [ 1507.096618] [<000000009122b07a>] ? sel_write_load+0x119/0xf60 22:11:00 executing program 4: perf_event_open(0x0, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) socket(0x0, 0x0, 0x8) poll(0x0, 0x0, 0x8000000000000200) creat(&(0x7f00000000c0)='./file0\x00', 0x0) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r0, &(0x7f0000000300)=ANY=[], 0x0) ptrace$setopts(0xffffffffffffffff, 0x0, 0x0, 0x0) wait4(0x0, 0x0, 0x0, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x10000, 0x0, 0x15}) 22:11:00 executing program 2: r0 = socket$inet6(0xa, 0x80003, 0x6b) ioctl(r0, 0x1000008912, &(0x7f00000001c0)="0815b5055e0bcfe87b3071") r1 = socket$inet_udplite(0x2, 0x2, 0x88) setsockopt$IPT_SO_SET_REPLACE(r1, 0x0, 0x40, &(0x7f0000000200)=@filter={'filter\x00', 0xe, 0x4, 0x2d8, 0x1f8, 0x0, 0x1f8, 0x110, 0x0, 0x2e0, 0x2e0, 0x2e0, 0x2e0, 0x2e0, 0x4, 0x0, {[{{@uncond, 0x0, 0x98, 0xc0}, @REJECT={0x28, 'REJECT\x00'}}, {{@uncond, 0x0, 0x98, 0xc0}, @REJECT={0x28, 'REJECT\x00'}}, {{@uncond, 0x0, 0x98, 0xc0}, @REJECT={0x28, 'REJECT\x00'}}], {{[], 0x0, 0x70, 0x98}, {0x28}}}}, 0x338) [ 1507.096625] [<000000009122b07a>] sel_write_load+0x119/0xf60 [ 1507.096633] [<00000000c0218928>] ? trace_hardirqs_on_caller+0x385/0x5a0 [ 1507.096640] [<0000000014953e9a>] ? sel_read_bool+0x240/0x240 22:11:00 executing program 5: r0 = socket$inet6(0xa, 0x80003, 0x6b) ioctl(r0, 0x1000008912, &(0x7f00000001c0)="0815b5055e0bcfe87b3071") socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000000)={0xffffffffffffffff}) bind$unix(r1, &(0x7f0000000140)=@abs={0x1}, 0x6e) [ 1507.096649] [<00000000b9229046>] ? retint_kernel+0x2d/0x2d [ 1507.096655] [<0000000014953e9a>] ? sel_read_bool+0x240/0x240 [ 1507.096665] [<000000008431afd9>] __vfs_write+0x116/0x560 22:11:01 executing program 3: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket(0x0, 0x0, 0x8) poll(0x0, 0x0, 0x0) creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$TIOCLINUX4(0xffffffffffffffff, 0x541c, &(0x7f0000000040)) r0 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r1, &(0x7f0000000300)=ANY=[@ANYBLOB], 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(0x0, 0x21) wait4(0x0, 0x0, 0x0, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x10000, 0x0, 0x15}) syz_open_pts(0xffffffffffffffff, 0x0) [ 1507.096671] [<0000000014953e9a>] ? sel_read_bool+0x240/0x240 [ 1507.096678] [<00000000b67253ca>] ? __vfs_read+0x550/0x550 [ 1507.096688] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1507.096696] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1507.096705] [<00000000ad48bf15>] ? rcu_read_lock_sched_held+0x10b/0x130 [ 1507.096713] [<00000000a3300644>] ? rcu_sync_lockdep_assert+0x73/0xb0 [ 1507.096722] [<000000003542cfd2>] ? __sb_start_write+0x161/0x310 [ 1507.096729] [<000000006a657c39>] vfs_write+0x185/0x520 [ 1507.096736] [<00000000896b6640>] SyS_write+0x121/0x270 [ 1507.096743] [<0000000039622e10>] ? SyS_read+0x270/0x270 [ 1507.096750] [<00000000f04f2f77>] ? SyS_open+0x40/0x40 [ 1507.096756] [<00000000207ed57a>] ? do_syscall_64+0x4a/0x5c0 [ 1507.096763] [<0000000039622e10>] ? SyS_read+0x270/0x270 [ 1507.096770] [<000000009049c43c>] do_syscall_64+0x1ad/0x5c0 [ 1507.096779] [<00000000880b3aee>] entry_SYSCALL_64_after_swapgs+0x5d/0xdb [ 1507.096800] Mem-Info: [ 1507.096863] active_anon:189765 inactive_anon:40 isolated_anon:0 [ 1507.096863] active_file:12662 inactive_file:19334 isolated_file:0 [ 1507.096863] unevictable:1 dirty:115 writeback:0 unstable:0 [ 1507.096863] slab_reclaimable:8876 slab_unreclaimable:100719 [ 1507.096863] mapped:59368 shmem:56 pagetables:77652 bounce:0 [ 1507.096863] free:1132925 free_pcp:456 free_cma:0 [ 1507.096901] Node 0 active_anon:759060kB inactive_anon:160kB active_file:50648kB inactive_file:77336kB unevictable:4kB isolated(anon):0kB isolated(file):0kB mapped:237472kB dirty:460kB writeback:0kB shmem:224kB writeback_tmp:0kB unstable:0kB pages_scanned:0 all_unreclaimable? no [ 1507.096969] DMA32 free:3012768kB min:4696kB low:7712kB high:10728kB active_anon:8kB inactive_anon:0kB active_file:4kB inactive_file:0kB unevictable:0kB writepending:0kB present:3145324kB managed:3020092kB mlocked:0kB slab_reclaimable:72kB slab_unreclaimable:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:1232kB local_pcp:644kB free_cma:0kB lowmem_reserve[]: 0 3505 3505 [ 1507.097071] Normal free:1518932kB min:5580kB low:9168kB high:12756kB active_anon:759052kB inactive_anon:160kB active_file:50644kB inactive_file:77336kB unevictable:4kB writepending:460kB present:4718592kB managed:3589316kB mlocked:4kB slab_reclaimable:35432kB slab_unreclaimable:402876kB kernel_stack:98752kB pagetables:310608kB bounce:0kB free_pcp:592kB local_pcp:292kB free_cma:0kB lowmem_reserve[]: 0 0 0 [ 1507.097374] DMA32: 12*4kB (UM) 12*8kB (UME) 7*16kB (UME) 5*32kB (UME) 4*64kB (UM) 6*128kB (UME) 7*256kB (UME) 6*512kB (UME) 4*1024kB (UME) 4*2048kB (UME) 731*4096kB (UM) = 3012768kB Normal: 5*4kB (UE) 4*8kB (ME) 22*16kB (UE) 0*32kB 2*64kB (U) 4*128kB (ME) 3*256kB (ME) 1*512kB (U) 3*1024kB (UME) 1*2048kB (M) 369*4096kB (U) = 1518868kB 32049 total pagecache pages [ 1507.097624] 0 pages in swap cache [ 1507.097648] Swap cache stats: add 0, delete 0, find 0/0 [ 1507.097664] Free swap = 0kB [ 1507.097685] Total swap = 0kB [ 1507.097697] 1965979 pages RAM [ 1507.097705] 0 pages HighMem/MovableOnly [ 1507.097716] 313627 pages reserved [ 1507.146987] syz-executor.1: vmalloc: allocation failure: 0 bytes, mode:0x24000c2(GFP_KERNEL|__GFP_HIGHMEM) [ 1507.147011] CPU: 1 PID: 29498 Comm: syz-executor.1 Not tainted 4.9.194+ #0 [ 1507.147024] ffff88013b1ef968 ffffffff81b67001 1ffff1002763df2f ffff88013037af80 [ 1507.147036] ffffffff82aab4e0 0000000000000001 0000000000400000 ffff88013b1efa90 [ 1507.147046] ffffffff815080fc 0000000041b58ab3 ffffffff82e3bc80 ffffffff81431d00 [ 1507.147048] Call Trace: [ 1507.147067] [<0000000011681f42>] dump_stack+0xc1/0x120 [ 1507.147080] [<000000007c2097d2>] warn_alloc.cold+0x76/0x93 [ 1507.147090] [<00000000de19d6ac>] ? zone_watermark_ok_safe+0x260/0x260 [ 1507.147099] [<00000000298d54b5>] ? avc_has_perm+0x164/0x3a0 [ 1507.147109] [<000000005cb91349>] __vmalloc_node_range+0x368/0x610 [ 1507.147120] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1507.147131] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1507.147145] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1507.147155] [<00000000a2fc1867>] ? task_has_security+0x130/0x270 [ 1507.147162] [<00000000a2870fb6>] vmalloc+0x5c/0x70 [ 1507.147169] [<000000009122b07a>] ? sel_write_load+0x119/0xf60 [ 1507.147176] [<000000009122b07a>] sel_write_load+0x119/0xf60 [ 1507.147183] [<0000000014953e9a>] ? sel_read_bool+0x240/0x240 [ 1507.147193] [<00000000b9229046>] ? retint_kernel+0x2d/0x2d [ 1507.147202] [<00000000c0218928>] ? trace_hardirqs_on_caller+0x385/0x5a0 [ 1507.147212] [<00000000442ab0de>] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 1507.147220] [<000000008431afd9>] __vfs_write+0x116/0x560 [ 1507.147227] [<0000000014953e9a>] ? sel_read_bool+0x240/0x240 [ 1507.147235] [<00000000b67253ca>] ? __vfs_read+0x550/0x550 [ 1507.147244] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1507.147252] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1507.147262] [<00000000ad48bf15>] ? rcu_read_lock_sched_held+0x10b/0x130 [ 1507.147269] [<00000000a3300644>] ? rcu_sync_lockdep_assert+0x73/0xb0 [ 1507.147279] [<000000003542cfd2>] ? __sb_start_write+0x161/0x310 [ 1507.147286] [<000000006a657c39>] vfs_write+0x185/0x520 [ 1507.147293] [<00000000896b6640>] SyS_write+0x121/0x270 [ 1507.147301] [<0000000039622e10>] ? SyS_read+0x270/0x270 [ 1507.147308] [<00000000207ed57a>] ? do_syscall_64+0x4a/0x5c0 [ 1507.147315] [<0000000039622e10>] ? SyS_read+0x270/0x270 [ 1507.147322] [<000000009049c43c>] do_syscall_64+0x1ad/0x5c0 [ 1507.147331] [<00000000880b3aee>] entry_SYSCALL_64_after_swapgs+0x5d/0xdb [ 1507.147355] Mem-Info: [ 1507.147391] active_anon:189790 inactive_anon:40 isolated_anon:0 [ 1507.147391] active_file:12662 inactive_file:19334 isolated_file:0 [ 1507.147391] unevictable:1 dirty:115 writeback:0 unstable:0 [ 1507.147391] slab_reclaimable:8876 slab_unreclaimable:100690 [ 1507.147391] mapped:59393 shmem:56 pagetables:77726 bounce:0 [ 1507.147391] free:1132863 free_pcp:440 free_cma:0 [ 1507.147435] Node 0 active_anon:759160kB inactive_anon:160kB active_file:50648kB inactive_file:77336kB unevictable:4kB isolated(anon):0kB isolated(file):0kB mapped:237572kB dirty:460kB writeback:0kB shmem:224kB writeback_tmp:0kB unstable:0kB pages_scanned:0 all_unreclaimable? no [ 1507.147467] DMA32 free:3012768kB min:4696kB low:7712kB high:10728kB active_anon:8kB inactive_anon:0kB active_file:4kB inactive_file:0kB unevictable:0kB writepending:0kB present:3145324kB managed:3020092kB mlocked:0kB slab_reclaimable:72kB slab_unreclaimable:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:1232kB local_pcp:644kB free_cma:0kB lowmem_reserve[]: 0 3505 3505 [ 1507.147578] Normal free:1518684kB min:5580kB low:9168kB high:12756kB active_anon:759152kB inactive_anon:160kB active_file:50644kB inactive_file:77336kB unevictable:4kB writepending:460kB present:4718592kB managed:3589316kB mlocked:4kB slab_reclaimable:35432kB slab_unreclaimable:402760kB kernel_stack:98816kB pagetables:310904kB bounce:0kB free_pcp:528kB local_pcp:116kB free_cma:0kB lowmem_reserve[]: 0 0 0 [ 1507.147847] DMA32: 12*4kB (UM) 12*8kB (UME) 7*16kB (UME) 5*32kB (UME) 4*64kB (UM) 6*128kB (UME) 7*256kB (UME) 6*512kB (UME) 4*1024kB (UME) 4*2048kB (UME) 731*4096kB (UM) = 3012768kB Normal: 5*4kB (ME) 5*8kB (UME) 22*16kB (UE) 1*32kB (U) 0*64kB 3*128kB (E) 3*256kB (ME) 1*512kB (U) 3*1024kB (UME) 1*2048kB (M) 369*4096kB (U) = 1518652kB 32049 total pagecache pages [ 1507.148236] 0 pages in swap cache [ 1507.148250] Swap cache stats: add 0, delete 0, find 0/0 [ 1507.148275] Free swap = 0kB [ 1507.148295] Total swap = 0kB [ 1507.148318] 1965979 pages RAM [ 1507.148330] 0 pages HighMem/MovableOnly [ 1507.148335] 313627 pages reserved [ 1507.598780] SELinux: policydb magic number 0xb3cd2224 does not match expected magic number 0xf97cff8c [ 1507.606087] syz-executor.4: vmalloc: allocation failure: 0 bytes, mode:0x24000c2(GFP_KERNEL|__GFP_HIGHMEM) [ 1507.606098] CPU: 1 PID: 29506 Comm: syz-executor.4 Not tainted 4.9.194+ #0 [ 1507.606117] ffff8801347cf968 ffffffff81b67001 1ffff100268f9f2f ffff8801287caf80 [ 1507.606129] ffffffff82aab4e0 0000000000000001 0000000000400000 ffff8801347cfa90 [ 1507.606141] ffffffff815080fc 0000000041b58ab3 ffffffff82e3bc80 ffffffff81431d00 [ 1507.606144] Call Trace: [ 1507.606164] [<0000000011681f42>] dump_stack+0xc1/0x120 [ 1507.606177] [<000000007c2097d2>] warn_alloc.cold+0x76/0x93 [ 1507.606192] [<00000000de19d6ac>] ? zone_watermark_ok_safe+0x260/0x260 [ 1507.606200] [<00000000298d54b5>] ? avc_has_perm+0x164/0x3a0 [ 1507.606228] [<000000005cb91349>] __vmalloc_node_range+0x368/0x610 [ 1507.606242] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1507.606254] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1507.606266] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1507.606281] [<00000000a2fc1867>] ? task_has_security+0x130/0x270 [ 1507.606290] [<00000000a2870fb6>] vmalloc+0x5c/0x70 [ 1507.606299] [<000000009122b07a>] ? sel_write_load+0x119/0xf60 [ 1507.606309] [<000000009122b07a>] sel_write_load+0x119/0xf60 [ 1507.606318] [<0000000014953e9a>] ? sel_read_bool+0x240/0x240 [ 1507.606329] [<0000000033795d1e>] ? trace_hardirqs_on+0x10/0x10 [ 1507.606337] [<000000008431afd9>] __vfs_write+0x116/0x560 [ 1507.606344] [<0000000014953e9a>] ? sel_read_bool+0x240/0x240 [ 1507.606351] [<00000000b67253ca>] ? __vfs_read+0x550/0x550 [ 1507.606360] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1507.606369] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1507.606378] [<00000000ad48bf15>] ? rcu_read_lock_sched_held+0x10b/0x130 [ 1507.606386] [<00000000a3300644>] ? rcu_sync_lockdep_assert+0x73/0xb0 [ 1507.606394] [<000000003542cfd2>] ? __sb_start_write+0x161/0x310 [ 1507.606401] [<000000006a657c39>] vfs_write+0x185/0x520 [ 1507.606408] [<00000000896b6640>] SyS_write+0x121/0x270 [ 1507.606420] [<0000000039622e10>] ? SyS_read+0x270/0x270 [ 1507.606428] [<00000000207ed57a>] ? do_syscall_64+0x4a/0x5c0 [ 1507.606435] [<0000000039622e10>] ? SyS_read+0x270/0x270 [ 1507.606442] [<000000009049c43c>] do_syscall_64+0x1ad/0x5c0 [ 1507.606453] [<00000000880b3aee>] entry_SYSCALL_64_after_swapgs+0x5d/0xdb [ 1507.606457] Mem-Info: [ 1507.606475] active_anon:189765 inactive_anon:40 isolated_anon:0 [ 1507.606475] active_file:12662 inactive_file:19334 isolated_file:0 [ 1507.606475] unevictable:1 dirty:115 writeback:0 unstable:0 [ 1507.606475] slab_reclaimable:8876 slab_unreclaimable:100715 [ 1507.606475] mapped:59393 shmem:56 pagetables:77652 bounce:0 [ 1507.606475] free:1132932 free_pcp:507 free_cma:0 [ 1507.606493] Node 0 active_anon:759060kB inactive_anon:160kB active_file:50648kB inactive_file:77336kB unevictable:4kB isolated(anon):0kB isolated(file):0kB mapped:237572kB dirty:460kB writeback:0kB shmem:224kB writeback_tmp:0kB unstable:0kB pages_scanned:0 all_unreclaimable? no [ 1507.606529] DMA32 free:3012768kB min:4696kB low:7712kB high:10728kB active_anon:8kB inactive_anon:0kB active_file:4kB inactive_file:0kB unevictable:0kB writepending:0kB present:3145324kB managed:3020092kB mlocked:0kB slab_reclaimable:72kB slab_unreclaimable:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:1232kB local_pcp:644kB free_cma:0kB lowmem_reserve[]: 0 3505 3505 [ 1507.606558] Normal free:1518960kB min:5580kB low:9168kB high:12756kB active_anon:759052kB inactive_anon:160kB active_file:50644kB inactive_file:77336kB unevictable:4kB writepending:460kB present:4718592kB managed:3589316kB mlocked:4kB slab_reclaimable:35432kB slab_unreclaimable:402860kB kernel_stack:98592kB pagetables:310608kB bounce:0kB free_pcp:796kB local_pcp:176kB free_cma:0kB lowmem_reserve[]: 0 0 0 [ 1507.606624] DMA32: 12*4kB (UM) 12*8kB (UME) 7*16kB (UME) 5*32kB (UME) 4*64kB (UM) 6*128kB (UME) 7*256kB (UME) 6*512kB (UME) 4*1024kB (UME) 4*2048kB (UME) 731*4096kB (UM) = 3012768kB Normal: 67*4kB (UME) 17*8kB (UME) 24*16kB (UME) 4*32kB (U) 1*64kB (U) 5*128kB (UME) 3*256kB (UE) 0*512kB 3*1024kB (UME) 1*2048kB (M) 369*4096kB (U) = 1518932kB 32049 total pagecache pages [ 1507.606682] 0 pages in swap cache [ 1507.606687] Swap cache stats: add 0, delete 0, find 0/0 [ 1507.606689] Free swap = 0kB [ 1507.606691] Total swap = 0kB [ 1507.606693] 1965979 pages RAM [ 1507.606695] 0 pages HighMem/MovableOnly [ 1507.606702] 313627 pages reserved [ 1507.800415] syz-executor.2: vmalloc: allocation failure: 0 bytes, mode:0x24000c2(GFP_KERNEL|__GFP_HIGHMEM) [ 1507.800477] CPU: 1 PID: 29521 Comm: syz-executor.2 Not tainted 4.9.194+ #0 [ 1507.800495] ffff88013a877968 ffffffff81b67001 1ffff1002750ef2f ffff8801378cc740 [ 1507.800508] ffffffff82aab4e0 0000000000000001 0000000000400000 ffff88013a877a90 [ 1507.800520] ffffffff815080fc 0000000041b58ab3 ffffffff82e3bc80 ffffffff81431d00 [ 1507.800522] Call Trace: [ 1507.800539] [<0000000011681f42>] dump_stack+0xc1/0x120 [ 1507.800556] [<000000007c2097d2>] warn_alloc.cold+0x76/0x93 [ 1507.800567] [<00000000de19d6ac>] ? zone_watermark_ok_safe+0x260/0x260 [ 1507.800576] [<00000000298d54b5>] ? avc_has_perm+0x164/0x3a0 [ 1507.800587] [<000000005cb91349>] __vmalloc_node_range+0x368/0x610 [ 1507.800597] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1507.800606] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1507.800615] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1507.800627] [<00000000a2fc1867>] ? task_has_security+0x130/0x270 [ 1507.800634] [<00000000a2870fb6>] vmalloc+0x5c/0x70 [ 1507.800641] [<000000009122b07a>] ? sel_write_load+0x119/0xf60 [ 1507.800648] [<000000009122b07a>] sel_write_load+0x119/0xf60 [ 1507.800656] [<0000000014953e9a>] ? sel_read_bool+0x240/0x240 [ 1507.800666] [<00000000b9229046>] ? retint_kernel+0x2d/0x2d [ 1507.800675] [<00000000c0218928>] ? trace_hardirqs_on_caller+0x385/0x5a0 [ 1507.800685] [<00000000442ab0de>] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 1507.800694] [<000000008431afd9>] __vfs_write+0x116/0x560 [ 1507.800701] [<0000000014953e9a>] ? sel_read_bool+0x240/0x240 [ 1507.800708] [<00000000b67253ca>] ? __vfs_read+0x550/0x550 [ 1507.800717] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1507.800726] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1507.800736] [<00000000ad48bf15>] ? rcu_read_lock_sched_held+0x10b/0x130 [ 1507.800744] [<00000000a3300644>] ? rcu_sync_lockdep_assert+0x73/0xb0 [ 1507.800753] [<000000003542cfd2>] ? __sb_start_write+0x161/0x310 [ 1507.800760] [<000000006a657c39>] vfs_write+0x185/0x520 [ 1507.800768] [<00000000896b6640>] SyS_write+0x121/0x270 [ 1507.800775] [<0000000039622e10>] ? SyS_read+0x270/0x270 [ 1507.800783] [<0000000039622e10>] ? SyS_read+0x270/0x270 [ 1507.800791] [<000000009049c43c>] do_syscall_64+0x1ad/0x5c0 [ 1507.800799] [<00000000880b3aee>] entry_SYSCALL_64_after_swapgs+0x5d/0xdb [ 1507.800832] Mem-Info: [ 1507.800876] active_anon:189788 inactive_anon:40 isolated_anon:0 [ 1507.800876] active_file:12666 inactive_file:19334 isolated_file:0 [ 1507.800876] unevictable:1 dirty:125 writeback:0 unstable:0 [ 1507.800876] slab_reclaimable:8876 slab_unreclaimable:100670 [ 1507.800876] mapped:59368 shmem:56 pagetables:77701 bounce:0 [ 1507.800876] free:1132944 free_pcp:498 free_cma:0 [ 1507.800914] Node 0 active_anon:759152kB inactive_anon:160kB active_file:50664kB inactive_file:77336kB unevictable:4kB isolated(anon):0kB isolated(file):0kB mapped:237472kB dirty:500kB writeback:0kB shmem:224kB writeback_tmp:0kB unstable:0kB pages_scanned:0 all_unreclaimable? no [ 1507.800970] DMA32 free:3012768kB min:4696kB low:7712kB high:10728kB active_anon:8kB inactive_anon:0kB active_file:4kB inactive_file:0kB unevictable:0kB writepending:0kB present:3145324kB managed:3020092kB mlocked:0kB slab_reclaimable:72kB slab_unreclaimable:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:1232kB local_pcp:644kB free_cma:0kB lowmem_reserve[]: 0 3505 3505 [ 1507.801048] Normal free:1519008kB min:5580kB low:9168kB high:12756kB active_anon:759144kB inactive_anon:160kB active_file:50660kB inactive_file:77336kB unevictable:4kB writepending:500kB present:4718592kB managed:3589316kB mlocked:4kB slab_reclaimable:35432kB slab_unreclaimable:402680kB kernel_stack:98624kB pagetables:310804kB bounce:0kB free_pcp:760kB local_pcp:340kB free_cma:0kB lowmem_reserve[]: 0 0 0 [ 1507.801358] DMA32: 12*4kB (UM) 12*8kB (UME) 7*16kB (UME) 5*32kB (UME) 4*64kB (UM) 6*128kB (UME) 7*256kB (UME) 6*512kB (UME) 4*1024kB (UME) 4*2048kB (UME) 731*4096kB (UM) = 3012768kB Normal: 4*4kB (E) 14*8kB (UME) 22*16kB (UE) 12*32kB (U) 3*64kB (UM) 4*128kB (UE) 3*256kB (UE) 0*512kB 3*1024kB (UME) 1*2048kB (M) 369*4096kB (U) = 1518880kB 32053 total pagecache pages [ 1507.801619] 0 pages in swap cache [ 1507.801633] Swap cache stats: add 0, delete 0, find 0/0 [ 1507.801654] Free swap = 0kB [ 1507.801670] Total swap = 0kB [ 1507.801684] 1965979 pages RAM [ 1507.801689] 0 pages HighMem/MovableOnly [ 1507.801703] 313627 pages reserved [ 1507.856251] syz-executor.1: vmalloc: allocation failure: 0 bytes, mode:0x24000c2(GFP_KERNEL|__GFP_HIGHMEM) [ 1507.856275] CPU: 1 PID: 29526 Comm: syz-executor.1 Not tainted 4.9.194+ #0 [ 1507.856290] ffff8801378df968 ffffffff81b67001 1ffff10026f1bf2f ffff88019a370000 [ 1507.856302] ffffffff82aab4e0 0000000000000001 0000000000400000 ffff8801378dfa90 [ 1507.856315] ffffffff815080fc 0000000041b58ab3 ffffffff82e3bc80 ffffffff81431d00 [ 1507.856317] Call Trace: [ 1507.856335] [<0000000011681f42>] dump_stack+0xc1/0x120 [ 1507.856346] [<000000007c2097d2>] warn_alloc.cold+0x76/0x93 [ 1507.856355] [<00000000de19d6ac>] ? zone_watermark_ok_safe+0x260/0x260 [ 1507.856363] [<00000000298d54b5>] ? avc_has_perm+0x164/0x3a0 [ 1507.856376] [<000000005cb91349>] __vmalloc_node_range+0x368/0x610 [ 1507.856388] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1507.856399] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1507.856409] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1507.856418] [<00000000a2fc1867>] ? task_has_security+0x130/0x270 [ 1507.856425] [<00000000a2870fb6>] vmalloc+0x5c/0x70 [ 1507.856432] [<000000009122b07a>] ? sel_write_load+0x119/0xf60 [ 1507.856439] [<000000009122b07a>] sel_write_load+0x119/0xf60 [ 1507.856446] [<0000000014953e9a>] ? sel_read_bool+0x240/0x240 [ 1507.856454] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1507.856464] [<00000000b9229046>] ? retint_kernel+0x2d/0x2d [ 1507.856474] [<0000000033795d1e>] ? trace_hardirqs_on+0x10/0x10 [ 1507.856481] [<000000008431afd9>] __vfs_write+0x116/0x560 [ 1507.856489] [<0000000014953e9a>] ? sel_read_bool+0x240/0x240 [ 1507.856496] [<00000000b67253ca>] ? __vfs_read+0x550/0x550 [ 1507.856504] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1507.856513] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1507.856522] [<00000000ad48bf15>] ? rcu_read_lock_sched_held+0x10b/0x130 [ 1507.856530] [<00000000a3300644>] ? rcu_sync_lockdep_assert+0x73/0xb0 [ 1507.856538] [<000000003542cfd2>] ? __sb_start_write+0x161/0x310 [ 1507.856545] [<000000006a657c39>] vfs_write+0x185/0x520 [ 1507.856553] [<00000000896b6640>] SyS_write+0x121/0x270 [ 1507.856560] [<0000000039622e10>] ? SyS_read+0x270/0x270 [ 1507.856566] [<00000000f04f2f77>] ? SyS_open+0x40/0x40 [ 1507.856575] [<00000000207ed57a>] ? do_syscall_64+0x4a/0x5c0 [ 1507.856582] [<0000000039622e10>] ? SyS_read+0x270/0x270 [ 1507.856589] [<000000009049c43c>] do_syscall_64+0x1ad/0x5c0 [ 1507.856598] [<00000000880b3aee>] entry_SYSCALL_64_after_swapgs+0x5d/0xdb [ 1507.856611] Mem-Info: [ 1507.856634] active_anon:189813 inactive_anon:40 isolated_anon:0 [ 1507.856634] active_file:12666 inactive_file:19334 isolated_file:0 [ 1507.856634] unevictable:1 dirty:125 writeback:0 unstable:0 [ 1507.856634] slab_reclaimable:8876 slab_unreclaimable:100702 [ 1507.856634] mapped:59368 shmem:56 pagetables:77701 bounce:0 [ 1507.856634] free:1132841 free_pcp:506 free_cma:0 [ 1507.856661] Node 0 active_anon:759252kB inactive_anon:160kB active_file:50664kB inactive_file:77336kB unevictable:4kB isolated(anon):0kB isolated(file):0kB mapped:237472kB dirty:500kB writeback:0kB shmem:224kB writeback_tmp:0kB unstable:0kB pages_scanned:0 all_unreclaimable? no [ 1507.856694] DMA32 free:3012768kB min:4696kB low:7712kB high:10728kB active_anon:8kB inactive_anon:0kB active_file:4kB inactive_file:0kB unevictable:0kB writepending:0kB present:3145324kB managed:3020092kB mlocked:0kB slab_reclaimable:72kB slab_unreclaimable:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:1232kB local_pcp:644kB free_cma:0kB lowmem_reserve[]: 0 3505 3505 [ 1507.856811] Normal free:1518596kB min:5580kB low:9168kB high:12756kB active_anon:759244kB inactive_anon:160kB active_file:50660kB inactive_file:77336kB unevictable:4kB writepending:500kB present:4718592kB managed:3589316kB mlocked:4kB slab_reclaimable:35432kB slab_unreclaimable:402808kB kernel_stack:98592kB pagetables:310804kB bounce:0kB free_pcp:792kB local_pcp:512kB free_cma:0kB lowmem_reserve[]: 0 0 0 [ 1507.857209] DMA32: 12*4kB (UM) 12*8kB (UME) 7*16kB (UME) 5*32kB (UME) 4*64kB (UM) 6*128kB (UME) 7*256kB (UME) 6*512kB (UME) 4*1024kB (UME) 4*2048kB (UME) 731*4096kB (UM) = 3012768kB Normal: 5*4kB (ME) 14*8kB (UME) 22*16kB (UE) 6*32kB (U) 3*64kB (UM) 5*128kB (UME) 4*256kB (UME) 1*512kB (M) 2*1024kB (UE) 1*2048kB (M) 369*4096kB (U) = 1518564kB 32053 total pagecache pages [ 1507.857453] 0 pages in swap cache [ 1507.857462] Swap cache stats: add 0, delete 0, find 0/0 [ 1507.857473] Free swap = 0kB [ 1507.857479] Total swap = 0kB [ 1507.857500] 1965979 pages RAM [ 1507.857511] 0 pages HighMem/MovableOnly [ 1507.857513] 313627 pages reserved [ 1507.904068] syz-executor.4: vmalloc: allocation failure: 0 bytes, mode:0x24000c2(GFP_KERNEL|__GFP_HIGHMEM) [ 1507.904079] CPU: 1 PID: 29534 Comm: syz-executor.4 Not tainted 4.9.194+ #0 [ 1507.904097] ffff880137357968 ffffffff81b67001 1ffff10026e6af2f ffff88012715c740 [ 1507.904107] ffffffff82aab4e0 0000000000000001 0000000000400000 ffff880137357a90 [ 1507.904119] ffffffff815080fc 0000000041b58ab3 ffffffff82e3bc80 ffffffff81431d00 [ 1507.904121] Call Trace: [ 1507.904141] [<0000000011681f42>] dump_stack+0xc1/0x120 [ 1507.904156] [<000000007c2097d2>] warn_alloc.cold+0x76/0x93 [ 1507.904167] [<00000000de19d6ac>] ? zone_watermark_ok_safe+0x260/0x260 [ 1507.904178] [<00000000298d54b5>] ? avc_has_perm+0x164/0x3a0 [ 1507.904193] [<000000005cb91349>] __vmalloc_node_range+0x368/0x610 [ 1507.904205] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1507.904213] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1507.904222] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1507.904232] [<00000000a2fc1867>] ? task_has_security+0x130/0x270 [ 1507.904239] [<00000000a2870fb6>] vmalloc+0x5c/0x70 [ 1507.904246] [<000000009122b07a>] ? sel_write_load+0x119/0xf60 [ 1507.904258] [<000000009122b07a>] sel_write_load+0x119/0xf60 [ 1507.904266] [<0000000014953e9a>] ? sel_read_bool+0x240/0x240 [ 1507.904278] [<0000000033795d1e>] ? trace_hardirqs_on+0x10/0x10 [ 1507.904288] [<000000008431afd9>] __vfs_write+0x116/0x560 [ 1507.904296] [<0000000014953e9a>] ? sel_read_bool+0x240/0x240 [ 1507.904304] [<00000000b67253ca>] ? __vfs_read+0x550/0x550 [ 1507.904317] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1507.904326] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1507.904336] [<00000000ad48bf15>] ? rcu_read_lock_sched_held+0x10b/0x130 [ 1507.904344] [<00000000a3300644>] ? rcu_sync_lockdep_assert+0x73/0xb0 [ 1507.904352] [<000000003542cfd2>] ? __sb_start_write+0x161/0x310 [ 1507.904359] [<000000006a657c39>] vfs_write+0x185/0x520 [ 1507.904367] [<00000000896b6640>] SyS_write+0x121/0x270 [ 1507.904374] [<0000000039622e10>] ? SyS_read+0x270/0x270 [ 1507.904383] [<00000000207ed57a>] ? do_syscall_64+0x4a/0x5c0 [ 1507.904390] [<0000000039622e10>] ? SyS_read+0x270/0x270 [ 1507.904397] [<000000009049c43c>] do_syscall_64+0x1ad/0x5c0 [ 1507.904408] [<00000000880b3aee>] entry_SYSCALL_64_after_swapgs+0x5d/0xdb [ 1507.907673] Mem-Info: [ 1507.907701] active_anon:189813 inactive_anon:40 isolated_anon:0 [ 1507.907701] active_file:12666 inactive_file:19334 isolated_file:0 [ 1507.907701] unevictable:1 dirty:125 writeback:0 unstable:0 [ 1507.907701] slab_reclaimable:8876 slab_unreclaimable:100734 [ 1507.907701] mapped:59368 shmem:56 pagetables:77701 bounce:0 [ 1507.907701] free:1132841 free_pcp:447 free_cma:0 [ 1507.907723] Node 0 active_anon:759252kB inactive_anon:160kB active_file:50664kB inactive_file:77336kB unevictable:4kB isolated(anon):0kB isolated(file):0kB mapped:237472kB dirty:500kB writeback:0kB shmem:224kB writeback_tmp:0kB unstable:0kB pages_scanned:0 all_unreclaimable? no [ 1507.907755] DMA32 free:3012768kB min:4696kB low:7712kB high:10728kB active_anon:8kB inactive_anon:0kB active_file:4kB inactive_file:0kB unevictable:0kB writepending:0kB present:3145324kB managed:3020092kB mlocked:0kB slab_reclaimable:72kB slab_unreclaimable:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:1232kB local_pcp:644kB free_cma:0kB lowmem_reserve[]: 0 3505 3505 22:11:03 executing program 1: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x13102000ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket(0x0, 0x0, 0x0) poll(0x0, 0x0, 0x8000000000000200) socketpair(0x10, 0x0, 0xfe, &(0x7f0000000180)) r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$TIOCLINUX4(r1, 0x541c, &(0x7f0000000040)) dup2(0xffffffffffffffff, 0xffffffffffffffff) r2 = gettid() clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r3, &(0x7f0000000300)=ANY=[], 0x0) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x21) wait4(0x0, 0x0, 0x0, 0x0) syz_open_pts(r0, 0x0) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0xf, &(0x7f00009abffc)=0x5, 0x4) 22:11:03 executing program 2: r0 = socket$inet6(0xa, 0x80003, 0x6b) ioctl(r0, 0x1000008912, &(0x7f00000001c0)="0815b5055e0bcfe87b3071") r1 = socket$inet_udplite(0x2, 0x2, 0x88) close(r1) 22:11:03 executing program 5: r0 = socket$inet6(0xa, 0x80003, 0x6b) ioctl(r0, 0x1000008912, &(0x7f00000001c0)="0815b5055e0bcfe87b3071") unshare(0x24020400) 22:11:03 executing program 3: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket(0x0, 0x0, 0x8) poll(0x0, 0x0, 0x0) creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$TIOCLINUX4(0xffffffffffffffff, 0x541c, &(0x7f0000000040)) r0 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r1, &(0x7f0000000300)=ANY=[@ANYBLOB], 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x0) wait4(0x0, 0x0, 0x0, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x10000, 0x0, 0x15}) syz_open_pts(0xffffffffffffffff, 0x0) 22:11:03 executing program 0: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) socket(0x0, 0x0, 0x8) poll(0x0, 0x0, 0x8000000000000200) socketpair(0x10, 0x0, 0x0, 0x0) creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$TIOCLINUX4(0xffffffffffffffff, 0x541c, 0x0) r0 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r1, 0x0, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x21) wait4(0x0, 0x0, 0x0, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x10000, 0x0, 0x15}) syz_open_pts(0xffffffffffffffff, 0x0) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000540)='/dev/vga_arbiter\x00', 0x511441, 0x0) 22:11:03 executing program 4: perf_event_open(0x0, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) socket(0x0, 0x0, 0x8) poll(0x0, 0x0, 0x8000000000000200) creat(&(0x7f00000000c0)='./file0\x00', 0x0) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r0, &(0x7f0000000300)=ANY=[], 0x0) ptrace$setopts(0xffffffffffffffff, 0x0, 0x0, 0x0) wait4(0x0, 0x0, 0x0, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x10000, 0x0, 0x15}) [ 1507.907798] Normal free:1518596kB min:5580kB low:9168kB high:12756kB active_anon:759244kB inactive_anon:160kB active_file:50660kB inactive_file:77336kB unevictable:4kB writepending:500kB present:4718592kB managed:3589316kB mlocked:4kB slab_reclaimable:35432kB slab_unreclaimable:402936kB kernel_stack:98528kB pagetables:310804kB bounce:0kB free_pcp:556kB local_pcp:312kB free_cma:0kB 22:11:03 executing program 2: r0 = socket$inet6(0xa, 0x80003, 0x6b) ioctl(r0, 0x1000008912, &(0x7f00000001c0)="0815b5055e0bcfe87b3071") r1 = socket$netlink(0x10, 0x3, 0x8) setsockopt$netlink_NETLINK_DROP_MEMBERSHIP(r1, 0x10e, 0x2, &(0x7f0000000380)=0x19, 0x4) lowmem_reserve[]: 0 0 0 [ 1507.907872] DMA32: 12*4kB (UM) 12*8kB (UME) 7*16kB (UME) 5*32kB (UME) 4*64kB (UM) 6*128kB (UME) 7*256kB (UME) 6*512kB (UME) 4*1024kB (UME) 4*2048kB (UME) 731*4096kB (UM) = 3012768kB 22:11:03 executing program 3: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket(0x0, 0x0, 0x8) poll(0x0, 0x0, 0x0) creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$TIOCLINUX4(0xffffffffffffffff, 0x541c, &(0x7f0000000040)) r0 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r1, &(0x7f0000000300)=ANY=[@ANYBLOB], 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x0) wait4(0x0, 0x0, 0x0, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x10000, 0x0, 0x15}) syz_open_pts(0xffffffffffffffff, 0x0) 22:11:03 executing program 5: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x13102000ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket(0x0, 0x0, 0x0) poll(0x0, 0x0, 0x8000000000000200) socketpair(0x10, 0x0, 0xfe, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$TIOCLINUX4(r1, 0x541c, &(0x7f0000000040)) dup2(r0, 0xffffffffffffffff) r2 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r3, &(0x7f0000000300)=ANY=[], 0x0) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x21) wait4(0x0, 0x0, 0x0, 0x0) syz_open_pts(r0, 0x0) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0xf, &(0x7f00009abffc)=0x5, 0x4) Normal: 5*4kB (ME) 14*8kB (UME) 22*16kB (UE) 7*32kB (U) 3*64kB (UM) 5*128kB (UME) 4*256kB (UME) 1*512kB (M) 2*1024kB (UE) 1*2048kB (M) 369*4096kB (U) = 1518596kB 32053 total pagecache pages [ 1507.907938] 0 pages in swap cache [ 1507.907946] Swap cache stats: add 0, delete 0, find 0/0 [ 1507.907950] Free swap = 0kB [ 1507.907954] Total swap = 0kB [ 1507.907957] 1965979 pages RAM [ 1507.907961] 0 pages HighMem/MovableOnly [ 1507.907965] 313627 pages reserved 22:11:03 executing program 3: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket(0x0, 0x0, 0x8) poll(0x0, 0x0, 0x0) creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$TIOCLINUX4(0xffffffffffffffff, 0x541c, &(0x7f0000000040)) r0 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r1, &(0x7f0000000300)=ANY=[@ANYBLOB], 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x0) wait4(0x0, 0x0, 0x0, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x10000, 0x0, 0x15}) syz_open_pts(0xffffffffffffffff, 0x0) [ 1513.398265] warn_alloc: 11 callbacks suppressed [ 1513.398308] syz-executor.1: vmalloc: allocation failure: 0 bytes, mode:0x24000c2(GFP_KERNEL|__GFP_HIGHMEM) 22:11:04 executing program 2: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x448, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x13102000ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket(0x0, 0xa, 0x0) poll(0x0, 0x0, 0x8000000000000200) socketpair(0x0, 0x0, 0xfe, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$TIOCLINUX4(r1, 0x541c, &(0x7f0000000040)) dup2(r0, 0xffffffffffffffff) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r3, &(0x7f0000000300)=ANY=[@ANYBLOB="2422cdb3dbc96a0d7dab17ee1da68e97a75c2d1a34e7ee02004c4ac61b6783adf4b78165e6c18fe6e6e9de0eb40ab9b6372acb8457a07f40768a79fdc462e6b4a93479179acce26e9a881ad88e9bda56bc45b955bd137eb6a10faae485df2055d290b5f5949c6c1ef54dacde51e41b3b831d091296afdcea0a3f90167c64236701a6a66a7585617a81295c82c330caf32cb6b5240766739a217b22cf41bbab5aeb32"], 0xa2) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x21) wait4(0x0, 0x0, 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x10000, 0x0, 0x15}) syz_open_pts(r0, 0x0) getxattr(&(0x7f0000000240)='./file0\x00', &(0x7f0000000280)=@known='com.apple.system.Security\x00', &(0x7f00000002c0)=""/41, 0x29) accept$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @initdev}, &(0x7f00000001c0)=0x10) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0xf, &(0x7f00009abffc)=0x5, 0x4) r4 = socket(0xa, 0x2, 0x0) getsockopt$sock_cred(r4, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xa) fcntl$getownex(r4, 0x10, &(0x7f0000000500)) openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000540)='/dev/vga_arbiter\x00', 0x511441, 0x0) 22:11:04 executing program 5: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x13102000ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket(0x0, 0x0, 0x0) poll(0x0, 0x0, 0x8000000000000200) socketpair(0x10, 0x0, 0xfe, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$TIOCLINUX4(r1, 0x541c, &(0x7f0000000040)) dup2(r0, 0xffffffffffffffff) r2 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r3, &(0x7f0000000300)=ANY=[], 0x0) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x21) wait4(0x0, 0x0, 0x0, 0x0) syz_open_pts(r0, 0x0) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0xf, &(0x7f00009abffc)=0x5, 0x4) [ 1513.398335] CPU: 1 PID: 29676 Comm: syz-executor.1 Not tainted 4.9.194+ #0 [ 1513.398350] ffff8801364c7968 ffffffff81b67001 1ffff10026c98f2f ffff880130e65f00 22:11:04 executing program 1: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x13102000ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket(0x0, 0x0, 0x0) poll(0x0, 0x0, 0x8000000000000200) socketpair(0x10, 0x0, 0xfe, &(0x7f0000000180)) r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$TIOCLINUX4(r1, 0x541c, &(0x7f0000000040)) dup2(0xffffffffffffffff, 0xffffffffffffffff) r2 = gettid() clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r3, &(0x7f0000000300)=ANY=[], 0x0) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x21) wait4(0x0, 0x0, 0x0, 0x0) syz_open_pts(r0, 0x0) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0xf, &(0x7f00009abffc)=0x5, 0x4) [ 1513.398362] ffffffff82aab4e0 0000000000000001 0000000000400000 ffff8801364c7a90 [ 1513.398373] ffffffff815080fc 0000000041b58ab3 ffffffff82e3bc80 ffffffff81431d00 [ 1513.398375] Call Trace: [ 1513.398391] [<0000000011681f42>] dump_stack+0xc1/0x120 [ 1513.398405] [<000000007c2097d2>] warn_alloc.cold+0x76/0x93 [ 1513.398415] [<00000000de19d6ac>] ? zone_watermark_ok_safe+0x260/0x260 22:11:04 executing program 4: perf_event_open(0x0, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) socket(0x0, 0x0, 0x8) poll(0x0, 0x0, 0x8000000000000200) creat(&(0x7f00000000c0)='./file0\x00', 0x0) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r0, &(0x7f0000000300)=ANY=[], 0x0) ptrace$setopts(0xffffffffffffffff, 0x0, 0x0, 0x0) wait4(0x0, 0x0, 0x0, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x40045431, 0x0) 22:11:04 executing program 0: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) socket(0x0, 0x0, 0x8) poll(0x0, 0x0, 0x8000000000000200) socketpair(0x10, 0x0, 0x0, 0x0) creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$TIOCLINUX4(0xffffffffffffffff, 0x541c, 0x0) r0 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r1, 0x0, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x21) wait4(0x0, 0x0, 0x0, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x10000, 0x0, 0x15}) syz_open_pts(0xffffffffffffffff, 0x0) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000540)='/dev/vga_arbiter\x00', 0x511441, 0x0) 22:11:04 executing program 3: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket(0x0, 0x0, 0x8) poll(0x0, 0x0, 0x0) creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$TIOCLINUX4(0xffffffffffffffff, 0x541c, &(0x7f0000000040)) r0 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r1, &(0x7f0000000300)=ANY=[@ANYBLOB], 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x21) wait4(0x0, 0x0, 0x0, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x40045431, 0x0) syz_open_pts(0xffffffffffffffff, 0x0) [ 1513.398426] [<00000000298d54b5>] ? avc_has_perm+0x164/0x3a0 [ 1513.398436] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1513.398445] [<000000005cb91349>] __vmalloc_node_range+0x368/0x610 [ 1513.398454] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1513.398462] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1513.398471] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1513.398481] [<00000000a2fc1867>] ? task_has_security+0x130/0x270 [ 1513.398488] [<00000000a2870fb6>] vmalloc+0x5c/0x70 [ 1513.398495] [<000000009122b07a>] ? sel_write_load+0x119/0xf60 [ 1513.398501] [<000000009122b07a>] sel_write_load+0x119/0xf60 [ 1513.398508] [<0000000014953e9a>] ? sel_read_bool+0x240/0x240 [ 1513.398518] [<000000007028393f>] ? mark_held_locks+0xb1/0x100 [ 1513.398525] [<000000008431afd9>] __vfs_write+0x116/0x560 [ 1513.398533] [<00000000c0218928>] ? trace_hardirqs_on_caller+0x385/0x5a0 [ 1513.398539] [<0000000014953e9a>] ? sel_read_bool+0x240/0x240 22:11:04 executing program 3: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket(0x0, 0x0, 0x8) poll(0x0, 0x0, 0x0) creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$TIOCLINUX4(0xffffffffffffffff, 0x541c, &(0x7f0000000040)) r0 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r1, &(0x7f0000000300)=ANY=[@ANYBLOB], 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x21) wait4(0x0, 0x0, 0x0, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x40045431, 0x0) syz_open_pts(0xffffffffffffffff, 0x0) [ 1513.398546] [<00000000b67253ca>] ? __vfs_read+0x550/0x550 ** 12 printk messages dropped ** [ 1513.398697] Node 0 active_anon:760436kB inactive_anon:160kB active_file:50716kB inactive_file:77336kB unevictable:4kB isolated(anon):0kB isolated(file):0kB mapped:237472kB dirty:552kB writeback:0kB shmem:224kB writeback_tmp:0kB unstable:0kB pages_scanned:0 all_unreclaimable? no ** 56 printk messages dropped ** [ 1513.635033] lowmem_reserve[]: 0 3505 3505 [ 1513.635076] Normal free:1514588kB min:5580kB low:9168kB high:12756kB active_anon:760728kB inactive_anon:160kB active_file:50712kB inactive_file:77336kB unevictable:4kB writepending:552kB present:4718592kB managed:3589316kB mlocked:4kB slab_reclaimable:35432kB slab_unreclaimable:403212kB kernel_stack:99168kB pagetables:312120kB bounce:0kB free_pcp:900kB local_pcp:672kB free_cma:0kB 22:11:04 executing program 1: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x13102000ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket(0x0, 0x0, 0x0) poll(0x0, 0x0, 0x8000000000000200) socketpair(0x10, 0x0, 0xfe, &(0x7f0000000180)) r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$TIOCLINUX4(r1, 0x541c, &(0x7f0000000040)) dup2(0xffffffffffffffff, 0xffffffffffffffff) r2 = gettid() clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r3, &(0x7f0000000300)=ANY=[], 0x0) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x21) wait4(0x0, 0x0, 0x0, 0x0) syz_open_pts(r0, 0x0) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0xf, &(0x7f00009abffc)=0x5, 0x4) lowmem_reserve[]: 0 0 0 [ 1513.635499] DMA32: 12*4kB (UM) 12*8kB (UME) 7*16kB (UME) 5*32kB (UME) 4*64kB (UM) 6*128kB (UME) 7*256kB (UME) 6*512kB (UME) 4*1024kB (UME) 4*2048kB (UME) 731*4096kB (UM) = 3012768kB Normal: 5*4kB (UE) 3*8kB (E) 23*16kB (UME) 5*32kB (UM) 0*64kB 4*128kB (UE) 2*256kB (E) 1*512kB (M) 3*1024kB (UME) 1*2048kB (U) 368*4096kB (U) = 1514556kB 32066 total pagecache pages [ 1513.635754] 0 pages in swap cache [ 1513.635781] Swap cache stats: add 0, delete 0, find 0/0 [ 1513.635793] Free swap = 0kB [ 1513.635819] Total swap = 0kB [ 1513.635831] 1965979 pages RAM [ 1513.635833] 0 pages HighMem/MovableOnly [ 1513.635849] 313627 pages reserved 22:11:04 executing program 2: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x448, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x13102000ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket(0x0, 0xa, 0x0) poll(0x0, 0x0, 0x8000000000000200) socketpair(0x0, 0x0, 0xfe, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$TIOCLINUX4(r1, 0x541c, &(0x7f0000000040)) dup2(r0, 0xffffffffffffffff) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r3, &(0x7f0000000300)=ANY=[@ANYBLOB="2422cdb3dbc96a0d7dab17ee1da68e97a75c2d1a34e7ee02004c4ac61b6783adf4b78165e6c18fe6e6e9de0eb40ab9b6372acb8457a07f40768a79fdc462e6b4a93479179acce26e9a881ad88e9bda56bc45b955bd137eb6a10faae485df2055d290b5f5949c6c1ef54dacde51e41b3b831d091296afdcea0a3f90167c64236701a6a66a7585617a81295c82c330caf32cb6b5240766739a217b22cf41bbab5aeb32"], 0xa2) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x21) wait4(0x0, 0x0, 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x10000, 0x0, 0x15}) syz_open_pts(r0, 0x0) getxattr(&(0x7f0000000240)='./file0\x00', &(0x7f0000000280)=@known='com.apple.system.Security\x00', &(0x7f00000002c0)=""/41, 0x29) accept$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @initdev}, &(0x7f00000001c0)=0x10) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0xf, &(0x7f00009abffc)=0x5, 0x4) r4 = socket(0xa, 0x2, 0x0) getsockopt$sock_cred(r4, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xa) fcntl$getownex(r4, 0x10, &(0x7f0000000500)) openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000540)='/dev/vga_arbiter\x00', 0x511441, 0x0) 22:11:04 executing program 3: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket(0x0, 0x0, 0x8) poll(0x0, 0x0, 0x0) creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$TIOCLINUX4(0xffffffffffffffff, 0x541c, &(0x7f0000000040)) r0 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r1, &(0x7f0000000300)=ANY=[@ANYBLOB], 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x21) wait4(0x0, 0x0, 0x0, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x40045431, 0x0) syz_open_pts(0xffffffffffffffff, 0x0) [ 1513.900551] syz-executor.1: vmalloc: allocation failure: 0 bytes, mode:0x24000c2(GFP_KERNEL|__GFP_HIGHMEM) [ 1513.900560] CPU: 0 PID: 29714 Comm: syz-executor.1 Not tainted 4.9.194+ #0 22:11:04 executing program 0: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) socket(0x0, 0x0, 0x8) poll(0x0, 0x0, 0x8000000000000200) socketpair(0x10, 0x0, 0x0, 0x0) creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$TIOCLINUX4(0xffffffffffffffff, 0x541c, 0x0) r0 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r1, &(0x7f0000000300)=ANY=[], 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x21) wait4(0x0, 0x0, 0x0, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x10000, 0x0, 0x15}) syz_open_pts(0xffffffffffffffff, 0x0) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000540)='/dev/vga_arbiter\x00', 0x511441, 0x0) [ 1513.900575] ffff88013b917968 ffffffff81b67001 1ffff10027722f2f ffff88012e502f80 [ 1513.900588] ffffffff82aab4e0 0000000000000001 0000000000400000 ffff88013b917a90 [ 1513.900600] ffffffff815080fc 0000000041b58ab3 ffffffff82e3bc80 ffffffff81431d00 [ 1513.900602] Call Trace: [ 1513.900617] [<0000000011681f42>] dump_stack+0xc1/0x120 [ 1513.900629] [<000000007c2097d2>] warn_alloc.cold+0x76/0x93 [ 1513.900639] [<00000000de19d6ac>] ? zone_watermark_ok_safe+0x260/0x260 22:11:05 executing program 3: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket(0x0, 0x0, 0x8) poll(0x0, 0x0, 0x0) creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$TIOCLINUX4(0xffffffffffffffff, 0x541c, &(0x7f0000000040)) r0 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r1, &(0x7f0000000300)=ANY=[@ANYBLOB], 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x21) wait4(0x0, 0x0, 0x0, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x15}) syz_open_pts(0xffffffffffffffff, 0x0) [ 1513.900647] [<00000000298d54b5>] ? avc_has_perm+0x164/0x3a0 [ 1513.900656] [<000000005cb91349>] __vmalloc_node_range+0x368/0x610 22:11:05 executing program 4: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x448, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x13102000ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket(0x5, 0xa, 0x8) poll(0x0, 0x0, 0x8000000000000200) fcntl$setown(0xffffffffffffffff, 0x8, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$TIOCLINUX4(r1, 0x541c, &(0x7f0000000040)) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r3, &(0x7f0000000300)=ANY=[@ANYBLOB="2422cdb3dbc96a0d7dab17ee1da68e97a75c2d1a34e7ee02004c4ac61b6783adf4b78165e6c18fe6e6e9de0eb40ab9b6372acb8457a07f40768a79fdc462e6b4a93479179acce26e9a881ad88e9bda56bc45b955bd137eb6a10faae485df2055d290b5f5949c6c1ef54dacde51e41b3b831d091296afdcea0a3f90167c64236701a6a66a7585617a81295c82c330caf32cb6b5240766739a217b22cf41bbab5aeb327feb5109ed16a6ddd2009b475825c0dd02dbec6e612072ce7fd70ed9305446a8b45b7a9ff355b3cff9707fe8ba6b03c1d1269b59308a"], 0x1) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x21) wait4(0x0, 0x0, 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x10000, 0x0, 0x15}) syz_open_pts(r0, 0x0) socket(0xa, 0x2, 0x0) openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000540)='/dev/vga_arbiter\x00', 0x511441, 0x0) [ 1513.900665] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1513.900674] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1513.900683] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1513.900692] [<00000000a2fc1867>] ? task_has_security+0x130/0x270 [ 1513.900699] [<00000000a2870fb6>] vmalloc+0x5c/0x70 [ 1513.900707] [<000000009122b07a>] ? sel_write_load+0x119/0xf60 [ 1513.900713] [<000000009122b07a>] sel_write_load+0x119/0xf60 [ 1513.900721] [<0000000014953e9a>] ? sel_read_bool+0x240/0x240 [ 1513.900730] [<0000000033795d1e>] ? trace_hardirqs_on+0x10/0x10 [ 1513.900738] [<000000008431afd9>] __vfs_write+0x116/0x560 [ 1513.900745] [<0000000014953e9a>] ? sel_read_bool+0x240/0x240 [ 1513.900751] [<00000000b67253ca>] ? __vfs_read+0x550/0x550 [ 1513.900760] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1513.900767] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1513.900776] [<00000000ad48bf15>] ? rcu_read_lock_sched_held+0x10b/0x130 [ 1513.900784] [<00000000a3300644>] ? rcu_sync_lockdep_assert+0x73/0xb0 [ 1513.900792] [<000000003542cfd2>] ? __sb_start_write+0x161/0x310 [ 1513.900799] [<000000006a657c39>] vfs_write+0x185/0x520 [ 1513.900807] [<00000000896b6640>] SyS_write+0x121/0x270 [ 1513.900813] [<0000000039622e10>] ? SyS_read+0x270/0x270 [ 1513.900821] [<00000000207ed57a>] ? do_syscall_64+0x4a/0x5c0 [ 1513.900829] [<0000000039622e10>] ? SyS_read+0x270/0x270 [ 1513.900835] [<000000009049c43c>] do_syscall_64+0x1ad/0x5c0 [ 1513.900846] [<00000000880b3aee>] entry_SYSCALL_64_after_swapgs+0x5d/0xdb [ 1513.900849] Mem-Info: [ 1513.900871] active_anon:190174 inactive_anon:40 isolated_anon:0 [ 1513.900871] active_file:12679 inactive_file:19334 isolated_file:0 [ 1513.900871] unevictable:1 dirty:139 writeback:0 unstable:0 [ 1513.900871] slab_reclaimable:8876 slab_unreclaimable:100776 [ 1513.900871] mapped:59368 shmem:56 pagetables:78021 bounce:0 [ 1513.900871] free:1131763 free_pcp:629 free_cma:0 [ 1513.900886] Node 0 active_anon:760696kB inactive_anon:160kB active_file:50716kB inactive_file:77336kB unevictable:4kB isolated(anon):0kB isolated(file):0kB mapped:237472kB dirty:556kB writeback:0kB shmem:224kB writeback_tmp:0kB unstable:0kB pages_scanned:0 all_unreclaimable? no [ 1513.900907] DMA32 free:3012768kB min:4696kB low:7712kB high:10728kB active_anon:8kB inactive_anon:0kB active_file:4kB inactive_file:0kB unevictable:0kB writepending:0kB present:3145324kB managed:3020092kB mlocked:0kB slab_reclaimable:72kB slab_unreclaimable:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:1232kB local_pcp:588kB free_cma:0kB lowmem_reserve[]: 0 3505 3505 [ 1513.900934] Normal free:1514284kB min:5580kB low:9168kB high:12756kB active_anon:760688kB inactive_anon:160kB active_file:50712kB inactive_file:77336kB unevictable:4kB writepending:556kB present:4718592kB managed:3589316kB mlocked:4kB slab_reclaimable:35432kB slab_unreclaimable:403104kB kernel_stack:99072kB pagetables:312084kB bounce:0kB free_pcp:1284kB local_pcp:652kB free_cma:0kB lowmem_reserve[]: 0 0 0 [ 1513.900990] DMA32: 12*4kB (UM) 12*8kB (UME) 7*16kB (UME) 5*32kB (UME) 4*64kB (UM) 6*128kB (UME) 7*256kB (UME) 6*512kB (UME) 4*1024kB (UME) 4*2048kB (UME) 731*4096kB (UM) = 3012768kB Normal: 5*4kB (UE) 4*8kB (UE) 21*16kB (E) 16*32kB (UM) 2*64kB (UM) 5*128kB (UME) 3*256kB (ME) 1*512kB (U) 2*1024kB (ME) 1*2048kB (U) 368*4096kB (U) = 1514372kB 32066 total pagecache pages [ 1513.901039] 0 pages in swap cache [ 1513.901042] Swap cache stats: add 0, delete 0, find 0/0 [ 1513.901045] Free swap = 0kB [ 1513.901047] Total swap = 0kB [ 1513.901049] 1965979 pages RAM [ 1513.901052] 0 pages HighMem/MovableOnly [ 1513.901054] 313627 pages reserved [ 1516.518132] syz-executor.1: vmalloc: allocation failure: 0 bytes, mode:0x24000c2(GFP_KERNEL|__GFP_HIGHMEM) [ 1516.518140] CPU: 1 PID: 29743 Comm: syz-executor.1 Not tainted 4.9.194+ #0 [ 1516.518153] ffff88013aa27968 ffffffff81b67001 1ffff10027544f2f ffff88011d2097c0 [ 1516.518162] ffffffff82aab4e0 0000000000000001 0000000000400000 ffff88013aa27a90 [ 1516.518171] ffffffff815080fc 0000000041b58ab3 ffffffff82e3bc80 ffffffff81431d00 [ 1516.518172] Call Trace: [ 1516.518185] [<0000000011681f42>] dump_stack+0xc1/0x120 [ 1516.518196] [<000000007c2097d2>] warn_alloc.cold+0x76/0x93 [ 1516.518203] [<00000000de19d6ac>] ? zone_watermark_ok_safe+0x260/0x260 [ 1516.518210] [<00000000298d54b5>] ? avc_has_perm+0x164/0x3a0 [ 1516.518219] [<000000005cb91349>] __vmalloc_node_range+0x368/0x610 [ 1516.518227] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1516.518234] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1516.518241] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1516.518250] [<00000000a2fc1867>] ? task_has_security+0x130/0x270 [ 1516.518255] [<00000000a2870fb6>] vmalloc+0x5c/0x70 [ 1516.518261] [<000000009122b07a>] ? sel_write_load+0x119/0xf60 [ 1516.518266] [<000000009122b07a>] sel_write_load+0x119/0xf60 [ 1516.518272] [<0000000014953e9a>] ? sel_read_bool+0x240/0x240 [ 1516.518280] [<0000000033795d1e>] ? trace_hardirqs_on+0x10/0x10 [ 1516.518287] [<000000008431afd9>] __vfs_write+0x116/0x560 [ 1516.518292] [<0000000014953e9a>] ? sel_read_bool+0x240/0x240 [ 1516.518298] [<00000000b67253ca>] ? __vfs_read+0x550/0x550 [ 1516.518306] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1516.518312] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1516.518320] [<00000000ad48bf15>] ? rcu_read_lock_sched_held+0x10b/0x130 [ 1516.518326] [<00000000a3300644>] ? rcu_sync_lockdep_assert+0x73/0xb0 [ 1516.518333] [<000000003542cfd2>] ? __sb_start_write+0x161/0x310 [ 1516.518339] [<000000006a657c39>] vfs_write+0x185/0x520 [ 1516.518345] [<00000000896b6640>] SyS_write+0x121/0x270 [ 1516.518352] [<0000000039622e10>] ? SyS_read+0x270/0x270 [ 1516.518358] [<00000000207ed57a>] ? do_syscall_64+0x4a/0x5c0 [ 1516.518364] [<0000000039622e10>] ? SyS_read+0x270/0x270 [ 1516.518370] [<000000009049c43c>] do_syscall_64+0x1ad/0x5c0 [ 1516.518380] [<00000000880b3aee>] entry_SYSCALL_64_after_swapgs+0x5d/0xdb [ 1516.518475] Mem-Info: [ 1516.518492] active_anon:190193 inactive_anon:40 isolated_anon:0 [ 1516.518492] active_file:12681 inactive_file:19334 isolated_file:0 [ 1516.518492] unevictable:1 dirty:141 writeback:0 unstable:0 [ 1516.518492] slab_reclaimable:8876 slab_unreclaimable:100817 [ 1516.518492] mapped:59393 shmem:56 pagetables:78016 bounce:0 [ 1516.518492] free:1131847 free_pcp:491 free_cma:0 [ 1516.518504] Node 0 active_anon:760772kB inactive_anon:160kB active_file:50724kB inactive_file:77336kB unevictable:4kB isolated(anon):0kB isolated(file):0kB mapped:237572kB dirty:564kB writeback:0kB shmem:224kB writeback_tmp:0kB unstable:0kB pages_scanned:0 all_unreclaimable? no [ 1516.518520] DMA32 free:3012768kB min:4696kB low:7712kB high:10728kB active_anon:8kB inactive_anon:0kB active_file:4kB inactive_file:0kB unevictable:0kB writepending:0kB present:3145324kB managed:3020092kB mlocked:0kB slab_reclaimable:72kB slab_unreclaimable:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:1232kB local_pcp:644kB free_cma:0kB lowmem_reserve[]: 0 3505 3505 [ 1516.518543] Normal free:1514620kB min:5580kB low:9168kB high:12756kB active_anon:760764kB inactive_anon:160kB active_file:50720kB inactive_file:77336kB unevictable:4kB writepending:564kB present:4718592kB managed:3589316kB mlocked:4kB slab_reclaimable:35432kB slab_unreclaimable:403268kB kernel_stack:99136kB pagetables:312064kB bounce:0kB free_pcp:732kB local_pcp:300kB free_cma:0kB lowmem_reserve[]: 0 0 0 [ 1516.518591] DMA32: 12*4kB (UM) 12*8kB (UME) 7*16kB (UME) 5*32kB (UME) 4*64kB (UM) 6*128kB (UME) 7*256kB (UME) 6*512kB (UME) 4*1024kB (UME) 4*2048kB (UME) 731*4096kB (UM) = 3012768kB Normal: 5*4kB (UE) 15*8kB (UME) 31*16kB (UE) 8*32kB (UM) 3*64kB (U) 6*128kB (UME) 3*256kB (ME) 1*512kB (U) 2*1024kB (ME) 1*2048kB (U) 368*4096kB (U) = 1514556kB 32068 total pagecache pages [ 1516.518674] 0 pages in swap cache [ 1516.518677] Swap cache stats: add 0, delete 0, find 0/0 [ 1516.518679] Free swap = 0kB [ 1516.518681] Total swap = 0kB [ 1516.518683] 1965979 pages RAM [ 1516.518685] 0 pages HighMem/MovableOnly [ 1516.518687] 313627 pages reserved [ 1516.604653] syz-executor.4: vmalloc: allocation failure: 0 bytes, mode:0x24000c2(GFP_KERNEL|__GFP_HIGHMEM) [ 1516.604662] CPU: 0 PID: 29755 Comm: syz-executor.4 Not tainted 4.9.194+ #0 [ 1516.604677] ffff88013185f968 ffffffff81b67001 1ffff1002630bf2f ffff88012745c740 [ 1516.604688] ffffffff82aab4e0 0000000000000001 0000000000400000 ffff88013185fa90 [ 1516.604698] ffffffff815080fc 0000000041b58ab3 ffffffff82e3bc80 ffffffff81431d00 [ 1516.604700] Call Trace: [ 1516.604714] [<0000000011681f42>] dump_stack+0xc1/0x120 [ 1516.604724] [<000000007c2097d2>] warn_alloc.cold+0x76/0x93 [ 1516.604733] [<00000000de19d6ac>] ? zone_watermark_ok_safe+0x260/0x260 [ 1516.604741] [<00000000298d54b5>] ? avc_has_perm+0x164/0x3a0 [ 1516.604753] [<000000005cb91349>] __vmalloc_node_range+0x368/0x610 [ 1516.604763] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1516.604772] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1516.604781] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1516.604790] [<00000000a2fc1867>] ? task_has_security+0x130/0x270 [ 1516.604806] [<00000000a2870fb6>] vmalloc+0x5c/0x70 [ 1516.604814] [<000000009122b07a>] ? sel_write_load+0x119/0xf60 [ 1516.604821] [<000000009122b07a>] sel_write_load+0x119/0xf60 [ 1516.604829] [<0000000014953e9a>] ? sel_read_bool+0x240/0x240 [ 1516.604839] [<0000000033795d1e>] ? trace_hardirqs_on+0x10/0x10 [ 1516.604847] [<000000008431afd9>] __vfs_write+0x116/0x560 [ 1516.604855] [<0000000014953e9a>] ? sel_read_bool+0x240/0x240 [ 1516.604863] [<00000000b67253ca>] ? __vfs_read+0x550/0x550 [ 1516.604873] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1516.604883] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1516.604893] [<00000000ad48bf15>] ? rcu_read_lock_sched_held+0x10b/0x130 [ 1516.604901] [<00000000a3300644>] ? rcu_sync_lockdep_assert+0x73/0xb0 [ 1516.604908] [<000000003542cfd2>] ? __sb_start_write+0x161/0x310 [ 1516.604915] [<000000006a657c39>] vfs_write+0x185/0x520 [ 1516.604923] [<00000000896b6640>] SyS_write+0x121/0x270 [ 1516.604930] [<0000000039622e10>] ? SyS_read+0x270/0x270 [ 1516.604937] [<00000000207ed57a>] ? do_syscall_64+0x4a/0x5c0 [ 1516.604944] [<0000000039622e10>] ? SyS_read+0x270/0x270 [ 1516.604951] [<000000009049c43c>] do_syscall_64+0x1ad/0x5c0 [ 1516.604960] [<00000000880b3aee>] entry_SYSCALL_64_after_swapgs+0x5d/0xdb [ 1516.604963] Mem-Info: [ 1516.604981] active_anon:190168 inactive_anon:40 isolated_anon:0 [ 1516.604981] active_file:12681 inactive_file:19334 isolated_file:0 [ 1516.604981] unevictable:1 dirty:141 writeback:0 unstable:0 [ 1516.604981] slab_reclaimable:8876 slab_unreclaimable:100817 [ 1516.604981] mapped:59418 shmem:56 pagetables:77979 bounce:0 [ 1516.604981] free:1131847 free_pcp:527 free_cma:0 [ 1516.604994] Node 0 active_anon:760672kB inactive_anon:160kB active_file:50724kB inactive_file:77336kB unevictable:4kB isolated(anon):0kB isolated(file):0kB mapped:237672kB dirty:564kB writeback:0kB shmem:224kB writeback_tmp:0kB unstable:0kB pages_scanned:0 all_unreclaimable? no [ 1516.605013] DMA32 free:3012768kB min:4696kB low:7712kB high:10728kB active_anon:8kB inactive_anon:0kB active_file:4kB inactive_file:0kB unevictable:0kB writepending:0kB present:3145324kB managed:3020092kB mlocked:0kB slab_reclaimable:72kB slab_unreclaimable:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:1232kB local_pcp:588kB free_cma:0kB lowmem_reserve[]: 0 3505 3505 [ 1516.605039] Normal free:1514620kB min:5580kB low:9168kB high:12756kB active_anon:760664kB inactive_anon:160kB active_file:50720kB inactive_file:77336kB unevictable:4kB writepending:564kB present:4718592kB managed:3589316kB mlocked:4kB slab_reclaimable:35432kB slab_unreclaimable:403268kB kernel_stack:98976kB pagetables:311916kB bounce:0kB free_pcp:876kB local_pcp:332kB free_cma:0kB lowmem_reserve[]: 0 0 0 [ 1516.605096] DMA32: 12*4kB (UM) 12*8kB (UME) 7*16kB (UME) 5*32kB (UME) 4*64kB (UM) 6*128kB (UME) 7*256kB (UME) 6*512kB (UME) 4*1024kB (UME) 4*2048kB (UME) 731*4096kB (UM) = 3012768kB Normal: 5*4kB (UE) 15*8kB (UME) 31*16kB (UE) 9*32kB (UM) 3*64kB (U) 6*128kB (UME) 3*256kB (ME) 1*512kB (U) 2*1024kB (ME) 1*2048kB (U) 368*4096kB (U) = 1514588kB 32068 total pagecache pages [ 1516.605149] 0 pages in swap cache [ 1516.605153] Swap cache stats: add 0, delete 0, find 0/0 [ 1516.605155] Free swap = 0kB [ 1516.605157] Total swap = 0kB [ 1516.605160] 1965979 pages RAM [ 1516.605162] 0 pages HighMem/MovableOnly [ 1516.605164] 313627 pages reserved [ 1516.730024] syz-executor.3: vmalloc: allocation failure: 0 bytes, mode:0x24000c2(GFP_KERNEL|__GFP_HIGHMEM) [ 1516.730033] CPU: 0 PID: 29764 Comm: syz-executor.3 Not tainted 4.9.194+ #0 [ 1516.730048] ffff88012b62f968 ffffffff81b67001 1ffff100256c5f2f ffff88013aa08000 [ 1516.730058] ffffffff82aab4e0 0000000000000001 0000000000400000 ffff88012b62fa90 [ 1516.730069] ffffffff815080fc 0000000041b58ab3 ffffffff82e3bc80 ffffffff81431d00 [ 1516.730071] Call Trace: [ 1516.730083] [<0000000011681f42>] dump_stack+0xc1/0x120 [ 1516.730094] [<000000007c2097d2>] warn_alloc.cold+0x76/0x93 [ 1516.730102] [<00000000de19d6ac>] ? zone_watermark_ok_safe+0x260/0x260 [ 1516.730109] [<00000000298d54b5>] ? avc_has_perm+0x164/0x3a0 [ 1516.730117] [<000000005cb91349>] __vmalloc_node_range+0x368/0x610 [ 1516.730127] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1516.730136] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1516.730144] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1516.730153] [<00000000a2fc1867>] ? task_has_security+0x130/0x270 [ 1516.730161] [<00000000a2870fb6>] vmalloc+0x5c/0x70 [ 1516.730168] [<000000009122b07a>] ? sel_write_load+0x119/0xf60 [ 1516.730175] [<000000009122b07a>] sel_write_load+0x119/0xf60 [ 1516.730183] [<0000000014953e9a>] ? sel_read_bool+0x240/0x240 [ 1516.730192] [<0000000033795d1e>] ? trace_hardirqs_on+0x10/0x10 [ 1516.730201] [<000000008431afd9>] __vfs_write+0x116/0x560 [ 1516.730208] [<0000000014953e9a>] ? sel_read_bool+0x240/0x240 [ 1516.730216] [<00000000b67253ca>] ? __vfs_read+0x550/0x550 [ 1516.730225] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1516.730233] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1516.730242] [<00000000ad48bf15>] ? rcu_read_lock_sched_held+0x10b/0x130 [ 1516.730251] [<00000000a3300644>] ? rcu_sync_lockdep_assert+0x73/0xb0 [ 1516.730259] [<000000003542cfd2>] ? __sb_start_write+0x161/0x310 [ 1516.730266] [<000000006a657c39>] vfs_write+0x185/0x520 [ 1516.730273] [<00000000896b6640>] SyS_write+0x121/0x270 [ 1516.730280] [<0000000039622e10>] ? SyS_read+0x270/0x270 [ 1516.730287] [<00000000207ed57a>] ? do_syscall_64+0x4a/0x5c0 [ 1516.730295] [<0000000039622e10>] ? SyS_read+0x270/0x270 [ 1516.730301] [<000000009049c43c>] do_syscall_64+0x1ad/0x5c0 [ 1516.730311] [<00000000880b3aee>] entry_SYSCALL_64_after_swapgs+0x5d/0xdb [ 1516.730314] Mem-Info: [ 1516.730336] active_anon:190217 inactive_anon:39 isolated_anon:0 [ 1516.730336] active_file:12682 inactive_file:19334 isolated_file:0 [ 1516.730336] unevictable:1 dirty:142 writeback:0 unstable:0 [ 1516.730336] slab_reclaimable:8876 slab_unreclaimable:100857 [ 1516.730336] mapped:59368 shmem:56 pagetables:78060 bounce:0 [ 1516.730336] free:1131713 free_pcp:459 free_cma:0 [ 1516.730355] Node 0 active_anon:760868kB inactive_anon:156kB active_file:50728kB inactive_file:77336kB unevictable:4kB isolated(anon):0kB isolated(file):0kB mapped:237472kB dirty:568kB writeback:0kB shmem:224kB writeback_tmp:0kB unstable:0kB pages_scanned:0 all_unreclaimable? no [ 1516.730375] DMA32 free:3012768kB min:4696kB low:7712kB high:10728kB active_anon:8kB inactive_anon:0kB active_file:4kB inactive_file:0kB unevictable:0kB writepending:0kB present:3145324kB managed:3020092kB mlocked:0kB slab_reclaimable:72kB slab_unreclaimable:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:1232kB local_pcp:588kB free_cma:0kB lowmem_reserve[]: 0 3505 3505 [ 1516.730404] Normal free:1514084kB min:5580kB low:9168kB high:12756kB active_anon:760860kB inactive_anon:156kB active_file:50724kB inactive_file:77336kB unevictable:4kB writepending:568kB present:4718592kB managed:3589316kB mlocked:4kB slab_reclaimable:35432kB slab_unreclaimable:403428kB kernel_stack:99168kB pagetables:312240kB bounce:0kB free_pcp:604kB local_pcp:176kB free_cma:0kB lowmem_reserve[]: 0 0 0 [ 1516.730464] DMA32: 12*4kB (UM) 12*8kB (UME) 7*16kB (UME) 5*32kB (UME) 4*64kB (UM) 6*128kB (UME) 7*256kB (UME) 6*512kB (UME) 4*1024kB (UME) 4*2048kB (UME) 731*4096kB (UM) = 3012768kB Normal: 5*4kB (UE) 4*8kB (ME) 21*16kB (E) 2*32kB (UM) 2*64kB (U) 6*128kB (UME) 3*256kB (ME) 1*512kB (U) 2*1024kB (ME) 1*2048kB (U) 368*4096kB (U) = 1514052kB 32069 total pagecache pages [ 1516.730525] 0 pages in swap cache [ 1516.730530] Swap cache stats: add 0, delete 0, find 0/0 [ 1516.730533] Free swap = 0kB [ 1516.730535] Total swap = 0kB [ 1516.730538] 1965979 pages RAM [ 1516.730540] 0 pages HighMem/MovableOnly [ 1516.730542] 313627 pages reserved [ 1516.796865] syz-executor.1: vmalloc: allocation failure: 0 bytes, mode:0x24000c2(GFP_KERNEL|__GFP_HIGHMEM) [ 1516.796872] CPU: 1 PID: 29775 Comm: syz-executor.1 Not tainted 4.9.194+ #0 [ 1516.796884] ffff88012bcef968 ffffffff81b67001 1ffff1002579df2f ffff880122d1af80 [ 1516.796893] ffffffff82aab4e0 0000000000000001 0000000000400000 ffff88012bcefa90 [ 1516.796902] ffffffff815080fc 0000000041b58ab3 ffffffff82e3bc80 ffffffff81431d00 [ 1516.796903] Call Trace: 22:11:07 executing program 5: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x448, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x13102000ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket(0x5, 0xa, 0x8) poll(0x0, 0x0, 0x8000000000000200) socketpair(0x10, 0x0, 0xfe, &(0x7f0000000180)) fcntl$setown(0xffffffffffffffff, 0x8, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$TIOCLINUX4(0xffffffffffffffff, 0x541c, &(0x7f0000000040)) dup2(r0, 0xffffffffffffffff) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r2, &(0x7f0000000300)=ANY=[@ANYBLOB="2422cdb3dbc96a0d7dab17ee1da68e97a75c2d1a34e7ee02004c4ac61b6783adf4b78165e6c18fe6e6e9de0eb40ab9b6372acb8457a07f40768a79fdc462e6b4a93479179acce26e9a881ad88e9bda56bc45b955bd137eb6a10faae485df2055d290b5f5949c6c1ef54dacde51e41b3b831d091296afdcea0a3f90167c64236701a6a66a7585617a81295c82c330caf32cb6b5240766739a217b22cf41bbab5aeb327feb5109ed16a6ddd2009b475825c0dd02dbec6e612072ce7fd70ed9305446a8b45b7a9ff355b3cff9707fe8ba6b03c1d1269b59308a"], 0x1) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x21) wait4(0x0, 0x0, 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x10000, 0x0, 0x15}) syz_open_pts(r0, 0x0) stat(&(0x7f0000000140)='./file0\x00', 0x0) getxattr(&(0x7f0000000240)='./file0\x00', &(0x7f0000000280)=@known='com.apple.system.Security\x00', &(0x7f00000002c0)=""/41, 0x29) accept$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @initdev}, &(0x7f00000001c0)=0x10) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) bind$inet(0xffffffffffffffff, &(0x7f0000000080)={0x2, 0x4e22, @empty}, 0x10) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0xf, &(0x7f00009abffc)=0x5, 0x4) r3 = socket(0xa, 0x2, 0x0) getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xa) openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000540)='/dev/vga_arbiter\x00', 0x511441, 0x0) 22:11:07 executing program 1: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x13102000ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket(0x0, 0x0, 0x0) poll(0x0, 0x0, 0x8000000000000200) socketpair(0x10, 0x0, 0xfe, &(0x7f0000000180)) r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$TIOCLINUX4(r1, 0x541c, &(0x7f0000000040)) dup2(0xffffffffffffffff, 0xffffffffffffffff) r2 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = openat$selinux_load(0xffffffffffffff9c, 0x0, 0x2, 0x0) write$selinux_load(r3, &(0x7f0000000300)=ANY=[], 0x0) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x21) wait4(0x0, 0x0, 0x0, 0x0) syz_open_pts(r0, 0x0) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0xf, &(0x7f00009abffc)=0x5, 0x4) 22:11:07 executing program 3: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket(0x0, 0x0, 0x8) poll(0x0, 0x0, 0x0) creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$TIOCLINUX4(0xffffffffffffffff, 0x541c, &(0x7f0000000040)) r0 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r1, &(0x7f0000000300)=ANY=[@ANYBLOB], 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x21) wait4(0x0, 0x0, 0x0, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x15}) syz_open_pts(0xffffffffffffffff, 0x0) 22:11:07 executing program 4: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x448, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x13102000ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket(0x0, 0xa, 0x8) poll(0x0, 0x0, 0x8000000000000200) socketpair(0x10, 0x0, 0xfe, &(0x7f0000000180)) fcntl$setown(0xffffffffffffffff, 0x8, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$TIOCLINUX4(r1, 0x541c, &(0x7f0000000040)) dup2(r0, 0xffffffffffffffff) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r3, &(0x7f0000000300)=ANY=[@ANYBLOB="2422cdb3dbc96a0d7dab17ee1da68e97a75c2d1a34e7ee02004c4ac61b6783adf4b78165e6c18fe6e6e9de0eb40ab9b6372acb8457a07f40768a79fdc462e6b4a93479179acce26e9a881ad88e9bda56bc45b955bd137eb6a10faae485df2055d290b5f5949c6c1ef54dacde51e41b3b831d091296afdcea0a3f90167c64236701a6a66a7585617a81295c82c330caf32cb6b5240766739a217b22cf41bbab5aeb327feb5109ed16a6ddd2009b475825c0dd02dbec6e612072ce7fd70ed9305446a8b45b7a9ff355b3cff9707fe8ba6b03c1d1269b59308a"], 0x1) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x21) wait4(0x0, 0x0, 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x10000, 0x0, 0x15}) syz_open_pts(r0, 0x0) getxattr(&(0x7f0000000240)='./file0\x00', &(0x7f0000000280)=@known='com.apple.system.Security\x00', &(0x7f00000002c0)=""/41, 0x29) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0xf, &(0x7f00009abffc)=0x5, 0x4) openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000540)='/dev/vga_arbiter\x00', 0x511441, 0x0) [ 1516.796916] [<0000000011681f42>] dump_stack+0xc1/0x120 [ 1516.796926] [<000000007c2097d2>] warn_alloc.cold+0x76/0x93 [ 1516.796934] [<00000000de19d6ac>] ? zone_watermark_ok_safe+0x260/0x260 [ 1516.796940] [<00000000298d54b5>] ? avc_has_perm+0x164/0x3a0 [ 1516.796949] [<000000005cb91349>] __vmalloc_node_range+0x368/0x610 22:11:07 executing program 3: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket(0x0, 0x0, 0x8) poll(0x0, 0x0, 0x0) creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$TIOCLINUX4(0xffffffffffffffff, 0x541c, &(0x7f0000000040)) r0 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r1, &(0x7f0000000300)=ANY=[@ANYBLOB], 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x21) wait4(0x0, 0x0, 0x0, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x15}) syz_open_pts(0xffffffffffffffff, 0x0) [ 1516.796957] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 22:11:07 executing program 1: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x13102000ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket(0x0, 0x0, 0x0) poll(0x0, 0x0, 0x8000000000000200) socketpair(0x10, 0x0, 0xfe, &(0x7f0000000180)) r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$TIOCLINUX4(r1, 0x541c, &(0x7f0000000040)) dup2(0xffffffffffffffff, 0xffffffffffffffff) r2 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = openat$selinux_load(0xffffffffffffff9c, 0x0, 0x2, 0x0) write$selinux_load(r3, &(0x7f0000000300)=ANY=[], 0x0) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x21) wait4(0x0, 0x0, 0x0, 0x0) syz_open_pts(r0, 0x0) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0xf, &(0x7f00009abffc)=0x5, 0x4) [ 1516.796964] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1516.796971] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1516.796981] [<00000000a2fc1867>] ? task_has_security+0x130/0x270 [ 1516.796986] [<00000000a2870fb6>] vmalloc+0x5c/0x70 [ 1516.796992] [<000000009122b07a>] ? sel_write_load+0x119/0xf60 [ 1516.796998] [<000000009122b07a>] sel_write_load+0x119/0xf60 [ 1516.797004] [<0000000014953e9a>] ? sel_read_bool+0x240/0x240 [ 1516.797012] [<0000000033795d1e>] ? trace_hardirqs_on+0x10/0x10 [ 1516.797020] [<000000008431afd9>] __vfs_write+0x116/0x560 22:11:07 executing program 5: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x448, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x13102000ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket(0x5, 0xa, 0x8) poll(0x0, 0x0, 0x8000000000000200) socketpair(0x10, 0x0, 0xfe, &(0x7f0000000180)) fcntl$setown(0xffffffffffffffff, 0x8, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$TIOCLINUX4(0xffffffffffffffff, 0x541c, &(0x7f0000000040)) dup2(r0, 0xffffffffffffffff) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r2, &(0x7f0000000300)=ANY=[@ANYBLOB="2422cdb3dbc96a0d7dab17ee1da68e97a75c2d1a34e7ee02004c4ac61b6783adf4b78165e6c18fe6e6e9de0eb40ab9b6372acb8457a07f40768a79fdc462e6b4a93479179acce26e9a881ad88e9bda56bc45b955bd137eb6a10faae485df2055d290b5f5949c6c1ef54dacde51e41b3b831d091296afdcea0a3f90167c64236701a6a66a7585617a81295c82c330caf32cb6b5240766739a217b22cf41bbab5aeb327feb5109ed16a6ddd2009b475825c0dd02dbec6e612072ce7fd70ed9305446a8b45b7a9ff355b3cff9707fe8ba6b03c1d1269b59308a"], 0x1) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x21) wait4(0x0, 0x0, 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x10000, 0x0, 0x15}) syz_open_pts(r0, 0x0) stat(&(0x7f0000000140)='./file0\x00', 0x0) getxattr(&(0x7f0000000240)='./file0\x00', &(0x7f0000000280)=@known='com.apple.system.Security\x00', &(0x7f00000002c0)=""/41, 0x29) accept$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @initdev}, &(0x7f00000001c0)=0x10) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) bind$inet(0xffffffffffffffff, &(0x7f0000000080)={0x2, 0x4e22, @empty}, 0x10) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0xf, &(0x7f00009abffc)=0x5, 0x4) r3 = socket(0xa, 0x2, 0x0) getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xa) openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000540)='/dev/vga_arbiter\x00', 0x511441, 0x0) [ 1516.797026] [<0000000014953e9a>] ? sel_read_bool+0x240/0x240 [ 1516.797031] [<00000000b67253ca>] ? __vfs_read+0x550/0x550 [ 1516.797039] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1516.797046] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1516.797061] [<00000000ad48bf15>] ? rcu_read_lock_sched_held+0x10b/0x130 [ 1516.797068] [<00000000a3300644>] ? rcu_sync_lockdep_assert+0x73/0xb0 [ 1516.797075] [<000000003542cfd2>] ? __sb_start_write+0x161/0x310 [ 1516.797082] [<000000006a657c39>] vfs_write+0x185/0x520 [ 1516.797088] [<00000000896b6640>] SyS_write+0x121/0x270 [ 1516.797094] [<0000000039622e10>] ? SyS_read+0x270/0x270 [ 1516.797101] [<00000000207ed57a>] ? do_syscall_64+0x4a/0x5c0 [ 1516.797107] [<0000000039622e10>] ? SyS_read+0x270/0x270 [ 1516.797113] [<000000009049c43c>] do_syscall_64+0x1ad/0x5c0 [ 1516.797122] [<00000000880b3aee>] entry_SYSCALL_64_after_swapgs+0x5d/0xdb [ 1516.797125] Mem-Info: [ 1516.797141] active_anon:190267 inactive_anon:39 isolated_anon:0 [ 1516.797141] active_file:12682 inactive_file:19334 isolated_file:0 [ 1516.797141] unevictable:1 dirty:142 writeback:0 unstable:0 [ 1516.797141] slab_reclaimable:8876 slab_unreclaimable:100794 [ 1516.797141] mapped:59368 shmem:56 pagetables:78060 bounce:0 [ 1516.797141] free:1131714 free_pcp:471 free_cma:0 [ 1516.797153] Node 0 active_anon:761068kB inactive_anon:156kB active_file:50728kB inactive_file:77336kB unevictable:4kB isolated(anon):0kB isolated(file):0kB mapped:237472kB dirty:568kB writeback:0kB shmem:224kB writeback_tmp:0kB unstable:0kB pages_scanned:0 all_unreclaimable? no 22:11:08 executing program 2: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x448, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x13102000ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket(0x0, 0xa, 0x8) poll(0x0, 0x0, 0x8000000000000200) socketpair(0x10, 0x0, 0xfe, &(0x7f0000000180)) fcntl$setown(0xffffffffffffffff, 0x8, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$TIOCLINUX4(r1, 0x541c, &(0x7f0000000040)) dup2(r0, 0xffffffffffffffff) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r3, &(0x7f0000000300)=ANY=[@ANYBLOB="2422cdb3dbc96a0d7dab17ee1da68e97a75c2d1a34e7ee02004c4ac61b6783adf4b78165e6c18fe6e6e9de0eb40ab9b6372acb8457a07f40768a79fdc462e6b4a93479179acce26e9a881ad88e9bda56bc45b955bd137eb6a10faae485df2055d290b5f5949c6c1ef54dacde51e41b3b831d091296afdcea0a3f90167c64236701a6a66a7585617a81295c82c330caf32cb6b5240766739a217b22cf41bbab5aeb327feb5109ed16a6ddd2009b475825c0dd02dbec6e612072ce7fd70ed9305446a8b45b7a9ff355b3cff9707fe8ba6b03c1d1269b59308a"], 0x1) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x21) wait4(0x0, 0x0, 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x10000, 0x0, 0x15}) syz_open_pts(r0, 0x0) getxattr(&(0x7f0000000240)='./file0\x00', &(0x7f0000000280)=@known='com.apple.system.Security\x00', &(0x7f00000002c0)=""/41, 0x29) accept$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @initdev}, &(0x7f00000001c0)=0x10) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0xf, &(0x7f00009abffc)=0x5, 0x4) openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000540)='/dev/vga_arbiter\x00', 0x511441, 0x0) 22:11:08 executing program 1: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x13102000ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket(0x0, 0x0, 0x0) poll(0x0, 0x0, 0x8000000000000200) socketpair(0x10, 0x0, 0xfe, &(0x7f0000000180)) r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$TIOCLINUX4(r1, 0x541c, &(0x7f0000000040)) dup2(0xffffffffffffffff, 0xffffffffffffffff) r2 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = openat$selinux_load(0xffffffffffffff9c, 0x0, 0x2, 0x0) write$selinux_load(r3, &(0x7f0000000300)=ANY=[], 0x0) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x21) wait4(0x0, 0x0, 0x0, 0x0) syz_open_pts(r0, 0x0) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0xf, &(0x7f00009abffc)=0x5, 0x4) 22:11:08 executing program 0: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) socket(0x0, 0x0, 0x8) poll(0x0, 0x0, 0x8000000000000200) socketpair(0x10, 0x0, 0x0, 0x0) creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$TIOCLINUX4(0xffffffffffffffff, 0x541c, 0x0) r0 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r1, &(0x7f0000000300)=ANY=[], 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x21) wait4(0x0, 0x0, 0x0, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x10000, 0x0, 0x15}) syz_open_pts(0xffffffffffffffff, 0x0) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000540)='/dev/vga_arbiter\x00', 0x511441, 0x0) 22:11:08 executing program 4: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x448, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x13102000ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket(0x0, 0xa, 0x8) poll(0x0, 0x0, 0x8000000000000200) socketpair(0x10, 0x0, 0xfe, &(0x7f0000000180)) fcntl$setown(0xffffffffffffffff, 0x8, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$TIOCLINUX4(r1, 0x541c, &(0x7f0000000040)) dup2(r0, 0xffffffffffffffff) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r3, &(0x7f0000000300)=ANY=[@ANYBLOB="2422cdb3dbc96a0d7dab17ee1da68e97a75c2d1a34e7ee02004c4ac61b6783adf4b78165e6c18fe6e6e9de0eb40ab9b6372acb8457a07f40768a79fdc462e6b4a93479179acce26e9a881ad88e9bda56bc45b955bd137eb6a10faae485df2055d290b5f5949c6c1ef54dacde51e41b3b831d091296afdcea0a3f90167c64236701a6a66a7585617a81295c82c330caf32cb6b5240766739a217b22cf41bbab5aeb327feb5109ed16a6ddd2009b475825c0dd02dbec6e612072ce7fd70ed9305446a8b45b7a9ff355b3cff9707fe8ba6b03c1d1269b59308a"], 0x1) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x21) wait4(0x0, 0x0, 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x10000, 0x0, 0x15}) syz_open_pts(r0, 0x0) getxattr(&(0x7f0000000240)='./file0\x00', &(0x7f0000000280)=@known='com.apple.system.Security\x00', &(0x7f00000002c0)=""/41, 0x29) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0xf, &(0x7f00009abffc)=0x5, 0x4) openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000540)='/dev/vga_arbiter\x00', 0x511441, 0x0) [ 1516.797169] DMA32 free:3012768kB min:4696kB low:7712kB high:10728kB active_anon:8kB inactive_anon:0kB active_file:4kB inactive_file:0kB unevictable:0kB writepending:0kB present:3145324kB managed:3020092kB mlocked:0kB slab_reclaimable:72kB slab_unreclaimable:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:1232kB local_pcp:644kB free_cma:0kB lowmem_reserve[]: 0 3505 3505 [ 1516.797193] Normal free:1514088kB min:5580kB low:9168kB high:12756kB active_anon:761060kB inactive_anon:156kB active_file:50724kB inactive_file:77336kB unevictable:4kB writepending:568kB present:4718592kB managed:3589316kB mlocked:4kB slab_reclaimable:35432kB slab_unreclaimable:403176kB kernel_stack:99232kB pagetables:312240kB bounce:0kB free_pcp:652kB local_pcp:248kB free_cma:0kB lowmem_reserve[]: 0 0 0 [ 1516.797244] DMA32: 12*4kB (UM) 12*8kB (UME) 7*16kB (UME) 5*32kB (UME) 4*64kB (UM) 6*128kB (UME) 7*256kB (UME) 6*512kB (UME) 4*1024kB (UME) 4*2048kB (UME) 731*4096kB (UM) = 3012768kB 22:11:08 executing program 1: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x13102000ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket(0x0, 0x0, 0x0) poll(0x0, 0x0, 0x8000000000000200) socketpair(0x10, 0x0, 0xfe, &(0x7f0000000180)) r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$TIOCLINUX4(r1, 0x541c, &(0x7f0000000040)) dup2(0xffffffffffffffff, 0xffffffffffffffff) r2 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(0xffffffffffffffff, &(0x7f0000000300)=ANY=[], 0x0) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x21) wait4(0x0, 0x0, 0x0, 0x0) syz_open_pts(r0, 0x0) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0xf, &(0x7f00009abffc)=0x5, 0x4) Normal: 6*4kB (UME) 4*8kB (ME) 21*16kB (E) 6*32kB (UM) 2*64kB (U) 5*128kB (UE) 3*256kB (ME) 1*512kB (U) 2*1024kB (ME) 1*2048kB (U) 368*4096kB (U) = 1514056kB 32069 total pagecache pages [ 1516.797291] 0 pages in swap cache [ 1516.797295] Swap cache stats: add 0, delete 0, find 0/0 [ 1516.797297] Free swap = 0kB [ 1516.797298] Total swap = 0kB [ 1516.797301] 1965979 pages RAM [ 1516.797303] 0 pages HighMem/MovableOnly [ 1516.797305] 313627 pages reserved [ 1516.869230] syz-executor.3: vmalloc: allocation failure: 0 bytes, mode:0x24000c2(GFP_KERNEL|__GFP_HIGHMEM) [ 1516.869247] CPU: 1 PID: 29780 Comm: syz-executor.3 Not tainted 4.9.194+ #0 [ 1516.869261] ffff88012bd07968 ffffffff81b67001 1ffff100257a0f2f ffff88013aa45f00 [ 1516.869271] ffffffff82aab4e0 0000000000000001 0000000000400000 ffff88012bd07a90 [ 1516.869282] ffffffff815080fc 0000000041b58ab3 ffffffff82e3bc80 ffffffff81431d00 [ 1516.869284] Call Trace: 22:11:08 executing program 4: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x448, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x13102000ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket(0x0, 0xa, 0x8) poll(0x0, 0x0, 0x8000000000000200) socketpair(0x10, 0x0, 0xfe, &(0x7f0000000180)) fcntl$setown(0xffffffffffffffff, 0x8, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$TIOCLINUX4(r1, 0x541c, &(0x7f0000000040)) dup2(r0, 0xffffffffffffffff) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r3, &(0x7f0000000300)=ANY=[@ANYBLOB="2422cdb3dbc96a0d7dab17ee1da68e97a75c2d1a34e7ee02004c4ac61b6783adf4b78165e6c18fe6e6e9de0eb40ab9b6372acb8457a07f40768a79fdc462e6b4a93479179acce26e9a881ad88e9bda56bc45b955bd137eb6a10faae485df2055d290b5f5949c6c1ef54dacde51e41b3b831d091296afdcea0a3f90167c64236701a6a66a7585617a81295c82c330caf32cb6b5240766739a217b22cf41bbab5aeb327feb5109ed16a6ddd2009b475825c0dd02dbec6e612072ce7fd70ed9305446a8b45b7a9ff355b3cff9707fe8ba6b03c1d1269b59308a"], 0x1) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x21) wait4(0x0, 0x0, 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x10000, 0x0, 0x15}) syz_open_pts(r0, 0x0) getxattr(&(0x7f0000000240)='./file0\x00', &(0x7f0000000280)=@known='com.apple.system.Security\x00', &(0x7f00000002c0)=""/41, 0x29) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0xf, &(0x7f00009abffc)=0x5, 0x4) openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000540)='/dev/vga_arbiter\x00', 0x511441, 0x0) [ 1516.869296] [<0000000011681f42>] dump_stack+0xc1/0x120 [ 1516.869308] [<000000007c2097d2>] warn_alloc.cold+0x76/0x93 [ 1516.869318] [<00000000de19d6ac>] ? zone_watermark_ok_safe+0x260/0x260 [ 1516.869327] [<00000000298d54b5>] ? avc_has_perm+0x164/0x3a0 [ 1516.869337] [<000000005cb91349>] __vmalloc_node_range+0x368/0x610 22:11:08 executing program 1: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x13102000ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket(0x0, 0x0, 0x0) poll(0x0, 0x0, 0x8000000000000200) socketpair(0x10, 0x0, 0xfe, &(0x7f0000000180)) r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$TIOCLINUX4(r1, 0x541c, &(0x7f0000000040)) dup2(0xffffffffffffffff, 0xffffffffffffffff) r2 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(0xffffffffffffffff, &(0x7f0000000300)=ANY=[], 0x0) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x21) wait4(0x0, 0x0, 0x0, 0x0) syz_open_pts(r0, 0x0) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0xf, &(0x7f00009abffc)=0x5, 0x4) [ 1516.869347] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1516.869357] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1516.869367] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1516.869376] [<00000000a2fc1867>] ? task_has_security+0x130/0x270 [ 1516.869383] [<00000000a2870fb6>] vmalloc+0x5c/0x70 [ 1516.869390] [<000000009122b07a>] ? sel_write_load+0x119/0xf60 [ 1516.869396] [<000000009122b07a>] sel_write_load+0x119/0xf60 [ 1516.869403] [<0000000014953e9a>] ? sel_read_bool+0x240/0x240 [ 1516.869412] [<0000000033795d1e>] ? trace_hardirqs_on+0x10/0x10 [ 1516.869419] [<000000008431afd9>] __vfs_write+0x116/0x560 [ 1516.869426] [<0000000014953e9a>] ? sel_read_bool+0x240/0x240 [ 1516.869433] [<00000000b67253ca>] ? __vfs_read+0x550/0x550 [ 1516.869442] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1516.869450] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1516.869459] [<00000000ad48bf15>] ? rcu_read_lock_sched_held+0x10b/0x130 [ 1516.869466] [<00000000a3300644>] ? rcu_sync_lockdep_assert+0x73/0xb0 [ 1516.869474] [<000000003542cfd2>] ? __sb_start_write+0x161/0x310 [ 1516.869481] [<000000006a657c39>] vfs_write+0x185/0x520 [ 1516.869488] [<00000000896b6640>] SyS_write+0x121/0x270 [ 1516.869495] [<0000000039622e10>] ? SyS_read+0x270/0x270 [ 1516.869503] [<00000000207ed57a>] ? do_syscall_64+0x4a/0x5c0 [ 1516.869510] [<0000000039622e10>] ? SyS_read+0x270/0x270 22:11:09 executing program 2: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x448, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x13102000ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket(0x0, 0xa, 0x8) poll(0x0, 0x0, 0x8000000000000200) socketpair(0x10, 0x0, 0xfe, &(0x7f0000000180)) fcntl$setown(0xffffffffffffffff, 0x8, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$TIOCLINUX4(r1, 0x541c, &(0x7f0000000040)) dup2(r0, 0xffffffffffffffff) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r3, &(0x7f0000000300)=ANY=[@ANYBLOB="2422cdb3dbc96a0d7dab17ee1da68e97a75c2d1a34e7ee02004c4ac61b6783adf4b78165e6c18fe6e6e9de0eb40ab9b6372acb8457a07f40768a79fdc462e6b4a93479179acce26e9a881ad88e9bda56bc45b955bd137eb6a10faae485df2055d290b5f5949c6c1ef54dacde51e41b3b831d091296afdcea0a3f90167c64236701a6a66a7585617a81295c82c330caf32cb6b5240766739a217b22cf41bbab5aeb327feb5109ed16a6ddd2009b475825c0dd02dbec6e612072ce7fd70ed9305446a8b45b7a9ff355b3cff9707fe8ba6b03c1d1269b59308a"], 0x1) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x21) wait4(0x0, 0x0, 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x10000, 0x0, 0x15}) syz_open_pts(r0, 0x0) getxattr(&(0x7f0000000240)='./file0\x00', &(0x7f0000000280)=@known='com.apple.system.Security\x00', &(0x7f00000002c0)=""/41, 0x29) accept$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @initdev}, &(0x7f00000001c0)=0x10) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0xf, &(0x7f00009abffc)=0x5, 0x4) openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000540)='/dev/vga_arbiter\x00', 0x511441, 0x0) [ 1516.869516] [<000000009049c43c>] do_syscall_64+0x1ad/0x5c0 [ 1516.869526] [<00000000880b3aee>] entry_SYSCALL_64_after_swapgs+0x5d/0xdb 22:11:09 executing program 1: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x13102000ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket(0x0, 0x0, 0x0) poll(0x0, 0x0, 0x8000000000000200) socketpair(0x10, 0x0, 0xfe, &(0x7f0000000180)) r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$TIOCLINUX4(r1, 0x541c, &(0x7f0000000040)) dup2(0xffffffffffffffff, 0xffffffffffffffff) r2 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(0xffffffffffffffff, &(0x7f0000000300)=ANY=[], 0x0) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x21) wait4(0x0, 0x0, 0x0, 0x0) syz_open_pts(r0, 0x0) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0xf, &(0x7f00009abffc)=0x5, 0x4) [ 1516.869549] Mem-Info: [ 1516.869572] active_anon:190267 inactive_anon:39 isolated_anon:0 [ 1516.869572] active_file:12682 inactive_file:19334 isolated_file:0 [ 1516.869572] unevictable:1 dirty:142 writeback:0 unstable:0 [ 1516.869572] slab_reclaimable:8876 slab_unreclaimable:100901 [ 1516.869572] mapped:59368 shmem:56 pagetables:78060 bounce:0 [ 1516.869572] free:1131619 free_pcp:484 free_cma:0 [ 1516.869589] Node 0 active_anon:761068kB inactive_anon:156kB active_file:50728kB inactive_file:77336kB unevictable:4kB isolated(anon):0kB isolated(file):0kB mapped:237472kB dirty:568kB writeback:0kB shmem:224kB writeback_tmp:0kB unstable:0kB pages_scanned:0 all_unreclaimable? no [ 1516.869612] DMA32 free:3012768kB min:4696kB low:7712kB high:10728kB active_anon:8kB inactive_anon:0kB active_file:4kB inactive_file:0kB unevictable:0kB writepending:0kB present:3145324kB managed:3020092kB mlocked:0kB slab_reclaimable:72kB slab_unreclaimable:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:1232kB local_pcp:644kB free_cma:0kB lowmem_reserve[]: 0 3505 3505 [ 1516.869639] Normal free:1513708kB min:5580kB low:9168kB high:12756kB active_anon:761060kB inactive_anon:156kB active_file:50724kB inactive_file:77336kB unevictable:4kB writepending:568kB present:4718592kB managed:3589316kB mlocked:4kB slab_reclaimable:35432kB slab_unreclaimable:403604kB kernel_stack:99168kB pagetables:312240kB bounce:0kB free_pcp:704kB local_pcp:436kB free_cma:0kB lowmem_reserve[]: 0 0 0 [ 1516.869707] DMA32: 12*4kB (UM) 12*8kB (UME) 7*16kB (UME) 5*32kB (UME) 4*64kB (UM) 6*128kB (UME) 7*256kB (UME) 6*512kB (UME) 4*1024kB (UME) 4*2048kB (UME) 731*4096kB (UM) = 3012768kB Normal: 5*4kB (ME) 5*8kB (UME) 21*16kB (E) 1*32kB (M) 1*64kB (U) 3*128kB (E) 3*256kB (ME) 1*512kB (U) 2*1024kB (ME) 1*2048kB (U) 368*4096kB (U) = 1513580kB 32069 total pagecache pages [ 1516.869761] 0 pages in swap cache [ 1516.869765] Swap cache stats: add 0, delete 0, find 0/0 [ 1516.869767] Free swap = 0kB [ 1516.869770] Total swap = 0kB [ 1516.869772] 1965979 pages RAM [ 1516.869774] 0 pages HighMem/MovableOnly [ 1516.869776] 313627 pages reserved [ 1517.028962] syz-executor.1: vmalloc: allocation failure: 0 bytes, mode:0x24000c2(GFP_KERNEL|__GFP_HIGHMEM) [ 1517.028984] CPU: 0 PID: 29789 Comm: syz-executor.1 Not tainted 4.9.194+ #0 [ 1517.028998] ffff88013b96f968 ffffffff81b67001 1ffff1002772df2f ffff88012eb517c0 [ 1517.029008] ffffffff82aab4e0 0000000000000001 0000000000400000 ffff88013b96fa90 [ 1517.029020] ffffffff815080fc 0000000041b58ab3 ffffffff82e3bc80 ffffffff81431d00 [ 1517.029022] Call Trace: [ 1517.029038] [<0000000011681f42>] dump_stack+0xc1/0x120 [ 1517.029049] [<000000007c2097d2>] warn_alloc.cold+0x76/0x93 [ 1517.029059] [<00000000de19d6ac>] ? zone_watermark_ok_safe+0x260/0x260 [ 1517.029068] [<00000000298d54b5>] ? avc_has_perm+0x164/0x3a0 [ 1517.029079] [<000000005cb91349>] __vmalloc_node_range+0x368/0x610 [ 1517.029090] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1517.029100] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1517.029111] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1517.029121] [<00000000a2fc1867>] ? task_has_security+0x130/0x270 [ 1517.029127] [<00000000a2870fb6>] vmalloc+0x5c/0x70 [ 1517.029134] [<000000009122b07a>] ? sel_write_load+0x119/0xf60 [ 1517.029141] [<000000009122b07a>] sel_write_load+0x119/0xf60 [ 1517.029148] [<0000000014953e9a>] ? sel_read_bool+0x240/0x240 [ 1517.029157] [<00000000c0218928>] ? trace_hardirqs_on_caller+0x385/0x5a0 [ 1517.029165] [<0000000033795d1e>] ? trace_hardirqs_on+0x10/0x10 [ 1517.029172] [<000000008431afd9>] __vfs_write+0x116/0x560 [ 1517.029180] [<0000000014953e9a>] ? sel_read_bool+0x240/0x240 [ 1517.029186] [<00000000b67253ca>] ? __vfs_read+0x550/0x550 [ 1517.029195] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1517.029204] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1517.029212] [<00000000ad48bf15>] ? rcu_read_lock_sched_held+0x10b/0x130 [ 1517.029220] [<00000000a3300644>] ? rcu_sync_lockdep_assert+0x73/0xb0 [ 1517.029227] [<000000003542cfd2>] ? __sb_start_write+0x161/0x310 [ 1517.029234] [<000000006a657c39>] vfs_write+0x185/0x520 [ 1517.029242] [<00000000896b6640>] SyS_write+0x121/0x270 [ 1517.029249] [<0000000039622e10>] ? SyS_read+0x270/0x270 [ 1517.029257] [<00000000207ed57a>] ? do_syscall_64+0x4a/0x5c0 [ 1517.029264] [<0000000039622e10>] ? SyS_read+0x270/0x270 [ 1517.029270] [<000000009049c43c>] do_syscall_64+0x1ad/0x5c0 [ 1517.029279] [<00000000880b3aee>] entry_SYSCALL_64_after_swapgs+0x5d/0xdb [ 1517.029368] Mem-Info: [ 1517.029430] active_anon:190292 inactive_anon:39 isolated_anon:0 [ 1517.029430] active_file:12682 inactive_file:19334 isolated_file:0 [ 1517.029430] unevictable:1 dirty:142 writeback:0 unstable:0 [ 1517.029430] slab_reclaimable:8876 slab_unreclaimable:100877 [ 1517.029430] mapped:59393 shmem:56 pagetables:78134 bounce:0 [ 1517.029430] free:1131604 free_pcp:424 free_cma:0 [ 1517.029477] Node 0 active_anon:761168kB inactive_anon:156kB active_file:50728kB inactive_file:77336kB unevictable:4kB isolated(anon):0kB isolated(file):0kB mapped:237572kB dirty:568kB writeback:0kB shmem:224kB writeback_tmp:0kB unstable:0kB pages_scanned:0 all_unreclaimable? no [ 1517.029511] DMA32 free:3012768kB min:4696kB low:7712kB high:10728kB active_anon:8kB inactive_anon:0kB active_file:4kB inactive_file:0kB unevictable:0kB writepending:0kB present:3145324kB managed:3020092kB mlocked:0kB slab_reclaimable:72kB slab_unreclaimable:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:1232kB local_pcp:588kB free_cma:0kB lowmem_reserve[]: 0 3505 3505 [ 1517.029661] Normal free:1513648kB min:5580kB low:9168kB high:12756kB active_anon:761160kB inactive_anon:156kB active_file:50724kB inactive_file:77336kB unevictable:4kB writepending:568kB present:4718592kB managed:3589316kB mlocked:4kB slab_reclaimable:35432kB slab_unreclaimable:403508kB kernel_stack:99296kB pagetables:312536kB bounce:0kB free_pcp:464kB local_pcp:268kB free_cma:0kB lowmem_reserve[]: 0 0 0 [ 1517.029978] DMA32: 12*4kB (UM) 12*8kB (UME) 7*16kB (UME) 5*32kB (UME) 4*64kB (UM) 6*128kB (UME) 7*256kB (UME) 6*512kB (UME) 4*1024kB (UME) 4*2048kB (UME) 731*4096kB (UM) = 3012768kB Normal: 6*4kB (UME) 5*8kB (UME) 21*16kB (E) 3*32kB (UM) 1*64kB (U) 4*128kB (UE) 4*256kB (UME) 0*512kB 2*1024kB (ME) 1*2048kB (U) 368*4096kB (U) = 1513520kB 32069 total pagecache pages [ 1517.030344] 0 pages in swap cache [ 1517.030358] Swap cache stats: add 0, delete 0, find 0/0 [ 1517.030364] Free swap = 0kB [ 1517.030376] Total swap = 0kB [ 1517.030383] 1965979 pages RAM [ 1517.030488] 0 pages HighMem/MovableOnly [ 1517.030501] 313627 pages reserved [ 1517.121657] syz-executor.3: vmalloc: allocation failure: 0 bytes, mode:0x24000c2(GFP_KERNEL|__GFP_HIGHMEM) [ 1517.121666] CPU: 1 PID: 29801 Comm: syz-executor.3 Not tainted 4.9.194+ #0 [ 1517.121680] ffff880137bb7968 ffffffff81b67001 1ffff10026f76f2f ffff880137cd5f00 [ 1517.121692] ffffffff82aab4e0 0000000000000001 0000000000400000 ffff880137bb7a90 [ 1517.121704] ffffffff815080fc 0000000041b58ab3 ffffffff82e3bc80 ffffffff81431d00 [ 1517.121706] Call Trace: [ 1517.121720] [<0000000011681f42>] dump_stack+0xc1/0x120 [ 1517.121732] [<000000007c2097d2>] warn_alloc.cold+0x76/0x93 [ 1517.121741] [<00000000de19d6ac>] ? zone_watermark_ok_safe+0x260/0x260 [ 1517.121749] [<00000000298d54b5>] ? avc_has_perm+0x164/0x3a0 [ 1517.121760] [<000000005cb91349>] __vmalloc_node_range+0x368/0x610 [ 1517.121771] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1517.121781] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1517.121790] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1517.121799] [<00000000a2fc1867>] ? task_has_security+0x130/0x270 [ 1517.121807] [<00000000a2870fb6>] vmalloc+0x5c/0x70 [ 1517.121814] [<000000009122b07a>] ? sel_write_load+0x119/0xf60 [ 1517.121821] [<000000009122b07a>] sel_write_load+0x119/0xf60 [ 1517.121829] [<0000000014953e9a>] ? sel_read_bool+0x240/0x240 [ 1517.121838] [<0000000033795d1e>] ? trace_hardirqs_on+0x10/0x10 [ 1517.121846] [<000000008431afd9>] __vfs_write+0x116/0x560 [ 1517.121853] [<0000000014953e9a>] ? sel_read_bool+0x240/0x240 [ 1517.121860] [<00000000b67253ca>] ? __vfs_read+0x550/0x550 [ 1517.121870] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1517.121879] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1517.121888] [<00000000ad48bf15>] ? rcu_read_lock_sched_held+0x10b/0x130 [ 1517.121896] [<00000000a3300644>] ? rcu_sync_lockdep_assert+0x73/0xb0 [ 1517.121905] [<000000003542cfd2>] ? __sb_start_write+0x161/0x310 [ 1517.121912] [<000000006a657c39>] vfs_write+0x185/0x520 [ 1517.121920] [<00000000896b6640>] SyS_write+0x121/0x270 [ 1517.121928] [<0000000039622e10>] ? SyS_read+0x270/0x270 [ 1517.121943] [<00000000207ed57a>] ? do_syscall_64+0x4a/0x5c0 [ 1517.121951] [<0000000039622e10>] ? SyS_read+0x270/0x270 [ 1517.121958] [<000000009049c43c>] do_syscall_64+0x1ad/0x5c0 [ 1517.121971] [<00000000880b3aee>] entry_SYSCALL_64_after_swapgs+0x5d/0xdb [ 1517.122002] Mem-Info: [ 1517.122025] active_anon:190292 inactive_anon:39 isolated_anon:0 [ 1517.122025] active_file:12682 inactive_file:19334 isolated_file:0 [ 1517.122025] unevictable:1 dirty:142 writeback:0 unstable:0 [ 1517.122025] slab_reclaimable:8876 slab_unreclaimable:100851 [ 1517.122025] mapped:59393 shmem:56 pagetables:78097 bounce:0 [ 1517.122025] free:1131621 free_pcp:495 free_cma:0 [ 1517.122050] Node 0 active_anon:761168kB inactive_anon:156kB active_file:50728kB inactive_file:77336kB unevictable:4kB isolated(anon):0kB isolated(file):0kB mapped:237572kB dirty:568kB writeback:0kB shmem:224kB writeback_tmp:0kB unstable:0kB pages_scanned:0 all_unreclaimable? no [ 1517.122073] DMA32 free:3012768kB min:4696kB low:7712kB high:10728kB active_anon:8kB inactive_anon:0kB active_file:4kB inactive_file:0kB unevictable:0kB writepending:0kB present:3145324kB managed:3020092kB mlocked:0kB slab_reclaimable:72kB slab_unreclaimable:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:1232kB local_pcp:644kB free_cma:0kB lowmem_reserve[]: 0 3505 3505 [ 1517.122107] Normal free:1513716kB min:5580kB low:9168kB high:12756kB active_anon:761160kB inactive_anon:156kB active_file:50724kB inactive_file:77336kB unevictable:4kB writepending:568kB present:4718592kB managed:3589316kB mlocked:4kB slab_reclaimable:35432kB slab_unreclaimable:403404kB kernel_stack:99168kB pagetables:312388kB bounce:0kB free_pcp:748kB local_pcp:448kB free_cma:0kB lowmem_reserve[]: 0 0 0 [ 1517.122176] DMA32: 12*4kB (UM) 12*8kB (UME) 7*16kB (UME) 5*32kB (UME) 4*64kB (UM) 6*128kB (UME) 7*256kB (UME) 6*512kB (UME) 4*1024kB (UME) 4*2048kB (UME) 731*4096kB (UM) = 3012768kB Normal: 5*4kB (UE) 4*8kB (UE) 22*16kB (ME) 16*32kB (UM) 0*64kB 5*128kB (UME) 3*256kB (UE) 0*512kB 2*1024kB (ME) 1*2048kB (U) 368*4096kB (U) = 1513748kB 32069 total pagecache pages [ 1517.122232] 0 pages in swap cache [ 1517.122237] Swap cache stats: add 0, delete 0, find 0/0 [ 1517.122239] Free swap = 0kB [ 1517.122241] Total swap = 0kB [ 1517.122244] 1965979 pages RAM [ 1517.122246] 0 pages HighMem/MovableOnly [ 1517.122248] 313627 pages reserved [ 1518.419471] warn_alloc: 10 callbacks suppressed [ 1518.419487] syz-executor.3: vmalloc: allocation failure: 0 bytes, mode:0x24000c2(GFP_KERNEL|__GFP_HIGHMEM) [ 1518.419496] CPU: 1 PID: 29893 Comm: syz-executor.3 Not tainted 4.9.194+ #0 [ 1518.419510] ffff88012adaf968 ffffffff81b67001 1ffff100255b5f2f ffff8801315697c0 [ 1518.419521] ffffffff82aab4e0 0000000000000001 0000000000400000 ffff88012adafa90 [ 1518.419532] ffffffff815080fc 0000000041b58ab3 ffffffff82e3bc80 ffffffff81431d00 [ 1518.419534] Call Trace: [ 1518.419547] [<0000000011681f42>] dump_stack+0xc1/0x120 [ 1518.419558] [<000000007c2097d2>] warn_alloc.cold+0x76/0x93 [ 1518.419566] [<00000000de19d6ac>] ? zone_watermark_ok_safe+0x260/0x260 [ 1518.419575] [<00000000298d54b5>] ? avc_has_perm+0x164/0x3a0 22:11:10 executing program 3: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket(0x0, 0x0, 0x8) poll(0x0, 0x0, 0x0) creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$TIOCLINUX4(0xffffffffffffffff, 0x541c, &(0x7f0000000040)) r0 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r1, &(0x7f0000000300)=ANY=[@ANYBLOB], 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x21) wait4(0x0, 0x0, 0x0, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x40045431, &(0x7f0000000080)) syz_open_pts(0xffffffffffffffff, 0x0) 22:11:10 executing program 1: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x13102000ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket(0x0, 0x0, 0x0) poll(0x0, 0x0, 0x8000000000000200) socketpair(0x10, 0x0, 0xfe, &(0x7f0000000180)) r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$TIOCLINUX4(r1, 0x541c, &(0x7f0000000040)) dup2(0xffffffffffffffff, 0xffffffffffffffff) r2 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r3, 0x0, 0x0) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x21) wait4(0x0, 0x0, 0x0, 0x0) syz_open_pts(r0, 0x0) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0xf, &(0x7f00009abffc)=0x5, 0x4) [ 1518.419584] [<000000005cb91349>] __vmalloc_node_range+0x368/0x610 [ 1518.419593] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1518.419608] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1518.419618] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1518.419629] [<00000000a2fc1867>] ? task_has_security+0x130/0x270 [ 1518.419636] [<00000000a2870fb6>] vmalloc+0x5c/0x70 [ 1518.419643] [<000000009122b07a>] ? sel_write_load+0x119/0xf60 [ 1518.419650] [<000000009122b07a>] sel_write_load+0x119/0xf60 [ 1518.419658] [<0000000014953e9a>] ? sel_read_bool+0x240/0x240 [ 1518.419666] [<0000000033795d1e>] ? trace_hardirqs_on+0x10/0x10 [ 1518.419674] [<000000008431afd9>] __vfs_write+0x116/0x560 22:11:10 executing program 5: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x448, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x13102000ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket(0x0, 0xa, 0x0) poll(0x0, 0x0, 0x8000000000000200) socketpair(0x0, 0x0, 0xfe, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$TIOCLINUX4(r1, 0x541c, &(0x7f0000000040)) dup2(r0, 0xffffffffffffffff) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r3, &(0x7f0000000300)=ANY=[@ANYBLOB="2422cdb3dbc96a0d7dab17ee1da68e97a75c2d1a34e7ee02004c4ac61b6783adf4b78165e6c18fe6e6e9de0eb40ab9b6372acb8457a07f40768a79fdc462e6b4a93479179acce26e9a881ad88e9bda56bc45b955bd137eb6a10faae485df2055d290b5f5949c6c1ef54dacde"], 0x6c) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x21) wait4(0x0, 0x0, 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x10000, 0x0, 0x15}) syz_open_pts(r0, 0x0) getxattr(&(0x7f0000000240)='./file0\x00', &(0x7f0000000280)=@known='com.apple.system.Security\x00', &(0x7f00000002c0)=""/41, 0x29) accept$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @initdev}, &(0x7f00000001c0)=0x10) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0xf, &(0x7f00009abffc)=0x5, 0x4) r4 = socket(0xa, 0x2, 0x0) getsockopt$sock_cred(r4, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xa) fcntl$getownex(r4, 0x10, &(0x7f0000000500)) openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000540)='/dev/vga_arbiter\x00', 0x511441, 0x0) 22:11:10 executing program 4: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x448, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x13102000ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket(0x0, 0xa, 0x8) poll(0x0, 0x0, 0x8000000000000200) socketpair(0x10, 0x0, 0xfe, &(0x7f0000000180)) r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$TIOCLINUX4(r1, 0x541c, &(0x7f0000000040)) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r3, &(0x7f0000000300)=ANY=[@ANYBLOB="2422cdb3dbc96a0d7dab17ee1da68e97a75c2d1a34e7ee02004c4ac61b6783adf4b78165e6c18fe6e6e9de0eb40ab9b6372acb8457a07f40768a79fdc462e6b4a93479179acce26e9a881ad88e9bda56bc45b955bd137eb6a10faae485df2055d290b5f5949c6c1ef54dacde51e41b3b831d091296afdcea0a3f90167c64236701a6a66a7585617a81295c82c330caf32cb6b5240766739a217b22cf41bbab5aeb327feb5109ed16a6ddd2009b475825c0dd02dbec6e612072ce7fd70ed9305446a8b45b7a9ff355b3cff9707fe8ba6b03c1d1269b59308a"], 0x1) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x21) wait4(0x0, 0x0, 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x10000, 0x0, 0x15}) getxattr(&(0x7f0000000240)='./file0\x00', &(0x7f0000000280)=@known='com.apple.system.Security\x00', &(0x7f00000002c0)=""/41, 0x29) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0xf, &(0x7f00009abffc)=0x5, 0x4) openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000540)='/dev/vga_arbiter\x00', 0x511441, 0x0) 22:11:10 executing program 2: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x448, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x13102000ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket(0x0, 0xa, 0x8) poll(0x0, 0x0, 0x8000000000000200) socketpair(0x10, 0x0, 0xfe, &(0x7f0000000180)) fcntl$setown(0xffffffffffffffff, 0x8, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$TIOCLINUX4(r1, 0x541c, &(0x7f0000000040)) dup2(r0, 0xffffffffffffffff) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r3, &(0x7f0000000300)=ANY=[@ANYBLOB="2422cdb3dbc96a0d7dab17ee1da68e97a75c2d1a34e7ee02004c4ac61b6783adf4b78165e6c18fe6e6e9de0eb40ab9b6372acb8457a07f40768a79fdc462e6b4a93479179acce26e9a881ad88e9bda56bc45b955bd137eb6a10faae485df2055d290b5f5949c6c1ef54dacde51e41b3b831d091296afdcea0a3f90167c64236701a6a66a7585617a81295c82c330caf32cb6b5240766739a217b22cf41bbab5aeb327feb5109ed16a6ddd2009b475825c0dd02dbec6e612072ce7fd70ed9305446a8b45b7a9ff355b3cff9707fe8ba6b03c1d1269b59308a"], 0x1) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x21) wait4(0x0, 0x0, 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x10000, 0x0, 0x15}) syz_open_pts(r0, 0x0) getxattr(&(0x7f0000000240)='./file0\x00', &(0x7f0000000280)=@known='com.apple.system.Security\x00', &(0x7f00000002c0)=""/41, 0x29) accept$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @initdev}, &(0x7f00000001c0)=0x10) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0xf, &(0x7f00009abffc)=0x5, 0x4) openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000540)='/dev/vga_arbiter\x00', 0x511441, 0x0) [ 1518.419682] [<0000000014953e9a>] ? sel_read_bool+0x240/0x240 [ 1518.419690] [<00000000b67253ca>] ? __vfs_read+0x550/0x550 [ 1518.419701] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1518.419712] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1518.419723] [<00000000ad48bf15>] ? rcu_read_lock_sched_held+0x10b/0x130 [ 1518.419731] [<00000000a3300644>] ? rcu_sync_lockdep_assert+0x73/0xb0 [ 1518.419741] [<000000003542cfd2>] ? __sb_start_write+0x161/0x310 [ 1518.419748] [<000000006a657c39>] vfs_write+0x185/0x520 [ 1518.419756] [<00000000896b6640>] SyS_write+0x121/0x270 [ 1518.419763] [<0000000039622e10>] ? SyS_read+0x270/0x270 [ 1518.419771] [<00000000207ed57a>] ? do_syscall_64+0x4a/0x5c0 [ 1518.419778] [<0000000039622e10>] ? SyS_read+0x270/0x270 [ 1518.419786] [<000000009049c43c>] do_syscall_64+0x1ad/0x5c0 [ 1518.419795] [<00000000880b3aee>] entry_SYSCALL_64_after_swapgs+0x5d/0xdb [ 1518.419799] Mem-Info: [ 1518.419820] active_anon:190381 inactive_anon:40 isolated_anon:0 [ 1518.419820] active_file:12687 inactive_file:19334 isolated_file:0 [ 1518.419820] unevictable:1 dirty:147 writeback:0 unstable:0 [ 1518.419820] slab_reclaimable:8876 slab_unreclaimable:100692 [ 1518.419820] mapped:59368 shmem:56 pagetables:78209 bounce:0 [ 1518.419820] free:1131509 free_pcp:515 free_cma:0 [ 1518.419836] Node 0 active_anon:761524kB inactive_anon:160kB active_file:50748kB inactive_file:77336kB unevictable:4kB isolated(anon):0kB isolated(file):0kB mapped:237472kB dirty:588kB writeback:0kB shmem:224kB writeback_tmp:0kB unstable:0kB pages_scanned:0 all_unreclaimable? no [ 1518.419855] DMA32 free:3012768kB min:4696kB low:7712kB high:10728kB active_anon:8kB inactive_anon:0kB active_file:4kB inactive_file:0kB unevictable:0kB writepending:0kB present:3145324kB managed:3020092kB mlocked:0kB slab_reclaimable:72kB slab_unreclaimable:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:1232kB local_pcp:644kB free_cma:0kB lowmem_reserve[]: 0 3505 3505 [ 1518.419884] Normal free:1513268kB min:5580kB low:9168kB high:12756kB active_anon:761516kB inactive_anon:160kB active_file:50744kB inactive_file:77336kB unevictable:4kB writepending:588kB present:4718592kB managed:3589316kB mlocked:4kB slab_reclaimable:35432kB slab_unreclaimable:402768kB kernel_stack:99296kB pagetables:312836kB bounce:0kB free_pcp:828kB local_pcp:496kB free_cma:0kB lowmem_reserve[]: 0 0 0 [ 1518.419944] DMA32: 12*4kB (UM) 12*8kB (UME) 7*16kB (UME) 5*32kB (UME) 4*64kB (UM) 6*128kB (UME) 7*256kB (UME) 6*512kB (UME) 4*1024kB (UME) 4*2048kB (UME) 731*4096kB (UM) = 3012768kB Normal: 14*4kB (ME) 6*8kB (UME) 23*16kB (UME) 20*32kB (UM) 6*64kB (UM) 4*128kB (ME) 3*256kB (UE) 2*512kB (UM) 2*1024kB (UE) 0*2048kB 368*4096kB (U) = 1513176kB 32074 total pagecache pages [ 1518.420000] 0 pages in swap cache [ 1518.420004] Swap cache stats: add 0, delete 0, find 0/0 [ 1518.420007] Free swap = 0kB [ 1518.420009] Total swap = 0kB [ 1518.420011] 1965979 pages RAM [ 1518.420014] 0 pages HighMem/MovableOnly [ 1518.420016] 313627 pages reserved [ 1518.663014] syz-executor.3: vmalloc: allocation failure: 0 bytes, mode:0x24000c2(GFP_KERNEL|__GFP_HIGHMEM) [ 1518.663022] CPU: 0 PID: 29914 Comm: syz-executor.3 Not tainted 4.9.194+ #0 [ 1518.663038] ffff88013ab37968 ffffffff81b67001 1ffff10027566f2f ffff88012606c740 [ 1518.663051] ffffffff82aab4e0 0000000000000001 0000000000400000 ffff88013ab37a90 [ 1518.663063] ffffffff815080fc 0000000041b58ab3 ffffffff82e3bc80 ffffffff81431d00 [ 1518.663066] Call Trace: [ 1518.663090] [<0000000011681f42>] dump_stack+0xc1/0x120 [ 1518.663104] [<000000007c2097d2>] warn_alloc.cold+0x76/0x93 [ 1518.663114] [<00000000de19d6ac>] ? zone_watermark_ok_safe+0x260/0x260 [ 1518.663124] [<00000000298d54b5>] ? avc_has_perm+0x164/0x3a0 [ 1518.663135] [<000000005cb91349>] __vmalloc_node_range+0x368/0x610 [ 1518.663145] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1518.663154] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1518.663163] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1518.663173] [<00000000a2fc1867>] ? task_has_security+0x130/0x270 [ 1518.663180] [<00000000a2870fb6>] vmalloc+0x5c/0x70 [ 1518.663188] [<000000009122b07a>] ? sel_write_load+0x119/0xf60 [ 1518.663194] [<000000009122b07a>] sel_write_load+0x119/0xf60 [ 1518.663202] [<0000000014953e9a>] ? sel_read_bool+0x240/0x240 [ 1518.663212] [<0000000033795d1e>] ? trace_hardirqs_on+0x10/0x10 [ 1518.663220] [<000000008431afd9>] __vfs_write+0x116/0x560 [ 1518.663227] [<0000000014953e9a>] ? sel_read_bool+0x240/0x240 [ 1518.663234] [<00000000b67253ca>] ? __vfs_read+0x550/0x550 [ 1518.663244] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1518.663253] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1518.663261] [<00000000ad48bf15>] ? rcu_read_lock_sched_held+0x10b/0x130 [ 1518.663269] [<00000000a3300644>] ? rcu_sync_lockdep_assert+0x73/0xb0 [ 1518.663278] [<000000003542cfd2>] ? __sb_start_write+0x161/0x310 [ 1518.663285] [<000000006a657c39>] vfs_write+0x185/0x520 [ 1518.663293] [<00000000896b6640>] SyS_write+0x121/0x270 [ 1518.663300] [<0000000039622e10>] ? SyS_read+0x270/0x270 [ 1518.663307] [<00000000207ed57a>] ? do_syscall_64+0x4a/0x5c0 [ 1518.663315] [<0000000039622e10>] ? SyS_read+0x270/0x270 [ 1518.663327] [<000000009049c43c>] do_syscall_64+0x1ad/0x5c0 [ 1518.663336] [<00000000880b3aee>] entry_SYSCALL_64_after_swapgs+0x5d/0xdb [ 1518.663462] Mem-Info: [ 1518.663485] active_anon:190360 inactive_anon:40 isolated_anon:0 [ 1518.663485] active_file:12687 inactive_file:19334 isolated_file:0 [ 1518.663485] unevictable:1 dirty:147 writeback:0 unstable:0 [ 1518.663485] slab_reclaimable:8876 slab_unreclaimable:100713 [ 1518.663485] mapped:59393 shmem:56 pagetables:78174 bounce:0 [ 1518.663485] free:1131494 free_pcp:628 free_cma:0 [ 1518.663503] Node 0 active_anon:761440kB inactive_anon:160kB active_file:50748kB inactive_file:77336kB unevictable:4kB isolated(anon):0kB isolated(file):0kB mapped:237572kB dirty:588kB writeback:0kB shmem:224kB writeback_tmp:0kB unstable:0kB pages_scanned:0 all_unreclaimable? no [ 1518.663519] DMA32 free:3012768kB min:4696kB low:7712kB high:10728kB active_anon:8kB inactive_anon:0kB active_file:4kB inactive_file:0kB unevictable:0kB writepending:0kB present:3145324kB managed:3020092kB mlocked:0kB slab_reclaimable:72kB slab_unreclaimable:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:1232kB local_pcp:588kB free_cma:0kB lowmem_reserve[]: 0 3505 3505 [ 1518.663550] Normal free:1513208kB min:5580kB low:9168kB high:12756kB active_anon:761432kB inactive_anon:160kB active_file:50744kB inactive_file:77336kB unevictable:4kB writepending:588kB present:4718592kB managed:3589316kB mlocked:4kB slab_reclaimable:35432kB slab_unreclaimable:402852kB kernel_stack:99232kB pagetables:312696kB bounce:0kB free_pcp:1280kB local_pcp:692kB free_cma:0kB lowmem_reserve[]: 0 0 0 [ 1518.663609] DMA32: 12*4kB (UM) 12*8kB (UME) 7*16kB (UME) 5*32kB (UME) 4*64kB (UM) 6*128kB (UME) 7*256kB (UME) 6*512kB (UME) 4*1024kB (UME) 4*2048kB (UME) 731*4096kB (UM) = 3012768kB Normal: 8*4kB (UE) 7*8kB (UME) 24*16kB (UME) 19*32kB (U) 7*64kB (UM) 4*128kB (ME) 3*256kB (UE) 2*512kB (UM) 2*1024kB (UE) 0*2048kB 368*4096kB (U) = 1513208kB 32074 total pagecache pages [ 1518.663676] 0 pages in swap cache [ 1518.663680] Swap cache stats: add 0, delete 0, find 0/0 [ 1518.663683] Free swap = 0kB [ 1518.663685] Total swap = 0kB [ 1518.663688] 1965979 pages RAM [ 1518.663690] 0 pages HighMem/MovableOnly [ 1518.663692] 313627 pages reserved [ 1518.862415] syz-executor.3: vmalloc: allocation failure: 0 bytes, mode:0x24000c2(GFP_KERNEL|__GFP_HIGHMEM) [ 1518.862423] CPU: 1 PID: 29928 Comm: syz-executor.3 Not tainted 4.9.194+ #0 [ 1518.862437] ffff880134dcf968 ffffffff81b67001 1ffff100269b9f2f ffff8801319cc740 [ 1518.862447] ffffffff82aab4e0 0000000000000001 0000000000400000 ffff880134dcfa90 [ 1518.862457] ffffffff815080fc 0000000041b58ab3 ffffffff82e3bc80 ffffffff81431d00 [ 1518.862459] Call Trace: [ 1518.862472] [<0000000011681f42>] dump_stack+0xc1/0x120 [ 1518.862482] [<000000007c2097d2>] warn_alloc.cold+0x76/0x93 [ 1518.862490] [<00000000de19d6ac>] ? zone_watermark_ok_safe+0x260/0x260 [ 1518.862498] [<00000000298d54b5>] ? avc_has_perm+0x164/0x3a0 [ 1518.862508] [<000000005cb91349>] __vmalloc_node_range+0x368/0x610 [ 1518.862518] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1518.862526] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1518.862535] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 22:11:11 executing program 0: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) socket(0x0, 0x0, 0x8) poll(0x0, 0x0, 0x8000000000000200) socketpair(0x10, 0x0, 0x0, 0x0) creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$TIOCLINUX4(0xffffffffffffffff, 0x541c, 0x0) r0 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r1, &(0x7f0000000300)=ANY=[], 0x0) ptrace$setopts(0xffffffffffffffff, r0, 0x0, 0x0) tkill(r0, 0x21) wait4(0x0, 0x0, 0x0, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x10000, 0x0, 0x15}) syz_open_pts(0xffffffffffffffff, 0x0) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000540)='/dev/vga_arbiter\x00', 0x511441, 0x0) 22:11:11 executing program 1: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x13102000ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket(0x0, 0x0, 0x0) poll(0x0, 0x0, 0x8000000000000200) socketpair(0x10, 0x0, 0xfe, &(0x7f0000000180)) r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$TIOCLINUX4(r1, 0x541c, &(0x7f0000000040)) dup2(0xffffffffffffffff, 0xffffffffffffffff) r2 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r3, 0x0, 0x0) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x21) wait4(0x0, 0x0, 0x0, 0x0) syz_open_pts(r0, 0x0) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0xf, &(0x7f00009abffc)=0x5, 0x4) 22:11:11 executing program 3: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket(0x0, 0x0, 0x8) poll(0x0, 0x0, 0x0) creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$TIOCLINUX4(0xffffffffffffffff, 0x541c, &(0x7f0000000040)) r0 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r1, &(0x7f0000000300)=ANY=[@ANYBLOB], 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x21) wait4(0x0, 0x0, 0x0, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x40045431, &(0x7f0000000080)) syz_open_pts(0xffffffffffffffff, 0x0) 22:11:11 executing program 4: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x448, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x13102000ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket(0x0, 0xa, 0x8) poll(0x0, 0x0, 0x8000000000000200) socketpair(0x10, 0x0, 0xfe, &(0x7f0000000180)) r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$TIOCLINUX4(r1, 0x541c, &(0x7f0000000040)) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r3, &(0x7f0000000300)=ANY=[@ANYBLOB="2422cdb3dbc96a0d7dab17ee1da68e97a75c2d1a34e7ee02004c4ac61b6783adf4b78165e6c18fe6e6e9de0eb40ab9b6372acb8457a07f40768a79fdc462e6b4a93479179acce26e9a881ad88e9bda56bc45b955bd137eb6a10faae485df2055d290b5f5949c6c1ef54dacde51e41b3b831d091296afdcea0a3f90167c64236701a6a66a7585617a81295c82c330caf32cb6b5240766739a217b22cf41bbab5aeb327feb5109ed16a6ddd2009b475825c0dd02dbec6e612072ce7fd70ed9305446a8b45b7a9ff355b3cff9707fe8ba6b03c1d1269b59308a"], 0x1) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x21) wait4(0x0, 0x0, 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x10000, 0x0, 0x15}) getxattr(&(0x7f0000000240)='./file0\x00', &(0x7f0000000280)=@known='com.apple.system.Security\x00', &(0x7f00000002c0)=""/41, 0x29) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0xf, &(0x7f00009abffc)=0x5, 0x4) openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000540)='/dev/vga_arbiter\x00', 0x511441, 0x0) 22:11:11 executing program 2: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x448, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x13102000ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket(0x0, 0xa, 0x0) poll(0x0, 0x0, 0x8000000000000200) socketpair(0x0, 0x0, 0xfe, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$TIOCLINUX4(r1, 0x541c, &(0x7f0000000040)) dup2(r0, 0xffffffffffffffff) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r3, &(0x7f0000000300)=ANY=[@ANYBLOB], 0x0) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x21) wait4(0x0, 0x0, 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x10000, 0x0, 0x15}) syz_open_pts(r0, 0x0) getxattr(&(0x7f0000000240)='./file0\x00', &(0x7f0000000280)=@known='com.apple.system.Security\x00', &(0x7f00000002c0)=""/41, 0x29) accept$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @initdev}, &(0x7f00000001c0)=0x10) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0xf, &(0x7f00009abffc)=0x5, 0x4) r4 = socket(0xa, 0x2, 0x0) getsockopt$sock_cred(r4, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xa) fcntl$getownex(r4, 0x10, &(0x7f0000000500)) openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000540)='/dev/vga_arbiter\x00', 0x511441, 0x0) 22:11:11 executing program 5: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x448, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x13102000ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket(0x0, 0xa, 0x8) poll(0x0, 0x0, 0x8000000000000200) socketpair(0x10, 0x0, 0xfe, &(0x7f0000000180)) fcntl$setown(0xffffffffffffffff, 0x8, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$TIOCLINUX4(r1, 0x541c, &(0x7f0000000040)) dup2(r0, 0xffffffffffffffff) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r3, &(0x7f0000000300)=ANY=[@ANYBLOB="2422cdb3dbc96a0d7dab17ee1da68e97a75c2d1a34e7ee02004c4ac61b6783adf4b78165e6c18fe6e6e9de0eb40ab9b6372acb8457a07f40768a79fdc462e6b4a93479179acce26e9a881ad88e9bda56bc45b955bd137eb6a10faae485df2055d290b5f5949c6c1ef54dacde51e41b3b831d091296afdcea0a3f90167c64236701a6a66a7585617a81295c82c330caf32cb6b5240766739a217b22cf41bbab5aeb327feb5109ed16a6ddd2009b475825c0dd02dbec6e612072ce7fd70ed9305446a8b45b7a9ff355b3cff9707fe8ba6b03c1d1269b59308a"], 0x1) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x21) wait4(0x0, 0x0, 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x10000, 0x0, 0x15}) syz_open_pts(r0, 0x0) getxattr(&(0x7f0000000240)='./file0\x00', &(0x7f0000000280)=@known='com.apple.system.Security\x00', &(0x7f00000002c0)=""/41, 0x29) accept$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @initdev}, &(0x7f00000001c0)=0x10) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0xf, &(0x7f00009abffc)=0x5, 0x4) openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000540)='/dev/vga_arbiter\x00', 0x511441, 0x0) [ 1518.862545] [<00000000a2fc1867>] ? task_has_security+0x130/0x270 [ 1518.862552] [<00000000a2870fb6>] vmalloc+0x5c/0x70 [ 1518.862558] [<000000009122b07a>] ? sel_write_load+0x119/0xf60 [ 1518.862565] [<000000009122b07a>] sel_write_load+0x119/0xf60 22:11:11 executing program 3: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket(0x0, 0x0, 0x8) poll(0x0, 0x0, 0x0) creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$TIOCLINUX4(0xffffffffffffffff, 0x541c, &(0x7f0000000040)) r0 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r1, &(0x7f0000000300)=ANY=[@ANYBLOB], 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x21) wait4(0x0, 0x0, 0x0, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x40045431, &(0x7f0000000080)) syz_open_pts(0xffffffffffffffff, 0x0) [ 1518.862572] [<0000000014953e9a>] ? sel_read_bool+0x240/0x240 [ 1518.862581] [<0000000033795d1e>] ? trace_hardirqs_on+0x10/0x10 [ 1518.862588] [<000000008431afd9>] __vfs_write+0x116/0x560 [ 1518.862594] [<0000000014953e9a>] ? sel_read_bool+0x240/0x240 [ 1518.862601] [<00000000b67253ca>] ? __vfs_read+0x550/0x550 [ 1518.862610] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1518.862618] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1518.862627] [<00000000ad48bf15>] ? rcu_read_lock_sched_held+0x10b/0x130 [ 1518.862634] [<00000000a3300644>] ? rcu_sync_lockdep_assert+0x73/0xb0 [ 1518.862642] [<000000003542cfd2>] ? __sb_start_write+0x161/0x310 [ 1518.862649] [<000000006a657c39>] vfs_write+0x185/0x520 [ 1518.862656] [<00000000896b6640>] SyS_write+0x121/0x270 [ 1518.862663] [<0000000039622e10>] ? SyS_read+0x270/0x270 [ 1518.862670] [<00000000207ed57a>] ? do_syscall_64+0x4a/0x5c0 [ 1518.862678] [<0000000039622e10>] ? SyS_read+0x270/0x270 [ 1518.862685] [<000000009049c43c>] do_syscall_64+0x1ad/0x5c0 [ 1518.862694] [<00000000880b3aee>] entry_SYSCALL_64_after_swapgs+0x5d/0xdb [ 1518.862697] Mem-Info: [ 1518.862714] active_anon:190347 inactive_anon:40 isolated_anon:0 [ 1518.862714] active_file:12688 inactive_file:19334 isolated_file:0 [ 1518.862714] unevictable:1 dirty:148 writeback:0 unstable:0 [ 1518.862714] slab_reclaimable:8876 slab_unreclaimable:100678 [ 1518.862714] mapped:59368 shmem:56 pagetables:78170 bounce:0 [ 1518.862714] free:1131619 free_pcp:493 free_cma:0 22:11:12 executing program 2: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x448, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x13102000ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket(0x0, 0xa, 0x0) poll(0x0, 0x0, 0x8000000000000200) socketpair(0x0, 0x0, 0xfe, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$TIOCLINUX4(r1, 0x541c, &(0x7f0000000040)) dup2(r0, 0xffffffffffffffff) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r3, &(0x7f0000000300)=ANY=[@ANYBLOB], 0x0) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x21) wait4(0x0, 0x0, 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x10000, 0x0, 0x15}) syz_open_pts(r0, 0x0) getxattr(&(0x7f0000000240)='./file0\x00', &(0x7f0000000280)=@known='com.apple.system.Security\x00', &(0x7f00000002c0)=""/41, 0x29) accept$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @initdev}, &(0x7f00000001c0)=0x10) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0xf, &(0x7f00009abffc)=0x5, 0x4) r4 = socket(0xa, 0x2, 0x0) getsockopt$sock_cred(r4, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xa) fcntl$getownex(r4, 0x10, &(0x7f0000000500)) openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000540)='/dev/vga_arbiter\x00', 0x511441, 0x0) 22:11:12 executing program 4: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x448, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x13102000ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket(0x0, 0xa, 0x8) poll(0x0, 0x0, 0x8000000000000200) socketpair(0x10, 0x0, 0xfe, &(0x7f0000000180)) r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$TIOCLINUX4(r1, 0x541c, &(0x7f0000000040)) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r3, &(0x7f0000000300)=ANY=[@ANYBLOB="2422cdb3dbc96a0d7dab17ee1da68e97a75c2d1a34e7ee02004c4ac61b6783adf4b78165e6c18fe6e6e9de0eb40ab9b6372acb8457a07f40768a79fdc462e6b4a93479179acce26e9a881ad88e9bda56bc45b955bd137eb6a10faae485df2055d290b5f5949c6c1ef54dacde51e41b3b831d091296afdcea0a3f90167c64236701a6a66a7585617a81295c82c330caf32cb6b5240766739a217b22cf41bbab5aeb327feb5109ed16a6ddd2009b475825c0dd02dbec6e612072ce7fd70ed9305446a8b45b7a9ff355b3cff9707fe8ba6b03c1d1269b59308a"], 0x1) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x21) wait4(0x0, 0x0, 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x10000, 0x0, 0x15}) getxattr(&(0x7f0000000240)='./file0\x00', &(0x7f0000000280)=@known='com.apple.system.Security\x00', &(0x7f00000002c0)=""/41, 0x29) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0xf, &(0x7f00009abffc)=0x5, 0x4) openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000540)='/dev/vga_arbiter\x00', 0x511441, 0x0) 22:11:12 executing program 1: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x13102000ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket(0x0, 0x0, 0x0) poll(0x0, 0x0, 0x8000000000000200) socketpair(0x10, 0x0, 0xfe, &(0x7f0000000180)) r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$TIOCLINUX4(r1, 0x541c, &(0x7f0000000040)) dup2(0xffffffffffffffff, 0xffffffffffffffff) r2 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r3, 0x0, 0x0) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x21) wait4(0x0, 0x0, 0x0, 0x0) syz_open_pts(r0, 0x0) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0xf, &(0x7f00009abffc)=0x5, 0x4) 22:11:12 executing program 0: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) socket(0x0, 0x0, 0x8) poll(0x0, 0x0, 0x8000000000000200) socketpair(0x10, 0x0, 0x0, 0x0) creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$TIOCLINUX4(0xffffffffffffffff, 0x541c, 0x0) r0 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r1, &(0x7f0000000300)=ANY=[], 0x0) ptrace$setopts(0xffffffffffffffff, r0, 0x0, 0x0) tkill(r0, 0x21) wait4(0x0, 0x0, 0x0, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x10000, 0x0, 0x15}) syz_open_pts(0xffffffffffffffff, 0x0) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000540)='/dev/vga_arbiter\x00', 0x511441, 0x0) 22:11:12 executing program 5: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x448, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x13102000ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket(0x5, 0xa, 0x8) poll(0x0, 0x0, 0x8000000000000200) socketpair(0x0, 0x0, 0xfe, &(0x7f0000000180)) fcntl$setown(0xffffffffffffffff, 0x8, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$TIOCLINUX4(r1, 0x541c, &(0x7f0000000040)) dup2(r0, 0xffffffffffffffff) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r3, &(0x7f0000000300)=ANY=[@ANYBLOB="2422cdb3dbc96a0d7dab17ee1da68e97a75c2d1a34e7ee02004c4ac61b6783adf4b78165e6c18fe6e6e9de0eb40ab9b6372acb8457a07f40768a79fdc462e6b4a93479179acce26e9a881ad88e9bda56bc45b955bd137eb6a10faae485df2055d290b5f5949c6c1ef54dacde51e41b3b831d091296afdcea0a3f90167c64236701a6a66a7585617a81295c82c330caf32cb6b5240766739a217b22cf41bbab5aeb327feb5109ed16a6ddd2009b475825c0dd02dbec6e612072ce7fd70ed9305446a8b45b7a9ff355b3cff9707fe8ba6b03c1d1269b59308a"], 0x1) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x21) wait4(0x0, 0x0, 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x10000, 0x0, 0x15}) syz_open_pts(r0, 0x0) getxattr(&(0x7f0000000240)='./file0\x00', &(0x7f0000000280)=@known='com.apple.system.Security\x00', &(0x7f00000002c0)=""/41, 0x29) accept$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @initdev}, &(0x7f00000001c0)=0x10) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0xf, &(0x7f00009abffc)=0x5, 0x4) r4 = socket(0xa, 0x2, 0x0) getsockopt$sock_cred(r4, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xa) fcntl$getownex(r4, 0x10, &(0x7f0000000500)) openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000540)='/dev/vga_arbiter\x00', 0x511441, 0x0) [ 1518.862728] Node 0 active_anon:761388kB inactive_anon:160kB active_file:50752kB inactive_file:77336kB unevictable:4kB isolated(anon):0kB isolated(file):0kB mapped:237472kB dirty:592kB writeback:0kB shmem:224kB writeback_tmp:0kB unstable:0kB pages_scanned:0 all_unreclaimable? no [ 1518.862746] DMA32 free:3012768kB min:4696kB low:7712kB high:10728kB active_anon:8kB inactive_anon:0kB active_file:4kB inactive_file:0kB unevictable:0kB writepending:0kB present:3145324kB managed:3020092kB mlocked:0kB slab_reclaimable:72kB slab_unreclaimable:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:1232kB local_pcp:644kB free_cma:0kB lowmem_reserve[]: 0 3505 3505 [ 1518.862773] Normal free:1513708kB min:5580kB low:9168kB high:12756kB active_anon:761380kB inactive_anon:160kB active_file:50748kB inactive_file:77336kB unevictable:4kB writepending:592kB present:4718592kB managed:3589316kB mlocked:4kB slab_reclaimable:35432kB slab_unreclaimable:402712kB kernel_stack:99264kB pagetables:312680kB bounce:0kB free_pcp:740kB local_pcp:264kB free_cma:0kB lowmem_reserve[]: 0 0 0 [ 1518.862829] DMA32: 12*4kB (UM) 12*8kB (UME) 7*16kB (UME) 5*32kB (UME) 4*64kB (UM) 6*128kB (UME) 7*256kB (UME) 6*512kB (UME) 4*1024kB (UME) 4*2048kB (UME) 731*4096kB (UM) = 3012768kB Normal: 83*4kB (UME) 16*8kB (UME) 24*16kB (UME) 9*32kB (U) 9*64kB (UM) 6*128kB (UME) 3*256kB (UE) 2*512kB (UM) 2*1024kB (UE) 0*2048kB 368*4096kB (U) = 1513644kB 32075 total pagecache pages [ 1518.862880] 0 pages in swap cache [ 1518.862884] Swap cache stats: add 0, delete 0, find 0/0 [ 1518.862887] Free swap = 0kB [ 1518.862889] Total swap = 0kB [ 1518.862891] 1965979 pages RAM [ 1518.862893] 0 pages HighMem/MovableOnly [ 1518.862895] 313627 pages reserved [ 1518.915193] syz-executor.4: vmalloc: allocation failure: 0 bytes, mode:0x24000c2(GFP_KERNEL|__GFP_HIGHMEM) 22:11:12 executing program 2: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x448, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x13102000ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket(0x0, 0xa, 0x0) poll(0x0, 0x0, 0x8000000000000200) socketpair(0x0, 0x0, 0xfe, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$TIOCLINUX4(r1, 0x541c, &(0x7f0000000040)) dup2(r0, 0xffffffffffffffff) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r3, &(0x7f0000000300)=ANY=[@ANYBLOB], 0x0) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x21) wait4(0x0, 0x0, 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x10000, 0x0, 0x15}) syz_open_pts(r0, 0x0) getxattr(&(0x7f0000000240)='./file0\x00', &(0x7f0000000280)=@known='com.apple.system.Security\x00', &(0x7f00000002c0)=""/41, 0x29) accept$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @initdev}, &(0x7f00000001c0)=0x10) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0xf, &(0x7f00009abffc)=0x5, 0x4) r4 = socket(0xa, 0x2, 0x0) getsockopt$sock_cred(r4, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xa) fcntl$getownex(r4, 0x10, &(0x7f0000000500)) openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000540)='/dev/vga_arbiter\x00', 0x511441, 0x0) [ 1518.915202] CPU: 1 PID: 29933 Comm: syz-executor.4 Not tainted 4.9.194+ #0 [ 1518.915217] ffff88013808f968 ffffffff81b67001 1ffff10027011f2f ffff880137ff97c0 [ 1518.915230] ffffffff82aab4e0 0000000000000001 0000000000400000 ffff88013808fa90 [ 1518.915242] ffffffff815080fc 0000000041b58ab3 ffffffff82e3bc80 ffffffff81431d00 [ 1518.915244] Call Trace: [ 1518.915257] [<0000000011681f42>] dump_stack+0xc1/0x120 [ 1518.915270] [<000000007c2097d2>] warn_alloc.cold+0x76/0x93 [ 1518.915278] [<00000000de19d6ac>] ? zone_watermark_ok_safe+0x260/0x260 [ 1518.915287] [<00000000298d54b5>] ? avc_has_perm+0x164/0x3a0 [ 1518.915296] [<000000005cb91349>] __vmalloc_node_range+0x368/0x610 [ 1518.915306] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1518.915321] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1518.915332] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1518.915343] [<00000000a2fc1867>] ? task_has_security+0x130/0x270 [ 1518.915350] [<00000000a2870fb6>] vmalloc+0x5c/0x70 [ 1518.915358] [<000000009122b07a>] ? sel_write_load+0x119/0xf60 [ 1518.915364] [<000000009122b07a>] sel_write_load+0x119/0xf60 [ 1518.915372] [<0000000014953e9a>] ? sel_read_bool+0x240/0x240 [ 1518.915381] [<0000000033795d1e>] ? trace_hardirqs_on+0x10/0x10 [ 1518.915395] [<000000008431afd9>] __vfs_write+0x116/0x560 [ 1518.915402] [<0000000014953e9a>] ? sel_read_bool+0x240/0x240 [ 1518.915409] [<00000000b67253ca>] ? __vfs_read+0x550/0x550 [ 1518.915418] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1518.915427] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1518.915436] [<00000000ad48bf15>] ? rcu_read_lock_sched_held+0x10b/0x130 [ 1518.915444] [<00000000a3300644>] ? rcu_sync_lockdep_assert+0x73/0xb0 [ 1518.915452] [<000000003542cfd2>] ? __sb_start_write+0x161/0x310 [ 1518.915459] [<000000006a657c39>] vfs_write+0x185/0x520 [ 1518.915466] [<00000000896b6640>] SyS_write+0x121/0x270 [ 1518.915473] [<0000000039622e10>] ? SyS_read+0x270/0x270 [ 1518.915481] [<00000000207ed57a>] ? do_syscall_64+0x4a/0x5c0 22:11:13 executing program 4: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x448, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x13102000ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket(0x0, 0xa, 0x0) poll(0x0, 0x0, 0x8000000000000200) socketpair(0x0, 0x0, 0xfe, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$TIOCLINUX4(r1, 0x541c, &(0x7f0000000040)) dup2(r0, 0xffffffffffffffff) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r3, &(0x7f0000000300)=ANY=[], 0x0) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x21) wait4(0x0, 0x0, 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x10000, 0x0, 0x15}) syz_open_pts(r0, 0x0) getxattr(&(0x7f0000000240)='./file0\x00', &(0x7f0000000280)=@known='com.apple.system.Security\x00', &(0x7f00000002c0)=""/41, 0x29) accept$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @initdev}, &(0x7f00000001c0)=0x10) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0xf, &(0x7f00009abffc)=0x5, 0x4) r4 = socket(0xa, 0x2, 0x0) getsockopt$sock_cred(r4, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xa) fcntl$getownex(r4, 0x10, &(0x7f0000000500)) openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000540)='/dev/vga_arbiter\x00', 0x511441, 0x0) 22:11:13 executing program 1: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x13102000ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket(0x0, 0x0, 0x0) poll(0x0, 0x0, 0x8000000000000200) socketpair(0x10, 0x0, 0xfe, &(0x7f0000000180)) r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$TIOCLINUX4(r1, 0x541c, &(0x7f0000000040)) dup2(0xffffffffffffffff, 0xffffffffffffffff) r2 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r3, &(0x7f0000000300)=ANY=[], 0x0) ptrace$setopts(0xffffffffffffffff, r2, 0x0, 0x0) tkill(r2, 0x21) wait4(0x0, 0x0, 0x0, 0x0) syz_open_pts(r0, 0x0) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0xf, &(0x7f00009abffc)=0x5, 0x4) [ 1518.915488] [<0000000039622e10>] ? SyS_read+0x270/0x270 [ 1518.915495] [<000000009049c43c>] do_syscall_64+0x1ad/0x5c0 [ 1518.915506] [<00000000880b3aee>] entry_SYSCALL_64_after_swapgs+0x5d/0xdb [ 1518.915527] Mem-Info: [ 1518.915550] active_anon:190347 inactive_anon:40 isolated_anon:0 [ 1518.915550] active_file:12688 inactive_file:19334 isolated_file:0 [ 1518.915550] unevictable:1 dirty:148 writeback:0 unstable:0 [ 1518.915550] slab_reclaimable:8876 slab_unreclaimable:100678 [ 1518.915550] mapped:59368 shmem:56 pagetables:78207 bounce:0 [ 1518.915550] free:1131533 free_pcp:477 free_cma:0 [ 1518.915567] Node 0 active_anon:761388kB inactive_anon:160kB active_file:50752kB inactive_file:77336kB unevictable:4kB isolated(anon):0kB isolated(file):0kB mapped:237472kB dirty:592kB writeback:0kB shmem:224kB writeback_tmp:0kB unstable:0kB pages_scanned:0 all_unreclaimable? no [ 1518.915586] DMA32 free:3012768kB min:4696kB low:7712kB high:10728kB active_anon:8kB inactive_anon:0kB active_file:4kB inactive_file:0kB unevictable:0kB writepending:0kB present:3145324kB managed:3020092kB mlocked:0kB slab_reclaimable:72kB slab_unreclaimable:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:1232kB local_pcp:644kB free_cma:0kB lowmem_reserve[]: 0 3505 3505 [ 1518.915614] Normal free:1513364kB min:5580kB low:9168kB high:12756kB active_anon:761380kB inactive_anon:160kB active_file:50748kB inactive_file:77336kB unevictable:4kB writepending:592kB present:4718592kB managed:3589316kB mlocked:4kB slab_reclaimable:35432kB slab_unreclaimable:402712kB kernel_stack:99232kB pagetables:312828kB bounce:0kB free_pcp:676kB local_pcp:200kB free_cma:0kB lowmem_reserve[]: 0 0 0 [ 1518.915672] DMA32: 12*4kB (UM) 12*8kB (UME) 7*16kB (UME) 5*32kB (UME) 4*64kB (UM) 6*128kB (UME) 7*256kB (UME) 6*512kB (UME) 4*1024kB (UME) 4*2048kB (UME) 731*4096kB (UM) = 3012768kB Normal: 21*4kB (UME) 16*8kB (UME) 24*16kB (UME) 8*32kB (U) 9*64kB (UM) 6*128kB (UME) 3*256kB (UE) 2*512kB (UM) 2*1024kB (UE) 0*2048kB 368*4096kB (U) = 1513364kB 32075 total pagecache pages 22:11:13 executing program 1: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x13102000ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket(0x0, 0x0, 0x0) poll(0x0, 0x0, 0x8000000000000200) socketpair(0x10, 0x0, 0xfe, &(0x7f0000000180)) r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$TIOCLINUX4(r1, 0x541c, &(0x7f0000000040)) dup2(0xffffffffffffffff, 0xffffffffffffffff) r2 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r3, &(0x7f0000000300)=ANY=[], 0x0) ptrace$setopts(0xffffffffffffffff, r2, 0x0, 0x0) tkill(r2, 0x21) wait4(0x0, 0x0, 0x0, 0x0) syz_open_pts(r0, 0x0) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0xf, &(0x7f00009abffc)=0x5, 0x4) 22:11:13 executing program 0: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) socket(0x0, 0x0, 0x8) poll(0x0, 0x0, 0x8000000000000200) socketpair(0x10, 0x0, 0x0, 0x0) creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$TIOCLINUX4(0xffffffffffffffff, 0x541c, 0x0) r0 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r1, &(0x7f0000000300)=ANY=[], 0x0) ptrace$setopts(0xffffffffffffffff, r0, 0x0, 0x0) tkill(r0, 0x21) wait4(0x0, 0x0, 0x0, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x10000, 0x0, 0x15}) syz_open_pts(0xffffffffffffffff, 0x0) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000540)='/dev/vga_arbiter\x00', 0x511441, 0x0) 22:11:13 executing program 2: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x448, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x13102000ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket(0x0, 0xa, 0x8) poll(0x0, 0x0, 0x8000000000000200) socketpair(0x10, 0x0, 0xfe, &(0x7f0000000180)) fcntl$setown(0xffffffffffffffff, 0x8, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$TIOCLINUX4(r1, 0x541c, &(0x7f0000000040)) dup2(r0, 0xffffffffffffffff) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r3, &(0x7f0000000300)=ANY=[@ANYBLOB="2422cdb3dbc96a0d7dab17ee1da68e97a75c2d1a34e7ee02004c4ac61b6783adf4b78165e6c18fe6e6e9de0eb40ab9b6372acb8457a07f40768a79fdc462e6b4a93479179acce26e9a881ad88e9bda56bc45b955bd137eb6a10faae485df2055d290b5f5949c6c1ef54dacde51e41b3b831d091296afdcea0a3f90167c64236701a6a66a7585617a81295c82c330caf32cb6b5240766739a217b22cf41bbab5aeb327feb5109ed16a6ddd2009b475825c0dd02dbec6e612072ce7fd70ed9305446a8b45b7a9ff355b3cff9707fe8ba6b03c1d1269b59308a"], 0x1) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x21) wait4(0x0, 0x0, 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x10000, 0x0, 0x15}) syz_open_pts(r0, 0x0) getxattr(&(0x7f0000000240)='./file0\x00', &(0x7f0000000280)=@known='com.apple.system.Security\x00', &(0x7f00000002c0)=""/41, 0x29) accept$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @initdev}, &(0x7f00000001c0)=0x10) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0xf, &(0x7f00009abffc)=0x5, 0x4) socket(0xa, 0x2, 0x0) openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000540)='/dev/vga_arbiter\x00', 0x511441, 0x0) [ 1518.915727] 0 pages in swap cache [ 1518.915731] Swap cache stats: add 0, delete 0, find 0/0 [ 1518.915733] Free swap = 0kB [ 1518.915735] Total swap = 0kB [ 1518.915737] 1965979 pages RAM [ 1518.915739] 0 pages HighMem/MovableOnly [ 1518.915742] 313627 pages reserved [ 1521.417401] syz-executor.3: vmalloc: allocation failure: 0 bytes, mode:0x24000c2(GFP_KERNEL|__GFP_HIGHMEM) [ 1521.417412] CPU: 0 PID: 29943 Comm: syz-executor.3 Not tainted 4.9.194+ #0 [ 1521.417427] ffff88013901f968 ffffffff81b67001 1ffff10027203f2f ffff880137ef17c0 [ 1521.417439] ffffffff82aab4e0 0000000000000001 0000000000400000 ffff88013901fa90 [ 1521.417451] ffffffff815080fc 0000000041b58ab3 ffffffff82e3bc80 ffffffff81431d00 [ 1521.417453] Call Trace: [ 1521.417467] [<0000000011681f42>] dump_stack+0xc1/0x120 [ 1521.417480] [<000000007c2097d2>] warn_alloc.cold+0x76/0x93 [ 1521.417490] [<00000000de19d6ac>] ? zone_watermark_ok_safe+0x260/0x260 [ 1521.417500] [<00000000298d54b5>] ? avc_has_perm+0x164/0x3a0 [ 1521.417510] [<000000005cb91349>] __vmalloc_node_range+0x368/0x610 [ 1521.417520] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1521.417530] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1521.417539] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1521.417549] [<00000000a2fc1867>] ? task_has_security+0x130/0x270 [ 1521.417557] [<00000000a2870fb6>] vmalloc+0x5c/0x70 [ 1521.417565] [<000000009122b07a>] ? sel_write_load+0x119/0xf60 [ 1521.417572] [<000000009122b07a>] sel_write_load+0x119/0xf60 [ 1521.417580] [<0000000014953e9a>] ? sel_read_bool+0x240/0x240 [ 1521.417588] [<0000000033795d1e>] ? trace_hardirqs_on+0x10/0x10 [ 1521.417596] [<000000008431afd9>] __vfs_write+0x116/0x560 [ 1521.417604] [<0000000014953e9a>] ? sel_read_bool+0x240/0x240 [ 1521.417611] [<00000000b67253ca>] ? __vfs_read+0x550/0x550 [ 1521.417620] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1521.417630] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1521.417639] [<00000000ad48bf15>] ? rcu_read_lock_sched_held+0x10b/0x130 [ 1521.417648] [<00000000a3300644>] ? rcu_sync_lockdep_assert+0x73/0xb0 [ 1521.417657] [<000000003542cfd2>] ? __sb_start_write+0x161/0x310 [ 1521.417665] [<000000006a657c39>] vfs_write+0x185/0x520 [ 1521.417672] [<00000000896b6640>] SyS_write+0x121/0x270 [ 1521.417680] [<0000000039622e10>] ? SyS_read+0x270/0x270 [ 1521.417689] [<00000000207ed57a>] ? do_syscall_64+0x4a/0x5c0 [ 1521.417697] [<0000000039622e10>] ? SyS_read+0x270/0x270 [ 1521.417704] [<000000009049c43c>] do_syscall_64+0x1ad/0x5c0 [ 1521.417713] [<00000000880b3aee>] entry_SYSCALL_64_after_swapgs+0x5d/0xdb [ 1521.417716] Mem-Info: [ 1521.417734] active_anon:187681 inactive_anon:40 isolated_anon:0 [ 1521.417734] active_file:12688 inactive_file:19334 isolated_file:0 [ 1521.417734] unevictable:1 dirty:148 writeback:0 unstable:0 [ 1521.417734] slab_reclaimable:8876 slab_unreclaimable:100555 [ 1521.417734] mapped:59393 shmem:56 pagetables:78147 bounce:0 [ 1521.417734] free:1134351 free_pcp:489 free_cma:0 [ 1521.417749] Node 0 active_anon:750724kB inactive_anon:160kB active_file:50752kB inactive_file:77336kB unevictable:4kB isolated(anon):0kB isolated(file):0kB mapped:237572kB dirty:592kB writeback:0kB shmem:224kB writeback_tmp:0kB unstable:0kB pages_scanned:0 all_unreclaimable? no [ 1521.417770] DMA32 free:3012768kB min:4696kB low:7712kB high:10728kB active_anon:8kB inactive_anon:0kB active_file:4kB inactive_file:0kB unevictable:0kB writepending:0kB present:3145324kB managed:3020092kB mlocked:0kB slab_reclaimable:72kB slab_unreclaimable:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:1232kB local_pcp:588kB free_cma:0kB lowmem_reserve[]: 0 3505 3505 [ 1521.417799] Normal free:1524636kB min:5580kB low:9168kB high:12756kB active_anon:750716kB inactive_anon:160kB active_file:50748kB inactive_file:77336kB unevictable:4kB writepending:592kB present:4718592kB managed:3589316kB mlocked:4kB slab_reclaimable:35432kB slab_unreclaimable:402220kB kernel_stack:99296kB pagetables:312588kB bounce:0kB free_pcp:716kB local_pcp:608kB free_cma:0kB lowmem_reserve[]: 0 0 0 [ 1521.417861] DMA32: 12*4kB (UM) 12*8kB (UME) 7*16kB (UME) 5*32kB (UME) 4*64kB (UM) 6*128kB (UME) 7*256kB (UME) 6*512kB (UME) 4*1024kB (UME) 4*2048kB (UME) 731*4096kB (UM) = 3012768kB Normal: 1216*4kB (UME) 417*8kB (UME) 137*16kB (UME) 17*32kB (UM) 22*64kB (UM) 9*128kB (UME) 3*256kB (UE) 2*512kB (UM) 2*1024kB (UE) 0*2048kB 368*4096kB (U) = 1524664kB 32075 total pagecache pages [ 1521.417915] 0 pages in swap cache [ 1521.417920] Swap cache stats: add 0, delete 0, find 0/0 [ 1521.417922] Free swap = 0kB [ 1521.417924] Total swap = 0kB [ 1521.417927] 1965979 pages RAM [ 1521.417929] 0 pages HighMem/MovableOnly [ 1521.417931] 313627 pages reserved [ 1521.490283] syz-executor.1: vmalloc: allocation failure: 0 bytes, mode:0x24000c2(GFP_KERNEL|__GFP_HIGHMEM) [ 1521.490306] CPU: 0 PID: 29956 Comm: syz-executor.1 Not tainted 4.9.194+ #0 [ 1521.490319] ffff880138f8f968 ffffffff81b67001 1ffff100271f1f2f ffff880124880000 [ 1521.490329] ffffffff82aab4e0 0000000000000001 0000000000400000 ffff880138f8fa90 [ 1521.490339] ffffffff815080fc 0000000041b58ab3 ffffffff82e3bc80 ffffffff81431d00 [ 1521.490341] Call Trace: [ 1521.490355] [<0000000011681f42>] dump_stack+0xc1/0x120 [ 1521.490367] [<000000007c2097d2>] warn_alloc.cold+0x76/0x93 [ 1521.490377] [<00000000de19d6ac>] ? zone_watermark_ok_safe+0x260/0x260 [ 1521.490384] [<00000000298d54b5>] ? avc_has_perm+0x164/0x3a0 [ 1521.490393] [<000000005cb91349>] __vmalloc_node_range+0x368/0x610 [ 1521.490402] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1521.490410] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1521.490418] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1521.490427] [<00000000a2fc1867>] ? task_has_security+0x130/0x270 [ 1521.490434] [<00000000a2870fb6>] vmalloc+0x5c/0x70 [ 1521.490441] [<000000009122b07a>] ? sel_write_load+0x119/0xf60 [ 1521.490447] [<000000009122b07a>] sel_write_load+0x119/0xf60 [ 1521.490454] [<0000000014953e9a>] ? sel_read_bool+0x240/0x240 [ 1521.490463] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1521.490471] [<00000000b9229046>] ? retint_kernel+0x2d/0x2d [ 1521.490479] [<0000000033795d1e>] ? trace_hardirqs_on+0x10/0x10 [ 1521.490486] [<000000008431afd9>] __vfs_write+0x116/0x560 [ 1521.490493] [<0000000014953e9a>] ? sel_read_bool+0x240/0x240 [ 1521.490499] [<00000000b67253ca>] ? __vfs_read+0x550/0x550 [ 1521.490508] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1521.490516] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1521.490524] [<00000000ad48bf15>] ? rcu_read_lock_sched_held+0x10b/0x130 [ 1521.490531] [<00000000a3300644>] ? rcu_sync_lockdep_assert+0x73/0xb0 [ 1521.490539] [<000000003542cfd2>] ? __sb_start_write+0x161/0x310 [ 1521.490546] [<000000006a657c39>] vfs_write+0x185/0x520 [ 1521.490553] [<00000000896b6640>] SyS_write+0x121/0x270 [ 1521.490560] [<0000000039622e10>] ? SyS_read+0x270/0x270 [ 1521.490567] [<00000000207ed57a>] ? do_syscall_64+0x4a/0x5c0 [ 1521.490574] [<0000000039622e10>] ? SyS_read+0x270/0x270 [ 1521.490581] [<000000009049c43c>] do_syscall_64+0x1ad/0x5c0 [ 1521.490589] [<00000000880b3aee>] entry_SYSCALL_64_after_swapgs+0x5d/0xdb [ 1521.491272] Mem-Info: [ 1521.491312] active_anon:187706 inactive_anon:40 isolated_anon:0 [ 1521.491312] active_file:12688 inactive_file:19334 isolated_file:0 [ 1521.491312] unevictable:1 dirty:148 writeback:0 unstable:0 [ 1521.491312] slab_reclaimable:8876 slab_unreclaimable:100706 [ 1521.491312] mapped:59368 shmem:56 pagetables:78184 bounce:0 [ 1521.491312] free:1134175 free_pcp:539 free_cma:0 [ 1521.491358] Node 0 active_anon:750824kB inactive_anon:160kB active_file:50752kB inactive_file:77336kB unevictable:4kB isolated(anon):0kB isolated(file):0kB mapped:237472kB dirty:592kB writeback:0kB shmem:224kB writeback_tmp:0kB unstable:0kB pages_scanned:0 all_unreclaimable? no [ 1521.491389] DMA32 free:3012768kB min:4696kB low:7712kB high:10728kB active_anon:8kB inactive_anon:0kB active_file:4kB inactive_file:0kB unevictable:0kB writepending:0kB present:3145324kB managed:3020092kB mlocked:0kB slab_reclaimable:72kB slab_unreclaimable:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:1232kB local_pcp:588kB free_cma:0kB lowmem_reserve[]: 0 3505 3505 [ 1521.491512] Normal free:1523932kB min:5580kB low:9168kB high:12756kB active_anon:750816kB inactive_anon:160kB active_file:50748kB inactive_file:77336kB unevictable:4kB writepending:592kB present:4718592kB managed:3589316kB mlocked:4kB slab_reclaimable:35432kB slab_unreclaimable:402824kB kernel_stack:99232kB pagetables:312736kB bounce:0kB free_pcp:924kB local_pcp:568kB free_cma:0kB lowmem_reserve[]: 0 0 0 [ 1521.491900] DMA32: 12*4kB (UM) 12*8kB (UME) 7*16kB (UME) 5*32kB (UME) 4*64kB (UM) 6*128kB (UME) 7*256kB (UME) 6*512kB (UME) 4*1024kB (UME) 4*2048kB (UME) 731*4096kB (UM) = 3012768kB Normal: 1195*4kB (UME) 412*8kB (UME) 137*16kB (UME) 22*32kB (UM) 12*64kB (UM) 9*128kB (UME) 3*256kB (UE) 2*512kB (UM) 2*1024kB (UE) 0*2048kB 368*4096kB (U) = 1524060kB 32075 total pagecache pages [ 1521.492193] 0 pages in swap cache [ 1521.492201] Swap cache stats: add 0, delete 0, find 0/0 [ 1521.492212] Free swap = 0kB [ 1521.492218] Total swap = 0kB [ 1521.492254] 1965979 pages RAM [ 1521.492274] 0 pages HighMem/MovableOnly [ 1521.492298] 313627 pages reserved [ 1521.510141] syz-executor.4: vmalloc: allocation failure: 0 bytes, mode:0x24000c2(GFP_KERNEL|__GFP_HIGHMEM) [ 1521.510150] CPU: 0 PID: 29962 Comm: syz-executor.4 Not tainted 4.9.194+ #0 [ 1521.510164] ffff8801320ef968 ffffffff81b67001 1ffff1002641df2f ffff880127a0af80 [ 1521.510175] ffffffff82aab4e0 0000000000000001 0000000000400000 ffff8801320efa90 [ 1521.510185] ffffffff815080fc 0000000041b58ab3 ffffffff82e3bc80 ffffffff81431d00 [ 1521.510187] Call Trace: [ 1521.510200] [<0000000011681f42>] dump_stack+0xc1/0x120 [ 1521.510212] [<000000007c2097d2>] warn_alloc.cold+0x76/0x93 [ 1521.510220] [<00000000de19d6ac>] ? zone_watermark_ok_safe+0x260/0x260 [ 1521.510227] [<00000000298d54b5>] ? avc_has_perm+0x164/0x3a0 [ 1521.510237] [<000000005cb91349>] __vmalloc_node_range+0x368/0x610 [ 1521.510245] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1521.510253] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 22:11:15 executing program 4: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x448, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x13102000ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket(0x0, 0xa, 0x8) poll(0x0, 0x0, 0x8000000000000200) socketpair(0x10, 0x0, 0xfe, &(0x7f0000000180)) r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$TIOCLINUX4(r1, 0x541c, &(0x7f0000000040)) dup2(r0, 0xffffffffffffffff) r2 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r3, &(0x7f0000000300)=ANY=[@ANYBLOB="2422cdb3dbc96a0d7dab17ee1da68e97a75c2d1a34e7ee02004c4ac61b6783adf4b78165e6c18fe6e6e9de0eb40ab9b6372acb8457a07f40768a79fdc462e6b4a93479179acce26e9a881ad88e9bda56bc45b955bd137eb6a10faae485df2055d290b5f5949c6c1ef54dacde51e41b3b831d091296afdcea0a3f90167c64236701a6a66a7585617a81295c82c330caf32cb6b5240766739a217b22cf41bbab5aeb327feb5109ed16a6ddd2009b475825c0dd02dbec6e612072ce7fd70ed9305446a8b45b7a9ff355b3cff9707fe8ba6b03c1d1269b59308a"], 0x1) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x21) wait4(0x0, 0x0, 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x10000, 0x0, 0x15}) getxattr(&(0x7f0000000240)='./file0\x00', &(0x7f0000000280)=@known='com.apple.system.Security\x00', &(0x7f00000002c0)=""/41, 0x29) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0xf, &(0x7f00009abffc)=0x5, 0x4) openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000540)='/dev/vga_arbiter\x00', 0x511441, 0x0) 22:11:15 executing program 5: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x448, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x13102000ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket(0x5, 0xa, 0x8) poll(0x0, 0x0, 0x0) socketpair(0x10, 0x0, 0xfe, &(0x7f0000000180)) fcntl$setown(0xffffffffffffffff, 0x8, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$TIOCLINUX4(r1, 0x541c, &(0x7f0000000040)) dup2(r0, 0xffffffffffffffff) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r3, &(0x7f0000000300)=ANY=[@ANYBLOB="2422cdb3dbc96a0d7dab17ee1da68e97a75c2d1a34e7ee02004c4ac61b6783adf4b78165e6c18fe6e6e9de0eb40ab9b6372acb8457a07f40768a79fdc462e6b4a93479179acce26e9a881ad88e9bda56bc45b955bd137eb6a10faae485df2055d290b5f5949c6c1ef54dacde51e41b3b831d091296afdcea0a3f90167c64236701a6a66a7585617a81295c82c330caf32cb6b5240766739a217b22cf41bbab5aeb327feb5109ed16a6ddd2009b475825c0dd02dbec6e612072ce7fd70ed9305446a8b45b7a9ff355b3cff9707fe8ba6b03c1d1269b59308a"], 0x1) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x21) wait4(0x0, 0x0, 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x10000, 0x0, 0x15}) syz_open_pts(r0, 0x0) getxattr(&(0x7f0000000240)='./file0\x00', &(0x7f0000000280)=@known='com.apple.system.Security\x00', &(0x7f00000002c0)=""/41, 0x29) accept$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @initdev}, &(0x7f00000001c0)=0x10) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0xf, &(0x7f00009abffc)=0x5, 0x4) r4 = socket(0xa, 0x2, 0x0) getsockopt$sock_cred(r4, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xa) fcntl$getownex(r4, 0x10, &(0x7f0000000500)) openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000540)='/dev/vga_arbiter\x00', 0x511441, 0x0) 22:11:15 executing program 2: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x448, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x13102000ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket(0x0, 0xa, 0x8) poll(0x0, 0x0, 0x8000000000000200) socketpair(0x10, 0x0, 0xfe, &(0x7f0000000180)) fcntl$setown(0xffffffffffffffff, 0x8, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$TIOCLINUX4(r1, 0x541c, &(0x7f0000000040)) dup2(r0, 0xffffffffffffffff) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r3, &(0x7f0000000300)=ANY=[@ANYBLOB="2422cdb3dbc96a0d7dab17ee1da68e97a75c2d1a34e7ee02004c4ac61b6783adf4b78165e6c18fe6e6e9de0eb40ab9b6372acb8457a07f40768a79fdc462e6b4a93479179acce26e9a881ad88e9bda56bc45b955bd137eb6a10faae485df2055d290b5f5949c6c1ef54dacde51e41b3b831d091296afdcea0a3f90167c64236701a6a66a7585617a81295c82c330caf32cb6b5240766739a217b22cf41bbab5aeb327feb5109ed16a6ddd2009b475825c0dd02dbec6e612072ce7fd70ed9305446a8b45b7a9ff355b3cff9707fe8ba6b03c1d1269b59308a"], 0x1) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x21) wait4(0x0, 0x0, 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x10000, 0x0, 0x15}) syz_open_pts(r0, 0x0) getxattr(&(0x7f0000000240)='./file0\x00', &(0x7f0000000280)=@known='com.apple.system.Security\x00', &(0x7f00000002c0)=""/41, 0x29) accept$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @initdev}, &(0x7f00000001c0)=0x10) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0xf, &(0x7f00009abffc)=0x5, 0x4) socket(0xa, 0x2, 0x0) openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000540)='/dev/vga_arbiter\x00', 0x511441, 0x0) 22:11:15 executing program 1: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x13102000ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket(0x0, 0x0, 0x0) poll(0x0, 0x0, 0x8000000000000200) socketpair(0x10, 0x0, 0xfe, &(0x7f0000000180)) r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$TIOCLINUX4(r1, 0x541c, &(0x7f0000000040)) dup2(0xffffffffffffffff, 0xffffffffffffffff) r2 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r3, &(0x7f0000000300)=ANY=[], 0x0) ptrace$setopts(0xffffffffffffffff, r2, 0x0, 0x0) tkill(r2, 0x21) wait4(0x0, 0x0, 0x0, 0x0) syz_open_pts(r0, 0x0) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0xf, &(0x7f00009abffc)=0x5, 0x4) 22:11:15 executing program 0: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) socket(0x0, 0x0, 0x8) poll(0x0, 0x0, 0x8000000000000200) socketpair(0x10, 0x0, 0x0, 0x0) creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$TIOCLINUX4(0xffffffffffffffff, 0x541c, 0x0) r0 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r1, &(0x7f0000000300)=ANY=[], 0x0) ptrace$setopts(0x4206, 0x0, 0x0, 0x0) tkill(r0, 0x21) wait4(0x0, 0x0, 0x0, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x10000, 0x0, 0x15}) syz_open_pts(0xffffffffffffffff, 0x0) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000540)='/dev/vga_arbiter\x00', 0x511441, 0x0) [ 1521.510261] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1521.510289] [<00000000a2fc1867>] ? task_has_security+0x130/0x270 [ 1521.510296] [<00000000a2870fb6>] vmalloc+0x5c/0x70 [ 1521.510304] [<000000009122b07a>] ? sel_write_load+0x119/0xf60 [ 1521.510310] [<000000009122b07a>] sel_write_load+0x119/0xf60 [ 1521.510318] [<0000000014953e9a>] ? sel_read_bool+0x240/0x240 [ 1521.510329] [<0000000033795d1e>] ? trace_hardirqs_on+0x10/0x10 22:11:15 executing program 3: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x448, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x13102000ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket(0x5, 0xa, 0x8) poll(0x0, 0x0, 0x8000000000000200) fcntl$setown(0xffffffffffffffff, 0x8, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$TIOCLINUX4(r1, 0x541c, &(0x7f0000000040)) dup2(r0, 0xffffffffffffffff) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x21) wait4(0x0, 0x0, 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x10000, 0x0, 0x15}) syz_open_pts(r0, 0x0) socket(0xa, 0x2, 0x0) openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000540)='/dev/vga_arbiter\x00', 0x511441, 0x0) 22:11:15 executing program 5: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x448, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x13102000ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket(0x5, 0xa, 0x8) poll(0x0, 0x0, 0x0) socketpair(0x10, 0x0, 0xfe, &(0x7f0000000180)) fcntl$setown(0xffffffffffffffff, 0x8, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$TIOCLINUX4(r1, 0x541c, &(0x7f0000000040)) dup2(r0, 0xffffffffffffffff) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r3, &(0x7f0000000300)=ANY=[@ANYBLOB="2422cdb3dbc96a0d7dab17ee1da68e97a75c2d1a34e7ee02004c4ac61b6783adf4b78165e6c18fe6e6e9de0eb40ab9b6372acb8457a07f40768a79fdc462e6b4a93479179acce26e9a881ad88e9bda56bc45b955bd137eb6a10faae485df2055d290b5f5949c6c1ef54dacde51e41b3b831d091296afdcea0a3f90167c64236701a6a66a7585617a81295c82c330caf32cb6b5240766739a217b22cf41bbab5aeb327feb5109ed16a6ddd2009b475825c0dd02dbec6e612072ce7fd70ed9305446a8b45b7a9ff355b3cff9707fe8ba6b03c1d1269b59308a"], 0x1) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x21) wait4(0x0, 0x0, 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x10000, 0x0, 0x15}) syz_open_pts(r0, 0x0) getxattr(&(0x7f0000000240)='./file0\x00', &(0x7f0000000280)=@known='com.apple.system.Security\x00', &(0x7f00000002c0)=""/41, 0x29) accept$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @initdev}, &(0x7f00000001c0)=0x10) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0xf, &(0x7f00009abffc)=0x5, 0x4) r4 = socket(0xa, 0x2, 0x0) getsockopt$sock_cred(r4, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xa) fcntl$getownex(r4, 0x10, &(0x7f0000000500)) openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000540)='/dev/vga_arbiter\x00', 0x511441, 0x0) [ 1521.510335] [<000000008431afd9>] __vfs_write+0x116/0x560 [ 1521.510342] [<0000000014953e9a>] ? sel_read_bool+0x240/0x240 [ 1521.510348] [<00000000b67253ca>] ? __vfs_read+0x550/0x550 22:11:15 executing program 2: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x448, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x13102000ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket(0x0, 0xa, 0x8) poll(0x0, 0x0, 0x8000000000000200) socketpair(0x10, 0x0, 0xfe, &(0x7f0000000180)) fcntl$setown(0xffffffffffffffff, 0x8, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$TIOCLINUX4(r1, 0x541c, &(0x7f0000000040)) dup2(r0, 0xffffffffffffffff) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r3, &(0x7f0000000300)=ANY=[@ANYBLOB="2422cdb3dbc96a0d7dab17ee1da68e97a75c2d1a34e7ee02004c4ac61b6783adf4b78165e6c18fe6e6e9de0eb40ab9b6372acb8457a07f40768a79fdc462e6b4a93479179acce26e9a881ad88e9bda56bc45b955bd137eb6a10faae485df2055d290b5f5949c6c1ef54dacde51e41b3b831d091296afdcea0a3f90167c64236701a6a66a7585617a81295c82c330caf32cb6b5240766739a217b22cf41bbab5aeb327feb5109ed16a6ddd2009b475825c0dd02dbec6e612072ce7fd70ed9305446a8b45b7a9ff355b3cff9707fe8ba6b03c1d1269b59308a"], 0x1) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x21) wait4(0x0, 0x0, 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x10000, 0x0, 0x15}) syz_open_pts(r0, 0x0) getxattr(&(0x7f0000000240)='./file0\x00', &(0x7f0000000280)=@known='com.apple.system.Security\x00', &(0x7f00000002c0)=""/41, 0x29) accept$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @initdev}, &(0x7f00000001c0)=0x10) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0xf, &(0x7f00009abffc)=0x5, 0x4) socket(0xa, 0x2, 0x0) openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000540)='/dev/vga_arbiter\x00', 0x511441, 0x0) 22:11:15 executing program 1: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x13102000ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket(0x0, 0x0, 0x0) poll(0x0, 0x0, 0x8000000000000200) socketpair(0x10, 0x0, 0xfe, &(0x7f0000000180)) r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$TIOCLINUX4(r1, 0x541c, &(0x7f0000000040)) dup2(0xffffffffffffffff, 0xffffffffffffffff) r2 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r3, &(0x7f0000000300)=ANY=[], 0x0) ptrace$setopts(0x4206, 0x0, 0x0, 0x0) tkill(r2, 0x21) wait4(0x0, 0x0, 0x0, 0x0) syz_open_pts(r0, 0x0) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0xf, &(0x7f00009abffc)=0x5, 0x4) [ 1521.510357] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1521.510365] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1521.510373] [<00000000ad48bf15>] ? rcu_read_lock_sched_held+0x10b/0x130 [ 1521.510380] [<00000000a3300644>] ? rcu_sync_lockdep_assert+0x73/0xb0 [ 1521.510388] [<000000003542cfd2>] ? __sb_start_write+0x161/0x310 [ 1521.510394] [<000000006a657c39>] vfs_write+0x185/0x520 [ 1521.510401] [<00000000896b6640>] SyS_write+0x121/0x270 [ 1521.510408] [<0000000039622e10>] ? SyS_read+0x270/0x270 [ 1521.510416] [<00000000207ed57a>] ? do_syscall_64+0x4a/0x5c0 [ 1521.510422] [<0000000039622e10>] ? SyS_read+0x270/0x270 [ 1521.510429] [<000000009049c43c>] do_syscall_64+0x1ad/0x5c0 [ 1521.510438] [<00000000880b3aee>] entry_SYSCALL_64_after_swapgs+0x5d/0xdb [ 1521.510442] Mem-Info: [ 1521.510460] active_anon:187706 inactive_anon:40 isolated_anon:0 [ 1521.510460] active_file:12688 inactive_file:19334 isolated_file:0 [ 1521.510460] unevictable:1 dirty:148 writeback:0 unstable:0 [ 1521.510460] slab_reclaimable:8876 slab_unreclaimable:100738 [ 1521.510460] mapped:59368 shmem:56 pagetables:78184 bounce:0 [ 1521.510460] free:1134175 free_pcp:481 free_cma:0 [ 1521.510475] Node 0 active_anon:750824kB inactive_anon:160kB active_file:50752kB inactive_file:77336kB unevictable:4kB isolated(anon):0kB isolated(file):0kB mapped:237472kB dirty:592kB writeback:0kB shmem:224kB writeback_tmp:0kB unstable:0kB pages_scanned:0 all_unreclaimable? no 22:11:15 executing program 5: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x448, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x13102000ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket(0x5, 0xa, 0x8) poll(0x0, 0x0, 0x0) socketpair(0x10, 0x0, 0xfe, &(0x7f0000000180)) fcntl$setown(0xffffffffffffffff, 0x8, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$TIOCLINUX4(r1, 0x541c, &(0x7f0000000040)) dup2(r0, 0xffffffffffffffff) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r3, &(0x7f0000000300)=ANY=[@ANYBLOB="2422cdb3dbc96a0d7dab17ee1da68e97a75c2d1a34e7ee02004c4ac61b6783adf4b78165e6c18fe6e6e9de0eb40ab9b6372acb8457a07f40768a79fdc462e6b4a93479179acce26e9a881ad88e9bda56bc45b955bd137eb6a10faae485df2055d290b5f5949c6c1ef54dacde51e41b3b831d091296afdcea0a3f90167c64236701a6a66a7585617a81295c82c330caf32cb6b5240766739a217b22cf41bbab5aeb327feb5109ed16a6ddd2009b475825c0dd02dbec6e612072ce7fd70ed9305446a8b45b7a9ff355b3cff9707fe8ba6b03c1d1269b59308a"], 0x1) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x21) wait4(0x0, 0x0, 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x10000, 0x0, 0x15}) syz_open_pts(r0, 0x0) getxattr(&(0x7f0000000240)='./file0\x00', &(0x7f0000000280)=@known='com.apple.system.Security\x00', &(0x7f00000002c0)=""/41, 0x29) accept$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @initdev}, &(0x7f00000001c0)=0x10) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0xf, &(0x7f00009abffc)=0x5, 0x4) r4 = socket(0xa, 0x2, 0x0) getsockopt$sock_cred(r4, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xa) fcntl$getownex(r4, 0x10, &(0x7f0000000500)) openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000540)='/dev/vga_arbiter\x00', 0x511441, 0x0) 22:11:15 executing program 4: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x448, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x13102000ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket(0x0, 0xa, 0x8) poll(0x0, 0x0, 0x8000000000000200) socketpair(0x10, 0x0, 0xfe, &(0x7f0000000180)) r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$TIOCLINUX4(r1, 0x541c, &(0x7f0000000040)) dup2(r0, 0xffffffffffffffff) r2 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r3, &(0x7f0000000300)=ANY=[@ANYBLOB="2422cdb3dbc96a0d7dab17ee1da68e97a75c2d1a34e7ee02004c4ac61b6783adf4b78165e6c18fe6e6e9de0eb40ab9b6372acb8457a07f40768a79fdc462e6b4a93479179acce26e9a881ad88e9bda56bc45b955bd137eb6a10faae485df2055d290b5f5949c6c1ef54dacde51e41b3b831d091296afdcea0a3f90167c64236701a6a66a7585617a81295c82c330caf32cb6b5240766739a217b22cf41bbab5aeb327feb5109ed16a6ddd2009b475825c0dd02dbec6e612072ce7fd70ed9305446a8b45b7a9ff355b3cff9707fe8ba6b03c1d1269b59308a"], 0x1) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x21) wait4(0x0, 0x0, 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x10000, 0x0, 0x15}) getxattr(&(0x7f0000000240)='./file0\x00', &(0x7f0000000280)=@known='com.apple.system.Security\x00', &(0x7f00000002c0)=""/41, 0x29) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0xf, &(0x7f00009abffc)=0x5, 0x4) openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000540)='/dev/vga_arbiter\x00', 0x511441, 0x0) [ 1521.510492] DMA32 free:3012768kB min:4696kB low:7712kB high:10728kB active_anon:8kB inactive_anon:0kB active_file:4kB inactive_file:0kB unevictable:0kB writepending:0kB present:3145324kB managed:3020092kB mlocked:0kB slab_reclaimable:72kB slab_unreclaimable:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:1232kB local_pcp:588kB free_cma:0kB lowmem_reserve[]: 0 3505 3505 [ 1521.510522] Normal free:1523932kB min:5580kB low:9168kB high:12756kB active_anon:750816kB inactive_anon:160kB active_file:50748kB inactive_file:77336kB unevictable:4kB writepending:592kB present:4718592kB managed:3589316kB mlocked:4kB slab_reclaimable:35432kB slab_unreclaimable:402952kB kernel_stack:99200kB pagetables:312736kB bounce:0kB free_pcp:692kB local_pcp:336kB free_cma:0kB lowmem_reserve[]: 0 0 0 [ 1521.510584] DMA32: 12*4kB (UM) 12*8kB (UME) 7*16kB (UME) 5*32kB (UME) 4*64kB (UM) 6*128kB (UME) 7*256kB (UME) 6*512kB (UME) 4*1024kB (UME) 4*2048kB (UME) 731*4096kB (UM) = 3012768kB 22:11:15 executing program 5: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x448, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x13102000ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket(0x5, 0xa, 0x8) poll(0x0, 0x0, 0x8000000000000200) socketpair(0x0, 0x0, 0xfe, &(0x7f0000000180)) fcntl$setown(0xffffffffffffffff, 0x8, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$TIOCLINUX4(r1, 0x541c, &(0x7f0000000040)) dup2(r0, 0xffffffffffffffff) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r3, &(0x7f0000000300)=ANY=[@ANYBLOB="2422cdb3dbc96a0d7dab17ee1da68e97a75c2d1a34e7ee02004c4ac61b6783adf4b78165e6c18fe6e6e9de0eb40ab9b6372acb8457a07f40768a79fdc462e6b4a93479179acce26e9a881ad88e9bda56bc45b955bd137eb6a10faae485df2055d290b5f5949c6c1ef54dacde51e41b3b831d091296afdcea0a3f90167c64236701a6a66a7585617a81295c82c330caf32cb6b5240766739a217b22cf41bbab5aeb327feb5109ed16a6ddd2009b475825c0dd02dbec6e612072ce7fd70ed9305446a8b45b7a9ff355b3cff9707fe8ba6b03c1d1269b59308a"], 0x1) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x21) wait4(0x0, 0x0, 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x10000, 0x0, 0x15}) syz_open_pts(r0, 0x0) stat(&(0x7f0000000140)='./file0\x00', 0x0) getxattr(&(0x7f0000000240)='./file0\x00', &(0x7f0000000280)=@known='com.apple.system.Security\x00', &(0x7f00000002c0)=""/41, 0x29) accept$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @initdev}, &(0x7f00000001c0)=0x10) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) bind$inet(0xffffffffffffffff, &(0x7f0000000080)={0x2, 0x4e22, @empty}, 0x10) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0xf, &(0x7f00009abffc)=0x5, 0x4) r4 = socket(0xa, 0x2, 0x0) getsockopt$sock_cred(r4, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xa) openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000540)='/dev/vga_arbiter\x00', 0x511441, 0x0) 22:11:15 executing program 0: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) socket(0x0, 0x0, 0x8) poll(0x0, 0x0, 0x8000000000000200) socketpair(0x10, 0x0, 0x0, 0x0) creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$TIOCLINUX4(0xffffffffffffffff, 0x541c, 0x0) r0 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r1, &(0x7f0000000300)=ANY=[], 0x0) ptrace$setopts(0x4206, 0x0, 0x0, 0x0) tkill(r0, 0x21) wait4(0x0, 0x0, 0x0, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x10000, 0x0, 0x15}) syz_open_pts(0xffffffffffffffff, 0x0) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000540)='/dev/vga_arbiter\x00', 0x511441, 0x0) Normal: 1195*4kB (UME) 412*8kB (UME) 137*16kB (UME) 22*32kB (UM) 12*64kB (UM) 9*128kB (UME) 3*256kB (UE) 2*512kB (UM) 2*1024kB (UE) 0*2048kB 368*4096kB (U) = 1524060kB 32075 total pagecache pages 22:11:16 executing program 1: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x13102000ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket(0x0, 0x0, 0x0) poll(0x0, 0x0, 0x8000000000000200) socketpair(0x10, 0x0, 0xfe, &(0x7f0000000180)) r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$TIOCLINUX4(r1, 0x541c, &(0x7f0000000040)) dup2(0xffffffffffffffff, 0xffffffffffffffff) r2 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r3, &(0x7f0000000300)=ANY=[], 0x0) ptrace$setopts(0x4206, 0x0, 0x0, 0x0) tkill(r2, 0x21) wait4(0x0, 0x0, 0x0, 0x0) syz_open_pts(r0, 0x0) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0xf, &(0x7f00009abffc)=0x5, 0x4) [ 1521.510642] 0 pages in swap cache 22:11:16 executing program 2: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x448, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x13102000ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket(0x0, 0xa, 0x8) poll(0x0, 0x0, 0x8000000000000200) socketpair(0x10, 0x0, 0xfe, &(0x7f0000000180)) r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$TIOCLINUX4(r1, 0x541c, &(0x7f0000000040)) dup2(r0, 0xffffffffffffffff) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r3, &(0x7f0000000300)=ANY=[@ANYBLOB="2422cdb3dbc96a0d7dab17ee1da68e97a75c2d1a34e7ee02004c4ac61b6783adf4b78165e6c18fe6e6e9de0eb40ab9b6372acb8457a07f40768a79fdc462e6b4a93479179acce26e9a881ad88e9bda56bc45b955bd137eb6a10faae485df2055d290b5f5949c6c1ef54dacde51e41b3b831d091296afdcea0a3f90167c64236701a6a66a7585617a81295c82c330caf32cb6b5240766739a217b22cf41bbab5aeb327feb5109ed16a6ddd2009b475825c0dd02dbec6e612072ce7fd70ed9305446a8b45b7a9ff355b3cff9707fe8ba6b03c1d1269b59308a"], 0x1) ptrace$setopts(0x4206, r2, 0x0, 0x0) wait4(0x0, 0x0, 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x10000, 0x0, 0x15}) getxattr(&(0x7f0000000240)='./file0\x00', &(0x7f0000000280)=@known='com.apple.system.Security\x00', &(0x7f00000002c0)=""/41, 0x29) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0xf, &(0x7f00009abffc)=0x5, 0x4) openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000540)='/dev/vga_arbiter\x00', 0x511441, 0x0) [ 1521.510646] Swap cache stats: add 0, delete 0, find 0/0 [ 1521.510648] Free swap = 0kB [ 1521.510651] Total swap = 0kB [ 1521.510653] 1965979 pages RAM [ 1521.510656] 0 pages HighMem/MovableOnly [ 1521.510658] 313627 pages reserved [ 1521.614303] syz-executor.3: vmalloc: allocation failure: 0 bytes, mode:0x24000c2(GFP_KERNEL|__GFP_HIGHMEM) [ 1521.614311] CPU: 1 PID: 29966 Comm: syz-executor.3 Not tainted 4.9.194+ #0 [ 1521.614324] ffff880134ea7968 ffffffff81b67001 1ffff100269d4f2f ffff8801ad4d17c0 [ 1521.614335] ffffffff82aab4e0 0000000000000001 0000000000400000 ffff880134ea7a90 [ 1521.614345] ffffffff815080fc 0000000041b58ab3 ffffffff82e3bc80 ffffffff81431d00 [ 1521.614347] Call Trace: [ 1521.614368] [<0000000011681f42>] dump_stack+0xc1/0x120 22:11:16 executing program 3: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x448, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x13102000ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket(0x0, 0xa, 0x0) poll(0x0, 0x0, 0x8000000000000200) socketpair(0x0, 0x0, 0xfe, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$TIOCLINUX4(r1, 0x541c, &(0x7f0000000040)) dup2(0xffffffffffffffff, 0xffffffffffffffff) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r3, &(0x7f0000000300)=ANY=[@ANYBLOB="2422cdb3dbc96a0d7dab17ee1da68e97a75c2d1a34e7ee02004c4ac61b6783adf4b78165e6c18fe6e6e9de0eb40ab9b6372acb8457a07f40768a79fdc462e6b4a93479179acce26e9a881ad88e9bda56bc45b955bd137eb6a10faae485df2055d290b5f5949c6c1ef54dacde51e41b3b831d091296afdcea0a3f90167c64236701a6a66a7585617a81295c82c330caf32cb6b5240766739a217b22cf41bbab5aeb327feb5109ed16a6ddd2009b475825c0dd02dbec6e612072ce7fd70ed9305446a8b45b7a9ff355b3cff9707fe8ba6b03c1d1269b59308a"], 0x1) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x21) wait4(0x0, 0x0, 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x10000, 0x0, 0x15}) syz_open_pts(r0, 0x0) getxattr(&(0x7f0000000240)='./file0\x00', &(0x7f0000000280)=@known='com.apple.system.Security\x00', &(0x7f00000002c0)=""/41, 0x29) accept$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @initdev}, &(0x7f00000001c0)=0x10) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0xf, &(0x7f00009abffc)=0x5, 0x4) r4 = socket(0xa, 0x2, 0x0) getsockopt$sock_cred(r4, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xa) fcntl$getownex(r4, 0x10, &(0x7f0000000500)) openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000540)='/dev/vga_arbiter\x00', 0x511441, 0x0) [ 1521.614379] [<000000007c2097d2>] warn_alloc.cold+0x76/0x93 [ 1521.614388] [<00000000de19d6ac>] ? zone_watermark_ok_safe+0x260/0x260 22:11:16 executing program 4: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x448, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x13102000ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket(0x0, 0xa, 0x8) poll(0x0, 0x0, 0x8000000000000200) socketpair(0x10, 0x0, 0xfe, &(0x7f0000000180)) r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$TIOCLINUX4(r1, 0x541c, &(0x7f0000000040)) dup2(r0, 0xffffffffffffffff) r2 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r3, &(0x7f0000000300)=ANY=[@ANYBLOB="2422cdb3dbc96a0d7dab17ee1da68e97a75c2d1a34e7ee02004c4ac61b6783adf4b78165e6c18fe6e6e9de0eb40ab9b6372acb8457a07f40768a79fdc462e6b4a93479179acce26e9a881ad88e9bda56bc45b955bd137eb6a10faae485df2055d290b5f5949c6c1ef54dacde51e41b3b831d091296afdcea0a3f90167c64236701a6a66a7585617a81295c82c330caf32cb6b5240766739a217b22cf41bbab5aeb327feb5109ed16a6ddd2009b475825c0dd02dbec6e612072ce7fd70ed9305446a8b45b7a9ff355b3cff9707fe8ba6b03c1d1269b59308a"], 0x1) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x21) wait4(0x0, 0x0, 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x10000, 0x0, 0x15}) getxattr(&(0x7f0000000240)='./file0\x00', &(0x7f0000000280)=@known='com.apple.system.Security\x00', &(0x7f00000002c0)=""/41, 0x29) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0xf, &(0x7f00009abffc)=0x5, 0x4) openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000540)='/dev/vga_arbiter\x00', 0x511441, 0x0) [ 1521.614396] [<00000000298d54b5>] ? avc_has_perm+0x164/0x3a0 [ 1521.614405] [<000000005cb91349>] __vmalloc_node_range+0x368/0x610 [ 1521.614413] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1521.614421] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1521.614429] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1521.614438] [<00000000a2fc1867>] ? task_has_security+0x130/0x270 [ 1521.614444] [<00000000a2870fb6>] vmalloc+0x5c/0x70 [ 1521.614451] [<000000009122b07a>] ? sel_write_load+0x119/0xf60 [ 1521.614457] [<000000009122b07a>] sel_write_load+0x119/0xf60 [ 1521.614464] [<0000000014953e9a>] ? sel_read_bool+0x240/0x240 [ 1521.614473] [<0000000033795d1e>] ? trace_hardirqs_on+0x10/0x10 22:11:16 executing program 5: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x448, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x13102000ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket(0x5, 0xa, 0x0) poll(0x0, 0x0, 0x8000000000000200) socketpair(0x10, 0x0, 0xfe, &(0x7f0000000180)) fcntl$setown(0xffffffffffffffff, 0x8, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$TIOCLINUX4(r1, 0x541c, &(0x7f0000000040)) dup2(r0, 0xffffffffffffffff) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r3, &(0x7f0000000300)=ANY=[@ANYBLOB="2422cdb3dbc96a0d7dab17ee1da68e97a75c2d1a34e7ee02004c4ac61b6783adf4b78165e6c18fe6e6e9de0eb40ab9b6372acb8457a07f40768a79fdc462e6b4a93479179acce26e9a881ad88e9bda56bc45b955bd137eb6a10faae485df2055d290b5f5949c6c1ef54dacde51e41b3b831d091296afdcea0a3f90167c64236701a6a66a7585617a81295c82c330caf32cb6b5240766739a217b22cf41bbab5aeb327feb5109ed16a6ddd2009b475825c0dd02dbec6e612072ce7fd70ed9305446a8b45b7a9ff355b3cff9707fe8ba6b03c1d1269b59308a"], 0x1) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x21) wait4(0x0, 0x0, 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x10000, 0x0, 0x15}) syz_open_pts(r0, 0x0) stat(&(0x7f0000000140)='./file0\x00', 0x0) getxattr(&(0x7f0000000240)='./file0\x00', &(0x7f0000000280)=@known='com.apple.system.Security\x00', &(0x7f00000002c0)=""/41, 0x29) accept$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @initdev}, &(0x7f00000001c0)=0x10) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) bind$inet(0xffffffffffffffff, &(0x7f0000000080)={0x2, 0x4e22, @empty}, 0x10) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0xf, &(0x7f00009abffc)=0x5, 0x4) r4 = socket(0xa, 0x2, 0x0) getsockopt$sock_cred(r4, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xa) openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000540)='/dev/vga_arbiter\x00', 0x511441, 0x0) [ 1521.614480] [<000000008431afd9>] __vfs_write+0x116/0x560 [ 1521.614486] [<0000000014953e9a>] ? sel_read_bool+0x240/0x240 [ 1521.614493] [<00000000b67253ca>] ? __vfs_read+0x550/0x550 [ 1521.614501] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 22:11:16 executing program 1: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x13102000ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket(0x0, 0x0, 0x0) poll(0x0, 0x0, 0x8000000000000200) socketpair(0x10, 0x0, 0xfe, &(0x7f0000000180)) r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$TIOCLINUX4(r1, 0x541c, &(0x7f0000000040)) dup2(0xffffffffffffffff, 0xffffffffffffffff) r2 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r3, &(0x7f0000000300)=ANY=[], 0x0) ptrace$setopts(0x4206, 0x0, 0x0, 0x0) tkill(r2, 0x21) wait4(0x0, 0x0, 0x0, 0x0) syz_open_pts(r0, 0x0) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0xf, &(0x7f00009abffc)=0x5, 0x4) [ 1521.614510] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1521.614518] [<00000000ad48bf15>] ? rcu_read_lock_sched_held+0x10b/0x130 [ 1521.614525] [<00000000a3300644>] ? rcu_sync_lockdep_assert+0x73/0xb0 ** 18 printk messages dropped ** [ 1521.614780] 0 pages in swap cache 22:11:16 executing program 4: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x13102000ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket(0x0, 0x0, 0x0) poll(0x0, 0x0, 0x8000000000000200) socketpair(0x10, 0x0, 0xfe, &(0x7f0000000180)) r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$TIOCLINUX4(r1, 0x541c, &(0x7f0000000040)) dup2(0xffffffffffffffff, 0xffffffffffffffff) r2 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r3, &(0x7f0000000300)=ANY=[], 0x0) ptrace$setopts(0x4206, 0x0, 0x0, 0x0) tkill(r2, 0x21) wait4(0x0, 0x0, 0x0, 0x0) syz_open_pts(r0, 0x0) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0xf, &(0x7f00009abffc)=0x5, 0x4) [ 1521.614784] Swap cache stats: add 0, delete 0, find 0/0 [ 1521.614786] Free swap = 0kB [ 1521.614788] Total swap = 0kB [ 1521.614790] 1965979 pages RAM [ 1521.614792] 0 pages HighMem/MovableOnly [ 1521.614794] 313627 pages reserved [ 1521.813804] syz-executor.1: vmalloc: allocation failure: 0 bytes, mode:0x24000c2(GFP_KERNEL|__GFP_HIGHMEM) [ 1521.813835] CPU: 1 PID: 29975 Comm: syz-executor.1 Not tainted 4.9.194+ #0 [ 1521.813853] ffff88013932f968 ffffffff81b67001 1ffff10027265f2f ffff8801244717c0 [ 1521.813866] ffffffff82aab4e0 0000000000000001 0000000000400000 ffff88013932fa90 [ 1521.813879] ffffffff815080fc 0000000041b58ab3 ffffffff82e3bc80 ffffffff81431d00 [ 1521.813882] Call Trace: 22:11:17 executing program 0: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) socket(0x0, 0x0, 0x8) poll(0x0, 0x0, 0x8000000000000200) socketpair(0x10, 0x0, 0x0, 0x0) creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$TIOCLINUX4(0xffffffffffffffff, 0x541c, 0x0) r0 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r1, &(0x7f0000000300)=ANY=[], 0x0) ptrace$setopts(0x4206, 0x0, 0x0, 0x0) tkill(r0, 0x21) wait4(0x0, 0x0, 0x0, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x10000, 0x0, 0x15}) syz_open_pts(0xffffffffffffffff, 0x0) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000540)='/dev/vga_arbiter\x00', 0x511441, 0x0) [ 1521.813898] [<0000000011681f42>] dump_stack+0xc1/0x120 [ 1521.813911] [<000000007c2097d2>] warn_alloc.cold+0x76/0x93 [ 1521.813922] [<00000000de19d6ac>] ? zone_watermark_ok_safe+0x260/0x260 22:11:17 executing program 1: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x13102000ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket(0x0, 0x0, 0x0) poll(0x0, 0x0, 0x8000000000000200) socketpair(0x10, 0x0, 0xfe, &(0x7f0000000180)) r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$TIOCLINUX4(r1, 0x541c, &(0x7f0000000040)) dup2(0xffffffffffffffff, 0xffffffffffffffff) r2 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r3, &(0x7f0000000300)=ANY=[], 0x0) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(0x0, 0x21) wait4(0x0, 0x0, 0x0, 0x0) syz_open_pts(r0, 0x0) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0xf, &(0x7f00009abffc)=0x5, 0x4) [ 1521.813930] [<00000000298d54b5>] ? avc_has_perm+0x164/0x3a0 [ 1521.813939] [<000000005cb91349>] __vmalloc_node_range+0x368/0x610 [ 1521.813947] [<00000000a2870fb6>] vmalloc+0x5c/0x70 [ 1521.813955] [<000000009122b07a>] ? sel_write_load+0x119/0xf60 [ 1521.813962] [<000000009122b07a>] sel_write_load+0x119/0xf60 [ 1521.813971] [<00000000c0218928>] ? trace_hardirqs_on_caller+0x385/0x5a0 [ 1521.813982] [<00000000442ab0de>] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 1521.813990] [<0000000014953e9a>] ? sel_read_bool+0x240/0x240 [ 1521.813998] [<0000000014953e9a>] ? sel_read_bool+0x240/0x240 [ 1521.814006] [<000000008431afd9>] __vfs_write+0x116/0x560 [ 1521.814013] [<0000000014953e9a>] ? sel_read_bool+0x240/0x240 [ 1521.814021] [<00000000b67253ca>] ? __vfs_read+0x550/0x550 22:11:17 executing program 2: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x448, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x13102000ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket(0x0, 0xa, 0x0) poll(0x0, 0x0, 0x8000000000000200) socketpair(0x0, 0x0, 0xfe, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$TIOCLINUX4(r1, 0x541c, 0x0) dup2(r0, 0xffffffffffffffff) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r3, &(0x7f0000000300)=ANY=[@ANYBLOB="2422cdb3dbc96a0d7dab17ee1da68e97a75c2d1a34e7ee02004c4ac61b6783adf4b78165e6c18fe6e6e9de0eb40ab9b6372acb8457a07f40768a79fdc462e6b4a93479179acce26e9a881ad88e9bda56bc45b955bd137eb6a10faae485df2055d290b5f5949c6c1ef54dacde51e41b3b831d091296afdcea0a3f90167c64236701a6a66a7585617a81295c82c330caf32cb6b5240766739a217b22cf41bbab5aeb327feb5109ed16a6ddd2009b475825c0dd02dbec6e612072ce7fd70ed9305446a8b45b7a9ff355b3cff9707fe8ba6b03c1d1269b59308a"], 0x1) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x21) wait4(0x0, 0x0, 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x10000, 0x0, 0x15}) syz_open_pts(r0, 0x0) getxattr(&(0x7f0000000240)='./file0\x00', &(0x7f0000000280)=@known='com.apple.system.Security\x00', &(0x7f00000002c0)=""/41, 0x29) accept$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @initdev}, &(0x7f00000001c0)=0x10) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0xf, &(0x7f00009abffc)=0x5, 0x4) r4 = socket(0xa, 0x2, 0x0) getsockopt$sock_cred(r4, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xa) fcntl$getownex(r4, 0x10, &(0x7f0000000500)) openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000540)='/dev/vga_arbiter\x00', 0x511441, 0x0) [ 1521.814031] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1521.814040] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1521.814062] [<00000000ad48bf15>] ? rcu_read_lock_sched_held+0x10b/0x130 [ 1521.814072] [<00000000a3300644>] ? rcu_sync_lockdep_assert+0x73/0xb0 [ 1521.814081] [<000000003542cfd2>] ? __sb_start_write+0x161/0x310 [ 1521.814089] [<000000006a657c39>] vfs_write+0x185/0x520 [ 1521.814097] [<00000000896b6640>] SyS_write+0x121/0x270 [ 1521.814105] [<0000000039622e10>] ? SyS_read+0x270/0x270 [ 1521.814113] [<0000000039622e10>] ? SyS_read+0x270/0x270 [ 1521.814121] [<000000009049c43c>] do_syscall_64+0x1ad/0x5c0 [ 1521.814131] [<00000000880b3aee>] entry_SYSCALL_64_after_swapgs+0x5d/0xdb [ 1521.814154] Mem-Info: [ 1521.814215] active_anon:187747 inactive_anon:40 isolated_anon:0 [ 1521.814215] active_file:12691 inactive_file:19334 isolated_file:0 [ 1521.814215] unevictable:1 dirty:151 writeback:0 unstable:0 [ 1521.814215] slab_reclaimable:8876 slab_unreclaimable:100725 [ 1521.814215] mapped:59368 shmem:56 pagetables:78251 bounce:0 [ 1521.814215] free:1134012 free_pcp:548 free_cma:0 [ 1521.814281] Node 0 active_anon:750988kB inactive_anon:160kB active_file:50764kB inactive_file:77336kB unevictable:4kB isolated(anon):0kB isolated(file):0kB mapped:237472kB dirty:604kB writeback:0kB shmem:224kB writeback_tmp:0kB unstable:0kB pages_scanned:0 all_unreclaimable? no [ 1521.814359] DMA32 free:3012768kB min:4696kB low:7712kB high:10728kB active_anon:8kB inactive_anon:0kB active_file:4kB inactive_file:0kB unevictable:0kB writepending:0kB present:3145324kB managed:3020092kB mlocked:0kB slab_reclaimable:72kB slab_unreclaimable:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:1232kB local_pcp:644kB free_cma:0kB 22:11:17 executing program 3: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x448, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x13102000ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket(0x0, 0xa, 0x0) poll(0x0, 0x0, 0x8000000000000200) socketpair(0x0, 0x0, 0xfe, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$TIOCLINUX4(r1, 0x541c, &(0x7f0000000040)) dup2(0xffffffffffffffff, 0xffffffffffffffff) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r3, &(0x7f0000000300)=ANY=[@ANYBLOB="2422cdb3dbc96a0d7dab17ee1da68e97a75c2d1a34e7ee02004c4ac61b6783adf4b78165e6c18fe6e6e9de0eb40ab9b6372acb8457a07f40768a79fdc462e6b4a93479179acce26e9a881ad88e9bda56bc45b955bd137eb6a10faae485df2055d290b5f5949c6c1ef54dacde51e41b3b831d091296afdcea0a3f90167c64236701a6a66a7585617a81295c82c330caf32cb6b5240766739a217b22cf41bbab5aeb327feb5109ed16a6ddd2009b475825c0dd02dbec6e612072ce7fd70ed9305446a8b45b7a9ff355b3cff9707fe8ba6b03c1d1269b59308a"], 0x1) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x21) wait4(0x0, 0x0, 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x10000, 0x0, 0x15}) syz_open_pts(r0, 0x0) getxattr(&(0x7f0000000240)='./file0\x00', &(0x7f0000000280)=@known='com.apple.system.Security\x00', &(0x7f00000002c0)=""/41, 0x29) accept$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @initdev}, &(0x7f00000001c0)=0x10) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0xf, &(0x7f00009abffc)=0x5, 0x4) r4 = socket(0xa, 0x2, 0x0) getsockopt$sock_cred(r4, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xa) fcntl$getownex(r4, 0x10, &(0x7f0000000500)) openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000540)='/dev/vga_arbiter\x00', 0x511441, 0x0) lowmem_reserve[]: 0 3505 3505 [ 1521.814498] Normal free:1523280kB min:5580kB low:9168kB high:12756kB active_anon:750980kB inactive_anon:160kB active_file:50760kB inactive_file:77336kB unevictable:4kB writepending:604kB present:4718592kB managed:3589316kB mlocked:4kB slab_reclaimable:35432kB slab_unreclaimable:402900kB kernel_stack:99360kB pagetables:313004kB bounce:0kB free_pcp:964kB local_pcp:632kB free_cma:0kB 22:11:18 executing program 0: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) socket(0x0, 0x0, 0x8) poll(0x0, 0x0, 0x8000000000000200) socketpair(0x10, 0x0, 0x0, 0x0) creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$TIOCLINUX4(0xffffffffffffffff, 0x541c, 0x0) r0 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r1, &(0x7f0000000300)=ANY=[], 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(0x0, 0x21) wait4(0x0, 0x0, 0x0, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x10000, 0x0, 0x15}) syz_open_pts(0xffffffffffffffff, 0x0) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000540)='/dev/vga_arbiter\x00', 0x511441, 0x0) 22:11:18 executing program 1: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x13102000ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket(0x0, 0x0, 0x0) poll(0x0, 0x0, 0x8000000000000200) socketpair(0x10, 0x0, 0xfe, &(0x7f0000000180)) r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$TIOCLINUX4(r1, 0x541c, &(0x7f0000000040)) dup2(0xffffffffffffffff, 0xffffffffffffffff) r2 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r3, &(0x7f0000000300)=ANY=[], 0x0) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(0x0, 0x21) wait4(0x0, 0x0, 0x0, 0x0) syz_open_pts(r0, 0x0) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0xf, &(0x7f00009abffc)=0x5, 0x4) lowmem_reserve[]: 0 0 0 [ 1521.814778] DMA32: 12*4kB (UM) 12*8kB (UME) 7*16kB (UME) 5*32kB (UME) 4*64kB (UM) 6*128kB (UME) 7*256kB (UME) 6*512kB (UME) 4*1024kB (UME) 4*2048kB (UME) 731*4096kB (UM) = 3012768kB Normal: 1132*4kB (ME) 406*8kB (ME) 133*16kB (UME) 22*32kB (UM) 11*64kB (UM) 6*128kB (UME) 3*256kB (UE) 2*512kB (UM) 2*1024kB (UE) 0*2048kB 368*4096kB (U) = 1523248kB 32078 total pagecache pages [ 1521.815033] 0 pages in swap cache 22:11:18 executing program 4: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x448, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x13102000ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket(0x0, 0xa, 0x8) poll(0x0, 0x0, 0x8000000000000200) socketpair(0x10, 0x0, 0xfe, &(0x7f0000000180)) r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$TIOCLINUX4(r1, 0x541c, &(0x7f0000000040)) dup2(r0, 0xffffffffffffffff) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r3, &(0x7f0000000300)=ANY=[@ANYBLOB="2422cdb3dbc96a0d7dab17ee1da68e97a75c2d1a34e7ee02004c4ac61b6783adf4b78165e6c18fe6e6e9de0eb40ab9b6372acb8457a07f40768a79fdc462e6b4a93479179acce26e9a881ad88e9bda56bc45b955bd137eb6a10faae485df2055d290b5f5949c6c1ef54dacde51e41b3b831d091296afdcea0a3f90167c64236701a6a66a7585617a81295c82c330caf32cb6b5240766739a217b22cf41bbab5aeb327feb5109ed16a6ddd2009b475825c0dd02dbec6e612072ce7fd70ed9305446a8b45b7a9ff355b3cff9707fe8ba6b03c1d1269b59308a"], 0x1) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x21) wait4(0x0, 0x0, 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x10000, 0x0, 0x15}) syz_open_pts(r0, 0x0) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0xf, &(0x7f00009abffc)=0x5, 0x4) openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000540)='/dev/vga_arbiter\x00', 0x511441, 0x0) 22:11:18 executing program 5: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x448, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x13102000ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket(0x5, 0xa, 0x0) poll(0x0, 0x0, 0x8000000000000200) socketpair(0x10, 0x0, 0xfe, &(0x7f0000000180)) fcntl$setown(0xffffffffffffffff, 0x8, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$TIOCLINUX4(r1, 0x541c, &(0x7f0000000040)) dup2(r0, 0xffffffffffffffff) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r3, &(0x7f0000000300)=ANY=[@ANYBLOB="2422cdb3dbc96a0d7dab17ee1da68e97a75c2d1a34e7ee02004c4ac61b6783adf4b78165e6c18fe6e6e9de0eb40ab9b6372acb8457a07f40768a79fdc462e6b4a93479179acce26e9a881ad88e9bda56bc45b955bd137eb6a10faae485df2055d290b5f5949c6c1ef54dacde51e41b3b831d091296afdcea0a3f90167c64236701a6a66a7585617a81295c82c330caf32cb6b5240766739a217b22cf41bbab5aeb327feb5109ed16a6ddd2009b475825c0dd02dbec6e612072ce7fd70ed9305446a8b45b7a9ff355b3cff9707fe8ba6b03c1d1269b59308a"], 0x1) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x21) wait4(0x0, 0x0, 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x10000, 0x0, 0x15}) syz_open_pts(r0, 0x0) stat(&(0x7f0000000140)='./file0\x00', 0x0) getxattr(&(0x7f0000000240)='./file0\x00', &(0x7f0000000280)=@known='com.apple.system.Security\x00', &(0x7f00000002c0)=""/41, 0x29) accept$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @initdev}, &(0x7f00000001c0)=0x10) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) bind$inet(0xffffffffffffffff, &(0x7f0000000080)={0x2, 0x4e22, @empty}, 0x10) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0xf, &(0x7f00009abffc)=0x5, 0x4) r4 = socket(0xa, 0x2, 0x0) getsockopt$sock_cred(r4, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xa) openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000540)='/dev/vga_arbiter\x00', 0x511441, 0x0) ** 109 printk messages dropped ** [ 1524.792551] 0 pages HighMem/MovableOnly [ 1524.792554] 313627 pages reserved [ 1524.875642] syz-executor.0: vmalloc: allocation failure: 0 bytes, mode:0x24000c2(GFP_KERNEL|__GFP_HIGHMEM) [ 1524.875653] CPU: 1 PID: 30042 Comm: syz-executor.0 Not tainted 4.9.194+ #0 [ 1524.875670] ffff880121887968 ffffffff81b67001 1ffff10024310f2f ffff8801394eaf80 [ 1524.875684] ffffffff82aab4e0 0000000000000001 0000000000400000 ffff880121887a90 [ 1524.875698] ffffffff815080fc 0000000041b58ab3 ffffffff82e3bc80 ffffffff81431d00 [ 1524.875700] Call Trace: [ 1524.875721] [<0000000011681f42>] dump_stack+0xc1/0x120 [ 1524.875736] [<000000007c2097d2>] warn_alloc.cold+0x76/0x93 [ 1524.875747] [<00000000de19d6ac>] ? zone_watermark_ok_safe+0x260/0x260 [ 1524.875758] [<00000000298d54b5>] ? avc_has_perm+0x164/0x3a0 [ 1524.875768] [<000000005cb91349>] __vmalloc_node_range+0x368/0x610 [ 1524.875778] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1524.875787] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1524.875797] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1524.875808] [<00000000a2fc1867>] ? task_has_security+0x130/0x270 [ 1524.875815] [<00000000a2870fb6>] vmalloc+0x5c/0x70 [ 1524.875822] [<000000009122b07a>] ? sel_write_load+0x119/0xf60 [ 1524.875829] [<000000009122b07a>] sel_write_load+0x119/0xf60 [ 1524.875838] [<0000000014953e9a>] ? sel_read_bool+0x240/0x240 [ 1524.875848] [<0000000033795d1e>] ? trace_hardirqs_on+0x10/0x10 [ 1524.875856] [<000000008431afd9>] __vfs_write+0x116/0x560 [ 1524.875863] [<0000000014953e9a>] ? sel_read_bool+0x240/0x240 [ 1524.875869] [<00000000b67253ca>] ? __vfs_read+0x550/0x550 [ 1524.875879] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1524.875887] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1524.875897] [<00000000ad48bf15>] ? rcu_read_lock_sched_held+0x10b/0x130 [ 1524.875905] [<00000000a3300644>] ? rcu_sync_lockdep_assert+0x73/0xb0 [ 1524.875914] [<000000003542cfd2>] ? __sb_start_write+0x161/0x310 [ 1524.875922] [<000000006a657c39>] vfs_write+0x185/0x520 [ 1524.875929] [<00000000896b6640>] SyS_write+0x121/0x270 [ 1524.875937] [<0000000039622e10>] ? SyS_read+0x270/0x270 [ 1524.875946] [<00000000207ed57a>] ? do_syscall_64+0x4a/0x5c0 [ 1524.875953] [<0000000039622e10>] ? SyS_read+0x270/0x270 [ 1524.875961] [<000000009049c43c>] do_syscall_64+0x1ad/0x5c0 [ 1524.875972] [<00000000880b3aee>] entry_SYSCALL_64_after_swapgs+0x5d/0xdb [ 1524.875976] Mem-Info: [ 1524.876001] active_anon:187752 inactive_anon:40 isolated_anon:0 [ 1524.876001] active_file:12691 inactive_file:19334 isolated_file:0 [ 1524.876001] unevictable:1 dirty:153 writeback:0 unstable:0 [ 1524.876001] slab_reclaimable:8882 slab_unreclaimable:100630 [ 1524.876001] mapped:59368 shmem:56 pagetables:78225 bounce:0 [ 1524.876001] free:1134170 free_pcp:508 free_cma:0 [ 1524.876018] Node 0 active_anon:751008kB inactive_anon:160kB active_file:50764kB inactive_file:77336kB unevictable:4kB isolated(anon):0kB isolated(file):0kB mapped:237472kB dirty:612kB writeback:0kB shmem:224kB writeback_tmp:0kB unstable:0kB pages_scanned:0 all_unreclaimable? no [ 1524.876038] DMA32 free:3012768kB min:4696kB low:7712kB high:10728kB active_anon:8kB inactive_anon:0kB active_file:4kB inactive_file:0kB unevictable:0kB writepending:0kB present:3145324kB managed:3020092kB mlocked:0kB slab_reclaimable:72kB slab_unreclaimable:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:1232kB local_pcp:644kB free_cma:0kB lowmem_reserve[]: 0 3505 3505 [ 1524.876068] Normal free:1523912kB min:5580kB low:9168kB high:12756kB active_anon:751000kB inactive_anon:160kB active_file:50760kB inactive_file:77336kB unevictable:4kB writepending:612kB present:4718592kB managed:3589316kB mlocked:4kB slab_reclaimable:35456kB slab_unreclaimable:402520kB kernel_stack:99328kB pagetables:312900kB bounce:0kB free_pcp:800kB local_pcp:540kB free_cma:0kB lowmem_reserve[]: 0 0 0 [ 1524.876130] DMA32: 12*4kB (UM) 12*8kB (UME) 7*16kB (UME) 5*32kB (UME) 4*64kB (UM) 6*128kB (UME) 7*256kB (UME) 6*512kB (UME) 4*1024kB (UME) 4*2048kB (UME) 731*4096kB (UM) = 3012768kB 22:11:18 executing program 1: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x13102000ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket(0x0, 0x0, 0x0) poll(0x0, 0x0, 0x8000000000000200) socketpair(0x10, 0x0, 0xfe, &(0x7f0000000180)) r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$TIOCLINUX4(r1, 0x541c, &(0x7f0000000040)) dup2(0xffffffffffffffff, 0xffffffffffffffff) r2 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r3, &(0x7f0000000300)=ANY=[], 0x0) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(0x0, 0x21) wait4(0x0, 0x0, 0x0, 0x0) syz_open_pts(r0, 0x0) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0xf, &(0x7f00009abffc)=0x5, 0x4) 22:11:18 executing program 5: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x448, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x13102000ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket(0x5, 0xa, 0x0) poll(0x0, 0x0, 0x8000000000000200) socketpair(0x10, 0x0, 0xfe, &(0x7f0000000180)) fcntl$setown(0xffffffffffffffff, 0x8, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$TIOCLINUX4(r1, 0x541c, &(0x7f0000000040)) dup2(r0, 0xffffffffffffffff) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r3, &(0x7f0000000300)=ANY=[@ANYBLOB="2422cdb3dbc96a0d7dab17ee1da68e97a75c2d1a34e7ee02004c4ac61b6783adf4b78165e6c18fe6e6e9de0eb40ab9b6372acb8457a07f40768a79fdc462e6b4a93479179acce26e9a881ad88e9bda56bc45b955bd137eb6a10faae485df2055d290b5f5949c6c1ef54dacde51e41b3b831d091296afdcea0a3f90167c64236701a6a66a7585617a81295c82c330caf32cb6b5240766739a217b22cf41bbab5aeb327feb5109ed16a6ddd2009b475825c0dd02dbec6e612072ce7fd70ed9305446a8b45b7a9ff355b3cff9707fe8ba6b03c1d1269b59308a"], 0x1) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x21) wait4(0x0, 0x0, 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x10000, 0x0, 0x15}) syz_open_pts(r0, 0x0) stat(&(0x7f0000000140)='./file0\x00', 0x0) getxattr(&(0x7f0000000240)='./file0\x00', &(0x7f0000000280)=@known='com.apple.system.Security\x00', &(0x7f00000002c0)=""/41, 0x29) accept$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @initdev}, &(0x7f00000001c0)=0x10) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) bind$inet(0xffffffffffffffff, &(0x7f0000000080)={0x2, 0x4e22, @empty}, 0x10) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0xf, &(0x7f00009abffc)=0x5, 0x4) r4 = socket(0xa, 0x2, 0x0) getsockopt$sock_cred(r4, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xa) openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000540)='/dev/vga_arbiter\x00', 0x511441, 0x0) 22:11:18 executing program 0: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) socket(0x0, 0x0, 0x8) poll(0x0, 0x0, 0x8000000000000200) socketpair(0x10, 0x0, 0x0, 0x0) creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$TIOCLINUX4(0xffffffffffffffff, 0x541c, 0x0) r0 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r1, &(0x7f0000000300)=ANY=[], 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(0x0, 0x21) wait4(0x0, 0x0, 0x0, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x10000, 0x0, 0x15}) syz_open_pts(0xffffffffffffffff, 0x0) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000540)='/dev/vga_arbiter\x00', 0x511441, 0x0) 22:11:18 executing program 3: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x448, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x13102000ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket(0x0, 0xa, 0x0) poll(0x0, 0x0, 0x8000000000000200) socketpair(0x0, 0x0, 0xfe, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$TIOCLINUX4(r1, 0x541c, &(0x7f0000000040)) dup2(0xffffffffffffffff, 0xffffffffffffffff) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r3, &(0x7f0000000300)=ANY=[@ANYBLOB="2422cdb3dbc96a0d7dab17ee1da68e97a75c2d1a34e7ee02004c4ac61b6783adf4b78165e6c18fe6e6e9de0eb40ab9b6372acb8457a07f40768a79fdc462e6b4a93479179acce26e9a881ad88e9bda56bc45b955bd137eb6a10faae485df2055d290b5f5949c6c1ef54dacde51e41b3b831d091296afdcea0a3f90167c64236701a6a66a7585617a81295c82c330caf32cb6b5240766739a217b22cf41bbab5aeb327feb5109ed16a6ddd2009b475825c0dd02dbec6e612072ce7fd70ed9305446a8b45b7a9ff355b3cff9707fe8ba6b03c1d1269b59308a"], 0x1) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x21) wait4(0x0, 0x0, 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x10000, 0x0, 0x15}) syz_open_pts(r0, 0x0) getxattr(&(0x7f0000000240)='./file0\x00', &(0x7f0000000280)=@known='com.apple.system.Security\x00', &(0x7f00000002c0)=""/41, 0x29) accept$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @initdev}, &(0x7f00000001c0)=0x10) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0xf, &(0x7f00009abffc)=0x5, 0x4) r4 = socket(0xa, 0x2, 0x0) getsockopt$sock_cred(r4, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xa) fcntl$getownex(r4, 0x10, &(0x7f0000000500)) openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000540)='/dev/vga_arbiter\x00', 0x511441, 0x0) ** 10 printk messages dropped ** [ 1524.876279] CPU: 0 PID: 30044 Comm: syz-executor.4 Not tainted 4.9.194+ #0 [ 1524.876299] ffff880139a57968 ffffffff81b67001 1ffff1002734af2f ffff880139924740 [ 1524.876312] ffffffff82aab4e0 0000000000000001 0000000000400000 ffff880139a57a90 [ 1524.876326] ffffffff815080fc 0000000041b58ab3 ffffffff82e3bc80 ffffffff81431d00 [ 1524.876328] Call Trace: [ 1524.876342] [<0000000011681f42>] dump_stack+0xc1/0x120 [ 1524.876351] [<000000007c2097d2>] warn_alloc.cold+0x76/0x93 [ 1524.876360] [<00000000de19d6ac>] ? zone_watermark_ok_safe+0x260/0x260 [ 1524.876368] [<00000000298d54b5>] ? avc_has_perm+0x164/0x3a0 [ 1524.876378] [<000000005cb91349>] __vmalloc_node_range+0x368/0x610 [ 1524.876388] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1524.876396] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1524.876406] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1524.876415] [<00000000a2fc1867>] ? task_has_security+0x130/0x270 [ 1524.876422] [<00000000a2870fb6>] vmalloc+0x5c/0x70 [ 1524.876437] [<000000009122b07a>] ? sel_write_load+0x119/0xf60 [ 1524.876444] [<000000009122b07a>] sel_write_load+0x119/0xf60 [ 1524.876453] [<0000000014953e9a>] ? sel_read_bool+0x240/0x240 [ 1524.876464] [<0000000033795d1e>] ? trace_hardirqs_on+0x10/0x10 [ 1524.876474] [<000000008431afd9>] __vfs_write+0x116/0x560 [ 1524.876484] [<0000000014953e9a>] ? sel_read_bool+0x240/0x240 [ 1524.876492] [<00000000b67253ca>] ? __vfs_read+0x550/0x550 [ 1524.876505] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1524.876518] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1524.876527] [<00000000ad48bf15>] ? rcu_read_lock_sched_held+0x10b/0x130 [ 1524.876535] [<00000000a3300644>] ? rcu_sync_lockdep_assert+0x73/0xb0 [ 1524.876543] [<000000003542cfd2>] ? __sb_start_write+0x161/0x310 [ 1524.876550] [<000000006a657c39>] vfs_write+0x185/0x520 [ 1524.876558] [<00000000896b6640>] SyS_write+0x121/0x270 22:11:19 executing program 1: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x13102000ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket(0x0, 0x0, 0x0) poll(0x0, 0x0, 0x8000000000000200) socketpair(0x10, 0x0, 0xfe, &(0x7f0000000180)) r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$TIOCLINUX4(r1, 0x541c, &(0x7f0000000040)) dup2(0xffffffffffffffff, 0xffffffffffffffff) r2 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r3, &(0x7f0000000300)=ANY=[], 0x0) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x0) wait4(0x0, 0x0, 0x0, 0x0) syz_open_pts(r0, 0x0) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0xf, &(0x7f00009abffc)=0x5, 0x4) 22:11:19 executing program 3: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x13102000ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket(0x5, 0xa, 0x8) poll(0x0, 0x0, 0x8000000000000200) socketpair(0x10, 0x0, 0xfe, &(0x7f0000000180)) fcntl$setown(0xffffffffffffffff, 0x8, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$TIOCLINUX4(r1, 0x541c, &(0x7f0000000040)) dup2(r0, 0xffffffffffffffff) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r3, &(0x7f0000000300)=ANY=[@ANYBLOB="2422cdb3dbc96a0d7dab17ee1da68e97a75c2d1a34e7ee02004c4ac61b6783adf4b78165e6c18fe6e6e9de0eb40ab9b6372acb8457a07f40768a79fdc462e6b4a93479179acce26e9a881ad88e9bda56bc45b955bd137eb6a10faae485df2055d290b5f5949c6c1ef54dacde51e41b3b831d091296afdcea0a3f90167c64236701a6a66a7585617a81295c82c330caf32cb6b5240766739a217b22cf41bbab5aeb327feb5109ed16a6ddd2009b475825c0dd02dbec6e612072ce7fd70ed9305446a8b45b7a9ff355b3cff9707fe8ba6b03c1d1269b59308a"], 0x1) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x21) wait4(0x0, 0x0, 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x10000, 0x0, 0x15}) syz_open_pts(r0, 0x0) getxattr(&(0x7f0000000240)='./file0\x00', &(0x7f0000000280)=@known='com.apple.system.Security\x00', &(0x7f00000002c0)=""/41, 0x29) accept$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @initdev}, &(0x7f00000001c0)=0x10) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0xf, &(0x7f00009abffc)=0x5, 0x4) r4 = socket(0xa, 0x2, 0x0) getsockopt$sock_cred(r4, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xa) fcntl$getownex(r4, 0x10, &(0x7f0000000500)) openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000540)='/dev/vga_arbiter\x00', 0x511441, 0x0) [ 1524.876565] [<0000000039622e10>] ? SyS_read+0x270/0x270 [ 1524.876573] [<00000000207ed57a>] ? do_syscall_64+0x4a/0x5c0 [ 1524.876580] [<0000000039622e10>] ? SyS_read+0x270/0x270 [ 1524.876588] [<000000009049c43c>] do_syscall_64+0x1ad/0x5c0 [ 1524.876598] [<00000000880b3aee>] entry_SYSCALL_64_after_swapgs+0x5d/0xdb [ 1524.876621] Mem-Info: [ 1524.876646] active_anon:187752 inactive_anon:40 isolated_anon:0 [ 1524.876646] active_file:12691 inactive_file:19334 isolated_file:0 [ 1524.876646] unevictable:1 dirty:153 writeback:0 unstable:0 [ 1524.876646] slab_reclaimable:8882 slab_unreclaimable:100630 [ 1524.876646] mapped:59368 shmem:56 pagetables:78225 bounce:0 [ 1524.876646] free:1134170 free_pcp:507 free_cma:0 [ 1524.876666] Node 0 active_anon:751008kB inactive_anon:160kB active_file:50764kB inactive_file:77336kB unevictable:4kB isolated(anon):0kB isolated(file):0kB mapped:237472kB dirty:612kB writeback:0kB shmem:224kB writeback_tmp:0kB unstable:0kB pages_scanned:0 all_unreclaimable? no [ 1524.876687] DMA32 free:3012768kB min:4696kB low:7712kB high:10728kB active_anon:8kB inactive_anon:0kB active_file:4kB inactive_file:0kB unevictable:0kB writepending:0kB present:3145324kB managed:3020092kB mlocked:0kB slab_reclaimable:72kB slab_unreclaimable:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:1232kB local_pcp:588kB free_cma:0kB lowmem_reserve[]: 0 3505 3505 [ 1524.876718] Normal free:1523912kB min:5580kB low:9168kB high:12756kB active_anon:751000kB inactive_anon:160kB active_file:50760kB inactive_file:77336kB unevictable:4kB writepending:612kB present:4718592kB managed:3589316kB mlocked:4kB slab_reclaimable:35456kB slab_unreclaimable:402520kB kernel_stack:99328kB pagetables:312900kB bounce:0kB free_pcp:796kB local_pcp:256kB free_cma:0kB ** 11 printk messages dropped ** [ 1525.030428] syz-executor.3: vmalloc: allocation failure: 0 bytes, mode:0x24000c2(GFP_KERNEL|__GFP_HIGHMEM) [ 1525.030438] CPU: 1 PID: 30052 Comm: syz-executor.3 Not tainted 4.9.194+ #0 [ 1525.030453] ffff88012f2bf968 ffffffff81b67001 1ffff10025e57f2f ffff8801368e4740 [ 1525.030463] ffffffff82aab4e0 0000000000000001 0000000000400000 ffff88012f2bfa90 [ 1525.030474] ffffffff815080fc 0000000041b58ab3 ffffffff82e3bc80 ffffffff81431d00 [ 1525.030476] Call Trace: [ 1525.030491] [<0000000011681f42>] dump_stack+0xc1/0x120 [ 1525.030504] [<000000007c2097d2>] warn_alloc.cold+0x76/0x93 [ 1525.030515] [<00000000de19d6ac>] ? zone_watermark_ok_safe+0x260/0x260 [ 1525.030524] [<00000000298d54b5>] ? avc_has_perm+0x164/0x3a0 [ 1525.030534] [<000000005cb91349>] __vmalloc_node_range+0x368/0x610 [ 1525.030543] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1525.030552] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1525.030560] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1525.030570] [<00000000a2fc1867>] ? task_has_security+0x130/0x270 [ 1525.030577] [<00000000a2870fb6>] vmalloc+0x5c/0x70 [ 1525.030584] [<000000009122b07a>] ? sel_write_load+0x119/0xf60 [ 1525.030591] [<000000009122b07a>] sel_write_load+0x119/0xf60 [ 1525.030599] [<0000000014953e9a>] ? sel_read_bool+0x240/0x240 [ 1525.030608] [<0000000033795d1e>] ? trace_hardirqs_on+0x10/0x10 [ 1525.030615] [<000000008431afd9>] __vfs_write+0x116/0x560 [ 1525.030622] [<0000000014953e9a>] ? sel_read_bool+0x240/0x240 [ 1525.030629] [<00000000b67253ca>] ? __vfs_read+0x550/0x550 [ 1525.030638] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1525.030647] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1525.030656] [<00000000ad48bf15>] ? rcu_read_lock_sched_held+0x10b/0x130 [ 1525.030663] [<00000000a3300644>] ? rcu_sync_lockdep_assert+0x73/0xb0 [ 1525.030671] [<000000003542cfd2>] ? __sb_start_write+0x161/0x310 [ 1525.030692] [<000000006a657c39>] vfs_write+0x185/0x520 [ 1525.030703] [<00000000896b6640>] SyS_write+0x121/0x270 [ 1525.030711] [<0000000039622e10>] ? SyS_read+0x270/0x270 [ 1525.030723] [<00000000207ed57a>] ? do_syscall_64+0x4a/0x5c0 [ 1525.030730] [<0000000039622e10>] ? SyS_read+0x270/0x270 [ 1525.030737] [<000000009049c43c>] do_syscall_64+0x1ad/0x5c0 [ 1525.030748] [<00000000880b3aee>] entry_SYSCALL_64_after_swapgs+0x5d/0xdb [ 1525.030751] Mem-Info: [ 1525.030775] active_anon:187827 inactive_anon:40 isolated_anon:0 [ 1525.030775] active_file:12691 inactive_file:19334 isolated_file:0 [ 1525.030775] unevictable:1 dirty:153 writeback:0 unstable:0 [ 1525.030775] slab_reclaimable:8882 slab_unreclaimable:100593 [ 1525.030775] mapped:59368 shmem:56 pagetables:78336 bounce:0 [ 1525.030775] free:1133997 free_pcp:465 free_cma:0 [ 1525.030789] Node 0 active_anon:751308kB inactive_anon:160kB active_file:50764kB inactive_file:77336kB unevictable:4kB isolated(anon):0kB isolated(file):0kB mapped:237472kB dirty:612kB writeback:0kB shmem:224kB writeback_tmp:0kB unstable:0kB pages_scanned:0 all_unreclaimable? no [ 1525.030808] DMA32 free:3012768kB min:4696kB low:7712kB high:10728kB active_anon:8kB inactive_anon:0kB active_file:4kB inactive_file:0kB unevictable:0kB writepending:0kB present:3145324kB managed:3020092kB mlocked:0kB slab_reclaimable:72kB slab_unreclaimable:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:1232kB local_pcp:644kB free_cma:0kB lowmem_reserve[]: 0 3505 3505 [ 1525.030850] Normal free:1523220kB min:5580kB low:9168kB high:12756kB active_anon:751300kB inactive_anon:160kB active_file:50760kB inactive_file:77336kB unevictable:4kB writepending:612kB present:4718592kB managed:3589316kB mlocked:4kB slab_reclaimable:35456kB slab_unreclaimable:402372kB kernel_stack:99584kB pagetables:313344kB bounce:0kB free_pcp:628kB local_pcp:252kB free_cma:0kB lowmem_reserve[]: 0 0 0 [ 1525.030907] DMA32: 12*4kB (UM) 12*8kB (UME) 7*16kB (UME) 5*32kB (UME) 4*64kB (UM) 6*128kB (UME) 7*256kB (UME) 6*512kB (UME) 4*1024kB (UME) 4*2048kB (UME) 731*4096kB (UM) = 3012768kB Normal: 1055*4kB (UME) 413*8kB (UME) 125*16kB (UME) 15*32kB (M) 19*64kB (UM) 5*128kB (UME) 3*256kB (UE) 2*512kB (UM) 2*1024kB (UE) 0*2048kB 368*4096kB (U) = 1523028kB 32078 total pagecache pages [ 1525.030964] 0 pages in swap cache [ 1525.030968] Swap cache stats: add 0, delete 0, find 0/0 [ 1525.030970] Free swap = 0kB [ 1525.030973] Total swap = 0kB [ 1525.030975] 1965979 pages RAM [ 1525.030978] 0 pages HighMem/MovableOnly [ 1525.030980] 313627 pages reserved [ 1525.037815] audit: type=1400 audit(1572819063.902:278): avc: denied { create } for pid=30055 comm="syz-executor.2" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_iscsi_socket permissive=1 [ 1525.114778] syz-executor.5: vmalloc: allocation failure: 0 bytes, mode:0x24000c2(GFP_KERNEL|__GFP_HIGHMEM) [ 1525.114808] CPU: 0 PID: 30057 Comm: syz-executor.5 Not tainted 4.9.194+ #0 [ 1525.114827] ffff880139abf968 ffffffff81b67001 1ffff10027357f2f ffff8801398b2f80 [ 1525.114840] ffffffff82aab4e0 0000000000000001 0000000000400000 ffff880139abfa90 [ 1525.114853] ffffffff815080fc 0000000041b58ab3 ffffffff82e3bc80 ffffffff81431d00 [ 1525.114855] Call Trace: [ 1525.114877] [<0000000011681f42>] dump_stack+0xc1/0x120 [ 1525.114890] [<000000007c2097d2>] warn_alloc.cold+0x76/0x93 [ 1525.114901] [<00000000de19d6ac>] ? zone_watermark_ok_safe+0x260/0x260 [ 1525.114911] [<00000000298d54b5>] ? avc_has_perm+0x164/0x3a0 [ 1525.114921] [<000000007028393f>] ? mark_held_locks+0xb1/0x100 [ 1525.114929] [<00000000c0218928>] ? trace_hardirqs_on_caller+0x385/0x5a0 [ 1525.114938] [<000000005cb91349>] __vmalloc_node_range+0x368/0x610 [ 1525.114948] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1525.114957] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1525.114966] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1525.114976] [<00000000a2fc1867>] ? task_has_security+0x130/0x270 [ 1525.114983] [<00000000a2870fb6>] vmalloc+0x5c/0x70 [ 1525.114990] [<000000009122b07a>] ? sel_write_load+0x119/0xf60 [ 1525.114997] [<000000009122b07a>] sel_write_load+0x119/0xf60 [ 1525.115004] [<0000000014953e9a>] ? sel_read_bool+0x240/0x240 [ 1525.115013] [<00000000b9229046>] ? retint_kernel+0x2d/0x2d [ 1525.115021] [<0000000033795d1e>] ? trace_hardirqs_on+0x10/0x10 [ 1525.115029] [<000000008431afd9>] __vfs_write+0x116/0x560 [ 1525.115036] [<0000000014953e9a>] ? sel_read_bool+0x240/0x240 [ 1525.115043] [<00000000b67253ca>] ? __vfs_read+0x550/0x550 [ 1525.115052] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1525.115061] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 22:11:20 executing program 2: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x448, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x13102000ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket(0x0, 0xa, 0x8) poll(0x0, 0x0, 0x8000000000000200) socketpair(0x10, 0x0, 0xfe, &(0x7f0000000180)) r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$TIOCLINUX4(r1, 0x541c, &(0x7f0000000040)) dup2(r0, 0xffffffffffffffff) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r3, &(0x7f0000000300)=ANY=[@ANYBLOB="2422cdb3dbc96a0d7dab17ee1da68e97a75c2d1a34e7ee02004c4ac61b6783adf4b78165e6c18fe6e6e9de0eb40ab9b6372acb8457a07f40768a79fdc462e6b4a93479179acce26e9a881ad88e9bda56bc45b955bd137eb6a10faae485df2055d290b5f5949c6c1ef54dacde51e41b3b831d091296afdcea0a3f90167c64236701a6a66a7585617a81295c82c330caf32cb6b5240766739a217b22cf41bbab5aeb327feb5109ed16a6ddd2009b475825c0dd02dbec6e612072ce7fd70ed9305446a8b45b7a9ff355b3cff9707fe8ba6b03c1d1269b59308a"], 0x1) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x21) wait4(0x0, 0x0, 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x10000, 0x0, 0x15}) syz_open_pts(r0, 0x0) getxattr(&(0x7f0000000240)='./file0\x00', &(0x7f0000000280)=@known='com.apple.system.Security\x00', &(0x7f00000002c0)=""/41, 0x29) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0xf, &(0x7f00009abffc)=0x5, 0x4) openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000540)='/dev/vga_arbiter\x00', 0x511441, 0x0) 22:11:20 executing program 0: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) socket(0x0, 0x0, 0x8) poll(0x0, 0x0, 0x8000000000000200) socketpair(0x10, 0x0, 0x0, 0x0) creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$TIOCLINUX4(0xffffffffffffffff, 0x541c, 0x0) r0 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r1, &(0x7f0000000300)=ANY=[], 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(0x0, 0x21) wait4(0x0, 0x0, 0x0, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x10000, 0x0, 0x15}) syz_open_pts(0xffffffffffffffff, 0x0) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000540)='/dev/vga_arbiter\x00', 0x511441, 0x0) 22:11:20 executing program 1: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x13102000ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket(0x0, 0x0, 0x0) poll(0x0, 0x0, 0x8000000000000200) socketpair(0x10, 0x0, 0xfe, &(0x7f0000000180)) r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$TIOCLINUX4(r1, 0x541c, &(0x7f0000000040)) dup2(0xffffffffffffffff, 0xffffffffffffffff) r2 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r3, &(0x7f0000000300)=ANY=[], 0x0) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x0) wait4(0x0, 0x0, 0x0, 0x0) syz_open_pts(r0, 0x0) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0xf, &(0x7f00009abffc)=0x5, 0x4) [ 1525.115070] [<00000000ad48bf15>] ? rcu_read_lock_sched_held+0x10b/0x130 [ 1525.115078] [<00000000a3300644>] ? rcu_sync_lockdep_assert+0x73/0xb0 22:11:20 executing program 1: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x13102000ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket(0x0, 0x0, 0x0) poll(0x0, 0x0, 0x8000000000000200) socketpair(0x10, 0x0, 0xfe, &(0x7f0000000180)) r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$TIOCLINUX4(r1, 0x541c, &(0x7f0000000040)) dup2(0xffffffffffffffff, 0xffffffffffffffff) r2 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r3, &(0x7f0000000300)=ANY=[], 0x0) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x0) wait4(0x0, 0x0, 0x0, 0x0) syz_open_pts(r0, 0x0) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0xf, &(0x7f00009abffc)=0x5, 0x4) [ 1525.115087] [<000000003542cfd2>] ? __sb_start_write+0x161/0x310 [ 1525.115094] [<000000006a657c39>] vfs_write+0x185/0x520 [ 1525.115101] [<00000000896b6640>] SyS_write+0x121/0x270 [ 1525.115109] [<0000000039622e10>] ? SyS_read+0x270/0x270 ** 14 printk messages dropped ** [ 1525.118248] 0 pages in swap cache [ 1525.118270] Swap cache stats: add 0, delete 0, find 0/0 [ 1525.118282] Free swap = 0kB [ 1525.118284] Total swap = 0kB [ 1525.118317] 1965979 pages RAM [ 1525.118334] 0 pages HighMem/MovableOnly [ 1525.118340] 313627 pages reserved [ 1525.223265] syz-executor.1: vmalloc: allocation failure: 0 bytes, mode:0x24000c2(GFP_KERNEL|__GFP_HIGHMEM) [ 1525.223309] CPU: 0 PID: 30048 Comm: syz-executor.1 Not tainted 4.9.194+ #0 [ 1525.223328] ffff880132c27968 ffffffff81b67001 1ffff10026584f2f ffff8801368e2f80 [ 1525.223340] ffffffff82aab4e0 0000000000000001 0000000000400000 ffff880132c27a90 [ 1525.223353] ffffffff815080fc 0000000041b58ab3 ffffffff82e3bc80 ffffffff81431d00 [ 1525.223355] Call Trace: [ 1525.223372] [<0000000011681f42>] dump_stack+0xc1/0x120 ** 40 printk messages dropped ** [ 1525.226622] 32078 total pagecache pages [ 1525.226673] 0 pages in swap cache [ 1525.226699] Swap cache stats: add 0, delete 0, find 0/0 [ 1525.226710] Free swap = 0kB [ 1525.226713] Total swap = 0kB [ 1525.226746] 1965979 pages RAM [ 1525.226771] 0 pages HighMem/MovableOnly [ 1525.226782] 313627 pages reserved [ 1525.334712] syz-executor.3: vmalloc: allocation failure: 0 bytes, mode:0x24000c2(GFP_KERNEL|__GFP_HIGHMEM) [ 1525.334722] CPU: 1 PID: 30075 Comm: syz-executor.3 Not tainted 4.9.194+ #0 [ 1525.334740] ffff8801a06b7968 ffffffff81b67001 1ffff100340d6f2f ffff880137e40000 [ 1525.334752] ffffffff82aab4e0 0000000000000001 0000000000400000 ffff8801a06b7a90 [ 1525.334764] ffffffff815080fc 0000000041b58ab3 ffffffff82e3bc80 ffffffff81431d00 [ 1525.334766] Call Trace: [ 1525.334787] [<0000000011681f42>] dump_stack+0xc1/0x120 [ 1525.334801] [<000000007c2097d2>] warn_alloc.cold+0x76/0x93 [ 1525.334812] [<00000000de19d6ac>] ? zone_watermark_ok_safe+0x260/0x260 [ 1525.334823] [<00000000298d54b5>] ? avc_has_perm+0x164/0x3a0 [ 1525.334832] [<000000005cb91349>] __vmalloc_node_range+0x368/0x610 [ 1525.334842] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1525.334851] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1525.334861] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1525.334870] [<00000000a2fc1867>] ? task_has_security+0x130/0x270 [ 1525.334877] [<00000000a2870fb6>] vmalloc+0x5c/0x70 [ 1525.334884] [<000000009122b07a>] ? sel_write_load+0x119/0xf60 [ 1525.334890] [<000000009122b07a>] sel_write_load+0x119/0xf60 [ 1525.334898] [<0000000014953e9a>] ? sel_read_bool+0x240/0x240 [ 1525.334908] [<0000000033795d1e>] ? trace_hardirqs_on+0x10/0x10 [ 1525.334916] [<000000008431afd9>] __vfs_write+0x116/0x560 22:11:21 executing program 4: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x448, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x13102000ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket(0x0, 0xa, 0x0) poll(0x0, 0x0, 0x8000000000000200) socketpair(0x0, 0x0, 0xfe, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$TIOCLINUX4(0xffffffffffffffff, 0x541c, &(0x7f0000000040)) dup2(r0, 0xffffffffffffffff) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r2, &(0x7f0000000300)=ANY=[@ANYBLOB="2422cdb3dbc96a0d7dab17ee1da68e97a75c2d1a34e7ee02004c4ac61b6783adf4b78165e6c18fe6e6e9de0eb40ab9b6372acb8457a07f40768a79fdc462e6b4a93479179acce26e9a881ad88e9bda56bc45b955bd137eb6a10faae485df2055d290b5f5949c6c1ef54dacde51e41b3b831d091296afdcea0a3f90167c64236701a6a66a7585617a81295c82c330caf32cb6b5240766739a217b22cf41bbab5aeb327feb5109ed16a6ddd2009b475825c0dd02dbec6e612072ce7fd70ed9305446a8b45b7a9ff355b3cff9707fe8ba6b03c1d1269b59308a"], 0x1) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x21) wait4(0x0, 0x0, 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x10000, 0x0, 0x15}) syz_open_pts(r0, 0x0) getxattr(&(0x7f0000000240)='./file0\x00', &(0x7f0000000280)=@known='com.apple.system.Security\x00', &(0x7f00000002c0)=""/41, 0x29) accept$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @initdev}, &(0x7f00000001c0)=0x10) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0xf, &(0x7f00009abffc)=0x5, 0x4) r3 = socket(0xa, 0x2, 0x0) getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xa) fcntl$getownex(r3, 0x10, &(0x7f0000000500)) openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000540)='/dev/vga_arbiter\x00', 0x511441, 0x0) 22:11:21 executing program 2: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x448, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x13102000ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket(0x0, 0xa, 0x8) poll(0x0, 0x0, 0x8000000000000200) socketpair(0x10, 0x0, 0xfe, &(0x7f0000000180)) r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$TIOCLINUX4(r1, 0x541c, &(0x7f0000000040)) dup2(r0, 0xffffffffffffffff) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r3, &(0x7f0000000300)=ANY=[@ANYBLOB="2422cdb3dbc96a0d7dab17ee1da68e97a75c2d1a34e7ee02004c4ac61b6783adf4b78165e6c18fe6e6e9de0eb40ab9b6372acb8457a07f40768a79fdc462e6b4a93479179acce26e9a881ad88e9bda56bc45b955bd137eb6a10faae485df2055d290b5f5949c6c1ef54dacde51e41b3b831d091296afdcea0a3f90167c64236701a6a66a7585617a81295c82c330caf32cb6b5240766739a217b22cf41bbab5aeb327feb5109ed16a6ddd2009b475825c0dd02dbec6e612072ce7fd70ed9305446a8b45b7a9ff355b3cff9707fe8ba6b03c1d1269b59308a"], 0x1) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x21) wait4(0x0, 0x0, 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x10000, 0x0, 0x15}) syz_open_pts(r0, 0x0) getxattr(&(0x7f0000000240)='./file0\x00', &(0x7f0000000280)=@known='com.apple.system.Security\x00', &(0x7f00000002c0)=""/41, 0x29) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0xf, &(0x7f00009abffc)=0x5, 0x4) openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000540)='/dev/vga_arbiter\x00', 0x511441, 0x0) 22:11:21 executing program 1: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x13102000ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket(0x0, 0x0, 0x0) poll(0x0, 0x0, 0x8000000000000200) socketpair(0x10, 0x0, 0xfe, &(0x7f0000000180)) openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r0 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$TIOCLINUX4(r0, 0x541c, &(0x7f0000000040)) dup2(0xffffffffffffffff, 0xffffffffffffffff) r1 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r2, &(0x7f0000000300)=ANY=[], 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x21) wait4(0x0, 0x0, 0x0, 0x0) syz_open_pts(0xffffffffffffffff, 0x0) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0xf, &(0x7f00009abffc)=0x5, 0x4) [ 1525.334922] [<0000000014953e9a>] ? sel_read_bool+0x240/0x240 [ 1525.334928] [<00000000b67253ca>] ? __vfs_read+0x550/0x550 [ 1525.334937] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1525.334947] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1525.334956] [<00000000ad48bf15>] ? rcu_read_lock_sched_held+0x10b/0x130 [ 1525.334963] [<00000000a3300644>] ? rcu_sync_lockdep_assert+0x73/0xb0 [ 1525.334972] [<000000003542cfd2>] ? __sb_start_write+0x161/0x310 [ 1525.334980] [<000000006a657c39>] vfs_write+0x185/0x520 [ 1525.334988] [<00000000896b6640>] SyS_write+0x121/0x270 [ 1525.334996] [<0000000039622e10>] ? SyS_read+0x270/0x270 [ 1525.335004] [<00000000207ed57a>] ? do_syscall_64+0x4a/0x5c0 [ 1525.335012] [<0000000039622e10>] ? SyS_read+0x270/0x270 [ 1525.335019] [<000000009049c43c>] do_syscall_64+0x1ad/0x5c0 [ 1525.335030] [<00000000880b3aee>] entry_SYSCALL_64_after_swapgs+0x5d/0xdb [ 1525.335034] Mem-Info: [ 1525.335055] active_anon:187852 inactive_anon:40 isolated_anon:0 [ 1525.335055] active_file:12691 inactive_file:19334 isolated_file:0 [ 1525.335055] unevictable:1 dirty:153 writeback:0 unstable:0 [ 1525.335055] slab_reclaimable:8882 slab_unreclaimable:100635 [ 1525.335055] mapped:59393 shmem:56 pagetables:78336 bounce:0 [ 1525.335055] free:1133881 free_pcp:544 free_cma:0 [ 1525.335074] Node 0 active_anon:751408kB inactive_anon:160kB active_file:50764kB inactive_file:77336kB unevictable:4kB isolated(anon):0kB isolated(file):0kB mapped:237572kB dirty:612kB writeback:0kB shmem:224kB writeback_tmp:0kB unstable:0kB pages_scanned:0 all_unreclaimable? no [ 1525.335095] DMA32 free:3012768kB min:4696kB low:7712kB high:10728kB active_anon:8kB inactive_anon:0kB active_file:4kB inactive_file:0kB unevictable:0kB writepending:0kB present:3145324kB managed:3020092kB mlocked:0kB slab_reclaimable:72kB slab_unreclaimable:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:1232kB local_pcp:644kB free_cma:0kB lowmem_reserve[]: 0 3505 3505 [ 1525.335120] Normal free:1522756kB min:5580kB low:9168kB high:12756kB active_anon:751400kB inactive_anon:160kB active_file:50760kB inactive_file:77336kB unevictable:4kB writepending:612kB present:4718592kB managed:3589316kB mlocked:4kB slab_reclaimable:35456kB slab_unreclaimable:402540kB kernel_stack:99392kB pagetables:313344kB bounce:0kB free_pcp:948kB local_pcp:440kB free_cma:0kB lowmem_reserve[]: 0 0 0 [ 1525.335174] DMA32: 12*4kB (UM) 12*8kB (UME) 7*16kB (UME) 5*32kB (UME) 4*64kB (UM) 6*128kB (UME) 7*256kB (UME) 6*512kB (UME) 4*1024kB (UME) 4*2048kB (UME) 731*4096kB (UM) = 3012768kB Normal: 1015*4kB (UME) 413*8kB (UME) 124*16kB (ME) 35*32kB (UM) 15*64kB (UM) 5*128kB (UME) 3*256kB (UE) 1*512kB (M) 2*1024kB (UE) 0*2048kB 368*4096kB (U) = 1522724kB 32078 total pagecache pages ** 1 printk messages dropped ** [ 1525.335232] Swap cache stats: add 0, delete 0, find 0/0 [ 1525.335234] Free swap = 0kB [ 1525.335236] Total swap = 0kB [ 1525.335238] 1965979 pages RAM [ 1525.335240] 0 pages HighMem/MovableOnly [ 1525.335242] 313627 pages reserved [ 1525.507058] SELinux: policydb magic number 0xb3cd2224 does not match expected magic number 0xf97cff8c [ 1525.564685] syz-executor.0: vmalloc: allocation failure: 0 bytes, mode:0x24000c2(GFP_KERNEL|__GFP_HIGHMEM) [ 1525.564694] CPU: 0 PID: 30097 Comm: syz-executor.0 Not tainted 4.9.194+ #0 22:11:22 executing program 5: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x448, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x13102000ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket(0x0, 0xa, 0x0) poll(0x0, 0x0, 0x8000000000000200) socketpair(0x0, 0x0, 0xfe, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = creat(0x0, 0x0) ioctl$TIOCLINUX4(r1, 0x541c, &(0x7f0000000040)) dup2(r0, 0xffffffffffffffff) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r3, &(0x7f0000000300)=ANY=[@ANYBLOB="2422cdb3dbc96a0d7dab17ee1da68e97a75c2d1a34e7ee02004c4ac61b6783adf4b78165e6c18fe6e6e9de0eb40ab9b6372acb8457a07f40768a79fdc462e6b4a93479179acce26e9a881ad88e9bda56bc45b955bd137eb6a10faae485df2055d290b5f5949c6c1ef54dacde51e41b3b831d091296afdcea0a3f90167c64236701a6a66a7585617a81295c82c330caf32cb6b5240766739a217b22cf41bbab5aeb327feb5109ed16a6ddd2009b475825c0dd02dbec6e612072ce7fd70ed9305446a8b45b7a9ff355b3cff9707fe8ba6b03c1d1269b59308a"], 0x1) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x21) wait4(0x0, 0x0, 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x10000, 0x0, 0x15}) syz_open_pts(r0, 0x0) getxattr(&(0x7f0000000240)='./file0\x00', &(0x7f0000000280)=@known='com.apple.system.Security\x00', &(0x7f00000002c0)=""/41, 0x29) accept$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @initdev}, &(0x7f00000001c0)=0x10) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0xf, &(0x7f00009abffc)=0x5, 0x4) r4 = socket(0xa, 0x2, 0x0) getsockopt$sock_cred(r4, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xa) fcntl$getownex(r4, 0x10, &(0x7f0000000500)) openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000540)='/dev/vga_arbiter\x00', 0x511441, 0x0) 22:11:22 executing program 0: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) socket(0x0, 0x0, 0x8) poll(0x0, 0x0, 0x8000000000000200) socketpair(0x10, 0x0, 0x0, 0x0) creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$TIOCLINUX4(0xffffffffffffffff, 0x541c, 0x0) r0 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r1, &(0x7f0000000300)=ANY=[], 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x0) wait4(0x0, 0x0, 0x0, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x10000, 0x0, 0x15}) syz_open_pts(0xffffffffffffffff, 0x0) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000540)='/dev/vga_arbiter\x00', 0x511441, 0x0) 22:11:22 executing program 1: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x13102000ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket(0x0, 0x0, 0x0) poll(0x0, 0x0, 0x8000000000000200) socketpair(0x10, 0x0, 0xfe, &(0x7f0000000180)) openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r0 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$TIOCLINUX4(r0, 0x541c, &(0x7f0000000040)) dup2(0xffffffffffffffff, 0xffffffffffffffff) r1 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r2, &(0x7f0000000300)=ANY=[], 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x21) wait4(0x0, 0x0, 0x0, 0x0) syz_open_pts(0xffffffffffffffff, 0x0) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0xf, &(0x7f00009abffc)=0x5, 0x4) 22:11:22 executing program 2: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x448, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x13102000ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket(0x0, 0xa, 0x8) poll(0x0, 0x0, 0x8000000000000200) socketpair(0x10, 0x0, 0xfe, &(0x7f0000000180)) r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$TIOCLINUX4(r1, 0x541c, &(0x7f0000000040)) dup2(r0, 0xffffffffffffffff) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r3, &(0x7f0000000300)=ANY=[@ANYBLOB="2422cdb3dbc96a0d7dab17ee1da68e97a75c2d1a34e7ee02004c4ac61b6783adf4b78165e6c18fe6e6e9de0eb40ab9b6372acb8457a07f40768a79fdc462e6b4a93479179acce26e9a881ad88e9bda56bc45b955bd137eb6a10faae485df2055d290b5f5949c6c1ef54dacde51e41b3b831d091296afdcea0a3f90167c64236701a6a66a7585617a81295c82c330caf32cb6b5240766739a217b22cf41bbab5aeb327feb5109ed16a6ddd2009b475825c0dd02dbec6e612072ce7fd70ed9305446a8b45b7a9ff355b3cff9707fe8ba6b03c1d1269b59308a"], 0x1) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x21) wait4(0x0, 0x0, 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x10000, 0x0, 0x15}) syz_open_pts(r0, 0x0) getxattr(&(0x7f0000000240)='./file0\x00', &(0x7f0000000280)=@known='com.apple.system.Security\x00', &(0x7f00000002c0)=""/41, 0x29) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0xf, &(0x7f00009abffc)=0x5, 0x4) openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000540)='/dev/vga_arbiter\x00', 0x511441, 0x0) [ 1525.564709] ffff8801384bf968 ffffffff81b67001 1ffff10027097f2f ffff88019af02f80 [ 1525.564720] ffffffff82aab4e0 0000000000000001 0000000000400000 ffff8801384bfa90 [ 1525.564732] ffffffff815080fc 0000000041b58ab3 ffffffff82e3bc80 ffffffff81431d00 [ 1525.564735] Call Trace: [ 1525.564750] [<0000000011681f42>] dump_stack+0xc1/0x120 [ 1525.564765] [<000000007c2097d2>] warn_alloc.cold+0x76/0x93 [ 1525.564775] [<00000000de19d6ac>] ? zone_watermark_ok_safe+0x260/0x260 [ 1525.564784] [<00000000298d54b5>] ? avc_has_perm+0x164/0x3a0 [ 1525.564793] [<000000005cb91349>] __vmalloc_node_range+0x368/0x610 [ 1525.564803] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1525.564811] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1525.564820] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1525.564829] [<00000000a2fc1867>] ? task_has_security+0x130/0x270 [ 1525.564836] [<00000000a2870fb6>] vmalloc+0x5c/0x70 [ 1525.564842] [<000000009122b07a>] ? sel_write_load+0x119/0xf60 ** 27 printk messages dropped ** [ 1525.565166] 32078 total pagecache pages [ 1525.565170] 0 pages in swap cache [ 1525.565174] Swap cache stats: add 0, delete 0, find 0/0 [ 1525.565176] Free swap = 0kB 22:11:22 executing program 3: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x448, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x13102000ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket(0x5, 0xa, 0x8) poll(0x0, 0x0, 0x8000000000000200) fcntl$setown(0xffffffffffffffff, 0x8, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$TIOCLINUX4(r1, 0x541c, &(0x7f0000000040)) dup2(r0, 0xffffffffffffffff) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r3, &(0x7f0000000300)=ANY=[@ANYBLOB="2422cdb3dbc96a0d7dab17ee1da68e97a75c2d1a34e7ee02004c4ac61b6783adf4b78165e6c18fe6e6e9de0eb40ab9b6372acb8457a07f40768a79fdc462e6b4a93479179acce26e9a881ad88e9bda56bc45b955bd137eb6a10faae485df2055d290b5f5949c6c1ef54dacde51e41b3b831d091296afdcea0a3f90167c64236701a6a66a7585617a81295c82c330caf32cb6b5240766739a217b22cf41bbab5aeb327feb5109ed16a6ddd2009b475825c0dd02dbec6e612072ce7fd70ed9305446a8b45b7a9ff355b3cff9707fe8ba6b03c1d1269b59308a"], 0x1) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x21) wait4(0x0, 0x0, 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x10000, 0x0, 0x15}) syz_open_pts(r0, 0x0) getxattr(&(0x7f0000000240)='./file0\x00', &(0x7f0000000280)=@known='com.apple.system.Security\x00', &(0x7f00000002c0)=""/41, 0x29) accept$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @initdev}, &(0x7f00000001c0)=0x10) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0xf, &(0x7f00009abffc)=0x5, 0x4) r4 = socket(0xa, 0x2, 0x0) getsockopt$sock_cred(r4, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xa) fcntl$getownex(r4, 0x10, &(0x7f0000000500)) 22:11:22 executing program 4: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x448, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x13102000ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket(0x0, 0xa, 0x0) poll(0x0, 0x0, 0x8000000000000200) socketpair(0x0, 0x0, 0xfe, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$TIOCLINUX4(r1, 0x541c, &(0x7f0000000040)) dup2(r0, 0xffffffffffffffff) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r3, &(0x7f0000000300)=ANY=[@ANYBLOB="2422cdb3dbc96a0d7dab17ee1da68e97a75c2d1a34e7ee02004c4ac61b6783adf4b78165e6c18fe6e6e9de0eb40ab9b6372acb8457a07f40768a79fdc462e6b4a93479179acce26e9a881ad88e9bda56bc45b955bd137eb6a10faae485df2055d290b5f5949c6c1ef54dacde51e41b3b831d091296afdcea0a3f90167c64236701a6a66a7585617a81295c82c330caf32cb6b5240766739a217b22cf41bbab5aeb327feb5109ed16a6ddd2009b475825c0dd02dbec6e612072ce7fd70ed9305446a8b45b7a9ff355b3cff9707fe8ba6b03c1d1269b59308a"], 0x1) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x21) wait4(0x0, 0x0, 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x10000, 0x0, 0x15}) syz_open_pts(r0, 0x0) getxattr(&(0x7f0000000240)='./file0\x00', &(0x7f0000000280)=@known='com.apple.system.Security\x00', &(0x7f00000002c0)=""/41, 0x29) accept$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @initdev}, &(0x7f00000001c0)=0x10) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0xf, &(0x7f00009abffc)=0x5, 0x4) r4 = socket(0xa, 0x2, 0x0) getsockopt$sock_cred(r4, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xa) fcntl$getownex(r4, 0x10, &(0x7f0000000500)) openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000540)='/dev/vga_arbiter\x00', 0x511441, 0x0) [ 1525.565178] Total swap = 0kB [ 1525.565180] 1965979 pages RAM [ 1525.565182] 0 pages HighMem/MovableOnly [ 1525.565184] 313627 pages reserved [ 1525.659787] syz-executor.3: vmalloc: allocation failure: 0 bytes, mode:0x24000c2(GFP_KERNEL|__GFP_HIGHMEM) 22:11:22 executing program 0: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) socket(0x0, 0x0, 0x8) poll(0x0, 0x0, 0x8000000000000200) socketpair(0x10, 0x0, 0x0, 0x0) creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$TIOCLINUX4(0xffffffffffffffff, 0x541c, 0x0) r0 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r1, &(0x7f0000000300)=ANY=[], 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x0) wait4(0x0, 0x0, 0x0, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x10000, 0x0, 0x15}) syz_open_pts(0xffffffffffffffff, 0x0) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000540)='/dev/vga_arbiter\x00', 0x511441, 0x0) [ 1525.659798] CPU: 1 PID: 30101 Comm: syz-executor.3 Not tainted 4.9.194+ #0 [ 1525.659814] ffff880132be7968 ffffffff81b67001 1ffff1002657cf2f ffff8801384c97c0 [ 1525.659835] ffffffff82aab4e0 0000000000000001 0000000000400000 ffff880132be7a90 [ 1525.659848] ffffffff815080fc 0000000041b58ab3 ffffffff82e3bc80 ffffffff81431d00 [ 1525.659850] Call Trace: [ 1525.659868] [<0000000011681f42>] dump_stack+0xc1/0x120 [ 1525.659883] [<000000007c2097d2>] warn_alloc.cold+0x76/0x93 [ 1525.659896] [<00000000de19d6ac>] ? zone_watermark_ok_safe+0x260/0x260 [ 1525.659906] [<00000000298d54b5>] ? avc_has_perm+0x164/0x3a0 [ 1525.659916] [<000000005cb91349>] __vmalloc_node_range+0x368/0x610 22:11:22 executing program 2: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x13102000ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket(0x5, 0xa, 0x8) poll(0x0, 0x0, 0x8000000000000200) socketpair(0x10, 0x0, 0xfe, &(0x7f0000000180)) fcntl$setown(0xffffffffffffffff, 0x8, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$TIOCLINUX4(r1, 0x541c, &(0x7f0000000040)) dup2(r0, 0xffffffffffffffff) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r3, &(0x7f0000000300)=ANY=[@ANYBLOB="2422cdb3dbc96a0d7dab17ee1da68e97a75c2d1a34e7ee02004c4ac61b6783adf4b78165e6c18fe6e6e9de0eb40ab9b6372acb8457a07f40768a79fdc462e6b4a93479179acce26e9a881ad88e9bda56bc45b955bd137eb6a10faae485df2055d290b5f5949c6c1ef54dacde51e41b3b831d091296afdcea0a3f90167c64236701a6a66a7585617a81295c82c330caf32cb6b5240766739a217b22cf41bbab5aeb327feb5109ed16a6ddd2009b475825c0dd02dbec6e612072ce7fd70ed9305446a8b45b7a9ff355b3cff9707fe8ba6b03c1d1269b59308a"], 0x1) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x21) wait4(0x0, 0x0, 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x10000, 0x0, 0x15}) syz_open_pts(r0, 0x0) stat(&(0x7f0000000140)='./file0\x00', 0x0) getxattr(&(0x7f0000000240)='./file0\x00', &(0x7f0000000280)=@known='com.apple.system.Security\x00', &(0x7f00000002c0)=""/41, 0x29) accept$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @initdev}, &(0x7f00000001c0)=0x10) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) bind$inet(0xffffffffffffffff, &(0x7f0000000080)={0x2, 0x4e22, @empty}, 0x10) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0xf, &(0x7f00009abffc)=0x5, 0x4) r4 = socket(0xa, 0x2, 0x0) getsockopt$sock_cred(r4, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xa) openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000540)='/dev/vga_arbiter\x00', 0x511441, 0x0) ** 12 printk messages dropped ** [ 1525.660052] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 22:11:23 executing program 1: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x13102000ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket(0x0, 0x0, 0x0) poll(0x0, 0x0, 0x8000000000000200) socketpair(0x10, 0x0, 0xfe, &(0x7f0000000180)) openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r0 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$TIOCLINUX4(r0, 0x541c, &(0x7f0000000040)) dup2(0xffffffffffffffff, 0xffffffffffffffff) r1 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r2, &(0x7f0000000300)=ANY=[], 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x21) wait4(0x0, 0x0, 0x0, 0x0) syz_open_pts(0xffffffffffffffff, 0x0) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0xf, &(0x7f00009abffc)=0x5, 0x4) 22:11:23 executing program 5: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x448, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x13102000ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket(0x0, 0xa, 0x0) poll(0x0, 0x0, 0x8000000000000200) socketpair(0x0, 0x0, 0xfe, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = creat(0x0, 0x0) ioctl$TIOCLINUX4(r1, 0x541c, &(0x7f0000000040)) dup2(r0, 0xffffffffffffffff) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r3, &(0x7f0000000300)=ANY=[@ANYBLOB="2422cdb3dbc96a0d7dab17ee1da68e97a75c2d1a34e7ee02004c4ac61b6783adf4b78165e6c18fe6e6e9de0eb40ab9b6372acb8457a07f40768a79fdc462e6b4a93479179acce26e9a881ad88e9bda56bc45b955bd137eb6a10faae485df2055d290b5f5949c6c1ef54dacde51e41b3b831d091296afdcea0a3f90167c64236701a6a66a7585617a81295c82c330caf32cb6b5240766739a217b22cf41bbab5aeb327feb5109ed16a6ddd2009b475825c0dd02dbec6e612072ce7fd70ed9305446a8b45b7a9ff355b3cff9707fe8ba6b03c1d1269b59308a"], 0x1) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x21) wait4(0x0, 0x0, 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x10000, 0x0, 0x15}) syz_open_pts(r0, 0x0) getxattr(&(0x7f0000000240)='./file0\x00', &(0x7f0000000280)=@known='com.apple.system.Security\x00', &(0x7f00000002c0)=""/41, 0x29) accept$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @initdev}, &(0x7f00000001c0)=0x10) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0xf, &(0x7f00009abffc)=0x5, 0x4) r4 = socket(0xa, 0x2, 0x0) getsockopt$sock_cred(r4, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xa) fcntl$getownex(r4, 0x10, &(0x7f0000000500)) openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000540)='/dev/vga_arbiter\x00', 0x511441, 0x0) ** 20 printk messages dropped ** [ 1525.660364] 32078 total pagecache pages [ 1525.660369] 0 pages in swap cache [ 1525.660373] Swap cache stats: add 0, delete 0, find 0/0 [ 1525.660376] Free swap = 0kB [ 1525.660378] Total swap = 0kB [ 1525.660380] 1965979 pages RAM [ 1525.660382] 0 pages HighMem/MovableOnly [ 1525.660384] 313627 pages reserved [ 1525.746858] syz-executor.4: vmalloc: allocation failure: 0 bytes, mode:0x24000c2(GFP_KERNEL|__GFP_HIGHMEM) [ 1525.746868] CPU: 0 PID: 30104 Comm: syz-executor.4 Not tainted 4.9.194+ #0 ** 42 printk messages dropped ** [ 1525.747389] 32082 total pagecache pages [ 1525.747393] 0 pages in swap cache [ 1525.747397] Swap cache stats: add 0, delete 0, find 0/0 [ 1525.747398] Free swap = 0kB [ 1525.747400] Total swap = 0kB [ 1525.747403] 1965979 pages RAM [ 1525.747405] 0 pages HighMem/MovableOnly [ 1525.747406] 313627 pages reserved [ 1526.459170] SELinux: policydb magic number 0xb3cd2224 does not match expected magic number 0xf97cff8c [ 1530.515766] warn_alloc: 8 callbacks suppressed [ 1530.515786] syz-executor.0: vmalloc: allocation failure: 0 bytes, mode:0x24000c2(GFP_KERNEL|__GFP_HIGHMEM) [ 1530.515798] CPU: 0 PID: 30249 Comm: syz-executor.0 Not tainted 4.9.194+ #0 [ 1530.515817] ffff88013bb97968 ffffffff81b67001 1ffff10027772f2f ffff88013bb817c0 [ 1530.515830] ffffffff82aab4e0 0000000000000001 0000000000400000 ffff88013bb97a90 [ 1530.515842] ffffffff815080fc 0000000041b58ab3 ffffffff82e3bc80 ffffffff81431d00 [ 1530.515845] Call Trace: [ 1530.515864] [<0000000011681f42>] dump_stack+0xc1/0x120 [ 1530.515880] [<000000007c2097d2>] warn_alloc.cold+0x76/0x93 [ 1530.515894] [<00000000de19d6ac>] ? zone_watermark_ok_safe+0x260/0x260 [ 1530.515903] [<00000000298d54b5>] ? avc_has_perm+0x164/0x3a0 [ 1530.515915] [<000000005cb91349>] __vmalloc_node_range+0x368/0x610 [ 1530.515926] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1530.515935] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1530.515944] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1530.515954] [<00000000a2fc1867>] ? task_has_security+0x130/0x270 [ 1530.515962] [<00000000a2870fb6>] vmalloc+0x5c/0x70 [ 1530.515969] [<000000009122b07a>] ? sel_write_load+0x119/0xf60 [ 1530.515976] [<000000009122b07a>] sel_write_load+0x119/0xf60 [ 1530.515983] [<0000000014953e9a>] ? sel_read_bool+0x240/0x240 [ 1530.515993] [<0000000033795d1e>] ? trace_hardirqs_on+0x10/0x10 [ 1530.516001] [<000000008431afd9>] __vfs_write+0x116/0x560 [ 1530.516009] [<0000000014953e9a>] ? sel_read_bool+0x240/0x240 [ 1530.516015] [<00000000b67253ca>] ? __vfs_read+0x550/0x550 [ 1530.516024] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1530.516034] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1530.516043] [<00000000ad48bf15>] ? rcu_read_lock_sched_held+0x10b/0x130 [ 1530.516051] [<00000000a3300644>] ? rcu_sync_lockdep_assert+0x73/0xb0 [ 1530.516060] [<000000003542cfd2>] ? __sb_start_write+0x161/0x310 [ 1530.516067] [<000000006a657c39>] vfs_write+0x185/0x520 [ 1530.516074] [<00000000896b6640>] SyS_write+0x121/0x270 22:11:23 executing program 0: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) socket(0x0, 0x0, 0x8) poll(0x0, 0x0, 0x8000000000000200) socketpair(0x10, 0x0, 0x0, 0x0) creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$TIOCLINUX4(0xffffffffffffffff, 0x541c, 0x0) r0 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r1, &(0x7f0000000300)=ANY=[], 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x0) wait4(0x0, 0x0, 0x0, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x10000, 0x0, 0x15}) syz_open_pts(0xffffffffffffffff, 0x0) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000540)='/dev/vga_arbiter\x00', 0x511441, 0x0) [ 1530.516081] [<0000000039622e10>] ? SyS_read+0x270/0x270 22:11:23 executing program 1: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x13102000ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket(0x0, 0x0, 0x0) poll(0x0, 0x0, 0x8000000000000200) socketpair(0x10, 0x0, 0xfe, &(0x7f0000000180)) r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$TIOCLINUX4(r1, 0x541c, &(0x7f0000000040)) dup2(0xffffffffffffffff, 0xffffffffffffffff) r2 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r3, &(0x7f0000000300)=ANY=[], 0x0) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x21) wait4(0x0, 0x0, 0x0, 0x0) syz_open_pts(r0, 0x0) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x0, &(0x7f00009abffc)=0x5, 0x4) ** 16 printk messages dropped ** [ 1530.516335] Free swap = 0kB [ 1530.516337] Total swap = 0kB [ 1530.516340] 1965979 pages RAM [ 1530.516342] 0 pages HighMem/MovableOnly [ 1530.516344] 313627 pages reserved [ 1531.724743] syz-executor.1: vmalloc: allocation failure: 0 bytes, mode:0x24000c2(GFP_KERNEL|__GFP_HIGHMEM) [ 1531.724766] CPU: 1 PID: 30275 Comm: syz-executor.1 Not tainted 4.9.194+ #0 [ 1531.724780] ffff88013bbaf968 ffffffff81b67001 1ffff10027775f2f ffff88012ecf17c0 [ 1531.724794] ffffffff82aab4e0 0000000000000001 0000000000400000 ffff88013bbafa90 [ 1531.724806] ffffffff815080fc 0000000041b58ab3 ffffffff82e3bc80 ffffffff81431d00 [ 1531.724807] Call Trace: [ 1531.724826] [<0000000011681f42>] dump_stack+0xc1/0x120 [ 1531.724843] [<000000007c2097d2>] warn_alloc.cold+0x76/0x93 [ 1531.724856] [<00000000de19d6ac>] ? zone_watermark_ok_safe+0x260/0x260 [ 1531.724865] [<00000000298d54b5>] ? avc_has_perm+0x164/0x3a0 [ 1531.724874] [<000000005cb91349>] __vmalloc_node_range+0x368/0x610 [ 1531.724884] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1531.724892] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1531.724900] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1531.724910] [<00000000a2fc1867>] ? task_has_security+0x130/0x270 [ 1531.724916] [<00000000a2870fb6>] vmalloc+0x5c/0x70 [ 1531.724922] [<000000009122b07a>] ? sel_write_load+0x119/0xf60 [ 1531.724929] [<000000009122b07a>] sel_write_load+0x119/0xf60 [ 1531.724936] [<0000000014953e9a>] ? sel_read_bool+0x240/0x240 [ 1531.724946] [<0000000033795d1e>] ? trace_hardirqs_on+0x10/0x10 [ 1531.724953] [<000000008431afd9>] __vfs_write+0x116/0x560 [ 1531.724961] [<0000000014953e9a>] ? sel_read_bool+0x240/0x240 ** 25 printk messages dropped ** [ 1531.726730] Free swap = 0kB [ 1531.726751] Total swap = 0kB [ 1531.726763] 1965979 pages RAM [ 1531.726765] 0 pages HighMem/MovableOnly [ 1531.726771] 313627 pages reserved [ 1531.833912] syz-executor.3: vmalloc: allocation failure: 0 bytes, mode:0x24000c2(GFP_KERNEL|__GFP_HIGHMEM) [ 1531.833921] CPU: 1 PID: 30281 Comm: syz-executor.3 Not tainted 4.9.194+ #0 [ 1531.833936] ffff880132e57968 ffffffff81b67001 1ffff100265caf2f ffff880137da17c0 [ 1531.833946] ffffffff82aab4e0 0000000000000001 0000000000400000 ffff880132e57a90 [ 1531.833956] ffffffff815080fc 0000000041b58ab3 ffffffff82e3bc80 ffffffff81431d00 [ 1531.833957] Call Trace: [ 1531.833975] [<0000000011681f42>] dump_stack+0xc1/0x120 [ 1531.833989] [<000000007c2097d2>] warn_alloc.cold+0x76/0x93 [ 1531.833998] [<00000000de19d6ac>] ? zone_watermark_ok_safe+0x260/0x260 [ 1531.834006] [<00000000298d54b5>] ? avc_has_perm+0x164/0x3a0 [ 1531.834016] [<000000005cb91349>] __vmalloc_node_range+0x368/0x610 [ 1531.834027] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1531.834044] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1531.834053] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1531.834062] [<00000000a2fc1867>] ? task_has_security+0x130/0x270 [ 1531.834068] [<00000000a2870fb6>] vmalloc+0x5c/0x70 [ 1531.834075] [<000000009122b07a>] ? sel_write_load+0x119/0xf60 [ 1531.834081] [<000000009122b07a>] sel_write_load+0x119/0xf60 [ 1531.834088] [<0000000014953e9a>] ? sel_read_bool+0x240/0x240 [ 1531.834097] [<0000000033795d1e>] ? trace_hardirqs_on+0x10/0x10 [ 1531.834105] [<000000008431afd9>] __vfs_write+0x116/0x560 [ 1531.834111] [<0000000014953e9a>] ? sel_read_bool+0x240/0x240 [ 1531.834118] [<00000000b67253ca>] ? __vfs_read+0x550/0x550 [ 1531.834126] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1531.834134] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1531.834143] [<00000000ad48bf15>] ? rcu_read_lock_sched_held+0x10b/0x130 [ 1531.834151] [<00000000a3300644>] ? rcu_sync_lockdep_assert+0x73/0xb0 [ 1531.834159] [<000000003542cfd2>] ? __sb_start_write+0x161/0x310 [ 1531.834166] [<000000006a657c39>] vfs_write+0x185/0x520 [ 1531.834173] [<00000000896b6640>] SyS_write+0x121/0x270 [ 1531.834180] [<0000000039622e10>] ? SyS_read+0x270/0x270 [ 1531.834188] [<00000000207ed57a>] ? do_syscall_64+0x4a/0x5c0 [ 1531.834194] [<0000000039622e10>] ? SyS_read+0x270/0x270 [ 1531.834201] [<000000009049c43c>] do_syscall_64+0x1ad/0x5c0 [ 1531.834211] [<00000000880b3aee>] entry_SYSCALL_64_after_swapgs+0x5d/0xdb [ 1531.834214] Mem-Info: [ 1531.834237] active_anon:188102 inactive_anon:40 isolated_anon:0 [ 1531.834237] active_file:12706 inactive_file:19334 isolated_file:0 [ 1531.834237] unevictable:1 dirty:114 writeback:0 unstable:0 [ 1531.834237] slab_reclaimable:8901 slab_unreclaimable:100846 [ 1531.834237] mapped:59368 shmem:56 pagetables:78538 bounce:0 [ 1531.834237] free:1133118 free_pcp:414 free_cma:0 [ 1531.834254] Node 0 active_anon:752408kB inactive_anon:160kB active_file:50824kB inactive_file:77336kB unevictable:4kB isolated(anon):0kB isolated(file):0kB mapped:237472kB dirty:456kB writeback:0kB shmem:224kB writeback_tmp:0kB unstable:0kB pages_scanned:0 all_unreclaimable? no 22:11:24 executing program 0: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) socket(0x0, 0x0, 0x8) poll(0x0, 0x0, 0x8000000000000200) socketpair(0x10, 0x0, 0x0, 0x0) creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$TIOCLINUX4(0xffffffffffffffff, 0x541c, 0x0) r0 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r1, &(0x7f0000000300)=ANY=[], 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x21) wait4(0x0, 0x0, 0x0, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x40045431, 0x0) syz_open_pts(0xffffffffffffffff, 0x0) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000540)='/dev/vga_arbiter\x00', 0x511441, 0x0) 22:11:24 executing program 1: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x13102000ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket(0x0, 0x0, 0x0) poll(0x0, 0x0, 0x8000000000000200) socketpair(0x10, 0x0, 0xfe, &(0x7f0000000180)) r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$TIOCLINUX4(r1, 0x541c, &(0x7f0000000040)) dup2(0xffffffffffffffff, 0xffffffffffffffff) r2 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r3, &(0x7f0000000300)=ANY=[], 0x0) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x21) wait4(0x0, 0x0, 0x0, 0x0) syz_open_pts(r0, 0x0) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x0, &(0x7f00009abffc)=0x5, 0x4) [ 1531.834273] DMA32 free:3012768kB min:4696kB low:7712kB high:10728kB active_anon:8kB inactive_anon:0kB active_file:4kB inactive_file:0kB unevictable:0kB writepending:0kB present:3145324kB managed:3020092kB mlocked:0kB slab_reclaimable:72kB slab_unreclaimable:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:1232kB local_pcp:644kB free_cma:0kB lowmem_reserve[]: 0 3505 3505 [ 1531.834300] Normal free:1519704kB min:5580kB low:9168kB high:12756kB active_anon:752400kB inactive_anon:160kB active_file:50820kB inactive_file:77336kB unevictable:4kB writepending:456kB present:4718592kB managed:3589316kB mlocked:4kB slab_reclaimable:35532kB slab_unreclaimable:403384kB kernel_stack:99744kB pagetables:314152kB bounce:0kB free_pcp:424kB local_pcp:100kB free_cma:0kB lowmem_reserve[]: 0 0 0 [ 1531.834372] DMA32: 12*4kB (UM) 12*8kB (UME) 7*16kB (UME) 5*32kB (UME) 4*64kB (UM) 6*128kB (UME) 7*256kB (UME) 6*512kB (UME) 4*1024kB (UME) 4*2048kB (UME) 731*4096kB (UM) = 3012768kB Normal: 756*4kB (ME) 421*8kB (UME) 136*16kB (UME) 21*32kB (UM) 13*64kB (UME) 4*128kB (UME) 3*256kB (UE) 2*512kB (UM) 2*1024kB (UE) 1*2048kB (U) 367*4096kB (U) = 1519704kB 22:11:24 executing program 1: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x13102000ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket(0x0, 0x0, 0x0) poll(0x0, 0x0, 0x8000000000000200) socketpair(0x10, 0x0, 0xfe, &(0x7f0000000180)) r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$TIOCLINUX4(r1, 0x541c, &(0x7f0000000040)) dup2(0xffffffffffffffff, 0xffffffffffffffff) r2 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r3, &(0x7f0000000300)=ANY=[], 0x0) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x21) wait4(0x0, 0x0, 0x0, 0x0) syz_open_pts(r0, 0x0) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x0, &(0x7f00009abffc)=0x5, 0x4) 32093 total pagecache pages [ 1531.834426] 0 pages in swap cache [ 1531.834430] Swap cache stats: add 0, delete 0, find 0/0 [ 1531.834432] Free swap = 0kB [ 1531.834434] Total swap = 0kB [ 1531.834437] 1965979 pages RAM [ 1531.834438] 0 pages HighMem/MovableOnly [ 1531.834440] 313627 pages reserved [ 1532.413892] SELinux: policydb magic number 0xb3cd2224 does not match expected magic number 0xf97cff8c [ 1533.064894] syz-executor.3: vmalloc: allocation failure: 0 bytes, mode:0x24000c2(GFP_KERNEL|__GFP_HIGHMEM) [ 1533.064904] CPU: 0 PID: 30320 Comm: syz-executor.3 Not tainted 4.9.194+ #0 [ 1533.064920] ffff88013362f968 ffffffff81b67001 1ffff100266c5f2f ffff88012f4d17c0 22:11:24 executing program 1: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x13102000ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket(0x0, 0x0, 0x0) poll(0x0, 0x0, 0x8000000000000200) socketpair(0x10, 0x0, 0xfe, &(0x7f0000000180)) r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$TIOCLINUX4(r1, 0x541c, &(0x7f0000000040)) dup2(0xffffffffffffffff, 0xffffffffffffffff) r2 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r3, &(0x7f0000000300)=ANY=[], 0x0) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x21) wait4(0x0, 0x0, 0x0, 0x0) syz_open_pts(r0, 0x0) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0xf, 0x0, 0x0) [ 1533.064931] ffffffff82aab4e0 0000000000000001 0000000000400000 ffff88013362fa90 [ 1533.064943] ffffffff815080fc 0000000041b58ab3 ffffffff82e3bc80 ffffffff81431d00 [ 1533.064944] Call Trace: [ 1533.064962] [<0000000011681f42>] dump_stack+0xc1/0x120 [ 1533.064976] [<000000007c2097d2>] warn_alloc.cold+0x76/0x93 [ 1533.064986] [<00000000de19d6ac>] ? zone_watermark_ok_safe+0x260/0x260 [ 1533.064994] [<00000000298d54b5>] ? avc_has_perm+0x164/0x3a0 [ 1533.065005] [<000000005cb91349>] __vmalloc_node_range+0x368/0x610 [ 1533.065014] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1533.065023] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1533.065032] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1533.065043] [<00000000a2fc1867>] ? task_has_security+0x130/0x270 ** 36 printk messages dropped ** [ 1533.065449] 313627 pages reserved [ 1533.479238] syz-executor.2: vmalloc: allocation failure: 0 bytes, mode:0x24000c2(GFP_KERNEL|__GFP_HIGHMEM) [ 1533.479249] CPU: 0 PID: 30338 Comm: syz-executor.2 Not tainted 4.9.194+ #0 [ 1533.479265] ffff880126ae7968 ffffffff81b67001 1ffff10024d5cf2f ffff880136b45f00 [ 1533.479280] ffffffff82aab4e0 0000000000000001 0000000000400000 ffff880126ae7a90 [ 1533.479292] ffffffff815080fc 0000000041b58ab3 ffffffff82e3bc80 ffffffff81431d00 [ 1533.479293] Call Trace: [ 1533.479307] [<0000000011681f42>] dump_stack+0xc1/0x120 [ 1533.479320] [<000000007c2097d2>] warn_alloc.cold+0x76/0x93 [ 1533.479336] [<00000000de19d6ac>] ? zone_watermark_ok_safe+0x260/0x260 [ 1533.479347] [<00000000298d54b5>] ? avc_has_perm+0x164/0x3a0 [ 1533.479362] [<000000005cb91349>] __vmalloc_node_range+0x368/0x610 [ 1533.479375] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1533.479389] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1533.479398] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1533.479407] [<00000000a2fc1867>] ? task_has_security+0x130/0x270 [ 1533.479414] [<00000000a2870fb6>] vmalloc+0x5c/0x70 [ 1533.479425] [<000000009122b07a>] ? sel_write_load+0x119/0xf60 [ 1533.479432] [<000000009122b07a>] sel_write_load+0x119/0xf60 [ 1533.479443] [<0000000014953e9a>] ? sel_read_bool+0x240/0x240 [ 1533.479457] [<0000000033795d1e>] ? trace_hardirqs_on+0x10/0x10 [ 1533.479464] [<000000008431afd9>] __vfs_write+0x116/0x560 [ 1533.479471] [<0000000014953e9a>] ? sel_read_bool+0x240/0x240 [ 1533.479478] [<00000000b67253ca>] ? __vfs_read+0x550/0x550 [ 1533.479490] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1533.479499] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1533.479511] [<00000000ad48bf15>] ? rcu_read_lock_sched_held+0x10b/0x130 [ 1533.479519] [<00000000a3300644>] ? rcu_sync_lockdep_assert+0x73/0xb0 [ 1533.479527] [<000000003542cfd2>] ? __sb_start_write+0x161/0x310 [ 1533.479533] [<000000006a657c39>] vfs_write+0x185/0x520 [ 1533.479541] [<00000000896b6640>] SyS_write+0x121/0x270 [ 1533.479548] [<0000000039622e10>] ? SyS_read+0x270/0x270 [ 1533.479555] [<00000000207ed57a>] ? do_syscall_64+0x4a/0x5c0 [ 1533.479562] [<0000000039622e10>] ? SyS_read+0x270/0x270 [ 1533.479569] [<000000009049c43c>] do_syscall_64+0x1ad/0x5c0 [ 1533.479586] [<00000000880b3aee>] entry_SYSCALL_64_after_swapgs+0x5d/0xdb [ 1533.479589] Mem-Info: [ 1533.479612] active_anon:188258 inactive_anon:40 isolated_anon:0 [ 1533.479612] active_file:12706 inactive_file:19334 isolated_file:0 [ 1533.479612] unevictable:1 dirty:122 writeback:0 unstable:0 [ 1533.479612] slab_reclaimable:8901 slab_unreclaimable:100741 [ 1533.479612] mapped:59393 shmem:56 pagetables:78648 bounce:0 [ 1533.479612] free:1132898 free_pcp:459 free_cma:0 [ 1533.479628] Node 0 active_anon:753032kB inactive_anon:160kB active_file:50824kB inactive_file:77336kB unevictable:4kB isolated(anon):0kB isolated(file):0kB mapped:237572kB dirty:488kB writeback:0kB shmem:224kB writeback_tmp:0kB unstable:0kB pages_scanned:0 all_unreclaimable? no [ 1533.479651] DMA32 free:3012768kB min:4696kB low:7712kB high:10728kB active_anon:8kB inactive_anon:0kB active_file:4kB inactive_file:0kB unevictable:0kB writepending:0kB present:3145324kB managed:3020092kB mlocked:0kB slab_reclaimable:72kB slab_unreclaimable:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:1232kB local_pcp:588kB free_cma:0kB lowmem_reserve[]: 0 3505 3505 [ 1533.479688] Normal free:1518824kB min:5580kB low:9168kB high:12756kB active_anon:753024kB inactive_anon:160kB active_file:50820kB inactive_file:77336kB unevictable:4kB writepending:488kB present:4718592kB managed:3589316kB mlocked:4kB slab_reclaimable:35532kB slab_unreclaimable:402964kB kernel_stack:100160kB pagetables:314592kB bounce:0kB free_pcp:604kB local_pcp:204kB free_cma:0kB lowmem_reserve[]: 0 0 0 [ 1533.479756] DMA32: 12*4kB (UM) 12*8kB (UME) 7*16kB (UME) 5*32kB (UME) 4*64kB (UM) 6*128kB (UME) 7*256kB (UME) 6*512kB (UME) 4*1024kB (UME) 4*2048kB (UME) 731*4096kB (UM) = 3012768kB Normal: 644*4kB (UME) 413*8kB (UME) 131*16kB (ME) 16*32kB (UM) 13*64kB (UME) 4*128kB (UME) 2*256kB (E) 2*512kB (UM) 2*1024kB (UE) 1*2048kB (U) 367*4096kB (U) = 1518696kB 32093 total pagecache pages [ 1533.479814] 0 pages in swap cache [ 1533.479819] Swap cache stats: add 0, delete 0, find 0/0 [ 1533.479821] Free swap = 0kB [ 1533.479823] Total swap = 0kB 22:11:25 executing program 3: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x448, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x13102000ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) poll(0x0, 0x0, 0x8000000000000200) socketpair(0x10, 0x0, 0xfe, &(0x7f0000000180)) fcntl$setown(0xffffffffffffffff, 0x8, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$TIOCLINUX4(r1, 0x541c, &(0x7f0000000040)) dup2(r0, 0xffffffffffffffff) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r3, &(0x7f0000000300)=ANY=[@ANYBLOB="2422cdb3dbc96a0d7dab17ee1da68e97a75c2d1a34e7ee02004c4ac61b6783adf4b78165e6c18fe6e6e9de0eb40ab9b6372acb8457a07f40768a79fdc462e6b4a93479179acce26e9a881ad88e9bda56bc45b955bd137eb6a10faae485df2055d290b5f5949c6c1ef54dacde51e41b3b831d091296afdcea0a3f90167c64236701a6a66a7585617a81295c82c330caf32cb6b5240766739a217b22cf41bbab5aeb327feb5109ed16a6ddd2009b475825c0dd02dbec6e612072ce7fd70ed9305446a8b45b7a9ff355b3cff9707fe8ba6b03c1d1269b59308a"], 0x1) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x21) wait4(0x0, 0x0, 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x10000, 0x0, 0x15}) syz_open_pts(r0, 0x0) getxattr(&(0x7f0000000240)='./file0\x00', &(0x7f0000000280)=@known='com.apple.system.Security\x00', &(0x7f00000002c0)=""/41, 0x29) accept$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @initdev}, &(0x7f00000001c0)=0x10) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0xf, &(0x7f00009abffc)=0x5, 0x4) r4 = socket(0xa, 0x2, 0x0) getsockopt$sock_cred(r4, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xa) fcntl$getownex(r4, 0x10, &(0x7f0000000500)) openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000540)='/dev/vga_arbiter\x00', 0x511441, 0x0) 22:11:25 executing program 0: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) socket(0x0, 0x0, 0x8) poll(0x0, 0x0, 0x8000000000000200) socketpair(0x10, 0x0, 0x0, 0x0) creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$TIOCLINUX4(0xffffffffffffffff, 0x541c, 0x0) r0 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r1, &(0x7f0000000300)=ANY=[], 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x21) wait4(0x0, 0x0, 0x0, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x40045431, 0x0) syz_open_pts(0xffffffffffffffff, 0x0) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000540)='/dev/vga_arbiter\x00', 0x511441, 0x0) 22:11:25 executing program 4: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x13102000ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket(0x0, 0x0, 0x0) poll(0x0, 0x0, 0x8000000000000200) socketpair(0x10, 0x0, 0xfe, &(0x7f0000000180)) r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$TIOCLINUX4(r1, 0x541c, &(0x7f0000000040)) dup2(0xffffffffffffffff, 0xffffffffffffffff) r2 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r3, &(0x7f0000000300)=ANY=[], 0x0) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x21) wait4(0x0, 0x0, 0x0, 0x0) syz_open_pts(r0, 0x0) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x0, &(0x7f00009abffc)=0x5, 0x4) [ 1533.479825] 1965979 pages RAM [ 1533.479827] 0 pages HighMem/MovableOnly [ 1533.479829] 313627 pages reserved [ 1533.647462] syz-executor.1: vmalloc: allocation failure: 0 bytes, mode:0x24000c2(GFP_KERNEL|__GFP_HIGHMEM) [ 1533.647485] CPU: 0 PID: 30319 Comm: syz-executor.1 Not tainted 4.9.194+ #0 [ 1533.647502] ffff8801385e7968 ffffffff81b67001 1ffff100270bcf2f ffff88013834af80 [ 1533.647515] ffffffff82aab4e0 0000000000000001 0000000000400000 ffff8801385e7a90 [ 1533.647528] ffffffff815080fc 0000000041b58ab3 ffffffff82e3bc80 ffffffff81431d00 [ 1533.647530] Call Trace: [ 1533.647546] [<0000000011681f42>] dump_stack+0xc1/0x120 [ 1533.647556] [<000000007c2097d2>] warn_alloc.cold+0x76/0x93 [ 1533.647566] [<00000000de19d6ac>] ? zone_watermark_ok_safe+0x260/0x260 [ 1533.647575] [<00000000298d54b5>] ? avc_has_perm+0x164/0x3a0 [ 1533.647586] [<000000005cb91349>] __vmalloc_node_range+0x368/0x610 [ 1533.647596] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1533.647605] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1533.647619] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1533.647628] [<00000000a2fc1867>] ? task_has_security+0x130/0x270 [ 1533.647635] [<00000000a2870fb6>] vmalloc+0x5c/0x70 [ 1533.647642] [<000000009122b07a>] ? sel_write_load+0x119/0xf60 [ 1533.647649] [<000000009122b07a>] sel_write_load+0x119/0xf60 ** 31 printk messages dropped ** [ 1533.648751] Swap cache stats: add 0, delete 0, find 0/0 [ 1533.648772] Free swap = 0kB [ 1533.648785] Total swap = 0kB [ 1533.648791] 1965979 pages RAM [ 1533.648805] 0 pages HighMem/MovableOnly [ 1533.648807] 313627 pages reserved [ 1533.649973] syz-executor.3: vmalloc: allocation failure: 0 bytes, mode:0x24000c2(GFP_KERNEL|__GFP_HIGHMEM) [ 1533.649981] CPU: 0 PID: 30350 Comm: syz-executor.3 Not tainted 4.9.194+ #0 [ 1533.649997] ffff880128117968 ffffffff81b67001 1ffff10025022f2f ffff8801b1a28000 [ 1533.650007] ffffffff82aab4e0 0000000000000001 0000000000400000 ffff880128117a90 [ 1533.650017] ffffffff815080fc 0000000041b58ab3 ffffffff82e3bc80 ffffffff81431d00 [ 1533.650019] Call Trace: [ 1533.650030] [<0000000011681f42>] dump_stack+0xc1/0x120 [ 1533.650041] [<000000007c2097d2>] warn_alloc.cold+0x76/0x93 [ 1533.650049] [<00000000de19d6ac>] ? zone_watermark_ok_safe+0x260/0x260 [ 1533.650058] [<00000000298d54b5>] ? avc_has_perm+0x164/0x3a0 [ 1533.650068] [<000000005cb91349>] __vmalloc_node_range+0x368/0x610 [ 1533.650078] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1533.650088] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1533.650097] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1533.650107] [<00000000a2fc1867>] ? task_has_security+0x130/0x270 [ 1533.650114] [<00000000a2870fb6>] vmalloc+0x5c/0x70 [ 1533.650120] [<000000009122b07a>] ? sel_write_load+0x119/0xf60 [ 1533.650125] [<000000009122b07a>] sel_write_load+0x119/0xf60 [ 1533.650132] [<0000000014953e9a>] ? sel_read_bool+0x240/0x240 [ 1533.650140] [<0000000033795d1e>] ? trace_hardirqs_on+0x10/0x10 [ 1533.650147] [<000000008431afd9>] __vfs_write+0x116/0x560 [ 1533.650153] [<0000000014953e9a>] ? sel_read_bool+0x240/0x240 [ 1533.650159] [<00000000b67253ca>] ? __vfs_read+0x550/0x550 [ 1533.650167] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1533.650175] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1533.650183] [<00000000ad48bf15>] ? rcu_read_lock_sched_held+0x10b/0x130 [ 1533.650189] [<00000000a3300644>] ? rcu_sync_lockdep_assert+0x73/0xb0 [ 1533.650197] [<000000003542cfd2>] ? __sb_start_write+0x161/0x310 [ 1533.650203] [<000000006a657c39>] vfs_write+0x185/0x520 [ 1533.650210] [<00000000896b6640>] SyS_write+0x121/0x270 [ 1533.650216] [<0000000039622e10>] ? SyS_read+0x270/0x270 [ 1533.650223] [<00000000207ed57a>] ? do_syscall_64+0x4a/0x5c0 [ 1533.650229] [<0000000039622e10>] ? SyS_read+0x270/0x270 [ 1533.650235] [<000000009049c43c>] do_syscall_64+0x1ad/0x5c0 [ 1533.650244] [<00000000880b3aee>] entry_SYSCALL_64_after_swapgs+0x5d/0xdb [ 1533.650247] Mem-Info: [ 1533.650267] active_anon:188258 inactive_anon:40 isolated_anon:0 [ 1533.650267] active_file:12706 inactive_file:19334 isolated_file:0 [ 1533.650267] unevictable:1 dirty:122 writeback:0 unstable:0 [ 1533.650267] slab_reclaimable:8901 slab_unreclaimable:100795 [ 1533.650267] mapped:59393 shmem:56 pagetables:78611 bounce:0 [ 1533.650267] free:1132799 free_pcp:473 free_cma:0 [ 1533.650283] Node 0 active_anon:753032kB inactive_anon:160kB active_file:50824kB inactive_file:77336kB unevictable:4kB isolated(anon):0kB isolated(file):0kB mapped:237572kB dirty:488kB writeback:0kB shmem:224kB writeback_tmp:0kB unstable:0kB pages_scanned:0 all_unreclaimable? no [ 1533.650305] DMA32 free:3012768kB min:4696kB low:7712kB high:10728kB active_anon:8kB inactive_anon:0kB active_file:4kB inactive_file:0kB unevictable:0kB writepending:0kB present:3145324kB managed:3020092kB mlocked:0kB slab_reclaimable:72kB slab_unreclaimable:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:1232kB local_pcp:588kB free_cma:0kB lowmem_reserve[]: 0 3505 3505 22:11:26 executing program 2: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x448, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x13102000ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket(0x5, 0xa, 0x8) poll(0x0, 0x0, 0x8000000000000200) socketpair(0x10, 0x0, 0xfe, &(0x7f0000000180)) fcntl$setown(0xffffffffffffffff, 0x8, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$TIOCLINUX4(r1, 0x541c, &(0x7f0000000040)) dup2(r0, 0xffffffffffffffff) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = gettid() r3 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r3, &(0x7f0000000300)=ANY=[@ANYBLOB="2422cdb3dbc96a0d7dab17ee1da68e97a75c2d1a34e7ee02004c4ac61b6783adf4b78165e6c18fe6e6e9de0eb40ab9b6372acb8457a07f40768a79fdc462e6b4a93479179acce26e9a881ad88e9bda56bc45b955bd137eb6a10faae485df2055d290b5f5949c6c1ef54dacde51e41b3b831d091296afdcea0a3f90167c64236701a6a66a7585617a81295c82c330caf32cb6b5240766739a217b22cf41bbab5aeb327feb5109ed16a6ddd2009b475825c0dd02dbec6e612072ce7fd70ed9305446a8b45b7a9ff355b3cff9707fe8ba6b03c1d1269b59308a"], 0x1) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x21) wait4(0x0, 0x0, 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x10000, 0x0, 0x15}) syz_open_pts(r0, 0x0) getxattr(&(0x7f0000000240)='./file0\x00', &(0x7f0000000280)=@known='com.apple.system.Security\x00', &(0x7f00000002c0)=""/41, 0x29) accept$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @initdev}, &(0x7f00000001c0)=0x10) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0xf, &(0x7f00009abffc)=0x5, 0x4) r4 = socket(0xa, 0x2, 0x0) getsockopt$sock_cred(r4, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xa) fcntl$getownex(r4, 0x10, &(0x7f0000000500)) openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000540)='/dev/vga_arbiter\x00', 0x511441, 0x0) 22:11:26 executing program 3: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000040)=0x74, 0x4) bind$inet(r0, &(0x7f0000000180)={0x2, 0x4e23, @multicast1}, 0x10) sendto$inet(r0, 0x0, 0x0, 0x20000758, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) sendto$inet(r0, &(0x7f0000000200)='8', 0xfffffffffffffd84, 0xfffffffffffffffd, 0x0, 0xfffffffffffffd62) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0) r1 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r1, &(0x7f0000000100)={0x2, 0x0, @broadcast}, 0x10) setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, &(0x7f0000b86000)={0x1, &(0x7f00000000c0)=[{0x6}]}, 0x10) getsockopt$IPT_SO_GET_REVISION_TARGET(r1, 0x0, 0x43, &(0x7f0000000500)={'ah\x00'}, &(0x7f0000000540)=0x1e) sendto$inet(r1, 0x0, 0x0, 0x200007fd, 0x0, 0x0) setsockopt$inet_icmp_ICMP_FILTER(0xffffffffffffffff, 0x1, 0x1, &(0x7f0000000140)={0xff}, 0x4) recvmmsg(0xffffffffffffffff, &(0x7f0000008d40)=[{{&(0x7f0000000080)=@ipx, 0x80, &(0x7f0000000000)=[{&(0x7f0000000240)=""/254, 0xfe}], 0x1, &(0x7f0000000400)=""/169, 0xa9}, 0x8}, {{0x0, 0x0, &(0x7f0000000100)=[{&(0x7f00000004c0)=""/4096, 0x1000}], 0x1, &(0x7f00000014c0)=""/252, 0xfc}, 0x4}, {{&(0x7f00000015c0)=@pppol2tpin6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @mcast1}}}, 0x80, &(0x7f0000001a00)=[{&(0x7f0000000140)=""/44, 0x2c}, {&(0x7f0000001700)=""/240, 0xf0}, {&(0x7f0000001800)=""/239, 0xef}, {&(0x7f0000001900)=""/228, 0xe4}], 0x4, &(0x7f0000001a80)=""/218, 0xda}, 0x200}, {{&(0x7f0000001b80)=@ll={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @link_local}, 0x80, &(0x7f0000003f40)=[{&(0x7f0000001c00)=""/210, 0xd2}, {0x0}, {&(0x7f0000002d00)=""/122, 0x7a}, {&(0x7f0000002d80)=""/173, 0xad}, {&(0x7f0000002e40)=""/228, 0xe4}, {&(0x7f0000002f40)=""/4096, 0x1000}], 0x6, &(0x7f0000003fc0)=""/67, 0x43}, 0x80}, {{&(0x7f0000004040)=@tipc=@name, 0x80, &(0x7f0000000340)=[{&(0x7f00000001c0)=""/56, 0x38}, {&(0x7f00000040c0)=""/206, 0xce}], 0x2, &(0x7f00000041c0)=""/76, 0x4c}, 0x3}, {{&(0x7f0000004240)=@pptp={0x18, 0x2, {0x0, @multicast1}}, 0x80, &(0x7f00000044c0)=[{&(0x7f00000042c0)=""/95, 0x5f}, {&(0x7f0000004340)=""/73, 0x49}, {&(0x7f00000043c0)=""/101, 0x65}, {&(0x7f0000004440)=""/120, 0x78}], 0x4, &(0x7f0000004500)=""/221, 0xdd}, 0x200}, {{&(0x7f0000004600)=@can, 0x80, &(0x7f0000006c00)=[{&(0x7f0000004680)=""/23, 0x17}, {&(0x7f00000046c0)=""/220, 0xdc}, {&(0x7f00000047c0)=""/4096, 0x1000}, {&(0x7f00000057c0)=""/152, 0x98}, {&(0x7f0000005880)=""/77, 0x4d}, {&(0x7f0000005900)=""/201, 0xc9}, {&(0x7f0000005a00)=""/4096, 0x1000}, {&(0x7f0000006a00)=""/235, 0xeb}, {&(0x7f0000006b00)=""/248, 0xf8}], 0x9, &(0x7f0000006cc0)=""/208, 0xd0}, 0x643c5157}, {{0x0, 0x0, &(0x7f0000007140)=[{&(0x7f0000006e40)=""/160, 0xa0}, {&(0x7f0000006f00)=""/49, 0x31}], 0x2}, 0x8001}], 0x8, 0x2100, &(0x7f0000009000)) r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) write$binfmt_elf64(r0, &(0x7f0000000380)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x38}, [{}]}, 0x78) 22:11:26 executing program 0: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) socket(0x0, 0x0, 0x8) poll(0x0, 0x0, 0x8000000000000200) socketpair(0x10, 0x0, 0x0, 0x0) creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$TIOCLINUX4(0xffffffffffffffff, 0x541c, 0x0) r0 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r1, &(0x7f0000000300)=ANY=[], 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x21) wait4(0x0, 0x0, 0x0, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x40045431, 0x0) syz_open_pts(0xffffffffffffffff, 0x0) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000540)='/dev/vga_arbiter\x00', 0x511441, 0x0) 22:11:26 executing program 4: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x448, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x13102000ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket(0x5, 0xa, 0x8) poll(0x0, 0x0, 0x8000000000000200) socketpair(0x10, 0x0, 0xfe, &(0x7f0000000180)) fcntl$setown(0xffffffffffffffff, 0x8, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$TIOCLINUX4(0xffffffffffffffff, 0x541c, &(0x7f0000000040)) dup2(r0, 0xffffffffffffffff) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r2, &(0x7f0000000300)=ANY=[@ANYBLOB="2422cdb3dbc96a0d7dab17ee1da68e97a75c2d1a34e7ee02004c4ac61b6783adf4b78165e6c18fe6e6e9de0eb40ab9b6372acb8457a07f40768a79fdc462e6b4a93479179acce26e9a881ad88e9bda56bc45b955bd137eb6a10faae485df2055d290b5f5949c6c1ef54dacde51e41b3b831d091296afdcea0a3f90167c64236701a6a66a7585617a81295c82c330caf32cb6b5240766739a217b22cf41bbab5aeb327feb5109ed16a6ddd2009b475825c0dd02dbec6e612072ce7fd70ed9305446a8b45b7a9ff355b3cff9707fe8ba6b03c1d1269b59308a"], 0x1) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x21) wait4(0x0, 0x0, 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x10000, 0x0, 0x15}) syz_open_pts(r0, 0x0) stat(&(0x7f0000000140)='./file0\x00', 0x0) getxattr(&(0x7f0000000240)='./file0\x00', &(0x7f0000000280)=@known='com.apple.system.Security\x00', &(0x7f00000002c0)=""/41, 0x29) accept$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @initdev}, &(0x7f00000001c0)=0x10) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) bind$inet(0xffffffffffffffff, &(0x7f0000000080)={0x2, 0x4e22, @empty}, 0x10) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0xf, &(0x7f00009abffc)=0x5, 0x4) r3 = socket(0xa, 0x2, 0x0) getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xa) openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000540)='/dev/vga_arbiter\x00', 0x511441, 0x0) 22:11:26 executing program 5: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x448, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x13102000ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket(0x5, 0xa, 0x8) poll(0x0, 0x0, 0x8000000000000200) socketpair(0x10, 0x0, 0xfe, &(0x7f0000000180)) fcntl$setown(0xffffffffffffffff, 0x8, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$TIOCLINUX4(r1, 0x541c, &(0x7f0000000040)) dup2(r0, 0xffffffffffffffff) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = gettid() r3 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r3, &(0x7f0000000300)=ANY=[@ANYBLOB="2422cdb3dbc96a0d7dab17ee1da68e97a75c2d1a34e7ee02004c4ac61b6783adf4b78165e6c18fe6e6e9de0eb40ab9b6372acb8457a07f40768a79fdc462e6b4a93479179acce26e9a881ad88e9bda56bc45b955bd137eb6a10faae485df2055d290b5f5949c6c1ef54dacde51e41b3b831d091296afdcea0a3f90167c64236701a6a66a7585617a81295c82c330caf32cb6b5240766739a217b22cf41bbab5aeb327feb5109ed16a6ddd2009b475825c0dd02dbec6e612072ce7fd70ed9305446a8b45b7a9ff355b3cff9707fe8ba6b03c1d1269b59308a"], 0x1) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x21) wait4(0x0, 0x0, 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x10000, 0x0, 0x15}) syz_open_pts(r0, 0x0) getxattr(&(0x7f0000000240)='./file0\x00', &(0x7f0000000280)=@known='com.apple.system.Security\x00', &(0x7f00000002c0)=""/41, 0x29) accept$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @initdev}, &(0x7f00000001c0)=0x10) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0xf, &(0x7f00009abffc)=0x5, 0x4) r4 = socket(0xa, 0x2, 0x0) getsockopt$sock_cred(r4, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xa) fcntl$getownex(r4, 0x10, &(0x7f0000000500)) openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000540)='/dev/vga_arbiter\x00', 0x511441, 0x0) [ 1533.650330] Normal free:1518428kB min:5580kB low:9168kB high:12756kB active_anon:753024kB inactive_anon:160kB active_file:50820kB inactive_file:77336kB unevictable:4kB writepending:488kB present:4718592kB managed:3589316kB mlocked:4kB slab_reclaimable:35532kB slab_unreclaimable:403180kB kernel_stack:99968kB pagetables:314444kB bounce:0kB free_pcp:660kB local_pcp:308kB free_cma:0kB lowmem_reserve[]: 0 0 0 [ 1533.650381] DMA32: 12*4kB (UM) 12*8kB (UME) 7*16kB (UME) 5*32kB (UME) 4*64kB (UM) 6*128kB (UME) 7*256kB (UME) 6*512kB (UME) 4*1024kB (UME) 4*2048kB (UME) 731*4096kB (UM) = 3012768kB Normal: 643*4kB (ME) 412*8kB (ME) 131*16kB (ME) 16*32kB (UM) 12*64kB (UME) 3*128kB (ME) 2*256kB (E) 2*512kB (UM) 2*1024kB (UE) 1*2048kB (U) 367*4096kB (U) = 1518492kB 32093 total pagecache pages [ 1533.650429] 0 pages in swap cache [ 1533.650433] Swap cache stats: add 0, delete 0, find 0/0 [ 1533.650435] Free swap = 0kB [ 1533.650436] Total swap = 0kB [ 1533.650439] 1965979 pages RAM [ 1533.650440] 0 pages HighMem/MovableOnly [ 1533.650442] 313627 pages reserved [ 1533.650508] syz-executor.0: vmalloc: allocation failure: 0 bytes, mode:0x24000c2(GFP_KERNEL|__GFP_HIGHMEM) [ 1533.650516] CPU: 0 PID: 30355 Comm: syz-executor.0 Not tainted 4.9.194+ #0 [ 1533.650529] ffff8801385df968 ffffffff81b67001 1ffff100270bbf2f ffff880110502f80 [ 1533.650540] ffffffff82aab4e0 0000000000000001 0000000000400000 ffff8801385dfa90 22:11:26 executing program 4: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x448, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x13102000ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket(0x5, 0xa, 0x8) poll(0x0, 0x0, 0x8000000000000200) socketpair(0x10, 0x0, 0xfe, &(0x7f0000000180)) fcntl$setown(0xffffffffffffffff, 0x8, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$TIOCLINUX4(0xffffffffffffffff, 0x541c, &(0x7f0000000040)) dup2(r0, 0xffffffffffffffff) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r2, &(0x7f0000000300)=ANY=[@ANYBLOB="2422cdb3dbc96a0d7dab17ee1da68e97a75c2d1a34e7ee02004c4ac61b6783adf4b78165e6c18fe6e6e9de0eb40ab9b6372acb8457a07f40768a79fdc462e6b4a93479179acce26e9a881ad88e9bda56bc45b955bd137eb6a10faae485df2055d290b5f5949c6c1ef54dacde51e41b3b831d091296afdcea0a3f90167c64236701a6a66a7585617a81295c82c330caf32cb6b5240766739a217b22cf41bbab5aeb327feb5109ed16a6ddd2009b475825c0dd02dbec6e612072ce7fd70ed9305446a8b45b7a9ff355b3cff9707fe8ba6b03c1d1269b59308a"], 0x1) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x21) wait4(0x0, 0x0, 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x10000, 0x0, 0x15}) syz_open_pts(r0, 0x0) stat(&(0x7f0000000140)='./file0\x00', 0x0) getxattr(&(0x7f0000000240)='./file0\x00', &(0x7f0000000280)=@known='com.apple.system.Security\x00', &(0x7f00000002c0)=""/41, 0x29) accept$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @initdev}, &(0x7f00000001c0)=0x10) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) bind$inet(0xffffffffffffffff, &(0x7f0000000080)={0x2, 0x4e22, @empty}, 0x10) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0xf, &(0x7f00009abffc)=0x5, 0x4) r3 = socket(0xa, 0x2, 0x0) getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xa) openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000540)='/dev/vga_arbiter\x00', 0x511441, 0x0) [ 1533.650551] ffffffff815080fc 0000000041b58ab3 ffffffff82e3bc80 ffffffff81431d00 [ 1533.650552] Call Trace: [ 1533.650560] [<0000000011681f42>] dump_stack+0xc1/0x120 [ 1533.650570] [<000000007c2097d2>] warn_alloc.cold+0x76/0x93 [ 1533.650580] [<00000000de19d6ac>] ? zone_watermark_ok_safe+0x260/0x260 [ 1533.650586] [<00000000298d54b5>] ? avc_has_perm+0x164/0x3a0 [ 1533.650594] [<000000005cb91349>] __vmalloc_node_range+0x368/0x610 [ 1533.650602] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1533.650620] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1533.650630] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 22:11:27 executing program 3: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x448, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x13102000ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket(0x5, 0xa, 0x8) poll(0x0, 0x0, 0x8000000000000200) r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$TIOCLINUX4(r1, 0x541c, &(0x7f0000000040)) dup2(r0, 0xffffffffffffffff) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r3, &(0x7f0000000300)=ANY=[@ANYBLOB="2422cdb3dbc96a0d7dab17ee1da68e97a75c2d1a34e7ee02004c4ac61b6783adf4b78165e6c18fe6e6e9de0eb40ab9b6372acb8457a07f40768a79fdc462e6b4a93479179acce26e9a881ad88e9bda56bc45b955bd137eb6a10faae485df2055d290b5f5949c6c1ef54dacde51e41b3b831d091296afdcea0a3f90167c64236701a6a66a7585617a81295c82c330caf32cb6b5240766739a217b22cf41bbab5aeb327feb5109ed16a6ddd2009b475825c0dd02dbec6e612072ce7fd70ed9305446a8b45b7a9ff355b3cff9707fe8ba6b03c1d1269b59308a"], 0x1) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x21) wait4(0x0, 0x0, 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x10000, 0x0, 0x15}) syz_open_pts(r0, 0x0) getxattr(&(0x7f0000000240)='./file0\x00', &(0x7f0000000280)=@known='com.apple.system.Security\x00', &(0x7f00000002c0)=""/41, 0x29) accept$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @initdev}, &(0x7f00000001c0)=0x10) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0xf, &(0x7f00009abffc)=0x5, 0x4) r4 = socket(0xa, 0x2, 0x0) getsockopt$sock_cred(r4, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xa) fcntl$getownex(r4, 0x10, &(0x7f0000000500)) openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000540)='/dev/vga_arbiter\x00', 0x511441, 0x0) [ 1533.650638] [<00000000a2fc1867>] ? task_has_security+0x130/0x270 22:11:27 executing program 0: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) socket(0x0, 0x0, 0x8) poll(0x0, 0x0, 0x8000000000000200) socketpair(0x10, 0x0, 0x0, 0x0) creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$TIOCLINUX4(0xffffffffffffffff, 0x541c, 0x0) r0 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r1, &(0x7f0000000300)=ANY=[], 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x21) wait4(0x0, 0x0, 0x0, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x15}) syz_open_pts(0xffffffffffffffff, 0x0) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000540)='/dev/vga_arbiter\x00', 0x511441, 0x0) [ 1533.650644] [<00000000a2870fb6>] vmalloc+0x5c/0x70 [ 1533.650650] [<000000009122b07a>] ? sel_write_load+0x119/0xf60 [ 1533.650656] [<000000009122b07a>] sel_write_load+0x119/0xf60 [ 1533.650662] [<0000000014953e9a>] ? sel_read_bool+0x240/0x240 [ 1533.650670] [<0000000033795d1e>] ? trace_hardirqs_on+0x10/0x10 [ 1533.650676] [<000000008431afd9>] __vfs_write+0x116/0x560 [ 1533.650683] [<0000000014953e9a>] ? sel_read_bool+0x240/0x240 [ 1533.650689] [<00000000b67253ca>] ? __vfs_read+0x550/0x550 [ 1533.650697] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1533.650705] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1533.650713] [<00000000ad48bf15>] ? rcu_read_lock_sched_held+0x10b/0x130 [ 1533.650721] [<00000000a3300644>] ? rcu_sync_lockdep_assert+0x73/0xb0 [ 1533.650728] [<000000003542cfd2>] ? __sb_start_write+0x161/0x310 [ 1533.650735] [<000000006a657c39>] vfs_write+0x185/0x520 [ 1533.650741] [<00000000896b6640>] SyS_write+0x121/0x270 [ 1533.650748] [<0000000039622e10>] ? SyS_read+0x270/0x270 [ 1533.650754] [<00000000207ed57a>] ? do_syscall_64+0x4a/0x5c0 [ 1533.650761] [<0000000039622e10>] ? SyS_read+0x270/0x270 [ 1533.650768] [<000000009049c43c>] do_syscall_64+0x1ad/0x5c0 [ 1533.650777] [<00000000880b3aee>] entry_SYSCALL_64_after_swapgs+0x5d/0xdb [ 1533.650779] Mem-Info: [ 1533.650797] active_anon:188258 inactive_anon:40 isolated_anon:0 [ 1533.650797] active_file:12706 inactive_file:19334 isolated_file:0 [ 1533.650797] unevictable:1 dirty:122 writeback:0 unstable:0 [ 1533.650797] slab_reclaimable:8901 slab_unreclaimable:100795 [ 1533.650797] mapped:59393 shmem:56 pagetables:78611 bounce:0 [ 1533.650797] free:1132799 free_pcp:473 free_cma:0 [ 1533.650811] Node 0 active_anon:753032kB inactive_anon:160kB active_file:50824kB inactive_file:77336kB unevictable:4kB isolated(anon):0kB isolated(file):0kB mapped:237572kB dirty:488kB writeback:0kB shmem:224kB writeback_tmp:0kB unstable:0kB pages_scanned:0 all_unreclaimable? no [ 1533.650830] DMA32 free:3012768kB min:4696kB low:7712kB high:10728kB active_anon:8kB inactive_anon:0kB active_file:4kB inactive_file:0kB unevictable:0kB writepending:0kB present:3145324kB managed:3020092kB mlocked:0kB slab_reclaimable:72kB slab_unreclaimable:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:1232kB local_pcp:588kB free_cma:0kB lowmem_reserve[]: 0 3505 3505 [ 1533.650855] Normal free:1518428kB min:5580kB low:9168kB high:12756kB active_anon:753024kB inactive_anon:160kB active_file:50820kB inactive_file:77336kB unevictable:4kB writepending:488kB present:4718592kB managed:3589316kB mlocked:4kB slab_reclaimable:35532kB slab_unreclaimable:403180kB kernel_stack:99968kB pagetables:314444kB bounce:0kB free_pcp:660kB local_pcp:308kB free_cma:0kB ** 5 printk messages dropped ** [ 1533.650958] Swap cache stats: add 0, delete 0, find 0/0 [ 1533.650960] Free swap = 0kB [ 1533.650962] Total swap = 0kB [ 1533.650964] 1965979 pages RAM [ 1533.650965] 0 pages HighMem/MovableOnly [ 1533.650967] 313627 pages reserved [ 1533.880364] syz-executor.2: vmalloc: allocation failure: 0 bytes, mode:0x24000c2(GFP_KERNEL|__GFP_HIGHMEM) [ 1533.880388] CPU: 1 PID: 30364 Comm: syz-executor.2 Not tainted 4.9.194+ #0 [ 1533.880401] ffff88012fcdf968 ffffffff81b67001 1ffff10025f9bf2f ffff8801286adf00 [ 1533.880412] ffffffff82aab4e0 0000000000000001 0000000000400000 ffff88012fcdfa90 [ 1533.880424] ffffffff815080fc 0000000041b58ab3 ffffffff82e3bc80 ffffffff81431d00 [ 1533.880425] Call Trace: [ 1533.880439] [<0000000011681f42>] dump_stack+0xc1/0x120 [ 1533.880452] [<000000007c2097d2>] warn_alloc.cold+0x76/0x93 [ 1533.880462] [<00000000de19d6ac>] ? zone_watermark_ok_safe+0x260/0x260 [ 1533.880470] [<00000000298d54b5>] ? avc_has_perm+0x164/0x3a0 [ 1533.880478] [<00000000b9229046>] ? retint_kernel+0x2d/0x2d [ 1533.880487] [<00000000c0218928>] ? trace_hardirqs_on_caller+0x385/0x5a0 [ 1533.880495] [<000000005cb91349>] __vmalloc_node_range+0x368/0x610 [ 1533.880502] [<00000000b9229046>] ? retint_kernel+0x2d/0x2d [ 1533.880509] [<00000000a2870fb6>] vmalloc+0x5c/0x70 [ 1533.880516] [<000000009122b07a>] ? sel_write_load+0x119/0xf60 [ 1533.880523] [<000000009122b07a>] sel_write_load+0x119/0xf60 [ 1533.880530] [<0000000014953e9a>] ? sel_read_bool+0x240/0x240 [ 1533.880539] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1533.880546] [<00000000b9229046>] ? retint_kernel+0x2d/0x2d [ 1533.880553] [<0000000033795d1e>] ? trace_hardirqs_on+0x10/0x10 [ 1533.880560] [<000000008431afd9>] __vfs_write+0x116/0x560 [ 1533.880567] [<0000000014953e9a>] ? sel_read_bool+0x240/0x240 [ 1533.880574] [<00000000b67253ca>] ? __vfs_read+0x550/0x550 [ 1533.880582] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1533.880591] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1533.880599] [<00000000ad48bf15>] ? rcu_read_lock_sched_held+0x10b/0x130 [ 1533.880606] [<00000000a3300644>] ? rcu_sync_lockdep_assert+0x73/0xb0 [ 1533.880615] [<000000003542cfd2>] ? __sb_start_write+0x161/0x310 [ 1533.880621] [<000000006a657c39>] vfs_write+0x185/0x520 [ 1533.880629] [<00000000896b6640>] SyS_write+0x121/0x270 [ 1533.880636] [<0000000039622e10>] ? SyS_read+0x270/0x270 [ 1533.880644] [<00000000207ed57a>] ? do_syscall_64+0x4a/0x5c0 [ 1533.880651] [<0000000039622e10>] ? SyS_read+0x270/0x270 [ 1533.880658] [<000000009049c43c>] do_syscall_64+0x1ad/0x5c0 [ 1533.880667] [<00000000880b3aee>] entry_SYSCALL_64_after_swapgs+0x5d/0xdb [ 1533.880685] Mem-Info: [ 1533.880727] active_anon:188313 inactive_anon:40 isolated_anon:0 [ 1533.880727] active_file:12710 inactive_file:19334 isolated_file:0 [ 1533.880727] unevictable:1 dirty:127 writeback:0 unstable:0 [ 1533.880727] slab_reclaimable:8901 slab_unreclaimable:100772 [ 1533.880727] mapped:59368 shmem:56 pagetables:78731 bounce:0 [ 1533.880727] free:1132732 free_pcp:416 free_cma:0 22:11:28 executing program 1: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x13102000ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket(0x0, 0x0, 0x0) poll(0x0, 0x0, 0x8000000000000200) socketpair(0x10, 0x0, 0xfe, &(0x7f0000000180)) r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$TIOCLINUX4(r1, 0x541c, &(0x7f0000000040)) dup2(0xffffffffffffffff, 0xffffffffffffffff) r2 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r3, &(0x7f0000000300)=ANY=[], 0x0) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x21) wait4(0x0, 0x0, 0x0, 0x0) syz_open_pts(r0, 0x0) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0xf, 0x0, 0x0) 22:11:28 executing program 5: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x448, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x13102000ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket(0x5, 0xa, 0x8) poll(0x0, 0x0, 0x8000000000000200) socketpair(0x10, 0x0, 0xfe, &(0x7f0000000180)) fcntl$setown(0xffffffffffffffff, 0x8, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) creat(&(0x7f00000000c0)='./file0\x00', 0x0) dup2(r0, 0xffffffffffffffff) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r2, &(0x7f0000000300)=ANY=[@ANYBLOB="2422cdb3dbc96a0d7dab17ee1da68e97a75c2d1a34e7ee02004c4ac61b6783adf4b78165e6c18fe6e6e9de0eb40ab9b6372acb8457a07f40768a79fdc462e6b4a93479179acce26e9a881ad88e9bda56bc45b955bd137eb6a10faae485df2055d290b5f5949c6c1ef54dacde51e41b3b831d091296afdcea0a3f90167c64236701a6a66a7585617a81295c82c330caf32cb6b5240766739a217b22cf41bbab5aeb327feb5109ed16a6ddd2009b475825c0dd02dbec6e612072ce7fd70ed9305446a8b45b7a9ff355b3cff9707fe8ba6b03c1d1269b59308a"], 0x1) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x21) wait4(0x0, 0x0, 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x10000, 0x0, 0x15}) syz_open_pts(r0, 0x0) stat(&(0x7f0000000140)='./file0\x00', 0x0) getxattr(&(0x7f0000000240)='./file0\x00', &(0x7f0000000280)=@known='com.apple.system.Security\x00', &(0x7f00000002c0)=""/41, 0x29) accept$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @initdev}, &(0x7f00000001c0)=0x10) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) bind$inet(0xffffffffffffffff, &(0x7f0000000080)={0x2, 0x4e22, @empty}, 0x10) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0xf, &(0x7f00009abffc)=0x5, 0x4) r3 = socket(0xa, 0x2, 0x0) getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xa) openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000540)='/dev/vga_arbiter\x00', 0x511441, 0x0) 22:11:28 executing program 2: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x448, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x13102000ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket(0x5, 0xa, 0x8) poll(0x0, 0x0, 0x8000000000000200) socketpair(0x10, 0x0, 0xfe, &(0x7f0000000180)) fcntl$setown(0xffffffffffffffff, 0x8, 0x0) r0 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$TIOCLINUX4(r0, 0x541c, &(0x7f0000000040)) dup2(0xffffffffffffffff, 0xffffffffffffffff) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r2, &(0x7f0000000300)=ANY=[@ANYBLOB="2422cdb3dbc96a0d7dab17ee1da68e97a75c2d1a34e7ee02004c4ac61b6783adf4b78165e6c18fe6e6e9de0eb40ab9b6372acb8457a07f40768a79fdc462e6b4a93479179acce26e9a881ad88e9bda56bc45b955bd137eb6a10faae485df2055d290b5f5949c6c1ef54dacde51e41b3b831d091296afdcea0a3f90167c64236701a6a66a7585617a81295c82c330caf32cb6b5240766739a217b22cf41bbab5aeb327feb5109ed16a6ddd2009b475825c0dd02dbec6e612072ce7fd70ed9305446a8b45b7a9ff355b3cff9707fe8ba6b03c1d1269b59308a"], 0x1) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x21) wait4(0x0, 0x0, 0x0, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x10000, 0x0, 0x15}) syz_open_pts(0xffffffffffffffff, 0x0) getxattr(&(0x7f0000000240)='./file0\x00', &(0x7f0000000280)=@known='com.apple.system.Security\x00', &(0x7f00000002c0)=""/41, 0x29) accept$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @initdev}, &(0x7f00000001c0)=0x10) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0xf, &(0x7f00009abffc)=0x5, 0x4) r3 = socket(0xa, 0x2, 0x0) getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xa) fcntl$getownex(r3, 0x10, &(0x7f0000000500)) openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000540)='/dev/vga_arbiter\x00', 0x511441, 0x0) 22:11:28 executing program 3: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x448, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x13102000ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket(0x5, 0xa, 0x8) poll(0x0, 0x0, 0x8000000000000200) r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$TIOCLINUX4(r1, 0x541c, &(0x7f0000000040)) dup2(r0, 0xffffffffffffffff) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r3, &(0x7f0000000300)=ANY=[@ANYBLOB="2422cdb3dbc96a0d7dab17ee1da68e97a75c2d1a34e7ee02004c4ac61b6783adf4b78165e6c18fe6e6e9de0eb40ab9b6372acb8457a07f40768a79fdc462e6b4a93479179acce26e9a881ad88e9bda56bc45b955bd137eb6a10faae485df2055d290b5f5949c6c1ef54dacde51e41b3b831d091296afdcea0a3f90167c64236701a6a66a7585617a81295c82c330caf32cb6b5240766739a217b22cf41bbab5aeb327feb5109ed16a6ddd2009b475825c0dd02dbec6e612072ce7fd70ed9305446a8b45b7a9ff355b3cff9707fe8ba6b03c1d1269b59308a"], 0x1) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x21) wait4(0x0, 0x0, 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x10000, 0x0, 0x15}) syz_open_pts(r0, 0x0) getxattr(&(0x7f0000000240)='./file0\x00', &(0x7f0000000280)=@known='com.apple.system.Security\x00', &(0x7f00000002c0)=""/41, 0x29) accept$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @initdev}, &(0x7f00000001c0)=0x10) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0xf, &(0x7f00009abffc)=0x5, 0x4) r4 = socket(0xa, 0x2, 0x0) getsockopt$sock_cred(r4, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xa) fcntl$getownex(r4, 0x10, &(0x7f0000000500)) openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000540)='/dev/vga_arbiter\x00', 0x511441, 0x0) [ 1533.880763] Node 0 active_anon:753252kB inactive_anon:160kB active_file:50840kB inactive_file:77336kB unevictable:4kB isolated(anon):0kB isolated(file):0kB mapped:237472kB dirty:508kB writeback:0kB shmem:224kB writeback_tmp:0kB unstable:0kB pages_scanned:0 all_unreclaimable? no [ 1533.880796] DMA32 free:3012768kB min:4696kB low:7712kB high:10728kB active_anon:8kB inactive_anon:0kB active_file:4kB inactive_file:0kB unevictable:0kB writepending:0kB present:3145324kB managed:3020092kB mlocked:0kB slab_reclaimable:72kB slab_unreclaimable:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:1232kB local_pcp:644kB free_cma:0kB 22:11:28 executing program 0: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) socket(0x0, 0x0, 0x8) poll(0x0, 0x0, 0x8000000000000200) socketpair(0x10, 0x0, 0x0, 0x0) creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$TIOCLINUX4(0xffffffffffffffff, 0x541c, 0x0) r0 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r1, &(0x7f0000000300)=ANY=[], 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x21) wait4(0x0, 0x0, 0x0, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x15}) syz_open_pts(0xffffffffffffffff, 0x0) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000540)='/dev/vga_arbiter\x00', 0x511441, 0x0) lowmem_reserve[]: 0 3505 3505 [ 1533.880887] Normal free:1518160kB min:5580kB low:9168kB high:12756kB active_anon:753244kB inactive_anon:160kB active_file:50836kB inactive_file:77336kB unevictable:4kB writepending:508kB present:4718592kB managed:3589316kB mlocked:4kB slab_reclaimable:35532kB slab_unreclaimable:403088kB kernel_stack:100000kB pagetables:314924kB bounce:0kB free_pcp:432kB local_pcp:152kB free_cma:0kB lowmem_reserve[]: 0 0 0 [ 1533.881180] DMA32: 12*4kB (UM) 12*8kB (UME) 7*16kB (UME) 5*32kB (UME) 4*64kB (UM) 6*128kB (UME) 7*256kB (UME) 6*512kB (UME) 4*1024kB (UME) 4*2048kB (UME) 731*4096kB (UM) = 3012768kB Normal: 550*4kB (ME) 413*8kB (UME) 131*16kB (ME) 15*32kB (M) 12*64kB (UME) 3*128kB (ME) 2*256kB (E) 2*512kB (UM) 2*1024kB (UE) 1*2048kB (U) 367*4096kB (U) = 1518096kB 32097 total pagecache pages [ 1533.881461] 0 pages in swap cache [ 1533.881480] Swap cache stats: add 0, delete 0, find 0/0 [ 1533.881493] Free swap = 0kB [ 1533.881495] Total swap = 0kB [ 1533.881521] 1965979 pages RAM [ 1533.881533] 0 pages HighMem/MovableOnly [ 1533.881539] 313627 pages reserved [ 1534.439635] syz-executor.1: vmalloc: allocation failure: 0 bytes, mode:0x24000c2(GFP_KERNEL|__GFP_HIGHMEM) [ 1534.439646] CPU: 0 PID: 30372 Comm: syz-executor.1 Not tainted 4.9.194+ #0 [ 1534.439664] ffff880122007968 ffffffff81b67001 1ffff10024400f2f ffff880126b00000 [ 1534.439677] ffffffff82aab4e0 0000000000000001 0000000000400000 ffff880122007a90 [ 1534.439690] ffffffff815080fc 0000000041b58ab3 ffffffff82e3bc80 ffffffff81431d00 [ 1534.439692] Call Trace: [ 1534.439711] [<0000000011681f42>] dump_stack+0xc1/0x120 [ 1534.439724] [<000000007c2097d2>] warn_alloc.cold+0x76/0x93 [ 1534.439735] [<00000000de19d6ac>] ? zone_watermark_ok_safe+0x260/0x260 [ 1534.439744] [<00000000298d54b5>] ? avc_has_perm+0x164/0x3a0 [ 1534.439759] [<000000005cb91349>] __vmalloc_node_range+0x368/0x610 22:11:28 executing program 5: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x448, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x13102000ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket(0x5, 0xa, 0x8) poll(0x0, 0x0, 0x8000000000000200) socketpair(0x10, 0x0, 0xfe, &(0x7f0000000180)) fcntl$setown(0xffffffffffffffff, 0x8, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) creat(&(0x7f00000000c0)='./file0\x00', 0x0) dup2(r0, 0xffffffffffffffff) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r2, &(0x7f0000000300)=ANY=[@ANYBLOB="2422cdb3dbc96a0d7dab17ee1da68e97a75c2d1a34e7ee02004c4ac61b6783adf4b78165e6c18fe6e6e9de0eb40ab9b6372acb8457a07f40768a79fdc462e6b4a93479179acce26e9a881ad88e9bda56bc45b955bd137eb6a10faae485df2055d290b5f5949c6c1ef54dacde51e41b3b831d091296afdcea0a3f90167c64236701a6a66a7585617a81295c82c330caf32cb6b5240766739a217b22cf41bbab5aeb327feb5109ed16a6ddd2009b475825c0dd02dbec6e612072ce7fd70ed9305446a8b45b7a9ff355b3cff9707fe8ba6b03c1d1269b59308a"], 0x1) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x21) wait4(0x0, 0x0, 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x10000, 0x0, 0x15}) syz_open_pts(r0, 0x0) stat(&(0x7f0000000140)='./file0\x00', 0x0) getxattr(&(0x7f0000000240)='./file0\x00', &(0x7f0000000280)=@known='com.apple.system.Security\x00', &(0x7f00000002c0)=""/41, 0x29) accept$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @initdev}, &(0x7f00000001c0)=0x10) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) bind$inet(0xffffffffffffffff, &(0x7f0000000080)={0x2, 0x4e22, @empty}, 0x10) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0xf, &(0x7f00009abffc)=0x5, 0x4) r3 = socket(0xa, 0x2, 0x0) getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xa) openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000540)='/dev/vga_arbiter\x00', 0x511441, 0x0) [ 1534.439770] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1534.439784] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1534.439792] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1534.439802] [<00000000a2fc1867>] ? task_has_security+0x130/0x270 [ 1534.439809] [<00000000a2870fb6>] vmalloc+0x5c/0x70 [ 1534.439815] [<000000009122b07a>] ? sel_write_load+0x119/0xf60 [ 1534.439822] [<000000009122b07a>] sel_write_load+0x119/0xf60 [ 1534.439829] [<0000000014953e9a>] ? sel_read_bool+0x240/0x240 [ 1534.439839] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1534.439852] [<00000000b9229046>] ? retint_kernel+0x2d/0x2d [ 1534.439861] [<000000007028393f>] ? mark_held_locks+0xb1/0x100 [ 1534.439868] [<00000000b9229046>] ? retint_kernel+0x2d/0x2d [ 1534.439876] [<000000008431afd9>] __vfs_write+0x116/0x560 [ 1534.439886] [<00000000442ab0de>] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 1534.439893] [<0000000014953e9a>] ? sel_read_bool+0x240/0x240 [ 1534.439899] [<00000000b67253ca>] ? __vfs_read+0x550/0x550 [ 1534.439908] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1534.439915] [<00000000b9229046>] ? retint_kernel+0x2d/0x2d [ 1534.439924] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1534.439932] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1534.439942] [<00000000ad48bf15>] ? rcu_read_lock_sched_held+0x10b/0x130 22:11:29 executing program 2: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x13102000ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket(0x0, 0x0, 0x0) poll(0x0, 0x0, 0x8000000000000200) socketpair(0x10, 0x0, 0xfe, &(0x7f0000000180)) r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$TIOCLINUX4(r1, 0x541c, &(0x7f0000000040)) dup2(0xffffffffffffffff, 0xffffffffffffffff) r2 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r3, &(0x7f0000000300)=ANY=[], 0x0) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x21) wait4(0x0, 0x0, 0x0, 0x0) syz_open_pts(r0, 0x0) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0xf, 0x0, 0x0) [ 1534.439949] [<00000000a3300644>] ? rcu_sync_lockdep_assert+0x73/0xb0 [ 1534.439957] [<000000003542cfd2>] ? __sb_start_write+0x161/0x310 [ 1534.439964] [<000000006a657c39>] vfs_write+0x185/0x520 [ 1534.439972] [<00000000896b6640>] SyS_write+0x121/0x270 [ 1534.439979] [<0000000039622e10>] ? SyS_read+0x270/0x270 [ 1534.439986] [<00000000207ed57a>] ? do_syscall_64+0x4a/0x5c0 [ 1534.439993] [<0000000039622e10>] ? SyS_read+0x270/0x270 [ 1534.440000] [<000000009049c43c>] do_syscall_64+0x1ad/0x5c0 [ 1534.440009] [<00000000880b3aee>] entry_SYSCALL_64_after_swapgs+0x5d/0xdb [ 1534.440012] Mem-Info: [ 1534.440031] active_anon:188388 inactive_anon:40 isolated_anon:0 [ 1534.440031] active_file:12710 inactive_file:19334 isolated_file:0 [ 1534.440031] unevictable:1 dirty:127 writeback:0 unstable:0 [ 1534.440031] slab_reclaimable:8901 slab_unreclaimable:100841 [ 1534.440031] mapped:59393 shmem:56 pagetables:78768 bounce:0 [ 1534.440031] free:1132332 free_pcp:556 free_cma:0 [ 1534.440045] Node 0 active_anon:753552kB inactive_anon:160kB active_file:50840kB inactive_file:77336kB unevictable:4kB isolated(anon):0kB isolated(file):0kB mapped:237572kB dirty:508kB writeback:0kB shmem:224kB writeback_tmp:0kB unstable:0kB pages_scanned:0 all_unreclaimable? no [ 1534.440064] DMA32 free:3012768kB min:4696kB low:7712kB high:10728kB active_anon:8kB inactive_anon:0kB active_file:4kB inactive_file:0kB unevictable:0kB writepending:0kB present:3145324kB managed:3020092kB mlocked:0kB slab_reclaimable:72kB slab_unreclaimable:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:1232kB local_pcp:588kB free_cma:0kB lowmem_reserve[]: 0 3505 3505 22:11:29 executing program 1: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x13102000ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket(0x0, 0x0, 0x0) poll(0x0, 0x0, 0x8000000000000200) socketpair(0x10, 0x0, 0xfe, &(0x7f0000000180)) r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$TIOCLINUX4(r1, 0x541c, &(0x7f0000000040)) dup2(0xffffffffffffffff, 0xffffffffffffffff) r2 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r3, &(0x7f0000000300)=ANY=[], 0x0) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x21) wait4(0x0, 0x0, 0x0, 0x0) syz_open_pts(r0, 0x0) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0xf, 0x0, 0x0) 22:11:29 executing program 0: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) socket(0x0, 0x0, 0x8) poll(0x0, 0x0, 0x8000000000000200) socketpair(0x10, 0x0, 0x0, 0x0) creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$TIOCLINUX4(0xffffffffffffffff, 0x541c, 0x0) r0 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r1, &(0x7f0000000300)=ANY=[], 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x21) wait4(0x0, 0x0, 0x0, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x15}) syz_open_pts(0xffffffffffffffff, 0x0) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000540)='/dev/vga_arbiter\x00', 0x511441, 0x0) [ 1534.440092] Normal free:1516560kB min:5580kB low:9168kB high:12756kB active_anon:753544kB inactive_anon:160kB active_file:50836kB inactive_file:77336kB unevictable:4kB writepending:508kB present:4718592kB managed:3589316kB mlocked:4kB slab_reclaimable:35532kB slab_unreclaimable:403364kB kernel_stack:100096kB pagetables:315072kB bounce:0kB free_pcp:992kB local_pcp:288kB free_cma:0kB ** 53 printk messages dropped ** [ 1535.586792] lowmem_reserve[]: 0 0 0 [ 1535.586859] DMA32: 12*4kB (UM) 12*8kB (UME) 7*16kB (UME) 5*32kB (UME) 4*64kB (UM) 6*128kB (UME) 7*256kB (UME) 6*512kB (UME) 4*1024kB (UME) 4*2048kB (UME) 731*4096kB (UM) = 3012768kB Normal: 344*4kB (ME) 413*8kB (UME) 132*16kB (UME) 17*32kB (UME) 10*64kB (M) 3*128kB (ME) 2*256kB (E) 1*512kB (M) 1*1024kB (E) 1*2048kB (U) 367*4096kB (U) = 1515688kB 32103 total pagecache pages [ 1535.586925] 0 pages in swap cache [ 1535.586930] Swap cache stats: add 0, delete 0, find 0/0 [ 1535.586932] Free swap = 0kB [ 1535.586934] Total swap = 0kB [ 1535.586937] 1965979 pages RAM [ 1535.586939] 0 pages HighMem/MovableOnly [ 1535.586941] 313627 pages reserved [ 1536.420874] syz-executor.1: vmalloc: allocation failure: 0 bytes, mode:0x24000c2(GFP_KERNEL|__GFP_HIGHMEM) [ 1536.420896] CPU: 1 PID: 30453 Comm: syz-executor.1 Not tainted 4.9.194+ #0 ** 37 printk messages dropped ** [ 1536.421390] lowmem_reserve[]: 0 3505 3505 ** 3 printk messages dropped ** [ 1536.422071] Normal: 220*4kB (ME) 414*8kB (UME) 131*16kB (ME) 16*32kB (ME) 11*64kB (UM) 3*128kB (ME) 3*256kB (UE) 1*512kB (M) 2*1024kB (UE) 0*2048kB 367*4096kB (U) = 1514448kB 32106 total pagecache pages [ 1536.422094] 0 pages in swap cache [ 1536.422113] Swap cache stats: add 0, delete 0, find 0/0 [ 1536.422125] Free swap = 0kB [ 1536.422131] Total swap = 0kB [ 1536.422151] 1965979 pages RAM [ 1536.422164] 0 pages HighMem/MovableOnly [ 1536.422166] 313627 pages reserved [ 1536.470711] syz-executor.0: vmalloc: allocation failure: 0 bytes, mode:0x24000c2(GFP_KERNEL|__GFP_HIGHMEM) [ 1536.470721] CPU: 1 PID: 30452 Comm: syz-executor.0 Not tainted 4.9.194+ #0 [ 1536.470736] ffff88012b6e7968 ffffffff81b67001 1ffff100256dcf2f ffff880137f6af80 [ 1536.470746] ffffffff82aab4e0 0000000000000001 0000000000400000 ffff88012b6e7a90 [ 1536.470757] ffffffff815080fc 0000000041b58ab3 ffffffff82e3bc80 ffffffff81431d00 [ 1536.470759] Call Trace: [ 1536.470776] [<0000000011681f42>] dump_stack+0xc1/0x120 [ 1536.470790] [<000000007c2097d2>] warn_alloc.cold+0x76/0x93 [ 1536.470799] [<00000000de19d6ac>] ? zone_watermark_ok_safe+0x260/0x260 [ 1536.470808] [<00000000298d54b5>] ? avc_has_perm+0x164/0x3a0 [ 1536.470818] [<000000005cb91349>] __vmalloc_node_range+0x368/0x610 [ 1536.470827] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1536.470835] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1536.470844] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1536.470854] [<00000000a2fc1867>] ? task_has_security+0x130/0x270 [ 1536.470861] [<00000000a2870fb6>] vmalloc+0x5c/0x70 [ 1536.470867] [<000000009122b07a>] ? sel_write_load+0x119/0xf60 [ 1536.470874] [<000000009122b07a>] sel_write_load+0x119/0xf60 [ 1536.470881] [<0000000014953e9a>] ? sel_read_bool+0x240/0x240 [ 1536.470890] [<0000000033795d1e>] ? trace_hardirqs_on+0x10/0x10 [ 1536.470898] [<000000008431afd9>] __vfs_write+0x116/0x560 [ 1536.470905] [<0000000014953e9a>] ? sel_read_bool+0x240/0x240 [ 1536.470912] [<00000000b67253ca>] ? __vfs_read+0x550/0x550 [ 1536.470921] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1536.470929] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1536.470938] [<00000000ad48bf15>] ? rcu_read_lock_sched_held+0x10b/0x130 [ 1536.470945] [<00000000a3300644>] ? rcu_sync_lockdep_assert+0x73/0xb0 [ 1536.470953] [<000000003542cfd2>] ? __sb_start_write+0x161/0x310 [ 1536.470960] [<000000006a657c39>] vfs_write+0x185/0x520 [ 1536.470968] [<00000000896b6640>] SyS_write+0x121/0x270 [ 1536.470974] [<0000000039622e10>] ? SyS_read+0x270/0x270 [ 1536.470982] [<00000000207ed57a>] ? do_syscall_64+0x4a/0x5c0 [ 1536.470989] [<0000000039622e10>] ? SyS_read+0x270/0x270 [ 1536.470995] [<000000009049c43c>] do_syscall_64+0x1ad/0x5c0 22:11:30 executing program 4: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x448, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x13102000ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket(0x5, 0xa, 0x8) poll(0x0, 0x0, 0x8000000000000200) socketpair(0x10, 0x0, 0xfe, &(0x7f0000000180)) fcntl$setown(0xffffffffffffffff, 0x8, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$TIOCLINUX4(r1, 0x541c, &(0x7f0000000040)) dup2(r0, 0xffffffffffffffff) r2 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r3, &(0x7f0000000300)=ANY=[@ANYBLOB="2422cdb3dbc96a0d7dab17ee1da68e97a75c2d1a34e7ee02004c4ac61b6783adf4b78165e6c18fe6e6e9de0eb40ab9b6372acb8457a07f40768a79fdc462e6b4a93479179acce26e9a881ad88e9bda56bc45b955bd137eb6a10faae485df2055d290b5f5949c6c1ef54dacde51e41b3b831d091296afdcea0a3f90167c64236701a6a66a7585617a81295c82c330caf32cb6b5240766739a217b22cf41bbab5aeb327feb5109ed16a6ddd2009b475825c0dd02dbec6e612072ce7fd70ed9305446a8b45b7a9ff355b3cff9707fe8ba6b03c1d1269b59308a"], 0x1) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x21) wait4(0x0, 0x0, 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x10000, 0x0, 0x15}) syz_open_pts(r0, 0x0) stat(&(0x7f0000000140)='./file0\x00', 0x0) getxattr(&(0x7f0000000240)='./file0\x00', &(0x7f0000000280)=@known='com.apple.system.Security\x00', &(0x7f00000002c0)=""/41, 0x29) accept$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @initdev}, &(0x7f00000001c0)=0x10) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) bind$inet(0xffffffffffffffff, &(0x7f0000000080)={0x2, 0x4e22, @empty}, 0x10) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0xf, &(0x7f00009abffc)=0x5, 0x4) r4 = socket(0xa, 0x2, 0x0) getsockopt$sock_cred(r4, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xa) openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000540)='/dev/vga_arbiter\x00', 0x511441, 0x0) 22:11:30 executing program 2: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x13102000ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket(0x0, 0x0, 0x0) poll(0x0, 0x0, 0x8000000000000200) socketpair(0x10, 0x0, 0xfe, &(0x7f0000000180)) r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$TIOCLINUX4(r1, 0x541c, &(0x7f0000000040)) dup2(0xffffffffffffffff, 0xffffffffffffffff) r2 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r3, &(0x7f0000000300)=ANY=[], 0x0) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x21) wait4(0x0, 0x0, 0x0, 0x0) syz_open_pts(r0, 0x0) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0xf, 0x0, 0x0) 22:11:30 executing program 3: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x448, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x13102000ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket(0x5, 0xa, 0x8) poll(0x0, 0x0, 0x8000000000000200) r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$TIOCLINUX4(r1, 0x541c, &(0x7f0000000040)) dup2(r0, 0xffffffffffffffff) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r3, &(0x7f0000000300)=ANY=[@ANYBLOB="2422cdb3dbc96a0d7dab17ee1da68e97a75c2d1a34e7ee02004c4ac61b6783adf4b78165e6c18fe6e6e9de0eb40ab9b6372acb8457a07f40768a79fdc462e6b4a93479179acce26e9a881ad88e9bda56bc45b955bd137eb6a10faae485df2055d290b5f5949c6c1ef54dacde51e41b3b831d091296afdcea0a3f90167c64236701a6a66a7585617a81295c82c330caf32cb6b5240766739a217b22cf41bbab5aeb327feb5109ed16a6ddd2009b475825c0dd02dbec6e612072ce7fd70ed9305446a8b45b7a9ff355b3cff9707fe8ba6b03c1d1269b59308a"], 0x1) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x21) wait4(0x0, 0x0, 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x10000, 0x0, 0x15}) syz_open_pts(r0, 0x0) getxattr(&(0x7f0000000240)='./file0\x00', &(0x7f0000000280)=@known='com.apple.system.Security\x00', &(0x7f00000002c0)=""/41, 0x29) accept$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @initdev}, &(0x7f00000001c0)=0x10) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0xf, &(0x7f00009abffc)=0x5, 0x4) r4 = socket(0xa, 0x2, 0x0) getsockopt$sock_cred(r4, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xa) fcntl$getownex(r4, 0x10, &(0x7f0000000500)) openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000540)='/dev/vga_arbiter\x00', 0x511441, 0x0) [ 1536.471005] [<00000000880b3aee>] entry_SYSCALL_64_after_swapgs+0x5d/0xdb [ 1536.471009] Mem-Info: [ 1536.471030] active_anon:188612 inactive_anon:40 isolated_anon:0 [ 1536.471030] active_file:12718 inactive_file:19334 isolated_file:0 [ 1536.471030] unevictable:1 dirty:139 writeback:0 unstable:0 [ 1536.471030] slab_reclaimable:8909 slab_unreclaimable:100885 [ 1536.471030] mapped:59393 shmem:56 pagetables:78988 bounce:0 [ 1536.471030] free:1131877 free_pcp:464 free_cma:0 [ 1536.471047] Node 0 active_anon:754448kB inactive_anon:160kB active_file:50872kB inactive_file:77336kB unevictable:4kB isolated(anon):0kB isolated(file):0kB mapped:237572kB dirty:556kB writeback:0kB shmem:224kB writeback_tmp:0kB unstable:0kB pages_scanned:0 all_unreclaimable? no [ 1536.471066] DMA32 free:3012768kB min:4696kB low:7712kB high:10728kB active_anon:8kB inactive_anon:0kB active_file:4kB inactive_file:0kB unevictable:0kB writepending:0kB present:3145324kB managed:3020092kB mlocked:0kB slab_reclaimable:72kB slab_unreclaimable:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:1232kB local_pcp:644kB free_cma:0kB 22:11:30 executing program 2: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x13102000ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket(0x0, 0x0, 0x0) poll(0x0, 0x0, 0x8000000000000200) socketpair(0x10, 0x0, 0xfe, &(0x7f0000000180)) r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$TIOCLINUX4(r1, 0x541c, &(0x7f0000000040)) dup2(0xffffffffffffffff, 0xffffffffffffffff) r2 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r3, &(0x7f0000000300)=ANY=[], 0x0) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x21) wait4(0x0, 0x0, 0x0, 0x0) syz_open_pts(r0, 0x0) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0xf, 0x0, 0x0) 22:11:30 executing program 0: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) socket(0x0, 0x0, 0x8) poll(0x0, 0x0, 0x8000000000000200) socketpair(0x10, 0x0, 0x0, 0x0) creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$TIOCLINUX4(0xffffffffffffffff, 0x541c, 0x0) r0 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r1, &(0x7f0000000300)=ANY=[], 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x21) wait4(0x0, 0x0, 0x0, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x10000}) syz_open_pts(0xffffffffffffffff, 0x0) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000540)='/dev/vga_arbiter\x00', 0x511441, 0x0) ** 5 printk messages dropped ** [ 1536.471208] 32106 total pagecache pages [ 1536.471213] 0 pages in swap cache [ 1536.471217] Swap cache stats: add 0, delete 0, find 0/0 [ 1536.471220] Free swap = 0kB 22:11:30 executing program 4: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x448, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x13102000ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket(0x5, 0xa, 0x8) poll(0x0, 0x0, 0x8000000000000200) socketpair(0x10, 0x0, 0xfe, &(0x7f0000000180)) fcntl$setown(0xffffffffffffffff, 0x8, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$TIOCLINUX4(r1, 0x541c, &(0x7f0000000040)) dup2(r0, 0xffffffffffffffff) r2 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r3, &(0x7f0000000300)=ANY=[@ANYBLOB="2422cdb3dbc96a0d7dab17ee1da68e97a75c2d1a34e7ee02004c4ac61b6783adf4b78165e6c18fe6e6e9de0eb40ab9b6372acb8457a07f40768a79fdc462e6b4a93479179acce26e9a881ad88e9bda56bc45b955bd137eb6a10faae485df2055d290b5f5949c6c1ef54dacde51e41b3b831d091296afdcea0a3f90167c64236701a6a66a7585617a81295c82c330caf32cb6b5240766739a217b22cf41bbab5aeb327feb5109ed16a6ddd2009b475825c0dd02dbec6e612072ce7fd70ed9305446a8b45b7a9ff355b3cff9707fe8ba6b03c1d1269b59308a"], 0x1) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x21) wait4(0x0, 0x0, 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x10000, 0x0, 0x15}) syz_open_pts(r0, 0x0) stat(&(0x7f0000000140)='./file0\x00', 0x0) getxattr(&(0x7f0000000240)='./file0\x00', &(0x7f0000000280)=@known='com.apple.system.Security\x00', &(0x7f00000002c0)=""/41, 0x29) accept$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @initdev}, &(0x7f00000001c0)=0x10) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) bind$inet(0xffffffffffffffff, &(0x7f0000000080)={0x2, 0x4e22, @empty}, 0x10) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0xf, &(0x7f00009abffc)=0x5, 0x4) r4 = socket(0xa, 0x2, 0x0) getsockopt$sock_cred(r4, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xa) openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000540)='/dev/vga_arbiter\x00', 0x511441, 0x0) [ 1536.471222] Total swap = 0kB [ 1536.471224] 1965979 pages RAM [ 1536.471226] 0 pages HighMem/MovableOnly [ 1536.471229] 313627 pages reserved [ 1537.140646] syz-executor.1: vmalloc: allocation failure: 0 bytes, mode:0x24000c2(GFP_KERNEL|__GFP_HIGHMEM) [ 1537.140687] CPU: 0 PID: 30491 Comm: syz-executor.1 Not tainted 4.9.194+ #0 [ 1537.140707] ffff88013bf37968 ffffffff81b67001 1ffff100277e6f2f ffff88012c0f4740 [ 1537.140721] ffffffff82aab4e0 0000000000000001 0000000000400000 ffff88013bf37a90 [ 1537.140730] ffffffff815080fc 0000000041b58ab3 ffffffff82e3bc80 ffffffff81431d00 22:11:30 executing program 2: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x448, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x13102000ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket(0x5, 0xa, 0x8) poll(0x0, 0x0, 0x8000000000000200) socketpair(0x10, 0x0, 0xfe, &(0x7f0000000180)) fcntl$setown(0xffffffffffffffff, 0x8, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$TIOCLINUX4(0xffffffffffffffff, 0x541c, &(0x7f0000000040)) dup2(r0, 0xffffffffffffffff) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r2, &(0x7f0000000300)=ANY=[@ANYBLOB="2422cdb3dbc96a0d7dab17ee1da68e97a75c2d1a34e7ee02004c4ac61b6783adf4b78165e6c18fe6e6e9de0eb40ab9b6372acb8457a07f40768a79fdc462e6b4a93479179acce26e9a881ad88e9bda56bc45b955bd137eb6a10faae485df2055d290b5f5949c6c1ef54dacde51e41b3b831d091296afdcea0a3f90167c64236701a6a66a7585617a81295c82c330caf32cb6b5240766739a217b22cf41bbab5aeb327feb5109ed16a6ddd2009b475825c0dd02dbec6e612072ce7fd70ed9305446a8b45b7a9ff355b3cff9707fe8ba6b03c1d1269b59308a"], 0x1) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x21) wait4(0x0, 0x0, 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x10000, 0x0, 0x15}) syz_open_pts(r0, 0x0) getxattr(&(0x7f0000000240)='./file0\x00', &(0x7f0000000280)=@known='com.apple.system.Security\x00', &(0x7f00000002c0)=""/41, 0x29) accept$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @initdev}, &(0x7f00000001c0)=0x10) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0xf, &(0x7f00009abffc)=0x5, 0x4) r3 = socket(0xa, 0x2, 0x0) getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xa) fcntl$getownex(r3, 0x10, &(0x7f0000000500)) openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000540)='/dev/vga_arbiter\x00', 0x511441, 0x0) 22:11:30 executing program 3: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x448, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x13102000ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket(0x5, 0xa, 0x8) poll(0x0, 0x0, 0x8000000000000200) socketpair(0x10, 0x0, 0xfe, &(0x7f0000000180)) fcntl$setown(0xffffffffffffffff, 0x8, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$TIOCLINUX4(r1, 0x541c, &(0x7f0000000040)) dup2(r0, 0xffffffffffffffff) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r3, &(0x7f0000000300)=ANY=[@ANYBLOB="2422cdb3dbc96a0d7dab17ee1da68e97a75c2d1a34e7ee02004c4ac61b6783adf4b78165e6c18fe6e6e9de0eb40ab9b6372acb8457a07f40768a79fdc462e6b4a93479179acce26e9a881ad88e9bda56bc45b955bd137eb6a10faae485df2055d290b5f5949c6c1ef54dacde51e41b3b831d091296afdcea0a3f90167c64236701a6a66a7585617a81295c82c330caf32cb6b5240766739a217b22cf41bbab5aeb327feb5109ed16a6ddd2009b475825c0dd02dbec6e612072ce7fd70ed9305446a8b45b7a9ff355b3cff9707fe8ba6b03c1d1269b59308a"], 0x1) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x21) wait4(0x0, 0x0, 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x10000, 0x0, 0x15}) getxattr(&(0x7f0000000240)='./file0\x00', &(0x7f0000000280)=@known='com.apple.system.Security\x00', &(0x7f00000002c0)=""/41, 0x29) accept$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @initdev}, &(0x7f00000001c0)=0x10) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0xf, &(0x7f00009abffc)=0x5, 0x4) r4 = socket(0xa, 0x2, 0x0) getsockopt$sock_cred(r4, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xa) fcntl$getownex(r4, 0x10, &(0x7f0000000500)) openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000540)='/dev/vga_arbiter\x00', 0x511441, 0x0) ** 39 printk messages dropped ** [ 1537.141392] lowmem_reserve[]: 0 0 0 ** 51 printk messages dropped ** [ 1537.747913] lowmem_reserve[]: 0 0 0 [ 1537.747961] DMA32: 12*4kB (UM) 12*8kB (UME) 7*16kB (UME) 5*32kB (UME) 4*64kB (UM) 6*128kB (UME) 7*256kB (UME) 6*512kB (UME) 4*1024kB (UME) 4*2048kB (UME) 731*4096kB (UM) = 3012768kB Normal: 90*4kB (UME) 414*8kB (UME) 132*16kB (UME) 21*32kB (UM) 11*64kB (UM) 3*128kB (ME) 3*256kB (UE) 1*512kB (M) 1*1024kB (E) 0*2048kB 367*4096kB (U) = 1513080kB 32112 total pagecache pages [ 1537.748012] 0 pages in swap cache [ 1537.748017] Swap cache stats: add 0, delete 0, find 0/0 [ 1537.748019] Free swap = 0kB [ 1537.748021] Total swap = 0kB [ 1537.748024] 1965979 pages RAM [ 1537.748025] 0 pages HighMem/MovableOnly [ 1537.748028] 313627 pages reserved [ 1537.845303] syz-executor.1: vmalloc: allocation failure: 0 bytes, mode:0x24000c2(GFP_KERNEL|__GFP_HIGHMEM) [ 1537.845324] CPU: 1 PID: 30532 Comm: syz-executor.1 Not tainted 4.9.194+ #0 [ 1537.845338] ffff88013923f968 ffffffff81b67001 1ffff10027247f2f ffff8801319f97c0 [ 1537.845349] ffffffff82aab4e0 0000000000000001 0000000000400000 ffff88013923fa90 [ 1537.845358] ffffffff815080fc 0000000041b58ab3 ffffffff82e3bc80 ffffffff81431d00 [ 1537.845360] Call Trace: [ 1537.845375] [<0000000011681f42>] dump_stack+0xc1/0x120 [ 1537.845389] [<000000007c2097d2>] warn_alloc.cold+0x76/0x93 [ 1537.845398] [<00000000de19d6ac>] ? zone_watermark_ok_safe+0x260/0x260 [ 1537.845406] [<00000000298d54b5>] ? avc_has_perm+0x164/0x3a0 [ 1537.845421] [<00000000238a9ee9>] ? preempt_schedule+0x26/0x30 [ 1537.845430] [<000000005cb91349>] __vmalloc_node_range+0x368/0x610 [ 1537.845439] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1537.845449] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1537.845458] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1537.845467] [<00000000a2fc1867>] ? task_has_security+0x130/0x270 [ 1537.845474] [<00000000a2870fb6>] vmalloc+0x5c/0x70 [ 1537.845480] [<000000009122b07a>] ? sel_write_load+0x119/0xf60 [ 1537.845487] [<000000009122b07a>] sel_write_load+0x119/0xf60 [ 1537.845494] [<0000000014953e9a>] ? sel_read_bool+0x240/0x240 [ 1537.845503] [<0000000033795d1e>] ? trace_hardirqs_on+0x10/0x10 [ 1537.845510] [<000000008431afd9>] __vfs_write+0x116/0x560 [ 1537.845517] [<0000000014953e9a>] ? sel_read_bool+0x240/0x240 [ 1537.845523] [<00000000b67253ca>] ? __vfs_read+0x550/0x550 [ 1537.845532] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1537.845540] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1537.845549] [<00000000ad48bf15>] ? rcu_read_lock_sched_held+0x10b/0x130 [ 1537.845556] [<00000000a3300644>] ? rcu_sync_lockdep_assert+0x73/0xb0 [ 1537.845564] [<000000003542cfd2>] ? __sb_start_write+0x161/0x310 [ 1537.845571] [<000000006a657c39>] vfs_write+0x185/0x520 [ 1537.845578] [<00000000896b6640>] SyS_write+0x121/0x270 [ 1537.845585] [<0000000039622e10>] ? SyS_read+0x270/0x270 [ 1537.845593] [<00000000207ed57a>] ? do_syscall_64+0x4a/0x5c0 [ 1537.845600] [<0000000039622e10>] ? SyS_read+0x270/0x270 [ 1537.845607] [<000000009049c43c>] do_syscall_64+0x1ad/0x5c0 [ 1537.845616] [<00000000880b3aee>] entry_SYSCALL_64_after_swapgs+0x5d/0xdb [ 1537.847234] Mem-Info: [ 1537.847313] active_anon:188759 inactive_anon:40 isolated_anon:0 [ 1537.847313] active_file:12725 inactive_file:19334 isolated_file:0 [ 1537.847313] unevictable:1 dirty:156 writeback:0 unstable:0 [ 1537.847313] slab_reclaimable:8921 slab_unreclaimable:100922 [ 1537.847313] mapped:59368 shmem:56 pagetables:79139 bounce:0 [ 1537.847313] free:1131353 free_pcp:439 free_cma:0 [ 1537.847342] Node 0 active_anon:755036kB inactive_anon:160kB active_file:50900kB inactive_file:77336kB unevictable:4kB isolated(anon):0kB isolated(file):0kB mapped:237472kB dirty:624kB writeback:0kB shmem:224kB writeback_tmp:0kB unstable:0kB pages_scanned:0 all_unreclaimable? no [ 1537.847399] DMA32 free:3012768kB min:4696kB low:7712kB high:10728kB active_anon:8kB inactive_anon:0kB active_file:4kB inactive_file:0kB unevictable:0kB writepending:0kB present:3145324kB managed:3020092kB mlocked:0kB slab_reclaimable:72kB slab_unreclaimable:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:1232kB local_pcp:644kB free_cma:0kB lowmem_reserve[]: 0 3505 3505 [ 1537.847489] Normal free:1512644kB min:5580kB low:9168kB high:12756kB active_anon:755028kB inactive_anon:160kB active_file:50896kB inactive_file:77336kB unevictable:4kB writepending:624kB present:4718592kB managed:3589316kB mlocked:4kB slab_reclaimable:35612kB slab_unreclaimable:403688kB kernel_stack:100576kB pagetables:316556kB bounce:0kB free_pcp:524kB local_pcp:240kB free_cma:0kB lowmem_reserve[]: 0 0 0 [ 1537.847882] DMA32: 12*4kB (UM) 12*8kB (UME) 7*16kB (UME) 5*32kB (UME) 4*64kB (UM) 6*128kB (UME) 7*256kB (UME) 6*512kB (UME) 4*1024kB (UME) 4*2048kB (UME) 731*4096kB (UM) = 3012768kB Normal: 37*4kB (UME) 412*8kB (ME) 131*16kB (UME) 15*32kB (M) 11*64kB (UM) 4*128kB (UME) 2*256kB (E) 1*512kB (M) 1*1024kB (E) 0*2048kB 367*4096kB (U) = 1512516kB 32112 total pagecache pages [ 1537.848206] 0 pages in swap cache [ 1537.848216] Swap cache stats: add 0, delete 0, find 0/0 [ 1537.848232] Free swap = 0kB [ 1537.855709] Total swap = 0kB [ 1537.855766] 1965979 pages RAM [ 1537.855779] 0 pages HighMem/MovableOnly [ 1537.855785] 313627 pages reserved [ 1539.165474] syz-executor.4: vmalloc: allocation failure: 0 bytes, mode:0x24000c2(GFP_KERNEL|__GFP_HIGHMEM) [ 1539.165486] CPU: 1 PID: 30576 Comm: syz-executor.4 Not tainted 4.9.194+ #0 [ 1539.165506] ffff88013c11f968 ffffffff81b67001 1ffff10027823f2f ffff88013c110000 [ 1539.165519] ffffffff82aab4e0 0000000000000001 0000000000400000 ffff88013c11fa90 [ 1539.165531] ffffffff815080fc 0000000041b58ab3 ffffffff82e3bc80 ffffffff81431d00 [ 1539.165532] Call Trace: [ 1539.165551] [<0000000011681f42>] dump_stack+0xc1/0x120 [ 1539.165566] [<000000007c2097d2>] warn_alloc.cold+0x76/0x93 [ 1539.165574] [<00000000de19d6ac>] ? zone_watermark_ok_safe+0x260/0x260 [ 1539.165582] [<00000000298d54b5>] ? avc_has_perm+0x164/0x3a0 [ 1539.165592] [<000000005cb91349>] __vmalloc_node_range+0x368/0x610 [ 1539.165601] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1539.165609] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1539.165618] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1539.165627] [<00000000a2fc1867>] ? task_has_security+0x130/0x270 [ 1539.165633] [<00000000a2870fb6>] vmalloc+0x5c/0x70 [ 1539.165640] [<000000009122b07a>] ? sel_write_load+0x119/0xf60 [ 1539.165646] [<000000009122b07a>] sel_write_load+0x119/0xf60 [ 1539.165653] [<0000000014953e9a>] ? sel_read_bool+0x240/0x240 [ 1539.165662] [<0000000033795d1e>] ? trace_hardirqs_on+0x10/0x10 [ 1539.165670] [<000000008431afd9>] __vfs_write+0x116/0x560 [ 1539.165676] [<0000000014953e9a>] ? sel_read_bool+0x240/0x240 [ 1539.165683] [<00000000b67253ca>] ? __vfs_read+0x550/0x550 [ 1539.165692] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1539.165700] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1539.165709] [<00000000ad48bf15>] ? rcu_read_lock_sched_held+0x10b/0x130 [ 1539.165716] [<00000000a3300644>] ? rcu_sync_lockdep_assert+0x73/0xb0 [ 1539.165724] [<000000003542cfd2>] ? __sb_start_write+0x161/0x310 [ 1539.165731] [<000000006a657c39>] vfs_write+0x185/0x520 [ 1539.165738] [<00000000896b6640>] SyS_write+0x121/0x270 [ 1539.165744] [<0000000039622e10>] ? SyS_read+0x270/0x270 [ 1539.165752] [<00000000207ed57a>] ? do_syscall_64+0x4a/0x5c0 [ 1539.165760] [<0000000039622e10>] ? SyS_read+0x270/0x270 [ 1539.165766] [<000000009049c43c>] do_syscall_64+0x1ad/0x5c0 [ 1539.165776] [<00000000880b3aee>] entry_SYSCALL_64_after_swapgs+0x5d/0xdb [ 1539.165780] Mem-Info: [ 1539.165804] active_anon:189015 inactive_anon:40 isolated_anon:0 [ 1539.165804] active_file:12731 inactive_file:19334 isolated_file:0 [ 1539.165804] unevictable:1 dirty:163 writeback:0 unstable:0 [ 1539.165804] slab_reclaimable:8921 slab_unreclaimable:100936 [ 1539.165804] mapped:59368 shmem:56 pagetables:79307 bounce:0 [ 1539.165804] free:1130817 free_pcp:472 free_cma:0 [ 1539.165821] Node 0 active_anon:756060kB inactive_anon:160kB active_file:50924kB inactive_file:77336kB unevictable:4kB isolated(anon):0kB isolated(file):0kB mapped:237472kB dirty:652kB writeback:0kB shmem:224kB writeback_tmp:0kB unstable:0kB pages_scanned:0 all_unreclaimable? no [ 1539.165839] DMA32 free:3012768kB min:4696kB low:7712kB high:10728kB active_anon:8kB inactive_anon:0kB active_file:4kB inactive_file:0kB unevictable:0kB writepending:0kB present:3145324kB managed:3020092kB mlocked:0kB slab_reclaimable:72kB slab_unreclaimable:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:1232kB local_pcp:644kB free_cma:0kB lowmem_reserve[]: 0 3505 3505 [ 1539.165866] Normal free:1510500kB min:5580kB low:9168kB high:12756kB active_anon:756052kB inactive_anon:160kB active_file:50920kB inactive_file:77336kB unevictable:4kB writepending:652kB present:4718592kB managed:3589316kB mlocked:4kB slab_reclaimable:35612kB slab_unreclaimable:403744kB kernel_stack:100704kB pagetables:317228kB bounce:0kB free_pcp:656kB local_pcp:380kB free_cma:0kB lowmem_reserve[]: 0 0 0 [ 1539.165921] DMA32: 12*4kB (UM) 12*8kB (UME) 7*16kB (UME) 5*32kB (UME) 4*64kB (UM) 6*128kB (UME) 7*256kB (UME) 6*512kB (UME) 4*1024kB (UME) 4*2048kB (UME) 731*4096kB (UM) = 3012768kB 22:11:32 executing program 5: r0 = socket$unix(0x1, 0x1, 0x0) r1 = socket$unix(0x1, 0x1, 0x0) bind$unix(r1, &(0x7f0000003000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0xc) listen(r1, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) r3 = socket$netlink(0x10, 0x3, 0x0) r4 = dup2(r3, r2) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) connect$unix(r0, &(0x7f000066fff4)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0xc) accept4$unix(r1, &(0x7f000046f000)=@abs, &(0x7f0000937000)=0x8, 0x0) 22:11:32 executing program 4: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x448, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x13102000ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket(0x5, 0xa, 0x8) poll(0x0, 0x0, 0x8000000000000200) socketpair(0x10, 0x0, 0xfe, &(0x7f0000000180)) fcntl$setown(0xffffffffffffffff, 0x8, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$TIOCLINUX4(r1, 0x541c, &(0x7f0000000040)) dup2(r0, 0xffffffffffffffff) r2 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r3, &(0x7f0000000300)=ANY=[@ANYBLOB="2422cdb3dbc96a0d7dab17ee1da68e97a75c2d1a34e7ee02004c4ac61b6783adf4b78165e6c18fe6e6e9de0eb40ab9b6372acb8457a07f40768a79fdc462e6b4a93479179acce26e9a881ad88e9bda56bc45b955bd137eb6a10faae485df2055d290b5f5949c6c1ef54dacde51e41b3b831d091296afdcea0a3f90167c64236701a6a66a7585617a81295c82c330caf32cb6b5240766739a217b22cf41bbab5aeb327feb5109ed16a6ddd2009b475825c0dd02dbec6e612072ce7fd70ed9305446a8b45b7a9ff355b3cff9707fe8ba6b03c1d1269b59308a"], 0x1) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x21) wait4(0x0, 0x0, 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x10000, 0x0, 0x15}) syz_open_pts(r0, 0x0) stat(&(0x7f0000000140)='./file0\x00', 0x0) getxattr(&(0x7f0000000240)='./file0\x00', &(0x7f0000000280)=@known='com.apple.system.Security\x00', &(0x7f00000002c0)=""/41, 0x29) accept$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @initdev}, &(0x7f00000001c0)=0x10) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) bind$inet(0xffffffffffffffff, &(0x7f0000000080)={0x2, 0x4e22, @empty}, 0x10) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0xf, &(0x7f00009abffc)=0x5, 0x4) r4 = socket(0xa, 0x2, 0x0) getsockopt$sock_cred(r4, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xa) openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000540)='/dev/vga_arbiter\x00', 0x511441, 0x0) Normal: 3*4kB (E) 321*8kB (UME) 131*16kB (UME) 27*32kB (UM) 12*64kB (UM) 3*128kB (ME) 3*256kB (UE) 2*512kB (UM) 1*1024kB (E) 1*2048kB (U) 366*4096kB (U) = 1510692kB 32118 total pagecache pages [ 1539.165974] 0 pages in swap cache [ 1539.165978] Swap cache stats: add 0, delete 0, find 0/0 [ 1539.165981] Free swap = 0kB [ 1539.165983] Total swap = 0kB [ 1539.165985] 1965979 pages RAM [ 1539.165987] 0 pages HighMem/MovableOnly [ 1539.165989] 313627 pages reserved [ 1539.167843] syz-executor.0: vmalloc: allocation failure: 0 bytes, mode:0x24000c2(GFP_KERNEL|__GFP_HIGHMEM) [ 1539.167853] CPU: 1 PID: 30584 Comm: syz-executor.0 Not tainted 4.9.194+ #0 [ 1539.167871] ffff88013c06f968 ffffffff81b67001 1ffff1002780df2f ffff88012f9dc740 [ 1539.167884] ffffffff82aab4e0 0000000000000001 0000000000400000 ffff88013c06fa90 [ 1539.167896] ffffffff815080fc 0000000041b58ab3 ffffffff82e3bc80 ffffffff81431d00 [ 1539.167898] Call Trace: [ 1539.167912] [<0000000011681f42>] dump_stack+0xc1/0x120 [ 1539.167926] [<000000007c2097d2>] warn_alloc.cold+0x76/0x93 [ 1539.167934] [<00000000de19d6ac>] ? zone_watermark_ok_safe+0x260/0x260 [ 1539.167942] [<00000000298d54b5>] ? avc_has_perm+0x164/0x3a0 [ 1539.167952] [<000000005cb91349>] __vmalloc_node_range+0x368/0x610 [ 1539.167961] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1539.167969] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1539.167977] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1539.167986] [<00000000a2fc1867>] ? task_has_security+0x130/0x270 [ 1539.167993] [<00000000a2870fb6>] vmalloc+0x5c/0x70 [ 1539.168000] [<000000009122b07a>] ? sel_write_load+0x119/0xf60 [ 1539.168006] [<000000009122b07a>] sel_write_load+0x119/0xf60 [ 1539.168014] [<0000000014953e9a>] ? sel_read_bool+0x240/0x240 [ 1539.168023] [<0000000033795d1e>] ? trace_hardirqs_on+0x10/0x10 [ 1539.168038] [<000000008431afd9>] __vfs_write+0x116/0x560 [ 1539.168047] [<0000000014953e9a>] ? sel_read_bool+0x240/0x240 [ 1539.168055] [<00000000b67253ca>] ? __vfs_read+0x550/0x550 [ 1539.168067] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1539.168079] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1539.168088] [<00000000ad48bf15>] ? rcu_read_lock_sched_held+0x10b/0x130 [ 1539.168096] [<00000000a3300644>] ? rcu_sync_lockdep_assert+0x73/0xb0 [ 1539.168104] [<000000003542cfd2>] ? __sb_start_write+0x161/0x310 [ 1539.168111] [<000000006a657c39>] vfs_write+0x185/0x520 [ 1539.168123] [<00000000896b6640>] SyS_write+0x121/0x270 [ 1539.168130] [<0000000039622e10>] ? SyS_read+0x270/0x270 [ 1539.168138] [<00000000207ed57a>] ? do_syscall_64+0x4a/0x5c0 [ 1539.168145] [<0000000039622e10>] ? SyS_read+0x270/0x270 [ 1539.168151] [<000000009049c43c>] do_syscall_64+0x1ad/0x5c0 [ 1539.168161] [<00000000880b3aee>] entry_SYSCALL_64_after_swapgs+0x5d/0xdb [ 1539.168164] Mem-Info: [ 1539.168186] active_anon:189015 inactive_anon:40 isolated_anon:0 [ 1539.168186] active_file:12731 inactive_file:19334 isolated_file:0 [ 1539.168186] unevictable:1 dirty:163 writeback:0 unstable:0 [ 1539.168186] slab_reclaimable:8921 slab_unreclaimable:100936 [ 1539.168186] mapped:59368 shmem:56 pagetables:79307 bounce:0 [ 1539.168186] free:1130849 free_pcp:472 free_cma:0 [ 1539.168200] Node 0 active_anon:756060kB inactive_anon:160kB active_file:50924kB inactive_file:77336kB unevictable:4kB isolated(anon):0kB isolated(file):0kB mapped:237472kB dirty:652kB writeback:0kB shmem:224kB writeback_tmp:0kB unstable:0kB pages_scanned:0 all_unreclaimable? no [ 1539.168218] DMA32 free:3012768kB min:4696kB low:7712kB high:10728kB active_anon:8kB inactive_anon:0kB active_file:4kB inactive_file:0kB unevictable:0kB writepending:0kB present:3145324kB managed:3020092kB mlocked:0kB slab_reclaimable:72kB slab_unreclaimable:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:1232kB local_pcp:644kB free_cma:0kB lowmem_reserve[]: 0 3505 3505 [ 1539.168245] Normal free:1510628kB min:5580kB low:9168kB high:12756kB active_anon:756052kB inactive_anon:160kB active_file:50920kB inactive_file:77336kB unevictable:4kB writepending:652kB present:4718592kB managed:3589316kB mlocked:4kB slab_reclaimable:35612kB slab_unreclaimable:403744kB kernel_stack:100672kB pagetables:317228kB bounce:0kB free_pcp:656kB local_pcp:380kB free_cma:0kB lowmem_reserve[]: 0 0 0 [ 1539.168301] DMA32: 12*4kB (UM) 12*8kB (UME) 7*16kB (UME) 5*32kB (UME) 4*64kB (UM) 6*128kB (UME) 7*256kB (UME) 6*512kB (UME) 4*1024kB (UME) 4*2048kB (UME) 731*4096kB (UM) = 3012768kB Normal: 3*4kB (E) 321*8kB (UME) 131*16kB (UME) 28*32kB (UM) 12*64kB (UM) 3*128kB (ME) 3*256kB (UE) 2*512kB (UM) 1*1024kB (E) 1*2048kB (U) 366*4096kB (U) = 1510724kB 32118 total pagecache pages [ 1539.168354] 0 pages in swap cache 22:11:32 executing program 1: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x13102000ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket(0x0, 0x0, 0x0) poll(0x0, 0x0, 0x8000000000000200) socketpair(0x10, 0x0, 0xfe, &(0x7f0000000180)) r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$TIOCLINUX4(r1, 0x541c, &(0x7f0000000040)) dup2(0xffffffffffffffff, 0xffffffffffffffff) r2 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r3, &(0x7f0000000300)=ANY=[], 0x0) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x21) wait4(0x0, 0x0, 0x0, 0x0) syz_open_pts(r0, 0x0) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0xf, &(0x7f00009abffc), 0x4) 22:11:32 executing program 0: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) socket(0x0, 0x0, 0x8) poll(0x0, 0x0, 0x8000000000000200) socketpair(0x10, 0x0, 0x0, 0x0) creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$TIOCLINUX4(0xffffffffffffffff, 0x541c, 0x0) r0 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r1, &(0x7f0000000300)=ANY=[], 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x21) wait4(0x0, 0x0, 0x0, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x10000}) syz_open_pts(0xffffffffffffffff, 0x0) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000540)='/dev/vga_arbiter\x00', 0x511441, 0x0) 22:11:32 executing program 2: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x448, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x13102000ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket(0x5, 0xa, 0x8) poll(0x0, 0x0, 0x8000000000000200) socketpair(0x10, 0x0, 0xfe, &(0x7f0000000180)) fcntl$setown(0xffffffffffffffff, 0x8, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$TIOCLINUX4(0xffffffffffffffff, 0x541c, &(0x7f0000000040)) dup2(r0, 0xffffffffffffffff) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r2, &(0x7f0000000300)=ANY=[@ANYBLOB="2422cdb3dbc96a0d7dab17ee1da68e97a75c2d1a34e7ee02004c4ac61b6783adf4b78165e6c18fe6e6e9de0eb40ab9b6372acb8457a07f40768a79fdc462e6b4a93479179acce26e9a881ad88e9bda56bc45b955bd137eb6a10faae485df2055d290b5f5949c6c1ef54dacde51e41b3b831d091296afdcea0a3f90167c64236701a6a66a7585617a81295c82c330caf32cb6b5240766739a217b22cf41bbab5aeb327feb5109ed16a6ddd2009b475825c0dd02dbec6e612072ce7fd70ed9305446a8b45b7a9ff355b3cff9707fe8ba6b03c1d1269b59308a"], 0x1) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x21) wait4(0x0, 0x0, 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x10000, 0x0, 0x15}) syz_open_pts(r0, 0x0) getxattr(&(0x7f0000000240)='./file0\x00', &(0x7f0000000280)=@known='com.apple.system.Security\x00', &(0x7f00000002c0)=""/41, 0x29) accept$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @initdev}, &(0x7f00000001c0)=0x10) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0xf, &(0x7f00009abffc)=0x5, 0x4) r3 = socket(0xa, 0x2, 0x0) getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xa) fcntl$getownex(r3, 0x10, &(0x7f0000000500)) openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000540)='/dev/vga_arbiter\x00', 0x511441, 0x0) 22:11:32 executing program 3: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x448, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x13102000ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket(0x5, 0xa, 0x8) poll(0x0, 0x0, 0x8000000000000200) socketpair(0x10, 0x0, 0xfe, &(0x7f0000000180)) fcntl$setown(0xffffffffffffffff, 0x8, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$TIOCLINUX4(r1, 0x541c, &(0x7f0000000040)) dup2(r0, 0xffffffffffffffff) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r3, &(0x7f0000000300)=ANY=[@ANYBLOB="2422cdb3dbc96a0d7dab17ee1da68e97a75c2d1a34e7ee02004c4ac61b6783adf4b78165e6c18fe6e6e9de0eb40ab9b6372acb8457a07f40768a79fdc462e6b4a93479179acce26e9a881ad88e9bda56bc45b955bd137eb6a10faae485df2055d290b5f5949c6c1ef54dacde51e41b3b831d091296afdcea0a3f90167c64236701a6a66a7585617a81295c82c330caf32cb6b5240766739a217b22cf41bbab5aeb327feb5109ed16a6ddd2009b475825c0dd02dbec6e612072ce7fd70ed9305446a8b45b7a9ff355b3cff9707fe8ba6b03c1d1269b59308a"], 0x1) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x21) wait4(0x0, 0x0, 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x10000, 0x0, 0x15}) getxattr(&(0x7f0000000240)='./file0\x00', &(0x7f0000000280)=@known='com.apple.system.Security\x00', &(0x7f00000002c0)=""/41, 0x29) accept$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @initdev}, &(0x7f00000001c0)=0x10) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0xf, &(0x7f00009abffc)=0x5, 0x4) r4 = socket(0xa, 0x2, 0x0) getsockopt$sock_cred(r4, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xa) fcntl$getownex(r4, 0x10, &(0x7f0000000500)) openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000540)='/dev/vga_arbiter\x00', 0x511441, 0x0) 22:11:32 executing program 5: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x448, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x13102000ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket(0x5, 0xa, 0x8) poll(0x0, 0x0, 0x8000000000000200) socketpair(0x10, 0x0, 0xfe, &(0x7f0000000180)) fcntl$setown(0xffffffffffffffff, 0x8, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$TIOCLINUX4(r1, 0x541c, &(0x7f0000000040)) dup2(r0, 0xffffffffffffffff) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r3, &(0x7f0000000300)=ANY=[@ANYBLOB="2422cdb3dbc96a0d7dab17ee1da68e97a75c2d1a34e7ee02004c4ac61b6783adf4b78165e6c18fe6e6e9de0eb40ab9b6372acb8457a07f40768a79fdc462e6b4a93479179acce26e9a881ad88e9bda56bc45b955bd137eb6a10faae485df2055d290b5f5949c6c1ef54dacde51e41b3b831d091296afdcea0a3f90167c64236701a6a66a7585617a81295c82c330caf32cb6b5240766739a217b22cf41bbab5aeb327feb5109ed16a6ddd2009b475825c0dd02dbec6e612072ce7fd70ed9305446a8b45b7a9ff355b3cff9707fe8ba6b03c1d1269b59308a"], 0x1) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x21) wait4(0x0, 0x0, 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x10000, 0x0, 0x15}) syz_open_pts(r0, 0x0) accept$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @initdev}, &(0x7f00000001c0)=0x10) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0xf, &(0x7f00009abffc)=0x5, 0x4) r4 = socket(0xa, 0x2, 0x0) getsockopt$sock_cred(r4, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xa) fcntl$getownex(r4, 0x10, &(0x7f0000000500)) openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000540)='/dev/vga_arbiter\x00', 0x511441, 0x0) 22:11:32 executing program 4: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x448, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x13102000ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket(0x5, 0xa, 0x8) poll(0x0, 0x0, 0x8000000000000200) socketpair(0x10, 0x0, 0xfe, &(0x7f0000000180)) fcntl$setown(0xffffffffffffffff, 0x8, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$TIOCLINUX4(r1, 0x541c, &(0x7f0000000040)) dup2(r0, 0xffffffffffffffff) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) write$selinux_load(0xffffffffffffffff, &(0x7f0000000300)=ANY=[@ANYBLOB="2422cdb3dbc96a0d7dab17ee1da68e97a75c2d1a34e7ee02004c4ac61b6783adf4b78165e6c18fe6e6e9de0eb40ab9b6372acb8457a07f40768a79fdc462e6b4a93479179acce26e9a881ad88e9bda56bc45b955bd137eb6a10faae485df2055d290b5f5949c6c1ef54dacde51e41b3b831d091296afdcea0a3f90167c64236701a6a66a7585617a81295c82c330caf32cb6b5240766739a217b22cf41bbab5aeb327feb5109ed16a6ddd2009b475825c0dd02dbec6e612072ce7fd70ed9305446a8b45b7a9ff355b3cff9707fe8ba6b03c1d1269b59308a"], 0x1) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x21) wait4(0x0, 0x0, 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x10000, 0x0, 0x15}) syz_open_pts(r0, 0x0) stat(&(0x7f0000000140)='./file0\x00', 0x0) getxattr(&(0x7f0000000240)='./file0\x00', &(0x7f0000000280)=@known='com.apple.system.Security\x00', &(0x7f00000002c0)=""/41, 0x29) accept$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @initdev}, &(0x7f00000001c0)=0x10) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) bind$inet(0xffffffffffffffff, &(0x7f0000000080)={0x2, 0x4e22, @empty}, 0x10) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0xf, &(0x7f00009abffc)=0x5, 0x4) r3 = socket(0xa, 0x2, 0x0) getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xa) openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000540)='/dev/vga_arbiter\x00', 0x511441, 0x0) [ 1539.168358] Swap cache stats: add 0, delete 0, find 0/0 [ 1539.168360] Free swap = 0kB [ 1539.168362] Total swap = 0kB [ 1539.168364] 1965979 pages RAM [ 1539.168366] 0 pages HighMem/MovableOnly [ 1539.168368] 313627 pages reserved [ 1539.168706] syz-executor.1: vmalloc: allocation failure: 0 bytes, mode:0x24000c2(GFP_KERNEL|__GFP_HIGHMEM) [ 1539.168728] CPU: 1 PID: 30588 Comm: syz-executor.1 Not tainted 4.9.194+ #0 [ 1539.168743] ffff88012b6ef968 ffffffff81b67001 1ffff100256ddf2f ffff880127cddf00 [ 1539.168755] ffffffff82aab4e0 0000000000000001 0000000000400000 ffff88012b6efa90 22:11:32 executing program 4: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x448, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x13102000ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket(0x5, 0xa, 0x8) poll(0x0, 0x0, 0x8000000000000200) socketpair(0x10, 0x0, 0xfe, &(0x7f0000000180)) fcntl$setown(0xffffffffffffffff, 0x8, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$TIOCLINUX4(r1, 0x541c, &(0x7f0000000040)) dup2(r0, 0xffffffffffffffff) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r3, &(0x7f0000000300)=ANY=[@ANYBLOB="2422cdb3dbc96a0d7dab17ee1da68e97a75c2d1a34e7ee02004c4ac61b6783adf4b78165e6c18fe6e6e9de0eb40ab9b6372acb8457a07f40768a79fdc462e6b4a93479179acce26e9a881ad88e9bda56bc45b955bd137eb6a10faae485df2055d290b5f5949c6c1ef54dacde51e41b3b831d091296afdcea0a3f90167c64236701a6a66a7585617a81295c82c330caf32cb6b5240766739a217b22cf41bbab5aeb327feb5109ed16a6ddd2009b475825c0dd02dbec6e612072ce7fd70ed9305446a8b45b7a9ff355b3cff9707fe8ba6b03c1d1269b59308a"], 0x1) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x21) wait4(0x0, 0x0, 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x10000, 0x0, 0x15}) syz_open_pts(r0, 0x0) accept$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @initdev}, &(0x7f00000001c0)=0x10) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0xf, &(0x7f00009abffc)=0x5, 0x4) r4 = socket(0xa, 0x2, 0x0) getsockopt$sock_cred(r4, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xa) fcntl$getownex(r4, 0x10, &(0x7f0000000500)) openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000540)='/dev/vga_arbiter\x00', 0x511441, 0x0) [ 1539.168768] ffffffff815080fc 0000000041b58ab3 ffffffff82e3bc80 ffffffff81431d00 [ 1539.168770] Call Trace: [ 1539.168781] [<0000000011681f42>] dump_stack+0xc1/0x120 [ 1539.168791] [<000000007c2097d2>] warn_alloc.cold+0x76/0x93 [ 1539.168800] [<00000000de19d6ac>] ? zone_watermark_ok_safe+0x260/0x260 [ 1539.168808] [<00000000298d54b5>] ? avc_has_perm+0x164/0x3a0 [ 1539.168817] [<000000005cb91349>] __vmalloc_node_range+0x368/0x610 [ 1539.168826] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1539.168835] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1539.168843] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1539.168852] [<00000000a2fc1867>] ? task_has_security+0x130/0x270 [ 1539.168859] [<00000000a2870fb6>] vmalloc+0x5c/0x70 [ 1539.168866] [<000000009122b07a>] ? sel_write_load+0x119/0xf60 [ 1539.168872] [<000000009122b07a>] sel_write_load+0x119/0xf60 [ 1539.168880] [<0000000014953e9a>] ? sel_read_bool+0x240/0x240 [ 1539.168887] [<00000000b9229046>] ? retint_kernel+0x2d/0x2d [ 1539.168896] [<000000007028393f>] ? mark_held_locks+0xb1/0x100 [ 1539.168903] [<000000008431afd9>] __vfs_write+0x116/0x560 [ 1539.168909] [<0000000014953e9a>] ? sel_read_bool+0x240/0x240 [ 1539.168916] [<00000000b67253ca>] ? __vfs_read+0x550/0x550 [ 1539.168925] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1539.168932] [<00000000b9229046>] ? retint_kernel+0x2d/0x2d [ 1539.168941] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1539.168949] [<0000000072e3fb80>] ? __sb_start_write+0x21c/0x310 22:11:33 executing program 2: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x448, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x13102000ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket(0x5, 0xa, 0x8) poll(0x0, 0x0, 0x8000000000000200) socketpair(0x10, 0x0, 0xfe, &(0x7f0000000180)) fcntl$setown(0xffffffffffffffff, 0x8, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$TIOCLINUX4(0xffffffffffffffff, 0x541c, &(0x7f0000000040)) dup2(r0, 0xffffffffffffffff) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r2, &(0x7f0000000300)=ANY=[@ANYBLOB="2422cdb3dbc96a0d7dab17ee1da68e97a75c2d1a34e7ee02004c4ac61b6783adf4b78165e6c18fe6e6e9de0eb40ab9b6372acb8457a07f40768a79fdc462e6b4a93479179acce26e9a881ad88e9bda56bc45b955bd137eb6a10faae485df2055d290b5f5949c6c1ef54dacde51e41b3b831d091296afdcea0a3f90167c64236701a6a66a7585617a81295c82c330caf32cb6b5240766739a217b22cf41bbab5aeb327feb5109ed16a6ddd2009b475825c0dd02dbec6e612072ce7fd70ed9305446a8b45b7a9ff355b3cff9707fe8ba6b03c1d1269b59308a"], 0x1) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x21) wait4(0x0, 0x0, 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x10000, 0x0, 0x15}) syz_open_pts(r0, 0x0) getxattr(&(0x7f0000000240)='./file0\x00', &(0x7f0000000280)=@known='com.apple.system.Security\x00', &(0x7f00000002c0)=""/41, 0x29) accept$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @initdev}, &(0x7f00000001c0)=0x10) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0xf, &(0x7f00009abffc)=0x5, 0x4) r3 = socket(0xa, 0x2, 0x0) getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xa) fcntl$getownex(r3, 0x10, &(0x7f0000000500)) openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000540)='/dev/vga_arbiter\x00', 0x511441, 0x0) [ 1539.168957] [<000000003542cfd2>] ? __sb_start_write+0x161/0x310 [ 1539.168964] [<000000006a657c39>] vfs_write+0x185/0x520 [ 1539.168972] [<00000000896b6640>] SyS_write+0x121/0x270 [ 1539.168979] [<0000000039622e10>] ? SyS_read+0x270/0x270 [ 1539.168986] [<00000000207ed57a>] ? do_syscall_64+0x4a/0x5c0 [ 1539.168994] [<0000000039622e10>] ? SyS_read+0x270/0x270 [ 1539.169000] [<000000009049c43c>] do_syscall_64+0x1ad/0x5c0 [ 1539.169009] [<00000000880b3aee>] entry_SYSCALL_64_after_swapgs+0x5d/0xdb [ 1539.169044] Mem-Info: [ 1539.169072] active_anon:189015 inactive_anon:40 isolated_anon:0 [ 1539.169072] active_file:12731 inactive_file:19334 isolated_file:0 [ 1539.169072] unevictable:1 dirty:163 writeback:0 unstable:0 [ 1539.169072] slab_reclaimable:8921 slab_unreclaimable:100936 [ 1539.169072] mapped:59368 shmem:56 pagetables:79307 bounce:0 [ 1539.169072] free:1130849 free_pcp:472 free_cma:0 [ 1539.169105] Node 0 active_anon:756060kB inactive_anon:160kB active_file:50924kB inactive_file:77336kB unevictable:4kB isolated(anon):0kB isolated(file):0kB mapped:237472kB dirty:652kB writeback:0kB shmem:224kB writeback_tmp:0kB unstable:0kB pages_scanned:0 all_unreclaimable? no [ 1539.169136] DMA32 free:3012768kB min:4696kB low:7712kB high:10728kB active_anon:8kB inactive_anon:0kB active_file:4kB inactive_file:0kB unevictable:0kB writepending:0kB present:3145324kB managed:3020092kB mlocked:0kB slab_reclaimable:72kB slab_unreclaimable:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:1232kB local_pcp:644kB free_cma:0kB lowmem_reserve[]: 0 3505 3505 22:11:33 executing program 0: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) socket(0x0, 0x0, 0x8) poll(0x0, 0x0, 0x8000000000000200) socketpair(0x10, 0x0, 0x0, 0x0) creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$TIOCLINUX4(0xffffffffffffffff, 0x541c, 0x0) r0 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r1, &(0x7f0000000300)=ANY=[], 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x21) wait4(0x0, 0x0, 0x0, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x10000}) syz_open_pts(0xffffffffffffffff, 0x0) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000540)='/dev/vga_arbiter\x00', 0x511441, 0x0) 22:11:33 executing program 5: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x448, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x13102000ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket(0x5, 0xa, 0x8) poll(0x0, 0x0, 0x8000000000000200) socketpair(0x10, 0x0, 0xfe, &(0x7f0000000180)) fcntl$setown(0xffffffffffffffff, 0x8, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$TIOCLINUX4(r1, 0x541c, &(0x7f0000000040)) dup2(r0, 0xffffffffffffffff) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r3, &(0x7f0000000300)=ANY=[@ANYBLOB="2422cdb3dbc96a0d7dab17ee1da68e97a75c2d1a34e7ee02004c4ac61b6783adf4b78165e6c18fe6e6e9de0eb40ab9b6372acb8457a07f40768a79fdc462e6b4a93479179acce26e9a881ad88e9bda56bc45b955bd137eb6a10faae485df2055d290b5f5949c6c1ef54dacde51e41b3b831d091296afdcea0a3f90167c64236701a6a66a7585617a81295c82c330caf32cb6b5240766739a217b22cf41bbab5aeb327feb5109ed16a6ddd2009b475825c0dd02dbec6e612072ce7fd70ed9305446a8b45b7a9ff355b3cff9707fe8ba6b03c1d1269b59308a"], 0x1) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x21) wait4(0x0, 0x0, 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x10000, 0x0, 0x15}) syz_open_pts(r0, 0x0) accept$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @initdev}, &(0x7f00000001c0)=0x10) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0xf, &(0x7f00009abffc)=0x5, 0x4) r4 = socket(0xa, 0x2, 0x0) getsockopt$sock_cred(r4, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xa) fcntl$getownex(r4, 0x10, &(0x7f0000000500)) openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000540)='/dev/vga_arbiter\x00', 0x511441, 0x0) 22:11:33 executing program 1: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x13102000ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket(0x0, 0x0, 0x0) poll(0x0, 0x0, 0x8000000000000200) socketpair(0x10, 0x0, 0xfe, &(0x7f0000000180)) r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$TIOCLINUX4(r1, 0x541c, &(0x7f0000000040)) dup2(0xffffffffffffffff, 0xffffffffffffffff) r2 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r3, &(0x7f0000000300)=ANY=[], 0x0) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x21) wait4(0x0, 0x0, 0x0, 0x0) syz_open_pts(r0, 0x0) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0xf, &(0x7f00009abffc), 0x4) 22:11:33 executing program 3: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x448, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x13102000ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket(0x5, 0xa, 0x8) poll(0x0, 0x0, 0x8000000000000200) socketpair(0x10, 0x0, 0xfe, &(0x7f0000000180)) fcntl$setown(0xffffffffffffffff, 0x8, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$TIOCLINUX4(r1, 0x541c, &(0x7f0000000040)) dup2(r0, 0xffffffffffffffff) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r3, &(0x7f0000000300)=ANY=[@ANYBLOB="2422cdb3dbc96a0d7dab17ee1da68e97a75c2d1a34e7ee02004c4ac61b6783adf4b78165e6c18fe6e6e9de0eb40ab9b6372acb8457a07f40768a79fdc462e6b4a93479179acce26e9a881ad88e9bda56bc45b955bd137eb6a10faae485df2055d290b5f5949c6c1ef54dacde51e41b3b831d091296afdcea0a3f90167c64236701a6a66a7585617a81295c82c330caf32cb6b5240766739a217b22cf41bbab5aeb327feb5109ed16a6ddd2009b475825c0dd02dbec6e612072ce7fd70ed9305446a8b45b7a9ff355b3cff9707fe8ba6b03c1d1269b59308a"], 0x1) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x21) wait4(0x0, 0x0, 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x10000, 0x0, 0x15}) getxattr(&(0x7f0000000240)='./file0\x00', &(0x7f0000000280)=@known='com.apple.system.Security\x00', &(0x7f00000002c0)=""/41, 0x29) accept$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @initdev}, &(0x7f00000001c0)=0x10) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0xf, &(0x7f00009abffc)=0x5, 0x4) r4 = socket(0xa, 0x2, 0x0) getsockopt$sock_cred(r4, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xa) fcntl$getownex(r4, 0x10, &(0x7f0000000500)) openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000540)='/dev/vga_arbiter\x00', 0x511441, 0x0) [ 1539.169189] Normal free:1510628kB min:5580kB low:9168kB high:12756kB active_anon:756052kB inactive_anon:160kB active_file:50920kB inactive_file:77336kB unevictable:4kB writepending:652kB present:4718592kB managed:3589316kB mlocked:4kB slab_reclaimable:35612kB slab_unreclaimable:403744kB kernel_stack:100640kB pagetables:317228kB bounce:0kB free_pcp:656kB local_pcp:380kB free_cma:0kB lowmem_reserve[]: 0 0 0 [ 1539.169484] DMA32: 12*4kB (UM) 12*8kB (UME) 7*16kB (UME) 5*32kB (UME) 4*64kB (UM) 6*128kB (UME) 7*256kB (UME) 6*512kB (UME) 4*1024kB (UME) 4*2048kB (UME) 731*4096kB (UM) = 3012768kB Normal: 3*4kB (E) 321*8kB (UME) 131*16kB (UME) 29*32kB (UM) 12*64kB (UM) 3*128kB (ME) 3*256kB (UE) 2*512kB (UM) 1*1024kB (E) 1*2048kB (U) 366*4096kB (U) = 1510756kB 32118 total pagecache pages [ 1539.169744] 0 pages in swap cache [ 1539.169753] Swap cache stats: add 0, delete 0, find 0/0 [ 1539.169764] Free swap = 0kB [ 1539.169766] Total swap = 0kB [ 1539.169773] 1965979 pages RAM [ 1539.169785] 0 pages HighMem/MovableOnly [ 1539.169787] 313627 pages reserved [ 1539.856265] syz-executor.1: vmalloc: allocation failure: 0 bytes, mode:0x24000c2(GFP_KERNEL|__GFP_HIGHMEM) [ 1539.856289] CPU: 1 PID: 30617 Comm: syz-executor.1 Not tainted 4.9.194+ #0 [ 1539.856307] ffff88013c12f968 ffffffff81b67001 1ffff10027825f2f ffff8801348d5f00 22:11:34 executing program 4: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x448, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x13102000ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket(0x5, 0xa, 0x8) poll(0x0, 0x0, 0x8000000000000200) socketpair(0x10, 0x0, 0xfe, &(0x7f0000000180)) fcntl$setown(0xffffffffffffffff, 0x8, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$TIOCLINUX4(r1, 0x541c, &(0x7f0000000040)) dup2(r0, 0xffffffffffffffff) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) write$selinux_load(0xffffffffffffffff, &(0x7f0000000300)=ANY=[@ANYBLOB="2422cdb3dbc96a0d7dab17ee1da68e97a75c2d1a34e7ee02004c4ac61b6783adf4b78165e6c18fe6e6e9de0eb40ab9b6372acb8457a07f40768a79fdc462e6b4a93479179acce26e9a881ad88e9bda56bc45b955bd137eb6a10faae485df2055d290b5f5949c6c1ef54dacde51e41b3b831d091296afdcea0a3f90167c64236701a6a66a7585617a81295c82c330caf32cb6b5240766739a217b22cf41bbab5aeb327feb5109ed16a6ddd2009b475825c0dd02dbec6e612072ce7fd70ed9305446a8b45b7a9ff355b3cff9707fe8ba6b03c1d1269b59308a"], 0x1) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x21) wait4(0x0, 0x0, 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x10000, 0x0, 0x15}) syz_open_pts(r0, 0x0) stat(&(0x7f0000000140)='./file0\x00', 0x0) getxattr(&(0x7f0000000240)='./file0\x00', &(0x7f0000000280)=@known='com.apple.system.Security\x00', &(0x7f00000002c0)=""/41, 0x29) accept$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @initdev}, &(0x7f00000001c0)=0x10) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) bind$inet(0xffffffffffffffff, &(0x7f0000000080)={0x2, 0x4e22, @empty}, 0x10) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0xf, &(0x7f00009abffc)=0x5, 0x4) r3 = socket(0xa, 0x2, 0x0) getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xa) openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000540)='/dev/vga_arbiter\x00', 0x511441, 0x0) [ 1539.856321] ffffffff82aab4e0 0000000000000001 0000000000400000 ffff88013c12fa90 [ 1539.856335] ffffffff815080fc 0000000041b58ab3 ffffffff82e3bc80 ffffffff81431d00 [ 1539.856337] Call Trace: [ 1539.856354] [<0000000011681f42>] dump_stack+0xc1/0x120 [ 1539.856369] [<000000007c2097d2>] warn_alloc.cold+0x76/0x93 [ 1539.856379] [<00000000de19d6ac>] ? zone_watermark_ok_safe+0x260/0x260 [ 1539.856389] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1539.856403] [<000000005cb91349>] __vmalloc_node_range+0x368/0x610 [ 1539.856412] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1539.856422] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1539.856430] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1539.856441] [<00000000a2fc1867>] ? task_has_security+0x130/0x270 [ 1539.856448] [<00000000a2870fb6>] vmalloc+0x5c/0x70 22:11:34 executing program 2: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x448, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x13102000ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket(0x5, 0xa, 0x8) poll(0x0, 0x0, 0x8000000000000200) socketpair(0x10, 0x0, 0xfe, &(0x7f0000000180)) fcntl$setown(0xffffffffffffffff, 0x8, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$TIOCLINUX4(r1, 0x541c, &(0x7f0000000040)) dup2(r0, 0xffffffffffffffff) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x21) wait4(0x0, 0x0, 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x10000, 0x0, 0x15}) syz_open_pts(r0, 0x0) stat(&(0x7f0000000140)='./file0\x00', 0x0) getxattr(&(0x7f0000000240)='./file0\x00', &(0x7f0000000280)=@known='com.apple.system.Security\x00', &(0x7f00000002c0)=""/41, 0x29) accept$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @initdev}, &(0x7f00000001c0)=0x10) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) bind$inet(0xffffffffffffffff, &(0x7f0000000080)={0x2, 0x4e22, @empty}, 0x10) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0xf, &(0x7f00009abffc)=0x5, 0x4) r3 = socket(0xa, 0x2, 0x0) getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xa) openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000540)='/dev/vga_arbiter\x00', 0x511441, 0x0) 22:11:34 executing program 4: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x448, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x13102000ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket(0x5, 0xa, 0x8) poll(0x0, 0x0, 0x8000000000000200) socketpair(0x10, 0x0, 0xfe, &(0x7f0000000180)) fcntl$setown(0xffffffffffffffff, 0x8, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$TIOCLINUX4(r1, 0x541c, &(0x7f0000000040)) dup2(r0, 0xffffffffffffffff) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x21) wait4(0x0, 0x0, 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x10000, 0x0, 0x15}) syz_open_pts(r0, 0x0) stat(&(0x7f0000000140)='./file0\x00', 0x0) getxattr(&(0x7f0000000240)='./file0\x00', &(0x7f0000000280)=@known='com.apple.system.Security\x00', &(0x7f00000002c0)=""/41, 0x29) accept$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @initdev}, &(0x7f00000001c0)=0x10) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) bind$inet(0xffffffffffffffff, &(0x7f0000000080)={0x2, 0x4e22, @empty}, 0x10) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0xf, &(0x7f00009abffc)=0x5, 0x4) r3 = socket(0xa, 0x2, 0x0) getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xa) openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000540)='/dev/vga_arbiter\x00', 0x511441, 0x0) 22:11:34 executing program 0: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) socket(0x0, 0x0, 0x8) poll(0x0, 0x0, 0x8000000000000200) socketpair(0x10, 0x0, 0x0, 0x0) creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$TIOCLINUX4(0xffffffffffffffff, 0x541c, 0x0) r0 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r1, &(0x7f0000000300)=ANY=[], 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x21) wait4(0x0, 0x0, 0x0, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x10000, 0x0, 0x15}) syz_open_pts(0xffffffffffffffff, 0x0) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) openat$vga_arbiter(0xffffffffffffff9c, 0x0, 0x511441, 0x0) [ 1539.856455] [<000000009122b07a>] ? sel_write_load+0x119/0xf60 [ 1539.856462] [<000000009122b07a>] sel_write_load+0x119/0xf60 [ 1539.856470] [<0000000014953e9a>] ? sel_read_bool+0x240/0x240 [ 1539.856480] [<00000000b9229046>] ? retint_kernel+0x2d/0x2d [ 1539.856489] [<00000000c0218928>] ? trace_hardirqs_on_caller+0x385/0x5a0 [ 1539.856500] [<00000000442ab0de>] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 1539.856507] [<000000008431afd9>] __vfs_write+0x116/0x560 [ 1539.856514] [<0000000014953e9a>] ? sel_read_bool+0x240/0x240 [ 1539.856521] [<00000000b67253ca>] ? __vfs_read+0x550/0x550 [ 1539.856530] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1539.856539] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1539.856548] [<00000000ad48bf15>] ? rcu_read_lock_sched_held+0x10b/0x130 [ 1539.856556] [<00000000a3300644>] ? rcu_sync_lockdep_assert+0x73/0xb0 [ 1539.856565] [<000000003542cfd2>] ? __sb_start_write+0x161/0x310 [ 1539.856572] [<000000006a657c39>] vfs_write+0x185/0x520 [ 1539.856579] [<00000000896b6640>] SyS_write+0x121/0x270 [ 1539.856587] [<0000000039622e10>] ? SyS_read+0x270/0x270 [ 1539.856593] [<00000000207ed57a>] ? do_syscall_64+0x4a/0x5c0 [ 1539.856601] [<0000000039622e10>] ? SyS_read+0x270/0x270 [ 1539.856607] [<000000009049c43c>] do_syscall_64+0x1ad/0x5c0 [ 1539.856616] [<00000000880b3aee>] entry_SYSCALL_64_after_swapgs+0x5d/0xdb [ 1539.856643] Mem-Info: [ 1539.856665] active_anon:189128 inactive_anon:40 isolated_anon:0 [ 1539.856665] active_file:12737 inactive_file:19334 isolated_file:0 [ 1539.856665] unevictable:1 dirty:171 writeback:0 unstable:0 [ 1539.856665] slab_reclaimable:8929 slab_unreclaimable:100965 [ 1539.856665] mapped:59368 shmem:56 pagetables:79446 bounce:0 [ 1539.856665] free:1130418 free_pcp:413 free_cma:0 22:11:34 executing program 4: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x448, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x13102000ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket(0x5, 0xa, 0x8) poll(0x0, 0x0, 0x8000000000000200) socketpair(0x10, 0x0, 0xfe, &(0x7f0000000180)) fcntl$setown(0xffffffffffffffff, 0x8, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$TIOCLINUX4(r1, 0x541c, &(0x7f0000000040)) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r3, &(0x7f0000000300)=ANY=[@ANYBLOB="2422cdb3dbc96a0d7dab17ee1da68e97a75c2d1a34e7ee02004c4ac61b6783adf4b78165e6c18fe6e6e9de0eb40ab9b6372acb8457a07f40768a79fdc462e6b4a93479179acce26e9a881ad88e9bda56bc45b955bd137eb6a10faae485df2055d290b5f5949c6c1ef54dacde51e41b3b831d091296afdcea0a3f90167c64236701a6a66a7585617a81295c82c330caf32cb6b5240766739a217b22cf41bbab5aeb327feb5109ed16a6ddd2009b475825c0dd02dbec6e612072ce7fd70ed9305446a8b45b7a9ff355b3cff9707fe8ba6b03c1d1269b59308a"], 0x1) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x21) wait4(0x0, 0x0, 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x10000, 0x0, 0x15}) syz_open_pts(r0, 0x0) getxattr(&(0x7f0000000240)='./file0\x00', &(0x7f0000000280)=@known='com.apple.system.Security\x00', &(0x7f00000002c0)=""/41, 0x29) accept$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @initdev}, &(0x7f00000001c0)=0x10) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0xf, &(0x7f00009abffc)=0x5, 0x4) r4 = socket(0xa, 0x2, 0x0) getsockopt$sock_cred(r4, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xa) fcntl$getownex(r4, 0x10, &(0x7f0000000500)) openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000540)='/dev/vga_arbiter\x00', 0x511441, 0x0) 22:11:34 executing program 2: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x448, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x13102000ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket(0x5, 0xa, 0x8) poll(0x0, 0x0, 0x8000000000000200) socketpair(0x10, 0x0, 0xfe, &(0x7f0000000180)) fcntl$setown(0xffffffffffffffff, 0x8, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$TIOCLINUX4(r1, 0x541c, &(0x7f0000000040)) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r3, &(0x7f0000000300)=ANY=[@ANYBLOB="2422cdb3dbc96a0d7dab17ee1da68e97a75c2d1a34e7ee02004c4ac61b6783adf4b78165e6c18fe6e6e9de0eb40ab9b6372acb8457a07f40768a79fdc462e6b4a93479179acce26e9a881ad88e9bda56bc45b955bd137eb6a10faae485df2055d290b5f5949c6c1ef54dacde51e41b3b831d091296afdcea0a3f90167c64236701a6a66a7585617a81295c82c330caf32cb6b5240766739a217b22cf41bbab5aeb327feb5109ed16a6ddd2009b475825c0dd02dbec6e612072ce7fd70ed9305446a8b45b7a9ff355b3cff9707fe8ba6b03c1d1269b59308a"], 0x1) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x21) wait4(0x0, 0x0, 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x10000, 0x0, 0x15}) syz_open_pts(r0, 0x0) getxattr(&(0x7f0000000240)='./file0\x00', &(0x7f0000000280)=@known='com.apple.system.Security\x00', &(0x7f00000002c0)=""/41, 0x29) accept$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @initdev}, &(0x7f00000001c0)=0x10) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0xf, &(0x7f00009abffc)=0x5, 0x4) r4 = socket(0xa, 0x2, 0x0) getsockopt$sock_cred(r4, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xa) fcntl$getownex(r4, 0x10, &(0x7f0000000500)) openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000540)='/dev/vga_arbiter\x00', 0x511441, 0x0) [ 1539.856693] Node 0 active_anon:756512kB inactive_anon:160kB active_file:50948kB inactive_file:77336kB unevictable:4kB isolated(anon):0kB isolated(file):0kB mapped:237472kB dirty:684kB writeback:0kB shmem:224kB writeback_tmp:0kB unstable:0kB pages_scanned:0 all_unreclaimable? no 22:11:35 executing program 5: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x448, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x13102000ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket(0x5, 0xa, 0x8) poll(0x0, 0x0, 0x8000000000000200) socketpair(0x10, 0x0, 0xfe, &(0x7f0000000180)) fcntl$setown(0xffffffffffffffff, 0x8, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$TIOCLINUX4(r1, 0x541c, &(0x7f0000000040)) dup2(r0, 0xffffffffffffffff) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r3, &(0x7f0000000300)=ANY=[@ANYBLOB="2422cdb3dbc96a0d7dab17ee1da68e97a75c2d1a34e7ee02004c4ac61b6783adf4b78165e6c18fe6e6e9de0eb40ab9b6372acb8457a07f40768a79fdc462e6b4a93479179acce26e9a881ad88e9bda56bc45b955bd137eb6a10faae485df2055d290b5f5949c6c1ef54dacde51e41b3b831d091296afdcea0a3f90167c64236701a6a66a7585617a81295c82c330caf32cb6b5240766739a217b22cf41bbab5aeb327feb5109ed16a6ddd2009b475825c0dd02dbec6e612072ce7fd70ed9305446a8b45b7a9ff355b3cff9707fe8ba6b03c1d1269b59308a"], 0x1) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x21) wait4(0x0, 0x0, 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x10000, 0x0, 0x15}) syz_open_pts(r0, 0x0) accept$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @initdev}, &(0x7f00000001c0)=0x10) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0xf, &(0x7f00009abffc)=0x5, 0x4) r4 = socket(0xa, 0x2, 0x0) getsockopt$sock_cred(r4, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xa) fcntl$getownex(r4, 0x10, &(0x7f0000000500)) openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000540)='/dev/vga_arbiter\x00', 0x511441, 0x0) [ 1539.856725] DMA32 free:3012768kB min:4696kB low:7712kB high:10728kB active_anon:8kB inactive_anon:0kB active_file:4kB inactive_file:0kB unevictable:0kB writepending:0kB present:3145324kB managed:3020092kB mlocked:0kB slab_reclaimable:72kB slab_unreclaimable:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:1232kB local_pcp:644kB free_cma:0kB lowmem_reserve[]: 0 3505 3505 [ 1539.856849] Normal free:1508904kB min:5580kB low:9168kB high:12756kB active_anon:756504kB inactive_anon:160kB active_file:50944kB inactive_file:77336kB unevictable:4kB writepending:684kB present:4718592kB managed:3589316kB mlocked:4kB slab_reclaimable:35644kB slab_unreclaimable:403860kB kernel_stack:101216kB pagetables:317784kB bounce:0kB free_pcp:420kB local_pcp:236kB free_cma:0kB lowmem_reserve[]: 0 0 0 22:11:35 executing program 1: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x13102000ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket(0x0, 0x0, 0x0) poll(0x0, 0x0, 0x8000000000000200) socketpair(0x10, 0x0, 0xfe, &(0x7f0000000180)) r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$TIOCLINUX4(r1, 0x541c, &(0x7f0000000040)) dup2(0xffffffffffffffff, 0xffffffffffffffff) r2 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r3, &(0x7f0000000300)=ANY=[], 0x0) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x21) wait4(0x0, 0x0, 0x0, 0x0) syz_open_pts(r0, 0x0) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0xf, &(0x7f00009abffc), 0x4) 22:11:35 executing program 3: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x448, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x13102000ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket(0x5, 0xa, 0x8) poll(0x0, 0x0, 0x8000000000000200) socketpair(0x10, 0x0, 0xfe, &(0x7f0000000180)) fcntl$setown(0xffffffffffffffff, 0x8, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$TIOCLINUX4(r1, 0x541c, &(0x7f0000000040)) dup2(r0, 0xffffffffffffffff) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r3, &(0x7f0000000300)=ANY=[@ANYBLOB="2422cdb3dbc96a0d7dab17ee1da68e97a75c2d1a34e7ee02004c4ac61b6783adf4b78165e6c18fe6e6e9de0eb40ab9b6372acb8457a07f40768a79fdc462e6b4a93479179acce26e9a881ad88e9bda56bc45b955bd137eb6a10faae485df2055d290b5f5949c6c1ef54dacde51e41b3b831d091296afdcea0a3f90167c64236701a6a66a7585617a81295c82c330caf32cb6b5240766739a217b22cf41bbab5aeb327feb5109ed16a6ddd2009b475825c0dd02dbec6e612072ce7fd70ed9305446a8b45b7a9ff355b3cff9707fe8ba6b03c1d1269b59308a"], 0x1) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x21) wait4(0x0, 0x0, 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x10000, 0x0, 0x15}) syz_open_pts(r0, 0x0) getxattr(&(0x7f0000000240)='./file0\x00', &(0x7f0000000280)=@known='com.apple.system.Security\x00', &(0x7f00000002c0)=""/41, 0x29) accept$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @initdev}, &(0x7f00000001c0)=0x10) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0xf, &(0x7f00009abffc)=0x5, 0x4) r4 = socket(0xa, 0x2, 0x0) getsockopt$sock_cred(r4, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xa) fcntl$getownex(r4, 0x10, &(0x7f0000000500)) openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000540)='/dev/vga_arbiter\x00', 0x511441, 0x0) [ 1539.857186] DMA32: 12*4kB (UM) 12*8kB (UME) 7*16kB (UME) 5*32kB (UME) 4*64kB (UM) 6*128kB (UME) 7*256kB (UME) 6*512kB (UME) 4*1024kB (UME) 4*2048kB (UME) 731*4096kB (UM) = 3012768kB Normal: 4*4kB (UE) 259*8kB (UME) 130*16kB (ME) 18*32kB (UME) 11*64kB (ME) 2*128kB (ME) 2*256kB (E) 1*512kB (M) 1*1024kB (E) 1*2048kB (U) 366*4096kB (U) = 1508936kB 32124 total pagecache pages [ 1539.857507] 0 pages in swap cache [ 1539.857533] Swap cache stats: add 0, delete 0, find 0/0 [ 1539.857545] Free swap = 0kB [ 1539.857547] Total swap = 0kB [ 1539.857563] 1965979 pages RAM [ 1539.857565] 0 pages HighMem/MovableOnly [ 1539.857572] 313627 pages reserved [ 1540.950749] warn_alloc: 3 callbacks suppressed [ 1540.950810] syz-executor.1: vmalloc: allocation failure: 0 bytes, mode:0x24000c2(GFP_KERNEL|__GFP_HIGHMEM) [ 1540.950861] CPU: 1 PID: 30678 Comm: syz-executor.1 Not tainted 4.9.194+ #0 [ 1540.950879] ffff88013c24f968 ffffffff81b67001 1ffff10027849f2f ffff88013290df00 [ 1540.950892] ffffffff82aab4e0 0000000000000001 0000000000400000 ffff88013c24fa90 [ 1540.950904] ffffffff815080fc 0000000041b58ab3 ffffffff82e3bc80 ffffffff81431d00 [ 1540.950906] Call Trace: [ 1540.950923] [<0000000011681f42>] dump_stack+0xc1/0x120 [ 1540.950939] [<000000007c2097d2>] warn_alloc.cold+0x76/0x93 [ 1540.950951] [<00000000de19d6ac>] ? zone_watermark_ok_safe+0x260/0x260 [ 1540.950964] [<00000000c0218928>] ? trace_hardirqs_on_caller+0x385/0x5a0 [ 1540.950974] [<00000000442ab0de>] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 1540.950982] [<000000005cb91349>] __vmalloc_node_range+0x368/0x610 [ 1540.950990] [<00000000a2870fb6>] vmalloc+0x5c/0x70 [ 1540.950999] [<000000009122b07a>] ? sel_write_load+0x119/0xf60 [ 1540.951006] [<000000009122b07a>] sel_write_load+0x119/0xf60 [ 1540.951014] [<0000000014953e9a>] ? sel_read_bool+0x240/0x240 [ 1540.951022] [<000000007028393f>] ? mark_held_locks+0xb1/0x100 [ 1540.951030] [<000000008431afd9>] __vfs_write+0x116/0x560 [ 1540.951037] [<0000000014953e9a>] ? sel_read_bool+0x240/0x240 [ 1540.951044] [<00000000b67253ca>] ? __vfs_read+0x550/0x550 [ 1540.951055] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1540.951063] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 22:11:35 executing program 4: r0 = socket$unix(0x1, 0x1, 0x0) r1 = socket$unix(0x1, 0x1, 0x0) setsockopt$sock_int(r1, 0x1, 0x10, &(0x7f0000000040)=0xb517, 0x4) bind$unix(r1, &(0x7f0000003000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0xc) listen(r1, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) r3 = socket$netlink(0x10, 0x3, 0x0) dup2(r3, r2) connect$unix(r0, &(0x7f000066fff4)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0xc) accept4$unix(r1, &(0x7f000046f000)=@abs, &(0x7f0000937000)=0x8, 0x0) ** 20 printk messages dropped ** [ 1540.952249] 32128 total pagecache pages [ 1540.952289] 0 pages in swap cache [ 1540.952310] Swap cache stats: add 0, delete 0, find 0/0 [ 1540.952327] Free swap = 0kB [ 1540.952341] Total swap = 0kB [ 1540.952348] 1965979 pages RAM [ 1540.952360] 0 pages HighMem/MovableOnly [ 1540.952368] 313627 pages reserved [ 1541.790064] syz-executor.1: vmalloc: allocation failure: 0 bytes, mode:0x24000c2(GFP_KERNEL|__GFP_HIGHMEM) [ 1541.790087] CPU: 0 PID: 30691 Comm: syz-executor.1 Not tainted 4.9.194+ #0 [ 1541.790103] ffff88013ad4f968 ffffffff81b67001 1ffff100275a9f2f ffff8801d100af80 [ 1541.790115] ffffffff82aab4e0 0000000000000001 0000000000400000 ffff88013ad4fa90 [ 1541.790126] ffffffff815080fc 0000000041b58ab3 ffffffff82e3bc80 ffffffff81431d00 [ 1541.790128] Call Trace: [ 1541.790145] [<0000000011681f42>] dump_stack+0xc1/0x120 [ 1541.790163] [<000000007c2097d2>] warn_alloc.cold+0x76/0x93 [ 1541.790171] [<00000000de19d6ac>] ? zone_watermark_ok_safe+0x260/0x260 [ 1541.790180] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1541.790189] [<000000005cb91349>] __vmalloc_node_range+0x368/0x610 [ 1541.790196] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1541.790204] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1541.790212] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1541.790222] [<00000000a2fc1867>] ? task_has_security+0x130/0x270 [ 1541.790227] [<00000000a2870fb6>] vmalloc+0x5c/0x70 [ 1541.790234] [<000000009122b07a>] ? sel_write_load+0x119/0xf60 [ 1541.790240] [<000000009122b07a>] sel_write_load+0x119/0xf60 [ 1541.790249] [<00000000c0218928>] ? trace_hardirqs_on_caller+0x385/0x5a0 [ 1541.790259] [<00000000442ab0de>] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 1541.790266] [<0000000014953e9a>] ? sel_read_bool+0x240/0x240 [ 1541.790272] [<0000000014953e9a>] ? sel_read_bool+0x240/0x240 [ 1541.790281] [<000000008431afd9>] __vfs_write+0x116/0x560 [ 1541.790292] [<00000000b9229046>] ? retint_kernel+0x2d/0x2d [ 1541.790299] [<0000000014953e9a>] ? sel_read_bool+0x240/0x240 [ 1541.790309] [<00000000b67253ca>] ? __vfs_read+0x550/0x550 [ 1541.790327] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1541.790337] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1541.790350] [<00000000ad48bf15>] ? rcu_read_lock_sched_held+0x10b/0x130 22:11:36 executing program 4: r0 = socket$unix(0x1, 0x1, 0x0) r1 = socket$unix(0x1, 0x1, 0x0) setsockopt$sock_int(r1, 0x1, 0x10, &(0x7f0000000040)=0xb517, 0x4) bind$unix(r1, &(0x7f0000003000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0xc) listen(r1, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) r3 = socket$netlink(0x10, 0x3, 0x0) dup2(r3, r2) connect$unix(r0, &(0x7f000066fff4)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0xc) accept4$unix(r1, &(0x7f000046f000)=@abs, &(0x7f0000937000)=0x8, 0x0) [ 1541.790360] [<00000000a3300644>] ? rcu_sync_lockdep_assert+0x73/0xb0 [ 1541.790368] [<000000003542cfd2>] ? __sb_start_write+0x161/0x310 [ 1541.790375] [<000000006a657c39>] vfs_write+0x185/0x520 [ 1541.790382] [<00000000896b6640>] SyS_write+0x121/0x270 [ 1541.790389] [<0000000039622e10>] ? SyS_read+0x270/0x270 [ 1541.790395] [<00000000207ed57a>] ? do_syscall_64+0x4a/0x5c0 [ 1541.790402] [<0000000039622e10>] ? SyS_read+0x270/0x270 [ 1541.790409] [<000000009049c43c>] do_syscall_64+0x1ad/0x5c0 22:11:36 executing program 4: r0 = socket$unix(0x1, 0x1, 0x0) r1 = socket$unix(0x1, 0x1, 0x0) setsockopt$sock_int(r1, 0x1, 0x10, &(0x7f0000000040)=0xb517, 0x4) bind$unix(r1, &(0x7f0000003000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0xc) listen(r1, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) r3 = socket$netlink(0x10, 0x3, 0x0) dup2(r3, r2) connect$unix(r0, &(0x7f000066fff4)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0xc) accept4$unix(r1, &(0x7f000046f000)=@abs, &(0x7f0000937000)=0x8, 0x0) [ 1541.790417] [<00000000880b3aee>] entry_SYSCALL_64_after_swapgs+0x5d/0xdb [ 1541.790508] Mem-Info: [ 1541.790537] active_anon:189229 inactive_anon:40 isolated_anon:0 [ 1541.790537] active_file:12743 inactive_file:19334 isolated_file:0 [ 1541.790537] unevictable:1 dirty:171 writeback:0 unstable:0 [ 1541.790537] slab_reclaimable:8929 slab_unreclaimable:101103 [ 1541.790537] mapped:59368 shmem:56 pagetables:79565 bounce:0 [ 1541.790537] free:1130082 free_pcp:479 free_cma:0 [ 1541.790566] Node 0 active_anon:756916kB inactive_anon:160kB active_file:50972kB inactive_file:77336kB unevictable:4kB isolated(anon):0kB isolated(file):0kB mapped:237472kB dirty:684kB writeback:0kB shmem:224kB writeback_tmp:0kB unstable:0kB pages_scanned:0 all_unreclaimable? no [ 1541.790598] DMA32 free:3012768kB min:4696kB low:7712kB high:10728kB active_anon:8kB inactive_anon:0kB active_file:4kB inactive_file:0kB unevictable:0kB writepending:0kB present:3145324kB managed:3020092kB mlocked:0kB slab_reclaimable:72kB slab_unreclaimable:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:1232kB local_pcp:588kB free_cma:0kB lowmem_reserve[]: 0 3505 3505 [ 1541.790672] Normal free:1507560kB min:5580kB low:9168kB high:12756kB active_anon:756908kB inactive_anon:160kB active_file:50968kB inactive_file:77336kB unevictable:4kB writepending:684kB present:4718592kB managed:3589316kB mlocked:4kB slab_reclaimable:35644kB slab_unreclaimable:404412kB kernel_stack:100832kB pagetables:318260kB bounce:0kB free_pcp:684kB local_pcp:588kB free_cma:0kB 22:11:36 executing program 4: socket$unix(0x1, 0x1, 0x0) r0 = socket$unix(0x1, 0x1, 0x0) setsockopt$sock_int(r0, 0x1, 0x10, &(0x7f0000000040)=0xb517, 0x4) bind$unix(r0, &(0x7f0000003000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0xc) listen(r0, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) dup2(r2, r1) accept4$unix(r0, &(0x7f000046f000)=@abs, &(0x7f0000937000)=0x8, 0x0) lowmem_reserve[]: 0 0 0 [ 1541.791030] DMA32: 12*4kB (UM) 12*8kB (UME) 7*16kB (UME) 5*32kB (UME) 4*64kB (UM) 6*128kB (UME) 7*256kB (UME) 6*512kB (UME) 4*1024kB (UME) 4*2048kB (UME) 731*4096kB (UM) = 3012768kB Normal: 10*4kB (UME) 206*8kB (UME) 131*16kB (UME) 19*32kB (UME) 11*64kB (ME) 2*128kB (ME) 2*256kB (E) 1*512kB (M) 2*1024kB (UE) 0*2048kB 366*4096kB (U) = 1507560kB 32130 total pagecache pages [ 1541.791288] 0 pages in swap cache [ 1541.791306] Swap cache stats: add 0, delete 0, find 0/0 [ 1541.791326] Free swap = 0kB [ 1541.791338] Total swap = 0kB [ 1541.791341] 1965979 pages RAM [ 1541.791347] 0 pages HighMem/MovableOnly [ 1541.791358] 313627 pages reserved [ 1541.853189] syz-executor.0: vmalloc: allocation failure: 0 bytes, mode:0x24000c2(GFP_KERNEL|__GFP_HIGHMEM) [ 1541.853200] CPU: 1 PID: 30700 Comm: syz-executor.0 Not tainted 4.9.194+ #0 [ 1541.853216] ffff88013550f968 ffffffff81b67001 1ffff10026aa1f2f ffff88013290c740 [ 1541.853228] ffffffff82aab4e0 0000000000000001 0000000000400000 ffff88013550fa90 [ 1541.853241] ffffffff815080fc 0000000041b58ab3 ffffffff82e3bc80 ffffffff81431d00 [ 1541.853243] Call Trace: [ 1541.853261] [<0000000011681f42>] dump_stack+0xc1/0x120 [ 1541.853277] [<000000007c2097d2>] warn_alloc.cold+0x76/0x93 [ 1541.853288] [<00000000de19d6ac>] ? zone_watermark_ok_safe+0x260/0x260 [ 1541.853298] [<00000000298d54b5>] ? avc_has_perm+0x164/0x3a0 [ 1541.853307] [<000000005cb91349>] __vmalloc_node_range+0x368/0x610 [ 1541.853318] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1541.853330] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1541.853338] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1541.853348] [<00000000a2fc1867>] ? task_has_security+0x130/0x270 [ 1541.853355] [<00000000a2870fb6>] vmalloc+0x5c/0x70 [ 1541.853361] [<000000009122b07a>] ? sel_write_load+0x119/0xf60 [ 1541.853367] [<000000009122b07a>] sel_write_load+0x119/0xf60 [ 1541.853373] [<0000000014953e9a>] ? sel_read_bool+0x240/0x240 [ 1541.853382] [<0000000033795d1e>] ? trace_hardirqs_on+0x10/0x10 [ 1541.853391] [<000000008431afd9>] __vfs_write+0x116/0x560 [ 1541.853397] [<0000000014953e9a>] ? sel_read_bool+0x240/0x240 [ 1541.853404] [<00000000b67253ca>] ? __vfs_read+0x550/0x550 [ 1541.853413] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1541.853421] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1541.853430] [<00000000ad48bf15>] ? rcu_read_lock_sched_held+0x10b/0x130 [ 1541.853437] [<00000000a3300644>] ? rcu_sync_lockdep_assert+0x73/0xb0 [ 1541.853445] [<000000003542cfd2>] ? __sb_start_write+0x161/0x310 [ 1541.853451] [<000000006a657c39>] vfs_write+0x185/0x520 [ 1541.853458] [<00000000896b6640>] SyS_write+0x121/0x270 [ 1541.853465] [<0000000039622e10>] ? SyS_read+0x270/0x270 [ 1541.853474] [<00000000207ed57a>] ? do_syscall_64+0x4a/0x5c0 [ 1541.853481] [<0000000039622e10>] ? SyS_read+0x270/0x270 [ 1541.853487] [<000000009049c43c>] do_syscall_64+0x1ad/0x5c0 [ 1541.853497] [<00000000880b3aee>] entry_SYSCALL_64_after_swapgs+0x5d/0xdb [ 1541.857952] Mem-Info: [ 1541.857980] active_anon:189243 inactive_anon:40 isolated_anon:0 [ 1541.857980] active_file:12743 inactive_file:19334 isolated_file:0 [ 1541.857980] unevictable:1 dirty:172 writeback:0 unstable:0 [ 1541.857980] slab_reclaimable:8929 slab_unreclaimable:101111 [ 1541.857980] mapped:59393 shmem:56 pagetables:79551 bounce:0 [ 1541.857980] free:1130059 free_pcp:435 free_cma:0 [ 1541.857997] Node 0 active_anon:756972kB inactive_anon:160kB active_file:50972kB inactive_file:77336kB unevictable:4kB isolated(anon):0kB isolated(file):0kB mapped:237572kB dirty:688kB writeback:0kB shmem:224kB writeback_tmp:0kB unstable:0kB pages_scanned:0 all_unreclaimable? no [ 1541.858017] DMA32 free:3012768kB min:4696kB low:7712kB high:10728kB active_anon:8kB inactive_anon:0kB active_file:4kB inactive_file:0kB unevictable:0kB writepending:0kB present:3145324kB managed:3020092kB mlocked:0kB slab_reclaimable:72kB slab_unreclaimable:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:1232kB local_pcp:644kB free_cma:0kB lowmem_reserve[]: 0 3505 3505 [ 1541.858046] Normal free:1507468kB min:5580kB low:9168kB high:12756kB active_anon:756964kB inactive_anon:160kB active_file:50968kB inactive_file:77336kB unevictable:4kB writepending:688kB present:4718592kB managed:3589316kB mlocked:4kB slab_reclaimable:35644kB slab_unreclaimable:404444kB kernel_stack:100896kB pagetables:318204kB bounce:0kB free_pcp:508kB local_pcp:92kB free_cma:0kB lowmem_reserve[]: 0 0 0 [ 1541.858104] DMA32: 12*4kB (UM) 12*8kB (UME) 7*16kB (UME) 5*32kB (UME) 4*64kB (UM) 6*128kB (UME) 7*256kB (UME) 6*512kB (UME) 4*1024kB (UME) 4*2048kB (UME) 731*4096kB (UM) = 3012768kB Normal: 9*4kB (UE) 191*8kB (UME) 131*16kB (UME) 16*32kB (ME) 12*64kB (UME) 2*128kB (ME) 2*256kB (E) 1*512kB (M) 2*1024kB (UE) 0*2048kB 366*4096kB (U) = 1507404kB 32130 total pagecache pages [ 1541.858163] 0 pages in swap cache [ 1541.858167] Swap cache stats: add 0, delete 0, find 0/0 [ 1541.858170] Free swap = 0kB [ 1541.858172] Total swap = 0kB [ 1541.858174] 1965979 pages RAM [ 1541.858176] 0 pages HighMem/MovableOnly [ 1541.858179] 313627 pages reserved [ 1542.156642] syz-executor.1: vmalloc: allocation failure: 0 bytes, mode:0x24000c2(GFP_KERNEL|__GFP_HIGHMEM) [ 1542.156651] CPU: 1 PID: 30711 Comm: syz-executor.1 Not tainted 4.9.194+ #0 [ 1542.156670] ffff88013c307968 ffffffff81b67001 1ffff10027860f2f ffff8801320daf80 [ 1542.156685] ffffffff82aab4e0 0000000000000001 0000000000400000 ffff88013c307a90 [ 1542.156698] ffffffff815080fc 0000000041b58ab3 ffffffff82e3bc80 ffffffff81431d00 [ 1542.156700] Call Trace: [ 1542.156718] [<0000000011681f42>] dump_stack+0xc1/0x120 [ 1542.156735] [<000000007c2097d2>] warn_alloc.cold+0x76/0x93 [ 1542.156746] [<00000000de19d6ac>] ? zone_watermark_ok_safe+0x260/0x260 [ 1542.156756] [<00000000298d54b5>] ? avc_has_perm+0x164/0x3a0 [ 1542.156769] [<000000005cb91349>] __vmalloc_node_range+0x368/0x610 [ 1542.156779] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1542.156788] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1542.156797] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1542.156808] [<00000000a2fc1867>] ? task_has_security+0x130/0x270 22:11:37 executing program 4: socket$unix(0x1, 0x1, 0x0) r0 = socket$unix(0x1, 0x1, 0x0) setsockopt$sock_int(r0, 0x1, 0x10, &(0x7f0000000040)=0xb517, 0x4) bind$unix(r0, &(0x7f0000003000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0xc) listen(r0, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) dup2(r2, r1) accept4$unix(r0, &(0x7f000046f000)=@abs, &(0x7f0000937000)=0x8, 0x0) [ 1542.156815] [<00000000a2870fb6>] vmalloc+0x5c/0x70 [ 1542.156822] [<000000009122b07a>] ? sel_write_load+0x119/0xf60 [ 1542.156829] [<000000009122b07a>] sel_write_load+0x119/0xf60 [ 1542.156837] [<0000000014953e9a>] ? sel_read_bool+0x240/0x240 [ 1542.156846] [<0000000033795d1e>] ? trace_hardirqs_on+0x10/0x10 [ 1542.156854] [<000000008431afd9>] __vfs_write+0x116/0x560 [ 1542.156862] [<0000000014953e9a>] ? sel_read_bool+0x240/0x240 [ 1542.156869] [<00000000b67253ca>] ? __vfs_read+0x550/0x550 [ 1542.156878] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1542.156887] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1542.156897] [<00000000ad48bf15>] ? rcu_read_lock_sched_held+0x10b/0x130 [ 1542.156905] [<00000000a3300644>] ? rcu_sync_lockdep_assert+0x73/0xb0 [ 1542.156914] [<000000003542cfd2>] ? __sb_start_write+0x161/0x310 [ 1542.156921] [<000000006a657c39>] vfs_write+0x185/0x520 [ 1542.156929] [<00000000896b6640>] SyS_write+0x121/0x270 [ 1542.156937] [<0000000039622e10>] ? SyS_read+0x270/0x270 [ 1542.156946] [<00000000207ed57a>] ? do_syscall_64+0x4a/0x5c0 [ 1542.156953] [<0000000039622e10>] ? SyS_read+0x270/0x270 [ 1542.156960] [<000000009049c43c>] do_syscall_64+0x1ad/0x5c0 [ 1542.156972] [<00000000880b3aee>] entry_SYSCALL_64_after_swapgs+0x5d/0xdb [ 1542.156975] Mem-Info: [ 1542.156997] active_anon:189269 inactive_anon:40 isolated_anon:0 [ 1542.156997] active_file:12743 inactive_file:19334 isolated_file:0 [ 1542.156997] unevictable:1 dirty:172 writeback:0 unstable:0 22:11:37 executing program 0: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) socket(0x0, 0x0, 0x8) poll(0x0, 0x0, 0x8000000000000200) socketpair(0x10, 0x0, 0x0, 0x0) creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$TIOCLINUX4(0xffffffffffffffff, 0x541c, 0x0) r0 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r1, &(0x7f0000000300)=ANY=[], 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x21) wait4(0x0, 0x0, 0x0, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x10000, 0x0, 0x15}) syz_open_pts(0xffffffffffffffff, 0x0) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) openat$vga_arbiter(0xffffffffffffff9c, 0x0, 0x0, 0x0) [ 1542.156997] slab_reclaimable:8929 slab_unreclaimable:101087 [ 1542.156997] mapped:59368 shmem:56 pagetables:79588 bounce:0 [ 1542.156997] free:1129989 free_pcp:469 free_cma:0 [ 1542.157010] Node 0 active_anon:757076kB inactive_anon:160kB active_file:50972kB inactive_file:77336kB unevictable:4kB isolated(anon):0kB isolated(file):0kB mapped:237472kB dirty:688kB writeback:0kB shmem:224kB writeback_tmp:0kB unstable:0kB pages_scanned:0 all_unreclaimable? no [ 1542.157029] DMA32 free:3012768kB min:4696kB low:7712kB high:10728kB active_anon:8kB inactive_anon:0kB active_file:4kB inactive_file:0kB unevictable:0kB writepending:0kB present:3145324kB managed:3020092kB mlocked:0kB slab_reclaimable:72kB slab_unreclaimable:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:1232kB local_pcp:644kB free_cma:0kB lowmem_reserve[]: 0 3505 3505 [ 1542.157055] Normal free:1507188kB min:5580kB low:9168kB high:12756kB active_anon:757068kB inactive_anon:160kB active_file:50968kB inactive_file:77336kB unevictable:4kB writepending:688kB present:4718592kB managed:3589316kB mlocked:4kB slab_reclaimable:35644kB slab_unreclaimable:404348kB kernel_stack:100992kB pagetables:318352kB bounce:0kB free_pcp:644kB local_pcp:96kB free_cma:0kB lowmem_reserve[]: 0 0 0 [ 1542.157109] DMA32: 12*4kB (UM) 12*8kB (UME) 7*16kB (UME) 5*32kB (UME) 4*64kB (UM) 6*128kB (UME) 7*256kB (UME) 6*512kB (UME) 4*1024kB (UME) 4*2048kB (UME) 731*4096kB (UM) = 3012768kB Normal: 5*4kB (UME) 172*8kB (UME) 130*16kB (ME) 18*32kB (UME) 12*64kB (UME) 3*128kB (UME) 3*256kB (UE) 2*512kB (UM) 1*1024kB (E) 0*2048kB 366*4096kB (U) = 1507156kB 32130 total pagecache pages [ 1542.157160] 0 pages in swap cache [ 1542.157164] Swap cache stats: add 0, delete 0, find 0/0 [ 1542.157167] Free swap = 0kB [ 1542.157168] Total swap = 0kB [ 1542.157171] 1965979 pages RAM [ 1542.157173] 0 pages HighMem/MovableOnly [ 1542.157175] 313627 pages reserved [ 1543.073321] syz-executor.1: vmalloc: allocation failure: 0 bytes, mode:0x24000c2(GFP_KERNEL|__GFP_HIGHMEM) [ 1543.073474] CPU: 0 PID: 30717 Comm: syz-executor.1 Not tainted 4.9.194+ #0 [ 1543.073494] ffff88013550f968 ffffffff81b67001 1ffff10026aa1f2f ffff880199b817c0 [ 1543.073507] ffffffff82aab4e0 0000000000000001 0000000000400000 ffff88013550fa90 [ 1543.073518] ffffffff815080fc 0000000041b58ab3 ffffffff82e3bc80 ffffffff81431d00 [ 1543.073520] Call Trace: [ 1543.073538] [<0000000011681f42>] dump_stack+0xc1/0x120 [ 1543.073554] [<000000007c2097d2>] warn_alloc.cold+0x76/0x93 [ 1543.073566] [<00000000de19d6ac>] ? zone_watermark_ok_safe+0x260/0x260 [ 1543.073575] [<00000000298d54b5>] ? avc_has_perm+0x164/0x3a0 [ 1543.073586] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1543.073596] [<000000005cb91349>] __vmalloc_node_range+0x368/0x610 [ 1543.073606] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1543.073615] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1543.073624] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1543.073634] [<00000000a2fc1867>] ? task_has_security+0x130/0x270 [ 1543.073642] [<00000000a2870fb6>] vmalloc+0x5c/0x70 [ 1543.073649] [<000000009122b07a>] ? sel_write_load+0x119/0xf60 [ 1543.073665] [<000000009122b07a>] sel_write_load+0x119/0xf60 [ 1543.073682] [<00000000c0218928>] ? trace_hardirqs_on_caller+0x385/0x5a0 [ 1543.073694] [<00000000442ab0de>] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 1543.073702] [<0000000014953e9a>] ? sel_read_bool+0x240/0x240 [ 1543.073709] [<0000000014953e9a>] ? sel_read_bool+0x240/0x240 [ 1543.073718] [<000000008431afd9>] __vfs_write+0x116/0x560 [ 1543.073726] [<0000000014953e9a>] ? sel_read_bool+0x240/0x240 [ 1543.073733] [<00000000b67253ca>] ? __vfs_read+0x550/0x550 [ 1543.073742] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1543.073751] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1543.073760] [<00000000ad48bf15>] ? rcu_read_lock_sched_held+0x10b/0x130 [ 1543.073768] [<00000000a3300644>] ? rcu_sync_lockdep_assert+0x73/0xb0 [ 1543.073777] [<000000003542cfd2>] ? __sb_start_write+0x161/0x310 [ 1543.073785] [<000000006a657c39>] vfs_write+0x185/0x520 [ 1543.073793] [<00000000896b6640>] SyS_write+0x121/0x270 [ 1543.073800] [<0000000039622e10>] ? SyS_read+0x270/0x270 [ 1543.073808] [<00000000207ed57a>] ? do_syscall_64+0x4a/0x5c0 [ 1543.073815] [<0000000039622e10>] ? SyS_read+0x270/0x270 [ 1543.073823] [<000000009049c43c>] do_syscall_64+0x1ad/0x5c0 [ 1543.073833] [<00000000880b3aee>] entry_SYSCALL_64_after_swapgs+0x5d/0xdb [ 1543.073858] Mem-Info: [ 1543.073900] active_anon:189264 inactive_anon:40 isolated_anon:0 [ 1543.073900] active_file:12745 inactive_file:19334 isolated_file:0 [ 1543.073900] unevictable:1 dirty:177 writeback:0 unstable:0 [ 1543.073900] slab_reclaimable:8937 slab_unreclaimable:101057 [ 1543.073900] mapped:59368 shmem:56 pagetables:79519 bounce:0 [ 1543.073900] free:1130013 free_pcp:586 free_cma:0 22:11:38 executing program 0: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) socket(0x0, 0x0, 0x8) poll(0x0, 0x0, 0x8000000000000200) socketpair(0x10, 0x0, 0x0, 0x0) creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$TIOCLINUX4(0xffffffffffffffff, 0x541c, 0x0) r0 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r1, &(0x7f0000000300)=ANY=[], 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x21) wait4(0x0, 0x0, 0x0, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x10000, 0x0, 0x15}) syz_open_pts(0xffffffffffffffff, 0x0) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) openat$vga_arbiter(0xffffffffffffff9c, 0x0, 0x0, 0x0) [ 1543.073932] Node 0 active_anon:757056kB inactive_anon:160kB active_file:50980kB inactive_file:77336kB unevictable:4kB isolated(anon):0kB isolated(file):0kB mapped:237472kB dirty:708kB writeback:0kB shmem:224kB writeback_tmp:0kB unstable:0kB pages_scanned:0 all_unreclaimable? no [ 1543.073984] DMA32 free:3012768kB min:4696kB low:7712kB high:10728kB active_anon:8kB inactive_anon:0kB active_file:4kB inactive_file:0kB unevictable:0kB writepending:0kB present:3145324kB managed:3020092kB mlocked:0kB slab_reclaimable:72kB slab_unreclaimable:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:1232kB local_pcp:588kB free_cma:0kB lowmem_reserve[]: 0 3505 3505 22:11:38 executing program 4: socket$unix(0x1, 0x1, 0x0) r0 = socket$unix(0x1, 0x1, 0x0) setsockopt$sock_int(r0, 0x1, 0x10, &(0x7f0000000040)=0xb517, 0x4) bind$unix(r0, &(0x7f0000003000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0xc) listen(r0, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) dup2(r2, r1) accept4$unix(r0, &(0x7f000046f000)=@abs, &(0x7f0000937000)=0x8, 0x0) 22:11:38 executing program 2: r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'\x00\x00\xec\xff\x00', 0x801}) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = syz_open_dev$loop(&(0x7f00000004c0)='/dev/loop#\x00', 0x0, 0x105082) r3 = memfd_create(&(0x7f0000000080)='\xfaIhFlK\x99F\x17\x16\xa5>\xd3\xc0\x93\xb5.\xda\x06_bT\x1cB\xdb\xf8y1\xe7,\x03\x98h\x86(\xa0m\x87+x\x14i\x88\xcd\x89\x81\xfb\x86', 0x0) pwritev(r3, &(0x7f0000f50f90)=[{&(0x7f00000000c0)='S', 0x1}], 0x1, 0x4081003) ioctl$LOOP_CHANGE_FD(r2, 0x4c00, r3) prctl$PR_GET_TSC(0x19, 0x0) r4 = socket$inet_tcp(0x2, 0x1, 0x0) sendmsg$SEG6_CMD_SETHMAC(r1, &(0x7f0000000400)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f00000003c0)={&(0x7f0000000600)=ANY=[@ANYBLOB="06000000", @ANYRES16=0x0, @ANYBLOB="020027bd7000fbdbdf2501000000bbfd040001000000040000000800050000000000000004000000000008000000f6000000010100000800020000000000"], 0x38}}, 0x0) sendto$inet(r4, 0x0, 0x0, 0x1000000020000000, &(0x7f0000000080)={0x2, 0x4e20}, 0x10) shutdown(r4, 0x1) fallocate(r2, 0x11, 0x0, 0x100000001) r5 = syz_open_procfs(0x0, &(0x7f0000000180)='fdinfo/3\x00') preadv(r5, &(0x7f0000000000)=[{&(0x7f00000001c0)=""/246, 0xf6}], 0x1, 0x0) 22:11:38 executing program 5: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x448, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x13102000ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket(0x5, 0xa, 0x8) poll(0x0, 0x0, 0x8000000000000200) socketpair(0x10, 0x0, 0xfe, &(0x7f0000000180)) fcntl$setown(0xffffffffffffffff, 0x8, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$TIOCLINUX4(r1, 0x541c, &(0x7f0000000040)) dup2(r0, 0xffffffffffffffff) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r3, &(0x7f0000000300)=ANY=[@ANYBLOB="2422cdb3dbc96a0d7dab17ee1da68e97a75c2d1a34e7ee02004c4ac61b6783adf4b78165e6c18fe6e6e9de0eb40ab9b6372acb8457a07f40768a79fdc462e6b4a93479179acce26e9a881ad88e9bda56bc45b955bd137eb6a10faae485df2055d290b5f5949c6c1ef54dacde51e41b3b831d091296afdcea0a3f90167c64236701a6a66a7585617a81295c82c330caf32cb6b5240766739a217b22cf41bbab5aeb327feb5109ed16a6ddd2009b475825c0dd02dbec6e612072ce7fd70ed9305446a8b45b7a9ff355b3cff9707fe8ba6b03c1d1269b59308a"], 0x1) ptrace$setopts(0x4206, r2, 0x0, 0x0) wait4(0x0, 0x0, 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x10000, 0x0, 0x15}) syz_open_pts(r0, 0x0) stat(&(0x7f0000000140)='./file0\x00', 0x0) getxattr(&(0x7f0000000240)='./file0\x00', &(0x7f0000000280)=@known='com.apple.system.Security\x00', &(0x7f00000002c0)=""/41, 0x29) accept$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @initdev}, &(0x7f00000001c0)=0x10) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) bind$inet(0xffffffffffffffff, &(0x7f0000000080)={0x2, 0x4e22, @empty}, 0x10) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0xf, &(0x7f00009abffc)=0x5, 0x4) r4 = socket(0xa, 0x2, 0x0) getsockopt$sock_cred(r4, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xa) openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000540)='/dev/vga_arbiter\x00', 0x511441, 0x0) 22:11:38 executing program 3: r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'\x00\x00\xec\xff\x00', 0x801}) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = syz_open_dev$loop(&(0x7f00000004c0)='/dev/loop#\x00', 0x0, 0x105082) r3 = memfd_create(&(0x7f0000000080)='\xfaIhFlK\x99F\x17\x16\xa5>\xd3\xc0\x93\xb5.\xda\x06_bT\x1cB\xdb\xf8y1\xe7,\x03\x98h\x86(\xa0m\x87+x\x14i\x88\xcd\x89\x81\xfb\x86', 0x0) pwritev(r3, &(0x7f0000f50f90)=[{&(0x7f00000000c0)='S', 0x1}], 0x1, 0x4081003) ioctl$LOOP_CHANGE_FD(r2, 0x4c00, r3) prctl$PR_GET_TSC(0x19, 0x0) r4 = socket$inet_tcp(0x2, 0x1, 0x0) sendmsg$SEG6_CMD_SETHMAC(r1, &(0x7f0000000400)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f00000003c0)={&(0x7f0000000600)={0x38, 0x0, 0x2, 0x70bd27, 0x25dfdbfb, {}, [@SEG6_ATTR_SECRET={0xfffffdbb, 0x4, [0x1, 0x4]}, @SEG6_ATTR_SECRETLEN={0x8}, @SEG6_ATTR_SECRET={0x0, 0x4, [0x0, 0x8, 0xf6, 0x101]}, @SEG6_ATTR_DSTLEN={0x8}]}, 0x38}}, 0x0) sendto$inet(r4, 0x0, 0x0, 0x1000000020000000, &(0x7f0000000080)={0x2, 0x4e20}, 0x10) shutdown(r4, 0x1) fallocate(r2, 0x11, 0x0, 0x100000001) r5 = syz_open_procfs(0x0, &(0x7f0000000180)='fdinfo/3\x00') ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000100)={'hsr0\x00', 0x2}) preadv(r5, &(0x7f0000000000)=[{&(0x7f00000001c0)=""/246, 0xf6}], 0x1, 0x0) 22:11:38 executing program 1: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x448, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x13102000ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket(0x5, 0xa, 0x8) poll(0x0, 0x0, 0x8000000000000200) socketpair(0x10, 0x0, 0xfe, &(0x7f0000000180)) fcntl$setown(0xffffffffffffffff, 0x8, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$TIOCLINUX4(r1, 0x541c, &(0x7f0000000040)) dup2(r0, 0xffffffffffffffff) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r3, &(0x7f0000000300)=ANY=[@ANYBLOB="2422cdb3dbc96a0d7dab17ee1da68e97a75c2d1a34e7ee02004c4ac61b6783adf4b78165e6c18fe6e6e9de0eb40ab9b6372acb8457a07f40768a79fdc462e6b4a93479179acce26e9a881ad88e9bda56bc45b955bd137eb6a10faae485df2055d290b5f5949c6c1ef54dacde51e41b3b831d091296afdcea0a3f90167c64236701a6a66a7585617a81295c82c330caf32cb6b5240766739a217b22cf41bbab5aeb327feb5109ed16a6ddd2009b475825c0dd02dbec6e612072ce7fd70ed9305446a8b45b7a9ff355b3cff9707fe8ba6b03c1d1269b59308a"], 0x1) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x21) wait4(0x0, 0x0, 0x0, 0x0) syz_open_pts(r0, 0x0) stat(&(0x7f0000000140)='./file0\x00', 0x0) getxattr(&(0x7f0000000240)='./file0\x00', &(0x7f0000000280)=@known='com.apple.system.Security\x00', &(0x7f00000002c0)=""/41, 0x29) accept$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @initdev}, &(0x7f00000001c0)=0x10) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) bind$inet(0xffffffffffffffff, &(0x7f0000000080)={0x2, 0x4e22, @empty}, 0x10) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0xf, &(0x7f00009abffc)=0x5, 0x4) r4 = socket(0xa, 0x2, 0x0) getsockopt$sock_cred(r4, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xa) openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000540)='/dev/vga_arbiter\x00', 0x511441, 0x0) [ 1543.074074] Normal free:1507284kB min:5580kB low:9168kB high:12756kB active_anon:757048kB inactive_anon:160kB active_file:50976kB inactive_file:77336kB unevictable:4kB writepending:708kB present:4718592kB managed:3589316kB mlocked:4kB slab_reclaimable:35676kB slab_unreclaimable:404228kB kernel_stack:100896kB pagetables:318076kB bounce:0kB free_pcp:1112kB local_pcp:388kB free_cma:0kB lowmem_reserve[]: 0 0 0 [ 1543.074399] DMA32: 12*4kB (UM) 12*8kB (UME) 7*16kB (UME) 5*32kB (UME) 4*64kB (UM) 6*128kB (UME) 7*256kB (UME) 6*512kB (UME) 4*1024kB (UME) 4*2048kB (UME) 731*4096kB (UM) = 3012768kB Normal: 5*4kB (ME) 172*8kB (UME) 136*16kB (UME) 23*32kB (UM) 11*64kB (ME) 3*128kB (UME) 3*256kB (UE) 2*512kB (UM) 1*1024kB (E) 0*2048kB 366*4096kB (U) = 1507348kB 32132 total pagecache pages [ 1543.074661] 0 pages in swap cache [ 1543.074669] Swap cache stats: add 0, delete 0, find 0/0 [ 1543.074680] Free swap = 0kB [ 1543.074683] Total swap = 0kB [ 1543.074707] 1965979 pages RAM [ 1543.074727] 0 pages HighMem/MovableOnly [ 1543.074739] 313627 pages reserved [ 1543.576554] syz-executor.0: vmalloc: allocation failure: 0 bytes, mode:0x24000c2(GFP_KERNEL|__GFP_HIGHMEM) [ 1543.576566] CPU: 1 PID: 30742 Comm: syz-executor.0 Not tainted 4.9.194+ #0 [ 1543.576586] ffff880138ac7968 ffffffff81b67001 1ffff10027158f2f ffff880132dfaf80 [ 1543.576598] ffffffff82aab4e0 0000000000000001 0000000000400000 ffff880138ac7a90 [ 1543.576608] ffffffff815080fc 0000000041b58ab3 ffffffff82e3bc80 ffffffff81431d00 [ 1543.576610] Call Trace: [ 1543.576625] [<0000000011681f42>] dump_stack+0xc1/0x120 [ 1543.576641] [<000000007c2097d2>] warn_alloc.cold+0x76/0x93 [ 1543.576651] [<00000000de19d6ac>] ? zone_watermark_ok_safe+0x260/0x260 [ 1543.576661] [<00000000298d54b5>] ? avc_has_perm+0x164/0x3a0 [ 1543.576671] [<000000005cb91349>] __vmalloc_node_range+0x368/0x610 [ 1543.576680] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1543.576688] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1543.576696] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 22:11:38 executing program 1: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x448, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x13102000ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket(0x5, 0xa, 0x8) poll(0x0, 0x0, 0x8000000000000200) socketpair(0x10, 0x0, 0xfe, &(0x7f0000000180)) fcntl$setown(0xffffffffffffffff, 0x8, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$TIOCLINUX4(r1, 0x541c, &(0x7f0000000040)) dup2(r0, 0xffffffffffffffff) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r3, &(0x7f0000000300)=ANY=[@ANYBLOB="2422cdb3dbc96a0d7dab17ee1da68e97a75c2d1a34e7ee02004c4ac61b6783adf4b78165e6c18fe6e6e9de0eb40ab9b6372acb8457a07f40768a79fdc462e6b4a93479179acce26e9a881ad88e9bda56bc45b955bd137eb6a10faae485df2055d290b5f5949c6c1ef54dacde51e41b3b831d091296afdcea0a3f90167c64236701a6a66a7585617a81295c82c330caf32cb6b5240766739a217b22cf41bbab5aeb327feb5109ed16a6ddd2009b475825c0dd02dbec6e612072ce7fd70ed9305446a8b45b7a9ff355b3cff9707fe8ba6b03c1d1269b59308a"], 0x1) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x21) wait4(0x0, 0x0, 0x0, 0x0) syz_open_pts(r0, 0x0) stat(&(0x7f0000000140)='./file0\x00', 0x0) getxattr(&(0x7f0000000240)='./file0\x00', &(0x7f0000000280)=@known='com.apple.system.Security\x00', &(0x7f00000002c0)=""/41, 0x29) accept$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @initdev}, &(0x7f00000001c0)=0x10) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) bind$inet(0xffffffffffffffff, &(0x7f0000000080)={0x2, 0x4e22, @empty}, 0x10) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0xf, &(0x7f00009abffc)=0x5, 0x4) r4 = socket(0xa, 0x2, 0x0) getsockopt$sock_cred(r4, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xa) openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000540)='/dev/vga_arbiter\x00', 0x511441, 0x0) [ 1543.576706] [<00000000a2fc1867>] ? task_has_security+0x130/0x270 [ 1543.576713] [<00000000a2870fb6>] vmalloc+0x5c/0x70 [ 1543.576719] [<000000009122b07a>] ? sel_write_load+0x119/0xf60 [ 1543.576725] [<000000009122b07a>] sel_write_load+0x119/0xf60 [ 1543.576732] [<0000000014953e9a>] ? sel_read_bool+0x240/0x240 [ 1543.576741] [<0000000033795d1e>] ? trace_hardirqs_on+0x10/0x10 22:11:38 executing program 5: r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'\x00\x00\xec\xff\x00', 0x801}) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = syz_open_dev$loop(&(0x7f00000004c0)='/dev/loop#\x00', 0x0, 0x105082) r2 = memfd_create(&(0x7f0000000080)='\xfaIhFlK\x99F\x17\x16\xa5>\xd3\xc0\x93\xb5.\xda\x06_bT\x1cB\xdb\xf8y1\xe7,\x03\x98h\x86(\xa0m\x87+x\x14i\x88\xcd\x89\x81\xfb\x86', 0x0) pwritev(r2, &(0x7f0000f50f90)=[{&(0x7f00000000c0)='S', 0x1}], 0x1, 0x4081003) ioctl$LOOP_CHANGE_FD(r1, 0x4c00, r2) prctl$PR_GET_TSC(0x19, 0x0) prctl$PR_SVE_SET_VL(0x32, 0x2030d) r3 = socket$inet_tcp(0x2, 0x1, 0x0) r4 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r5 = dup(r4) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) getsockopt$IPT_SO_GET_REVISION_TARGET(r5, 0x0, 0x43, &(0x7f0000000080)={'ah\x00'}, &(0x7f00000000c0)=0x1e) sendmsg$SEG6_CMD_SETHMAC(r5, &(0x7f0000000400)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f00000003c0)={&(0x7f0000000600)={0x44, 0x0, 0x2, 0x70bd27, 0x25dfdbfb, {}, [@SEG6_ATTR_SECRET={0xc, 0x4, [0x5, 0x4]}, @SEG6_ATTR_SECRETLEN={0x8}, @SEG6_ATTR_SECRET={0x14, 0x4, [0x0, 0x8, 0xf6, 0x101]}, @SEG6_ATTR_DSTLEN={0x8}]}, 0x44}}, 0x0) sendto$inet(r3, 0x0, 0xfffffffffffffe8b, 0x1000000020000000, &(0x7f0000000080)={0x2, 0x4e20, @multicast1}, 0x10) shutdown(r3, 0x1) fallocate(r1, 0x11, 0x0, 0x100000001) r6 = syz_open_procfs(0x0, &(0x7f0000000180)='fdinfo/3\x00') preadv(r6, &(0x7f0000000000)=[{&(0x7f00000001c0)=""/246, 0xf6}], 0x1, 0x0) r7 = socket$inet(0x2, 0x180806, 0x2) ioctl$FS_IOC_GETVERSION(r7, 0x80087601, &(0x7f0000000100)) 22:11:38 executing program 2: r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'\x00\x00\xec\xff\x00', 0x801}) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = syz_open_dev$loop(&(0x7f00000004c0)='/dev/loop#\x00', 0x0, 0x105082) r3 = memfd_create(&(0x7f0000000080)='\xfaIhFlK\x99F\x17\x16\xa5>\xd3\xc0\x93\xb5.\xda\x06_bT\x1cB\xdb\xf8y1\xe7,\x03\x98h\x86(\xa0m\x87+x\x14i\x88\xcd\x89\x81\xfb\x86', 0x0) pwritev(r3, &(0x7f0000f50f90)=[{&(0x7f00000000c0)='S', 0x1}], 0x1, 0x4081003) ioctl$LOOP_CHANGE_FD(r2, 0x4c00, r3) prctl$PR_GET_TSC(0x19, 0x0) r4 = socket$inet_tcp(0x2, 0x1, 0x0) sendmsg$SEG6_CMD_SETHMAC(r1, &(0x7f0000000400)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f00000003c0)={&(0x7f0000000600)=ANY=[@ANYBLOB="06000000", @ANYRES16=0x0, @ANYBLOB="020027bd7000fbdbdf2501000000bbfd040001000000040000000800050000000000000004000000000008000000f6000000010100000800020000000000"], 0x38}}, 0x0) sendto$inet(r4, 0x0, 0x0, 0x1000000020000000, &(0x7f0000000080)={0x2, 0x4e20}, 0x10) shutdown(r4, 0x1) fallocate(r2, 0x11, 0x0, 0x100000001) r5 = syz_open_procfs(0x0, &(0x7f0000000180)='fdinfo/3\x00') preadv(r5, &(0x7f0000000000)=[{&(0x7f00000001c0)=""/246, 0xf6}], 0x1, 0x0) [ 1543.576749] [<000000008431afd9>] __vfs_write+0x116/0x560 [ 1543.576755] [<0000000014953e9a>] ? sel_read_bool+0x240/0x240 [ 1543.576761] [<00000000b67253ca>] ? __vfs_read+0x550/0x550 [ 1543.576770] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 22:11:38 executing program 3: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x448, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x13102000ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket(0x5, 0xa, 0x8) poll(0x0, 0x0, 0x8000000000000200) socketpair(0x10, 0x0, 0xfe, &(0x7f0000000180)) fcntl$setown(0xffffffffffffffff, 0x8, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$TIOCLINUX4(r1, 0x541c, &(0x7f0000000040)) dup2(r0, 0xffffffffffffffff) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = gettid() r3 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r3, &(0x7f0000000300)=ANY=[@ANYBLOB="2422cdb3dbc96a0d7dab17ee1da68e97a75c2d1a34e7ee02004c4ac61b6783adf4b78165e6c18fe6e6e9de0eb40ab9b6372acb8457a07f40768a79fdc462e6b4a93479179acce26e9a881ad88e9bda56bc45b955bd137eb6a10faae485df2055d290b5f5949c6c1ef54dacde51e41b3b831d091296afdcea0a3f90167c64236701a6a66a7585617a81295c82c330caf32cb6b5240766739a217b22cf41bbab5aeb327feb5109ed16a6ddd2009b475825c0dd02dbec6e612072ce7fd70ed9305446a8b45b7a9ff355b3cff9707fe8ba6b03c1d1269b59308a"], 0x1) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x21) wait4(0x0, 0x0, 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x10000, 0x0, 0x15}) syz_open_pts(r0, 0x0) getxattr(&(0x7f0000000240)='./file0\x00', &(0x7f0000000280)=@known='com.apple.system.Security\x00', &(0x7f00000002c0)=""/41, 0x29) accept$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @initdev}, &(0x7f00000001c0)=0x10) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0xf, &(0x7f00009abffc)=0x5, 0x4) r4 = socket(0xa, 0x2, 0x0) getsockopt$sock_cred(r4, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xa) fcntl$getownex(r4, 0x10, &(0x7f0000000500)) openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000540)='/dev/vga_arbiter\x00', 0x511441, 0x0) [ 1543.576778] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1543.576786] [<00000000ad48bf15>] ? rcu_read_lock_sched_held+0x10b/0x130 [ 1543.576793] [<00000000a3300644>] ? rcu_sync_lockdep_assert+0x73/0xb0 [ 1543.576801] [<000000003542cfd2>] ? __sb_start_write+0x161/0x310 [ 1543.576808] [<000000006a657c39>] vfs_write+0x185/0x520 [ 1543.576815] [<00000000896b6640>] SyS_write+0x121/0x270 [ 1543.576822] [<0000000039622e10>] ? SyS_read+0x270/0x270 [ 1543.576830] [<00000000207ed57a>] ? do_syscall_64+0x4a/0x5c0 22:11:39 executing program 0: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) socket(0x0, 0x0, 0x8) poll(0x0, 0x0, 0x8000000000000200) socketpair(0x10, 0x0, 0x0, 0x0) creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$TIOCLINUX4(0xffffffffffffffff, 0x541c, 0x0) r0 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r1, &(0x7f0000000300)=ANY=[], 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x21) wait4(0x0, 0x0, 0x0, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x10000, 0x0, 0x15}) syz_open_pts(0xffffffffffffffff, 0x0) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) openat$vga_arbiter(0xffffffffffffff9c, 0x0, 0x0, 0x0) [ 1543.576847] [<0000000039622e10>] ? SyS_read+0x270/0x270 [ 1543.576856] [<000000009049c43c>] do_syscall_64+0x1ad/0x5c0 [ 1543.576870] [<00000000880b3aee>] entry_SYSCALL_64_after_swapgs+0x5d/0xdb [ 1543.576874] Mem-Info: [ 1543.576895] active_anon:189335 inactive_anon:41 isolated_anon:0 [ 1543.576895] active_file:12745 inactive_file:19334 isolated_file:0 [ 1543.576895] unevictable:1 dirty:178 writeback:0 unstable:0 [ 1543.576895] slab_reclaimable:8937 slab_unreclaimable:101034 [ 1543.576895] mapped:59371 shmem:56 pagetables:79600 bounce:0 [ 1543.576895] free:1129950 free_pcp:432 free_cma:0 22:11:39 executing program 2: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x448, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x13102000ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket(0x5, 0xa, 0x8) poll(0x0, 0x0, 0x8000000000000200) socketpair(0x10, 0x0, 0xfe, &(0x7f0000000180)) fcntl$setown(0xffffffffffffffff, 0x8, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$TIOCLINUX4(r1, 0x541c, &(0x7f0000000040)) dup2(r0, 0xffffffffffffffff) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r3, &(0x7f0000000300)=ANY=[@ANYBLOB="2422cdb3dbc96a0d7dab17ee1da68e97a75c2d1a34e7ee02004c4ac61b6783adf4b78165e6c18fe6e6e9de0eb40ab9b6372acb8457a07f40768a79fdc462e6b4a93479179acce26e9a881ad88e9bda56bc45b955bd137eb6a10faae485df2055d290b5f5949c6c1ef54dacde51e41b3b831d091296afdcea0a3f90167c64236701a6a66a7585617a81295c82c330caf32cb6b5240766739a217b22cf41bbab5aeb327feb5109ed16a6ddd2009b475825c0dd02dbec6e612072ce7fd70ed9305446a8b45b7a9ff355b3cff9707fe8ba6b03c1d1269b59308a"], 0x1) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x21) wait4(0x0, 0x0, 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x10000, 0x0, 0x15}) stat(&(0x7f0000000140)='./file0\x00', 0x0) getxattr(&(0x7f0000000240)='./file0\x00', &(0x7f0000000280)=@known='com.apple.system.Security\x00', &(0x7f00000002c0)=""/41, 0x29) accept$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @initdev}, &(0x7f00000001c0)=0x10) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) bind$inet(0xffffffffffffffff, &(0x7f0000000080)={0x2, 0x4e22, @empty}, 0x10) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0xf, &(0x7f00009abffc)=0x5, 0x4) r4 = socket(0xa, 0x2, 0x0) getsockopt$sock_cred(r4, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xa) openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000540)='/dev/vga_arbiter\x00', 0x511441, 0x0) 22:11:39 executing program 3: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x448, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x13102000ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket(0x5, 0xa, 0x8) poll(0x0, 0x0, 0x8000000000000200) socketpair(0x10, 0x0, 0xfe, &(0x7f0000000180)) fcntl$setown(0xffffffffffffffff, 0x8, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$TIOCLINUX4(r1, 0x541c, &(0x7f0000000040)) dup2(r0, 0xffffffffffffffff) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = gettid() r3 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r3, &(0x7f0000000300)=ANY=[@ANYBLOB="2422cdb3dbc96a0d7dab17ee1da68e97a75c2d1a34e7ee02004c4ac61b6783adf4b78165e6c18fe6e6e9de0eb40ab9b6372acb8457a07f40768a79fdc462e6b4a93479179acce26e9a881ad88e9bda56bc45b955bd137eb6a10faae485df2055d290b5f5949c6c1ef54dacde51e41b3b831d091296afdcea0a3f90167c64236701a6a66a7585617a81295c82c330caf32cb6b5240766739a217b22cf41bbab5aeb327feb5109ed16a6ddd2009b475825c0dd02dbec6e612072ce7fd70ed9305446a8b45b7a9ff355b3cff9707fe8ba6b03c1d1269b59308a"], 0x1) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x21) wait4(0x0, 0x0, 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x10000, 0x0, 0x15}) syz_open_pts(r0, 0x0) getxattr(&(0x7f0000000240)='./file0\x00', &(0x7f0000000280)=@known='com.apple.system.Security\x00', &(0x7f00000002c0)=""/41, 0x29) accept$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @initdev}, &(0x7f00000001c0)=0x10) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0xf, &(0x7f00009abffc)=0x5, 0x4) r4 = socket(0xa, 0x2, 0x0) getsockopt$sock_cred(r4, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xa) fcntl$getownex(r4, 0x10, &(0x7f0000000500)) openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000540)='/dev/vga_arbiter\x00', 0x511441, 0x0) [ 1543.576912] Node 0 active_anon:757340kB inactive_anon:164kB active_file:50980kB inactive_file:77336kB unevictable:4kB isolated(anon):0kB isolated(file):0kB mapped:237484kB dirty:712kB writeback:0kB shmem:224kB writeback_tmp:0kB unstable:0kB pages_scanned:0 all_unreclaimable? no [ 1543.576930] DMA32 free:3012768kB min:4696kB low:7712kB high:10728kB active_anon:8kB inactive_anon:0kB active_file:4kB inactive_file:0kB unevictable:0kB writepending:0kB present:3145324kB managed:3020092kB mlocked:0kB slab_reclaimable:72kB slab_unreclaimable:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:1232kB local_pcp:644kB free_cma:0kB lowmem_reserve[]: 0 3505 3505 [ 1543.576955] Normal free:1507032kB min:5580kB low:9168kB high:12756kB active_anon:757332kB inactive_anon:164kB active_file:50976kB inactive_file:77336kB unevictable:4kB writepending:712kB present:4718592kB managed:3589316kB mlocked:4kB slab_reclaimable:35676kB slab_unreclaimable:404136kB kernel_stack:101248kB pagetables:318400kB bounce:0kB free_pcp:496kB local_pcp:280kB free_cma:0kB lowmem_reserve[]: 0 0 0 22:11:39 executing program 4: r0 = socket$unix(0x1, 0x1, 0x0) r1 = socket$unix(0x1, 0x1, 0x0) setsockopt$sock_int(r1, 0x1, 0x10, &(0x7f0000000040)=0xb517, 0x4) bind$unix(r1, &(0x7f0000003000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0xc) listen(r1, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) socket$netlink(0x10, 0x3, 0x0) connect$unix(r0, &(0x7f000066fff4)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0xc) accept4$unix(r1, &(0x7f000046f000)=@abs, &(0x7f0000937000)=0x8, 0x0) 22:11:39 executing program 5: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x448, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x13102000ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket(0x5, 0xa, 0x8) poll(0x0, 0x0, 0x8000000000000200) socketpair(0x10, 0x0, 0xfe, &(0x7f0000000180)) fcntl$setown(0xffffffffffffffff, 0x8, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$TIOCLINUX4(r1, 0x541c, &(0x7f0000000040)) dup2(r0, 0xffffffffffffffff) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r3, &(0x7f0000000300)=ANY=[@ANYBLOB="2422cdb3dbc96a0d7dab17ee1da68e97a75c2d1a34e7ee02004c4ac61b6783adf4b78165e6c18fe6e6e9de0eb40ab9b6372acb8457a07f40768a79fdc462e6b4a93479179acce26e9a881ad88e9bda56bc45b955bd137eb6a10faae485df2055d290b5f5949c6c1ef54dacde51e41b3b831d091296afdcea0a3f90167c64236701a6a66a7585617a81295c82c330caf32cb6b5240766739a217b22cf41bbab5aeb327feb5109ed16a6ddd2009b475825c0dd02dbec6e612072ce7fd70ed9305446a8b45b7a9ff355b3cff9707fe8ba6b03c1d1269b59308a"], 0x1) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x21) wait4(0x0, 0x0, 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x10000, 0x0, 0x15}) syz_open_pts(r0, 0x0) getxattr(&(0x7f0000000240)='./file0\x00', &(0x7f0000000280)=@known='com.apple.system.Security\x00', &(0x7f00000002c0)=""/41, 0x29) accept$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @initdev}, &(0x7f00000001c0)=0x10) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) bind$inet(0xffffffffffffffff, &(0x7f0000000080)={0x2, 0x4e22, @empty}, 0x10) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0xf, &(0x7f00009abffc)=0x5, 0x4) r4 = socket(0xa, 0x2, 0x0) getsockopt$sock_cred(r4, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xa) openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000540)='/dev/vga_arbiter\x00', 0x511441, 0x0) [ 1543.577009] DMA32: 12*4kB (UM) 12*8kB (UME) 7*16kB (UME) 5*32kB (UME) 4*64kB (UM) 6*128kB (UME) 7*256kB (UME) 6*512kB (UME) 4*1024kB (UME) 4*2048kB (UME) 731*4096kB (UM) = 3012768kB Normal: 4*4kB (ME) 153*8kB (ME) 138*16kB (UME) 18*32kB (UM) 12*64kB (UME) 2*128kB (ME) 3*256kB (UE) 2*512kB (UM) 1*1024kB (E) 0*2048kB 366*4096kB (U) = 1507000kB 32133 total pagecache pages [ 1543.577059] 0 pages in swap cache [ 1543.577063] Swap cache stats: add 0, delete 0, find 0/0 [ 1543.577065] Free swap = 0kB [ 1543.577067] Total swap = 0kB [ 1543.577070] 1965979 pages RAM [ 1543.577071] 0 pages HighMem/MovableOnly [ 1543.577073] 313627 pages reserved [ 1544.073167] syz-executor.1: vmalloc: allocation failure: 0 bytes, mode:0x24000c2(GFP_KERNEL|__GFP_HIGHMEM) [ 1544.073180] CPU: 0 PID: 30743 Comm: syz-executor.1 Not tainted 4.9.194+ #0 [ 1544.073199] ffff88013726f968 ffffffff81b67001 1ffff10026e4df2f ffff880132dfdf00 [ 1544.073213] ffffffff82aab4e0 0000000000000001 0000000000400000 ffff88013726fa90 [ 1544.073227] ffffffff815080fc 0000000041b58ab3 ffffffff82e3bc80 ffffffff81431d00 [ 1544.073229] Call Trace: [ 1544.073247] [<0000000011681f42>] dump_stack+0xc1/0x120 [ 1544.073257] [<000000007c2097d2>] warn_alloc.cold+0x76/0x93 [ 1544.073269] [<00000000de19d6ac>] ? zone_watermark_ok_safe+0x260/0x260 [ 1544.073278] [<00000000298d54b5>] ? avc_has_perm+0x164/0x3a0 [ 1544.073291] [<000000005cb91349>] __vmalloc_node_range+0x368/0x610 [ 1544.073301] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1544.073310] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1544.073318] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 22:11:40 executing program 4: r0 = socket$unix(0x1, 0x1, 0x0) r1 = socket$unix(0x1, 0x1, 0x0) setsockopt$sock_int(r1, 0x1, 0x10, &(0x7f0000000040)=0xb517, 0x4) bind$unix(r1, &(0x7f0000003000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0xc) listen(r1, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) connect$unix(r0, &(0x7f000066fff4)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0xc) accept4$unix(r1, &(0x7f000046f000)=@abs, &(0x7f0000937000)=0x8, 0x0) [ 1544.073333] [<00000000a2fc1867>] ? task_has_security+0x130/0x270 22:11:40 executing program 5: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x448, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x13102000ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket(0x5, 0xa, 0x8) poll(0x0, 0x0, 0x8000000000000200) socketpair(0x10, 0x0, 0xfe, &(0x7f0000000180)) fcntl$setown(0xffffffffffffffff, 0x8, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$TIOCLINUX4(r1, 0x541c, &(0x7f0000000040)) dup2(r0, 0xffffffffffffffff) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r3, &(0x7f0000000300)=ANY=[@ANYBLOB="2422cdb3dbc96a0d7dab17ee1da68e97a75c2d1a34e7ee02004c4ac61b6783adf4b78165e6c18fe6e6e9de0eb40ab9b6372acb8457a07f40768a79fdc462e6b4a93479179acce26e9a881ad88e9bda56bc45b955bd137eb6a10faae485df2055d290b5f5949c6c1ef54dacde51e41b3b831d091296afdcea0a3f90167c64236701a6a66a7585617a81295c82c330caf32cb6b5240766739a217b22cf41bbab5aeb327feb5109ed16a6ddd2009b475825c0dd02dbec6e612072ce7fd70ed9305446a8b45b7a9ff355b3cff9707fe8ba6b03c1d1269b59308a"], 0x1) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x21) wait4(0x0, 0x0, 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x10000, 0x0, 0x15}) syz_open_pts(r0, 0x0) getxattr(&(0x7f0000000240)='./file0\x00', &(0x7f0000000280)=@known='com.apple.system.Security\x00', &(0x7f00000002c0)=""/41, 0x29) accept$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @initdev}, &(0x7f00000001c0)=0x10) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) bind$inet(0xffffffffffffffff, &(0x7f0000000080)={0x2, 0x4e22, @empty}, 0x10) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0xf, &(0x7f00009abffc)=0x5, 0x4) r4 = socket(0xa, 0x2, 0x0) getsockopt$sock_cred(r4, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xa) openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000540)='/dev/vga_arbiter\x00', 0x511441, 0x0) [ 1544.073340] [<00000000a2870fb6>] vmalloc+0x5c/0x70 22:11:40 executing program 2: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x448, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x13102000ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket(0x5, 0xa, 0x8) poll(0x0, 0x0, 0x8000000000000200) socketpair(0x10, 0x0, 0xfe, &(0x7f0000000180)) fcntl$setown(0xffffffffffffffff, 0x8, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$TIOCLINUX4(r1, 0x541c, &(0x7f0000000040)) dup2(r0, 0xffffffffffffffff) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r3, &(0x7f0000000300)=ANY=[@ANYBLOB="2422cdb3dbc96a0d7dab17ee1da68e97a75c2d1a34e7ee02004c4ac61b6783adf4b78165e6c18fe6e6e9de0eb40ab9b6372acb8457a07f40768a79fdc462e6b4a93479179acce26e9a881ad88e9bda56bc45b955bd137eb6a10faae485df2055d290b5f5949c6c1ef54dacde51e41b3b831d091296afdcea0a3f90167c64236701a6a66a7585617a81295c82c330caf32cb6b5240766739a217b22cf41bbab5aeb327feb5109ed16a6ddd2009b475825c0dd02dbec6e612072ce7fd70ed9305446a8b45b7a9ff355b3cff9707fe8ba6b03c1d1269b59308a"], 0x1) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x21) wait4(0x0, 0x0, 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x10000, 0x0, 0x15}) stat(&(0x7f0000000140)='./file0\x00', 0x0) getxattr(&(0x7f0000000240)='./file0\x00', &(0x7f0000000280)=@known='com.apple.system.Security\x00', &(0x7f00000002c0)=""/41, 0x29) accept$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @initdev}, &(0x7f00000001c0)=0x10) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) bind$inet(0xffffffffffffffff, &(0x7f0000000080)={0x2, 0x4e22, @empty}, 0x10) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0xf, &(0x7f00009abffc)=0x5, 0x4) r4 = socket(0xa, 0x2, 0x0) getsockopt$sock_cred(r4, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xa) openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000540)='/dev/vga_arbiter\x00', 0x511441, 0x0) [ 1544.073346] [<000000009122b07a>] ? sel_write_load+0x119/0xf60 [ 1544.073352] [<000000009122b07a>] sel_write_load+0x119/0xf60 [ 1544.073358] [<0000000014953e9a>] ? sel_read_bool+0x240/0x240 [ 1544.073368] [<00000000b9229046>] ? retint_kernel+0x2d/0x2d [ 1544.073377] [<000000007028393f>] ? mark_held_locks+0xb1/0x100 [ 1544.073384] [<000000008431afd9>] __vfs_write+0x116/0x560 [ 1544.073390] [<0000000014953e9a>] ? sel_read_bool+0x240/0x240 [ 1544.073396] [<00000000b67253ca>] ? __vfs_read+0x550/0x550 [ 1544.073405] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1544.073412] [<00000000b9229046>] ? retint_kernel+0x2d/0x2d [ 1544.073421] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1544.073429] [<0000000072e3fb80>] ? __sb_start_write+0x21c/0x310 [ 1544.073443] [<000000003542cfd2>] ? __sb_start_write+0x161/0x310 [ 1544.073449] [<000000006a657c39>] vfs_write+0x185/0x520 [ 1544.073456] [<00000000896b6640>] SyS_write+0x121/0x270 [ 1544.073462] [<0000000039622e10>] ? SyS_read+0x270/0x270 [ 1544.073469] [<00000000207ed57a>] ? do_syscall_64+0x4a/0x5c0 [ 1544.073475] [<0000000039622e10>] ? SyS_read+0x270/0x270 [ 1544.073481] [<000000009049c43c>] do_syscall_64+0x1ad/0x5c0 [ 1544.073489] [<00000000880b3aee>] entry_SYSCALL_64_after_swapgs+0x5d/0xdb [ 1544.073537] Mem-Info: [ 1544.073569] active_anon:189343 inactive_anon:39 isolated_anon:0 [ 1544.073569] active_file:12746 inactive_file:19334 isolated_file:0 [ 1544.073569] unevictable:1 dirty:180 writeback:0 unstable:0 [ 1544.073569] slab_reclaimable:8937 slab_unreclaimable:101073 [ 1544.073569] mapped:59368 shmem:56 pagetables:79642 bounce:0 [ 1544.073569] free:1129864 free_pcp:431 free_cma:0 [ 1544.073589] Node 0 active_anon:757372kB inactive_anon:156kB active_file:50984kB inactive_file:77336kB unevictable:4kB isolated(anon):0kB isolated(file):0kB mapped:237472kB dirty:720kB writeback:0kB shmem:224kB writeback_tmp:0kB unstable:0kB pages_scanned:0 all_unreclaimable? no [ 1544.073618] DMA32 free:3012768kB min:4696kB low:7712kB high:10728kB active_anon:8kB inactive_anon:0kB active_file:4kB inactive_file:0kB unevictable:0kB writepending:0kB present:3145324kB managed:3020092kB mlocked:0kB slab_reclaimable:72kB slab_unreclaimable:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:1232kB local_pcp:588kB free_cma:0kB lowmem_reserve[]: 0 3505 3505 [ 1544.073653] Normal free:1506688kB min:5580kB low:9168kB high:12756kB active_anon:757364kB inactive_anon:156kB active_file:50980kB inactive_file:77336kB unevictable:4kB writepending:720kB present:4718592kB managed:3589316kB mlocked:4kB slab_reclaimable:35676kB slab_unreclaimable:404292kB kernel_stack:101216kB pagetables:318568kB bounce:0kB free_pcp:492kB local_pcp:288kB free_cma:0kB lowmem_reserve[]: 0 0 0 [ 1544.073715] DMA32: 12*4kB (UM) 12*8kB (UME) 7*16kB (UME) 5*32kB (UME) 4*64kB (UM) 6*128kB (UME) 7*256kB (UME) 6*512kB (UME) 4*1024kB (UME) 4*2048kB (UME) 731*4096kB (UM) = 3012768kB Normal: 4*4kB (UE) 138*8kB (ME) 130*16kB (ME) 21*32kB (UM) 11*64kB (ME) 3*128kB (UME) 2*256kB (E) 2*512kB (UM) 1*1024kB (E) 0*2048kB 366*4096kB (U) = 1506656kB 32133 total pagecache pages [ 1544.073771] 0 pages in swap cache [ 1544.073775] Swap cache stats: add 0, delete 0, find 0/0 [ 1544.073777] Free swap = 0kB [ 1544.073780] Total swap = 0kB [ 1544.073782] 1965979 pages RAM [ 1544.073784] 0 pages HighMem/MovableOnly [ 1544.073786] 313627 pages reserved [ 1544.360810] syz-executor.0: vmalloc: allocation failure: 0 bytes, mode:0x24000c2(GFP_KERNEL|__GFP_HIGHMEM) [ 1544.360821] CPU: 0 PID: 30779 Comm: syz-executor.0 Not tainted 4.9.194+ #0 [ 1544.360839] ffff88013a0d7968 ffffffff81b67001 1ffff1002741af2f ffff88013c34c740 [ 1544.360852] ffffffff82aab4e0 0000000000000001 0000000000400000 ffff88013a0d7a90 [ 1544.360865] ffffffff815080fc 0000000041b58ab3 ffffffff82e3bc80 ffffffff81431d00 [ 1544.360867] Call Trace: [ 1544.360884] [<0000000011681f42>] dump_stack+0xc1/0x120 [ 1544.360899] [<000000007c2097d2>] warn_alloc.cold+0x76/0x93 [ 1544.360911] [<00000000de19d6ac>] ? zone_watermark_ok_safe+0x260/0x260 [ 1544.360920] [<00000000298d54b5>] ? avc_has_perm+0x164/0x3a0 [ 1544.360930] [<000000005cb91349>] __vmalloc_node_range+0x368/0x610 [ 1544.360940] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1544.360948] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1544.360956] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1544.360967] [<00000000a2fc1867>] ? task_has_security+0x130/0x270 [ 1544.360974] [<00000000a2870fb6>] vmalloc+0x5c/0x70 [ 1544.360980] [<000000009122b07a>] ? sel_write_load+0x119/0xf60 [ 1544.360987] [<000000009122b07a>] sel_write_load+0x119/0xf60 [ 1544.360994] [<0000000014953e9a>] ? sel_read_bool+0x240/0x240 [ 1544.361003] [<0000000033795d1e>] ? trace_hardirqs_on+0x10/0x10 [ 1544.361011] [<000000008431afd9>] __vfs_write+0x116/0x560 [ 1544.361018] [<0000000014953e9a>] ? sel_read_bool+0x240/0x240 [ 1544.361025] [<00000000b67253ca>] ? __vfs_read+0x550/0x550 [ 1544.361034] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1544.361042] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1544.361051] [<00000000ad48bf15>] ? rcu_read_lock_sched_held+0x10b/0x130 [ 1544.361059] [<00000000a3300644>] ? rcu_sync_lockdep_assert+0x73/0xb0 [ 1544.361068] [<000000003542cfd2>] ? __sb_start_write+0x161/0x310 [ 1544.361074] [<000000006a657c39>] vfs_write+0x185/0x520 [ 1544.361082] [<00000000896b6640>] SyS_write+0x121/0x270 [ 1544.361089] [<0000000039622e10>] ? SyS_read+0x270/0x270 [ 1544.361097] [<00000000207ed57a>] ? do_syscall_64+0x4a/0x5c0 [ 1544.361104] [<0000000039622e10>] ? SyS_read+0x270/0x270 [ 1544.361110] [<000000009049c43c>] do_syscall_64+0x1ad/0x5c0 [ 1544.361121] [<00000000880b3aee>] entry_SYSCALL_64_after_swapgs+0x5d/0xdb [ 1544.361125] Mem-Info: [ 1544.361150] active_anon:189393 inactive_anon:39 isolated_anon:0 [ 1544.361150] active_file:12746 inactive_file:19334 isolated_file:0 [ 1544.361150] unevictable:1 dirty:180 writeback:0 unstable:0 [ 1544.361150] slab_reclaimable:8937 slab_unreclaimable:101016 [ 1544.361150] mapped:59393 shmem:56 pagetables:79642 bounce:0 [ 1544.361150] free:1129834 free_pcp:500 free_cma:0 [ 1544.361169] Node 0 active_anon:757572kB inactive_anon:156kB active_file:50984kB inactive_file:77336kB unevictable:4kB isolated(anon):0kB isolated(file):0kB mapped:237572kB dirty:720kB writeback:0kB shmem:224kB writeback_tmp:0kB unstable:0kB pages_scanned:0 all_unreclaimable? no [ 1544.361189] DMA32 free:3012768kB min:4696kB low:7712kB high:10728kB active_anon:8kB inactive_anon:0kB active_file:4kB inactive_file:0kB unevictable:0kB writepending:0kB present:3145324kB managed:3020092kB mlocked:0kB slab_reclaimable:72kB slab_unreclaimable:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:1232kB local_pcp:588kB free_cma:0kB lowmem_reserve[]: 0 3505 3505 [ 1544.361217] Normal free:1506568kB min:5580kB low:9168kB high:12756kB active_anon:757564kB inactive_anon:156kB active_file:50980kB inactive_file:77336kB unevictable:4kB writepending:720kB present:4718592kB managed:3589316kB mlocked:4kB slab_reclaimable:35676kB slab_unreclaimable:404064kB kernel_stack:101088kB pagetables:318568kB bounce:0kB free_pcp:768kB local_pcp:320kB free_cma:0kB lowmem_reserve[]: 0 0 0 [ 1544.361273] DMA32: 12*4kB (UM) 12*8kB (UME) 7*16kB (UME) 5*32kB (UME) 4*64kB (UM) 6*128kB (UME) 7*256kB (UME) 6*512kB (UME) 4*1024kB (UME) 4*2048kB (UME) 731*4096kB (UM) = 3012768kB Normal: 5*4kB (UME) 123*8kB (UME) 130*16kB (ME) 24*32kB (UM) 11*64kB (ME) 2*128kB (ME) 2*256kB (E) 2*512kB (UM) 1*1024kB (E) 0*2048kB 366*4096kB (U) = 1506508kB 32133 total pagecache pages [ 1544.361345] 0 pages in swap cache [ 1544.361349] Swap cache stats: add 0, delete 0, find 0/0 [ 1544.361352] Free swap = 0kB [ 1544.361354] Total swap = 0kB [ 1544.361356] 1965979 pages RAM [ 1544.361358] 0 pages HighMem/MovableOnly [ 1544.361360] 313627 pages reserved [ 1544.681327] syz-executor.1: vmalloc: allocation failure: 0 bytes, mode:0x24000c2(GFP_KERNEL|__GFP_HIGHMEM) [ 1544.681356] CPU: 1 PID: 30790 Comm: syz-executor.1 Not tainted 4.9.194+ #0 [ 1544.681374] ffff88013c1f7968 ffffffff81b67001 1ffff1002783ef2f ffff88012883af80 [ 1544.681387] ffffffff82aab4e0 0000000000000001 0000000000400000 ffff88013c1f7a90 [ 1544.681401] ffffffff815080fc 0000000041b58ab3 ffffffff82e3bc80 ffffffff81431d00 [ 1544.681403] Call Trace: [ 1544.681418] [<0000000011681f42>] dump_stack+0xc1/0x120 [ 1544.681434] [<000000007c2097d2>] warn_alloc.cold+0x76/0x93 [ 1544.681447] [<00000000de19d6ac>] ? zone_watermark_ok_safe+0x260/0x260 [ 1544.681456] [<00000000298d54b5>] ? avc_has_perm+0x164/0x3a0 [ 1544.681467] [<000000007028393f>] ? mark_held_locks+0xb1/0x100 [ 1544.681475] [<00000000c0218928>] ? trace_hardirqs_on_caller+0x385/0x5a0 [ 1544.681483] [<000000005cb91349>] __vmalloc_node_range+0x368/0x610 [ 1544.681493] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1544.681501] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1544.681510] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1544.681520] [<00000000a2fc1867>] ? task_has_security+0x130/0x270 [ 1544.681527] [<00000000a2870fb6>] vmalloc+0x5c/0x70 [ 1544.681534] [<000000009122b07a>] ? sel_write_load+0x119/0xf60 [ 1544.681540] [<000000009122b07a>] sel_write_load+0x119/0xf60 [ 1544.681548] [<00000000c0218928>] ? trace_hardirqs_on_caller+0x385/0x5a0 [ 1544.681558] [<00000000442ab0de>] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 1544.681566] [<0000000014953e9a>] ? sel_read_bool+0x240/0x240 [ 1544.681572] [<0000000014953e9a>] ? sel_read_bool+0x240/0x240 [ 1544.681580] [<000000008431afd9>] __vfs_write+0x116/0x560 [ 1544.681587] [<0000000014953e9a>] ? sel_read_bool+0x240/0x240 [ 1544.681594] [<00000000b67253ca>] ? __vfs_read+0x550/0x550 [ 1544.681602] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1544.681611] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1544.681619] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1544.681628] [<00000000ad48bf15>] ? rcu_read_lock_sched_held+0x10b/0x130 [ 1544.681644] [<00000000a3300644>] ? rcu_sync_lockdep_assert+0x73/0xb0 [ 1544.681655] [<000000003542cfd2>] ? __sb_start_write+0x161/0x310 [ 1544.681664] [<000000006a657c39>] vfs_write+0x185/0x520 [ 1544.681671] [<00000000896b6640>] SyS_write+0x121/0x270 [ 1544.681678] [<0000000039622e10>] ? SyS_read+0x270/0x270 [ 1544.681686] [<0000000039622e10>] ? SyS_read+0x270/0x270 [ 1544.681693] [<000000009049c43c>] do_syscall_64+0x1ad/0x5c0 [ 1544.681703] [<00000000880b3aee>] entry_SYSCALL_64_after_swapgs+0x5d/0xdb [ 1544.681730] Mem-Info: [ 1544.681761] active_anon:189397 inactive_anon:39 isolated_anon:0 [ 1544.681761] active_file:12748 inactive_file:19334 isolated_file:0 [ 1544.681761] unevictable:1 dirty:184 writeback:0 unstable:0 [ 1544.681761] slab_reclaimable:8937 slab_unreclaimable:101008 [ 1544.681761] mapped:59385 shmem:56 pagetables:79683 bounce:0 [ 1544.681761] free:1129734 free_pcp:484 free_cma:0 [ 1544.681792] Node 0 active_anon:757588kB inactive_anon:156kB active_file:50992kB inactive_file:77336kB unevictable:4kB isolated(anon):0kB isolated(file):0kB mapped:237540kB dirty:736kB writeback:0kB shmem:224kB writeback_tmp:0kB unstable:0kB pages_scanned:0 all_unreclaimable? no [ 1544.681826] DMA32 free:3012768kB min:4696kB low:7712kB high:10728kB active_anon:8kB inactive_anon:0kB active_file:4kB inactive_file:0kB unevictable:0kB writepending:0kB present:3145324kB managed:3020092kB mlocked:0kB slab_reclaimable:72kB slab_unreclaimable:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:1232kB local_pcp:644kB free_cma:0kB lowmem_reserve[]: 0 3505 3505 [ 1544.681895] Normal free:1506168kB min:5580kB low:9168kB high:12756kB active_anon:757580kB inactive_anon:156kB active_file:50988kB inactive_file:77336kB unevictable:4kB writepending:736kB present:4718592kB managed:3589316kB mlocked:4kB slab_reclaimable:35676kB slab_unreclaimable:404032kB kernel_stack:101120kB pagetables:318732kB bounce:0kB free_pcp:704kB local_pcp:584kB free_cma:0kB lowmem_reserve[]: 0 0 0 [ 1544.682222] DMA32: 12*4kB (UM) 12*8kB (UME) 7*16kB (UME) 5*32kB (UME) 4*64kB (UM) 6*128kB (UME) 7*256kB (UME) 6*512kB (UME) 4*1024kB (UME) 4*2048kB (UME) 731*4096kB (UM) = 3012768kB Normal: 4*4kB (UE) 107*8kB (ME) 131*16kB (UME) 28*32kB (UM) 12*64kB (UME) 3*128kB (UME) 2*256kB (E) 1*512kB (M) 1*1024kB (E) 0*2048kB 366*4096kB (U) = 1506200kB 32135 total pagecache pages [ 1544.682490] 0 pages in swap cache [ 1544.682509] Swap cache stats: add 0, delete 0, find 0/0 [ 1544.682522] Free swap = 0kB [ 1544.682524] Total swap = 0kB [ 1544.682549] 1965979 pages RAM [ 1544.682571] 0 pages HighMem/MovableOnly [ 1544.682585] 313627 pages reserved [ 1545.184215] syz-executor.0: vmalloc: allocation failure: 0 bytes, mode:0x24000c2(GFP_KERNEL|__GFP_HIGHMEM) [ 1545.184225] CPU: 1 PID: 30818 Comm: syz-executor.0 Not tainted 4.9.194+ #0 [ 1545.184245] ffff880133e67968 ffffffff81b67001 1ffff100267ccf2f ffff88013c3daf80 [ 1545.184257] ffffffff82aab4e0 0000000000000001 0000000000400000 ffff880133e67a90 [ 1545.184269] ffffffff815080fc 0000000041b58ab3 ffffffff82e3bc80 ffffffff81431d00 [ 1545.184270] Call Trace: [ 1545.184290] [<0000000011681f42>] dump_stack+0xc1/0x120 [ 1545.184306] [<000000007c2097d2>] warn_alloc.cold+0x76/0x93 [ 1545.184316] [<00000000de19d6ac>] ? zone_watermark_ok_safe+0x260/0x260 [ 1545.184326] [<00000000298d54b5>] ? avc_has_perm+0x164/0x3a0 [ 1545.184336] [<000000005cb91349>] __vmalloc_node_range+0x368/0x610 [ 1545.184346] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1545.184354] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1545.184362] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1545.184372] [<00000000a2fc1867>] ? task_has_security+0x130/0x270 [ 1545.184379] [<00000000a2870fb6>] vmalloc+0x5c/0x70 [ 1545.184386] [<000000009122b07a>] ? sel_write_load+0x119/0xf60 [ 1545.184392] [<000000009122b07a>] sel_write_load+0x119/0xf60 22:11:42 executing program 1: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x448, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x13102000ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket(0x5, 0xa, 0x8) poll(0x0, 0x0, 0x8000000000000200) socketpair(0x10, 0x0, 0xfe, &(0x7f0000000180)) fcntl$setown(0xffffffffffffffff, 0x8, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$TIOCLINUX4(r1, 0x541c, &(0x7f0000000040)) dup2(r0, 0xffffffffffffffff) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r3, &(0x7f0000000300)=ANY=[@ANYBLOB="2422cdb3dbc96a0d7dab17ee1da68e97a75c2d1a34e7ee02004c4ac61b6783adf4b78165e6c18fe6e6e9de0eb40ab9b6372acb8457a07f40768a79fdc462e6b4a93479179acce26e9a881ad88e9bda56bc45b955bd137eb6a10faae485df2055d290b5f5949c6c1ef54dacde51e41b3b831d091296afdcea0a3f90167c64236701a6a66a7585617a81295c82c330caf32cb6b5240766739a217b22cf41bbab5aeb327feb5109ed16a6ddd2009b475825c0dd02dbec6e612072ce7fd70ed9305446a8b45b7a9ff355b3cff9707fe8ba6b03c1d1269b59308a"], 0x1) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x21) wait4(0x0, 0x0, 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x10000, 0x0, 0x15}) syz_open_pts(r0, 0x0) getxattr(&(0x7f0000000240)='./file0\x00', &(0x7f0000000280)=@known='com.apple.system.Security\x00', &(0x7f00000002c0)=""/41, 0x29) accept$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @initdev}, &(0x7f00000001c0)=0x10) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0xf, &(0x7f00009abffc)=0x5, 0x4) r4 = socket(0xa, 0x2, 0x0) getsockopt$sock_cred(r4, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xa) fcntl$getownex(r4, 0x10, &(0x7f0000000500)) 22:11:42 executing program 3: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x448, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x13102000ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket(0x5, 0xa, 0x8) poll(0x0, 0x0, 0x8000000000000200) socketpair(0x10, 0x0, 0xfe, &(0x7f0000000180)) fcntl$setown(0xffffffffffffffff, 0x8, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$TIOCLINUX4(r1, 0x541c, &(0x7f0000000040)) dup2(r0, 0xffffffffffffffff) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r3, &(0x7f0000000300)=ANY=[@ANYBLOB="2422cdb3dbc96a0d7dab17ee1da68e97a75c2d1a34e7ee02004c4ac61b6783adf4b78165e6c18fe6e6e9de0eb40ab9b6372acb8457a07f40768a79fdc462e6b4a93479179acce26e9a881ad88e9bda56bc45b955bd137eb6a10faae485df2055d290b5f5949c6c1ef54dacde51e41b3b831d091296afdcea0a3f90167c64236701a6a66a7585617a81295c82c330caf32cb6b5240766739a217b22cf41bbab5aeb327feb5109ed16a6ddd2009b475825c0dd02dbec6e612072ce7fd70ed9305446a8b45b7a9ff355b3cff9707fe8ba6b03c1d1269b59308a"], 0x1) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x21) wait4(0x0, 0x0, 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x10000, 0x0, 0x15}) syz_open_pts(r0, 0x0) stat(&(0x7f0000000140)='./file0\x00', 0x0) accept$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @initdev}, &(0x7f00000001c0)=0x10) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) bind$inet(0xffffffffffffffff, &(0x7f0000000080)={0x2, 0x4e22, @empty}, 0x10) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0xf, &(0x7f00009abffc)=0x5, 0x4) r4 = socket(0xa, 0x2, 0x0) getsockopt$sock_cred(r4, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xa) openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000540)='/dev/vga_arbiter\x00', 0x511441, 0x0) 22:11:42 executing program 4: r0 = socket$unix(0x1, 0x1, 0x0) r1 = socket$unix(0x1, 0x1, 0x0) setsockopt$sock_int(r1, 0x1, 0x10, &(0x7f0000000040)=0xb517, 0x4) bind$unix(r1, &(0x7f0000003000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0xc) listen(r1, 0x0) connect$unix(r0, &(0x7f000066fff4)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0xc) accept4$unix(r1, &(0x7f000046f000)=@abs, &(0x7f0000937000)=0x8, 0x0) 22:11:42 executing program 5: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x448, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x13102000ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket(0x5, 0xa, 0x8) poll(0x0, 0x0, 0x8000000000000200) socketpair(0x10, 0x0, 0xfe, &(0x7f0000000180)) fcntl$setown(0xffffffffffffffff, 0x8, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$TIOCLINUX4(r1, 0x541c, &(0x7f0000000040)) dup2(r0, 0xffffffffffffffff) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r3, &(0x7f0000000300)=ANY=[@ANYBLOB="2422cdb3dbc96a0d7dab17ee1da68e97a75c2d1a34e7ee02004c4ac61b6783adf4b78165e6c18fe6e6e9de0eb40ab9b6372acb8457a07f40768a79fdc462e6b4a93479179acce26e9a881ad88e9bda56bc45b955bd137eb6a10faae485df2055d290b5f5949c6c1ef54dacde51e41b3b831d091296afdcea0a3f90167c64236701a6a66a7585617a81295c82c330caf32cb6b5240766739a217b22cf41bbab5aeb327feb5109ed16a6ddd2009b475825c0dd02dbec6e612072ce7fd70ed9305446a8b45b7a9ff355b3cff9707fe8ba6b03c1d1269b59308a"], 0x1) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x21) wait4(0x0, 0x0, 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x10000, 0x0, 0x15}) syz_open_pts(r0, 0x0) getxattr(&(0x7f0000000240)='./file0\x00', &(0x7f0000000280)=@known='com.apple.system.Security\x00', &(0x7f00000002c0)=""/41, 0x29) accept$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @initdev}, &(0x7f00000001c0)=0x10) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) bind$inet(0xffffffffffffffff, &(0x7f0000000080)={0x2, 0x4e22, @empty}, 0x10) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0xf, &(0x7f00009abffc)=0x5, 0x4) r4 = socket(0xa, 0x2, 0x0) getsockopt$sock_cred(r4, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xa) openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000540)='/dev/vga_arbiter\x00', 0x511441, 0x0) [ 1545.184399] [<0000000014953e9a>] ? sel_read_bool+0x240/0x240 [ 1545.184408] [<0000000033795d1e>] ? trace_hardirqs_on+0x10/0x10 [ 1545.184415] [<000000008431afd9>] __vfs_write+0x116/0x560 [ 1545.184422] [<0000000014953e9a>] ? sel_read_bool+0x240/0x240 [ 1545.184428] [<00000000b67253ca>] ? __vfs_read+0x550/0x550 [ 1545.184437] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1545.184444] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1545.184454] [<00000000ad48bf15>] ? rcu_read_lock_sched_held+0x10b/0x130 [ 1545.184461] [<00000000a3300644>] ? rcu_sync_lockdep_assert+0x73/0xb0 [ 1545.184469] [<000000003542cfd2>] ? __sb_start_write+0x161/0x310 22:11:42 executing program 2: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x448, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x13102000ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket(0x5, 0xa, 0x8) poll(0x0, 0x0, 0x8000000000000200) socketpair(0x10, 0x0, 0xfe, &(0x7f0000000180)) fcntl$setown(0xffffffffffffffff, 0x8, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$TIOCLINUX4(r1, 0x541c, &(0x7f0000000040)) dup2(r0, 0xffffffffffffffff) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r3, &(0x7f0000000300)=ANY=[@ANYBLOB="2422cdb3dbc96a0d7dab17ee1da68e97a75c2d1a34e7ee02004c4ac61b6783adf4b78165e6c18fe6e6e9de0eb40ab9b6372acb8457a07f40768a79fdc462e6b4a93479179acce26e9a881ad88e9bda56bc45b955bd137eb6a10faae485df2055d290b5f5949c6c1ef54dacde51e41b3b831d091296afdcea0a3f90167c64236701a6a66a7585617a81295c82c330caf32cb6b5240766739a217b22cf41bbab5aeb327feb5109ed16a6ddd2009b475825c0dd02dbec6e612072ce7fd70ed9305446a8b45b7a9ff355b3cff9707fe8ba6b03c1d1269b59308a"], 0x1) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x21) wait4(0x0, 0x0, 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x10000, 0x0, 0x15}) stat(&(0x7f0000000140)='./file0\x00', 0x0) getxattr(&(0x7f0000000240)='./file0\x00', &(0x7f0000000280)=@known='com.apple.system.Security\x00', &(0x7f00000002c0)=""/41, 0x29) accept$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @initdev}, &(0x7f00000001c0)=0x10) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) bind$inet(0xffffffffffffffff, &(0x7f0000000080)={0x2, 0x4e22, @empty}, 0x10) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0xf, &(0x7f00009abffc)=0x5, 0x4) r4 = socket(0xa, 0x2, 0x0) getsockopt$sock_cred(r4, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xa) openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000540)='/dev/vga_arbiter\x00', 0x511441, 0x0) 22:11:42 executing program 4: r0 = socket$unix(0x1, 0x1, 0x0) r1 = socket$unix(0x1, 0x1, 0x0) setsockopt$sock_int(r1, 0x1, 0x10, &(0x7f0000000040)=0xb517, 0x4) bind$unix(r1, &(0x7f0000003000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0xc) connect$unix(r0, &(0x7f000066fff4)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0xc) accept4$unix(r1, &(0x7f000046f000)=@abs, &(0x7f0000937000)=0x8, 0x0) 22:11:42 executing program 0: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x448, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x13102000ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket(0x5, 0xa, 0x8) poll(0x0, 0x0, 0x8000000000000200) socketpair(0x10, 0x0, 0xfe, &(0x7f0000000180)) fcntl$setown(0xffffffffffffffff, 0x8, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$TIOCLINUX4(r1, 0x541c, &(0x7f0000000040)) dup2(r0, 0xffffffffffffffff) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r3, &(0x7f0000000300)=ANY=[@ANYBLOB="2422cdb3dbc96a0d7dab17ee1da68e97a75c2d1a34e7ee02004c4ac61b6783adf4b78165e6c18fe6e6e9de0eb40ab9b6372acb8457a07f40768a79fdc462e6b4a93479179acce26e9a881ad88e9bda56bc45b955bd137eb6a10faae485df2055d290b5f5949c6c1ef54dacde51e41b3b831d091296afdcea0a3f90167c64236701a6a66a7585617a81295c82c330caf32cb6b5240766739a217b22cf41bbab5aeb327feb5109ed16a6ddd2009b475825c0dd02dbec6e612072ce7fd70ed9305446a8b45b7a9ff355b3cff9707fe8ba6b03c1d1269b59308a"], 0x1) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x21) wait4(0x0, 0x0, 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x10000, 0x0, 0x15}) getxattr(&(0x7f0000000240)='./file0\x00', &(0x7f0000000280)=@known='com.apple.system.Security\x00', &(0x7f00000002c0)=""/41, 0x29) accept$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @initdev}, &(0x7f00000001c0)=0x10) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0xf, &(0x7f00009abffc)=0x5, 0x4) r4 = socket(0xa, 0x2, 0x0) getsockopt$sock_cred(r4, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xa) fcntl$getownex(r4, 0x10, &(0x7f0000000500)) openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000540)='/dev/vga_arbiter\x00', 0x511441, 0x0) [ 1545.184475] [<000000006a657c39>] vfs_write+0x185/0x520 [ 1545.184482] [<00000000896b6640>] SyS_write+0x121/0x270 [ 1545.184490] [<0000000039622e10>] ? SyS_read+0x270/0x270 [ 1545.184498] [<00000000207ed57a>] ? do_syscall_64+0x4a/0x5c0 [ 1545.184504] [<0000000039622e10>] ? SyS_read+0x270/0x270 22:11:42 executing program 4: r0 = socket$unix(0x1, 0x1, 0x0) r1 = socket$unix(0x1, 0x1, 0x0) setsockopt$sock_int(r1, 0x1, 0x10, &(0x7f0000000040)=0xb517, 0x4) bind$unix(r1, &(0x7f0000003000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0xc) connect$unix(r0, &(0x7f000066fff4)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0xc) accept4$unix(r1, &(0x7f000046f000)=@abs, &(0x7f0000937000)=0x8, 0x0) [ 1545.184510] [<000000009049c43c>] do_syscall_64+0x1ad/0x5c0 [ 1545.184520] [<00000000880b3aee>] entry_SYSCALL_64_after_swapgs+0x5d/0xdb [ 1545.184524] Mem-Info: [ 1545.184546] active_anon:189451 inactive_anon:40 isolated_anon:0 [ 1545.184546] active_file:12750 inactive_file:19334 isolated_file:0 [ 1545.184546] unevictable:1 dirty:186 writeback:0 unstable:0 [ 1545.184546] slab_reclaimable:8937 slab_unreclaimable:101120 [ 1545.184546] mapped:59368 shmem:56 pagetables:79741 bounce:0 [ 1545.184546] free:1129503 free_pcp:487 free_cma:0 [ 1545.184560] Node 0 active_anon:757804kB inactive_anon:160kB active_file:51000kB inactive_file:77336kB unevictable:4kB isolated(anon):0kB isolated(file):0kB mapped:237472kB dirty:744kB writeback:0kB shmem:224kB writeback_tmp:0kB unstable:0kB pages_scanned:0 all_unreclaimable? no [ 1545.184577] DMA32 free:3012768kB min:4696kB low:7712kB high:10728kB active_anon:8kB inactive_anon:0kB active_file:4kB inactive_file:0kB unevictable:0kB writepending:0kB present:3145324kB managed:3020092kB mlocked:0kB slab_reclaimable:72kB slab_unreclaimable:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:1232kB local_pcp:644kB free_cma:0kB lowmem_reserve[]: 0 3505 3505 [ 1545.184603] Normal free:1505244kB min:5580kB low:9168kB high:12756kB active_anon:757796kB inactive_anon:160kB active_file:50996kB inactive_file:77336kB unevictable:4kB writepending:744kB present:4718592kB managed:3589316kB mlocked:4kB slab_reclaimable:35676kB slab_unreclaimable:404480kB kernel_stack:101216kB pagetables:318964kB bounce:0kB free_pcp:716kB local_pcp:508kB free_cma:0kB lowmem_reserve[]: 0 0 0 [ 1545.184658] DMA32: 12*4kB (UM) 12*8kB (UME) 7*16kB (UME) 5*32kB (UME) 4*64kB (UM) 6*128kB (UME) 7*256kB (UME) 6*512kB (UME) 4*1024kB (UME) 4*2048kB (UME) 731*4096kB (UM) = 3012768kB Normal: 3*4kB (E) 76*8kB (ME) 131*16kB (UME) 22*32kB (UM) 12*64kB (UME) 3*128kB (UME) 2*256kB (E) 2*512kB (UM) 2*1024kB (UE) 1*2048kB (U) 365*4096kB (U) = 1505244kB 22:11:42 executing program 3: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x448, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x13102000ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket(0x5, 0xa, 0x8) poll(0x0, 0x0, 0x8000000000000200) socketpair(0x10, 0x0, 0xfe, &(0x7f0000000180)) fcntl$setown(0xffffffffffffffff, 0x8, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$TIOCLINUX4(r1, 0x541c, &(0x7f0000000040)) dup2(r0, 0xffffffffffffffff) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r3, &(0x7f0000000300)=ANY=[@ANYBLOB="2422cdb3dbc96a0d7dab17ee1da68e97a75c2d1a34e7ee02004c4ac61b6783adf4b78165e6c18fe6e6e9de0eb40ab9b6372acb8457a07f40768a79fdc462e6b4a93479179acce26e9a881ad88e9bda56bc45b955bd137eb6a10faae485df2055d290b5f5949c6c1ef54dacde51e41b3b831d091296afdcea0a3f90167c64236701a6a66a7585617a81295c82c330caf32cb6b5240766739a217b22cf41bbab5aeb327feb5109ed16a6ddd2009b475825c0dd02dbec6e612072ce7fd70ed9305446a8b45b7a9ff355b3cff9707fe8ba6b03c1d1269b59308a"], 0x1) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x21) wait4(0x0, 0x0, 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x10000, 0x0, 0x15}) syz_open_pts(r0, 0x0) stat(&(0x7f0000000140)='./file0\x00', 0x0) accept$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @initdev}, &(0x7f00000001c0)=0x10) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) bind$inet(0xffffffffffffffff, &(0x7f0000000080)={0x2, 0x4e22, @empty}, 0x10) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0xf, &(0x7f00009abffc)=0x5, 0x4) r4 = socket(0xa, 0x2, 0x0) getsockopt$sock_cred(r4, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xa) openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000540)='/dev/vga_arbiter\x00', 0x511441, 0x0) 22:11:42 executing program 4: r0 = socket$unix(0x1, 0x1, 0x0) r1 = socket$unix(0x1, 0x1, 0x0) setsockopt$sock_int(r1, 0x1, 0x10, &(0x7f0000000040)=0xb517, 0x4) bind$unix(r1, &(0x7f0000003000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0xc) connect$unix(r0, &(0x7f000066fff4)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0xc) accept4$unix(r1, &(0x7f000046f000)=@abs, &(0x7f0000937000)=0x8, 0x0) 32137 total pagecache pages [ 1545.184709] 0 pages in swap cache [ 1545.184713] Swap cache stats: add 0, delete 0, find 0/0 [ 1545.184716] Free swap = 0kB [ 1545.184718] Total swap = 0kB [ 1545.184720] 1965979 pages RAM [ 1545.184723] 0 pages HighMem/MovableOnly [ 1545.184725] 313627 pages reserved [ 1546.047307] warn_alloc: 3 callbacks suppressed [ 1546.047350] syz-executor.1: vmalloc: allocation failure: 0 bytes, mode:0x24000c2(GFP_KERNEL|__GFP_HIGHMEM) [ 1546.047373] CPU: 1 PID: 30834 Comm: syz-executor.1 Not tainted 4.9.194+ #0 [ 1546.047390] ffff880125097968 ffffffff81b67001 1ffff10024a12f2f ffff88012fb85f00 [ 1546.047402] ffffffff82aab4e0 0000000000000001 0000000000400000 ffff880125097a90 [ 1546.047415] ffffffff815080fc 0000000041b58ab3 ffffffff82e3bc80 ffffffff81431d00 [ 1546.047417] Call Trace: [ 1546.047437] [<0000000011681f42>] dump_stack+0xc1/0x120 22:11:43 executing program 1: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x448, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x13102000ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket(0x5, 0xa, 0x8) poll(0x0, 0x0, 0x8000000000000200) socketpair(0x10, 0x0, 0xfe, &(0x7f0000000180)) fcntl$setown(0xffffffffffffffff, 0x8, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$TIOCLINUX4(r1, 0x541c, &(0x7f0000000040)) dup2(r0, 0xffffffffffffffff) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r3, &(0x7f0000000300)=ANY=[@ANYBLOB="2422cdb3dbc96a0d7dab17ee1da68e97a75c2d1a34e7ee02004c4ac61b6783adf4b78165e6c18fe6e6e9de0eb40ab9b6372acb8457a07f40768a79fdc462e6b4a93479179acce26e9a881ad88e9bda56bc45b955bd137eb6a10faae485df2055d290b5f5949c6c1ef54dacde51e41b3b831d091296afdcea0a3f90167c64236701a6a66a7585617a81295c82c330caf32cb6b5240766739a217b22cf41bbab5aeb327feb5109ed16a6ddd2009b475825c0dd02dbec6e612072ce7fd70ed9305446a8b45b7a9ff355b3cff9707fe8ba6b03c1d1269b59308a"], 0x1) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x21) wait4(0x0, 0x0, 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x10000, 0x0, 0x15}) syz_open_pts(r0, 0x0) stat(&(0x7f0000000140)='./file0\x00', 0x0) accept$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @initdev}, &(0x7f00000001c0)=0x10) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) bind$inet(0xffffffffffffffff, &(0x7f0000000080)={0x2, 0x4e22, @empty}, 0x10) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0xf, &(0x7f00009abffc)=0x5, 0x4) r4 = socket(0xa, 0x2, 0x0) getsockopt$sock_cred(r4, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xa) openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000540)='/dev/vga_arbiter\x00', 0x511441, 0x0) 22:11:43 executing program 4: r0 = socket$unix(0x1, 0x1, 0x0) r1 = socket$unix(0x1, 0x1, 0x0) setsockopt$sock_int(r1, 0x1, 0x10, &(0x7f0000000040)=0xb517, 0x4) listen(r1, 0x0) connect$unix(r0, &(0x7f000066fff4)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0xc) accept4$unix(r1, &(0x7f000046f000)=@abs, &(0x7f0000937000)=0x8, 0x0) [ 1546.047452] [<000000007c2097d2>] warn_alloc.cold+0x76/0x93 22:11:43 executing program 0: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x448, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x13102000ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket(0x5, 0xa, 0x8) poll(0x0, 0x0, 0x8000000000000200) socketpair(0x10, 0x0, 0xfe, &(0x7f0000000180)) fcntl$setown(0xffffffffffffffff, 0x8, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$TIOCLINUX4(r1, 0x541c, &(0x7f0000000040)) dup2(r0, 0xffffffffffffffff) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r3, &(0x7f0000000300)=ANY=[@ANYBLOB="2422cdb3dbc96a0d7dab17ee1da68e97a75c2d1a34e7ee02004c4ac61b6783adf4b78165e6c18fe6e6e9de0eb40ab9b6372acb8457a07f40768a79fdc462e6b4a93479179acce26e9a881ad88e9bda56bc45b955bd137eb6a10faae485df2055d290b5f5949c6c1ef54dacde51e41b3b831d091296afdcea0a3f90167c64236701a6a66a7585617a81295c82c330caf32cb6b5240766739a217b22cf41bbab5aeb327feb5109ed16a6ddd2009b475825c0dd02dbec6e612072ce7fd70ed9305446a8b45b7a9ff355b3cff9707fe8ba6b03c1d1269b59308a"], 0x1) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x21) wait4(0x0, 0x0, 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x10000, 0x0, 0x15}) getxattr(&(0x7f0000000240)='./file0\x00', &(0x7f0000000280)=@known='com.apple.system.Security\x00', &(0x7f00000002c0)=""/41, 0x29) accept$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @initdev}, &(0x7f00000001c0)=0x10) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0xf, &(0x7f00009abffc)=0x5, 0x4) r4 = socket(0xa, 0x2, 0x0) getsockopt$sock_cred(r4, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xa) fcntl$getownex(r4, 0x10, &(0x7f0000000500)) openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000540)='/dev/vga_arbiter\x00', 0x511441, 0x0) [ 1546.047463] [<00000000de19d6ac>] ? zone_watermark_ok_safe+0x260/0x260 22:11:43 executing program 3: recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f0000000100)=@pppol2tpv3={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @local}}}, 0x80, 0x0}}], 0x1, 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) request_key(&(0x7f0000000200)='user\x00', &(0x7f0000000040)={'syz'}, &(0x7f0000000a80), 0xfffffffffffffffd) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) sendto$inet(r0, 0x0, 0xffffffffffffff60, 0x0, 0x0, 0x2f95a3c3cb55ab4b) r1 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/route\x00') preadv(r1, &(0x7f00000017c0), 0x315, 0x800000) ioctl$PPPIOCGDEBUG(r1, 0x80047441, &(0x7f0000000080)) ioctl$sock_SIOCOUTQNSD(r1, 0x894b, &(0x7f0000000000)) [ 1546.047473] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1546.047482] [<000000005cb91349>] __vmalloc_node_range+0x368/0x610 [ 1546.047491] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1546.047504] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1546.047516] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1546.047531] [<00000000a2fc1867>] ? task_has_security+0x130/0x270 [ 1546.047538] [<00000000a2870fb6>] vmalloc+0x5c/0x70 [ 1546.047545] [<000000009122b07a>] ? sel_write_load+0x119/0xf60 [ 1546.047552] [<000000009122b07a>] sel_write_load+0x119/0xf60 22:11:43 executing program 4: r0 = socket$unix(0x1, 0x1, 0x0) r1 = socket$unix(0x1, 0x1, 0x0) setsockopt$sock_int(r1, 0x1, 0x10, &(0x7f0000000040)=0xb517, 0x4) listen(r1, 0x0) connect$unix(r0, &(0x7f000066fff4)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0xc) accept4$unix(r1, &(0x7f000046f000)=@abs, &(0x7f0000937000)=0x8, 0x0) [ 1546.047559] [<0000000014953e9a>] ? sel_read_bool+0x240/0x240 [ 1546.047568] [<00000000b9229046>] ? retint_kernel+0x2d/0x2d [ 1546.047577] [<00000000c0218928>] ? trace_hardirqs_on_caller+0x385/0x5a0 [ 1546.047587] [<00000000442ab0de>] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 1546.047595] [<000000008431afd9>] __vfs_write+0x116/0x560 [ 1546.047602] [<00000000b9229046>] ? retint_kernel+0x2d/0x2d [ 1546.047609] [<0000000014953e9a>] ? sel_read_bool+0x240/0x240 [ 1546.047615] [<00000000b67253ca>] ? __vfs_read+0x550/0x550 [ 1546.047624] [<00000000442ab0de>] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 1546.047632] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1546.047639] [<00000000b9229046>] ? retint_kernel+0x2d/0x2d [ 1546.047647] [<000000006a657c39>] vfs_write+0x185/0x520 [ 1546.047654] [<00000000896b6640>] SyS_write+0x121/0x270 [ 1546.047661] [<0000000039622e10>] ? SyS_read+0x270/0x270 [ 1546.047668] [<00000000207ed57a>] ? do_syscall_64+0x4a/0x5c0 [ 1546.047675] [<0000000039622e10>] ? SyS_read+0x270/0x270 [ 1546.047681] [<000000009049c43c>] do_syscall_64+0x1ad/0x5c0 [ 1546.047689] [<00000000880b3aee>] entry_SYSCALL_64_after_swapgs+0x5d/0xdb [ 1546.047740] Mem-Info: [ 1546.047790] active_anon:189521 inactive_anon:40 isolated_anon:0 [ 1546.047790] active_file:12750 inactive_file:19334 isolated_file:0 [ 1546.047790] unevictable:1 dirty:166 writeback:0 unstable:0 [ 1546.047790] slab_reclaimable:8937 slab_unreclaimable:101104 [ 1546.047790] mapped:59368 shmem:56 pagetables:79744 bounce:0 [ 1546.047790] free:1129459 free_pcp:549 free_cma:0 [ 1546.047818] Node 0 active_anon:758084kB inactive_anon:160kB active_file:51000kB inactive_file:77336kB unevictable:4kB isolated(anon):0kB isolated(file):0kB mapped:237472kB dirty:664kB writeback:0kB shmem:224kB writeback_tmp:0kB unstable:0kB pages_scanned:0 all_unreclaimable? no [ 1546.047880] DMA32 free:3012768kB min:4696kB low:7712kB high:10728kB active_anon:8kB inactive_anon:0kB active_file:4kB inactive_file:0kB unevictable:0kB writepending:0kB present:3145324kB managed:3020092kB mlocked:0kB slab_reclaimable:72kB slab_unreclaimable:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:1232kB local_pcp:644kB free_cma:0kB lowmem_reserve[]: 0 3505 3505 [ 1546.047955] Normal free:1505068kB min:5580kB low:9168kB high:12756kB active_anon:758076kB inactive_anon:160kB active_file:50996kB inactive_file:77336kB unevictable:4kB writepending:664kB present:4718592kB managed:3589316kB mlocked:4kB slab_reclaimable:35676kB slab_unreclaimable:404416kB kernel_stack:101088kB pagetables:318976kB bounce:0kB free_pcp:964kB local_pcp:328kB free_cma:0kB lowmem_reserve[]: 0 0 0 [ 1546.053002] DMA32: 12*4kB (UM) 12*8kB (UME) 7*16kB (UME) 5*32kB (UME) 4*64kB (UM) 6*128kB (UME) 7*256kB (UME) 6*512kB (UME) 4*1024kB (UME) 4*2048kB (UME) 731*4096kB (UM) = 3012768kB Normal: 5*4kB (UME) 61*8kB (UME) 131*16kB (UME) 16*32kB (UM) 13*64kB (UME) 3*128kB (UME) 2*256kB (E) 2*512kB (UM) 2*1024kB (UE) 1*2048kB (U) 365*4096kB (U) = 1505004kB 32137 total pagecache pages [ 1546.053250] 0 pages in swap cache [ 1546.053266] Swap cache stats: add 0, delete 0, find 0/0 [ 1546.053291] Free swap = 0kB [ 1546.053304] Total swap = 0kB [ 1546.053312] 1965979 pages RAM [ 1546.053361] 0 pages HighMem/MovableOnly [ 1546.053374] 313627 pages reserved [ 1546.275772] syz-executor.1: vmalloc: allocation failure: 0 bytes, mode:0x24000c2(GFP_KERNEL|__GFP_HIGHMEM) [ 1546.275873] CPU: 1 PID: 30839 Comm: syz-executor.1 Not tainted 4.9.194+ #0 [ 1546.275890] ffff88013a1cf968 ffffffff81b67001 1ffff10027439f2f ffff8801136daf80 [ 1546.275902] ffffffff82aab4e0 0000000000000001 0000000000400000 ffff88013a1cfa90 [ 1546.275915] ffffffff815080fc 0000000041b58ab3 ffffffff82e3bc80 ffffffff81431d00 [ 1546.275918] Call Trace: [ 1546.275937] [<0000000011681f42>] dump_stack+0xc1/0x120 [ 1546.275950] [<000000007c2097d2>] warn_alloc.cold+0x76/0x93 [ 1546.275959] [<00000000de19d6ac>] ? zone_watermark_ok_safe+0x260/0x260 [ 1546.275971] [<00000000298d54b5>] ? avc_has_perm+0x164/0x3a0 [ 1546.275981] [<000000002ca6a874>] ? mutex_lock_nested+0x6cc/0x920 [ 1546.275990] [<000000005cb91349>] __vmalloc_node_range+0x368/0x610 [ 1546.276000] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1546.276009] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1546.276017] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1546.276028] [<00000000a2fc1867>] ? task_has_security+0x130/0x270 [ 1546.276035] [<00000000a2870fb6>] vmalloc+0x5c/0x70 [ 1546.276042] [<000000009122b07a>] ? sel_write_load+0x119/0xf60 [ 1546.276049] [<000000009122b07a>] sel_write_load+0x119/0xf60 [ 1546.276056] [<0000000014953e9a>] ? sel_read_bool+0x240/0x240 [ 1546.276065] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1546.276073] [<00000000b9229046>] ? retint_kernel+0x2d/0x2d [ 1546.276082] [<000000007028393f>] ? mark_held_locks+0xb1/0x100 [ 1546.276090] [<000000008431afd9>] __vfs_write+0x116/0x560 [ 1546.276097] [<0000000014953e9a>] ? sel_read_bool+0x240/0x240 [ 1546.276104] [<00000000b67253ca>] ? __vfs_read+0x550/0x550 [ 1546.276112] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1546.276120] [<00000000b9229046>] ? retint_kernel+0x2d/0x2d [ 1546.276129] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1546.276138] [<000000002ca87f87>] ? __sb_start_write+0x22c/0x310 [ 1546.276146] [<000000003542cfd2>] ? __sb_start_write+0x161/0x310 [ 1546.276154] [<000000006a657c39>] vfs_write+0x185/0x520 [ 1546.276161] [<00000000896b6640>] SyS_write+0x121/0x270 [ 1546.276169] [<0000000039622e10>] ? SyS_read+0x270/0x270 [ 1546.276177] [<00000000207ed57a>] ? do_syscall_64+0x4a/0x5c0 [ 1546.276184] [<0000000039622e10>] ? SyS_read+0x270/0x270 [ 1546.276191] [<000000009049c43c>] do_syscall_64+0x1ad/0x5c0 [ 1546.276200] [<00000000880b3aee>] entry_SYSCALL_64_after_swapgs+0x5d/0xdb [ 1546.276219] Mem-Info: [ 1546.276254] active_anon:189527 inactive_anon:40 isolated_anon:0 [ 1546.276254] active_file:12751 inactive_file:19334 isolated_file:0 [ 1546.276254] unevictable:1 dirty:167 writeback:0 unstable:0 [ 1546.276254] slab_reclaimable:8937 slab_unreclaimable:101065 [ 1546.276254] mapped:59368 shmem:56 pagetables:79771 bounce:0 [ 1546.276254] free:1129483 free_pcp:485 free_cma:0 [ 1546.276305] Node 0 active_anon:758108kB inactive_anon:160kB active_file:51004kB inactive_file:77336kB unevictable:4kB isolated(anon):0kB isolated(file):0kB mapped:237472kB dirty:668kB writeback:0kB shmem:224kB writeback_tmp:0kB unstable:0kB pages_scanned:0 all_unreclaimable? no [ 1546.276359] DMA32 free:3012768kB min:4696kB low:7712kB high:10728kB active_anon:8kB inactive_anon:0kB active_file:4kB inactive_file:0kB unevictable:0kB writepending:0kB present:3145324kB managed:3020092kB mlocked:0kB slab_reclaimable:72kB slab_unreclaimable:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:1232kB local_pcp:644kB free_cma:0kB lowmem_reserve[]: 0 3505 3505 [ 1546.276422] Normal free:1505164kB min:5580kB low:9168kB high:12756kB active_anon:758100kB inactive_anon:160kB active_file:51000kB inactive_file:77336kB unevictable:4kB writepending:668kB present:4718592kB managed:3589316kB mlocked:4kB slab_reclaimable:35676kB slab_unreclaimable:404260kB kernel_stack:101120kB pagetables:319084kB bounce:0kB free_pcp:708kB local_pcp:72kB free_cma:0kB lowmem_reserve[]: 0 0 0 [ 1546.276624] DMA32: 12*4kB (UM) 12*8kB (UME) 7*16kB (UME) 5*32kB (UME) 4*64kB (UM) 6*128kB (UME) 7*256kB (UME) 6*512kB (UME) 4*1024kB (UME) 4*2048kB (UME) 731*4096kB (UM) = 3012768kB Normal: 5*4kB (UME) 61*8kB (UME) 131*16kB (UME) 20*32kB (UM) 13*64kB (UME) 3*128kB (UME) 2*256kB (E) 2*512kB (UM) 2*1024kB (UE) 1*2048kB (U) 365*4096kB (U) = 1505132kB 32138 total pagecache pages [ 1546.281727] 0 pages in swap cache [ 1546.281741] Swap cache stats: add 0, delete 0, find 0/0 [ 1546.281747] Free swap = 0kB [ 1546.281759] Total swap = 0kB [ 1546.281767] 1965979 pages RAM [ 1546.281780] 0 pages HighMem/MovableOnly [ 1546.281785] 313627 pages reserved [ 1547.020550] syz-executor.0: vmalloc: allocation failure: 0 bytes, mode:0x24000c2(GFP_KERNEL|__GFP_HIGHMEM) [ 1547.020560] CPU: 1 PID: 30849 Comm: syz-executor.0 Not tainted 4.9.194+ #0 [ 1547.020576] ffff880133c9f968 ffffffff81b67001 1ffff10026793f2f ffff88012ead4740 [ 1547.020587] ffffffff82aab4e0 0000000000000001 0000000000400000 ffff880133c9fa90 [ 1547.020597] ffffffff815080fc 0000000041b58ab3 ffffffff82e3bc80 ffffffff81431d00 [ 1547.020599] Call Trace: [ 1547.020616] [<0000000011681f42>] dump_stack+0xc1/0x120 [ 1547.020627] [<000000007c2097d2>] warn_alloc.cold+0x76/0x93 [ 1547.020637] [<00000000de19d6ac>] ? zone_watermark_ok_safe+0x260/0x260 [ 1547.020647] [<00000000298d54b5>] ? avc_has_perm+0x164/0x3a0 [ 1547.020657] [<000000005cb91349>] __vmalloc_node_range+0x368/0x610 [ 1547.020667] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1547.020676] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1547.020685] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1547.020696] [<00000000a2fc1867>] ? task_has_security+0x130/0x270 [ 1547.020703] [<00000000a2870fb6>] vmalloc+0x5c/0x70 [ 1547.020711] [<000000009122b07a>] ? sel_write_load+0x119/0xf60 [ 1547.020725] [<000000009122b07a>] sel_write_load+0x119/0xf60 [ 1547.020733] [<0000000014953e9a>] ? sel_read_bool+0x240/0x240 [ 1547.020744] [<0000000033795d1e>] ? trace_hardirqs_on+0x10/0x10 [ 1547.020752] [<000000008431afd9>] __vfs_write+0x116/0x560 [ 1547.020762] [<0000000014953e9a>] ? sel_read_bool+0x240/0x240 [ 1547.020771] [<00000000b67253ca>] ? __vfs_read+0x550/0x550 [ 1547.020784] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1547.020796] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1547.020806] [<00000000ad48bf15>] ? rcu_read_lock_sched_held+0x10b/0x130 [ 1547.020814] [<00000000a3300644>] ? rcu_sync_lockdep_assert+0x73/0xb0 [ 1547.020823] [<000000003542cfd2>] ? __sb_start_write+0x161/0x310 [ 1547.020830] [<000000006a657c39>] vfs_write+0x185/0x520 [ 1547.020838] [<00000000896b6640>] SyS_write+0x121/0x270 [ 1547.020845] [<0000000039622e10>] ? SyS_read+0x270/0x270 22:11:45 executing program 5: recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f0000000100)=@pppol2tpv3={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @local}}}, 0x80, 0x0}}], 0x1, 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) request_key(&(0x7f0000000200)='user\x00', &(0x7f0000000040)={'syz'}, &(0x7f0000000a80), 0xfffffffffffffffd) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) sendto$inet(r0, 0x0, 0xffffffffffffff60, 0x0, 0x0, 0x2f95a3c3cb55ab4b) r1 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/route\x00') preadv(r1, &(0x7f00000017c0), 0x315, 0x800000) r2 = accept4$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast1}, &(0x7f0000000080)=0x1c, 0x800) ioctl$sock_SIOCGIFCONF(r2, 0x8912, &(0x7f00000001c0)=@req={0x28, &(0x7f0000000180)={'ipddp0\x00', @ifru_mtu=0x3}}) [ 1547.020853] [<00000000207ed57a>] ? do_syscall_64+0x4a/0x5c0 [ 1547.020860] [<0000000039622e10>] ? SyS_read+0x270/0x270 [ 1547.020868] [<000000009049c43c>] do_syscall_64+0x1ad/0x5c0 [ 1547.020879] [<00000000880b3aee>] entry_SYSCALL_64_after_swapgs+0x5d/0xdb [ 1547.020883] Mem-Info: [ 1547.020902] active_anon:189407 inactive_anon:40 isolated_anon:0 [ 1547.020902] active_file:12751 inactive_file:19334 isolated_file:0 [ 1547.020902] unevictable:1 dirty:167 writeback:0 unstable:0 [ 1547.020902] slab_reclaimable:8937 slab_unreclaimable:101061 22:11:45 executing program 2: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x448, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x13102000ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket(0x5, 0xa, 0x8) poll(0x0, 0x0, 0x8000000000000200) socketpair(0x10, 0x0, 0xfe, &(0x7f0000000180)) fcntl$setown(0xffffffffffffffff, 0x8, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$TIOCLINUX4(r1, 0x541c, &(0x7f0000000040)) dup2(r0, 0xffffffffffffffff) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r3, &(0x7f0000000300)=ANY=[@ANYBLOB="2422cdb3dbc96a0d7dab17ee1da68e97a75c2d1a34e7ee02004c4ac61b6783adf4b78165e6c18fe6e6e9de0eb40ab9b6372acb8457a07f40768a79fdc462e6b4a93479179acce26e9a881ad88e9bda56bc45b955bd137eb6a10faae485df2055d290b5f5949c6c1ef54dacde51e41b3b831d091296afdcea0a3f90167c64236701a6a66a7585617a81295c82c330caf32cb6b5240766739a217b22cf41bbab5aeb327feb5109ed16a6ddd2009b475825c0dd02dbec6e612072ce7fd70ed9305446a8b45b7a9ff355b3cff9707fe8ba6b03c1d1269b59308a"], 0x1) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x21) wait4(0x0, 0x0, 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x10000, 0x0, 0x15}) getxattr(&(0x7f0000000240)='./file0\x00', &(0x7f0000000280)=@known='com.apple.system.Security\x00', &(0x7f00000002c0)=""/41, 0x29) accept$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @initdev}, &(0x7f00000001c0)=0x10) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0xf, &(0x7f00009abffc)=0x5, 0x4) r4 = socket(0xa, 0x2, 0x0) getsockopt$sock_cred(r4, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xa) fcntl$getownex(r4, 0x10, &(0x7f0000000500)) openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000540)='/dev/vga_arbiter\x00', 0x511441, 0x0) 22:11:45 executing program 4: r0 = socket$unix(0x1, 0x1, 0x0) r1 = socket$unix(0x1, 0x1, 0x0) setsockopt$sock_int(r1, 0x1, 0x10, &(0x7f0000000040)=0xb517, 0x4) listen(r1, 0x0) connect$unix(r0, &(0x7f000066fff4)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0xc) accept4$unix(r1, &(0x7f000046f000)=@abs, &(0x7f0000937000)=0x8, 0x0) 22:11:45 executing program 3: recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f0000000100)=@pppol2tpv3={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @local}}}, 0x80, 0x0}}], 0x1, 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) request_key(&(0x7f0000000200)='user\x00', &(0x7f0000000040)={'syz'}, &(0x7f0000000a80), 0xfffffffffffffffd) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) sendto$inet(r0, 0x0, 0xffffffffffffff60, 0x0, 0x0, 0x2f95a3c3cb55ab4b) r1 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/route\x00') preadv(r1, &(0x7f00000017c0), 0x315, 0x800000) ioctl$PPPIOCGDEBUG(r1, 0x80047441, &(0x7f0000000080)) ioctl$sock_SIOCOUTQNSD(r1, 0x894b, &(0x7f0000000000)) 22:11:45 executing program 0: recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f0000000100)=@pppol2tpv3={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @local}}}, 0x80, 0x0}}], 0x1, 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) request_key(&(0x7f0000000200)='user\x00', &(0x7f0000000040)={'syz'}, &(0x7f0000000a80), 0xfffffffffffffffd) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) sendto$inet(r0, 0x0, 0xffffffffffffff60, 0x0, 0x0, 0x2f95a3c3cb55ab4b) r1 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/route\x00') preadv(r1, &(0x7f00000017c0), 0x315, 0x800000) r2 = accept4$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast1}, &(0x7f0000000080)=0x1c, 0x800) ioctl$sock_SIOCGIFCONF(r2, 0x8912, &(0x7f00000001c0)=@req={0x28, &(0x7f0000000180)={'ipddp0\x00', @ifru_mtu=0x3}}) [ 1547.020902] mapped:59368 shmem:56 pagetables:79658 bounce:0 [ 1547.020902] free:1129676 free_pcp:526 free_cma:0 [ 1547.020920] Node 0 active_anon:757628kB inactive_anon:160kB active_file:51004kB inactive_file:77336kB unevictable:4kB isolated(anon):0kB isolated(file):0kB mapped:237472kB dirty:668kB writeback:0kB shmem:224kB writeback_tmp:0kB unstable:0kB pages_scanned:0 all_unreclaimable? no [ 1547.020941] DMA32 free:3012768kB min:4696kB low:7712kB high:10728kB active_anon:8kB inactive_anon:0kB active_file:4kB inactive_file:0kB unevictable:0kB writepending:0kB present:3145324kB managed:3020092kB mlocked:0kB slab_reclaimable:72kB slab_unreclaimable:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:1232kB local_pcp:644kB free_cma:0kB 22:11:45 executing program 4: r0 = socket$unix(0x1, 0x1, 0x0) r1 = socket$unix(0x1, 0x1, 0x0) bind$unix(r1, &(0x7f0000003000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0xc) listen(r1, 0x0) connect$unix(r0, &(0x7f000066fff4)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0xc) accept4$unix(r1, &(0x7f000046f000)=@abs, &(0x7f0000937000)=0x8, 0x0) lowmem_reserve[]: 0 3505 3505 [ 1547.020970] Normal free:1505936kB min:5580kB low:9168kB high:12756kB active_anon:757620kB inactive_anon:160kB active_file:51000kB inactive_file:77336kB unevictable:4kB writepending:668kB present:4718592kB managed:3589316kB mlocked:4kB slab_reclaimable:35676kB slab_unreclaimable:404244kB kernel_stack:101024kB pagetables:318632kB bounce:0kB free_pcp:872kB local_pcp:340kB free_cma:0kB 22:11:45 executing program 3: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x448, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x13102000ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket(0x5, 0xa, 0x8) poll(0x0, 0x0, 0x8000000000000200) socketpair(0x10, 0x0, 0xfe, &(0x7f0000000180)) fcntl$setown(0xffffffffffffffff, 0x8, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$TIOCLINUX4(r1, 0x541c, &(0x7f0000000040)) dup2(r0, 0xffffffffffffffff) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r3, &(0x7f0000000300)=ANY=[@ANYBLOB="2422cdb3dbc96a0d7dab17ee1da68e97a75c2d1a34e7ee02004c4ac61b6783adf4b78165e6c18fe6e6e9de0eb40ab9b6372acb8457a07f40768a79fdc462e6b4a93479179acce26e9a881ad88e9bda56bc45b955bd137eb6a10faae485df2055d290b5f5949c6c1ef54dacde51e41b3b831d091296afdcea0a3f90167c64236701a6a66a7585617a81295c82c330caf32cb6b5240766739a217b22cf41bbab5aeb327feb5109ed16a6ddd2009b475825c0dd02dbec6e612072ce7fd70ed9305446a8b45b7a9ff355b3cff9707fe8ba6b03c1d1269b59308a"], 0x1) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x21) wait4(0x0, 0x0, 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x10000, 0x0, 0x15}) syz_open_pts(r0, 0x0) stat(&(0x7f0000000140)='./file0\x00', 0x0) accept$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @initdev}, &(0x7f00000001c0)=0x10) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0xf, &(0x7f00009abffc)=0x5, 0x4) r4 = socket(0xa, 0x2, 0x0) getsockopt$sock_cred(r4, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xa) fcntl$getownex(r4, 0x10, &(0x7f0000000500)) openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000540)='/dev/vga_arbiter\x00', 0x511441, 0x0) lowmem_reserve[]: 0 0 0 [ 1547.021029] DMA32: 12*4kB (UM) 12*8kB (UME) 7*16kB (UME) 5*32kB (UME) 4*64kB (UM) 6*128kB (UME) 7*256kB (UME) 6*512kB (UME) 4*1024kB (UME) 4*2048kB (UME) 731*4096kB (UM) = 3012768kB Normal: 66*4kB (UME) 89*8kB (UME) 138*16kB (UME) 20*32kB (UM) 15*64kB (UME) 3*128kB (UME) 2*256kB (E) 2*512kB (UM) 2*1024kB (UE) 1*2048kB (U) 365*4096kB (U) = 1505840kB 32138 total pagecache pages [ 1547.021109] 0 pages in swap cache [ 1547.021115] Swap cache stats: add 0, delete 0, find 0/0 [ 1547.021117] Free swap = 0kB [ 1547.021120] Total swap = 0kB [ 1547.021123] 1965979 pages RAM [ 1547.021125] 0 pages HighMem/MovableOnly [ 1547.021128] 313627 pages reserved [ 1547.120957] syz-executor.4: vmalloc: allocation failure: 0 bytes, mode:0x24000c2(GFP_KERNEL|__GFP_HIGHMEM) [ 1547.120979] CPU: 1 PID: 30850 Comm: syz-executor.4 Not tainted 4.9.194+ #0 [ 1547.120994] ffff88013aeb7968 ffffffff81b67001 1ffff100275d6f2f ffff88013c0b2f80 [ 1547.121004] ffffffff82aab4e0 0000000000000001 0000000000400000 ffff88013aeb7a90 [ 1547.121014] ffffffff815080fc 0000000041b58ab3 ffffffff82e3bc80 ffffffff81431d00 [ 1547.121015] Call Trace: [ 1547.121031] [<0000000011681f42>] dump_stack+0xc1/0x120 [ 1547.121042] [<000000007c2097d2>] warn_alloc.cold+0x76/0x93 [ 1547.121051] [<00000000de19d6ac>] ? zone_watermark_ok_safe+0x260/0x260 [ 1547.121058] [<00000000298d54b5>] ? avc_has_perm+0x164/0x3a0 [ 1547.121068] [<000000005cb91349>] __vmalloc_node_range+0x368/0x610 [ 1547.121077] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1547.121085] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1547.121093] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1547.121102] [<00000000a2fc1867>] ? task_has_security+0x130/0x270 [ 1547.121108] [<00000000a2870fb6>] vmalloc+0x5c/0x70 [ 1547.121115] [<000000009122b07a>] ? sel_write_load+0x119/0xf60 [ 1547.121121] [<000000009122b07a>] sel_write_load+0x119/0xf60 [ 1547.121128] [<0000000014953e9a>] ? sel_read_bool+0x240/0x240 [ 1547.121136] [<0000000033795d1e>] ? trace_hardirqs_on+0x10/0x10 [ 1547.121143] [<000000008431afd9>] __vfs_write+0x116/0x560 [ 1547.121150] [<0000000014953e9a>] ? sel_read_bool+0x240/0x240 [ 1547.121157] [<00000000b67253ca>] ? __vfs_read+0x550/0x550 [ 1547.121167] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1547.121176] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1547.121186] [<00000000ad48bf15>] ? rcu_read_lock_sched_held+0x10b/0x130 [ 1547.121193] [<00000000a3300644>] ? rcu_sync_lockdep_assert+0x73/0xb0 [ 1547.121201] [<000000003542cfd2>] ? __sb_start_write+0x161/0x310 [ 1547.121207] [<000000006a657c39>] vfs_write+0x185/0x520 [ 1547.121214] [<00000000896b6640>] SyS_write+0x121/0x270 [ 1547.121221] [<0000000039622e10>] ? SyS_read+0x270/0x270 [ 1547.121228] [<00000000207ed57a>] ? do_syscall_64+0x4a/0x5c0 [ 1547.121235] [<0000000039622e10>] ? SyS_read+0x270/0x270 [ 1547.121241] [<000000009049c43c>] do_syscall_64+0x1ad/0x5c0 [ 1547.121251] [<00000000880b3aee>] entry_SYSCALL_64_after_swapgs+0x5d/0xdb [ 1547.121276] Mem-Info: [ 1547.121309] active_anon:189457 inactive_anon:40 isolated_anon:0 [ 1547.121309] active_file:12751 inactive_file:19334 isolated_file:0 [ 1547.121309] unevictable:1 dirty:167 writeback:0 unstable:0 [ 1547.121309] slab_reclaimable:8937 slab_unreclaimable:101061 [ 1547.121309] mapped:59368 shmem:56 pagetables:79732 bounce:0 [ 1547.121309] free:1129612 free_pcp:432 free_cma:0 [ 1547.121346] Node 0 active_anon:757828kB inactive_anon:160kB active_file:51004kB inactive_file:77336kB unevictable:4kB isolated(anon):0kB isolated(file):0kB mapped:237472kB dirty:668kB writeback:0kB shmem:224kB writeback_tmp:0kB unstable:0kB pages_scanned:0 all_unreclaimable? no [ 1547.121378] DMA32 free:3012768kB min:4696kB low:7712kB high:10728kB active_anon:8kB inactive_anon:0kB active_file:4kB inactive_file:0kB unevictable:0kB writepending:0kB present:3145324kB managed:3020092kB mlocked:0kB slab_reclaimable:72kB slab_unreclaimable:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:1232kB local_pcp:644kB free_cma:0kB lowmem_reserve[]: 0 3505 3505 [ 1547.121434] Normal free:1505680kB min:5580kB low:9168kB high:12756kB active_anon:757820kB inactive_anon:160kB active_file:51000kB inactive_file:77336kB unevictable:4kB writepending:668kB present:4718592kB managed:3589316kB mlocked:4kB slab_reclaimable:35676kB slab_unreclaimable:404244kB kernel_stack:101120kB pagetables:318928kB bounce:0kB free_pcp:496kB local_pcp:304kB free_cma:0kB lowmem_reserve[]: 0 0 0 [ 1547.121699] DMA32: 12*4kB (UM) 12*8kB (UME) 7*16kB (UME) 5*32kB (UME) 4*64kB (UM) 6*128kB (UME) 7*256kB (UME) 6*512kB (UME) 4*1024kB (UME) 4*2048kB (UME) 731*4096kB (UM) = 3012768kB Normal: 66*4kB (UME) 89*8kB (UME) 138*16kB (UME) 19*32kB (UME) 14*64kB (UM) 3*128kB (UME) 2*256kB (E) 2*512kB (UM) 2*1024kB (UE) 1*2048kB (U) 365*4096kB (U) = 1505744kB 32138 total pagecache pages [ 1547.121975] 0 pages in swap cache [ 1547.121994] Swap cache stats: add 0, delete 0, find 0/0 [ 1547.122015] Free swap = 0kB [ 1547.122027] Total swap = 0kB [ 1547.122033] 1965979 pages RAM [ 1547.122055] 0 pages HighMem/MovableOnly [ 1547.122067] 313627 pages reserved [ 1547.808315] syz-executor.0: vmalloc: allocation failure: 0 bytes, mode:0x24000c2(GFP_KERNEL|__GFP_HIGHMEM) [ 1547.808327] CPU: 0 PID: 30871 Comm: syz-executor.0 Not tainted 4.9.194+ #0 [ 1547.808344] ffff88013aeaf968 ffffffff81b67001 1ffff100275d5f2f ffff8801a3140000 [ 1547.808358] ffffffff82aab4e0 0000000000000001 0000000000400000 ffff88013aeafa90 [ 1547.808370] ffffffff815080fc 0000000041b58ab3 ffffffff82e3bc80 ffffffff81431d00 [ 1547.808372] Call Trace: [ 1547.808392] [<0000000011681f42>] dump_stack+0xc1/0x120 [ 1547.808410] [<000000007c2097d2>] warn_alloc.cold+0x76/0x93 [ 1547.808420] [<00000000de19d6ac>] ? zone_watermark_ok_safe+0x260/0x260 [ 1547.808428] [<00000000298d54b5>] ? avc_has_perm+0x164/0x3a0 [ 1547.808437] [<000000005cb91349>] __vmalloc_node_range+0x368/0x610 [ 1547.808446] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1547.808454] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1547.808462] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1547.808471] [<00000000a2fc1867>] ? task_has_security+0x130/0x270 [ 1547.808477] [<00000000a2870fb6>] vmalloc+0x5c/0x70 [ 1547.808483] [<000000009122b07a>] ? sel_write_load+0x119/0xf60 [ 1547.808489] [<000000009122b07a>] sel_write_load+0x119/0xf60 [ 1547.808496] [<0000000014953e9a>] ? sel_read_bool+0x240/0x240 [ 1547.808506] [<0000000033795d1e>] ? trace_hardirqs_on+0x10/0x10 [ 1547.808513] [<000000008431afd9>] __vfs_write+0x116/0x560 [ 1547.808523] [<0000000014953e9a>] ? sel_read_bool+0x240/0x240 [ 1547.808533] [<00000000b67253ca>] ? __vfs_read+0x550/0x550 [ 1547.808545] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1547.808564] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1547.808578] [<00000000ad48bf15>] ? rcu_read_lock_sched_held+0x10b/0x130 [ 1547.808589] [<00000000a3300644>] ? rcu_sync_lockdep_assert+0x73/0xb0 [ 1547.808597] [<000000003542cfd2>] ? __sb_start_write+0x161/0x310 [ 1547.808603] [<000000006a657c39>] vfs_write+0x185/0x520 [ 1547.808610] [<00000000896b6640>] SyS_write+0x121/0x270 [ 1547.808617] [<0000000039622e10>] ? SyS_read+0x270/0x270 [ 1547.808625] [<00000000207ed57a>] ? do_syscall_64+0x4a/0x5c0 [ 1547.808632] [<0000000039622e10>] ? SyS_read+0x270/0x270 [ 1547.808638] [<000000009049c43c>] do_syscall_64+0x1ad/0x5c0 [ 1547.808648] [<00000000880b3aee>] entry_SYSCALL_64_after_swapgs+0x5d/0xdb [ 1547.808652] Mem-Info: [ 1547.808679] active_anon:189383 inactive_anon:2085 isolated_anon:0 [ 1547.808679] active_file:12751 inactive_file:19334 isolated_file:0 [ 1547.808679] unevictable:1 dirty:171 writeback:0 unstable:0 [ 1547.808679] slab_reclaimable:8949 slab_unreclaimable:101120 [ 1547.808679] mapped:61416 shmem:2104 pagetables:79665 bounce:0 [ 1547.808679] free:1127702 free_pcp:460 free_cma:0 [ 1547.808697] Node 0 active_anon:757532kB inactive_anon:8340kB active_file:51004kB inactive_file:77336kB unevictable:4kB isolated(anon):0kB isolated(file):0kB mapped:245664kB dirty:684kB writeback:0kB shmem:8416kB writeback_tmp:0kB unstable:0kB pages_scanned:0 all_unreclaimable? no [ 1547.808718] DMA32 free:3012768kB min:4696kB low:7712kB high:10728kB active_anon:8kB inactive_anon:0kB active_file:4kB inactive_file:0kB unevictable:0kB writepending:0kB present:3145324kB managed:3020092kB mlocked:0kB slab_reclaimable:72kB slab_unreclaimable:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:1232kB local_pcp:588kB free_cma:0kB lowmem_reserve[]: 0 3505 3505 22:11:46 executing program 1: openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) socket(0x0, 0x0, 0x0) poll(0x0, 0x0, 0x8000000000000200) r0 = socket(0x200000000000011, 0x3, 0x0) fcntl$setstatus(r0, 0x4, 0x2400) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000240)={'ip6_vti0\x00', 0x0}) bind$packet(r0, &(0x7f0000000040)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @dev={[], 0x15}}, 0x14) socket(0x1, 0xa, 0x69) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f00000002c0)=0x596, 0x4) sendmmsg(r0, &(0x7f0000000d00), 0x400004e, 0x0) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000300), 0x0) lstat(0x0, &(0x7f0000000140)) 22:11:46 executing program 5: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x448, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x13102000ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket(0x5, 0xa, 0x8) poll(0x0, 0x0, 0x8000000000000200) socketpair(0x10, 0x0, 0xfe, &(0x7f0000000180)) fcntl$setown(0xffffffffffffffff, 0x8, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$TIOCLINUX4(r1, 0x541c, &(0x7f0000000040)) dup2(r0, 0xffffffffffffffff) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r3, &(0x7f0000000300)=ANY=[@ANYBLOB="2422cdb3dbc96a0d7dab17ee1da68e97a75c2d1a34e7ee02004c4ac61b6783adf4b78165e6c18fe6e6e9de0eb40ab9b6372acb8457a07f40768a79fdc462e6b4a93479179acce26e9a881ad88e9bda56bc45b955bd137eb6a10faae485df2055d290b5f5949c6c1ef54dacde51e41b3b831d091296afdcea0a3f90167c64236701a6a66a7585617a81295c82c330caf32cb6b5240766739a217b22cf41bbab5aeb327feb5109ed16a6ddd2009b475825c0dd02dbec6e612072ce7fd70ed9305446a8b45b7a9ff355b3cff9707fe8ba6b03c1d1269b59308a"], 0x1) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x21) wait4(0x0, 0x0, 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x10000, 0x0, 0x15}) syz_open_pts(r0, 0x0) stat(&(0x7f0000000140)='./file0\x00', 0x0) getxattr(&(0x7f0000000240)='./file0\x00', &(0x7f0000000280)=@known='com.apple.system.Security\x00', &(0x7f00000002c0)=""/41, 0x29) accept$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @initdev}, &(0x7f00000001c0)=0x10) bind$inet(0xffffffffffffffff, &(0x7f0000000080)={0x2, 0x4e22, @empty}, 0x10) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0xf, &(0x7f00009abffc)=0x5, 0x4) r4 = socket(0xa, 0x2, 0x0) getsockopt$sock_cred(r4, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xa) openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000540)='/dev/vga_arbiter\x00', 0x511441, 0x0) 22:11:46 executing program 0: recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f0000000100)=@pppol2tpv3={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @local}}}, 0x80, 0x0}}], 0x1, 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) utime(&(0x7f0000000080)='./file0\x00', &(0x7f0000000180)={0x800, 0x5}) request_key(&(0x7f0000000200)='user\x00', &(0x7f0000000040)={'syz'}, &(0x7f0000000a80), 0xfffffffffffffffd) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) sendto$inet(r0, 0x0, 0xffffffffffffff60, 0x0, 0x0, 0x2f95a3c3cb55ab4b) r1 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/route\x00') preadv(r1, &(0x7f0000000000)=[{&(0x7f0000000240)=""/212, 0xfffffffffffffe08}, {&(0x7f0000000340)=""/155, 0x9b}], 0x2, 0x800000) 22:11:46 executing program 4: r0 = socket$unix(0x1, 0x1, 0x0) r1 = socket$unix(0x1, 0x1, 0x0) bind$unix(r1, &(0x7f0000003000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0xc) listen(r1, 0x0) connect$unix(r0, &(0x7f000066fff4)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0xc) accept4$unix(r1, &(0x7f000046f000)=@abs, &(0x7f0000937000)=0x8, 0x0) 22:11:46 executing program 2: r0 = socket$unix(0x1, 0x1, 0x0) r1 = socket$unix(0x1, 0x1, 0x0) bind$unix(r1, &(0x7f0000003000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0xc) listen(r1, 0x0) connect$unix(r0, &(0x7f000066fff4)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0xc) accept4$unix(r1, &(0x7f000046f000)=@abs, &(0x7f0000937000)=0x8, 0x0) [ 1547.808751] Normal free:1498040kB min:5580kB low:9168kB high:12756kB active_anon:757524kB inactive_anon:8340kB active_file:51000kB inactive_file:77336kB unevictable:4kB writepending:684kB present:4718592kB managed:3589316kB mlocked:4kB slab_reclaimable:35724kB slab_unreclaimable:404480kB kernel_stack:100992kB pagetables:318660kB bounce:0kB free_pcp:608kB local_pcp:196kB free_cma:0kB 22:11:46 executing program 4: r0 = socket$unix(0x1, 0x1, 0x0) r1 = socket$unix(0x1, 0x1, 0x0) bind$unix(r1, &(0x7f0000003000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0xc) listen(r1, 0x0) connect$unix(r0, &(0x7f000066fff4)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0xc) accept4$unix(r1, &(0x7f000046f000)=@abs, &(0x7f0000937000)=0x8, 0x0) 22:11:46 executing program 2: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x448, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x13102000ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket(0x5, 0xa, 0x8) poll(0x0, 0x0, 0x8000000000000200) socketpair(0x10, 0x0, 0xfe, &(0x7f0000000180)) fcntl$setown(0xffffffffffffffff, 0x8, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$TIOCLINUX4(r1, 0x541c, &(0x7f0000000040)) dup2(r0, 0xffffffffffffffff) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r3, &(0x7f0000000300)=ANY=[@ANYBLOB="2422cdb3dbc96a0d7dab17ee1da68e97a75c2d1a34e7ee02004c4ac61b6783adf4b78165e6c18fe6e6e9de0eb40ab9b6372acb8457a07f40768a79fdc462e6b4a93479179acce26e9a881ad88e9bda56bc45b955bd137eb6a10faae485df2055d290b5f5949c6c1ef54dacde51e41b3b831d091296afdcea0a3f90167c64236701a6a66a7585617a81295c82c330caf32cb6b5240766739a217b22cf41bbab5aeb327feb5109ed16a6ddd2009b475825c0dd02dbec6e612072ce7fd70ed9305446a8b45b7a9ff355b3cff9707fe8ba6b03c1d1269b59308a"], 0x1) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x21) wait4(0x0, 0x0, 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x10000, 0x0, 0x15}) syz_open_pts(r0, 0x0) stat(&(0x7f0000000140)='./file0\x00', 0x0) getxattr(&(0x7f0000000240)='./file0\x00', &(0x7f0000000280)=@known='com.apple.system.Security\x00', &(0x7f00000002c0)=""/41, 0x29) accept$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @initdev}, &(0x7f00000001c0)=0x10) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0xf, &(0x7f00009abffc)=0x5, 0x4) r4 = socket(0xa, 0x2, 0x0) getsockopt$sock_cred(r4, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xa) fcntl$getownex(r4, 0x10, &(0x7f0000000500)) openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000540)='/dev/vga_arbiter\x00', 0x511441, 0x0) 22:11:46 executing program 0: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000040)=0x74, 0x4) bind$inet(r0, &(0x7f0000000180)={0x2, 0x4e23, @multicast1}, 0x10) sendto$inet(r0, 0x0, 0x0, 0x20000758, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) sendto$inet(r0, &(0x7f0000000200)='8', 0xfffffffffffffd84, 0xfffffffffffffffd, 0x0, 0xfffffffffffffd62) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0) r1 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r1, &(0x7f0000000100)={0x2, 0x0, @broadcast}, 0x10) setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, &(0x7f0000b86000)={0x1, &(0x7f00000000c0)=[{0x6}]}, 0x10) getsockopt$IPT_SO_GET_REVISION_TARGET(r1, 0x0, 0x43, &(0x7f0000000500)={'ah\x00'}, &(0x7f0000000540)=0x1e) sendto$inet(r1, 0x0, 0x0, 0x200007fd, 0x0, 0x0) setsockopt$inet_icmp_ICMP_FILTER(0xffffffffffffffff, 0x1, 0x1, &(0x7f0000000140)={0xff}, 0x4) recvmmsg(0xffffffffffffffff, &(0x7f0000008d40)=[{{&(0x7f0000000080)=@ipx, 0x80, &(0x7f0000000000)=[{&(0x7f0000000240)=""/254, 0xfe}], 0x1, &(0x7f0000000400)=""/169, 0xa9}, 0x8}, {{0x0, 0x0, &(0x7f0000000100)=[{&(0x7f00000004c0)=""/4096, 0x1000}], 0x1, &(0x7f00000014c0)=""/252, 0xfc}, 0x4}, {{&(0x7f00000015c0)=@pppol2tpin6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @mcast1}}}, 0x80, &(0x7f0000001a00)=[{&(0x7f0000001640)=""/186, 0xba}, {&(0x7f0000000140)=""/44, 0x2c}, {&(0x7f0000001700)=""/240, 0xf0}, {&(0x7f0000001800)=""/239, 0xef}, {&(0x7f0000001900)=""/228, 0xe4}], 0x5, &(0x7f0000001a80)=""/218, 0xda}, 0x200}, {{&(0x7f0000001b80)=@ll={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @link_local}, 0x80, &(0x7f0000003f40)=[{&(0x7f0000001c00)=""/210, 0xd2}, {&(0x7f0000001d00)=""/4096, 0x1000}, {&(0x7f0000002d00)=""/122, 0x7a}, {&(0x7f0000002d80)=""/173, 0xad}, {&(0x7f0000002e40)=""/228, 0xe4}, {&(0x7f0000002f40)=""/4096, 0x1000}], 0x6, &(0x7f0000003fc0)=""/67, 0x43}, 0x80}, {{&(0x7f0000004040)=@tipc=@name, 0x80, &(0x7f0000000340)=[{&(0x7f00000001c0)=""/56, 0x38}, {&(0x7f00000040c0)=""/206, 0xce}], 0x2, &(0x7f00000041c0)=""/76, 0x4c}, 0x3}, {{&(0x7f0000004240)=@pptp={0x18, 0x2, {0x0, @multicast1}}, 0x80, 0x0, 0x0, &(0x7f0000004500)=""/221, 0xdd}, 0x200}, {{&(0x7f0000004600)=@can, 0x80, &(0x7f0000006c00)=[{&(0x7f0000004680)=""/23, 0x17}, {&(0x7f00000046c0)=""/220, 0xdc}, {&(0x7f00000047c0)=""/4096, 0x1000}, {&(0x7f00000057c0)=""/152, 0x98}, {&(0x7f0000005880)=""/77, 0x4d}, {&(0x7f0000005900)=""/201, 0xc9}, {&(0x7f0000005a00)=""/4096, 0x1000}, {&(0x7f0000006a00)=""/235, 0xeb}, {&(0x7f0000006b00)=""/248, 0xf8}], 0x9, &(0x7f0000006cc0)=""/208, 0xd0}, 0x643c5157}, {{0x0, 0x0, &(0x7f0000007140)=[{&(0x7f0000006e40)=""/160, 0xa0}, {&(0x7f0000006f00)=""/49, 0x31}], 0x2}, 0x8001}], 0x8, 0x2100, &(0x7f0000009000)) r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) write$binfmt_elf64(r0, &(0x7f0000000380)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x38}, [{}]}, 0x78) lowmem_reserve[]: 0 0 0 [ 1547.808844] DMA32: 12*4kB (UM) 12*8kB (UME) 7*16kB (UME) 5*32kB (UME) 4*64kB (UM) 6*128kB (UME) 7*256kB (UME) 6*512kB (UME) 4*1024kB (UME) 4*2048kB (UME) 731*4096kB (UM) = 3012768kB Normal: 60*4kB (UME) 17*8kB (UME) 28*16kB (UE) 6*32kB (UE) 2*64kB (U) 2*128kB (UE) 2*256kB (E) 2*512kB (UM) 2*1024kB (UE) 1*2048kB (U) 364*4096kB (U) = 1497976kB 34186 total pagecache pages [ 1547.808915] 0 pages in swap cache [ 1547.808920] Swap cache stats: add 0, delete 0, find 0/0 [ 1547.808922] Free swap = 0kB [ 1547.808924] Total swap = 0kB 22:11:47 executing program 4: r0 = socket$unix(0x1, 0x1, 0x0) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x10, &(0x7f0000000040)=0xb517, 0x4) bind$unix(0xffffffffffffffff, &(0x7f0000003000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0xc) listen(0xffffffffffffffff, 0x0) connect$unix(r0, &(0x7f000066fff4)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0xc) accept4$unix(0xffffffffffffffff, &(0x7f000046f000)=@abs, &(0x7f0000937000)=0x8, 0x0) [ 1547.808929] 1965979 pages RAM [ 1547.808931] 0 pages HighMem/MovableOnly [ 1547.808933] 313627 pages reserved [ 1548.859777] syz-executor.0: vmalloc: allocation failure: 0 bytes, mode:0x24000c2(GFP_KERNEL|__GFP_HIGHMEM) [ 1548.859786] CPU: 1 PID: 30912 Comm: syz-executor.0 Not tainted 4.9.194+ #0 [ 1548.859801] ffff88013afff968 ffffffff81b67001 1ffff100275fff2f ffff8801a2f65f00 [ 1548.859811] ffffffff82aab4e0 0000000000000001 0000000000400000 ffff88013afffa90 [ 1548.859821] ffffffff815080fc 0000000041b58ab3 ffffffff82e3bc80 ffffffff81431d00 [ 1548.859823] Call Trace: [ 1548.859840] [<0000000011681f42>] dump_stack+0xc1/0x120 22:11:47 executing program 4: r0 = socket$unix(0x1, 0x1, 0x0) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x10, &(0x7f0000000040)=0xb517, 0x4) bind$unix(0xffffffffffffffff, &(0x7f0000003000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0xc) listen(0xffffffffffffffff, 0x0) connect$unix(r0, &(0x7f000066fff4)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0xc) accept4$unix(0xffffffffffffffff, &(0x7f000046f000)=@abs, &(0x7f0000937000)=0x8, 0x0) [ 1548.859854] [<000000007c2097d2>] warn_alloc.cold+0x76/0x93 [ 1548.859870] [<00000000de19d6ac>] ? zone_watermark_ok_safe+0x260/0x260 [ 1548.859879] [<00000000298d54b5>] ? avc_has_perm+0x164/0x3a0 [ 1548.859895] [<000000005cb91349>] __vmalloc_node_range+0x368/0x610 [ 1548.859906] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1548.859914] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 22:11:47 executing program 5: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x448, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x13102000ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket(0x5, 0xa, 0x8) poll(0x0, 0x0, 0x8000000000000200) socketpair(0x10, 0x0, 0xfe, &(0x7f0000000180)) fcntl$setown(0xffffffffffffffff, 0x8, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$TIOCLINUX4(r1, 0x541c, &(0x7f0000000040)) dup2(r0, 0xffffffffffffffff) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r3, &(0x7f0000000300)=ANY=[@ANYBLOB="2422cdb3dbc96a0d7dab17ee1da68e97a75c2d1a34e7ee02004c4ac61b6783adf4b78165e6c18fe6e6e9de0eb40ab9b6372acb8457a07f40768a79fdc462e6b4a93479179acce26e9a881ad88e9bda56bc45b955bd137eb6a10faae485df2055d290b5f5949c6c1ef54dacde51e41b3b831d091296afdcea0a3f90167c64236701a6a66a7585617a81295c82c330caf32cb6b5240766739a217b22cf41bbab5aeb327feb5109ed16a6ddd2009b475825c0dd02dbec6e612072ce7fd70ed9305446a8b45b7a9ff355b3cff9707fe8ba6b03c1d1269b59308a"], 0x1) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x21) wait4(0x0, 0x0, 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x10000, 0x0, 0x15}) syz_open_pts(r0, 0x0) stat(&(0x7f0000000140)='./file0\x00', 0x0) getxattr(&(0x7f0000000240)='./file0\x00', &(0x7f0000000280)=@known='com.apple.system.Security\x00', &(0x7f00000002c0)=""/41, 0x29) accept$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @initdev}, &(0x7f00000001c0)=0x10) bind$inet(0xffffffffffffffff, &(0x7f0000000080)={0x2, 0x4e22, @empty}, 0x10) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0xf, &(0x7f00009abffc)=0x5, 0x4) r4 = socket(0xa, 0x2, 0x0) getsockopt$sock_cred(r4, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xa) openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000540)='/dev/vga_arbiter\x00', 0x511441, 0x0) [ 1548.859922] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1548.859931] [<00000000a2fc1867>] ? task_has_security+0x130/0x270 [ 1548.859938] [<00000000a2870fb6>] vmalloc+0x5c/0x70 [ 1548.859944] [<000000009122b07a>] ? sel_write_load+0x119/0xf60 [ 1548.859950] [<000000009122b07a>] sel_write_load+0x119/0xf60 [ 1548.859957] [<0000000014953e9a>] ? sel_read_bool+0x240/0x240 [ 1548.859967] [<0000000033795d1e>] ? trace_hardirqs_on+0x10/0x10 [ 1548.859974] [<000000008431afd9>] __vfs_write+0x116/0x560 [ 1548.859981] [<0000000014953e9a>] ? sel_read_bool+0x240/0x240 [ 1548.859987] [<00000000b67253ca>] ? __vfs_read+0x550/0x550 [ 1548.859996] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1548.860004] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1548.860013] [<00000000ad48bf15>] ? rcu_read_lock_sched_held+0x10b/0x130 [ 1548.860020] [<00000000a3300644>] ? rcu_sync_lockdep_assert+0x73/0xb0 [ 1548.860028] [<000000003542cfd2>] ? __sb_start_write+0x161/0x310 [ 1548.860035] [<000000006a657c39>] vfs_write+0x185/0x520 [ 1548.860042] [<00000000896b6640>] SyS_write+0x121/0x270 [ 1548.860048] [<0000000039622e10>] ? SyS_read+0x270/0x270 [ 1548.860057] [<00000000207ed57a>] ? do_syscall_64+0x4a/0x5c0 [ 1548.860063] [<0000000039622e10>] ? SyS_read+0x270/0x270 [ 1548.860070] [<000000009049c43c>] do_syscall_64+0x1ad/0x5c0 [ 1548.860080] [<00000000880b3aee>] entry_SYSCALL_64_after_swapgs+0x5d/0xdb [ 1548.861676] Mem-Info: [ 1548.861704] active_anon:189449 inactive_anon:40 isolated_anon:0 [ 1548.861704] active_file:12751 inactive_file:19334 isolated_file:0 [ 1548.861704] unevictable:1 dirty:192 writeback:0 unstable:0 [ 1548.861704] slab_reclaimable:8949 slab_unreclaimable:101019 [ 1548.861704] mapped:59381 shmem:56 pagetables:79723 bounce:0 [ 1548.861704] free:1129642 free_pcp:511 free_cma:0 [ 1548.861721] Node 0 active_anon:757796kB inactive_anon:160kB active_file:51004kB inactive_file:77336kB unevictable:4kB isolated(anon):0kB isolated(file):0kB mapped:237524kB dirty:768kB writeback:0kB shmem:224kB writeback_tmp:0kB unstable:0kB pages_scanned:0 all_unreclaimable? no [ 1548.861748] DMA32 free:3012768kB min:4696kB low:7712kB high:10728kB active_anon:8kB inactive_anon:0kB active_file:4kB inactive_file:0kB unevictable:0kB writepending:0kB present:3145324kB managed:3020092kB mlocked:0kB slab_reclaimable:72kB slab_unreclaimable:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:1232kB local_pcp:644kB free_cma:0kB lowmem_reserve[]: 0 3505 3505 [ 1548.862408] Normal free:1505800kB min:5580kB low:9168kB high:12756kB active_anon:757788kB inactive_anon:160kB active_file:51000kB inactive_file:77336kB unevictable:4kB writepending:768kB present:4718592kB managed:3589316kB mlocked:4kB slab_reclaimable:35724kB slab_unreclaimable:404076kB kernel_stack:101056kB pagetables:318892kB bounce:0kB free_pcp:772kB local_pcp:468kB free_cma:0kB lowmem_reserve[]: 0 0 0 [ 1548.862476] DMA32: 12*4kB (UM) 12*8kB (UME) 7*16kB (UME) 5*32kB (UME) 4*64kB (UM) 6*128kB (UME) 7*256kB (UME) 6*512kB (UME) 4*1024kB (UME) 4*2048kB (UME) 731*4096kB (UM) = 3012768kB Normal: 112*4kB (UME) 151*8kB (UME) 149*16kB (UME) 37*32kB (UME) 18*64kB (UM) 8*128kB (UME) 9*256kB (ME) 6*512kB (UM) 2*1024kB (UE) 2*2048kB (UM) 363*4096kB (U) = 1505768kB 32138 total pagecache pages [ 1548.862542] 0 pages in swap cache [ 1548.862547] Swap cache stats: add 0, delete 0, find 0/0 [ 1548.862549] Free swap = 0kB [ 1548.862551] Total swap = 0kB [ 1548.862553] 1965979 pages RAM [ 1548.862556] 0 pages HighMem/MovableOnly [ 1548.862558] 313627 pages reserved [ 1550.599105] syz-executor.1: vmalloc: allocation failure: 0 bytes, mode:0x24000c2(GFP_KERNEL|__GFP_HIGHMEM) [ 1550.599155] CPU: 1 PID: 30936 Comm: syz-executor.1 Not tainted 4.9.194+ #0 [ 1550.599175] ffff88013714f968 ffffffff81b67001 1ffff10026e29f2f ffff8801304917c0 [ 1550.599188] ffffffff82aab4e0 0000000000000001 0000000000400000 ffff88013714fa90 [ 1550.599199] ffffffff815080fc 0000000041b58ab3 ffffffff82e3bc80 ffffffff81431d00 [ 1550.599201] Call Trace: [ 1550.599218] [<0000000011681f42>] dump_stack+0xc1/0x120 [ 1550.599239] [<000000007c2097d2>] warn_alloc.cold+0x76/0x93 [ 1550.599250] [<00000000de19d6ac>] ? zone_watermark_ok_safe+0x260/0x260 [ 1550.599259] [<00000000298d54b5>] ? avc_has_perm+0x164/0x3a0 [ 1550.599269] [<000000005cb91349>] __vmalloc_node_range+0x368/0x610 [ 1550.599278] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1550.599287] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1550.599296] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1550.599306] [<00000000a2fc1867>] ? task_has_security+0x130/0x270 [ 1550.599313] [<00000000a2870fb6>] vmalloc+0x5c/0x70 [ 1550.599320] [<000000009122b07a>] ? sel_write_load+0x119/0xf60 [ 1550.599327] [<000000009122b07a>] sel_write_load+0x119/0xf60 [ 1550.599334] [<0000000014953e9a>] ? sel_read_bool+0x240/0x240 [ 1550.599343] [<0000000033795d1e>] ? trace_hardirqs_on+0x10/0x10 [ 1550.599352] [<000000008431afd9>] __vfs_write+0x116/0x560 [ 1550.599359] [<0000000014953e9a>] ? sel_read_bool+0x240/0x240 [ 1550.599366] [<00000000b67253ca>] ? __vfs_read+0x550/0x550 [ 1550.599375] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1550.599383] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1550.599392] [<00000000ad48bf15>] ? rcu_read_lock_sched_held+0x10b/0x130 [ 1550.599400] [<00000000a3300644>] ? rcu_sync_lockdep_assert+0x73/0xb0 [ 1550.599408] [<000000003542cfd2>] ? __sb_start_write+0x161/0x310 [ 1550.599415] [<000000006a657c39>] vfs_write+0x185/0x520 [ 1550.599422] [<00000000896b6640>] SyS_write+0x121/0x270 [ 1550.599430] [<0000000039622e10>] ? SyS_read+0x270/0x270 [ 1550.599438] [<00000000207ed57a>] ? do_syscall_64+0x4a/0x5c0 [ 1550.599445] [<0000000039622e10>] ? SyS_read+0x270/0x270 [ 1550.599452] [<000000009049c43c>] do_syscall_64+0x1ad/0x5c0 [ 1550.599462] [<00000000880b3aee>] entry_SYSCALL_64_after_swapgs+0x5d/0xdb [ 1550.599508] Mem-Info: [ 1550.599539] active_anon:189631 inactive_anon:39 isolated_anon:0 [ 1550.599539] active_file:12754 inactive_file:19334 isolated_file:0 [ 1550.599539] unevictable:1 dirty:195 writeback:0 unstable:0 [ 1550.599539] slab_reclaimable:8950 slab_unreclaimable:101162 [ 1550.599539] mapped:59356 shmem:56 pagetables:79842 bounce:0 [ 1550.599539] free:1129036 free_pcp:537 free_cma:0 [ 1550.599569] Node 0 active_anon:758524kB inactive_anon:156kB active_file:51016kB inactive_file:77336kB unevictable:4kB isolated(anon):0kB isolated(file):0kB mapped:237424kB dirty:780kB writeback:0kB shmem:224kB writeback_tmp:0kB unstable:0kB pages_scanned:0 all_unreclaimable? no [ 1550.599602] DMA32 free:3012768kB min:4696kB low:7712kB high:10728kB active_anon:8kB inactive_anon:0kB active_file:4kB inactive_file:0kB unevictable:0kB writepending:0kB present:3145324kB managed:3020092kB mlocked:0kB slab_reclaimable:72kB slab_unreclaimable:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:1232kB local_pcp:644kB free_cma:0kB lowmem_reserve[]: 0 3505 3505 [ 1550.599669] Normal free:1503376kB min:5580kB low:9168kB high:12756kB active_anon:758516kB inactive_anon:156kB active_file:51012kB inactive_file:77336kB unevictable:4kB writepending:780kB present:4718592kB managed:3589316kB mlocked:4kB slab_reclaimable:35728kB slab_unreclaimable:404648kB kernel_stack:101536kB pagetables:319368kB bounce:0kB free_pcp:916kB local_pcp:388kB free_cma:0kB lowmem_reserve[]: 0 0 0 [ 1550.599966] DMA32: 12*4kB (UM) 12*8kB (UME) 7*16kB (UME) 5*32kB (UME) 4*64kB (UM) 6*128kB (UME) 7*256kB (UME) 6*512kB (UME) 4*1024kB (UME) 4*2048kB (UME) 731*4096kB (UM) = 3012768kB Normal: 2*4kB (UM) 117*8kB (UME) 132*16kB (UME) 24*32kB (UME) 15*64kB (M) 7*128kB (ME) 10*256kB (UME) 6*512kB (UM) 1*1024kB (E) 2*2048kB (UM) 363*4096kB (U) = 1503280kB 32141 total pagecache pages [ 1550.600228] 0 pages in swap cache [ 1550.600248] Swap cache stats: add 0, delete 0, find 0/0 [ 1550.600260] Free swap = 0kB [ 1550.600267] Total swap = 0kB [ 1550.600279] 1965979 pages RAM [ 1550.600286] 0 pages HighMem/MovableOnly [ 1550.600299] 313627 pages reserved [ 1550.601378] syz-executor.0: vmalloc: allocation failure: 0 bytes, mode:0x24000c2(GFP_KERNEL|__GFP_HIGHMEM) 22:11:48 executing program 3: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x448, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x13102000ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket(0x5, 0xa, 0x8) poll(0x0, 0x0, 0x8000000000000200) socketpair(0x10, 0x0, 0xfe, &(0x7f0000000180)) fcntl$setown(0xffffffffffffffff, 0x8, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$TIOCLINUX4(r1, 0x541c, &(0x7f0000000040)) dup2(r0, 0xffffffffffffffff) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r3, &(0x7f0000000300)=ANY=[@ANYBLOB="2422cdb3dbc96a0d7dab17ee1da68e97a75c2d1a34e7ee02004c4ac61b6783adf4b78165e6c18fe6e6e9de0eb40ab9b6372acb8457a07f40768a79fdc462e6b4a93479179acce26e9a881ad88e9bda56bc45b955bd137eb6a10faae485df2055d290b5f5949c6c1ef54dacde51e41b3b831d091296afdcea0a3f90167c64236701a6a66a7585617a81295c82c330caf32cb6b5240766739a217b22cf41bbab5aeb327feb5109ed16a6ddd2009b475825c0dd02dbec6e612072ce7fd70ed9305446a8b45b7a9ff355b3cff9707fe8ba6b03c1d1269b59308a"], 0x1) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x21) wait4(0x0, 0x0, 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x10000, 0x0, 0x15}) syz_open_pts(r0, 0x0) stat(&(0x7f0000000140)='./file0\x00', 0x0) getxattr(&(0x7f0000000240)='./file0\x00', &(0x7f0000000280)=@known='com.apple.system.Security\x00', &(0x7f00000002c0)=""/41, 0x29) accept$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @initdev}, &(0x7f00000001c0)=0x10) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0xf, &(0x7f00009abffc)=0x5, 0x4) r4 = socket(0xa, 0x2, 0x0) getsockopt$sock_cred(r4, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xa) fcntl$getownex(r4, 0x10, &(0x7f0000000500)) openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000540)='/dev/vga_arbiter\x00', 0x511441, 0x0) 22:11:48 executing program 4: r0 = socket$unix(0x1, 0x1, 0x0) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x10, &(0x7f0000000040)=0xb517, 0x4) bind$unix(0xffffffffffffffff, &(0x7f0000003000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0xc) listen(0xffffffffffffffff, 0x0) connect$unix(r0, &(0x7f000066fff4)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0xc) accept4$unix(0xffffffffffffffff, &(0x7f000046f000)=@abs, &(0x7f0000937000)=0x8, 0x0) 22:11:48 executing program 1: openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) socket(0x0, 0x0, 0x0) poll(0x0, 0x0, 0x8000000000000200) r0 = socket(0x200000000000011, 0x3, 0x0) fcntl$setstatus(r0, 0x4, 0x2400) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000240)={'ip6_vti0\x00', 0x0}) bind$packet(r0, &(0x7f0000000040)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @dev={[], 0x15}}, 0x14) socket(0x1, 0xa, 0x69) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f00000002c0)=0x596, 0x4) sendmmsg(r0, &(0x7f0000000d00), 0x400004e, 0x0) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000300), 0x0) lstat(0x0, &(0x7f0000000140)) 22:11:48 executing program 0: r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) socket(0x0, 0x0, 0x0) r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000180)='\x00\x00\x00\x00\x00') fchown(r1, 0x0, 0x0) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0}, &(0x7f0000cab000)=0xc) chown(&(0x7f00000001c0)='./file0\x00', r2, 0x0) lstat(&(0x7f0000000100)='./file0\x00', &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) write$FUSE_ENTRY(r1, &(0x7f0000000300)={0x90, 0x0, 0x8, {0x3, 0x2, 0x2, 0x100, 0x3, 0x9, {0x0, 0x4, 0x0, 0x5, 0x1d15, 0x253, 0x5, 0x81, 0x3, 0x6, 0x4a489615, r2, r3, 0x9, 0xffff}}}, 0x90) ioprio_set$uid(0x3, r2, 0x7fff) poll(0x0, 0x0, 0x8000000000000200) r4 = socket(0x200000000000011, 0x3, 0x0) fcntl$setstatus(r4, 0x4, 0x2400) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000240)={'ip6_vti0\x00', 0x0}) bind$packet(r4, &(0x7f0000000040)={0x11, 0x0, r5, 0x1, 0x0, 0x6, @dev={[], 0x15}}, 0x14) setsockopt$SO_TIMESTAMPING(r4, 0x1, 0x25, &(0x7f00000002c0)=0x596, 0x4) sendmmsg(r4, &(0x7f0000000d00), 0x400004e, 0x0) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000300), 0x0) sendto$inet6(r0, &(0x7f0000000000)="dc23aa52871288cb14556c12fe9416997eb8060f037ec365700e8b453063fa4785c6df3731d50e48210d201f6fff7892c1a3", 0x32, 0x10000000, &(0x7f00000000c0)={0xa, 0x4e20, 0x0, @local, 0x3}, 0x1c) lstat(0x0, &(0x7f0000000140)) 22:11:48 executing program 5: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x448, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x13102000ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket(0x5, 0xa, 0x8) poll(0x0, 0x0, 0x8000000000000200) socketpair(0x10, 0x0, 0xfe, &(0x7f0000000180)) fcntl$setown(0xffffffffffffffff, 0x8, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$TIOCLINUX4(r1, 0x541c, &(0x7f0000000040)) dup2(r0, 0xffffffffffffffff) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r3, &(0x7f0000000300)=ANY=[@ANYBLOB="2422cdb3dbc96a0d7dab17ee1da68e97a75c2d1a34e7ee02004c4ac61b6783adf4b78165e6c18fe6e6e9de0eb40ab9b6372acb8457a07f40768a79fdc462e6b4a93479179acce26e9a881ad88e9bda56bc45b955bd137eb6a10faae485df2055d290b5f5949c6c1ef54dacde51e41b3b831d091296afdcea0a3f90167c64236701a6a66a7585617a81295c82c330caf32cb6b5240766739a217b22cf41bbab5aeb327feb5109ed16a6ddd2009b475825c0dd02dbec6e612072ce7fd70ed9305446a8b45b7a9ff355b3cff9707fe8ba6b03c1d1269b59308a"], 0x1) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x21) wait4(0x0, 0x0, 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x10000, 0x0, 0x15}) syz_open_pts(r0, 0x0) stat(&(0x7f0000000140)='./file0\x00', 0x0) getxattr(&(0x7f0000000240)='./file0\x00', &(0x7f0000000280)=@known='com.apple.system.Security\x00', &(0x7f00000002c0)=""/41, 0x29) accept$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @initdev}, &(0x7f00000001c0)=0x10) bind$inet(0xffffffffffffffff, &(0x7f0000000080)={0x2, 0x4e22, @empty}, 0x10) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0xf, &(0x7f00009abffc)=0x5, 0x4) r4 = socket(0xa, 0x2, 0x0) getsockopt$sock_cred(r4, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xa) openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000540)='/dev/vga_arbiter\x00', 0x511441, 0x0) [ 1550.601389] CPU: 1 PID: 30942 Comm: syz-executor.0 Not tainted 4.9.194+ #0 [ 1550.601406] ffff88011f22f968 ffffffff81b67001 1ffff10023e45f2f ffff88013c4817c0 [ 1550.601419] ffffffff82aab4e0 0000000000000001 0000000000400000 ffff88011f22fa90 [ 1550.601432] ffffffff815080fc 0000000041b58ab3 ffffffff82e3bc80 ffffffff81431d00 [ 1550.601434] Call Trace: [ 1550.601448] [<0000000011681f42>] dump_stack+0xc1/0x120 [ 1550.601461] [<000000007c2097d2>] warn_alloc.cold+0x76/0x93 [ 1550.601470] [<00000000de19d6ac>] ? zone_watermark_ok_safe+0x260/0x260 22:11:48 executing program 4: r0 = socket$unix(0x1, 0x1, 0x0) setsockopt$sock_int(r0, 0x1, 0x10, &(0x7f0000000040)=0xb517, 0x4) bind$unix(r0, &(0x7f0000003000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0xc) listen(r0, 0x0) connect$unix(0xffffffffffffffff, &(0x7f000066fff4)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0xc) accept4$unix(r0, &(0x7f000046f000)=@abs, &(0x7f0000937000)=0x8, 0x0) [ 1550.601479] [<00000000298d54b5>] ? avc_has_perm+0x164/0x3a0 [ 1550.601489] [<000000005cb91349>] __vmalloc_node_range+0x368/0x610 [ 1550.601499] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1550.601508] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1550.601518] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1550.601528] [<00000000a2fc1867>] ? task_has_security+0x130/0x270 [ 1550.601535] [<00000000a2870fb6>] vmalloc+0x5c/0x70 [ 1550.601542] [<000000009122b07a>] ? sel_write_load+0x119/0xf60 [ 1550.601549] [<000000009122b07a>] sel_write_load+0x119/0xf60 [ 1550.601556] [<0000000014953e9a>] ? sel_read_bool+0x240/0x240 [ 1550.601565] [<0000000033795d1e>] ? trace_hardirqs_on+0x10/0x10 [ 1550.601573] [<000000008431afd9>] __vfs_write+0x116/0x560 [ 1550.601581] [<0000000014953e9a>] ? sel_read_bool+0x240/0x240 [ 1550.601588] [<00000000b67253ca>] ? __vfs_read+0x550/0x550 [ 1550.601598] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1550.601606] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1550.601615] [<00000000ad48bf15>] ? rcu_read_lock_sched_held+0x10b/0x130 [ 1550.601623] [<00000000a3300644>] ? rcu_sync_lockdep_assert+0x73/0xb0 [ 1550.601631] [<000000003542cfd2>] ? __sb_start_write+0x161/0x310 [ 1550.601639] [<000000006a657c39>] vfs_write+0x185/0x520 [ 1550.601647] [<00000000896b6640>] SyS_write+0x121/0x270 [ 1550.601654] [<0000000039622e10>] ? SyS_read+0x270/0x270 [ 1550.601663] [<00000000207ed57a>] ? do_syscall_64+0x4a/0x5c0 [ 1550.601671] [<0000000039622e10>] ? SyS_read+0x270/0x270 [ 1550.601678] [<000000009049c43c>] do_syscall_64+0x1ad/0x5c0 [ 1550.601688] [<00000000880b3aee>] entry_SYSCALL_64_after_swapgs+0x5d/0xdb [ 1550.601691] Mem-Info: [ 1550.601714] active_anon:189631 inactive_anon:39 isolated_anon:0 [ 1550.601714] active_file:12754 inactive_file:19334 isolated_file:0 [ 1550.601714] unevictable:1 dirty:195 writeback:0 unstable:0 [ 1550.601714] slab_reclaimable:8950 slab_unreclaimable:101162 [ 1550.601714] mapped:59356 shmem:56 pagetables:79842 bounce:0 [ 1550.601714] free:1129036 free_pcp:537 free_cma:0 [ 1550.601728] Node 0 active_anon:758524kB inactive_anon:156kB active_file:51016kB inactive_file:77336kB unevictable:4kB isolated(anon):0kB isolated(file):0kB mapped:237424kB dirty:780kB writeback:0kB shmem:224kB writeback_tmp:0kB unstable:0kB pages_scanned:0 all_unreclaimable? no 22:11:49 executing program 1: recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f0000000100)=@pppol2tpv3={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @local}}}, 0x80, 0x0}, 0x9}], 0x1, 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) request_key(&(0x7f0000000200)='user\x00', &(0x7f0000000040)={'syz'}, &(0x7f0000000a80), 0xfffffffffffffffd) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) r1 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r1, 0x6, 0x80000000000002, &(0x7f0000000200)=0x78, 0x4) bind$inet(r1, &(0x7f0000000100)={0x2, 0x4e23, @broadcast}, 0x10) setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, &(0x7f0000b86000)={0x200000c7, &(0x7f0000000080)=[{0x8, 0x0, 0x0, 0x7f}]}, 0x10) getsockopt$IPT_SO_GET_REVISION_TARGET(r1, 0x0, 0x43, &(0x7f0000000500)={'ah\x00'}, &(0x7f0000000540)=0x1e) sendto$inet(r1, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10) recvmsg(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000001800)=""/4096, 0x1000}], 0x1}, 0x100) setsockopt$inet_icmp_ICMP_FILTER(r1, 0x1, 0x1, &(0x7f0000000140)={0xff}, 0x4) write$binfmt_elf64(r1, &(0x7f0000001640)=ANY=[], 0xf5aab446) setsockopt$inet_mtu(r1, 0x0, 0xa, &(0x7f0000000000)=0x2, 0x4) sendto$inet(r0, 0x0, 0xffffffffffffff60, 0x0, 0x0, 0x2f95a3c3cb55ab4b) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/route\x00') preadv(r2, &(0x7f00000017c0), 0x315, 0x800000) [ 1550.601747] DMA32 free:3012768kB min:4696kB low:7712kB high:10728kB active_anon:8kB inactive_anon:0kB active_file:4kB inactive_file:0kB unevictable:0kB writepending:0kB present:3145324kB managed:3020092kB mlocked:0kB slab_reclaimable:72kB slab_unreclaimable:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:1232kB local_pcp:644kB free_cma:0kB lowmem_reserve[]: 0 3505 3505 [ 1550.601776] Normal free:1503376kB min:5580kB low:9168kB high:12756kB active_anon:758516kB inactive_anon:156kB active_file:51012kB inactive_file:77336kB unevictable:4kB writepending:780kB present:4718592kB managed:3589316kB mlocked:4kB slab_reclaimable:35728kB slab_unreclaimable:404648kB kernel_stack:101504kB pagetables:319368kB bounce:0kB free_pcp:916kB local_pcp:388kB free_cma:0kB lowmem_reserve[]: 0 0 0 [ 1550.601835] DMA32: 12*4kB (UM) 12*8kB (UME) 7*16kB (UME) 5*32kB (UME) 4*64kB (UM) 6*128kB (UME) 7*256kB (UME) 6*512kB (UME) 4*1024kB (UME) 4*2048kB (UME) 731*4096kB (UM) = 3012768kB Normal: 2*4kB (UM) 117*8kB (UME) 132*16kB (UME) 25*32kB (UME) 15*64kB (M) 7*128kB (ME) 10*256kB (UME) 6*512kB (UM) 1*1024kB (E) 2*2048kB (UM) 363*4096kB (U) = 1503312kB 32141 total pagecache pages [ 1550.601892] 0 pages in swap cache [ 1550.601897] Swap cache stats: add 0, delete 0, find 0/0 [ 1550.601899] Free swap = 0kB [ 1550.601901] Total swap = 0kB [ 1550.601903] 1965979 pages RAM [ 1550.601906] 0 pages HighMem/MovableOnly [ 1550.601908] 313627 pages reserved [ 1550.613428] syz-executor.2: vmalloc: allocation failure: 0 bytes, mode:0x24000c2(GFP_KERNEL|__GFP_HIGHMEM) [ 1550.613440] CPU: 0 PID: 30962 Comm: syz-executor.2 Not tainted 4.9.194+ #0 [ 1550.613463] ffff88013c51f968 ffffffff81b67001 1ffff100278a3f2f ffff88012fa22f80 [ 1550.613474] ffffffff82aab4e0 0000000000000001 0000000000400000 ffff88013c51fa90 [ 1550.613484] ffffffff815080fc 0000000041b58ab3 ffffffff82e3bc80 ffffffff81431d00 [ 1550.613485] Call Trace: [ 1550.613504] [<0000000011681f42>] dump_stack+0xc1/0x120 [ 1550.613519] [<000000007c2097d2>] warn_alloc.cold+0x76/0x93 [ 1550.613529] [<00000000de19d6ac>] ? zone_watermark_ok_safe+0x260/0x260 [ 1550.613537] [<00000000298d54b5>] ? avc_has_perm+0x164/0x3a0 [ 1550.613545] [<000000005cb91349>] __vmalloc_node_range+0x368/0x610 [ 1550.613553] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1550.613560] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1550.613566] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1550.613575] [<00000000a2fc1867>] ? task_has_security+0x130/0x270 [ 1550.613580] [<00000000a2870fb6>] vmalloc+0x5c/0x70 [ 1550.613586] [<000000009122b07a>] ? sel_write_load+0x119/0xf60 [ 1550.613593] [<000000009122b07a>] sel_write_load+0x119/0xf60 [ 1550.613600] [<0000000014953e9a>] ? sel_read_bool+0x240/0x240 [ 1550.613610] [<0000000033795d1e>] ? trace_hardirqs_on+0x10/0x10 [ 1550.613618] [<000000008431afd9>] __vfs_write+0x116/0x560 [ 1550.613624] [<0000000014953e9a>] ? sel_read_bool+0x240/0x240 [ 1550.613629] [<00000000b67253ca>] ? __vfs_read+0x550/0x550 [ 1550.613636] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1550.613643] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1550.613650] [<00000000ad48bf15>] ? rcu_read_lock_sched_held+0x10b/0x130 [ 1550.613656] [<00000000a3300644>] ? rcu_sync_lockdep_assert+0x73/0xb0 [ 1550.613663] [<000000003542cfd2>] ? __sb_start_write+0x161/0x310 [ 1550.613668] [<000000006a657c39>] vfs_write+0x185/0x520 [ 1550.613674] [<00000000896b6640>] SyS_write+0x121/0x270 [ 1550.613680] [<0000000039622e10>] ? SyS_read+0x270/0x270 [ 1550.613686] [<00000000207ed57a>] ? do_syscall_64+0x4a/0x5c0 [ 1550.613692] [<0000000039622e10>] ? SyS_read+0x270/0x270 [ 1550.613697] [<000000009049c43c>] do_syscall_64+0x1ad/0x5c0 [ 1550.613706] [<00000000880b3aee>] entry_SYSCALL_64_after_swapgs+0x5d/0xdb [ 1550.613708] Mem-Info: [ 1550.613735] active_anon:189631 inactive_anon:39 isolated_anon:0 [ 1550.613735] active_file:12754 inactive_file:19334 isolated_file:0 [ 1550.613735] unevictable:1 dirty:195 writeback:0 unstable:0 [ 1550.613735] slab_reclaimable:8950 slab_unreclaimable:101162 [ 1550.613735] mapped:59356 shmem:56 pagetables:79842 bounce:0 [ 1550.613735] free:1129036 free_pcp:533 free_cma:0 [ 1550.613751] Node 0 active_anon:758524kB inactive_anon:156kB active_file:51016kB inactive_file:77336kB unevictable:4kB isolated(anon):0kB isolated(file):0kB mapped:237424kB dirty:780kB writeback:0kB shmem:224kB writeback_tmp:0kB unstable:0kB pages_scanned:0 all_unreclaimable? no 22:11:50 executing program 2: r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'\x00\x00\xec\xff\x00', 0x801}) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = syz_open_dev$loop(&(0x7f00000004c0)='/dev/loop#\x00', 0x0, 0x105082) r3 = memfd_create(&(0x7f0000000080)='\xfaIhFlK\x99F\x17\x16\xa5>\xd3\xc0\x93\xb5.\xda\x06_bT\x1cB\xdb\xf8y1\xe7,\x03\x98h\x86(\xa0m\x87+x\x14i\x88\xcd\x89\x81\xfb\x86', 0x0) pwritev(r3, &(0x7f0000f50f90)=[{&(0x7f00000000c0)='S', 0x1}], 0x1, 0x4081003) ioctl$LOOP_CHANGE_FD(r2, 0x4c00, r3) prctl$PR_GET_TSC(0x19, 0x0) r4 = socket$inet_tcp(0x2, 0x1, 0x0) sendmsg$SEG6_CMD_SETHMAC(r1, &(0x7f0000000400)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f00000003c0)={&(0x7f0000000600)=ANY=[@ANYBLOB='8\x00\b\x00', @ANYRES16=0x0, @ANYBLOB="020027bd7000fbdbdf2501000000bbfd040001000000040000000800050000000000000004000000000008000000f6000000010100000800020000000000"], 0x38}}, 0x0) sendto$inet(r4, 0x0, 0x0, 0x1000000020000000, &(0x7f0000000080)={0x2, 0x4e20}, 0x10) shutdown(r4, 0x1) fallocate(r2, 0x11, 0x0, 0x100000001) r5 = syz_open_procfs(0x0, &(0x7f0000000180)='fdinfo/3\x00') preadv(r5, &(0x7f0000000000)=[{&(0x7f00000001c0)=""/246, 0xf6}], 0x1, 0x0) 22:11:50 executing program 0: r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) socket(0x0, 0x0, 0x0) r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000180)='\x00\x00\x00\x00\x00') fchown(r1, 0x0, 0x0) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0}, &(0x7f0000cab000)=0xc) chown(&(0x7f00000001c0)='./file0\x00', r2, 0x0) lstat(&(0x7f0000000100)='./file0\x00', &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) write$FUSE_ENTRY(r1, &(0x7f0000000300)={0x90, 0x0, 0x8, {0x3, 0x2, 0x2, 0x100, 0x3, 0x9, {0x0, 0x4, 0x0, 0x5, 0x1d15, 0x253, 0x5, 0x81, 0x3, 0x6, 0x4a489615, r2, r3, 0x9, 0xffff}}}, 0x90) ioprio_set$uid(0x3, r2, 0x7fff) poll(0x0, 0x0, 0x8000000000000200) r4 = socket(0x200000000000011, 0x3, 0x0) fcntl$setstatus(r4, 0x4, 0x2400) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000240)={'ip6_vti0\x00', 0x0}) bind$packet(r4, &(0x7f0000000040)={0x11, 0x0, r5, 0x1, 0x0, 0x6, @dev={[], 0x15}}, 0x14) setsockopt$SO_TIMESTAMPING(r4, 0x1, 0x25, &(0x7f00000002c0)=0x596, 0x4) sendmmsg(r4, &(0x7f0000000d00), 0x400004e, 0x0) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000300), 0x0) sendto$inet6(r0, &(0x7f0000000000)="dc23aa52871288cb14556c12fe9416997eb8060f037ec365700e8b453063fa4785c6df3731d50e48210d201f6fff7892c1a3", 0x32, 0x10000000, &(0x7f00000000c0)={0xa, 0x4e20, 0x0, @local, 0x3}, 0x1c) lstat(0x0, &(0x7f0000000140)) 22:11:50 executing program 1: recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f0000000100)=@pppol2tpv3={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @local}}}, 0x80, 0x0}, 0x9}], 0x1, 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) request_key(&(0x7f0000000200)='user\x00', &(0x7f0000000040)={'syz'}, &(0x7f0000000a80), 0xfffffffffffffffd) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) r1 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r1, 0x6, 0x80000000000002, &(0x7f0000000200)=0x78, 0x4) bind$inet(r1, &(0x7f0000000100)={0x2, 0x4e23, @broadcast}, 0x10) setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, &(0x7f0000b86000)={0x200000c7, &(0x7f0000000080)=[{0x8, 0x0, 0x0, 0x7f}]}, 0x10) getsockopt$IPT_SO_GET_REVISION_TARGET(r1, 0x0, 0x43, &(0x7f0000000500)={'ah\x00'}, &(0x7f0000000540)=0x1e) sendto$inet(r1, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10) recvmsg(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000001800)=""/4096, 0x1000}], 0x1}, 0x100) setsockopt$inet_icmp_ICMP_FILTER(r1, 0x1, 0x1, &(0x7f0000000140)={0xff}, 0x4) write$binfmt_elf64(r1, &(0x7f0000001640)=ANY=[], 0xf5aab446) setsockopt$inet_mtu(r1, 0x0, 0xa, &(0x7f0000000000)=0x2, 0x4) sendto$inet(r0, 0x0, 0xffffffffffffff60, 0x0, 0x0, 0x2f95a3c3cb55ab4b) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/route\x00') preadv(r2, &(0x7f00000017c0), 0x315, 0x800000) 22:11:50 executing program 4: r0 = socket$unix(0x1, 0x1, 0x0) setsockopt$sock_int(r0, 0x1, 0x10, &(0x7f0000000040)=0xb517, 0x4) bind$unix(r0, &(0x7f0000003000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0xc) listen(r0, 0x0) connect$unix(0xffffffffffffffff, &(0x7f000066fff4)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0xc) accept4$unix(r0, &(0x7f000046f000)=@abs, &(0x7f0000937000)=0x8, 0x0) [ 1550.613766] DMA32 free:3012768kB min:4696kB low:7712kB high:10728kB active_anon:8kB inactive_anon:0kB active_file:4kB inactive_file:0kB unevictable:0kB writepending:0kB present:3145324kB managed:3020092kB mlocked:0kB slab_reclaimable:72kB slab_unreclaimable:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:1232kB local_pcp:588kB free_cma:0kB lowmem_reserve[]: 0 3505 3505 [ 1550.613787] Normal free:1503376kB min:5580kB low:9168kB high:12756kB active_anon:758516kB inactive_anon:156kB active_file:51012kB inactive_file:77336kB unevictable:4kB writepending:780kB present:4718592kB managed:3589316kB mlocked:4kB slab_reclaimable:35728kB slab_unreclaimable:404648kB kernel_stack:101440kB pagetables:319368kB bounce:0kB free_pcp:900kB local_pcp:512kB free_cma:0kB lowmem_reserve[]: 0 0 0 [ 1550.613831] DMA32: 12*4kB (UM) 12*8kB (UME) 7*16kB (UME) 5*32kB (UME) 4*64kB (UM) 6*128kB (UME) 7*256kB (UME) 6*512kB (UME) 4*1024kB (UME) 4*2048kB (UME) 731*4096kB (UM) = 3012768kB Normal: 2*4kB (UM) 117*8kB (UME) 132*16kB (UME) 24*32kB (UME) 15*64kB (M) 7*128kB (ME) 10*256kB (UME) 6*512kB (UM) 1*1024kB (E) 2*2048kB (UM) 363*4096kB (U) = 1503280kB 32141 total pagecache pages [ 1550.613873] 0 pages in swap cache [ 1550.613876] Swap cache stats: add 0, delete 0, find 0/0 [ 1550.613878] Free swap = 0kB [ 1550.613879] Total swap = 0kB [ 1550.613881] 1965979 pages RAM [ 1550.613883] 0 pages HighMem/MovableOnly [ 1550.613884] 313627 pages reserved [ 1550.824051] syz-executor.1: vmalloc: allocation failure: 0 bytes, mode:0x24000c2(GFP_KERNEL|__GFP_HIGHMEM) 22:11:50 executing program 1: recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f0000000100)=@pppol2tpv3={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @local}}}, 0x80, 0x0}, 0x9}], 0x1, 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) request_key(&(0x7f0000000200)='user\x00', &(0x7f0000000040)={'syz'}, &(0x7f0000000a80), 0xfffffffffffffffd) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) r1 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r1, 0x6, 0x80000000000002, &(0x7f0000000200)=0x78, 0x4) bind$inet(r1, &(0x7f0000000100)={0x2, 0x4e23, @broadcast}, 0x10) setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, &(0x7f0000b86000)={0x200000c7, &(0x7f0000000080)=[{0x8, 0x0, 0x0, 0x7f}]}, 0x10) getsockopt$IPT_SO_GET_REVISION_TARGET(r1, 0x0, 0x43, &(0x7f0000000500)={'ah\x00'}, &(0x7f0000000540)=0x1e) sendto$inet(r1, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10) recvmsg(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000001800)=""/4096, 0x1000}], 0x1}, 0x100) setsockopt$inet_icmp_ICMP_FILTER(r1, 0x1, 0x1, &(0x7f0000000140)={0xff}, 0x4) write$binfmt_elf64(r1, &(0x7f0000001640)=ANY=[], 0xf5aab446) setsockopt$inet_mtu(r1, 0x0, 0xa, &(0x7f0000000000)=0x2, 0x4) sendto$inet(r0, 0x0, 0xffffffffffffff60, 0x0, 0x0, 0x2f95a3c3cb55ab4b) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/route\x00') preadv(r2, &(0x7f00000017c0), 0x315, 0x800000) [ 1550.824074] CPU: 0 PID: 30970 Comm: syz-executor.1 Not tainted 4.9.194+ #0 [ 1550.824090] ffff88012b66f968 ffffffff81b67001 1ffff100256cdf2f ffff880133988000 [ 1550.824102] ffffffff82aab4e0 0000000000000001 0000000000400000 ffff88012b66fa90 [ 1550.824114] ffffffff815080fc 0000000041b58ab3 ffffffff82e3bc80 ffffffff81431d00 [ 1550.824115] Call Trace: [ 1550.824133] [<0000000011681f42>] dump_stack+0xc1/0x120 [ 1550.824148] [<000000007c2097d2>] warn_alloc.cold+0x76/0x93 [ 1550.824159] [<00000000de19d6ac>] ? zone_watermark_ok_safe+0x260/0x260 [ 1550.824168] [<00000000298d54b5>] ? avc_has_perm+0x164/0x3a0 [ 1550.824178] [<000000005cb91349>] __vmalloc_node_range+0x368/0x610 [ 1550.824187] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1550.824196] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1550.824204] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1550.824214] [<00000000a2fc1867>] ? task_has_security+0x130/0x270 [ 1550.824221] [<00000000a2870fb6>] vmalloc+0x5c/0x70 [ 1550.824228] [<000000009122b07a>] ? sel_write_load+0x119/0xf60 [ 1550.824234] [<000000009122b07a>] sel_write_load+0x119/0xf60 [ 1550.824241] [<0000000014953e9a>] ? sel_read_bool+0x240/0x240 [ 1550.824249] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1550.824258] [<00000000b9229046>] ? retint_kernel+0x2d/0x2d [ 1550.824267] [<000000007028393f>] ? mark_held_locks+0xb1/0x100 [ 1550.824275] [<000000008431afd9>] __vfs_write+0x116/0x560 [ 1550.824282] [<0000000014953e9a>] ? sel_read_bool+0x240/0x240 [ 1550.824288] [<00000000b67253ca>] ? __vfs_read+0x550/0x550 [ 1550.824296] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1550.824305] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1550.824312] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1550.824321] [<00000000ad48bf15>] ? rcu_read_lock_sched_held+0x10b/0x130 [ 1550.824329] [<00000000a3300644>] ? rcu_sync_lockdep_assert+0x73/0xb0 [ 1550.824337] [<000000003542cfd2>] ? __sb_start_write+0x161/0x310 [ 1550.824344] [<000000006a657c39>] vfs_write+0x185/0x520 [ 1550.824351] [<00000000896b6640>] SyS_write+0x121/0x270 [ 1550.824357] [<0000000039622e10>] ? SyS_read+0x270/0x270 [ 1550.824365] [<00000000207ed57a>] ? do_syscall_64+0x4a/0x5c0 [ 1550.824371] [<0000000039622e10>] ? SyS_read+0x270/0x270 [ 1550.824378] [<000000009049c43c>] do_syscall_64+0x1ad/0x5c0 [ 1550.824386] [<00000000880b3aee>] entry_SYSCALL_64_after_swapgs+0x5d/0xdb [ 1550.824428] Mem-Info: [ 1550.824458] active_anon:189666 inactive_anon:40 isolated_anon:0 [ 1550.824458] active_file:12758 inactive_file:19334 isolated_file:0 [ 1550.824458] unevictable:1 dirty:199 writeback:0 unstable:0 [ 1550.824458] slab_reclaimable:8950 slab_unreclaimable:101211 [ 1550.824458] mapped:59368 shmem:56 pagetables:79883 bounce:0 [ 1550.824458] free:1128942 free_pcp:492 free_cma:0 [ 1550.824490] Node 0 active_anon:758664kB inactive_anon:160kB active_file:51032kB inactive_file:77336kB unevictable:4kB isolated(anon):0kB isolated(file):0kB mapped:237472kB dirty:796kB writeback:0kB shmem:224kB writeback_tmp:0kB unstable:0kB pages_scanned:0 all_unreclaimable? no [ 1550.824521] DMA32 free:3012768kB min:4696kB low:7712kB high:10728kB active_anon:8kB inactive_anon:0kB active_file:4kB inactive_file:0kB unevictable:0kB writepending:0kB present:3145324kB managed:3020092kB mlocked:0kB slab_reclaimable:72kB slab_unreclaimable:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:1232kB local_pcp:588kB free_cma:0kB lowmem_reserve[]: 0 3505 3505 [ 1550.824602] Normal free:1503000kB min:5580kB low:9168kB high:12756kB active_anon:758656kB inactive_anon:160kB active_file:51028kB inactive_file:77336kB unevictable:4kB writepending:796kB present:4718592kB managed:3589316kB mlocked:4kB slab_reclaimable:35728kB slab_unreclaimable:404844kB kernel_stack:101408kB pagetables:319532kB bounce:0kB free_pcp:736kB local_pcp:512kB free_cma:0kB lowmem_reserve[]: 0 0 0 [ 1550.829175] DMA32: 12*4kB (UM) 12*8kB (UME) 7*16kB (UME) 5*32kB (UME) 4*64kB (UM) 6*128kB (UME) 7*256kB (UME) 6*512kB (UME) 4*1024kB (UME) 4*2048kB (UME) 731*4096kB (UM) = 3012768kB Normal: 0*4kB 101*8kB (ME) 131*16kB (ME) 24*32kB (UME) 16*64kB (UM) 7*128kB (ME) 9*256kB (ME) 6*512kB (UM) 1*1024kB (E) 2*2048kB (UM) 363*4096kB (U) = 1502936kB 32145 total pagecache pages [ 1550.829423] 0 pages in swap cache [ 1550.829437] Swap cache stats: add 0, delete 0, find 0/0 [ 1550.829462] Free swap = 0kB [ 1550.829474] Total swap = 0kB [ 1550.829477] 1965979 pages RAM [ 1550.829483] 0 pages HighMem/MovableOnly [ 1550.829495] 313627 pages reserved [ 1551.355492] warn_alloc: 1 callbacks suppressed [ 1551.355553] syz-executor.2: vmalloc: allocation failure: 0 bytes, mode:0x24000c2(GFP_KERNEL|__GFP_HIGHMEM) [ 1551.355576] CPU: 1 PID: 30984 Comm: syz-executor.2 Not tainted 4.9.194+ #0 [ 1551.355594] ffff88012d16f968 ffffffff81b67001 1ffff10025a2df2f ffff8801338e5f00 [ 1551.355606] ffffffff82aab4e0 0000000000000001 0000000000400000 ffff88012d16fa90 [ 1551.355618] ffffffff815080fc 0000000041b58ab3 ffffffff82e3bc80 ffffffff81431d00 [ 1551.355619] Call Trace: [ 1551.355646] [<0000000011681f42>] dump_stack+0xc1/0x120 [ 1551.355662] [<000000007c2097d2>] warn_alloc.cold+0x76/0x93 [ 1551.355674] [<00000000de19d6ac>] ? zone_watermark_ok_safe+0x260/0x260 [ 1551.355686] [<00000000298d54b5>] ? avc_has_perm+0x164/0x3a0 [ 1551.355695] [<000000005cb91349>] __vmalloc_node_range+0x368/0x610 [ 1551.355705] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1551.355715] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1551.355724] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1551.355735] [<00000000a2fc1867>] ? task_has_security+0x130/0x270 [ 1551.355742] [<00000000a2870fb6>] vmalloc+0x5c/0x70 [ 1551.355750] [<000000009122b07a>] ? sel_write_load+0x119/0xf60 [ 1551.355757] [<000000009122b07a>] sel_write_load+0x119/0xf60 [ 1551.355765] [<0000000014953e9a>] ? sel_read_bool+0x240/0x240 [ 1551.355776] [<00000000b9229046>] ? retint_kernel+0x2d/0x2d [ 1551.355785] [<0000000033795d1e>] ? trace_hardirqs_on+0x10/0x10 [ 1551.355793] [<000000008431afd9>] __vfs_write+0x116/0x560 [ 1551.355799] [<0000000014953e9a>] ? sel_read_bool+0x240/0x240 [ 1551.355805] [<00000000b67253ca>] ? __vfs_read+0x550/0x550 [ 1551.355814] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1551.355823] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1551.355833] [<00000000ad48bf15>] ? rcu_read_lock_sched_held+0x10b/0x130 [ 1551.355842] [<00000000a3300644>] ? rcu_sync_lockdep_assert+0x73/0xb0 [ 1551.355851] [<000000003542cfd2>] ? __sb_start_write+0x161/0x310 [ 1551.355859] [<000000006a657c39>] vfs_write+0x185/0x520 [ 1551.355866] [<00000000896b6640>] SyS_write+0x121/0x270 [ 1551.355874] [<0000000039622e10>] ? SyS_read+0x270/0x270 [ 1551.355882] [<00000000207ed57a>] ? do_syscall_64+0x4a/0x5c0 [ 1551.355889] [<0000000039622e10>] ? SyS_read+0x270/0x270 [ 1551.355896] [<000000009049c43c>] do_syscall_64+0x1ad/0x5c0 [ 1551.355904] [<00000000880b3aee>] entry_SYSCALL_64_after_swapgs+0x5d/0xdb [ 1551.355941] Mem-Info: [ 1551.355973] active_anon:189726 inactive_anon:40 isolated_anon:0 [ 1551.355973] active_file:12758 inactive_file:19334 isolated_file:0 [ 1551.355973] unevictable:1 dirty:199 writeback:0 unstable:0 [ 1551.355973] slab_reclaimable:8950 slab_unreclaimable:101211 [ 1551.355973] mapped:59368 shmem:56 pagetables:79957 bounce:0 [ 1551.355973] free:1128781 free_pcp:489 free_cma:0 [ 1551.356002] Node 0 active_anon:758904kB inactive_anon:160kB active_file:51032kB inactive_file:77336kB unevictable:4kB isolated(anon):0kB isolated(file):0kB mapped:237572kB dirty:796kB writeback:0kB shmem:224kB writeback_tmp:0kB unstable:0kB pages_scanned:0 all_unreclaimable? no [ 1551.356035] DMA32 free:3012768kB min:4696kB low:7712kB high:10728kB active_anon:8kB inactive_anon:0kB active_file:4kB inactive_file:0kB unevictable:0kB writepending:0kB present:3145324kB managed:3020092kB mlocked:0kB slab_reclaimable:72kB slab_unreclaimable:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:1232kB local_pcp:644kB free_cma:0kB lowmem_reserve[]: 0 3505 3505 [ 1551.356125] Normal free:1502356kB min:5580kB low:9168kB high:12756kB active_anon:758896kB inactive_anon:160kB active_file:51028kB inactive_file:77336kB unevictable:4kB writepending:796kB present:4718592kB managed:3589316kB mlocked:4kB slab_reclaimable:35728kB slab_unreclaimable:404844kB kernel_stack:101504kB pagetables:319828kB bounce:0kB free_pcp:716kB local_pcp:352kB free_cma:0kB lowmem_reserve[]: 0 0 0 [ 1551.360176] DMA32: 12*4kB (UM) 12*8kB (UME) 7*16kB (UME) 5*32kB (UME) 4*64kB (UM) 6*128kB (UME) 7*256kB (UME) 6*512kB (UME) 4*1024kB (UME) 4*2048kB (UME) 731*4096kB (UM) = 3012768kB Normal: 1*4kB (U) 59*8kB (M) 135*16kB (UME) 25*32kB (UME) 16*64kB (UM) 8*128kB (UME) 9*256kB (ME) 5*512kB (M) 1*1024kB (E) 2*2048kB (UM) 363*4096kB (U) = 1502316kB 32145 total pagecache pages [ 1551.360525] 0 pages in swap cache [ 1551.360544] Swap cache stats: add 0, delete 0, find 0/0 [ 1551.360566] Free swap = 0kB [ 1551.360578] Total swap = 0kB [ 1551.360586] 1965979 pages RAM [ 1551.360599] 0 pages HighMem/MovableOnly [ 1551.360605] 313627 pages reserved [ 1551.718123] syz-executor.2: vmalloc: allocation failure: 0 bytes, mode:0x24000c2(GFP_KERNEL|__GFP_HIGHMEM) [ 1551.718152] CPU: 0 PID: 31003 Comm: syz-executor.2 Not tainted 4.9.194+ #0 [ 1551.718169] ffff88012d16f968 ffffffff81b67001 1ffff10025a2df2f ffff8801258c5f00 [ 1551.718182] ffffffff82aab4e0 0000000000000001 0000000000400000 ffff88012d16fa90 [ 1551.718195] ffffffff815080fc 0000000041b58ab3 ffffffff82e3bc80 ffffffff81431d00 [ 1551.718197] Call Trace: [ 1551.718215] [<0000000011681f42>] dump_stack+0xc1/0x120 [ 1551.718232] [<000000007c2097d2>] warn_alloc.cold+0x76/0x93 [ 1551.718244] [<00000000de19d6ac>] ? zone_watermark_ok_safe+0x260/0x260 [ 1551.718257] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1551.718267] [<000000005cb91349>] __vmalloc_node_range+0x368/0x610 [ 1551.718279] [<00000000a2fc1867>] ? task_has_security+0x130/0x270 [ 1551.718286] [<00000000a2870fb6>] vmalloc+0x5c/0x70 [ 1551.718293] [<000000009122b07a>] ? sel_write_load+0x119/0xf60 [ 1551.718300] [<000000009122b07a>] sel_write_load+0x119/0xf60 [ 1551.718307] [<0000000014953e9a>] ? sel_read_bool+0x240/0x240 [ 1551.718316] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1551.718325] [<00000000b9229046>] ? retint_kernel+0x2d/0x2d [ 1551.718335] [<0000000033795d1e>] ? trace_hardirqs_on+0x10/0x10 [ 1551.718343] [<000000008431afd9>] __vfs_write+0x116/0x560 [ 1551.718350] [<0000000014953e9a>] ? sel_read_bool+0x240/0x240 [ 1551.718357] [<00000000b67253ca>] ? __vfs_read+0x550/0x550 [ 1551.718366] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1551.718375] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1551.718385] [<00000000ad48bf15>] ? rcu_read_lock_sched_held+0x10b/0x130 [ 1551.718393] [<00000000a3300644>] ? rcu_sync_lockdep_assert+0x73/0xb0 [ 1551.718401] [<000000003542cfd2>] ? __sb_start_write+0x161/0x310 [ 1551.718408] [<000000006a657c39>] vfs_write+0x185/0x520 [ 1551.718416] [<00000000896b6640>] SyS_write+0x121/0x270 22:11:52 executing program 3: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x448, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x13102000ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket(0x5, 0xa, 0x8) poll(0x0, 0x0, 0x8000000000000200) socketpair(0x10, 0x0, 0xfe, &(0x7f0000000180)) fcntl$setown(0xffffffffffffffff, 0x8, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$TIOCLINUX4(r1, 0x541c, &(0x7f0000000040)) dup2(r0, 0xffffffffffffffff) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r3, &(0x7f0000000300)=ANY=[@ANYBLOB="2422cdb3dbc96a0d7dab17ee1da68e97a75c2d1a34e7ee02004c4ac61b6783adf4b78165e6c18fe6e6e9de0eb40ab9b6372acb8457a07f40768a79fdc462e6b4a93479179acce26e9a881ad88e9bda56bc45b955bd137eb6a10faae485df2055d290b5f5949c6c1ef54dacde51e41b3b831d091296afdcea0a3f90167c64236701a6a66a7585617a81295c82c330caf32cb6b5240766739a217b22cf41bbab5aeb327feb5109ed16a6ddd2009b475825c0dd02dbec6e612072ce7fd70ed9305446a8b45b7a9ff355b3cff9707fe8ba6b03c1d1269b59308a"], 0x1) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x21) wait4(0x0, 0x0, 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x10000, 0x0, 0x15}) syz_open_pts(r0, 0x0) stat(&(0x7f0000000140)='./file0\x00', 0x0) getxattr(&(0x7f0000000240)='./file0\x00', &(0x7f0000000280)=@known='com.apple.system.Security\x00', &(0x7f00000002c0)=""/41, 0x29) accept$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @initdev}, &(0x7f00000001c0)=0x10) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0xf, &(0x7f00009abffc)=0x5, 0x4) r4 = socket(0xa, 0x2, 0x0) getsockopt$sock_cred(r4, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xa) fcntl$getownex(r4, 0x10, &(0x7f0000000500)) openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000540)='/dev/vga_arbiter\x00', 0x511441, 0x0) 22:11:52 executing program 2: recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f0000000100)=@pppol2tpv3={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @local}}}, 0x80, 0x0}}], 0x1, 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x2cf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) request_key(&(0x7f0000000200)='user\x00', &(0x7f0000000040)={'syz'}, &(0x7f0000000a80), 0xfffffffffffffffd) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) sendto$inet(r0, 0x0, 0xffffffffffffff60, 0x0, 0x0, 0x2f95a3c3cb55ab4b) lsetxattr$security_evm(&(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='security.evm\x00', &(0x7f0000000180)=@md5={0x1, "febb3a82ae4744350376b166dd7ecd58"}, 0x11, 0x2) r1 = openat$selinux_avc_hash_stats(0xffffffffffffff9c, &(0x7f00000001c0)='/selinux/avc/hash_stats\x00', 0x0, 0x0) ioctl$VT_GETSTATE(r1, 0x5603, &(0x7f0000000240)={0x80, 0x9, 0x9}) ioctl$BLKTRACETEARDOWN(0xffffffffffffffff, 0x1276, 0x0) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/route\x00') arch_prctl$ARCH_MAP_VDSO_64(0x2003, 0x100) preadv(r2, &(0x7f00000017c0), 0x315, 0x800000) 22:11:52 executing program 0: r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) socket(0x0, 0x0, 0x0) r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000180)='\x00\x00\x00\x00\x00') fchown(r1, 0x0, 0x0) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0}, &(0x7f0000cab000)=0xc) chown(&(0x7f00000001c0)='./file0\x00', r2, 0x0) lstat(&(0x7f0000000100)='./file0\x00', &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) write$FUSE_ENTRY(r1, &(0x7f0000000300)={0x90, 0x0, 0x8, {0x3, 0x2, 0x2, 0x100, 0x3, 0x9, {0x0, 0x4, 0x0, 0x5, 0x1d15, 0x253, 0x5, 0x81, 0x3, 0x6, 0x4a489615, r2, r3, 0x9, 0xffff}}}, 0x90) ioprio_set$uid(0x3, r2, 0x7fff) poll(0x0, 0x0, 0x8000000000000200) r4 = socket(0x200000000000011, 0x3, 0x0) fcntl$setstatus(r4, 0x4, 0x2400) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000240)={'ip6_vti0\x00', 0x0}) bind$packet(r4, &(0x7f0000000040)={0x11, 0x0, r5, 0x1, 0x0, 0x6, @dev={[], 0x15}}, 0x14) setsockopt$SO_TIMESTAMPING(r4, 0x1, 0x25, &(0x7f00000002c0)=0x596, 0x4) sendmmsg(r4, &(0x7f0000000d00), 0x400004e, 0x0) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000300), 0x0) sendto$inet6(r0, &(0x7f0000000000)="dc23aa52871288cb14556c12fe9416997eb8060f037ec365700e8b453063fa4785c6df3731d50e48210d201f6fff7892c1a3", 0x32, 0x10000000, &(0x7f00000000c0)={0xa, 0x4e20, 0x0, @local, 0x3}, 0x1c) lstat(0x0, &(0x7f0000000140)) 22:11:52 executing program 4: r0 = socket$unix(0x1, 0x1, 0x0) setsockopt$sock_int(r0, 0x1, 0x10, &(0x7f0000000040)=0xb517, 0x4) bind$unix(r0, &(0x7f0000003000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0xc) listen(r0, 0x0) connect$unix(0xffffffffffffffff, &(0x7f000066fff4)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0xc) accept4$unix(r0, &(0x7f000046f000)=@abs, &(0x7f0000937000)=0x8, 0x0) 22:11:52 executing program 1: recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f0000000100)=@pppol2tpv3={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @local}}}, 0x80, 0x0}}], 0x1, 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) request_key(&(0x7f0000000200)='user\x00', &(0x7f0000000040)={'syz'}, &(0x7f0000000a80), 0xfffffffffffffffd) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) getsockopt$IPT_SO_GET_REVISION_TARGET(r2, 0x0, 0x43, &(0x7f0000000080)={'ah\x00'}, &(0x7f00000000c0)=0x1e) setsockopt$inet6_MCAST_LEAVE_GROUP(r2, 0x29, 0x2d, &(0x7f0000000240)={0x7, {{0xa, 0x4e22, 0x1, @initdev={0xfe, 0x88, [], 0x1, 0x0}, 0x2}}}, 0x88) sendto$inet(r0, 0x0, 0xffffffffffffff60, 0x0, 0x0, 0x2f95a3c3cb55ab4b) r3 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/route\x00') preadv(r3, &(0x7f00000017c0), 0x315, 0x800000) 22:11:52 executing program 5: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x448, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x13102000ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket(0x5, 0xa, 0x8) poll(0x0, 0x0, 0x8000000000000200) socketpair(0x10, 0x0, 0xfe, &(0x7f0000000180)) fcntl$setown(0xffffffffffffffff, 0x8, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$TIOCLINUX4(r1, 0x541c, &(0x7f0000000040)) dup2(r0, 0xffffffffffffffff) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r3, &(0x7f0000000300)=ANY=[@ANYBLOB="2422cdb3dbc96a0d7dab17ee1da68e97a75c2d1a34e7ee02004c4ac61b6783adf4b78165e6c18fe6e6e9de0eb40ab9b6372acb8457a07f40768a79fdc462e6b4a93479179acce26e9a881ad88e9bda56bc45b955bd137eb6a10faae485df2055d290b5f5949c6c1ef54dacde51e41b3b831d091296afdcea0a3f90167c64236701a6a66a7585617a81295c82c330caf32cb6b5240766739a217b22cf41bbab5aeb327feb5109ed16a6ddd2009b475825c0dd02dbec6e612072ce7fd70ed9305446a8b45b7a9ff355b3cff9707fe8ba6b03c1d1269b59308a"], 0x1) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x21) wait4(0x0, 0x0, 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x10000, 0x0, 0x15}) syz_open_pts(r0, 0x0) stat(&(0x7f0000000140)='./file0\x00', 0x0) getxattr(&(0x7f0000000240)='./file0\x00', &(0x7f0000000280)=@known='com.apple.system.Security\x00', &(0x7f00000002c0)=""/41, 0x29) accept$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @initdev}, &(0x7f00000001c0)=0x10) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) bind$inet(0xffffffffffffffff, &(0x7f0000000080)={0x2, 0x4e22, @empty}, 0x10) r4 = socket(0xa, 0x2, 0x0) getsockopt$sock_cred(r4, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xa) fcntl$getownex(r4, 0x10, &(0x7f0000000500)) openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000540)='/dev/vga_arbiter\x00', 0x511441, 0x0) [ 1551.718424] [<0000000039622e10>] ? SyS_read+0x270/0x270 [ 1551.718431] [<0000000039622e10>] ? SyS_read+0x270/0x270 22:11:52 executing program 2: recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f0000000100)=@pppol2tpv3={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @local}}}, 0x80, 0x0}}], 0x1, 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x2cf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) request_key(&(0x7f0000000200)='user\x00', &(0x7f0000000040)={'syz'}, &(0x7f0000000a80), 0xfffffffffffffffd) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) sendto$inet(r0, 0x0, 0xffffffffffffff60, 0x0, 0x0, 0x2f95a3c3cb55ab4b) lsetxattr$security_evm(&(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='security.evm\x00', &(0x7f0000000180)=@md5={0x1, "febb3a82ae4744350376b166dd7ecd58"}, 0x11, 0x2) r1 = openat$selinux_avc_hash_stats(0xffffffffffffff9c, &(0x7f00000001c0)='/selinux/avc/hash_stats\x00', 0x0, 0x0) ioctl$VT_GETSTATE(r1, 0x5603, &(0x7f0000000240)={0x80, 0x9, 0x9}) ioctl$BLKTRACETEARDOWN(0xffffffffffffffff, 0x1276, 0x0) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/route\x00') arch_prctl$ARCH_MAP_VDSO_64(0x2003, 0x100) preadv(r2, &(0x7f00000017c0), 0x315, 0x800000) [ 1551.718440] [<000000009049c43c>] do_syscall_64+0x1ad/0x5c0 [ 1551.718448] [<00000000880b3aee>] entry_SYSCALL_64_after_swapgs+0x5d/0xdb [ 1551.718463] Mem-Info: [ 1551.718506] active_anon:189775 inactive_anon:40 isolated_anon:0 [ 1551.718506] active_file:12758 inactive_file:19334 isolated_file:0 [ 1551.718506] unevictable:1 dirty:200 writeback:0 unstable:0 [ 1551.718506] slab_reclaimable:8950 slab_unreclaimable:101159 [ 1551.718506] mapped:59400 shmem:56 pagetables:80016 bounce:0 [ 1551.718506] free:1128733 free_pcp:412 free_cma:0 [ 1551.718542] Node 0 active_anon:759100kB inactive_anon:160kB active_file:51032kB inactive_file:77336kB unevictable:4kB isolated(anon):0kB isolated(file):0kB mapped:237600kB dirty:800kB writeback:0kB shmem:224kB writeback_tmp:0kB unstable:0kB pages_scanned:0 all_unreclaimable? no 22:11:52 executing program 1: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x448, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x13102000ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket(0x5, 0xa, 0x8) poll(0x0, 0x0, 0x8000000000000200) socketpair(0x10, 0x0, 0xfe, &(0x7f0000000180)) fcntl$setown(0xffffffffffffffff, 0x8, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$TIOCLINUX4(r1, 0x541c, &(0x7f0000000040)) dup2(r0, 0xffffffffffffffff) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r3, &(0x7f0000000300)=ANY=[@ANYBLOB="2422cdb3dbc96a0d7dab17ee1da68e97a75c2d1a34e7ee02004c4ac61b6783adf4b78165e6c18fe6e6e9de0eb40ab9b6372acb8457a07f40768a79fdc462e6b4a93479179acce26e9a881ad88e9bda56bc45b955bd137eb6a10faae485df2055d290b5f5949c6c1ef54dacde51e41b3b831d091296afdcea0a3f90167c64236701a6a66a7585617a81295c82c330caf32cb6b5240766739a217b22cf41bbab5aeb327feb5109ed16a6ddd2009b475825c0dd02dbec6e612072ce7fd70ed9305446a8b45b7a9ff355b3cff9707fe8ba6b03c1d1269b59308a"], 0x1) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x21) wait4(0x0, 0x0, 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x10000, 0x0, 0x15}) syz_open_pts(r0, 0x0) stat(&(0x7f0000000140)='./file0\x00', 0x0) getxattr(&(0x7f0000000240)='./file0\x00', &(0x7f0000000280)=@known='com.apple.system.Security\x00', &(0x7f00000002c0)=""/41, 0x29) accept$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @initdev}, &(0x7f00000001c0)=0x10) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) bind$inet(0xffffffffffffffff, &(0x7f0000000080)={0x2, 0x4e22, @empty}, 0x10) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0xf, &(0x7f00009abffc)=0x5, 0x4) socket(0xa, 0x2, 0x0) openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000540)='/dev/vga_arbiter\x00', 0x511441, 0x0) 22:11:52 executing program 2: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x448, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x13102000ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket(0x5, 0xa, 0x8) poll(0x0, 0x0, 0x8000000000000200) socketpair(0x10, 0x0, 0xfe, &(0x7f0000000180)) fcntl$setown(0xffffffffffffffff, 0x8, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$TIOCLINUX4(r1, 0x541c, &(0x7f0000000040)) dup2(r0, 0xffffffffffffffff) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r3, &(0x7f0000000300)=ANY=[@ANYBLOB="2422cdb3dbc96a0d7dab17ee1da68e97a75c2d1a34e7ee02004c4ac61b6783adf4b78165e6c18fe6e6e9de0eb40ab9b6372acb8457a07f40768a79fdc462e6b4a93479179acce26e9a881ad88e9bda56bc45b955bd137eb6a10faae485df2055d290b5f5949c6c1ef54dacde51e41b3b831d091296afdcea0a3f90167c64236701a6a66a7585617a81295c82c330caf32cb6b5240766739a217b22cf41bbab5aeb327feb5109ed16a6ddd2009b475825c0dd02dbec6e612072ce7fd70ed9305446a8b45b7a9ff355b3cff9707fe8ba6b03c1d1269b59308a"], 0x1) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x21) wait4(0x0, 0x0, 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x10000, 0x0, 0x15}) syz_open_pts(r0, 0x0) stat(&(0x7f0000000140)='./file0\x00', 0x0) getxattr(&(0x7f0000000240)='./file0\x00', &(0x7f0000000280)=@known='com.apple.system.Security\x00', &(0x7f00000002c0)=""/41, 0x29) accept$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @initdev}, &(0x7f00000001c0)=0x10) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) bind$inet(0xffffffffffffffff, &(0x7f0000000080)={0x2, 0x4e22, @empty}, 0x10) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0xf, &(0x7f00009abffc)=0x5, 0x4) socket(0xa, 0x2, 0x0) openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000540)='/dev/vga_arbiter\x00', 0x511441, 0x0) [ 1551.718574] DMA32 free:3012768kB min:4696kB low:7712kB high:10728kB active_anon:8kB inactive_anon:0kB active_file:4kB inactive_file:0kB unevictable:0kB writepending:0kB present:3145324kB managed:3020092kB mlocked:0kB slab_reclaimable:72kB slab_unreclaimable:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:1232kB local_pcp:588kB free_cma:0kB 22:11:52 executing program 3: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x448, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x13102000ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket(0x5, 0xa, 0x8) poll(0x0, 0x0, 0x8000000000000200) socketpair(0x10, 0x0, 0xfe, &(0x7f0000000180)) fcntl$setown(0xffffffffffffffff, 0x8, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$TIOCLINUX4(r1, 0x541c, &(0x7f0000000040)) dup2(r0, 0xffffffffffffffff) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = gettid() clone(0x3fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) write$selinux_load(r3, &(0x7f0000000300)=ANY=[@ANYBLOB="2422cdb3dbc96a0d7dab17ee1da68e97a75c2d1a34e7ee02004c4ac61b6783adf4b78165e6c18fe6e6e9de0eb40ab9b6372acb8457a07f40768a79fdc462e6b4a93479179acce26e9a881ad88e9bda56bc45b955bd137eb6a10faae485df2055d290b5f5949c6c1ef54dacde51e41b3b831d091296afdcea0a3f90167c64236701a6a66a7585617a81295c82c330caf32cb6b5240766739a217b22cf41bbab5aeb327feb5109ed16a6ddd2009b475825c0dd02dbec6e612072ce7fd70ed9305446a8b45b7a9ff355b3cff9707fe8ba6b03c1d1269b59308a"], 0x1) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x21) wait4(0x0, 0x0, 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x10000, 0x0, 0x15}) syz_open_pts(r0, 0x0) stat(&(0x7f0000000140)='./file0\x00', 0x0) getxattr(&(0x7f0000000240)='./file0\x00', &(0x7f0000000280)=@known='com.apple.system.Security\x00', &(0x7f00000002c0)=""/41, 0x29) accept$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @initdev}, &(0x7f00000001c0)=0x10) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) bind$inet(0xffffffffffffffff, &(0x7f0000000080)={0x2, 0x4e22, @empty}, 0x10) r4 = socket(0xa, 0x2, 0x0) getsockopt$sock_cred(r4, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xa) fcntl$getownex(r4, 0x10, &(0x7f0000000500)) openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000540)='/dev/vga_arbiter\x00', 0x511441, 0x0) lowmem_reserve[]: 0 3505 3505 22:11:52 executing program 4: r0 = socket$unix(0x1, 0x0, 0x0) r1 = socket$unix(0x1, 0x1, 0x0) setsockopt$sock_int(r1, 0x1, 0x10, &(0x7f0000000040)=0xb517, 0x4) bind$unix(r1, &(0x7f0000003000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0xc) listen(r1, 0x0) connect$unix(r0, &(0x7f000066fff4)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0xc) accept4$unix(r1, &(0x7f000046f000)=@abs, &(0x7f0000937000)=0x8, 0x0) [ 1551.718663] Normal free:1502164kB min:5580kB low:9168kB high:12756kB active_anon:759092kB inactive_anon:160kB active_file:51028kB inactive_file:77336kB unevictable:4kB writepending:800kB present:4718592kB managed:3589316kB mlocked:4kB slab_reclaimable:35728kB slab_unreclaimable:404636kB kernel_stack:101568kB pagetables:320064kB bounce:0kB free_pcp:416kB local_pcp:400kB free_cma:0kB 22:11:53 executing program 0: r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) socket(0x0, 0x0, 0x0) r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000180)='\x00\x00\x00\x00\x00') fchown(r1, 0x0, 0x0) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0}, &(0x7f0000cab000)=0xc) chown(&(0x7f00000001c0)='./file0\x00', r2, 0x0) lstat(&(0x7f0000000100)='./file0\x00', &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) write$FUSE_ENTRY(r1, &(0x7f0000000300)={0x90, 0x0, 0x8, {0x3, 0x2, 0x2, 0x100, 0x3, 0x9, {0x0, 0x4, 0x0, 0x5, 0x1d15, 0x253, 0x5, 0x81, 0x3, 0x6, 0x4a489615, r2, r3, 0x9, 0xffff}}}, 0x90) ioprio_set$uid(0x3, r2, 0x7fff) poll(0x0, 0x0, 0x8000000000000200) r4 = socket(0x200000000000011, 0x3, 0x0) fcntl$setstatus(r4, 0x4, 0x2400) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000240)={'ip6_vti0\x00', 0x0}) bind$packet(r4, &(0x7f0000000040)={0x11, 0x0, r5, 0x1, 0x0, 0x6, @dev={[], 0x15}}, 0x14) setsockopt$SO_TIMESTAMPING(r4, 0x1, 0x25, &(0x7f00000002c0)=0x596, 0x4) sendmmsg(r4, &(0x7f0000000d00), 0x400004e, 0x0) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000300), 0x0) sendto$inet6(r0, &(0x7f0000000000)="dc23aa52871288cb14556c12fe9416997eb8060f037ec365700e8b453063fa4785c6df3731d50e48210d201f6fff7892c1a3", 0x32, 0x10000000, &(0x7f00000000c0)={0xa, 0x4e20, 0x0, @local, 0x3}, 0x1c) lowmem_reserve[]: 0 0 0 [ 1551.718969] DMA32: 12*4kB (UM) 12*8kB (UME) 7*16kB (UME) 5*32kB (UME) 4*64kB (UM) 6*128kB (UME) 7*256kB (UME) 6*512kB (UME) 4*1024kB (UME) 4*2048kB (UME) 731*4096kB (UM) = 3012768kB Normal: 2*4kB (E) 40*8kB (ME) 139*16kB (UME) 26*32kB (UME) 15*64kB (M) 7*128kB (ME) 9*256kB (ME) 5*512kB (M) 1*1024kB (E) 2*2048kB (UM) 363*4096kB (U) = 1502072kB 32146 total pagecache pages [ 1551.719304] 0 pages in swap cache [ 1551.719321] Swap cache stats: add 0, delete 0, find 0/0 [ 1551.719328] Free swap = 0kB [ 1551.719340] Total swap = 0kB [ 1551.719344] 1965979 pages RAM [ 1551.719360] 0 pages HighMem/MovableOnly [ 1551.719362] 313627 pages reserved [ 1551.766420] syz-executor.0: vmalloc: allocation failure: 0 bytes, mode:0x24000c2(GFP_KERNEL|__GFP_HIGHMEM) [ 1551.766431] CPU: 1 PID: 31005 Comm: syz-executor.0 Not tainted 4.9.194+ #0 [ 1551.766447] ffff88013c5df968 ffffffff81b67001 1ffff100278bbf2f ffff88012342c740 [ 1551.766460] ffffffff82aab4e0 0000000000000001 0000000000400000 ffff88013c5dfa90 [ 1551.766472] ffffffff815080fc 0000000041b58ab3 ffffffff82e3bc80 ffffffff81431d00 [ 1551.766474] Call Trace: [ 1551.766491] [<0000000011681f42>] dump_stack+0xc1/0x120 22:11:53 executing program 1: r0 = socket$inet6(0xa, 0x80003, 0x6b) ioctl(r0, 0x1000008912, &(0x7f00000001c0)="0815b5055e0bcfe87b3071") r1 = socket$inet_tcp(0x2, 0x1, 0x0) getsockopt$inet_tcp_int(r1, 0x6, 0x9, 0x0, &(0x7f00000000c0)=0xffffffffffffffe4) [ 1551.766503] [<000000007c2097d2>] warn_alloc.cold+0x76/0x93 [ 1551.766513] [<00000000de19d6ac>] ? zone_watermark_ok_safe+0x260/0x260 [ 1551.766521] [<00000000298d54b5>] ? avc_has_perm+0x164/0x3a0 [ 1551.766530] [<000000005cb91349>] __vmalloc_node_range+0x368/0x610 [ 1551.766540] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1551.766549] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1551.766557] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1551.766567] [<00000000a2fc1867>] ? task_has_security+0x130/0x270 [ 1551.766575] [<00000000a2870fb6>] vmalloc+0x5c/0x70 [ 1551.766581] [<000000009122b07a>] ? sel_write_load+0x119/0xf60 [ 1551.766589] [<000000009122b07a>] sel_write_load+0x119/0xf60 [ 1551.766596] [<0000000014953e9a>] ? sel_read_bool+0x240/0x240 [ 1551.766606] [<0000000033795d1e>] ? trace_hardirqs_on+0x10/0x10 22:11:53 executing program 1: r0 = socket$inet6(0xa, 0x80003, 0x6b) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0815b5055e0bcfe87b3071") r1 = socket$inet_udp(0x2, 0x2, 0x0) bind$inet(r1, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x10) setsockopt$sock_int(r1, 0x1, 0x6, &(0x7f00000000c0)=0x2a, 0x4) connect$inet(r1, &(0x7f0000000640)={0x2, 0x0, @broadcast}, 0x10) ioctl$sock_ifreq(r1, 0x8937, &(0x7f0000000100)={'veth0\x00', @ifru_settings={0x10001, 0x0, @fr=0x0}}) setsockopt$sock_int(r1, 0x1, 0x1600bd61, &(0x7f0000000140), 0x4) [ 1551.766615] [<000000008431afd9>] __vfs_write+0x116/0x560 [ 1551.766622] [<0000000014953e9a>] ? sel_read_bool+0x240/0x240 [ 1551.766629] [<00000000b67253ca>] ? __vfs_read+0x550/0x550 [ 1551.766639] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1551.766646] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1551.766655] [<00000000ad48bf15>] ? rcu_read_lock_sched_held+0x10b/0x130 [ 1551.766663] [<00000000a3300644>] ? rcu_sync_lockdep_assert+0x73/0xb0 [ 1551.766671] [<000000003542cfd2>] ? __sb_start_write+0x161/0x310 [ 1551.766677] [<000000006a657c39>] vfs_write+0x185/0x520 [ 1551.766684] [<00000000896b6640>] SyS_write+0x121/0x270 [ 1551.766691] [<0000000039622e10>] ? SyS_read+0x270/0x270 [ 1551.766699] [<00000000207ed57a>] ? do_syscall_64+0x4a/0x5c0 [ 1551.766706] [<0000000039622e10>] ? SyS_read+0x270/0x270 [ 1551.766717] [<000000009049c43c>] do_syscall_64+0x1ad/0x5c0 [ 1551.766730] [<00000000880b3aee>] entry_SYSCALL_64_after_swapgs+0x5d/0xdb [ 1551.766733] Mem-Info: [ 1551.766758] active_anon:189761 inactive_anon:40 isolated_anon:0 [ 1551.766758] active_file:12761 inactive_file:19334 isolated_file:0 [ 1551.766758] unevictable:1 dirty:203 writeback:0 unstable:0 [ 1551.766758] slab_reclaimable:8950 slab_unreclaimable:101159 [ 1551.766758] mapped:59368 shmem:56 pagetables:79978 bounce:0 [ 1551.766758] free:1128687 free_pcp:552 free_cma:0 [ 1551.766779] Node 0 active_anon:759044kB inactive_anon:160kB active_file:51044kB inactive_file:77336kB unevictable:4kB isolated(anon):0kB isolated(file):0kB mapped:237472kB dirty:812kB writeback:0kB shmem:224kB writeback_tmp:0kB unstable:0kB pages_scanned:0 all_unreclaimable? no [ 1551.766803] DMA32 free:3012768kB min:4696kB low:7712kB high:10728kB active_anon:8kB inactive_anon:0kB active_file:4kB inactive_file:0kB unevictable:0kB writepending:0kB present:3145324kB managed:3020092kB mlocked:0kB slab_reclaimable:72kB slab_unreclaimable:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:1232kB local_pcp:644kB free_cma:0kB lowmem_reserve[]: 0 3505 3505 [ 1551.766830] Normal free:1501980kB min:5580kB low:9168kB high:12756kB active_anon:759036kB inactive_anon:160kB active_file:51040kB inactive_file:77336kB unevictable:4kB writepending:812kB present:4718592kB managed:3589316kB mlocked:4kB slab_reclaimable:35728kB slab_unreclaimable:404636kB kernel_stack:101536kB pagetables:319912kB bounce:0kB free_pcp:976kB local_pcp:260kB free_cma:0kB lowmem_reserve[]: 0 0 0 [ 1551.766883] DMA32: 12*4kB (UM) 12*8kB (UME) 7*16kB (UME) 5*32kB (UME) 4*64kB (UM) 6*128kB (UME) 7*256kB (UME) 6*512kB (UME) 4*1024kB (UME) 4*2048kB (UME) 731*4096kB (UM) = 3012768kB 22:11:54 executing program 1: r0 = socket$inet6(0xa, 0x80003, 0x6b) ioctl(r0, 0x1000008912, &(0x7f00000001c0)="0815b5055e0bcfe87b3071") r1 = socket$inet_tcp(0x2, 0x1, 0x0) getsockopt$inet_tcp_int(r1, 0x6, 0x11, 0x0, &(0x7f00000000c0)=0xffffffffffffffe4) 22:11:54 executing program 0: openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xf7ffffffffffffff, 0xffffffffffffffff, 0x0) socket(0x0, 0x0, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000180)='\x00\x00\x00\x00\x00') fchown(r0, 0x0, 0x0) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0}, &(0x7f0000cab000)=0xc) chown(&(0x7f00000001c0)='./file0\x00', r1, 0x0) lstat(&(0x7f0000000100)='./file0\x00', &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) write$FUSE_ENTRY(r0, &(0x7f0000000300)={0x90, 0x0, 0x8, {0x3, 0x2, 0x2, 0x100, 0x3, 0x9, {0x0, 0x4, 0x0, 0x5, 0x1d15, 0x253, 0x5, 0x81, 0x3, 0x6, 0x4a489615, r1, r2, 0x9, 0xffff}}}, 0x90) ioprio_set$uid(0x3, r1, 0x7fff) poll(0x0, 0x0, 0x8000000000000200) r3 = socket(0x200000000000011, 0x3, 0x0) fcntl$setstatus(r3, 0x4, 0x2400) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000240)={'ip6_vti0\x00', 0x0}) bind$packet(r3, &(0x7f0000000040)={0x11, 0x0, r4, 0x1, 0x0, 0x6, @dev={[], 0x15}}, 0x14) setsockopt$SO_TIMESTAMPING(r3, 0x1, 0x25, &(0x7f00000002c0)=0x596, 0x4) sendmmsg(r3, &(0x7f0000000d00), 0x400004e, 0x0) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000300), 0x0) Normal: 3*4kB (ME) 24*8kB (ME) 139*16kB (UME) 26*32kB (UME) 15*64kB (M) 7*128kB (ME) 9*256kB (ME) 5*512kB (M) 1*1024kB (E) 2*2048kB (UM) 363*4096kB (U) = 1501948kB 32149 total pagecache pages [ 1551.766935] 0 pages in swap cache [ 1551.766939] Swap cache stats: add 0, delete 0, find 0/0 [ 1551.766941] Free swap = 0kB [ 1551.766943] Total swap = 0kB [ 1551.766945] 1965979 pages RAM [ 1551.766947] 0 pages HighMem/MovableOnly [ 1551.766949] 313627 pages reserved [ 1554.687054] syz-executor.0: vmalloc: allocation failure: 0 bytes, mode:0x24000c2(GFP_KERNEL|__GFP_HIGHMEM) [ 1554.687066] CPU: 0 PID: 31084 Comm: syz-executor.0 Not tainted 4.9.194+ #0 [ 1554.687092] ffff88013a4ef968 ffffffff81b67001 1ffff1002749df2f ffff880133abdf00 [ 1554.687106] ffffffff82aab4e0 0000000000000001 0000000000400000 ffff88013a4efa90 [ 1554.687119] ffffffff815080fc 0000000041b58ab3 ffffffff82e3bc80 ffffffff81431d00 [ 1554.687121] Call Trace: 22:11:54 executing program 1: r0 = socket$inet6(0xa, 0x80003, 0x6b) ioctl(r0, 0x1000008912, &(0x7f00000001c0)="0815b5055e0bcfe87b3071") r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x4, 0xe, &(0x7f0000000380)=ANY=[@ANYBLOB="b70200000000009cbfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff6d6405000000000065040400010000000404000001000000b7050000000000006a0a80fe000000008500000053000000b70000000000000095000000000000004e6201363034fdb11716a08af339d1a1ee35fe2a3a255c33282044b324953c0a9fa9a84452569957c1002ed7d4d8e17f791f4798c8eb484de03352c69b3edff5be27765ba5f8f2879021c2ea53ea79acd7fb38fdf79f2be9087b7c4ae7dd5e4dee8851d40c617b58c8108ddf12dddd4bfc6a4dd35383561cbe0458f1f5b6beba510b4229b0d4b504516c4c3e5d1aa044d8d00728141cd67bcd68f253288e655c6b34e02e90637ef2912ba7de26ff2357ef17f95a25780c3a0578442926ef4e912f01a201e694e3806e8c8fe8b8091627fcb311a55a9875c606bda873a4bca7f6cd0c24d6e5e352655635a650a5a7ad0a7b1d7d10e14b1e2375f6f55b52028d758d2f7085054567383f309336c34c06e751f94655df5e7c30b609acbe29dc3e031d1164839c1d0a8a74c01fd7edac55c37c6315005cf47f48ada3a6087af06d14a0763b43b7"], &(0x7f0000000340)='syzkaller\x00'}, 0x48) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000280)={r1, 0x0, 0xe, 0x0, &(0x7f0000000180)="c45c57ce395de5b2810f7d637a22", 0x0, 0xf0}, 0x28) [ 1554.687139] [<0000000011681f42>] dump_stack+0xc1/0x120 [ 1554.687154] [<000000007c2097d2>] warn_alloc.cold+0x76/0x93 [ 1554.687165] [<00000000de19d6ac>] ? zone_watermark_ok_safe+0x260/0x260 [ 1554.687177] [<00000000298d54b5>] ? avc_has_perm+0x164/0x3a0 [ 1554.687186] [<000000005cb91349>] __vmalloc_node_range+0x368/0x610 [ 1554.687196] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1554.687205] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1554.687213] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1554.687223] [<00000000a2fc1867>] ? task_has_security+0x130/0x270 [ 1554.687230] [<00000000a2870fb6>] vmalloc+0x5c/0x70 [ 1554.687237] [<000000009122b07a>] ? sel_write_load+0x119/0xf60 [ 1554.687243] [<000000009122b07a>] sel_write_load+0x119/0xf60 [ 1554.687250] [<0000000014953e9a>] ? sel_read_bool+0x240/0x240 [ 1554.687259] [<0000000033795d1e>] ? trace_hardirqs_on+0x10/0x10 [ 1554.687267] [<000000008431afd9>] __vfs_write+0x116/0x560 [ 1554.687274] [<0000000014953e9a>] ? sel_read_bool+0x240/0x240 [ 1554.687280] [<00000000b67253ca>] ? __vfs_read+0x550/0x550 [ 1554.687289] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1554.687297] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1554.687306] [<00000000ad48bf15>] ? rcu_read_lock_sched_held+0x10b/0x130 [ 1554.687318] [<00000000a3300644>] ? rcu_sync_lockdep_assert+0x73/0xb0 [ 1554.687328] [<000000003542cfd2>] ? __sb_start_write+0x161/0x310 [ 1554.687338] [<000000006a657c39>] vfs_write+0x185/0x520 [ 1554.687348] [<00000000896b6640>] SyS_write+0x121/0x270 [ 1554.687355] [<0000000039622e10>] ? SyS_read+0x270/0x270 [ 1554.687364] [<00000000207ed57a>] ? do_syscall_64+0x4a/0x5c0 [ 1554.687371] [<0000000039622e10>] ? SyS_read+0x270/0x270 [ 1554.687377] [<000000009049c43c>] do_syscall_64+0x1ad/0x5c0 [ 1554.687388] [<00000000880b3aee>] entry_SYSCALL_64_after_swapgs+0x5d/0xdb [ 1554.687392] Mem-Info: [ 1554.687415] active_anon:189885 inactive_anon:40 isolated_anon:0 [ 1554.687415] active_file:12762 inactive_file:19334 isolated_file:0 [ 1554.687415] unevictable:1 dirty:203 writeback:0 unstable:0 [ 1554.687415] slab_reclaimable:8962 slab_unreclaimable:101405 [ 1554.687415] mapped:59368 shmem:56 pagetables:80096 bounce:0 [ 1554.687415] free:1128191 free_pcp:508 free_cma:0 [ 1554.687432] Node 0 active_anon:759540kB inactive_anon:160kB active_file:51048kB inactive_file:77336kB unevictable:4kB isolated(anon):0kB isolated(file):0kB mapped:237472kB dirty:812kB writeback:0kB shmem:224kB writeback_tmp:0kB unstable:0kB pages_scanned:0 all_unreclaimable? no [ 1554.687460] DMA32 free:3012768kB min:4696kB low:7712kB high:10728kB active_anon:8kB inactive_anon:0kB active_file:4kB inactive_file:0kB unevictable:0kB writepending:0kB present:3145324kB managed:3020092kB mlocked:0kB slab_reclaimable:72kB slab_unreclaimable:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:1232kB local_pcp:588kB free_cma:0kB lowmem_reserve[]: 0 3505 3505 [ 1554.687488] Normal free:1499996kB min:5580kB low:9168kB high:12756kB active_anon:759532kB inactive_anon:160kB active_file:51044kB inactive_file:77336kB unevictable:4kB writepending:812kB present:4718592kB managed:3589316kB mlocked:4kB slab_reclaimable:35776kB slab_unreclaimable:405620kB kernel_stack:101664kB pagetables:320384kB bounce:0kB free_pcp:800kB local_pcp:228kB free_cma:0kB lowmem_reserve[]: 0 0 0 [ 1554.687544] DMA32: 12*4kB (UM) 12*8kB (UME) 7*16kB (UME) 5*32kB (UME) 4*64kB (UM) 6*128kB (UME) 7*256kB (UME) 6*512kB (UME) 4*1024kB (UME) 4*2048kB (UME) 731*4096kB (UM) = 3012768kB Normal: 3*4kB (ME) 2*8kB (UE) 128*16kB (ME) 27*32kB (UME) 17*64kB (UME) 6*128kB (M) 9*256kB (ME) 6*512kB (UM) 1*1024kB (E) 1*2048kB (M) 363*4096kB (U) = 1500092kB 32149 total pagecache pages [ 1554.687599] 0 pages in swap cache [ 1554.687603] Swap cache stats: add 0, delete 0, find 0/0 [ 1554.687605] Free swap = 0kB [ 1554.687607] Total swap = 0kB [ 1554.687610] 1965979 pages RAM [ 1554.687612] 0 pages HighMem/MovableOnly [ 1554.687614] 313627 pages reserved [ 1554.688099] syz-executor.1: vmalloc: allocation failure: 0 bytes, mode:0x24000c2(GFP_KERNEL|__GFP_HIGHMEM) 22:11:55 executing program 5: r0 = socket$inet6(0xa, 0x80003, 0x6b) ioctl(r0, 0x1000008912, &(0x7f00000001c0)="0815b5055e0bcfe87b3071") bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0) 22:11:55 executing program 4: r0 = socket$unix(0x1, 0x0, 0x0) r1 = socket$unix(0x1, 0x1, 0x0) setsockopt$sock_int(r1, 0x1, 0x10, &(0x7f0000000040)=0xb517, 0x4) bind$unix(r1, &(0x7f0000003000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0xc) listen(r1, 0x0) connect$unix(r0, &(0x7f000066fff4)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0xc) accept4$unix(r1, &(0x7f000046f000)=@abs, &(0x7f0000937000)=0x8, 0x0) 22:11:55 executing program 1: r0 = socket$inet6(0xa, 0x80003, 0x6b) ioctl(r0, 0x1000008912, &(0x7f00000001c0)="0815b5055e0bcfe87b3071") r1 = socket$inet_tcp(0x2, 0x1, 0x0) getsockopt$inet_tcp_int(r1, 0x6, 0x6b1, 0x0, &(0x7f00000000c0)=0xffffffffffffffe4) [ 1554.688124] CPU: 1 PID: 31090 Comm: syz-executor.1 Not tainted 4.9.194+ #0 [ 1554.688139] ffff88013c697968 ffffffff81b67001 1ffff100278d2f2f ffff88013c688000 [ 1554.688158] ffffffff82aab4e0 0000000000000001 0000000000400000 ffff88013c697a90 [ 1554.688171] ffffffff815080fc 0000000041b58ab3 ffffffff82e3bc80 ffffffff81431d00 [ 1554.688173] Call Trace: [ 1554.688183] [<0000000011681f42>] dump_stack+0xc1/0x120 [ 1554.688192] [<000000007c2097d2>] warn_alloc.cold+0x76/0x93 [ 1554.688200] [<00000000de19d6ac>] ? zone_watermark_ok_safe+0x260/0x260 [ 1554.688207] [<00000000298d54b5>] ? avc_has_perm+0x164/0x3a0 [ 1554.688217] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1554.688225] [<000000005cb91349>] __vmalloc_node_range+0x368/0x610 [ 1554.688233] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1554.688241] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1554.688249] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1554.688258] [<00000000a2fc1867>] ? task_has_security+0x130/0x270 [ 1554.688265] [<00000000a2870fb6>] vmalloc+0x5c/0x70 [ 1554.688271] [<000000009122b07a>] ? sel_write_load+0x119/0xf60 [ 1554.688277] [<000000009122b07a>] sel_write_load+0x119/0xf60 [ 1554.688284] [<0000000014953e9a>] ? sel_read_bool+0x240/0x240 [ 1554.688294] [<00000000b9229046>] ? retint_kernel+0x2d/0x2d [ 1554.688302] [<000000007028393f>] ? mark_held_locks+0xb1/0x100 [ 1554.688310] [<000000008431afd9>] __vfs_write+0x116/0x560 [ 1554.688317] [<0000000014953e9a>] ? sel_read_bool+0x240/0x240 [ 1554.688323] [<00000000b67253ca>] ? __vfs_read+0x550/0x550 [ 1554.688332] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1554.688340] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1554.688348] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1554.688357] [<00000000ad48bf15>] ? rcu_read_lock_sched_held+0x10b/0x130 [ 1554.688364] [<00000000a3300644>] ? rcu_sync_lockdep_assert+0x73/0xb0 [ 1554.688372] [<000000003542cfd2>] ? __sb_start_write+0x161/0x310 [ 1554.688379] [<000000006a657c39>] vfs_write+0x185/0x520 [ 1554.688386] [<00000000896b6640>] SyS_write+0x121/0x270 [ 1554.688393] [<0000000039622e10>] ? SyS_read+0x270/0x270 [ 1554.688400] [<00000000207ed57a>] ? do_syscall_64+0x4a/0x5c0 [ 1554.688407] [<0000000039622e10>] ? SyS_read+0x270/0x270 [ 1554.688414] [<000000009049c43c>] do_syscall_64+0x1ad/0x5c0 [ 1554.688422] [<00000000880b3aee>] entry_SYSCALL_64_after_swapgs+0x5d/0xdb [ 1554.688449] Mem-Info: [ 1554.688478] active_anon:189885 inactive_anon:40 isolated_anon:0 [ 1554.688478] active_file:12762 inactive_file:19334 isolated_file:0 [ 1554.688478] unevictable:1 dirty:203 writeback:0 unstable:0 [ 1554.688478] slab_reclaimable:8962 slab_unreclaimable:101405 [ 1554.688478] mapped:59368 shmem:56 pagetables:80096 bounce:0 [ 1554.688478] free:1128191 free_pcp:508 free_cma:0 [ 1554.688504] Node 0 active_anon:759540kB inactive_anon:160kB active_file:51048kB inactive_file:77336kB unevictable:4kB isolated(anon):0kB isolated(file):0kB mapped:237472kB dirty:812kB writeback:0kB shmem:224kB writeback_tmp:0kB unstable:0kB pages_scanned:0 all_unreclaimable? no [ 1554.688552] DMA32 free:3012768kB min:4696kB low:7712kB high:10728kB active_anon:8kB inactive_anon:0kB active_file:4kB inactive_file:0kB unevictable:0kB writepending:0kB present:3145324kB managed:3020092kB mlocked:0kB slab_reclaimable:72kB slab_unreclaimable:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:1232kB local_pcp:644kB free_cma:0kB lowmem_reserve[]: 0 3505 3505 [ 1554.688644] Normal free:1499996kB min:5580kB low:9168kB high:12756kB active_anon:759532kB inactive_anon:160kB active_file:51044kB inactive_file:77336kB unevictable:4kB writepending:812kB present:4718592kB managed:3589316kB mlocked:4kB slab_reclaimable:35776kB slab_unreclaimable:405620kB kernel_stack:101632kB pagetables:320384kB bounce:0kB free_pcp:800kB local_pcp:572kB free_cma:0kB lowmem_reserve[]: 0 0 0 [ 1554.689119] DMA32: 12*4kB (UM) 12*8kB (UME) 7*16kB (UME) 5*32kB (UME) 4*64kB (UM) 6*128kB (UME) 7*256kB (UME) 6*512kB (UME) 4*1024kB (UME) 4*2048kB (UME) 731*4096kB (UM) = 3012768kB Normal: 3*4kB (ME) 2*8kB (UE) 128*16kB (ME) 28*32kB (UME) 17*64kB (UME) 6*128kB (M) 9*256kB (ME) 6*512kB (UM) 1*1024kB (E) 1*2048kB (M) 363*4096kB (U) = 1500124kB 32149 total pagecache pages [ 1554.689438] 0 pages in swap cache [ 1554.689452] Swap cache stats: add 0, delete 0, find 0/0 [ 1554.689458] Free swap = 0kB [ 1554.689471] Total swap = 0kB [ 1554.689473] 1965979 pages RAM [ 1554.689507] 0 pages HighMem/MovableOnly [ 1554.689528] 313627 pages reserved [ 1555.423192] syz-executor.0: vmalloc: allocation failure: 0 bytes, mode:0x24000c2(GFP_KERNEL|__GFP_HIGHMEM) [ 1555.423204] CPU: 0 PID: 31123 Comm: syz-executor.0 Not tainted 4.9.194+ #0 [ 1555.423222] ffff88013d01f968 ffffffff81b67001 1ffff10027a03f2f ffff88012742c740 [ 1555.423236] ffffffff82aab4e0 0000000000000001 0000000000400000 ffff88013d01fa90 [ 1555.423249] ffffffff815080fc 0000000041b58ab3 ffffffff82e3bc80 ffffffff81431d00 [ 1555.423251] Call Trace: [ 1555.423270] [<0000000011681f42>] dump_stack+0xc1/0x120 [ 1555.423286] [<000000007c2097d2>] warn_alloc.cold+0x76/0x93 [ 1555.423298] [<00000000de19d6ac>] ? zone_watermark_ok_safe+0x260/0x260 [ 1555.423311] [<00000000298d54b5>] ? avc_has_perm+0x164/0x3a0 [ 1555.423324] [<000000005cb91349>] __vmalloc_node_range+0x368/0x610 [ 1555.423337] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1555.423345] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1555.423353] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1555.423362] [<00000000a2fc1867>] ? task_has_security+0x130/0x270 [ 1555.423369] [<00000000a2870fb6>] vmalloc+0x5c/0x70 [ 1555.423375] [<000000009122b07a>] ? sel_write_load+0x119/0xf60 [ 1555.423382] [<000000009122b07a>] sel_write_load+0x119/0xf60 [ 1555.423389] [<0000000014953e9a>] ? sel_read_bool+0x240/0x240 [ 1555.423400] [<0000000033795d1e>] ? trace_hardirqs_on+0x10/0x10 [ 1555.423415] [<000000008431afd9>] __vfs_write+0x116/0x560 [ 1555.423423] [<0000000014953e9a>] ? sel_read_bool+0x240/0x240 [ 1555.423433] [<00000000b67253ca>] ? __vfs_read+0x550/0x550 [ 1555.423445] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1555.423455] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1555.423465] [<00000000ad48bf15>] ? rcu_read_lock_sched_held+0x10b/0x130 [ 1555.423473] [<00000000a3300644>] ? rcu_sync_lockdep_assert+0x73/0xb0 [ 1555.423482] [<000000003542cfd2>] ? __sb_start_write+0x161/0x310 [ 1555.423490] [<000000006a657c39>] vfs_write+0x185/0x520 [ 1555.423497] [<00000000896b6640>] SyS_write+0x121/0x270 [ 1555.423505] [<0000000039622e10>] ? SyS_read+0x270/0x270 [ 1555.423514] [<00000000207ed57a>] ? do_syscall_64+0x4a/0x5c0 [ 1555.423521] [<0000000039622e10>] ? SyS_read+0x270/0x270 [ 1555.423528] [<000000009049c43c>] do_syscall_64+0x1ad/0x5c0 [ 1555.423539] [<00000000880b3aee>] entry_SYSCALL_64_after_swapgs+0x5d/0xdb [ 1555.423621] Mem-Info: [ 1555.423649] active_anon:190060 inactive_anon:37 isolated_anon:0 [ 1555.423649] active_file:12765 inactive_file:19334 isolated_file:0 [ 1555.423649] unevictable:1 dirty:58 writeback:0 unstable:0 [ 1555.423649] slab_reclaimable:8974 slab_unreclaimable:101469 [ 1555.423649] mapped:59368 shmem:56 pagetables:80215 bounce:0 [ 1555.423649] free:1127746 free_pcp:469 free_cma:0 [ 1555.423668] Node 0 active_anon:760240kB inactive_anon:148kB active_file:51060kB inactive_file:77336kB unevictable:4kB isolated(anon):0kB isolated(file):0kB mapped:237472kB dirty:232kB writeback:0kB shmem:224kB writeback_tmp:0kB unstable:0kB pages_scanned:0 all_unreclaimable? no [ 1555.423689] DMA32 free:3012768kB min:4696kB low:7712kB high:10728kB active_anon:8kB inactive_anon:0kB active_file:4kB inactive_file:0kB unevictable:0kB writepending:0kB present:3145324kB managed:3020092kB mlocked:0kB slab_reclaimable:72kB slab_unreclaimable:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:1232kB local_pcp:588kB free_cma:0kB lowmem_reserve[]: 0 3505 3505 [ 1555.423718] Normal free:1498216kB min:5580kB low:9168kB high:12756kB active_anon:760232kB inactive_anon:148kB active_file:51056kB inactive_file:77336kB unevictable:4kB writepending:380kB present:4718592kB managed:3589316kB mlocked:4kB slab_reclaimable:35824kB slab_unreclaimable:405876kB kernel_stack:102144kB pagetables:320860kB bounce:0kB free_pcp:644kB local_pcp:336kB free_cma:0kB lowmem_reserve[]: 0 0 0 [ 1555.423779] DMA32: 12*4kB (UM) 12*8kB (UME) 7*16kB (UME) 5*32kB (UME) 4*64kB (UM) 6*128kB (UME) 7*256kB (UME) 6*512kB (UME) 4*1024kB (UME) 4*2048kB (UME) 731*4096kB (UM) = 3012768kB Normal: 2*4kB (E) 2*8kB (ME) 89*16kB (ME) 33*32kB (UME) 17*64kB (UME) 6*128kB (M) 9*256kB (ME) 5*512kB (M) 2*1024kB (UE) 2*2048kB (UM) 362*4096kB (U) = 1498120kB 32152 total pagecache pages [ 1555.423838] 0 pages in swap cache [ 1555.423843] Swap cache stats: add 0, delete 0, find 0/0 [ 1555.423845] Free swap = 0kB [ 1555.423847] Total swap = 0kB [ 1555.423850] 1965979 pages RAM [ 1555.423852] 0 pages HighMem/MovableOnly [ 1555.423854] 313627 pages reserved [ 1556.294826] syz-executor.1: vmalloc: allocation failure: 0 bytes, mode:0x24000c2(GFP_KERNEL|__GFP_HIGHMEM) [ 1556.294849] CPU: 1 PID: 31121 Comm: syz-executor.1 Not tainted 4.9.194+ #0 [ 1556.294874] ffff88013478f968 ffffffff81b67001 1ffff100268f1f2f ffff8801337e97c0 [ 1556.294886] ffffffff82aab4e0 0000000000000001 0000000000400000 ffff88013478fa90 [ 1556.294898] ffffffff815080fc 0000000041b58ab3 ffffffff82e3bc80 ffffffff81431d00 [ 1556.294899] Call Trace: [ 1556.294917] [<0000000011681f42>] dump_stack+0xc1/0x120 [ 1556.294932] [<000000007c2097d2>] warn_alloc.cold+0x76/0x93 [ 1556.294945] [<00000000de19d6ac>] ? zone_watermark_ok_safe+0x260/0x260 [ 1556.294956] [<00000000298d54b5>] ? avc_has_perm+0x164/0x3a0 [ 1556.294969] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1556.294977] [<000000005cb91349>] __vmalloc_node_range+0x368/0x610 [ 1556.294984] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1556.294992] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1556.295000] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1556.295010] [<00000000a2fc1867>] ? task_has_security+0x130/0x270 [ 1556.295016] [<00000000a2870fb6>] vmalloc+0x5c/0x70 [ 1556.295022] [<000000009122b07a>] ? sel_write_load+0x119/0xf60 [ 1556.295027] [<000000009122b07a>] sel_write_load+0x119/0xf60 [ 1556.295034] [<0000000014953e9a>] ? sel_read_bool+0x240/0x240 [ 1556.295042] [<00000000b9229046>] ? retint_kernel+0x2d/0x2d [ 1556.295053] [<00000000c0218928>] ? trace_hardirqs_on_caller+0x385/0x5a0 [ 1556.295066] [<00000000442ab0de>] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 1556.295074] [<000000008431afd9>] __vfs_write+0x116/0x560 [ 1556.295081] [<0000000014953e9a>] ? sel_read_bool+0x240/0x240 [ 1556.295088] [<00000000b67253ca>] ? __vfs_read+0x550/0x550 [ 1556.295097] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1556.295105] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1556.295114] [<00000000ad48bf15>] ? rcu_read_lock_sched_held+0x10b/0x130 [ 1556.295122] [<00000000a3300644>] ? rcu_sync_lockdep_assert+0x73/0xb0 [ 1556.295130] [<000000003542cfd2>] ? __sb_start_write+0x161/0x310 [ 1556.295137] [<000000006a657c39>] vfs_write+0x185/0x520 [ 1556.295145] [<00000000896b6640>] SyS_write+0x121/0x270 [ 1556.295152] [<0000000039622e10>] ? SyS_read+0x270/0x270 [ 1556.295159] [<00000000207ed57a>] ? do_syscall_64+0x4a/0x5c0 [ 1556.295167] [<0000000039622e10>] ? SyS_read+0x270/0x270 [ 1556.295173] [<000000009049c43c>] do_syscall_64+0x1ad/0x5c0 [ 1556.295182] [<00000000880b3aee>] entry_SYSCALL_64_after_swapgs+0x5d/0xdb [ 1556.295223] Mem-Info: [ 1556.295266] active_anon:190050 inactive_anon:40 isolated_anon:0 [ 1556.295266] active_file:12768 inactive_file:19334 isolated_file:0 [ 1556.295266] unevictable:1 dirty:95 writeback:0 unstable:0 [ 1556.295266] slab_reclaimable:8974 slab_unreclaimable:101493 [ 1556.295266] mapped:59368 shmem:56 pagetables:80235 bounce:0 [ 1556.295266] free:1127697 free_pcp:506 free_cma:0 [ 1556.295316] Node 0 active_anon:760200kB inactive_anon:160kB active_file:51072kB inactive_file:77336kB unevictable:4kB isolated(anon):0kB isolated(file):0kB mapped:237472kB dirty:380kB writeback:0kB shmem:224kB writeback_tmp:0kB unstable:0kB pages_scanned:0 all_unreclaimable? no [ 1556.295392] DMA32 free:3012768kB min:4696kB low:7712kB high:10728kB active_anon:8kB inactive_anon:0kB active_file:4kB inactive_file:0kB unevictable:0kB writepending:0kB present:3145324kB managed:3020092kB mlocked:0kB slab_reclaimable:72kB slab_unreclaimable:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:1232kB local_pcp:644kB free_cma:0kB lowmem_reserve[]: 0 3505 3505 [ 1556.295470] Normal free:1498020kB min:5580kB low:9168kB high:12756kB active_anon:760192kB inactive_anon:160kB active_file:51068kB inactive_file:77336kB unevictable:4kB writepending:380kB present:4718592kB managed:3589316kB mlocked:4kB slab_reclaimable:35824kB slab_unreclaimable:405972kB kernel_stack:101856kB pagetables:320940kB bounce:0kB free_pcp:792kB local_pcp:588kB free_cma:0kB lowmem_reserve[]: 0 0 0 [ 1556.295819] DMA32: 12*4kB (UM) 12*8kB (UME) 7*16kB (UME) 5*32kB (UME) 4*64kB (UM) 6*128kB (UME) 7*256kB (UME) 6*512kB (UME) 4*1024kB (UME) 4*2048kB (UME) 731*4096kB (UM) = 3012768kB Normal: 3*4kB (UE) 1*8kB (M) 79*16kB (ME) 33*32kB (UME) 18*64kB (UME) 6*128kB (M) 9*256kB (ME) 5*512kB (M) 2*1024kB (UE) 2*2048kB (UM) 362*4096kB (U) = 1498020kB 32156 total pagecache pages [ 1556.296110] 0 pages in swap cache [ 1556.296123] Swap cache stats: add 0, delete 0, find 0/0 [ 1556.296129] Free swap = 0kB [ 1556.296144] Total swap = 0kB [ 1556.296163] 1965979 pages RAM [ 1556.296180] 0 pages HighMem/MovableOnly [ 1556.296200] 313627 pages reserved [ 1556.297178] syz-executor.0: vmalloc: allocation failure: 0 bytes, mode:0x24000c2(GFP_KERNEL|__GFP_HIGHMEM) [ 1556.297190] CPU: 0 PID: 31162 Comm: syz-executor.0 Not tainted 4.9.194+ #0 [ 1556.297206] ffff88012dedf968 ffffffff81b67001 1ffff10025bdbf2f ffff8801c8d82f80 [ 1556.297220] ffffffff82aab4e0 0000000000000001 0000000000400000 ffff88012dedfa90 [ 1556.297231] ffffffff815080fc 0000000041b58ab3 ffffffff82e3bc80 ffffffff81431d00 [ 1556.297232] Call Trace: [ 1556.297246] [<0000000011681f42>] dump_stack+0xc1/0x120 [ 1556.297262] [<000000007c2097d2>] warn_alloc.cold+0x76/0x93 [ 1556.297272] [<00000000de19d6ac>] ? zone_watermark_ok_safe+0x260/0x260 [ 1556.297282] [<00000000298d54b5>] ? avc_has_perm+0x164/0x3a0 [ 1556.297292] [<000000005cb91349>] __vmalloc_node_range+0x368/0x610 [ 1556.297303] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1556.297312] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1556.297322] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1556.297331] [<00000000a2fc1867>] ? task_has_security+0x130/0x270 [ 1556.297338] [<00000000a2870fb6>] vmalloc+0x5c/0x70 [ 1556.297346] [<000000009122b07a>] ? sel_write_load+0x119/0xf60 [ 1556.297353] [<000000009122b07a>] sel_write_load+0x119/0xf60 [ 1556.297360] [<0000000014953e9a>] ? sel_read_bool+0x240/0x240 [ 1556.297380] [<0000000033795d1e>] ? trace_hardirqs_on+0x10/0x10 [ 1556.297392] [<000000008431afd9>] __vfs_write+0x116/0x560 [ 1556.297402] [<0000000014953e9a>] ? sel_read_bool+0x240/0x240 [ 1556.297411] [<00000000b67253ca>] ? __vfs_read+0x550/0x550 [ 1556.297423] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1556.297434] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1556.297443] [<00000000ad48bf15>] ? rcu_read_lock_sched_held+0x10b/0x130 [ 1556.297451] [<00000000a3300644>] ? rcu_sync_lockdep_assert+0x73/0xb0 [ 1556.297461] [<000000003542cfd2>] ? __sb_start_write+0x161/0x310 [ 1556.297468] [<000000006a657c39>] vfs_write+0x185/0x520 [ 1556.297476] [<00000000896b6640>] SyS_write+0x121/0x270 [ 1556.297483] [<0000000039622e10>] ? SyS_read+0x270/0x270 [ 1556.297491] [<00000000207ed57a>] ? do_syscall_64+0x4a/0x5c0 [ 1556.297499] [<0000000039622e10>] ? SyS_read+0x270/0x270 [ 1556.297506] [<000000009049c43c>] do_syscall_64+0x1ad/0x5c0 [ 1556.297516] [<00000000880b3aee>] entry_SYSCALL_64_after_swapgs+0x5d/0xdb [ 1556.297520] Mem-Info: [ 1556.297543] active_anon:190050 inactive_anon:40 isolated_anon:0 [ 1556.297543] active_file:12768 inactive_file:19334 isolated_file:0 [ 1556.297543] unevictable:1 dirty:95 writeback:0 unstable:0 [ 1556.297543] slab_reclaimable:8974 slab_unreclaimable:101493 [ 1556.297543] mapped:59368 shmem:56 pagetables:80235 bounce:0 [ 1556.297543] free:1127697 free_pcp:506 free_cma:0 [ 1556.297560] Node 0 active_anon:760200kB inactive_anon:160kB active_file:51072kB inactive_file:77336kB unevictable:4kB isolated(anon):0kB isolated(file):0kB mapped:237472kB dirty:380kB writeback:0kB shmem:224kB writeback_tmp:0kB unstable:0kB pages_scanned:0 all_unreclaimable? no [ 1556.297579] DMA32 free:3012768kB min:4696kB low:7712kB high:10728kB active_anon:8kB inactive_anon:0kB active_file:4kB inactive_file:0kB unevictable:0kB writepending:0kB present:3145324kB managed:3020092kB mlocked:0kB slab_reclaimable:72kB slab_unreclaimable:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:1232kB local_pcp:588kB free_cma:0kB lowmem_reserve[]: 0 3505 3505 [ 1556.297608] Normal free:1498020kB min:5580kB low:9168kB high:12756kB active_anon:760192kB inactive_anon:160kB active_file:51068kB inactive_file:77336kB unevictable:4kB writepending:380kB present:4718592kB managed:3589316kB mlocked:4kB slab_reclaimable:35824kB slab_unreclaimable:405972kB kernel_stack:101856kB pagetables:320940kB bounce:0kB free_pcp:792kB local_pcp:204kB free_cma:0kB lowmem_reserve[]: 0 0 0 [ 1556.297669] DMA32: 12*4kB (UM) 12*8kB (UME) 7*16kB (UME) 5*32kB (UME) 4*64kB (UM) 6*128kB (UME) 7*256kB (UME) 6*512kB (UME) 4*1024kB (UME) 4*2048kB (UME) 731*4096kB (UM) = 3012768kB Normal: 3*4kB (UE) 1*8kB (M) 79*16kB (ME) 33*32kB (UME) 18*64kB (UME) 6*128kB (M) 9*256kB (ME) 5*512kB (M) 2*1024kB (UE) 2*2048kB (UM) 362*4096kB (U) = 1498020kB 32156 total pagecache pages [ 1556.297727] 0 pages in swap cache [ 1556.297731] Swap cache stats: add 0, delete 0, find 0/0 [ 1556.297733] Free swap = 0kB [ 1556.297735] Total swap = 0kB [ 1556.297738] 1965979 pages RAM [ 1556.297740] 0 pages HighMem/MovableOnly [ 1556.297742] 313627 pages reserved [ 1556.839081] syz-executor.1: vmalloc: allocation failure: 0 bytes, mode:0x24000c2(GFP_KERNEL|__GFP_HIGHMEM) [ 1556.839098] CPU: 0 PID: 31183 Comm: syz-executor.1 Not tainted 4.9.194+ #0 [ 1556.839115] ffff88013a5c7968 ffffffff81b67001 1ffff100274b8f2f ffff880126c90000 [ 1556.839128] ffffffff82aab4e0 0000000000000001 0000000000400000 ffff88013a5c7a90 [ 1556.839142] ffffffff815080fc 0000000041b58ab3 ffffffff82e3bc80 ffffffff81431d00 [ 1556.839145] Call Trace: [ 1556.839162] [<0000000011681f42>] dump_stack+0xc1/0x120 [ 1556.839177] [<000000007c2097d2>] warn_alloc.cold+0x76/0x93 [ 1556.839189] [<00000000de19d6ac>] ? zone_watermark_ok_safe+0x260/0x260 [ 1556.839199] [<00000000298d54b5>] ? avc_has_perm+0x164/0x3a0 [ 1556.839209] [<000000005cb91349>] __vmalloc_node_range+0x368/0x610 [ 1556.839219] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1556.839227] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1556.839236] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1556.839246] [<00000000a2fc1867>] ? task_has_security+0x130/0x270 [ 1556.839252] [<00000000a2870fb6>] vmalloc+0x5c/0x70 [ 1556.839259] [<000000009122b07a>] ? sel_write_load+0x119/0xf60 [ 1556.839266] [<000000009122b07a>] sel_write_load+0x119/0xf60 [ 1556.839274] [<0000000014953e9a>] ? sel_read_bool+0x240/0x240 [ 1556.839284] [<00000000c0218928>] ? trace_hardirqs_on_caller+0x385/0x5a0 [ 1556.839292] [<000000007028393f>] ? mark_held_locks+0xb1/0x100 [ 1556.839300] [<000000008431afd9>] __vfs_write+0x116/0x560 [ 1556.839307] [<0000000014953e9a>] ? sel_read_bool+0x240/0x240 [ 1556.839314] [<00000000b67253ca>] ? __vfs_read+0x550/0x550 [ 1556.839323] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1556.839332] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1556.839341] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1556.839351] [<00000000ad48bf15>] ? rcu_read_lock_sched_held+0x10b/0x130 [ 1556.839359] [<00000000a3300644>] ? rcu_sync_lockdep_assert+0x73/0xb0 [ 1556.839367] [<000000003542cfd2>] ? __sb_start_write+0x161/0x310 [ 1556.839374] [<000000006a657c39>] vfs_write+0x185/0x520 [ 1556.839381] [<00000000896b6640>] SyS_write+0x121/0x270 [ 1556.839387] [<0000000039622e10>] ? SyS_read+0x270/0x270 [ 1556.839395] [<00000000207ed57a>] ? do_syscall_64+0x4a/0x5c0 [ 1556.839402] [<0000000039622e10>] ? SyS_read+0x270/0x270 [ 1556.839414] [<000000009049c43c>] do_syscall_64+0x1ad/0x5c0 [ 1556.839429] [<00000000880b3aee>] entry_SYSCALL_64_after_swapgs+0x5d/0xdb [ 1556.839449] Mem-Info: [ 1556.839513] active_anon:190114 inactive_anon:40 isolated_anon:0 [ 1556.839513] active_file:12773 inactive_file:19334 isolated_file:0 [ 1556.839513] unevictable:1 dirty:126 writeback:0 unstable:0 [ 1556.839513] slab_reclaimable:8984 slab_unreclaimable:101407 [ 1556.839513] mapped:59384 shmem:56 pagetables:80296 bounce:0 [ 1556.839513] free:1127526 free_pcp:523 free_cma:0 [ 1556.839548] Node 0 active_anon:760456kB inactive_anon:160kB active_file:51092kB inactive_file:77336kB unevictable:4kB isolated(anon):0kB isolated(file):0kB mapped:237536kB dirty:504kB writeback:0kB shmem:224kB writeback_tmp:0kB unstable:0kB pages_scanned:0 all_unreclaimable? no [ 1556.839579] DMA32 free:3012768kB min:4696kB low:7712kB high:10728kB active_anon:8kB inactive_anon:0kB active_file:4kB inactive_file:0kB unevictable:0kB writepending:0kB present:3145324kB managed:3020092kB mlocked:0kB slab_reclaimable:72kB slab_unreclaimable:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:1232kB local_pcp:588kB free_cma:0kB lowmem_reserve[]: 0 3505 3505 [ 1556.839649] Normal free:1497336kB min:5580kB low:9168kB high:12756kB active_anon:760448kB inactive_anon:160kB active_file:51088kB inactive_file:77336kB unevictable:4kB writepending:504kB present:4718592kB managed:3589316kB mlocked:4kB slab_reclaimable:35864kB slab_unreclaimable:405628kB kernel_stack:102144kB pagetables:321184kB bounce:0kB free_pcp:860kB local_pcp:532kB free_cma:0kB lowmem_reserve[]: 0 0 0 [ 1556.840065] DMA32: 12*4kB (UM) 12*8kB (UME) 7*16kB (UME) 5*32kB (UME) 4*64kB (UM) 6*128kB (UME) 7*256kB (UME) 6*512kB (UME) 4*1024kB (UME) 4*2048kB (UME) 731*4096kB (UM) = 3012768kB Normal: 2*4kB (E) 0*8kB 65*16kB (UME) 34*32kB (UM) 17*64kB (UME) 7*128kB (UM) 9*256kB (ME) 6*512kB (UM) 1*1024kB (E) 2*2048kB (UM) 362*4096kB (U) = 1497368kB 32160 total pagecache pages [ 1556.840323] 0 pages in swap cache [ 1556.840347] Swap cache stats: add 0, delete 0, find 0/0 [ 1556.840359] Free swap = 0kB [ 1556.840383] Total swap = 0kB [ 1556.840404] 1965979 pages RAM [ 1556.840459] 0 pages HighMem/MovableOnly [ 1556.840484] 313627 pages reserved [ 1559.062818] syz-executor.0: vmalloc: allocation failure: 0 bytes, mode:0x24000c2(GFP_KERNEL|__GFP_HIGHMEM) [ 1559.062830] CPU: 1 PID: 31228 Comm: syz-executor.0 Not tainted 4.9.194+ #0 [ 1559.062845] ffff88013b157968 ffffffff81b67001 1ffff1002762af2f ffff8801b11c4740 [ 1559.062857] ffffffff82aab4e0 0000000000000001 0000000000400000 ffff88013b157a90 [ 1559.062868] ffffffff815080fc 0000000041b58ab3 ffffffff82e3bc80 ffffffff81431d00 [ 1559.062870] Call Trace: [ 1559.062888] [<0000000011681f42>] dump_stack+0xc1/0x120 [ 1559.062902] [<000000007c2097d2>] warn_alloc.cold+0x76/0x93 [ 1559.062912] [<00000000de19d6ac>] ? zone_watermark_ok_safe+0x260/0x260 [ 1559.062921] [<00000000298d54b5>] ? avc_has_perm+0x164/0x3a0 [ 1559.062931] [<000000005cb91349>] __vmalloc_node_range+0x368/0x610 [ 1559.062941] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1559.062950] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1559.062959] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1559.062970] [<00000000a2fc1867>] ? task_has_security+0x130/0x270 [ 1559.062977] [<00000000a2870fb6>] vmalloc+0x5c/0x70 [ 1559.062984] [<000000009122b07a>] ? sel_write_load+0x119/0xf60 [ 1559.062991] [<000000009122b07a>] sel_write_load+0x119/0xf60 [ 1559.062999] [<0000000014953e9a>] ? sel_read_bool+0x240/0x240 [ 1559.063009] [<0000000033795d1e>] ? trace_hardirqs_on+0x10/0x10 [ 1559.063017] [<000000008431afd9>] __vfs_write+0x116/0x560 [ 1559.063024] [<0000000014953e9a>] ? sel_read_bool+0x240/0x240 [ 1559.063031] [<00000000b67253ca>] ? __vfs_read+0x550/0x550 [ 1559.063041] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1559.063050] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1559.063060] [<00000000ad48bf15>] ? rcu_read_lock_sched_held+0x10b/0x130 [ 1559.063075] [<00000000a3300644>] ? rcu_sync_lockdep_assert+0x73/0xb0 [ 1559.063086] [<000000003542cfd2>] ? __sb_start_write+0x161/0x310 [ 1559.063096] [<000000006a657c39>] vfs_write+0x185/0x520 [ 1559.063107] [<00000000896b6640>] SyS_write+0x121/0x270 [ 1559.063116] [<0000000039622e10>] ? SyS_read+0x270/0x270 [ 1559.063127] [<00000000207ed57a>] ? do_syscall_64+0x4a/0x5c0 [ 1559.063135] [<0000000039622e10>] ? SyS_read+0x270/0x270 [ 1559.063142] [<000000009049c43c>] do_syscall_64+0x1ad/0x5c0 [ 1559.063157] [<00000000880b3aee>] entry_SYSCALL_64_after_swapgs+0x5d/0xdb [ 1559.063182] Mem-Info: [ 1559.063206] active_anon:190139 inactive_anon:40 isolated_anon:0 [ 1559.063206] active_file:12773 inactive_file:19334 isolated_file:0 [ 1559.063206] unevictable:1 dirty:137 writeback:0 unstable:0 [ 1559.063206] slab_reclaimable:9008 slab_unreclaimable:101510 [ 1559.063206] mapped:59368 shmem:56 pagetables:80320 bounce:0 [ 1559.063206] free:1127470 free_pcp:498 free_cma:0 [ 1559.063221] Node 0 active_anon:760556kB inactive_anon:160kB active_file:51092kB inactive_file:77336kB unevictable:4kB isolated(anon):0kB isolated(file):0kB mapped:237472kB dirty:548kB writeback:0kB shmem:224kB writeback_tmp:0kB unstable:0kB pages_scanned:0 all_unreclaimable? no [ 1559.063239] DMA32 free:3012768kB min:4696kB low:7712kB high:10728kB active_anon:8kB inactive_anon:0kB active_file:4kB inactive_file:0kB unevictable:0kB writepending:0kB present:3145324kB managed:3020092kB mlocked:0kB slab_reclaimable:72kB slab_unreclaimable:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:1232kB local_pcp:644kB free_cma:0kB lowmem_reserve[]: 0 3505 3505 [ 1559.063266] Normal free:1497112kB min:5580kB low:9168kB high:12756kB active_anon:760548kB inactive_anon:160kB active_file:51088kB inactive_file:77336kB unevictable:4kB writepending:548kB present:4718592kB managed:3589316kB mlocked:4kB slab_reclaimable:35960kB slab_unreclaimable:406040kB kernel_stack:101792kB pagetables:321280kB bounce:0kB free_pcp:760kB local_pcp:336kB free_cma:0kB lowmem_reserve[]: 0 0 0 [ 1559.063376] DMA32: 12*4kB (UM) 12*8kB (UME) 7*16kB (UME) 5*32kB (UME) 4*64kB (UM) 6*128kB (UME) 7*256kB (UME) 6*512kB (UME) 4*1024kB (UME) 4*2048kB (UME) 731*4096kB (UM) = 3012768kB Normal: 28*4kB (UME) 3*8kB (UM) 55*16kB (ME) 23*32kB (ME) 18*64kB (UM) 7*128kB (UM) 9*256kB (ME) 6*512kB (UM) 1*1024kB (E) 2*2048kB (UM) 362*4096kB (U) = 1497048kB 32160 total pagecache pages [ 1559.063442] 0 pages in swap cache [ 1559.063446] Swap cache stats: add 0, delete 0, find 0/0 [ 1559.063448] Free swap = 0kB [ 1559.063450] Total swap = 0kB [ 1559.063453] 1965979 pages RAM [ 1559.063455] 0 pages HighMem/MovableOnly [ 1559.063457] 313627 pages reserved [ 1559.698975] syz-executor.0: vmalloc: allocation failure: 0 bytes, mode:0x24000c2(GFP_KERNEL|__GFP_HIGHMEM) [ 1559.698985] CPU: 1 PID: 31231 Comm: syz-executor.0 Not tainted 4.9.194+ #0 [ 1559.699000] ffff880135d47968 ffffffff81b67001 1ffff10026ba8f2f ffff88019e8e0000 [ 1559.699011] ffffffff82aab4e0 0000000000000001 0000000000400000 ffff880135d47a90 [ 1559.699023] ffffffff815080fc 0000000041b58ab3 ffffffff82e3bc80 ffffffff81431d00 [ 1559.699025] Call Trace: [ 1559.699042] [<0000000011681f42>] dump_stack+0xc1/0x120 [ 1559.699056] [<000000007c2097d2>] warn_alloc.cold+0x76/0x93 [ 1559.699065] [<00000000de19d6ac>] ? zone_watermark_ok_safe+0x260/0x260 [ 1559.699073] [<00000000298d54b5>] ? avc_has_perm+0x164/0x3a0 [ 1559.699082] [<000000005cb91349>] __vmalloc_node_range+0x368/0x610 [ 1559.699092] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1559.699100] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1559.699109] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1559.699120] [<00000000a2fc1867>] ? task_has_security+0x130/0x270 [ 1559.699127] [<00000000a2870fb6>] vmalloc+0x5c/0x70 [ 1559.699134] [<000000009122b07a>] ? sel_write_load+0x119/0xf60 [ 1559.699141] [<000000009122b07a>] sel_write_load+0x119/0xf60 [ 1559.699148] [<0000000014953e9a>] ? sel_read_bool+0x240/0x240 [ 1559.699158] [<0000000033795d1e>] ? trace_hardirqs_on+0x10/0x10 [ 1559.699166] [<000000008431afd9>] __vfs_write+0x116/0x560 [ 1559.699172] [<0000000014953e9a>] ? sel_read_bool+0x240/0x240 [ 1559.699179] [<00000000b67253ca>] ? __vfs_read+0x550/0x550 [ 1559.699187] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1559.699196] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1559.699205] [<00000000ad48bf15>] ? rcu_read_lock_sched_held+0x10b/0x130 [ 1559.699212] [<00000000a3300644>] ? rcu_sync_lockdep_assert+0x73/0xb0 [ 1559.699220] [<000000003542cfd2>] ? __sb_start_write+0x161/0x310 [ 1559.699227] [<000000006a657c39>] vfs_write+0x185/0x520 [ 1559.699234] [<00000000896b6640>] SyS_write+0x121/0x270 [ 1559.699240] [<0000000039622e10>] ? SyS_read+0x270/0x270 [ 1559.699249] [<00000000207ed57a>] ? do_syscall_64+0x4a/0x5c0 [ 1559.699255] [<0000000039622e10>] ? SyS_read+0x270/0x270 [ 1559.699262] [<000000009049c43c>] do_syscall_64+0x1ad/0x5c0 [ 1559.699272] [<00000000880b3aee>] entry_SYSCALL_64_after_swapgs+0x5d/0xdb [ 1559.699275] Mem-Info: [ 1559.699304] active_anon:190039 inactive_anon:40 isolated_anon:0 [ 1559.699304] active_file:12773 inactive_file:19334 isolated_file:0 [ 1559.699304] unevictable:1 dirty:137 writeback:0 unstable:0 [ 1559.699304] slab_reclaimable:9008 slab_unreclaimable:101562 [ 1559.699304] mapped:59368 shmem:56 pagetables:80209 bounce:0 [ 1559.699304] free:1127617 free_pcp:641 free_cma:0 [ 1559.699327] Node 0 active_anon:760156kB inactive_anon:160kB active_file:51092kB inactive_file:77336kB unevictable:4kB isolated(anon):0kB isolated(file):0kB mapped:237472kB dirty:548kB writeback:0kB shmem:224kB writeback_tmp:0kB unstable:0kB pages_scanned:0 all_unreclaimable? no [ 1559.699358] DMA32 free:3012768kB min:4696kB low:7712kB high:10728kB active_anon:8kB inactive_anon:0kB active_file:4kB inactive_file:0kB unevictable:0kB writepending:0kB present:3145324kB managed:3020092kB mlocked:0kB slab_reclaimable:72kB slab_unreclaimable:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:1232kB local_pcp:644kB free_cma:0kB lowmem_reserve[]: 0 3505 3505 [ 1559.699400] Normal free:1497700kB min:5580kB low:9168kB high:12756kB active_anon:760148kB inactive_anon:160kB active_file:51088kB inactive_file:77336kB unevictable:4kB writepending:548kB present:4718592kB managed:3589316kB mlocked:4kB slab_reclaimable:35960kB slab_unreclaimable:406248kB kernel_stack:101632kB pagetables:320836kB bounce:0kB free_pcp:1332kB local_pcp:612kB free_cma:0kB lowmem_reserve[]: 0 0 0 [ 1559.699479] DMA32: 12*4kB (UM) 12*8kB (UME) 7*16kB (UME) 5*32kB (UME) 4*64kB (UM) 6*128kB (UME) 7*256kB (UME) 6*512kB (UME) 4*1024kB (UME) 4*2048kB (UME) 731*4096kB (UM) = 3012768kB Normal: 93*4kB (UME) 20*8kB (UM) 65*16kB (UME) 27*32kB (UME) 17*64kB (UM) 7*128kB (UM) 9*256kB (ME) 6*512kB (UM) 1*1024kB (E) 2*2048kB (UM) 362*4096kB (U) = 1497668kB 32160 total pagecache pages [ 1559.699535] 0 pages in swap cache [ 1559.699539] Swap cache stats: add 0, delete 0, find 0/0 [ 1559.699541] Free swap = 0kB [ 1559.699543] Total swap = 0kB [ 1559.699545] 1965979 pages RAM [ 1559.699547] 0 pages HighMem/MovableOnly [ 1559.699549] 313627 pages reserved [ 1560.731414] syz-executor.0: vmalloc: allocation failure: 0 bytes, mode:0x24000c2(GFP_KERNEL|__GFP_HIGHMEM) [ 1560.731427] CPU: 0 PID: 31290 Comm: syz-executor.0 Not tainted 4.9.194+ #0 [ 1560.731447] ffff88012e407968 ffffffff81b67001 1ffff10025c80f2f ffff88012a004740 [ 1560.731461] ffffffff82aab4e0 0000000000000001 0000000000400000 ffff88012e407a90 [ 1560.731475] ffffffff815080fc 0000000041b58ab3 ffffffff82e3bc80 ffffffff81431d00 [ 1560.731476] Call Trace: [ 1560.731495] [<0000000011681f42>] dump_stack+0xc1/0x120 [ 1560.731512] [<000000007c2097d2>] warn_alloc.cold+0x76/0x93 [ 1560.731523] [<00000000de19d6ac>] ? zone_watermark_ok_safe+0x260/0x260 [ 1560.731535] [<00000000298d54b5>] ? avc_has_perm+0x164/0x3a0 [ 1560.731548] [<000000005cb91349>] __vmalloc_node_range+0x368/0x610 [ 1560.731558] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1560.731566] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1560.731575] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1560.731585] [<00000000a2fc1867>] ? task_has_security+0x130/0x270 [ 1560.731601] [<00000000a2870fb6>] vmalloc+0x5c/0x70 [ 1560.731612] [<000000009122b07a>] ? sel_write_load+0x119/0xf60 [ 1560.731620] [<000000009122b07a>] sel_write_load+0x119/0xf60 [ 1560.731630] [<0000000014953e9a>] ? sel_read_bool+0x240/0x240 [ 1560.731641] [<0000000033795d1e>] ? trace_hardirqs_on+0x10/0x10 [ 1560.731653] [<000000008431afd9>] __vfs_write+0x116/0x560 [ 1560.731664] [<0000000014953e9a>] ? sel_read_bool+0x240/0x240 [ 1560.731672] [<00000000b67253ca>] ? __vfs_read+0x550/0x550 [ 1560.731685] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1560.731697] [<00000000d80780b7>] ? check_preemption_disabled+0x3c/0x200 [ 1560.731706] [<00000000ad48bf15>] ? rcu_read_lock_sched_held+0x10b/0x130 [ 1560.731713] [<00000000a3300644>] ? rcu_sync_lockdep_assert+0x73/0xb0 [ 1560.731721] [<000000003542cfd2>] ? __sb_start_write+0x161/0x310 [ 1560.731729] [<000000006a657c39>] vfs_write+0x185/0x520 [ 1560.731737] [<00000000896b6640>] SyS_write+0x121/0x270 [ 1560.731744] [<0000000039622e10>] ? SyS_read+0x270/0x270 [ 1560.731753] [<00000000207ed57a>] ? do_syscall_64+0x4a/0x5c0 [ 1560.731761] [<0000000039622e10>] ? SyS_read+0x270/0x270 [ 1560.731768] [<000000009049c43c>] do_syscall_64+0x1ad/0x5c0 [ 1560.731778] [<00000000880b3aee>] entry_SYSCALL_64_after_swapgs+0x5d/0xdb [ 1560.731781] Mem-Info: [ 1560.731800] active_anon:190131 inactive_anon:38 isolated_anon:0 [ 1560.731800] active_file:12774 inactive_file:19334 isolated_file:0 [ 1560.731800] unevictable:1 dirty:67 writeback:0 unstable:0 [ 1560.731800] slab_reclaimable:9008 slab_unreclaimable:101436 [ 1560.731800] mapped:59382 shmem:55 pagetables:80293 bounce:0 [ 1560.731800] free:1127497 free_pcp:505 free_cma:0 [ 1560.731818] Node 0 active_anon:760524kB inactive_anon:152kB active_file:51096kB inactive_file:77336kB unevictable:4kB isolated(anon):0kB isolated(file):0kB mapped:237528kB dirty:268kB writeback:0kB shmem:220kB writeback_tmp:0kB unstable:0kB pages_scanned:0 all_unreclaimable? no [ 1560.731837] DMA32 free:3012768kB min:4696kB low:7712kB high:10728kB active_anon:8kB inactive_anon:0kB active_file:4kB inactive_file:0kB unevictable:0kB writepending:0kB present:3145324kB managed:3020092kB mlocked:0kB slab_reclaimable:72kB slab_unreclaimable:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:1232kB local_pcp:588kB free_cma:0kB lowmem_reserve[]: 0 3505 3505 [ 1560.731866] Normal free:1497220kB min:5580kB low:9168kB high:12756kB active_anon:760516kB inactive_anon:152kB active_file:51092kB inactive_file:77336kB unevictable:4kB writepending:268kB present:4718592kB managed:3589316kB mlocked:4kB slab_reclaimable:35960kB slab_unreclaimable:405744kB kernel_stack:102016kB pagetables:321172kB bounce:0kB free_pcp:784kB local_pcp:168kB free_cma:0kB lowmem_reserve[]: 0 0 0 [ 1560.731924] DMA32: 12*4kB (UM) 12*8kB (UME) 7*16kB (UME) 5*32kB (UME) 4*64kB (UM) 6*128kB (UME) 7*256kB (UME) 6*512kB (UME) 4*1024kB (UME) 4*2048kB (UME) 731*4096kB (UM) = 3012768kB Normal: 43*4kB (UME) 17*8kB (UM) 48*16kB (UME) 35*32kB (UME) 21*64kB (UM) 6*128kB (M) 10*256kB (UME) 5*512kB (M) 1*1024kB (E) 2*2048kB (UM) 362*4096kB (U) = 1497300kB 32160 total pagecache pages [ 1560.731979] 0 pages in swap cache [ 1560.731983] Swap cache stats: add 0, delete 0, find 0/0 [ 1560.731985] Free swap = 0kB [ 1560.731987] Total swap = 0kB [ 1560.731989] 1965979 pages RAM [ 1560.731992] 0 pages HighMem/MovableOnly [ 1560.731993] 313627 pages reserved [ 1576.545620] INFO: task init:24654 blocked for more than 140 seconds. [ 1576.545626] Not tainted 4.9.194+ #0 [ 1576.545628] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 1576.545651] init D29304 24654 1 0x00000000 [ 1576.545666] 0000000000000087 ffff880137608000 ffff8801c838cd00 ffff8801db721000 [ 1576.545676] ffff8801a15c8000 ffff8801db721018 ffff88012e6c7758 ffffffff8281af8e [ 1576.545685] ffff8801376088c8 ffff8801376088a0 00ff8801376088d0 ffff8801db7218f0 [ 1576.545687] Call Trace: [ 1576.545710] [<0000000031a8f1e0>] ? __schedule+0x6ce/0x1f10 [ 1576.545719] [<00000000bd6b9231>] ? io_schedule_timeout+0x390/0x390 [ 1576.545728] [<000000007028393f>] ? mark_held_locks+0xb1/0x100 [ 1576.545736] [<000000007c44e1d2>] schedule+0x92/0x1c0 [ 1576.545743] [<00000000100c4340>] schedule_preempt_disabled+0x13/0x20 [ 1576.545749] [<0000000003e7d303>] mutex_lock_nested+0x38d/0x920 [ 1576.545766] [<000000006fecf7af>] ? tty_open+0x3f9/0xe10 [ 1576.545772] [<000000004b4d6c88>] ? mutex_trylock+0x3f0/0x3f0 [ 1576.545779] [<0000000093887f5d>] ? tty_open+0x14d/0xe10 [ 1576.545788] [<0000000030e2ffc3>] ? kmem_cache_alloc_trace+0x115/0x2d0 [ 1576.545795] [<000000006fecf7af>] tty_open+0x3f9/0xe10 [ 1576.545802] [<00000000a37d2c56>] ? tty_init_dev+0x420/0x420 [ 1576.545811] [<0000000024fca90f>] ? chrdev_open+0xca/0x630 [ 1576.545818] [<00000000a37d2c56>] ? tty_init_dev+0x420/0x420 [ 1576.545825] [<00000000c5018ba5>] chrdev_open+0x230/0x630 [ 1576.545832] [<000000007bef0664>] ? cdev_put.part.0+0x50/0x50 [ 1576.545841] [<00000000733f0fb1>] do_dentry_open+0x422/0xd20 [ 1576.545848] [<000000007bef0664>] ? cdev_put.part.0+0x50/0x50 [ 1576.545854] [<00000000189127c0>] vfs_open+0x105/0x230 [ 1576.545862] [<000000006736c975>] ? may_open.isra.0+0x139/0x290 [ 1576.545869] [<00000000eb1ce5f4>] path_openat+0xbf5/0x2f60 [ 1576.545876] [<0000000045b1210a>] ? path_mountpoint+0x6d0/0x6d0 [ 1576.545884] [<0000000006a8c1d2>] do_filp_open+0x1a1/0x280 [ 1576.545890] [<00000000925d6165>] ? may_open_dev+0xe0/0xe0 [ 1576.545899] [<00000000b7d9ca46>] ? __alloc_fd+0x1d4/0x490 [ 1576.545906] [<000000000fa0f26e>] ? _raw_spin_unlock+0x2d/0x50 [ 1576.545912] [<00000000b7d9ca46>] ? __alloc_fd+0x1d4/0x490 [ 1576.545919] [<0000000084172a1a>] do_sys_open+0x2f0/0x610 [ 1576.545925] [<000000002cc57d73>] ? filp_open+0x70/0x70 [ 1576.545933] [<00000000c0218928>] ? trace_hardirqs_on_caller+0x385/0x5a0 [ 1576.545939] [<000000004890f7c1>] SyS_open+0x2d/0x40 [ 1576.545945] [<0000000032139754>] ? do_sys_open+0x610/0x610 [ 1576.545953] [<000000009049c43c>] do_syscall_64+0x1ad/0x5c0 [ 1576.545960] [<00000000880b3aee>] entry_SYSCALL_64_after_swapgs+0x5d/0xdb [ 1576.545964] [ 1576.545964] Showing all locks held in the system: [ 1576.545972] 2 locks held by khungtaskd/24: [ 1576.545991] #0: (rcu_read_lock){......}, at: [<000000001a34bb9d>] watchdog+0x14b/0xaf0 [ 1576.546005] #1: (tasklist_lock){.+.+..}, at: [<0000000071ed007f>] debug_show_all_locks+0x7f/0x21f [ 1576.546018] 1 lock held by rsyslogd/1893: [ 1576.546031] #0: (&f->f_pos_lock){+.+.+.}, at: [<00000000da1581fc>] __fdget_pos+0xa8/0xd0 [ 1576.546035] 2 locks held by getty/2021: [ 1576.546047] #0: (&tty->ldisc_sem){++++++}, at: [<00000000a7f51f6d>] ldsem_down_read+0x33/0x40 [ 1576.546059] #1: (&ldata->atomic_read_lock){+.+...}, at: [<000000006b519329>] n_tty_read+0x1fe/0x1820 [ 1576.546596] 1 lock held by init/24654: [ 1576.546611] #0: (tty_mutex){+.+.+.}, at: [<000000006fecf7af>] tty_open+0x3f9/0xe10 [ 1576.546615] 1 lock held by init/24655: [ 1576.546627] #0: (tty_mutex){+.+.+.}, at: [<000000006fecf7af>] tty_open+0x3f9/0xe10 [ 1576.546630] 1 lock held by init/24658: [ 1576.546642] #0: (tty_mutex){+.+.+.}, at: [<000000006fecf7af>] tty_open+0x3f9/0xe10 [ 1576.546646] 1 lock held by init/24659: [ 1576.546657] #0: (tty_mutex){+.+.+.}, at: [<000000006fecf7af>] tty_open+0x3f9/0xe10 [ 1576.546661] 1 lock held by init/24660: [ 1576.546672] #0: (tty_mutex){+.+.+.}, at: [<000000006fecf7af>] tty_open+0x3f9/0xe10 [ 1576.546764] [ 1576.546766] ============================================= [ 1576.546766] [ 1576.546770] NMI backtrace for cpu 1 [ 1576.546777] CPU: 1 PID: 24 Comm: khungtaskd Not tainted 4.9.194+ #0 [ 1576.546788] ffff8801d98d7cc8 ffffffff81b67001 0000000000000001 0000000000000000 [ 1576.546797] 0000000000000001 ffffffff81099d01 dffffc0000000000 ffff8801d98d7d00 [ 1576.546806] ffffffff81b7229c 0000000000000001 0000000000000000 0000000000000001 [ 1576.546807] Call Trace: [ 1576.546817] [<0000000011681f42>] dump_stack+0xc1/0x120 [ 1576.546828] [<000000007dadcd35>] ? irq_force_complete_move+0x271/0x300 [ 1576.546836] [<000000009a40be1c>] nmi_cpu_backtrace.cold+0x47/0x87 [ 1576.546843] [<0000000069f6d5cd>] ? irq_force_complete_move+0x300/0x300 [ 1576.546850] [<00000000d3b08e66>] nmi_trigger_cpumask_backtrace+0x124/0x155 [ 1576.546858] [<00000000a7cc1ade>] arch_trigger_cpumask_backtrace+0x14/0x20 [ 1576.546864] [<0000000014e9efe7>] watchdog+0x670/0xaf0 [ 1576.546871] [<000000001a34bb9d>] ? watchdog+0x14b/0xaf0 [ 1576.546878] [<00000000c0218928>] ? trace_hardirqs_on_caller+0x385/0x5a0 [ 1576.546885] [<00000000c004564f>] ? hungtask_pm_notify+0x60/0x60 [ 1576.546894] [<0000000099cc2c51>] kthread+0x278/0x310 [ 1576.546900] [<00000000811e6807>] ? kthread_park+0xa0/0xa0 [ 1576.546909] [<00000000afc97397>] ? debug_lockdep_rcu_enabled+0x71/0xa0 [ 1576.546918] [<000000002020f803>] ? _raw_spin_unlock_irq+0x39/0x60 [ 1576.546924] [<00000000fc462570>] ? finish_task_switch+0x1e5/0x660 [ 1576.546930] [<00000000e49e75c0>] ? finish_task_switch+0x1b7/0x660 [ 1576.546937] [<00000000538f1865>] ? __switch_to_asm+0x41/0x70 [ 1576.546943] [<000000006d6c7537>] ? __switch_to_asm+0x35/0x70 [ 1576.546949] [<00000000538f1865>] ? __switch_to_asm+0x41/0x70 [ 1576.546955] [<00000000811e6807>] ? kthread_park+0xa0/0xa0 [ 1576.546961] [<00000000811e6807>] ? kthread_park+0xa0/0xa0 [ 1576.546967] [<000000001c1801ae>] ret_from_fork+0x5c/0x70 [ 1576.546973] Sending NMI from CPU 1 to CPUs 0: [ 1576.547676] NMI backtrace for cpu 0 [ 1576.547678] CPU: 0 PID: 24651 Comm: init Not tainted 4.9.194+ #0 [ 1576.547681] task: 000000001237ea27 task.stack: 000000007b3b0605 [ 1576.547683] RIP: 0010:[] c [<000000002930a6c7>] io_serial_in+0x6b/0x90 [ 1576.547686] RSP: 0018:ffff880137657570 EFLAGS: 00000002 [ 1576.547688] RAX: dffffc0000000000 RBX: 00000000000003fd RCX: 0000000000000000 [ 1576.547691] RDX: 00000000000003fd RSI: ffffffff81d86c81 RDI: ffffffff84b68e58 [ 1576.547694] RBP: ffff880137657580 R08: 0000000000000001 R09: 000000000000541c [ 1576.547696] R10: ffff880132205040 R11: 0000000000000001 R12: ffffffff84b68e20 [ 1576.547699] R13: 0000000000000020 R14: fffffbfff096d20b R15: fffffbfff096d1cd [ 1576.547702] FS: 00007fe1f27db7a0(0000) GS:ffff8801db600000(0000) knlGS:0000000000000000 [ 1576.547705] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 1576.547707] CR2: 0000000001ea3668 CR3: 0000000137dfb000 CR4: 00000000001606b0 [ 1576.547710] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 1576.547712] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 1576.547714] Stack: [ 1576.547716] ffffffff84b68e20c 000000000000270ac ffff8801376575d0c ffffffff81d88f24c [ 1576.547719] ffff880137657608c ffffffff84b68e68c ffffffff84b6905ac ffffffff841d7609c [ 1576.547722] ffffffff84b68e20c 000000000000000ac dffffc0000000000c 000000000000000ac [ 1576.547723] Call Trace: [ 1576.547726] [<000000006a69a91d>] wait_for_xmitr+0x94/0x1e0 [ 1576.547728] [<00000000094bc8d4>] serial8250_console_putchar+0x20/0x60 [ 1576.547730] [<000000009f9a679b>] ? wait_for_xmitr+0x1e0/0x1e0 [ 1576.547733] [<0000000063293c8c>] uart_console_write+0x56/0xe0 [ 1576.547735] [<00000000f21ad635>] serial8250_console_write+0x2fb/0x860 [ 1576.547738] [<00000000c16a540f>] ? serial8250_release_port+0x20/0x20 [ 1576.547740] [<00000000c0218928>] ? trace_hardirqs_on_caller+0x385/0x5a0 [ 1576.547742] [<00000000442ab0de>] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 1576.547745] [<00000000afc97397>] ? debug_lockdep_rcu_enabled+0x71/0xa0 [ 1576.547747] [<00000000a913a925>] ? univ8250_console_setup+0x140/0x140 [ 1576.547749] [<0000000093f4234b>] univ8250_console_write+0x5f/0x70 [ 1576.547752] [<0000000080c1f40c>] call_console_drivers.isra.0.constprop.0+0x1ac/0x360 [ 1576.547754] [<0000000075c945d5>] console_unlock+0x47c/0xb20 [ 1576.547756] [<000000005e2b9d4a>] ? uart_add_one_port+0xea0/0xea0 [ 1576.547759] [<00000000d92a9daf>] console_device+0x97/0xc0 [ 1576.547761] [<000000005db88804>] tty_open+0x796/0xe10 [ 1576.547763] [<00000000a37d2c56>] ? tty_init_dev+0x420/0x420 [ 1576.547766] [<0000000024fca90f>] ? chrdev_open+0xca/0x630 [ 1576.547768] [<00000000a37d2c56>] ? tty_init_dev+0x420/0x420 [ 1576.547770] [<00000000c5018ba5>] chrdev_open+0x230/0x630 [ 1576.547772] [<000000007bef0664>] ? cdev_put.part.0+0x50/0x50 [ 1576.547774] [<00000000733f0fb1>] do_dentry_open+0x422/0xd20 [ 1576.547776] [<000000007bef0664>] ? cdev_put.part.0+0x50/0x50 [ 1576.547778] [<00000000189127c0>] vfs_open+0x105/0x230 [ 1576.547781] [<000000006736c975>] ? may_open.isra.0+0x139/0x290 [ 1576.547783] [<00000000eb1ce5f4>] path_openat+0xbf5/0x2f60 [ 1576.547785] [<0000000045b1210a>] ? path_mountpoint+0x6d0/0x6d0 [ 1576.547787] [<0000000006a8c1d2>] do_filp_open+0x1a1/0x280 [ 1576.547789] [<00000000925d6165>] ? may_open_dev+0xe0/0xe0 [ 1576.547792] [<00000000b7d9ca46>] ? __alloc_fd+0x1d4/0x490 [ 1576.547794] [<000000000fa0f26e>] ? _raw_spin_unlock+0x2d/0x50 [ 1576.547796] [<00000000b7d9ca46>] ? __alloc_fd+0x1d4/0x490 [ 1576.547798] [<0000000084172a1a>] do_sys_open+0x2f0/0x610 [ 1576.547801] [<000000002cc57d73>] ? filp_open+0x70/0x70 [ 1576.547803] [<00000000238a9ee9>] ? preempt_schedule+0x26/0x30 [ 1576.547805] [<000000004890f7c1>] SyS_open+0x2d/0x40 [ 1576.547807] [<0000000032139754>] ? do_sys_open+0x610/0x610 [ 1576.547809] [<000000009049c43c>] do_syscall_64+0x1ad/0x5c0 [ 1576.547812] [<00000000880b3aee>] entry_SYSCALL_64_after_swapgs+0x5d/0xdb [ 1576.547819] Code: c24 cc9 c00 c00 c00 c49 c8d c7c c24 c38 c48 cb8 c00 c00 c00 c00 c00 cfc cff cdf c48 c89 cfa c48 cc1 cea c03 cd3 ce3 c80 c3c c02 c00 c75 c17 c41 c03 c5c c24 c38 c89 cda cec c<5b> c0f cb6 cc0 c41 c5c c5d cc3 ce8 c48 c7b c77 cff ceb cc2 ce8 ca1 c7b c77 cff ceb c [ 1576.548027] Kernel panic - not syncing: hung_task: blocked tasks [ 1576.548033] CPU: 1 PID: 24 Comm: khungtaskd Not tainted 4.9.194+ #0 [ 1576.548043] ffff8801d98d7c60 ffffffff81b67001 ffff880137608000 ffffffff82a7b6c0 [ 1576.548052] 00000000ffffffff 0000000000000001 dffffc0000000000 ffff8801d98d7d40 [ 1576.548060] ffffffff813fef3a 0000000041b58ab3 ffffffff82e32f55 ffffffff813fed61 [ 1576.548062] Call Trace: [ 1576.548069] [<0000000011681f42>] dump_stack+0xc1/0x120 [ 1576.548077] [<00000000b47986fb>] panic+0x1d9/0x3bd [ 1576.548083] [<00000000dcbd1a4e>] ? add_taint.cold+0x16/0x16 [ 1576.548090] [<0000000069f6d5cd>] ? irq_force_complete_move+0x300/0x300 [ 1576.548097] [<000000003edaaf9f>] ? ___preempt_schedule+0x16/0x18 [ 1576.548104] [<00000000ce0acf5a>] ? nmi_trigger_cpumask_backtrace+0x135/0x155 [ 1576.548111] [<0000000066a8b4e1>] ? nmi_trigger_cpumask_backtrace+0x13f/0x155 [ 1576.548117] [<000000009126cd4a>] watchdog+0x681/0xaf0 [ 1576.548123] [<000000001a34bb9d>] ? watchdog+0x14b/0xaf0 [ 1576.548129] [<00000000c0218928>] ? trace_hardirqs_on_caller+0x385/0x5a0 [ 1576.548136] [<00000000c004564f>] ? hungtask_pm_notify+0x60/0x60 [ 1576.548142] [<0000000099cc2c51>] kthread+0x278/0x310 [ 1576.548148] [<00000000811e6807>] ? kthread_park+0xa0/0xa0 [ 1576.548155] [<00000000afc97397>] ? debug_lockdep_rcu_enabled+0x71/0xa0 [ 1576.548162] [<000000002020f803>] ? _raw_spin_unlock_irq+0x39/0x60 [ 1576.548167] [<00000000fc462570>] ? finish_task_switch+0x1e5/0x660 [ 1576.548173] [<00000000e49e75c0>] ? finish_task_switch+0x1b7/0x660 [ 1576.548179] [<00000000538f1865>] ? __switch_to_asm+0x41/0x70 [ 1576.548194] [<000000006d6c7537>] ? __switch_to_asm+0x35/0x70 [ 1576.548199] [<00000000538f1865>] ? __switch_to_asm+0x41/0x70 [ 1576.548205] [<00000000811e6807>] ? kthread_park+0xa0/0xa0 [ 1576.548212] [<00000000811e6807>] ? kthread_park+0xa0/0xa0 [ 1576.548218] [<000000001c1801ae>] ret_from_fork+0x5c/0x70 [ 1576.549269] Kernel Offset: disabled [ 1580.838359] Rebooting in 86400 seconds..